This is more generic post rather than technical. I usually get lot of questions in early phase on how we are going to place compute instances in different Availability Domains (AD’s) for high availability purposes. But first, what is an Availability Domain? Region can consist of one or more Availability Domains which are physically separated,…
OCI CLI scripting fun – bulk deleting Vault secrets
Probably this post as such isn’t useful to many, but I figured since it contains some OCI CLI scripting it might serve as an idea to something else for someone. Recently I got a bunch of OCI Vault keys which had to be loaded to OCI Vault. What happened is of course the load didn’t…
OCI DBCS Clone from backup fails when Database Vault is enabled
Recently I was creating a DBCS database clone but the creation failed, luckily we could find out the node IPs through support and from the dcs-agent-debug.log we could see following statement failing: When looking this script what it tries to do is set the default password limits for DEFAULT profile. While trying it out on…
OCI Private DNS part 2 – DNS forwarders and listeners
This is the second part of my OCI Private DNS posts. You can read the first part from here. In this post I will extend my configuration to have two VCN’s which will be connected via Local Peering Gateways together. Other VCN will have Private Zone for thatfinnishguy.com and the other VCN for somethingelse.com. Both…
OCI Private DNS part 1 – Configuration
I’ve wanted to write something about this topic for quite a while and finally OCI has released it’s first step of Private DNS capabilities! Why do I think this is a big thing? For example let’s say you need to have Hub & Spoke model with multiple VCNs, if you’ve wanted to resolve hostnames between…
OCI Linux and opening firewall ports with bootstrap
This is just a short post but something I was struggling to figure out. I wanted to open port 80 while starting up OCI Linux 7.8 instance and was using cloud-init portion what you have in the advanced section when creating a compute instance. Initially I had this in the bootstrap configuration: But no matter…
Setting up Custom Logs in OCI
With the recent announcement of Observability and Management platform I thought it’s good to try out how can we fetch logs from provisioned instances in OCI. In this post I’ll be making sure the instance I’m using has the Monitoring Agent required installed. Also I’ll make sure I have Log Group, Logs and Agent Configuration…
OCI list instances requiring maintenance from Cloud Shell
We had question to come up how to list OCI Compute instances which are requiring maintenance quickly and I found an excellent script from Radu Dobrinescu written in Python. But if I would like to run it quickly in cloud shell without any API keys or another instance which is using instance principles how would…
Use case for Network Security Groups in OCI
So a while back OCI got NSGs (Network Security Groups) but most what I still see with implementations is that people tend to use Security Lists. Remember Security Lists are applied on subnet level while NSGs are applied to VNICs. I recently got following dilemma on tenancy created a while back. Challenge All the subnets…
Create multiple compartments in Oracle Cloud Infrastructure with Terraform module
This time I wanted to show how simple it is to create multiple compartments with one module using Terraform 0.12. Compartments in OCI are way to separate your resources and control access on them, you can also move resources around from one compartment to another if needed. Remember one of the reasons one would like…