OCI- Classic Deep Dive

Applies to Oracle Cloud at Customer

Platform Technology Solutions

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for
information purposes only, and may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality, and should not be relied upon
in making purchasing decisions. The development, release, and timing of any features or
functionality described for Oracle’s products remains at the sole discretion of Oracle.

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 3

Program Agenda
1 OCI Classic – An Overview
2 Identity and Access Management
3 Virtual Networking
4 Storage
5 Load Balancer as a Service
6 Automating the cloud

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 4

OCI – Classic : An Overview
About OCI Classic , Compute Offerings and Terminology

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 5

OCI – Classic : An Overview
About OCI Classic

• Based on Nimbula ( Acquisition Completed on 13 Mar 2013)

– Announced IaaS offering called OPC at OOW 2014
• Virtual Machines based on Xen Hypervisor
– Name changed to “OCI – Classic” at OOW 2017
• C@C (Cloud at Customer) is fully aligned with OCI Classic
• OCI Classic continues to be enhanced and developed
• OCI Classic is available in NAS, EMEA and APAC
• OCI Classic has many and more Integrated PaaS Services , PaaS for SaaS

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 6

OCI Classic – An Overview
Offerings
• Compute Classic • Dedicated Compute • SPARC Model 300
– Shared Compute Zone Classic – Dedicated Compute Zone
– Elastic in increments of 1 – Dedicated Compute Zone – 300 Cores
OCPU – 250,500,1000,1500 OCPUS – Hardware isolation
– No hardware isolation – Hardware isolation – Available in a Non Metered
– Available in Monthly – Available in a Non Metered Subscription Model
Metered , Universal Credits Subscription Model
Subscription Model
An OCPU provides CPU capacity
equivalent to one physical core of
an Intel Xeon processor with
hyper threading enabled. Each
OCPU corresponds to two
hardware execution threads,
known as vCPUs, as shown

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 7

OCI Classic – An Overview
Available Shapes
• A shape is a resource profile that specifies the number of OCPUs and the amount of memory to be
allocated to an instance. The shape determines the type of disk drive that your instance uses. If you select a
general purpose or high-memory shape, a hard-disk drive is used. If you select a high I/O shape, an NVM
Express SSD disk is automatically attached to your instance. For general purpose and high-memory shapes,
you can select the block storage disk size, but for high I/O shapes, the size of the disk is determined by the
shape.

General Purpose Shapes High memory Shapes High I/O Shapes

Shape OCPUs vCPUs RAM(GB) Shape OCPUs vCPUs RAM(GB) Shape OCPUs vCPUs RAM(GB) SSD(GB)
OC3 1 2 7.5 OC1M 1 2 15 OCIO1M 1 2 15 400
OC4 2 4 15 OC2M 2 4 30 OCIO2M 2 4 30 800
OC5 4 8 30 OC3M 4 8 60 OCIO3M 4 8 60 1600
OC6 8 16 60 OC4M 8 16 120 OCIO4M 8 16 120 3200
OC7 16 32 120 OC5M 16 32 240 OCIO5M 16 32 240 6400
OC8 24 48 180 OC8M 24 48 360
OC9 32 64 240 OC9M 32 64 480
Shapes and Pricing Link
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 8
OCI – Classic : An Overview
Terminology – Data Jurisdictions Data Jurisdiction
• A legislative boundary

Data Jurisdiction

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 9

OCI – Classic : An Overview
Terminology – Data Jurisdictions , Region
Data Jurisdiction
• A legislative boundary
USCOM-CENTRAL-1
Region
• A metropolitan area hosting IaaS and
PaaS services

Data Jurisdiction Region

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 10

OCI – Classic : An Overview
Terminology – Data Jurisdictions , Region , Availability Domain
Data Jurisdiction
• A legislative boundary
Region
Chicago
Region • A metropolitan area hosting IaaS and
PaaS services
Availability Domain
• A failure zone within a region

