Oracle Cloud Infrastructure(OCI) - Part2

-

In my earlier post (OCI -Part1), we have gone through OCI basic details, let's dive deep more into it. Before that, we need to understand the following concepts and terminology to help you get started with Oracle Cloud Infrastructure. 
Note: OCI is re-branding of Bare Metal Cloud Service (BMCS)

BARE METAL HOST

Oracle Cloud Infrastructure provides you control of the physical host (“bare metal”) machine. Bare metal compute instances run directly on bare metal servers without a hypervisor. When you provision a bare metal compute instance, you maintain sole control of the physical CPU, memory, and network interface card (NIC). You can configure and utilize the full capabilities of each physical machine as if it were hardware running in your own data center. You do not share the physical machine with any other tenants.


REGIONS AND AVAILABILITY DOMAINS

 Oracle Cloud Infrastructure is physically hosted in regions and availability domains. A region is a localized geographic area, and an availability domain is one or more data centers located within a region. 
A region is composed of one or more availability domains. Oracle Cloud Infrastructure resources are either region-specific, such as a virtual cloud network, or availability domain-specific, such as a compute instance.
Availability domains are isolated from each other, fault tolerant, and very unlikely to fail simultaneously or be impacted by the failure of another availability domain. When you configure your cloud services, use multiple availability domains to ensure high availability and to protect against resource failure. Be aware that some resources must be created within the same availability domain, such as an instance and the storage volume attached to it.

  • You can have OCI resources (Compute, Network, Storage) in multiple Regions
  • When you create Tenancy (Account in Cloud) a Home Region is selected and later you can add more Regions
Availability Domain (AD) is one or more data centers located within a region. A region is composed of three availability domains. Services/Resources  are either Region-Specific (like VCN) or Availability Domain Specific (like Compute)
Note: AD provide DR capability for any Service

CONSOLE

The simple and intuitive web-based user interface you can use to access and manage Oracle Cloud Infrastructure.


TENANCY

When you sign up for Oracle Cloud Infrastructure, Oracle creates a tenancy for your company, which is a secure and isolated partition within Oracle Cloud Infrastructure where you can create, organize, and administer your cloud resources.


COMPARTMENTS

Compartments allow you to organize and control access to your cloud resources. A compartment is a collection of related resources (such as instances, virtual cloud networks, block volumes) that can be accessed only by certain groups that have been given permission by an administrator. A compartment should be thought of as a logical group and not a physical container. 

When you begin working with resources in the Console, the compartment acts as a filter for what you are viewing.

When you sign up for Oracle Cloud Infrastructure, Oracle creates your tenancy, which is the root compartment that holds all your cloud resources. You then create additional compartments within the tenancy (root compartment) and corresponding policies to control access to the resources in each compartment. 

When you create a cloud resource such as an instance, block volume, or cloud network, you must specify to which compartment you want the resource to belong.
Ultimately, the goal is to ensure that each person has access to only the resources they need.




  • You can restrict access to Cloud Users based on Compartment so create DEV Compartment and servers, network in Dev Compartment only.
  • Resource can span across multiple compartments
  • In above diagram, there is one compartment, in 1 Region , 2 Availability Domains, 1 VCN, 5 Subnets, 3 Computes for EBS, 1 Database Cloud Service, 2 Load Balancer as a Service (LBaaS) and 1 Internet Gateway (IGW)
  • When a Tenancy is created a ROOT Compartment is created in Home Region 
  • You can create additional Compartments, assign resources in Compartment and apply Access Policies (part of IAM Service) to compartment to restrict who can do what on Resources in these compartments
  • Compartments are global in scope meaning they can span across Regions.

VIRTUAL CLOUD NETWORK (VCN)

A virtual cloud network is a virtual version of a traditional network—including subnets, route tables, and gateways—on which your instances run. A cloud network resides within a single region but can cross multiple availability domains. You can define subnets for a cloud network in different availability domains, but the subnet itself must belong to a single availability domain. 

You need to set up at least one cloud network before you can launch instances. You can configure the cloud network with an optional internet gateway to handle public traffic, and an optional IPSec VPN connection to securely extend your on-premises network.



  • A cloud network resides within a single Region but can cross multiple Availability Domains (AD).
  • There can be multiple VCN’s within Region or in different Regions.
  • You can connect one VCN with another VCN (in same or different Region) using VCN Peering




INSTANCE

An instance is a compute host running in the cloud. An Oracle Cloud Infrastructure compute instance allows you to utilize hosted physical hardware, as opposed to the traditional software-based virtual machines, ensuring a high level of security and performance.


