Manage Database Backup and Recovery on Oracle Exadata Database Service on Dedicated Infrastructure

Learn how to work with the backup and recovery facilities provided by Oracle Exadata Database Service on Dedicated Infrastructure.

Oracle Recommended Options to Perform Backup and Recovery Operations

Oracle offers the following options for Oracle Database Backup and Recovery operations. These options are mutually exclusive.

Note

A hybrid configuration, that is, mixing the options is not supported. Mixing the options will break automation.

Option 1: Oracle Managed Backups

Oracle managed backups are entirely managed by Exadata Cloud Infrastructure (ExaDB-D) or Exadata Cloud@Customer (ExaDB-C@C) based on a one-time configuration. Besides being fully integrated into ExaDB-D or ExaDB-C@C cloud services Control Plane, these backups can also be accessed through OCI APIs. Oracle recommends this approach.

  • The dbaascli database backup and dbaascli database recover commands can be used in conjunction with the automated backups for certain operations. For more information, see dbaascli database backup and dbaascli database recover.
  • Customers are allowed to query RMAN views or issue RMAN restore and recovery commands, for example, table, datafile, or tablespace recovery commands.
    Note

    Do not use RMAN configuration to change any of the pre-tuned cloud RMAN settings.

Option 2: User Configured Backups

Customers can also configure backups from the host using the dbaascli database backup and dbaascli database recover commands. These backups, however, are not synchronized with the Control Plane nor are they integrated with the OCI APIs. Also, neither management nor lifecycle operations on these backups are supported from the service Control Plane console. Hence, this is not a recommended approach.

This approach is useful when direct access to Backup destinations is required to perform certain tasks. Accessing the OSS bucket, for example, to replicate backups across regions or monitor Backup Destinations.

If customers configure backups to Object Storage using RMAN without using the OCI Control Plane or OCI APIs, customers are responsible for manually configuring TDE Wallet backups. By default, Oracle cloud automation cleans up archive log files every 24 hours. When you use RMAN to perform manual backups, there is a risk of the archive logs being deleted. Refer to dbaascli database backup for information on how to configure the archive log cleanup. The recommendation is to use Oracle managed backups.

For more information, see User Configured Backup.

Option 3: Backups using RMAN

Backups can be directly taken using RMAN with customer-owned customized scripts. Oracle, however, does not recommend this approach.

It is not recommended to use RMAN backups in conjunction with Oracle Managed Backups or User Configured Backups.

Who can use this option:
  • Customers who want to maintain their existing RMAN backup/restore scripts.
  • Customers who want to configure backups from Standby database in Data Guard environments to offload the backup workload to Standby.

ExaDB-D:

If you plan to backup using RMAN, then you must unregister the database from backup automation. For more information, see Disabling Automatic Backups to Facilitate Manual Backup and Recovery Management.

Managing Exadata Database Backups

Automatic Exadata database backups are managed by Oracle Cloud Infrastructure. You configure this by using the Console or the API.

For unmanaged backups, see Managing Exadata Database Backups by Using dbaascli.

There are two destinations possible for automatic Exadata database backups: Autonomous Recovery Service, or Oracle Object Storage.

The Oracle-managed automatic backups feature is the preferred method for backing up Oracle Cloud databases because you can easily configure backup settings using the Console. The automatic backups feature supports Recovery Service and Object Storage as the backup destination to provide you with a fully automated cloud backup solution with the same cost. You do not need to perform any manual backups or backup storage administration tasks. You can also store backups in local storage. Each backup destination has its advantages and requirements that you should consider, as described below.

Recovery Service (Recommended)

A fully managed service based on the on-premises Oracle’s Zero Data Loss Recovery Appliance technology which offers modern cybersecurity protection for Oracle Databases. Unique, automated capabilities protect Oracle Database changes in real time, validate backups without production database overhead, and enable fast, predictable recovery to any point in time.

