Connecting to an Exadata Cloud Infrastructure Instance
This topic explains how to connect to an Exadata Cloud Infrastructure instance using SSH or SQL Developer.
How you connect depends on how your cloud network is set up. You can find information on various networking scenarios in Networking Overview, but for specific recommendations on how you should connect to a database in the cloud, contact your network security administrator.
Exadata Cloud Infrastructure servers cannot be joined to Active Directory domains, and the service does not support the use of Active Directory for user authentication and authorization.
- Prerequisites
List of the requirements for SSH access to a compute node in an Exadata Cloud Infrastructure instance. - SCAN Listener Port Setting
When creating a cloud VM cluster, you can optionally designate a different SCAN listener port number. - Connecting to a Virtual Machine with SSH
You can connect to the virtual machines in an Exadata Cloud Infrastructure system by using a Secure Shell (SSH) connection. - Using Oracle Net Services to Connect to a Database
Oracle Database Exadata Cloud Infrastructure supports remote database access by using Oracle Net Services.
Prerequisites
List of the requirements for SSH access to a compute node in an Exadata Cloud Infrastructure instance.
You'll need the following:
-
The full path to the file that contains the private key associated with the public key used when the system was launched.
-
The public or private IP address of the Exadata Cloud Infrastructure instance.
Use the private IP address to connect to the system from your on-premises network, or from within the virtual cloud network (VCN). This includes connecting from a host located on-premises connecting through a VPN or FastConnect to your VCN, or from another host in the same VCN. Use the public IP address to connect to the system from outside the cloud (with no VPN). You can find the IP addresses in the Oracle Cloud InfrastructureConsole as follows:
- Cloud VM clusters ( new resource model ): On the Exadata VM Cluster Details page, click Virtual Machines in the Resources list.
- DB systems: On the DB System Details page, click Nodes in the Resources list.
The values are displayed in the Public IP Address and Private IP Address & DNS Name columns of the table displaying the Virtual Machines or Nodes of the Exadata Cloud Infrastructure instance.
Related Topics
Parent topic: Connecting to an Exadata Cloud Infrastructure Instance
SCAN Listener Port Setting
When creating a cloud VM cluster, you can optionally designate a different SCAN listener port number.
The default SCAN listener port for cloud VM clusters is 1521. When using the console To create a cloud VM cluster resource, you can optionally designate a different SCAN listener port number. In the OCI Console, this option appears under Advanced Options when creating the cluster.
Manually changing the SCAN listener port of a VM cluster after provisioning using the backend software is not supported. This change can cause Data Guard provisioning to fail.
Parent topic: Connecting to an Exadata Cloud Infrastructure Instance
Connecting to a Virtual Machine with SSH
You can connect to the virtual machines in an Exadata Cloud Infrastructure system by using a Secure Shell (SSH) connection.
Most Unix-style systems (including Linux, Oracle Solaris, and macOS) include an SSH client. For Microsoft Windows systems, you can download a free SSH client called PuTTY from the following site: "http://www.putty.org".
- Connecting from a Unix-Style System
To access a virtual machine on an Oracle ExaDB-D system from a Unix-style system using SSH, use this procedure. - Connecting to a Virtual Machine from a Microsoft Windows System Using PuTTY
Learn to access a virtual machine from a Microsoft Windows system using PuTTY. - Accessing a Database After You Connect to the Virtual Machine
After you connect to a virtual machine, you can use the following series of commands to identify a database and connect to it.
Related Topics
Parent topic: Connecting to an Exadata Cloud Infrastructure Instance
Connecting from a Unix-Style System
To access a virtual machine on an Oracle ExaDB-D system from a Unix-style system using SSH, use this procedure.
Parent topic: Connecting to a Virtual Machine with SSH
Connecting to a Virtual Machine from a Microsoft Windows System Using PuTTY
Learn to access a virtual machine from a Microsoft Windows system using PuTTY.
Before you begin
-
The IP address of the virtual machine
-
The SSH private key file that matches the public key associated with the deployment. This private key file must be in the PuTTY
.ppk
format. If the private key file was originally created on the Linux platform, you can use the PuTTYgen program to convert it to the.ppk
format.
To connect to a virtual machine using the PuTTY program on Windows:
Parent topic: Connecting to a Virtual Machine with SSH
Accessing a Database After You Connect to the Virtual Machine
After you connect to a virtual machine, you can use the following series of commands to identify a database and connect to it.
