F Automating the Disaster Recovery Setup
This appendix includes the following topics:
- Disaster Recovery Utilities
There are two additional scripts provided for disaster recovery. Located in theutils
directory, these areenable_dr.sh
andidmdrctl.sh
. - Creating the Response File
A sample response file is available for your use in theresponsefile
directory. You can use the disaster recovery utilities even if you created the environment using the deployment automation scripts. - Response File Reference
The parameters in the response file are used to control the provisioning of the various products in the Kubernetes cluster. These parameters are divided into generic and product-specific parameters. - Log Files
The DR scripts create log files for each product inside the working directory in a sub-directory calledDR
within a sub-directory calledlogs
. For example:/workdir/OAM/DR/logs
.
Disaster Recovery Utilities
There are two additional scripts provided for disaster recovery. Located in
the utils
directory, these are enable_dr.sh
and
idmdrctl.sh
.
enable_dr.sh
: Used to set up disaster recovery, the script takes one argument: the name of the product for which you want to enable disaster recovery. The valid values areoud
,oam
,oig
,oiri
, andoaa
. This script is run once per site, and creates thersync
job for file system replication, as well as the Kubernetes objects, if required.idmdrctl.sh
: Used to control the disaster recovery actions, it takes two arguments—-a
action and-p
product.- Actions:
initial
: Manually run thersync
job to backup or restore the persistent volume state.switch
: Change a sites role from standby to primary or primary to standby.stop
: Shut down a product.start
: Start up a product.suspend
: Suspend thersync
job for the file system replication.resume
: Resume thersync
job for the file system replication.
- Products:
oud
oam
oig
oiri
oaa
- Actions:
Both the scripts rely on the response file dr.rsp
located in the responsefile
directory. With the exception of the
site role, the dr.rsp
file will be identical on both the sites.
Therefore, no need to switch the primary/standby values on the different sites.
Parent topic: Automating the Disaster Recovery Setup
Creating the Response File
A sample response file is available for your use in the
responsefile
directory. You can use the disaster recovery utilities
even if you created the environment using the deployment automation scripts.
Note:
The property values between thedr.rsp
and
spider
files overlap. Passwords are stored in a hidden file
dewdrop
available in the responsefile
directory.
Parent topic: Automating the Disaster Recovery Setup
Response File Reference
The parameters in the response file are used to control the provisioning of the various products in the Kubernetes cluster. These parameters are divided into generic and product-specific parameters.
- Products to Deploy
- Control Parameters
- Registry Parameters
- Image Parameters
- DR Parameters
- NFS Parameters
- OUD Parameters
- OHS Parameters
- OAM Parameters
- OIG Parameters
- OIRI Parameters
- OAA Parameters
Parent topic: Automating the Disaster Recovery Setup
Products to Deploy
These parameters determine which products the deployment scripts attempt to deploy.
Table F-1 List of Products to Deploy
Parameter | Sample Value | Comments |
---|---|---|
DR_OUD |
|
Set the value to true to configure OUD. |
DR_OAM |
|
Set the value to true to configure OAM. |
DR_OIG |
|
Set the value to true to configure OIG. |
DR_OIRI |
|
Set the value to true to configure OIRI. |
DR_OAA |
|
Set the value to true to configure OAA. |
Parent topic: Response File Reference
Control Parameters
These parameters are used to specify the type of Kubernetes deployment and the names of the temporary directories you want the deployment to use, during the provisioning process.
Table F-2 List of Control Parameters in the Response File
Parameter | Sample Value | Comments |
---|---|---|
USE_REGISTRY |
|
Set this value to true to pull images from a container registry. |
USE_INGRESS |
|
Set to |
ENV_TYPE |
|
The valid values are: OCI and
OTHER. If OCI
is selected, then OCI snapshots will be used to create the PV
backups. If OTHER is selected, then
|
USE_MAA_SCRIPTS |
|
If set to |
COPY_FILES_TO_DR |
|
If set to |
DR_HOST |
|
The host on the DR system to which you want to copy
the files. The |
DR_USER |
|
The name of the user who copies the backup files to
|
Parent topic: Response File Reference
Registry Parameters
These parameters are used to determine whether or not you are using a container registry. If you are, then it allows you to store the login credentials to the repository so that you are able to store the credentials as registry secrets in the individual product namespaces.
If you are pulling images from GitHub or Docker hub, then you can also specify the login parameters here so that you can create the appropriate Kubernetes secrets.
Table F-3 List of Registry Parameters in the Response File
Parameter | Sample Value | Comments |
---|---|---|
REGISTRY |
|
Set to the location of the container registry. |
REG_USER |
|
Set to the registry user name. |
CREATE_REGSECRET |
|
Set this value to true to create a registry secret for automatically pulling images. |
LOCAL_WORKDIR |
|
The location where you want to create the working directory. |
K8_DRDIR |
|
The location inside the container where the disaster recovery script resides. This script is used to backup/restore the persistent volumes. |
MAA_SAMPLES_REP |
|
The GitHub location from where you can download the MAA Kubernetes snapshot tool. |
Parent topic: Response File Reference
Image Parameters
These parameters are used to specify the names and versions of the container images you want to use for the deployment. These images must be available either locally or in your container registry. The names and versions must be identical to the images in the registry or the images stored locally.
These can include registry prefixes if you use a registry. Use the
local/
prefix if you use the Oracle Cloud Native
Environment.
Table F-4 List of Image Parameters in the Response File
Parameter | Sample Value | Comments |
---|---|---|
RSYNC_IMAGE |
|
The name of the |
RSYNC_VER |
|
The version of the |
Parent topic: Response File Reference
DR Parameters
These parameters are used to determine the type of site for disaster recovery.
Table F-5 Parameters that Determine the Type of Site for Disaster Recovery
Parameter | Sample Value | Comments |
---|---|---|
DR_TYPE |
|
The initial role of the site you want to create. |
DRNS |
|
The namespace used to place the disaster recovery
|
Parent topic: Response File Reference
NFS Parameters
Table F-6 List of Parameters
Parameter | Sample Value | Comments |
---|---|---|
DR_PRIMARY_NFS_EXPORT |
|
The export path on the primary NFS server where the persistent volumes are located. |
DR_PRIMARY_PVSERVER |
|
The name or IP address of the primary NFS server used for the persistent volumes. |
DR_STANDBY_NFS_EXPORT |
|
The export path on the standby NFS server where the persistent volumes are located. |
DR_STANDBY_PVSERVER |
|
The name or IP address of the standby NFS server used for the persistent volumes. |
Parent topic: Response File Reference
OUD Parameters
These parameters are specific to OUD. When deploying OUD, you also require the generic LDAP parameters.
Table F-7 OUD Parameters that Determine the Deployment of Oracle Unified Directory
Parameter | Sample Value | Comments |
---|---|---|
OUDNS |
|
The Kubernetes namespace used to hold the OUD objects. |
OUD_POD_PREFIX |
|
The prefix used for the OUD pods. |
OUD_REPLICAS |
|
The number of OUD replicas to create. If you require two OUD instances, set this to 1. This value is in addition to the primary instance. |
OUD_PRIMARY_SHARE |
|
The mount point on the primary NFS server where the OUD persistent volume is exported. |
OUD_PRIMARY_CONFIG_SHARE |
|
The mount point on the primary NFS server where the OUD configuration persistent volume is exported. |
OUD_STANDBY_SHARE |
|
The mount point on the standby NFS server where the OUD persistent volume is exported. |
OUD_STANDBY_CONFIG_SHARE |
|
The mount point on the standby NFS server where the OUD configuration persistent volume is exported. |
OUD_LOCAL_CONFIG_SHARE |
|
The NFS mount point for the OUD configuration persistent volume. |
OUD_LOCAL_SHARE |
|
The local directory where OUD_LOCAL_CONFIG_SHARE is mounted. Used to hold seed files. |
DR_OUD_MINS |
|
The frequency at which the |
DR_CREATE_OUD_JOB |
|
Determines whether or not to create an
|
Parent topic: Response File Reference
OHS Parameters
Oracle HTTP Server (OHS) parameters are used to formulate how sample OHS configuration files are created. They also control whether you want the Oracle HTTP Server files to be propagated to the Oracle HTTP Server hosts automatically. If you choose automatic propagation, you should ensure that a passwordless SSL is possible from the deployment host to the Oracle HTTP Servers.
Table F-8 Parameters Used by Oracle HTTP Server to Create Sample OHS Configuration Files
Parameter | Sample Value | Comments |
---|---|---|
OHS_BASE |
|
The location of the OHS base directory. The binaries and the configuration files are below this location. The Oracle inventory is also placed in this location when installing the Oracle HTTP Server. |
OHS_ORACLE_HOME |
|
The location of the OHS binaries. |
OHS_USER |
|
The name of the user you want to assign to the Node Manager if you install the Oracle HTTP Server. |
OHS_HOST1 |
|
The fully qualified name of the host running the first Oracle HTTP Server. |
OHS1_NAME |
|
The component name of the first OHS instance (on OHS_HOST1). |
OHS_HOST2 |
|
The fully qualified name of the host running the second Oracle HTTP Server. Leave it blank if you do not have a second Oracle HTTP Server. |
OHS2_NAME |
|
The component name of the second OHS instance (on OHS_HOST2). |
OHS_DOMAIN |
|
The location of the OHS domain on OHS_HOST1 and OHS_HOST2. |
Parent topic: Response File Reference
OAM Parameters
These parameters determine how Oracle Access Manager (OAM) is deployed and configured.
Table F-9 Parameters that Determine the Deployment of Oracle Access Manager
Parameter | Sample Value | Comments |
---|---|---|
OAMNS |
|
The Kubernetes namespace used to hold the OAM objects. |
OAM_DOMAIN_NAME |
|
The name of the OAM domain you want to create. |
OAM_PRIMARY_SHARE |
|
The mount point on the primary NFS server where the OAM persistent volume is exported. |
OAM_STANDBY_SHARE |
|
The mount point on the standby NFS server where the OAM persistent volume is exported. |
OAM_LOCAL_SHARE |
|
The local directory where OAM_PRIMARY_SHARE is mounted. |
OAM_SERVER_INITIAL |
|
The number of OAM Managed Servers you want to start for normal running. You will need at least two servers for high availability. |
OAM_PRIMARY_DB_SCAN |
|
The database scan address of the primary database. |
OAM_PRIMARY_DB_SERVICE |
|
The database service of the primary database. |
OAM_STANDBY_DB_SCAN |
|
The database scan address of the standby database. |
OAM_STANDBY_DB_SERVICE |
|
The database service of the standby database. |
OAM_DB_LISTENER |
|
The database listener port. |
DR_OAM_MINS |
|
The frequency at which the |
DR_CREATE_OAM_JOB |
|
Determines whether or not to create an
|
Parent topic: Response File Reference
OIG Parameters
These parameters determine how Oracle Identity Governance (OIG) is deployed and configured.
Table F-10 Parameters that Determine the Deployment of Oracle Identity Governance
Parameter | Sample Value | Comments |
---|---|---|
OIGNS |
|
The Kubernetes namespace used to hold the OIG objects. |
OIG_DOMAIN_NAME |
|
The name of the OIG domain you want to create. |
OIG_PRIMARY_SHARE |
|
The mount point on the primary NFS server where the OIG persistent volume is exported. |
OIG_STANDBY_SHARE |
|
The mount point on the standby NFS server where the OIG persistent volume is exported. |
OIG_LOCAL_SHARE |
|
The local directory where OIG_PRIMARY_SHARE is mounted. |
OIG_SERVER_INITIAL |
|
The number of OIG Managed Servers you want to start for normal running. You will need at least two servers for high availability. |
OIG_PRIMARY_DB_SCAN |
|
The database scan address of the primary database. |
OIG_PRIMARY_DB_SERVICE |
|
The database service of the primary database. |
OIG_STANDBY_DB_SCAN |
|
The database scan address of the standby database. |
OIG_STANDBY_DB_SERVICE |
|
The database service of the standby database. |
OIG_DB_LISTENER |
|
The database listener port. |
DR_OIG_MINS |
|
The frequency at which the |
DR_CREATE_OIG_JOB |
|
Determines whether or not to create an
|
Parent topic: Response File Reference
OIRI Parameters
These parameters determine how Oracle Identity Role Intelligence (OIRI) is provisioned and configured.
Table F-11 Parameters that Determine the Deployment of Oracle Identity Role Intelligence
Parameter | Sample Value | Comments |
---|---|---|
OIRINS |
|
The Kubernetes namespace used to hold the OIRI objects. |
DINGNS |
|
The Kubernetes namespace used to hold the OIRI DING objects. |
OIRI_PRIMARY_SHARE |
|
The mount point on the primary NFS server where the OIRI persistent volume is exported. |
OIRI_STANDBY_SHARE |
|
The mount point on the standby NFS server where the OIRI persistent volume is exported. |
OIRI_DING_PRIMARY_SHARE |
|
The mount point on the primary NFS server where the OIRI Ding persistent volume is exported. |
OIRI_DING_STANDBY_SHARE |
|
The mount point on the standby NFS server where the OIRI Ding persistent volume is exported. |
OIRI_WORK_PRIMARY_SHARE |
|
The mount point on the primary NFS server where the OIRI Work persistent volume is exported. |
OIRI_WORK_STANDBY_SHARE |
|
The mount point on the standby NFS server where the OIRI Work persistent volume is exported. |
OIRI_LOCAL_SHARE |
|
The local directory where OIRI_PRIMARY_SHARE is mounted. |
OIRI_DING_LOCAL_SHARE |
|
The local directory where OIRI_DING_PRIMARY_SHARE is mounted. |
OIRI_WORK_LOCAL_SHARE |
|
The local directory where OIRI_WORK_PRIMARY_SHARE is mounted. |
OIRI_PRIMARY_DB_SCAN |
|
The database scan address of the primary database. |
OIRI_PRIMARY_DB_SERVICE |
