Validated March 23, 2021
Oracle Enterprise Performance Management Cloud Planning is now available on Oracle Cloud Infrastructure. This allows the use of dynamic routing gateways and service gateways to ensure private network traffic from your location. Refer here for an overview of the product and here for documentation on the networking aspects.
This post is a step-by-step guide for font the components necessary to simulate private access from your on-premise environments.
March 31, 2021 with:
Before You Begin
Deploying Required Components
Validating Private Access
|EPM||Enterprise Performance Management|
|OCI||Oracle Cloud Infrastructure|
|VCN||Virtual Cloud Network|
|DRG||Dynamic Routing Gateway|
|VPN||Virtual Private Network|
|CPE||Customer Premise Equipment|
|RPC||Remote Peering Connection|
|ACL||Access Control List|
|RDP||Microsoft Remote Desktop|
A subscription for an instance running on OCI. This post refers to the service as EPM.
A tenancy subscribed to the region hosting EPM and one other region to simulate your on-premise environment.
A user account in the above OCI tenancy for managing compute and network resources
A user account in EPM for validating connectivity.
The following table lists the scenario components deployed with links for reference.
|VCN||Hosts gateways, subnets, ACLs and route tables||link|
|DRG||Facilitates VPN, FastConnect, and Remote Peering||link|
|REMOTE PEERING CONNECTION||Simulates VPN and FastConnect||link|
|SERVICE GATEWAY||Provides access to and from the public EPM instance||link|
|SUBNET||Hosts the compute instance and load balancer||link|
|COMPUTE INSTANCE||Provides the browser to reach EPM||link|
|LOAD BALANCER||Provides access to the compute instance||link|
|ROUTE RULE||Routes a subnet's traffic out of a VCN||link|
|SECURITY LIST||Allows ingress and egress for subnet resources||link|
The following tables provide component details with example values.
Create a VCN in each region.
Create a DRG in each region and attach to the respective VCNs.
Create an RPC for each DRG and peer them.
Create a Service Gateway in the EPM region
Create a public and private subnet in the simulating region to host the load balancer and browser instance.
Create a compute instance with a browser in the private subnet
Note: If you do not have access to the private Windows instance through VPN, FastConnect etc., use a public Load Balancer or a public Windows instance as a bastion.
Create a load balancer in the public subnet to provide access to the compute instance
Create route rules for traffic leaving region 1 and entering region 2
Create security list rules for traffic leaving region 1
The deployed components are depicted below. Click here for a short clip of the deployment flow.
Validate that the private browser instance can connect to EPM.
Connect to the private Windows instance using RDP.
Use a browser and enter the EPM instance URL
Enter credentials on the IDCS login screen
View the EPM home page
The connection flow is shown below. Click here for a short clip of the connection flow.
This post provided a step-by-step guide for deploying the components necessary to simulate private access from your on-premise environments to oracle Cloud EPM Planning.
For other posts relating to analytics and data integration visit http://www.ateam-oracle.com/dayne-carley