Oracle Cloud Infratructure (OCI) DevOps Flashcards
What is a Virtual Cloud Network (VCN) in OCI?
A Virtual Cloud Network (VCN) in Oracle Cloud Infrastructure (OCI) is a customizable and private network that you create within an OCI region. It provides you with complete control over your cloud networking environment, allowing you to define your own IP address ranges, configure subnets, route tables, and gateways.
Key features and components of a VCN include:
Subnets: Subnets are subdivisions of the VCN, allowing you to segment your network for different purposes or departments. Each subnet is associated with a specific Availability Domain (AD) within the region.
Security Lists: Security Lists act as virtual firewalls for your subnets, controlling inbound and outbound traffic. You can define rules to permit or deny traffic based on protocols, ports, and IP addresses.
Route Tables: Route Tables determine how traffic is directed within the VCN. You can configure routes to direct traffic between subnets, to the internet, or to other services within OCI.
Internet Gateway (IGW): An IGW provides a route for outbound internet traffic from the VCN. It allows resources within the VCN to access the internet and for internet-based resources to communicate with resources within the VCN.
Virtual Private Network (VPN) Gateway: A VPN Gateway enables secure communication between your on-premises network and resources within the VCN over a secure VPN connection.
Service Gateway: A Service Gateway allows resources within the VCN to privately access Oracle Cloud services like Object Storage, without needing to traverse the public internet.
Local Peering Gateway (LPG): Local Peering enables communication between VCNs within the same region. It allows resources in one VCN to communicate directly with resources in another VCN without traversing the internet.
VCNs provide isolation and security for your cloud resources while offering flexibility and scalability to meet your networking needs within OCI.
What is a Compartment in OCI?
In Oracle Cloud Infrastructure (OCI), a Compartment is a logical grouping and isolation mechanism for organizing and controlling access to cloud resources. It’s similar in concept to folders or directories in a file system.
Here are the key aspects of compartments in OCI:
Organization: Compartments allow you to organize your cloud resources in a hierarchical structure. You can create compartments based on different criteria such as projects, teams, applications, or environments (e.g., development, testing, production).
Isolation: Each compartment acts as a separate unit of isolation. Resources within a compartment are isolated from resources in other compartments by default. This isolation helps enforce security boundaries and access controls.
Access Control: Access to resources within compartments is controlled through IAM (Identity and Access Management) policies. You can define fine-grained access policies to grant or restrict access to compartments and the resources within them. This enables you to enforce the principle of least privilege, ensuring that users and services have only the necessary permissions to perform their tasks.
Resource Management: You can manage resources within a compartment independently of resources in other compartments. This includes creating, deleting, updating, and monitoring resources such as compute instances, databases, storage, networking components, and more.
Billing and Cost Management: Compartments play a role in organizing and managing billing and cost allocation. You can associate resources with specific compartments, allowing you to track usage and costs at the compartment level for better cost allocation and budgeting.
Resource Sharing: While compartments provide isolation by default, you can share resources across compartments if needed. This can be useful for scenarios where resources need to be accessed or managed by multiple teams or projects.
Overall, compartments in OCI help you organize, secure, and manage your cloud resources effectively, providing a foundation for implementing governance, security, and resource management best practices.
what is the AWS equivalent of a Compartment in OCI?
In Amazon Web Services (AWS), the equivalent concept to Oracle Cloud Infrastructure’s (OCI) Compartment is an AWS Account.
Here’s how the two concepts compare:
Compartment in OCI: In OCI, a compartment is a logical grouping and isolation mechanism for organizing and controlling access to cloud resources within a single OCI tenancy (an account with Oracle). You can create multiple compartments within a tenancy to organize resources based on different criteria such as projects, teams, or environments.
AWS Account: An AWS Account is a fundamental unit of organization in AWS. When you sign up for AWS, you create an AWS Account, which is associated with a unique account ID and has its own resources, permissions, and billing. Each AWS Account is isolated from other AWS Accounts by default, and resources within an account can be organized using AWS’s hierarchical organizational units like AWS Organizations, Organizational Units (OUs), and AWS Resource Groups.
What are the various types of instances available in OCI?
In Oracle Cloud Infrastructure (OCI), there are several types of instances available to meet different performance, scalability, and workload requirements. Here are some of the main types:
- Standard VM Instances: These instances provide a balance of compute, memory, and network resources. They are suitable for general-purpose workloads such as web hosting, development, and testing.
- Dense I/O Instances: These instances are optimized for high-performance I/O operations, making them ideal for database workloads that require intensive disk operations, such as data warehousing and analytics.
- GPU Instances: OCI offers instances with GPU (Graphics Processing Unit) acceleration for compute-intensive workloads such as artificial intelligence (AI), machine learning (ML), graphics rendering, and scientific computing.
- High Performance Computing (HPC) Instances: These instances are designed for computationally intensive workloads that require high-performance computing resources, such as simulations, modeling, and rendering.
- Bare Metal Instances: Bare Metal instances provide direct access to the underlying physical server hardware without virtualization overhead. They offer high performance and are suitable for workloads that require high compute power, large memory, and direct access to physical resources.
- Flexible VM Instances: These instances allow you to customize the amount of CPU and memory resources independently, providing flexibility to tailor the instance to your specific workload requirements.
- Ephemeral Instances: Ephemeral instances are short-lived instances designed for temporary or batch processing workloads. They are cost-effective and can be quickly provisioned and terminated as needed.
- Micro Instances: Micro instances offer a low-cost option for lightweight workloads with minimal resource requirements, such as small websites, development, and testing environments.