1. Deploy a hybrid DR topology for an on-premises database
  2. Set Up the On-Premises and OCI Configuration

Set Up the On-Premises and OCI Configuration

Configure the on-premises and Oracle Cloud Infrastructure (OCI) instances for failover from on-premises to the cloud.

Verify the Primary Database Configuration

The following prerequisites must be met before instantiating the standby database on Oracle Cloud Infrastructure (OCI).

  1. Configure the name resolution to the OCI VM DB system.
    Use either a static file, such as /etc/hosts, or configure the on-premises DNS to properly resolve the public IP address of the OCI instance.
  2. Configure the on-premises firewall to allow SSH and Oracle Net access from the on-premises system to the VM DB system.
  3. Configure the primary database listener port to be open with restricted access from the cloud IP addresses, using features like iptables, according to your network security policies.
    Because Oracle Data Guard in a DR situation requires access from the cloud instance to the on-premises database, the primary database listener port must be opened with restricted access from the cloud IP addresses. The network administrator will need to perform operations similar to the cloud-side network configuration.
  4. Verify promptless SSH is configured from the standby database to the on-premises machine.
    This is configured both for on-premises to the cloud during the provisioning process and from the cloud to on-premises.
  5. Configure the on-premises firewall to allow inbound SSH connectivity from the VM DB to the on-premises machine.
  6. The Oracle Home for the on-premises database must be the same Oracle patch set as the standby database.
    If the OCI environment is on a different bundle patch level, and the on-premise database is on a different bundle patch or PSU, it is recommended to patch the source environment to the same database bundle patch level as the database home in the cloud environment.
    Use the command $ORACLE_HOME/OPatch/opatch lspatches to check the one-off patches installed on both the on-premises and OCI environments.
  7. The on-premises primary database is not already part of an existing Oracle Data Guard Broker configuration.
    If there is an existing broker configuration for the on-premises database, then add the new standby database to the existing broker configuration. 
    SQL> select decode(count(1),0,'NOCONFIG') from v$DG_BROKER_CONFIG;
    The output with a value other than NOCONFIG implies that there is an existing broker configuration.

Test the Connectivity Between On-Premises and OCI

Test the connectivity between the on-premises database and the VM DB system on Oracle Cloud Infrastructure (OCI).

  1. List the ports that are open in the on-premises instance. If port 1521 isn't open, then add the port to the list.
    # firewall-cmd --list-ports
    If the port is added, then the output will be similar to the following:
    1521/tcp
  2. If port 1521 is not in the list, then log in as root and add port 1521. Restart the firewall, check the status, then list the ports again.
    [root@bastion tmp]# firewall-cmd --add-port=1521/tcp --permanent

[root@bastion tmp]# systemctl restart firewalld
[root@bastion tmp]# systemctl status firewalld

[root@bastion tmp]# firewall-cmd --list-ports --permanent
  3. From the on-premises system, verify that the listener is the default listener named LISTENER.
    $lsnrctl show current_listener | grep Current Listener
    The output should be similar to Output: Current Listener is LISTENER
  4. From the on-premises system, verify that the listener port is 1521.
    $lsnrctl status| grep 'Connecting to'  
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=(1521)))
  5. From the on-premises system, telnet to the standby database instance using port 1521.
    [root@onpremise1 ~]# telnet standby_database_IP_address 1521
  6. From the on-premises system, use the TNS Ping utility to ping the standby database instance.
    [oracle@bastion dbhome_1]$ tnsping standby_database_host_IP_address
  7. From the on-premises system, ping the standby database instance.
    [oracle@bastion dbhome_1]$ ping standby_database_host_IP_address
  8. From the VM DB system, telnet to the on-premises database instance using port 1521.
    [root@onpremise1 ~]# telnet on-premises_database_IP_address 1521
  9. From the VM DB system in the cloud, use the TNS Ping utility to ping the on-premises database instance.
    [oracle@drdb opc]$ tnsping on-premises database host IP address
  10. From the VM DB system, ping the on-premises database instance.
    [oracle@drdb opc]$ ping on-premises database host IP address
All three connectivity methods should work between the on-premises and VM DB system in the cloud.