OCI Notes

 Is your tenant generating unexpected costs for Logging Analytics? Here is a possible solution. In the metrics you can see that as time progresses the storage used by Logging Analytics only increases. The explanation is that you are only generating logs, without deleting the old ones. Here is how you can create a Logging Analytics log purging policy: Navigate to Logging Analytics / Administration / Storage Here you can create a policy like this, which will purge the logs with more than 1 month old (for example): Also you can delete manually the Logging Analytics logs clicking the following button:

 I recently had the pleasure of attending DOUG 24 in beautiful Copenhagen, Denmark.  The event was a true success, both in terms of content and organization. The team behind the event did an excellent job, ensuring everything flowed smoothly from start to finish, with engaging sessions that kept the audience captivated. The talks were divided into two tracks, one focused on DB and the other on Developer. Here’s a brief overview of these interesting sessions: The Future of Data, AI, and Application Development - Connor McDonald Connor kicked off the event with a deep dive into the latest innovations from Oracle, particularly around Oracle Database 23ai. His session showcased how Cloud, AI, and data processing are evolving, offering a glimpse into the future of application development and data management. IaC and Automation: Why You Must Change Your Pets for Cattles - Ruben Rodriguez and Carlos Delgado This session, in which I had the pleasure of presenting, was a compreh...

In some of the previous posts we have seen how to deploy some resources with Terraform. Terraform is an Infrastructure-as-Code (IaC) tool that allows to manage, version and maintain your infrastructure programmatically in OCI. But... What is Infrastructure as Code?   So, let's start with the concept of Infrastructure as Code (IaC). Infrastructure as Code, abbreviated as IaC, allows us to manage and provision infrastructure through code, rather than manual processes . This approach offers numerous advantages:   The first advantage is deployment automation . You won't need to manually prepare or manage operating systems, servers, storage, or any other components. Everything becomes automated.   Another benefit is the speed of implementation and deployment due to this automation.   It also reduces the risk of errors by utilizing templates for deployments and eliminating manual processes.   Lastly, using IaC ensures consistent environment crea...

  Today we are going to talk about security in OCI, indicating some Best Practices. As organizations increasingly adopt cloud technologies, ensuring robust security measures becomes paramount. Oracle Cloud Infrastructure (OCI) offers a comprehensive suite of tools and services to help secure your cloud environment. Here are some best practices to enhance your security posture on OCI. Identity and Access Management (IAM) One of the foundational elements of OCI security is Identity and Access Management (IAM). IAM allows you to control who has access to your cloud resources and what actions they can perform. Best practices include: Principle of Least Privilege: Grant users the minimum level of access necessary for their roles. Avoid assigning broad privileges like Administrator or Root unless absolutely required. Use Groups and Policies: Create groups for users with similar roles and assign policies to these groups rather than to individual users. This simplifies management and e...

  A few days ago, in the previous post, we saw how to create a VCN. Today we are going to see how to create a subnet. A subnet is nothing more or less than a division of the VCN. A subnet can be contained in a single AD or be common to the entire region (recommended option). To deploy a DB or a compute instance, it is necessary to have previously created a subnet, to place it there and to take an IP within its range. It is also important to note that within the same VCN, the IP ranges of the subnets cannot overlap. A subnet can be public if you want to present the resources to the Internet or private if you do not. To access these resources, resources such as bastions, VPNs or Fastconnect must be used. In later posts we will go into more detail about all of these pieces in more detail. As usual, we are going to look at different ways of creating a VCN in OCI: Manually from OCI Console Access a previously created VCN, in which we want to deploy the subnet. In the subn...

In the previous post we saw how to create a Compute Instance in OCI. To do this it was necessary to place it on a network segment, so in today's post we are going to go into the networking part of OCI. Networking is a very broad topic, with a lot of associated resources. Today we will start with the most basic and important one, as it will contain the rest of the networking resources, Virtual Cloud Network (or VCN). A Virtual Cloud Network is a software-defined private network. You have access to the VCN but not to the hardware, as it is all software.  A VCN allows resources to communicate securely with the Internet, other instances or on-premise data centers. It resides in a single region and can have up to 5 CIDR Blocks (it is recommended to use the private IP ranges specified in RFC 1918 (10.0.0.0.0/8, 172.16/12 and 192.168/16). In OCI the supported size is from /16 to /30. As the netmask gets larger, the network size gets smaller. We stop at /30 (4 addresses) because a VCN rese...