7 Appendices
The following appendices contain information that you may need to complete the requirements in the previous topics.
- Setting Up the Transparent Data Encryption Wallet
For Oracle Database 12c Release 2 and later, if the source database does not have TDE enabled, then it is mandatory that you configure the TDE wallet before migration begins. Enabling TDE on Oracle Database 11g Release 2 (11.2.0.4) and Oracle Database 12c Release 1 is not required. - Generating a Private SSH Key Without a Passphrase
If, on the Zero Downtime Migration service host, source database server, or target database server, the authentication key pairs are not available without a passphrase for the Zero Downtime Migration software installed user, you can generate a new SSH key using the following procedure. - Prechecks Verification
- List Migration Job Phases
- Migration Job Output
7.1 Setting Up the Transparent Data Encryption Wallet
For Oracle Database 12c Release 2 and later, if the source database does not have TDE enabled, then it is mandatory that you configure the TDE wallet before migration begins. Enabling TDE on Oracle Database 11g Release 2 (11.2.0.4) and Oracle Database 12c Release 1 is not required.
WALLET
status on both source and target databases
must be set to OPEN
, and the WALLET_TYPE
must be set to
AUTOLOGIN
.
Upon migration of your Oracle Database to the Oracle Cloud, bear in mind that Oracle databases in the Oracle Cloud are TDE enabled by default. Zero Downtime Migration will take care of the encryption of your target database, even if your source Oracle Database is not TDE enabled by default. However, once the switchover phase of the migration has taken place, the redo logs that the new primary database in the Oracle Cloud sends to the new standby database on your premises will be encrypted. Therefore, if you decide to switch back and role swap again making the on-premises database the primary again and the database in the Oracle Cloud the standby, the on-premises database will not be able to read the newly encrypted changed blocks applied by the redo logs unless TDE is enabled on-premises. In order to avoid post migration conflict, prior to performing the original switchover as part of the migration process, the recommended best practice is to perform appropriate testing and validation. There are options outside of Zero Downtime Migration for testing with a snapshot standby database, and once you are ready to proceed, delete the snapshot standby database and instruct Zero Downtime Migration to perform the switchover and finalize the migration process.
Parent topic: Appendices
7.2 Generating a Private SSH Key Without a Passphrase
If, on the Zero Downtime Migration service host, source database server, or target database server, the authentication key pairs are not available without a passphrase for the Zero Downtime Migration software installed user, you can generate a new SSH key using the following procedure.
SSH connectivity during Zero Downtime Migration operations requires direct, non-interactive access between the Zero Downtime Migration service host and the source and target database servers, and also between the source and target database servers, without the need to enter a passphrase.
Note:
The following steps show examples for generating a private SSH key for the software installed user. You can also use these steps for theopc
user.
Run the following command as the Zero Downtime Migration software installed user on the Zero Downtime Migration service host.
zdmuser> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/opc/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/opc/.ssh/id_rsa.
Your public key has been saved in /home/opc/.ssh/id_rsa.pub.
The key fingerprint is:
c7:ed:fa:2c:5b:bb:91:4b:73:93:c1:33:3f:23:3b:30 opc@rhost1
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| . . . |
| S o . = |
| . E . * |
| X.+o.|
| .= Bo.o|
| o+*o. |
+-----------------+
This command generates the id_rsa and id_rsa.pub files in the zdmuser home, for example, /home/zdmuser/.ssh.
You can add the public key (for example, /home/zdmuser/.ssh/id_rsa.pub) to the source and target database servers using the Oracle Cloud Infrastructure Console, or you can add it manually to the authorized_keys file on those servers, as shown below.
Add the contents of the Zero Downtime Migration service host /home/zdmuser/.ssh/id_rsa.pub file to the Oracle Cloud Infrastructure server opc user /home/opc/.ssh/authorized_keys file, as shown here.
