Oracle Cloud Infrastructure Documentation

Overview of Compute Cloud@Customer Isolated

Use Compute Cloud@Customer Isolated to deploy Oracle Cloud Infrastructure (OCI) services in locations disconnected from the internet. Build cloud workloads in environments where control, security and residency of confidential data are strictly regulated.

Fully isolated operation minimizes the risk of attacks and provides the flexibility to deploy where needed. With a Compute Cloud@Customer Isolated subscription, you maintain absolute control over your data while leveraging the performance and efficiency of OCI. You run applications and harness the power of generative AI on cloud infrastructure in your data center while helping address data residency, security, and low-latency connections to local resources and real-time operations.

Compute Cloud@Customer Isolated is engineered to deliver a comprehensive suite of cloud infrastructure services within the secure environment of your on-premises data center. The system integrates all required hardware and software components, and has been tested, configured and tuned for the best performance by Oracle engineers. It's a flexible, general purpose IaaS (Infrastructure as a Service) solution in the sense that it supports a wide variety of workloads. Its pluggable platform provides an excellent foundation to layer PaaS (Platform as a Service) and SaaS (Software as a Service) solutions on top of the infrastructure.

Key Features

Consistent Management

The system employs the same OCI services, APIs, and automation as the rest of Oracle's distributed cloud for developing workloads. However, unlike the permanently connected version of the platform, the infrastructure of Compute Cloud@Customer Isolated is managed locally, and all IAM resources must be configured locally.

Scalable Compute

  • 552 cores of compute capacity with 6.7 TB of available memory can be incrementally expanded to 6,624 cores and 80.4 TB of memory for supporting large and growing workloads.

  • High performance VM shapes with up to 96 cores each to run compute-intensive applications.

  • Oracle Linux licensing and support, which is included with a subscription, eliminates hidden costs.

  • Support for multiple guest operating systems, including Oracle Linux, Oracle Solaris, third-party Linux distributions, and Microsoft Windows Server, lets you use a single platform for all workloads.

GPU Expansion

  • Add GPU nodes with four NVIDIA L40S GPUs.

  • Run compute-intensive, scalable workloads securely on-premises to address both performance and data residency requirements.

  • Deploy generative AI inferencing, HPC, and graphics processing in your data center.

Flexible Storage

  • Independent scaling of storage and compute makes it easy to optimize performance and costs for diverse workloads.

  • OCI object, block, and file storage services with any mix of consumption support all types of workloads.

  • 150 TB of storage capacity that’s incrementally expandable to 3.4 PB helps meet the needs of data intensive workloads.

Built-in Networking

  • Dedicated 400 Gbps internal network bandwidth increases performance for all applications.

  • OCI Network Load Balancer efficiently distributes network traffic across servers.

  • OCI virtual cloud networks, subnets, security lists, route tables, and other networking capabilities are included to simplify deployment.

  • Up to 800 Gbps of data center connectivity speeds access to data center resources.

  • Up to 800 Gbps of dedicated, direct connect bandwidth to Exadata Cloud@Customer minimizes database access latency.

Container Automation

  • Deploy OCI Kubernetes Engine (OKE), a managed Kubernetes service that simplifies the operations of enterprise-grade Kubernetes at scale, to provide reliable operations for both the control plane and the worker nodes with automatic scaling, patching, and security updates.

  • OKE on Compute Cloud@Customer Isolated brings basic cluster capabilities on-premises, delivering modernization, consolidation, and lower total cost of ownership.

Cloud Resources

When you sign in to Compute Cloud@Customer Isolated, you can create and manage the same types of resources that you can create in OCI:

  • Instances: You can select the most appropriate type of instance for your applications based on characteristics such as the number of CPUs, amount of memory, and network resources. You can deploy the instance with any of the provided platform images, or bring your own image.

  • Virtual Cloud Networks (VCNs): A virtual version of a traditional network, including subnets, route tables, and gateways, on which your instance runs. At least one cloud network must be set up before you create instances.

