Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Data Jurisdiction
Availability
Data Jurisdiction Region
Domain
1
3
1a
2
4
• Use the My Services Dashboard page to check the
overall status of your purchased services and
manage your accounts or subscriptions
1a
• Account – A unique customer account that can
have many Oracle Cloud Services
• Login with the Oracle Cloud account id provided
while purchasing. OTP is sent to that email id
2 • Activate the Services on the first time Login
• Click on Security and then one can assign Service
administrators
• Identity Domain – An identity domain is a construct for managing users and roles, integration standards,
external identities, secure application integration through Oracle Single Sign-On (SSO) configuration and
OAuth administration. OAuth is an authorization protocol — or in other words, a set of rules — that
allows a third-party website or application to access a user's data without the user needing to share
login credentials. In short, an identity domain controls the authentication and authorization of the users
who can sign in to a service in Oracle Cloud, and what features they can access in relation to the service
• Multiple services can be associated with a single identity domain to share user definitions and
authentication
• Users in an identity domain can be granted different levels of access to each service associated with the
domain
• Reference : Link
• Reference : Link
• Tutorials : Users and Roles and SSO
Copyright
Copyright©©2017,
2017,Oracle
Oracleand/or
and/oritsitsaffiliates.
affiliates.All
Allrights
rightsreserved.
reserved.| Oracle OpenWorld 2017 Content
Program Agenda
1 OCI Classic – An Overview
2 Identity and Access Management
3 Virtual Networking
4 Storage
5 Load Balancer as a Service
6 Automating the cloud
• No broadcast /multicast
– Ephemeral: temporary and existing for the • No non-IPV4 traffic
• Security List is a self service Firewall
• Works in conjunction with the NAT
• No arbitrary source IP
lifetime of the instance address for VM
service
http:80
Internet ssh:22
https:443
ssh:22 sys_admin
web1 web2
4 remote-admin_seciplist db-admin_seclist ssh:22 Allow traffic
ssh:22 5 sys-admin_seclist web_seclist ssh:22 Allow traffic
tcp:8001 ssh:22 6 sys-admin_seclist wls_seclist ssh:22 Allow traffic
7 sys-admin_seclist db_seclist ssh:22 Allow traffic
remote-admin_seciplist
Application
ssh:22
app1 app2 wls_admin 10.154.125.7 9 wls-admin_seclist wls_seclist https:7002 Allow traffic
(remote admin host)
10 wls-admin_seclist wls_seclist http:7001 Allow traffic
ssh:22
https:7002 11 db-admin_seclist db_seclist ssh:22 Allow traffic
tcp:1521 ssh:22
http:7001
12 db-admin_seclist db_seclist tcp:1158 Allow traffic
ssh:22
13 wls_seclist db_seclist tcp:1521 Allow traffic
db_seclist db-admin_seclist
Database
IP Networks Oracle
ssh/22 https/443
Compute
3 Tier Architecture Cloud Service
• IPExchange
appVM1 203.0.113.3 203.0.113.4 appVM2
vNICset: appVMs
eth0 eth0
IPNetworks.
203.0.1132
appIPnetwork (10.50.1.0/24)
all
• Route
adminIPnetwork (172.16.1.0/24
172.16.1.
vNICset:
2
adminV
M
IPNetwork
from your network to destinations outside your eth0
Exchange
tcp/1521
adminVM
network. A route specifies the IP address of the
destination as well as the vNICset that provides the
next hop for routing packets. all
dblPnetwork (192.168.1.0/24)
• DNS 192.168.1.2
vNICset: dbVMs
192.168.1.3
eth0 eth0
– Every IPNetwork has its own DNS space.
dbVM1 dbVM2
• The web console might show other storage properties. Don’t select any of them. They are for Internal-use only.
• “Build Offline”
– Refer Building a Custom Oracle Linux Machine Image with the LAMP Stack tutorial on Oracle Learning
Library for OL 6.x to learn how to:
– Tip : Enable Serial Console for debugging in case of any booting issues
– You can use either the Web UI or CLI to upload the .tar.gz to compute_images container in the
associated Object Storage
–Register /Associate the uploaded machine image and you can then create an instance using this
machine image
79.2%
Application
Unstructured Digital
Data Archive &
Backup
37.4 Exabytes
Database
20.8%
Structured Backup
Data
2013 2017
Source: IDC - 2014, Structured Data vs. Unstructured Data: The Balance of Power Continues to Shift
POSIX NFS
SMB
WebDav
Near Local NAS
Obj2
Obj3
1. Restore
Archive
Container
2. Track Storage Data restoration (<4 hours)
Service Status tracking
Client
Service 24 hour
3. Download (configurable) Obj3
expiration
Standard Obj4
Container
Obj5
NFS v4 Benefits
•Storage gateway from customer datacenter to Oracle Storage Cloud
•NFS access for easy integration with existing applications on-premises
Oracle Storage •Extensible to provide integration with other Oracle and third-party
Cloud Software storage appliances
Appliance
NFS v4 NFS v4
ZFSSA
Compute
On Premise HDD
• Tutorials :
https://docs.oracle.com/en/cloud/iaas
/load-balancer-cloud/tutorials.html
Type The type attribute defines the type of the object that you want to create
e.g. Instance , StorageVolume
Full list of Object Types and Attributes Specific to each Object Type
Template The template attribute defines the properties or characteristics of the Compute Classic
resource that you want to create, as specified by the type attribute
e.g. For Type StorageVolume template would be size and bootable
• Object References
– When you define an object in an orchestration, you can create dependencies with
other objects by using references.
– In the following example, the StorageAttachment object references the name
attribute of an instance and the name attribute of a storage volume that’s to be
attached to the instance
{
"description": "a storage attachment object with references",
"label": "attachment_object",
"type": "StorageAttachment",
"template": {
"index": 1,
"instance_name": "{{myInstance1:name}}",
"storage_volume_name": "{{myVolume1:name}}"
}
}
• Object Relationships
– You can use the relationships attribute of an object to specify other related objects
that must be created first
– A persistent object can be in a relationship only with another persistent object
– For example, if you define two instances – instance1 and instance2 – in an
orchestration and you want instance1 to be created first, then in the relationships
attribute of instance2, specify that it depends on instance1
"relationships": [
{
"type": "depends",
"targets": ["instance1"]
}
]
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 57
Orchestration v2
Object Persistence