If your backups are currently configured with Object Storage, you can seamlessly transition to Recovery Service to achieve advanced capabilities with the same cost.

For more information on Recovery Service, see About Oracle Database Autonomous Recovery Service.

Object Storage

A secure, scalable, on-demand storage solution for databases.

Note

If you previously used dbaascli to configure backups and then you switch to using the Console or the API for backups:

  • A new backup configuration is created and associated with your database. This means that you can no longer rely on your previously configured unmanaged backups to protect your database.

Managed Backup Types and Usage Information

There are two types of automatic Exadata database backups: Autonomous Recovery Service, and Oracle Object Storage.

The database and infrastructure (the VM cluster or DB system) must be in an “Available” state for a backup operation to run successfully. Oracle recommends that you avoid performing actions that could interfere with availability (such as patching operations) while a backup operation is in progress. If an automatic backup operation fails, the Database service retries the operation during the next day’s backup window. If an on-demand full backup fails, you can try the operation again when the Exadata Cloud Infrastructure instance and database availability are restored.

When you enable the Automatic Backup feature, either service creates daily incremental backups of the database to the selected Backup Destination.

If you choose to enable automatic backups, you can control the retention period. The system automatically deletes backups when the assigned retention period is expired.

Object Storage Backup retention period: 7, 15, 30, 45, 60. Default: 30 days.

The automatic backup process starts at any time during your daily backup window. You can optionally specify a 2-hour scheduling window for your database during which the automatic backup process will begin. There are 12 scheduling windows to choose from, each starting on an even-numbered hour (for example, one window runs from 4:00-6:00 AM, and the next from 6:00-8:00 AM). Backups jobs do not necessarily complete within the scheduling window.

The default backup window of 00:00 to 06:00 in the time zone of the Exadata Cloud Infrastructure instance's region is assigned to your database if you do not specify a window. Note that the default backup scheduling window is six hours long, while the windows you specify are two hours long.

Autonomous Recovery Service protection policy:
  • Bronze :14 days
  • Silver: 35 days
  • Gold: 65 days
  • Platinum: 95 days
  • Custom defined by you
  • Default: Silver - 35 days

The automatic backup process starts at any time or within the assigned window.

Note

  • Data Guard: You can enable the Automatic Backup feature on a database with the standby role in a Data Guard association.
  • Backup Retention Changes: If you shorten your database's backup retention period or your protection policy in the future, existing backups falling outside the updated retention period are deleted by the system.
  • Backup Storage Costs: Automatic backups incur storage usage costs for either Autonomous Recovery Service or Object Storage depending on the backup destination selected.

You can create a full backup of your database at any time using either service.

When you terminate an Exadata Cloud Service instance database, all of its resources are deleted. Managed backups using the Object Storage destination will be deleted, and Managed backups using the Autonomous Recovery Service will be deleted according to the deletion option selected. Standalone backups created in Object Storage will remain after the database is terminated and must be manually deleted. You can use a standalone backup to create a new database.

To align with the Oracle recommended practice of using SYSBACKUP administrative privilege for Backup and Recovery operations, cloud automation creates a common administrative user C##DBLCMUSER with SYSBACKUP role at the CDB$ROOT container level. Backup and Recovery operations are therefore performed with the user having the least required privileges. Credentials for this user are randomly generated and securely managed by cloud automation. If the user is not found or is LOCKED and EXPIRED, then cloud automation will recreate or unlock this user during the backup or recovery operation. This change in the cloud automation is made starting with dbaastools version 21.4.1.1.0.

Default Backup Channel Allocation

The default settings for database backup channels when using "Oracle Managed Backup" or "User Configured Backup"

When a database is configured for backup using "Oracle Managed Backup" or "User Configured Backup", the tooling uses "default" for the backup channels. When default is used, dbaas will determine the number of channels to allocate at the time the backup or restore command is executed. The number of channels allocated is determined by the OCPU count of the node. The following table provides the values used and the OCPU range, both the OCPU and the channel values are per node. Restore operations are prioritized. The cluster-wide total channel count is the per node value multiplied by the number of nodes. The automation uses the SCAN to distribute RMAN channels across all nodes in the cluster.

