Implement Oracle Database Autonomous Recovery Service with Oracle Database@Azure

A cloud backup solution for Oracle databases running in Microsoft Azure enables you take advantage of a cloud recovery service while meeting data residency requirements.

The Oracle Database Autonomous Recovery Service is a fully managed, standalone, and centralized cloud backup solution designed for Oracle databases. Oracle Database@Azure offers automated backup to be stored in Azure and OCI region to cater data residency requirements. Oracle Database Zero Data Loss Autonomous Recovery Service is an enhanced version of the service that adds real-time data protection, and can be enabled with a single click in the OCI console. Oracle Database Zero Data Loss Autonomous Recovery Service protects database transactions as they occur, allowing you to recover databases to the point of their last committed database transaction, thereby reducing data loss exposure to less than one second.

Oracle Database Autonomous Recovery Service provides a reliable and efficient way to backup and recover Oracle Databases, ensuring data protection and availability. Here are some features of Oracle Database Autonomous Recovery Service:

• Zero data loss: Aim to recover data with zero data loss, crucial for business-critical applications.
• Automated management: Automate backup and recovery processes, reducing the need for manual intervention and minimizing the risk of human error.
• Centralized control: Implement a centralized platform to manage backups across multiple databases, simplifying administration.
• Scalability: Design to scale with your database needs, handling large volumes of data efficiently.

Highlights of this solution include:

• Enhanced security: Enable immutability of backups and protect against accidental and malicious deletion. Retention lock is an optional feature to safeguard your protected database backups from inadvertent changes or malicious damages, such as ransomware attacks.
• Compliance: Assist in meeting regulatory and compliance requirements by ensuring data integrity and availability.
• Operational efficiency: Improve operational efficiency by automating routine tasks and provide a streamlined recovery process.

Before You Begin

Oracle Database Autonomous Recovery Service is currently only available for Oracle Exadata Database Service. There are two available options to store backups: in the same Azure region the Oracle Exadata Database Service resides, or a default OCI region associated with the Azure region.

Existing databases need one-time manual intervention to switch from traditional backups to recovery services, whereas new databases are defaulted to Oracle Database Autonomous Recovery Service (the recommended option).

Review and request service limits to enable Oracle Database Autonomous Recovery Service. You'll also need to create users, groups, permissions and policies to enable Oracle Database Autonomous Recovery Service as a backup destination if you haven't already.

Architecture

This reference architecture represents Oracle Database@Azure configured for Oracle Database Autonomous Recovery Service with the option to choose between Azure or OCI as the backup location.

The backup replication of Oracle Database Autonomous Recovery Service uses the best high-availability architecture available in that region. Backups are consistently replicated to another availability domain (AD) or fault domain (if another AD is not available) in OCI. In a multicloud deployment, the backups are replicated in the same region into a second availability zone (AZ), or fault domain (if another AZ is not available) in Azure. For cross region backups, use Oracle Data Guard to replicate databases from primary to standby region and backup each region with local recovery service. Any backups in the service can be restored across availability domains, zones, and regions. Oracle Database Autonomous Recovery Service uses a backup subnet private endpoint for enhanced security and seamless integration. It's recommended to leverage separate private subnets to create a private endpoint for Oracle Database Autonomous Recovery Service. While designing subnets for your private endpoint, ensure there are available IP's in the CIDR block to assign for the Oracle Database Autonomous Recovery Service private endpoint.

Applications can continue to use databases with minimal to no impact of database performance as backup operations are offloaded to Oracle Database Autonomous Recovery Service and database resources can be utilized for business needs rather than backup cycles.

The following diagram illustrates this reference architecture.

Description of the illustration db-autonomous-recovery-dbatazure.png

db-autonomous-recovery-dbatazure.zip

Microsoft Azure provides the following components:

• Azure Region

  An Azure region is a geographical area in which one or more physical Azure data centers, called availability zones, reside. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

  Azure and OCI regions are localized geographic areas. For Oracle Database@Azure, an Azure region is connected to an OCI region, with availability zones (AZs) in Azure connected to availability domains (ADs) in OCI. Azure and OCI region pairs are selected to minimize distance and latency.

• Azure VNet

  Microsoft Azure Virtual Network (VNet) is the fundamental building block for your private network in Azure. VNet enables many types of Azure resources, such as Azure virtual machines (VM), to securely communicate with each other, the internet, and on-premises networks.

• Azure Delegated Subnet

  Subnet delegation is Microsoft's ability to inject a managed service, specifically a platform-as-a-service (PaaS) service, directly into your virtual network. This allows you to designate or delegate a subnet to be a home for an external managed service inside of your virtual network, such that external service acts as a virtual network resource, even though it is an external PaaS service.

• Azure VNIC

  The services in Azure data centers have physical network interface cards (NICs). Virtual machine instances communicate using virtual NICs (VNICs) associated with the physical NICs. Each instance has a primary VNIC that's automatically created and attached during launch and is available during the instance's lifetime.

