Add a Deployment

Follow the steps to add a deployment.

Topics:

• Before Adding a Deployment
  
• Start the OGGCA Wizard
  
• Select Service Manager Options
  
• Configuration Options
  
• Deployment Details
  
• Select Deployment Directories
  
• Specify Environment Variables
  
• Administrator Account
  
• Specify Security Options
  
• Advanced Security Settings
  
• Sharding Options
  
• Port Settings
  
• Replication Settings
  
• Summary
  
• Configure Deployment
  
• Finish
  

Before Adding a Deployment

Before you begin adding a deployment using OGGCA, make sure that you have addressed the following questions:

• Will the deployment be secure or non-secure?
• Which environment variables are to be configured for the database and operating system available on the host server?
• Will the users of Oracle GoldenGate be authenticated and authorized from Oracle Identity Cloud Service (IDCS)?

Start the OGGCA Wizard

Adding deployments is the first task in the process of setting up a data replication platform. Deployments are managed from the Service Manager. After completing the Oracle GoldenGate MA installation, you can add initial and subsequent deployments using the Oracle GoldenGate Configuration Assistant (OGGCA) wizard.

Note:

Oracle recommends that you maintain a single Service Manager per host, to avoid redundant upgrade and maintenance tasks with Oracle GoldenGate releases.

To start the OGGCA wizard:

1. Navigate to the $OGG_HOME/bin directory to access the Oracle GoldenGate Configuration Assistant (oggca) utility.

2. Run the oggca.sh program on UNIX or oggca.bat on Windows.

The Oracle GoldenGate Configuration Assistant (oggca) wizard is displayed.

The following topics provide details on the configuration that you can set on each of the OGGCA screens.

Select Service Manager Options

Description of the illustration oggcascr1.png

1. Select the Create a New Service Manager option if you are running OGGCA for the first time. When you run OGGCA for the first time, the Existing Service Manager option is disabled. If its not the first time, then you can choose the Existing Service Manager option, which would load the port and other settings as configured for the existing Service Manager. The deployment would be added to this Service Manager.
2. For a new Service Manager, enter the Service Manager Deployment Home directory. Oracle recommends that you create a ServiceManager directory within the deployment sub-directory structure to store the Service Manager files.
3. Enter the connection details for the Service Manager.
   1. Listening hostname/address: Enter a hostname such as localhost or the IP address of the server where Service Manager will run.
   2. Listening Port: Enter a unique port number that the Service Manager will listen on, or choose the port already in use if selecting an existing Service Manager.
4. (Optional) Select the option Register the Service Manager as a system service (daemon) to avoid manually starting and stopping it if the machine is rebooted.

   If there is an existing Service Manager registered as a service and you select a new Service Manager to register as a service, an alert is displayed indicating that you cannot register the new one as a system service. All other Service Managers are started and stopped using scripts installed in the bin directory of the deployment.

5. (Optional) Select the Integrate with XAG option to integrate your deployment with an Oracle Grid Infrastructure for Oracle Database. This is only available for Oracle database in a cluster environment. This option cannot be used when running your Service Manager as a system service.
6. Click Next.

Configuration Options

Description of the illustration oggcascr2.png

1. Click the Add new GoldenGate deployment option. You can only add or remove one deployment for one Service Manager at a time.
2. Click Next.

Deployment Details

Description of the illustration oggcascr3.png

1. In the Deployment Name box, specify the deployment name using these conventions:
   • Must begin with a letter.
   • Can be a standard ASCII alphanumeric string not exceeding 32 characters.
   • Cannot include extended ASCII characters.
   • Special characters that are allowed include underscore (‘_’), forward slash (‘/’), dash (‘-’), period (‘.’).
   • Cannot be “ServiceManager”.
2. Select the Enable FIPS check box to enable Oracle GoldenGate services to use FIPS-compliant libraries.
3. (Oracle Database only) Select Enable Sharding to use the database sharding feature in the deployment. The schema must be ggadmin.
4. Select the Oracle GoldenGate installation directory. If you have set the $OGG_HOME environment variable, the directory is automatically populated. Otherwise, the parent directory of the oggca.sh (Linux) or oggca.bat (Windows) script is used.
5. Click Next.

Select Deployment Directories

Description of the illustration oggcascr4.png

1. In the Deployment home box, specify a deployment directory to store the deployment registry and configuration files. Oracle recommends that you create a separate directory outside of the $OGG_HOME (installation directory) for easier upgrades. The additional fields are automatically populated based on the specified deployment directory.

   Note:

   The deployment directory name (user deployment directory) needs to be different than the directory name chosen in the first screen (Service Manager deployment directory). You can customize the deployment directories so that they are named and located differently from the default. Enter or select different directories for the various deployment elements. For deployment directory structure, see Directories and Variables in Microservices Architecture.

