In the last post, we have explored how to create a Oracle Database as a Service (DBaaS) in Oracle cloud. In this post, I will discuss about the methods of accessing the database service once it is created in Oracle cloud.
Accessing Cloud service (Virtual Server)
As part of the Oracle Database Cloud Service creation, Oracle deploys a virtual Linux server and creates the requested database in that server. We need to know the Virtual server IP to be able to access the server. Once, we know the IP address, we can access the server using the SSH private key that we had generated as part of the Prerequisites step.
To know the IP address, we need to navigate to the Service Console of Oracle Database Cloud Service and click on the respective service to find out the IP address as shown below.
Once, we click on the cloud database service, we can view the additional details like IP address, TNS connection details, etc.
Now, we have the IP address to access the cloud service (Virtual Server). We can connect to the server over SSH using the private key that we had generated in the prerequisites phase. In the following example, I am using Putty to connect to the cloud server.
Note: Make a note of other information like database port, connect string (specifically the database service name). We would need those information to connect to the database from public network (outside cloud).
Let’s login to the database server and take a quick look into the setup.
As we can see, the resources are allocated as per our selection during the service creation. Once we login to the database server, we can operate on it like the way we operate in a on premise database server.
If we need root access to the cloud database server, we need to login as “opc” user rather than “oracle” and run the root commands through sudo as shown below.
Connecting to the database
Now, let’s take a look at the options that we have to connect to the Oracle database created in the Oracle cloud as part of the service creation. Before, we can connect to the database, let’s create a user in the database for this demonstration.
---// create user in cloud database //---
[oracle@cloudserver1 ~]$ sqlplus
SQL*Plus: Release 220.127.116.11.0 Production on Sat Apr 9 16:16:25 2016
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Enter user-name: / as sysdba
Oracle Database 12c Enterprise Edition Release 18.104.22.168.0 - 64bit Production
With the Oracle Label Security option
SQL> alter session set container=MYPDB1;
SQL> create user myapp_user identified by myapp_user;
SQL> grant create session to myapp_user;
Oracle creates a number of Oracle Compute Cloud Service access rules (8 by default) when we create a Oracle Database Cloud service. These rules governs public access to the cloud database. By default only SSH access is enabled through public network and with the default setup, we can only connect to the cloud database over a SSH tunnel.
In order to access the Oracle cloud database using SQL*Net, we need to enable the ora_p2_dblistener network access rule from Oracle Compute Cloud Service console as shown below. This will unblock public access to listener port 1521 and we would be able to access the cloud database remotely from public network.
- Navigate to the Oracle Compute Cloud Service console
- From the Service console, move to the Network tab
- Locate the access rule (in our case ora_p2_dblistener) to be enabled
- Once the access rule is located, click on the Action Menu to update it’s status
- Enable the access rule (in our case ora_p2_dblistener) to allow access through public network
Now, we have enabled access to the Oracle cloud database through public network interface. We should be able to connect to the cloud database using SQL*Net at this point.
Let’s connect to the database using SQL Developer as shown below.
We would need following details to connect to the cloud database (these details were obtained earlier from the DBaaS console).
||Name of the user to connect to cloud database (myapp_user in our case)
||Password of the database user
||Use the IP address of the cloud service name|
||Listener port to connect to the database (1521 in our case)
||Database service name to connect to cloud database. (mypdb1.mycloudlab.oraclecloud.internal in our case)
As we can see the TEST connection was successful and SQL Developer would be able to connect to the cloud database.
We can also use the EZConnect method to connect to the cloud database as shown below.
We can alternatively create a local TNS entry for the cloud database and connect to the database using TNS alias as shown below.
##--- TNS Entry for cloud database ---##
(ADDRESS = (PROTOCOL = TCP)(HOST = XXX.XXX.XX.XX)(PORT = 1521)) ## Use cloud service IP for HOST
(SERVER = DEDICATED)
(SERVICE_NAME = mypdb1.mycloudlab.oraclecloud.internal)
As we can see, we are able to access the cloud database using SQL*Net protocol; once we enable the ora_p2_dblistener Compute Cloud Service access rule. Once, we are connected to the database we can carry out all the database operations based on the user’s access privilege.
In the next post, we will explore the methods available to monitor a Oracle Cloud Database Service. Till then stay tuned…