top of page

將 TDE 加密的雲 ORACLE數據庫備份 利用Object Storage Replication還原到另一個 OCI 區域

文章撰寫:Jack Hsu / 奧登資訊技術顧問



介紹:

Oracle 雲數據庫的自動化備份功能確實方便,它允許用戶輕鬆地進行數據備份。備份存儲在 Oracle 管理的存儲桶中,這樣做的好處是簡化了備份的管理和存取,但這也意味著,如果需要將備份數據轉移到不同的主機或可用性域,可能需要額外的步驟來導出和導入數據。


要將數據庫恢復到另一個可用性域、OCI 區域或本地,則需要訪問備份文件所在的對象存儲桶。為此,您可以使用以下命令將自己的 RMAN 備份創建到用戶定義的對象存儲桶中:


要將 Oracle 數據庫的 RMAN 備份創建到用戶定義的對象存儲桶中,您可以使用 Oracle Recovery Manager (RMAN) 的 BACKUP 命令。


 環境:

Role

hostname

Unique name

DB name

IP

BackUp

lkkcdb01

SMC_nrt1j6

SMC

 

Restore

lkkcdb02

SMC_new

SMC

 

在 Oracle Cloud 中,在虛擬機上使用數據庫雲服務標準版,版本 19.12.0.0.0

對於新主機,我在Oracle Cloud中使用計算 DBCS,  版本 Oracle Database 19.16.0.0


用戶定義的名為SMCDB_Backup的標準對象存儲桶。

目標主機必須對備份所在的 Oracle Cloud 區域中的對象存儲具有網絡訪問權限。



第1步— 安裝Oracle 數據庫雲備份模組   

下載opc_installer.zip 文件並將其解壓縮到用戶定義的目錄中,例如 /home/oracle:

mkdir /home/oracle/lib ; cd /home/oracle/ ;unzip opc_installer.zip ; cd /home/oracle/opc_installer/opc_installer/

 SMCDB ENV: 

[oracle@lkkcdb01clone SMC_nrt1j6]$

java -jar opc_install.jar -opcId oracleidentitycloudservice/UCCU -opcPass '****************'

-container SMCDB_Backup -walletDir ~/hsbtwallet/ -libDir ~/lib/ -configfile ~/config

-host https://swiftobjectstorage.ap-tokyo-1.oraclecloud.com/v1/Monkey38

 

Oracle Database Cloud Backup Module Install Tool, build MAIN_2021-05-10

Oracle Database Cloud Backup Module credentials are valid.

Backups would be sent to container SMCDB_Backup.

Oracle Database Cloud Backup Module wallet created in directory /home/oracle/hsbtwallet.

Oracle Database Cloud Backup Module initialization    file      /home/oracle/config      created.

Downloading Oracle Database Cloud Backup Module Software Library from Oracle Cloud Infrastructure.

Download complete.

 

檢查配置文件:

[oracle@lkkcdb01 ~]$ cat /home/oracle/config

OPC_HOST=https://swiftobjectstorage.ap-tokyo-1.oraclecloud.com/v1/Monkey38

OPC_WALLET='LOCATION=file:/home/oracle/hsbtwallet CREDENTIAL_ALIAS=alias_opc'

OPC_CONTAINER=SMCDB_Backup

[oracle@lkkcdb01 ~]$


第2步— 創建手動 RMAN 備份

使用步驟 1 中的備份模組將 RMAN 備份創建到用戶定義的對象存儲桶中:

rman target /

RMAN> CONFIGURE CHANNEL DEVICE TYPE 'SBT_TAPE' PARMS 'SBT_LIBRARY=/home/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/home/oracle/config)';

RMAN> CONFIGURE DEFAULT DEVICE TYPE TO SBT_TAPE;

RMAN> CONFIGURE BACKUP OPTIMIZATION ON;

RMAN> CONFIGURE CONTROLFILE AUTOBACKUP ON;

RMAN> CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE SBT_TAPE TO '%F';

RMAN> CONFIGURE ENCRYPTION FOR DATABASE ON;

 

-- to backup all datafiles including the ones for pdb$seed

SQL> select file# from v$datafile ;

