Build a Continuous Deployment Pipeline by using Oracle Cloud Infrastructure DevOps

Rapid delivery of software is essential for efficiently running your applications in the cloud. Oracle Cloud Infrastructure (OCI) DevOps provides an end-to-end continuous deployment experience to developers. OCI DevOps includes deploying pipelines to automate your continuous software deployment process (CD) to OCI platforms: Container Engine for Kubernetes (OKE), Functions, and Compute instances.

Automating software releases with pipeline deployment increases developer productivity and allows you to release features more frequently and with fewer errors. It helps avoid downtime during deployments and automates the complexity of updating applications. OCI DevOps can be used by both customers migrating workloads from on-premises or other clouds to OCI and customers developing new applications on OCI.


In this reference architecture, a sample Hello World application is deployed using OCI DevOps. The Hello World application is already built and ready to be deployed. The application is deployed to three different target environments: OKE, Compute instances, and Functions. To simplify the process, Terraform is used for infrastructure automation.

The following diagram illustrates this reference architecture.

Description of dev-ops-deployment-pipeline.png follows
Description of the illustration dev-ops-deployment-pipeline.png

This architecture has the following components:
  • Region

    An OCI region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

    The architecture uses a single region.

  • DevOps project

    A DevOps project is a logical grouping of resources needed to implement your continuous integration and deployment (CI/CD) workload. DevOps resources can be artifacts, deployment pipelines, and environments. DevOps projects make it easy to enable logging, monitoring, and notifications for all your DevOps resources.

  • Deployment pipeline

    A deployment pipeline holds the requirements that must be satisfied to deliver a set of artifacts to an environment. Pipelines contain stages, which are the building blocks of a pipeline. A Pipeline can have stages that run serially or in parallel, so you can control the flow and logic of your software release.

  • Deployment stages
    Stages are individual actions that take place during a run of a pipeline. The DevOps deployment pipeline includes the following predefined stage types for you to use in your release process:
    • Rolling deployment: An incremental release to OKE, Functions, or instance groups.
    • Wait: Wait N seconds.
    • Manual approval: Proceed if an approval is given; stop if an approval is rejected.
    • Invoke function: Perform custom tasks and integration by calling a function and pass an artifact of request parameters.
  • DevOps artifact

    A DevOps artifact is a reference or pointer to any file, binary, package, manifest, or image that makes up your application. When creating an artifact, you have to inform Oracle DevOps of the source location of the actual artifact. DevOps supports OCI Container Image Registry and OCI Artifact Registry repositories.

  • Artifact repository

    Artifact Repository is used to create repositories to group similar artifacts. Once the repository is created then artifacts can be uploaded to them. These artifacts are a collection of text files, binaries, and deployment manifests that will be delivered to the target deployment environment. Each artifact has a name, which is made of its path: version. The path is a string to organize the artifacts.

  • OCI Logging and Notifications services

    OCI Logging service stores logs related to the deployment. The deployment runtime output and the final results of the deployment are shown as log entries. OCI Notifications service provides visibility into the latest state of the deployment project and its resources and takes any necessary action. For example, you're notified when an important event, such as a stage in a deploy pipeline waiting for approval. When you receive the notification message, you can go to DevOps deployment pipelines and approve the stage.

  • Deployment environments
    An environment is a collection of a customer’s computing resources where artifacts are deployed. Environments can be a function, Compute virtual machine (VM) or bare metal instance, or an OKE cluster.
    • Oracle Kubernetes cluster (OKE): Oracle Container Engine for Kubernetesis a fully managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud.
    • Compute instances: The OCI Compute service enables you provision and manage compute hosts in the cloud. You can launch Compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage.
    • Functions: Oracle Functions is a fully managed, multitenant, highly scalable, on-demand, Functions-as-a-Service platform. It's built on enterprise-grade OCI and powered by the Fn Project open source engine.
    Environments can be in different OCI regions from the region of the deployment pipeline. This allows developers to deploy in multiple OCI regions using the same deployment pipeline.


Use the following recommendations as a starting point. Your requirements might differ from the architecture described here.
  • Compute shapes

    This architecture uses an Oracle Linux OS image with either E3 or E4 flex shape with minimum resources to host compute hosts in the OKE cluster nodes. If your application needs more memory or cores, you can choose a different shape.

  • VCN

    When you create a VCN, determine the number of CIDR blocks required and the size of each block based on the number of resources that you plan to attach to subnets in the VCN. Use CIDR blocks that are within the standard private IP address space.

    After you create a VCN, you can change, add, and remove its CIDR blocks.

    This architecture uses a public VCN to host Oracle Container Engine for Kubernetes. You can also use a private VCN. In that case, use a NAT gateway to give the cluster access over the public internet.

  • OKE

    This architecture deploys to the OKE cluster as one of the target environments. The worker nodes are deployed on a E3 or E4 Oracle Linux OS. This architecture uses three worker nodes in the cluster, but you can create up to 1,000 nodes on each cluster.

  • Functions

    If you choose the architecture to deploy to an OCI Function, a new Functions application and function are created in your tenancy.

  • Instance group

    If you choose the architecture to deploy to an instance group, you have new Compute instances of your choice of shape created in your tenancy.

  • Container Image Registry

    This architecture deploys Registry as a private Docker registry for internal use. Docker images are pushed to and pulled from the registry. You can also use Registry as a public Docker registry, enabling any user with internet access and knowledge of the appropriate URL to pull images from public repositories in Oracle Cloud.

  • Artifact registry

    This architecture creates an artifact for the software and configuration used by an instance group, OKE, and Functions deployment. The architecture creates an artifact registry repository for internal use. Software binaries, text, and deployment configurations are uploaded to and downloaded from the artifact registry repository.


Consider the following points when deploying this reference architecture.

  • DevOps-supported deployments

    DevOps supports deployments to OKE, Compute hosts, and Functions. This architecture deploys to an OKE cluster. Consider deploying to other endpoints based on the requirements.

  • Linux support

    Only Linux hosts are supported for instance group deployments to Compute instances.

  • Deployed artifacts

    Artifacts to deploy with DevOps need to be in an OCI artifact registry or container image registry repository.

  • Grouping applications

    As a best practice, group each application and all its microservices into a single project.


The Terraform code for this reference architecture is available as sample stacks in Oracle Cloud Infrastructure Resource Manager. You can also download the code from GitHub, and customize it to suit your specific requirements.

  • Deploy using the sample stack in Oracle Cloud Infrastructure Resource Manager:
    1. Click the deploy button for your specific use case to access the Resource Manager:

      If you aren't already signed in, enter the tenancy and user credentials.

    2. Select the region where you want to deploy the stack.
    3. Follow the on-screen prompts and instructions to create the stack.
    4. After creating the stack, click Terraform Actions, and select Plan.
    5. Wait for the job to be completed, and review the plan.

      To make any changes, return to the Stack Details page, click Edit Stack, and make the required changes. Then, run the Plan action again.

    6. If no further changes are necessary, return to the Stack Details page, click Terraform Actions, and select Apply.
  • Deploy using the Terraform code in GitHub:
    1. Go to GitHub.
    2. Clone or download the repository to your local computer.
    3. Follow the instructions in the README document.

Change Log

This log lists significant changes: