oracle,

Oracle Cloud Infrastructure Foundations

Follow · 4 mins read
Share this

Exam : Oracle Cloud Infrastructure Foundations 2020 Associate (1Z0-1085-20) 105 Minuts/60 Questions/ 68% to pass

Start OCI

Cloud Concepts

  • 21 Regions
  • AD - Availability Domains, isolated each other
  • within region 3 AD (some 2 or 1)
  • FD - Fault Domain (Logical Domain)

OCI Architecture

  • Compartment - logical collection of resources

Core OCI Services

OCI Computer Services

  • baremetal
  • Dedicated VM
  • VM
  • COntainer Enginer
  • Functions

OCI Storage Services

  • block volume
    • Highly Durable - 3 replicas
    • Tiers - can be upto 32 GB (and maximum 32 volumes/disks)
      • Basic
      • Balanced
      • High Performance
  • local NVMe - temp storage, non-persistent
    • high performance
  • File Storage - files
    • NFS and SMB
    • Highly durable
    • can take snapshot
  • Object Storage
    • all in root folder, no folder
    • unstrctured
    • hot
      • standard storage tier
    • cold
      • archive, backup
      • 10x cheaper than standard
      • 90 days retention minimum
      • 4 hr recovery/retrieve

OCI Network Services

  • VCN - Virtual Cloud Network
  • Internet Gateway - 2 way
  • NAT Gateway - only inwards
  • Public Subnet /DMZ
  • DRG - Virtual Router to connect On-Prem or Other destination
    • IPSec
    • Fast Connect
  • Service Gateway - to connect internal objects like Storage; connection via VCN
  • Firewall rules to restrict traffic (port/subnet)
    • Ingress
    • Egress
  • Network Security Group - NSG apply to VCN

VCN to VCN Comms

  • VCN Peering
    • Local VCN Peering - same regions
    • Remoet VCN Peering - different regions
    • Peering is not transit; need dedicated peering

Load Balancer

  • Service Discovery
  • Health Check
  • Algorithm

OCI IAM

Principals

IAM entity that allowed to interact with OCI resources.

  • IAM Users and Groups
  • Instance Principal - for instances, API, etc

Compartment

  • Collection of resources

Authentication

  • Who
  • OCI IAM service authenticate a Principal by
    • username, password
    • API Signing Key
    • Auth Tokens

Authorization

  • Specifies various actions an authenticated principal can do
  • OCI Authorization = policies
  • Written in Human-readable format
    • Allow group GROUP_NAME to VERB RESOURCE_TYPE in tenancy
      • verb - read, inspect, use, manage
      • resource type - all,database, instance,virtual network etc
  • Policy attachment - attach to compartment or tenancy

OCI Database Services

OCI DB Options

  • VM DB systems - DB running on VM
  • Bare Metal - on physical server
  • Oracle RAC - Cluster, HA
  • Exadata DB
  • Autonomous - share
  • Autonomous - dedicated
    • Self driving, Self securing, Self repairing

Operations

  • Start, stop, reboot
  • Scale - CPU, Storage
  • Patch - 2 steps process, DB first, then system.
    • Exadata and RAC - rolling patching

Backup/Restore

  • Manual or Auto
  • Retention period

DR Systems

  • Oracle Data Guard
  • Active Data Guard - extends data guard by providing advanced features for data protection and availability
  • Switchover - Planned migratons, no data losss
  • Failover - unplanned, minimal data loss

DB Systems HA and DR

  • primary and standby can be single instance or RAC

Autonomous DB

  • Autonomous Transation Process (ATP)
  • Autonomous Data Warehouse (ADW)

OCI Security

Shared Security Model

  • OCI manage infra
  • Customer manage VMs and Apps

Federation

Data Protection

  • Data encrypted at-rest
  • Data encrypted in-transit
  • Bring your own keys

on

  • block volume
  • file storage
  • object storage - pre-auth requests
  • database - transparent data encryption, data safe, data vault

Key Management

  • BYOK - Bring your own keys
  • HSM (hardware security modules)

  • data safe

OS Management Service

  • execute and automate common and complex management tasks
  • package management, config management
  • security and compliance

Network Protection

  • Tiered subnet strategy
    • DMZ
    • Public
    • Private
  • Gateways
    • NAT
    • Service
    • Dynamic Routing
  • Security List, NSG

OCI Web Application Firewall

Compliance Certifications

OCI Pricing and Billing

Pricing Models

  • Pay as you go (PAYG)
  • Monthly Flex
  • Bring your own lincense
oci

Latest Stories

How to attend Red Hat Remote Exam ? Every details you need to know

In August 2020, Red Hat announced the availability of Remote exams for students and the entire Learning community were so happy, yes we can attend Red Hat exams from our home or offic...

In redhat, Nov 09, 2020
How to Import Existing VMWare VM’s into Terraform

Terraform is an amazing tool for your infrastructure automation. Everything about your infrastructure can be write as code and maintain by team; means your infrastructure is transpare...

In terraform, Nov 04, 2020
Connecting Ansible Tower to Git Server with Self Signed Certificates

So many questioned me when I mention git server in an Ansible Tower environment; and later I realized that, most of them are keeping their projects inside Ansible Tower !!!

In Ansible, Oct 12, 2020
HashiCorp Certified Terraform Associate – Learning & Exam Tips

I started using Terraform somewhere in 2018, but very limited usage as I thought it is just another tool for provisioning infrastructure and other services – or a variant of Vagrant; ...

In terraform, Sep 18, 2020
How to Pass CKA & CKAD Exams ? 10 Tips for Kubernetes Exams

Here see the best tips for Kubernetes Exams - Certified Kubernetes Administrator (CKA) & Certified Kubernetes Application Developer (CKAD).

In kubernetes, Aug 15, 2020

Featured