dokucama

User Tools

Site Tools

Trace:
virtualization:cloud:oci

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
virtualization:cloud:oci [2021/06/04 14:13] jotasandokuvirtualization:cloud:oci [2023/11/02 14:38] (current) – external edit 127.0.0.1
Line 9: Line 9:
   * SG (Service Gateway) (~ AWS service endpoints)   * SG (Service Gateway) (~ AWS service endpoints)
   * IG (Internet Gateway) (~ IGW )   * IG (Internet Gateway) (~ IGW )
-  * Compute [[https://docs.cloud.oracle.com/iaas/Content/Compute/References/computeshapes.htm|Shapes]]+  * Compute [[https://docs.cloud.mycompany2.com/iaas/Content/Compute/References/computeshapes.htm|Shapes]]
   * IAM (Identity and Access Management - policies/user permissions)   * IAM (Identity and Access Management - policies/user permissions)
   * ?? AMI (vm source code)   * ?? AMI (vm source code)
Line 15: Line 15:
   * ?? (~DNS route 53)   * ?? (~DNS route 53)
  
-  * [[https://oracle-my.sharepoint.com/:w:/r/personal/jaime_santos_amandi_oracle_com/_layouts/15/Doc.aspx?sourcedoc=%7B47CA47E2-765D-431F-AAA7-BE919DD5ABA1%7D&file=terraform-notes.docx&action=default&mobileredirect=true|ODocs link]]+  * [[https://mycompany2-my.sharepoint.com/:w:/r/personal/jaime_santos_amandi_mycompany2_com/_layouts/15/Doc.aspx?sourcedoc=%7B47CA47E2-765D-431F-AAA7-BE919DD5ABA1%7D&file=terraform-notes.docx&action=default&mobileredirect=true|ODocs link]]
   * [[https://ruepprich.com/2018/09/06/oci-commandline-interface-cli-filtering/]]   * [[https://ruepprich.com/2018/09/06/oci-commandline-interface-cli-filtering/]]
  
  
 ---- ----
-  * OCI images [[https://docs.oracle.com/en-us/iaas/images/|External Link]] +  * OCI images [[https://docs.mycompany2.com/en-us/iaas/images/|External Link]] 
-  * OCI shapes [[https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm|External Link]]+  * OCI shapes [[https://docs.mycompany2.com/en-us/iaas/Content/Compute/References/computeshapes.htm|External Link]]
  
 ---- ----
-AD: Same region but isolated (power and routing wise). Same orchestration system.\\ +  * AD: Same region but isolated (power and routing wise). Same orchestration system. 
-FD: Each AD has three FD. Specific FD has its own physical hypervisors, racks, ToRs and PDUs. We can see it as **a rack**. Each FD has its own control and forwarding plane. \\# +  FD: Each AD has three FD. Specific FD has its own physical hypervisors, racks, ToRs and PDUs. We can see it as **a rack**. Each FD has its own control and forwarding plane. 
-Compartment: Is a logical global construct (multi region) that helps with access control. **Each resource belongs to one and only one compartment**. Compartments can be nested, up to six of them.+  Compartment: Is a logical global construct (multi region) that helps with access control. **Each resource belongs to one and only one compartment**. Compartments can be nested, up to six of them.
  
  
Line 48: Line 48:
 DNS:\\ DNS:\\
  
-__Internet and VCN Resolver__ (VCN and Internet):[[https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/dns.htm|Link]]\\+__Internet and VCN Resolver__ (VCN and Internet):[[https://docs.mycompany2.com/en-us/iaas/Content/Network/Concepts/dns.htm|Link]]\\
 Is configured in at the subnet level with thhe **dhcp options (ie we use dhcp responses to configure DNS**. \\ Is configured in at the subnet level with thhe **dhcp options (ie we use dhcp responses to configure DNS**. \\
-Is added as subdomains. TLD is ''oraclevcn.com'' by default but we use ''oracledatacloud.com'' because we have custom DNS servers.+Is added as subdomains. TLD is ''mycompany2vcn.com'' by default but we use ''mycompany2datacloud.com'' because we have custom DNS servers.
 \\ \\
-__Custom Resolver__: [[https://blogs.oracle.com/cloud-infrastructure/configuring-a-custom-dns-resolver-and-the-native-dns-resolver-in-the-same-vcn|Link]] TODO\\+__Custom Resolver__: [[https://blogs.mycompany2.com/cloud-infrastructure/configuring-a-custom-dns-resolver-and-the-native-dns-resolver-in-the-same-vcn|Link]] TODO\\
 \\ \\
-__Private DNS service__:[[https://docs.oracle.com/en/solutions/private-dns/index.html#GUID-A1669E7E-EF8B-4B0A-AA36-51D73D51ED46|Link]]\\+__Private DNS service__:[[https://docs.mycompany2.com/en/solutions/private-dns/index.html#GUID-A1669E7E-EF8B-4B0A-AA36-51D73D51ED46|Link]]\\
  
