How to connect DBCS in Private Subnet in OIC

Most of the customers in today’s world use Integrations to Integrate between multiple applications.

In this article, we’ll be discussing on Integrating OIC with Database Cloud Service (DBCS).

In the modern cloud world, customers are afraid of the security and visibility of their databases.

Hence, for most of the customers Cloud providers (viz., Oracle, who has a DB of it’s own) suggest to have Database in Private Subnet i.e., which doesn’t have a Public IP to be accessible from outside world directly.

In such cases, cloud providers suggest the approach of having Jump Server in forefront, which will have a public IP using which we can connect to Database in Private Subnet.

Database Cloud Service is a Customer Managed variant of Oracle Database, where infra will be managed by Oracle and the underlying Database will be managed by Customer i.e., patches will be provided by Oracle and customer can choose on which patch to apply, customer can scale up the Database Storage based on the need, can change the Virtual Machine shape on which Database will be installed.

Below is the architecture of DBCS on Private Subnet

DBCS in Private Subnet architecture

In this article, I’ll explain on how to connect to your Database Cloud Service.

Prerequisites:

1. Create VCN, with Public (Bastion/Jump Server) & Private (DBCS) subnets along with Routing Tables (with Routing Rules in it), Security Lists & Internet Gateway in your VCN.
2. Create a Bastion/Jump Server with desired VM configuration on your VCN Public Subnet created in Step1.
3. Need to have Internet Gateway in your Route Table (which is in the Subnet on which you Bastion is running).
4. Need to have egress rule for 0.0.0.0/0 for all protocols (so that it can download and install all required software via yum install)

Steps to connect to DBCS in Private Subnet from OIC:

Steps to perform in OIC Console:

1. Create AgentGroup in OIC (Login to OIC Console, goto Integrations →Agents →Click on Create AgentGroup on top right corner, provide all required details and save).
2. Download the Agent zip file (On the Agents page in OIC console, beside “Create AgentGroup”, there is a download button. Click on it to download Connectivity Agent).

Steps to perform on Bastion VM:

1. Connect to your Bastion VM (Linux) via winscp and copy the agent.zip file.
2. Login to Bastion Linux VM and sudo su — (so that you’ll be logged in as root user, as you need root user to perform installations).
3. yum list jdk*
4. Select the Java version you need, for OIC Agent it is advisable to use jdk 11. Hence, run the command “sudo yum install jdk-11.0.9.x86_64”
5. Then check if java is installed successfully or not by running “java -version”
6. Set JAVA_HOME — -> export JAVA_HOME=’/usr/java/jdk-11.0.9'
7. Set PATH — -> export PATH=$JAVA_HOME/bin:$PATH
8. Unzip the OIC Agent zip file “unzip oic_conn_agent_installer.zip”
9. Update the InstallerProfile.cfg, by updating values in
10. OIC_URL = oic_url:443
11. Agent_group_identifier = agent group created in OIC.
12. Run the agent in the background by running the command “ nohup java -jar connectivityagent.jar”
13. Create DB connection in OIC, by providing Private IP of Database → Host, 1521 → Port and Servicename along with Security policy as Username & Password. In username provided dbcs username as sysdba i.e., if your dbcs username is sys then give username as ‘sys as sysdba’ and in password provide your dbcs password, Save & Test.

NOTE: Please follow this blog, to see how to fetch Service Name for DBCS and Private IP of the database.

NOTE: Object storage in the architecture is for storing Database backup, which I’ll explain in another article.