Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

OCI > Getting Started with Oracle Cloud Infrastructure > Flashcards

Getting Started with Oracle Cloud Infrastructure Flashcards

1
Q

Oracle Cloud is classified into two main categories

A
  • Oracle Cloud Infrastructure (OCI)
  • Oracle Cloud Applications
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Oracle Cloud Infrastructure (OCI)

A
  • Infrastructure and platform services that are designed to run any type of application.
  • It could be a modern cloud-native application or service or any other mission-critical workloads.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Core services of OCI

A
  • Compute
  • storage
  • networking
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Oracle Cloud applications

A

SaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Three main constructs of this physical architecture of OCI

A
  • Regions
  • Availability domains (ADs)
  • Fault domains (FDs)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Region

A
  • Region represents a localized geographic area that is comprised of one or more availability domains
  • These availability domains are connected to each other by a low latency, high bandwidth network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Availability Domain

A
  • Data Center
  • Isolated from each other, fault tolerant, unlikely to fail simultaneously.
  • Physical infrastructure not share
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Fault Domain

A
  • fault domain, which is a grouping of hardware and infrastructure within each availability domain.
  • The key purpose of using separate fault domains is to protect against any unexpected hardware failure or even against planned outages that can occasionally occur during compute hardware maintenance.
  • Each availability domain contains three fault domains that provide for anti-affinity, which means it allows you to distribute resources instead of running on the same physical hardware.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Some of the criteria for choosing a particular region.

A
  • First of all, you would likely choose a region that is closest to the majority of users for reasons such as lower latency and highest performance.
  • The second criteria might involve regulatory compliance for storing your enterprise data. There are several countries that have very strict data residency requirements. So, of course, you’d select a region located in that country if that was the case.
  • And the third criteria is OCI service availability. Since some services are not offered everywhere– for example, there are new cloud Services made available based on regional demand or regulatory compliance concerns and resource availability.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

OCI Compute Service

A

OCI Compute allows you to create and manage compute resources, which are also known as compute instances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are compute instances?

A

Servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Three types of compute instances

A
  • Virtual machine (VM) is a logical server that runs on top of a physical bare metal server
  • Bare Metal Machine is a dedicated physical server for the highest performance.
  • Dedicated VM host, allowing you to run your VMs on a dedicated server as opposed to them running on a shared physical server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Compute Shape

A
  • Template that determines the number of CPUs, the amount of memory, and all other computing resources that are allocated to the instance.
  • Currently, OCI allows to choose either AMD, Intel, or Arm-based processor.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Two types of shapes.

A
  • Fixed shapes are a specific number of CPUS in memory and cannot be customized. And this applies to all bare metal physical instances, of course, there are fixed size, but VMs can also select a fixed shape as well.
  • Flexible shapes, on the other hand, allow you to customize the number of CPUs and the amount of memory you need, but, of course, this is only an option for virtual machines.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Vertical scaling

A
  • Allows you the ability to scale up or scale down. This simply means that you can change the shape or size of the VM to something smaller or something larger.
  • Just be aware that there will be a brief downtime for your virtual machine since it will have to be stopped for resizing it. Then it can be restarted with the new number of CPUs and memory size.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Horizontal scaling or Autoscaling

A
  • Automatically add more compute instances of the same shape
  • This can be achieved in one of two ways.
    • The first is metric-based autoscaling. Here you choose a performance metric to be monitored along with setting a threshold for that metric. And then when the threshold is met, it triggers an autoscaling event to increase or decrease the number of VMs.
    • The second option is scheduled-based autoscaling. Here you define specific times of the day or perhaps certain days of the week to automatically increase or decrease the number of compute instances.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Three main types of storage services

A
  • Block volumes
  • File storage
  • Object storage
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Block Volume

A
  • Through the Block Volume service, you can create a virtual logical disk that you can attach to the VM. So like a hard drive, it is only used by that compute instance.
  • Here the data in each volume is stored as blocks.
  • The block volume disk that you attach to your virtual machine compute instance is always persistent, which means that even after deleting that compute instance, you can still keep that volume disk intact and use it later for another VM.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

First, block volumes. Anytime you have a computer, you usually use a hard drive for storage because you need to store your operating system image and any other data that you need to persist. But for your provisioned OCI Compute virtual machines, there is no hard drive. Instead, through the Block Volume service, you can create a virtual logical disk that you can attach to the VM. So like a hard drive, it is only used by that compute instance.

A

So let’s briefly revisit the Block Volume service. Here the data in each volume is stored as blocks. That’s where we get the name. Now we won’t go any deeper into this training course to describe what a block is. But for now, just consider it as a method of storing the data.

