Oracle Cloud Infrastructure Documentation

Using the dbaascli Utility on Oracle Exadata Database Service on Exascale Infrastructure

Learn to use the dbaascli utility on Oracle Exadata Database Service on Exascale Infrastructure.

Parent topic: Reference Guides for Oracle Exadata Database Service on Exascale Infrastructure

About Using the dbaascli Utility on Oracle Exadata Database Service on Exascale Infrastructure

You can use the dbaascli utility to perform various database lifecycle and administration operations on Oracle Exadata Database Service on Exascale Infrastructure

For example, with dbaascli, you can change the password of a database user, start a database, or manage pluggable databases (PDBs), and more.

You must use the Oracle Cloud Infrastructure console or command-line interface to scale resources. The capabilities of the dbaascli utility are in addition to, and separate from, the Console, API, or command-line interface (CLI). Unless specified differently, you need root access to dbaascli to run all administration commands.

To use the utility, you must be connected to an Oracle Exadata Database Service on Exascale Infrastructure virtual machine.

To get possible commands available with dbaascli, run dbaascli --help.

To get command-specific help, run dbaascli command --help. For example, dbaascli database create --help.

See dbasscli Command Reference in the document for commands and command specific information.

Creating Databases Using dbaascli

Using dbaascli, you can create an Oracle Database by first creating an Oracle Database home of desired version, followed by creating a database in that Oracle Database home

Parent topic: Using the dbaascli Utility on Oracle Exadata Database Service on Exascale Infrastructure

Listing Available Software Images and Versions for Database and Grid Infrastructure

To produce a list of available supported versions for patching, use the dbaascli cswlib showImages command.

  1. Connect to the virtual machine as the opc user.

    For detailed instructions, see Connecting to a Virtual Machine with SSH.

  2. Start a root user command shell:
    sudo -s
  3. Run the following command:
    dbaascli cswlib showImages --product database

    The command output lists the available database software images.

    dbaascli cswlib showImages --product grid

    The command output lists the available grid software images.

  4. Exit the root user command shell:
    exit

    For more details on advanced supported options, see dbaascli cswlib showImages.

Example 6-1 dbaascli cswlib showImages

[root@dg11lrg1 dbhome_1]# dbaascli cswlib showImages
DBAAS CLI version <version>
Executing command cswlib
      showImagesJob id: 00e89b1a-1607-422c-a920-22f44bec1953Log file location:
      /var/opt/oracle/log/cswLib/showImages/dbaastools_2022-05-11_08-49-12-AM_46941.log

############
List of Available Database Images
#############

17.IMAGE_TAG=18.17.0.0.0  
   VERSION=18.17.0.0.0  
   DESCRIPTION=18c JAN 2022 DB Image

18.IMAGE_TAG=19.10.0.0.0  
   VERSION=19.10.0.0.0  
   DESCRIPTION=19c JAN 2021 DB Image

19.IMAGE_TAG=19.11.0.0.0  
   VERSION=19.11.0.0.0  
   DESCRIPTION=19c APR 2021 DB Image

20.IMAGE_TAG=19.12.0.0.0
  VERSION=19.12.0.0.0
  DESCRIPTION=19c JUL 2021 DB Image

21.IMAGE_TAG=19.13.0.0.0  
  VERSION=19.13.0.0.0  
  DESCRIPTION=19c OCT 2021 DB Image

Images can be downloaded using their image tags. For details, see help using 'dbaascli cswlib download --help'.
dbaascli execution completed

Creating Oracle Database Home

To create an Oracle Database home of desired version, use the dbaascli dbhome create command.

Note

You can create an Oracle Database home with a specified Oracle home name. If you do not specify, then this is computed automatically (recommended).
  1. Connect to the virtual machine as the opc user.

    For detailed instructions, see Connecting to a Virtual Machine with SSH.

  2. Start a root user command shell:
    sudo -s
  3. Run the following command: 
    dbaascli dbhome create --version Oracle Home Version --imageTag image Tag Value
    Where:
    • --version specifies the Oracle Database version
    • --imageTag specifies the Image Tag of the image to be used
    For example:
    dbaascli dbhome create --version 19.9.0.0.0
    Note

    Specifying imageTag is optional. To view the Image Tags, refer to command dbaascli cswlib showImages. Image Tags are typically same as the version of the database. However, it is kept as a provision for cases where multiple images may need to be released for the same version - each catering to a specific customer requirement.
  4. Exit the root user command shell:
    exit

    For more details on advanced supported options, see dbaascli dbhome create.

Creating Oracle Database In the Specified Oracle Database Home

To create an Oracle Database in the specified Oracle Database home of desired version, use the dbaascli database create command.

You can use the dbaascli database create command to:
  • Create a Container Database (CDB) or non-Container Database
  • Create a CDB with pluggable databases (PDBs)
  • Create an Oracle Database with the specified Character Set
  • Create Oracle Databases on a subset of cluster nodes
    Note

    Databases created on a subset of nodes will not be displayed in the OCI console.
  • Create Oracle Database version 12.1.0.2 or higher with the release update JAN 2021 or higher. For databases with lower versions, it is recommended to use the OCI Console based API.
  1. Connect to the virtual machine as the opc user.

    For detailed instructions, see Connecting to a Virtual Machine with SSH.

  2. Start a root user command shell:
    sudo -s
  3. Run the following command:
    dbaascli database create --dbName database name --oracleHome Oracle Home Path
    Where:
    • --dbName specifies the name of the database
    • --oracleHome specifies Oracle home location
    To create a CDB, run the following command:
    dbaascli database create --dbName database name --oracleHome Oracle Home Path
    To create a non-CDB, run the following command:
    dbaascli database create --dbName database name --oracleHome Oracle Home Path --createAsCDB false

    When prompted, enter the sys and tde passwords.

  4. Exit the root user command shell:
    exit

    For more details on advanced supported options, see dbaascli database create.

Related Topics

Parent topic: Creating Databases Using dbaascli

Running Prerequisite Checks Prior to Creating Oracle Database

To run prerequisites checks, use the --executePrereqs command option. This will perform only the prerequisite checks without performing the actual Oracle Database creation.

  1. Connect to the virtual machine as the opc user.

    For detailed instructions, see Connecting to a Virtual Machine with SSH.

  2. Start a root user command shell:
    sudo -s
  3. Run the following command:
    dbaascli database create --dbName database name --oracleHome Oracle Home Path --executePrereqs
    Where:
    • --dbName specifies the name of the database
    • --oracleHome specifies the Oracle home location
  4. Exit the root user command shell:
    exit

    For more details on advanced supported options, see dbaascli database create.

Resuming or Reverting Oracle Database Creation Operation

To resume or revert a failed database creation operation, use the --resume or --revert command option.

For example:
dbaascli database create --dbName database name --oracleHome Oracle Home Path --resume
Note

  • While using the --resume or --revert command options, ensure that you use the same command from the same node that was used for actual create operation flow.
  • You can resume database creation only if there is a failure in the post database creation step.

Changing the Database Passwords

To change the SYS password, or to change the TDE wallet password, use this procedure.

The password that you specify in the Database Admin Password field when you create a new Oracle Exadata Database Service on Exascale Infrastructure instance or database is set as the password for the SYS, SYSTEM, TDE wallet, and PDB administrator credentials. Use the following procedures if you need to change passwords for an existing database.

Note

if you are enabling Data Guard for a database, then the SYS password and the TDE wallet password of the primary and standby databases must all be the same.
Note

Using the dbaascli to change the SYS password will ensure the backup/restore automation can parallelize channels across all nodes in the cluster.

To Change the SYS Password for an Oracle Exadata Database Service on Exascale Infrastructure Database

  1. Log onto the Oracle Exadata Database Service on Exascale Infrastructure virtual machine as opc.
  2. Run the following command:
    sudo dbaascli database changepassword --dbname database_name --user SYS

To Change Database Passwords in a Data Guard Environment

  1. Run the following command on the primary database:
    dbaascli database changePassword —dbName <dbname> --user SYS --prepareStandbyBlob true --blobLocation <location to create the blob file>
  2. Copy the blob file created to all the standby databases and update the file ownership to oracle user.
  3. Run the following command on all the standby databases:
    dbaascli database changePassword —dbName <dbname> --user SYS --standbyBlobFromPrimary <location of copies the blob file>

To Change the TDE Wallet Password for an Oracle Exadata Database Service on Exascale Infrastructure Database

  1. Log onto the Oracle Exadata Database Service on Exascale Infrastructure virtual machine as opc.
  2. Run the following command:
    sudo dbaascli tde changepassword --dbname database_name

Managing Oracle Exadata Database Service on Exascale Infrastructure Software Images Using the Dbaascli Utility

You can list and download the Oracle database software images on an Oracle Exadata Database Service on Exascale Infrastructure instance, which can then be used for provisioning a database home.

Note

You can create custom database software images for your Oracle Exadata Database Service on Exascale Infrastructure instances using the Console or API. These images are stored in Object Storage, and can be used to provision a Database Home in your Exadata instance. See Oracle Database Software Images more information.

You can control the version of Oracle binaries that is installed when you provision a new database on an Oracle Exadata Database Service on Exascale Infrastructure instance by maintaining the software images on the system. Oracle provides a library of cloud software images that you can view and download onto your instance by using the dbaascli utility.

Parent topic: Using the dbaascli Utility on Oracle Exadata Database Service on Exascale Infrastructure

Listing Available Software Images and Versions for Database and Grid Infrastructure

To produce a list of available supported versions for patching, use the dbaascli cswlib showImages command.

  1. Connect to the virtual machine as the opc user.

    For detailed instructions, see Connecting to a Virtual Machine with SSH.

  2. Start a root user command shell:
    sudo -s
  3. Run the following command:
    dbaascli cswlib showImages --product database

    The command output lists the available database software images.

    dbaascli cswlib showImages --product grid

    The command output lists the available grid software images.

  4. Exit the root user command shell:
    exit

    For more details on advanced supported options, see dbaascli cswlib showImages.

Example 6-2 dbaascli cswlib showImages

[root@dg11lrg1 dbhome_1]# dbaascli cswlib showImages
DBAAS CLI version <version>
Executing command cswlib
      showImagesJob id: 00e89b1a-1607-422c-a920-22f44bec1953Log file location:
      /var/opt/oracle/log/cswLib/showImages/dbaastools_2022-05-11_08-49-12-AM_46941.log

############
List of Available Database Images
#############

17.IMAGE_TAG=18.17.0.0.0  
   VERSION=18.17.0.0.0  
   DESCRIPTION=18c JAN 2022 DB Image

18.IMAGE_TAG=19.10.0.0.0  
   VERSION=19.10.0.0.0  
   DESCRIPTION=19c JAN 2021 DB Image

19.IMAGE_TAG=19.11.0.0.0  
   VERSION=19.11.0.0.0  
   DESCRIPTION=19c APR 2021 DB Image

20.IMAGE_TAG=19.12.0.0.0
  VERSION=19.12.0.0.0
  DESCRIPTION=19c JUL 2021 DB Image

21.IMAGE_TAG=19.13.0.0.0  
  VERSION=19.13.0.0.0  
  DESCRIPTION=19c OCT 2021 DB Image

Images can be downloaded using their image tags. For details, see help using 'dbaascli cswlib download --help'.
dbaascli execution completed

To download a software image

You can download available software images onto your Oracle Exadata Database Service on Exascale Infrastructure instance by using the cswlib download subcommand of the dbaascli utility.

  1. Connect to a compute node as the opc user.For detailed instructions, see Connecting to a Virtual Machine with SSH.
  2. Start a root-user command shell:
    $ sudo -s
#
  3. Execute the dbaascli command with the cswlib download subcommand:
    # dbaascli cswlib download [--version <software_version>] [--imageTag <image tag
    value>]
    The command displays the location of software images that are downloaded to your Oracle Exadata Database Service on Exascale Infrastructure environment.

    The optional parameters are:

    • version: specifies an Oracle Database software version. For example, 19.14.0.0.0.
    • imageTag: specifies the image tag of the image.
  4. Exit the root-user command shell:
    # exit
$

Collect Cloud Tooling Logs and Perform a Cloud Tooling Health Check Using dbaascli

Using the dbaascli diag command allows you to collect Guest VM dbaas tooling logs for Exadata Database Service on Dedicated Infrastructure and Exadata Database Service on Cloud@Customer systems. You can use these logs to troubleshoot issues related to dbaas tooling.

You can use the diag command to collect dbaastools logs and perform a health check on all nodes in an Exadata cluster. Note that the --waitForCompletion options is supported starting in version 22.4.1
Note

  • dbaascli diag commands must be run as the root user
  • Running the dbaascli diag collect command on a single node will collect log data for all nodes
  • We recommend running the commands documented in this topic using the --waitForCompletion option for long-running commands. Refer to the examples for sample usage.

For information on updating Exadata Cloud Tooling, see dbaascli admin updateStack.

Related Topics

Parent topic: Using the dbaascli Utility on Oracle Exadata Database Service on Exascale Infrastructure

Collecting Tooling Log Data Examples

The dbaascli dbaascli diag collect command uses the syntax shown below to collect tooling log data:

See dbaascli diag collect In the dbaascli Command Reference for syntax details 

# dbaascli diag collect
DBAAS CLI version 22.4.1.0.1
Executing command diag collectJob id: 4c1c7908-541d-4ebc-8e44-042c913f6779
Loading PILOT...Session ID of the current execution is: 4
Log file location: /var/opt/oracle/log/diag/collect/pilot_2022-09-16_05-43-30-PM_99944
-----------------
...
---------- DIAG COLLECT PLUGIN RESULT ----------
{"collectedArchive":"/var/opt/oracle/dbaas_acfs/diag_collect/diag_cloudlogs_1663376003.tar.gz","SHA256CheckSum":"07136fc102dabf19be821430482412f5e43e9d32d7aa661e190e7774bcbc5e85"}
dbaascli execution completed
# dbaascli diag collect --waitForCompletion false
DBAAS CLI version 22.4.1.0.1
Executing command diag collect --waitForCompletion false
Job id: 1b8f9fec-0736-46ec-ac76-cb5a37181c14
Job accepted. Use "dbaascli job getStatus --jobID 1b8f9fec-0736-46ec-ac76-cb5a37181c14" to check the job status.
Note

