Manage Databases on Exadata Cloud Infrastructure

• Prerequisites and Limitations for Creating and Managing Oracle Databases on Oracle Exadata Database Service on Dedicated Infrastructure
  Review the prerequisites for creating and managing Oracle Databases on Oracle Exadata Database Service on Dedicated Infrastructure.
• Oracle Database Releases Supported by Oracle Exadata Database Service on Dedicated Infrastructure
  Learn about the versions of Oracle Database that Oracle Exadata Database Service on Dedicated Infrastructure supports.
• Provisioning and Managing Exadata Databases
  This topic describes creating and managing Oracle Databases on an Exadata Cloud Infrastructure instance instance.
• Using the API to manage Databases
  
• Create and Manage Exadata Pluggable Databases
  You can create and manage pluggable databases (PDBs) in Exadata Cloud Infrastructure using the Console and APIs.
• Changing the Database Passwords
  To change the SYS password, or to change the TDE wallet password, use this procedure.

Prerequisites and Limitations for Creating and Managing Oracle Databases on Oracle Exadata Database Service on Dedicated Infrastructure

Review the prerequisites for creating and managing Oracle Databases on Oracle Exadata Database Service on Dedicated Infrastructure.

Before you can create and use an Oracle Database on Exadata Cloud Infrastructure, you must:

• Provision Exadata Cloud Infrastructure infrastructure
• Configure a VM cluster
• Create any required backup destinations

You can create one or more databases on each Oracle Exadata Database Service on Dedicated Infrastructure system. Other than the storage and processing limits of your Oracle Exadata system, there is no maximum for the number of databases that you can create. By default, databases on Exadata Cloud Infrastructure use Oracle Database Enterprise Edition - Extreme Performance. This edition provides all the features of Oracle Database Enterprise Edition, plus all of the database enterprise management packs, and all of the Enterprise Edition options, such as Oracle Database In-Memory, and Oracle Real Application Clusters (Oracle RAC). If you use your own Oracle Database licenses, then your ability to use various features is limited by your license holdings. TDE Encryption is required for all cloud databases. All new tablespaces will automatically be enabled for encryption.

Oracle Database Releases Supported by Oracle Exadata Database Service on Dedicated Infrastructure

Learn about the versions of Oracle Database that Oracle Exadata Database Service on Dedicated Infrastructure supports.

Exadata Cloud Infrastructure supports the following Oracle Database software releases:

• Oracle Database 19c (19.0)
• Oracle Database 18c (18.0) is supported for approved customers only.
• Oracle Database 12c Release 2 (12.2) is supported for approved customers only.
• Oracle Database 12c Release 1 (12.1). Creating or updating a 12.1.0.2 database with an RU later than July 2022 requires a valid Market Driven Support (MDS) contract.
• Oracle Database 11g Release 2 (11.2). Creating or updating an 11.2.0.4 database with PSU later than April 2021 requires a valid Market Driven Support (MDS) contract.

For Oracle Database release and software support timelines, see Release Schedule of Current Database Releases (Doc ID 742060.1) in the My Oracle Support portal.

Provisioning and Managing Exadata Databases

This topic describes creating and managing Oracle Databases on an Exadata Cloud Infrastructure instance instance.

In this documentation, "database" refers to a container database (CDB). When you provision a database in an Exadata cloud VM cluster, the database includes an initial pluggable database (PDB). For more information on these resource types, see Multitenant Architecture in the Oracle Database documentation. See Exadata Pluggable Database Operations for more information on pluggable databases in Exadata Cloud Infrastructure.

You can create Database Homes, databases, and pluggable databases at any time by using the Console or the Database APIs.

When you add a database to a VM cluster on an Exadata instance, the database versions you can select from depend on the current patch level of that resource. You may have to patch your VM cluster to add later database versions.

After you provision a database, you can move it to another Database Home. Consolidating databases under the same home can facilitate management of these resources. All databases in a given Database Home share the Oracle Database binaries and therefore, have the same database version. The Oracle-recommended way to patch a database to a version that is different from the current version is to move the database to a home running the target version. For information about patching, see Patching an Exadata Cloud Service Instance.

Note:

When provisioning databases, make sure your VM cluster has enough OCPUs enabled to support the total number of database instances on the system. Oracle recommends the following general rule: for each database, enable 1 OCPU per node. See To scale CPU cores in an Exadata Cloud Service cloud VM cluster or DB system for information on scaling your OCPU count up or down.

When you create an Exadata database, you can choose to encrypt the database using your own encryption keys that you manage. You can rotate encryption keys, periodically, to maintain security compliance and, in cases of personnel changes, to disable access to a database.

Note:

• The encryption key you use must be AES-256.
• To ensure that your Exadata database uses the most current versions of the Vault encryption key, rotate the key from the Database Details page on the Oracle Cloud Infrastructure Console. Do not use the Vault service's Console pages to rotate your Database keys.

If you want to use your own encryption keys to encrypt a database that you create, then you must create a dynamic group and assign specific policies to the group for customer-managed encryption keys. See Managing Dynamic Groups and Let security admins manage vaults, keys, and secrets. Additionally, see To integrate customer-managed key management into Exadata Cloud Service if you need to update customer-managed encryption libraries for the Vault service.

You can also add and remove databases, and perform other management tasks on a database by using command line utilities. For information and instructions on how to use these utilities, see Creating and Managing Exadata Databases Manually.

• Database Memory Initialization Parameters
  
• Customer-Managed Keys in Exadata Cloud Infrastructure
  Customer-managed keys for Exadata Cloud Infrastructure is a feature of Oracle Cloud Infrastructure (OCI) Vault service that enables you to encrypt your data using encryption keys that you control.
• Using the Console to Manage Databases on Oracle Exadata Database Service on Dedicated Infrastructure
  To create or terminate a database, complete procedures using the Oracle Exadata console.
• Known Issues in Exadata Cloud Infrastructure
  rac stopdb failed

Database Memory Initialization Parameters

• When creating a container database, the initialization parameter, SGA_TARGET is set by the automation. This will automatically size the SGA memory pools. The setting will vary depending on the size of the database VM total memory. If the VM has less than or equal to 60 GB of system memory, SGA_TARGET is set to 3800 MB. If the VM has 60 GB or more system memory, SGA_TARGET is set to 7600 MB.
• The database initialization parameter USE_LARGE_PAGES is set to ONLY upon database creation, which will require the use of large pages for SGA memory. If the VM is configured with insufficient large pages, the instance will fail to start.

Customer-Managed Keys in Exadata Cloud Infrastructure

Customer-managed keys for Exadata Cloud Infrastructure is a feature of Oracle Cloud Infrastructure (OCI) Vault service that enables you to encrypt your data using encryption keys that you control.

The OCI Vault service provides you with centralized key management capabilities that are highly available and durable. This key-management solution also offers secure key storage using isolated partitions (and a lower-cost shared partition option) in FIPS 140-2 Level 3-certified hardware security modules, and integration with select Oracle Cloud Infrastructure services. Use customer-managed keys when you need security governance, regulatory compliance, and homogenous encryption of data, while centrally managing, storing, and monitoring the life cycle of the keys you use to protect your data.

You can:

• Enable customer-managed keys when you create databases in Exadata Cloud Infrastructure
• Switch from Oracle-managed keys to customer-managed keys
• Rotate your keys to maintain security compliance

Requirements

To enable management of customer-managed encryption keys, you must create a policy in the tenancy that allows a particular dynamic group to do so, similar to the following: allow dynamic-group dynamic_group_name to manage keys in tenancy.

Another policy is needed if the Vault being used by the customer is replicated (https://docs.oracle.com/en-us/iaas/Content/KeyManagement/Tasks/replicatingvaults.htm). For vaults that are replicated, this policy is needed: allow dynamic-group dynamic_group_name to read vaults in tenancy

Limitations

To enable Data Guard on Exadata Cloud Infrastructure databases that use customer-managed keys, the primary and standby databases must be in the same realm .

Related Topics

• To create a database in an existing Exadata Cloud Service instance
• To create an X7 or X8 Exadata DB system
• To administer Vault encryption keys
• Known Issues for Exadata Cloud Infrastructure and Data Guard related to Oracle Database 12c

• To integrate customer-managed key management into Exadata Cloud Infrastructure
  If you choose to encrypt databases in an Exadata Cloud Infrastructure instance using encryption keys that you manage, then you may update the following two packages (using Red Hat Package Manager) to enable DBAASTOOLS to interact with the APIs that customer-managed key management uses.

To integrate customer-managed key management into Exadata Cloud Infrastructure

If you choose to encrypt databases in an Exadata Cloud Infrastructure instance using encryption keys that you manage, then you may update the following two packages (using Red Hat Package Manager) to enable DBAASTOOLS to interact with the APIs that customer-managed key management uses.

KMS TDE CLI

To update the KMS TDE CLI package, you must complete the following task on all nodes in the Exadata Cloud Infrastructure instance:

1. Deinstall current KMS TDE CLI package, as follows:

   rpm -ev kmstdecli

2. Install the updated KMS TDE CLI package, as follows:

   rpm -ivh kms_tde_cli

LIBKMS

LIBKMS is a library package necessary to synchronize a database with customer-managed key management through PKCS11. When a new version of LIBKMS is installed, any databases converted to customer-managed key management continue to use the previous LIBKMS version, until the database is stopped and restarted.

To update the LIBKMS package, you must complete the following task on all nodes in the Exadata Cloud Infrastructure instance:

1. Confirm that the LIBKMS package is already installed, as follows:

   rpm -qa --last | grep libkmstdepkcs11

2. Install a new version of LIBKMS, as follows:

   rpm -ivh libkms

3. Use SQL*Plus to stop and restart all databases converted to customer-managed key management, as follows:

   shutdown immediate;
   startup;

4. Ensure that all converted databases are using the new LIBKMS version, as follows:

   for pid in $(ps aux | grep "<dbname>" | awk '{print $2;}'); do echo $pid; sudo lsof -p $pid | grep kms | grep "pkcs11_[0-9A-Za-z.]*" | sort -u; done | grep pkcs11

5. Deinstall LIBKMS packages that are no longer being used by any database, as follows:

   rpm -ev libkms

Using the Console to Manage Databases on Oracle Exadata Database Service on Dedicated Infrastructure

To create or terminate a database, complete procedures using the Oracle Exadata console.

• To create a database in an existing Exadata Cloud Infrastructure instance
  This topics covers creating your first or subsequent databases.
• To view details of a Protected Database
  To view the details of a Protected Database, use this procedure.
• To create a database from a backup
  
• To create a database from the latest backup
  
• To move a database to another Database Home
  This task explains how to patch a single Oracle Database in your Exadata Cloud Infrastructure instance by moving it to another Database Home.
• To terminate a database
  
• To administer Vault encryption keys
  Use this procedure to rotate the Vault encryption key or or change the encryption management configuration.

To create a database in an existing Exadata Cloud Infrastructure instance

This topics covers creating your first or subsequent databases.

Note:

If IORM is enabled on the Exadata Cloud Infrastructure instance, then the default directive will apply to the new database and system performance might be impacted. Oracle recommends that you review the IORM settings and make applicable adjustments to the configuration after the new database is provisioned.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud
2. Choose your Compartment.
3. Navigate to the cloud VM cluster or DB system you want to create the database in:

   Cloud VM clusters (The New Exadata Cloud Infrastructure Resource Model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems: Under Oracle Base Database, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

4. Click Create Database.
5. In the Create Database dialog, enter the following:

   Note:

   You cannot modify the db_name, db_unique_name, and SID prefix after creating the database.
   • Database name: The name for the database. The database name must meet the requirements:
     • Maximum of 8 characters
     • Contain only alphanumeric characters
     • Begin with an alphabetic character
     • Cannot be part of the first 8 characters of a DB_UNIQUE_NAME on the VM cluster
     • DO NOT use the following reserved names: grid, ASM
   • Database unique name suffix:

     Optionally, specify a value for the DB_UNIQUE_NAME database parameter. The value is case insensitive.