The block volume disk that you attach to your virtual machine compute instance is always persistent, which means that even after deleting that compute instance, you can still keep that volume disk intact and use it later for another VM.

So then the Block Volume service allows you to create the disk and then attach it to a virtual machine whenever you need. In the same way you can detach the disk from the VM, then delete the volume, or instead of deleting the volume disk you can choose to keep the data even after deleting the virtual machine instance. Later on, when you create another VM instance, you could simply attach that disk with all the data to that new virtual machine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

File storage service

A
  • This is another type of virtual storage, but this can be accessed from one or more virtual machines or any other OCI Compute instance type, such as bare metal machines. Think about file storage like a network drive that you can map to your computer, but this same drive could also be mapped by other users. So it allows for file sharing.
  • As we saw earlier, file storage is usually used as a shared storage for multiple compute instances.
  • It’s ideal for applications that are running on containers or big data and analytics workloads. In contrast to block volumes where data is stored as blocks, in file storage, the data is managed as files. And there are several advanced capabilities that you can leverage when using the file storage service that makes it ideal for running microservices-based applications.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The second one is the file storage service. This is another type of virtual storage, but this can be accessed from one or more virtual machines or any other OCI Compute instance type, such as bare metal machines. Think about file storage like a network drive that you can map to your computer, but this same drive could also be mapped by other users. So it allows for file sharing.

A

As we saw earlier, file storage is usually used as a shared storage for multiple compute instances. It’s ideal for applications that are running on containers or big data and analytics workloads. In contrast to block volumes where data is stored as blocks, in file storage, the data is managed as files. And there are several advanced capabilities that you can leverage when using the file storage service that makes it ideal for running microservices-based applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Object Storage

A
  • which can be accessed from anywhere to include a remote internet client like a web browser.
  • Another difference is that files are stored as objects, which can be anything to include images, videos, or any other type of file, typically used to support web and mobile-based applications.
  • the object storage service provides internet-scale, high-performance storage, which is reliable, and it provides more cost-efficient data durability options.
  • Object storage is most often used for storing unstructured data, such as image files or videos or log files.
  • as in its name the data is managed as objects where these objects are stored in a construct called buckets.
  • A bucket can be considered similar to a folder that’s used to contain these objects, and it provides several advanced capabilities which makes this a reliable and durable storage platform.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

The third type is object storage, which can be accessed from anywhere to include a remote internet client like a web browser. Another difference is that files are stored as objects, which can be anything to include images, videos, or any other type of file, typically used to support web and mobile-based applications.

A

Finally, the object storage service provides internet-scale, high-performance storage, which is reliable, and it provides more cost-efficient data durability options. Object storage is most often used for storing unstructured data, such as image files or videos or log files. And as in its name the data is managed as objects where these objects are stored in a construct called buckets. A bucket can be considered similar to a folder that’s used to contain these objects, and it provides several advanced capabilities which makes this a reliable and durable storage platform.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

The core resource you can provision for network computing is aptly called a Virtual Cloud Network, or VCN for short.

A
  • you can configure constructs, such as public subnets and private subnets. Think of these as a subdivision of the larger network, sometimes referred to as a subnetwork.
    • hosting web app instance in public subnet so customers able to connect to this web app through the internet.
    • hosting database instance in private subnets so it is not reachable from the internet.
    • But at the same time, the web server and the database instances should be able to communicate with each other.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

you can configure constructs, such as public subnets and private subnets. Think of these as a subdivision of the larger network, sometimes referred to as a subnetwork.

Overall, the VCN itself is defined as a virtual private network that you can set up for secure communications between resources. It is a regional service, which means a VCN resides in a single OCI region. Fortunately, you can use a VCN across multiple availability domains that belong to that OCI region.

This service is designed as highly available, and it is massively scalable. Most importantly, this is a highly secure network since it is designed to be private as its default. Essentially, no one can use or access it unless you explicitly define that specific allow rule.

A
26
Q

Overall, the VCN itself is defined as a virtual private network that you can set up for secure communications between resources. It is a regional service, which means a VCN resides in a single OCI region. Fortunately, you can use a VCN across multiple availability domains that belong to that OCI region.

This service is designed as highly available, and it is massively scalable. Most importantly, this is a highly secure network since it is designed to be private as its default. Essentially, no one can use or access it unless you explicitly define that specific allow rule.