• Azure Route table (User Defined Route – UDR)

  Virtual route tables contain rules to route traffic from subnets to destinations outside a VNet, typically through gateways. Route tables are associated with subnets in a VNet.

• Azure Virtual Network Gateway

  Azure Virtual Network Gateway establishes secure, cross-premises connectivity between an Azure virtual network and an on-premises network. It allows you to create a hybrid network that spans your data center and Azure.

Oracle Cloud Infrastructure architecture has the following components:

• Region

  An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

• Availability domains

  Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain shouldn't affect the other availability domains in the region.

• Virtual cloud network (VCN) and subnets

  A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.

• Route table

  Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.

• Security list

  For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.

• Network security group (NSG)

  Network security group (NSG) acts as a virtual firewall for your cloud resources. With the zero-trust security model of Oracle Cloud Infrastructure, all traffic is denied, and you can control the network traffic inside a VCN. An NSG consists of a set of ingress and egress security rules that apply to only a specified set of VNICs in a single VCN.

• Oracle Database Autonomous Recovery Service

  Oracle Database Autonomous Recovery Service is a fully managed service designed to protect Oracle Databases from data loss and cyber threats. It offers faster backups with reduced database overhead, reliable recovery with validated backups, and real-time protection enabling recovery to within less than a second of an outage or ransomware attack. This service provides a centralized data protection dashboard and is recommended for backing up Oracle Databases.

• Exadata Database Service

  enables you to leverage the power of Exadata in the cloud. Oracle Exadata Database Service delivers proven Oracle Database capabilities on purpose-built, optimized Oracle Exadata infrastructure in the public cloud. Built-in cloud automation, elastic resource scaling, security, and fast performance for all Oracle Database workloads helps you simplify management and reduce costs.

• Oracle Database@Azure

  Oracle Database@Azure is the Oracle Database service (Oracle Exadata Database Service on Dedicated Infrastructure and Oracle Autonomous Database Serverless) running on Oracle Cloud Infrastructure (OCI), deployed in Microsoft Azure data centers. The service offers features and price parity with OCI, users purchase the service on Azure Marketplace.

  Oracle Database@Azure integrates Oracle Exadata Database Service, Oracle Real Application Clusters (Oracle RAC), and Oracle Data Guard technologies into the Azure platform. Users manage the service on the Azure console and with Azure automation tools. The service is deployed in Azure Virtual Network (VNet) and integrated with the Azure identity and access management system. The OCI and Oracle Database generic metrics and audit logs are natively available in Azure. The service requires users to have an Azure subscription and an OCI tenancy. Autonomous Database is built on Oracle Exadata infrastructure, is self-managing, self-securing, and self-repairing, helping eliminate manual database management and human errors. Autonomous Database enables development of scalable AI-powered apps with any data using built-in AI capabilities using your choice of large language model (LLM) and deployment location.

  Both Oracle Exadata Database Service and Oracle Autonomous Database Serverless are easily provisioned through the native Azure Portal, enabling access to the broader Azure ecosystem.

Recommendations

Use the following recommendations as a starting point to implement Oracle Database Autonomous Recovery Service. Your requirements might differ from the architecture described here.

Security

• Network configuration

  Create a dedicated private subnet for the Oracle Database Autonomous Recovery Service in your Virtual Cloud Network (VCN). Configure the subnet with security rules to control backup traffic and limit access to authorized users and services only.

• Access control policies

  Enforce strict policies provided by Oracle, or create new policies using the Policy Builder. Assign predefined policy templates that allow necessary permissions for Oracle Database Autonomous Recovery Service, ensuring only authorized users can manage backups and access recovery resources.

• Encryption

  Utilize Transparent Data Encryption (TDE) for databases to secure data at rest. Ensure that TDE is fully configured before using Oracle Database Autonomous Recovery Service.

• Retention locks

  Enable retention locks on backup policies to prevent accidental deletion or modification of backups, ensuring protection against potential ransomware attacks, or data loss incidents.

Performance

• Incremental backups

  Leverage the incremental forever backup strategy to minimize resource consumption during backup operations. This approach reduces the impact on database performance by avoiding full backups and only capturing changes since the last backup.

• Real-time data protection

  Enable real-time data protection features to achieve near-zero recovery point objectives (RPOs). This ensures minimal data loss while maintaining application performance during backup operations.

• Monitoring tools

  Use monitoring services to set up alarms and monitor the performance of backup operations and storage utilization. This proactive monitoring helps to identify any performance bottlenecks early.

Cost

• Resource limits

  Review and understand the service limits for your tenancy regarding the number of protected databases and backup storage utilization. Ensure your limits are adequate for your backup demands to avoid unexpected costs.

• Cost management strategies

  Evaluate different protection policies (Platinum, Gold, Silver, Bronze) based on your business needs. Choose a policy that balances cost with required data retention and recovery capabilities.

• Avoid unused resources

  Regularly audit your backup configurations and remove any unused or redundant backups to optimize storage costs. The automated nature of Oracle Database Autonomous Recovery Service can help manage this effectively.

