The image shows the architecture underlying an inplementation of Oracle Retail
Xstore Point of Service on Oracle Cloud Infrastructure. This architecture comprises two
OCI compartments, Compartment 1 and Compartment 2, and a bank of multipe retail stores
external to both compartments.
Compartment 1 contains a customer tenancy which itself contains and OCI region. The
region contans three VCNs, and implemtation of the Oracle SaaS application, and four
Oracle Service Network services. The three VCNs are:
- Hub, containing a WAF and a single public subnet, Subnet A, that serves as the
DMZ. This subnet contains a load balancer and a Bastion service.
- Prod, containing two subnets:
- Subnet A is the primary app tier and contains instances of XStore POS
containers, XStore mobile EFT, Link Xenv, and Data Loader. It also
contains an XStore POS Oracle Container Engine for
Kubernetes cluster.
- Subnet B is the primary database and contains the XStore Prod database
base database service running on Oracle RAC.
- Non-Prod, It contains two subnets:
- Subnet A, which is a primary app tier and contains XStore POS Dev/Test
containers, DevOPs and CI/CD tools and Verrazzano, including Prometheus,
Helm, Rancher, and OpenSearch. It also contains GitHub artifact source
and container repositories and an XStore POS Oracle Container Engine for
Kubernetes cluster.
- Subnet B contains the XStore Non-Prod database base database service
running on Oracle RAC.
The SaaS applications include Retail Apps XStore Office Cloud Service and Merch
Foundation Cloud Service. The OSN services include the Container Registry and
Repository, Identity and Access Management, bject Storage, and Block Storage.
Compartment 2 contains a customer tenancy which itself contains and OCI region. The
region contains a single VCN, called Prod 2, containg a WAF three subnets and four OSN
services:
- Subnet A, a public subnet that serves as the DMZ. This subnet contains a load
balancer and a Bastion service.
- Subnet C, which is a primary app tier and contains XStore POS Dev/Test
containers, DevOps and CI/CD tools and Verrazzano, including Prometheus, Helm,
Rancher, and OpenSearch. It also contains GitHub artifact source and container
repositories and an XStore POS Oracle Container Engine for
Kubernetes cluster.
- Subnet D, which contains the XStore Prod database base database service running
on Oracle RAC.
The OSN services include the Container Registry and Repository, Identity and Access
Management, bject Storage, and Block Storage.
Access to all subnets in this architecture is controlled by a security list and a routing
table.
Ops users affiliated with the retail stores access the Hub VCN in Compartment 1 through
an Internet gateway which passes traffic through the WAF an on to the load balancer.
From here, traffic is passed to the XStore containers in the Prod 1 VCN. The customers
also can access Prod2 VCN in Compartment 2 through an Internet gateway, which passes
traffic through the WAF an on to the load balancer. From here, traffic is passed to the
XStore containers in Subnet C.
The retail stores can use customer premises equipment to access the Huib VCN ion
Compartment 1 and Prod2 VCN in Compartment 2 through a Dynamic Routing Gateway over
FastConnect. Compartment 1, traffic is directed to Subnet B; in Compartment 2, traffic
is directed to the load balancerin Subnet A.
Ther Bastion service in Subnet A directs traffic to the primary database in Subnet B and
to the XStore POS OKE cluster, whichitself directs traffic to the XStore Prod database
base database service.
The XStore Prod database base database service in Prod1 Subnet B (Compartment 1)
exchanges traffic with its counterpart in Compartment 2, Subnet D.
The XStore POS OKE cluster in the Non-Prod VCN in Compartment 1 exchanges traffic with
XStore Non-Prod database base database service.
