On-Premise Oracle database backup using Oracle OCI backup cloud service
Oracle Backup Cloud Service provides a secondary, off-site backup location in the cloud with practically unlimited capacity. The service also ensures that backups are encrypted and available when are needed. Off-site backup is traditionally accomplished by sending backups to tape and shipping them to a secure location. This is a complex task that requires hardware, personnel, and procedures to ensure off-site backups are current, validated, and available at a moment’s notice.
Database Administrators only use the familiar RMAN interface to perform backup and restore operations; no new tools or commands are needed.
Oracle Cloud Infrastructure Object Storage provides a great alternative to writing, shipping, and storing tapes at an off-site location which increases performance, redundancy, and security.
What is Oracle Database Backup Cloud Service?
Oracle Database Backup Cloud Service protects data by providing end-to end security. Data is encrypted at the source, securely transmitted to the cloud, and securely stored in encrypted format. The keys are stored on-site, not in the cloud.
All the backup data stored in the Oracle Database Backup Cloud Service is automatically and transparently replicated across multiple storage nodes in the same geographic region, which provides instant availability.
Oracle Database Backup Cloud Service is simple to deploy and easy to use. Subscribe to the service, install the cloud backup module, configure a few settings, and take your first backup to the cloud using familiar commands and tools.
Overview steps to backup On-Premise Oracle Database using Oracle OCI Backup Cloud Service
- Subscribe to the Oracle Database Backup Cloud Service.
- Download the Oracle Database Cloud Backup Module from
- Create OCI Object Storage to be used as a backup location.
- Install backup module on the systems where the Oracle database is running.
- Configure RMAN to use the installed Backup Module.
- Start performing backup operations to the cloud using familiar RMAN commands.
Detailed steps to backup On-Premise Oracle Database using Oracle OCI Backup Cloud Service
1. Subscribe to the Oracle Database Backup Cloud Service
You can subscribe to Oracle Database Backup Cloud Service at https://cloud.oracle.com/home or work with an Oracle representative.
2. Download the Oracle Database Cloud Backup Module
- You can download module from https://www.oracle.com/technetwork/database/availability/oracle-cloud-backup-2162729.html
- File opc_installer.zip will be downloaded, which is supported by all platforms.
- The Database Cloud Backup Module comes with two different Java installer modules:
- jar is the installer module to set up backups to OCI-C
- jar is the installer module to set up backups to OCI. This is the recommended approach for OCI.It uses a stronger key-based authentication scheme and will support future OCI features. It will be used in this blog.
3. Create OCI Object Storage to be used as a backup location
The Console is an easy-to-use, browser-based interface. In the sign-in page, you are prompted to enter your cloud tenant, your username, and your password. Once you connect, select the correct region.
To create the bucket or object storage:
1. Open the navigation menu. Under Core Infrastructure, click Object Storage
2. Choose the compartment for your new bucket. A list of existing buckets is displayed
3. Click “Create Bucket” button. In the Create Bucket dialog, enter the following:
- For Storage Tier, select Standard option
- For Encryption, select “ENCRYPT USING ORACLE-MANAGED KEYS”
- Optionally apply a Tag
Once you enter required info, click “Create Bucket”.
4. Install Database Cloud Backup Module
Before running the installer on your database system, you need to gather below information from your cloud account.
1. Tenancy OCID: You can find it by clicking on the Profile icon on the top right corner of the cloud console and selecting Tenancy: <your tenancy name>from the drop-down menu.
You will be taken to your tenancy detail information where you can find its OCID.
Copy the OCID string and save it in a temporary location for later use. The OCID string is similar to: ocid1.tenancy.oc1..aaaaaaaaj62uff362gve2deswibx3tgsgv2ng7nny7fwhz6ecnjdcupor3yq
2. Compartment OCID: For the compartment where your backup bucket is placed.
Compartment page can be reached by selecting Identity –> Compartments on the left side of the console menu.
Copy the OCID of the compartment and save the compartment OCID in a temporary location for later use.
3. Cloud User OCID: The user must have permission to manage bucket and objects in the compartment previously identified. You can find it by clicking on the Profile icon on the top right corner of the cloud console and selecting <username>, copy the OCID for the specific user and save it in a temporary location for later use.
4. Prepare your key pair for API signing in PEM format as described here
Save your private key file and copy your public key to the user management console page. You can do that by clicking on the Profile icon on the top right corner of the cloud console and selecting <username>. In “User Details” page, click “Add Public Key” button to add your public key.
Note key fingerprint and copy it in a temporary location for later use.
5. Identify the Object Storage API endpoint for the region your backups will be sent to. The endpoint format will be https://objectstorage.<region>.oraclecloud.com
Now run the installer using the parameters that you prepared in advance from above. Make sure JDK version 1.7 or later is installed on your system.
java -jar oci_install.jar -host <endpoint from #5>
-pvtKeyFile <local location of the file containing the private key in PEM format from #4>
-pubFingerPrint <public key fingerprint from #4>
-tOCID <tenancy OCID from #1>
-cOCID <compartment OCID from #2>
-uOCID <user OCID from #3>
-walletDir <directory where the installation will store the credential wallet>
-libDir <directory where the installation will store the SBT library>
-configfile <configuration file name created during installation>
-bucket <bucket name>
5. Configure RMAN to use the installed Backup Module
1. Configure RMAN SBT channel parameters to use Cloud Backup Module.
RMAN> CONFIGURE CHANNEL DEVICE TYPE SBT
2. Configure RMAN encryption for backups. This is enforced and mandatory when backing up On-Premise Databases. The RMAN set encryption clause in your RMAN run block will ensure that encryption is enabled.
RMAN> SET ENCRYPTION ON IDENTIFIED BY ‘<password>’ ONLY;
3. Use compression and parallelism to optimize data transfer when network bandwidth is limited, and CPU resources are available.
RMAN> CONFIGURE COMPRESSION ALGORITHM ‘MEDIUM’;
RMAN> CONFIGURE DEVICE TYPE sbt BACKUP TYPE TO COMPRESSED BACKUPSET
6. Backup database OCI object storage
Reference: Step-by-Step procedure to place On-Premise Database backup on Oracle Cloud (Doc ID 2225766.1)