Note: Private Access Channel is now available in Oracle Analytics and is recommended by Oracle for new connections to private data sources. For more information on the feature and the data sources it supports refer to:
Connect to Private Data Sources Through a Private Access Channel
Supported Data Sources
A-Team Chronicles Private Access Channel Series
The latest releases of Oracle Analytics Cloud (OAC) now include the new Remote Data Gateway (RDG) for accessing databases that are not otherwise accessible by OAC.
This post is a step-by-step guide to installing and configuring RDG in a public subnet on Oracle Cloud Infrastructure (OCI). It includes scenarios using the Internet and VPN / FastConnect.
This post is one of the scenarios noted in the companion blog Deploying Remote Data Gateway in Oracle Analytics Cloud for Data Visualization
October 14, 2020 for OAC 5.8
February 14, 2020 for OAC 5.5 and RDG 5.5
October 30, 2019 with OAC 5.4 and RDG 5.4
Before You Begin
Downloading Remote Data Gateway
Preparing to Install Remote Data Gateway
Preparing to Configure Remote Data Gateway via Internet
Preparing to Configure Remote Data Gateway using VPN / FastConnect
Ensure your data source and operating system is supported per OAC documentation.
Deploying RDG requires the following common items:
Credentials and Privileges to install software on the RDG host.
Database connection information and credentials for validating the installation.
The IP address or host name where RDG is to be installed.
SSH Utilities to access Linux
The Microsoft Remote Desktop (RDP) utility for accessing remote Windows servers.
Routing rules allowing user access to Identity Cloud Service (IDCS) and OAC via the Internet.
Routing rules allowing user access to the Dynamic Routing Gateway (DRG) described below; and to IDCS via the internet, if it is in a different region
The following must be in place. Links to the relevant documentation are provided.
Compartment to contain a Virtual Cloud Network (VCN) Here
Compartment Privilege Policies to create resources and manage instances Here
VCN Here
Regional Public Subnet Here
Compute Instance with a supported OS image to host the RDG Here
Network Security Group(s) (NSG) or Security List associated with the public subnet to control traffic at the packet level Here
Ingress rules in the above allowing ingress to ports 22 and/or 3389. Port 22 is for SSH access to Linux and port 3389 is for RDP access to Windows.
If using Linux, Port 8080 (default) is used for browser configuration. This can be achieved using an SSL Local Port Forward. See here for examples. Without SSH, the Linux port 8080 (default) must be opened in the firewall of the compute host. See Here for guidance.
Internet Gateway (IG) allowing RDG to connect to OAC Here
Route table associated with the public subnet directing traffic to the internet gateway Here
DRG attached to the VCN allowing ingress Here
Service Gateway allowing private traffic to access OAC inside the Oracle Services Network Here
Route Table attached to the DRG directing traffic to the Service Gateway Here
This post uses a private database in a private subnet in the same VCN as the RDG.
The following must be in place. Links to the relevant documentation are provided.
Compartment, Policies and VCN from above
Regional Private Subnet Here
Supported Private Database Cloud Instance Here
Network Security Group(s) or Security List associated with the private subnet to control traffic at the packet level Here
Ingress rules allowing ingress to ports 22 and 1521. Port 22 is for SSH access to the database and port 1521(default) is for the database listener.
Connect to the RDG compute instance and navigate to https://www.oracle.com/technetwork/middleware/oac/downloads/index.html. Accept the license agreement and choose the desired platform.
If using a Linux server that does not have a browser, download the Linux installer to a client machine and then upload it to the Linux server. For example, to SCP the installer use the following:
scp -I
SSH into the Linux instance with the private key. e.g.
ssh -i < private key path > opc@< Public IP address or host name >
RDP into the Windows instance.
Follow the steps in Installing Oracle Analytics Cloud Remote Data Gateway to install RDG.
Tip: For higher availability and performance, install an agent in each availability domain. Complete the relevant configuration section for each installation.
This scenario uses the internet to reach OAC and RDG.
Ensure the OCI components shown below and listed in the prerequisites are configured.
User connects to OTN and downloads RDG
User connects to the host compute instance.
User uploads the installer to the Linux instance if necessary.
User installs RDG
User connects to OAC and authenticates with IDCS
User enables RDG in OAC and notes the OAC URL
User configures RDG, generates the key, and pastes it into the OAC agent configuration
Follow the steps in Completing the Deployment of Remote Data Gateway for OAC to configure RDG.
After RDG is configured and the connection validated, the following shows the operation architecture.
RDG initiates the connection to OAC via the internet gateway
User connects to OAC which may include authenticating with IDCS
User issues a query
OAC passes the query to RDG via the RDG connection
RDG passes the query to the database.
Database returns the data to RDG
RDG passes the result data to OAC via the RDG connection.
This scenario uses the VPN or FastConnect to reach OAC and RDG.
Ensure the OCI components shown below and listed in the prerequisites are configured.
The official documentation for connecting to OAC via VPN and FastConnect is Transit Routing: Private Access to Oracle Services.
User connects to OTN and downloads RDG
User uploads the installer to the Linux instance if necessary.
User connects to the host compute instance via the DRG.
User installs RDG
User connects to OAC and authenticates with IDCS
User enables RDG in OAC and notes the OAC URL
User configures RDG, generates the key, and pastes it into the OAC agent configuration
Follow the steps in Completing the Deployment of Remote Data Gateway for OAC to configure RDG.
After RDG is configured and the connection validated, the following shows the operation architecture.
RDG initiates the connection to OAC
User connects to OAC which may include authenticating with IDCS
User issues a query
OAC passes the query to RDG via the RDG connection
RDG passes the query to the database.
Database returns the data to RDG
RDG passes the result data to OAC via the RDG connection.
This post described installing and configuring RDG in a public subnet on Oracle Cloud Infrastructure (OCI). It included scenarios using the Internet and VPN / FastConnect.
For other posts relating to analytics and data integration visit http://www.ateam-oracle.com/dayne-carley
Next Post