Availability
Data Jurisdiction Region
Domain

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 11

DC Build Plans with Compliances
Today Through FY18
Region Notes
uscom-central-1 Chicago, Includes HIPAA under CA*
uscom-east-1 Ashburn Region Notes, all dates are ETA
eucom-north-1 Amsterdam uscom-pci-central-1 PCI
gbcom-south-1 London UK Government 1 London, FY18Q4
aucom-east-1 Sydney, Australia UK Government 2 Woking, FY18Q4
usgov-central-1 FedRAMP high; extremely CA* Turkey FY18Q4
usgov-east-1 DR site for FedRAMP
Japan Primarily for Japan; zone model Data Regions
brcom-south-1 Brazil
uscom-central-1 AD2 Chicago

CA* Controlled Availability

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 12
OCI – Classic : An Overview
Terminology – My Services Dashboard

1
3

1a

2
4
• Use the My Services Dashboard page to check the
overall status of your purchased services and
manage your accounts or subscriptions

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 13

OCI – Classic : An Overview
Terminology – My Accounts Dashboard
3

1a
• Account – A unique customer account that can
have many Oracle Cloud Services
• Login with the Oracle Cloud account id provided
while purchasing. OTP is sent to that email id
2 • Activate the Services on the first time Login
• Click on Security and then one can assign Service
administrators

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 14

OCI – Classic : An Overview
Terminology – Identity Domain

• Each account has one or more Identity Domains

• Identity Domain – An identity domain is a construct for managing users and roles, integration standards,
external identities, secure application integration through Oracle Single Sign-On (SSO) configuration and
OAuth administration. OAuth is an authorization protocol — or in other words, a set of rules — that
allows a third-party website or application to access a user's data without the user needing to share
login credentials. In short, an identity domain controls the authentication and authorization of the users
who can sign in to a service in Oracle Cloud, and what features they can access in relation to the service

• Multiple services can be associated with a single identity domain to share user definitions and
authentication

• Users in an identity domain can be granted different levels of access to each service associated with the
domain

• Reference : Oracle Cloud Terminology

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 15

Program Agenda
1 OCI Classic – An Overview
2 Identity and Access Management
3 Virtual Networking
4 Storage
5 Load Balancer as a Service
6 Automating the cloud

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 16

Identity and Access Management
Types of Oracle Cloud Accounts
• Traditional Cloud Accounts (Legacy type)
– Sign in
• Browse https://cloud.oracle.com/home , locate and click on Sign In
• Ensure the First field is “ Traditional Cloud Account” . In the second textbox select the Data Center
• Click “My Services” Button
• Cloud Accounts with Identity Cloud Service
– All accounts are provisioned with Identity Cloud Service
– Provisioned for the selected Data Region (https://cloud.oracle.com/data-regions )
– Sign in
• Browse https://cloud.oracle.com/home , locate and click on Sign In
• Ensure the First field is “ Cloud Account with Identity Cloud Service” . In the second textbox input your “Cloud
Account Name”
• Click “My Services” Button

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 17

Identity and Access Management
Adding Users and Roles to Oracle Cloud Accounts
• Traditional Account • Cloud Accounts with Cloud
Identity Service

• Reference : Link
• Reference : Link
• Tutorials : Users and Roles and SSO

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 18

IDCS Features and Capabilities for UCM
Feature Foundation Basic Standard
User, Group and Application Management Yes Yes Yes
Self Service Profile Update Yes Yes Yes
Account Provisioning for OPC Apps Yes Yes Yes
User Authentication Basic Yes Yes Yes
Number of Identities No limit No limit No limit
Company Branding and customization Yes Yes Yes
SSO to OPC apps (including federation and form fill) Yes Yes Yes
Self User Registration Yes Yes
Self-Service Password Resets Yes Yes
Identity Sync from on-premises AD/OIM Connector Yes Yes
Account Provisioning for non-OPC Apps Yes
Yes
Access Requests
Social Identity Authentication Yes
Yes
Multi-Factor Authentication
SSO to 3rd party Apps (including federation and form fill) Yes