     The unique name must meet the requirements:

     • Maximum of 30 characters
     • Contain only alphanumeric or underscore (_) characters
     • Begin with an alphabetic character
     • Unique across the VM cluster. Recommended to be unique across the tenancy.
     If not specified, the system automatically generates a unique name value, as follows:

     <db_name>_<3_chars_unique_string>_<region-name>

   • Database version: The version of the database. You can mix database versions on the Exadata DB system.
   • Database Home: The Oracle Database Home for the database. Choose the applicable option:
     • Select an existing Database Home: The Database Home display name field allows you to choose the Database Home from the existing homes for the database version you specified. If no Database Home with that version exists, you must create a new one.
     • Create a new Database Home: Use this option to provision a new Database Home for your Data Guard peer database.

       Click Change Database Image to use an older Oracle-published image or a custom database software image that you have created in advance, then select an Image Type:

       • Oracle Provided Database Software Images:

         then you can use the Display all available version switch to choose from all available PSUs and RUs. The most recent release for each major version is indicated with a latest label.

         Note:

         For the Oracle Database major version releases available in Oracle Cloud Infrastructure, images are provided for the current version plus the three most recent older versions (N through N - 3). For example, if an instance is using Oracle Database 19c, and the latest version of 19c offered is 19.8.0.0.0, images available for provisioning are for versions 19.8.0.0.0, 19.7.0.0, 19.6.0.0 and 19.5.0.0.
       • Custom Database Software Images: These images are created by your organization and contain customized configurations of software updates and patches. Use the Select a compartment and Select a Database version selectors to limit the list of custom database software images to a specific compartment or Oracle Database software major release version.
   • PDB name: (Optional) For Oracle Database 12c (12.1.0.2) and later, you can specify the name of the pluggable database. The PDB name must begin with an alphabetic character, and can contain a maximum of eight alphanumeric characters. The only special character permitted is the underscore ( _).

     To avoid potential service name collisions when using Oracle Net Services to connect to the PDB, ensure that the PDB name is unique across the entire VM cluster. If you do not provide the name of the first PDB, then a system-generated name is used.

   • Create administrator credentials: (Read only) A database administrator SYS user will be created with the password you supply.
     • Username: SYS
     • Password: Supply the password for this user. The password must meet the following criteria:

       A strong password for SYS, SYSTEM, TDE wallet, and PDB Admin. The password must be 9 to 30 characters and contain at least two uppercase, two lowercase, two numeric, and two special characters. The special characters must be _, #, or -. The password must not contain the username (SYS, SYSTEM, and so on) or the word "oracle" either in forward or reversed order and regardless of casing.

     • Confirm password: Re-enter the SYS password you specified.
     • Using a TDE wallet password is optional. If you are using customer-managed encryption keys stored in a vault in your tenancy, the TDE wallet password is not applicable to your DB system. Use Show Advanced Options at the end of the Create Database dialog to configure customer-managed keys.

       If you are using customer-managed keys, or if you want to specify a different TDE wallet password, uncheck the Use the administrator password for the TDE wallet box. If you are using customer-managed keys, leave the TDE password fields blank. To set the TDE wallet password manually, enter a password in the Enter TDE wallet password field, and then confirm by entering it into the Confirm TDE wallet password field.

   • Configure database backups: Specify the settings for backing up the database to Autonomous Recovery Service or Object Storage:

     • Enable automatic backup: Check the check box to enable automatic incremental backups for this database. If you are creating a database in a security zone compartment, you must enable automatic backups.
     • Backup Destination: Your choices are Autonomous Recovery Service or Object Storage.
     • Backup Scheduling:
       • Object Storage (L0):
         • Full backup scheduling day: Choose a day of the week for the initial and future L0 backups to start.
         • Full backup scheduling time (UTC): Specify the time window when the full backups start when the automatic backup capability is selected.

         • Take the first backup immediately: A full backup is an operating system backup of all datafiles and the control file that constitute an Oracle Database. A full backup should also include the parameter file(s) associated with the database. You can take a full database backup when the database is shut down or while the database is open. You should not normally take a full backup after an instance failure or other unusual circumstances.

           If you choose to defer the first full backup your database may not be recoverable in the event of a database failure.

       • Object Storage (L1):
         • Incremental backup scheduling time (UTC): Specify the time window when the incremental backups start when the automatic backup capability is selected.
       • Autonomous Recovery Service (L0):
         • Scheduled day for initial backup: Choose a day of the week for the initial backup.
         • Scheduled time for initial backup (UTC): Select the time window for the initial backup.

         • Take the first backup immediately: A full backup is an operating system backup of all datafiles and the control file that constitute an Oracle Database. A full backup should also include the parameter file(s) associated with the database. You can take a full database backup when the database is shut down or while the database is open. You should not normally take a full backup after an instance failure or other unusual circumstances.

           If you choose to defer the first full backup your database may not be recoverable in the event of a database failure.

       • Autonomous Recovery Service (L1):
         • Scheduled time for daily backup (UTC): Specify the time window when the incremental backups start when the automatic backup capability is selected.
     • Deletion options after database termination: Options that you can use to retain protected database backups after the database is terminated. These options can also help restore the database from backups in case of accidental or malicious damage to the database.
       • Retain backups for the period specified in your protection policy or backup retention period: Select this option if you want to retain database backups for the entire period defined in the Object Storage Backup retention period or Autonomous Recovery Service protection policy after the database is terminated.
       • Retain backups for 72 hours, then delete: Select this option to retain backups for a period of 72 hours after you terminate the database.

     • Backup Retention Period/Protection Policy: If you choose to enable automatic backups, you can choose a policy with one of the following preset retention periods, or a Custom policy.

       Object Storage Backup retention period: 7, 15, 30, 45, 60. Default: 30 days. The system automatically deletes your incremental backups at the end of your chosen retention period.

       Autonomous Recovery Service protection policy:

       • Bronze: 14 days
       • Silver: 35 days
       • Gold: 65 days
       • Platinum: 95 days
       • Custom defined by you
       • Default: Silver - 35 days
     • Enable Real-Time Data Protection: Real-time protection is the continuous transfer of redo changes from a protected database to Autonomous Recovery Service. This reduces data loss and provides a recovery point objective (RPO) near 0. This is an extra cost option.

