Migrate Ellucian Banner ERP, Degree Works, and Databases to Oracle Cloud
When a West Virginia-based university wanted to modernize its student services and campus operations, it turned to managed service provider Tharseo IT for help.
After migrating the university's Ellucian Banner 9X ERP, five Banner databases, and a Degree Works 5X application from an on-campus data center to Oracle Cloud Infrastructure (OCI), Tharseo also helped the university deploy a predictive analytics engine to monitor its systems, a disaster recovery region to improve business continuity, and a virtualized on-demand server infrastructure to help allocate resources across multiple systems based on the changing needs of students, faculty, and staff.
After analyzing the university’s on-premises environment, Oracle provided a sizing recommendation based on peak traffic on the university's application workloads. To minimize risk and to ensure a successful transition, the university partnered with Tharseo IT to help migrate:
- Ellucian Banner 9x ERP to OCI, including modules for students, HR, financial aid,and others
- Banner Workflow and Banner Document Management
- Four tiers of Banner database instances, including one for production, two for staging, and an auxiliary instance for development
- Degree Works 5X to help students and their advisers to evaluate academic progress towards completion of student degrees
- Dozens of third-party systems interfaces
Improving and preserving business continuity were among the university's top priorities for this cloud migration. Tharseo helped this student research institution to:
- Set up a disaster recovery region using Rackware and provide database replicas for failover
- Configure Oracle Data Guard to quickly restore data
- Retain and archive data using Oracle Cloud Infrastructure Object Storage
Architecture
Depending on the modules and components a university decides to implement, there are multiple ways to deploy Ellucian Banner in the cloud.
After the modules and components are selected, the rest of the architecture decisions are based on the university's specific requirements for infrastructure, security, and availability.
The modules and components within the Banner ERP application run on virtual instances. The first component is the Banner Administrator, which is used to manage financial, student, and human resource information, and is only accessed by university faculty and staff. For security purposes, Banner Administrator is only accessible by using a private IP Address in a private subnet from within the university campus network, or through a site-to-site VPN tunnel to the dynamic routing gateway (DRG) and into the virtual cloud network (VCN). The second component is the Self Service Banner (SSB), which is accessed by students, faculty, and staff, and used for managing grades, class curricula, transcripts, schedules, student rosters, facility work orders, benefits, earnings, and budgets. For this deployment, the university chose to make SSB accessible from within the campus network only. Access to Banner must first traverse through the university campus network, then through the site-to-site VPN, and finally into the virtual cloud network (VCN). An on-premises load balancer on the campus network is used for traffic management and distribution.
Degree Works is a separate application that the university uses to plan coursework and to run degree audits. Degree Works is accessed by students for degree auditing through the same channels as SSB. Degree Works integrates with Banner through batch jobs and database links, and pulls data from the Banner database.
To submit batch jobs, a virtual instance uses a batch processing daemon that communicates by using DBMS_PIPES or Advanced Queuing (AQ). Faculty and staff submit requests for reports that the job submission virtual instance executes.
The following diagram illustrates the architecture:
tharseo-it-oci-architecture-oracle.zip
Two environments are created, one for production (Prod) and another for test and development (Non-Prod). The application tiers are separated into two subnets. A single subnet is used for the database tier that consists of both Prod and Non-Prod databases.
Oracle Base Database Service stores the data generated by all banner components. Multiple databases are deployed to support Banner: the Banner DB, data warehouse DB (DW), and Degree Works DB. Oracle Cloud Infrastructure File Storage is used to store application configuration data. Oracle Cloud Infrastructure Object Storage is used to store backups.
There are additional supporting virtual machines that are deployed to support Banner such as Ethos API and Events Publisher.
For disaster recovery, an active-passive configuration is deployed. Using Rackware, the application tier for Prod is staged to the OCI Region in Phoenix, which is connected by remote peering. Standby databases are deployed into Phoenix with Data Guard replicating the database data.
To monitor the environment, the university has deployed tools from the Oracle Cloud Observability and Management Platform including Database Management and Oracle Cloud Infrastructure Monitoring.
Tharseo is working with the university to continue to modernize the infrastructure for Banner and take advantage of cloud-native services to increase availability, security, and monitoring. On the roadmap for Tharseo and the university are the following:
- High availability: The university is exploring options to use OCI load balancers to provide higher availability
- Security: The university is exploring OCI security tools such as OCI security zones, Oracle Cloud Guard, Oracle Cloud Infrastructure Vulnerability Scanning Service, Oracle Cloud Infrastructure Web Application Firewall (WAF), and Transparent Data Encryption (TDE). Isolating the portion of the application for faculty and staff will provide and additional layer of security. Isolating the test databases into their own subnet will also provide and additional layer of security.