RMAN> run {

allocate channel c1 device type sbt PARMS 'SBT_LIBRARY=/home/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/home/oracle/config)';

backup database;

}

allocated channel: c1

channel c1: SID=168 device type=SBT_TAPE

channel c1: Oracle Database Backup Service Library VER=19.0.0.1

Starting backup at 18-JUL-22

channel c1: starting full datafile backup set

channel c1: specifying datafile(s) in backup set

input datafile file number=00001 name=+DATA/SMC_NRT1J6/DATAFILE/system.260.1110363249

input datafile file number=00003 name=+DATA/SMC_NRT1J6/DATAFILE/sysaux.261.1110363293

input datafile file number=00004 name=+DATA/SMC_NRT1J6/DATAFILE/undotbs1.262.1110363319

input datafile file number=00011 name=+DATA/SMC_NRT1J6/DATAFILE/users.273.1110364253

channel c1: starting piece 1 at 18-JUL-22

channel c1: finished piece 1 at 18-JUL-22

piece handle=0212tp2v_2_1_1 tag=TAG20220718T115615 comment=API Version 2.0,MMS Version 19.0.0.1

channel c1: backup set complete, elapsed time: 00:00:45

channel c1: starting full datafile backup set

channel c1: specifying datafile(s) in backup set

input datafile file number=00009 name=+DATA/SMC_NRT1J6/E412CC2C16A52B47E053BA00000A7C89/DATAFILE/sysaux.270.1110364277

input datafile file number=00008 name=+DATA/SMC_NRT1J6/E412CC2C16A52B47E053BA00000A7C89/DATAFILE/system.275.1110364265

input datafile file number=00010 name=+DATA/SMC_NRT1J6/E412CC2C16A52B47E053BA00000A7C89/DATAFILE/undotbs1.271.1110364285

input datafile file number=00012 name=+DATA/SMC_NRT1J6/E412CC2C16A52B47E053BA00000A7C89/DATAFILE/users.274.1110364253

channel c1: starting piece 1 at 18-JUL-22

channel c1: finished piece 1 at 18-JUL-22

piece handle=0312tp4d_3_1_1 tag=TAG20220718T115615 comment=API Version 2.0,MMS Version 19.0.0.1

channel c1: backup set complete, elapsed time: 00:00:25

channel c1: starting full datafile backup set

channel c1: specifying datafile(s) in backup set

input datafile file number=00006 name=+DATA/SMC_NRT1J6/DDF858C102660237E0536803640A5366/DATAFILE/sysaux.265.1110363409

input datafile file number=00005 name=+DATA/SMC_NRT1J6/DDF858C102660237E0536803640A5366/DATAFILE/system.264.1110363409

input datafile file number=00007 name=+DATA/SMC_NRT1J6/DDF858C102660237E0536803640A5366/DATAFILE/undotbs1.266.1110363409

channel c1: starting piece 1 at 18-JUL-22

channel c1: finished piece 1 at 18-JUL-22

piece handle=0412tp56_4_1_1 tag=TAG20220718T115615 comment=API Version 2.0,MMS Version 19.0.0.1

channel c1: backup set complete, elapsed time: 00:00:25

Finished backup at 18-JUL-22

 

Starting Control File and SPFILE Autobackup at 18-JUL-22

piece handle=c-3284396568-20220718-01 comment=API Version 2.0,MMS Version 19.0.0.1

Finished Control File and SPFILE Autobackup at 18-JUL-22

released channel: c1

RMAN>

run {

allocate channel c1 device type sbt PARMS 'SBT_LIBRARY=/home/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/home/oracle/config)';

backup archivelog all;

}

 

RMAN> 2> 3> 4>

allocated channel: c1

channel c1: SID=168 device type=SBT_TAPE

channel c1: Oracle Database Backup Service Library VER=19.0.0.1

 

Starting backup at 18-JUL-22

current log archived

channel c1: starting archived log backup set

channel c1: specifying archived log(s) in backup set

input archived log thread=1 sequence=1 RECID=1 STAMP=1110364173

input archived log thread=1 sequence=2 RECID=2 STAMP=1110369504

channel c1: starting piece 1 at 18-JUL-22

channel c1: finished piece 1 at 18-JUL-22

piece handle=0612tp70_6_1_1 tag=TAG20220718T115824 comment=API Version 2.0,MMS Version 19.0.0.1

channel c1: backup set complete, elapsed time: 00:00:25

Finished backup at 18-JUL-22

 

Starting Control File and SPFILE Autobackup at 18-JUL-22

piece handle=c-3284396568-20220718-02 comment=API Version 2.0,MMS Version 19.0.0.1

Finished Control File and SPFILE Autobackup at 18-JUL-22

released channel: c1

 

RMAN>


第3步— 將 TDE 錢包文件從雲端複製到目標主機 

將錢包文件複製到目標主機 

mkdir -p   /home/oracle/lkkcdb04/tdewallet/tde/

 

#cloud

scp -p    /opt/oracle/dcs/commonstore/wallets/tde/SMC_nrt1j6/*wallet.* \

oracle@10.0.0.101:/home/oracle/lkkcdb04/tdewallet/tde/      


第4步— 在目標主機上安裝 Oracle 數據庫雲備份模組

下載opc_installer.zip 文件並將其解壓縮到用戶定義的目錄中,例如 /home/oracle:

mkdir /home/oracle/hsbtwallet  /home/oracle/lib

cd    /home/oracle/

unzip opc_installer.zip

cd   /home/oracle/opc_installer/opc_installer/

 

#replace the values according to your environment

java -jar opc_install.jar -opcId 'sinan.petrus.toma@oracle.com' -opcPass '********' -container backup1911_bucket \

-walletDir ~/hsbtwallet/ -libDir ~/lib/ -configfile ~/config -host \

https://swiftobjectstorage.eu-frankfurt-1.oraclecloud.com/v1/oci_core_emea_od_kasher

 

Oracle Database Cloud Backup Module wallet created in directory /home/oracle/hsbtwallet.

Oracle Database Cloud Backup Module initialization file         /home/oracle/config       created.

Downloading Oracle Database Cloud Backup Module Software Library from file opc_linux64.zip.

Download complete.

 

第5步— 在目標主機上定義 TDE 錢包(wallet)位置

設置 TDE 錢包位置:oracle@10.0.0.101:/home/oracle/lkkcdb04/tdewallet/tde/

#set the environment variables

export ORACLE_SID=SMC

export ORACLE_HOME=/u01/app/oracle/product/19c/dbhome_1/

 

#create a dummy pfile with the following content:

vi /home/oracle/dummy.ora

db_name=SMC

wallet_root=/home/oracle/lkkcdb04/tdewallet/

tde_configuration='KEYSTORE_CONFIGURATION=FILE'

 

  alter system set wallet_root='/home/oracle/lkkcdb04/tdewallet/'  scope=spfile ;

  alter system set tde_configuration='KEYSTORE_CONFIGURATION=FILE'  scope=spfile ;

 

  alter system set WALLET_ROOT='/home/oracle/lkkcdb04/tdewallet/'  scope=spfile ;

   startup force  nomount;

 

  alter system set tde_configuration='KEYSTORE_CONFIGURATION=FILE'  scope=spfile ;

   startup force  nomount;

 

sqlplus / as sysdba,  Connected to an idle instance.

 

SQL> startup nomount pfile='/home/oracle/dummy.ora';

 ORACLE instance started.

第6步— 恢復 spfile

將 spifle 恢復為 pfile:

rman target /                 

 

RMAN> set dbid 3284396568  ;

 executing command: SET DBID

 

RMAN>

run {

  allocate channel c1 device type sbt PARMS 'SBT_LIBRARY=/home/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/home/oracle/config)';

  RESTORE SPFILE TO PFILE '/home/oracle/lkkcdb04/pfile.ora' FROM AUTOBACKUP;

}

 

n  Run …

RMAN>

run {

  allocate channel c1 device type sbt PARMS 'SBT_LIBRARY=/home/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/home/oracle/config)';

  RESTORE SPFILE TO PFILE '/home/oracle/lkkcdb04/pfile.ora' FROM AUTOBACKUP;

}

 

RMAN> 2> 3> 4>

using target database control file instead of recovery catalog

allocated channel: c1

channel c1: SID=13 device type=SBT_TAPE

channel c1: Oracle Database Backup Service Library VER=19.0.0.1

 