6. Click Show Advanced Options to specify advanced options for the database:

   • Management:

     Oracle SID prefix: The Oracle Database instance number is automatically added to the SID prefix to create the INSTANCE_NAME database parameter. The INSTANCE_NAME parameter is also known as the SID. The SID is unique across the cloud VM Cluster. If not specified, SID prefix defaults to the db_name.

     Note:

     Entering an SID prefix is only available for Oracle 12.1 databases and above.

     The SID prefix must meet the requirements:

     • Maximum of 12 characters
     • Contain only alphanumeric characters
     • Begin with an alphabetic character
     • Unique in the VM cluster
     • DO NOT use the following reserved names: grid, ASM
   • Character set: The character set for the database. The default is AL32UTF8.
   • National character set: The national character set for the database. The default is AL16UTF16.

   • Encryption:

     If you are creating a database in an Exadata Cloud Service VM Cluster, then you can choose to use encryption based on encryption keys that you manage. By default, the database is configured using Oracle-managed encryption keys. To configure the database with encryption based on encryption keys you manage:

     1. Select Use customer-managed keys. You must have a valid encryption key in Oracle Cloud Infrastructure Vault service. See Let security admins manage vaults, keys, and secrets.

        Note:

        You must use AES-256 encryption keys for your database.
     2. Choose a Vault.
     3. Select a Master encryption key.
     4. To specify a key version other than the latest version of the selected key, check Choose the key version and enter the OCID of the key you want to use in the Key version OCID field.

     Note:

     The Key version will only be assigned to the container database (CDB), and not to its pluggable database (PDB). PDB will be assigned an automatically generated new key version.
   • Tags: If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags . If you are not sure whether to apply tags, skip this option (you can apply tags later) or ask your administrator.
7. Click Create Database.

After database creation is complete, the status changes from Provisioning to Available, and on the database details page for the new database, the Encryption section displays the encryption key name and the encryption key OCID.

WARNING:

Do not delete the encryption key from the vault. This causes any database protected by the key to become unavailable.

To view details of a Protected Database

To view the details of a Protected Database, use this procedure.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud
2. Choose your Compartment.
3. Navigate to the database:

   Cloud VM clusters (The New Exadata Cloud Infrastructure Resource Model): Under Exadata at Oracle Cloud, click Exadata VM Clusters.

   In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems: Under Oracle Base Database, click DB Systems.

   In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

   On the cloud VM cluster or DB system details page, in the Databases table, click the name of the database to display the Database Details page.The Backup section displays the state of the automatic backups. If the Autonomous Recovery Service is the destination, a link will be available which includes additional details. You can also check if Real-time Data Protection is enabled or disabled. Click the Autonomous Recovery Service link to be taken to the page containing the Protected Database details.For more information about Protected Databases, see Viewing Protected Database Details.

To create a database from a backup

Before you begin, note the following:

• When you create a database from a backup, the availability domain is the same as the availability domain that hosts the backup or a different one within the same region.
• The Oracle Database software version you specify must be the same or later version as that of the backed-up database.
• If you are creating a database from an automatic backup, then you can choose any level 0 weekly backup, or a level 1 incremental backup created after the most recent level 0 backup. For more information on automatic backups, see Using the Console
• If the backup being used to create a database is in a security zone compartment, the database cannot be created in a compartment that is not in a security zone. See the Security Zone Policies topic for a full list of policies that affect Database service resources.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud.
2. Choose your Compartment.
3. Navigate to a backup.
   • Standalone backups: Click Standalone Backups under Oracle Exadata Database Service on Dedicated Infrastructure.

   • Automatic backups: Navigate to the Database Details page of the database associated with the backup:

     • Cloud VM clusters (new resource model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.
     • DB systems: Under Exadata at Oracle Cloud, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

     Click the name of the database associated with the backup that you will use to create the new database. Locate the backup in the list of backups on the Database Details page.

4. Click the Actions icon (three dots) for the backup you chose.
5. Click Create Database. On the Create Database from Backup page, configure the database as follows.
6. In the Provide basic information for the Exadata infrastructure section:
   • Select an availability domain: It could be the same as the availability domain that hosts the backup or a different one within the same region
   • Select Exadata infrastructure: Select an Exadata infrastructure from the chosen compartment. Click the Change Compartment hyperlink to choose a different compartment.
7. In the Configure your DB system section:
   • Backups created in cloud VM clusters: Choose a cloud VM cluster to run the database from the Select a VM cluster drop-down list.
   • Backups created in DB systems: Choose a shape from the Select a shape drop-down list, then choose a DB system to run the database from the Select a DB system drop-down list.
8. In the Configure Database Home section:
   • Select an existing Database Home: If you choose this option, make a selection from the Select a Database Home drop-down list.

     Note:

     You can not create a database from backup in the same Database Home where the source database exists.
   • Create a new Database home: If you choose this option, enter a name for the new Database Home in the Database Home display name field. Click Change Database Image to select a database software image for the new Database Home. In the Select a Database Software Image panel, do the following:
     1. Select the compartment containing the database software image you want to use to create the new Database Home.
     2. Select the Oracle Database software version that the new Database Home will use, then choose an image from the list of available images for your selected software version.

        Note:

        Database restore operations for Databases of 12.2.0.1 and earlier are not allowed at this time.
     3. Click Select.
9. In the Configure database section:

   Note:

   You cannot modify the db_name, db_unique_name , and SID prefix after creating the database.
   • In the Database name field, name the database or accept the default name. The database name must meet the requirements:
     • Maximum of 8 characters
     • Contain only alphanumeric characters
     • Begin with an alphabetic character

     • Cannot be part of first 8 characters of a different database's db_unique_name on the VM cluster

     • DO NOT use the following reserved names: grid, ASM
   • Database unique name: Specify a value for the DB_UNIQUE_NAME database parameter. The unique name must meet the requirements:
     • Maximum of 30 characters
     • Contain only alphanumeric or underscore (_) characters
     • Begin with an alphabetic character
     • Unique across the VM cluster. Recommended to be unique across the tenancy.
     If not specified, the system automatically generates a unique name value, as follows:

     <db_name>_<3_chars_unique_string>_<region-name>

   • Administrator username: This read-only field displays the username for the administrator, "sys".
   • In the Password and Confirm password fields, enter and re-enter a password.

     A strong password for SYS administrator must be 9 to 30 characters and contain at least two uppercase, two lowercase, two numeric, and two special characters. The special characters must be _, #, or -. The password must not contain the user name (SYS, SYSTEM, and so on) or the word "oracle" either in forward or reverse order and regardless of casing.

10. In the Enter the source database's TDE wallet or RMAN password field, enter a password that matches either the Transparent Data Encryption (TDE) wallet password or RMAN password for the source database.
11. Click Show Advanced Options to specify advanced options for the database:
    • Management
      Oracle SID prefix: This option is in the Management tab. The Oracle Database instance number is automatically added to the SID prefix to create the INSTANCE_NAME database parameter. If not provided, then the SID prefix defaults to the first twelve characters of the db_name.

      Note:

      Entering an SID prefix is only available for Oracle 12.1 databases and above.

      The SID prefix must meet the requirements:

      • Maximum of 12 characters
      • Contain only alphanumeric characters
      • Begin with an alphabetic character
      • Unique in the VM cluster
      • DO NOT use the following reserved names: grid, ASM
12. Click Create Database.

1. Click the Exadata cloud VM cluster or DB system name that contains the specific database to display the details page.
2. From the list of databases, click the database name associated with the backup you want to use to display a list of backups on the database details page. You can also access the list of backups for a database by clicking Backups in the Resources section.

1. Click Standalone Backups under Exadata on Oracle Public Cloud.
2. In the list of standalone backups, find the backup you want to use to create the database.

• To navigate to the list of standalone backups for your current compartment
  

To navigate to the list of standalone backups for your current compartment

1. Click Standalone Backups under Exadata on Oracle Public Cloud.
2. In the list of standalone backups, find the backup you want to use to create the database.

To create a database from the latest backup

Before you begin, note the following:

• When you create a database from a backup, the availability domain is the same as the availability domain that hosts the backup or a different one within the same region.
• The Oracle Database software version you specify must be the same or later version as that of the backed-up database.
• If the backup being used to create a database is in a security zone compartment, the database cannot be created in a compartment that is not in a security zone. See the Security Zone Policies topic for a full list of policies that affect Database service resources.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud
2. Choose your Compartment.
3. Navigate to the cloud VM cluster that contains the source database you are using to create the new database:
   • Cloud VM clusters (new resource model) Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.
   • DB systems Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.
4. Under Databases, click the name of the database you are using as the source for the new database.
5. On the Database Details page, click Create Database from Last Backup.
6. In the Provide basic information for the Exadata infrastructure section:
   • Select an availability domain: It could be the same as the availability domain that hosts the backup or a different one within the same region.
   • Select Exadata infrastructure: Select an Exadata infrastructure from the chosen compartment. Click the Change Compartment hyperlink to choose a different compartment.
7. On the Create Database from Backup page, configure the database as follows.
8. In the Configure your DB system section: Backups created in cloud VM clusters: Choose a cloud VM cluster to run the database from the Select a VM cluster drop-down list.
   • Backups created in cloud VM clusters: Choose a cloud VM cluster to run the database from the Select a VM cluster drop-down list.
   • Backups created in DB systems: Choose a shape from the Select a shape drop-down list, then choose a DB system to run the database from the Select a DB system drop-down list.
9. In the Configure Database Home section:
   • Select an existing Database Home: If you choose this option, make a selection from the Select a Database Home drop-down list.
   • Create a new Database home: If you choose this option, enter a name for the new Database Home in the Database Home display name field. Click Change Database Image to select a database software image for the new Database Home. In the Select a Database Software Image panel, do the following:
     1. Select the compartment containing the database software image you want to use to create the new Database Home.
     2. Select the Oracle Database software version that the new Database Home will use, then choose an image from the list of available images for your selected software version.
     3. Click Select.
10. In the Configure database section:

    Note:

    You cannot modify the db_name, db_unique_name, and SID prefix after creating the database.

    • Database name: The name for the database. The database name must meet the requirements:

      • Maximum of 8 characters
      • Contain only alphanumeric characters
      • Begin with an alphabetic character
      • Cannot be part of first 8 characters of a DB_UNIQUE_NAME on the VM cluster
      • DO NOT use the following reserved names: grid, ASM

    • Database unique name: Optionally, specify a value for the DB_UNIQUE_NAME database parameter. The value is case insensitive.

      The unique name must meet the requirements:

      • Maximum of 30 characters
      • Contain only alphanumeric or underscore (_) characters
      • Begin with an alphabetic character
      • Unique across the VM cluster. Recommended to be unique across the tenancy.
      If not specified, the system automatically generates a unique name value, as follows:

      <db_name>_<3_chars_unique_string>_<region-name>

    • Administrator username: This read-only field displays the username for the administrator, "sys".
    • In the Password and Confirm password fields, enter and re-enter a password.

      A strong password for SYS administrator must be 9 to 30 characters and contain at least two uppercase, two lowercase, two numeric, and two special characters. The special characters must be _, #, or -. The password must not contain the user name (SYS, SYSTEM, and so on) or the word "oracle" either in forward or reverse order and regardless of casing.

11. In the Enter the source database's TDE wallet or RMAN password field, enter a password that matches either the Transparent Data Encryption (TDE) wallet password or RMAN password for the source database.
12. Click Show Advanced Options to specify advanced options for the database.
    • Management
      Oracle SID prefix: The Oracle Database instance number is automatically added to the SID prefix to create the INSTANCE_NAME database parameter. he INSTANCE_NAME parameter is also known as the SID. The SID is unique across the cloud VM cluster. If not specified, SID prefix defaults to the first 12 characters of the db_name.

      Note:

      Entering an SID prefix is only available for Oracle 12.1 databases and above.

      The SID prefix must meet the requirements:

      • Maximum of 12 characters
      • Contain only alphanumeric characters
      • Begin with an alphabetic character
      • Unique in the VM cluster
      • DO NOT use the following reserved names: grid, ASM
13. Click Create Database.