OCPUs Per Node Formula Backup Channels Allocation Per Node Restore Channels Allocation Per Node
Less than or equal to 12 OCPU <= 12 2 4
Greater than 12 and less than or equal to 24 OCPU > 12 and OCPU <= 24 4 8
Greater than 24 OCPU > 24 8 16

If needed, a static per node value can be set by using the DBAASCLI getConfig/configure to generate a bckup cfg and setting the parameter bkup_channels_node to the number of channels per node desired.

Valid values are 1 - 32: The total channel count will be the value times the number of nodes. This value cannot exceed the limit of 255 channels. A value of default for bkup_channels_node sets OCPU channel based allocation.

Prerequisites for Backups on Exadata Cloud Infrastructure

Recovery Service

Ensure that your tenancy is configured to use Recovery Service.

Table 5-4 Review the prerequisite tasks before you use Recovery Service as the automatic backup destination

Task More Information Required or Optional

Create IAM policies

Policies to Enable Access to Recovery Service and Related Resources

Required

Configure network resources and register a Recovery Service subnet

Creating a Recovery Service Subnet in the Database VCN

Required

Create protection policies

Review Protection Policies for Database Backup Retention

Optional

For more information about Recovery Service, see Overview of Oracle Database Autonomous Recovery Service.

Object Storage

  • The Exadata Cloud Service instance requires access to the Oracle Cloud Infrastructure Object Storage. Oracle recommends using a service gateway with the VCN to enable this access. For more information, see Network Setup for Exadata Cloud Infrastructure Instances. In that topic, pay particular attention to:
  • An existing Object Storage bucket to use as the backup destination. You can use the Console or the Object Storage API to create the bucket. For more information, see Managing Buckets.
  • An auth token generated by Oracle Cloud Infrastructure. You can use the Console or the IAM API to generate the password. For more information, see Working with Auth Tokens.
  • The user name specified in the backup configuration file must have tenancy-level access to Object Storage. An easy way to do this is to add the user name to the Administrators group. However, that allows access to all of the cloud services. Instead, an administrator should create a policy like the following that limits access to only the required resources in Object Storage for backing up and restoring the database:
    Allow group <group_name> to manage objects in compartment <compartment_name> where target.bucket.name = '<bucket_name>'
    Allow group <group_name> to read buckets in compartment <compartment_name>

    For more information about adding a user to a group, see Managing Groups. For more information about policies, see Getting Started with Policies.

Using the Console to Manage Backups

You can use the Console to enable automatic incremental backups, create full backups on demand, and view the list of managed backups for a database. You can also use the Console to delete manual (on-demand) backups.

Note

  • All backups are encrypted with the same master key used for Transparent Data Encryption (TDE) wallet encryption.
  • Backups for a particular database are listed on the details page for that database. The Encryption Key column displays either Oracle-Managed Key or a key name if you are using your own encryption keys to protect the database. See Backing Up Vaults and Keys for more information.
Note

Do not delete any necessary encryption keys from the vault because this causes databases and backups protected by the key to become unavailable.

To configure automatic backups for a database

To create an on-demand backup of a database

To view backup status

To cancel a backup

To delete full backups from Object Storage

To delete standalone backups from Object Storage

  1. Open the navigation menu. Click Oracle Database, then click Standalone Backups under Resources.
  2. In the list of standalone backups, find the backup you want to use to delete.
  3. Click the Actions menu for the backup you are interested in, and then click Delete.
  4. In the Delete dialog, click Delete to confirm the backup deletion.

To designate Autonomous Recovery Service as a Backup Destination for an Existing Database

Recovering an Exadata Database from Backup Destination

This topic explains how to recover an Exadata database from a backup stored in either Object Storage or Autonomous Recovery Service by using the Console or the API.

