In this article I will give a short overview of some Backup & Recovery features in the new Oracle 23ai database. Meanwhile there are more than 300 new features in Oracle 23ai most of them reflecting artificial intelligence. I will focus here on pure Backup & Recovery enhancements.
Creating Immutable Backups Using RMAN
It is now possible to store immutable backups with the Oracle Database Cloud Backup Module for Oracle Cloud Infrastructure (OCI) which enables to configure backups suchlike, that they cannot be altered or deleted for a specific period, which helps to follow any compliance and data protection rules. Immutable backups will prevent anyone, even administrators to delete or modify backups in OCI Object Storage.
Here’s a step-by-step example to set up immutable backups using RMAN and the Oracle Database Cloud Backup Module for OCI:
You have to download and install the Oracle Database Cloud Backup Module on your database server whith following options: You can specify the -bucket parameter (and the name of an existing bucket or a new immutable bucket that you have created in OCI) otherwise the default bucket created by the installer will be used.
java -jar oci_install.jar -host https://objectstorage.<region>.oraclecloud.com -pdb1 <password> -opcId "<tenancy-namespace>/<bucket-name>" -opcPassFile <path-to-opc-pass-file> -libDir <path-to-lib-dir>
In RMAN you have to configure your SBT channel that way, that it will use the Oracle Database Cloud Backup Module. Now you can create a backup, e.g immutable for 30 days:
- KEEP UNTIL TIME ‘SYSDATE+30’: specifies that the backup is retained and immutable for 30 days.
- IMMUTABLE: marks the backup as immutable.
A backup-script (like following example) can be used:
RMAN> connect target /
RMAN> CONFIGURE CHANNEL DEVICE TYPE sbt PARMS 'SBT_LIBRARY=/opt/oracle/lib/libopc.so, SBT_PARMS=(OPC_PFILE=/opt/oracle/opc/ocipassfile)';
BACKUP AS BACKUPSET DATABASE KEEP UNTIL TIME 'SYSDATE+30' IMMUTABLE;
RMAN> LIST BACKUP OF DATABASE SUMMARY;
You should ensure,that the backup status is AVAILABLE und and the backupset includes the KEEP UNTIL date.
That OCI backups work appropiatley you have to take into consideration, that
- OCI Object Storage bucket has Object Lock enabled to support immutability.
- The IMMUTABLE keyword is used for specifying that the backup should not be altered or deleted within the specified retention.
- OCI Object Storage policy and IAM settings must allow creating immutable objects.
RMAN Backup Encryption Algorithm Now Defaults to AES256
From Oracle 23ai on RMAN encrypted backups default to AES256 encryption algorithm.
For backward compatibility existing backups created with previous encryption settings remain accessible. However, new backups will use AES256 unless explicitly configured otherwise. In other words, restore is supported by using existing backupsets AES128 or AES192 encryption algorithms and by changing your default settings you can still create backups with AES128 encryption.
With AES256 encryption you will get enhanced security using a stronger encryption standard and achieving industry standards and compliance regulations for sensitive data.
The default encryption using AES256 can be easily invoked out-of-the-box:
RMAN> SET ENCRYPTION ON IDENTIFIED BY 'your_password';
RMAN> BACKUP DATABASE;
Oracle Globally Distributed Database Coordinated Backup and Restore Enhancements
Additionally Oracle 23c AI Database includes several enhancements to globally distributed database coordinated backup and restore operations, aiming to improve efficiency, consistency, and reliability in multi-datacenter environments. Here are some key enhancements:
Unified Backup Management can simplify the management of backups across globally distributed databases by providing a centralized framework to coordinate backup operations. This ensures that backups are synchronized and consistent across all sites. It can be programmed via DBMS_BACKUP_RESTORE:
-- Example SQL script to configure unified backup policy
-- Define global backup policy
BEGIN
DBMS_BACKUP_RESTORE.SET_GLOBAL_POLICY(
policy_name => 'GlobalBackupPolicy',
backup_schedule => 'FULL EVERY SUNDAY 2:00 AM UTC, INCREMENTAL DAILY 2:00 AM UTC',
retention_period => 30,
encryption_algorithm => 'AES256'
);
END;
/
-- Apply global backup policy to all distributed databases
BEGIN
DBMS_BACKUP_RESTORE.APPLY_GLOBAL_POLICY(
policy_name => 'GlobalBackupPolicy',
target_databases => 'NYC_DB, LDN_DB, TOKYO_DB'
);
END;
/
Global Backup Policies: You can now define global backup policies that apply uniformly across all distributed databases. This standardization helps in maintaining consistency and compliance with organizational policies. It can be set up like:
BEGIN
DBMS_BACKUP_RESTORE.CONFIGURE_GLOBAL_SETTING(
setting_name => 'RETENTION_POLICY',
setting_value => 'RECOVERY WINDOW OF 30 DAYS'
);
DBMS_BACKUP_RESTORE.CONFIGURE_GLOBAL_SETTING(
setting_name => 'BACKUP_OPTIMIZATION',
setting_value => 'ON'
);
DBMS_BACKUP_RESTORE.CONFIGURE_GLOBAL_SETTING(
setting_name => 'ENCRYPTION_ALGORITHM',
setting_value => 'AES256'
);
DBMS_BACKUP_RESTORE.CONFIGURE_GLOBAL_SETTING(
setting_name => 'ENCRYPTION_PASSWORD',
setting_value => 'your_encryption_password'
);
END;
/
Consistent Point-in-Time Recovery ensures that all databases in a distributed environment can be restored to the same point in time, maintaining data consistency across different geographic locations (in my opinion not really new, it is managed via known RMAN-scripts for restore & recover).