Use the job status command to monitor progress. 
# dbaascli diag collect --dbNames myOracleDatabase19cName
DBAAS CLI version 22.4.1.0.1
Executing command diag collect --dbNames myOracleDatabase19cName
Job id: 3e12abff-ee89-467d-9afd-a30f9cab5967
Loading PILOT...
Session ID of the current execution is: 26
Log file location: /var/opt/oracle/log/diag/collect/pilot_2022-12-06_05-47-54-PM_60919
-----------------
...
---------- DIAG COLLECT PLUGIN RESULT ----------
{"collectedArchive":"/var/opt/oracle/dbaas_acfs/diag_collect/diag_cloudlogs_20221206-0547.tar.gz","SHA256 CheckSum":"3ce17c6cbc7a4039ec2bacfa085a7e801743e6423e063b45687501c833bc8282"}
dbaascli execution completed
# dbaascli diag collect --destLocation /tmp/test/
DBAAS CLI version 22.4.1.0.1
Executing command diag collect --destLocation /tmp/test/
Job id: c73ebadc-ebac-4180-b465-3250ec695c01
Loading PILOT...
Session ID of the current execution is: 20
Log file location: /var/opt/oracle/log/diag/collect/pilot_2022-12-06_05-16-15-PM_54647
-----------------
...
---------- DIAG COLLECT PLUGIN RESULT ----------
{"collectedArchive":"/tmp/test/diag_cloudlogs_20221206-0605.tar.gz","SHA256 CheckSum":"3670cae9a99784d1f7e647dc814e1cb519bb16f8562112d6d492babd272cd82a"}
dbaascli execution completed
# dbaascli diag collect --startTime 2021-03-19T10:00:00 --endTime 2021-03-20T10:00:00
DBAAS CLI version 22.4.1.0.1
Executing command diag collect --startTime 2021-03-19T10:00:00 --endTime 2021-03-20T10:00:00
Job id: 11b7a54a-7257-4ebd-b12c-9dc37e76ee86
Loading PILOT...
Session ID of the current execution is: 23
Log file location: /var/opt/oracle/log/diag/collect/pilot_2022-12-06_05-25-33-PM_51327
-----------------
...
---------- DIAG COLLECT PLUGIN RESULT ----------
{"collectedArchive":"/var/opt/oracle/dbaas_acfs/diag_collect/diag_cloudlogs_20221206-0525.tar.gz","SHA256 CheckSum":"7dd3d32e91688657e951b3ffd8d06cb335a408210bf213ad5a83c2a451ca0171"}
dbaascli execution completed
# dbaascli diag collect --nodes dbnode1,dbnode2
DBAAS CLI version 22.4.1.0.1
Executing command diag collect --nodes dbnode1,dbnode2
Job id: 26b41f03-b100-450a-9c3a-ae17120442a3
Loading PILOT...
Session ID of the current execution is: 24
Log file location: /var/opt/oracle/log/diag/collect/pilot_2022-12-06_05-27-35-PM_82872
-----------------
...
---------- DIAG COLLECT PLUGIN RESULT ----------
{"collectedArchive":"/var/opt/oracle/dbaas_acfs/diag_collect/diag_cloudlogs_20221206-0527.tar.gz","SHA256 CheckSum":"2a7fc0c12e0be3e8ad32f6297ed2f4532b6f883b79771dd8420a9e46102faef4"}
dbaascli execution completed
# dbaascli diag collect --components dbaastools
DBAAS CLI version 22.4.1.0.1
Executing command diag collect --components dbaastools
Job id: 7c89876d-b25c-4843-8d12-8885271891f5
Loading PILOT...
Session ID of the current execution is: 25
Log file location: /var/opt/oracle/log/diag/collect/pilot_2022-12-06_05-46-09-PM_28513
-----------------
...
---------- DIAG COLLECT PLUGIN RESULT ----------
{"collectedArchive":"/var/opt/oracle/dbaas_acfs/diag_collect/diag_cloudlogs_20221206-0546.tar.gz","SHA256 CheckSum":"c940bedbb7cfd63d51faa26ba2d04cc41483e76efaf038d6fe3644b64125db51"}
dbaascli execution completed
# dbaascli diag collect --objectStoreBucketUri https://objectstorage.us-phoenix-1.oraclecloud.com/p/t0Z-kRV5pSmFzqnf-y5XhaAbM4LS82epeBnulKnCr31IeHVjxI9tOkntLF2kq7fP/n/MyNamespace/b/MyParBucket/o/
DBAAS CLI version 22.4.1.0.1
Executing command diag collect --objectStoreBucketUri https://objectstorage.us-phoenix-1.oraclecloud.com/p/t0Z-kRV5pSmFzqnf-y5XhaAbM4LS82epeBnulKnCr31IeHVjxI9tOkntLF2kq7fP/n/MyNamespace/b/MyParBucket/o/
Job id: b7c5d682-5527-4911-9e60-aab7fdb03014
Loading PILOT...
Session ID of the current execution is: 27
Log file location: /var/opt/oracle/log/diag/collect/pilot_2022-12-06_05-50-11-PM_92873
-----------------
...
---------- DIAG COLLECT PLUGIN RESULT ----------
{"collectedArchive":"https://objectstorage.us-phoenix-1.oraclecloud.com/p/t0Z-kRV5pSmFzqnf-y5XhaAbM4LS82epeBnulKnCr31IeHVjxI9tOkntLF2kq7fP/n/MyNamespace/b/MyParBucket/o/diag_cloudlogs_20221206-0550.tar.gz","SHA256 CheckSum":"a6f0695473f763d547826c29bda73adcc7e50962652a189c22b0a3bb4f514e48"}
dbaascli execution completed

Performing a Health Check Examples

Use dbaascli dbaascli diag healthcheck command to perform a health check on all system nodes.

See dbaascli diag healthcheck for the syntax details in the dbaascli Command Reference. 

# dbaascli diag healthcheck                
DBAAS CLI version MAIN
Executing command diag healthcheck
INFO: Starting diag healthcheck
INFO: Collected diag logs at: /var/opt/oracle/dbaas_acfs/diag_cloudlogs_20210322-2246.tar.gz
# dbaascli diag healthcheck --destLocation /tmp/test
DBAAS CLI version MAIN
Executing command diag healthcheck --destLocation /tmp/test
INFO: Starting diag healthcheck
INFO: Collected diag logs at: /tmp/test/diag_cloudlogs_20210322-2250.tar.gz
# dbaascli diag healthcheck --nodes rbcl1,rbcl2                   
DBAAS CLI version MAIN
Executing command diag healthcheck --nodes rbcl1,rbcl2
INFO: Starting diag healthcheck
INFO: Collected diag logs at: /var/opt/oracle/dbaas_acfs/diag_cloudlogs_20210421-1915.tar.gz
# dbaascli diag healthcheck --objectStoreBucketUri https://objectstorage.us-phoenix-1.oraclecloud.com/p/t0Z-kRV5pSmFzqnf-y5XhaAbM4LS82epeBnulKnCr31IeHVjxI9tOkntLF2kq7fP/n/MyNamespace/b/MyParBucket/o/
DBAAS CLI version MAIN
Executing command diag healthcheck --objectStoreBucketUri https://objectstorage.us-phoenix-1.oraclecloud.com/p/t0Z-kRV5pSmFzqnf-y5XhaAbM4LS82epeBnulKnCr31IeHVjxI9tOkntLF2kq7fP/n/MyNamespace/b/MyParBucket/o/
INFO: Collected diag logs at: https://objectstorage.us-phoenix-1.oraclecloud.com/p/t0Z-kRV5pSmFzqnf-y5XhaAbM4LS82epeBnulKnCr31IeHVjxI9tOkntLF2kq7fP/n/MyNamespace/b/MyParBucket/o/diag_cloudlogs_20210421-1839.tar.gz

Updating Cloud Tooling Using dbaascli

To update the cloud tooling release for Oracle Exadata Database Service on Exascale Infrastructure, complete this procedure.

Cloud-specific tooling is used on the Oracle Exadata Database Service on Exascale Infrastructure Guest VMs for local operations, including dbaascli commands.

The cloud tooling is automatically updated by Oracle when new releases are made available. If needed, you can follow the steps below to ensure you have the latest version of the cloud-specific tooling on all of the virtual machines in the VM cluster.
Note

You can update the cloud-specific tooling by downloading and applying a software package containing the updated tools.
  1. Connect to a virtual machine as the opc user.

    For detailed instructions, see Connecting to a Virtual Machine with SSH.

  2. Start a root user command shell:
    sudo -s
  3. To update to the latest available cloud tooling release, run the following command: 
    dbaascli admin updateStack

    The command takes care of updating the cloud tooling release on all the nodes of the cluster.

    For more details and other available options, refer to dbaascli admin updateStack --help.

Creating a Duplicate Database

Using dbaascli to Duplicate a Cloud Database

You can create a duplicate database using dbaascli. This new database can be in the same cloud region as the source region or across the regions. The following steps describe how to create a duplicate database on cloud.

Note

If a database is configured with OCI Vault for TDE encryption and you want to duplicate a database, then refer to the following sections.

Prepare for duplication

Ensure that the following prerequisites are ment:

  • Make sure that there is a network path setup to access the source database through the EZConnect string.
  • Copy the TDE wallet file (ewallet.p12 ) to the target database node. The node where you decide to run the dbaascli command.
  • Create an Oracle home on the target node if required. Oracle home version must be the same version as the source or of higher RU version.

Run prerequisite checks

To run prerequisites checks, use the --executePrereqs command option. This will perform only the prerequisite checks without performing the actual Oracle Database duplication. 

dbaascli database duplicate --dbName <database name> --oracleHome <Oracle Home Path> --sourceDBConnectionString <source database EZConnect string> --sourceDBTDEWalletLocation <location of copied wallet> --sourceDBTdeConfigMethod FILE --tdeConfigMethod FILE --executePrereqs

Duplicate the database

dbaascli database duplicate --dbName <database name> --oracleHome <Oracle Home Path> --sourceDBConnectionString <source database EZConnect string> --sourceDBTDEWalletLocation <location of copied wallet> --sourceDBTdeConfigMethod FILE --tdeConfigMethod FILE
Note

If source database is using OKV for TDE keystore management, current duplicate database operation does not support this configuration.

Considerations When Using OCI Vault for the Key Management

This section is applicable only in the case of database is configured with OCI Vault for TDE encryption and you want to duplicate a database.

Duplicating a database within the same region

  • Additional prerequisite steps

    Make sure to setup OCI Vault access policies for target database nodes. Target database nodes should be able to access both source database's OCI key vault along with its new key vault (if it is decided to use separate key vault).

  • Run prerequisite checks
    dbaascli database duplicate --dbName <database name> --oracleHome <Oracle Home Path> --sourceDBConnectionString <source database EZConnect string> --sourceDBTDEWalletLocation <location of copied wallet> --sourceDBTdeConfigMethod KMS --sourceDBKMSKeyOCID <Source Database OCI Vault key OCID> --tdeConfigMethod KMS --kmsKeyOCID <OCI Vault key OCID> --executePrereqs
  • Duplicate the database
    dbaascli database duplicate --dbName <database name> --oracleHome <Oracle Home Path> --sourceDBConnectionString <source database EZConnect string> --sourceDBTDEWalletLocation <location of copied wallet> --sourceDBTdeConfigMethod KMS --sourceDBKMSKeyOCID <Source Database OCI Vault key OCID> --tdeConfigMethod KMS --kmsKeyOCID <OCI Vault key OCID>

    Upon successful completion of this command, the database is duplicated.

Duplicating a database across regions

  • Additional prerequisite steps
  • Run prerequisite checks
    dbaascli database duplicate --dbName <database name> --oracleHome <Oracle Home Path> --sourceDBConnectionString <source database EZConnect string> --sourceDBTDEWalletLocation <location of copied wallet> --sourceDBTdeConfigMethod KMS --sourceDBKMSKeyOCID <Source Database OCI Vault key OCID> --tdeConfigMethod KMS --kmsKeyOCID <OCI Vault key OCID> --executePrereqs
  • Duplicate the database
    dbaascli database duplicate --dbName <database name> --oracleHome <Oracle Home Path> --sourceDBConnectionString <source database EZConnect string> --sourceDBTDEWalletLocation <location of copied wallet> --sourceDBTdeConfigMethod KMS --sourceDBKMSKeyOCID <Source Database OCI Vault key OCID> --tdeConfigMethod KMS --kmsKeyOCID <OCI Vault key OCID>

    Upon successful completion of this command, the database is duplicated.

dbaascli Command Reference

You use dbaascli to create databases and integrate them with the cloud automation framework.

dbaascli is a cloud native interface that can take DBCA templates as inputs, calls the functionality of DBCA to create databases, and then calls OCI APIs to integrate the database into the cloud automation framework. Customers using DBCA in scripts today can update their existing scripts to call dbaascli instead of DBCA. If dbaascli cannot be used due to a particular feature of DBCA being unavailable in dbaascl, then customers should open a My Oracle Support (MOS) request to add that functionality to dbaascli.

To use the dbaascli utility, you must be connected to an Oracle Exadata Database Service on Exascale Infrastructure compute node.

Some dbaascli commands can be run as the oracle or the opc user, but many commands require root administrator privileges. Refer to each command for specific requirements.

  • dbaascli admin updateStack
    To install or update a dbaastools RPM, use the dbaascli admin updateStack command.
  • dbaascli cswlib deleteLocal
    To delete the local image, use the dbaascli cswlib deleteLocal command.
  • dbaascli cswlib download
    To download available software images and make them available in your Oracle Exadata Database Service on Exascale Infrastructure environment, use the dbaascli cswlib download command.
  • dbaascli cswlib listLocal
    To view the list of locally available Database and Grid Infrastructure images, use the dbaascli cswlib listLocal command.
  • dbaascli cswlib showImages
    To view the list of available Database and Grid Infrastructure images, use the dbaascli cswlib showImages command.
  • dbaascli database addInstance
    To add the database instance on the specified node, use the dbaascli database addInstance command.
  • dbaascli database backup
    To configure Oracle Database with a backup storage destination, take database backups, query backups, and delete a backup, use the dbaascli database backup command.
  • dbaascli database bounce
    To shut down and restart a specified Oracle Exadata Database Service on Exascale Infrastructure database, use the dbaascli database bounce command.
  • dbaascli database changepassword
    To change the password of a specified Oracle Database user, use the dbaascli database changePassword command. When prompted enter the user name for which you want to change the password and then enter the password.
  • dbaascli database convertToPDB
    To convert the specified non-CDB database to PDB, use the dbaascli database convertToPDB command.
  • dbaascli database create
    To create Oracle Database, use the dbaascli database create command. When prompted, enter the sys and tde passwords.
  • dbaascli database delete
    To delete an Oracle Database, use the dbaascli database delete command.
  • dbaascli database deleteInstance
    To delete the database instance on the specified node, use the dbaascli database deleteInstance command.
  • dbaascli database duplicate
    To create a database from an active database, use the dbaascli database duplicate command.
  • dbaascli database getDetails
    This command shows the detailed information of a given database e.g. dbname, node information, pluggable databases information etc.
  • dbaascli database getPDBs
    To view the list of all pluggable databases in a container database, use the dbaascli database getPDBs command.
  • dbaascli database modifyParameters
    To modify or reset initialization parameters for an Oracle Database, use the dbaascli database modifyParameters command.
  • dbaascli database move
    To move the database from one home to another, use the dbaascli database move command.
  • dbaascli database recover
    To recover a database, use the dbaascli database recover command.
  • dbaascli database runDatapatch
    To patch an Oracle Database, use the dbaascli database runDatapatch command.
  • dbaascli database createTemplate
    To create database templates (DBCA templates) that can subsequently be used to create databases, use the dbaascli database createTemplate command.
  • dbaascli database start
    To start an Oracle Database, use the dbaascli database start command.
  • dbaascli database status
    To check the status of an Oracle Database, use the dbaascli database status command.
  • dbaascli database stop
    To stop an Oracle Database, use the dbaascli database stop command.
  • dbaascli database upgrade
    To upgrade an Oracle Database, use the dbaascli database upgrade command.
  • dbaascli dataguard prepareStandbyBlob
    To generate a blob file containing various files that are required on the standby site in case of a dataguard environment, use the dbaascli dataguard prepareStandbyBlob command.
  • dbaascli dataguard updateDGConfigAttributes
    To update Data Guard automation attributes across all the cluster nodes, use the dbaascli dataguard updateDGConfigAttributes command.
  • dbaascli dbhome create
    To create an Oracle Database home of desired version, use the dbaascli dbhome create command.
  • dbaascli dbHome delete
    To delete a given Oracle Database home, use the dbaascli dbHome delete command.
  • dbaascli dbhome getDatabases
    To view information about all Oracle Databases running from a given database Oracle home, use the dbaascli dbHome getDatabases command. Specify either the Oracle home location or Oracle home name.
  • dbaascli dbHome getDetails
    To view information about a specific Oracle home, use the dbaascli dbHome getDetails command. Specify either the Oracle home location or Oracle home name.
  • dbaascli dbHome patch
    To patch Oracle home from one patch level to another, use the dbaascli dbHome patch command.
  • dbaascli dbimage purge
    The dbimage purge command removes the specified software image from your Oracle Exadata Database Service on Exascale Infrastructure environment.
  • dbaascli diag collect
    To collect diagnostics, use the dbaascli diag collect command.
  • dbaascli diag healthCheck
    To run diagnostic health checks, use the dbaascli diag healthCheck command.
  • dbaascli grid configureTCPS
    To configure TCPS for the existing cluster, use the dbaascli grid configureTCPS command.
  • dbaascli grid patch
    To patch Oracle Grid Infrastructure to the specified minor version, use the dbaascli grid patch command.
  • dbaascli grid removeTCPSCert
    To remove existing TCPS certificates from Grid Infrastructure wallet, use the dbaascli grid removeTCPSCert command.
  • dbaascli grid rotateTCPSCert
    To rotate TCPS certificates, use the dbaascli grid rotateTCPSCert command.
  • dbaascli grid upgrade
    To upgrade Oracle Grid Infrastrucure from one major version to another, use the dbaascli grid upgrade command.
  • dbaascli job getStatus
    To view the status of a specified job, use the dbaascli job getStatus command.
  • dbaascli patch db apply
  • dbaascli patch db prereq
  • dbaascli pdb backup
    To backup a pluggable database (PDB), query PDB backups, and delete a PDB backup, use the dbaascli pdb backup command.
  • dbaascli pdb bounce
    To bounce a pluggable database (PDB), use the dbaascli pdb bounce command.
  • dbaascli pdb close
    To close a pluggable database (PDB), use the dbaascli pdb close command.
  • dbaascli pdb getConnectString
    To display Oracle Net connect string information for a pluggable database (PDB) run the dbaascli pdb getConnectString command.
  • dbaascli pdb create
    To create a new pluggable database (PDB), use the dbaascli pdb create command.
  • dbaascli pdb createSnapshot
    To create a snapshot of a given pluggable database (PDB), use the dbaascli pdb createSnapshot command.
  • dbaascli pdb configureSnapshot
    To configure automatic snapshots for a given pluggable database (PDB), use the dbaascli pdb configureSnapshot command.
  • dbaascli pdb delete
    To delete a pluggable database (PDB) run the dbaascli pdb delete command.
  • dbaascli pdb deleteSnapshot
    To delete a snapshot of a given pluggable database (PDB), use the dbaascli pdb deleteSnapshot command.
  • dbaascli pdb getDetails
    To view details of a pluggable database (PDB), use the dbaascli pdb getDetails command.
  • dbaascli pdb getSnapshot
    To obtain details of a given pluggable database (PDB) snapshot, use the dbaascli pdb getSnapshot command.
  • dbaascli pdb list
    To view the list of pluggable databases (PDB) in a container database, use the dbaascli pdb list command.
  • dbaascli pdb listSnapshots
    To list the snapshots of a given pluggable database (PDB), use the dbaascli pdb listSnapshots command..
  • dbaascli pdb localClone
    To create a new pluggable database (PDB) as a clone of an existing PDB in the same container database (CDB), use the dbaascli pdb localClone command.
  • dbaascli pdb open
    To open a pluggable database (PDB), use the dbaascli pdb open command.
  • dbaascli pdb recover
    To recover a pluggable database (PDB), use the dbaascli pdb recover command.
  • dbaascli pdb refresh
    To refresh a specified pluggable database (PDB), use the dbaascli pdb refresh command.
  • dbaascli pdb relocate
    To relocate the specified PDB from the remote database into local database, use the dbaascli pdb relocate command.
  • dbaascli pdb remoteClone
    To create a new pluggable database (PDB) as a clone of an existing PDB in another container database (CDB), use the dbaascli pdb remoteClone command.
  • dbaascli system getDBHomes
    To view information about all the Oracle homes, use the dbaascli system getDBHomes command.
  • dbaascli tde changePassword
    To change TDE keystore password as well as DB wallet password for the alias tde_ks_passwd, use the dbaascli tde changePassword command.
  • dbaascli tde addSecondaryHsmKey
    To add a secondary HSM (KMS) key to the existing HSM (KMS) configuration, use the dbaascli tde addSecondaryHsmKey command.
  • dbaascli tde enableWalletRoot
    To enable wallet_root spfile parameter for the existing database, use the dbaascli tde enableWalletRoot command.
  • dbaascli tde encryptTablespacesInPDB
    To encrypt all the tablespaces in the specified PDB, use the dbaascli tde encryptTablespacesInPDB command.
  • dbaascli tde fileToHsm
    To convert FILE based TDE to HSM (KMS/OKV) based TDE, use the dbaascli tde fileToHsm command.
  • dbaascli tde getHsmKeys
    To get TDE active key details, use the dbaascli tde getHsmKeys command.
  • dbaascli tde getMkidForKeyVersionOCID
    To get Master Key ID associated with the KMS key version OCID, use the dbaascli tde getMkidForKeyVersionOCID command.
  • dbaascli tde getPrimaryHsmKey
    To get primary HSM (KMS) key from the existing HSM (KMS) configuration, use the dbaascli tde getPrimaryHsmKey command.
  • dbaascli tde hsmToFile
    To convert HSM (KMS/OKV) based TDE to FILE based TDE, use the dbaascli tde hsmToFile command.
  • dbaascli tde listKeys
    To list TDE master keys, use the dbaascli tde listKeys command.
  • dbaascli tde removeSecondaryHsmKey
    To remove secondary HSM (KMS) key from the existing HSM (KMS) configuration, use the dbaascli tde removeSecondaryHsmKey command.
  • dbaascli tde rotateMasterKey
    To rotate the master key for database encryption, use the dbaascli tde rotateMasterKey command.
  • dbaascli tde setKeyVersion
    To set the version of the primary key to be used in DB/CDB or PDB, use the dbaascli tde setKeyVersion command.
  • dbaascli tde setPrimaryHsmKey
    To change the primary HSM (KMS) key for the existing HSM (KMS) configuration, use the dbaascli tde setPrimaryHsmKey command.
  • dbaascli tde status
    To display information about the keystore for the specified database, use the dbaascli tde status command.

Parent topic: Using the dbaascli Utility on Oracle Exadata Database Service on Exascale Infrastructure

dbaascli admin updateStack

To install or update a dbaastools RPM, use the dbaascli admin updateStack command.

Prerequisites

Run the command as the root user.

To use the utility, you must connect to an Oracle Exadata Database Service on Exascale Infrastructure virtual machine.

See, Connecting to a Virtual Machine with SSH.

Syntax

dbaascli admin updateStack 
[--resume]
[--prechecksOnly]
[--nodes]
Where:
  • --resume resumes the previous execution
  • --prechecksOnly runs only the prechecks for this operation
  • --nodes specifies a comma-delimited list of nodes to install the RPM on. If you do not pass this argument, then the RPM will be installed on all of the cluster nodes

dbaascli cswlib deleteLocal

To delete the local image, use the dbaascli cswlib deleteLocal command.

Run the command as the root user.

Syntax

dbaascli cswLib deleteLocal --imageTag <value>

Where:

  • --imageTag specifies Oracle home image tag

Example 6-3 dbaascli cswlib deletelocal

dbaascli cswlib deletelocal --imagetag 19.15.0.0.0
DBAAS CLI version MAIN
Executing command cswlib deletelocal --imagetag 19.15.0.0.0
Job id: 8b3e71de-4b81-4832-b49c-7f892179bb4f
Log file location: /var/opt/oracle/log/cswLib/deleteLocal/dbaastools_2022-07-18_10-00-02-AM_73658.log
dbaascli execution completed

dbaascli cswlib download

To download available software images and make them available in your Oracle Exadata Database Service on Exascale Infrastructure environment, use the dbaascli cswlib download command.

Prerequisites

Run the command as the root user.

To use the utility, you must connect to an Oracle Exadata Database Service on Exascale Infrastructure virtual machine.

See, Connecting to a Virtual Machine with SSH.

Syntax

dbaascli cswlib download --version | --imageTag
[--product]
Where:
  • --version specifies an Oracle home image version
  • --imageTag specifies the image tag of the image
  • --product specifies the image type. Valid values: database or grid

Example 6-4 dbaascli cswlib download --product --imageTag

dbaascli cswlib download --product database --imageTag 19.14.0.0.0

Example 6-5 dbaascli cswlib download --version 19.9.0.0.0

dbaascli cswlib download --product database --imageTag 19.14.0.0.0

dbaascli cswlib listLocal

To view the list of locally available Database and Grid Infrastructure images, use the dbaascli cswlib listLocal command.

Run the command as the root user.

Syntax

dbaascli cswLib listLocal [--product <value>]

Where:

  • --product identifies Oracle home product type. Valid values: database or grid.

Example 6-6 dbaascli cswlib listlocal

dbaascli cswlib listlocal
DBAAS CLI version MAIN
Executing command cswlib listlocal
Job id: bc4f047c-0a34-4d4d-a1ea-21ddc2a9c627
Log file location: /var/opt/oracle/log/cswLib/listLocal/dbaastools_2022-07-18_10-29-53-AM_16077.log
############ List of Available Database Images  #############
1.IMAGE_TAG=12.2.0.1.220419
  IMAGE_SIZE=5GB
  VERSION=12.2.0.1.220419
  DESCRIPTION=12.2 APR 2022 DB Image
2.IMAGE_TAG=18.16.0.0.0
  IMAGE_SIZE=6GB
  VERSION=18.16.0.0.0
  DESCRIPTION=18c OCT 2021 DB Image
3.IMAGE_TAG=19.14.0.0.0
  IMAGE_SIZE=5GB
  VERSION=19.14.0.0.0
  DESCRIPTION=19c JAN 2022 DB Image
dbaascli execution completed

dbaascli cswlib showImages

To view the list of available Database and Grid Infrastructure images, use the dbaascli cswlib showImages command.

Run the command as the root user.

Syntax

dbaascli cswlib showImages 
[--product]

Where:

  • --product identifies Oracle home product type. Valid values: database or grid.

Example 6-7 dbaascli cswlib showImages

dbaascli cswlib showImages

dbaascli database addInstance

To add the database instance on the specified node, use the dbaascli database addInstance command.

Prerequisite

  • Run the command as the root user.

Syntax

dbaascli database addInstance --dbname <value> --node <value> [--newNodeSID <value>]
Where:
  • --dbname specifies Oracle Database name
  • --node specifies the node name for the database instance
    • --newNodeSID specifies SID for the instance to add in the new node

dbaascli database backup

To configure Oracle Database with a backup storage destination, take database backups, query backups, and delete a backup, use the dbaascli database backup command.

Prerequisite

  • Run the command as the root user.

Syntax

dbaascli database backup --dbname <value>
        {
            --list
                {
                    [--backupType <value>]
                    | [--json <value>]
                }
            | --start [--level0] [--level1]
                {
                    [--archival --tag <value>]
                    | [--archivelog]
                }
            | --delete --backupTag <value>
            | --status --uuid <value>
            | --getBackupReport
                {
                    --tag <value>
                    | --latest
                }
                --json <value>
            | --configure
                {
                    --configFile <value>
                    | --enableRTRT
                    | --disableRTRT
                }
            | --getConfig [--configFile <value>]
            | --validate [--untilTime <value>]
            | --showHistory [--all]
        }
Where:
--dbname: Oracle Database name.
--list | --start | --delete | --status | --getBackupReport | --configure | --getConfig
--list: Returns database backup information.
    [--json: Specify the file name for JSON output.]
--start: Begins database backup.
        [--level0 | --level1 | --archival]
        [--level0: Creates a Level-0 (full) backup. ]
        [--level1: Creates a Level-1 (incremental) backup. ]
        [--archival: Creates an Archival full backup. ]
             --tag: Specify backup tag.
--delete: Deletes Archival backup.
            --backupTag <value>
--status
            --uuid <value>
--getBackupReport: Returns backup report.
            --tag: Specify backup tag.
            --latest: Returns latest backup report (all types of database backup).
            --json: Specify the file name for JSON output.
--configure: Configures database for backup.
            --configFile | --enableRTRT | --disableRTRT
            --configFile: Specify database backup configuration file.
            --enableRTRT: Enables Real Time Redo Transport.
            --disableRTRT: Disables Real Time Redo Transport.
--getConfig: Returns database backup configuration.
            [--configFile: Specify the database backup configuration file.]
--validate: Validates that backups are complete and corruption-free.
            [--untilTime: Validates from closest Level-0 (full) backup until time provided. Input format: DD-MON-YYYY HH24:MI:SS.]
--showHistory: Displays the history of backup operations.
            [--all: Displays all backup operations.]
Note

enableRTRT and disableRTRT are applicable only for ZDLRA backup destination on Exadata Database Service on Cloud@Customer.

Example 6-8 Examples

  • To get backup configuration for a database myTestDB:
    dbaascli database backup --dbName myTestDB --getConfig --configFile /tmp/configfile_1.txt
  • To set backup configuration for a database myTestDB by modifying the config file with configuration details:
    dbaascli database backup --dbName myTestDB --configure --configFile /tmp/configfile_1_modified.txt
  • To take backup of the database myTestDB:
    dbaascli database backup --dbName myTestDB --start
  • To query the status of backup request submitted with uuid 58fdcae0bd1c11eb92bc020017075151:
    dbaascli database backup --dbName myTestDB --status --uuid 58fdcae0bd1c11eb92bc020017075151
  • To enable RTRT for the database myTestDB:
    dbaascli database backup --dbName myTestDB --configure —enableRTRT

dbaascli database bounce

To shut down and restart a specified Oracle Exadata Database Service on Exascale Infrastructure database, use the dbaascli database bounce command.

Prerequisites

Run the command as the oracle user.

Syntax

dbaascli database bounce
[--dbname][--rolling <value>]
Where:
  • --dbname specifies the name of the database
  • --rolling specifies true or false to bounce the database in a rolling manner. Default value is false.

The command performs a database shutdown in immediate mode. The database is then restarted and opened. In Oracle Database 12c or later, all of the PDBs are also opened.

Example 6-9 dbaascli database bounce

dbaascli database bounce --dbname dbname

dbaascli database changepassword

To change the password of a specified Oracle Database user, use the dbaascli database changePassword command. When prompted enter the user name for which you want to change the password and then enter the password.

Prerequisites

Run the command as the root or oracle user.

Syntax

dbaascli database changePassword [--dbname <value>] [--user <value>]
{
  [--prepareStandbyBlob <value> [--blobLocation <value>]] | [--standbyBlobFromPrimary <value>]
}
[--resume [--sessionID <value>]]
Where:
  • --dbname specifies the name of the Oracle Database that you want to act on
  • --user specifies the user name whose password change is required
  • --prepareStandbyBlob specifies true to generate a blob file containing the artifacts needed to change the password in a Data Guard environment. Valid values: true|false
  • --blobLocation specifies the custom path where blob file will be generated
  • --standbyBlobFromPrimary specifies the standby blob file, which is prepared from the primary database
  • --resume specifies to resume the previous execution
    • --sessionID specifies to resume a specific session ID

Example 6-10 dbaascli database changePassword

dbaascli database changepassword --dbname db19

dbaascli database convertToPDB

To convert the specified non-CDB database to PDB, use the dbaascli database convertToPDB command.

