My Oracle Support Banner

GoldenGate Deployment for Oracle Transportation and Global Trade Management Cloud (OTM) (Doc ID 2497511.1)

Last updated on JANUARY 07, 2022

Applies to:

Oracle Transportation Cooperative Routing Cloud Service
Oracle Transportation Management Cloud Service
Oracle Transportation Sourcing Cloud Service
Oracle Trade Compliance Cloud Service - Version 18 and later
Oracle Transportation Intelligence Cloud Service
Information in this document applies to any platform.


OTM SaaS Cloud provides various methods to extract data from external sources: XML, CSV, REST and DB.XML. If you are performing external reporting or business intelligence and need to populate an external database for SQL access, you can purchase the Oracle OCI GoldenGate Marketplace license and request via  SR to have that connected to the Transportation and Global Trade Management Cloud. This solution replicates the key data from the Transportation and Global Trade Management Cloud database to an external database, either in the Oracle Cloud or on premise. This replication is for reporting purposes only and should not be used for integration or custom applications.

Use this document to prepare your environment to receive data from a Transportation and Global Trade Management Cloud database through a GoldenGate interface after you log an SR.


OTM/OGG on OCI Marketplace - High Level Architectural Diagram

Requirements for Target

Below softwares, features, and environment are required for customers' target servers. Please reference the architectural diagram in this document.

1. Target database requirements:
    a) must be running on Oracle database Enterprise Edition 19c or above
    b) must be new and dedicated to Goldengate replication and no other functionality can be hosted
    c) can be either standalone or plugable database
    d) must have the license for the Oracle Partitioning
    e) must have the license for the Oracle Edition
2. Target should be OCI Oracle Goldengate Marketplace Microservices instance or Oracle Golden Gate Service
3. Target NGINX Reverse Proxy Server should be receiving traffic on port 443
4. No custom certificates are allowed on target
5. Certificates must exist on target NGINX default directory
6. The customer must use the target replication parameters, and not change the configuration and parameters without OTM approval
7. Target Receiver Server authentication should be validated by customer before submitting OTM Goldengate service request
8. No change is allowed in target Goldengate after deployment without OTM support approval
9. OTM needs mininum 500GB of disk space for trail file location in target Goldengate server to prevent outages.
10. Reserved and permanent public IP address is required for the target Goldengate server
11. Network requirements:
    a) The Receiving server should be able to directly receive the communication from Oracle Gateway server
    b) OTM Golden Gate Software should be able to directly reach the NGINX server, no middle layers are allowed (Web Application Firewall, Web Gateways, Cloud Load Balancers, etc.)

12. OTM does support Oracle GoldenGate Cloud Service (GGS) for the target servers.
13. OTM does not support on-premise GoldenGate and database target servers.

14. NGINX server and GoldenGate server need to be on the same VM, same as in OCI GoldenGate Markeplace VM.


Prepare Target Environment

  1. Make sure you have obtained OCI GoldenGate Marketplace license
  2. Create an OCI Goldengate Marketplace VM instance

    Please make sure you reserve the Public IP address of the OCI Goldengate Marketplace VM instance and that it won't change in the future. Any change in this public IP will cause the source and target Goldengate to fail and everything must be recreated/re-provisioned from scratch.

  3. Create an Empty Shell Database
  4. Prepare a Target Database.
  5. Configure the Target Database within GoldenGate.
  6. Configure the OCI Goldengate Marketplace VM instance

    By default, Oracle GoldenGate Microservices on OCI Marketplace is configured behind a Nginx Reverse Proxy. This simplifies the architecture with OCI. Also, the Nginx Reverse Proxy makes the deployment secure. This means that when you connect over a public IP address, the on-premises Oracle GoldenGate Microservices Architecture has to be secure.