|
The database service of the primary database. |
OIRI_STANDBY_DB_SCAN |
|
The database scan address of the standby database. |
OIRI_STANDBY_DB_SERVICE |
|
The database service of the standby database. |
OIRI_DB_LISTENER |
|
The database listener port. |
DR_OIRI_MINS |
|
The frequency at which the |
OIRI_PRIMARY_K8CONFIG |
|
The name of the Kubernetes configuration file for the primary Kubernetes cluster. |
OIRI_STANDBY_K8CONFIG |
|
The name of the Kubernetes configuration file for the standby Kubernetes cluster. |
OIRI_PRIMARY_K8CA |
|
The name of the Kubernetes certificate authority file for the primary Kubernetes cluster. |
OIRI_STANDBY_K8CA |
|
The name of the Kubernetes certificate authority file for the standby Kubernetes cluster. |
OIRI_PRIMARY_K8 |
|
The host and port of the Kubernetes primary cluster (obtained
from the |
OIRI_STANDBY_K8 |
|
The host and port of the Kubernetes standby cluster (obtained
from the |
DR_CREATE_OIRI_JOB |
|
Determines whether or not to create an
|
Parent topic: Response File Reference
OAA Parameters
These parameters determine how Oracle Advanced Authentication (OAA) is provisioned and configured.
Table F-12 Parameters that Determine the Deployment of Oracle Advanced Authentication
Parameter | Sample Value | Comments |
---|---|---|
OAANS |
|
The Kubernetes namespace used to hold the OAA objects. |
OAA_MGT_IMAGE |
|
The OAA Management container image. |
OAAMGT_VER |
|
The version of the image you want to use. |
OAA_PRIMARY_CONFIG_SHARE |
|
The mount point on the primary NFS server where the OAA configuration persistent volume is exported. |
OAA_STANDBY_CONFIG_SHARE |
|
The mount point on the standby NFS server where the OAA configuration persistent volume is exported. |
OAA_PRIMARY_CRED_SHARE |
|
The mount point on the primary NFS server where the OAA credential store persistent volume is exported. |
OAA_STANDBY_CRED_SHARE |
|
The mount point on the standby NFS server where the OAA credential store persistent volume is exported. |
OAA_PRIMARY_LOG_SHARE |
|
The mount point on the primary NFS server where the OAA logs persistent volume is exported. |
OAA_STANDBY_LOG_SHARE |
|
The mount point on the standby NFS server where the OAA logs persistent volume is exported. |
OAA_PRIMARY_VAULT_SHARE |
|
The mount point on the primary NFS server where the OAA vault persistent volume is exported. |
OAA_STANDBY_VAULT_SHARE |
|
The mount point on the standby NFS server where the OAA vault persistent volume is exported. |
OAA_LOCAL_CONFIG_SHARE |
|
The local directory where OAA_PRIMARY_CONFIG_SHARE is mounted. |
OAA_LOCAL_CRED_SHARE |
|
The local directory where OAA_PRIMARY_CRED_SHARE is mounted. |
OAA_LOCAL_LOG_SHARE |
|
The local directory where OAA_PRIMARY_LOG_SHARE is mounted. |
OAA_LOCAL_VAULT_SHARE |
|
The local directory where OAA_PRIMARY_VAULT_SHARE is mounted. |
OAA_LOCAL_SHARE |
|
The local directory where OAA_PRIMARY_CONFIG_SHARE is mounted. Do not change this value. |
OAA_VAULT_TYPE |
|
The type of vault to use: file system or OCI. |
OAA_REPLICAS |
|
The number of each OAA pods to start when invoked from
|
OAA_PRIMARY_DB_SCAN |
|
The database scan address of the primary database. |
OIRI_PRIMARY_DB_SERVICE |
|
The database service of the primary database. |
OAA_STANDBY_DB_SCAN |
|
The database scan address of the standby database. |
OAA_STANDBY_DB_SERVICE |
|
The database service of the standby database. |
DR_OAA_MINS |
|
The frequency at which the |
DR_CREATE_OAA_JOB |
|
Determines whether or not to create an
|
Parent topic: Response File Reference
Log Files
DR
within a sub-directory called
logs
. For example:
/workdir/OAM/DR/logs
.
This directory also contains the following files:
progressfile
– This file contains the last successfully executed step. If you want to restart the process at a different step, update this file.timings.log
– This file is used for informational purposes to show how much time was spent on each stage of the disaster recovery process.
Parent topic: Automating the Disaster Recovery Setup