Categories
- All Categories
- 130 Oracle Analytics News
- 24 Oracle Analytics Videos
- 14.5K Oracle Analytics Forums
- 5.5K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 51 Oracle Analytics Trainings
- 8 Oracle Analytics Data Visualizations Challenge
- 4 Oracle Analytics Career
- 8 Oracle Analytics Industry
- Find Partners
- For Partners
OAC DR flexible Solution
Customer would like to have flexibility in DR solution.
ORD (P) - OACP and ADWP
ASH (NP/DR) -OACNP, ADWNP, OACDR and ADWDR
Is it possible to implement Sol1 and Sol2?
Sol1. OACP - ADWDR
Is it possible to create OACP-PAC on OACP Subnet and DNS Zone to ADWP and ADWDR-pac (custom private zone)?
Replace wallet.sso, host ADWDR-pac, port in console connection and update Data Connection to ADW.
Sol2. OACNP - ADWDR
- OACNP-PAC on OACNP Subnet and DNS Zone to ADWNP and ADWDR. (ADWNP and ADWDR are in different subnet)
- Deploy Bar and File Migration from object storage (daily backup)
- Delete and recreate vanity URL with OACP URL. Update DNS to OACNP IP *** Do we need vanity URL? Can we bypass and only use LB URL and change Backend set to IP of OACP/OACNP?
- Replace wallet.sso, host ADWDR, port in console connection and update Data Connection to ADW.
Sol3: OACDR - ADWDR
- Resume OACDR (same vanity URL as OACP)
- Deploy Bar and File Migration from object storage (daily backup)
- Replace wallet.sso, host ADWDR, port in console connection and update Data Connection to ADW.
- Change DNS A Record to OACDR IP
https://docs.oracle.com/en/cloud/paas/analytics-cloud/technicalpapers.html
Best Answers
-
Sol1. Reply:
Yes, it is possible.
As long as the target ADW (ADWP or ADWDR) is reachable to the respective OAC (OACP or OACDR) using the PAC (OACP-PAC or OACDR-PAC), you can replace the wallet.sso, hostname, port in the console connection, and update connection to the ADW.
Make sure you configure the OAC to reach the ADW using the DRG or LPG between the OAC Subnet and ADW Subnet in the same or remote OCI Regions.
2 -
Sol2. Reply:
If your ADWNP and ADWDR are in different Subnets of the same VCN:
1. OAC is in the same Region as ADW and the same VCN but a different Subnet of the ADW VCN, use Ingress Rules in the Security List or NSG and configure such that OAC is able to reach the ADWNP or ADWDR.
2. OAC is in the same Region as ADW but on a different VCN, configure Local Peering Gateway (LPG) between the ADW VCN (Subnets) and OAC VCN and set the Route Rules and Security Lists accordingly.
3. OAC and ADW are in different Regions, configure Dynamic Routing Gateway (DRG) between the ADW VCN (Subnets) and OAC VCN and set the Route Rules and Security Lists accordingly.
Taking daily backups of the Snapshot (BAR File) and Data File Migration and storing to Object Storage is up to your usage and can be done during Off Business time.
Also restoring the Snapshot and Data Files from Object Storage to the OACDR and OACNP daily is up to your use-case, we suggest restoring when you want to test the DR and NP environments or when the Disaster event occurs.
When there is a change in ADW connection details due to the restoration of the snapshot from OACP to OACNP and OACDR or due to a planned switchover to another ADW, restore the wallet.sso host, port details of the connection every time.
Create Vanity URL option available on the OAC page has a purpose for its availability.
Generally when we configure a Custom DNS name at the Load Balancer and configure any application's IP address as the backend to the Load Balancer -- It works.
But in the case of OAC it will not work as the Cloud Gate that exists between IDCS/IAM Domain and OAC doesn't understand the custom DNS Name set at Load Balancer and the hostname header and challenges the user a 401 UnAuthorized error even after a successful authentication by IDCS/IAM Domain.
Oracle OAC introduced the "Create Vality URL" option on the OAC page to configure and set the User's defined custom DNS name at the Cloud Gate so that the authentication goes through.
Also, you cannot create the same Vality URL for two OAC instances when both instances are in the same OCI region.
Answer for your Question:
You cannot bypass Vanity URL creation at OAC and use the OAC IP address as the backend to the Load Balancer with a Custom DNS name.
When you have OACP and OACNP in the same region, you cannot create the same Vanity URL at both OAC and map either of the OAC IP Addresses as a backend to the Load Balancer with the same Vanity URL DNS Name.
If you have the OACP and OACNP in two different OCI regions, you can create the same Vanity URL at both the OAC Instances and map either of the OAC Instance IP Addresses as the Backend to the Load Balancer with the same Vanity URL DNS Name. This is not suggested in terms of DR usage as the Load Balancer may be down if a Disaster even happens, so we suggest having two different Load Balancers in different regions and map the active (OAC or OAC's Load Balancer) IP address to the DNS name in the DNS Resolver.
3 -
Sol3. Reply:
Yes, you understood correctly.
When you have two OAC instances in different OCI regions for Disaster Recovery, OACP and OACDR.
Daily create Snapshot and Data File backup on OACP and store to the Object Storage.
Upload the Snapshot and Data files from the backup to OACDR and restore them periodically or when DR env test or when a Disaster event occurs.
The ADW connection details for OACDR changes from the OACP. When the Snapshot from OACP is restored on OACDR, it has the ADWP connection details, so we need to upload the ADWDR connection details by replacing the wallet.sso, host, port.
Since the Vanity URL is always created at the OACP and OACDR, as both are in different regions, map the OACDR IP Address to the DNS name in the DNS Resolver.
3