Syntax

dbaascli database convertToPDB --dbname <value> [--cdbName <value>] [--executePrereqs]
        {
            [--copyDatafiles [--keepSourceDB]]|[backupPrepared]
        }
        [--targetPDBName <value>] [--waitForCompletion <value>] [--resume [--sessionID <value>]]
Where:
  • --dbname specifies the name of Oracle Database
  • --cdbName specifies the name of the target CDB in which the PDB will be created. If the CDB does not exist, then it will be created in the same Oracle home as the source non-CDB
  • --executePrereqs specifies to run only the pre-conversion checks
  • --copyDatafiles specifies to create a new copy of the data files instead of using the ones from the source database

    --keepSourceDB - to preserve the source database after completing the operation.

  • --backupPrepared - flag to acknowledge that a proper database backup is in place for the non CDB prior to performing the conversion to PDB.
  • --backupPrepared flag to acknowledge that a proper database backup is in place for the non-CDB prior to performing the conversion to PDB
  • --targetPDBName specifies the name of the PDB that will be created as part of the operation
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true|false
  • --resume specifies to resume the previous execution
    • --sessionID specifies to resume a specific session ID

Example 6-11 dbaascli database convertToPDB

To run pre-conversion prechecks:
dbaascli database convertToPDB --dbname ndb19 --cdbname cdb19 --backupPrepared --executePrereqs
To run a full conversion with a copy of the data files from the non-CDB:
dbaascli database convertToPDB --dbname tst19 --cdbname cdb19 --copyDatafiles

dbaascli database create

To create Oracle Database, use the dbaascli database create command. When prompted, enter the sys and tde passwords.

Use this command to create Oracle Database version 12.1.0.2 or higher with the release update JAN 2021 or higher. For databases with lower versions, it is recommended to use the OCI Console based API.

Prerequisite

Run the command as the root user.

Syntax

dbaascli database create --dbName {--oracleHome | --oracleHomeName}
[--dbUniqueName <value>]
[--dbSID <value>]
[--createAsCDB <value>]
[--pdbName <value>]
[--pdbAdminUserName <value>]
[--dbCharset <value>]
[--dbNCharset <value>]
[--dbLanguage <value>]
[--dbTerritory <value>]
[--sgaSizeInMB <value>]
[--pgaSizeInMB <value>]
[--datafileDestination <value>]
[--fraDestination <value>]
[--fraSizeInMB <value>]
[--nodeList <value>]
[--tdeConfigMethod <value>]
[--kmsKeyOCID <value>]
{
            [--resume [--sessionID <value>]]
            | [--revert [--sessionID <value>]]
        }
[--executePrereqs]
[--honorNodeNumberForInstance <value>]
[--lockPDBAdminAccount <value>]
[--dbcaTemplateFilePath <value>]
[--waitForCompletion]
Where:
  • --dbname specifies the name of the database
  • --oracleHome specifies the location of the Oracle home
  • --oracleHomeName specifies the name of the Oracle home
  • --dbUniqueName specifies database unique name
  • --dbSID specifies the SID of the database
  • --createAsCDB specifies true or false to create database as CDB or Non-CDB
  • --pdbName specifies the name of the PDB
  • --pdbAdminUserName specify PDB admin user name
  • --dbCharset specifies database character set
  • --dbNCharset specifies database national character set
  • --dbLanguage specifies the database language
  • --dbTerritory specifies the database territory
  • --sgaSizeInMB specifies the sga_target value in megabyte unit
  • --pgaSizeInMB specifies the pga_aggregate_target value in megabyte unit
  • --datafileDestination specifies the ASM disk group name to use for database datafiles
  • --fraDestination specifies ASM disk group name to use for database Fast Recovery Area
  • --fraSizeInMB specifies the Fast Recovery Area size value in megabyte unit
  • --nodeList specifies a comma-delimited list of nodes for the database
  • --tdeConfigMethod specifies TDE configuration method. Valid values: FILE, KMS
  • --kmsKeyOCID specifies KMS key OCID to use for TDE. This is applicable only if KMS is selected for TDE
  • --resume resumes the previous execution
  • --revert rolls back the previous run
  • --sessionID resumes or reverts to a specific session ID.
  • --executePrereqs specifies yes to run only the prereqs for this operation. Valid values: yes or no
  • --honorNodeNumberForInstance specifies true or false to indicate instance name to be suffixed with the cluster node numbers. Default value: true
  • --lockPDBAdminAccount specifies true or false to lock the PDB admin user account. Default value is true
  • --dbcaTemplateFilePath specifies the absolute path of the dbca template name to create the database.
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true or false

Example 6-12 dbaascli database create

dbaascli database create --dbName db19 --oracleHomeName myhome19 --dbSid db19sid --nodeList node1,node2 --createAsCDB true

dbaascli database delete

To delete an Oracle Database, use the dbaascli database delete command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli database delete --dbname <value>
[--deleteArchiveLogs <value>]
[--deleteBackups <value>]
[--precheckOnly <value>]
[--waitForCompletion <value>]
[--force]
[--dbSID <value>]
[--resume [--sessionID <value>]]
Where:
  • --dbname specifies the name of the database.
  • --deleteArchiveLogs specifies true or false to indicate deletion of database archive logs.
  • --deleteBackups specifies true or false to indicate deletion of database backups.
  • --precheckOnly specifies yes to run only the prechecks for this operation. Valid values: yes or no.
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true or false.
  • –-force flag to force delete database.
  • --dbSID specify database SID.
  • --resume to resume the previous execution.
  • --sessionID to resume a specific session id.

Example 6-13 dbaascli database delete

dbaascli database delete --dbname db19

dbaascli database deleteInstance

To delete the database instance on the specified node, use the dbaascli database deleteInstance command.

Prerequisite

  • Run the command as the root user.

Syntax

dbaascli database deleteInstance --dbname <value> --node <value> [--continueOnUnreachableNode]
Where:
  • --dbname specifies Oracle Database name
  • --node specifies the node name for database instance
  • --continueOnUnreachableNode specifies to perform the operation even if the node is unreachable

Example 6-14 database deleteinstance

database deleteinstance --node test-node

dbaascli database duplicate

To create a database from an active database, use the dbaascli database duplicate command.

Prerequisite

  • Run the command as the root user.

Syntax

dbaascli database duplicate --dbName <value> --sourceDBConnectionString <value>
        {
            --oracleHome <value>
            | --oracleHomeName <value>
        }
[--dbSID <value>] 
[--dbUniqueName <value>] 
[--sgaSizeInMB <value>] 
[--pgaSizeInMB <value>] 
[--datafileDestination <value>] 
[--fraDestination <value>] 
[--fraSizeInMB <value>] 
[--sourceDBWalletLocation <value>] 
[--nodeList <value>]
        {
            [--resume [--sessionID <value>]]
            | [--revert [--sessionID <value>]]
        }
[--rmanParallelism <value>]
[--rmanSectionSizeInGB <value>]
[--tdeConfigMethod <value>]
[--kmsKeyOCID <value>]
[--sourceDBTdeConfigMethod <value>]
[--sourceDBKmsKeyOCID <value>]
[--executePrereqs <value>] 
[--waitForCompletion <value>]
[--skipPDBs <value>]
Where:
  • --dbName specifies Oracle Database name
  • --sourceDBConnectionString specifies source database connection string in the format of <scan_name>:<scan_port>/<database_service_name>
  • --oracleHome specifies Oracle home location
  • --oracleHomeName specifies Oracle home name
  • --dbSID specifies database SID
  • --dbUniqueName specifies database unique name
  • --sgaSizeInMB specifies sga_target value in mega byte unit
  • --pgaSizeInMB specifies pga_aggregate_target value in mega byte unit
  • --datafileDestination specifies ASM disk group name to use for database datafiles
  • --fraDestination specifies ASM disk group name to use for database fast recovery area
  • --fraSizeInMB specifies fast recovery area size value in mega byte unit
  • --sourceDBWalletLocation specifies source database TDE wallet file location. This is required to duplicate database from active database
  • --nodeList specifies a comma-delimited list of nodes for the database
  • --resume specifies to resume the previous execution
    • --sessionID specifies to resume a specific session ID
  • --revert specifies to rollback the previous execution
    • --sessionID specifies to rollback a specific session ID
  • --rmanParallelism specifies parallelsim value
  • --rmanSectionSizeInGB specifies RMAN section size in GB
  • --tdeConfigMethod specifies TDE configuration method. Allowed values are FILE and KMS.
  • --kmsKeyOCID specifies KMS key OCID to use for TDE. This is applicable only if KMS is selected for TDE.
  • --sourceDBTdeConfigMethod specifies source database TDE configuration method. Allowed values are FILE and KMS.
  • --sourceDBKmsKeyOCID specifies source database KMS key OCID to use for TDE. This is applicable only if KMS is selected for TDE.
  • --executePrereqs specifies yes to run only the prereqs for this operation. Valid values: yes|no
  • --waitForCompletion specifies false to run the operation in background. Valid values: true|false
  • --skipPDBs specifies a comma-delimited list of source database PDB names, which needs to be excluded for the duplicate database operation. Example: pdb1,pdb2...

Example 6-15 dbaascli database duplicate

dbaascli database duplicate --sourceDBConnectionString test-user-scan.dbaastoolslrgsu.dbaastoolslrgvc.oraclevcn.com:1521/mynew.dbaastoolslrgsu.dbaastoolslrgvc.oraclevcn.com --oracleHome /u02/app/oracle/product/19.0.0.0/dbhome_2 --dbName newdup --sourceDBWalletLocation /var/opt/oracle/dbaas_acfs/tmp/prim_wallet

dbaascli database getDetails

This command shows the detailed information of a given database e.g. dbname, node information, pluggable databases information etc.

Prerequisites

Run the command as the root user or the oracle user

Syntax

dbaascli database getDetails --dbname <value>
Where :
  • --dbname - Oracle database name.

dbaascli database getPDBs

To view the list of all pluggable databases in a container database, use the dbaascli database getPDBs command.

Run the command as the root or oracleuser.

Syntax

dbaascli database getPDBs --dbname <value>
Where:
  • --dbname specifies the name of the container database

Example 6-16 dbaascli database getPDBs --dbname

dbaascli database getPDBs --dbname apr_db1

dbaascli database modifyParameters

To modify or reset initialization parameters for an Oracle Database, use the dbaascli database modifyParameters command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli database modifyParameters --dbname <value> 
{
--setParameters <values>[--instance <value>] [--backupPrepared] [--allowBounce]|
--resetParameters <values> [--instance <value>] [--backupPrepared] [--allowBounce]
}
--responseFile
[--backupPrepared]
[--instance]
[--allowBounce]
[--waitForCompletion]
Where:
  • --dbname specifies the name of the database.
  • --setParameters specifies a comma-delimited list of parameters to modify with new values. For example: parameter1=valueA,parameter2=valueB, and so on. For blank values use parameter1=valueA,parameter2='',etc.
  • --resetParameters specifies a comma-delimited list of parameters to be reset to their corresponding default values. For example, parameter1,parameter2, and so on.
  • --instance specifies the name of the instance on which the parameters will be processed. If not specified, then the operation will be performed at the database level.
  • --backupPrepared acknowledges that a proper database backup is in place prior to modifying critical or sensitive parameters.
  • --allowBounce grants permission to bounce the database in order to reflect the changes on applicable static parameters.
  • --waitForCompletion specify false to run the operation in background. Valid values : true|false.]

Example 6-17 dbaascli database modifyParameters

dbaascli database modifyParameters --dbname dbname --setParameters "log_archive_dest_state_17=ENABLE"

dbaascli database move

To move the database from one home to another, use the dbaascli database move command.

Prerequisites

  • Before performing a move operation, ensure that all of the database instances associated with the database are up and running.
  • Run the command as the root user.

Syntax

dbaascli database move
{
  --oracleHome <value> | --oracleHomeName <value>
}
--dbname <value> 
[--executePrereqs] 
[--resume [--sessionID <value>]] 
[--rollback [--sessionID <value>]] 
[--skipDatapatch] 
[--skipPDBs <value>] 
[--skipClosedPDBs] 
[--continueWithDbDowntime] 
[--allowParallelDBMove] 
[--waitForCompletion <value>] 
[--nodeList <value>]

Where:

  • --oracleHome specifies Oracle home path
  • --oracleHomeName specifies the name of Oracle home
  • --dbname specifies the name of the database
  • --executePrereqs runs the prerequisite checks and report the results
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --rollback rolls the database back to previous home
    • --sessionID specifies to resume a specific session ID
  • --skipDatapatch skips running the datapatch on the databases
  • --skipPdbs skips running the datapatch on a specified comma-delimited list of PDBs. For example: pdb1,pdb2...
  • --skipClosedPDBs skips patching closed PDBs
  • --continueWithDbDowntime continues patching with database downtime. This option can be used in environments wherein there is only one active instance up and the patching operation can be continued even with a downtime.
  • --allowParallelDBMove allows database move in parallel.
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true|false
  • --nodeList specifies a comma-delimited list of nodes if operation has to be performed on a subset of nodes

Example 6-18 dbaascli database move

dbaascli database move --dbname testdb1 --oracleHome /u02/app/oracle/product/12.1.0/dbhome_2

dbaascli database recover

To recover a database, use the dbaascli database recover command.

Prerequisite

  • Run the command as the root user.
  • Database must have been configured with backup storage destination details where backups are stored.

Syntax

dbaascli database recover --dbname <value>
        {
            --start
                {
                    --untilTime <value>
                    | --untilSCN <value>
                    | --latest
                    | --tag <value>
                }
            | --status --uuid <value>
        }
Where:
--dbname: Oracle Database name.
      --start | --status
--start: Begins database recovery.
      --untilTime | --untilSCN | --latest | --tag
      --untilTime: Recovers database until time. Input format: DD-MON-YYYY HH24:MI:SS.
      --untilSCN: Recovers database until SCN.
      --latest: Recovers database to last known state.
      --tag: Recovers database to archival tag.
--status
      --uuid <value>

Example 6-19 Examples

  • To recover the database myTestDb to latest:
    dbaascli database recover --dbname myTestDb --start --latest
  • To query the status of recovery request submitted with uuid 2508ea18be2911eb82d0020017075151:
    dbaascli database recover --dbname myTestDb --status --uuid 2508ea18be2911eb82d0020017075151

dbaascli database runDatapatch

To patch an Oracle Database, use the dbaascli database runDatapatch command.

Prerequisites

  • Before performing a runDatapatch operation, ensure that all of the database instances associated with the database are up and running.

  • Run the command as the root user.

Syntax

dbaascli database runDatapatch --dbname
[--resume]
    [--sessionID]
[--skipPdbs | --pdbs]
[--executePrereqs]
[--patchList]
[--skipClosedPdbs]
[--rollback]

Where:

  • --dbname specifies the name of the database
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --skipPdbs skips running the datapatch on a specified comma-delimited list of PDBs. For example: pdb1,pdb2...
  • --pdbs runs the datapatch only on a specified comma-delimited list of PDBs. For example: pdb1,pdb2...
  • --executePrereqs runs prerequisite checks
  • --patchList applies or rolls back the specified comma-delimited list of patches. For example: patch1,patch2...
  • --skipClosedPdbs skips running the datapatch on closed PDBs
  • --rollback rolls back the patches applied 
dbaascli database runDatapatch --dbname db19

dbaascli database createTemplate

To create database templates (DBCA templates) that can subsequently be used to create databases, use the dbaascli database createTemplate command.

Prerequistes:

Run the command as the root user.

Syntax

Create a new DBCA template from the specified database.

dbaascli database createTemplate --dbname <value> --templateLocation <value> 
[--templateName <value>] 
[--rmanParallelism <value>]
Where:
  • --dbname specifies the name of the database.
  • --templateLocation specifies the template name.
  • --rmanParallelism specifies the parallelsim value.

dbaascli database start

To start an Oracle Database, use the dbaascli database start command.

Prerequisites

Run the command as the root user.

Syntax

dbaascli database start
[--dbname]
[--mode]
Where:
  • --dbname specifies the name of the database
  • --mode specifies mount or nomount to start database in the corresponding mode

The command starts and opens the database. In Oracle Database 12c or later, all of the PDBs are also opened.

Example 6-20 dbaascli database start

dbaascli database start --dbname dbname --mode mount

dbaascli database status

To check the status of an Oracle Database, use the dbaascli database status command.

Prerequisites

Run the command as the root user.

Syntax

dbaascli database status
[--service][--dbname] 
[--user]
[--password]
Where:
  • --service specifies the name of the service
  • --dbname specifies the name of the database
  • --user specifies the user name of the service
  • --password specifies the password of the user

Output from the command includes the open mode of the database, the software release and edition of the database, and release version of other software components.

Example 6-21 dbaascli database status

dbaascli database status --dbname db19

dbaascli database stop

To stop an Oracle Database, use the dbaascli database stop command.

Prerequisites

Run the command as the root user.

Syntax

dbaascli database stop
[-–dbname <value>]
[--mode <value>]
Where:
  • --dbname specifies the name of the database that you want to stop
  • --mode specifies the mode of the database. Valid values: abort, immediate, normal, transactional

The command performs a database shutdown in immediate mode. No new connections or new transactions are permitted. Active transactions are rolled back, and all connected users are disconnected.

Example 6-22 dbaascli database stop

dbaascli database stop --dbname db19

dbaascli database upgrade

To upgrade an Oracle Database, use the dbaascli database upgrade command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli database upgrade --dbname <value> 
{--targetHome <value> | --targetHomeName <value>}
{ [--executePrereqs | --postUpgrade | --rollback]}
{[--standBy | --allStandbyPrepared]}
{[--upgradeOptions <value>]  | [--standBy]}
[--removeGRP]
[--increaseCompatibleParameter]
[--resume [--sessionID <value>]]
[--waitForCompletion <value>]
Where:
  • --dbname (mandatory) specifies the name of the database.
  • --targetHome specifies the target Oracle home location
  • --targetHomeName specifies the name of the target Oracle Database home
  • --standBy use this option to upgrade standby databases in Data Guard configurations
  • --allStandbyPrepared required for Data Guard configured primary databases. Flags to acknowledge that all the required operations are performed on the standby databases prior to upgrading primary database
  • --removeGRP automatically removes the Guaranteed Restore Point (GRP) backup only if the database upgrade was successful
  • --increaseCompatibleParameter automatically increases the compatible parameter as part of the database upgrade. The parameter will get increased only if the database upgrade was successful
  • --executePrereqs runs only the preupgrade checks
  • --postUpgrade use this option if postupgrade fails and needs to rerun the postupgrade steps
  • --rollback reverts an Oracle Database to its original Oracle home
  • --upgradeOptions use this option to pass DBUA-specific arguments to perform the Oracle Database upgrade. Refer to the corresponding Oracle documentation for the supported arguments and options.

    --standby

  • --resume to resume the previous execution
  • --sessionID to resume a specific session id.
  • --waitForCompletion specify false to run the operation in background. Valid values : true|false.

Example 6-23 dbaascli database upgrade pre-upgrade requisite checks

dbaascli database upgrade --dbbname dbname --targetHome Target Oracle home location --executePrereqs

dbaascli dataguard prepareStandbyBlob

To generate a blob file containing various files that are required on the standby site in case of a dataguard environment, use the dbaascli dataguard prepareStandbyBlob command.

Run the command as the root or oracle user.

Syntax

dbaascli dataguard prepareStandbyBlob --dbname <value> --blobLocation <value>
Where:
  • --dbname specifies the Oracle Database name
  • --blobLocation specifies the custom directory location where the standby blob file will be generated in a Data Guard environment

dbaascli dataguard updateDGConfigAttributes

To update Data Guard automation attributes across all the cluster nodes, use the dbaascli dataguard updateDGConfigAttributes command.

Run the command as the root or oracleuser.

Syntax

dbaascli dataguard updateDGConfigAttributes --attributes <value>
Where:
  • --attributes contains the Data Guard automation attributes that are to be modified. Accepts comma-delimited values in the format <attribute=value>. Attributes must be predefined in the Data Guard configuration file.

dbaascli dbhome create

To create an Oracle Database home of desired version, use the dbaascli dbhome create command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli dbhome create --version <value>
[--oracleHome <value>]
[--oracleHomeName <value>]
[--enableUnifiedAuditing <value>] 
[--imageTag <value>]
[--ImageLocation <value>
Where:
  • --version specifies the version of Oracle Home specified as five numeric segments separated by periods, for example, 19.12.0.0.0
  • --oracleHome specifies the location of Oracle home
  • --oracleHomeName specifies user-defined Oracle home name. If not provided, then the default name will be used
  • --enableUnifiedAuditing specifies true or false to enable or disable unified auditing link option in Oracle home
  • --imageTag specifies Oracle home image tag
  • --imageLocation - path of the image to be used.
  • --waitForCompletion specifies false to run the operation in background. Valid values: true or false.

Example 6-24 dbaascli dbhome create

dbaascli dbhome create --version 19.11.0.0.0

Alternatively, dbaascli dbhome create --version 19.8.0.0.0.0 --imageTag 19.8.0.0.0 for cases where image tags are different from version.

dbaascli dbHome delete

To delete a given Oracle Database home, use the dbaascli dbHome delete command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli dbHome delete 
{ --oracleHome <value> 
| --oracleHomeName <value> } [--resume [--sessionID <value>]]
Where:
  • --oracleHome specifies the location of the Oracle home
  • --oracleHomeName specifies the name of the Oracle home
  • --resume resumes the previous execution
    • --sessionID specifies to resume a specific session ID

dbaascli dbhome getDatabases

To view information about all Oracle Databases running from a given database Oracle home, use the dbaascli dbHome getDatabases command. Specify either the Oracle home location or Oracle home name.

Run the command as the root user.

Syntax

dbaascli dbHome getDatabases
{ --oracleHomeName value | --oracleHome value }
Where:
  • --oracleHomeName specifies user-defined Oracle home name
  • --oracleHome specifies the location (path) of Oracle home

Example 6-25 dbaascli dbHome getDatabases --oracleHome

dbaascli dbHome getDatabases --oracleHome /u02/app/mar_home/

dbaascli dbHome getDetails

To view information about a specific Oracle home, use the dbaascli dbHome getDetails command. Specify either the Oracle home location or Oracle home name.

Prerequisite

Run the command as the root user.

Syntax

dbaascli dbHome getDetails
{ --oracleHomeName value | --oracleHome value }
Where:
  • --oracleHomeName specifies user-defined Oracle home name
  • --oracleHome specifies the location of Oracle home

Example 6-26 dbaascli dbHome getDetails - using Oracle home location

dbaascli dbHome getDetails --oracleHome /u02/app/home_db19c/

Example 6-27 dbaascli dbHome getDetails - using Oracle home name

dbaascli dbHome getDetails --oracleHomeName home_db19c

dbaascli dbHome patch

To patch Oracle home from one patch level to another, use the dbaascli dbHome patch command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli dbHome patch --oracleHome | --oracleHomeName
--targetVersion
[--resume]
    [--sessionID]
[--continueWithDbDowntime]
[--skipUnreachableNodes]
[--nodes]
[--executePrereqs]
[--skipDatapatch]
[--imageFilePath]
[--skipPDBs]
[--skipClosedPDBs]
[--rollback]
Where:
  • --oracleHome specifies the path of Oracle home
  • --oracleHomeName specifies the name of Oracle home
  • --targetVersion specifies the target version of Oracle Home specified as five numeric segments separated by periods, for example, 19.12.0.0.0.
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --continueWithDbDowntime continues patching with database downtime. This option can be used in environments wherein there is only one active instance up and the patching operation can be continued even with a downtime.
  • --skipUnreachableNodes skips operation on unreachable nodes
  • --nodes specifies a comma-delimited list of nodes if patching has to be performed on a subset of nodes
  • --executePrereqs runs prereqs
  • --skipDatapatch skips running datapatch on the databases
  • --imageFilePath specifies the absolute path of the image file to be used
  • --skipPDBs skips running the datapatch on a specified comma-delimited list of PDBs. For example: cdb1:pdb1,cdb2:pdb2, and so on
  • --skipClosedPdbs skips running datapatch on closed PDBs
  • --rollback rolls back patched Oracle home.

Example 6-28 dbaascli dbhome patch

dbaascli dbhome patch --targetVersion 19.10.0.0.0 --oracleHome /u02/app/oracle/product/19.0.0.0/dbhome_2

dbaascli dbimage purge

The dbimage purge command removes the specified software image from your Oracle Exadata Database Service on Exascale Infrastructure environment.

Connect to the compute node as the opc user and execute this command as the root user. 

# dbaascli dbimage purge --version software_version --bp software_bp [--cdb ( yes | no )]

In the preceding command:

  • software_version — specifies the Oracle Database software version. For example, 11204, 12102, 12201, 18000, 19000.

  • software_bp — identifies the bundle patch release. For example, APR2018, JAN2019, OCT2019, and so on.

  • --cdb — optionally specifies whether to remove the software image that supports the Oracle multitenant architecture. Default is yes. If you specify --cdb no, then the software image that contains binaries to support non-container databases (non-CDB) is removed.

If the command will remove a software image that is not currently available in the software image library, and therefore cannot be downloaded again, then the command pauses and prompts for confirmation.

You cannot remove the current default software image for any software version. To avoid this restriction, you must make another software image the current default.

dbaascli diag collect

To collect diagnostics, use the dbaascli diag collect command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli diag collect [--components <value>] [--startTime <value>] [--endTime <value>] [--nodes <value>] [--dbNames <value>]
        {
            [--objectStoreBucketUri <value>]
            | [--destLocation <value>]
        }
        [--waitForCompletion <value>]
Where:
  • --components specifies a list of components for log collection.

    Valid values:

    • db
    • gi
    • os
    • dbaastools
    • all
  • --startTime specifies the start time for log collection. Valid date and time format: YYYY-MM-DDTHH24:MM:SS
  • --endTime specifies the end time for log collection. Valid date and time format: YYYY-MM-DDTHH24:MM:SS
  • --nodes specifies a comma-delimited list of nodes to collect logs
  • --dbNames specifies the database name for which to collect logs. You can specify only one database name.
  • --objectStoreBucketURI specifies an Object Storage service pre-authenticated request (PAR) URL used to upload collected logs. Logs are collected from Guest VM. For more information, see Using Pre-Authenticated Requests.
  • --destLocation specifies the location on Guest VM to collect logs. Default: /var/opt/oracle/dbaas_acfs
  • --waitForCompletion Values: true|false. Default true. Specify false to run in the background.

dbaascli diag healthCheck

To run diagnostic health checks, use the dbaascli diag healthCheck command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli diag healthCheck
[--destLocation]
[--nodes]
[--objectStoreBucketURI]
Where:
  • --destLocation specifies the location on Guest VM to collect logs. Default: /var/opt/oracle/dbaas_acfs
  • --nodes specifies a comma-delimited list of nodes to collect logs
  • --objectStoreBucketURI specifies an Object Storage service pre-authenticated request (PAR) URL used to upload collected logs. Logs are collected from Guest VM. For more information, see Using Pre-Authenticated Requests.

dbaascli grid configureTCPS

To configure TCPS for the existing cluster, use the dbaascli grid configureTCPS command.

Prerequisite

Run the command as the root user.

Syntax

Note

By default, TCPS is enabled for databases on Oracle Exadata Database Service on Dedicated Infrastructure systems.
Note

TCPS is not enabled for databases on Exadata Database Service on Cloud@Customer systems. To enable TCPS for a given database, update the database specific sqlnet.ora file with WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/var/opt/oracle/dbaas_acfs/grid/tcps_wallets))) on all database nodes and then bounce the database. This will enable TCPS usage for the database. However, enabling TCPS will cause ZDLRA connection to fail. On Exadata Database Service on Cloud@Customer systems, you can enable either ZDLRA or TCPS configuration. Enabling both ZDLRA and TCPS simultaneously will not work. 
dbaascli grid configureTCPS
[--pkcs12WalletFilePath]
[--caCertChain]
[--precheckOnly]
[--serverCert]
[--privateKey]
[--certType]
[--privateKeyPasswordProtected]
Where:
  • --pkcs12WalletFilePath specifies the absolute path of the certificate file, which is in the pkcs12 wallet format
  • --caCertChain concatenated list of certs, containing intermediate CA's and root CA certs
  • --precheckOnly specifies yes to run only the prechecks for this operation. Valid values: yes or no.
  • --serverCert specifies the path of PEM certificate to use or rotate for TCPS configuration.
  • --privateKey specifies the path of the private key file of the certificate.
  • --certType type of the cert to be added to the Grid Infrastructure wallet. Accepted values are: SELF_SIGNED_CERT, CA_SIGNED_CERT, or PKCS12_CERT. Default: SELF_SIGNED_CERT
  • --privateKeyPasswordProtected specifies if the private key is password protected or not. Valid values: true or false. Default: true.

Example 6-29 dbaascli grid configureTCPS

To configure grid using self-signed certificate:
dbaascli grid configureTCPS
To configure grid using CA-signed certificate:
dbaascli grid configureTCPS --cert_type CA_SIGNED_CERT --server_cert /tmp/certs/server_cert.pem --ca_cert_chain /tmp/certs/ca.pem --private_key /tmp/certs/encrypted_private.key --private_key_password_protected false

dbaascli grid patch

To patch Oracle Grid Infrastructure to the specified minor version, use the dbaascli grid patch command.

Prerequisites

Run the command as the root user.

Syntax

dbaascli grid patch --targetVersion <value> 
[--containerURL <value>] 
[--executePrereqs] 
[--nodeList <value>] 
[--rollback] 
[--resume [--sessionID <value>]] 
[--continueWithDbDowntime]
        {
            [--createImage [--createImageDir <value>]]
            | [--imageFile <value>]
        }
[--waitForCompletion <value>]

Where:

  • --targetVersion specifies the target version of Oracle Home specified as five numeric segments separated by periods (e.g. 19.12.0.0.0)
  • --containerURL specifies custom URL for fetching Grid Infrastructure image
  • --executePrereqs option to run prereqs
  • --nodeList specifies a comma-delimited list of nodes if patching has to be performed on a subset of nodes
  • --rollback specifies to roll back patched Oracle home
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --continueWithDbDowntime continues patching with database downtime. This option can be used in environments wherein there is only 1 active instance up and the patching operation can be continued even with a downtime.
  • --createImage creates an image from a copy of the active Grid home, patched to the specified target version
    • --createImageDir specifies fully qualified path of the directory where the image is to be created
  • --imageFile specifies fully qualified path of the image to be used
  • --waitForCompletion specifies false to run the operation in background. Valid values: true|false

Example 6-30 dbaascli grid patch

dbaascli grid patch --targetVersion 19.12.0.0.0

dbaascli grid removeTCPSCert

To remove existing TCPS certificates from Grid Infrastructure wallet, use the dbaascli grid removeTCPSCert command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli grid removeTCPSCert --subject <value>
 {
   --userCert | --trustedCert | --requestedCert
 }
 [--serialNumber <value>] [--executePrereqs] [--resume [--sessionID <value>]] [--bounceListeners]
Where:
  • --subject specifies subject of the certificate
  • --userCert flag to indicate user certificate
  • --trustedCert flag to indicate trusted certificate
  • --requestedCert flag to indicate requested certificate
  • --serialNumber specifies the serial number of the certificate
  • --executePrereqs runs the prerequisite checks and reports the results
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --bounceListeners flag to bounce the Grid Infrastructure listener and scan listener

dbaascli grid rotateTCPSCert

To rotate TCPS certificates, use the dbaascli grid rotateTCPSCert command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli grid rotateTCPSCert
[--pkcs12WalletFilePath]
[--caCertChain]
[--precheckOnly]
[--serverCert]
[--privateKey]
[--certType]
[--privateKeyPasswordProtected]
Where:
  • --pkcs12WalletFilePath specifies the absolute path of the certificate file, which is in the pkcs12 wallet format
  • --caCertChain concatenated list of certs, containing intermediate CA's and root CA certs
  • --precheckOnly specifies yes to run only the prechecks for this operation. Valid values: yes or no.
  • --serverCert specifies the path of PEM certificate to use or rotate for TCPS configuration.
  • --privateKey specifies the path of the private key file of the certificate.
  • --certType type of the cert to be added to the Grid Infrastructure wallet. Accepted values are: SELF_SIGNED_CERT, CA_SIGNED_CERT, or PKCS12_CERT. Default: SELF_SIGNED_CERT
  • --privateKeyPasswordProtected specifies if the private key is password protected or not. Valid values: true or false. Default: true.

Example 6-31 dbaascli grid rotateTCPSCert

To rotate cert using self-signed certificate (default option):
dbaascli grid rotateTCPSCert
To rotate cert using CA-signed certificate:
dbaascli grid rotateTCPSCert --cert_type CA_SIGNED_CERT --server_cert /tmp/certs/server_cert.pem --ca_cert_chain /tmp/certs/ca.pem --private_key /tmp/certs/encrypted_private.key --privateKeyPasswordProtected true

dbaascli grid upgrade

To upgrade Oracle Grid Infrastrucure from one major version to another, use the dbaascli grid upgrade command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli grid upgrade --version
[--resume]
[--executePrereqs]
[--containerURL]
[--softwareOnly]
[--targetHome]
[--revert]
Where:
  • --version specifies the target version
  • --resume resumes the previous run
  • --executePrereqs runs prereqs for Grid Infrastrucure upgrade
  • --containerUrl specifies the custom URL for fetching Grid Infrastrucure image
  • --softwareOnly installs only the Grid Infrastructure software
  • --targetHome specifies the path of existing target Grid home
  • --revert reverts failed run

Example 6-32 dbaascli grid upgrade

daascli grid upgrade --version 19.11.0.0.0 --executePrereqs
DBAAS CLI version MAIN
Executing command grid upgrade --version 19.11.0.0.0 --executePrereqs

dbaascli job getStatus

To view the status of a specified job, use the dbaascli job getStatus command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli job getStatus --jobID
Where:
  • --jodID specifies the job ID

Example 6-33 dbaascli job getStatus

dbaascli job getStatus --jobID 13c82031-f202-41b7-9aef-f4a71df0f551
DBAAS CLI version MAIN
Executing command job getStatus --jobID 13c82031-f202-41b7-9aef-f4a71df0f551
{
  "jobId" : "13c82031-f202-41b7-9aef-f4a71df0f551",
  "status" : "Success",
  "message" : "database create job: Success",
  "createTimestamp" : 1628095442431,
  "updatedTime" : 1628095633660,
  "description" : "Service job report for operation database create",
  "appMessages" : {
    "schema" : [ ],
    "errorAction" : "SUCCEED_AND_SHOW"
  },
  "resourceList" : [ ],
  "pct_complete" : "100"
}

dbaascli patch db apply

Note

dbaascli patch db prereq and dbaascli patch db apply commands have been deprecated in dbaascli release 21.2.1.2.0, and replaced with dbaascli grid patch, dbaascli dbhome patch, and dbaascli database move commands.
For more information, see:
  • dbaascli grid patch
  • dbaascli dbhome patch
  • dbaascli database move
  • Patching Oracle Grid Infrastructure and Oracle Databases Using dbaascli

dbaascli patch db prereq

Note

dbaascli patch db prereq and dbaascli patch db apply commands have been deprecated in dbaascli release 21.2.1.2.0, and replaced with dbaascli grid patch, dbaascli dbhome patch, and dbaascli database move commands.
For more information, see:
  • dbaascli grid patch
  • dbaascli dbhome patch
  • dbaascli database move
  • Patching Oracle Grid Infrastructure and Oracle Databases Using dbaascli

dbaascli pdb backup

To backup a pluggable database (PDB), query PDB backups, and delete a PDB backup, use the dbaascli pdb backup command.

Prerequisite

  • Run the command as the root user.

Syntax

dbaascli pdb backup --pdbName <value> --dbname <value>
        {
            --start
                {
                    [--level1]
                    | [--archival --tag <value>]
                }
            | --delete --backupTag <value>
            | --status --uuid <value>
            | --getBackupReport --json <value> --tag <value>
            | --list [--json <value>]
        }
Where:
--pdbName: PDB name.
--dbname: Oracle Database name.
--start | --delete | --status | --getBackupReport | --list
--start: Begins PDB backup.
      [--level1 | --archival]
      [--level1: Creates a Level-1 (incremental) backup.]
      [--archival: Creates an archival full backup.]
          --tag: Specify backup tag.
--delete: Deletes archival backup.
          --backupTag: Specify backup tag to delete.
--status
          --uuid <value>
--getBackupReport: Returns backup report.
         --json: Specify the file name for JSON output.
         --tag: Specify backup tag.
--list: Returns PDB backup information.
         [--json: Specify the file name for JSON output.]

Example 6-34 Examples

  • To take level1 backup for a PDB pdb1 in a CDB myTestDb:
    dbaascli pdb backup --dbname myTestDb --pdbName pdb1 --start --level1
  • To query the status of PDB backup request submitted with uuid eef16b26361411ecb13800163e8e4fac:
    dbaascli pdb backup --dbname myTestDb --pdbName pdb1 --status --uuid eef16b26361411ecb13800163e8e4fac

dbaascli pdb bounce

To bounce a pluggable database (PDB), use the dbaascli pdb bounce command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb bounce --dbname --pdbName | --pdbUID
[–openMode]
Where:
  • --dbname specifies the name of the container database that hosts the PDB
  • --pdbName specifies the name of the PDB
  • --pdbUID specifies the identifier of the PDB
  • --openMode specifies the target OPEN MODE of PDB

Example 6-35 dbaascli pdb bounce

dbaascli pdb bounce --dbname cdb_name --pdbName pdb name associated with the CDB
dbaascli pdb bounce --dbname cdb_name --pdbUID con_uid of that pdb
Optional:
  • --openMode READ_WRITE
  • --openMode READ_ONLY

dbaascli pdb close

To close a pluggable database (PDB), use the dbaascli pdb close command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb close --dbname --pdbName | --pdbUID
Where:
  • --dbname specifies the name of the container database that hosts the PDB.
  • --pdbname specifies the name of the PDB that you want to close.
  • --pdbUID specifies the identifier of the PDB

Upon successful completion of running this command, the PDB is closed on all of the container database instances.

Example 6-36 dbaascli pdb close

dbaascli pdb close --dbname cdb name --pdbName pdb name associated with the CDB
dbaascli pdb close --dbname cdb name --pdbUID con_uid of that pdb

dbaascli pdb getConnectString

To display Oracle Net connect string information for a pluggable database (PDB) run the dbaascli pdb getConnectString command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb getConnectString --dbname --pdbName | --pdbUID
Where:
  • --dbname specifies the name of the container database that hosts the PDB
  • --pdbname specifies the name of the PDB for which you want to display connect string information
  • --pdbUID specifies the identifier of the PDB

Example 6-37 dbaascli pdb getConnectString

dbaascli pdb getConnectString --dbname dbname --pdbName pdbName

dbaascli pdb create

To create a new pluggable database (PDB), use the dbaascli pdb create command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb create --pdbName <value> --dbName <value> 
[--maxCPU <value>] 
[--maxSize <value>] 
[--pdbAdminUserName <value>] 
[--lockPDBAdminAccount <value>] 
[--resume [--sessionID <value>]] 
[--executePrereqs <value>] 
[--waitForCompletion <value>] 
[--blobLocation |--standbyBlobFromPrimary <value>]
Where:
  • --pdbName specifies the name of the new PDB that you want to create
  • --dbName specifies the name of the container database that hosts the new PDB
  • --maxCPU optionally specifies the maximum number of CPUs that are available to the PDB. Setting this option is effectively the same as setting the CPU_COUNT parameter in the PDB
  • --maxSize optionally specifies the maximum total size of data files and temporary files for tablespaces belonging to the PDB. Setting this option is effectively the same as setting the MAXSIZE PDB storage clause in the CREATE PLUGGABLE DATABASE SQL command. You can impose a limit by specifying an integer followed by a size unit (K, M, G, or T), or you can specify UNLIMITED to explicitly enforce no limit
  • --pdbAdminUserName specifies the new PDB admin user name
  • --lockPDBAdminAccount specifies true or false to lock the PDB admin user account. Default value is true.
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --executePrereqs specifies yes to run only the prereqs for this operation. Valid values: yes or no
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true or false
  • --blobLocation custom directory location where the standby blob file will be generated in a DG environment.
  • --standbyBlobFromPrimary specifies the location of the standby blob file, which is prepared from the primary database. This is required only for standby database PDB operations.
    Note

    the parametersblobLocation and standbyBlobFromPrimary are mutually exclusive.

During the PDB creation process, you are prompted to specify the administration password for the new PDB.

Example 6-38 dbaascli pdb create

To create a PDB from seed in a standard database in a non-Data Guard environment:
dbaascli pdb create --dbName db721 --pdbName new_pdb1 --maxsize 5G --maxcpu 2
To create PDB in Data Guard environment:
dbaascli pdb create --dbName db721 --pdbName new_pdb1
dbaascli pdb create --dbName db721 --pdbName new_pdb1 --standbyBlobFromPrimary /tmp/send_db721.tar

dbaascli pdb createSnapshot

To create a snapshot of a given pluggable database (PDB), use the dbaascli pdb createSnapshot command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb createSnapshot
{
    --pdbName <value> | --pdbUID <value>
}
--dbName <value>
--snapshotName <value>
[--pdbAdminUserName <value>]
[--executePrereqs] [--resume [--sessionID <value>]]
[--waitForCompletion true|false]

Where:

  • --pdbName specifies the PDB name from which to create the snapshot.
  • --pdbUID specifies the user ID (UID) of the PDB from which to create the snapshot.
  • --dbName Oracle Database name.
  • --snapshotName specifies the PDB snapshot name.
  • --pdbAdminUserName specifies the PDB administrator user name.
  • --executePrereqs runs the prerequisite checks and reports the results.
  • --resume [--sessionID <value>] resumes the previous operation. It can take the flag --sessionID <value> to specify to resume from a specific session ID (<value>).
  • --waitForCompletion true|false specifies whether to run the operation in foreground (true) or background (false). Valid values: true, false.

Example 6-39 dbaascli pdb createSnapshot

In the following example, a snapshot is created from the database named db721, in the PDB name pdb1. The snapshot name that is given is snap1.

dbaascli pdb createSnapshot --dbName db721 --pdbName pdb1 --snapshotName snap1

dbaascli pdb configureSnapshot

To configure automatic snapshots for a given pluggable database (PDB), use the dbaascli pdb configureSnapshot command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb configureSnapshot
{
    --pdbName <value> | --pdbUID <value>
}
--dbName <value>
--snapshotIntervalInMins <value>
[--executePrereqs]
[--maxPDBSnapshots <value>]
[--waitForCompletion <value>]

Where:

  • --pdbName <value> specifies the name of the PDB for which automatic snapshot configuration will be set.
  • --pdbUID <value> specifies the user ID (UID) of the PDB for which automatic snapshot configuration will be set.
  • --dbName Oracle Database name.
  • --snapshotIntervalInMins <value> specifies the interval, in minutes, for when automatic PDB snapshots will be taken.
  • --executePrereqs runs the prerequisite checks and reports the results.
  • --maxPDBSnapshots <value>] specifies the maximum number of snapshots to create for the given PDB. .
  • --waitForCompletion true|false specifies whether to run the operation in foreground (true) or background (false). Valid values: true, false.

Example 6-40 dbaascli pdb configureSnapshot

In the following example, an automatic snapshot plan is configured on the database named db721, in the PDB name pdb1. The snapshot interval is set to run automatic snapshot creation every 60 minutes.

dbaascli pdb configureSnapshot --dbName db721 --pdbName pdb1 --snapshotIntervalInMins 60

dbaascli pdb delete

To delete a pluggable database (PDB) run the dbaascli pdb delete command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb delete --dbName value 
{ --pdbName value | --pdbUID value }
[--executePrereqs value]
[--waitForCompletion value]
[--resume [--sessionID value]]
[--allStandbyPrepared]
[--cleanupRelocatedPDB]
Where:
  • --dbName specifies the name of the container database that hosts the PDB
  • --pdbName specifies the name of the PDB that you want to delete
  • --pdbUID specifies the UID of the PDB that you want to delete
  • --executePrereqs specifies yes to run only the prereqs for this operation. Valid values: yes or no
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true or false
  • --resume specifies to resume the previous execution
    • --sessionID specifies to resume a specific session ID
  • --allStandbyPrepared specifies to confirm that the operation has been successfully run on all the standby databases
  • --cleanupRelocatedPDB - option to cleanup source database after a PDB has been relocated.
Example: dbaascli pdb delete

To delete a PDB from a standard database in a non-Data Guard environment or from Standby database in Data Guard environment. 

dbaascli pdb delete --dbName db721 --pdbName pdb1

To create PDB from Primary database in Data Guard environment: 

dbaascli pdb create --dbName db721 --pdbName pdb1 --allStandbyPrepared

dbaascli pdb deleteSnapshot

To delete a snapshot of a given pluggable database (PDB), use the dbaascli pdb deleteSnapshot command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb deleteSnapshot
{
    --pdbName <value> | --pdbUID <value>
}
{
    --snapshotName <value> | --snapshotUID <value>
}
--dbName <value>
[--executePrereqs]
[--waitForCompletion <value>
[--resume [--sessionID <value>]
]
]

Where:

  • --pdbName <value> specifies the name of the PDB for which automatic snapshot configuration will be set.
  • --pdbUID <value> specifies the user ID (UID) of the PDB for which automatic snapshot configuration will be set.
  • --snapshotName <value> specifies the name of the PDB snapshot that you want to delete.
  • --snapshotUID <value> specifies the user ID (UID) of the PDB snapshot that you want to delete.
  • --dbName specifies the Oracle Database name.
  • --executePrereqs runs the prerequisite checks and reports the results.
  • --waitForCompletion true|false specifies whether to run the operation in foreground (true) or background (false). Valid values: true, false.
  • --resume [sessionID <value>] specifies to resume the previous operation. To specify resuming from a particular session ID, add the flag sessionID, and provide the session ID number.