- End-to-end visibility: Using additional features of the Oracle Cloud Observability and Management Platform will allow the university to gain additional insight into the performance of the Banner ERP application.
The following diagram illustrates the future architecture:
Description of the illustration tharseo-it-oci-future.png
tharseo-it-oci-future-oracle.zip
The architecture has the following components:
- Tenancy
A tenancy is a secure and isolated partition that Oracle sets up within Oracle Cloud when you sign up for Oracle Cloud Infrastructure. You can create, organize, and administer your resources in Oracle Cloud within your tenancy. A tenancy is synonymous with a company or organization. Usually, a company will have a single tenancy and reflect its organizational structure within that tenancy. A single tenancy is usually associated with a single subscription, and a single subscription usually only has one tenancy.
- Region
An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Availability domain
Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.
- Virtual cloud network (VCN) and subnets
A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
- Route table
Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.
- Security list
For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
- Site-to-Site VPN
Site-to-Site VPN provides IPSec VPN connectivity between your on-premises network and VCNs in Oracle Cloud Infrastructure. The IPSec protocol suite encrypts IP traffic before the packets are transferred from the source to the destination and decrypts the traffic when it arrives.
- Internet gateway
The internet gateway allows traffic between the public subnets in a VCN and the public internet.
- Dynamic routing gateway (DRG)
The DRG is a virtual router that provides a path for private network traffic between VCNs in the same region, between a VCN and a network outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or a network in another cloud provider.
- Service gateway
The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.
- Remote peering
Remote peering allows the VCNs' resources to communicate using private IP addresses without routing the traffic over the internet or through your on-premises network. Remote peering eliminates the need for an internet gateway and public IP addresses for the instances that need to communicate with another VCN in a different region.
- Compute
The Oracle Cloud Infrastructure Compute service enables you to provision and manage compute hosts in the cloud. You can launch compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage. After creating a compute instance, you can access it securely, restart it, attach and detach volumes, and terminate it when you no longer need it.
- Object storage
Object storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can seamlessly scale storage without experiencing any degradation in performance or service reliability. Use standard storage for "hot" storage that you need to access quickly, immediately, and frequently. Use archive storage for "cold" storage that you retain for long periods of time and seldom or rarely access.
- File storage
The Oracle Cloud Infrastructure File Storage service provides a durable, scalable, secure, enterprise-grade network file system. You can connect to a File Storage service file system from any bare metal, virtual machine, or container instance in a VCN. You can also access a file system from outside the VCN by using Oracle Cloud Infrastructure FastConnect and IPSec VPN.
- Data Guard
Oracle Data Guard provides a comprehensive set of services that create, maintain, manage, and monitor one or more standby databases to enable production Oracle databases to remain available without interruption. Oracle Data Guard maintains these standby databases as copies of the production database. Then, if the production database becomes unavailable because of a planned or an unplanned outage, Oracle Data Guard can switch any standby database to the production role, minimizing the downtime associated with the outage.
- Oracle Base Database Service
Oracle Base Database Service is an is an Oracle Cloud Infrastructure (OCI) database service that enables you to build, scale, and manage full-featured Oracle databases on virtual machines. A VM database system uses OCI Block Volumes storage instead of local storage and can run Oracle Real Application Clusters (Oracle RAC) to improve availability.
- Monitoring
Oracle Cloud Infrastructure Monitoring service actively and passively monitors your cloud resources using metrics to monitor resources and alarms to notify you when these metrics meet alarm-specified triggers.
- Database Management
Database Management Cloud Service provides DBAs with a unified console for on-premises and cloud databases with lifecycle database management capabilities for monitoring, performance management, tuning, and administration. Use advanced database fleet diagnostics and tuning to troubleshoot issues and optimize performance. Optimize SQL with real-time SQL monitoring and simplify database configurations.
Get Featured in Built and Deployed
Want to show off what you built on Oracle Cloud Infrastructure? Care to share your lessons learned, best practices, and reference architectures with our global community of cloud architects? Let us help you get started.
- Download the template (PPTX)
Illustrate your own reference architecture by dragging and dropping the icons into the sample wireframe.
- Watch the architecture tutorial
Get step by step instructions on how to create a reference architecture.
- Submit your diagram
Send us an email with your diagram. Our cloud architects will review your diagram and contact you to discuss your architecture.
Explore More
Learn more about the features of this architecture and about related architectures.