Oracle Cloud Infrastructure Documentation

Retail Merchandising System

Oracle Retail Merchandising System (RMS) is an Oracle Retail enterprise application that supports core merchandising functions such as item and supplier management, pricing, inventory, purchasing, and merchandising operations.. If you plan to deploy RMS in AWS or migrate Retail Merchandising System (RMS) from your data center to AWS, you can design a secure, high-availability topology by leveraging Oracle AI Database@AWS.

Learn about the reference architecture for running Oracle Retail Merchandising System in AWS using Oracle AI Database@AWS for the database layer and Amazon EC2 for the application and integration tiers. This configuration provides low latency, as Oracle AI Database services are deployed in the same AWS data center as the RMS application tier.

Currently, Oracle Exadata Database Service on Dedicated Infrastructure is supported with Oracle AI Database@AWS. You can check regional availability matrix to determine supported services by OCI and AWS regions.

This document is intended for cloud architects, infrastructure administrators, and Oracle Retail Merchandising System administrators responsible for designing, deploying, and operating Oracle Retail Merchandising System environments. Familiarity with RMS architecture and components, Oracle AI Database, and cloud platforms including Oracle Cloud Infrastructure (OCI) and Amazon Web Services (AWS) is recommended.

Architecture

This architecture demonstrates the deployment of Oracle Retail Merchandising System in a single Availability Zone of AWS region. To support disaster recovery, deploy a similar configuration across multiple AWS regions. The Databases can be configured to use Oracle Active Data Guard, and the Application stack can use rsync to synchronize the file systems across regions.

For more information on designing and implementing disaster recovery architectures, see Oracle Maximum Availability Architecture for Oracle AI Database@AWS.

This screenshot shows the architecture diagram.

This architecture deploys all components within a single AWS region and highlights important design considerations for Oracle Retail Merchandising System on AWS with Oracle AI Database@AWS.

Networking Tier

This architecture shows a single AWS availability zone deployment of a Retail Merchandising Suite environment designed for low latency. The architecture consists of one VPC with a bastion host, load balancer, web server, and application servers in separate subnets, and an ODB Network with an Oracle AI Database. The ODB Network needs to be peered with the VPC. On-premises can be connected through AWS Direct Connect and AWS Transit Gateway. Amazon EC2 instances for the web server, application server, process scheduler, and elastic server can be placed in multiple partition groups.

The bastion host is deployed in a public subnet, and all other instances are deployed in private subnets. You can access the instances in private subnets over port 22 through the bastion host or AWS Direct Connect if you have set up direct connectivity between your data center and AWS.

Oracle Retail Merchandising System components are deployed across a single Availability Zone to ensure low-latency connectivity. The database is deployed in a single Availability Zone with Oracle RAC enabled by default. For regional redundancy, the database can be deployed in a second Availability Zone using Oracle Data Guard, providing high availability and disaster recovery at the regional level.

Networking Design Considerations

  1. Oracle AI Database@AWS supports various networking topologies. Please see the Oracle AI Database@AWS network topology options to select the one best suited to your organizational need.
  2. When you design for IP address spaces, plan for Oracle AI Database@AWS ODB network and Exadata dependency requirements. Please see ODB Network Design to understand address space consumption scenarios.
  3. Deploy Application tier in the same Availability Zone as Database for low latency.
  4. For multi-region disaster recovery architectures, consider detailed network connectivity patterns and inter-region routing for Oracle AI Database@AWS. Following are the various networking path options for single region and cross region deployments. Once the network path is established, Active Data Guard needs to be enabled for both primary and standby database to be in sync.
    1. Cross Availability Zone: This is the scenario where multiple Oracle AI Database@AWS services are being deployed across multiple Availability Zones.
      1. Option 1: OCI: You can peer both Virtual Cloud Networks (VCNs) that are hosting Oracle AI Database@AWS through a Local Peering Gateway (LPG).
      2. Option 2: AWS: You can peer the VPC hosting the App tier with both ODB networks hosting Oracle AI Database@AWS.
      3. Option 3: AWS: You can use Transit Gateway to connect both ODB networks through a Transit VPC. Each ODB network is peered with a Transit VPC, and both Transit VPCs are connected through a Transit Gateway.
    2. Cross Region: This is the scenario where multiple Oracle AI Database@AWS services are being deployed across multiple Regions.
      1. Option 1: OCI: You can peer Virtual Cloud Networks (VCNs) across regions leveraging a Dynamic Routing Gateway (DRG) and a hub VCN in each of the regions.
      2. Option 2: You can use Transit Gateway to connect both ODB networks through a Transit VPC. Each ODB is peered with a Transit VPC, and both Transit VPCs are connected through a Transit Gateway.
  5. Review backup and recovery prerequisites early in the design phase to ensure network access requirements are met.
  6. Use Network Security Groups (NSGs) to restrict access to database virtual machines:
    • Allow SSH (port 22) access only through Bastion.
    • Allow database traffic (port 1521) exclusively from approved RMS application subnets and authorized on-premises networks.

Bastion Host

The AWS Bastion host is a managed service that provides a secure and controlled entry point to AWS virtual networks from outside AWS.

AWS Bastion is deployed in a dedicated subnet (AWSBastionSubnet) and enables secure access to virtual machines placed in private subnets that are not directly reachable from the public internet. By using AWS Bastion, the architecture maintains a single, known access point that can be centrally monitored and audited while avoiding the need to expose public IP addresses or open inbound ports on individual virtual machines.

In this architecture, AWS Bastion does not require a public IP address on the target virtual machines. Administrative access is established over TLS (port 443) through the AWS Portal or supported native clients. Network Security Groups on the target subnets do not require inbound SSH or RDP rules, which further reduces the attack surface. Access to AWS Bastion can be restricted and governed using AWS role-based access control (RBAC) and AWS Active Directory authentication.

AWS Bastion enables administrators to connect to virtual machines in private subnets using SSH for Linux and RDP for Windows. Connections are initiated from the administrator’s local workstation and proxied through the Bastion service, ensuring that credentials and sessions are not exposed to the public network.

By centralizing administrative access and eliminating direct VM exposure, AWS Bastion enhances security while preserving operational access to private workloads.

Oracle Retail Merchandising System Application Tier

Oracle Retail Merchandising System comprises a number of solutions that form the Retail Merchandise Suite. These include the following:

  • Retail Invoice Matching (ReIM):

    Supports invoice validation and matching between supplier invoices, purchase orders, and receiving records. ReIM helps automate discrepancy handling (price, quantity, and terms), manage deductions and chargebacks, and streamline accounts payable processes.

  • Retail Price Management (RPM):

    Centralizes pricing and promotion management across the retail enterprise. RPM enables the creation, approval, and implementation of regular prices, clearances, and promotional pricing, with controls for effective dates, zones, and pricing rules to maintain consistency and compliance.

  • Retail Trade Management (RTM):

    Manages trade funding and supplier deals, including contracts, accruals, claims, and settlement. RTM provides visibility into vendor-funded promotions and allowances, helping retailers optimize supplier funding and ensure accurate financial reconciliation.

  • Retail Sales Audit (ReSA):

    Collects, validates, and audits point-of-sale (POS) transaction data to ensure accuracy and completeness before financial posting. ReSA helps detect exceptions (cash variances, transaction anomalies), supports store balancing, and improves integrity of sales and tender data used downstream.

  • Retail Allocation (RA):

    Optimizes allocation of inventory to stores and channels based on demand, forecasts, inventory levels, and business rules. RA supports initial allocations and replenishment-related distribution decisions to improve in-stock position and reduce over/under allocation.

  • Retail Integration Bus (RIB):

    Provides near real-time integration capabilities between Oracle Retail applications and external systems using message-based integration patterns. RIB supports publication and subscription of business events (for example, item, price, inventory, and purchase order updates) to keep systems synchronized.

  • Bulk Data Integration (BDI):

    Enables high-volume, batch-oriented data integration for foundational and operational data. BDI is commonly used for large data loads and periodic synchronizations (for example, items, suppliers, locations, costs, and hierarchies), complementing RIB’s event-driven integrations.

Additional modules commonly used with RMS are:

  • Retail Store Inventory Management (SIM):

    Supports store-level inventory operations such as receiving, stock counts, adjustments, transfers, returns, and store replenishment activities. SIM improves store inventory accuracy and execution, and helps align store operations with enterprise inventory and merchandising processes.

  • Oracle BI Publisher (OBI PuB):

    Provides pixel-perfect reporting and document generation (for example, forms, operational reports, and scheduled report bursts). In Oracle Retail environments, BI Publisher is frequently used to produce standardized reports for merchandising, finance, and store operations.

  • Identity Management (IDM):

    Provides centralized authentication, authorization, and user lifecycle management across retail applications. IDM supports capabilities such as single sign-on (SSO), role-based access control, and integration with corporate directories, helping enforce security policies and streamline access administration.

Database Tier

For high availability requirements, we recommend using one of the following Oracle AI Database@AWS options to set up Retail Merchandising System database instances:
  • Oracle Exadata Database Service on Dedicated Infrastructure

The database instances are configured for high availability with Oracle Real Application Clusters (RAC) enabled. To achieve availability zone redundancy for the database, use Oracle Active Data Guard in synchronous mode to replicate the database across availability zones.

A prerequisite for Active Data Guard is the establishment of a private networking path between multiple ODB networks across availability zones or regions, either through one of the following paths. Reference architectures for these options are represented in the networking design considerations section above.
  • AWS backbone connectivity using TGW, or
  • OCI backbone connectivity using VCN peering with Local Peering Gateways or Dynamic Routing Gateways

A prerequisite is to define a networking path through the AWS backbone by peering VNets, or through the OCI backbone by peering VCNs using Local Peering Gateways. Port 1521 is open for communication with Oracle Active Data Guard. Data Guard transport services use port 1521 to transmit redo log files for Oracle Active Data Guard. For detailed networking design considerations, see Maximum Availability Architecture (MAA).