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 19

DEMO - OCI-C Dashboard , Console

Copyright
Copyright©©2017,
2017,Oracle
Oracleand/or
and/oritsitsaffiliates.
affiliates.All
Allrights
rightsreserved.
reserved.| Oracle OpenWorld 2017 Content
Program Agenda
1 OCI Classic – An Overview
2 Identity and Access Management
3 Virtual Networking
4 Storage
5 Load Balancer as a Service
6 Automating the cloud

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 21

Shared Network
Overview

• OCI Classic Datacenter consists of multiple Zones

• Zones can have multiple Physical Racks with Compute Hypervisors
• Each Rack is connected via Physical Networking devices
• The Networking is virtualized as a Flat Network providing network isolation
• Each Compute instance is assigned a private IP address (RFC 1918) from a
/30 network (example as below)

• Each Compute instance can get a Public IP for Internet connectivity

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 22

Shared Network
Features
• Scalable Flat Network Topology
• Secure via distributed Firewall
• Secure by Default Policy VM

VM isolated on stub /30

• Dynamic Security Rules Routed
network

• There are two types of public IPs: Router

• No broadcast /multicast
– Ephemeral: temporary and existing for the • No non-IPV4 traffic
• Security List is a self service Firewall
• Works in conjunction with the NAT
• No arbitrary source IP
lifetime of the instance address for VM
service

• VM has a single IP address

– Reserved: persistent and existing beyond
the lifetime of the instance it's assigned
to. You can un-assign it and then reassign
it to another instance whenever you like.

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 23

 Shared Network
Security List , Security IP List, Security Application , Security Rule, Reserved Public IP
• Security List is a group of one or more instances that you can specify as the destination
or source in an access rule. Instances within a same Security List can communicate fully
with one another on all ports
• Security IP List is a list of IP subnets (in the CIDR format) or IP addresses that are
external to your instances that you can specify as destination or source in a sec-rule
• Security Application is a combination of protocol and port. Commonly used security
applications are predefined. You can also create a custom security application\
• Security Rule defines the control of network traffic over a specified security application
– between instances in two Security Lists or
– from a set of external hosts (Security IP list) to instances in a Sec-List
• Reserved Public IP allows Persistent Public IP which will not change till released

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 24

Shared Network
Sample 3 Tier Architecture
http:80
ssh:22
https:443
End-Users Operations

http:80
Internet ssh:22
https:443

Requirement Source Destination Sec-App Policy

OCI-Classic 1 Internet remote-admin_seciplist ssh:22 Allow traffic
web_seclist
2 remote-admin_seciplist sys-admin_seclist ssh:22 Allow traffic
sys-admin_seclist
3 remote-admin_seciplist wls-admin_seclist ssh:22 Allow traffic
Web
tier

ssh:22 sys_admin
web1 web2
4 remote-admin_seciplist db-admin_seclist ssh:22 Allow traffic
ssh:22 5 sys-admin_seclist web_seclist ssh:22 Allow traffic
tcp:8001 ssh:22 6 sys-admin_seclist wls_seclist ssh:22 Allow traffic
7 sys-admin_seclist db_seclist ssh:22 Allow traffic
remote-admin_seciplist
Application

wls_seclist ssh:22 wls-admin_seclist 8 wls-admin_seclist wls_seclist ssh:22 Allow traffic

tier

ssh:22
app1 app2 wls_admin 10.154.125.7 9 wls-admin_seclist wls_seclist https:7002 Allow traffic
(remote admin host)
10 wls-admin_seclist wls_seclist http:7001 Allow traffic
ssh:22
https:7002 11 db-admin_seclist db_seclist ssh:22 Allow traffic
tcp:1521 ssh:22
http:7001
12 db-admin_seclist db_seclist tcp:1158 Allow traffic
ssh:22
13 wls_seclist db_seclist tcp:1521 Allow traffic
db_seclist db-admin_seclist
Database

14 web_seclist wls_seclist tcp:8001 Allow traffic

tier

db1 db2 db_admin

15 Internet web_seclist http:80 Allow traffic
ssh:22 16 Internet web_seclist http:443 Allow traffic
tcp:1158

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 25

IP Network
Overview
• Allows to define your own L3 Network with upper limit of CIDR of /16
• IP Networks are implemented as VXLAN overlay network and defined using CIDR address notation
– Two addresses from each network are reserved
• The First address is the default route and the DNS server and the last address is the broadcast address

• Allows to have a choice of DHCP or Static IP Addressing or Static MAC address

– No multi-cast support , No virtual/floating IP
• Allows upto 8 vNICS per instance
• Allows Dual Stack : meaning an instance can be on Shared as well as IP Network
• Allows Public IP reservation for an instance inside an IP Network
• Allows the network to span Zones
• Allows simplified Site-Site VPN with Corente based VPNaaS

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 26

IP Networks and Shared/Flat Network
Comparison

IP Networks Shared Networking

• User definable networking
– RFC6598 addresses are reserved
• Fine grained routing
• Multiple network interfaces
• Deny ALL traffic by default
• Private peering with FastConnect
• Flat Network
• Common private subnet shared by
all users
• No user definable networking
• Security provided by security lists
• Single network interfaces
• No routing

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 27

IP Network
Terminology and Concepts
• Virtual NIC Sets group Virtual NICs into an single
manageable object
• IP Address Prefix Sets contain one or more IPv4
networks in CIDR format
• Security Protocols are protocol and port
combinations to define network traffic
• Security Rules controls the access of a Security
Protocol to/from a Virtual NIC Set or an IP
Address Prefix Set
• Multiple Security Rules are grouped into an
Access Control List
• Access Control Lists are applied to Virtual NIC
Sets

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 28

Isolate instances
Multiple IP Networks
• Specify the private IP addresses you want to use, without
worrying about conflicts with private IP addresses used by
other tenants in a multitenant site.
– Customer 1 has created two IP networks, 192.168.2.0/24
and 192.168.3.0/24.
– Customer 2 has created one IP network, 192.168.2.0/24,
which overlaps with one of the subnets specified by
Customer 1.
– However, there is no conflict in the overlapping IP
addresses, because these networks aren’t connected with
each other.
– Both Customer 1 and Customer 2 have set up a VPN tunnel
to their instances. Traffic from Customer 1 is routed to
Instance 3, which has the public IP address 129.152.148.130
and traffic from Customer 2 is routed to Instance 4, which
has the public IP address 129.152.148.131.
– Customer 1 has also set up an IP network exchange to
connect their two networks

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 29

 Internet

IP Networks Oracle
ssh/22 https/443

Compute
3 Tier Architecture Cloud Service

• IPExchange
appVM1 203.0.113.3 203.0.113.4 appVM2
vNICset: appVMs
eth0 eth0

– Allows you to connect isolated non-overlapping 10.50.1.2 10.50.1.3

IPNetworks.

203.0.1132
appIPnetwork (10.50.1.0/24)
all

• Route

adminIPnetwork (172.16.1.0/24
172.16.1.
vNICset:

– You can use routes to specify preferred paths for traffic

2
adminV
M
IPNetwork
from your network to destinations outside your eth0
Exchange
tcp/1521

adminVM
network. A route specifies the IP address of the
destination as well as the vNICset that provides the
next hop for routing packets. all

dblPnetwork (192.168.1.0/24)

• DNS 192.168.1.2
vNICset: dbVMs
192.168.1.3

eth0 eth0
– Every IPNetwork has its own DNS space.

dbVM1 dbVM2

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 30

Program Agenda
1 OCI Classic – An Overview
2 Identity and Access Management
3 Virtual Networking
4 Storage
5 Load Balancer as a Service
6 Automating the cloud
7 Compliances
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 31
Storage
• Block Storage • Object Storage • Storage Software
– Ephemeral Boot Volume – Standard Container Appliance
– Persistent Block Volume – Archive Container • File-based NFS v4 network
• Standard protocol access to Storage
• Latency Pool Cloud service
• NVMe • Scalable and highly available
• Provided as a virtual
• A storage volume is a
appliance (software)
virtual disk that provides
persistent block storage
space for instances in
Compute Classic

