Oracle Cloud Infrastructure Documentation

Provisioning Troubleshooting

Use the information in this section to resolve common errors and provisioning issues in your Oracle Database@Azure environments.

The issues covered in this guide do not cover general issues related to Oracle Database@Azure configuration, settings, and account setup. For more information on those topics, see Oracle Database@Azure Overview.

Terminations and Microsoft Azure Locks

Oracle advises removal of all Microsoft Azure locks to Oracle Database@Azure resources before terminating the resource. For example, if you created a Microsoft Azure private endpoint, you should remove that resource first. If you have a policy to prevent the deletion of locked resources, the Oracle Database@Azure workflow to delete the resource will fail because Oracle Database@Azure cannot delete the lock.

IP Address Requirement Differences

There are IP address requirement differences between Oracle Database@Azure and Oracle Cloud Infrastructure (OCI). In the Requirements for IP Address Space documentation, the following changes for Oracle Database@Azure must be considered.
  • Oracle Database@Azure only supports Exadata X9M. All other shapes are unsupported.
  • Oracle Database@Azure reserves 13 IP addresses for the client subnet versus 3 for OCI requirements.

Automatic Network Ingress Configuration

You can connect a Microsoft Azure VM to an Oracle Exadata VM Cluster if both are in the same virtual network (VNet). The functionality is automatic and requires no additional changes to network security group (NSG) rules. If you need to connect an Microsoft Azure VM from a different VNet than the one where the Oracle Exadata VM Cluster was created, an additional step to configure NSG traffic rules to allow the other VNet's traffic to flow properly. As an example, if you have two (2) VNets (A and B) with VNet A serving the Microsoft Azure VM and VNet B serving the Oracle Exadata VM Cluster, you need to add VNet A's CIDR address to the NSG route table in OCI.

Table 1-2 Default Client NSG Rules

Direction Source or Destination Protocol Details Description

Direction: Egress

Stateless: No

Destination Type: CIDR

Destination: 0.0.0.0/0

All Protocols Allow: All traffic for all ports Default NSG egress rule

Direction: Ingress

Stateless: No

Source Type: CIDR

Source: Microsoft Azure VNet CIDR

TCP

Source Port Range: All

Destination Port Range: All

Allow: TCP traffic for ports: All

Ingress all TCP from Microsoft Azure VNet.

Direction: Ingress

Stateless: No

Source Type: CIDR

Source: Microsoft AzureVNet CIDR

ICMP

Type: All

Code: All

Allow: ICMP traffic for: All

Ingress all ICMP from Microsoft Azure VNet.

Table 1-3 Default Backup NSG Rules

Direction Source or Destination Protocol Details Description

Direction: Egress

Stateless: No

Destination Type: Service

Destination: OCI IAD object storage

TCP

Source Port Range: All

Destination Port Range: 443

Allow: TCP traffic for ports: 443 HTTPS

Allows access to object storage.

Direction: Ingress

Stateless: No

Source Type: CIDR

Source: 0.0.0.0/0

ICMP

Type: 3

Code: 4

Allow: ICMP traffic for: 3, 4 Destination Unreachable: Fragmentation Needed and Don't Fragment was Set

Allows Path MTU Discovery fragmentation messages.