Provisioning Troubleshooting
Use the information in this section to resolve common errors and provisioning issues in your Oracle Database@Azure environments.
Terminations and Microsoft Azure Locks
Oracle advises removal of all Microsoft Azure locks to Oracle Database@Azure resources before terminating the resource. For example, if you created a Microsoft Azure private endpoint, you should remove that resource first. If you have a policy to prevent the deletion of locked resources, the Oracle Database@Azure workflow to delete the resource will fail because Oracle Database@Azure cannot delete the lock.
IP Address Requirement Differences
- Oracle Database@Azure only supports Exadata X9M. All other shapes are unsupported.
- Oracle Database@Azure reserves 13 IP addresses for the client subnet versus 3 for OCI requirements.
Automatic Network Ingress Configuration
You can connect a Microsoft Azure VM to an Oracle Exadata VM Cluster if both are in the same virtual network (VNet). The functionality is automatic and requires no additional changes to network security group (NSG) rules. If you need to connect an Microsoft Azure VM from a different VNet than the one where the Oracle Exadata VM Cluster was created, an additional step to configure NSG traffic rules to allow the other VNet's traffic to flow properly. As an example, if you have two (2) VNets (A and B) with VNet A serving the Microsoft Azure VM and VNet B serving the Oracle Exadata VM Cluster, you need to add VNet A's CIDR address to the NSG route table in OCI.
Table 1-2 Default Client NSG Rules
Direction | Source or Destination | Protocol | Details | Description |
---|---|---|---|---|
Direction: Egress Stateless: No |
Destination Type: CIDR Destination: 0.0.0.0/0 |
All Protocols | Allow: All traffic for all ports | Default NSG egress rule |
Direction: Ingress Stateless: No |
Source Type: CIDR Source: Microsoft Azure VNet CIDR |
TCP |
Source Port Range: All Destination Port Range: All Allow: TCP traffic for ports: All |
Ingress all TCP from Microsoft Azure VNet. |
Direction: Ingress Stateless: No |
Source Type: CIDR Source: Microsoft AzureVNet CIDR |
ICMP |
Type: All Code: All Allow: ICMP traffic for: All |
Ingress all ICMP from Microsoft Azure VNet. |
Table 1-3 Default Backup NSG Rules
Direction | Source or Destination | Protocol | Details | Description |
---|---|---|---|---|
Direction: Egress Stateless: No |
Destination Type: Service Destination: OCI IAD object storage |
TCP |
Source Port Range: All Destination Port Range: 443 Allow: TCP traffic for ports: 443 HTTPS |
Allows access to object storage. |
Direction: Ingress Stateless: No |
Source Type: CIDR Source: 0.0.0.0/0 |
ICMP |
Type: 3 Code: 4 Allow: ICMP traffic for: 3, 4 Destination Unreachable: Fragmentation Needed and Don't Fragment was Set |
Allows Path MTU Discovery fragmentation messages. |