[opc@rptest.ssh]$ export PS1='$PWD>'
/home/opc/.ssh>ls
authorized_keys authorized_keys.bkp id_rsa id_rsa.pub known_hosts zdmkey
/home/opc/.ssh>cat id_rsa.pub >> authorized_keys
You should save the private key in a separate, secure file, and use it to connect to the source and target database servers. For example, create a zdm_service_node.ppk file with permissions set to 600, and put the private key file into it on the Zero Downtime Migration service host software installed user home/.ssh to connect source and target database servers.
Parent topic: Appendices
7.3 Prechecks Verification
$ZDM_HOME/bin/zdmcli query job -jobid 5
rachu3dom.hu.oracle.com: Audit ID: 79
Job ID: 5
User: zdmuser
Client: rachu3dom
Scheduled job command: "zdmcli migrate database -sourcedb ZDM12201_phx1sp
-sourcenode zdm122011 -srcauth zdmauth -srcarg1 user:opc
-srcarg2 identity_file:/home/zdmuser/.ssh/zdm_service_host.ppk
-srcarg3 sudo_location:/usr/bin/sudo -targetnode ocitarget1
-targethome /u02/app/oracle/product/12.2.0/dbhome_3
-backupuser backup_user@example.com
-rsp /u01/app/zdmhome/rhp/zdm/template/zdm_template_ZDM12201.rsp
-tgtauth zdmauth -tgtarg1 user:opc
-tgtarg2 identity_file:/home/zdmuser/.ssh/zdm_service_host.ppk
-tgtarg3 sudo_location:/usr/bin/sudo -ignore ALL -eval"
Scheduled job execution start time: 2019-07-31T13:21:39+02.
Equivalent local time: 2019-07-31 13:21:39
Current status: SUCCEEDED
Result file path:
"/u01/app/zdmbase/chkbase/scheduled/job-5-2019-07-31-13:21:39.log"
Job execution start time: 2019-07-31 13:21:39
Job execution end time: 2019-07-31 13:35:20
Job execution elapsed time: 13 minutes 40 seconds
ZDM_GET_SRC_INFO .......... COMPLETED
ZDM_GET_TGT_INFO .......... COMPLETED
ZDM_SETUP_SRC ............. COMPLETED
ZDM_SETUP_TGT ............. COMPLETED
ZDM_GEN_RMAN_PASSWD ....... COMPLETED
ZDM_PREUSERACTIONS ........ COMPLETED
ZDM_PREUSERACTIONS_TGT .... COMPLETED
ZDM_VALIDATE_SRC .......... COMPLETED
ZDM_VALIDATE_TGT .......... COMPLETED
Parent topic: Appendices
7.4 List Migration Job Phases
$ZDM_HOME/bin/zdmcli migrate database -sourcedb ZDM12201_phx1sp
-sourcenode zdm122011 -srcauth zdmauth -srcarg1 user:opc
-srcarg2 identity_file:/home/zdmuser/.ssh/zdm_service_host.ppk
-srcarg3 sudo_location:/usr/bin/sudo -targetnode ocitarget1
-targethome /u02/app/oracle/product/12.2.0/dbhome_3
-backupuser backup_user@example.com
-rsp /u01/app/zdmhome/rhp/zdm/template/zdm_template_ZDM12201.rsp
-tgtauth zdmauth -tgtarg1 user:opc
-tgtarg2 identity_file:/home/zdmuser/.ssh/zdm_service_host.ppk
-tgtarg3 sudo_location:/usr/bin/sudo -listphases
rachu3dom.hu.oracle.com: Processing response file ...
