OCI Cloud Shell

oci_cloud_shell_buttonThis button on the top right corner I have noticed some time ago in my internal tenancies. At that time this feature was in a Limited Availability (LA) period, but today it has been published in General Availability (GA). More details about it you can read here. What are we talking about? About OCI Cloud Shell! 🙂 I am sure it will be a powerful feature for many of you. There is no need to set up VM  to run OCI CLI commands and many more such as git, java, python, SQLPlus, kubectl, helm, maven, grade, terraform. How to access OCI Cloud Shell? You have to just click on this button and then at the bottom of your OCI Console in just a few seconds in the black popup window fully operational shell-based environment will be visible. Immediately your commands can be executed there. And of course, you are pre-authenticated to your tenancy. Nothing more to configure, just work with the cloud resources. Below you can find a quick video about how to use it for VCN creation and then deletion. Then quick ride with terraform plan and apply for the first lesson from my Terraform+OCI tutorial. Nothing big in a sense of recording, just a bit of new taste 🙂

Bon Appetit,

Martin, The Cook.

 

How to use Terraform and OCI – lesson 9

I hope you have noticed that huge news at OCI Release Notes. In February 2020 OCI global footprint has grown significantly with three new regions (Amsterdam in the Netherlands, Jeddah in Saudi Arabia and Melbourne in Australia). I am located in Europe so immediately I have requested the subscription of Amsterdam DC. So now in my tenancy, I have Frankfurt and Amsterdam regions ready to be utilized. Given this fact, it was obvious for me, I can try to set up some extension to my previous lesson, lesson 8. I could convert local VCN peering in the same region into a remote VCN peering configuration. In this new setup, my BackendServer, with all necessary cloud infrastructure, would be deployed in Amsterdam. And I have done it. So now we have brand new lesson 9 for which code is available here. There is also video, ready for you, ready to be watched! 🙂 As always I am asking kindly for subscribing to our YouTube channel. Believe me, I am planning to record more and more stuff and publish it here in a form of blog post and video blog on YT 🙂

Bon Appetit,

Martin, The Cook.

OCI File Storage Service + Network Security Groups (NSG) with Terraform

What is the topic for today? Network security of your OCI cloud infrastructure! Honestly speaking always an important topic, right? The basics of Network Security Groups (NSG), for the first time I have described in this blog post. Recently I have found in OCI Release Notes, that OCI File Storage Services supports now NSG. Immediately I have checked Terraform OCI Provider, just to confirm my favorite automation runtime also supports it. And guess what? Terraform OCI Provider in version 3.55.0 fully covers this feature. That is really amazing! Just one week later, after OCI release, Terraform Provider codebase has been updated! That is why I have decided to test it and add this stuff to my Terraform+OCI tutorial as a lesson 5a. I hope you will find it interesting! If it is true I really encourage you to subscribe to our YouTube Channel 🙂 One more thing – File Storage Service UDP and TCP ports for NSGs and Security Lists have been documented here.

Bon Appetit,

Martin, The Cook.

How to Create API Gateway in OCI using Terraform

In microservices-based applications, business logic is spread across multiple services. Different clients like mobile and web browsers interact with these services. Such interactions might require protocol conversion, handling network latency, protecting from malicious traffic, etc. To handle such scenarios, complex distributed applications like Netflix use API Gateway to optimize the API interaction and improve the performance of the system.

In this video, we will discuss more about Oracle Cloud Infrastructure API Gateway in detail and how to create it using Terraform available in this Github module.

 

A good recipe for OCI OKE

A few weeks back I have read that OCI OKE will now support Kubernetes 1.14.8. That is really great news and I have decided to refresh my GitHub repo, which I had created some time ago. It was also a perfect opportunity to record a small how-to vlog, just for you! 🙂 Kubernetes is a huge topic and for sure it is worth to invest time to explore this platform. Many of us believe containers are the future of IT despite the fact … that many think differently, so to speak, in the completely opposite directions. One extreme wing of believers believes in old good virtual machines when the others use to call VMs “just a legacy”, showcasing a bright future based on Functions as Service. Frankly speaking, I am not sure about any direction as the best one for everything. I am rational and I don’t want to be kinda “believer-guy”. Ok, maybe I will put it another way … I believe in a diverse world. During the last HashiConf 2019, Armon Dadgar in his keynote has called that “Multi-Everything“. In this diverse world, legacy stuff will coexist with many brand new cutting edge technologies. Kubernetes for sure lays somewhere in this broad landscape. In OCI for sure, it is and it will be one of the fundamental elements for current and future IT deployments. What do you think about it? Please, share your thoughts on that topic below if you think it is interesting. I am really open to discussion. Really, I am very curious… But meanwhile, I am encouraging you to watch my how2 video below 🙂 And one thing more! Many thanks for the honest feedback about this blog website and your subscription to our YouTube channel.

Bon Appetit!

Martin, The Cook.

How to create Web Application Firewall in OCI with Terraform

Security is the primary concern for every enterprise today, as traditional firewalls monitoring ports are not sufficient to keep up the pace with the advanced hackers. To protect from intelligent and malicious threats, we need modern and advanced tools to protect web applications. In this video, we will explore Oracle cloud infrastructure’s Web Application Firewall (WAF), how it can protect the web applications from Cross-Site Scripting(XSS), SQL injection and other OWASP-defined vulnerabilities. Then, we will see how WAF can be created using Terraform scripts available from the Github.

Terraform Module: https://github.com/terraform-providers/terraform-provider-oci/tree/master/examples/waas

 

OCI NSGs – an add-on to Terraform+OCI course

Yes, OCI is changing very quickly! 🙂 Everyone, who follows OCI release notes, knows that. Oracle Cloud Gen2 is updated with new features even a couple of times every single month.  It shouldn’t surprise you. That is how the modern cloud world works now. 🙂 In my Terraform+OCI short course, I was using security lists, but last summer in July 2019, in OCI new security feature, has been released – it has been called Network Security Groups (NSG). This new feature seems to be very popular in other cloud vendors configuration, so frankly speaking, it was rather obvious for me that OCI should embrace NSG, sooner or later. And now it is there in OCI and NSG concept is supported by Terraform OCI Provider (version >= 3.33.0) as well. NSG concept is more advanced and more elastic then Security Lists, mostly because it can be implemented on the VNIC level. It means you can still use Security List on the subnet level and then create some specific NSG for particular machines nested in this subnet. Security Lists and Network Security Groups work together as an union, is that right? 🙂 I guess you should check it up as fast as possible. 🙂 Here is a brand new video I have recorded for you. 🙂

Bon Appetit,

Martin, The Cook.