Configure the DR Topology
Set up the disaster recovery (DR) topology. Scripts are available to streamline the process.
Download the Scripts
Get the latest setup scripts from the GitHub repository.
Note:
Place all of the downloaded scripts in the same folder.The downloaded file includes scripts to perform the following tasks:
- Configure a TNS Alias for datasources
- Set up the initial DR configuration
- Set up ongoing replication
- Change wallets for an Oracle WebLogic Server, Oracle SOA, or Oracle Fusion Middleware system.
Script Name | Description |
---|---|
fmwadb_config_replica.sh |
Replicate configuration between sites. |
fmwadb_dr_prim.sh |
Prepares a primary site for the DR setup. |
fmwadb_dr_stby.sh |
Prepares a secondary site for the DR setup. |
fmwadb_rest_api_listabds.sh |
Obtain the Autonomous Database role base on the ADB ID and tenancy information. |
fmwadb_switch_db_conn.sh |
Replaces the existing connect information with a new ADBS WALLET. |
fmw_change_to_tns_alias.sh |
Replace the connect strings used by Oracle
WebLogic datasources and jps config files with
a tns alias.
|
fmw_dec_pwd.sh |
Decrypts a Oracle WebLogic-encrypted password. |
fmw_enc_pwd.sh |
Encrypts a password using Oracle WebLogic encryption. |
fmw_get_connect_string.sh |
Returns the connect string that a Oracle WebLogic, Oracle SOA, or Oracle Fusion Middleware datasource is using. |
fmw_get_ds_property.sh |
Returns the value of a specific datasource property. |
Prepare the Primary Mid-tier for the Virtual Front-end
If the primary mid-tier is not already configured with a virtual front-end name, then perform these actions to prepare it for the disaster recovery (DR) configuration.
Modify the Primary's Data Sources and JPS Configuration to Use a TNS Alias
Using a Transparent Network Substrate (TNS) alias in Java Database Connectivity (JDBC) URLs facilitates the reconfiguration of Oracle WebLogic Server for Oracle Cloud Infrastructure data sources by using remote refreshable clones to move between primary and standby.
Note:
Oracle SOA Suite on Marketplace instances provisioned with release 23.1.1 (February 2023) or later are configured with the TNS alias approach out-of-the-box. For this case, you can skip this task.
Using a TNS alias requires that the datasources and jps
files include the
variable oracle.net.tns_admin in the Oracle Fusion Middleware configuration files.
Create a VCN and Subnet in the Secondary Region
If you haven’t already done it, create a VCN in the standby region with a CIDR that doesn't conflict with the primary region's CIDR. For example, if the primary VCN uses 10.1.0.0/16, then the secondary VCN could use 10.2.0.0/16.
Configure a DRG Between the Primary and Secondary VCNs
The disaster recovery set up requires that the primary and secondary Oracle WebLogic Server Administration Nodes communicate with each other to receive domain configuration through Oracle Cloud Infrastructure File Storage copies. For this, you must create a dynamic routing gateway (DRG) between the mid-tier VCNs.
Create an Oracle Autonomous Data Guard Standby in the Secondary Region
Create a standby database for the existing primary Oracle Autonomous Database.
- For Oracle Autonomous Database Serverless, create a standby Oracle Autonomous Database Serverless in the secondary region.
- In the OCI Console, click Oracle Database in the left navigation menu to navigate to the primary Oracle Autonomous Database.
- On the Autonomous Database Details page, under Resources, click Disaster Recovery, then click Add peer database.
- Use the VCN and private subnets that you created earlier.
- For Oracle Autonomous Database on Dedicated Exadata Infrastructure
Prepare the Standby Autonomous Database for the DR Setup
This task depends on whether you are using the Snapshot Standby or Remote Refreshable Clone approach.
For the Snapshot Standby approach, see Convert the Standby into a Snapshot Standby.
For the Remote Refreshable Clone approach, see Create a Remote Refreshable Clone in the Secondary Region.
Convert the Standby into a Snapshot Standby
Using the Snapshot Standby approach, convert your standby autonomous database into Snapshot Standby.
- From the Oracle Cloud Infrastructure Console left navigation menu, click Autonomous Database.
- In secondary region, select the standby Autonomous Database.
- From the More Actions drop-down list, click Convert to snapshot standby database.
- If you're using Dedicated Infrastructure, select Use primary database services.
Note:
When a Snapshot Standby in Oracle Dedicated Exadata Infrastructure is not converted to physical standby within 7 days, the Snapshot Standby is automatically converted to physical standby.
When a Snapshot Standby in Oracle Autonomous Database Serverless is not converted to physical standby within 2 days, the Snapshot Standby is automatically converted to physical standby.