A
  • Overall, the VCN itself is defined as a virtual private network that you can set up for secure communications between resources.
  • It is a regional service, which means a VCN resides in a single OCI region.
  • Fortunately, you can use a VCN across multiple availability domains that belong to that OCI region.
  • This service is designed as highly available,
  • and it is massively scalable.
  • Most importantly, this is a highly secure network since it is designed to be private as its default.
  • Essentially, no one can use or access it unless you explicitly define that specific allow rule.
27
Q

The communication to and from the VCN is facilitated through different gateways depending on the use case.

And a gateway is simply a device that decides where to route the traffic, depending on various factors, such as the protocol, the IP address, and the final destination. Let’s look briefly at the three most commonly used gateways that can be attached to a VCN.

A
28
Q

Gateway

A
  • The communication to and from the VCN is facilitated through different gateways depending on the use case.
  • A gateway is simply a device that decides where to route the traffic, depending on various factors, such as the
    • protocol,
    • the IP address,
    • and the final destination.
29
Q

Three most commonly used gateways that can be attached to a VCN.

A
  1. Internet Gateway is a virtual router that provides internet connectivity for resources inside your VCN as long as they’re assigned to a public subnet. For example, our web server instance
    • can communicate with other external services on the internet
    • or external internet clients can access the web application through this gateway.
  2. Network Address Translation Gateway (NAT gateway) is another type of virtual router that’s often used by instances running in private subnets. It provides for
    • connections only to the internet.
    • That means it will not receive any inbound connections initiated from external internet clients.
    • You often use the NAT Gateway for use cases, such as the need to install updates or patches on your compute instances.
  3. Service Gateway allows resources in your VCN, either in a public or private subnet to securely access various other Oracle Cloud Services, such as object storage as shown here through an internal network, and thus bypassing the internet altogether.
30
Q

dynamic routing gateway to the VCN. However, you’ll need another OCI service in addition to the dynamic routing gateway in order to achieve this connectivity to a private on-premises network. Now one option is site-to-site VPN, which provides a private and secure communications tunnel as an analogy– think about those occasions where you need to access your corporate office network from your home network. You first connect to the corporate VPN, and then you would be able to access internal corporate websites. Well, OCI site-to-site VPN is a similar VPN service.

The second option is called FastConnect, which is another way of creating a dedicated private connection between your on-premises data center and OCI, and this provides higher bandwidth options and a more reliable and consistent network experience as compared to internet-based VPN connection.

A

Need to add a dynamic routing gateway to the VCN for connectivity between resources in your VCN and your on-premises data center.

Need addition OCI service to achieve this:
1. site-to-site VPN, which provides a private and secure communications tunnel as an analogy– think about those occasions where you need to access your corporate office network from your home network. You first connect to the corporate VPN, and then you would be able to access internal corporate websites. Well, OCI site-to-site VPN is a similar VPN service.
2. FastConnect, which is another way of creating a dedicated private connection between your on-premises data center and OCI, and this provides higher bandwidth options and a more reliable and consistent network experience as compared to internet-based VPN connection.

31
Q

Shared Security Model, which simply means that the overall security of your resources in OCI is a shared responsibility between you as the customer and Oracle.

Shared Security Model
Security of customer resources in OCI is a shared responsibility between customer and Oracle:

A

Oracle now maintains responsibility for managing the security of the underlying cloud infrastructure, such as the data center facilities, the hardware for the physical network, storage, and servers that run the virtualization software.

customer is still responsible for securing workloads and the application stack along with securely configuring cloud resources, such as compute, storage, network, and databases.

OCI provides many security services that you can easily leverage to protect your cloud applications and resources.

Oracle Manages
1. Physical Data Center
2. Physical Network
3. Physical Hosts
4. Virtualization

Customer Manage
1. Operating System
2. Network Controls
3. Applications
4. Accounts and Identities
5. Devices
6. Data

32
Q

OCI provides many security services that you can easily leverage to protect your cloud applications and resources.

A

Starting with the infrastructure protection layer, there are services, such as the web application firewall for securing any internet-facing application server, which will filter malicious inbound web traffic. Also, you can configure security lists or network security groups which essentially function as virtual firewalls in your VCN.

Additionally, the network firewall service is a cloud native firewall that can control all types of traffic into your applications. The second layer of security services involves identity and access Management. By default, access to all cloud resources is completely restricted. No one can access them. But you can explicitly grant access to one or more resources using IAM policies. You can create user accounts and groups and set policies to allow them the most restrictive access to just the specific cloud resources they need.

Multifactor authentication provides an additional level of security where a user would need to log in using their password, then also provide an additional passcode that is dynamically generated by an authentication app. The next layer of protection involves operating systems and workloads. For example, the Bastion service provides a secure way to access target resources in private networks. OS management services allow you to manage and monitor updates and patches for operating system environments.

Data protection is another critical layer for security. Vault key and secrets management services are used to centrally manage and maintain control of encryption keys used to protect enterprise data as well as secret credentials that are used to securely access resources. Data Safe provides a complete and integrated set of features for protecting sensitive and regulated data in Oracle Cloud databases.

And, finally, there are security services that can be leveraged for detection and remediation. For example, Cloud Guard is a cloud data service that helps customers to maintain a strong security posture in Oracle Cloud. And the Vulnerability Scanning service can be used to routinely check hosts and container images for potential security vulnerabilities.

33
Q

1. Infrastructure Protection
* DDos Protection
* Web Application Firewall - Filter malicious web traffic
* Security Lists/NSG - Virtual firewalls
* Network Firewall - contrals traffic into application

2. Identity and Access Management
* IAM - Manage user access and policies
* MFA - Manage multi-factor authentication
* Federation - Single sign-on to identity providers
* Audit - Record API calls automatically

3. OS and Workload Protection
* Shield Instances - Secure Boot, Measured Boot, TPM
* Dedicated Host - Workload isolation
* Bastion - provides a secure way to access target resources in private networks.
* OS Management - OS patch and package management

4. Data Protection
* Vault Key Management - Encryption for data at rest and in transit
* Vault Secrets Management - Centralized key storage & management
* Data Safe - Rotate, manage, and retrieve secrets
* Certificates - Discover, classify, and protect data

5. Detection and Remediation
* Cloud Guard - Security posture management
* Security Zones - Secure Enclave
* Security Advisor - Security Advisor
* Vulnerability Scanning - Vulnerability & exposure scanning

A

1. Infrastructure Protection
* DDos Protection
* Network security controls
* Virtual firewalls
* Filter malicious web traffic

2. Identity and Access Management
* Manage user access and policies
* Manage multi-factor authentication
* Single sign-on to identity providers
* Record API calls automatically

3. OS and Workload Protection
* Secure Boot, Measured Boot, TPM
* Workload isolation
* Managed Bastion
* OS patch and package management

4. Data Protection
* Encryption for data at rest and in transit
* Centralized key storage & management
* Rotate, manage, and retrieve secrets
* Discover, classify, and protect data

5. Detection and Remediation
* Security posture management
* Secure Enclave
* Security Advisor
* Vulnerability & exposure scanning

34
Q

Security Services

  1. Infrastructure Protection
  2. Identity and Access Management
  3. OS and Workload Protection
  4. Data Protection
  5. Detection and Remediation
A

1. Infrastructure Protection
* DDos Protection
* Web Application Firewall - Filter malicious web traffic
* Security Lists/NSG - Virtual firewalls
* Network Firewall - contrals traffic into application

2. Identity and Access Management
* IAM - Manage user access and policies
* MFA - Manage multi-factor authentication
* Federation - Single sign-on to identity providers
* Audit - Record API calls automatically

3. OS and Workload Protection
* Shield Instances - Secure Boot, Measured Boot, TPM
* Dedicated Host - Workload isolation
* Bastion - provides a secure way to access target resources in private networks.
* OS Management - OS patch and package management

4. Data Protection
* Vault Key Management - Encryption for data at rest and in transit
* Vault Secrets Management - Centralized key storage & management
* Data Safe - Rotate, manage, and retrieve secrets
* Certificates - Discover, classify, and protect data

5. Detection and Remediation
* Cloud Guard - Security posture management
* Security Zones - Secure Enclave
* Security Advisor - Security Advisor
* Vulnerability Scanning - Vulnerability & exposure scanning

35
Q

Oracle offers a range of database services in Oracle Cloud. In general, we can break them down by where the system is residing, whether it’s Oracle public cloud or is it the customer data center. And who is managing the infrastructure and the database?

Base Database Service

A
  • Base Database Service
    • Oracle Database Standard
    • Oracle Database Enterprise
  • Exadata Database Service
    • Exadata Databse Service on Dedicated Infrastructure
    • Exadata Databse Service on Cloud@Customer
  • Autonomous Database
    • Autonomous Database on Shared & Dedicated Exadata Infrastructure
    • Autonomous Database on Exadata Cloud@Customer
36
Q

Exadata Platform

A
37
Q

Autonomous Database can be deploy in Shared or Dedicated Exadata Infrastructure

A
  • Shared Exadata Infrastructure
    • Provision and manage only the Autonomous DB
    • Oracle handles Exadata infrastructure deployment and management
  • Dedicated Exadata Infrastructure
    • Exclusive use of the Exadata hardware
38
Q

Autonomous Database workload type

A
  • Autonomous Transaction Processing
  • Autonomous Data Warehouse
  • JSON and APEX (supported only on shared infrastructure)
39
Q

Base Database Service

A

Build on
Standard Compute
Storage Options
Offers
Oracle Database Standard
Oracle Database Enterprise
Use case
Small Processing and Storage

So the first offering that we have is the Base Database Service. It is built on standard compute and storage options, and it offers both Oracle Database Standard and Enterprise Edition. So what’s the use case? It’s typically for workloads with smaller processing and storage requirements.

40
Q

Exadata Databse Service on Dedicated Infrastructure

Exadata Databse Service on Cloud@Customer

A

Then we have Exadata Database Service on dedicated infrastructure in the public cloud and Exadata Cloud@Customer. They are both built on the Exadata platform and, as a result, offer the highest performance scale and availability. Now Exadata Cloud@Customer offers the same cloud economics and cloud automation as Exadata Database Services on dedicated infrastructure in Oracle public cloud. But it’s deployed in customer data centers.

41
Q

Autonomous Database on Shared & Dedicated Exadata Infrastructure

Autonomous Database on Exadata Cloud@Customer

A

Then we have the Autonomous Database, which is fully autonomous and managed by Oracle and is available both in Oracle public cloud on OCI and in the customer’s data center on Exadata Cloud@Customer. Now when you create an Autonomous Database, you can deploy it to one of two kinds of Exadata infrastructure, shared and dedicated. And we’ll talk about that in a minute.

42
Q

Autonomous Database
Deployment options:
* Shared - Provision and manage only the Autonomous DB, Oracle handles Exadata infrastructure deployment and management

  • Dedicated - Exclusive use of the Exadata hardware

Fully managed database with two workload types:
* Autonomous Transaction Processing
* Autonomous Data Warehouse

what are the advantages of an Autonomous Database?
* Back up
* Patching
* Upgrading
* Tuning

A

Now when you create an Autonomous Database, you can deploy it to one of two kinds of Exadata infrastructure, shared and dedicated. And we’ll talk about that in a minute.

And then there are different workload types– Autonomous Transaction Processing, which is built for transactional workloads, and Autonomous Data Warehouse that is built for decision support and data warehouse workloads.

Now let’s also talk about the deployment options. The first one is dedicated, where you have exclusive use of the Exadata hardware. And then we have shared where you can provision and manage only the Autonomous Database, while Oracle is going to handle Exadata infrastructure deployment and management. Please note that we also have two more workload types, which is JSON and APEX, which are supported only on shared infrastructure.

So what are the advantages of an Autonomous Database? Well, Autonomous databases automatically backup your database for you. It also provides automated patching, upgrades, and tuning, including performing all routine database maintenance tasks while the system is running. And all this without any human intervention.

43
Q

What are the advantages of an Autonomous Database?

A

Autonomous databases automatically :

  • Back up
  • Patching
  • Upgrading
  • Tuning
44
Q
A

MySQL HeatWave. It’s a fully managed database service that enables customers to run OLTP, OLAP, and machine learning workloads directly from their MySQL database. It’s powered by the integrated HeatWave in-memory query accelerator, and it’s the only Cloud native database service that combines transactions, analytics, and machine learning services into MySQL database and, in turn, delivering real-time secure analytics without the complexity latency and cost of ETL duplication. And it also accelerates MySQL queries by 400 times.

45
Q

MySQL Database Service with HeatWave

A

Easily run high performance analytics against your MySQL Database, no ETL required

Single MySQL database for OLTP & analytics applications

Extreme performance: 400x faster than MySQL, scales to thousands of cores

46
Q

Developer Services

Now within the Navigation menu on the OCI Console, you will find a tab titled Developer Services.

A
  1. Containers & Artifacts
    • Containers & Artifacts
    • Kubernetes Clusters (OKE)
    • Container Instances
    • Container Registry
    • Artifact Registry
    • Service Mesh
  2. Functions
    • Functions
    • Applications
  3. API Management
    • API Management
    • Gateways
    • APIs
  4. DevOps
    • DevOps
    • Overview
    • Projects
  5. Resource Manager
    • Resource Manager
    • Overview
    • Stacks
    • Jobs
    • Private templates
    • Configuration Source Providers
    • Private Endpoints
  6. Developer Resources
    • Developer Resources
    • SDK
    • CLI
    • PowerShell
    • Terraform
    • Ansible
    • Docs

First, we have Containers and Artifacts. So these are basically used for managing containerized applications. They are associated resources and they are deployments. Functions hosts applications while abstracting from the actual servers.