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 32

 Block Storage
• Ephemeral Boot Volumes
– These are fixed size boot volumes from the
local storage of the hypervisor and will get
deleted once the instance is stopped
– Useful for quick demos
– Not protected
– Instance snapshots to be used to protect any
changes done on the boot volume
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. |
• Persistent Block Volumes
– These volumes are created from a Clustered
ZFS and persist even when the instance is
deleted and are protected
– Storage Volumes can be pre created and used
either as Boot Volume or Data Volume
– Storage Snapshots could be Scheduled to
quickly create a Full Backup Copy of the
volume
– You can increase the volume size even when
the instance is mounted to an instance
– Storage volume size can be from 1GB to 2TB
– Up to 10 Volumes can be attached to an
Instance
33
Block Storage
Persistent Block Storage

• Storage Property – Choose based on latency and IOPS requirement

Storage Property Latency Throughput Remarks
storage/default Standard Standard No write cache is provided
SSD write cache is provided. When you hit
storage/latency Low High this cache, you experience very high
performance.
For consistent high performance at all
storage/ssd/gpl Lowest Highest times, because the SSD cache is always
used.

• The web console might show other storage properties. Don’t select any of them. They are for Internal-use only.

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 34

Block Storage
Clone , Backup and Restore using snapshots
• Instance Snapshot (Ephemeral Boot Volumes ) • Storage Snapshot(Persistent Volumes)
– Allows you to capture the current state of an
instance and use it to launch other instances.
When an instance snapshot is completed, it
creates a machine image and stores it in your
Oracle Cloud Infrastructure Object Storage
Classic account
– Are Point in time full copy of the volume
– Can be used to create a clone of an instance
– Are of 2 types
• On Demand – Can be taken anytime
• Deferred – Snapshot is triggered just before deleting
– Has State as Active (Snapshot In Progress ) and
changes to Complete on Completion
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. |
– Colocated snapshots
• Snapshots are stored in the same physical location as
the original storage volume
• Are created quickly and useful for cloning storage
within a site
• Restore is not possible across Sites
– Remote snapshots
• are stored in the associated Oracle Cloud
Infrastructure Object Storage Classic instance
• Useful to restore the snapshot at remote site in case
the identity domain spans sites
• It can take more time to restore since data is written
to and from the associated Object Storage
– Has state of Initializing (snapshot in progress)
changes to Completed on Completion
35
Machine Images
Oracle Provided Machine images
• User
– Seeded user opc with sudo privileges and remote access over SSH v2 using RSA keys
– root login is disabled
• opc-init
– opc-init package contains scripts provided by Oracle that allow you to perform specified instance initialization
tasks automatically every time an instance is created. You can specify instance initialization tasks in the form of
user data when you create an instance. The opc-init scripts query the metadata service on the instance for this
user data. The specified user data is then used by the opc-init scripts to perform the required prebootstrapping
tasks. In addition, opc-init adds the SSH public keys specified during instance creation to
/home/opc/.ssh/authorized_keys
• Oracle Linux Repositories Enabled for Yum Configuration
• Includes essential packages necessary to get started using the instance e.g Dev tools , Web Browsers, X11
• Network Interfaces: eth[0-7]

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 36

Machine Images
Building your Own Machine images
• Format
– Machine image must be a full disk image, including a partition table and boot loader
– Disk image must be converted to raw format, packaged in tar archive, compressed uing gzip

• “Build Offline”
– Refer Building a Custom Oracle Linux Machine Image with the LAMP Stack tutorial on Oracle Learning
Library for OL 6.x to learn how to:
– Tip : Enable Serial Console for debugging in case of any booting issues
– You can use either the Web UI or CLI to upload the .tar.gz to compute_images container in the
associated Object Storage
–Register /Associate the uploaded machine image and you can then create an instance using this
machine image

• “Build in the Cloud”

– Register/Associate the Snapshot to make this snapshot as a Custom Machine Image

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. | 37

 125 Exabytes
Exponential Data Growth Storage
Driven by Unstructured Data Options

79.2%

Application
Unstructured Digital
Data Archive &
Backup

37.4 Exabytes

Database
20.8%
Structured Backup
Data
2013 2017
Source: IDC - 2014, Structured Data vs. Unstructured Data: The Balance of Power Continues to Shift