Provision the Secondary System
Provision the secondary Oracle WebLogic Server for Oracle Cloud Infrastructure, Oracle SOA Suite on Marketplace, or other middle-tier Oracle Cloud Infrastructure (OCI) service that uses Oracle Fusion Middleware (system) pointing to the secondary database (for Snapshot Standby approach) or to the refreshable clone (for remote refreshable clone approach).
Modify the Secondary's TNS Alias Connect Strings
Modify the alias used in the secondary system to be the same alias as in the primary system.
Just as in the primary system, you should use a Transparent Network
Substrate (TNS) alias in all datasource files under
$DOMAIN_HOME/config/jdbc
and in the jps config
files under $DOMAIN_HOME/config/fmwconfig
. The alias used in
the secondary (standby) system will be the same one as in the primary system because
datasources are replicated from the primary containing the alias created earlier.
-
For the Snapshot Standby approach, see Modify the Secondary's TNS Alias Connect Strings for Snapshot Standby Approach.
-
For the Remote Refreshable Clone approach, see Modify the Secondary's TNS Alias Connect Strings for the Remote Refreshable Clone Approach.
Modify the Secondary's TNS Alias Connect Strings for Snapshot Standby Approach
For the Snapshot Standby approach, it's expected that the aliases in the
tnsnames.ora
file are the same as in primary (although connect strings
will be pointing to the standby database’s address). You don’t need to modify
them.
Modify the Secondary's TNS Alias Connect Strings for the Remote Refreshable Clone Approach
For the Remote Refreshable Clone approach, modify the alias used in the secondary system to be the same alias as in the primary system.
The tnsnames.ora
file included in the
secondary Oracle WebLogic Server for
Oracle Cloud Infrastructure, Oracle SOA Suite on Marketplace, or Oracle Fusion Middleware system creation will contain an
alias based on the remote refreshable clone name. For example, if a
remote refreshable clone is created with the name
soaadb1rc2
the
tnsnames.ora
file (in the wallet directory
created during provisioning) will contain the following
alias: soaadb1rc2_high
,
soaadb1rc2_low
,
soaadb1rc2_medium
,
soaadb1rc2_tp
,
soaadb1rc2_tpurgent
. To simplify the
configuration, you should use the same alias name in
tnsnames.ora
file in both the primary and
secondary systems, so modify the TNS alias that the Oracle WebLogic Server for
Oracle Cloud Infrastructure, Oracle SOA Suite on Marketplace, or Oracle Fusion Middleware domain is configured with (remote
refreshable clone) to use the same alias name as primary. You can
obtain the alias name in primary from the
$tns_admin/tsnames.ora
file. Different
aliases are created for different services and they all will infer a
prefix from the DB name. Notice that you want to modify the alias
name only, not the services. Don't use a global search and
replace in the file as that will likely also alter the service names
in the connect strings in tnsnames.ora
file.
Just like in the primary system, all datasource files under
$DOMAIN_HOME/config/jdbc
and in the jps
config files under
$DOMAIN_HOME/config/fmwconfig
use the
chosen alias. It is expected that the same service level was chosen
with the remote refreshable clone as in the primary system (either
low
, mid
,
high
, tp
, or
tpurgent
). Because the alias and
datasources are copied over from the primary system, you don't need
to run the fmw_change_to_tns_alias.sh
script in the
secondary system. The disaster recovery set up will handle the
required replacements.
If you have additional aliases to point to other databases in the primary
tnsnames.ora
file, add them accordingly in
the tnsnames.ora
file of the secondary system.
Update the Host Name Aliases and Front-End Address in the Primary and Standby Midtiers
The same front-end address must be used in both the primary and standby. During normal operation this front-end host name will map to the IP of the primary Oracle Cloud Infrastructure (OCI) Load Balancer. When running from secondary (after a switchover or failover) this front-end host name will map to the IP of the secondary OCI Load Balancer.
Note:
The /etc/hosts
file of the midtier hosts must not be
altered when there is a switchover or failover. The mid-tier hosts will always resolve the
virtual front-end name with its front-end IP. The DNS update that is needed during the
switchover and failover procedures is performed in the DNS or host files used by the
clients.
You can implement this host aliasing in the following ways:
- Add the host names as aliases to
the
/etc/hosts
files of the Oracle WebLogic Server for OCI compute instances - Use a private DNS view in the secondary OCI VCN
Use /etc/hosts
Files
/etc/hosts
files of the secondary Oracle WebLogic Server hosts, pointing to the IP addresses of the secondary Oracle WebLogic Server hosts. This mode is valid when the DNS server is the same on primary and
secondary Oracle Cloud
Infrastructure (OCI) sites, and also when separated DNS servers are used in the primary and secondary
sites. The entries in the /etc/hosts
file have precedence over the DNS
resolution, because this is the precedence defined out-of-the-box in the directive “hosts”
of the /etc/nsswitch.conf
file.
Use the OCI Domain Name System (DNS)
/etc/hosts
of all the Oracle WebLogic Server hosts.
The following are the steps to create the private view in the secondary VCN and resolve the host names used by primary with the secondary IPs:
Configure the Secondary System
jdbc url
pointing to the local database (refreshable clone
during DR set up and standby in preparation for switchover) with the required
wallets.
Leave the System Ready for Switchover
Note:
This task is only needed when the secondary system is configured and validated with a Remote Refreshable Clone.Download the wallet for the standby database from the secondary database user interface. Avoid dual connect strings (both primary and standby hosts) in remote DR cases because they cause unnecessary retries.
Setup Ongoing Configuration Replication
fmwadb_config_replica.sh
script
replicates changes through the Oracle Cloud Infrastructure File
Storage (OCI File Storage) stage directory on a regular basis.
The configuration is ready (prepared) for a switchover after each replication.
When you're using Remote Refreshable Clone, it is assumed that the replicated configuration will be "adapted" for the physical standby (not the refreshable clone). If you need a validation or test using refreshable clones, then you can alter the standby domain configuration to point to the refreshable clone instead.
You must run the fmwadb_config_replica.sh
script in the WebLogic Server Administration Nodes (in both the primary and standby) to
replicate the configuration. Typically, this script is scheduled
with a cron
job to replicate the configuration
between a primary and a standby WebLogic Server, Oracle SOA Suite, or Oracle Fusion Middleware system on the Oracle Autonomous Database system at regular intervals. This script checks the current role
of the local database to determine if it is running in the primary
or standby site.
- When the script runs in the PRIMARY site, it copies
the domain configuration from primary domain to local
assistance folder (FSS) and then to the secondary site
assistance folder (through
rsync
). - When the script runs in STANDBY site, it copies the domain configuration from the secondary assistance folder (OCI File Storage) to the secondary domain and makes the required replacements for datasources to work with the local database.
You must gather different parameters from the OCI Console and encrypt the password for accessing the Oracle Autonomous Database wallets for security reasons.
The following is a description of the variables used in the script and how to obtain them:
- REMOTE_WLSADMIN_NODE_IP
Peer and remote WebLogic Server Administration server node's IP.
This is the IP of the node host in the WebLogic Server Administration Server in the peer site. It must be reachable from the local node. It is recommended to connect to the remote private IP of the node using a Dynamic Routing Gateway.
- REMOTE_SSH_PRIV_KEYFILE
The private SSH keyfile to connect to remote Oracle WebLogic Administration server node.
- TENANCY_OCID
The OCID of the tenancy where the Oracle Autonomous Database resides. You can get the OCID from the Oracle Cloud Infrastructure (OCI) user interface (UI).
- USER_OCID
The OCID of the user owning the autonomous database instance. You can find the OCID in the OCI UI.
- PRIVATE_KEY
Path to the private PEM format key for this user.
- LOCAL_ADB_OCID
The OCID of the Oracle Autonomous Database being inspected. You can find the OCID in the Oracle Autonomous Database screen in the OCI Console.
- WALLET_DIR
The directory for the local Oracle Autonomous Database wallet (unzip the wallet downloaded from the OCI Console). This directory should contain at least the
tnsnames.ora
,keystore.jks
, andtruststore.jks
files. When you use Snapshot Standby approach, this is thetnsadmin
folder - ENC_WALLET_PASSWORD
The WLS ENCRYPTED incarnation of the password provided when the wallet was downloaded from the Oracle Autonomous Database OCI UI.
If the wallet is the initial one created by WebLogic Server, Oracle SOA Suite, or Oracle Fusion Middleware during provisioning WebLogic Server, then you can use the following commands to get the password:
For WebLogic:[oracle@wsladbs2-wls-1 ~]$ python3 /opt/scripts/atp_db_util.py generate-atp-wallet-password
For SOA:[oracle@soarefr-soa-0 ~]$ python /opt/scripts/atp_db_util.py generate-atp-wallet-password
To encrypt the password, whether the one provided in the OCI Console or the one used during provisioning, you can use thefmw_enc_pwd.sh
script../fmw_enc_pwd.sh UNENC_WALLET_PASSWORD
Use the obtained string for the ENC_WALLET_PASSWORD variable.
- FSS_MOUNT
The OCI File Storage Mounted directory that will be used to stage the WebLogic Server domain configuration.
Once you have collected the information for the variables, perform the following steps to copy and customize the scripts for your environment: