2.4.1 Create an OCI GoldenGate Deployment

This topic describes the systematic instructions to create an OCI GoldenGate deployment.

User can create an OCI GoldenGate Deployment by following the process below:

1. Navigate to the Oracle Cloud Infrastructure console.
2. Select the region where the user wants to create the GoldenGate deployment.

   Figure 2-29 Get Started - Regions

   
   

   
   Description of "Figure 2-29 Get Started - Regions"

   
   
3. Click Create Deployment, to create a GoldenGate Deployment

   Figure 2-30 Create Deployment

   
   

   
   Description of "Figure 2-30 Create Deployment"

   
   

   Figure 2-31 GoldenGate

   
   

   
   Description of "Figure 2-31 GoldenGate"

   
   

   Figure 2-32 Deployments in FSGIU_OBCS Compartment

   
   

   
   Description of "Figure 2-32 Deployments in FSGIU_OBCS Compartment"

   
   
4. Select Oracle GoldenGate and provide necessary details like name, compartment, and network information.

   Figure 2-33 Create Deployment

   
   

   
   Description of "Figure 2-33 Create Deployment"

   
   
5. Select the appropriate compute shape and configure other deployment settings.
6. Click Create.

   Figure 2-34 Create Deployment

   
   

   
   Description of "Figure 2-34 Create Deployment"

   
   
   Once the deployment is created, configure it. Note down the Admin URL and credentials.

   Figure 2-35 OBCS_POC_GGS

   
   

   
   Description of "Figure 2-35 OBCS_POC_GGS"

   
   

Once the deployment is Active and Running, customers who have not opted for BYOK (Bring Your Own Key) must perform a few additional setup steps in the OCI PaaS console.

Oracle Cloud Infrastructure GoldenGate allows users to encrypt trail files using local master key wallets that are stored within a GoldenGate deployment. These master encryption keys are used to encrypt trail files that are distributed to other GoldenGate deployments.

The master encryption key wallet can also be exported and imported between source and target GoldenGate deployments to ensure secure trail file exchange.

7. Login to the Self-Service Appshell UI and navigate to Data Replication and click Initiate Data Export.
8. On the Export Status landing page, find for the CWALLET.sso PAR URL file and click on the Vire URL’s.

   Figure 2-36 Initiate Data Export

   
   

   
   Description of "Figure 2-36 Initiate Data Export"

   
   
9. In the pop up window select and copy the cwallet.sso PAR URL and download the file from your browser.

   Figure 2-37 PAR URL

   
   

   
   Description of "Figure 2-37 PAR URL"

   
   
10. Base64 encode the cwallet.sso using this command:

    base64 -b 0 -i cwallet.sso

11. In the Oracle Cloud console, open the navigation menu, and select Identity & Security, and then select Vault, and then click Secret and Create Secret.
12. In the Create Secret panel, complete the fields as follows:
    • Specify the Name for the secret.
    • Specify the Description for the secret.
    • For Encryption Key in <compartment-name>, select the master encryption key created in the Before you begin steps.

      Click Change compartment to select a master encryption key located in a different compartment.

    • For Secret type template, select Plain-Text.
    • For Secret contents, paste the cwallet.sso base64 encoded string from step 10.
    • Click Create Secret.

      The Secret appears in the Secrets list.

13. Import the master encryption key wallet to the target OCI GoldenGate deployment.
14. Navigate back to OCI Goldengate Services, then click Deployments in OCI Console.
15. On the Deployments page, select the deployment in which to import the master encryption key wallet.
16. On the Deployment details page, under Resources, click Master encryption key wallet actions.
17. Click Import and in the Import dialog box add the following information:
    • For Wallet secret in <compartment-name>, select the wallet secret to import.

      Click Change compartments to select a wallet secret from a different compartment.

    • Select Backup existing wallet;
      • If selected, then under Backup wallet and for the Name, specify the name for the backup wallet.
      • Specify the description.
    • For Encryption key in <compartment-name>, select the encryption key to use.

      Click Change compartment to select an encryption key in a different compartment.

    • Click Import and wait for the system to confirm that the process is successful.
18. Verification on Goldengate Console:
    • Login to the Goldengate Console UI with the Admin User.
    • Navigate to Encryption , then click LocalWallet.

      The LocalWallet view provides exported MasterKey’s version.