OCI also provides a comprehensive set of services to manage the lifecycle of APIs. Then we have the OCI DevOps service, which is a complete continuous integration and continuous delivery platform for developers to simplify and automate their software development lifecycle.

And then we have the Resource Manager that lets you deploy infrastructure as code with managed Terraform. And finally, the Developer Resources, which are tools for writing applications that leverage OCI directly.

47
Q

The building block of Cloud Native Application

The term Cloud Native refers to an application that was designed to reside in the Cloud from the very start. Let’s talk about the building blocks of Cloud Native applications.

A
  1. Containers
    • Software Packages
  2. Microservices
  3. Declarative Application Programming Interfaces (APIs)
    • Desired State System
  4. Immutable Infrastructure
    • Managing Services
    • Software Deployments
  5. Service Meshes

The first is Containers. So Containers are software packages which ideally perform well-defined task. Then, we have Microservices. Think of it like an approach to software development, where software is composed of independent services that communicate over well-defined APIs.

Then, we have Declarative Application Programming Interfaces, which is also known as APIs. A Declarative API is basically a desired state system. You provide a certain state you want the system to create and you don’t care about all the steps that is needed to achieve that state.

Then, we have a concept of Immutable Infrastructure. This is an approach to managing services and software deployments on IT resources, wherein components are replaced rather than changed. So whenever any change occurs, the application or service is effectively redeployed.

Lastly, we have Service Mesh. It’s basically a way to control how different parts of an application share data with one another. So these features that we discussed enable loosely coupled systems that are resilient and manageable.

48
Q

OCI Observability and Management, focusing on the three foundational services– monitoring, logging, and events.

A
49
Q

Monitoring

A

To better understand these services, let’s look at an example that involves the active monitoring of compute instance virtual machines. So let’s imagine that these three VMs are running one or more applications. And these servers would, of course, be consuming compute resources such as CPUs and memory. This resource utilization data is referred to as metrics.

Next, we define some conditions, such as aggregating this data or measuring the latest CPU utilization for each VM. We can then create an alarm. And in this case, we define the criteria for the alarm to be triggered if the CPU utilization goes above 80% on any of these compute VMs.

Finally, in this scenario, we configure a notification that sends an email to someone on the operations team when this condition occurs. This is a simple example workflow that illustrates the importance of monitoring.

50
Q

Observability Pillars

A
  1. Metrics
    • Resource Utilization
    • CPU/Memory
    • Storage Usage
  2. Logs
    • VM
    • Networking
    • Application
  3. Traces
  4. Events

Observability, by definition, is the ability to understand the internal state of a system by performing a deeper analysis of the collected data. Well, what sort of data can be collected? Essentially, there are four conceptual observability pillars of data. The first one is metrics. As we saw in our example, metrics is simply raw data about some system or component, such as resource utilization, CPU use, or memory consumption. Or it could be data about the amount of storage that has been used.

The second pillar includes logs. These are usually created automatically and are used continuously by any system, such as a virtual machine or a network or even an application. It can be anything. These logs typically provide a timestamp and detailed information as to what is happening at that moment in time. For example, if an application is trying to connect to another application, this will be captured in the log.

The third one is traces. These are similar to logs, except they are not scoped to a single system or application. Instead, traces provide data about how separate components are operating and performing with one another. For example, if a user tries to connect to an application running in a VM, trace information would have details about the connection, such as how they connected and from which device the connection was made.

The last one is events. Events are similar to both metrics and logs in that they produce data associated with a specific resource but indicate what specific action has occurred. For example, when a new compute VM is created, a VM Create Event is produced with all of the associated metadata about that event. Other examples include deleting a VM, creating or deleting an object storage bucket, or adding a dynamic routing gateway to a VCN.

So then, there are several observability and management services that use these data pillars that can be used to analyze deeper as to what is really happening in the entire environment. The monitoring, logging, and event services are essentially the foundation of the Observability and Management platform. But OCI also provides other more advanced services. These include Logging Analytics, Application Performance Monitoring, Database Management Services, and Operations Insights.

51
Q

Oracle Cloud Infrastructure
Observability and Management Services

A
  1. Monitoring
    • Actively and Passively monitor cloud resources
    • Uses Metrics and Alarms
    • Single Pane of glass view with Dashboards
  2. Logging
    • Centralized and secure log management
    • Built on open standards
    • Types of logs - Service, Custom, Audit
    • Service Connectors to transfer log data
  3. Event Services
    • Enable you to automate based on state changes of resources
    • Uses Rules and Actions
  4. Logging Analytics
  5. Application Performance Monitoring
  6. Database Management
  7. Operations Insights
52
Q

Welcome back. In this lesson, we’ll talk about OCI Observability and Management, focusing on the three foundational services– monitoring, logging, and events. Let’s get started.

