Create Databases from Automatic Daily Backups - New Feature - Jan 2019 - Oracle Cloud Infrastructure

New Feature - Create Databases from Automatic Daily Backups
Services : Block Volume
Release Month : Jan 2019

Automatic Daily Backup feature lets you to create automated backups of OCI DB System Databases on a daily basis. With this feature you can now create a new system out of the automated daily backups.

Here is a DB System in OCI that is created and you can see there is a Automated Backup Running

Once the backup is completed you will see that it is ready for the refresh





From the backup section select Create Backup and fill in the required details





Once you start the database creation process you will see the restore process beginning immediately.



The DB System will have your database in provisioning stage



Once restore is done you will be having your new Database up and running.



This is indeed a cool feature. I bet your DBA will love to see this , he can now start looking into other useful stuffs.

In-transit encryption for boot and block volumes - New Feature - Jan 2019 - Oracle Cloud Infrastructure

New Feature : In-transit encryption for boot and block volumes

Services : Block Volume

Release Month : Jan 2019

Data is often considered less secured when in movement. It could be across two servers , two data center , between two services, between cloud and on-premise or between two cloud providers. Wherever data is  moving , data protection methods should be implemented for in transit data that are critical. While organization care more about data at rest , protecting sensitive data in-transit should also be given high importance as attackers find new methods to steal data.

Encryption is the best way to protect data in-transit. This is done by encrypting the data before sending it , authenticating the end points and decryption once the data is received. 

OCI block volume service encrypts all block volumes at rest and their backups as well using AES Advanced Encryption Standard algorithms with 256-bit encryption. Data moving between the instance and the block volume is transferred over an internal and highly secure network. This transfer could be encrypted with this feature announcement for paravirtualized volume attachments on virtual machines.

Optionally you can use the encryption keys managed by the key management service for volume encryption. if there is no service used oracle provided encryption key is used and this is for both data at rest and in-transit.

Here above when you specify the key for the block while creating then the same will be used for in-transit as well.

Consistent device paths for block volumes - New Feature - Jan 2019 - Oracle Cloud Infrastructure

New Feature : Consistent device paths for block volumes
Services : Block Volume
Release Date : Jan 2019

With this feature you can now select a device path that will remain consistent between instance reboots. though this is an optional feature it is recommended to use the device path as you can refer to the volumes when create partitions , creating file systems , mounting file system , you can also specify this option in /etc/fstab file for automatically mounting volumes on the instance boot.

Operating System Linux Images that are released by Oracle prior to November 2018 would not be able to use this feature. Windows based , Custom images and Partner images are not supported.

To verify if consistent device path support is available on your instance , login into your environment and do a "ll /dev/oracleoci/oraclevd*" , if you see a list of devices then it is supported else if you get a message "no such file or directory" then it is not supported.





Attaching a device path in the console is done simply by selecting a device path for the block volume.  Once attached you can verify the block volume from the summary page

Device Path : /dev/oracleoci/oraclevdb

After attaching the device then from the operating system you can create a partition using the device path.

fdisk  /dev/oracleoci/oraclevdb 

mkfs.ext3 /dev/oracleoci/oraclevdb1
update : /etc/fstab --- /dev/oracleoci/oraclevdb1   /oradata    ext3    defaults,_netdev,noatime  0  2
mkdir /oradata
mount /dev/oracleoci/oraclevdb1 /oradata