Overview

GoldenGate Replication provides the ability to establish one-way, initial, and ongoing change-based (CDC) replication of data from an Oracle Energy and Water Software-as-a-Service (SaaS) cloud service environment (for example, a Customer Cloud Service Production environment) to an OCI hosted Autonomous Database Autonomous Transaction Processing (ATP) target environment (owned and managed by the customer) via a Named Distribution Path.

This provides you with full and direct access to all SaaS data replicated to the target Autonomous Database ATP database instance, and enables you to query, report on, and develop data-driven integrations based on your cloud service data in the target database. It also allows for retention of data that is useful for reporting and integration purposes, even if the data is removed from the source cloud service database via ILM processes such as partition drops.

Refer to the Oracle GoldenGate documentation and Oracle Cloud Infrastructure GoldenGate for more information about Oracle GoldenGate.

Customers must supply the following information to use GoldenGate Replication:

• A source application environment. This is your Oracle Utilities cloud service.

• A Target Tenancy OCID. See Obtaining Tenancy Information for more information.

• A Target Compartment OCID. See Setting Up Compartments and Security Policies for more information.

• A Target VCN OCID. See Setting up Virtual Cloud Networks and Subnets for more information.

• A Target Subnet OCID. See Setting up Virtual Cloud Networks and Subnets for more information.

In addition, customer must also

• Confirm that Identity and Access Management (IAM) policies exist which allow Oracle access to the compartment to create a Private Endpoint (PE).

• Confirm that an Ingress Security Rule to allow Trail Files to enter customer tenancy has been set up. See Setting up Virtual Cloud Networks and Subnets for more information.

• Confirm that Source environment will not be used for any additional data conversion activities.

Requirements, Prerequisites, and Assumptions

This section outlines specific requirements, prerequisites, and assumptions related to the user of GoldenGate Replication with Oracle Utilities cloud services. Refer to the Oracle Utilities Cloud Services Cloud Service Descriptions document (available from the Oracle Cloud Services contracts page) for additional details.

Use of GoldenGate Replication requires a subscription to Oracle Utilities Cloud Service, GoldenGate Replication (Part # B110320).

In addition, you must subscribe to the following OCI services:

• OCI Autonomous Database ATP (Autonomous Transaction Processing), which is the target database into which data is replicated.

• OCI GoldenGate Service, which provides the replicat and other GoldenGate services and features for maintaining ongoing replication.

The instructions in this chapter assume customer has:

• An OCI tenancy and administrative privileges in that tenancy.

• Any other users working on OCI components have been created.

The instructions in this chapter assume a fresh compartment. If you are working in an existing compartment, you may be able to skip some of the steps outlined in the GoldenGate Replication Administration Tasks section.

The instructions in this chapter assume the target compartment is in the same region as the SaaS source environment. If this is not the case and data needs to traverse regions, the customer must create a pass through compartment in the SaaS region and connect it to your other region using remote VCN peering via Remote Peering Connection (RPC) on the Dynamic Routing Gateways (DRG) attached to your VCNs. For more information, see Remote VCN Peering using an RPC.

Once all pre-requisite subscription components are in place, your administrators will work with Oracle to establish secure OCI network connectivity between your target OCI tenancy (which is fully owned and managed by you) and the SaaS tenancy in which your Oracle Utilities Enterprise SaaS service is deployed.

Target Environment Sizing Recommendations

The following are minimum sizing recommendations for Target Environments:

• Database – Autonomous Database

• Single Database

• Transaction Processing & Mixed (ATP)

• 4 Peak ECPUs

• Autoscale ON

• Database and backup storage as required

• OCI GoldenGate

• 2-4 OCPUs

• Autoscale ON

GoldenGate Replication Administration Tasks

This section describes several administration tasks related to use of GoldenGate Replication with Oracle Utilities cloud services. These include:

• Obtaining Tenancy Information

• Setting Up Compartments and Security Policies

• Setting up Virtual Cloud Networks and Subnets

Note that the screen shots in the following instructions may differ slightly from what you see in the OCI Console.

Refer to the Oracle Cloud Infrastructure Documentation for more details about using the OCI Console.

Obtaining Tenancy Information

As noted above, using GoldenGate Replication requires the OCID for the target tenancy.

To do this, use the following steps:

1. Select the Tenancy Details option from the Administration page.

2. Copy the Tenancy OCID and Name. This information is required for creating the source and target network path.

Note: If the customer tenancy spans Regions, please ensure you are always in the appropriate region.

