Update May 31st, 2021 – Seems like there was documentation bug so I’ve updated part about Agents. They are disabled by default so you need to enable them always if you want to use Bastion Service Managed session. I’ve always had slight dislike on requiring Bastion (Jump) server on any cloud which is self-managed. Sure,…
OCI Dynamic Routing Gateway Attachments Part 3 – Remote Peering Connections
Continuing use cases for new Dynamic Routing Gateway v2. This time I’ll look on Remote Peering Connections (RPC) and how that works together with DRG’s. Earlier posts on DRGv2 are here: Part1 & Part2 In short hardly anything changes, you obviously need VCN on some other Region which you want to connect to another VCN…
OCI Dynamic Routing Gateway Attachments Part 2 – Dynamic Route Import Distributions
On part 1 of the DRG version 2 we looked on basics and how you can control which VCN can be accessed and how, regardless if the source is through FastConnect, VPN Connect, VCN or Remote Peering Connection (another DRG). This time we’re gonna look on dynamic route import distributions. Since each VCN attachment can…
OCI Dynamic Routing Gateway Attachments Part 1 – Basics
As you might have seen, few weeks ago Oracle announced improved Dynamic Routing Gateway functionality which I was super excited about. Why? Previously when you’ve designed Transit Networking on OCI you’ve always had to use Hub & Spoke model for your traffic to flow from on-premises to Spoke VCN. Also, setting up connectivity between VCNs…
OCI Block Volume Replication Part 2 – Automation
On the part 1 we looked on how to create new block volume on another OCI Region using the new Block Volume Replication feature. While it was really straightforward, in a real Disaster Recovery situation you might want to automate the whole process. So let’s look on that! I plan on using Terraform and OCI…
OCI Block Volume Replication Part 1 – Basics
Let’s talk about new OCI Cross-Region Block Volume Replication! I wanted to test this feature out as it can provide much needed help when you need to build your Disaster Recovery environment on different Region. In earlier cases we’ve used rsync for this, one great advantage with this new feature is that it uses Oracle’s…
OCI Transit Networking DNS part 2 – Custom DNS options
We looked on setting up Oracle DNS on part 1, and how you could manage different DNS options with Private Views or DNS listeners & forwarders. In this post I’m gonna look on what options we might have with Custom DNS. Custom DNS is typically used when there’s a requirement to use already existing DNS…
OCI Transit Networking DNS part 1
First of all, big thanks for my colleagues Rob and Travis for giving me some good ideas on this post! I usually recommend Transit Networking for most of the implementations as it provides security and scalability for your OCI infrastructure. Transit networking means one of your VCN acts as a Hub and the other VCNs…
Get notified on unwanted network changes with OCI Cloud Guard
Oracle introduced Cloud Guard some time ago to OCI, in this post I’ll take a brief look what Cloud Guard is and how you can get notified on unwanted changes in your tenancy. As an example, I have a public VCN which is required for my project. I might have several admins managing the VCN…
OCI High Availability Designs with Availability Domains
This is more generic post rather than technical. I usually get lot of questions in early phase on how we are going to place compute instances in different Availability Domains (AD’s) for high availability purposes. But first, what is an Availability Domain? Region can consist of one or more Availability Domains which are physically separated,…