  • Block Volumes: Lets you dynamically provision and manage block volumes that you can attach to one or more compute instances.

  • File Storage: A durable, scalable, secure, enterprise-grade network file system that you can connect to from any compute instance in your virtual cloud network (VCN).

  • Object Storage: A high-performance storage platform that lets you store unstructured data of any content type. This storage is regional and not tied to any specific compute instance.

  • Kubernetes Engine (OKE): A scalable, highly available service that can be used to deploy any containerized application on Compute Cloud@Customer Isolated.

User Interfaces

To manage resources such as VCNs, instances, and storage, on Compute Cloud@Customer Isolated, use the following interfaces:

  • OCI API (Compute Cloud@Customer Isolated supports a subset of operations)

  • OCI CLI (Compute Cloud@Customer Isolated supports a subset of operations)

  • Compute Web UI – a browser UI that offers a similar user experience to the Oracle Cloud Console.

From your OCI home tenancy you perform these operations:

  • Create the infrastructure resource associated with the Compute Cloud@Customer Isolated installation.

  • View billing and payment information.

Upgrades

System upgrades are designed for minimum disruption and maximum availability. Health checks are performed before an upgrade to ensure that all components are in an acceptable state. The upgrade process is modular and only upgrades components – such as firmware, OSs, containerized services, or the system's main database - as needed. A certified administrator must perform the upgrade.

Operating Modes

Compute Cloud@Customer might be described as an Edge Cloud platform, or an on-premises extension of Oracle Cloud Infrastructure. As such, it can be configured in different operating modes depending on the type of deployment.

Connected Operation

In connected operating mode, the Compute Cloud@Customer infrastructure is fully managed and supported by Oracle. Oracle installs and initializes the Compute Cloud@Customer infrastructure in your data center. Oracle continues to monitor and maintain the infrastructure over the lifespan of the service.

Authentication – Compute Cloud@Customer uses the same federated identity provider that you use for OCI to manage Console sign ins.

IAM Resources – Your IAM resources in OCI are regularly and securely cached in the Compute Cloud@Customer infrastructure. This enables you to manage IAM resources in one location. If you change IAM resources in the OCI tenancy, the changes are automatically applied to resources in Compute Cloud@Customer.

Isolated Operation

Unlike the connected mode, Compute Cloud@Customer Isolated is a fully air-gapped, on-premises cloud solution. Yet it delivers the same comprehensive compute, GPU, storage, and networking capabilities as a connected Compute Cloud@Customer installation.

Compute Cloud@Customer Isolated is designed for organizations with strict data sovereignty and regulatory requirements. It enables rapid, single-rack deployments that can scale as needed, supporting advanced AI and digital innovation while ensuring full control over data and infrastructure within your premises.

Compute Cloud@Customer Isolated is well suited for entities such as government agencies, ministries of defense, intelligence organizations, telecommunications, and healthcare providers, it helps minimize risk of cyberattacks, complies with strict regulations, and supports critical national security requirements.

In addition to the overall Compute Cloud@Customer key features, Compute Cloud@Customer Isolated provides the following benefits:

  • Operates with or without internet connectivity.

  • Satisfies data sovereignty, residency, security, and latency requirements.

  • The system is fully self-managed and permanently disconnected from Oracle Cloud Infrastructure(OCI).

  • The system is associated with your home OCI tenancy through an infrastructure resource, which is used to track your subscription and enable billing through Oracle Universal Credits.

  • All configuration and management, including Identity and Access Management (IAM), is controlled locally on the infrastructure.

  • The infrastructure can be managed and serviced by customer administrators, partners or Oracle CSS through managed services.

  • Includes utilities that provide access to upgrade bundles and logs, and time-limited access to underlying management administration, each of which enable you to self-manage the isolated infrastructure.

The following diagram shows Compute Cloud@Customer in Isolated operating mode.


A diagram that shows Compute Cloud@Customer in Isolated operating mode.