Tcps Connection to Oracle database from Gcp



#####################
GCP
#####################

1)  Open Firewall for all scan ip and Vip 


2)  Use latest version of  Oracle Driver . Use  following dependency in pom.xml 

<dependency>
        <groupId>com.oracle.database.jdbc</groupId> 
        <artifactId>ojdc9<//artifactId>
        <version>21.5.0.0</version>
</dependency> 


3)  The certificate is stored in Gcs bucket and it needs to be fetched programmatically in the microservice .

If we  use different bucket we need to upload same to storage bucket and name of certificate in code  in property file  plus in trust-store password in secret ORADB_EXACC_TRUSTSTORE_PWD 



Also add  the Jvm trust-store properties and the certificate name in application.yml file 

certificateName: 
projectId: 
storeBucketName : 
hhtpProtocols : 
enableAlgorithms : 
trustStoreType : 
trustStore: 
trustStorePassword: 


Code to fetch certificate from Gcs bucket to //tmp is added  to RepositoryConfiguraion class 


4)  Add Gcp storage dependency 

<dependency> 
        <groupId>com.google.cloud.</groupId>
        <artifactId>spring-cloud-gcp-starter-storage</artifactId>
        <version>3.1.0</version>
</dependency>


5)  Set Jvm system properties for the trust-store for  SSL connection  in Repository Configuration Class 


System.setproperty("java.net.ssl.trustStore",env.getProperty("truststore") ) ; 
System.setproperty("java.net.ssl.trustStorePassword",env.getProperty("truststorePassword") ) ; 
System.setproperty("java.net.ssl.trustStoreType",env.getProperty("truststoreType") ) ; 
System.setproperty("https.protocols",env.getProperty("httpProtocols") ) ;
System.setproperty("jdk.tls.client.protocols",env.getProperty("ClientProtocols") ) ;
System.setproperty("jdk.tls.enableAlgorithims",env.getProperty("enableAlgorithim") ) ;


6) Secret Manager Setup


7)   Some  projects are using consul service mesh for managing service communication and  traffic control . In our case  dev GKE cluster is already setup with consul configuration .

For enabling new service to use consul service mesh ,  setup following  at time of  deployment 

consul.hashicorp.com/connect-inject-status: injected 

consul.hashicorp.com/connect-service-port : 9000


8) Context Path setup 

For Consul service to service communication , the routes are setup based  on context paths for each microservices so we need the context path setup in each microservices   in application.yml file 

server : 
port : 
serlet : 
context-path : 





 

Comments

Post a Comment

Popular posts from this blog

How To Purge Optimizer Statistics Advisor Old Records From 12.2 Onwards (Doc ID 2660128.1)

  In this Document Goal Solution References APPLIES TO: Oracle Database - Enterprise Edition - Version 12.2.0.1 and later Oracle Cloud Infrastructure - Database Service - Version N/A and later Information in this document applies to any platform. GOAL Goal of this document is to provide the method to purge the old records of Optimizer Statistics Advisor Task namely AUTO_STATS_ADVISOR_TASK that consumes huge SYSAUX space. Huge no.of old records retained in WRI$_ADV_OBJECTS for AUTO_STATS_ADVISOR_TASK or INDIVIDUAL_STATS_ADVISOR_TASK incurs heavy SYSAUX space. AUTO_STATS_ADVISOR_TASK is meant for Automatic Statistics Advisor task while INDIVIDUAL_STATS_ADVISOR_TASK is for Manual Statistics Advisor task.  DBA_ADVISOR_PARAMETERS displays all advisor task parameters and their current values in the database. There is a parameter name called EXECUTION_DAYS_TO_EXPIRE. This parameter is set in no.of days. Executions older than the value(no.of days) set would be purged automaticall...
Read more

Oracle session snapper

-- use dbms_session.sleep instead of dbms_lock on oracle 18c or higher -- last column  is sid  -- scipt_name   stat_to_collect   secods_of_snap  how_many_snap   sessions_to_snap -- @snapper all 100 1 lgdr@* -- @snapper all 100 1 sqlid@* -- @snapper all 190 1 all -- @snapper all 190 1 584 -- @snapper all 30 3 584 -- @snapper all 5 1 869 -- @snapper all 30 1 584 -- @snapper ash 5 1 144 -- @snapper ash=sql_id+event+wait_class+blocking_session+p2+p3 5 1 144 -- @snapper ash 5 1 156 -- @snapper ash 190  1 all -- @snapper ash 5 1 all -- @snapper ash=sid+event+wait_class 5 1 all -- @snapper ash=sid+event+wait_class,ash1=plsql_object_id+plsql_subprogram_id+sql_id 5 1 all -- @snapper ash=sid+event+wait_class,ash1=plsql_object_id+plsql_subprogram_id+sql_id,ash2=program+module+action 5 1 all -- @snapper ash=event+wait_class,stats,gather=ts,tinclude=CPU,sinclude=parse 5 1 all -- @snapper ash=sid+event+wait_class,ash1=sid+sqlid+module,stats,gather...
Read more

Oracle Materialized View In-Depth and Materialized View refresh issues in 19c

   We    had  situation demanding  tuning of  MV  refresh and  options  like  TUNE_MVIEW  and Atomic_Refresh was explored . Hence  Documenting materialized view sample commands  and views in this  blog .     After migration if we are  facing slowness  in  Materialized View refresh , we can explore to re-create  Materialized View   Since  main topic for this blog   was MV issues  in 19c ,  posting that topic   first in line below  We also   have Real-Time Materialized Views  to explore .  To Note :  1) We can  create Mv  on ON PREBUILT TABLE  2) We can create Index on Mv  3) We can  gather stats on mv  just like other table .  4) Mv can be REFRESH_MODE ON COMMIT / REFRESH ON DEMAND. 5) Mv  REFRESH_METHOD can be  Complete / FAST or FORCE . A FORCE attempts a FAST...
Read more