Oracle databases are an integral part of modern technological infrastructure for organizations globally. They underpin high-volume digital business, perform thousands of transactions, and house an organization’s critical and sensitive information. Today’s business requirements and data-driven applications are expanding the definition of “data loss” to include data that is inaccessible to the business for a period to significantly and negatively impact it. Data loss, even if transient, is likely to have a disproportionately harmful business impact. IT teams are spending significant time and resources to protect these assets from natural disasters, systems or technical failures, or by human error. Recently, cyberattacks have become a major concern for organizations due to the wide variety of approaches and subversive nature. Considering how the costs of data breaches and cyberattacks are on the rise, it is essential for organizations to take all possible steps to ensure data resiliency.
A sound, proactive data resiliency approach, based on Zero Trust architectural principles, is needed to ensure that Oracle databases can maintain 24x7x365 availability against security breaches, system outages while meeting privacy, and compliance requirements. An immutable data platform like Rubrik with declarative policy engine and threat engine, built on a secure, API-first architecture helps secure data and facilitate compliance.
As digital transformation is attracting more data into these systems, Database Administrators (DBAs) are faced with a dilemma when it comes to backup and recovery of databases: how to back up more data, more often, in less time, and within the same budget. DBAs have traditionally turned to Oracle Recovery Manager (RMAN). Common backup approaches, like storage snapshots and/or RMAN full and incremental, fail to meet the demands of modern workloads. Along with thousands of options and hundreds of scripts and jobs, protecting Oracle databases at scale can be a challenge for even the most seasoned DBA. Oracle has constantly evolved RMAN, introducing features like Block Change Tracking (BCT) and incremental merge, designed to minimize the backup and recovery windows while reducing the performance impact on an Oracle database.
Rubrik simplifies protection of Oracle databases by leveraging RMAN to incrementally update backups, securing them from ransomware using a Zero Trust Data Security approach and delivering value by operationalizing backups to make the data work for you. Oracle describes the incremental merge capability and critical design concerns when considering it for operational backup and recovery requirements. At Rubrik, our solution complements and extends this approach.
Oracle Incrementally updated backups
The standard approach for most enterprises has been to combine various backup types to achieve your Recovery Point Objective (RPO). Which backups you use are a balance between how much time you have to take a backup and your Recovery Time Objective (RTO). The typical backup implementation combines incremental level 0 and level 1 backups. Level 0 incremental backups are often taken periodically, perhaps weekly or daily. Level 1 incremental backups are then performed more frequently between two Level 0 backups. The level 0 backup scans the entire database, but level 1 incremental backups use the Block Change Tracking (BCT) to scan only the blocks that have changed since the last backup. This significantly reduces the amount of reads that are required on the database.
This approach helps reduce the backup window and storage requirements. The trade off to this is a longer recovery time. Now the recoveries don’t just have to move a full backup, they also then have to roll in all of the incrementals that have been taken since that full backup was created.
Incrementally updating backups avoids the overhead of making periodic full backups, while also minimizing time required for media recovery of your database. It involves creating an initial level 0 image copy backup. Subsequent backups cover different increments that only capture the changed data since the last backup. Previous incremental backups are then applied to the image copy backup to roll it forward in time. Everytime a backup is taken, the outcome is a Level 0 image-consistent copy which delivers faster restores.
Rubrik’s approach to Oracle data protection
Rubrik automates the RMAN workflows required to backup and restore Oracle databases and offers several advantages. The incremental forever backup with a single full backup lowers the storage consumption and improves backup times. The recovery automation simplifies the restore process, which can lead to improved Mean Time To Recovery (MTTR). Additionally, Rubrik was designed for data integrity, which ensures the backup data is protected from system errors and malicious activities.
Oracle backup workflow
The Rubrik Backup Service (RBS) that is installed on the Oracle host automatically discovers existing databases and ones that are added to the host. Customers can select the desired level of the object (Oracle Real Application Cluster, Oracle Data Guard, Oracle Host or a specific Oracle database) and assign an SLA domain policy. Customers can provide a backup window and assign RMAN channels. The number of RMAN channels help in scaling the throughput based on available Rubrik nodes in a cluster. Additionally, the SLA policy is required to define the frequency and retention of archive log backups. SLA Domains are inherited from their parent objects to provide automatic protection to the databases as they are added to the host. For instance, if an SLA domain is assigned at the Oracle host level, all subsequent databases added on that host will be assigned the same SLA domain. The inherited policy may be overridden by assigning another policy directly on one of the child items.
The Rubrik cluster protects an Oracle database by running two separate jobs–Database backups and Archive Log backups. These processes run at different times. Rubrik handles the scheduling and maintenance of all their associated tasks. The necessary RMAN scripts are generated during run time as per SLAs, thereby taking the stress out of backup operations.
