This post covers Oracle Cloud Infrastructure (OCI) building blocks like Region, Availability Domain (AD), Tenancy, Compartment, Compute, Virtual Cloud Network (VCN), Identity & Access Management (IAM), and Storage (Block, Object, Shared, Archive)
Note: OCI is part of IaaS Service model (other 2 Cloud Service models are SaaS & PaaS), where OCI is re-branding of Bare Metal Cloud Service (BMCS).
Another offering in IaaS from Oracle is OCI-Classic (or OCI-C) and to find the difference between two and when to use what, Check my previous post OCI vs OCI-C here
If you are just starting out in Cloud then I highly recommend you to go through these first
- Cloud for Beginners (Facebook Live): SaaS | PaaS | IaaS and which one is right for DBAs
- 12 Point Checklist for DBA for Beginner to Expert Cloud DBA (Facebook Live)
- If you are confused to pick Amazon AWS or Oracle Cloud then check this
- To check tasks performed by DBAs in Cloud here
- To check tasks performed by Apps DBAs in Cloud here
- OCI has a Bare Metal offering or Virtual Machine, you can also bring your own hypervisor (BYOH) for Bare Metal
- OCI Compute comes in various shapes like Standard I/O, High I/O, Dense I/O, and GPU (for High-Performance HP & Machine Learning ML)
OCI Servers & Data is hosted in a region where region is a localized geographic area. As of Mar 2018, there are four regions for OCI i.e. London Heathrow, Frabkfurt, Ashburn, and Phoenix.
- You can have OCI resourecs (Compute, Network, Storage) in multiple Regions
- When you create Tenancy (Account in Cloud) a Home Region is selected and later you can add more Regions
Note: For full list of Oracle Cloud Regions including PaaS & IaaS check https://cloud.oracle.com/data-regions
Availability Domain (AD)
Availability Domain (AD) is one or more data centers located within a region. A region is composed of three availability domains. Services/Resources are either Region-Specific (like VCN) or Availability Domain Specific (like Compute),
Note: AD provide DR capability for any Service
Tenancy is an Oracle Cloud Account given to you when you register for Oracle Public Cloud (OCI).
Compartment is a logical container to organize OCI resources (like Compute, Storage, VCN etc)
- You can restrict access to Cloud Users based on Compartment so create DEV Compartment and servers, network in Dev Compartment only.
- Resource can span across multiple compartments
- In below diagram, there is one compartmet, in 1 Region (note: as of Mar18, there are 4 Regions), 2 Availability Domains, 1 VCN, 5 Subnets, 3 Computes for EBS, 1 Database Cloud Service, 2 Load Balancer as a Service (LBaaS) and 1 Internet Gateway (IGW)
- When a Tenancy is created a ROOT Compartnet is created in Home Region (Check Tenancy, Region & Home Region above)
- You can create additional Compartments, assign resoucres in Compartment and apply Access Policies (part of IAM Service below) to compartment to restrict who can do what on Resources in these compartments
- Compartments are global in scope meaning they can span across Regions
Instance | Compute (CPU & Memory)
An instance or Compute Instance in OCI can be Bare Metal (You can a Server with no Virtualization and you can bring your own Hypervisor or use as Bare Metal) or Virtual Machine (KVM based hypervisor running on Bare Metal)
- OCI compute comes in various shapes like Standard I/O, High I/O, Dense I/O and for Extreme Performance
Virtual Cloud Network (VCN)
A Virtual Cloud Network (VCN) is a virtual version of a traditional network including subnets,
route tables, and gateways.
- A cloud network resides within a single Region but can cross multiple Availability Domains (AD).
- There can be multiple VCN’s within Region or in different Regions.
- You can connect one VCN with another VCN (in same or different Region) using VCN Peering
Identity & Access Management (IAM) service lets you control who has access to what cloud resource using Groups/ Users/ Access Policy (More on IAM on its own dedicated post)
- A Resource is a Cloud represents a Service you can create like Compute Instance, VNC, Compartment, Storage etc
- A user in IAM Service represents Cloud User that can login to Cloud and manages Cloud Resources
- A group is a collection of Users and is used in Policy to control who can do want on a Resource
- A Policy is set of rules that control who can do what on a Cloud Resource
- IAM like Tenancy is Globally Scoped so spans across Regions and applicable to entire Account
- You can integrate IAM for OCI with Identity Cloud Service (IDCS) or Microsoft Active Directory Federation (ADFS)
Note: More on IDCS and ADFS Integration in future posts
On Cloud, you need a storage to store Data Persistently. Oracle Cloud Infrastructure (OCI) has Storage Services that offers few storage options.
Block storage operates at the raw storage device level and manages data as a set of numbered, fixed-size blocks using protocols such as iSCSI. Block Volumes are Scoped to Availability Domain (AD).
Object Storage Service
Object storage is independent of a server and ideal storage platform to store very large amounts of unstructured data. Object Storage is scoped to a Region in OCI.
File Storage Service
FSS is a managed file storage service that can be accessed concurrently by thousands of compute instances using the NFSv3 protocol and file system interface.
Provides SSDs storage available for Instance while running that delivers fast random I/O and high IOPS.
Note: This Overview of Oracle Cloud Infrastructure (OCI), Components & Terminology is from our “Oracle Cloud/IaaS 6 Weeks Step by Step Training Program” with 3 Years On-Job Support and Un-limited FREE Retakes (If you need to know more about this program then reach out to our team at email@example.com )
Did You Start Your Oracle Cloud Journey? NO!
So Your Next Taks is, Join FREE Webinar on Beginner to Oracle Certified Cloud (OCI) Architect: What, Why & How. Click on the image below to register for FREE.