========================================== Oracle Cloud Infrastructure Training plan: ========================================== Overview: ========= I've been wrestling with oracle university for 2 weeks trying to get access to no avail so I'm worked out my own training plan. Results below. Pre-reqs: ========= * Regularly monitor your costs via the OCI Console, ensuring you stay within free-tier limits. * Use budget alerts in OCI to notify you if you're approaching any usage that might result in charges. * Focus on low-cost regions when setting up resources, as pricing may vary between regions. * Configure cli access. Not a pre-preq to learn; but, I like to do most tasks via cli, so it's a pre-req for me. 1. OCI Architecture and Global Infrastructure: ============================================== Knowledge Targets: ------------------ * Understand the physical and logical infrastructure of Oracle Cloud. * Learn about OCI Regions and Availability Domains. * Familiarize yourself with the concepts of Fault Domains. * Understand how OCI’s architecture supports high availability, fault tolerance, and disaster recovery. Documentation Link: ------------------- * [OCI Global Infrastructure](https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm) * [Fault Domains](https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm#fault) Exercise: --------- * Explore and document OCI architecture concepts: * Log in to the OCI Console and navigate to the global infrastructure section to view available regions and Availability Domains. * Research and identify which regions support the free-tier and what services are available in each region. * Document the concepts of Availability Domains, Fault Domains, and how OCI ensures high availability and disaster recovery. * Optional Hands-On:While you don't need to set up infrastructure just yet, explore the "Create VCN" or "Create Compute" wizards to familiarize yourself with how regions and Availability Domains are selected during resource setup. Cancel before provisioning any resources to avoid creating anything prematurely. Goal: ----- * By the end of this exercise, you should be able to clearly explain the structure of OCI's global infrastructure, including regions, Availability Domains, and Fault Domains, without needing to dive into resource provisioning yet. Cost Consideration: ------------------- * Use free-tier compute instances and the free-tier resources for VCNs and subnets. 2. Networking Services: ======================= Knowledge Targets: ------------------ * Understand the components of Virtual Cloud Networks (VCN), including subnets, gateways, and route tables. * Learn about public and private subnets, and how to set up secure communication between OCI resources. * Explore VCN Peering, Network Load Balancer, and FastConnect. * Master concepts like Network Security Groups (NSGs) and security lists. Documentation Link: ------------------- * [Networking Overview](https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networkoverview.htm) * [VCN Creation Guide](https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingVCNs.htm) Exercise: --------- * Create a VCN and configure networking using free-tier: * Create a VCN with both public and private subnets. * Set up an Internet Gateway and a NAT Gateway (NAT may incur a minimal cost, so use the smallest VCN setup possible to minimize charges). * Configure a basic security list to control traffic between the public and private subnets. * Test traffic flow by creating a free-tier compute instance in the public subnet and another in the private subnet, ensuring connectivity between them. Cost Consideration: ------------------- * VCN, subnets, and security lists are part of the free tier, but NAT Gateway may have minimal costs depending on usage. Limit external traffic to avoid unnecessary charges. 3. Identity and Access Management (IAM): ======================================== Knowledge Targets: ------------------ * Master OCI’s IAM components: Users, Groups, Policies, and Compartments. * Learn to design secure policies for least privilege access. * Understand Federation, Tenancy, and Multi-factor Authentication (MFA). * Learn how to set up and manage roles, security zones, and dynamic groups. Documentation Link: ------------------- * [IAM Overview](https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm) * [Managing Users and Groups](https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managingusers.htm) * [Creating Policies](https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managingpolicies.htm) Exercise: --------- * Set up IAM using free-tier: * Create multiple compartments within your free-tier tenancy. * Set up two groups: "Admins" and "Developers." * Define basic policies (e.g., give Admins full access to all compartments and Developers read access to a specific compartment). * Implement Multi-Factor Authentication (MFA) for at least one user. Cost Consideration: ------------------- * IAM configuration is included in the free tier. 4. Compute Services: ==================== Knowledge Targets: ------------------ * Learn about Compute shapes (VMs and Bare Metal). * Understand autoscaling, preemptible instances, and custom images. * Know how to use OCI’s console, SDK, and CLI to manage compute resources. * Explore the usage of Boot Volumes and Instance configurations. Documentation Link: ------------------- * [Compute Overview](https://docs.oracle.com/en-us/iaas/Content/Compute/Concepts/computeoverview.htm) * [Managing Instances](https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/managinginstances.htm) Exercise: --------- * Launch and manage free-tier compute instances: * Deploy two free-tier instances using Ampere A1 or VM.Standard.E2.1.Micro shapes. * Resize an instance by changing from one free-tier shape to another (if possible within free-tier limits). * Create a custom image from one of your instances and launch a new instance using that image. * Test and document basic auto-scaling by simulating resource demand (although full auto-scaling may not be available in the free tier, simulating resource demand through basic traffic is possible). Cost Consideration: ------------------- * Stay within free-tier limits by using Ampere A1 or VM.Standard.E2.1.Micro instances. 5. Storage Services: ==================== Knowledge Targets: ------------------ * Understand Block Volumes, Object Storage, and File Storage. * Learn about data durability, lifecycle policies, and encryption for stored data. * Explore using Block Volumes with compute instances and how to manage storage tiers. * Understand how Object Storage can be used for unstructured data, archival, and backups. Documentation Link: ------------------- * [Block Volume Overview](https://docs.oracle.com/en-us/iaas/Content/Block/Concepts/overview.htm) * [Object Storage Overview](https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/objectstorageoverview.htm) Exercise: --------- * Demonstrate use of free-tier storage: * Create a Block Volume using free-tier resources and attach it to a free-tier compute instance. * Set up an Object Storage bucket and upload some objects (up to the free-tier limit of 10 GB). * Set a lifecycle policy for Object Storage to move older files to the Archive tier (the Archive tier offers low-cost storage but may incur costs when accessing data). * Create a File Storage system (File Storage is not in the free tier, so you may need to explore this in a minimal-cost environment). Cost Consideration: ------------------- * Use free-tier Block Volumes (up to 200 GB) and Object Storage (up to 10 GB). Be mindful of File Storage usage, as it is not covered under the free tier. 6. Security, Monitoring, and Observability: =========================================== Knowledge Targets: ------------------ * Understand OCI security mechanisms, including Key Management, Vault, and Security Zones. * Explore Monitoring services for tracking resource metrics. * Learn about OCI Logging, Events, and Alarms to set up automated monitoring. * Understand how to integrate Oracle Cloud Guard and use it for continuous monitoring and remediation. Documentation Link: ------------------- * [Security Overview](https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htm) * [Monitoring Overview](https://docs.oracle.com/en-us/iaas/Content/Monitoring/Concepts/monitoringoverview.htm) * [Logging Overview](https://docs.oracle.com/en-us/iaas/Content/Logging/Concepts/loggingoverview.htm) Exercise: --------- * Implement free-tier monitoring and security: * Use the free-tier Monitoring service to track resource metrics such as CPU usage and network traffic. * Set up a log group using OCI Logging (part of the free tier) and configure logs for a free-tier compute instance. * Create an Event Rule that triggers when a new object is uploaded to Object Storage. * Set up a Vault and create a key for encrypting Object Storage data. Cost Consideration: ------------------- * Monitoring and logging are available under the free tier, but be mindful of the number of events and log entries to avoid over-usage. ### 7. Load Balancing, DNS, and Traffic Management Knowledge Targets: ------------------ * Understand how OCI Load Balancers work, both public and private. * Learn how DNS Zones and records work in OCI. * Explore Traffic Management steering policies for geo-based routing, failover, and load distribution. * Understand the integration of load balancing with compute and network services. Documentation Link: ------------------- * [Load Balancer Overview](https://docs.oracle.com/en-us/iaas/Content/Balance/Concepts/balanceoverview.htm) * [DNS Overview](https://docs.oracle.com/en-us/iaas/Content/DNS/Concepts/dnszonemanagement.htm) Exercise: --------- * Use low-cost Load Balancer options: * Create two free-tier compute instances and configure a Load Balancer (although the Load Balancer may not be free, use the smallest available option to minimize costs). * Set up DNS records using the free-tier DNS management system. * Test failover by shutting down one compute instance and observing traffic routing through the Load Balancer. Cost Consideration: ------------------- * OCI Load Balancers are not part of the free tier, so choose the smallest available instance to minimize costs. DNS services are free-tier eligible. 