Oracle GoldenGate finally has a GUI/Web Page interface to work with the product. This has been a long over due and welcomed feature that was initally released with Oracle GoldenGate Microservices in 12.3. Since 12.3 and through 19.1, the Oracle GoldenGate team has been preaching the simplicity and securty benefits of using a reverse proxy to simplify the URLs that are used with Oracle GoldenGate Microservices. Afterall, using a reverse proxy is a great way to simplify the architecture and allow you quick access to resources using shorter URLs.
After setting up Oracle GoldenGate Microservices, you can access the ServiceManage by using a URL that looks like:
http(s)://<host>:<port>
In my environment, this URL would look like this:
https://localhost:16000
As you can tell, I can get to the ServiceManager page on port 16000 (you set the port, we don’t set default ports although we tell people 9000). Which is easy to access, but how would I access any of the other services provided by Oracle GoldenGate Microservices? The URLs to access the other services would just require changing the port number.
In my envionrment, I would just use URLs like this:
https://localhost:16001 <- Administration Service
https://localhost:16002 <- Distribution Service
https://localhost:16003 <- Receiver Service
https://localhost:16004 <- Performance Metric Service
Not very elegant and who wants to remember port numbers? Especially when you may have multiple deployments on a single host. Much less asking your firewall admin to open ports…we all know how those grumpy bears are! How can we improve on this? The answer is simple, just use a reverse proxy to consolidate ports down to a single, standard port.
To make this easier to setup, we provide a utility when you install Oracle GoldenGate Microservices called ReverseProxySettings. This file can be found in the Oracle GoldenGate Microservices Home ($OGG_HOME/lib/utl/reverseproxy). This utility will do the initial configuration of an Nginx Reverse Proxy and allow access to a single port. The default port that is used is HTTPS (443).
To implement the Nginx Reverse Proxy, you first have to install NGINX. This done by pulling it from your Linux yum repository.
yum -y install nginx
After installing Nginx, then you will need to run the ReverseProxySettings utility. The utility requires the following items:
Oracle GoldenGate ServiceManager Login – This is the “security” role user
Password for the security role user
URL with port number for the ServiceManager
To run the script, it would look something similar to this:
cd $OGG_HOME/lib/utl/reverseproxy ./ReverseProxySettings -u oggadmin -P ********* -o ogg.conf https://localhost:16000
The ogg.conf file will be created in the directory where you ran the RegisterProxySettings script. This is the configuration file for Nginx Reverse Proxy. You can also use this file to model other reverse proxies, but Oracle is only going to support the Nginx version.
Once you ahve the ogg.conf file, you need to either be root or have sudo access to configure the Reverse Proxy. In this example, I’m using the sudo approach as the Oracle user.
To configure the Nginx Reverse Proxy, perform the following steps:
sudo cp ogg.conf /etc/nginx/conf.d/nginx.conf sudo sh /etc/ssl/certs/make-dummy-cert /etc/nginx/ogg.pem sudo nginx sudo nginx -t sudo nginx -s reload
After configuring the Reverse Proxy and starting the processes, you will be able ot access the ServiceManager without the port number. In this example, that would be:
https://localhost
Notice that the URL is shorter due to the port number being gone. Yes, I know it says it is un-secure, but that is due to the certficicate for the localhost. The enviornment is still encrypted between source -and-target. Will write another post at some point on how to fix that 🙂
Where the reall benefit of these short URLs while using the Reverse Proxy is with the deployments. Typically when you want to access a deployment, you would need to do something like this:
https://localhost:16001
With the Reverse Proxy, I can now bypass the port number and drill directly down into the deployment I would like to use. Check this out:
https://localhost/Atlanta/adminsrvr
This URL will take me directly to the Adminsitration Service for the Atlanta deployment.
With simplified URLs, I can easily administror Oracle GoldenGate from any remote location using the web pages without needing to remember port numbers. Which greatly simplifys the footprint of Oracle GoldenGate. Additionally, your firewall administrators will love you for making their life easier!
Enjoy!!!
Please follow and like:
Current Oracle Certs
Bobby Curtis
I’m Bobby Curtis and I’m just your normal average guy who has been working in the technology field for awhile (started when I was 18 with the US Army). The goal of this blog has changed a bit over the years. Initially, it was a general blog where I wrote thoughts down. Then it changed to focus on the Oracle Database, Oracle Enterprise Manager, and eventually Oracle GoldenGate.
If you want to follow me on a more timely manner, I can be followed on twitter at @dbasolved or on LinkedIn under “Bobby Curtis MBA”.
Follow if you like:
på grund af denne vidunderlige læsning !!! Jeg kunne bestemt virkelig godt lide hver eneste lille smule af det, og jeg
det. Denne side har bestemt alle de oplysninger, jeg ønskede om dette emne, og vidste ikke, hvem jeg skulle spørge. Dette er min 1. kommentar her, så jeg ville bare give en hurtig
har også bogmærket dig for at se på nye ting på din blog Hej! Har du noget imod, hvis jeg deler din blog med min facebook
apreciariam o seu conteúdo. Por favor, me avise.
مرحبًا، أعتقد أن هذه مدونة ممتازة. لقد عثرت عليها بالصدفة ;
que eu mesmo criei ou terceirizei, mas parece que
Hi there to every one, the contents present at this web
page are actually awesome for people knowledge, well, keep up the good work fellows.
It contains fastidious material.|I think the admin of this website is actually working hard in favor of his site,
fortsæt med at guide andre. Jeg var meget glad for at afdække dette websted. Jeg er nødt til at takke dig for din tid
že spousta z něj se objevuje na internetu bez mého souhlasu.
buď vytvořil sám, nebo zadal externí firmě, ale vypadá to.
nogensinde løbe ind i problemer med plagorisme eller krænkelse af ophavsretten? Mit websted har en masse unikt indhold, jeg har
Conhecem algum método para ajudar a evitar que o conteúdo seja roubado? Agradecia imenso.
Incredible! This blog looks exactly like my old one! It’s on a completely different topic but it has pretty much the same page layout and design. Outstanding choice of colors!
gruppe? Der er mange mennesker, som jeg tror virkelig ville
Excellent beat ! I wish to apprentice while you amend your site, how can i subscribe for a blog site? The account aided me a acceptable deal. I had been a little bit acquainted of this your broadcast provided bright clear idea