X

Best Practices from Oracle Development's A‑Team

  • August 25, 2021

Disaster Recovery solution for a cloud native application deployed on OCI

In this post we discuss disaster recovery solution for a cloud native application deployed on OCI (Oracle Cloud Infrastructure)

We will use the recently announced feature on Cross-Region Autonomous Data Guard for Autonomous databases to demonstrate the DR solution for a cloud native application (MuShop)  
 

Solution Architecture

 

 

About the use case

The above picture shows MuShop (polyglot microservices demo application) deployed on OKE (Oracle Cloud Infrastructure Container Engine for Kubernetes) clusters on ap-mumbai-1 (Primary) and ap-hyderabad-1 (DR) regions (These regions are used as an example). The Autonomous data guard is enabled between the two Autonomous databases across these regions. We will also use the DNS traffic steering to DNS failover to DR in case of disaster at the Primary site.

 

Procedure: We will introduce the Primary site failure by doing a manual failover of Autonomous database at source and the MuShop application at the DR would then take over and serve the users by connecting to the DR ADB.

High level overview of the steps

For this example we shall consider ap-mumbai-1 as the source and ap-hyderabad-1 as the destination


Note: We are not covering the detailed steps in this blog as it could be too overwhelming. We have outlined the detailed steps in this github repository We only show you preview of some commands that we are trying to perform in this blog.
 
  • Create the Source ADB (ap-mumbai-1)
         $ oci db autonomous-database  create --compartment-id ${COMPARTMENT_ID} --db-name ${DB_NAME} --admin-password ${DB_PASSWORD} --db-version 19c --cpu-core-count 1 --data-storage-size-in-tbs 1 --display-name ${DB_DISPLAY_NAME}
        
  • Create the Destination ADB (ap-hyderabad-1) using data guard
          $ oci db autonomous-database  create-adb-cross-region-data-guard-details  --compartment-id ${COMPARTMENT_ID} --db-name ${DB_NAME} --source-id ${DB_ID} --cpu-core-count 1 --data-storage-size-in-tbs 1 --region ap-hyderabad-1 --db-version 19c
        
  • Setup Mushop on source (ap-mumbai-1)

  • Verify the application working at the source (ap-mumbai-1). Access http://Ingress-Source-IP-Address and ensure that you would see the all the MuShop catalogue products listed without errors.

  • Perform ADB failover from ap-mumbai-1 to ap-hyderabad-1. We need to do this because the ADB needs to be available at the DR site for the MuShop pods to perform the initialization when we setup Mushop at the DR site. Else the pods would be stuck in the initialization state.

  • Setup MuShop on DR site (ap-hyderabad-1). When we setup the MuShop at DR it would not re-initialize the DB schemas or tables. This intelligence has to be built in the application.

  • Verify the application working at the DR region (ap-hyderabad-1). Access http://Ingress-DR-IP-Address and ensure that you would see the all the MuShop catalogue products listed without errors.
At this point your setup is ready to perform DR testing.
 

DR testing:

You would notice that the source site has lost access to all the products within Mushop and the DR site has access to all the products as we switched over.

You can then switch back to the primary site (ap-mumbai-1) in this case and observe the opposite behavior.

 

WAF and DNS traffic steering

Further, we can add WAF and DNS traffic steering policy to automatically switch the DNS from Source site to Destination site. For this we make use of creating a http healthcheck monitor on https://Source-Ingress-IP/api/catalogue. When we failover the ATP (Autonomous Database) manually or when there is a disaster at Primary site, this check would then fail and automatically change the DNS to point to DR Ingress IP. For the steps on the DNS traffic steering, do refer to the full steps in the references section

References/Credits

Full detailed steps here: https://github.com/naikvenu/oci-autonomous-adg
MuShop Setup

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha