OCI Webinar ASE
OCI Webinar ASE
OCI Webinar ASE
Next-generation cloud
Ciprian Pustianu
Technology Cloud Engineer
The following is intended to outline our general product direction. It is intended for information purposes only, and
may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality,
and should not be relied upon in making purchasing decisions. The development, release, timing, and pricing of
any features or functionality described for Oracle’s products may change and remains at the sole discretion of
Oracle Corporation.
6 years
Technology Sales Consultant
Oracle Cloud Infrastructure
Certified Architect Professional
Oracle Database 12c Administrator
Certified Professional
10 years
Oracle DBA
Administration, Implementation
of Oracle Databases
High Availability and Performance
Database Projects
Oracle Autonomous Database
Cloud Certified Specialist ciprian.pustianu@oracle.com
https://www.linkedin.com/in/pciprian
Agenda
Phoenix Frankfurt
Region 3
Availability Availability
Domain 1 Domain 1
Availability Availability
Domain 2 Domain 3
7
Oracle Cloud Infrastructure Overview
GOVERNANCE
Department A Department B Department C
(IAM / APIs)
ORACLE
COMPUTE STORAGE DATABASE NETWORKING EDGE REGION n
SERVICES
CONNECTIVITY
VIRTUAL NETWORK INTERNET
PHYSICAL NETWORK
8
29 Oracle Cloud regions and growing
November 2020: 29 Regions Live, 9+ Planned; 6 Azure Interconnect Regions
SWEDEN
LONDON
AMSTERDAM
NEWPORT
FRANKFURT
TORONTO MONTREAL ZURICH CHUNCHEON
CHICAGO FRANCE
SAN JOSE, CA ITALY
SEOUL TOKYO
ASHBURN OSAKA
PHOENIX ISRAEL
SAUDI 2
DUBAI
JEDDAH
UAE 2 MUMBAI
HYDERABAD
SINGAPORE
Commercial VINHEDO
Commercial Planned SAO PAULO
Government JOHANNESBURG
Government Planned SANTIAGO
Microsoft Interconnect Azure SYDNEY
MELBOURNE
ENTERPRISE WEB & ENTERPRISE APPLICATION HPC, AI/ML, DNA SEQUENCING, CFD, MODERN DISTRIBUTED
APPLICATION SERVERS SERVERS, HADOOP 3D RENDERING CRASH SIMULATIONS APPLICATIONS
Bare Metal
Bare Metal E3 Bare Metal
Bare Metal Dense IO
Standard Standard Bare Metal HPC 52 OCPUs,
128 OCPUs, 52 OCPUs, GPU Standard
VM GPU 2 P100 GPUs, Dense IO 768 GB RAM,
2048 GB RAM 768 GB RAM
VM Standard v1 & 2 28 OCPUs, 192 GB RAM 36 OCPUs (3.7 GHz), 51.2 TB NVMe
Up to 1 PB Block Up to 1 PB Block Up to 1 PB Block
Dense IO From 1 P100 to Up to 1 PB Block 384 GB RAM
VM E3 VM $0.025 core hr. $0.0638 core hr.
4 V100 GPUs Up to 1 PB Block $ 0.1275 core hr.
$0.0015 GB RAM 8-24 OCPUs, $1.275 GPU hr.
Standard Flex Standard 12-24 OCPUs, 100 Gbps RDMA
hr. 120-320 GB RAM,
1-64 OCPUs, 1-24 OCPUs, 104-360 GB RAM $ 0.075 core hr.
16 GB per OCPU RAM
6.4-25.6TB NVMe v2
15-320 GB RAM These 2 also available as Up to 1 PB Block Up to 1 PB Block 8 V100 GPUs, NVLINK
Up to 1 PB Block Up to 1 PB Block Dedicated VM Hosts $1.275 - $2.95
$0.0638 core hr. 52 OCPUs, 768 GB
$0.025 core hr. $0.0638 core hr. /GPU hr.
$0.0015 GB RAM hr. Up to 1 PB Block
$2.95 GPU hr.
Max VNICS
Max VNICs
Shape OCPU VCPU Memory (GB) Local Disk Network Bandwidth1 Total:
Total: Linux
2.0 GHz Intel® Xeon® Platinum 8167M
Windows
* The Future is shapeless ... Freedom for OCPU and memory relationship !
OCI Shapes – Bare Metal
Max VNICS
Mem Network Max VNICs
Shape Instance Type OCPU VCPU Local Disk Total:
(GB) Bandwidth1 Total: Linux
Windows
28.8 TB NVMe
BM.DenseIO1.362 Dense I/O compute capacity 36 72 512 10 Gbps 36 1
(9 drives)
BM.Standard.B1.44 X6-based standard compute capacity 44 88 512 Block storage only 25 Gbps 44 None
BM.Standard2.52 X7-based standard compute capacity 52 104 768 Block storage only 2 x 25 Gbps 52 27
51.2 TB NVMe
BM.DenseIO2.52 X7-based dense I/O compute capacity 52 104 768 2 x 25 Gbps 52 27
(8 drives)
BM.GPU2.2 X7-based GPU: 2xP100 NVIDIA GPUs 28 56 192 Block storage only 2 x 25 Gbps 28 15
BM.GPU3.8 X7-based GPU: 8xV100 NVIDIA GPUs 52 104 768 Block storage only 2 x 25 Gbps 52 27
BM.Standard.E2.64 E1-based standard compute capacity: AMD CPUs 64 128 512 Block storage only 2 x 25 Gbps 75 76
Comprehensive, best-
performing storage HPC File Storage
services Archive Data Transfer
Systems Gateway
for enterprise
IBM Spectrum Scale, Durable object Local NAS-like Move petabyte scale
workloads Lustre, BeeGFS, storage at 90% lower performance data
GlusterFS cost Configurable cache Option for appliance,
Proven 60 GB/s disk
performance No cost to transfer
data
HADOOP, RICH MEDIA, LOGS, ENTERPRISE APPLICATIONS, DATABASES, ANALYTICS, OLTP, HPC,
BACKUP, ARCHIVE GPU, CONTAINERS, APPLICATION LIFECYCLE CONTAINERS, KUBERNETES
Bare metal
Dense IO
Block Volumes 51 TB
Network NVMe SSD block NVMe SSD
storage 5M IOPS
File Storage Up to 32 TB volumes Performance SLA
Network NVMe SSD Up to 1 PB/host
file storage Up to 75 IOPs, 480MB/s
Object & Archive 150 MB/s per TB per volume
Storage Scales to exabytes Snapshots, scheduled
Limitless capacity NFS, NLM, backups, clones,
Native & S3 APIs, HDFS, snapshots, encryption grouped clones,
encryption, WORM encryption, online
performance &
VM Dense IO
10TB max object size 6.4-25.6 TB
capacity scaling
Data Transfer Storage Performance SLA NVMe SSD
1.8M IOPS
Service Gateway Performance SLA
HDD or 150TB NFS, at rest and
appliance, inflight encryption,
encryption configurable cache
Feature of the OCI Block Volume service allows you to dynamically change the volume performance, along with
enabling you to pay for the performance characteristics you require independently from the size of your block
volumes and boot volumes.
This feature includes the concept of volume performance units (VPUs). You can purchase more VPUs to allocate
more resources to a volume, increasing IOPS/GB and throughput per GB.
Throughput Max Throughput
Performance Level Usage VPU IOPS/GB Max IOPS/Volume 8KB Block MB/s Volume/GB
Lower Cost Intensive workloads with large sequential I/O N/A 2 3.000 24 480
Balanced
High Performance
Networking
High fidelity virtual Service Gateway DNS
networks and
connectivity Private access without <30ms response time
traversing internet Global load balancing
Full range of IaaS/PaaS Traffic management
services covered Network health checks
Frontend, 10.0.1.0/24
Source Dest
Type CIDR Protocol
Port Port
Stateful Ingress 0.0.0.0/0 TCP All 80
Stateful Egress NSG-B TCP All 1521
NSG-A RT - Frontend
Internet
New features:
▪ Private Endpoints: Securely connect
locked-down OCI resources to public
endpoints
Granular network security lists that can be applied to individual NIC and Subnets
X X
For high performance workloads (HPC, Database, Big Data, AI) including the hardest product
development workloads like CFD, Crash Simulations, Reservoir Modelling, DNA Sequencing
https://cloud.oracle.com/fastconnect/faq#billing
Oracle Cloud Infrastructure
User Interfaces
Web Interface
Mobile
Command Line
Infra as Code
Oracle Cloud Infrastructure Cloud (OCI) Shell
2
3
Oracle Cloud Infrastructure – Resource Manager
Resource Manager is a service from Oracle Cloud Infrastructure that automates interactions
between OCI and Hashicorp’s Terraform.
Terraform
Provisioning and Automation
External
Web Client
Internet
Gateway
Av. Domain 1 Av. Domain 2 Availability Domain 3 Provisioned Resources
Service • 1 VCN
Gateway
VM-OracleLinux-
VM-OracleLinux-AD3
• 2 Regional Subnets
AD2
• 1 Internet Gateway
• 1 NAT Gateway
• 1 Service Gateway
VM-Windows2016-AD1
Block Storage • 4 Security Rules
(50 Gb) Public Subnet • 1 Route Table
• 2 Compute Instances (with Key)
• 2 Block Volumes
• 2 Storage Attachments
Private Subnet • 1 Public Load Balancer
• 2 Apache Installations
File Storage
Service
Time Provisioning : 00:05:40
Compartment
Infrastructure as Code (IaaC)
Drift Detection
Edge
▪ Security Lists ▪ SSL/TLS
▪ 3rd Party Security ▪ SSH Keys ▪ NNE
▪ Private Networks ▪ Certificates
▪ FW
Services
▪ Bastion Access ▪ Keys
• Global PoPs ▪ NGFW ▪ Root-Of-Trust Card ▪ Managed Keys
• DDoS Protection ▪ SSL Load Balancing ▪ Signed Firmware
▪ IPS ▪ FastConnect (Direct) ▪ Custom Keys
• DNS Security ▪ Oracle Management Cloud ▪ Hardware Security ▪ Managed Vault
• WAF Protection ▪ FastConnect (Carrier) Modules
(OMC) ▪ IPSec VPN ▪ Data Safe Console
▪ Cloud Access Security Broker
(CASB)
▪ Logging Service
▪ Compliance
Internet
Identity
▪ Identity Federation
▪ Role-Based Policy
▪ Compartments & Tagging
▪ Instance Principals
Authoritative
OCI IAM DNS
with
CASB Internet
Subnet Service Intelligence
FastConnect OCI Region Level
w/ IPSec option Virtual
Virtual Cloud Network
Firewalls
AD1
IGW
AD2
IPSec VPN WAF with Automated,
Proactive DDoS
AD3 Threat Protection
Detection
▪ vFirewalls – access control in/out
▪ Distributed Denial of Service (DDoS) – network layer attack protection
▪ Web Application firewall (WAF) – application layer attack protection
▪ Cloud Access Security Broker (CASB) – visibility, compliance, control drift alerting
▪ Virtual Private Network (VPN) – protection/encryption in transit over Internet & private links
▪ Domain Name Service (DNS) – managed DNS from Oracle for OCI customers
▪ Identity & Access Management (IAM) – control who can access and manage OCI resources
Container (Optional)
Hypervisor
VM/
VM/ VM/ VM/
VM/ VM/ VM/ VM/
Guest
Guest Guest Guest
Guest Guest Guest Guest
OS
OS OS OS
OS OS OS OS
VM/
VM/ VM/ VM/ VM/
VM/ VM/ VM/
Guest VM/
VM/ VM/ VM/
VM/ VM/ VM/ VM/
Guest Guest Guest Guest
Guest Guest Guest
OS Guest
Guest Guest Guest
Guest Guest Guest Guest
OS OS OS OS
OS OS OS
OS
OS OS OS
OS OS OS OS
VM/
VM/ VM/
VM/ VM/
VM/ VM/
VM/ VM/ VM/
VM/
Guest
Guest Guest
Guest Guest
Guest Guest
Guest Guest Guest
Guest
OS
OS OS
OS OS
OS OS
OS OS OS
OS
▪ Oracle Linux includes Ksplice, the only technology in the industry that patches kernel
and user space programs with zero downtime.
▪ OS Management Service automatically manages inventory of all vulnerabilities
and all running instances.
▪ OS Management Service automatically patches your hosts and keeps you always secure.
▪ Always on Security. 100% automated.
DoD DISA SRG IL2 Moderate – Agency ATO VPAT – Section 508 G-Cloud 11 - UK Model Clauses - EU
Industry
Level 1
HIPAA PCI DSS FISC - Japan IG Toolkit - UK
Regional
C5
GDPR - EU BSI C5 - Germany TISAX - Germany PIPEDA - Canada Cyber Essentials My Number - Cloud Security
Plus - UK Japan Principles - UK
Compartment
Time Range
OCI Monitoring Console – Metrics Explore
Deep dive on one metric, or correlate several metrics
Metrics Query
Language (MQL)
CPU Utilization
Create an Alarm
on this Query
https://www.oracle.com/cloud/economics/
300000
250000
Oracle Bare Metal
200000
All-flash array
150000 AWS i3.metal
100000
50000
www.storagereview.com/oracle_cloud_infrastructure_compute_bare_metal_instances_review
www.storagereview.com/amazon_ec2_i3metal_review
https://www.storagereview.com/dell_emc_unity_450f_allflash_storage_review
https://www.oracle.com/cloud/cost-estimator.html
Consumption Choices
VM
On-prem Compute
NSX Overlay
(Customer Logical Segments)
OCI Compute
Service Gateway ADW / ATP
Extend your Data Center footprint to the Enhance your Business Continuity strategy,
cloud, using VMware on one of the by creating a Disaster Recovery environment
growing list of Oracle Cloud for VMware on OCI
Infrastructure regions.
+
Datacenter On-demand
Migration Capacity
With the same level of security/isolation High expertise, experience, and automation in
as on-premises infrastructure delivering new commercial regions
• Running in customer’s Data Center (DC)
• Dedicated to their organization
• Meeting all their security requirements
Self-Driving
• User defines service levels, database makes them happen
Self-Securing
• Protection from both external attacks and malicious internal users
Self-Repairing
• Automated protection from all downtime
Autonomous
Database
58
Ingredients of an Autonomous Database
Columnar Format
Autonomous Data Row Format
Autonomous
Warehouse Transaction Processing
Creates Data Summaries Creates Indexes
60
Agenda
= Lowest Cost
*Oracle DenseIO bare metal has 44% more cores and 3.4X local SSD capacity vs AWS i3.metal
62
Oracle Cloud Ecosystem
Certified Oracle and partner solutions ready to deploy at a click
E-Business Suite
GoldenGate
JD Edwards
PeopleSoft
Siebel
WebLogic
✓ Microsoft Azure and Oracle Cloud are interconnected today, so you can migrate and run
mission-critical enterprise workloads across clouds
✓ Unified identity and access management via single sign-on with automated user
provisioning to easily manage resources across clouds
✓ Collaborative support of custom and Oracle Applications on Azure with Oracle Database on
Oracle Cloud – connect best-in-class services across clouds
65
Agenda