Managing vNICsets

A Virtual NIC Set, or vNICset, is a collection of one or more vNICs. vNICsets are useful when you want to use multiple vNICs for the same action. For example, you use vNICsets to specify multiple vNICs as a source or a destination in a security rule. You can also use vNICsets in routes to specify multiple vNICs as the next hop destination for that route.

In a vNICset, you can specify a maximum of 32000 vNICs and 256 access control lists (ACLs).

Creating a vNICset

Prerequisites

  • To complete this task, you must have the Compute_Operations role. If this role isn’t assigned to you or you’re not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud My Services. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

Procedure

  1. Sign in to the Compute Classic console. If your domain spans multiple sites, select the appropriate site. To change the site, click the Site menu near the top of the page.
  2. Click the Network tab.
  3. In the Network drop-down list, expand IP Network, and then click Virtual NIC Sets.
  4. Click Create vNICset.
  5. In the Create vNICset dialog box, select or enter the following:
    • Name: Enter a name for the vNICset.
    • vNICs: Select the required vNICs.
    • Applied Access Control Lists: Select the access control lists (ACLs) that you want to apply to this vNICset. When you apply an ACL to a vNICset, all the security rules in that ACL are applied to traffic to or from each of the vNICs in the vNICset.
    • Description: Enter a meaningful description for the vNICset.
    • Tags: Enter a list of the tags that you want to associate with this vNICset.
  6. Click Create.
    The vNICset is created. You can use this vNICset as the next hop in any routes that you create, or as the source or destination in a security rule. ACLs are also applied to vNICsets.

Other Ways of Creating a vNICset

To create a vNICset using the CLI, use the opc compute virtual-nic-set add command. For help with that command, run the command with the -h option. For the instructions to install the CLI client, see Preparing to Use the Compute Classic CLI in CLI Reference for Oracle Cloud Infrastructure Compute Classic.

To create a vNICset using the API, use the POST /network/v1/vnicset/ method. See REST API for Oracle Cloud Infrastructure Compute Classic.

You can also create a vNICset by using an orchestration. See Orchestration v1 Attributes Specific to Each Object Type or Orchestration v2 Attributes Specific to Each Object Type.

After creating a vNICset, if you want to add or remove vNICs from the vNICset, you can update the vNICset. See Updating a vNICset. To use a vNICset as the next hop in a route, see Creating a Route.

Listing vNICsets

After creating vNICsets, you can view a list of vNICsets along with information about the vNICs in each vNICset.

To complete this task, you must have the Compute_Monitor or Compute_Operations role. If this role isn’t assigned to you or you’re not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud My Services. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

  1. Sign in to the Compute Classic console. If your domain spans multiple sites, select the appropriate site. To change the site, click the Site menu near the top of the page.
  2. Click the Network tab.
  3. In the Network drop-down list, expand IP Network, and then click Virtual NIC Sets.
The VNIC Set page displays a list of vNICsets along with the vNICs in each vNICset.

To list vNICsets using the CLI, use the opc compute virtual-nic-set list command. See For help with that command, run the command with the -h option. For the instructions to install the CLI client, see Preparing to Use the Compute Classic CLI in CLI Reference for Oracle Cloud Infrastructure Compute Classic.

To list vNICsets using the API, use the GET /network/v1/vnicset/container/ method. See REST API for Oracle Cloud Infrastructure Compute Classic.

Adding an Instance Interface to a vNICset

You can add an instance interface to a vNICset either while creating the instance, or later, when the instance is running. When you add an interface to a vNICset while creating the instance, then if you stop and restart or delete and re-create the instance, the interface is automatically added back to the specified vNICset. However, if you add an interface to a vNICset when the instance is running, then if you stop and restart or delete and re-create the instance, you must add the interface to the required vNICsets again.

While creating an instance, you can specify a maximum of 4 vNICsets for each interface. To specify vNICsets for instance interfaces while creating an instance, see Creating Instances.

To add a running instance to a vNICset, or to add an instance interface to more than 4 vNICsets, specify the required vNICs while creating or updating the vNICset. See Creating a vNICset or Updating a vNICset.

Updating a vNICset

After you’ve created a vNICset, you can add or remove vNICs by updating the vNICset.

