- Nov 30
- 2 mins read
Using a SOCKS5 Proxy to Replicate GoldenGate to Oracle GoldenGate Cloud Services
Replicating to the Oracle cloud is like any other replication with one exception. Unless you want to open ports to the Oracle GoldenGate Cloud Services (GGCS) system (not recommended) you must set up a proxy that uses a PKI key for authentication. Using a SOCKS5 Proxy to Replicate GoldenGate to Oracle GoldenGate Cloud Services is described below. This is straight-forward and easy to setup. Using the ssh command on your DMZ server you will set up a listening port and a forwarding address to connect incoming GoldenGate pump requests to the GGCS server.
The ssh command is setup to forward requests via a static connection. The following command is used to setup the SOCKS5 proxy.
ssh -v -N -f -D <DMZ>:<Port> opc@<GGCS> -E socks.out
The following parameters are used in my example:
-N do not execute remote command
-f go in to background (like nohup)
-D bind address IP and port to listen on
Addr Connection information. This is where it will tunnel to using PKI
-E logging file
Here is an example for connecting to the Oracle cloud.
ssh -v -N -f -D ptc02:9008 firstname.lastname@example.org -E socks.out
Once the SOCKS proxy is in place, the GoldenGate pump process is modified to use the SOCKS5 proxy by changing the RMTHOST line in the parameter file like this:
RMTHOST localhost, COMPRESS, MGRPORT 7809, SOCKSPROXY ptc02:9008
Since the SOCKS5 proxy forwards the request to the GGCS server it is essentially connecting to a manager process on the server it is running on. Thus, the target hostname from the forwarded pump perspective is localhost or the local IP address. The SOCKSPROXY is the DMZ server and port.
With this configuration you will not have to open any access other than the SSH access defined using the PKI key. This was done during the initial configuration of GGCS. Once this is working, replicating to the cloud is easy.
If you have multiple cloud instances just setup multiple SOCKS5 proxies on different ports.