Oracle Cloud Infrastructure Documentation

Anchor Design

Learn about network anchor designs for Oracle Database@Azure.

Anchors are new contructs introduced into Oracle Database@Azure to logically encapsulate Azure resources, such as subscriptions, resource groups, and networking setups. Anchors provides you with flexibility to bind Azure resources to Oracle Cloud Infrastructure (OCI) resources, supporting multicloud deployments with consistent billing, visibility, and observability across OCI and Azure.

Two types of Anchors are available:

  • Resource Anchors: Encapsulate the logical organization of Azure resources.
  • Network Anchors: Encapsulate Azure network resources and map them to OCI networking constructs.

Anchors enable customers to provision Base Database instances in Oracle Database@Azure.

Resource Anchors

A Resource Anchor is a bridge between Azure and OCI that keeps resources logically grouped and consistently mapped across environments. It works by linking an Azure resource group to an OCI compartment, giving you a central place to manage access, organization and policies for Base Database service in Oracle Database@Azure.

Resource Anchors are global constructs. After one is created, is replicated across all regions. A Resource Anchor creates a dedicated OCI compartment, ensuring a 1:1 mapping with its corresponding Azure resource group. OCI compartment are created with a naming convention of:

resourceGroupName_resourceAnchorName_uniqueDateTimeStampID

OCI compartments are also global construct with global OCIDs, and not tied to any specific region.

A Resource Anchor carries attributes of Azure subscription, resource group and associated Azure active directory group.

Some critical functions for resource anchors include:

  • Defining resource organization between Azure and OCI.
  • Providing visibility of OCI resources in Azure.
  • Enabling federation of Azure AD groups with OCI user groups for access control.

Network Anchors

A Network Anchor acts as the bridge between Azure and OCI networking. It connects Azure networking resources, such as virtual networks (VNets), subnets, and DNS with OCI virtual cloud networks (VCNs), subnets and DNS to ensure seamless communication and consistent setup across both cloud service providers. Network Anchor is a prerequisite for the Base Database service in Oracle Database@Azure.

Network Anchors are regional construct and they're tied to a specific Azure region and availability zone. They define the mapping between Azure VNets, delegated subnets and DNS configurations with their counterparts in OCI VCNs, subnets and DNS management. You have full control of managing these resources, ensuring they align with your networking and security requirements.

Beyond basic connectivity, Network Anchors provide these critical functions:

  • Decoupling networking configuration from the Base Database service provisioning.
  • Supporting bidirectional DNS resolution so services in Azure can be resolved from OCI and vice versa.
  • Enabling observability by forwarding metrics and logs back to Azure.