Note:

When a vNICset is used in a route, then if a vNIC in that vNICset becomes unreachable — for example, when an instance is stopped or deleted — traffic is automatically routed and load-balanced across the remaining vNICs in the vNICset.

Prerequisites

  • To complete this task, you must have the Compute_Operations role. If this role isn’t assigned to you or you’re not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud My Services. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

Note:

You should always use your orchestrations to manage resources that you’ve created using orchestrations. Don’t, for example, use the web console or the CLI or REST API to update an object that you created using an orchestration. This could cause your orchestration to either attempt to re-create the object and associated resources, or to go into an error state. See Workflows for Updating Orchestrations v2.

  1. Sign in to the Compute Classic console. If your domain spans multiple sites, select the appropriate site. To change the site, click the Site menu near the top of the page.
  2. Click the Network tab.
  3. In the Network drop-down list, expand IP Network, and then click Virtual NIC Sets.
  4. Go to the vNICset that you want to update, and from the menu icon menu, select Update.
  5. Update any of the following fields, as required:
    • vNICs: Add or remove vNICs from the vNICset.
    • Applied Access Control Lists: Add or remove access control lists (ACLs) to be applied to this vNICset. When you apply an ACL to a vNICset, all the security rules in that ACL are applied to traffic to or from each of the vNICs in the vNICset.
    • Description: Update the description, if required.
    • Tags: Updated the tags associated with this vNICset, if required.
  6. Click Update.

To update a vNICset using the CLI, use the opc compute virtual-nic-set update command. For help with that command, run the command with the -h option. For the instructions to install the CLI client, see Preparing to Use the Compute Classic CLI in CLI Reference for Oracle Cloud Infrastructure Compute Classic.

To update a vNICset using the API, use the PUT /network/v1/vnicset/name method. See REST API for Oracle Cloud Infrastructure Compute Classic.

Deleting a vNICset

If you no longer need to group a set of vNICs into a vNICset, you can delete the vNICset. If you delete a vNICset that was used by any route as the next hop, then that route will no longer work. Note that deleting a vNICset doesn’t delete the vNICs in the set.

Note:

If you create an instance with one or more interfaces on IP networks and you don’t specify any vNICset for an interface, the vNIC for that interface is automatically added to the default vNICset. Access to vNICs in the default vNICset is controlled by the default ingress and egress security rules, which are added to the default ACL. If you delete the default vNICset, ensure that all vNICs are added to other vNICsets with the appropriate security rules and applied ACLs. Otherwise communication to those vNICs will be blocked.

To complete this task, you must have the Compute_Operations role. If this role isn’t assigned to you or you’re not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud My Services. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

Prerequisites

  • To complete this task, you must have the Compute_Operations role. If this role isn’t assigned to you or you’re not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud My Services. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

Note:

You should always use your orchestrations to manage resources that you’ve created using orchestrations. Don’t, for example, use the web console or the CLI or REST API to delete an object that you created using an orchestration. This could cause your orchestration to either attempt to re-create the object and associated resources, or to go into an error state.

If you created the object using orchestration v1, then you can delete the object by terminating the orchestration. See Terminating an Orchestration v1.

If you created the object using an orchestration v2, then you can delete the object by suspending, terminating, or updating the orchestration. See Suspending an Orchestration v2, Terminating an Orchestration v2, or Updating an Orchestration v2.

  1. Sign in to the Compute Classic console. If your domain spans multiple sites, select the appropriate site. To change the site, click the Site menu near the top of the page.
  2. Click the Network tab.
  3. In the Network drop-down list, expand IP Network, and then click Virtual NIC Sets.
  4. Identify the vNICset that you want to delete. From the menu icon menu, select Delete.

To delete a vNICset using the CLI, use the opc compute virtual-nic-set delete command. For help with that command, run the command with the -h option. For the instructions to install the CLI client, see Preparing to Use the Compute Classic CLI in CLI Reference for Oracle Cloud Infrastructure Compute Classic.

To delete a vNICset using the API, use the DELETE /network/v1/vnicset/name method. See REST API for Oracle Cloud Infrastructure Compute Classic.