  • Object Storage service is a secure, scalable, on-demand storage solution in Exadata Cloud Infrastructure.
  • OracleDatabase Autonomous Recovery Service is a centralized, fully managed, and standalone backup solution for Oracle Cloud Infrastructure (OCI) databases.

For more information about backing up your databases to Object Storage, see Managing Exadata Database Backups.

Using the Console to restore a database

You can use the Console to restore the database from a backup in a backup destination that was created by using the Console.

You can restore to:

  • Restore to latest
  • Restore to a timestamp
  • Restore to SCN
Note

The list of backups you see in the Console does not include any unmanaged backups (backups created directly by using dbaascli).

To restore a database

Managing Exadata Database Backups by Using dbaascli

You can use Exadata's backup utility, dbaascli, to back up databases on an Exadata Cloud Infrastructure instance to an existing bucket in the Oracle Object Storage service.

For backups managed by Oracle Cloud Infrastructure, see Managing Exadata Database Backups.

This topic explains how to:

  • Create a default backup configuration file and modify the parameters to match your requirements to backup the database to object storage service.
  • Associate the backup configuration file with a database. Once the configuration is successful, the database will be backed up as scheduled, or you can create an on-demand backup with a tag.
Note

You must update the cloud-specific tooling on all the compute nodes in your Exadata Cloud Infrastructure instance before performing the following procedures. For more information, see Patching and Updating an Exadata Cloud Infrastructure System Manually.

Default Backup Configuration

Oracle best practice guidelines for default backup configuration.

The default backup configuration follows a set of Oracle best-practice guidelines:

  • Encryption: All backups to Object storage are encrypted.
  • Compression for backups: LOW
  • Default compression for archive logs: false
  • RMAN Encryption Algorithm: AES256
  • Optimization for backups: ON

To get the default backup configuration for a freshly provisioned database

  1. SSH to one of the database configured nodes in the VM cluster or DB system resource.
  2. Log in as opc and then sudo to the root user.
  3. Use the dbaascli database backup --getConfig command to generate a file containing the default backup settings for the freshly provisioned database deployment.
    # dbaascli database backup --getConfig [--configFile <file_name>] --dbname <database_name>
    Where:
    • --getConfig - returns database backup configuration.
    • --configFile - specifies database backup configuration file.

To create a backup configuration file

Note

The following procedure must be performed on the first compute node in the Exadata Cloud Infrastructure VM cluster or DB system resource. To determine the first compute node, connect to any compute node as the grid user and execute the following command:
$ $ORACLE_HOME/bin/olsnodes -n

The first node has the number 1 listed beside the node name.

  1. SSH to one of the database configured nodes in the VM cluster or DB system resource.
    ssh -i <private_key_path> opc@<node_1_ip_address>
  2. Log in as opc and then sudo to the root user.
    login as: opc [opc@dbsys ~]
    $ sudo su -
  3. Use the dbaascli database backup --getConfig command to generate a file containing the current backup settings for the database deployment:
    # dbaascli database backup --getConfig [--configFile <file_name>] --dbname <database_name>
  4. Modify the parameters in the file to meet your requirements.
    Parameter Description
    bkup_disk=[yes|no] Whether to back up locally to disk (Fast Recovery Area).
    bkup_oss=[yes|no] Whether to back up to Object Storage. If yes, you must also provide the parameters bkup_oss_url, bkup_oss_user, bkup_oss_passwd, and bkup_oss_recovery_window.
    bkup_oss_url=<swift_url>

    Required if bkup_oss=yes.

    The Object Storage URL including the tenant and bucket you want to use. The URL is:

    https://swiftobjectstorage.<region_name>.oraclecloud.com/v1/<tenant>/<bucket>

    Where:

    • <tenant> - lowercase tenant name (even if it contains uppercase characters) that you specify when signing in to the Console
    • <bucket> - name of the existing bucket you want to use for backups.
    bkup_oss_user=<oci_user_name>

    Required if bkup_oss=yes.

    The user name for the Oracle Cloud Infrastructure user account. This is the user name you use to sign in to the Oracle Cloud Infrastructure Console.

    For example, jsmith@example.com for a local user or <identity_provider>/jsmith@example.com for a federated user.

    To determine which type of user you have, see the following topics:

    Note that the user must be a member of the Administrators group, as described in Prerequisites for Backups on Exadata Cloud Infrastructure.

    bkup_oss_passwd=<auth_token>

    Required if bkup_oss=yes.

    The auth token generated by using the Console or IAM API, as described in Prerequisites.

    This is not the password for the Oracle Cloud Infrastructure user.

    bkup_oss_recovery_window=n

    Required if bkup_oss=yes.

    The number of days for which backups and archived redo logs are maintained in the Object Storage bucket. Specify 7 to 90 days.

    bkup_daily_time=hh:mm The time at which the daily backup is scheduled, specified in hours and minutes (hh:mm), in 24-hour format.
    bkup_archlog_cron_entry=[yes|no] When no backups are configured using dbaastools, setting bkup_archlog_cron_entry=no will remove the archive log clean up job from crontab. The default value is “yes”.
    For example:
    bkup_oss=[yes|no]
    bkup_oss_url=<swift_url>
    bkup_oss_user=<oci_user_name>
    bkup_oss_passwd=<auth_token>
    bkup_oss_recovery_window=n
    bkup_daily_time=hh:mm
    bkup_archlog_cron_entry=[yes|no]
    bkup_cron_entry=[yes|no]
  5. Use the dbaascli database backup --configure to associate this backup configuration with a database name.
    # dbaascli database backup --configure --configFile <file_name> --dbname <database_name>
  6. Use the dbaascli database backup --status to check the status of UUID generated for this command.
    # dbaascli database backup --status --uuid <uuid> --dbname <database_name>
    Note

    A backup configuration file can contain the credentials to access the Object Storage bucket. For this reason, you might want to remove the file after successfully configuring the backup.

To create an on-demand backup

You can use the dbaascli to create an on-demand backup of a database.

  1. SSH to one of the database configured nodes in the VM cluster or DB system resource.
    ssh -i <private_key_path> opc@<node_1_ip_address>

    To determine the first compute node, connect to any compute node as the grid user and execute the following command:

    $ $ORACLE_HOME/bin/olsnodes -n

    The first node has the number 1 listed beside the node name.

  2. Log in as opc and then sudo to the root user.
    login as: opc [opc@dbsys ~]
    $ sudo su -
  3. You can let the backup follow the current retention policy, or you can create a long-term backup that persists until you delete it:
    • To create a backup that follows the current retention policy, enter the following command:
      # dbaascli database backup --start --dbname <database_name>
    • To create a long-term backup, enter the following command:
      # dbaascli database backup --start --archival --dbname --tag <archival_tag>
  4. Exit the root-user command shell and disconnect from the compute node:
    # exit
    $ exit
  5. Use the dbaascli database backup --status to check the status of UUID generated for the backup command
    # dbaascli database backup --status --uuid <uuid> --dbname <database_name>

To remove the backup configuration

  1. SSH to one of the database configured nodes in the VM cluster or DB system resource.
  2. Log in as opc and then sudo to the root user.
  3. Create a temp file with following parameters:
    • bkup_oss=no
    • bkup_cron_entry=no
    • bkup_archlog_cron_entry=no
  4. Use the above file with dbaascli database backup --configure to remove the backup configuration for a database.
    # dbaascli database backup --configure --configFile <file_name> --dbname <database_name>
  5. Use the dbaascli database backup --status to check the status of UUID generated for this command.
    # dbaascli database backup --status --uuid <uuid> --dbname <database_name>

This will disable all automatic backups.

