Oracle GoldenGate Veridata – How To Configure Using Secured Shell (SSH) Tunneling Protocol

Introduction

This document will walk you through how to configure Oracle GoldenGate Veridata with Secured Shell (SSH) tunneling protocol in a Linux environment.

Main Article

The example configuration in this document was done using 3 separate servers. A Veridata server (veridata-ole), a second server acting as a database source server (db-source-ole) running Veridata agent locally, and a third server acting as a database target server (db-target-ole) running Veridata agent locally.

Prerequisites

 

Veridata Server (veridata-ole)

Software and Platform Requirements:

  • 64 bit Redhat/OEL x86 Linux
  • Java v6 or above
  • Oracle 11g or above database for Veridata Repository
  • SSH Server / Daemon
  • Oracle GoldenGate Veridata Server 11.2.x for Linux-x86

Veridata Agent – Source Server (db-source-ole)

Software and Platform Requirements:

  • 64 bit Redhat/OEL x86 Linux
  • Java v6 or above
  • SSH Server / Daemon
  • Oracle GoldenGate Veridata Server 11.2.x for Linux-x86

Veridata Agent – Target Server (db-target-ole)

Software and Platform Requirements:

  • 64 bit Redhat/OEL x86 Linux
  • Java v6 or above
  • SSH Server / Daemon
  • Oracle GoldenGate Veridata Server 11.2.x for Linux-x86

Veridata SSH Tunneling Architecture

 

The Oracle GoldenGate Veridata SSH Tunneling Architecture

veridata_sh_01

Veridata SSH Configuration Steps & Procedure

1. Veridata Agent – Source Server

Check if SSH daemon is up and running by doing one of the following command:

Shell> ps -ef | grep sshd

veridata_sh_02

Shell> netsat –aln | grep “:22”

veridata_sh_03

Shell> nmap –p22 localhost

veridata_sh_04

Shell> nc –zv localhost 22

veridata_sh_05

Shell> echo “dummy” | nc localhost 22

veridata_sh_06

Edit the agent.properties file for the Veridata Agent to reflect the correct Agent port that will be used for the SSH tunnel. Restart Veridata Agent once the properties file has been modified.

• Shutdown Veridata Agent if it’s running via agent.sh script

Shell> cd /home/oracle/ogg/veridata_v112100/agent
Shell> ./agent.sh stop

veridata_sh_07

• Edit agent.properties file to reflect the correct TCP port (server.port) to be used by SSH tunnel. This port should match to the SSH port to be used in the Veridata Server.

Shell> cd /home/oracle/ogg/veridata_v112100/agent
Shell> grep server.port agent.properties

Shell> sed -i ‘s/server.port=8190/server.port=9133/g’ agent/properties
Shell> grep server.port agent.properties

veridata_sh_08

• Start Veridata Agent via agent.sh script and make sure the Java Agent is running.

Shell> cd /home/oracle/ogg/veridata_v112100/agent
Shell> ./agent.sh start
Shell> ps -ef | grep JavaAgent

veridata_sh_09

2. Veridata Agent – Target Server

Check if SSH daemon is up and running by doing one of the following command:

Shell> ps –ef | grep sshd

veridata_sh_10

Shell> netsat –aln | grep “:22”

veridata_sh_11

Shell> nmap –p22 localhost

veridata_sh_12

Shell> nc –zv localhost 22

veridata_sh_13

Shell> echo “dummy” | nc localhost 22

veridata_sh_14

Edit the agent.properties file for the Veridata Agent to reflect the correct Agent port that will be used for the SSH tunnel. Restart Veridata Agent once the properties file has been modified.

• Shutdown Veridata Agent if it’s running via agent.sh script

Shell> cd /home/oracle/ogg/veridata_v112100/agent
Shell> ./agent.sh stop

veridata_sh_15

• Edit agent.properties file to reflect the correct TCP port (server.port) to be used by SSH tunnel. This port should match to the SSH port to be used in the Veridata Server.

Shell> cd /home/oracle/ogg/veridata_v112100/agent
Shell> grep server.port agent.properties

Shell> sed -i ‘s/server.port=8195/server.port=9135/g’ agent.properties
Shell> grep server.port agent.properties

veridata_sh_16

• Start Veridata Agent via agent.sh script and make sure the Java Agent is running.

Shell> cd /home/oracle/ogg/veridata_v112100/agent
Shell> ./agent.sh start
Shell> ps -ef | grep JavaAgent

veridata_sh_17

3. Veridata Server

Check if SSH daemon is up and running by doing one of the following command:

Shell> ps –ef | grep sshd

veridata_sh_18

Shell> netsat –aln | grep “:22”

veridata_sh_19

Shell> nmap –p22 localhost

veridata_sh_20

Shell> nc –zv localhost 22

veridata_sh_21

Shell> echo “dummy” | nc localhost 22

veridata_sh_22

Create or define the SSH tunnels for both source & target Veridata Agent host servers via the following command:

Shell> ssh –N –f –L 9133:localhost:9133 db-source-ole

veridata_sh_23

Shell> ssh –N –f –L 9135:localhost:9135 db-target-ole

veridata_sh_24

Note: If the remote host has not been established as secured host you will be prompted for password.

Check if both SSH tunnels have been created successfully via the following command:

Shell> ps –ef | grep “ssh “

veridata_sh_25
Check if both SSH tunnels can communicate successfully to Veridata Agents on the source (port=9133) and target (port=9135) servers via the “nc” command:

Shell> nc –zv localhost 9133

veridata_sh_26

Shell> nc –zv localhost 9135

veridata_sh_27

Start Veridata Server process if it’s not running via startup shell (./startup.sh) script and make sure it’s up and running via ps command.

Shell> cd /home/oracle/ogg/oggvds_v112100/web/bin
Shell> ./startup.sh

Shell> ps -ef | grep java | grep veridata

veridata_sh_28

4. Veridata – Web User Interface (Client)

We need to create the Veridata Connection configuration via the Web User interface, so you will need to access it via a Web browser. The default HTTP port for the Veridata Web Server is 8830, so the URL address you will need to access for our example is http://veridata-ole:8830/

a. Login to Veridata Web Server

veridata_sh_29

b. Go to Connection Configuration Section

veridata_sh_30

c. Put in the information for the Connection Name

veridata_sh_31

d. Put in the information for the Veridata Agent Connection using the SSH port

veridata_sh_32

e. Type in the database source connection information

veridata_sh_33

f. Click OK to finish or continue on to Group Configuration or another Connection

veridata_sh_34

g. Once successful, you’ll see the new “Connection” you just created.

veridata_sh_35

To create another connection for Target database using port 9135, just repeat step 4a – step 4f and just use the correct port and host information for the target server.

Add Your Comment