The Data File for the oracle-dbcs-cli create Subcommand

The create subcommand of the oracle-dbcs-cli utility requires a data file that specifies information to connect to the correct Oracle Database Cloud Service identity domain and information about how to configure the new database deployment.

Template Data File

Included in the download for the oracle-dbcs-cli utility is a template data file you can use as a starting point for creating a data file of your own. This template data file is named dboplan.dat.external.tmpl and is located in the same directory as the oracle-dbcs-cli utility.

Contents of the Data File

The data file you specify in the oracle-dbcs-cli create subcommand is a text file containing lines of the format:

name=value

where name is the predefined name for a piece of data and value is the value of that piece of data in your context. The following table shows the names and values required in the configuration file.

Name Description

sm_url

The url to the Database Cloud Service REST interface. Enter this value:

https://dbaas.oraclecloud.com/paas/service/dbcs/api/v1.1/instances

Value in template data file: Blank

user_name

User name of an Oracle Cloud user authorized as an administrator in the given identity domain.

Value in template data file: Blank

password

Password of the given Oracle Cloud user.

Value in template data file: Blank

identity_domain

Name of the identity domain to connect to.

Value in template data file: Blank

subscriptionType

The billing period for the deployment. Enter monthly or hourly.

Value in template data file: Blank

vm_name

The name for the deployment. The service name:
  • Must not exceed 50 characters.

  • Must start with a letter.

  • Must contain only letters, numbers, or hyphens.

  • Must not contain any other special characters.

  • Must be unique within the identity domain.

Value in template data file: Blank

vm_shape

The Oracle Compute Cloud Service shape of the compute node virtual machine. Enter one of the following:

  • oc3 — 1 OCPU with 7.5 GB RAM

  • oc4 — 2 OCPUs with 15 GB RAM

  • oc5 — 4 OCPUs with 30 GB RAM

  • oc6 — 8 OCPUs with 60 GB RAM

  • oc7 — 16 OCPUs with 120 GB RAM

  • oc1m — 1 OCPU with 15 GB RAM

  • oc2m — 2 OCPUs with 30 GB RAM

  • oc3m — 4 OCPUs with 60 GB RAM

  • oc4m — 8 OCPUs with 120 GB RAM

  • oc5m — 16 OCPUs with 240 GB RAM

Value in template data file: ot1 (an invalid value)

vm_seclist

The name of the Oracle Compute Cloud Service security list to be created for the new deployment. Leave this value blank to use a default name.

Value in template data file: Blank

vm_dbsecrules

A comma-separated list of entries that describe the Oracle Compute Cloud Service security rules and security applications to be created for the new deployment. Each entry has the form:

ip-list:application:port:status

For each entry, an Oracle Compute Cloud Service security application is created using the application and port, and an Oracle Compute Cloud Service security rule is created, linking the provided ip-list to the deployment’s security list (specified by the vm_seclist value). The security rule is set to the provided status.

The components of an entry’s form are as follows:

  • ip-list specifies the source group of the security rule to be created. Its value must be public or site, which correspond respectively to the public-internet and site predefined Oracle Compute Cloud Service security IP lists.

  • application specifies software on the deployment that will service incoming requests:

    • dbconsole — Enterprise Manager 11g Database Control.

    • dbexpress — Enterprise Manager Database Express 12c.

    • gfish — web server providing HTTP access.

    • listener — The Oracle Net Listener.

    • ssh — The SSH daemon.

  • port specifies the port of the security application to be created. Default ports for the security applications are as follows:

    • 22 for ssh

    • 80 for gfish

    • 1158 for dbconsole

    • 1521 for listener

    • 5500 for dbexpress

  • status specifies whether the security rule is to be created as enabled or disabled. Its value must be enabled or disabled.

Value in template data file:

public:ssh:22:enabled, public:listener:1521:disabled, public:gfish:80:disabled,
public:dbconsole:1158:disabled, public:dbexpress:5500:disabled

vm_nat

The NAT IP pool from which the new compute node public IP address is drawn.

Value in template data file: Blank

vm_ha

Currently unsupported. Use the value "monitor".

Value in template data file: "monitor"

vm_boot

Type of boot volume to create for the compute node. Use the value nds.

Value in template data file: nds

vm_boot_size

Size in GB of the boot volume to create for the compute node.

Value in template data file: 21gb

vm_sshkeys

A string containing the text of an SSH public key. This key is added to Oracle Compute Cloud Service and associated with the deployment as part of the creation operation.

Value in template data file: Blank

db_version

Version of Oracle Database to install on the compute node. Enter 12102 or 11204.

Value in template data file: 12102

db_edition

Edition of Oracle Database to install on the compute node. Enter enterprise or standard. If you specify standard, a Standard Edition 2 database is created if you specify 12102 for db_version and a Standard Edition database is created if you specify 11204 for db_version.

Value in template data file: enterprise

db_bundle

Level of Oracle Database Enterprise Edition to install on the compute node; valid on if you entered enterprise for db_edition. Enter "basic" or "high-perf".

Value in template data file: "high-perf"

db_lvm

Controls whether the database storage uses Linux LVM (logical volume manager). Enter yes or no.

Value in template data file: no

db_nat_ip

The fully qualified name of an existing Oracle Compute Cloud Service IP reservation to use as the public IP address for the service. Leave this value blank to have Database Cloud Service create an IP reservation as part of the creation process.

The name you provide must have this form:

/Compute-domain/user/reservation

where domain name the identity domain, user is the name of the user who created the IP reservation, and user is the name of the IP reservation; for example: /Compute-usoracle99999/dbaasadmin/custom-ip

Value in template data file: Blank

db_timezone

The time zone to use when configuring the operating system. Enter one of the following values:

Africa/Cairo, Africa/Casablanca, Africa/Harare, Africa/Monrovia, Africa/Nairobi, Africa/Tripoli, Africa/Windhoek, America/Araguaina, America/Asuncion, America/Bogota, America/Caracas, America/Chihuahua, America/Cuiaba, America/Denver, America/Fortaleza, America/Guatemala, America/Halifax, America/Manaus, America/Matamoros, America/Monterrey, America/Montevideo, America/Phoenix, America/Santiago, America/Tijuana, Asia/Amman, Asia/Ashgabat, Asia/Baghdad, Asia/Baku, Asia/Bangkok, Asia/Beirut, Asia/Calcutta, Asia/Damascus, Asia/Dhaka, Asia/Irkutsk, Asia/Jerusalem, Asia/Kabul, Asia/Karachi, Asia/Kathmandu, Asia/Krasnoyarsk, Asia/Magadan, Asia/Muscat, Asia/Novosibirsk, Asia/Riyadh, Asia/Seoul, Asia/Shanghai, Asia/Singapore, Asia/Taipei, Asia/Tehran, Asia/Tokyo, Asia/Ulaanbaatar, Asia/Vladivostok, Asia/Yakutsk, Asia/Yerevan, Atlantic/Azores, Australia/Adelaide, Australia/Brisbane, Australia/Darwin, Australia/Hobart, Australia/Perth, Australia/Sydney, Brazil/East, Canada/Newfoundland, Canada/Saskatchewan, Europe/Amsterdam, Europe/Athens, Europe/Dublin, Europe/Helsinki, Europe/Istanbul, Europe/Kaliningrad, Europe/Moscow, Europe/Paris, Europe/Prague, Europe/Sarajevo, Pacific/Auckland, Pacific/Fiji, Pacific/Guam, Pacific/Honolulu, Pacific/Samoa, US/Alaska, US/Central, US/Eastern, US/East-Indiana, US/Pacific, UTC

Value in template data file: UTC

charset

The database character set for the database. Enter one of the following values:

AL32UTF8, AR8ADOS710, AR8ADOS720, AR8APTEC715, AR8ARABICMACS, AR8ASMO8X, AR8ISO8859P6, AR8MSWIN1256, AR8MUSSAD768, AR8NAFITHA711, AR8NAFITHA721, AR8SAKHR706, AR8SAKHR707, AZ8ISO8859P9E, BG8MSWIN, BG8PC437S, BLT8CP921, BLT8ISO8859P13, BLT8MSWIN1257, BLT8PC775, BN8BSCII, CDN8PC863, CEL8ISO8859P14, CL8ISO8859P5, CL8ISOIR111, CL8KOI8R, CL8KOI8U, CL8MACCYRILLICS, CL8MSWIN1251, EE8ISO8859P2, EE8MACCES, EE8MACCROATIANS, EE8MSWIN1250, EE8PC852, EL8DEC, EL8ISO8859P7, EL8MACGREEKS, EL8MSWIN1253, EL8PC437S, EL8PC851, EL8PC869, ET8MSWIN923, HU8ABMOD, HU8CWI2, IN8ISCII, IS8PC861, IW8ISO8859P8, IW8MACHEBREWS, IW8MSWIN1255, IW8PC1507, JA16EUC, JA16EUCTILDE, JA16SJIS, JA16SJISTILDE, JA16VMS, KO16KSC5601, KO16KSCCS, KO16MSWIN949, LA8ISO6937, LA8PASSPORT, LT8MSWIN921, LT8PC772, LT8PC774, LV8PC1117, LV8PC8LR, LV8RST104090, N8PC865, NE8ISO8859P10, NEE8ISO8859P4, RU8BESTA, RU8PC855, RU8PC866, SE8ISO8859P3, TH8MACTHAIS, TH8TISASCII, TR8DEC, TR8MACTURKISHS, TR8MSWIN1254, TR8PC857, US7ASCII, US8PC437, UTF8, VN8MSWIN1258, VN8VN3, WE8DEC, WE8DG, WE8ISO8859P1, WE8ISO8859P15, WE8ISO8859P9, WE8MACROMAN8S, WE8MSWIN1252, WE8NCR4970, WE8NEXTSTEP, WE8PC850, WE8PC858, WE8PC860, WE8ROMAN8, ZHS16CGB231280, ZHS16GBK, ZHT16BIG5, ZHT16CCDC, ZHT16DBT, ZHT16HKSCS, ZHT16MSWIN950, ZHT32EUC, ZHT32SOPS, ZHT32TRIS

Value in template data file: AL32UTF8

ncharset

The national character set for the database. Enter one of the following values:

AL16UTF16, UTF8

Value in template data file: AL16UTF16

db_vols

A space-separated, parenthesized list of the sizes of the four Oracle Compute Cloud Service storage volumes in addition to the boot volume to be created for the compute node. Each of the four entries in the list has the form:

name:size

where:

  • name is the name of one of the four volumes: bits, data, fra or redo.

  • size is the size in GB for the named volume; for example, 25gb.

Value in template data file:

(bits:30gb data:10gb fra:10gb redo:10gb)

db_redo_log_size

The size in MB for each of the three redo logs created in the database. Use the abbreviation M instead of MB or mb; for example, 150M.

Value in template data file: 100M

db_sid

The name for the database. The name your enter:

  • Must not exceed 8 characters.

  • Must start with a letter.

  • Must contain only letters, numbers, or these symbols: _ (underscore), # (hash sign), or $ (dollar sign).

Value in template data file: orcl

db_passwd

The password for the following administrative users:

  • Oracle Database administrative users SYS and SYSTEM

  • Oracle Application Express ADMIN user

  • Oracle DBaaS Monitor dbaas_monitor user

The password you enter:

  • Must be 8 to 30 characters in length.

  • Must contain at least one lowercase letter

  • Must contain at least one uppercase letter

  • Must contain at least one number

  • Must contain at least one of these symbols: _ (underscore), # (hash sign), or $ (dollar sign).

Value in template data file: Blank

db_automem

Controls whether the database created on the deployment is configured for automatic memory management. Enter yes or no.

Value in template data file: yes

db_cdb

Value in template data file: yes

db_pdb_name

(Applicable only for Oracle Database 12c Release 1.)

The name for the default PDB (Pluggable Database). The name you enter:

  • Must not exceed 8 characters.

  • Must start with a letter.

  • Must contain only letters, numbers, or these symbols: _ (underscore), # (hash sign), or $ (dollar sign).

Value in template data file: pdb1

db_em

Controls whether the Enterprise Manager tool (Enterprise Manager Database Express 12c for Oracle Database 12c or Enterprise Manager 11g Database Control for Oracle Database 11g) is configured. Enter yes or no.

Value in template data file: yes

db_archlog

Controls whether archive logs are enabled. Enter yes or no.

Value in template data file: yes

Note:

If backups are configured (db_bkup_disk is set to yes), archive logs are enabled regardless of the value you specify for db_archlog.

db_flashback

Controls whether flashback logs are enabled. Enter yes or no.

Value in template data file: yes

db_flashback_days

The minimum time in days to retain flashback logs in the recovery area.

Value in template data file: "1"

db_bkup_disk

Controls whether backups to local storage on the compute node are configured. Enter yes or no.

When taken together, the values of db_bkup_disk and db_bkup_oss determine the backup destination:

  • db_bkup_disk=yes and db_bkup_oss=yes — the Both Cloud Storage and Local Storage destination

  • db_bkup_disk=no and db_bkup_oss=yes — the Cloud Storage Only destination

  • db_bkup_disk=no and db_bkup_oss=no — the None destination

Value in template data file: yes

db_bkup_cron_entry

Controls whether an entry is added to the /etc/crontab file to enable daily backups. Enter yes or no.

Value in template data file: yes

db_bkup_daily_time

Specifies the time (using 24-hour, HH:MM format) when daily backups are to occur. For example, 02:45 is 2:45 AM, and 14:45 is 2:45 PM. Leave this value blank to have Database Cloud Service pick a random time from 11 PM (23:00) to 3 AM (03:00).

Value in template data file: Blank

db_bkup_disk_recovery_window

The number of days for which backups and archived redo logs on local storage are maintained. The interval always ends with the current time and extends back in time for the number of days specified.

Value in template data file: 7

db_bkup_oss

Controls whether backups to an Oracle Cloud Infrastructure Object Storage Classic container using Oracle Database Backup Cloud Service are to be configured. Enter yes or no.

When taken together, the values of db_bkup_disk and db_bkup_oss determine the backup destination:

  • db_bkup_disk=yes and db_bkup_oss=yes — the Both Cloud Storage and Local Storage destination

  • db_bkup_disk=no and db_bkup_oss=yes — the Cloud Storage Only destination

  • db_bkup_disk=no and db_bkup_oss=no — the None destination

Value in template data file: no

db_bkup_oss_url

The REST endpoint of the Oracle Cloud Infrastructure Object Storage Classic container to use for backups. For information on the value to provide, see See "About REST URLs for Oracle Storage Cloud Service Resources" in Using Oracle Cloud Infrastructure Object Storage Classic.

Value in template data file: Blank

db_bkup_oss_user

The user name of an Oracle Cloud user who has read/write access to the container specified in db_bkup_oss_url.

Value in template data file: Blank

db_bkup_oss_passwd

The password of the user specified in db_bkup_oss_user.

Value in template data file: Blank

db_bkup_oss_recovery_window

The number of days for which backups on cloud storage are maintained. The interval always ends with the current time and extends back in time for the number of days specified.

Value in template data file: 14

db_bkup_cfg_files

Controls whether backups are to include the files listed in /home/oracle/bkup/dbcfg.spec and /home/oracle/bkup/oscfg.spec. Enter yes or no.

Value in template data file: yes

db_bkup_cfg_recovery_window

The number of days for which backups of configuration files are maintained. The interval always ends with the current time and extends back in time for the number of days specified.

Value in template data file: Blank

db_tde_action

Controls whether TDE is configured. Enter config or none.

Value in template data file: none

db_tde_ks_login

Controls how the database is to access keys in the keystore wallet. Enter one of these values:

  • manual—Every time the database is started the administrator must log into the database and open the keystore wallet manually.

  • local—Every time the database is started the Local Auto Login TDE feature is used to open the keystore wallet automatically.

  • auto—Every time the database is started the Auto Login TDE feature is used to open the keystore wallet automatically.

Value in template data file: auto

db_net_security_enable

Controls whether Oracle Net Services data encryption and integrity are configured. Enter yes or no.

Value in template data file: no

db_net_security_encryption_enable

Controls whether Oracle Net Services data encryption is configured. Enter yes or no.

Value in template data file: yes

db_net_security_encryption_target

Specifies whether the Oracle Net Services data encryption configuration is for the server or the client. Use the value server.

Value in template data file: server

db_net_security_encryption_type

Specifies how Oracle Net Services data encryption is negotiated with clients. Enter one of these values:

  • rejected—Enter this value if you do not elect to enable data encryption, even if required by the client.

    In this scenario, this side of the connection specifies that data encryption is not permitted. If the client side is set to required, the connection terminates with error message ORA-12650. If the client side is set to requested, accepted or rejected, the connection continues without error and without data encryption enabled.

  • accepted—Select this value to enable data encryption if required or requested by the client.

    In this scenario, this side of the connection does not require data encryption, but it is enabled if the client side is set to required or requested. If the client side is set to required or requested, and an encryption algorithm match is found, the connection continues without error and with data encryption enabled. If the client side is set to required and no algorithm match is found, the connection terminates with error message ORA-12650.

    If the client side is set to requested and no algorithm match is found, or if the client side is set to accepted or rejected, the connection continues without error and without data encryption enabled.

  • requested—Select this value to enable data encryption if the client permits it.

    In this scenario, this side of the connection specifies that data encryption is desired but not required. Data encryption is enabled if the client side specifies accepted, requested, or required. There must be a matching algorithm available, otherwise data encryption is not enabled. If the client side specifies required and there is no matching algorithm, the connection fails.

  • required—Select this value to enable data encryption or preclude the connection.

    In this scenario, this side of the connection specifies that data encryption must be enabled. The connection fails if the client side specifies rejected or if there is no compatible algorithm.

Value in template data file: required

db_net_security_encryption_methods

Specifies a list of algorithms that can be used for data encryption. Separate the algorithms with commas and do not include spaces. Here is a list of valid encryption algorithms:

AES128  AES192  AES256

Value in template data file: AES256,AES192,AES128

db_net_security_integrity_enable

Controls whether Oracle Net Services data integrity is configured. Enter yes or no.

Value in template data file: yes

db_net_security_integrity_target

Specifies whether the Oracle Net Services data integrity configuration is for the server or the client. Use the value server.

Value in template data file: server

db_net_security_integrity_checksum_level

Specifies how Oracle Net Services data integrity is negotiated with clients. Enter one of these values:
  • rejected—Enter this value if you do not elect to enable data integrity, even if required by the client.

    In this scenario, this side of the connection specifies that data integrity is not permitted. If the client side is set to required, the connection terminates with error message ORA-12650. If the client side is set to requested, accepted or rejected, the connection continues without error and without data integrity enabled.

  • accepted—Select this value to enable data integrity if required or requested by the client.

    In this scenario, this side of the connection does not require data integrity, but it is enabled if the client side is set to required or requested. If the client side is set to required or requested, and an integrity algorithm match is found, the connection continues without error and with data integrity enabled. If the client side is set to required and no algorithm match is found, the connection terminates with error message ORA-12650.

    If the client side is set to requested and no algorithm match is found, or if the client side is set to accepted or rejected, the connection continues without error and without data integrity enabled.

  • requested—Select this value to enable data integrity if the client permits it.

    In this scenario, this side of the connection specifies that data integrity is desired but not required. Data integrity is enabled if the client side specifies accepted, requested, or required. There must be a matching algorithm available, otherwise data integrity is not enabled. If the client side specifies required and there is no matching algorithm, the connection fails.

  • required—Select this value to enable data integrity or preclude the connection.

    In this scenario, this side of the connection specifies that data integrity must be enabled. The connection fails if the client side specifies rejected or if there is no compatible algorithm.

Value in template data file: required

db_net_security_integrity_methods

Specifies a list of algorithms that can be used for data integrity. Separate the algorithms with commas and do not include spaces. Here is a list of valid integrity algorithms:

SHA1  SHA256  SHA384  SHA512

Note that of these four algorithms, SHA1 is the only one supported by Oracle Database 11g.

Value in template data file: SHA1