Deploying a massive, on-premises database in the cloud is by no means trivial. But with the right deployment models and best practice architectures, you can quickly surmount integration challenges, eliminate downtime, and actually improve your database’s security posture.
By using Oracle Exadata Database Service and Oracle Database Exadata Cloud at Customer, you'll also get all of the compute, storage, networking, and system software you'll need to build a scaled-out, engineered system specifically architected to run Oracle Database.
Today's high-performance databases must securely store your data, be available 24/7, run advanced analytics, and manage online transaction processing (OLTP) workloads at scale. When you use Oracle Exadata Database Service, you'll also get a high-performance database toolkit, including Smart Scans, which offloads SQL processing directly to the storage server and bypasses the I/O and network at the database server. You'll get access to storage indexes and in-memory columnar store, which stores your data in rows and then transforms it into columns to make it easier to run advanced analytics. RDMA over converged Ethernet (RoCE), sub-second failover, and full-stack security scanning are also included with Oracle Exadata Database Service, giving you exceptional OLTP throughput, high availability, and advanced intrusion protection.
Analytics (storage offloading)
- Smart scans, filters, joins
- Storage indexes
- HCC (column compression)
- JSON, XML, LOBs, CLOBs
- In-memory columnar
OLTP consolidation (PMem, + Flash +, RoCE)
- Persistent memory cache/log
- Smart Flash (NVMe/PCIe)
- RDMA over converged Ethernet
- I/O resource management
- Network resource management
Availability (proactive and predictive)
- Instant failure detection
- Sub-second failover
- ML-based health monitoring
- I/O latency capping
- Maximum availability architecture
Security (end-to-end protection)
- Advanced intrusion detection
- Hardware encrypt/decrypt
- Full-stack security scanning
- FIPS 140-2, PCI-DSS
- Isolation and virtualization
In addition to migrating an on-premises database to Oracle Cloud Infrastructure (OCI), you must optimize the environment to get the best possible performance, highest availability, and the lowest cost.
Let's say you're running an OLTP application on a 2-node RAC Oracle Database on legacy, on-premises hardware. But your business is expanding and you must manage more data, invest in more hardware, and allocate more resources to manage the increased stress on the system.
In a recent proof of concept (POC) led by Oracle Cloud engineers, a logistics company was grappling with significant challenges:
- More than 3,000 active session transactions per hour (more than 1.2 million IM scan rows or more than 70 million rows per second)
- The technical team kept adding memory to existing hardware and used performance fixes like SQL profiles, indexes, and hints
- They required approximately 7 terabytes of memory (SGA+PGA) for a more than 20-terabyte database
- More than 7000 indexes for less than 4000 unique SQL runs
- More than 3000 SQL profiles
- Frequent infrastructure outages due to aging hardware
- No scaling option but to upgrade and buy more hardware
Before configuring the logistics company's on-premises database deployments to run on Oracle Cloud Infrastructure (OCI), Oracle designed a proof of concept, using Real Application Testing (RAT):
- Performed discovery and analysis of on-premises workloads
- Selected Oracle Exadata Database Service on OCI
- Defined success criteria for the company's POC plan
- Chose RAT as the tool to capture and run analytics workloads on OCI
- Analyzed POC results over multiple iterations
- Met POC success criteria
- Implemented disaster recovery (DR) in a different region
After bringing multiple terabytes into memory, the final POC results included a 29% reduction in database wait time, and a 45% reduction in CPU nodes.
The following diagram illustrates this reference architecture.
The architecture has the following components:
A tenancy is a secure and isolated partition that Oracle sets up within Oracle Cloud when you sign up for Oracle Cloud Infrastructure. You can create, organize, and administer your resources in Oracle Cloud within your tenancy. A tenancy is synonymous with a company or organization. Usually, a company will have a single tenancy and reflect its organizational structure within that tenancy. A single tenancy is usually associated with a single subscription, and a single subscription usually only has one tenancy.
An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Availability domain
Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.
- Fault domain
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.
- Virtual cloud network (VCN) and subnets
A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
Oracle Cloud Infrastructure FastConnect provides an easy way to create a dedicated, private connection between your data center and Oracle Cloud Infrastructure. FastConnect provides higher-bandwidth options and a more reliable networking experience when compared with internet-based connections.
- Site-to-Site VPN
Site-to-Site VPN provides IPSec VPN connectivity between your on-premises network and VCNs in Oracle Cloud Infrastructure. The IPSec protocol suite encrypts IP traffic before the packets are transferred from the source to the destination and decrypts the traffic when it arrives.
- Security list
For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
- Route table
Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.
- Dynamic routing gateway (DRG)
The DRG is a virtual router that provides a path for private network traffic between VCNs in the same region, between a VCN and a network outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or a network in another cloud provider.
- Network address translation (NAT) gateway
A NAT gateway enables private resources in a VCN to access hosts on the internet, without exposing those resources to incoming internet connections.
- Service gateway
The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.
- Remote peering
Remote peering allows the VCNs' resources to communicate using private IP addresses without routing the traffic over the internet or through your on-premises network. Remote peering eliminates the need for an internet gateway and public IP addresses for the instances that need to communicate with another VCN in a different region.
- Object storage
Object storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can seamlessly scale storage without experiencing any degradation in performance or service reliability. Use standard storage for "hot" storage that you need to access quickly, immediately, and frequently. Use archive storage for "cold" storage that you retain for long periods of time and seldom or rarely access.
- Exadata DB system
Oracle Exadata Database Service enables you to leverage the power of Exadata in the cloud. You can provision flexible X8M systems that allow you to add database compute servers and storage servers to your system as your needs grow. X8M systems offer RoCE (RDMA over Converged Ethernet) networking for high bandwidth and low latency, persistent memory (PMEM) modules, and intelligent Exadata software. You can provision X8M systems by using a shape that's equivalent to a quarter-rack X8 system, and then add database and storage servers at any time after provisioning.
- Data Guard
Oracle Data Guard provides a comprehensive set of services that create, maintain, manage, and monitor one or more standby databases to enable production Oracle databases to remain available without interruption. Oracle Data Guard maintains these standby databases as copies of the production database. Then, if the production database becomes unavailable because of a planned or an unplanned outage, Oracle Data Guard can switch any standby database to the production role, minimizing the downtime associated with the outage.