pause and resume capable phases for this operation: "
ZDM_GET_SRC_INFO
ZDM_GET_TGT_INFO
ZDM_SETUP_SRC
ZDM_SETUP_TGT
ZDM_GEN_RMAN_PASSWD
ZDM_PREUSERACTIONS
ZDM_PREUSERACTIONS_TGT
ZDM_VALIDATE_SRC
ZDM_VALIDATE_TGT
ZDM_OBC_INST_SRC
ZDM_OBC_INST_TGT
ZDM_BACKUP_FULL_SRC
ZDM_BACKUP_INCREMENTAL_SRC
ZDM_DISCOVER_SRC
ZDM_COPYFILES
ZDM_PREPARE_TGT
ZDM_SETUP_TDE_TGT
ZDM_CLONE_TGT
ZDM_FINALIZE_TGT
ZDM_CONFIGURE_DG_SRC
ZDM_SWITCHOVER_SRC
ZDM_SWITCHOVER_TGT
ZDM_MANIFEST_TO_CLOUD
ZDM_NONCDBTOPDB_PRECHECK
ZDM_NONCDBTOPDB_CONVERSION
ZDM_POSTUSERACTIONS
ZDM_POSTUSERACTIONS_TGT
ZDM_CLEANUP_SRC
ZDM_CLEANUP_TGT"
Parent topic: Appendices
7.5 Migration Job Output
$ZDM_HOME/bin/zdmcli query job -jobid 6
rachu3dom.hu.oracle.com: Audit ID: 80
Job ID: 6
User: zdmuser
Client: rachu3dom
Scheduled job command: "zdmcli migrate database -sourcedb ZDM12201_phx1sp
-sourcenode zdm122011 -srcauth zdmauth -srcarg1 user:opc
-srcarg2 identity_file:/home/zdmuser/.ssh/zdm_service_host.ppk
-srcarg3 sudo_location:/usr/bin/sudo -targetnode exacstarget1
-targethome /u02/app/oracle/product/12.2.0/dbhome_3
-backupuser backup_user@example.com
-rsp /u01/app/zdmhome/rhp/zdm/template/zdm_template_ZDM12201.rsp
-tgtauth zdmauth -tgtarg1 user:opc
-tgtarg2 identity_file:/home/zdmuser/.ssh/zdm_service_host.ppk
-tgtarg3 sudo_location:/usr/bin/sudo -ignore ALL"
Scheduled job execution start time: 2019-07-31T13:47:27+02. Equivalent
local time: 2019-07-31 13:47:27
Current status: SUCCEEDED
Result file path:
"/u01/app/zdmbase/chkbase/scheduled/job-6-2019-07-31-13:47:39.log"
Job execution start time: 2019-07-31 21:37:13
Job execution end time: 2019-07-31 21:40:18
Job execution elapsed time: 23 minutes 5 seconds
ZDM_GET_SRC_INFO .............. COMPLETED
ZDM_GET_TGT_INFO .............. COMPLETED
ZDM_SETUP_SRC ................. COMPLETED
ZDM_SETUP_TGT ................. COMPLETED
ZDM_GEN_RMAN_PASSWD ........... COMPLETED
ZDM_PREUSERACTIONS ............ COMPLETED
ZDM_PREUSERACTIONS_TGT ........ COMPLETED
ZDM_VALIDATE_SRC .............. COMPLETED
ZDM_VALIDATE_TGT .............. COMPLETED
ZDM_OBC_INST_SRC .............. COMPLETED
ZDM_OBC_INST_TGT .............. COMPLETED
ZDM_BACKUP_FULL_SRC ........... COMPLETED
ZDM_BACKUP_INCREMENTAL_SRC .... COMPLETED
ZDM_DISCOVER_SRC .............. COMPLETED
ZDM_COPYFILES ................. COMPLETED
ZDM_PREPARE_TGT ............... COMPLETED
ZDM_SETUP_TDE_TGT ............. COMPLETED
ZDM_CLONE_TGT ................. COMPLETED
ZDM_FINALIZE_TGT .............. COMPLETED
ZDM_CONFIGURE_DG_SRC .......... COMPLETED
ZDM_SWITCHOVER_SRC ............ COMPLETED
ZDM_SWITCHOVER_TGT ............ COMPLETED
ZDM_MANIFEST_TO_CLOUD ......... COMPLETED
ZDM_NONCDBTOPDB_PRECHECK ...... COMPLETED
ZDM_NONCDBTOPDB_CONVERSION .... COMPLETED
ZDM_POSTUSERACTIONS ........... COMPLETED
ZDM_POSTUSERACTIONS_TGT ....... COMPLETED
ZDM_CLEANUP_SRC ............... COMPLETED
ZDM_CLEANUP_TGT ............... COMPLETED
Parent topic: Appendices