Backup and Recovery

Automated database backups can be configured using Oracle Autonomous Recovery Service, Amazon S3 or OCI Object Storage, depending on the selected database service and recovery requirements.

Data Encryption

For data in transit, Oracle AI Database@AWS services are accessible only through encrypted communication channels. By default, the Oracle Net client is configured to use encrypted sessions, ensuring that all database connections are protected in transit.

Oracle AI Database@AWS protects data at rest using Transparent Data Encryption (TDE), which is enabled by default with no customer configuration required. TDE automatically encrypts database files, redo and undo logs, backups, and other persistent data when written to storage, and transparently decrypts the data when accessed by authorized processes. Encryption is managed using a hierarchical key model, where a master encryption key protects tablespace keys that in turn encrypt the data.

Oracle AI Database@AWS supports both Oracle-managed and customer-managed key options for TDE. With Oracle-managed keys, encryption keys are generated, stored, and managed automatically by Oracle. With customer-managed keys, customers can centrally control key lifecycle management, rotation, and auditing by integrating with OCI Vault, Oracle Key Vault, or AWS Key Management Service (KMS).

Note

Cross-region Oracle Data Guard is not supported when customer-managed encryption keys are stored in AWS Key Management Service (KMS).

Migration to Oracle AI Database@AWS

Oracle Zero Downtime Migration (ZDM) provides multiple migration workflows for moving Retail Merchandising System databases to Oracle AI Database@AWS.

Migration to Exadata Database
  • Physical Online Migration:

    The physical online migration workflow supports migrations between the same database versions and platforms. This approach uses direct data transfer and the restore from service method to create the target database, avoiding the use of intermediate backup storage. Oracle Data Guard is used to keep the source and target databases synchronized, enabling a minimal-downtime migration.

  • Physical Offline Migration:

    The physical offline migration workflow supports migrations between the same database versions and platforms. The target database is created using Recovery Manager (RMAN) backup and restore. Amazon Elastic File System or Amazon S3 is used to provide an NFS file share for storing RMAN backup files during the migration process.

  • Logical Online Migration:

    The logical online migration workflow supports migrations between the same or different database versions and platforms. This workflow uses Oracle Data Pump export and import to create the target database. Amazon Elastic File System or Amazon S3 provides an NFS file share to store the Data Pump dump files. Oracle Golden Gate is used to synchronize the source and target databases, enabling a minimal-downtime migration.

  • Physical Offline Migration:

    The logical offline migration workflow supports migrations between the same or different database versions and platforms. The target database is created using Oracle Data Pump export and import. Amazon Elastic File System or Amazon S3 provides an NFS file share to store the Data Pump dump files used during the migration.

Components Overview

Component Purpose
Oracle AI Database@AWS

Oracle AI Database@AWS provides Oracle Exadata Database Service on Dedicated Infrastructure, deployed and operated in AWS with native AWS integration.

It combines Exadata performance and Oracle AI Database capabilities with AWS networking, security, and consumption models.

The offering includes Oracle Exadata Database Service on Dedicated Infrastructure for hosting database layer for RMS.

AWS Load Balancer AWS Load Balancer distributes incoming traffic across web or application servers and continuously monitors backend health probes to send traffic only to healthy instances. This ensures even traffic distribution, high availability, and automatic failover without application.
AWS Bastion AWS Bastion enables secure RDP and SSH access to virtual machines over HTTPS without requiring public IP addresses. It improves security by centralizing administrative access and reducing exposure to inbound internet threats.
Autonomous Recovery Service Autonomous Recovery Service provides automated backup, continuous data protection, and fast recovery for Oracle AI Database(s). It reduces data loss and recovery time by autonomously managing backups, validation, and restore operations.
Object Storage Object Storage provides durable, scalable storage for unstructured data using a bucket-and-object model.It is commonly used for backups, archival, and data sharing with built-in security and lifecycle controls.
OCI Vault OCI Vault provides centralized management of encryption keys and secrets using Oracle-managed HSMs. It enables strong security, key rotation, and access control for protecting data across OCI services.
Amazon Elastic File System (AWS EFS) A fully managed, scalable NFS-based file storage service from AWS that provides shared file system access to multiple compute instances across Availability Zones.
Amazon S3 A highly durable and scalable object storage service used to store and retrieve unlimited amounts of data from anywhere.
AWS Key Management Service(AWS KMS) AWS Key Management Service (AWS KMS) is a managed security service that simplifies creating, controlling, and managing cryptographic keys to encrypt data across AWS services and applications.

Learn More

For more information on Oracle Retail Merchandising System, see the following resources: