Transitioning to the cloud can be a daunting thought. Logging into a cloud portal for the first time and not knowing where anything is or how to execute the most basic tasks can elicit self-doubt in even the most experienced technologist. For some, it may feel similar to starting over. This article aims to squelch that self-doubt for those moving into the Oracle Cloud by providing enough knowledge to get started with Oracle Cloud Infrastructure Database Services—quickly and with confidence.
Classic Versus OCI
There are two versions of Oracle Cloud. The current “second generation” platform is called Oracle Cloud Infrastructure (OCI). When Oracle first entered the public cloud market, the product was called Oracle Public Cloud (OPC). Many of the OPC services are still active and run separately from OCI. In most cases, the way to differentiate between them is to look for the term “Classic.” This indicates that the service is part of the original OPC infrastructure. OPC was later renamed OCI-Classic. Anything not referred to as Classic is part of OCI.
Portals
When you first sign into your Oracle Cloud account, you will probably be on the “Dashboard” or “My Services” page. This is the top-level portal which has access to both OCI and OCI-Classic services. The slide-out pane on the left of the dashboard has a list of all of the services available to your account. Selecting a Classic service such as “Compute Classic” will bring you to a separate portal for the Compute Classic service. Selecting any service that is not a Classic service such as “Compute” will bring you to the Compute OCI service page in the OCI portal. The difference is subtle but important. The Classic services have their own isolated portals. The OCI services are all part of the same OCI portal.
The slide-out pane on the left changes, depending on the type of portal you are in. The Dashboard portal will show the OCI-Classic and OCI services. Once you are in any of the OCI services, the pane will no longer show any OCI-Classic services but will include the paths to all other OCI services.
Tenancy
The original Oracle Cloud, now called OCI-Classic, referred to accounts as “identity domains.” But that term hasn’t really carried over to OCI. Instead, everything is based on the concept of a “tenancy” within OCI. For all intents and purposes, the tenancy can be considered the “account.”
Compartments
Multitenancy in OCI extends far beyond the database. There are myriad ways of isolating OCI components and one of the highest levels is “Compartments.” Compartments are a logical grouping of cloud resources. Privileges (officially called IAM Policies) can also be applied at the compartment level, meaning that there are also practical benefits of compartments beyond logical separation and organization. Compartments are part of OCI only. None of the Classic services will utilize or be constrained by compartments or any other OCI governance components.
All OCI service components are isolated by Compartment. You can see the Compartment in which you currently reside in any service by looking under the “List Scope” header on the left side of the screen. If at any time you don’t see the service components you are looking for, make sure the correct Compartment is selected.
The path to Compartments administration can be found in the left slide-out pane under the “Identity” menu. A “root” Compartment is created when your account is first provisioned. Before you start provisioning services, you will have to create at least one additional Compartment.
Virtual Cloud Networks
A Virtual Cloud Network (VCN) is a group of networking components used by most OCI services. A VCN closely resembles a traditional network, with firewall rules and various types of gateways to communicate across internal networks and over the internet.
Most services require a VCN to exist before they can be provisioned. Some services, such as the Compute service, will give the option of creating the VCN as part of the provisioning process.
The minimal creation of a VCN will only provision some of the components required. The easiest way of making sure the VCN has everything needed for a functional and accessible instance is to select “Create Virtual Cloud Network Plus Related Resources” when creating the VCN. This will add an Internet Gateway to allow access to your services over the internet, a subnet for each of the Availability Domains in the region, DNS resolution, and dynamic IP addresses.
This is where OCI differs from some of the other major cloud providers. With OCI, you must set up at least one VCN and the associated resources before you can start provisioning and using other infrastructure and resources. This contrasts with some other major cloud providers where the network basics are done automatically or by default.
SSH Keys
It is required that you create a shared SSH (Secure Shell) key pair before provisioning an instance. A common way to do this is to use the PuTTY suite of SSH tools, specifically the PuTTY Key Generator. Many of the SSH key generator tools do not save the public key in the format that OCI services expect. To create the public key file, simply copy the text from the key generator under the heading, “Public key for pasting into OpenSSH authorized_keys file,” and save it to a file. Don’t forget to save the private key as well.
Compute
With a VCN in place and an SSH key pair created, a Compute Instance can be provisioned. OCI goes beyond OCI-Classic by adding the ability to provision Bare Metal Machines, which gives you a dedicated physical server.
For example, to create a basic Linux Virtual Machine (VM), select “Instances” under the Compute menu from the slide-out pane on the left. When choosing the SSH key file, select the file onto which you copied the OpenSSH formatted public key. All of the networking components should default to the VCN components you created.
It won’t take long for the VM to be in a running state, at which point you can log into it with SSH. When setting up your SSH connection, make sure to use shared key authentication and choose the SSH private key file. The username for Oracle Linux compute instances is “opc,” which is one of the many remnants left over from the original Oracle Public Cloud. The opc user has permission to performed privileged operations using sudo.
Database
The OCI Database service has prerequisites similar to the Compute service. This is mostly due to the fact that compute instances are created to support the database.
Select “Bare Metal, VM, and Exadata” under the “Database” heading from the slide-out pane on the left. Make sure the correct Compartment is selected and select “Launch DB System.”
“Shape” indicates the size of the compute instance(s) that will support the database. The shape number indicates the compute capability of the instance. The first number indicates the hardware platform on which the instance will run: 1 indicates that the instance will run on an Oracle X5 server, while 2 indicates the instance will run on an Oracle X7 server. The second number indicates the number of CPU cores that will be allocated. Choosing a shape with more than one CPU will allow you to select up to two nodes for an optional RAC (Real Application Clusters) database configuration.
“Software Editions” indicates that certain database features are enabled. The following list indicates which version and features are enabled for each option. Each Enterprise edition includes the features of the lower Enterprise editions.
- Standard Edition—Oracle Database Standard Edition 2
- Enterprise Edition—Oracle Database Enterprise Edition, Data Masking and Subsetting Pack, Diagnostics and Tuning Packs, and Real Application Testing
- Enterprise High Performance—Multitenant, Partitioning, Advanced Compression, Advanced Security, Label Security, Database Vault, OLAP, Advanced Analytics, Spatial & Graph, Database Lifecycle Management Pack, and Cloud Management Pack for Oracle Database
- Enterprise Extreme Performance—Active Data Guard, In-Memory Database, and RAC
Special consideration should be taken when selecting “License Type” because the price difference is significant. For example, using “Pay as You Go” pricing for a single Extreme Performance VM, the Bring Your Own License (BYOL) cost is approximately $0.29 per CPU per hour versus the included license cost of $2.52 per CPU per hour. Including the license makes the instance almost nine times more expensive.
The “Available Storage Size” option is a little misleading because it only accounts for a portion of what Oracle will actually charge for storage for this VM. The “Total Storage Size” reflects the total storage consumed by the VM. The available storage size is the size of the +DATA ASM disk group. The +RECO disk group will also be created with 256GB of space. The storage allocated to the OS makes up the rest. Selecting 256GB will result in a total storage allocation of 712GB. Selecting a larger storage size only affects the size of the +DATA disk group.
The available database versions as of February 2019 are 18.0, 12.2.0.1, 12.1.0.2, and 11.2.0.4. With the exception of version 11.2, the created database will be a multitenant database, regardless of whether you choose to create a pluggable database (PDB) during the provisioning process.
The Path Forward
Navigating Oracle Cloud Infrastructure Database Services can be a little overwhelming at first. However, creating Compute and Database Instances in OCI is relatively easy as Oracle has limited many of the options available when configuring an Oracle Database system. Some of the terminology may be unfamiliar but it should not be difficult to master for a seasoned Oracle DBA transitioning to a cloud database architect.
Managing OCI Database Instances once they are created poses additional challenges. The next article in this series will examine database management and administration tasks such as backups, pluggable databases, Data Guard, and client networking.