This is my second partnership with Catalin for the Oracle Integration Cloud. This blog will show you how to configure the DR solution for the OIC instances. We also covered the Custom endpoint configuration in our previous blog.
1. Configure DR solution by manually update the DNS record
2. Configure DR solution by creating the DNS traffic steering policy
3. Test the Failover
Configure DR solution by manually update the DNS record
Consider two OIC instances with the custom endpoint already created in Ashburn (IAD) primary and Phoenix(PHX) as a secondary region. Refer to our previous blog.
For having the DR solution in the case of an entire region outage, We won't be able to modify zones hosted in our primary region so we will host the DNS zone in a third region like San Jose (SJC). In the case of a Primary or Ashburn region outage, we need to connect to the OCI dashboard, set our region to the third region (San Jose) and edit the DNS zoom record with the address of the secondary instance.
Log in to the OCI
Select the region you are hosting the DNS management (for instance: San Jose)
Click on hamburger menu, Networking , DNS management, and click on Zones
Open the Zone where you created the custom endpoint
Note: For more info on creating the DNS zone, please check Managing DNS Service Zones
As you see in the screenshots below, we already have CNAME record for the custom Domain oic.ateam-oracle.cloud which is pointing to the OIC instance in Ashburn region (Primary region)
Now you need to check the box next to your domain name and edit the CNAME with your secondary OIC instance original or URL address in the Phoenix region (Secondary region) Please check the screenshots below.
Configure DR solution by creating the DNS traffic steering policy
The OCI Traffic Management enables you to configure policies to serve intelligent responses to DNS queries. Different answers may be served for a query according to the customer-defined Traffic Management Steering Policy logic.
We will demonstrate how to achieve the DR solution for the Integration feature by Creating the DNS traffic steering policy.
In this case, you don't need to add the CNAME of your primary or secondary OIC instances under the record in the Zone management, and the DNS steering policy will take care of the routing changes in case of the region failure.
Login to the OCI Click on the Hamburger menu (Left side up) and go to the Networking menu, DNS Management, Traffic management steering policies and click on create. Please check the config details below.
Policy Type should be Failover;
Create a name for the policy; For instance: OIC-DR
Select a TTL for the policy;
Create the "Answer Pool 1" for the primary region. The type should be CNAME and the Rdata should be the original URL name of primary OIC instance that the OIC Mark it as Eligible. "integrationinstance1-ociateam-ia.integration.ocp.oraclecloud.com."
Create the "Answer Pool 2" for the failover region. The type should be CNAME and the Rdata should be the original URL address of secondaryOIC instance. Mark it as Eligible. " integrationinstance1-ociateam-px.integration.ocp.oraclecloud.com."
Select the Pool Priority: 1 for the primary region and 2 for the failover region;
Create a new health check:
- put a name for the health check;
- select an interval for it to run (for the purpose of this blog we selected 10 seconds);
- Select the HTTPS protocol and port 443;
- Put the /ic/home path and the GET method;
- Select a timeout value (for the purpose of this blog we selected 10 seconds);
- Select the Attached Domain. In our case the domain is oic.
- Select the compartment where the DNS zone was created and the zone.
Note: Health check setting to monitor the target availability is optional ( You can check the select existing, add new, or none button for that)
Attached domain(s): subdomain "oic"
Create the policy and check the screenshots below.
You will see the below screenshot pictures after successfully configuring the traffic management steering policy.
Test the Failover
As you saw in the last step our first answer pool is pool 1 pointing to the Ashburn region.
Check the nslookup below.
Consider we have an outage in Ashburn region and due to that outage our primary OIC instance is out of service or is down, we will demonstrate this failover scenario by uncheck the Eligible box under the Answer pool 1 config.
Open your Traffic management steering policy and click on edit.
Under the Answer pool(s) section, Uncheck the Eligible box (Associate to your Answer pool 1 config) and save the changes.
Do the DNS resolution for the custom endpoint, you will see our custom endpoint now pointed to the secondary region.
This blog showed you how to configure Disaster Recovery for your OIC instances. Please remember the first methods we explained above; in the case of a region failure, you need to manually update the DNS zone management with the secondary OIC original URL address.
We hope you enjoyed it!