Oracle E-Business Suite supports today’s evolving business models, drives productivity, and meets the demands of the modern mobile user. Building on a 30-year history of innovation, Oracle E-Business Suite continues to deliver new application functionality and expand the capabilities of existing features while helping you gain all the benefits of Oracle Cloud.
We will continue the blog series dedicated to Oracle Applications deployed on OCI and we will analyze in this new blog post the networking needed for Oracle E-Business Suite or for short EBS.
If you missed the previous blog posts dedicated to Essbase and PeopleSoft, that is not an issue at all, below you have the link to access each of the blog posts:
Reference OCI Networking Architecture – Oracle Essbase
Reference OCI Networking Architecture – Oracle PeopleSoft
If you want to provision Oracle E-Business Suite on Oracle Cloud Infrastructure or migrate Oracle E-Business Suite environments from your data center to Oracle Cloud Infrastructure, below I prepared a multihost, secure and high-availability networking topology for your deployment.
The EBS Networking Design presented will include multiple EBS Application VMs in multiple ADs/FDs, separate DB tier with or without RAC and multiple OCI regions for Disaster Recovery.
That being said, let’s analyze the proposed Networking Design for EBS:
For Disaster Recovery two OCI regions are presented, OCI Region 1 acting as a Primary region and OCI Region 2 acting as the DR region. The VCN configuration from the Primary region is mirrored to the DR region.
The best practices dictates that the connectivity from On-premises to each and every region to be established by using own FastConnect or VPN, but mostly for EBS, the FastConnect is the recommended solution.
The design in both OCI regions will include a Security and Load Balancer VCN together with so-called EBS VCN where the two EBS tiers, Application and DB are hosted. In the EBS VCN all the subnet hosting the two tiers are private.
Two types of access can be in place, the Internet access and the internal access to EBS. If both types will be necessary, the two public and private Load Balancers will accomplish the scope configuring the EBS Application VMs as back-end servers. You can use some Application VMs for Internet traffic and some for internal traffic but one of most important part is to place the Application VMs in different ADs in a multi AD region or in multiple FD in a one AD region.
In order to create a highly secure network, the OCI Network Firewall can inspect first the Internet and internal traffic to EBS prior to reach the load balancers. WAF should be enabled on the load balancers and specifically configured to protect the EBS environment. The OCI Network Firewall can be replaced by any valid OCI Marketplace third party vendor firewall is you want to use a certain vendor for OCI to On-premises integration.
The DB tier needs access to Object Storage for backup, so the Service Gateway will be used to deliver the access to Object Storage. Some yum repository needs to be accessed by both tiers, if that will be the case the SGW can deliver access to Oracle yum repository.
How the Security and LB VCN will communicate with the EBS VCN? Your guess is right, we will use the DRG and its capabilities related to FastConnect and VCN attachment plus transit routing.
Last but least, the synchronization between the two OCI regions will be performed by using the Remote Peering Connection over the OCI Backbone. The synchronization will maintain the DR environment ready to be used in a DR event scenario.
Using the above networking design we can assure a highly secure, scalable and reliable EBS environment on OCI.