How to use Terraform and OCI – lesson 9

I hope you have noticed that huge news at OCI Release Notes. In February 2020 OCI global footprint has grown significantly with three new regions (Amsterdam in the Netherlands, Jeddah in Saudi Arabia and Melbourne in Australia). I am located in Europe so immediately I have requested the subscription of Amsterdam DC. So now in my tenancy, I have Frankfurt and Amsterdam regions ready to be utilized. Given this fact, it was obvious for me, I can try to set up some extension to my previous lesson, lesson 8. I could convert local VCN peering in the same region into a remote VCN peering configuration. In this new setup, my BackendServer, with all necessary cloud infrastructure, would be deployed in Amsterdam. And I have done it. So now we have brand new lesson 9 for which code is available here. There is also video, ready for you, ready to be watched! 🙂 As always I am asking kindly for subscribing to our YouTube channel. Believe me, I am planning to record more and more stuff and publish it here in a form of blog post and video blog on YT 🙂

Bon Appetit,

Martin, The Cook.

OCI File Storage Service + Network Security Groups (NSG) with Terraform

What is the topic for today? Network security of your OCI cloud infrastructure! Honestly speaking always an important topic, right? The basics of Network Security Groups (NSG), for the first time I have described in this blog post. Recently I have found in OCI Release Notes, that OCI File Storage Services supports now NSG. Immediately I have checked Terraform OCI Provider, just to confirm my favorite automation runtime also supports it. And guess what? Terraform OCI Provider in version 3.55.0 fully covers this feature. That is really amazing! Just one week later, after OCI release, Terraform Provider codebase has been updated! That is why I have decided to test it and add this stuff to my Terraform+OCI tutorial as a lesson 5a. I hope you will find it interesting! If it is true I really encourage you to subscribe to our YouTube Channel 🙂 One more thing – File Storage Service UDP and TCP ports for NSGs and Security Lists have been documented here.

Bon Appetit,

Martin, The Cook.

OCI NSGs – an add-on to Terraform+OCI course

Yes, OCI is changing very quickly! 🙂 Everyone, who follows OCI release notes, knows that. Oracle Cloud Gen2 is updated with new features even a couple of times every single month.  It shouldn’t surprise you. That is how the modern cloud world works now. 🙂 In my Terraform+OCI short course, I was using security lists, but last summer in July 2019, in OCI new security feature, has been released – it has been called Network Security Groups (NSG). This new feature seems to be very popular in other cloud vendors configuration, so frankly speaking, it was rather obvious for me that OCI should embrace NSG, sooner or later. And now it is there in OCI and NSG concept is supported by Terraform OCI Provider (version >= 3.33.0) as well. NSG concept is more advanced and more elastic then Security Lists, mostly because it can be implemented on the VNIC level. It means you can still use Security List on the subnet level and then create some specific NSG for particular machines nested in this subnet. Security Lists and Network Security Groups work together as an union, is that right? 🙂 I guess you should check it up as fast as possible. 🙂 Here is a brand new video I have recorded for you. 🙂

Bon Appetit,

Martin, The Cook.

NewStuff series – dynamic VM shape resize in OCI with Terraform

I am trying to follow constantly updated release notes of OCI. Nearly every single day we have something new there, so sometimes it really hard to follow all of the news there. To read some theory is great, but test it is even greater… and harder, to be honest. So I was thinking it would be great to have a chance to watch this kind of testing on YouTube, especially with Terraform OCI Provider usage. To be sure Provider has been updated and it follows OCI’s Rest API changes. And you know what? I haven’t found such videos on YT! So…? So I have decided to record my own one. Pretty short in form. Just 3-5 minutes long. And here is the first one. It is about a new compute instance feature – dynamic VM shape resize. No more compute instance migration, no more compute instance re-provisioning. Just a couple of minutes to restart. And that is all! This elasticity is great!

Bon Appetit,

Martin, The Cook.

How to create shared block volume in OCI with Terraform

Yeah! That is the feature which I really like. Shared block volume attached to more than one compute instances. This feature has been announced in OCI in the middle of December 2019. One month later I have decided to test it with Terraform. I was hoping it would work not only in the OCI Console but also with my favorite automation runtime. So I have written this simple repo in GitHub. Worth to add I am not finishing the code at the moment of attachment between compute instances and volume block resource. I am including Terraform files that execute null_resources which are building OCFS2 on top of the volume which is visible as a device via iSCSI protocol. Most of the knowledge of how to do it have incorporated from this blog post. I think you can find my dish tasty and you can somehow reutilize this code in the future 🙂

Bon Appetit,

Martin, The Cook.

Building community …

I guess everybody knows it is important, but it is really difficult to start. I mean to share knowledge, then receive feedback from the followers, and ultimately stay there blogging with further efforts long term. That is the way to build a community and it is for sure hard. My idea was simple… to build the geeks community focused on Infrastructure as Code (IaC) paradigm. During the last few days, I have received a lot of positive feedback about my course and generally about this site. So it looks like my idea is valid and relevant. Now I am thinking about the future. And I am sure about one important thing. Writing alone, being a singleton, will not work efficiently. So what? So I am looking for the others, ready to join and collab here. For all IaC fans ready to join this site I have stickers! :-))) … If interested somehow, please drop me an e-mail at martin.linxfeld@foggykitchen.com. 🙂

Martin, The Cook.