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 38

Oracle Storage Cloud Service
Storage Cloud Bulk Data
Object Storage Archive Storage Database Backup
Software Appliance Transfer Services

POSIX NFS
SMB
WebDav
Near Local NAS

Different Tiers of Object Storage Methods to get Data to the cloud

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 39

OCI Storage Classic
Key Features
• On-demand capacity
• Multiple redundant copies of
data for the highest
availability
• Automatic data integrity
checks for durability
• Industry standard RESTful
APIs
Benefits
• Tier data to the cloud based on access
patterns/sizes
• Free up on-premise resources and repurpose
them for new workloads
• Offsite protection of valuable digital assets
• Lower opex with granular, highly economical
pricing model
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Archive Storage Classic

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |

OCI Archive Storage Classic
Key Features Benefits
• On-demand capacity, scales to petabytes • Ideal for large data sets of fixed content, e.g.
email archives, digital video, scientific data,
• Multiple redundant copies of data for the
preservation data, etc.
highest availability
• Absolutely the lowest cost solution for long term
• Automatic data integrity checks for durability
data retention
• Industry standard RESTful APIs
• Simplified data center provisioning and capacity
planning
• Right-size on-premise assets

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |

OCI Archive Storage Classic
How it works

Simple API Requests Move Data Into/Out Of The Archive:

Get an authentication token • An authentication token is needed for any actions

Create an archive container • Make a container of Archive storage class

Upload an object • Uploading the file requires three arguments

—Source file, destination container,
Restore an object authentication token
• Before an object can be downloaded, it must be restored
Download an object
• Download the object

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 43

Data Restoration & Download

Create Archive Container with

Obj1

Obj2
Obj3

1. Restore
Archive
Container
2. Track Storage Data restoration (<4 hours)
Service Status tracking
Client
Service 24 hour
3. Download (configurable) Obj3
expiration

Standard Obj4
Container
Obj5

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |

 Step by step tutorial provided as part of
storage service documentation
Data Restoration and Tracking
• Data Restoration • Tracking
– Use v0 namespace for endpoint – Use tracking URL returned from previous call
– POST myObject?restore – Returns
• Restoration Start Time
• From the response payload, note the • Restoration End Time (if the restoration is complete)
following: • Restoration Progress
– Tracking URL in the X-Restore-Archive- • Percentage of Restoration Completion
Tracking header • Job Details
• Object Size
– Job ID in the X-Restore-Archive-JobId • Object Etag
header
• Restored Object Expiration time
• Use this tracking URL and the job ID in • Link to archived version of the object
the next step to track the restoration • Job Type
progress of the object. • Job ID

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 45

Easy to Use – Oracle Storage Cloud Software Appliance
Key Features
•File-based NFS v4 network protocol access to Storage Cloud service
Archive
•Scalable and highly available
•Inherits durability and security of Oracle Public Cloud (OPC)
•Provided as a virtual appliance (software)

NFS v4 Benefits
•Storage gateway from customer datacenter to Oracle Storage Cloud
•NFS access for easy integration with existing applications on-premises
Oracle Storage •Extensible to provide integration with other Oracle and third-party
Cloud Software storage appliances
Appliance

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 46 46

Software Appliance: New Features
• Version 1.2 • Version 1.3
– Native support for Archive Storage – High Availability deployment for Cloud
– 10X scalability improvement Distribution
– Pin files to local cache – Clustered deployments to scale out read traffic
– Garbage collection improvements – File versioning

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 47

Easy to Access – Interfaces and Connectivity

REST API via HTTPS

REST API via HTTPS

FastConnect
Intra-cloud Network
Public Internet Object/Archive

Database Software Developer Database Software Developer

Backup Appliance Tooling Backup Appliance Tooling

NFS v4 NFS v4

ZFSSA

Compute
On Premise HDD

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 48

Easy to Use - Web Console
• Background
– Customers need a more convenient
method for managing their containers
and objects. Traditionally customers
use the REST API directly or 3rd party
tools (CloudBerry, CyberDuck, etc.)
• New Feature
– A Web-based GUI which is integrated
with Oracle Public Cloud’s Single Sign-
On

