In this blog post, we’re going to cover the high-level overview of OCI-Azure Interconnection and the steps which need to be followed for interconnection. In June 2019, Microsoft announced a cloud interoperability collaboration with Oracle that will enable its customers to migrate and run enterprise workloads across Microsoft Azure and Oracle Cloud. You can check this blog post for more information on it.
Oracle And Microsoft Interconnect Now Available In Canada
Microsoft and Oracle expanded the friendly direct network interconnect link between their respective cloud platforms in Canada.
The Canadian interconnect zone joins the initial locations announced in June: Oracle’s Ashburn, Virginia (North America) region and Microsoft Azure’s U.S. East and London (United Kingdom) locations.
OCI-Azure Interconnect High-Level Overview
- This interconnect is between the Microsoft Azure ExpressRoute and Oracle FastConnect
- ExpressRoute peering location is in proximity to or in the same peering location as the OCI FastConnect.
- It has the ability to connect your workloads between Azure and Oracle
- Access to Interconnectivity using a single sign-on feature
- This Interconnect provides low latency and high throughput cross-cloud connectivity
- Network Peering possible between Azure and OCI.
- Partition Multi-tier application to run DB on OCI and Application on Azure.
- Security List (OCI) and Network Security Groups (Azure) can control Network traffic.
How To Interconnect Between Microsoft Azure And Oracle FastConnect?
- To establish connectivity between Azure and OCI, you must have an active Azure subscription and an active OCI tenancy.
- Connectivity is only possible where an Azure ExpressRoute peering location is in proximity to or in the same peering location as the OCI FastConnect. See preview limitations.
- Your Azure subscription must be enabled for this preview capability.
The connection between Microsoft Azure and OCI is in the preview stage. Your Azure subscription must be enabled for this capability. You must enroll in the preview by completing this short survey form. You will receive an email back once your subscription has been enrolled.
Steps To Make A Connection:
- Create a Virtual Network in Microsoft Azure. Please choose the location of your Azure resources carefully as Interconnect is only available in a few regions.
- Also, make sure that the address space within the Azure and Oracle do not coincide.
- After that, create a Virtual Network Gateway. A Virtual Network Gateway serves two purposes: exchange IP routes between the networks and route network traffic.
- Now, set up a Virtual Machine in your Virtual Network to test the connectivity once the interconnect is successfully setup.
- Similarly, on the Oracle Cloud Infrastructure side (OCI), we need to create a Virtual Cloud Network with subnets and attach a dynamic routing gateway. Make sure that the region of your Oracle Cloud account is US East (Ashburn) as it is supported for Interconnection.
- Now create a new Virtual Cloud Network (VCN). A Virtual Cloud Network is a software-defined version of a network and allows you to create a virtualized data center in any oracle cloud infrastructure region.
- After we create a VCN, we will go to Internet Gateways and then Create a new Internet Gateway.
- Now we will go to Route Table and click on the Default one which is already there. We will add a new rule to this Default Route Table.
- After creating a new rule, go back to the VCN which you created and go to Subnets. We will add 3 new subnets here. The subnets are scoped within a particular virtual cloud network and can be available domain-specific or regional.
- Now that we have created basic Virtual Cloud Network components, let’s go ahead and create a Dynamic Routing Gateway (DRG). A DRG can be considered as a Virtual Router that allows private traffic connectivity between your Virtual Cloud Network and the networks outside of your VCN, which can be VCN in another region, a Virtual Network in another Cloud or On-Premise network.
- Now that the DRG is created, we will attach it to the VCN which we just now created.
- Now, we will create a Virtual Machine here in OCI VCN as well for testing.
- We will now create an ExpressRoute circuit on Azure. Provide a circuit name. After that select Oracle FastConnect from Provider. (If you are unable to find it, make sure that you have filled the survey form above in prerequisite and got a Mail from Microsoft saying that it is active for you). After that select the location as Washington DC.
- Note down the Service Key which is provided to you.
- After copying the Service Key, go back to the Oracle Cloud Account. Go to Menu > Networking > FastConnect. Select FastConnect. Now choose the option of Create FastConnect.
- Choose a private Virtual Circuit creation, provide details of your Dynamic Routing Gateway and add in the service key copied from Azure here.
- The next step is to create a link between the Azure Virtual Network and ExpressRoute circuit and configure security groups and routing for the Virtual Network.
- Now we will create and attach Network Security Groups(NSG) to Azure Virtual Network.
- Select Inbound Security Rules to change the flow and access of Incoming traffic. Click on Add and add the Rules as shown below. Add two rules, one for SSH connection into the Azure VM and another rule for connection between OCI VCN Subnet to Azure VNet Subnet.
- Now we will attach Route Table to Azure Virtual Network.
- Once the new route table is created, associate the routing table with the VNet Subnet hosting your Virtual Machine and add a route.
- Go back to the Route Table which you just made and add a new route.
- Now we have to configure OCI VCN Security Lists and Route Table.
- Add Ingress Rule with source CIDR of the Azure VNet Subnet. This opens up all protocols of traffic between the two virtual networks.
- Add Route Rules with Destination CIDR of Azure VNet and DRG as your target. This will add a route table entry for routing the traffic towards Azure VNet.
- Now, it is time to test our connection. Login to both the VMs (One from Microsoft Azure and one from Oracle). We have virtual machines in each virtual network. Lets ssh into them and test out connectivity by doing a basic PING test.
Register for the AZ-103 exam at Microsoft’s official website i.e., AZ-103 Microsoft Azure Administrator certification exam
Next Task For You
Begin your journey towards becoming a Microsoft [AZ-103] Certified Azure Administrator by joining our FREE Masterclass.
Join our FREE Telegram group and be the first to receive Microsoft Azure related news and updates.