DBaaS On OCI Fails To Launch With DNS Error "VCN RESOLVER FOR DNS AND DNS LABEL" - OCI

-

Database Creation Issue on DBaaS Service in OCI

Issue :

Invalid Parameter - VCN RESOLVER FOR DNS AND DNS LABEL must be enabled for all subnets used to launch the specified shape.

This issue was caused by a configuration of the custom DNS resolver option in Oracle Cloud Infrastructure virtual cloud network (VCN) settings. This post explains the issue and how to resolve it.

When customers configure a subnet within a VCN, they can choose Internet and VCN Resolver or Custom Resolver when configuring the DHCP options.


The default is Internet and VCN Resolver. If customers want to use their on-premises DNS servers across the FastConnect or IPSec VPN, they can select Custom Resolver. Generally, most enterprise customers put a DNS relay in the VCN within a shared services subnet. Typically the subnets within the VCN reflect this configuration. This works great for the applications.
However, the issue starts when customers try to provision an Oracle Database Cloud Service (DBCS) instance by using a prebuilt Oracle Database image on a subnet that is using the Custom Resolver DHCP option.
The typical error message is as follows:
Invalid Parameter - VCN RESOLVER FOR DNS AND DNS LABEL must be enabled for all subnets used to launch the specified shape

This message goes away when the customer changes the DNS in the DHCP options to Internet and VCN Resolver. But this change breaks other applications. This issue happens because of the recursive nature of the native VCN resolver.
Solutions
We have found a workaround for this problem when the customer is using prebuilt DB images for a DBCS. The following diagram describes the architecture:
To implement this workaround, perform the following steps:
  1. Use Terraform to create the VCN and required subnets. For instructions, see the VCN Overview and Deployment white paper.
  2. Select the VCN in which the Database instance is required to be launched.
  3. Select the Internet and VCN Resolver DHCP option (which is the default option).
  4. Launch the Database instance and make the required configuration for the instance.
  5. After the Database instance is launched, go to the DHCP options, select Custom Resolver, and enter the customer’s DNS server IP address.
  6. Instantiate the DNS relay serve in the shared resources subnet (referred in the preceding diagram as the shared subnet). Keep the DHCP option as Internet and VCN Resolver (the default).
  7. In all other application subnets, select the Custom Resolver DHCP option and enter the customer’s DNS server IP address.

Note: Ensure that there is connectivity back to the customer DNS server or servers from the Oracle Cloud. Also ensure that you populate the DNS Label field when creating the VCN, or it will take the default value.
That means you must ensure to revert back the changes to DHCP once you launched DB instance.
Issue Resolved . Happy Learning.


Comments

Post a Comment

Popular posts from this blog

Workflow Agent Listener Service WF_DEFERRED + Business Event not processing

-
Workflow Agent Listener Service WF_DEFERRED Will Not Start, Mailer May Be Down To implement the solution, please execute the following steps: 1.  Use this query to identify any remaining items in wf_deferred queue: SQL> select corrid, decode(state, 0, '0 = Ready', 1, '1 = Delayed', 2, '2 = Retained', 3, '3 = Exception', to_char(state)) State, count(*) COUNT from wf_deferred group by corrid, state; 2. Items with the APPS corrid will not dequeue from agent listener via service container.  This runs the deferred listener from the command lin e . Make sure that the listener and workflow service components - including the mailer - are down before you run this . This is not intended to be a substitute for the normal operation of this service container from the OAM console. Use this only during this cleanup operation. One will have to run this script manually: begin wf_log_pkg.wf_debug_flag := TRUE; wf_event...
Read more

Output Post Processor - EBS 12.2.4 Troubleshoot

-
Output Post Processor TroubleShooting Issue 1 Output Post Processor is Down with Actual Process is 0 And Target Process is 1 1. Shutdown Concurrent Managers 2. To ensure concurrent manager down; check there is no FNDLIBR process running. ps -ef | grep FNDLIBR 3. Run adadmin to relink FNDSVC executable. a. Invoke adadmin from command prompt b. Choose option 2 (2. Maintain Applications Files menu) c. Choose option 1 (1. Relink Applications programs ) d. Then type FND When prompted; ( Enter list of products to link (all for all products) [all] : FND ) e. Ensure adrelink is exiting with status 0 4. Start Concurrent Managers 5. Check the Output Post Processor Issue 2 Concurrent Processing  R12 Output Post Processor Service Not Coming Up Reason : If Service Manager for the node is not running.  Possible cause might be service manager definition is missing under Concurrent ->Manager ->Define form. If the Service Manager is not pr...
Read more

How to Diagnose Workflow Notification Mailer Issue

-
Outbound Notification Emails : 1. Check if the notification is present in the recipient/user's Worklist/Notifications page.If it does not exist     then it means that notification itself is not created and need to check the corresponding workflow     status.You may also query the notification from the wf_notifications table SQL> select recipient_role,notification_id,status,mail_status from wf_notifications where recipient_role like '&user_name';    The e-mail notification is sent only if all of following are true.                --Notification status is OPEN or CANCELED                --Notification mail_status is MAIL or INVALID 2. Check Recipient role has a valid e-mail address and notification preference MAIL% SELECT email_address, nvl(WF_PREF.get_pref(name, 'MAILT...
Read more