When the first backup of the database is triggered via a SLA, Incremental Level 0 image copy backup is taken on the Rubrik storage. This is represented as DB Backup 1 in the diagram below. The next backup makes an incremental Level 1 backup capturing only the changes from the first backup. This is represented as New Incremental 1 in the diagram below. Additionally, the New Incremental 1 is applied to the first database copy i.e DB Backup 1.This brings the copy DB Backup 2 up to the checkpoint SCN of the level 1 incremental backup. Every subsequent backup instantly rolls forward the previous full image copy with the latest incremental copy. Rubrik maintains the snapshots of all the image copies in an logically air gapped immutable filesystem. No external or internal operation can read or modify the data making the first copy of the backup, as it is ingested, immune to corruption.
In the code block below we see the sample of RMAN commands that Rubrik uses for database backups.
set CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '<Rubrik location>';
configure DEVICE TYPE DISK BACKUP TYPE TO COPY;
allocate channel c1 type disk format '<Rubrik location>/c1/%U';
backup incremental level 1 for recover of copy with tag 'rubrik_backup_tag' database; recover copy of database with tag 'rubrik_backup_tag';
Archive log backups are triggered independently of the database backups in accordance with the frequency defined in the SLA policy. Archive log backups are taken as backup sets.
Rubrik approach to Oracle Incremental Merge
As mentioned previously, some database teams are cautious when it comes to using Oracle Incremental Merge features for operational backup and recovery requirements. Their first concern is regarding snapshot copy corruptions that can arise due to the timing and execution of the merge process on the original base Level 0 image copy. Secondly, it highlights the need for archive redo logs as part of the backup strategy to address the inconsistencies in the resulting image copies. The third concern is around using undocumented interfaces or reverse engineering of an Oracle database.
Rubrik minimizes the corruption chances of backup copies by executing the merge process without any delays during the backup time and by using a snapshot of the image copy. This ensures the previous snapshots of the image copies are always protected from corruptions. As described earlier, Rubrik triggers archive log backups independently of database backups. These backups are governed by the frequencies and retention configured within the Log backup settings of the applied SLA Domain. Additionally, a zero trust platform with a logically air gapped immutable file system that continuously checksums and fingerprints the data ensures the database snapshots and archive log backup chain is protected from any corruption, be it system errors or malicious activity.
Oracle recovery workflow
The below image illustrates the database snapshots as green dots and all the green lines as archive log backups. Rubrik offers point-in-time restores where a user selects a desired recovery time on the calendar and Rubrik will automate all the steps to restore a snapshot and apply the archive logs.
What Our Customers Say
Rubrik uses fully documented RMAN commands to backup the database and archive logs. This solution is being used by numerous customers across verticals worldwide. These customers have thoroughly evaluated Rubrik for their mission critical Oracle workloads.
“One of the biggest advantages with Rubrik over legacy solutions is its policy-based management for Oracle RMAN workloads. Rubrik delivers the same simple user experience across our legacy, virtual, and cloud workloads” said Ed Poll, Head of IT Infrastructure at Cranfield University. “Previously, we would take snapshots of entire VMs and then export daily Oracle backups every night. Point-in-time recovery was only available for a day, and then we had to revert back to daily snapshots. With incremental-forever backups and log management, we can apply transaction logs to restore back from the desired point. As a result, we have greatly reduced our RTOs while also increasing capacity savings.”
Data Integrity with Rubrik
Ransomware attacks are penetrating the porous perimeter security, endpoint and application-layer security, successfully to gain access to data. Being the last, and best, line of defence against ransomware attacks, data integrity is core to our architecture.
As backup data gets ingested into Rubrik, the filesystem uses CRC (cyclic redundancy check) to protect data integrity on physical disks. It leverages stripe and chunk checksums to protect the backups from memory corruptions and bit rot. These are used when data is read from the disk or during scans which run continuously in the background looking for data corruptions or inconsistencies. Additionally, fingerprinting algorithms are employed for more rigorous end-to-end check. These are leveraged during data ingest, replication, archival, background scans, and to achieve data immutability.
A multi-layered security framework facilitates the privacy and safety of the data. All the incoming and outgoing data is encrypted in-flight using client-side encryption libraries. Encryption at rest protects the data against physical breaches. Software (FIPS 140-2 Compliant AES-256) and hardware (FIPS 140-2 Level 2 HDD and SSD) encryption ensures data is secure even if the disks are compromised.
Keys are managed with an internal key manager (via the Trusted Platform Module chip) or an external key manager (via Key Management Interoperability Protocol). Rubrik reduces the risk of data breaches and cyber attacks by assigning granular permissions for data access. Integration with Active Directory (AD) supports granting authorizations and groups from the AD. SAM 2.0 secures the access to the cluster with Single Sign-on from SAML 2.0 compatible IdP (Identity Provider) like Okta. Role-Based Access Control (RBAC) is leveraged to define the capabilities of authenticated users. Multi-factor authentication and API tokens are used for added layers of security.
