By learning this page’s contents you can easily be able to clear the Oracle Foundations Associate Certification Exam. For better results try to understand the logic and learn.
Oracle Cloud Infrastructure INTRODUCTION
An OCI region is a localized geographic area.
Each availability domain has three fault domains.
Fault domains provide anti-affinity. We can place one server and a DB node in one fault domain and the second server and DB node in another fault domain.
Fault domain OCI construct protects against failures within an availability domain.
A Fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain contains three Fault domains for high availability.
Oracle Cloud Infrastructure IAM
• Most types of Oracle Cloud infrastructure resources have a unique, oracle assigned identifier called an Oracle Cloud ID (OCID).
Compartments are not restricted to a single region. They are global and not tied to a specific region.
Resources can interact with other resources in different compartments.
You can give the group of users access to compartments by writing policies.
IAM policies are used to specify authorization.
• IAM lets you control who has access to your cloud resources.
• OCI vault Master Encryption Keys is not a valid authentication method.
Compute
Automated patch management is a feature of the OCI OS Management Service.
OS management can be used for automating patches, simplifying package management, and managing CVE (common vulnerability Exposure).
• Autoscaling automatically scales up or down to meet the capacity requirements.
• Once allocated, the primary private IP for the instance is not editable.
• OCI offers both Bare Metal and virtual machine instances.
Container instance is not a valid compute shape option within the OCI compute service.
Oracle Cloud Infrastructure Database
• An autonomous database handles the creating of the database along with the backups, patching upgrading, and tuning of the database.
• Two node Oracle RAC DB systems require Oracle Enterprise Edition – Extreme Performance
• DB Systems available in OCI are Bare Metal DB Systems, VM DB System, and Exadata DB System.
ATP is a workload type on the Autonomous Database and not a DB System.
• Dedicated deployment is a deployment choice that enables you to provision Autonomous databases into their own Dedicated cloud infrastructure.
• NoSQL Database gives a predi⁸ctable single digit, millisecond latency with high-performance workloads.
Security
• JWA (JSON Web Algorithm) is not supported by the OCI Vault Service.
Supported are
1. Elliptic curve digital signature Algorithm (ECDSA)
2. Rivest- Shamir- Adleman (RSA)
3. Advanced Encryption Standard (AES)
• OCI vault is a managed service that lets you centrally manage the encryption keys that protect your data and the secret credentials that you use to securely access resources.
• Web Application Firewall can protect any internet-facing endpoint, providing consistent rule enforcement across a customer’s Applications.⁷
• A security zone is associated with a compartment and a security zone recipe.
• Multi factor authentication is a method of authentication that requires the use of more than one factor to verify a user’s identity.
Oracle Cloud Infrastructure Networking
• Load Balancing Service provides automated traffic distribution from one entry point to multiple servers reachable from your VCN.
• NAT gateway VCN component blocks inbound traffic but enables outbound traffic to the internet.
A NAT gateway gives cloud resources without public IP addresses access to the internet without exposing those resources to incoming internet connections.
• An internet gateway allows both inbound and outbound traffic.
• Each subnet in a VCN can exist In a single availability domain or across an entire region.
• Each VCN comes with
A default set of route tables,
Security lists and DHCP options with initial values that you can change.
* default set of DHCP options with default values
* default route tables, with no route rules
* default security list, with default security rules.
Oracle Cloud Infrastructure App Dev
• Characteristics of the OCI API Gateway Service
1. It appears as a network device in your virtual cloud network.
2. It supports both oracle and 3rd party OAuth Servers.
3. It is an oracle managed server-less service.
It provides a deployment platform for your API implementations.
• A banking platform has been re designed to a microservices based architecture using Docker containers. For this, we use Oracle Container Engine for Kubernetes.
Oracle Container Engine for Kubernetes is a fully managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud.
• A single registry can contain both private and public Docker repositories.
• Resource Manager leverages Terraform to enable Infrastructure-as-code.
• Oracle Functions lets you run code without provisioning any underlying infrastructure such as virtual machines.
Observability and Management
The OCI logging service uses Audit logs, service logs and custom logs. It doesn’t use Alert logs.
OCI logging service can analyze critical diagnostic information that describes how resources are performing.
It can be used to enable, manage and search critical diagnostic information that describes how resources are performing.
• Monitoring OCI Service will send you an alert for high CPU usage.
Logging, Monitoring, Logging Analytics are a part of Observability and Management Services.
OCI Registry is not a part of Observability and Management Services.
• Alarms use metrics for monitoring and consists of a trigger action and notification method.
Analytics and AI
The Oracle Accelerated Data Science (ADS) SDK is a python library that is included as part of the OCI Data Science Service. It makes common tasks faster, easier, and less error prone.
• Capability of the OCI Data Catalog Service:
It provides the repository of searchable Metadata.
Data Flow is used to easily create, share, run, and view the output of Apache Spark Applications.
Data integration enables the ETL Developers to develop, build, and test data integration solutions.
Data Catalog can harvest technical Metadata from a wide range of supported data sources that are accessible using public or private IPs.
Hybrid
Oracle Cloud VMware solution is based on VMware ESXi and related technologies. It doesn’t support Hyper-V (Hyper V Workloads).
Oracle Cloud VMware uses Bare Metal compute shape.
• Dedicated regions provide extremely low latency. It doesn’t support high latency.
Oracle dedicated region cloud doesn’t support
To run a publicly accessible e commerce site with varying demand pattern.
Governance and admin
Compartments are the valid targets for setting OCI budgets.
Budgets are set on cost tracking tags or on compartments.
Oracle Cloud Infrastructure Pricing
Oracle offers these billing models: Pay as you go, monthly universal credits annual universal credits, and BYOL.
Pricing depends on the type of resources used.
Egress Is charged to and from the internet. Ingress is free while egress rates are based on geography.
File storage can provide a shared file service across multiple compute instances
Local NVMe does not provide encryption for Data at rest.
Architecture course
• Part of OCI IAM
Policies
Users
Dynamic groups
• Not part of oci iam
Vcn
Roles
Compute instances
Regional subnets
• If you want to make API calls against other
oci services from your instance without configuring user credentials then
Create a Dynamic group and add a policy.
Networking
• VCNs, Site to site VPN IPSec Tunnels, Remote Peering Connections are the resources that can be attached to dynamic routing gateways.
• A VCN is a software-defined network defined in oracle data centers.
A VCN can reside only in a single region.
• Which information would you get using the regional network topology?
Interconnectivity of VCNs and
Connectivity of on premises using FastConnect or VPN.
Load balancer to accept incoming traffic
:
A backend set with atleast one backend server,
A listener,
A security list that is open on the listener port.
Network visualizer provides Virtual cloud network topology and regional network topology.
OCI File storage Service
Hierarchical collection of documents organized into named directories.
10000 snapshots can be taken per file system.
It can be accessed over the network.
It is supported by all major os and hypervisors.
It is not a Local file system.
File storage, local storage, object storage, archive storage.
NFSv3 is used for file storage.
OCI Object Storage Service
There is a bucket of ARCHIVE storage type,
The default time to download an object after restoration is 24 hours.
And the minimum retention period for Archive Storage is 90 days.
To move some unstructured data, consisting of images and videos to cloud storage Standard Storage is the most cost-effective storage.
At the Bucket level, the replication is set for object storage.
Want to store the backup of a database in cloud storage for an extended period of time then use Archive Storage.
Versioning is defined at the bucket level in object storage.
OCI Block Storage Service
ISCSI and PARAVIRTUALIZED are attached to a block volume.
Cloning a block volume:
You can create 10 clones if the volume is detached.
You can create one clone if the volume is attached.
It can be attached to a compute instance.
It uses ISCSI to connect to a compute instance.
Attaching a volume to multiple instances:
It can be attached to up to 8 instances.
Database
Prerequisites to create a DB System
are public key in OpenSSH format, VCN with default security list.
Autonomous Transaction Processing:
Data is stored in row format.
Missing indexes are detected and created.
VM DB systems
Bare Metal DB Systems
Exadata DB System
For provisioning Oracle Autonomous database instance:
Number of CPUs, Workload Type, Database Name.
OCI console for Oracle Autonomous Database:
Scale-up/down CPU
And
Increase storage allocated for the database
Autonomous Data Warehouse: Data is stored in columnar format.
Compute
Burstable instances:
They provide a baseline CPU performance.
They are designed for instances where there is an occasional CPU spike.
The instance pool needs to be configured for enabling autoscaling.
Schedule-based autoscaling and Metric based autoscaling.
Limitations of preemptible instances:
They can be terminated at any time.
They cannot be started, stopped, or rebooted.
Gpu based instances useful:
They are used for the high-performance computing platform.
They are used to Accelerate the applications that run sophisticated algorithms.