This image shows an Oracle Cloud region. Within the region contains a Virtual Cloud Network (VCN); an Internet Gateway connects
the VCN to the cloud. The Cloud Region also contains two availability domains (AD), labeled AD1 and AD2; AD2 is split into
two containers.
Spread across the ADs are subnets, one public and two private.
- The public subnet contains load balancers.
- One private subnet contains web servers.
- The other private subnet contains a two-node RAC database, with the individual databases labeled Node1 and Node2.
The public subnet of AD1 contains a primary load balancer, which is connected as follows:
- By TCP to the cloud.
- Bidirectionally to web servers in one of the AD1 private subnets.
- Bidirectionally to the VM in one of the AD2 private subnets.
- To a standby load balancer in AD2's public subnet.
AD1's first private subnet contains a VM, which is connected bidirectionally to the AD1 public subnet load balancer, as described
previously, and bidirectionally to a database system in AD2's database tier subnet.
AD2 contains:
- In the public subnet, the standby load balancer connected to AD1's load balancer.
- In the private subnet, thre VMs are connected bidirectionally to the two-node RAC database in the other private subnet.
- In the web server subnet, a VM that receives data via SSH from a bastion host, also in the private subnet but not part of
the web server cluster.
AD2 also contains in the private subnet that contains the web servers a bastion host that links one way, secured by SSH,
to those webservers and one way, also secured by SSH, to the two-node RAC database.
The bastion host is connected bidirectionally outside the region over SSH to a dynamic routing gateway, which itself connects
bidirectionally over FastConnect VP to the customer's datacenter.
The the two-node RAC database is connected to external object storage by a service gateway to Recovery Manager (RMAN) backup
service.
