In this article I will tell you how to get up and running with the Oracle Database as a Service Cloud offering. How in 30 minutes of your own time – and up to one hour background processing time – you will have an Oracle Database 12c (18.104.22.168) instance running in the cloud, accessible via a public IP address, for example from your local SQL Developer. I thought this was going to be a fairly long story about many different steps you have to take. Choices to be made, settings to be set, complex commands to be executed. Instead, it can be quite a short story. It turns out to be really simple to get going with the Oracle DBaaS offering.
The basic steps you need to go through:
- (do: 5 minutes | then wait: days up to months) Get a [Trial] Subscription to the Oracle Database Cloud – Database as a Service – for your Oracle account (the same one you use for OTN and any other interaction with Oracle); an Oracle Database Public Cloud Services trial environment or purchased subscription comes with Oracle IaaS Public Cloud Services, which provides you access to Storage CS and Compute CS – both of which underpin the Database instance
- (do: 5 minutes) Associate the [trial] subscription with an existing or a new Oracle Public Cloud account (and thereby to an identity domain)
- (do: 5 minutes) Generate SSH keys
- (do: 5 minutes) Create Storage Container with the Storage Cloud Service
- (do: 10 minutes | then wait: 30 to 90 minutes) Complete a wizard to request provisioning of a Database Cloud Service Instance
- (do: 2 minutes) Access the newly created database instance – through cloud based web consoles
- (do: 5 minutes) Enable two network access security rules in the Compute Cloud Service Console to allow database access from for example a local SQL Developer environment via the Public IP address
- (do: 5 minutes) Access the new database instance from local SQL Developer (or JDeveloper or any other SQL*Net/OracleNet or JDBC over TCP/IP based tool)
My main guide through this process was an excellent tutorial from the Oracle Learning Library. Without any specific Oracle Public Cloud knowledge or any DBA experience, I was able to fairly quickly and smoothly follow the steps in the tutorial and get to a cloud based database instance.
I felt a little intimidated before I started: I feared that this would be a difficult process, that required thorough understanding of technical details at infrastructure level – I am really not a very technical person beyond the development level. I am not too comfortable with networking details, anything beyond very basic DBA stuff and cloud operations in general. As Carel Jan Engel put it: I am still more a GUI girl than a command line boy. It was with some trepidation therefore that I embarked on my little database cloud adventure. And as so often in life, it turned out way simpler than I had anticipated. Getting a database cloud service instance running and accessing it from my laptop as if it were running locally or somewhere in our office intranet was really very simple.
In fact, getting from zero to this cloud database instance was similarly involved as running my Vagrant and Puppet scripts to create and run a local VirtualBox virtual machine with Oracle Database 12c inside. It took about as long – probably a bit shorter when considering the time required to download the Oracle Database software to my laptop- and did not require any local machine resources (nor the setup of any tools or the creation/adaptation of Puppet scripts). Once created, this cloud database instance is constantly available – to me and to anyone I grant access. Anywhere in the world. And that is not any harder than getting a local database instance up and running. Wow. Not bad at all. Especially compared to the time project teams have to wait for new database instances in most organizations that I visit in my role as architect.
Some Action Details
I will not provide detailed instructions. The tutorial does an excellent job – so there really is no point in repeating those instructions. Maybe some comments:
Some of the terminology around the Oracle Public Cloud is visualized in the next figure. Associated with the Oracle Public Cloud account is an Identity Domain that resides in a specific data center. In this Identity Domain (under this account) multiple service subscriptions can exist and depending on the service, multiple instances can be created. DBaaS is a service to which the account has a subscription. This article describes the creation of an instance of that service. Additional users can be created in the identity domain with specific roles and access privileges assigned in the context of the services and instances in the identity domain. This is not further discussed in this article.
The Oracle Cloud Services Dashboard below shows – for my Oracle account – all service subscriptions in the selected identity domain lucasjellema. I have a number of other identity domains that I have been granted access too. The services in these domains are currently not shown.
In this case, I click on the Service Console link to go to an overview of the service instances of the Oracle Database Cloud Service.
This console is shown below. There no instances yet. As instructed in the tutorial, I click on the button Create Service. This takes me to the wizard for configuring a [request for a] database instance and starting the provisioning process.
Before I got here, I worked my way through two prior steps: generation (with PuttyGen.exe) of a public/private SSH key pair and the creation of a Storage Container on the Oracle Public Cloud Storage CS to serve as the backup destination. The creation of the storage container is done through two simple command line calls using the CURL utility to the REST API of the Storage CS. Instead of using a storage container as a decoupled backup location, it is also possible to use a local backup and omit the creation of the storage container altogether.
The database instance [provisioning request] wizard is fairly straightforward, especially on second or further usage. The most detailed interesting page in the wizard is shown below. Here you specify the key configuration details, including the compute shape, the initial storage, the SYS and SYSTEM password , the SID and the Backup Destination. You also provide the public key of the SSH Key Pair; this will allow us to perform direct interactions to the OS running the database instance, for example from the local command line, through an SSL tunnel.
After pressing Next on this page and Create on the confirmation page, the request to provision this database instance is submitted and processed in the background. Presumably, a compute node is provisioned with Oracle Linux on it, probably the Oracle Database software, and subsequently the database configuration wizard is run.
The progress can be checked in the Service Console:
It took some 40 minutes before the status of this instance changed from in progress to available, as shown in the next screenshot
Here is the detail overview of the MyJCSDB instance – including the public IP address and other configuration details:
After the database instance has been provisioned, this is what happened inside the Oracle Public Cloud identity domain. A compute node was created automatically on the Compute Cloud Service, along with a number of storage volumes (not shown) for operating system, database software, data files, redo logs, etc. The shape – OC3 – is derived from the setting specified in the wizard. At compute node level, network interaction including SSL tunnels and public port access are handled; in order to be able to access the database over TCP/IP or HTTP from outside the Oracle Public Cloud’s identity domain, we need to configure rules in the Security Lust of the compute node.
The database instance has been configured to use the MyDBContainer storage container for backup.
Multiple database instances can be created in the DBaaS Service, just as more compute nodes and storage containers can be provisioned.
Access to Database Instance via Web Consoles
At this point, a number of consoles are available to access and administrate the database instance. However, before these can be accessed outside of an SSH tunnel, the required ports need to be opened up.
Network rules governing access to the database via specific ports and protocols are managed at the compute node level. Instructions are provided in the tutorial to enable some network rules that allow access to port 1521, the port used by SQL*Net, and therefore SQL Developer and to port 443, the port used for HTTPS connections to the instance, including the DBaaS Monitor.
The Network tab in the Service Console for the Compute Cloud where the network security rules are managed is shown below:
With the rules enabled, we can access for example the DBaaS Monitor console. Oracle DBaaS Monitor provides monitoring and management of the Oracle Database RDBMS and listener on an Oracle Database Cloud – Database as a Service instance, see documentation for details.
When you click on the Open DBaaS Monitor Console option in the menu, you will be prompted with an authentication dialog. The username to use is dbaas_monitor. For the password, use the password that was specified (for SYS/SYSTEM) when your database instance was created.
Here is the first overview shown when the DBaaS Monitor opens:
See this section of the tutorial for more details on DBaaS Monitor.
The initial login to APEX can be a little tricky. The Workspace to use is INTERNAL. The username is ADMIN. For the password, use the password that was specified (for SYS/SYSTEM) when your database instance was created.
This is the instance administration page that will be show after you login:
Access to Database Instance from SQL Developer
One of the Network Security Rules enabled on the Compute Cloud node is for port 1521, the port used for SQL*Net access. Because we have enabled that rule and therefore this port, we can create a very simple and direct connection from SQL Developer to the DBaaS instance.
Simply create a new database connection in SQL Developer – just like you would for a local database – specifying the connection details for the DBaaS instance – such as username and password and more importantly public IP address and SID:
The DBA view shows the two PDBs that are created in this database instance:
To create a SQL Developer connection into the HR schema in the DEMOS PDB, we need to use the service name for that PDB instead of the SID for the (container) database. We can find the service name in the DBaaS Monitor console:
The service name for the PDB is: demos.lucasjellema.oraclecloud.internal
The SQL Developer connection can be configured like this:
and after connecting, this is what the navigator shows:
Documentation for the Oracle DB as a Service: http://docs.oracle.com/cloud/latest/dbcs_dbaas/index.html
Tutorial Getting Started with Oracle Java Cloud Service – the first steps of this excellent tutorial cover the path to Creating an Oracle Database Cloud – Database as a Service Instance
Details on configuration options- such as version, edition, compute shapes and backup: https://docs.oracle.com/cloud/latest/dbcs_dbaas/CSDBI/GUID-660363B8-0E2F-4A4F-A9BD-70A43F332A16.htm#CSDBI3321.