To delete a backup in Object Storage

You can delete an archival or long-term backup from the Object Storage.

# dbaascli database backup --delete --backupTag --dbname <database_name>

Where:

  • --dbname - specifies Oracle Database name
  • --delete - deletes Archival backup.
  • --backupTag - specifies backup tag to delete.

Policy based backups are deleted with scheduled daily backups. Alternatively, you can use RMAN delete backup command to delete a backup from the Object store.

Using the API to Manage Backup and Recovery

Using the API to manage backups

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these API operations to manage database backups:

For the complete list of APIs for the Database service, see Database Service API.

Alternative Backup Methods

Learn about alternative backup methods that are available in addition to the OCI Console.

Backup for databases on Exadata Cloud Infrastructure can be accomplished through several methods in addition to the automatic backups configured in the console. Generally, the console (or the OCI API / CLI that correspond to it) is the preferred method as it provides the simplest and most automated method. In general, it is preferable to leverage the OCI Console, OCI API, or OCI command-line over alternative management methods. However, if required actions cannot be completed through the preferred methods, two other options are available to manually configure backups: dbaascli and Oracle Recovery Manager (RMAN).

Note

Use the dbaascli database backup, dbaascli pdb backup, dbaascli database recover, and dbaascli pdb recover commands to backup and recover container databases and pluggable databases. For more information, see User Configured Backup in Oracle Recommended Options to Perform Backup and Recovery Operations.

RMAN is the backup tool included with the Oracle Database. For information about using RMAN, see the Oracle Database Backup and Recovery User's Guide for Release 19. Using RMAN to back up databases on Exadata Cloud Infrastructure provides the most flexibility in terms of backup options, but also the most complexity.

Note

While using RMAN for restoring databases backed up through any method described herein is considered safe, RMAN should NEVER be used to set up backups in conjunction with either console (and OCI API / CLI), nor in conjunction with dbaascli. If you choose to orchestrate backups manually leveraging RMAN, you should not use either console automated backups, nor should you use dbaascli. You must first completely disable console based automated backups. For more information, see Disabling Automatic Backups to Facilitate Manual Backup and Recovery Management.

The dbaascli method offers a middle ground between RMAN and console automated backups in terms of flexibility and simplicity. Use dbaascli if needed functionality is not supported with console automated backups, but when you wish to avoid complexity of using RMAN directly. In certain cases, dbaascli can be used to modify the console automated backup configuration, but this is not generally the case. Generally, dbaascli must be used instead of enabling backups in the console.

Disabling Automatic Backups to Facilitate Manual Backup and Recovery Management

Backups, configured in the Exadata Cloud Infrastructure console, API or dbaascli work for a variety of backup and recovery use cases. If you require use cases not supported by the cloud-managed backups, then you can manage database backup and recovery manually, using the Oracle Recovery Manager (RMAN) utility. For information about using RMAN, see the Oracle Database Backup and Recovery User's Guide for Release 19.

Managing backup and recovery, using RMAN, on Exadata Cloud Infrastructure requires taking full ownership of both database and archive log backups, and the cloud-managed backups should no longer be used. Before manual backups are started, the cloud-managed backup functionality should be disabled. This is needed so the cloud backup jobs do not purge archive logs before they are manually backed up and do not conflict with the manual backups.

You can use the dbaascli utility to disable cloud-managed backups, including disabling the automatic archive log purge job.

Recovering a Database Using Oracle Recovery Manager (RMAN)

If you backed up your database using dbaascli, then you can manually restore that database backup by using the Oracle Recovery Manager (RMAN) utility. For information about using RMAN, see the Oracle Database Backup and Recovery User's Guide for Release 19.

Note

While recovering using RMAN is safe, you must not use RMAN to initiate backups or edit backup setting in conjunction with either dbaascli usage or in conjunction with automated console backups. Doing so could result in conflicting conditions or over-writes of settings, and backups may not execute successfully.