About Oracle Database Cloud Services with Oracle Notification Server Proxy
Oracle Connection Manager (CMAN) can ease multicloud deployments where the database and application are on different cloud service providers by transparently forwarding connection requests and responses, providing an entry point, and offering TLS security, protocol switching/routing, and access control.
In this solution playbook, you learn how to use a single CMAN instance with Oracle Database to create a connection with Google Cloud to allow clients to subscribe to Oracle RAC events.Note:
Multiple CMAN instances can provide better load balancing capabilities and enhance performance and availability.
gc-oci-ons-subscribe-rac-events-arch-oracle.zip
Oracle Notification Service (ONS) is a component of Oracle Grid Infrastructure that publishes Oracle Real Application Clusters (Oracle RAC) events, such as server load, node up or down, and so on. Database clients that connect directly to a database or use connection pools can subscribe to these notifications, enabling them to take action during critical events. In multicloud deployments, where the application and Oracle RAC database span different cloud providers, applications can use CMAN to communicate with the Oracle RAC database. However, these sessions cannot receive out-of-bound Fast Application Notification (FAN) events.
In Oracle RAC, the ONS daemon is started by Oracle Clusterware as part of the nodeapps. One ONS daemon is started per clustered node. The ONS daemon receives a subset of published Oracle Clusterware events using the local EVMD Clusterware
daemons, and forwards those events to application subscribers and to the
local listeners to facilitate:
- The Fast Application Notification (FAN) feature that allows applications to respond to database state changes. Fast Connection Failover (FCF) is the client mechanism which uses the FAN feature to achieve it.
- The Load Balancing Advisory (the RLB feature) feature that permits load balancing across different RAC nodes depends on the load on the different nodes. The RDBMS MMON process creates an advisory for the distribution of work every 30 seconds and forwards it using ONS to listeners and applications.
To allow clients to subscribe to Oracle RAC events, an Oracle Notification Server proxy is required. CMAN transparently forwards requests and responses, providing a single-entry point and offering TLS security, protocol switching/routing, and access control. An Oracle Notification Server running on the CMAN host communicates with the ONS server on the Oracle RAC network through the ONS proxy. Client applications that subscribe to the ONS on the CMAN host, communicate using the Oracle Notification Server proxy with the Oracle Notification Service on the Oracle RAC public network.
ons-publish-subscribe-proxy-arch-oracle.zip
ONS provides a generic out-of-band message delivery mechanism using a subset of the HTTP protocol. ONS is a publish/subscribe mechanism where the server publishes notifications that are delivered to subscribing clients.
In an Oracle RAC cluster, one instance of the ONS daemon is started by the Oracle Clusterware on every cluster node. The database server deployment is usually protected by a firewall, so the ONS servers are also behind it. The servers connect to the proxy, which has access to clients outside the firewall, through the external-facing Oracle Notification Server. The proxy spins off the external Oracle Notification Server instance to which the notifications from internal ONS servers are published. The external ONS server then publishes these notifications to the subscribed clients.
Before You Begin
Before you begin, ensure you do the following:
About Required Services and Roles
This solution requires the following services and roles:
- Oracle Cloud Infrastructure Networking
- Oracle Cloud Infrastructure FastConnect
- Oracle Cloud Infrastructure Compute
- Oracle Base Database Service
These are the roles needed for each service.
| Service Name: Role | Required to... |
|---|---|
OCI Network: manage vcn-family |
Manage the network components, including VCNs, subnets, security rules, and FastConnect. |
OCI Compute: manage instance-family |
Create compute VM instances. |
OCI Database: manage database-family |
Create Base Database Service instances. |
See Oracle Products, Solutions, and Services to get what you need.
Architecture
rac-cman-proxy-deploy-multicloud-arch-oracle.zip
Oracle Connection Manager (CMAN) is deployed on an OCI Compute virtual machine, which is on a public subnet of the same OCI VCN. The client can access CMAN using the public IP on the public subnet. The ONS server and ONS proxy are configured on a CMAN host machine. The CMAN listener connects to the Oracle RAC database, which is running behind the firewall.
The Application with Oracle client software is deployed on a Compute Virtual Machine in Google Cloud.
You can also use multiple CMANs connected to the same database server and ONS. In this case, you must configure the ONS proxy and the Oracle Notification Server on every CMAN node.
This architecture supports the following components:
- OCI region
An OCI region is a localized geographic area that contains one or more data centers, hosting availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Fault domain
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.
- OCI virtual cloud
network and subnet
A virtual cloud network (VCN) is a customizable, software-defined network that you set up in an OCI region. Like traditional data center networks, VCNs give you control over your network environment. A VCN can have multiple non-overlapping classless inter-domain routing (CIDR) blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
- Availability domain
Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain shouldn't affect the other availability domains in the region.
- OCI FastConnect
Oracle Cloud Infrastructure FastConnect creates a dedicated, private connection between your data center and OCI. FastConnect provides higher-bandwidth options and a more reliable networking experience when compared with internet-based connections.
- OCI Compute
With Oracle Cloud Infrastructure Compute, you can provision and manage compute hosts in the cloud. You can launch compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage. After creating a compute instance, you can access it securely, restart it, attach and detach volumes, and terminate it when you no longer need it.
- Oracle Base Database Service
Oracle Base Database Service is an OCI database service that enables you to build, scale, and manage full-featured Oracle databases on virtual machines. Oracle Base Database Service uses OCI Block Volumes storage instead of local storage and can run Oracle Real Application Clusters (Oracle RAC) to improve availability.
- Oracle Linux
Oracle combines operating systems, containers, and virtualization, the fundamental building blocks of modern IT infrastructure, into one integrated offering: Oracle Linux. Running on your choice of hardware—in your data center or the cloud—Oracle Linux provides the reliability, scalability, security, and performance for demanding enterprise workloads.
- Oracle Clusterware
Oracle Clusterware enables servers to coordinate with each other to appear to function as a highly available unit. This combination of servers is commonly known as a cluster. Although the servers are standalone servers, each server communicates with other servers, making the individual servers appear as one system to applications and end-users. Oracle Clusterware also monitors the components within the cluster, restarting or failing over resources to ensure high availability. Oracle Clusterware provides the infrastructure necessary to run Oracle RAC. Oracle Clusterware also manages resources, such as virtual IP (VIP) addresses, databases, listeners, services, and many more.
- Oracle Connection Manager
Oracle Connection Manager (CMAN) is a multi-purpose database connection proxy used in Oracle deployments. It transparently forwards client application requests onto the Oracle Database and relays the response back to the client applications. The client can be a user application or a middle-tier software solution. CMAN abstracts the database network layer, including Oracle RAC public network, from clients. Multiple databases can be deployed behind a single CMAN instance. Therefore, the clients can use a single-entry point into the database tier. CMAN brings in TLS security, protocol switching/routing, and access control for connecting to local and remote Oracle Databases.
- Oracle Database wallets and certificates
Data Security is the most important task in Database. Attacks on Database systems continue to grow in number and sophistication. Ensuring that your database system is operating can be an overwhelming task. An Oracle Database wallet is a password-protected container that stores authentication and signing credentials, including private keys and certificates that enable database clients to communicate across an Oracle Database network.
An Oracle Database certificate (public key infrastructure (PKI) digital certificate) is a wallet component that validates the identity of an end entity in a public key or private key exchange that uses the wallet.
- Oracle Notification Service
Oracle Notification Service (ONS) is a component of Oracle Grid Infrastructure that publishes Oracle Real Application Clusters (Oracle RAC) events, such as server load, node up or down, and so on. Database clients that connect directly to a database or use connection pools can subscribe to these notifications, enabling them to take action during critical events. In multicloud deployments, where the application and Oracle RAC database span different cloud providers, applications can use CMAN to communicate with the Oracle RAC database. However, these sessions cannot receive out-of-bound Fast Application Notification (FAN) events.
ONS provides a generic out-of-band message delivery mechanism using a subset of the HTTP protocol. ONS is a publish/subscribe mechanism where clients publish notifications that are delivered to subscribing clients. The subscription syntax is flexible such that a single subscriber may match many different types of notifications or only a very specific type. Oracle Notification Service is used as a messaging and events system in Oracle Database.
- Oracle Notification Server
Oracle Notification Server runs the Oracle Notification Service (ONS) .
- Oracle Interconnect for Google Cloud
Oracle Interconnect for Google Cloud is a dedicated, private interconnection service combining OCI FastConnect partner connections and Google Cloud Partner Interconnects that helps multicloud customers innovate across two clouds and apply existing and familiar tools to support workloads.