Setting Up Compartments and Security Policies

These tasks use the Compartments and Policies options available from the Identity & Security page.

Creating a New Compartment

To create a compartment, use the following steps:

1. Select Compartments from the Identity & Security page.

2. Click Create Compartment.

3. Enter Compartment Details for your new compartment:

• Name: Enter a unique name (maximum 100 characters, including letters, numbers, periods, hyphens, and underscores).

• Description: Provide a friendly description.

• Parent Compartment: Choose the compartment where you want to create the new compartment (the root compartment is your tenancy).

• Tags (Optional): Apply free-form or defined tags if you have the necessary permissions.

4. Click Create Compartment.

5. Copy and note the Compartment’s OCID. This information is required for creating the source and target network path.

6. Note the Compartment Name. You will need the Compartment Name to build Security Policies.

Creating a Security Policies

The next step is to create Security Policies that will allow Oracle to create the Public Endpoint in this compartment.

To create security policies, use the following steps:

1. Select Policies from the Identity & Security page.

2. Click Create Policy.

3. Enter details for your Security Policy:

• Policy Name: Provide a descriptive name for the policy. Note that policy names must be unique across compartments.

• Description: Provide a description of the policy's purpose

• Compartment: Select your compartment from the Compartment drop-down list.

• Policy Statements: The Policy Builder wizard does not support all types of valid policies, so you must use ‘Show Manual Editor to create the policy statements needed for GoldenGate Replication.

• In the Policy Builder box, manually create the following policy statements:

• allow service ORACLE_INDUSTRY_SAAS to manage vnics in compartment <Customer Compartment Name>

• allow service ORACLE_INDUSTRY_SAAS to use subnets in compartment <Customer Compartment Name>

• allow service ORACLE_INDUSTRY_SAAS to use network-security-groups in compartment <Customer Compartment Name>

• allow service ORACLE_INDUSTRY_SAAS to inspect work-requests in compartment <Customer Compartment Name>

where <Customer Compartment Name> is the name of the compartment you created earlier.

4. Click Create to create your security policy.

Setting up Virtual Cloud Networks and Subnets

These tasks use the Virtual Cloud Networks option available from the Networking page.

Creating a Virtual Cloud Network

To create a virtual cloud network (VCN), use the following steps:

1. Select Virtual Cloud Networks from the Networking page.

2. Select your compartment from the Compartment drop-down list.

3. Click Create VCN to create a new virtual cloud network using the VCN Wizard (make sure that you are working in the appropriate compartment).

The Start VCN Wizard panel opens.

4. Select the Create VCN with Internet Connectivity option. Note – Replication out of SaaS does not require all of the resources created by the VCN wizard. However, this is the simplest way to create the VCN and subnet required for replication out of your cloud service and will provide other networking resources that may support the use cases for accessing data.

5. Enter a VCN Name. Accept all other defaults and press Next.

6. Review the virtual cloud network resources and note the CIDR for the subnet (in the Public Subnet box). Your Target environment resources will be associated with this subnet.

7. As the resources are built for the virtual cloud network, the Created Virtual Cloud Network screen will display a list of resources and statuses.

8. Close the VCN Wizard to view the Virtual Cloud Network. Copy and note the VCN’s OCID and Name. This information is required for the Network Path Creation.

9. Click the Name of the subnet where you would like your Target environment resources to be located.

10. Copy and note the Subnet’s OCID, Name, and IPv4 CIDR Block. This information is required for the Network Path Creation.

11. Click the Default Security list associated with this subnet.

12. Click Add Ingress Rules to add an Ingress Rule to the default Security list. This Security Rule is prerequisite of the Environment Creation.

13. Configure the Ingress Rule as follows:

• Stateless: Leave this checkbox unchecked to make the rule stateful (this means that any response to the incoming traffic is allowed back to the originating host, regardless of any egress rules applicable to the instance_.

• Source Type: Select "CIDR”.

• Source CIDR: Enter the subnet’s IPv4 CIDR Block.

• IP Protocol: Select "TCP".

• Source Port Range: Leave blank

• Destination Port Range: Enter "443".

• Description (Optional): Add a descriptive string for the ingress rule.

When the above steps have been completed, the required resources, policies and security rules will be in place to support GoldenGate Replication.

Note that this document shows only the OCI components required to implement the basic Replication out of Oracle Energy and Water SaaS. It is likely that your production OCI architecture will contain additional components as required by your production requirement.