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 49

Program Agenda
1 OCI Classic – An Overview
2 Identity and Access Management
3 Virtual Networking
4 Storage
5 Load Balancer as a Service
6 Automating the cloud

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 50

Load Balancer as a Service
• HTTP/HTTPS load balancer
• Delivered as a cloud service
• SSL offload for simplified certificate
management
• Load balancing algorithms, IP Network
integration

• Tutorials :
https://docs.oracle.com/en/cloud/iaas
/load-balancer-cloud/tutorials.html

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 51

Program Agenda
1 OCI Classic – An Overview
2 Identity and Access Management
3 Virtual Networking
4 Storage
5 Load Balancer as a Service
6 Automating the cloud

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 52

Built In Automated Resource Management
Orchestrations v2
• An Orchestration defines the attributes and interdependencies of a collection of
compute, networking, and storage resources in Compute Classic. You can use
orchestrations to automate the provisioning and lifecycle operations of an entire virtual
compute topology
• You can add, remove, or update objects without terminating the entire orchestration
• Orchestrations v2 enable you to provision an entire stack of cloud resources and
manage them individually
• All the objects defined in orchestrations v2 recover automatically from failure.
Orchestrations v2 use object references to recover interdependent objects to a healthy
state

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 53

Orchestration v2
Terminology
Term Description
Objects An object is the primary building block of an orchestration.
Each object contains all the attributes for the compute, networking, or storage resource
that you want to create.An orchestration can contain up to 100 objects.

Type The type attribute defines the type of the object that you want to create
e.g. Instance , StorageVolume

Full list of Object Types and Attributes Specific to each Object Type
Template The template attribute defines the properties or characteristics of the Compute Classic
resource that you want to create, as specified by the type attribute
e.g. For Type StorageVolume template would be size and bootable

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 55

Orchestration v2
Terminology: Object References and Relationships

• Object References
– When you define an object in an orchestration, you can create dependencies with
other objects by using references.
– In the following example, the StorageAttachment object references the name
attribute of an instance and the name attribute of a storage volume that’s to be
attached to the instance
{
"description": "a storage attachment object with references",
"label": "attachment_object",
"type": "StorageAttachment",
"template": {
"index": 1,
"instance_name": "{{myInstance1:name}}",
"storage_volume_name": "{{myVolume1:name}}"
}
}

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 56

Orchestration v2
Terminology: Object References and Relationships

• Object Relationships
– You can use the relationships attribute of an object to specify other related objects
that must be created first
– A persistent object can be in a relationship only with another persistent object
– For example, if you define two instances – instance1 and instance2 – in an
orchestration and you want instance1 to be created first, then in the relationships
attribute of instance2, specify that it depends on instance1
"relationships": [
{
"type": "depends",
"targets": ["instance1"]
}
]
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 57
Orchestration v2
Object Persistence

• To make an object persistent, set the persistent attribute to true

• When an object is set to persist, it is not deleted when the orchestration is
suspended
• If the orchestration is terminated, then all the objects are deleted
• If you set the persistent attribute of an object to true, then you must set
the persistent attribute of all the dependent objects as well to true

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 58

Orchestration v2
Life Cycle
State Description
activating The orchestration is starting

active The orchestration is running

suspending The orchestration is being suspended
suspended - All nonpersistent objects are being deleted
- All persistent objects are being created if nor
created already
terminating The orchestration is being terminated
- All objects are being deleted
inactive The orchestration is inactive
terminal_error Unrecoverable error
transient_error The orchestration is automatically recovering
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 59
Orchestration v2
Building your First Orchestration
• Build the orchestration ( Refer Sample Templates )
– An orchestration is defined in a JavaScript Object Notation (JSON) file that contains
the attributes of the Compute Classic objects that you want to create
• Upload the orchestration
• Start the orchestration
• While the orchestration is running, you can add, update, or delete an
instance
• To delete objects that are not set to be persistent, suspend the
orchestration
• To delete all objects defined in the orchestration, stop the orchestration
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 60