The image shows three main areas from left to right: Internet, OCI Region, and Customer.
App users on the internet interact with a domain name system (DNS) to access the front end virtual cloud network (VCN) inside the OCI region.
The OCI Region is comprised of three fault domains. Spanning all three fault domains are: a front-end virtual cloud network (VCN), an edge public subnet, a private OKE subnet, and a back-end VCN.
The front-end VCN contains an edge public subnet and OKE private subnet. The front-end VCN is configured with an internet gateway, dynamic routing gateway, network address translation gateway, security list, and route table. OCI Service Mesh is located in the second fault domain, inside the OKE private subnet. All subnets in this architecture are configured with a security list and route table. The OKE private subnet contains Oracle Container Engine for Kubernetes, OCI Service Operator for Kubernetes, OCI Service Mesh, Grafana, and two NodeJS microservices called Home (V1 and V2) and Price (V2).
The back-end VCN contains a data public subnet and Oracle Autonomous Database. Both the Home and Price microservices interact with Autonomous Database. Price uses a wallet to access Autonomous Database.
There is an OCI Registry and Cloud Shell outside of the fault domains. CI is used between the registry and Cloud Shell. Cloud Shell is used to deploy Service Mesh within the OKE private subnet.
There is an on premises area containing software developers and administrators.