1 Introduction to Installing and Upgrading Oracle Key Vault
Installing Oracle Key Vault entails ensuring that the environment meets the necessary requirements before you begin the installation and configuration.
- About Oracle Key Vault Installation and Upgrade
Oracle Key Vault is a software appliance that is delivered as an ISO image. - Oracle Key Vault Deployment Options
You can deploy Oracle Key Vault in a standalone, multi-master, or primary-standby mode. - Privileges Required for Performing Oracle Key Vault Installations and Upgrades
Oracle Key Vault requires users to have specific privileges to perform installations and upgrades. - Oracle Key Vault Pre-Installation Checklist
The pre-installation checklist covers all the requirements to successfully install Key Vault.
1.1 About Oracle Key Vault Installation and Upgrade
Oracle Key Vault is a software appliance that is delivered as an ISO image.
The software appliance consists of a pre-configured operating system, an Oracle database, and the Oracle Key Vault application. You can install Oracle Key Vault onto its own dedicated server, as a VM guest into your virtualization platform, or as a compute instance in your OCI tenancy. See the Oracle Cloud Marketplace at https://cloudmarketplace.oracle.com/marketplace/app/OracleKeyVault.
In this release, you can follow either of these upgrade paths:
- Oracle Key Vault release 18.x to the current release, Oracle Key Vault release 21.4, which is a major upgrade
- Oracle Key Vault release 21.x (for example, 21.2) to the current release, Oracle Key Vault 21.4, which is a minor upgrade
Before you begin the installation or upgrade process for Oracle Key Vault, check the Oracle Key Vault Release Notes for any known issues that you should be aware of.
1.2 Oracle Key Vault Deployment Options
You can deploy Oracle Key Vault in a standalone, multi-master, or primary-standby mode.
- A standalone deployment is simplest to deploy. However, it does not provide continuous availability of the key service in the event an Oracle Key Vault server becomes unavailable. When you first install Oracle Key Vault, it is in a standalone environment. From there, you can configure Oracle Key Vault to be either in a multi-master cluster configuration or a primary-standby configuration. Oracle recommends that you extend the OKV installation to a multi-master cluster with at least two nodes (one read/write pair).
- A multi-master cluster configuration allows for up to 16 nodes (an Oracle Key Vault server that has been converted to be a member of an Oracle Key Vault multi-master cluster) and is recommended for deployments requiring high availability. This is the recommended deployment for many reasons, such as data compatibility between nodes, fault tolerance, zero data loss, no passive machines in the system, scalability, and maintenance.
- A primary-standby configuration enables the deployment of a second Oracle Key Vault server as a passive standby to an active primary server. If a primary server becomes unavailable, then the standby server becomes the new primary Oracle Key Vault server to service read and write requests from the endpoints. This is the high availability mode that was introduced in Oracle Key Vault release 12.2.
Related Topics
1.3 Privileges Required for Performing Oracle Key Vault Installations and Upgrades
Oracle Key Vault requires users to have specific privileges to perform installations and upgrades.
You should have the following privileges:
- Ability to perform Oracle Database administrative tasks, such as executing the
ALTER SYSTEM
statement - Privileges to log in to the Oracle Software Delivery Cloud portal
- The
root
privilege for the server where you will perform the installation or upgrade - For performing upgrades, in addition to the preceding privileges, you must have the Oracle Key Vault System Administrator role
1.4 Oracle Key Vault Pre-Installation Checklist
The pre-installation checklist covers all the requirements to successfully install Key Vault.
Table 1-1 Oracle Key Vault Pre-Installation Checklist
Item# | Check | Task |
---|---|---|
1. [ x ] |
New changes or issues that you should be aware of |
|
2. [ x ] |
System requirements |
Confirm that you have enough CPU, memory, and disk as described in System Requirements. |
3. [ x ] |
Open all the required network ports in your firewall |
For details on network ports, see Network Port Requirements. |
4. [ x ] |
Supported endpoint platforms |
|
5. [ x ] |
Set the |
Guidance for setting this parameter for Oracle Database 11.2.0.0 or later is in Supported Endpoint Platforms. |
6. [ x ] |
Get a fixed IP address, network mask, and gateway address from your network administrator. |
You will need this information for Step 7 in Installing the Oracle Key Vault Appliance Software |