Cross-Site Transaction Coordination enhances the coordination of transactions across distributed databases to ensure that backup and restore operations capture a consistent state of the entire database system, it can be done via Oracle Global Data Services (GDS):
-- Connect to the GDS catalog database
sqlplus / as sysdba
-- Create the GDS catalog
BEGIN
DBMS_GDS.CREATE_GDS_CATALOG();
END;
/
-- Add databases to the GDS pool
BEGIN
DBMS_GDS.ADD_GDS_DATABASE(
db_unique_name => 'NYC_DB',
connect_string => 'NYC_DB_CONN_STRING',
region => 'AMERICAS'
);
DBMS_GDS.ADD_GDS_DATABASE(
db_unique_name => 'LDN_DB',
connect_string => 'LDN_DB_CONN_STRING',
region => 'EMEA'
);
DBMS_GDS.ADD_GDS_DATABASE(
db_unique_name => 'TOKYO_DB',
connect_string => 'TOKYO_DB_CONN_STRING',
region => 'APAC'
);
END;
/
-- On each database (NYC_DB, LDN_DB, TOKYO_DB)
sqlplus / as sysdba
-- Enable distributed transactions
ALTER SYSTEM SET distributed_transactions = 10 SCOPE = BOTH;
-- Configure the global_names parameter
ALTER SYSTEM SET global_names = TRUE SCOPE = BOTH;
-- Set the commit point strength
ALTER SYSTEM SET commit_point_strength = <value> SCOPE = BOTH;
-- Configure Oracle Net for distributed transactions (update tnsnames.ora and listener.ora as necessary)
-- Create database links to enable cross-site communication
-- Begin the distributed transaction
SET TRANSACTION READ WRITE;
...
-- Commit the transaction
COMMIT;
Parallel Backup Streams support parallel backup streams to expedite the backup process, making it faster and more efficient, especially for large databases spread across multiple sites. You just have to configure RMAn-channels like in previous releases but in Oracle 23ai Adaptive Parallelism is used. By setting a higher level of parallelism (e.g., 8), Oracle 23ai can dynamically adjust the number of active channels based on real-time system performance and workload, rather than strictly adhering to the configured number.
Automated Restore Coordination automates the coordination of restore operations across multiple databases, ensuring that all parts of the distributed database are restored in a synchronized manner, it will be invoked with:
-- Enable automated restore coordination
CONFIGURE RESTORE COORDINATION ON;
-- Automated restore coordination across distributed databases
RESTORE DATABASE FROM SERVICE 'NYC_DB' USING CHANNEL c1;
RESTORE DATABASE FROM SERVICE 'LDN_DB' USING CHANNEL c2;
RESTORE DATABASE FROM SERVICE 'TOKYO_DB' USING CHANNEL c3;
-- Recover database
RECOVER DATABASE;
Resilient Backup Infrastructure enhancements to the backup infrastructure to handle network disruptions and other issues that may arise in a globally distributed environment, ensuring that backups are resilient and reliable. Oracle Database 23ai enhances the resilience of backup infrastructure by integrating features like Data Guard for high availability, Fast Recovery Area for automated backup management, and RMAN duplication for redundant data copies.
RMAN Operational Enhancements
Automatic Block Repair During Backup: Oracle 23ai enhances RMAN’s capability to automatically detect and repair corrupt blocks during backup operations.
RMAN> BACKUP DATABASE PLUS ARCHIVELOG CHECK READONLY;
Improved Block Corruption Detection: Oracle 23ai has enhanced algorithms for faster and more accurate detection of block corruption during backup and restore operations and the some structures are used for Enhanced Backup Validation: RMAN has now faster and more efficient methods to validate backups and ensure data integrity.
Simplified Database Migration Across Platforms Using RMAN
Oracle Database 23ai includes RMAN-enhancements which simplify the process of migrating databases across different platforms. This feature is particularly useful when transitioning databases between heterogeneous environments, ensuring minimal downtime and efficient migration. New command options allow existing RMAN backups to be used to transport tablespaces or pluggable databases to a new destination database with minimal downtime. With the example below you can easily migrate from e.g. Linux to Windows or vice versa:
-- Connect RMAN to both source and target databases
CONNECT TARGET sys@PROD_DB
CONNECT AUXILIARY sys@TARGET_DB
-- Configure cross-platform migration settings
SET NEWNAME FOR DATABASE TO '/path/to/new/PROD_DB';
-- Start migration process
DUPLICATE TARGET DATABASE TO TARGET_DB
FROM ACTIVE DATABASE
SPFILE
PARAMETER_VALUE_CONVERT 'db_unique_name=PROD_DB','db_unique_name=TARGET_DB'
SET db_file_name_convert='/prod_data/','/target_data/'
SET log_file_name_convert='/prod_redo/','/target_redo/';
-- Check the migration progress
SHOW DUPLICATE SUMMARY;
-- Validate the migrated database
VALIDATE DATABASE;