In the first part of this series, we discussed several use cases for including a second Region in your disaster recovery (DR) plans for your Amazon Relational Database Service (Amazon RDS) for Oracle database instances. We also introduced cross-Region automated backups to assist you in establishing and maintaining cross-Region point in time restore (PITR) capability for your Amazon RDS for Oracle instances. In this post, we show you how to set up cross-Region automated backups on new and existing RDS for Oracle instances, including AWS KMS-encrypted instances, and we show how to monitor the replication as well as how to perform a point-in-time restore in the destination Region.
Set up cross-Region automated backups
Setting up cross-Region automated backups via the AWS Management Console or AWS Command Line Interface (AWS CLI) is straightforward. You can enable cross-Region automated backups during instance creation or at a later time with a simple modification of the instance.
To add cross-Region automated backups to an existing instance via the Amazon RDS console, complete the following steps:
On the Amazon RDS console, choose an RDS Oracle instance from the list of databases in your AWS account and Modify.
Under Additional Configuration, the Backup section allows you to specify the backup retention period for the local Region.
A check box below the backup window enables replication and exposes drop-downs for the destination Region and replicated backup retention period.The backup retention period for the destination Region is completely independent of the period set for the source Region. Either Region may be set up to 35 days to accommodate your DR plans.
After you make your selections, choose whether to implement the changes immediately or during the next scheduled maintenance window.
Only certain Regions are paired at this time, such as US East (N. Virginia) with US West (Oregon); EU (Ireland) with EU (Frankfurt); and Asia Pacific (Tokyo) with Asia Pacific (Osaka). More Region pairings are coming soon. To see which Regions support replication with your current Region, run the following command.
The following screenshot shows the us-west-2 Region is paired with us-east-1 for Amazon RDS automated backup replication.
Cross-Region automated backups fully support Amazon RDS encryption using AWS Key Management Service (AWS KMS) keys. To enable cross-Region automated backups on an AWS KMS-encrypted instance, you must specify an existing AWS KMS key ARN (Amazon Resource Name) in the destination Region to encrypt the snapshot data there. No other changes to the workflow are required.
To verify automated backups of your instances in the local Region, choose Automated backups in the navigation pane of the Amazon RDS console and look under the Current Region tab. You can view and manage cross-Region backups from this page. Choose the Replicated tab to view backups from a remote Region that have been replicated to the Region currently in view. In the destination Region, you can view the restorable time window for each replicated backup and initiate the restore of a backup to a point in time within that window for a given instance.
To view your in-Region restorable time window and replicated backups ARN from the AWS CLI, enter the following code.
The following screenshot shows our result.
In the destination Region, you can confirm the restore window specifying the automated backup’s ARN obtained from the previous command’s output.
The following screenshot shows our result.
Disaster recovery walkthrough
In the unlikely event of a disaster that renders the source Region for your RDS Oracle instance unavailable, restoring your cross-Region snapshots follows the same process as restoring in the source Region. Amazon RDS always restores from backup to a new instance. You can initiate a restore via the Amazon RDS console, the AWS CLI, or by making an API call within your automation framework.
To use the Amazon RDS console, complete the following steps:
On the Amazon RDS console, choose Automated backups in the navigation pane.
On the Replicated tab, choose the instance in question.
On the Actions menu, choose Restore to point in time.
The dialog follows the same flow as in the source Region for the instance: restore to the latest restorable time is the default option, or specify any time within the restore window down to the second.Choose the latest restorable time to recover as much data as possible, or specify a custom restore time in cases where logical data corruption was introduced at a known time and the goal is to restore to prior to that incident.
You must specify a DB instance identifier and may change various aspects of the instance to be restored, including database version, license model, instance name, instance class and size, single- or Multi-AZ, storage options, authentication, and more.
Accomplish the same from the AWS CLI with the following code.
The cross-Region automated backups feature has also created a copy of the options group from the source Region named xrab-<source Region>-<source options group name>-…, which is the default selection for the options group of the restored instance. You can specify a different options group or leave it at the default to preserve the same options as in the source Region. You can also use the RestoreDbInstanceToPointInTime Amazon RDS API operation to accomplish the restore.
Amazon RDS begins working on the restore immediately, and the Amazon RDS console shows the status of the new instance as Creating.
The time taken to complete the restore operation largely depends on the number of archived logs that must be applied on top of the automated snapshot to arrive at your chosen restore point. Amazon RDS backs up the instance after it completes the restore.
Shortly thereafter, the instance shows the Available status.
Select the instance endpoint on the Connectivity & security tab and update your applications to point to the new instance. Your restore is complete, and the instance is available for transactions. You may now choose to replicate the automated backups of the restored instance to another Region.
When automated backups are enabled for your instance and the instance is in the Available state, Amazon RDS takes a daily backup snapshot of your database instance during the maintenance window associated with the instance. Amazon RDS also uploads archived redo logs from the Oracle instance to Amazon S3 every 5 minutes. With cross-Region automated backups enabled for the instance, Amazon RDS replicates the snapshots and archived redo logs to the second Region.
You can observe the difference in the latest restorable time between the source and target Regions by viewing the automated backups lists in each Region. Each scheduled upload of archived logs takes some minutes to complete, which means you should expect the latest restorable time in the Region where the RDS instance runs to be less than 10 minutes ago at any given time. After the logs are stored in Amazon S3 in the source Region, the logs replicate to the target Region, typically arriving there within minutes, which means you can typically expect the latest restorable time in the destination Region to be less than 25 minutes ago, trailing the local Region by 10–15 minutes. As an example, the following screenshots were captured at 5:40 PM UTC, and we see latest restorable times from approximately 7 minutes ago to as little as 3 minutes ago.
Looking at the destination Region, we see the latest restorable times are between 10–14 minutes ago. Our focus database instance shows a latest restorable time 5 minutes further in the past in the destination Region than in its source Region.
In this post, we walked through setting up cross-Region automated backups on new and existing RDS for Oracle instances, including AWS KMS-encrypted instances, and we showed how to monitor the replication as well as how to perform a point-in-time restore in the destination Region. For more information about enabling and working with cross-Region automated backups, see Replicating automated backups to another AWS Region.
About the authors
Nathan Fuzi is a Senior Database Specialist Solutions Architect at AWS.
Nagesh Battula is a Principal Product Manager on the Amazon Web Services RDS team. He is responsible for the product management of Amazon RDS for Oracle. Prior to joining AWS, Nagesh was a member of the Oracle High Availability Product Management team with special focus on distributed database architecture addressing scalability and high availability. While at Oracle, he was the product manager for Oracle Sharding and Oracle Global Data Services. Nagesh has 20+ years of combined experience in the database realm. He has a BS in Engineering and MS in Computer Science. He is a frequent speaker at various database related user groups and conferences.
Read MoreAWS Database Blog