To better understand these services, let’s look at an example that involves the active monitoring of compute instance virtual machines. So let’s imagine that these three VMs are running one or more applications. And these servers would, of course, be consuming compute resources such as CPUs and memory. This resource utilization data is referred to as metrics.

Next, we define some conditions, such as aggregating this data or measuring the latest CPU utilization for each VM. We can then create an alarm. And in this case, we define the criteria for the alarm to be triggered if the CPU utilization goes above 80% on any of these compute VMs.

Finally, in this scenario, we configure a notification that sends an email to someone on the operations team when this condition occurs. This is a simple example workflow that illustrates the importance of monitoring.

Observability, by definition, is the ability to understand the internal state of a system by performing a deeper analysis of the collected data. Well, what sort of data can be collected? Essentially, there are four conceptual observability pillars of data. The first one is metrics. As we saw in our example, metrics is simply raw data about some system or component, such as resource utilization, CPU use, or memory consumption. Or it could be data about the amount of storage that has been used.

The second pillar includes logs. These are usually created automatically and are used continuously by any system, such as a virtual machine or a network or even an application. It can be anything. These logs typically provide a timestamp and detailed information as to what is happening at that moment in time. For example, if an application is trying to connect to another application, this will be captured in the log.

The third one is traces. These are similar to logs, except they are not scoped to a single system or application. Instead, traces provide data about how separate components are operating and performing with one another. For example, if a user tries to connect to an application running in a VM, trace information would have details about the connection, such as how they connected and from which device the connection was made.

The last one is events. Events are similar to both metrics and logs in that they produce data associated with a specific resource but indicate what specific action has occurred. For example, when a new compute VM is created, a VM Create Event is produced with all of the associated metadata about that event. Other examples include deleting a VM, creating or deleting an object storage bucket, or adding a dynamic routing gateway to a VCN.

So then, there are several observability and management services that use these data pillars that can be used to analyze deeper as to what is really happening in the entire environment. The monitoring, logging, and event services are essentially the foundation of the Observability and Management platform. But OCI also provides other more advanced services. These include Logging Analytics, Application Performance Monitoring, Database Management Services, and Operations Insights.

Let’s take a quick peek into those three foundational services. The OCI Monitoring service enables you to both actively and passively monitor cloud resources. Active monitoring involves the collection of raw metrics about a resource. And then you can create alarms to trigger a notification, for example, if something is reported as a failure.

Passive monitoring involves the creation of dashboards to collect and display those metrics that provide a graphical view of the collected data. Next, the OCI Logging service gives you a centralized location to collect the logs from any resource service or application that is in your OCI environment. Since this is built on open standards, it makes it easier to quickly search for any issues.

There are three types of logs that can be configured, the service and audit logs that are associated with your OCI services and resources, as well as custom logs that could be created for applications or other deployed components. Logging also has a feature called Service Connector which can be configured to automatically move log data into another service. For example, you may wish to take periodic backups of a particular log and persist it into an object storage bucket.

The event service enables you to take actions associated with any particular event involving OCI resources. It allows you to define rules and corresponding actions based on the event type. For example, let’s say that whenever someone creates a new compute VM, you wish to capture that event to automate the sending of an email to the corresponding team. Or you could define an action that automatically makes a backup of that VM configuration.

And that wraps up a very high-level overview of OCI Observability and Management where we looked at the three foundational services– monitoring, logging and events. Thanks for watching.

A
53
Q

Multicloud

A

Hello, and welcome. In this lesson, we will discuss multicloud. With a multicloud approach, you are not restricted to just a single cloud provider. So let’s get started.

Let’s look at some of the data points. A survey was commissioned by HashiCorp and conducted by Forrester Consulting. And key insights revealed that 90% of the organizations feel multicloud approach is helping them achieve their business goals.

The 2022 State of the Cloud Report also indicates that 89% of organizations reported taking a multicloud approach. What does it mean? It means they utilized multiple cloud services from two or more providers. And one of the reasons behind these numbers is the fact that organizations want to avoid overreliance on a single cloud provider.

Since 2019, Oracle has partnered with Microsoft to provide low latency, private connectivity between Oracle Cloud and Microsoft Azure. So you can use the best of services from both these providers and continue to leverage any existing investments in Oracle and Microsoft technologies.

So as you can see here, there are 12 Oracle Interconnect for Microsoft Azure locations around the world. There is private connectivity, which results in less than 2-millisecond latency for traffic between OCI and Microsoft Azure. And pricing is based solely on port capabilities for FastConnect and ExpressRoute. And the best part is there are no charges for inbound or outbound bandwidth that is consumed.