8. Database Services: ===================== Knowledge Targets: ------------------ * Learn about different OCI database services: Autonomous Databases (ADB), Oracle Database Cloud Services, and Exadata. * Explore different deployment models: Virtual Machine, Bare Metal, and Autonomous. * Understand key concepts like backup, restore, patching, and scaling. * Learn about Database security features and best practices. Documentation Link: ------------------- * [Database Service Overview](https://docs.oracle.com/en-us/iaas/Content/Database/Concepts/databaseoverview.htm) * [Autonomous Database Overview](https://docs.oracle.com/en-us/iaas/Content/Database/Concepts/adboverview.htm) Exercise: --------- * Deploy and manage an Autonomous Database using free-tier: * Launch an Autonomous Database using the free-tier Autonomous Database offering (up to 20 GB of storage). * Create a backup of the database using the automatic backup feature. * Scale the Autonomous Database vertically by adjusting the OCPU count (within free-tier limits). * Test basic high availability by shutting down the Autonomous Database and reviewing the failover and recovery process. Cost Consideration: ------------------- * Autonomous Database is available in the free tier, including up to 20 GB of data storage. 9. Cloud-native Services (Kubernetes, Functions, API Gateway): ============================================================== Knowledge Targets: ------------------ * Learn how to deploy containerized applications using OCI’s Kubernetes service (OKE). * Understand OCI Functions for serverless workloads. * Explore API Gateway for exposing microservices, scaling APIs, and managing API security. * Learn about service mesh and DevOps integration. Documentation Link: ------------------- * [Kubernetes (OKE) Overview](https://docs.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengoverview.htm) * [Functions Overview](https://docs.oracle.com/en-us/iaas/Content/Functions/Concepts/functionsoverview.htm) * [API Gateway Overview](https://docs.oracle.com/en-us/iaas/Content/APIGateway/Concepts/apigatewayoverview.htm) Exercise: --------- * Deploy a basic cloud-native app using free-tier OCI services: * Set up a Kubernetes cluster using Oracle Kubernetes Engine (OKE). Ensure that you use the smallest cluster configuration within free-tier limits. * Deploy a simple containerized application on OKE using a free-tier compute instance as the worker node. * Use OCI Functions to create a basic serverless function triggered by an event (such as an Object Storage upload). * Configure a basic API Gateway for routing API requests to your function. Cost Consideration: ------------------- * Oracle Kubernetes Engine (OKE) is free, but costs may arise from running worker nodes (use free-tier instances for worker nodes). API Gateway and Functions have usage-based pricing, so limit usage to avoid unnecessary costs. 10. Hands-on Practice and Exploration: ====================================== Knowledge Targets: ------------------- * Gain experience by experimenting with launching and managing OCI resources. * Set up small-scale projects to understand service integration. * Explore automation with OCI CLI, SDK, and Terraform. * Regularly review use cases, best practices, and participate in LiveLabs. Documentation Link: ------------------- * [LiveLabs OCI Learning](https://apexapps.oracle.com/pls/apex/r/dbpm/livelabs/run?page=16&lab=5525&native=yes) Exercise: --------- * Create a small-scale project using free-tier resources: * Deploy a small web application that utilizes multiple OCI services (compute, storage, networking, and monitoring). * Automate the deployment using OCI CLI, SDK, or Terraform (all available in the free tier). * Document the project, showing how the various services interact, and focus on staying within free-tier limits. Cost Consideration: ------------------- * Use free-tier compute, storage, and networking resources. Limit the scope of the project to ensure all services remain within the free-tier usage limits. Summary of Phase 1 Links: ========================= * [OCI Global Infrastructure](https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm) * [IAM Overview](https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/overview.htm) * [Compute Overview](https://docs.oracle.com/en-us/iaas/Content/Compute/Concepts/computeoverview.htm) * [Networking Overview](https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networkoverview.htm) * [Block Volume Overview](https://docs.oracle.com/en-us/iaas/Content/Block/Concepts/overview.htm) * [Database Service Overview](https://docs.oracle.com/en-us/iaas/Content/Database/Concepts/databaseoverview.htm) * [Load Balancer Overview](https://docs.oracle.com/en-us/iaas/Content/Balance/Concepts/balanceoverview.htm) * [Security Overview](https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htm) * [Kubernetes (OKE) Overview](https://docs.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengoverview.htm) * [LiveLabs OCI Learning](https://apexapps.oracle.com/pls/apex/r/dbpm/livelabs/run?page=16&lab=5525&native=yes)