A few hours ago Oracle published a blog post about the new version Oracle 21c. See Introducing Oracle Database 21c. It is again an innovation release with a couple of interesting new features and enhancements. The online Oracle Documentation library does provide a few information on this enhancements:
- Oracle Database 21c What’s New
- Oracle® Database Learning Database New Features 21c
- Oracle Database 21c Books
The study of documentation and blog posts is always interesting. But it gets much more exciting when you can do first hands-on with the new release. Thanks to the Oracle Cloud this is easily possible. With a few clicks in OCI you can create a DB system with Oracle 21c. Then nothing else standing in the way to test new features all night long.
Requirements
Unfortunately it is not possible to get Oracle 21c as Always Free Version. At least I did not find a way to do so. My workmate Philipp Salvisberg pointed out to me that it is indeed possible to create an Allways Free 21c ATP DB. You just have to be in the right OCI region. Any way, since I do like to test a few infrastructure feature like DB Nest, Kerberos, EUS etc I any way have to setup a DB System rather than an Oracle Autonomous Database. In order to finally get started, a few prerequisites must be met:.
- An Oracle Account and active OCI Tenant
- A few OCI credits
- Compartment where you plan to deploy your DB system
- A VCN for you DB System.
VCN
Usually create my VCN’s with Terraform. That means I create my VCNs usually with a bastion host, a public and a private network. For this I use my Terraform OCI modules which are available in the Terraform registry. See tvdlab-base, tvdlab-bastion or tvdlab-vcn. A blog post is still on my todo list 😊. For setting up the Oracle 21c DB system I assume that a corresponding VCN is available.
I’ll use the following information for my setup
- Compartment DB21C
- VCN db21c00
DB System
To setup the 21c database go to the main page and select Bare Metal, VM, and Exadata in the menu.
Create a DB System by pressing the corresponding blue button. Do not be surprised. On the following picture you can already see a 21c DB system.
Compared to Oracle 20c preview it does not matter if you choose Bare Metal or Virtual Machine. 21c is available for both environments. This also applies to the storage management software. I do select a Virtual Machine with the Logical Volume Manager.
As I do only use the DB System for simple feature test and engineering I keep the size to the minimum. As Oracle software I choose the Enterprise Edition. Other editions including Standard Edition are also possible.
Add you public SSH key(s) to be able to access the DB system later on via SSH. Depending on your OS you can use putty or ssh-keygen
for this. Since I do work on a Mac I’ll create the pair of keys with ssh-keygen
.
Finalise the system configuration by selecting your VCN and a corresponding subnet. In my case it is the VCN db21c00 and the private subnet db21c00 private.
After pressing next you come to the second page of the DB System wizard, where we configure the DB itself.
Choose a fancy name for your DB or like me just TDB21c. By the default you see, that the Database Image 19c is selected. You can change it and select 21c.
Finish the DB System wizard by selecting Create DB System.
It will take now a while until you Oracle 21c Database is ready to use. A good moment to crab a cup of coffee or write a blog post 😉. I’ll do this now as well and finish this post in a couple of minutes…
My 21C DB system is finished in the meantime and can be used.
Since I did create the VM in a private subnet, it is not possible to directly access the DB from the internet. I do have to connect using the bastion host. Either via SSH or for SQL Developer using SSH port forwarding.
Enclosed an example to connect to the new DB system via bastion host using SSH proxy command. In this example I do us the following SSH parameters:
- -A does enables forwarding of the authentication agent connection
- -J is used to specify the proxy host used to initiate the connection. In my case the bastion host.
- db21c is the alias hostname for the public IP of my bastion host
- deadalus is the hostname for my DB system
- opc is the user used to connect to the different compute instances. you can also connect directly to the oracle user, if you put the public keys in the
.ssh/authorized_keys
file of user oracle.
soe@gaia:~/ [ic19300] ssh -A -J opc@db21 opc@deadalus Last login: Wed Dec 9 05:35:20 2020 from 10.0.0.2 [opc@deadalus ~]$ sudo su - oracle Last login: Wed Dec 9 05:36:22 UTC 2020 from 10.0.0.2 on pts/0 [oracle@deadalus ~]$ sqlplus / as sysdba SQL*Plus: Release 21.0.0.0.0 - Production on Wed Dec 9 05:42:38 2020 Version 21.1.0.0.0 Copyright (c) 1982, 2020, Oracle. All rights reserved. Connected to: Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.1.0.0.0 SQL>
Alternatively, you can do SSH port forwarding for port 1521 and connect directly to the database with SQL Developer.
soe@gaia:~/ [ic19300] ssh -A opc@db21 -L 1521:deadalus:1521 Last login: Wed Dec 9 05:33:00 2020 from yyy.yyy.yyy.yyy -------------------------------------------------------------------- - - Welcome to the bastion / jump host for the OCI environment - hostname : db21c - Public IP : xxx.xxx.xxx.xxx - Guacamole Console : http://secret - Guacamole Admin : <USER> - Guacamole Password: <PASSWORD> [opc@db21c-bastion00 ~]$
If you don’t want to deal with command line and SSH commands, then with newer versions of SQL Developer you can set up a connection directly via SSH port forwarding. Select SSH from the View menu and create a new SSH connection. The following details must be added:
- Name: Name of your SSH connection
- Host: Public IP of your bastion host
- Username: Usually just opc
- Key File: The private key file matching the public key used above
- Name: Name of you SSH port forwarding rule
- Host: Private IP address of the DB system
- Port: The TCP Port configured on the DB system usually just 1521
- Local Port: Use an automatically assigned local port, then you do not have to bother if it is already in use
The SSH host can now be used to configure the DB connection. You only have to select the connection type SSH.
Conclusion
In OCI you can create a new engineering system for Oracle 21c relatively quickly. With the Bastion host I have chosen a more complex but secure method. The separation of the subnets into private and public network does offer me the flexibility to test a few Features which requires additional infrastructure components. e.g. Centrally Managed Users CMU or Enterprise User Security EUS, which both require additional services such as Oracle Unified Directory or MS Active Directory. Running everything via public IP is rather a bad idea. Any way, following this approach you now have Oracle 21c Database. I wish you happy engineering.
References
- Oracle Blog Post Introducing Oracle Database 21c
- Oracle 21c Documentation Library Books
- Oracle Database 21c What’s New
- Oracle® Database Learning Database New Features 21c
- OCI white paper Bastion Hosts – Protected Access for Virtual Cloud Networks
- Oracle A-Team Blog SSH tunnel to a private VM using a Bastion host in OCI
- Martin Berger Blog Oracle Cloud Infrastructure and SSH Keys – Jump!
- Trivadis Terraform Modules in the Terraform Registry