One of the use cases of Oracle Interconnect for Azure is you can have the Autonomous Databases running on OCI. And these can connect to Azure Analytics tools and AI workloads.

So over to Oracle Database Service for Azure, which is also known as ODSA. ODSA is an Oracle-managed service that enables customers to easily provision access and operate enterprise-grade Oracle data services in OCI with a familiar Azure-like experience. With ODSA, Azure teams can treat databases running on OCI just like an Azure resource.

In just a few clicks, users can connect their Azure subscriptions to their OCI tenancy. And the best part is the service automatically configures everything that is required to link the two cloud environments. As you can see in this architecture, ODSA also sends metrics, logs, and events for the OCI databases you create to Azure tooling for unified telemetry and monitoring in Azure environments.

So ODSA builds a private tunnel between Azure and OCI tenants using the interconnect, which results in less than 2-millisecond latency. And ODSA is offered at no additional cost. So there are no charges for the interconnect ports or data ingress or egress over the interconnect. But remember, you will be billed for consumption of Oracle database services, such as Autonomous Database.

To summarize, ODSA uses a service-based approach and is an alternative to manually creating complex crosscloud deployments using the interconnect. To wrap up, the cloud has been buzzing with new innovations in recent years. And rather than using one platform and missing out on the benefits the others can bring, it’s possible to combine the best of both the worlds and go multicloud. Thanks for watching.

54
Q

HashiCorp 2022 State of Cloud Strategy Survey
Has a strategy to use multiple clouds helped advance or achieve your company’s business goals?

99% YES

Flexera 2022 State of the Cloud Report
Multicloud remains the de facto standard for all organizations.
89% Multicloud
9% Single public
2% Single private

A
55
Q

OCI-Azure Interconnect
Highly optimized, secure, and unified cross-cloud experience

12 Azure Interconnect regions

< 2 millisecond latency private interconnection

No inboud or outbound charges for data

A
56
Q

OCI - Azure Interconnect - use case

Autonomous Databases running on OCI
Connected to Azure Analytics tools and AI workloads

A
57
Q

Oracle Database Service for Azure
ODSA

A
  • Oracle Managed Service
  • Eases provisioning, access and operation
  • Familiar Azure-native user experience
  • Automated identity, networking, and monitoring integration
  • < 2 MS latency private interconnect
  • No additional cost
58
Q

Hybrid Cloud

A

Hello. In this lesson, we will discuss Hybrid Cloud. So let’s get started.

Recall the Cloud deployment models we reviewed in the Cloud computing basics lesson. The focus of this lesson will be the Hybrid Cloud.

OCI offers the most complete support for Hybrid Cloud strategies. So we have Oracle Dedicated Region Cloud@Customer, which delivers all OCI services inside the customer’s own data centers. Now all these services and applications help you to not only augment your journey to the Cloud, but also do so from the comfort of your own data centers.

Then we have Oracle Cloud VMware Solution that allows you to create and manage VMware enabled software defined data centers in Oracle Cloud Infrastructure.

We also have Oracle Autonomous databases on Exadata Cloud@Customer, which combines all the benefits of having Oracle Exadata in your data center with the simplicity of an Autonomous Cloud Service.

Then we have Oracle’s Roving Edge Infrastructure that accelerates deployment of Cloud workloads outside the data center.

With Dedicated Region Cloud@Customer, you can meet your governance, regulatory compliance, and data privacy requirements while experiencing the benefits of public Cloud in your own data centers.

Now as you can see here, there is customer’s floor space, there’s customer’s racks, there’s the data center power and cooling, and then Oracle is going to manage infrastructure operations and availability so that you can focus on the business innovation.

To wrap up, with a Hybrid Cloud, organizations can get the best of both worlds in a flexible environment capable of adapting to their specific needs. Thanks for watching.

59
Q

Cloud Deployment Models

A
  1. Private Cloud
    Wholly dedicated to one organization
  2. Public Cloud
    Shared by Multiple Organizations
  3. Hybrid Cloud
    Combination of both public and private cloud
  4. Multicloud Cloud
    Use of multiple public clouds in a single architecture
60
Q

Hybrid Cloud Services

A
  1. Dedicated Region Cloud@Customer
    All OCI services, running in customer data centers
  2. Oracle Cloud VMware Solution
    Native VMWare on OCI in public cloud or dedicated regions
  3. Exadata Cloud@Customer
    Cloud autonomous databases, running in your data center
  4. Roving Edge Infrastructure
    OCI compute and storage for remote, disconnected scenarios

OCI (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions