Tenancy Resource Configuration Limits

This section lists the resource limits that are dependent on the appliance architecture. Oracle Private Cloud Appliance supports up to 8 tenancies; these are default limits per tenancy, unless indicated otherwise. The numbers provided here apply to any Private Cloud Appliance installation, regardless of its hardware configuration.

Some of these limits can be customized. See the Viewing and Setting Resource Limits chapter in the Oracle Private Cloud Appliance Administrator Guide.

Service	Resource Type	Limit
IAM Service	Users	100
IAM Service	Groups	100
IAM Service	Users per group	100
IAM Service	Groups per user	50
IAM Service	Compartments	50
IAM Service	Policies	100
IAM Service	Policy statements	50 per policy
IAM Service	Identity providers	3
IAM Service	Group mappings	100 per identity provider
Networking Service	VCNs	80 total across all tenancies with up to 16 SR-IOV VCNs
Networking Service	Subnets	40 per VCN 320 across all tenancies
Networking Service	Dynamic routing gateways (DRG)	32 total across all tenancies with up to 16 SR-IOV DRGs
Networking Service	DRG attachments	10 per DRG 80 across all tenancies
Networking Service	Internet gateways	1 per VCN
Networking Service	Local peering gateways	5 per VCN 150 across all tenancies
Networking Service	NAT gateways	1 per VCN
Networking Service	Service gateways	1 per VCN
Networking Service	Storage gateways	2 per VCN 80 across all tenancies, standard and high-performance combined
Networking Service	Reserved public IPs	1/16th of customer-defined block
Networking Service	Ephemeral public IPs	2 per compute instance X9 rack: 2400 across all tenancies X10 rack: 3336 across all tenancies
Networking Service	DHCP options	30 per VCN 500 across all tenancies
Networking Service	Route tables	20 per VCN 500 across all tenancies
Networking Service	Route rules	50 per route table 10000 across all tenancies
Networking Service	VNICs	5000 across all tenancies
Networking Service	Network security groups	100 per VCN 5 per VNIC 600 across all tenancies
Networking Service	VNICs in network security group	As many VNICs as are in the VCN. A VNIC can belong to max. 5 network security groups
Networking Service	Security rules	50 per network security group 12000 across all tenancies
Networking Service	Security lists	20 per VCN 5 per subnet 600 across all tenancies
Networking Service	Ingress rules	30 per security list 12000 across all tenancies
Networking Service	Egress rules	30 per security list 12000 across all tenancies
Networking Service	DNS zones	1000 across all tenancies (in addition to any internal zones)
Networking Service	DNS records	25000 per zone 8000000 across all tenancies
Networking Service	Flex networks	128 flex networks 32 DRGs 128 logical ports 32 networks per physical port
Compute Service	Custom images	100
Block Storage Service	Aggregated size of block volumes	100TB (with default storage capacity)
Block Storage Service	Block volume backups	100000 across all tenancies
File Storage Service	File systems	100
File Storage Service	Mount targets	PCA_POOL 80 total across all tenancies PCA_POOL_HIGH 80 total across all tenancies
File Storage Service	File system size	3.3PB
Object Storage Service	Buckets	10000
(Network) Load Balancing Service	Load balancers (Network LB and LBaaS combined)	Version 3.0.2-b1185392 and earlier: 32 total across all tenancies, 20 in a single VCN Version 3.0.2-b1261765 and newer: 36-144 total, depending on rack capacity and custom configuration
(Network) Load Balancing Service	IP address	1 per load balancer
(Network) Load Balancing Service	Network security groups	5 per load balancer
(Network) Load Balancing Service	Listeners	16 per load balancer
(Network) Load Balancing Service	Backend sets	16 per load balancer
(Network) Load Balancing Service	Backend servers	512 per load balancer and per backend set
Kubernetes Engine (OKE)	Clusters	10 per tenancy
Kubernetes Engine (OKE)	Worker nodes	128 per cluster (across all pools)
Kubernetes Engine (OKE)	Pods	110 per node (Kubernetes default)