DEV Community

Ryan Giggs
Ryan Giggs

Posted on

Oracle Autonomous Database Dedicated: Fleet Administration, Provisioning, and Role-Based Management

Oracle Autonomous Database on Dedicated Exadata Infrastructure enables organizations to build private database clouds with self-service capabilities while maintaining centralized governance and control. Understanding the fleet administration model, provisioning workflows, and role-based access control is essential for successfully deploying and managing dedicated autonomous database environments.

Fleet Administrator Role and Responsibilities

Core Fleet Administrator Functions

As fleet administrator, you set up your dedicated ADB platform in OCI and on Exadata Cloud@Customer, serving as the central point of control for infrastructure provisioning and management.

Infrastructure Provisioning:
The Fleet Administrator provisions Exadata Infrastructure by specifying its size, availability domain, and region, establishing the foundation for the private database cloud.

System Partitioning:
Fleet Administrators partition the system by provisioning Autonomous VM Clusters (AVMC) and Autonomous Container Databases (ACD), creating logical boundaries for different organizational units or workload types.

Key Responsibilities:

  • Capacity Management: Monitor and allocate infrastructure resources
  • Budget Control: Manage costs and spending across the fleet
  • Compatibility Management: Control database versions and feature adoption
  • Service Level Agreements: Define and enforce SLAs for database services
  • Infrastructure Lifecycle: Plan and execute infrastructure upgrades and maintenance

Self-Service Database Provisioning Model

Developer and DBA Access:
Developers, DBAs, and end users provision databases within Autonomous Container Databases using self-service tools, enabling rapid database deployment without fleet administrator intervention.

Self-Service Capabilities:

  • Database Creation: Instant provisioning of new autonomous databases
  • Monitoring: Real-time performance and health monitoring
  • Management: Day-to-day database operations and administration
  • Scaling: Dynamic resource allocation adjustments
  • Backup/Recovery: Self-service backup and restore operations

Billing and Cost Model

Autonomous Database Dedicated Pricing Structure

Infrastructure-Based Billing:
Billing is based on the size of Exadata infrastructure and the number of active ECPUs (Elastic CPUs) used by databases, providing predictable cost management.

ECPU Billing Metric:
Since January 2024, Oracle retired the OCPU billing metric in favor of ECPUs, providing more granular scaling and cost optimization. ECPU billing provides 50% lower entry cost with the smallest Autonomous Database being significantly less expensive than previous OCPU-based pricing.

Zero-Cost Resource Provisioning:
Organizations incur zero costs for resource provisioning activities like AVMC and ACD provisioning—costs are only incurred when databases actively consume compute resources.

Cost Optimization Benefits:

  • Pay for Active Consumption: Only active database ECPUs incur charges
  • Granular Scaling: Finer increments for resource allocation
  • Predictable Costs: Infrastructure-level pricing provides budget predictability
  • No Overhead Charges: Logical containers (AVMC, ACD) have no separate fees

Getting Started: Private Cloud Setup

Initial Setup Prerequisites

1. Request Service Limit Increase:
Submit service limit increase requests for Exadata rack capacity in your target OCI regions to ensure adequate infrastructure quota.

Service Limit Considerations:

  • Determine required Exadata rack size based on workload projections
  • Account for growth and disaster recovery requirements
  • Request limits across multiple regions for high availability
  • Plan for development, testing, and production environments

2. Fleet and DBA User Role Setup:
Configure organizational user groups and assign appropriate roles for fleet administrators and database administrators.

Role Configuration:

  • Create fleet administrator groups with infrastructure privileges
  • Establish developer/DBA groups with database management permissions
  • Configure identity provider integration for enterprise authentication
  • Implement least-privilege access control principles

3. Private Cloud Infrastructure Setup:
Provision core infrastructure components including networking, Exadata infrastructure, VM clusters, and container databases.

Infrastructure Components:

  • Virtual Cloud Network (VCN) configuration
  • Exadata infrastructure provisioning
  • Autonomous VM Cluster deployment
  • Autonomous Container Database creation

4. Provide Self-Service Access:
Enable end users to provision and manage autonomous databases through OCI Console, APIs, or command-line interfaces.

Access Enablement:

  • Assign appropriate IAM policies to user groups
  • Configure compartment access for resource isolation
  • Enable Database Actions and SQL Developer Web access
  • Provide documentation and training for self-service users

Provisioning Dedicated Resources: Step-by-Step

Step 1: Create Virtual Cloud Network (VCN)

Network Foundation:
To get started with Autonomous Database on Dedicated Exadata Infrastructure, the fleet administrator must create the core infrastructure resources and institute access controls to ensure that only authorized personnel and applications have network access.

VCN Configuration:

  • CIDR Block: Define IP address range for your private cloud
  • Subnets: Create private subnets for database resources
  • Security Lists: Configure ingress and egress rules
  • Route Tables: Define routing for traffic flow
  • Network Security Groups: Implement fine-grained access control

Security Considerations:

  • Use private subnets to eliminate public internet exposure
  • Implement least-privilege network access policies
  • Configure service gateways for Oracle service access
  • Plan VPN or FastConnect for on-premises connectivity

Step 2: Provision Exadata Infrastructure

Infrastructure Specifications:
Fleet administrators specify Exadata infrastructure size, availability domain, and region based on capacity requirements.

Configuration Parameters:

  • Shape: Select Exadata rack size (Quarter, Half, Full)
  • Availability Domain: Choose specific availability domain
  • Region: Select OCI region for deployment
  • Maintenance Window: Define preferred maintenance schedule
  • Contact Information: Specify administrative contacts

Exadata Infrastructure Options:

  • Base System: Standard Exadata configuration
  • High Capacity: Enhanced storage configurations
  • Exadata X11M: Latest generation Exadata platform

Step 3: Provision Autonomous VM Cluster (AVMC)

VM Cluster Configuration:
Partition Exadata infrastructure by creating Autonomous VM Clusters that provide compute isolation for database workloads.

AVMC Parameters:

  • Display Name: Logical name for the VM cluster
  • Exadata Infrastructure: Select target infrastructure
  • Virtual Machine Count: Number of VMs in the cluster
  • CPU Core Count: Allocated CPU cores for the cluster
  • Memory Allocation: Memory assigned to the cluster
  • License Type: Bring Your Own License (BYOL) or License Included

Database Version Compatibility:
ACDs can be provisioned with Oracle Database 19c or Oracle Database 23ai. However, to provision an ACD with 23ai, the parent AVMC must be ECPU-based with the DatabaseVersion tag set to 23ai.

Step 4: Provision Autonomous Container Database (ACD)

Container Database Creation:
Create Autonomous Container Databases within VM Clusters to provide database service boundaries.

ACD Configuration:

  • Display Name: Container database identifier
  • Autonomous VM Cluster: Target AVMC for the container
  • Database Version: Select 19c or 23ai
  • Maintenance Window: Define maintenance schedule
  • Backup Retention: Configure backup policies
  • Patch Level: Specify initial patch level

Container Database Benefits:

  • Logical separation of database environments
  • Independent patching and maintenance schedules
  • Resource isolation between workload types
  • Simplified management of related databases

Step 5: Provision Autonomous Database

Database Creation:
Developers and DBAs provision individual Autonomous Databases within Container Databases using self-service tools.

Database Configuration:

  • Database Name: Unique identifier for the database
  • Workload Type: Transaction Processing (ATP) or Data Warehouse (ADW)
  • ECPU Count: Compute allocation (minimum 2 ECPUs)
  • Storage: Data storage allocation in TB
  • Auto-Scaling: Enable automatic ECPU scaling
  • Access Type: Private endpoint configuration
  • License Type: BYOL or License Included

Advanced Options:

  • Character Set: Database character encoding
  • National Character Set: National language support
  • Autonomous Data Guard: Enable standby database
  • Access Control Lists: Define IP whitelisting

OCI Policies for Autonomous Dedicated

Role-Based Access Control Architecture

Identity and Access Management (IAM) Foundation:
Implement separation of duties between fleet administrators and database users through OCI's identity and access management system.

Core IAM Concepts:

Groups:
A set of users with the same privileges and access requirements. Groups enable consistent policy application across multiple users.

Policies:
Bind privileges for a group to a specific set of resources in a compartment, defining what actions group members can perform on which resources.

Compartments:
An operating context for a specific set of service resources, accessible only to groups who are explicitly granted access. Compartments provide resource isolation and access control boundaries.

Fleet Administrator Policies

Fleet Administrator Group Responsibilities:

  • Budget Management: Control spending and cost allocation
  • Capacity Planning: Monitor and allocate infrastructure resources
  • Compatibility Control: Manage database versions and features
  • SLA Management: Define and enforce service level agreements
  • AVMC Provisioning: Create and manage VM clusters
  • ACD Provisioning: Create and manage container databases

Sample Fleet Administrator Policy:

Allow group FleetAdmins to manage autonomous-exadata-infrastructures in compartment Production
Allow group FleetAdmins to manage autonomous-vm-clusters in compartment Production
Allow group FleetAdmins to manage autonomous-container-databases in compartment Production
Allow group FleetAdmins to read metrics in compartment Production
Allow group FleetAdmins to use cloud-shell in tenancy
Enter fullscreen mode Exit fullscreen mode

Developer and DBA Policies

Developer/DBA Group Responsibilities:

  • Self-Service Provisioning: Create autonomous databases within ACDs
  • Database Monitoring: Monitor performance and health metrics
  • Database Management: Perform day-to-day operations
  • Backup/Recovery: Execute backup and restore operations
  • Scaling Operations: Adjust database resources as needed

Sample Developer/DBA Policy:

Allow group DatabaseUsers to manage autonomous-databases in compartment Production where target.container.id = 'ocid1.autonomouscontainerdatabase...'
Allow group DatabaseUsers to read autonomous-container-databases in compartment Production
Allow group DatabaseUsers to use cloud-shell in tenancy
Allow group DatabaseUsers to read metrics in compartment Production
Enter fullscreen mode Exit fullscreen mode

Policy Best Practices

Principle of Least Privilege:
Grant only the minimum permissions necessary for users to perform their job functions.

Compartment Strategy:

  • Create separate compartments for different environments (dev, test, prod)
  • Implement compartment hierarchies for organizational alignment
  • Use compartments to enforce cost center allocation
  • Enable audit logging at compartment level

Policy Management:

  • Document all policies with clear descriptions
  • Regular review and audit of policy assignments
  • Implement policy versioning and change control
  • Test policies in non-production environments first

Group Management:

  • Define groups based on job functions, not individuals
  • Implement naming conventions for group identification
  • Regular review of group memberships
  • Integrate with enterprise identity providers (SAML, LDAP)

Advanced Configuration Scenarios

Multi-Tenant Architecture

Organizational Isolation:
ADB-D allows customers to group and separate databases based on organizational structure and criticality of application workload, ideal for delivering self-service database capability.

Tenant Separation Strategies:

  • By Department: Separate ACDs for different business units
  • By Environment: Isolated development, testing, and production
  • By Compliance: Separate regulatory compliance boundaries
  • By Geography: Regional data residency requirements

Hybrid Cloud Integration

Cloud@Customer Deployment:
Extend the same provisioning model to on-premises deployments with Exadata Cloud@Customer.

Hybrid Considerations:

  • Consistent management across cloud and on-premises
  • Network connectivity planning for hybrid access
  • Data replication between cloud and on-premises
  • Unified monitoring and operations

Disaster Recovery Configuration

Cross-Region Standby:
Provision Autonomous Container Databases in multiple regions with Data Guard replication.

DR Planning:

  • Primary and standby ACD configuration
  • Automatic failover policies
  • Regular DR testing procedures
  • Application connection failover configuration

Monitoring and Operations

Fleet-Level Monitoring

Infrastructure Metrics:

  • Exadata infrastructure utilization
  • AVMC resource consumption
  • ACD capacity and performance
  • Storage utilization trends

Capacity Planning:

  • Trend analysis for resource growth
  • Proactive capacity expansion planning
  • Cost projection and optimization
  • License utilization tracking

Database-Level Monitoring

Performance Metrics:

  • ECPU utilization per database
  • Storage consumption and growth
  • Query performance statistics
  • Connection pool utilization

Health Monitoring:

  • Automatic health checks
  • Alert configuration and notifications
  • Performance anomaly detection
  • Backup completion verification

Cost Management and Optimization

Billing Analysis

Cost Attribution:

  • Infrastructure costs at Exadata level
  • ECPU consumption per database
  • Storage costs per ACD
  • Backup storage consumption

Optimization Strategies:

  • Right-sizing database ECPU allocations
  • Auto-scaling configuration for variable workloads
  • Storage compression and optimization
  • Archive older data to object storage

Budget Controls

Cost Management Tools:

  • Tagging for cost center allocation
  • Budget alerts and notifications
  • Spending analysis and reporting
  • Compartment-level cost tracking

Migration and Onboarding

Migration from On-Premises

Migration Tools:

  • Data Pump export/import
  • Oracle GoldenGate for zero-downtime migration
  • RMAN backup and restore
  • Database cloning from backups

Migration Planning:

  • Assess current database inventory
  • Plan AVMC and ACD architecture
  • Define migration waves and priorities
  • Establish validation criteria

User Onboarding

Training and Documentation:

  • Fleet administrator training programs
  • Self-service user guides
  • Policy and procedure documentation
  • Best practices and reference architectures

Support Model:

  • Help desk procedures for self-service users
  • Escalation paths for complex issues
  • Regular user feedback collection
  • Continuous improvement processes

Conclusion

Oracle Autonomous Database on Dedicated Exadata Infrastructure provides a powerful private database cloud platform that balances centralized governance with self-service agility. The fleet administration model enables organizations to maintain control over infrastructure, capacity, and costs while empowering developers and DBAs with self-service database provisioning capabilities.

Key Success Factors:

Clear Role Separation:

  • Fleet administrators manage infrastructure and policies
  • Developers/DBAs handle database provisioning and operations
  • Well-defined IAM policies enforce access control
  • Compartment strategy provides resource isolation

Cost-Effective Model:

  • Infrastructure-based billing with ECPU granularity
  • Zero costs for logical resource provisioning (AVMC, ACD)
  • 50% lower entry costs with ECPU billing
  • Predictable cost structure for budgeting

Self-Service Enablement:

  • Rapid database provisioning without fleet admin bottlenecks
  • Consistent automation across deployment options
  • Comprehensive monitoring and management tools
  • Integration with enterprise DevOps workflows

Enterprise Governance:

  • Centralized capacity and budget management
  • Consistent security and compliance controls
  • Flexible multi-tenant architecture
  • Support for hybrid and multi-cloud strategies

By implementing the fleet administration model with appropriate role-based access control, organizations can deliver private database cloud services that meet enterprise requirements for security, compliance, and operational excellence while providing the agility and speed that modern development teams demand.

Top comments (0)