  
Line 66: Line 66:
  
 OCI CLI:\\ OCI CLI:\\
-[[https://confluence.oracledatacloud.com/display/ODCI/OCI+CLI+Setup]] ; [[https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliinstall.htm]]+[[https://confluence.mycompany2datacloud.com/display/ODCI/OCI+CLI+Setup]] ; [[https://docs.cloud.mycompany2.com/iaas/Content/API/SDKDocs/cliinstall.htm]]
  oci setup config  oci setup config
  bin/oci-cli-scripts/  bin/oci-cli-scripts/
  
 PRETTY TABLE FORMAT:\\ PRETTY TABLE FORMAT:\\
-  oci compute instance list  --query "data [*].{ImageName:\"display-name\", State:\"lifecycle-state\", CreatedBy:\"defined-tags\".\"OracleDataCloud\".\"isProduction\"}"+  oci compute instance list  --query "data [*].{ImageName:\"display-name\", State:\"lifecycle-state\", CreatedBy:\"defined-tags\".\"mycompany2DataCloud\".\"isProduction\"}"
   --output table   --output table
  
Line 86: Line 86:
 Files location: Files location:
   /home/jaime/bin   /home/jaime/bin
-  /home/jaime/lib/oracle-cli+  /home/jaime/lib/mycompany2-cli
   /home/jaime/bin/oci-cli-scripts   /home/jaime/bin/oci-cli-scripts
   /home/jaime/.oci/config   /home/jaime/.oci/config
Line 92: Line 92:
   oci_api_key   # api key name   oci_api_key   # api key name
 \\ \\
-[[https://docs.cloud.oracle.com/iaas/Content/API/Concepts/cliconcepts.htm]]\\+[[https://docs.cloud.mycompany2.com/iaas/Content/API/Concepts/cliconcepts.htm]]\\
  
 ---- ----
Line 128: Line 128:
 STORAGE: STORAGE:
    
-  * **BLOCK: ** mmounted drives, no meta data, 512B blocks. Classical for Windows NTFS+  * **BLOCK: ** (~ EBS ) 
 +    * mounted drives, no meta data, 512B blocks. Classical for Windows NTFS
     * Boot and block volumes     * Boot and block volumes
     * Beyond the lifespan of compute instances. automatically in all FD     * Beyond the lifespan of compute instances. automatically in all FD
Line 145: Line 146:
  
 ---- ----
-**IAM** (authentication (identity) authorization (permissions)) \\+**IAM** (authentication (identity) authorisation (permissions)) \\
   * IAM users   * IAM users
     * groups nees to have a least one policy for a tenancy/compartment     * groups nees to have a least one policy for a tenancy/compartment
   * Instance principals   * Instance principals
     * like delegate the permissions normally assigned for a user to an instance (eg: the instance can make api calls)     * like delegate the permissions normally assigned for a user to an instance (eg: the instance can make api calls)
 +    
 +\\ 
 +  * Example: some humans manage instances, some humans manage network. then some of the 1st group can **use** (not manage) the network. 
 +\\
 User/password, API signing key, auth token (generated to authenticate with a 3rd party) User/password, API signing key, auth token (generated to authenticate with a 3rd party)
 \\ \\
-Authorization happens with **policies**. Policies are written in human-readable format. Then we attach the policy to a compartment or tenancy.+Authorisation happens with **policies**. Policies are written in human-readable format. Then we attach the policy to a compartment or tenancy. 
 +\\ 
 +  * Policy syntax: 
 +    * verb: inspect/read/use/manage 
 +    * resource-type: database, instance,virtual-network... 
 +    * location 
 +    * conditions 
 + 
 + 
 +---- 
 + 
 +MONITORING SYSTEM:\\ 
 +  * Alert/notification can trigger functions 
 + 
 + 
 + 
 +---- 
 +**SECURITY**:\\ 
 +HSM (Hardware Security Modules):\\ 
 +Is a tamper proof hardware system for key storage. 
 +\\ 
 +DATA SAFE:\\ 
 +Service to protect information in mycompany2 Cloud databases. 
 + 
 + 
 +\\ 
 +CLOUD ADVISOR:\\ 
 +To notify, eg, about underused resources. Gives recommendations to save money without degrading performance. 
 + 
 + 
  
virtualization/cloud/oci.1622816022.txt.gz · Last modified: (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki