1. Migrate data from on-premises to an autonomous database in the cloud using MV2ADB
  2. Prepare to Migrate Data

Prepare to Migrate Data

Before migrating data, ensure that the prerequisites are in place and tested.

Manage MV2ADB Privileges and Security

The MV2ADB utility requires root system privileges for most actions. You might consider using SUDO as part of your system auditing and security policy. Configuring SUDO to allow a user to perform any operation is equivalent to giving that user root privileges. Consider carefully if this meets your security needs.

For most tasks, you need to log in as root to use the mv2adb command-line interface if the --nosudo command option is not provided

In environments where system administration is handled by a different group than database administration, or where security is a significant concern, you may want to limit access to the root user account and password. SUDO enables system administrators to grant certain users (or groups of users) the ability to run commands as root, while logging all commands and arguments as part of your security and compliance protocol.

A SUDO security policy is configured by using the file /etc/sudoers. Within the sudoers file, you can configure groups of users and sets of commands to simplify and audit server administration with SUDO commands.

  1. (Optional) To allow root user access using SUDO, add lines to the commands section in the /etc/sudoers file.

    Configuring with root user access enables a user to perform any mv2adb operation. In this example, the user name is USERNAME_1. The file parameter setting ALL= MV2ADB_CMDS grants USERNAME_1 permission to run all mv2adb commands that are defined by the command alias MV2ADB_CMDS. 

    Cmnd_Alias MV2ADB_CMD=/opt/mv2adb/mv2adb *USERNAME_1 ALL =
    MV2ADB_CMD
  2. (Optional) To allow a user to perform selected mv2adb operations, add lines to the commands section in the /etc/sudoers file.
    Cmnd_Alias MV2ADB_CMD=/opt/mv2adb/mv2adb putdumpUSERNAME_1 ALL = MV2ADB_CMD
  3. (Optional) To allow a user to perform mv2adb operations without password request, add lines to the commands section in the /etc/sudoers file.
    Cmnd_Alias MV2ADB_CMD=/opt/mv2adb/mv2adb *USERNAME_1 ALL=(root)
      NOPASSWD:MV2ADB_CMD

Create a Bucket in Object Storage

Create an Oracle Cloud Infrastructure Object Storage bucket to store the backup data for migration.

  • Create a bucket.

    Enter the following Oracle Cloud Infrastructure parameters:

    • -ociregion: Oracle Cloud Infrastructure region. For example, us-phoenix.
    • -ocinamespace: Oracle Cloud Infrastructure namespace name, which is a system-generated string assigned during account creation.
    • -ociid: Oracle Database Backup Cloud Service account.
    • -ocibucket: Name of the Oracle Cloud Infrastructure Object Storage bucket. 
    # ./mv2adb.bin createbucket \
-ociregion us-phoenix \
-ocinamespace NAMESPACE_NAME \
-ociid mail@example.com \
-ocibucket BUCKET_NAME

Encrypt Your Passwords

Use the command mv2adb encpass to encrypt the passwords that you'll use in the configuration file that defines the parameters for single click migration.

Encrypt the following passwords:
  • Oracle Cloud Infrastructure auth token password
  • Source database system (sys) password
  • Oracle Data Pump password for datapump dump encryption (Expdp and Impdp)
  • Target autonomous database admin password
  • Proxy password, if applicable

You must have an Oracle Cloud Infrastructure user name and an auth token. Auth tokens are Oracle-generated token strings that you can use to authenticate with third-party APIs that do no support Oracle Cloud Infrastructure's signature-based authentication. Each user can have up to two auth tokens at a time. It's important to copy the auth token string when you create it because it doesn't appear in the Console.

  1. Create an Oracle Cloud Infrastructure auth token and encrypt the password.
    1. In the top-right corner of the Oracle Cloud Infrastructure Console, open the Profile menu, and then click User Settings.
    2. On the Auth Tokens page, click Generate Token.
    3. Enter a description for the token, for example, OCI password token. then click Generate Token.
    4. Copy the auth token string immediately to the / directory.

      It's important to copy the token because you can't retrieve the token string after closing the dialog box.

    5. Encrypt the password.
      # ./mv2adb encpass
  2. Encrypt the sys password for your source database.
    # ./mv2adb encpass
  3. Encrypt the password for Oracle Data Pump.
    # ./mv2adb encpass
  4. Encrypt the admin password for your target database
    # ./mv2adb encpass
  5. If you're using a proxy, then encrypt the proxy password with mv2adb encpass.

Create a Configuration File

Create a configuration file to define the migration options and parameters. A sample file is available in the mv2adb package in the /opt/mv2adb/conf directory.

The configuration file defines the following parameters:

  • Source database
  • Export and import
  • Compression
  • Target database
  • Oracle Cloud Infrastructure Object Storage properties
  • Oracle Cloud Infrastructure authentication
  • Oracle Cloud Infrastructure client properties

Before you begin, you must encrypt all required passwords with the command mv2adb encpass.

  1. Navigate to the /opt/mv2adb/conf directory and save a copy of the sample configuration file DBNAME.mv2atp.cfg.
  2. Edit your DBNAME.mv2atp.cfg configuration file.
  3. Enter your source database parameters.
    • DB_CONSTRING: Source database connect string. For example, //ip address/DB122H1 or //host name/DB122H1.
    • SYSTEM_DB_PASSWORD: Source database system password (sys password) that is encrypted with the mv2adb encpass command.
    • SCHEMAS: Comma separated schemas to export and import.
    • FULL: Enter Y for a full Oracle Data Pump Export (expdp).
    • EXCLUDE: Schemas to be excluded from the export. Use a comma separated list.
    • REMAP: Defines how the source tablespace is mapped on the target autonomous database (ADB). The format is SOURCE_tablespace:ADB_tablespace. Use a comma separated list.
    • DUMP_NAME: ExpDP dump file name.
    • DUMP_PATH: Path where the expdp dump will be created.
    • DUMP_FILES: Comma separated list of dump files. This parameter is used only by "listdump, getdump, putdump, deldump, and impdp functions. When using impdp, the path is not important, only the filename is used.
    • OHOME: # RDBMS Oracle Home.
    • ICHOME: # Instant Client Oracle Home. If the source database is 11g or 12c, then this parameter is required. If the source database is 18c or above, then the impdp supports the object store. 
    #------------------------------------------#
# DB Parameters                            #
#------------------------------------------#
DB_CONSTRING=//host name/DB122H1
SYSTEM_DB_PASSWORD=mv2adb_encrypted_password
SCHEMAS=SCHEMA_1,SCHEMA_2,SCHEMA_3,SCHEMA_4
REMAP=TBS_1:DATA,TBS_1:DATA,TBS_3:DATA,TBS_4:DATA
DUMP_NAME=expdp.dmp
DUMP_PATH=/tmp
DUMP_FILES=/tmp/expdp_01.dmp,/tmp/expdp_02.dmp
OHOME=/u01/app/oracle/product/12.2.0.1/dbhome_1
ICHOME=/home/RC-SHARED/Software-Tools/Software/instantclient_18_3
  4. Enter the Oracle Data Pump export (Expdp), import (Impdp), and compression parameters.

    • ENC_PASSWORD: The Expdp and Impdp encrypted password. Use the password encrypted by mv2adb encpass.

    • ENC_TYPE: The Expdp and Impdp encryption type {AES128 | AES192 | AES256}. The default is AES128.

    • COMPRESSION: The Expdp compression type {ALL | DATA_ONLY | METADATA_ONLY | NONE}. The default is NONE. 
    ENC_PASSWORD=mv2adb_encrypted_password
ENC_TYPE=AES256 
COMPRESSION=ALL
  5. Enter the autonomous database properties.

    • ADB_NAME: Database name.

    • ADB Database admin password.

    • ADB_CORES: (Optional) skip auto check.

    • ADB_TARGET: (Optional) use with the advisor command {ADW|ATP|ATPD}.

    • ADB_CFILE: Name of the credential zip file.

    # ADB Properties #
#------------------------------------------#
ADB_NAME=myatp
ADB_PASSWORD=mv2adb_encrypted_password
ADB_CFILE=/opt/mv2adb/source/ATP_wallet.zip
  6. Enter the Oracle Cloud Infrastructure Object Storage properties.

    For the OCI_HOST, use swift, not object store. For the OCI_PASSWORD, use the encrpted authentication tokens password.

    • OCI_HOST: Swift URI format endpoint, mandatory if OCIC=false or is not defined.

    • OCI_NAMESPACE: Mandatory if OCIC=false or is not defined.

    • OCI_BUCKET: Name of the bucket.

    • OCI_ID: Oracle Database Backup Cloud Service account.

    • OCI_PASSWORD: Oracle Cloud Infrastructure auth token password. Use the password encrypted by mv2adb encpass.

    • PROXY_HOST, PROXY_PORT, PROXY_ID, and PROXY_PASSWORD: (Optional) If you use a proxy, then enter your proxy details. Use the password encrypted by mv2adb encpass. 

    # Object Store Properties                  #
#------------------------------------------#
OCI_HOST=https://swiftobjectstorage.us-phoenix-1.oraclecloud.com
OCI_NAMESPACE=NAMESPACE_NAME
OCI_BUCKET=BUCKET_NAME
OCI_ID=mail@example.com
OCI_PASSWORD=mv2adb_encrypted_password
PROXY_HOST=      
PROXY_PORT=     
PROXY_ID=       
PROXY_PASSWORD=
  7. Enter the Oracle Cloud Infrastructure client properties.

    • OCIC: (Optional). If true, then oci-client is used.

    • OCIC_SIZE: Split file size in Mb (Default: 128)

    • OCIC_PARALLEL: Parallel upload count (Default: 3)

    • OCIC_COMPART_ID: Oracle Cloud Infrastructure Object Storage Compartment (required with the commands list bucket and create bucket using the oci-cli command line.

    • OCI_ID: Oracle Database Backup Cloud Service account. 

    
#------------------------------------------#
# OCI-Client Properties #
#------------------------------------------#
OCIC=true
OCIC_SIZE=10
OCIC_PARALLEL=10
OCIC_COMPART_ID=ocid1.compartment.oc1..aaaaaaaaymakantllqnlcf5l73trwrdnl5wfc5ccxzbed7tuoyc4nnjj37yq
  8. Save the configuration file.

Verify Your Configuration and Setup

Verify and test the configuration between your source and target databases and your setup before creating the automatic database link.

  1. Test the Oracle Net Easy Connect descriptor to the on-premises database by using the parameter DB_CONSTRING in your DBNAME.mv2atp.cfg file.
    Required by the auto, expdp, impdp, and report operations. 
    $ sqlplus system@//sourcedb.example.com/SDB21.example.com
  2. Confirm that the Oracle Net wallet is stored in TNS_ADMIN on the on-premises database host.
    Required by the auto and export (expdp) operations.
  3. Test the Oracle Net Easy Connect descriptor to the autonomous in the cloud by using the parameter OC_DB_CONSTRING in your DBNAME.mv2atp.cfg file.
    Required by the auto and import (impdp) operations. 
    $ sqlplus system@//exacs_public_ip.example.com/TB01.example.com
  4. Create a directory on the on-premises database host. The directory must be large enough to store the Oracle Data Pump export dump files and an Oracle Cloud Infrastructure Object Storage bucket for the transfer of the dump files.
    Required by the expdp, getdump, and putdump operations.
  5. Confirm all of the Oracle Data Pump dump files (created at time of export) are added to the parameter DUMP_FILES in your DBNAME.mv2atp.cfg file.