Rubrik intelligently applies global data reduction while enabling fast data reconstruction to maximize storage efficiency throughout all stages of the data lifecycle. Along with the backup of Oracle databases, the data management layer in Rubrik stores relevant metadata like host names, database names, tablespace names, backup information etc. All metadata is indexed for granular search and recovery at the database or tablespace level. This enables intuitive search across database environments, data centers, and clouds.
Operationalize Oracle Backups
DBAs and storage administrators are faced with a dilemma to backup more data at lower cost while serving the needs of agile development teams. Today, more than ever, the ability to rapidly restore a system to its last good state stands in the spotlight against the backdrop of cyber and ransomware attacks making daily headlines. With Rubrik your backups aren’t sitting for “just in case” scenarios. It addresses the requirements of fast data access to the development teams and enables rapid recovery from a ransomware attack.
Rubrik completely orchestrates the process of restoring an Oracle database to any point in time. This is accomplished by first restoring the closest preceding full database snapshot before the selected recovery point, and then applying the appropriate archive logs to move that database forward until the recovery point is reached. Multiple restore options spanning from fully automated to DBA-managed serves a wide variety of data management requirements.
The Clone option allows for an entire Oracle database or tablespace(s) to be restored to a target host. The data files, log files, control files, and parameter files are copied from the Rubrik cluster to the target to perform database or tablespace(s) recovery. The automated clones will also create and start up the database instances, updating the local oratab file. With DBA-managed clones, Rubrik copies the database files to a specified location–providing DBAs the flexibility to use custom RMAN scripts to perform recoveries. Advanced cloning options accommodate scenarios like dissimilar Oracle Homes /filesystem/ASM disk groups between source and target database. DBAs can also customize memory parameters, data & control file destinations, for example.
Instant Recovery on the other hand restores the database without copying all of the associated data. Hosting a read/write database on the Rubrik cluster eliminates the storage dependency which is critical for faster recovery after a complete database failure irrespective of the database size. Once the primary storage location is available, DBAs can use the ‘ALTER DATABASE MOVE DATAFILE’ RMAN command to migrate the datafiles online from the Rubrik cluster.
Live mount is a great choice to create rapid dev/test environments or auxiliary instances for granular recoveries. Like instant recovery, it leverages the Rubrik cluster to host the database files. Rubrik will attach a selected point-in-time snapshot to a RBS registered alternate host without moving any data files.
Using the Live Mount capability, Rubrik provides an automated way for the admins to validate the Oracle backups. Validating the backups is critical to a robust backup strategy. RMAN provides a VALIDATE command that examines the backup files for its ability to restore. The validate option within Rubrik Live Mount is a selected snapshot on an alternate host where the RMAN validate operation is executed. This easy-to-use, completely automated feature enables DBAs to validate the backups more often without worrying about the resource utilization on the production server, thereby giving them the peace of mind that the backups are intact and restorable.
Automate Oracle Database Protection
The Rubrik API ecosystem provides an easy and valuable interface to programmatically consume the platform and its services. DBAs can integrate Rubrik with a number of existing tools and workflows like IT service management (ITSM) tool or service portal, such as ServiceNow or vRealize Automation, automation tools such as Ansible, Terraform, or Puppet, or centralized monitoring tools like Nagios, Prometheus, Splunk, and many more.
These APIs can easily integrate with your existing CI/CD pipelines to accelerate your organization’s digital journey. Using APIs to live mount and clone Oracle databases enables DBAs to offer data as a service to development teams, data analysts, or data scientists via a self service portal like ServiceNow.
Using existing data pipelines and data facilitation on an instant self-service copy of the data from existing backups not only fuels faster innovation, but relieves the database administrators from numerous time-consuming schema refresh requests. Transforming data delivery by operationalizing backups through self service expedites data discovery to support resource intensive data processing algorithms ensures the production systems are isolated to optimally serve transactional workloads.
Rubrik operationalizes database backups from a mere disaster recovery mechanism to delivering a Data-as-a-Service. It serves as a valuable asset fueling innovation without burdening the production system, thereby supporting the IT teams in their goal to get more out of the data at lower cost.
Rubrik’s data protection solution for Oracle is built upon a Zero Trust platform that leverages deep integration with Oracle RMAN. Oracle Incremental merge and immutable backup snapshots deliver true incremental forever backups at scale for Oracle databases, making long backup windows impacting database performance a thing of the past.
As digital and analytics capabilities become more pervasive, organizations need to rethink their data management strategies. Capability to systematically identify, understand, and mitigate the cyber risks with a Zero Trust Data Security platform will help organizations accelerate value from their digital and analytics transformations.
Rubrik’s modern data management platform converges Oracle data protection with an inside-out data security approach. With peace of mind that their data is safe and recoverable in the event of a cyber attack, Rubrik gives valuable time back to the IT teams to accelerate digital transformation.
For more detailed information, please visit our Oracle Database solutions page.