3 Steps to kick-start OCI monitoring in CASB

Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can detect risk, anomalies and potential security violations. In OCI, the target of CASB monitoring is a compartment. Once an OCI compartment is configured in CASB, out-of-box […]

Authentication and Authorization using the Istio service mesh on OKE

Applications deployed in application servers are provided a security framework with authentication, authorization, credential mappers, auditing, and other security plug-ins. Many of the large, monolithic applications, such as HCM and ERP also contain security components embedded within these applications. These security components provide authentication, as well as, role-based access control policies. A microservice architecture also […]

Oracle Cloud Infrastructure (OCI) REST call walkthrough with curl

  Introduction This post will walkthrough the elements required, and purpose of each, to make a curl request to Oracle Cloud Infrastructure (OCI) REST services. While there are a variety of tools offered that make this task far easier than manually constructing a curl request, the purpose of this post is to provide an explanation […]

Importing into the Autonomous Data Warehouse using Oracle Data Pump

Introduction This post details the steps required to import into the Autonomous Data Warehouse (ADW) using the Oracle Data Pump Import utility on Oracle Cloud Infrastructure (OCI). Versions OCI Compute    Oracle-Linux-7.6-2018.11.19-0 Instant Client for Linux x86-64 (64-bit) ADW DB   SQL Developer Assumptions An Oracle Cloud […]

Getting Started Using Terraform with OCI

Introduction Standing up infrastructure requires building networks, servers and storage entailing complex build and configuration management processes. Traditionally done with scripts or even manually, Terraform gives you a new alternative. Using Terraform you can write a declarative description of your infrastructure. Using the Terraform “compiler” the declaration is converted to a build plan and then […]

Performance of MFT Cloud Service (MFTCS) with File Storage Service (FSS) using a Hybrid Solution Architecture in Oracle Cloud Infrastructure (OCI)

Executive Overview MFT Cloud Service clusters in Oracle Cloud Infrastructure Classic (OCI-C) are provisioned with database file storage system (DBFS) for shared storage as discussed in one of our earlier blogs[1]. In Oracle Cloud Infrastructure (OCI), customers also have the option of using File Storage Service (FSS) for shared storage. FSS can be used for […]

Disaster Recovery with Oracle Kubernetes Engine

Overview of Scenarios This document describes how applications that are built on Oracle Kubernetes Engine (OKE) can continue operating even if an entire geographic region of Oracle Cloud Infrastructure (OCI) is lost. A basic knowledge of OCI is assumed. Each scenario builds upon the previous ones, describing the incremental design differences that arise in more […]

Hybrid DNS in OCI

It’s a common scenario to have DNS name resolution between FQDNs in OCI and your on-prem… or between multiple OCI VCNs.  How do we make this happen today?  By using a hybrid DNS solution, of course! What is a hybrid DNS solution?  It’s essentially a DNS overlay on top of the built-in OCI VCN DNS.  […]

Achieving DR in the cloud using Oracle Dyn

Recently a colleague of mine (Kumar) and myself were facing a scenario where we needed to provide a solution providing disaster recovery (DR) functionality between two OCI regions.  It is a fairly common requirement to support some sort of disaster recovery (DR) between different geographical locations.  It has been a common practice in traditional enterprise […]

Using 3rd-party security virtual appliances in OCI

OCI offers a very robust and high-performance network firewall that’s integrated into the very core of the Virtual Cloud Network (VCN).  For some customers, this is sufficient, while other customers need more from their cloud security than is provided natively with the OCI VCN.  Some environments need application-level inspection (such as URL filtering, malware inspection, […]

Restrict Root Compartment Access with Oracle Cloud Infrastructure Policies

The OCI Administrators group grants manage acess to all resources in all compartments including the root compartment.  So, any member of this group is considered a super user.  Is a normal practice to keep Administrators members to a small number of users and create additional groups/policies to restrict access to specific compartments. If there’s a […]

Setup Oracle API Gateway on OCI-Classic in Oracle Public Cloud

This blog provides steps to get Oracle API Gateway up and running on Oracle cloud- OCI Classic VM We will see following steps: 1. Create compute instance on Oracle Cloud Infrastructure Classic (OCI-classic) 2. Create Logical gateway in API management console and Assign grants to add nodes 3. Connect OCI-classic instance using SSH and copy […]

Automate Compute Service Management on BMCS with Python and Ansible

Introduction A while ago, I published a post on automating Oracle Compute Service Cloud instances using Python and Ansible. Now that the Bare Metal Cloud Service is available, you can create a compute instance as well as other resources such DB instance on BMCS. In this post, I, again, use Python and Ansible to demonstrate automation […]

ODI on Compute Cloud Service: Step by Step Installation

Introduction We have seen in Connect ODI to Oracle Database Cloud Service (DBCS) how to connect ODI on premise to DBCS. But it is also possible to deploy ODI in the Cloud – either on the PAAS (on JCS) or the IAAS (on Compute Cloud Service). In cases where a JEE ODI Agent is not needed, […]

Using VNC securely in the Oracle Cloud

Introduction Having access to a VM in the Cloud via VNC can be very useful in many situations – e.g. most customers want to install software using GUI based installer, e.g. Oracle Database etc. Using VNC the installation can continue, even without being connected. The easiest way to achieve this with a reliable and secure […]

End-to-end Compute Cloud Instance Management with Python and Ansible

This is a follow-up to my previous post “Automate Oracle Compute Cloud Service Management with Python Requests“, which allows you to create and configure an Oracle Compute instance in one step. However, my previous post does not allow you to log into the newly created instance and perform further configuration inside the instance. This post […]

Automate Oracle Compute Cloud Service Management with Python Requests

Oracle Compute Cloud Service exposes a set of REST APIs for managing Compute Cloud resources programmatically. This post presents to you a sample implementation of the REST API using Python Requests package. Inside the package, OracleComputeCloud.py module is the main implementation of the REST API GetComputeCloudInfo.py module demonstrates most of available retrieval operations DeleteComputeCloudResources.py demonstrates […]

WebLogic Server: Saving Disk Space in /tmp

Introduction Many WebLogic Server (WLS) implementations use JRockit 28 as the JVM implementation. JRockit 28 comes with the very useful JRockit Flight Recorder which helps in many troubleshooting situations. Problem In high volume WLS implementations with many domains and many managed servers the Flight Recorder could fill up the disk of the temporary file storage […]

Prepare Your Fusion Applications for Security Audits

Introduction In an enterprise environment it is very common that regulations require regular security audits of the computer systems. The company’s security officer is responsible for facilitating these and may request many reports from the administrators of the respective systems. Very often these reports include user activities for log in, log out, entering wrong passwords, […]

Improve SSL Support for Your WebLogic Domains

Introduction Every WebLogic Server installation comes with SSL support. But for some reason many installations get this interesting error message at startup: Ignoring the trusted CA certificate “CN=Entrust Root Certification Authority – G2,OU=(c) 2009 Entrust, Inc. – for authorized use only,OU=See www.entrust.net/legal-terms,O=Entrust, Inc.,C=US”. The loading of the trusted certificate list raised a certificate parsing exception […]