Example 6-41 dbaascli pdb configureSnapshot

In the following example, the PDB snapshot snap1 is specified for deletion in the PDB named pdb1, for the database named db721:

dbaascli pdb deleteSnapshot --dbName db721 --pdbName pdb1 --snapshotName snap1

dbaascli pdb getDetails

To view details of a pluggable database (PDB), use the dbaascli pdb getDetails command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb getDetails --dbname --pdbName | --pdbUID
Where:
  • --dbname specifies the name of the container database that hosts the PDB
  • --pdbname specifies the name of the PDB that you want to delete
  • --pdbUID specifies the identifier of the PDB

Example 6-42 dbaascli pdb getDetails

dbaascli pdb getDetails--dbname cdb name --pdbName pdb name associated with the CDB
dbaascli pdb getDetails--dbname cdb name --pdbUID con_uid of that pdb

dbaascli pdb getSnapshot

To obtain details of a given pluggable database (PDB) snapshot, use the dbaascli pdb getSnapshot command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb getSnapshot
{
    --pdbName <value>| --pdbUID <value>
}
{
    --snapshotName <value> | --snapshotUID <value>
}
--dbName <value>

Where:

  • --pdbName <value> specifies the name of the PDB for which you want to obtain details.
  • --pdbUID <value> specifies the user ID (UID) of the PDB for the snapshot for which you want to obtain details.
  • --snapshotName <value> specifies the name of the snapshot for which you want to obtain details
  • --snapshotUID <value> specifies the user ID (UID) of the snapshot for which you want to obtain details.
  • --dbName specifies the Oracle Database name.

Example 6-43 dbaascli pdb configureSnapshot

In the following example, the details are obtained for the snapshot named snap1 in the database named db721, in the PDB name pdb1:

dbaascli pdb getSnapshot --dbName db721 --pdbName pdb1 --snapshotName snap1

dbaascli pdb list

To view the list of pluggable databases (PDB) in a container database, use the dbaascli pdb list command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb list --dbname
Where:
  • --dbname specifies the name of the container database that hosts the PDB

Example 6-44 dbaascli pdb list

dbaascli pdb list --dbname cdb name

dbaascli pdb listSnapshots

To list the snapshots of a given pluggable database (PDB), use the dbaascli pdb listSnapshots command..

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb listSnapshots
{
    --pdbName <value> | --pdbUID <value>
}
--dbName <value>

Where:

  • --pdbName <value> specifies the PDB name for which the snapshots will be listed.
  • --pdbUID <value> specifies the UID of the PDB for which the snapshots will be listed.
  • --dbName <value> specifies the Oracle Database name.

Example 6-45 dbaascli pdb listSnapshots

In the following example, the command lists the snapshots for database db721, and the pdb name pdb1: 

dbaascli pdb listSnapshots --dbName db721 --pdbName pdb1

dbaascli pdb localClone

To create a new pluggable database (PDB) as a clone of an existing PDB in the same container database (CDB), use the dbaascli pdb localClone command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli pdb localClone --pdbName <value> --dbName <value>
[--targetPDBName <value>]
[--powerLimit <value>]
[--maxCPU <value]
[--maxSize <value>]
[--resume [--sessionID <value>]]
[--executePrereqs]
[--waitForCompletion <value>]
{[--blobLocation <value>]|[--standbyBlobFromPrimary <value>]}
[--excludeUserTablespaces <value>] 
[--excludePDBData <value>] 
[--pdbAdminUserName <value>] 
[--lockPDBAdminAccount <value>] 
[--sourcePDBServiceConvertList <value>]
Where:
  • --pdbName specifies the name of the new PDB that you want to clone
  • --dbName specifies the name of the database
  • --targetPDBName specifies the name for the target PDB (new cloned PDB)
  • --powerLimit specifies the degree of parallelism to be used for the clone operation. Valid value is between 1 and 128
  • --maxCPU specifies the maximum number of CPUs to be allocated for the PDB
  • --maxSize specifies the maximum storage size in GB for the new PDB
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --executePrereqs specifies yes to run only the prereqs for this operation. Valid values: yes or no
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true or false
  • --blobLocation custom directory location where the standby blob file will be generated in a DG environment.
  • --standbyBlobFromPrimary specifies the location of the standby blob file which is prepared from the primary database. This is required only for standby database PDB operations.
    Note

    The parameters --blobLocation and --standbyBlobFromPrimary are mutually exclusive.
  • --excludeUserTablespaces option to skip user table spaces, example t1,t2,t3.
  • --excludePDBData specify true/yes to skip user data from source pdb.
  • --pdbAdminUserName specify new PDB admin user name.
  • --lockPDBAdminAccount specify true or false to lock the PDB admin user account. Default value is true.
  • --sourcePDBServiceConvertList specify comma separated list of source to target service names which need to be converted. Syntax is source_srv1:new_srv1,source_srv2:new_srv2.

The newly cloned PDB inherits administration passwords from the source PDB.

Example 6-46 dbaascli pdb localClone

dbaascli pdb localClone --dbName db35 --pdbName PDB35 --targetPDBName local_clone1 --maxCPU 2 --maxSize 15

dbaascli pdb open

To open a pluggable database (PDB), use the dbaascli pdb open command.

Run the command as the root or oracle user.

Syntax

dbaascli pdb open
 {
   --pdbName <value> | --pdbUID <value>
 }
--dbname <value> [--openMode <value>] [--startServices <value>] [--waitForCompletion <value>] [--setPDBRefreshModeNone [--skipPDBRefresh] [--pdbAdminUserName <value>]]
Where:
  • --pdbName specifies the name of the PDB that you want to open
  • --pdbUID specifies the identifier of the PDB
  • --dbname specifies the name of the container database that hosts the PDB.
  • --openMode specifies the target OPEN MODE of PDB
  • --startServices: specifies to start all or list all services corresponding to a PDB. Accepted values are all or a comma-delimited list of PDB services.
  • --waitForCompletion: specify false to run the operation in the background. Valid values: true|false
  • --setPDBRefreshModeNone: specifies to convert a refreshable PDB to non-refreshable PDB
    • --skipPDBRefresh: specifies to skip refreshable PDB refresh
    • --pdbAdminUserName: specifies new PDB admin user name

Upon successful completion, the PDB is opened on all of the container database instances.

Example 6-47 dbaascli pdb open

dbaascli pdb open --dbname cdb name --pdbName pdb name associated with the CDB
dbaascli pdb open --dbname cdb name --pdbUID con_uid of that pdb

Optional: --openMode READ_WRITE/READ_ONLY

dbaascli pdb recover

To recover a pluggable database (PDB), use the dbaascli pdb recover command.

Prerequisite

  • Run the command as the root user.
  • Database must be configured with backup storage destination details where backups are stored.

Syntax

dbaascli pdb recover --pdbName <value> --dbname <value>
        {
            --start
                {
                    --untilTime <value>
                    | --untilSCN <value>
                    | --latest
                    | --tag <value>
                }
            | --status --uuid <value>
        }
Where:
--pdbName: PDB name.
--dbname: Oracle Database name.
--start | --status
--start
       --untilTime | --untilSCN | --latest | --tag
       --untilTime: Recovers PDB until time. Input format: DD-MON-YYYY HH24:MI:SS.
       --untilSCN: Recovers PDB until SCN.
       --latest: Recovers PDB to last known state.
       --tag: Recovers PDB to archival tag.
--status
       --uuid <value>

Example 6-48 Examples

  • To recover a PDB pdb1 in a CDB myTestDb to latest:
    dbaascli pdb recover --dbname myTestDb --pdbName pdb1 --start --latest
  • To query the status of PDB recovery request submitted with uuid 81a17352362011ecbc3000163e8e4fac:
    dbaascli pdb recover --dbname myTestDb --pdbName pdb1 --status --uuid 81a17352362011ecbc3000163e8e4fac

dbaascli pdb refresh

To refresh a specified pluggable database (PDB), use the dbaascli pdb refresh command.

Run the command as the root or oracle user.

Syntax

dbaascli pdb refresh --dbname <value>
   {
      --pdbName <value> | --pdbUID <value>
    }
    [--waitForCompletion <value>]

Where:

  • --dbname: specifies the name of the Oracle Database
  • --pdbName: specifies the name of the pluggable database
  • --pdbUID: specifies the identifier of the pluggable database
  • --waitForCompletion: specify false to run the operation in the background. Valid values: true|false

dbaascli pdb relocate

To relocate the specified PDB from the remote database into local database, use the dbaascli pdb relocate command.

Prerequisite

Run the command as the oracle user. When prompted, you must supply the SYS user password for the source database.

Syntax

dbaascli pdb relocate --pdbName <value> --dbName <value> --sourceDBConnectionString <value> 
[--targetPDBName <value>]
[--powerLimit <value>]
[--maxCpu <value>]
[--maxSize <value>]
[--resume [--sessionID <value>]]
[--executePrereqs <value>]
[--sourcePDBServices <value>]
[--sourcePDBReadOnlyServices <value>]
[--waitForCompletion <value>]
{
    [--blobLocation <value>] | [--standbyBlobFromPrimary <value>]
}
[--upgradePDB <value>]
[--updateDBBlockCacheSize]
{
    [skipOpenPDB] | [--completePDBRelocate]
}
Where:
  • --pdbName specifies the source PDB name to relocate
  • --dbName specifies the target database name
  • --sourceDBConnectionString specifies the source database connection string in the format <scan_name>:<scan_port>/<database_service_name>
  • --targetPDBName specifies a name for the target PDB (new relocated PDB)
  • --powerLimit specifies the degree of parallelism to be used for the relocate operation
  • --maxCpu specifies the maximum number of CPUs to be allocated for the PDB
  • --maxSize specifies the maximum storage size in GB for the new PDB
  • --resume specifies to resume the previous execution
    • --sessionID specifies to resume a specific session ID
  • --executePrereqs specifies yes to run only the prereqs for this operation. Valid values: yes|no
  • --sourcePDBServices specifies a list of comma-delimited source PDB services
  • --sourcePDBReadOnlyServices specifies a comma-delimited list of source PDB read-only services
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true|false
  • --blobLocation specifies the location of a custom directory where the standby BLOB file will be generated in a Data Guard environment.
  • --standbyBlobFromPrimary specifies the location of the standby BLOB file, which is prepared from the primary database. This is required only for standby operations.
    Note

    The parameters --blobLocation and mutually exclusive.
  • --upgradePDB specifies true to upgrade the PDB as part of this operation. Valid values : true | false.
  • --updateDBBlockCachesize option to enable application to set db block cache size initialization parameters to support data copy with different block size.
  • --skipOpenPDB - indicates that the PDB should not be opened at the end of the current operation.
  • --completePDBRelocate - completes the PDB relocation if done as a two-step operation.

Example 6-49 dbaascli pdb relocate

dbaascli pdb relocate --sourceDBConnectionString test-scan.dbaastoolslrgsu.dbaastoolslrgvc.oraclevcn.com:1521/source_cdb_service_name --pdbName source_pdb --dbName target_db

dbaascli pdb remoteClone

To create a new pluggable database (PDB) as a clone of an existing PDB in another container database (CDB), use the dbaascli pdb remoteClone command.

Run the command as the root or oracle user.

Syntax

dbaascli pdb remoteClone --pdbName <value> --dbName <value> --sourceDBConnectionString <value> [--targetPDBName <value>] [--powerLimit <value>] [--maxCPU <value>] [--maxSize <value>] [--resume [--sessionID <value>]] [--executePrereqs] [--waitForCompletion <value>] [--sourcePDBExportedTDEKeyFile <value>]
        {
            [--blobLocation <value>]
            | [--standbyBlobFromPrimary <value>]
        }
[--excludeUserTablespaces <value>] 
[--excludePDBData <value>] 
[--pdbAdminUserName <value>] 
[--lockPDBAdminAccount <value>] 
[--sourcePDBServiceConvertList <value>] 
[--refreshablePDB --refreshMode <value> [--refreshIntervalInMinutes <value>] --dblinkUsername <value> [--honorCaseSensitiveUserName]] 
[--updateDBBlockCacheSize]
Where:
  • --pdbName specifies the name of the source PDB that you want to clone
  • --dbname specifies the name (DB_NAME) of the CDB that hosts the newly cloned PDB
  • --sourceDBConnectionString specifies the source database connection string in the format scan_name:scan_port/database_service_name
  • --targetPDBName specifies the name for the target PDB (new cloned PDB)
  • --powerLimit specifies the degree of parallelism to be used for the clone operation. Valid value is between 1 and 128
  • --maxCPU specifies the maximum number of CPUs to be allocated for the PDB
  • --maxSize specifies the maximum storage size in GB for the new PDB
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --executePrereqs specifies yes to run only the prereqs for this operation. Valid values: yes or no
  • --waitForCompletion specifies false to run the operation in the background. Valid values: true or false
  • --sourcePDBExportedTDEKeyFile specifies the source PDB exported key file. This variable is applicable to only 12.1 database.
  • --blobLocation specifies the custom path where the standby blob file will be generated in a Data Guard environment
  • --standbyBlobFromPrimary specify the location of the standby blob file, which is prepared from the primary database. This is required only for standby database PDB operations
    Note

    The parameters --blobLocation and --standbyBlobFromPrimary are mutually exclusive.
  • --excludeUserTablespaces option to skip user table spaces, example t1,t2,t3.
  • --excludePDBData specify true/yes to skip user data from source PDB.
  • --pdbAdminUserName specifies new PDB admin user name
  • --lockPDBAdminAccount specify true or false to lock the PDB admin user account. Default value is true.
  • --sourcePDBServiceConvertList specify a comma-delimited list of source to target service names, which need to be converted. Syntax is source_srv1:new_srv1, source_srv2:new_srv2.
  • --refreshablePDB specifies to create refreshable PDB
    • --refreshMode specifies refresh mode for refreshable PDB. Valid values: AUTO|MANUAL
      • --refreshIntervalInMinutes specifies refresh interval for refreshablePDB in minutes
    • --dblinkUsername specifies common user of a remote database used for database link to connect to the remote database
      • --honorCaseSensitiveUserName indicates specified username is case sensitive
  • --updateDBBlockCacheSize: specifies to enable application to set db block cache size initialization parameters to support data copy with a different block size

When promoted, you must supply the SYS user password for the source PDB. The newly cloned PDB inherits administration passwords from the source PDB. The cloned PDB is named using the following format: dbname_sourcepdbname. This command is supported only for databases that are not in a Data Guard configuration and use Oracle Database version 12.2.0.1, or later.

Example 6-50 dbaascli pdb remoteClone

dbaascli pdb remoteClone --sourceDBConnectionString test-can.dbaastoolslrgsu.dbaastoolslrgvc.oraclevcn.com:1521 --pdbName source_pdb1 --dbName db9944 --targetPDBName new_pdb1 --maxsize 5 --maxcpu 2
dbaascli pdb remoteClone --sourceDBConnectionString orcla.dbaastoolslrgsu.dbaastoolslrgvc.oraclevcn.com --pdbName source_pdb1 --dbName db9944 --targetPDBName new_pdb1 --maxsize 5 --maxcpu 2

dbaascli system getDBHomes

To view information about all the Oracle homes, use the dbaascli system getDBHomes command.

Prerequisite

Run the command as the root or oracle user.

