You can use Oracle Container Engine for Kubernetes, Oracle Cloud Infrastructure Registry, and MySQL to develop and deploy cloud native applications and to migrate legacy applications to the cloud.
Oracle Container Engine for Kubernetes (sometimes abbreviated to just OKE) is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. Use OKE when your development team wants to reliably build, deploy, and manage cloud native applications.
You can use Oracle Cloud Infrastructure Registry as a private Docker registry for internal use, pushing and pulling Docker images to and from the registry using the Docker V2 API and the standard Docker command line interface (CLI).
MySQL is an open source relational database management system. It’s highly extensible, highly scalable, and has many features. MySQL supports data replication across multiple data centers.
Using MySQL on Oracle Cloud Infrastructure Compute has the following advantages:
- Deploy new MySQL instances in minutes.
- Focus on development, not infrastructure admin.
- Use tools and latest features for modern apps.
- Scale according to your needs.
- Avoid shadow IT.
This reference architecture shows three MySQL databases on Oracle Cloud Infrastructure Compute instances.
Although in this architecture the databases are installed individually on each Compute instance, you can also use a MySQL InnoDB Cluster. You can use each database to achieve a different goal. For example, you can use one MySQL database for existing cloud native apps, one for testing and migrating legacy apps, and so on.
It also has an Oracle Container Engine for Kubernetes cluster, also known as an OKE cluster, with Oracle Cloud Infrastructure Registry to accommodate developed and deployable cloud native apps.
The following diagram illustrates this reference architecture.
Description of the illustration architecture-kubernetes-mysql-oci.png
The architecture has the following components:
- Bastion host
The bastion host is a compute instance that serves as a secure, controlled entry point to the topology from outside the cloud. The bastion host is provisioned typically in a demilitarized zone (DMZ). It enables you to protect sensitive resources by placing them in private networks that can't be accessed directly from outside the cloud. The topology has a single, known entry point that you can monitor and audit regularly. This allows you to avoid exposing the more sensitive components of the topology without compromising access to them.
The bastion host in this architecture is used for accessing the OKE cluster and the MySQL databases.
- Container Engine for Kubernetes
Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. You specify the compute resources that your applications require, and Container Engine for Kubernetes provisions them on Oracle Cloud Infrastructure in an existing tenancy. Container Engine for Kubernetes uses Kubernetes to automate the deployment, scaling, and management of containerized applications across clusters of hosts.
- MySQL Database
In this reference architecture, MySQL is deployed on virtual machines. You can download and install MySQL on Linux or Windows VMs. This deployment is not in a cluster. Instead, individual instances are deployed. Different teams can then use these instances. For example, the cloud native app development team can use one instance, and the Legacy Application team that wants to modernize and deploy these apps as cloud native can use a different instance.
- Block volume
With block storage volumes, you can create, attach, connect, and move storage volumes, and change volume performance to meet your storage, performance, and application requirements. After you attach and connect a volume to an instance, you can use the volume like a regular hard drive. You can also disconnect a volume and attach it to another instance without losing data.
You can move the MySQL
datadirto a block volume.
Oracle Cloud Infrastructure Registry is an Oracle-managed registry that enables you to simplify your development-to-production workflow. Registry makes it easy for you to store, share, and manage development artifacts, like Docker images. The highly available and scalable architecture of Oracle Cloud Infrastructure ensures that you can deploy and manage your applications reliably.
An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Availability domains
Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.
- Fault domains
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.
- Virtual cloud network (VCN) and subnets
A VCN is a customizable, private network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. You can segment VCNs into subnets, which can be scoped to a region or to an availability domain. Both regional subnets and availability domain-specific subnets can coexist in the same VCN. A subnet can be public or private.
- Security list
For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
Your requirements might differ from the architecture described here. Use the following recommendations as a starting point.
- Bastion host
Use VM.Standard1.1 shape with the latest Oracle Linux Operating System.
- OKE cluster
Use the Custom Create option from the Console so that you can specify a VCN and subnet for deployment. Create a three-node cluster, and choose VM.Standard2.2 as the shape to start with. For larger deployments, you can use a larger cluster size with a higher Compute shape.
- MySQL server
Use MySQL Server version 8.0 for this architecture. We recommend MySQL Enterprise Edition as a best practice. You can use the MySQL Enterprise Edition image available in the Oracle Cloud Marketplace. For a light workload, we recommend to using VM.Standard.E2.2, which provides 2 OCPU and 16 GB of RAM. You can use larger shapes for more demanding workloads.
- Connecting to MySQL
Install the latest MySQL client and also install MySQL Shell from the MySQL Yum Repository. See the More Information section for a link to using the MySQL Yum repository.
- Block volumes
Use block volumes to store MySQL data files (datadir). The balanced volume performance is good for light workloads. The size starts at 50 GB and grows according to your application needs. To provide extra storage, you can increase the block volume size as needed.
- Container Registry
Oracle manages the registry, so you don’t have to choose size or any other options. We recommend creating a private registry for security best practices.
When you create the VCN, determine how many IP addresses your cloud resources in each subnet require. Using the Classless Inter-Domain Routing (CIDR) notation, specify a subnet mask and a network address range that's large enough for the required IP addresses. Use an address range that's within the standard private IP address space.
Select an address range that doesn’t overlap with any other network (in Oracle Cloud Infrastructure, your on-premises data center, or in another cloud provider) that you intend to set up private connections to.
After you create a VCN, you can't change its address range.
When you design the subnets, consider your traffic flow and security requirements. Attach all the resources within a specific tier or role to the same subnet, which can serve as a security boundary.
This architecture deploys one MySQL database server in each fault domain.
You can vertically scale MySQL by changing the VM shape of each Compute node. Using a shape with a higher core count increases the memory and network bandwidth allocated to the Compute instance.
You can scale out MySQL by adding more nodes to each fault domain and configuring MySQL replication. We recommend MySQL InnoDB Replica Set for this.
- Application availability
This architecture distributes compute instances across multiple fault domain thus removing single point of failure and also providing High Availability redundancy.
This architecture can be evolved to use MySQL InnoDB Cluster on the database tier for its key capabilities like fault tolerance, zero data loss, automatic failover, and active update. If your application can use a simple replication architecture for the database tier and doesn’t require automatic failover capabilities, you can use MySQL InnoDB ReplicaSet.
After the architecture is deployed, you can connect to the IP address of the MySQL node by using SSH tools such as PuTTY on Windows or
sshon Linux. You can use the MySQL client or MySQL Shell for data definition language and data manipulation language operations on the MySQL database. You can set up the InnoDB cluster and accomplish administration tasks through MySQL Shell.
Select the VM shape based on the cores, memory, and network bandwidth that you need for your database. You can start with a one-core shape. If you need more performance, memory, or network bandwidth for the application or database node, you can change the VM shape later.
For more information about high availability and MySQL, see the following resources.
- Building Highly Available Applications in a Region with One Availability Domain (technical brief)
- Learn about architecting a highly available cloud topology (technical brief)
- Getting Started with MySQL (documentation)
- A Quick Guide to Using the MySQL Yum Repository (for updating the MySQL Client and for installing MySQL Shell)
- Overview of Container Engine for Kubernetes
- Overview of Registry