2. (Optional) Select the Customize directories check box, if you want to change the default locations for the Oracle GoldenGate configuration files.
3. Click Next.

Specify Environment Variables

Description of the illustration oggcascr5.png

1. Specify the values for the environment variables depending on database configurations. Double-click in the field to add or edit it. If you have previously set any of these environment variables, the value is automatically detected and populated in the respective environment variable field.

   OGG_HOME

   The directory where you installed Oracle GoldenGate. This variable is fixed and cannot be changed.

   Note:

   On a Windows platform, ensure that there's no space in the OGG_HOME directory path otherwise OGGCA will not run.

   IBMCLIDRIVER

   Valid for Db2 z/OS.

   Specifies the location where the IBM Data Server Driver for ODBC and CLI (IBMCLIDRIVER) software is installed.

   LD_LIBRARY_PATH

   This variable is used to specify the path to search for libraries on UNIX and Linux. It may have a different name on some operating systems, such as LIBPATH on IBM AIX on POWER Systems (64-Bit), and SHLIB_PATH on HP-UX. This path points to the Oracle GoldenGate installation directory and the underlying instant client directory by default.

   If you are using User Exits, then append the LD_LIBRARY_PATH variable with the path to the additional shared libraries of the User Exit.

   TNS_ADMIN

   Valid for Oracle database.

   This variable points to the directory location containing tnsnames.ora, which has the database connection details. This variable is optional.

   This variable is recommended, but optional, and points to the directory location containing tnsnames.ora, which has the database connection details. If this variable is not set, Oracle GoldenGate looks for $HOME/.tnsnames.ora or /etc/tnsnames.ora.

   For example: TNS_ADMIN=/u01/app/oracle/network/admin

   STREAMS_POOL_SIZE

   For Oracle Database Sharding only. This variable is mandatory for sharded databases. Use the default or set your pool size value that is at least 1200MB.

   JAVA_HOME

   If this variable is present during deployment creation, it will automatically be populated.

   You can add or remove other environment variables to customize your deployment according to the database host.

2. Click Next.

Administrator Account

Description of the illustration oggcascr6.png

Configuration in this screen allows you to create credentials for the security user for Oracle GoldenGate. If this is not the first run of OGGCA, then you need to enter the administrator account credentials that are used to log in to the Service Manager because the deployment is getting added to this Service Manager.

If you want to integrate with Oracle Identity Cloud Service (IDCS) for authentication and authorization of users, then use this screen to specify the credentials for the IDCS account.

1. Enter a user name and password to log in to Oracle GoldenGate MA. This user is the security user for this deployment.

2. If you are using IDCS (as your external Identity Provider), then specify the user credentials for the IDCS server. On your first log in to the Service Manager, you need to enable the Authorization Profile for the Service Manager deployment. See Delegate User Authentication and Authorization to an External ID Provider.

3. Select the Enable strong password policy in the new deployment checkbox to ensure setting a highly secure password for your user account. This password policy applies for the Oracle GoldenGate security user only but not for IDCS default settings. See Manage Oracle Identity Cloud Service Password Policies section in Administering Oracle Identity Cloud Service guide for IDCS accounts.

Note:

For Administrator Account, you must enter a user and password for a provisioned external IDP identity that is mapped to the SECURITY group previously configured for the Service Manager deployment.

The strong password policy has the following requirements:

• At least one lowercase character [a...z]
• At least one upposercase character [A...Z]
• At least one digit [0...9]
• At least one special character [- ! @ % & * . #]
• The length should be between 8 and 30 characters.

For details on the different types of users, see Add New Users to the Deployment.

1. If you are using an existing Service Manager, you must enter the same log in credentials that were created during the first run of OGGCA.

2. Select the Enable a strong password policy check box for the new deployment. If you select this option, then the password must adhere to restrictions, otherwise an error occurs, which requires you to specify a stronger password.

3. Click Next.

Specify Security Options

Description of the illustration oggcascr7.png

1. Select the SSL/TLS security check box to enable security for the deployment. If you enabled Sharding for Oracle database, then must enable this option.
2. Deselect this option if you don't want to set up a secure deployment or want to use other types of security configurations such NGINX or reverse proxy support.
3. When you deselect the SSL/TLS security check box, the option This non-secure deployment will be used to send trail data to a secure deployment remains enabled. Select this check box to set up the deployment as a non-secure deployment that would send trail data to a secure target deployment.
4. In the Server (wallet or certificate) section, select one of the options, and then provide the required file locations. If you select the Use existing wallet option, the wallet directory must have the appropriate certificates already imported into it. If you choose to use a certificate, enter the corresponding pass phrase.