Maintenance

• Automated management

  Take advantage of the autonomous management features of Oracle Database Autonomous Recovery Service to reduce manual administration overhead. This includes automated backups and monitoring, which help ensure consistent operation without requiring constant oversight.

• Regular policy reviews

  Periodically review protection policies and adjust them based on changing business requirements, or compliance needs. This ensures your backup strategy remains aligned with organizational goals while optimizing resource usage.

• Documentation and training

  Maintain comprehensive documentation of your setup and provide training for relevant users on how to manage and utilize the Oracle Database Autonomous Recovery Service effectively. This can help in ensuring smooth operations and quick responses in case of issues.

Considerations

When implementing Oracle Database Autonomous Recovery Service, consider the following:

• Choice of backup data center

  Storing database backups in the same cloud (i.e within Azure data centers) enables you to fulfill legal and compliance obligations if your data is sensitive and implies geographic boundary and storage restrictions. Storing recovery backups in OCI enables contingency plans for scenarios where there is only one availability zone available with Oracle Database@Azure.

• Application performance

  Oracle Database Autonomous Recovery Service eliminates the weekly full backup and uses an offloaded incremental forever backup paradigm, so the database CPU, memory, and I/O overheads are reduced along with the backup window. Your valuable database resources can now be more focused on business needs rather than backup tasks. Initial backups (first backups) will have slight impact on performance due to all blocks backups, thereafter incremental backups will use only change blocks.

• Security

  Each protected database must be associated with a protection policy that defines backup retention rules and storage utilization strategies. Custom policies can be created to meet specific organizational needs.

• Availability

  Oracle Database Autonomous Recovery Service supports replication in cross availability zones to support Oracle Maximum Availability Architecture. For cross region deployments, you must consider using Oracle Database Autonomous Recovery Service configured in each region.

• Cost

  Oracle Database Autonomous Recovery Service brings affordable, advanced data protection with unique capabilities to OCI database services for similar monthly costs compared to OCI Object Storage for backups. Oracle Database Autonomous Recovery Service uses database-aware intelligence to optimize backup efficiencies, recovery validation, and ease of use to deliver fast, and predictable recovery at the lowest cost. There is price parity between OCI and Oracle Database@Azure recovery services. Oracle Database Autonomous Recovery Service provides add-on services like retention locks at an additional cost.

• Compliance

  Regulatory or compliance requirements may dictate how data is stored, backed up, or encrypted. Ensure your configuration meets these standards.

• Data retention

  Review your organization’s data retention needs to determine appropriate backup schedules and policies that align with business requirements. Longer data retention durations may lead to incurring costs which may not be required.

• Scalability

  Anticipate future growth in data volume and how it might affect backup strategies; ensure your chosen configuration can scale accordingly without significant reconfiguration.

Deploy

Before deploying, you must provision Oracle Exadata Cloud Infrastructure and a VM cluster before enabling Oracle Database Autonomous Recovery Service.

The following steps outline how to enable Oracle Database Autonomous Recovery Service with an existing Oracle Exadata Database Service database.

1. Navigate to the Azure portal and select Oracle Database@Azure.
2. Click Oracle Exadata Database Service, and then click Oracle Exadata VM Cluster.
3. Select Go to OCI.
4. Ensure the cluster name in the OCI portal is the cluster you intend to use.
5. Ensure IAM users, groups, and policies are created.
6. Select the database you want to enable backups for the cluster.
7. Click Configure Automatic Backups, and then select Enable Automatic Backups.
8. Select Automatic Recovery Service (Recommended) for backup destination.
9. Select a protection policy, or create a new policy:
   1. Search for Database Backups, and then select Protection Policies.
   2. Click Create protection policy.
   3. Enter a name for the policy.
   4. Select a compartment for the policy.
   5. Enter a number of days for backup retention.
   6. Enable retention locks for the configured retention period to keep backups.
   7. (Optional) Select a specific time to back up.
   8. Click Recovery Service Location, and select Store backups in the same cloud provider as the database to store backups in Azure. If this option is not enabled, backups are stored in OCI.
   9. Click Create to create the protection policy.
10. Select Real-time protection to enable recovery point objection (RPO) near the last subsecond.
11. Enable default retention per policy, or 72 days.
12. Select Scheduled Daily Backups, or Anytime.
13. (Optional) Enable Immediate Backup to back up now.
14. Click Save Changes.

Explore More

Learn more about implementing Oracle Database Autonomous Recovery Service with Oracle Database@Azure.

Review these additional resources:

• Learn about Oracle Maximum Availability Architecture for Oracle Database@Azure
• Learn about selecting network topologies for Oracle Database@Azure
• Perform Cross-Regional Disaster Recovery for Exadata Database on Oracle Database@Azure
• Configure Recovery Service
• Oracle Database@Azure
• Oracle Cloud Infrastructure Documentation
• Well-architected framework for Oracle Cloud Infrastructure
• Oracle Cloud Cost Estimator

Acknowledgments

• Author: Neeraj Tyagi
• Contributors: Julien Silverston, Kelly Smith, Wei Han