Starting restore at 19-JUL-22

 

channel c1: looking for AUTOBACKUP on day: 20220719

channel c1: AUTOBACKUP found: c-3284396568-20220719-01

channel c1: restoring spfile from AUTOBACKUP c-3284396568-20220719-01

channel c1: SPFILE restore from AUTOBACKUP complete

Finished restore at 19-JUL-22

released channel: c1

 

RMAN>

編輯 pfile.ora 以反映目標主機的目錄結構,更改控製文件、數據文件、恢復文件、在線重做日誌和審計文件的位置。

  #add the wallet_root and tde_configuration parameter

*.wallet_root=/home/oracle/lkkcdb04/tdewallet/

*.tde_configuration='KEYSTORE_CONFIGURATION=FILE'

從 pfile 創建 spfile 並重新啟動數據庫實例:

SQL> create spfile='/u01/app/oracle/product/19c/dbhome_1/dbs/spfileSMC.ora' from pfile='/home/oracle/lkkcdb04/pfile.ora';

 File created.

 

SQL> startup force nomount; 

Oracle instance started

 

第7步:恢復控製文件 controlfile

從 Cloud Object Storage 恢復 controle 文件並掛載數據庫:

RMAN>  set dbid 3284396568  ;                  

executing command: SET DBID

 

RMAN>  run {

   allocate channel c1 device type sbt PARMS 'SBT_LIBRARY=/home/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/home/oracle/config)';

  restore controlfile from autobackup;

} 

using target database control file instead of recovery catalog

allocated channel: c1

channel c1: SID=12 device type=SBT_TAPE

channel c1: Oracle Database Backup Service Library VER=19.0.0.1

 

Starting restore at 19-JUL-22

channel c1: looking for AUTOBACKUP on day: 20220719

channel c1: looking for AUTOBACKUP on day: 20220718

channel c1: AUTOBACKUP found: c-3284396568-20220718-02

channel c1: restoring control file from AUTOBACKUP c-3284396568-20220718-02

channel c1: control file restore from AUTOBACKUP complete

output file name=+RECO/SMC_NRT1J6/CONTROLFILE/current.264.1110449775

Finished restore at 19-JUL-22

released channel: c1

 

RMAN> alter database mount;

 Statement processed


第8步還原RESTORE 和 恢復recover 數據庫

從 Cloud Object Storage 還原和恢復數據庫文件並打開數據庫:


  • 8.1  還原 RESTORE 數據庫

RMAN>  run {

  allocate channel c1 device type sbt PARMS 'SBT_LIBRARY=/home/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/home/oracle/config)';

  RESTORE database;

}  RMAN> 2> 3> 4>

allocated channel: c1

channel c1: SID=330 device type=SBT_TAPE

channel c1: Oracle Database Backup Service Library VER=19.0.0.1

Starting restore at 19-JUL-22

Starting implicit crosscheck backup at 19-JUL-22

Crosschecked 1 objects

Finished implicit crosscheck backup at 19-JUL-22

Starting implicit crosscheck copy at 19-JUL-22

Finished implicit crosscheck copy at 19-JUL-22

searching for all files in the recovery area

cataloging files...cataloging done

List of Cataloged Files

=======================

File Name: +RECO/SMC_CHUNCHEON/ARCHIVELOG/2022_07_19/thread_1_seq_1.260.1110426165

new media label is "swiftobjectstorage....com/v1/nrvjhlhyjdwx/SMCDB_Backup_Chuncheon" for piece "0812vnig_8_1_1"

new media label is "swiftobjectstorage....com/v1/nrvjhlhyjdwx/SMCDB_Backup_Chuncheon" for piece "0a12vnkn_10_1_1"

new media label is "swiftobjectstorage....com/v1/nrvjhlhyjdwx/SMCDB_Backup_Chuncheon" for piece "0912vnjt_9_1_1"

channel c1: starting datafile backup set restore

channel c1: specifying datafile(s) to restore from backup set

channel c1: restoring datafile 00001 to +DATA/SMC_NRT1J6/DATAFILE/system.260.1110363249

channel c1: restoring datafile 00003 to +DATA/SMC_NRT1J6/DATAFILE/sysaux.261.1110363293

channel c1: restoring datafile 00004 to +DATA/SMC_NRT1J6/DATAFILE/undotbs1.262.1110363319

channel c1: restoring datafile 00011 to +DATA/SMC_NRT1J6/DATAFILE/users.273.1110364253

channel c1: reading from backup piece 0812vnig_8_1_1

channel c1: piece handle=0812vnig_8_1_1 tag=TAG20220719T054240

channel c1: restored backup piece 1

channel c1: restore complete, elapsed time: 00:00:25

channel c1: starting datafile backup set restore

channel c1: specifying datafile(s) to restore from backup set

channel c1: restoring datafile 00008 to +DATA/SMC_NRT1J6/E412CC2C16A52B47E053BA00000A7C89/DATAFILE/system.275.1110364265

channel c1: restoring datafile 00009 to +DATA/SMC_NRT1J6/E412CC2C16A52B47E053BA00000A7C89/DATAFILE/sysaux.270.1110364277

channel c1: restoring datafile 00010 to +DATA/SMC_NRT1J6/E412CC2C16A52B47E053BA00000A7C89/DATAFILE/undotbs1.271.1110364285

channel c1: restoring datafile 00012 to +DATA/SMC_NRT1J6/E412CC2C16A52B47E053BA00000A7C89/DATAFILE/users.274.1110364253

channel c1: reading from backup piece 0912vnjt_9_1_1

channel c1: piece handle=0912vnjt_9_1_1 tag=TAG20220719T054240

channel c1: restored backup piece 1

channel c1: restore complete, elapsed time: 00:00:15

channel c1: starting datafile backup set restore

channel c1: specifying datafile(s) to restore from backup set

channel c1: restoring datafile 00005 to +DATA/SMC_NRT1J6/DDF858C102660237E0536803640A5366/DATAFILE/system.264.1110363409

channel c1: restoring datafile 00006 to +DATA/SMC_NRT1J6/DDF858C102660237E0536803640A5366/DATAFILE/sysaux.265.1110363409

channel c1: restoring datafile 00007 to +DATA/SMC_NRT1J6/DDF858C102660237E0536803640A5366/DATAFILE/undotbs1.266.1110363409

channel c1: reading from backup piece 0a12vnkn_10_1_1

channel c1: piece handle=0a12vnkn_10_1_1 tag=TAG20220719T054240

channel c1: restored backup piece 1

channel c1: restore complete, elapsed time: 00:00:15

Finished restore at 19-JUL-22

released channel: c1


8.2  恢復recover 數據庫

RMAN>run {

  allocate channel c1 device type sbt PARMS 'SBT_LIBRARY=/home/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/home/oracle/config)';

  recover database until available redo;

}

 

RMAN>

allocated channel: c1

channel c1: SID=330 device type=SBT_TAPE

channel c1: Oracle Database Backup Service Library VER=19.0.0.1

Starting recover at 19-JUL-22

starting media recovery

new media label is "swiftobjectstorage....com/v1/nrvjhlhyjdwx/SMCDB_Backup_Chuncheon" for piece "0c12vnls_12_1_1"

channel c1: starting archived log restore to default destination

channel c1: restoring archived log

archived log thread=1 sequence=3

channel c1: reading from backup piece 0c12vnls_12_1_1

channel c1: piece handle=0c12vnls_12_1_1 tag=TAG20220719T054428

channel c1: restored backup piece 1

channel c1: restore complete, elapsed time: 00:00:07

archived log file name=+RECO/SMC_CHUNCHEON/ARCHIVELOG/2022_07_19/thread_1_seq_3.263.1110437883 thread=1 sequence=3

channel default: deleting archived log(s)

archived log file name=+RECO/SMC_CHUNCHEON/ARCHIVELOG/2022_07_19/thread_1_seq_3.263.1110437883 RECID=4 STAMP=1110437885

warning: attempt media recovery until thread 1, sequence 4

Finished recover at 19-JUL-22

released channel: c1

RMAN>

 

  • 8.3 打開(OPEN)數據庫:

RMAN> alter database open resetlogs;

 Statement processed


➤ 資料庫開啟成功




Comments


bottom of page