   When using a self-signed certificate, a new Oracle Wallet is created in the new deployment and these certificates are imported into it. For certificates, enter the location of the private key file and the pass phrase. The private key files must be in the PKCS#8 format.

5. (Optional) The Client section is enabled if you select the This non-secure deployment will be used to send trail data to a secure deployment option. This option is useful when Distribution Service from the source deployment is not secure whereas the Receiver Service on the target deployment is secured. The sender (source) may be configured for public access while the Receiver Service requires authentication and authorization, which is established using PKI before the incoming data is applied. This option allows sending trail data to a secure deployment for environments such as DMZ where:

   If you select the Use Existing Wallet option, then specify the location of the existing wallet that stores the client certificates. Make sure that the certificates are already imported in the wallet directory.

   If you select the Use certificates option, then enter the passphrase.

   For more information, see Create Different Types of Certificates for a Secure Deployment.

Advanced Security Settings

If security is enabled, then this screen is displayed with the encryption options TLS 1.1 and TLS 1.2. TLS 1.2 is selected by default. When you open the Advanced Security Settings for the first time with TLS 1.2, the available cipher suites are listed.

1. Use the arrows to add or remove cipher suites.
2. Use Up and Down to reorder how the cipher suites are applied and click Next.

Sharding Options

If Sharding is enabled on the Deployment Details screen, then this screen is displayed. You can specify the sharding options on this screen:

1. Locate and import your Oracle GoldenGate Sharding Certificate. Enter the distinguished name from the certificate that will be used by the database sharding code to identify itself when making REST API calls to the Oracle GoldenGate MA services.
2. Enter a unique name for the certificate.
3. Click Next.

Port Settings

Description of the illustration oggcascr8.png

1. Enter the Administration Service port number, and then when you leave the field the other port numbers are populated in ascending numbers. Optionally, you can enter unique ports for each of the services.
2. Select Enable Monitoring to use the Performance Metrics Service.

   Note:

   For Oracle GoldenGate Microservices, selecting Enable Monitoring does not require Oracle GoldenGate Management Pack License. The license is required only when Enterprise Manager Plugin for GoldenGate is used to monitor Oracle GoldenGate Microservices instance.
3. Click inside the Performance Metrics Service port fields to populate or enter the ports you want to use. Ensure that you choose available ports for TCP.

   Select the UDP port for performance monitoring. The option to select the UDP port is displayed only with deployments on Windows and other operating systems that don't support UDS communication with Performance Metric Service. See Protocols for Performance Monitoring for Different Operating Systems.

   You can change the TCP port from the Service Manager console after the deployment is done. For more information on PMSRVR, see ENABLEMONITORING.

4. Select the type of datastore as Berkeley Database (BDB), which is the default or Open LDAP Lightning Memory-Mapped Database (LMDB).

   For learning more about BDB, see Oracle Berkeley DB 12c Release 1. For details on LMDB, see http://www.lmdb.tech/doc/.

5. You can also designate the Performance Monitor as a Critical Service if integrating the Service Manager with XAG.
6. Select the location of your datastore. BDB and LMDB are in-memory and disk-resident databases. The Performance Metrics Service uses the datastore to store all performance metrics information.
7. Click Next.

   The oggca utility validates whether or not the port you entered is currently in use or not.

Replication Settings

Description of the illustration oggcascr9.png

1. Enter the Oracle GoldenGate default schema that you want to use to store the replication objects such as checkpoint and heartbeat tables.

   Note:

   OGGCA doesn't connect to the database, so it cannot validate the schema. The schema specified in OGGCA is written to the GLOBALS file as a default schema. When creating an Extract, if you do not specify a replication schema, Extract will use this schema.

2. Click Next.

Summary

Description of the illustration oggcascr10.png

1. Review the detailed configuration settings of the deployment before you continue.
2. (Optional) You can save the configuration information to a response file. Oracle recommends that you save the response file. You can run the installer from the command line using this file as an input to duplicate the results of a successful configuration on other systems. You can edit this file or a new one from the provided template.

   Note:

   When saving to a response file, the administrator password is not saved for security reasons. You must edit the response file and enter the password if you want to reuse the response file for use on other systems.

3. Click Finish and then click Next.

Configure Deployment

This screen displays the progress of the deployment creation and configuration. There could be some notifications during the progress if the Service Manager is registered as a service.

A pop-up appears that directs you how to run the script to register the service. The Configuration Assistant verifies that these scripts have been run. If you did not run them, you are queried if you want to continue. When you click Yes, the configuration completes successfully. When you click No, a temporary failed status is set and you click Retry to run the scripts.

Click Ok after you run the script to continue.

After the creation and configuration process completes, you'll see a message that the deployment is added successfully. Click Next.

Finish

Description of the illustration oggcascr11.png

On the Finish screen, click Close to exist OGGCA.