Parent topic: Connecting to a Virtual Machine with SSH
Using Oracle Net Services to Connect to a Database
Oracle Database Exadata Cloud Infrastructure supports remote database access by using Oracle Net Services.
Because Exadata Cloud Infrastructure uses Oracle Grid Infrastructure, you can make Oracle Net Services connections by using Single Client Access Name (SCAN) connections. SCAN is a feature that provides a consistent mechanism for clients to access the Oracle Database instances running in a cluster.
By default, the SCAN is associated with three virtual IP addresses (VIPs). Each SCAN VIP is also associated with a SCAN listener that provides a connection endpoint for Oracle Database connections using Oracle Net Services. To maximize availability, Oracle Grid Infrastructure distributes the SCAN VIPs and SCAN listeners across the available cluster nodes. In addition, if there is a node shutdown or failure, then the SCAN VIPs and SCAN listeners are automatically migrated to a surviving node. By using SCAN connections, you enhance the ability of Oracle Database clients to have a reliable set of connection endpoints that can service all of the databases running in the cluster.
The SCAN listeners are in addition to the Oracle Net Listeners that run on every node in the cluster, which are also known as the node listeners. When an Oracle Net Services connection comes through a SCAN connection, the SCAN listener routes the connection to one of the node listeners, and plays no further part in the connection. A combination of factors, including listener availability, database instance placement, and workload distribution, determines which node listener receives each connection.
This documentation provides basic requirements for connecting to your Exadata Cloud Infrastructure databases by using Oracle Net Services.
- Prerequisites for Connecting to a Database with Oracle Net Services
Review the prerequisites to connect to an Oracle Database instance on Oracle ExaDB-D using Oracle Net Services. - Connecting to a Database with SQL Developer
You can connect to a database with SQL Developer by using one of the following methods: - Connecting to a Database Using SCAN
To create an Oracle Net Services connection by using the SCAN listeners, you can choose between two approaches. - Connecting to a Database Using a Node Listener
To connect to an Oracle Database instance on Exadata Cloud Infrastructure with a connect descriptor that bypasses the SCAN listeners, use this procedure to route your connection directly to a node listener.
Parent topic: Connecting to an Exadata Cloud Infrastructure Instance
Prerequisites for Connecting to a Database with Oracle Net Services
Review the prerequisites to connect to an Oracle Database instance on Oracle ExaDB-D using Oracle Net Services.
- The IP addresses for your SCAN VIPs, or the hostname or IP address for a virtual machine that hosts the database that you want to access.
- The database identifier: Either the database system identifier (SID), or a service name.
Parent topic: Using Oracle Net Services to Connect to a Database
Connecting to a Database with SQL Developer
You can connect to a database with SQL Developer by using one of the following methods:
- Create a temporary SSH tunnel from your computer to the database. This method provides access only for the duration of the tunnel. (When you are done using the database, be sure to close the SSH tunnel by exiting the SSH session.)
- Open the port used as the Oracle SCAN listener by updating the security list used for the cloud VM cluster or DB system resource in the Exadata Cloud Service instance. The default SCAN listener port is 1521. This method provides more durable access to the database. For more information, see Updating the Security List.
After you've created an SSH tunnel or opened the SCAN listener port as described above, you can connect to an Exadata Cloud Infrastructure instance using SCAN IP addresses or public IP addresses, depending on how your network is set up and where you are connecting from. You can find the IP addresses in the Console, in the Database details page.
- To connect using SCAN IP addresses
You can connect to the database using the SCAN IP addresses if your client is on-premises and you are connecting using a FastConnect or Site-to-Site VPN connection. - To connect using public IP addresses
You can use the node's public IP address to connect to the database if the client and database are in different VCNs, or if the database is on a VCN that has an internet gateway.
Parent topic: Using Oracle Net Services to Connect to a Database
To connect using SCAN IP addresses
You can connect to the database using the SCAN IP addresses if your client is on-premises and you are connecting using a FastConnect or Site-to-Site VPN connection.
-
Use the private SCAN IP addresses, as shown in the following
tnsnames.ora
example:testdb= (DESCRIPTION = (ADDRESS_LIST= (ADDRESS = (PROTOCOL = TCP)(HOST = <scanIP1>)(PORT = 1521)) (ADDRESS = (PROTOCOL = TCP)(HOST = <scanIP2>)(PORT = 1521))) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = <dbservice.subnetname.dbvcn.oraclevcn.com>) ) )
-
Define an external SCAN name in your on-premises DNS server. Your application can resolve this external SCAN name to the DB System's private SCAN IP addresses, and then the application can use a connection string that includes the external SCAN name. In the following
tnsnames.ora
example,extscanname.example.com
is defined in the on-premises DNS server.testdb = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = <extscanname.example.com>)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = <dbservice.subnetname.dbvcn.oraclevcn.com>) ) )
Parent topic: Connecting to a Database with SQL Developer
To connect using public IP addresses
You can use the node's public IP address to connect to the database if the client and database are in different VCNs, or if the database is on a VCN that has an internet gateway.
However, there are important implications to consider:
- When the client uses the public IP address, the client bypasses the SCAN listener and reaches the node listener, so server side load balancing is not available.
- When the client uses the public IP address, it cannot take advantage of the VIP failover feature. If a node becomes unavailable, new connection attempts to the node will hang until a TCP/IP timeout occurs. You can set client side sqlnet parameters to limit the TCP/IP timeout.
The following tnsnames.ora
example shows a connection string that
includes the CONNECT_TIMEOUT parameter to avoid TCP/IP timeouts.
test=
(DESCRIPTION =
(CONNECT_TIMEOUT=60)
(ADDRESS_LIST=
(ADDRESS = (PROTOCOL = TCP)(HOST = <publicIP1>)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = <publicIP2>)(PORT = 1521))
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = <dbservice.subnetname.dbvcn.oraclevcn.com>)
)
)
Parent topic: Connecting to a Database with SQL Developer
Connecting to a Database Using SCAN
To create an Oracle Net Services connection by using the SCAN listeners, you can choose between two approaches.
- Connecting to a Database Using a Connect Descriptor that References All of the SCAN VIPs
You can set up a connect descriptor for Oracle Exadata Database Service on Dedicated Infrastructure System using multiple SCAN listeners. - Connecting to a Database Use a Connect Descriptor that References a Custom SCAN Name
You can set up a connect descriptor for Oracle Exadata Database Service on Dedicated Infrastructure System using a custom SCAN name.
Parent topic: Using Oracle Net Services to Connect to a Database
Connecting to a Database Using a Connect Descriptor that References All of the SCAN VIPs
You can set up a connect descriptor for Oracle Exadata Database Service on Dedicated Infrastructure System using multiple SCAN listeners.
This approach requires you to supply all of the single client access name (SCAN) virtual IP (VIP) addresses, and enables Oracle Net Services to connect to an available SCAN listener.
Parent topic: Connecting to a Database Using SCAN
Connecting to a Database Use a Connect Descriptor that References a Custom SCAN Name
You can set up a connect descriptor for Oracle Exadata Database Service on Dedicated Infrastructure System using a custom SCAN name.
Using this approach, you define a custom single client access name (SCAN) name in your domain name server (DNS), which resolves to the three SCAN virtual IP addresses (VIPs).
Parent topic: Connecting to a Database Using SCAN
Connecting to a Database Using a Node Listener
To connect to an Oracle Database instance on Exadata Cloud Infrastructure with a connect descriptor that bypasses the SCAN listeners, use this procedure to route your connection directly to a node listener.
By using this method, you give up the high-availability and load-balancing provided by SCAN. However, this method may be desirable if you want to direct connections to a specific node or network interface. For example, you might want to ensure that connections from a program that performs bulk data loading use the backup network.
Using this approach, you direct your connection using the hostname or IP address of the node.
Example 4-2 Defining a Net Service Alias That Directly References the Node
alias-name = (DESCRIPTION=
(CONNECT_TIMEOUT=timeout)
(ADDRESS_LIST=(ADDRESS=(PROTOCOL=tcp)(HOST=node)(PORT=1521)))
(CONNECT_DATA=(sid-or-service-entry)))
Where:
alias-name
is the name you use to identify the alias.
timeout
specifies a timeout period (in seconds), which enables you to
terminate a connection attempt without having to wait for a TCP
timeout. The (CONNECT_TIMEOUT=timeout
) parameter is
optional.
node
is the
hostname or IP address for the virtual machine that you want to
use.
sid-or-service-entry
identifies the
database SID or service name using one of the following formats:
SID=sid-name
. For example,SID=S12C1
.SERVICE_NAME=service-name
. For example,SERVICE_NAME=PDB1.example.oraclecloudatcust.com
.
node:1521/sid-or-service-entry
exa1node01.example.com:1521/S12C1
exa1node01.example.com:1521/PDB1.example.oraclecloudatcust.com
Parent topic: Using Oracle Net Services to Connect to a Database