This page provides an overview of concepts associated with configuring network connectivity for heterogeneous Oracle to AlloyDB for PostgreSQL migrations:
Network components describes how the source and destination connectivity make up the end-to-end network configuration for migrations.
The examples sections show different combinations for public and private source and destination connectivity:
After you've considered the high-level relations between Google Cloud services involved in the migration process, you can proceed to learn more about source database connectivity methods and destination database connectivity methods.
Network components involved in the migration process
From a networking point of view, Database Migration Service and Cloud SQL are service producers that reside in their own dedicated networks (known as service networks), outside the Virtual Private Cloud (VPC) networks that you use in your Google Cloud project. The goal of configuring network connectivity for a migration process with Database Migration Service is to ensure that Database Migration Service can reach your source Oracle database server and the destination AlloyDB for PostgreSQL instance.
When you plan the network connectivity setup for your migration, it's important to carefully consider the infrastructure requirements, including what limitations your networking decisions might introduce to the end state of the migrated database instance. For example, if you want to use a private connection for the destination database connectivity, you need to create your destination Cloud SQL instance with private IP enabled. You can't later disable the private IP on your Cloud SQL instance.
There are multiple different methods you can use to establish the necessary network connections. Both source and destination connectivity can be established with the use of public or private IP addresses. You can combine any source and destination connectivity methods to best match your infrastructure requirements.
Example: public IP source connectivity and private IP destination connectivity
In this example, you have the following database instances:
- A self-hosted source Oracle database server with a public IP address.
- A AlloyDB for PostgreSQL destination instance with a private IP address enabled.
For the source database connectivity, you use the IP allowlist method to establish a connection over the public internet. You secure this connection with an SSL/TLS certificate.
For the destination database connectivity, you use Private Service Connect to establish a private connection over the Google Cloud network. This internal connection is automatically encrypted by Database Migration Service.
Example: private IP connectivity for source database hosted outside Google Cloud
In this example, you have the following components:
- An Oracle source instance hosted in another cloud and a VPN gateway
- A Cloud VPN instance in your Google Cloud VPC
- A AlloyDB for PostgreSQL destination instance with a public IP address enabled
For the source database connectivity, you use a private connectivity configuration to establish a VPC peering connection between Database Migration Service and the VPC where you have your Cloud VPN instance. You use Cloud VPN to create an IPsec tunnel between Google Cloud and the cloud network where you have the source Oracle database.
For the destination database connectivity, you use the public IP connectivity method to establish a connection over the public internet. Database Migration Service automatically secures this connection with SSL/TLS.
What's next
There are many different connectivity methods you can use. Each method can be further adjusted with proxy servers, ssh tunnels, and bastion VMs.
- Learn more about source database connectivity methods.
- Learn more about destination database connectivity methods.