To move a database to another Database Home

This task explains how to patch a single Oracle Database in your Exadata Cloud Infrastructure instance by moving it to another Database Home.

You can move a database to any Database Home that meets at either of the following criteria:

• The target Database Home uses the same Oracle Database software version (including patch updates) as the source Database Home
• The target Database Home is based on either the latest version of the Oracle Database software release used by the database, or one of the three prior versions of the release

Moving a database to a new Database Home brings the database up to the patch level of the target Database Home. For information on patching Database Homes, see Database Home Patching and .

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud
2. Choose your Compartment.
3. Navigate to the database you want to move.:

   Cloud VM clusters ( The New Exadata Cloud Infrastructure Resource Model ): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, click the name of the VM cluster that contains the database you wan to move.

   DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find you want to access, and then click the name of the Exadata DB system that contains the database you want to move..

4. Click More Actions, then click Move to Another Home.
5. Select the target Database Home.
6. Click Move Database.

7. Confirm the move operation.

   The database is moved in a rolling fashion. The database instance will be stopped, node by node, in the current home and then restarted in the destination home. While the database is being moved, the Database Home status displays as Moving Databse. When the operation completes, Database Home is updated with the current home. Datapatch is executed automatically, as part of the database move, to complete post-patch SQL actions for all patches, including one-offs, on the new Database Home. If the database move operation is unsuccessful, then the status of the database displays as Failed, and the Database Home field provides information about the reason for the failure.

To terminate a database

You'll get the chance to back up the database prior to terminating it. This creates a standalone backup that can be used to create a database later. We recommend that you create this final backup for any production (non-test) database.

Note:

Terminating a database removes all automatic incremental backups of the database from Oracle Cloud Infrastructure Object Storage. However, all full backups that were created on demand, including your final backup, will persist as standalone backups.

You cannot terminate a database that is assuming the primary role in a Data Guard association. To terminate it, you can switch it over to the standby role.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud
2. Choose your Compartment.

3. Navigate to the database:

   Cloud VM clusters (The New Exadata Cloud Infrastructure Resource Model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems: Under Oracle Base Database, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

   On the cloud VM cluster or DB system details page, in the Databases table, click the name of the database to display the Database Details page.
4. Click More Actions, and then click Terminate.
   For the database using Oracle Cloud Infrastructure Object Storage or Oracle Database Autonomous Recovery Service: In the confirmation dialog,

   • Review the message about the backup retention policy.
   • Configure automatic backups as needed.
   • Type the name of the database to confirm the termination
5. Click Terminate Database.

   The database's status indicates Terminating.

   Note:

   The database stays in a terminated state with backups listed until all backups are expired.

To administer Vault encryption keys

Use this procedure to rotate the Vault encryption key or or change the encryption management configuration.

After you provision a database in an Exadata DB system or cloud VM cluster, you can rotate the Vault encryption key or change the encryption management configuration for that database.

Note:

• To ensure that your Exadata database uses the most current version of the Vault encryption key, rotate the key from the database details page on the Oracle Cloud Infrastructure Console. Do not use the Vault service.
• You can rotate Vault encryption keys only on databases that are configured with customer-managed keys.
• You can change encryption key management from Oracle-managed keys to customer-managed keys but you cannot change from customer-managed keys to Oracle-managed keys.
• Oracle supports administering encryption keys on databases after Oracle Database 11g release 2 (11.2.0.4).

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud
2. Choose your compartment from the Compartment drop-down.
3. Navigate to the cloud VM cluster that contains the database for which you want to change encryption management or to rotate a key.

   Cloud VM clusters: Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, locate the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

4. In the Databases section, click the name of the database for which you want to change encryption management or to rotate a key to display its details page.
5. Click the More Actions drop-down.
6. Click Administer Encryption Key.

   To rotate an encryption key on a database using customer-managed keys:

   1. Click Rotate Encryption Key to display a confirmation dialog.
   2. Click Rotate Key.

   To change key management type from Oracle-managed keys to customer-managed keys:

   1. Click Change Key Management Type.
   2. Select Use customer-managed keys.

      You must have a valid encryption key in Oracle Cloud Infrastructure Vault service and provide the information in the subsequent steps. See Key and Secret Management Concepts.

   3. Choose a vault from the Vault in compartment drop-down. You can change the compartment by clicking the Change Compartment link.
   4. Select an encryption key from the Master encryption key in compartment drop-down. You can change the compartment containing the encryption key you want to use by clicking the Change Compartment link.
   5. If you want to use an encryption key that you import into your vault, then select Change Compartment and enter the OCID of the key you want to use in the Key version OCID field.
7. Click Apply.

Note:

Changing key management causes the database to become briefly unavailable.

Caution:

After changing key management to customer-managed keys, do not delete the encryption key from the vault as this can cause the database to become unavailable.

On the database details page for this database, the Encryption section displays the encryption key name and the encryption key OCID.

Known Issues in Exadata Cloud Infrastructure

rac stopdb failed

rac stopdb failed to stop db

When GI version is 19.17 then creating a database against 11.2.0.4 Oracle home with patchsets July ’22 RU or older will fail with error mentioned in bug#28326679

Example:

ERROR : rac stopdb, failed to stop db viacmd export ORACLE_HOME=/u02/app/oracle/product/11.2.0/dbhome_1 ;/u02/app/oracle/product/11.2.0/dbhome_1/bin/srvctl stop database -d db008077-o immediate, out : PRCD-1120 : The resource for database db008077 could notbe found. PRCR-1001 : Resource ora.db008077.db does not exist, err :1 }

Solution:

Option 1: (Create new oracle home with Custom Image):

• Create custom image for 11.2.0.4 with patchsets July ’22 RU or older along with bug#28326679 one off
• Create Oracle home using above customer image
• Create database against the home

Option 2 (Apply one-off to existing Oracle home) :

• Download the patch for bug#28326679
• Apply the patch using opatch

Applicability:

• For ExaCS and ExaCC-Gen2, Both options given above will work.
• For ExaCC – Gen1, Option 2 (Apply one-off to existing Oracle home) will work.

Using the API to manage Databases

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these API operations to manage databases.

• ListDatabases
• GetDatabase
• CreateDatabase
• UpdateDatabase - Use this operation to move a database to another Database Home
• DeleteDatabase

For the complete list of APIs for the Database service, see Database Service API.

Create and Manage Exadata Pluggable Databases

You can create and manage pluggable databases (PDBs) in Exadata Cloud Infrastructure using the Console and APIs.

In this documentation, "database" refers to a container database, also called a CDB. For more information on these resource types, see Multitenant Architecture in the Oracle Database documentation. See Provisioning and Managing Exadata Databases for information on container databases in Exadata Cloud Infrastructure.

Oracle 19c or later databases created in Exadata Cloud Infrastructure include an initial PDB that you can access from the Database Details page in the Console. You can create and manage additional PDBs in the database using the Console or APIs.

• Limitations for Pluggable Database Management
  
• Creating an Exadata Pluggable Database
  
• Managing an Exadata Pluggable Database
  This topic includes the procedures to connect to, start, stop, and delete a pluggable database (PDB).
• Cloning an Exadata Pluggable Database
  You can create both local and remote clones.

Limitations for Pluggable Database Management

• New PDBs created with SQL are not immediately discovered by OCI's control plane and displayed in the Console. However, OCI does perform a sync operation on a regular basis to discover manually-created PDBs, and they should be visible in the Console and with API-based tools within 45 minutes of creation. Oracle recommends using the Console or API-based tools (including the OCI CLI , SDKs, and Terraform) to create PDBs.
• Pluggable database operations are supported only for databases using Oracle Database 19c and later.
• PDBs are backed up at the CDB level when using the OCI Console or APIs, and each backup includes all the PDBs in the database. However, the dbaascli utility's dbaascli database backup command allows you to create backups of specified PDBs. See Using the dbaascli Utility on Exadata Cloud Infrastructure for more information.
• Restore operations are performed at the CDB level when using the OCI Console or APIs. However, the dbaascli utility's dbaascli pdb recover command allows you to restore backups of specified PDBs. See Using the dbaascli Utility on Exadata Cloud Infrastructure for more information.

Creating an Exadata Pluggable Database

You can create a pluggable database (PDB) in Exadata Cloud Service from the OCI Console, or with the APIs and API-based tools (the OCI CLI, SDKs, and Terraform). PDBs must be created one at a time. During the PDB create operation, the parent database (CDB) is in the "Updating" state. Creating a new PDB has no impact on existing PDBs in the database.

• Using the console to create pluggable database
  
• Using the API to create pluggable database
  

Using the console to create pluggable database

Note:

Creating a pluggable database (PDB) is not supported for databases using Data Guard.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud.
2. Choose your Compartment.

3. Navigate to the database:

   Cloud VM clusters (new resource model) Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

   On the cloud VM cluster or DB system details page, in the Databases table, click the name of the database to display the Database Details page.

4. On the Database Details page, click Pluggable Databases in the Resources section of the page.
5. Click Create Pluggable Database.

6. In the Create Pluggable Database dialog, enter the following:

   • PDB Name: Enter a name for the PDB. The name must begin with an alphabetic character and can contain a maximum of 30 alphanumeric characters. Note: For bare metal DB systems, you cannot have two PDBs in the same database that use the same PDB name. You can use the same name for PDBs in different databases within the same DB system.
   • Unlock my PDB Admin account: Optional. Select this option to specify a PDB Admin password and configure the PDB to be unlocked at creation.
   • PDB Admin password: If you clicked Unlock my PDB Admin account, create and enter a PDB admin password. The password must contain:
     • A minimum of 9 and a maximum of 30 characters
     • At least two uppercase characters
     • At least two lowercase characters
     • At least two special characters. The valid special characters are: underscore ( _ ), a hash sign (#), and a dash (-). You can use two of the same characters or any combination of two of the same characters.
     • At least two numeric characters (0 - 9)
   • Confirm PDB Admin password: Reenter the PDB admin password.
   • TDE wallet password: Applicable only to databases using Oracle-managed encryption keys. Enter the TDE wallet password for the parent CDB.
7. Click Create Pluggable Database.

WHAT NEXT?

After creating your PDB, you can get connection strings for the administrative service using the OCI Console.

Using the API to create pluggable database

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use the CreatePluggableDatabase API to create pluggable databases on Exadata Cloud Infrastructure.

For the complete list of APIs for the Database service, see Database Service API.

Managing an Exadata Pluggable Database

This topic includes the procedures to connect to, start, stop, and delete a pluggable database (PDB).

It also includes instructions for getting PDB connection strings for the administrative service.

• To start a pluggable database
  
• To stop a pluggable database
  
• To delete a pluggable database
  
• To get connection strings for a pluggable database
  
• Using the API to manage pluggable databases
  

To start a pluggable database

Note:

The PDB must be available and stopped to use this procedure.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud.
2. Choose your Compartment.

3. Navigate to the database:

   Cloud VM clusters (new resource model) Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

   On the cloud VM cluster or DB system details page, in the Databases table, click the name of the database to display the Database Details page.

4. Click Pluggable Databases in the Resources section of the page.
5. In the list of pluggable databases, find the pluggable database (PDB) you want to start. Click the PDB name to display details about it.
6. Click Start.
7. In the Start PDB dialog, click Start PDB to confirm the start operation.

To stop a pluggable database

Note:

The PDB must be available and running (started) to use this procedure.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud.
2. Choose your Compartment.

3. Navigate to the database:

   Cloud VM clusters (new resource model) Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

   On the cloud VM cluster or DB system details page, in the Databases table, click the name of the database to display the Database Details page.

4. Click Pluggable Databases in the Resources section of the page.
5. In the list of pluggable databases, find the pluggable database (PDB) you want to stop. Click the PDB name to display details about it.
6. Click Start.
7. In the Stop PDB dialog, click Stop PDB to confirm the stop operation.

To delete a pluggable database

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud.
2. Choose your Compartment.

3. Navigate to the database:

   Cloud VM clusters (new resource model) Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

   On the cloud VM cluster or DB system details page, in the Databases table, click the name of the database to display the Database Details page.

4. Click Pluggable Databases in the Resources section of the page.
5. In the list of pluggable databases, find the pluggable database (PDB) you want to delete. Click the PDB name to display details about it.
6. Click More Actions, then choose Delete.
7. In the Delete PDB dialog box, enter the name of the PDB that you want to delete to confirm the action, then click Delete PDB.

To get connection strings for a pluggable database

Note:

This topic explains how to get connection strings for the administrative service of a PDB. Oracle recommends that you connect applications to an application service, using strings created for the application service.

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud.
2. Choose your Compartment.

3. Navigate to the database:

   Cloud VM clusters (new resource model) Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

   On the cloud VM cluster or DB system details page, in the Databases table, click the name of the database to display the Database Details page.

4. Click Pluggable Databases in the Resources section of the page.
5. In the list of pluggable databases, find the PDB, and then click its name to display details about it.
6. Click PDB Connection.
7. In the Pluggable Database Connection dialog, use the Show and Copy links to display and copy connection strings, as needed.
8. Click Close to exit the dialog.

Using the API to manage pluggable databases

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these APIs to manage pluggable databases.

• ListPluggableDatabases
• GetPluggableDatabase
• StartPluggableDatabase
• StopPluggableDatabase
• UpdatePluggableDatabase
• DeletePluggableDatabase

Note:

Use the GetPluggableDatabase API to get administration service connection strings and other details about a PDB.

For the complete list of APIs for the Database service, see Database Service API.

Cloning an Exadata Pluggable Database

You can create both local and remote clones.

You can create clones of your pluggable databases (PDBs) within the same database (CDB). This operation is known as local cloning. You can also clone a PDB to a different CDB. This operation is known as remote cloning. Remote cloning can be performed between Exadata pluggable databases within the same cloud VM cluster, or across cloud VM clusters.

Restrictions for Remote Cloning

You can create a remote clone across Exadata System Shapes, VM clusters, compartments, and networks. However, you cannot create a remote clone across database versions and services.

To create a remote clone, the source, and destination databases:

• Must have identical Oracle Database software version
• Can be in different compartments
• Can be in different VM clusters but within the same Exadata Infrastructure, as long as they are in the same availability domain (AD)
• Can be in different VCNs

You can also create a remote clone using the RemoteclonePluggabledatabase API, and with API-based tools including the OCI CLI, SDKs, and Terraform.

Note:

You must have the TDE wallet password of the PDB's parent CDB to clone the PDB.

• Using the Console to Create a PDB Clone
  
• Using the API to clone a pluggable database
  

Using the Console to Create a PDB Clone

1. Open the navigation menu. Click Oracle Database, then click Exadata on Oracle Public Cloud.
2. Choose your Compartment.

3. Navigate to the database:

   Cloud VM clusters (new resource model) Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

   DB systems Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

   On the cloud VM cluster or DB system details page, in the Databases table, click the name of the database to display the Database Details page.

4. Click Pluggable Databases in the Resources section of the page.
5. In the list of pluggable databases, find the pluggable database (PDB) you want to clone, and then click its name to display details about it.
6. Click Clone.

7. In the Clone PDB dialog box, enter the following:

   • Exadata VM Cluster: Use the menu to select the cloud VM cluster of the target database.

     Note:

     The target VM Cluster may be on a different Exadata infrastructure.
   • Destination database: Use the menu to select an existing database where the PDB is created. This database can be the same database as the source PDB is in, or a different CDB.
   • Source Database Admin password: Enter the database admin password.
   • PDB name: Provide a name for the new cloned PDB. The name must begin with an alphabetic character and can contain up to 30 characters.
   • Database TDE wallet password: Not applicable for databases using customer-managed keys from the Vault service. Enter the TDE wallet password for the parent database (CDB) of the source PDB.
   • Unlock my PDB Admin account: Optional. Select this option to specify a PDB Admin password and configure the PDB to be unlocked at creation.
   • PDB Admin password: Create and enter a new PDB Admin password. The password must contain:
     • 9–30 characters
     • At least two uppercase characters
     • At least two lowercase characters
     • At least two special characters. The valid special characters are: underscore ( _ ), a hash sign (#), and a dash (-). You can use two of the same characters or any combination of two of these characters.
     • At least two numeric characters (0-9)
   • Confirm PDB Admin password: Enter the PDB Admin password again to confirm.
8. Click Clone PDB.

Using the API to clone a pluggable database

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these APIs to clone pluggable databases:

• LocalclonePluggableDatabase
• RemoteclonePluggabledatabase

For the complete list of APIs for the Database service, see Database Service API.

Changing the Database Passwords

To change the SYS password, or to change the TDE wallet password, use this procedure.

The password that you specify in the Database Admin Password field when you create a new Exadata Cloud Infrastructure instance or database is set as the password for the SYS, SYSTEM, TDE wallet, and PDB administrator credentials. Use the following procedures if you need to change passwords for an existing database.

Note:

if you are enabling Data Guard for a database, then the SYS password and the TDE wallet password of the primary and standby databases must all be the same.

Note:

Using the dbaascli to change the SYS password will ensure the backup/restore automation can parallelize channels across all nodes in the cluster.

To Change the SYS Password for an Exadata Cloud Infrastructure Database

1. Log onto the Exadata Cloud Infrastructure virtual machine as opc.
2. Run the following command:

   sudo dbaascli database changepassword --dbname database_name --user SYS

To Change Database Passwords in a Data Guard Environment

1. Run the following command on the primary database:

   dbaascli database changePassword —dbName <dbname> --user SYS --prepareStandbyBlob true --blobLocation <location to create the blob file>

2. Copy the blob file created to all the standby databases and update the file ownership to oracle user.
3. Run the following command on all the standby databases:

   dbaascli database changePassword —dbName <dbname> --user SYS --standbyBlobFromPrimary <location of copies the blob file>

To Change the TDE Wallet Password for an Exadata Cloud Infrastructure Database

1. Log onto the Exadata Cloud Infrastructure virtual machine as opc.
2. Run the following command:

   sudo dbaascli tde changepassword --dbname database_name