Syntax

dbaascli system getDBHomes

Example 6-51 dbaascli system getDBHomes

dbaascli system getDBHomes

dbaascli tde changePassword

To change TDE keystore password as well as DB wallet password for the alias tde_ks_passwd, use the dbaascli tde changePassword command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde changePassword [--dbname <value>]
  {            [--prepareStandbyBlob <value> [--blobLocation <value>]]
               | [--standbyBlobFromPrimary <value>]
  }
  [--resume [--sessionID <value>]]
Where:
  • --dbname specifies the name of the database
  • --prepareStandbyBlob - specify true to generate a blob file containing the artifacts needed to perform the operation in a DG environment.
  • --blobLocation - custom path where the standby blob file will be generated in a DG environment.
  • --standbyBlobFromPrimary - specify the location of the standby blob file which is prepared from the primary database. This is required only for standby operations.
  • --resume - to resume the previous execution
  • --sessionID - to resume a specific session id.
To change the TDE password in a non-Data Guard environment
dbaascli tde changepassword --dbname
      <dbname>
To change the TDE password in a Data Guard environment
  1. Change the TDE password in primary database.
    dbaascli tde changepassword --dbname
      <dbname> --prepareStandbyBlob true --blobLocation
      <Location where blob file has to be generated>
  2. Copy the created standby blob to standby database environment.
  3. Change the TDE password in standby database
    dbaascli tde changepassword --dbname
     <dbname> --standbyBlobFromPrimary <Location of blob generated from
    primary>

dbaascli tde addSecondaryHsmKey

To add a secondary HSM (KMS) key to the existing HSM (KMS) configuration, use the dbaascli tde addSecondaryHsmKey command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde addSecondaryHsmKey --dbname <value> --secondaryKmsKeyOCID <value>
[--executePrereqs]
Where:
  • --secondaryKmsKeyOCID specifies the secondary KMS key to add to the existing HSM (KMS) configuration
  • --dbname specifies the name of the database
  • --executePrereqs sexecute the prerequisites checks and report the results.

Example 6-52 dbaascli tde addSecondaryHsmKey

dbaascli tde addSecondaryHsmKey --dbname dbname --secondaryKmsKeyOCID ocid1.key.oc1.eu-frankfurt-1.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza
dbaascli tde addSecondaryHsmKey --dbname dbname --secondaryKmsKeyOCID ocid1.key.oc1.eu-frankfurt-1.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza --precheckOnly yes

dbaascli tde enableWalletRoot

To enable wallet_root spfile parameter for the existing database, use the dbaascli tde enableWalletRoot command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde enableWalletRoot --dbname <value>
[--dbRestart <value>]
[--executePrereqs]
[--resume [--sessionID <value>]]
Where:
  • --dbname specifies the name of the Oracle Database.
  • --dbrestart specifies the database restart option. Valid values are: rolling or full. Default value: rolling

    If you do not pass the dbrestart argument, then the database restarts in a rolling manner.

  • --precheckOnly runs only the precheck for this operation. Valid values are: yes or no
  • --resume to resume the previous execution
  • --sessionID to resume a specific session id.

Example 6-53 dbaascli tde enableWalletRoot

dbaascli tde enableWalletRoot --dbname db name --dbrestart rolling|full
dbaascli tde enableWalletRoot --dbname orcl
dbaascli tde enableWalletRoot --dbname orcl--dbrestart full

dbaascli tde encryptTablespacesInPDB

To encrypt all the tablespaces in the specified PDB, use the dbaascli tde encryptTablespacesInPDB command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde encryptTablespacesInPDB --dbname <value> --pdbName <value>
[--executePrereqs]
Where:
  • --pdbName specifies the name of the PDB to encrypt all the tablespaces.
  • --dbname specifies the name of the Oracle Database.
  • --executePrereqs execute the prerequisites checks and report the results.

Example 6-54 dbaascli tde encryptTablespacesInPDB

dbaascli tde encryptTablespacesInPDB --dbname dbname --pdbName pdb
dbaascli tde encryptTablespacesInPDB --dbname dbname --pdbName pdb --executePrereqs

dbaascli tde fileToHsm

To convert FILE based TDE to HSM (KMS/OKV) based TDE, use the dbaascli tde fileToHsm command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde fileToHsm --kmsKeyOCID <value> --dbname <value> 
[--skipPatchCheck <value>] 
[--executePrereqs ] 
[--primarySuc <value>]
{
    [--resume [--sessionID <value>]] | [--revert [--sessionID <value>]]
}
[--waitForCompletion <value>]
Where:
  • --kmsKeyOCID specifies the KMS key OCID to use for TDE. This is applicable only if KMS is selected for TDE
  • --dbname specifies the name of the database
  • --skipPatchCheck skips validation check for required patches if the value passed for this argument is true. Valid values: true or false
  • --executePrereqs sexecute the prerequisites checks and report the results.
  • --primarySuc specify this property in the standby database of the Data Guard environment once the command is successfully run on the primary database
  • --resume specifies to resume the previous run
    • --sessionID specifies to resume a specific session ID
  • --revert specifies to rollback the previous run
    • --sessionID specifies to rollback a specific session ID
  • --waitForCompletion specify false to run the operation in background. Valid values : true|false.

Example 6-55 dbaascli tde fileToHsm --kmsKeyOCID

dbaascli tde fileToHSM --dbname dbname --kmsKeyOCID ocid1.key.oc1.eu-frankfurt-.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza
dbaascli tde fileToHSM --dbname dbname --kmsKeyOCID ocid1.key.oc1.eu-frankfurt-.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza --executePrereqs 
dbaascli tde fileToHSM --dbname dbname --kmsKeyOCID ocid1.key.oc1.eu-frankfurt-.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza --resume

dbaascli tde getHsmKeys

To get TDE active key details, use the dbaascli tde getHsmKeys command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde getHsmKeys
[--dbname]
[--infoFile]
Where:
  • --dbname specifies the name of the database
  • --infoFile specifies the file path where the list of OCIDs will be saved. The output is in JSON format

Example 6-56 dbaascli tde getHsmKeys

dbaascli tde getHsmkeys --dbname dbname
dbaascli tde getHsmkeys --dbname dbname --infoFile infoFilePath

dbaascli tde getMkidForKeyVersionOCID

To get Master Key ID associated with the KMS key version OCID, use the dbaascli tde getMkidForKeyVersionOCID command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde getMkidForKeyVersionOCID --kmsKeyVersionOCID <value>
[--dbname <value>]
[--waitForCompletion <value>]
Where:
  • --kmsKeyVersionOCID specifies the KMS key version OCID to set
  • --dbname specifies the name of the database
  • --waitForCompletion specify false to run the operation in background. Valid values : true|false.

Example 6-57 dbaascli tde getMkidForKeyVersionOCID

dbaascli tde getMkidForKeyVersionOCID --dbname dbname --kmsKeyVersionOCID ocid1.keyversion.oc1.eu-frankfurt-1.bjqnwclvaafak.bc4hmd3olgaaa.abtheljsyxtgn4vzi2bbpcej6a7abcwvylkd2lx56lu2s6iwnxwgigu23nha

dbaascli tde getPrimaryHsmKey

To get primary HSM (KMS) key from the existing HSM (KMS) configuration, use the dbaascli tde getPrimaryHsmKey command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde getPrimaryHsmKey
[--dbname]
Where:
  • --dbname specifies the name of the database

Example 6-58 dbaascli tde getPrimaryHsmKey

dbaascli tde getPrimaryHsmKey --dbname dbname

dbaascli tde hsmToFile

To convert HSM (KMS/OKV) based TDE to FILE based TDE, use the dbaascli tde hsmToFile command.

Run the command as the root user.

Syntax

dbaascli tde hsmToFile 
[--dbname <value>] 
{
    [--prepareStandbyBlob <value> [--blobLocation <value>]
   | [--standbyBlobFromPrimary <value>]
}
] 
[--skipPatchCheck <value>] 
[--executePrereqs ] 
[--primarySuc <value>] 
{
     [--resume [--sessionID <value>]] |
     [--revert [--sessionID <value>]]
} 
[--waitForCompletion <value>]
Where:
  • --dbname specifies the name of the database
  • --prepareStandbyBlob specify true to generate a blob file containing the artifacts needed to perform the operation in a DG environment.
  • --blobLocation custom directory location where the standby blob file will be generated in a DG environment.
  • --standbyBlobFromPrimary specify the location of the standby blob file which is prepared from the primary database. This is required only for standby operations. ]
  • --skipPatchCheck skips validation check for required patches if the value passed for this argument is true. Valid values: true or false
  • --executePrereqs execute the prerequisites checks and report the results.
  • --primarySuc specify this property in the standby database of the Data Guard environment once the command is successfully run on the primary database
  • --resume resumes the previous run
    • --sessionID specifies to resume a specific session ID
  • --revert specifies to roll back the previous run
    • --sessionID specifies to rollback a specific session ID
  • --waitForCompletion specifies false to run the operation in background. Valid values: true|false

Example 6-59 dbaascli tde hsmToFile

dbaascli tde hsmToFile --dbname dbname
dbaascli tde hsmToFile --dbname dbname --executePrereqs
dbaascli tde hsmToFile --dbname dbname --resume

dbaascli tde listKeys

To list TDE master keys, use the dbaascli tde listKeys command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde listKeys
[--dbname <value>]
[--infoFilePath <value>]
Where:
  • --dbname specifies the name of the database
  • --infoFilePath specify the absolute path of the file where the results will be saved.

Example 6-60 dbaascli tde listKeys

dbaascli tde listKeys --dbname dbname
dbaascli tde listKeys --dbname dbname --infoFilePath infoFilePath

dbaascli tde removeSecondaryHsmKey

To remove secondary HSM (KMS) key from the existing HSM (KMS) configuration, use the dbaascli tde removeSecondaryHsmKey command.

Prerequisite

Run the command as the root user.

Syntax

dbaascli tde removeSecondaryHsmKey --dbname <value>
[--confirmDeletion]
[--secondaryKmsKeyOCID]
[--executePrereqs]
Where:
  • --dbname specifies the name of the database
  • --confirmDeletion if not specified the user will be prompted while deleting all existing HSM(KMS) keys.
  • --secondaryKmsKeyOCID secondary KMS key to be removed from existing HSM(KMS) configuration. If not specified all secondary KMS keys will be removed.
  • --executePrereqs execute the prerequisites checks and report the results.

Example 6-61 dbaascli tde removeSecondaryHsmKey

dbaascli tde removeSecondaryHsmKey --dbname dbname
dbaascli tde removeSecondaryHsmKey --dbname dbname --secondaryKmsKeyOCID ocid1.key.oc1.eu-frankfurt-1.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza
dbaascli tde removeSecondaryHsmKey --dbname dbname --secondaryKmsKeyOCID ocid1.key.oc1.eu-frankfurt-1.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza --executePrereqs

dbaascli tde rotateMasterKey

To rotate the master key for database encryption, use the dbaascli tde rotateMasterKey command.

Prerequisites:

Run the command as the root user.

Syntax

dbaascli tde rotateMasterKey --dbname <value> 
[--rotateMasterKeyOnAllPDBs] 
[--pdbName <value>] 
[--executePrereqs] 
[--resume [--sessionID <value>]]
{
     [--prepareStandbyBlob <value> [--blobLocation <value>]]
     | [--standbyBlobFromPrimary <value>]
 }
Where:
  • --dbname specifies the name of the Oracle Database
  • --rotateMasterKeyOnAllPDBs specifies true to rotate master key of all PDBs in CDB. Valid values: true|false
  • --pdbName specifies the name of the PDB
  • --executePrereqs runs the prerequisites checks and report the results
  • --resume specifes to resume the previous execution
  • --sessionID specifies to resume a specific session ID
  • --prepareStandbyBlob specifies true to generate a BLOB file containing the artifacts needed to perform the operation in a Data Guard environment
  • --blobLocation specifies the location of the custom directory where the standby BLOB file will be generated in a Data Guard environment
  • --standbyBlobFromPrimary specifies the location of the standby BLOB file, which is prepared from the primary database. This is required only for standby operations.

dbaascli tde setKeyVersion

To set the version of the primary key to be used in DB/CDB or PDB, use the dbaascli tde setKeyVersion command.

Run the command as the root user.

Syntax

dbaascli tde setKeyVersion --kmsKeyVersionOCID <value> --dbname <value>
[--pdbName <value>]
[--masterKeyID <value>]
[--standbySuc]
[--executePrereqs]
[--waitForCompletion <value>]
Where:
  • --kmsKeyVersionOCID specifies the KMS key version OCID to set.
  • --dbname specifies the name of the database.
  • --pdbName name of the PDB to use the key version OCID.
  • --masterKeyID specifies the master key ID of the given key version OCID. This is applicable to the Data Guard environment.
  • --standbySuc specify this property in the primary database of the Data Guard environment once the command is successfully run on the standby database
  • --executePrereqs execute the prerequisites checks and report the results.
  • --waitForCompletion specify false to run the operation in background. Valid values: true|false

Example 6-62 dbaascli tde setKeyVersion

dbaascli tde setKeyVersion --dbname dbname --kmsKeyVersionOCID ocid1.keyversion.oc1.eu-frankfurt-1.bjqnwclvaafak.bc4hmd3olgaaa.abtheljsyxtgn4vzi2bbpcej6a7abcwvylkd2lx56lu2s6iwnxwgigu23nha
dbaascli tde setKeyVersion --dbname dbname --kmsKeyVersionOCID ocid1.keyversion.oc1.eu-frankfurt-1.bjqnwclvaafak.bc4hmd3olgaaa.abtheljsyxtgn4vzi2bbpcej6a7abcwvylkd2lx56lu2s6iwnxwgigu23nha --executePrereqs
dbaascli tde setKeyVersion --dbname dbname --pdbName pdb --kmsKeyVersionOCID ocid1.keyversion.oc1.eu-frankfurt-1.bjqnwclvaafak.bc4hmd3olgaaa.abtheljsyxtgn4vzi2bbpcej6a7abcwvylkd2lx56lu2s6iwnxwgigu23nha

dbaascli tde setPrimaryHsmKey

To change the primary HSM (KMS) key for the existing HSM (KMS) configuration, use the dbaascli tde setPrimaryHsmKey command.

Run the command as the root user.

Syntax

dbaascli tde setPrimaryHsmKey --primaryKmsKeyOCID <value> --dbname <value>
[--allStandbyPrepared]
[--bounceDatabase]
[--executePrereqs]
[--resume [--sessionID <value>]]
Where:
  • --primaryKmsKeyOCID specifies the primary KMS key to set
  • --dbname specifies the name of the database
  • --allStandbyPrepared specify to confirm that the operation has been successfully run on all the standby databases.
  • --bounceDatabase specify this flag to do rolling database bounce for this operation
  • --executePrereqs execute the prerequisites checks and report the results.
  • --resume to resume the previous execution
  • --sessionID to resume a specific session id.

Example 6-63 dbaascli tde setPrimaryHsmKey

dbaascli tde setPrimaryHsmKey --dbname dbname --primaryKmsKeyOCID ocid1.key.oc1.eu-frankfurt-1.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza
dbaascli tde setPrimaryHsmKey --dbname dbname --primaryKmsKeyOCID ocid1.key.oc1.eu-frankfurt-1.bjqnwclvaafak.abtheljsgfxa2xe5prvlzdxtygoiqpm2pu2afgta54krxwllk5uxainvvxza --executePrereqs

dbaascli tde status

To display information about the keystore for the specified database, use the dbaascli tde status command.

Prerequisite

Run the command as the oracle user.

Syntax

dbaascli tde status --dbname dbname
Where:
  • --dbname specifies the name of the database that you want to check.

Output from the command includes the type of keystore, and the status of the keystore.

Example 6-64 dbaascli tde status

dbaascli tde status --dbname dbname