An instance or Compute Instance in OCI can be Bare Metal (You can a Server with no Virtualization and you can bring your own Hypervisor or use as Bare Metal) or Virtual Machine (KVM based hypervisor running on Bare Metal)


IMAGE

The image is a template of a virtual hard drive that defines the operating system and other software for an instance, for example, Oracle Linux. When you launch an instance, you can define its characteristics by choosing its image. Oracle provides a set of images you can use. You can also save an image from an instance that you have already configured to use as a template to launch more instances with the same software and customizations.


SHAPE

In Compute, the shape specifies the number of CPUs and amount of memory allocated to the instance. Oracle Cloud Infrastructure offers shapes to fit various computing requirements. See the list of compute shapes.
In Load Balancing, the shape determines the load balancer's total pre-provisioned maximum capacity (bandwidth) for ingress plus egress traffic. Available shapes include 100 Mbps, 400 Mbps, and 8000 Mbps.


KEY PAIR

A key pair is an authentication mechanism used by Oracle Cloud Infrastructure. A key pair consists of a private key file and a public key file. You upload your public key to Oracle Cloud Infrastructure. You keep the private key securely on your computer. The private key is private to you, like a password.
Key pairs can be generated according to different specifications. Oracle Cloud Infrastructure uses two types of key pairs for specific purposes:
Instance SSH Key pair: This key pair is used to establish secure shell (SSH) connection to an instance. When you provision an instance, you provide the public key, which is saved to the instance's authorized key file. To log on to the instance, you provide your private key, which is verified with the public key.
API signing key pair: This key pair is in PEM format and is used to authenticate you when submitting API requests. Only users who will be accessing Oracle Cloud Infrastructure via the API need this key pair.
For details about the requirements for these key pairs, see Security Credentials.


BLOCK VOLUME

A block volume is a virtual disk that provides persistent block storage space for Oracle Cloud Infrastructure instances. Use a block volume just as you would a physical hard drive on your computer, for example, to store data and applications. You can detach a volume from one instance and attach it to another instance without loss of data.


OBJECT STORAGE

Object Storage is a storage architecture that allow you to store and manage data as objects. Data files can be of any type and up to 50 GB in size. Once you upload data to Object Storage it can be accessed from anywhere. Use Object Storage when you want to store a very large amount of data that does not change very frequently. Some typical use cases for Object Storage include data backup, file sharing, and storing unstructured data like logs and sensor-generated data.


Below picture depicts more about the storage in OCI.

BUCKET

A bucket is a logical container used by Object Storage for storing your data and files. A bucket can contain an unlimited number of objects.


ORACLE CLOUD IDENTIFIER (OCID)

Every Oracle Cloud Infrastructure resource has an Oracle-assigned unique ID called an Oracle Cloud Identifier (OCID). This ID is included as part of the resource's information in both the Console and API.

Comments

Post a Comment

Popular posts from this blog

Script to display the SQL text for a specific SQL_ID

-
--> Purpose:    Script to display the SQL text  for a specific SQL_ID. -->             It returns the SQL_TEXT. --> Parameters: sql_id --> To Run:     @sqltext.sql sql_id --> Example:    @sqltext.sql 27b3qfm5x89xn --> --> Copyright 2020@The Ultimate SQL Tuning Formula set echo off set define '&' set verify off define _sql_id=&1 set verify off set feedback off set linesize 200 set heading on set termout on col sqltext format a100 word_wrapped select  sql_text as sqltext from gv$sqltext where sql_id = '&_sql_id' order by piece; **************************************************************************************** --> Purpose:    Script to display the SQL text  for a specific SQL_ID. -->             It returns the SQL_TEXT. --> Caution:  ...
Read more

How to Change Your EnterpriseOne Environment Color

-
Image
Sometimes users start working and then forget which EnterpriseOne environment they are logged into. Can you tell which environment you are logged into? Luckily, there is a new UDC that allows you to change your EnterpriseOne environment color. You can now set up environments to be color-coded for when you need a clear visual distinction as to which environment you are logged into. This enables you to quickly identify the non-production environments by color. The new UDC is 98/CO and is available in EnterpriseOne Tools Release 9.2.4 with Applications Release 9.1 and 9.2. The image below shows the default EnterpriseOne environment color. However, you can easily change the color to reflect different environments. For example, DV could be red, PY could be green, and PD could be yellow, as shown below. To do so, just add a new row in the User Defined Codes section, enter the EnterpriseOne environment name and the HEX value of the color you want the environment to be, and ...
Read more