    In order to securely connect, perform the following steps on the target OCI compute node:

    On the target OCI Goldengate VM instance:

    In the Administration Service on the Oracle GoldenGate Microservices configuration GUI in OCI, create a network user for the Receiver Server on target:

    a. Create a user that will be allowed to login to the environment and connect to the Receiver Service.

    b. Login to the Administration Service. For this step you will need the ggadmin password out of ogg-credentials.json file , unless password was changed after initial setup.

    https://<public id address>/<deployment name>/adminsrvr

    Example: https://<public ip address>/OCI-BASE/adminsrvr

    c. Open the context menu and select the Administrator option (not Configuration option)

    d. Click the plus ( + ) sign to add a new User

    e. Add a new user as Operator role. This account will be used by the on-premise Distribution Service to login to through the Reverse Proxy

        Provide the following information:

        Username: ggrsuser

        Role: Operator

        Type: Basic

        Info: Network User

        Password: <provide password>

    Important: Above steps are to create new user in the administrator page of Goldengate Administration Server of the Service Manager GUI, it will not create a new Credential under the Configuration page.

    f. To verify the new user, you need to log out of Service Manager GUI and log on to the Receiver Server using the above new user. You should be able to log on to the target Receiver Server using the Service Manager GUI as ggrsuser/<password>

    g. Provide above user details to the Oracle OTM team to configure the Goldengate source.

  7. Submit a SR with Oracle OTM team to request Goldengate provisioning. GoldenGate instance on target must be up and running and below needed information shared with Oracle before OTM team can start provisioning the GoldenGate source instance . Creating source GoldenGate instance depends on information provided on this step.

    1) Public IP Address and port number of the target receiver server (normally the port number is 443 for GG Marketplace).

    This IP and port should be reachable by the command below:

    openssl s_client -connect

    Please provide a complete output in a text file for the command below:
    openssl s_client -connect

    Note: It will take approximately one week for the network team to open port in firewall for the public IP you provided. As mentioned above, please reserve the Public IP address and make sure it won't change in the future. Any change in this public IP address will cause the source and target Goldengate to fail and everything must be recreated/re-provisioned from scratch.

    2) Target FQDN (Fully Qualified Domain name)

    3) Target Goldengate Deployment name

    4) Target Server Certificate Common Name

    5) Target Object storage URL, Object storage IP address and port number, Object Storage container name, and logon credentials (username and password) for the Oracle OTM team to upload export and other config files

    Please provide info for either A or B below:

    A. You can also provide a Pre-Authenticate Request (PAR) URL (no need for separate login credentials)

    For example,
        OCI Tenancy: testTenancy
        Object Storage Namespace: testOSS
        Bucket Name: OACMigrationStorageBucket
        PAR URL:

    To put objects in that respective bucket one can use curl / Postman etc., basically any REST client making PUT type requests.
    $ curl -X PUT --data-binary '@tablespace.lst'

    B. Alternatively, please provide the info below.

        Bucket name for the object storage
        OCI tenancy

    For example,


    cat /home/ociobj/.oci/oci_api_key.pem
        -----BEGIN RSA PRIVATE KEY-----
        -----END RSA PRIVATE KEY-----

    6) Target Support team Contact details (name, email, and phone number)

    7) OTM Pod name or URL

    8) ggrsuser/<password> from Step 6.e listed above.


On OCI side please whitelist the OTM egress Public IP address of the source server (to be provided by the Oracle OTM team after firewall port opened). Whitelisting will allow GoldenGate source to connect to the target on port 443


Replication Environment

Goldengate process is designed to handle production replication only. If you want to do stage deployment, you can use the production trail files and copy them to your stage environments in target.


    1. Execute Datapump Import.
    2. Create a Primary Replicat.


Your Data Integrator should work with your DBA and Network Managers.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 OTM/OGG on OCI Marketplace - High Level Architectural Diagram
 Requirements for Target
 Below softwares, features, and environment are required for customers' target servers. Please reference the architectural diagram in this document.
 Prepare Target Environment
 Preparing the Target Environment
 What You Need from Oracle before Preparing the Target Environment
 Install Golden Gate Microservices
 Create an Empty Shell Database
 Prepare the Target Database
 Configure the Target Database within GoldenGate
 Reserve Public IP for Receiver Server
 Backup Requirement
 What You Need from Oracle before Beginning Instantiation
 Execute Datapump Import
 Create a Primary Replicat
 Goldengate P2T / re-initiation High level steps for the targets
 Further Reference

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.