Deploy an Event-Triggered Serverless Application

Oracle Functions is a serverless, highly scalable, fully managed platform built on Oracle Cloud Infrastructure and powered by the Fn Project open source engine. Developers can use it to write and deploy code that delivers business value without worrying about provisioning or managing the underlying infrastructure. Oracle Functions is container-native with functions packaged as Docker container images.


This reference architecture invokes Oracle Functions with the Oracle Cloud Infrastructure Events service, which responds automatically to changes made to Oracle Cloud Infrastructure Object Storage. Uploading a sample image to Object Storage triggers the Events service, which in turn invokes Oracle Functions. The Fn Project supports most programming languages. This architecture uses Java in the function to extract the metadata from the uploaded image and store it in Oracle Cloud Infrastructure Object Storage.

The following diagram illustrates this reference architecture.

Description of serverless-oci.png follows
Description of the illustration serverless-oci.png

The Oracle Functions architecture has the following components:

  • Region

    A region is a localized geographic area composed of one or more availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or continents).

  • Availability domains

    Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.

  • Virtual cloud network (VCN) and subnets

    A VCN is a software-defined network that you set up in an Oracle Cloud Infrastructure region. VCNs can be segmented into subnets, which can be specific to a region or to an availability domain. Both region-specific and availability domain-specific subnets can coexist in the same VCN. A subnet can be public or private.

    The function in this reference architecture is deployed in a public regional subnet.

  • Oracle Functions

    Oracle Functions lets you deploy your code, call it directly, or trigger it in response to events. Oracle Functions is triggered when the Events service invokes it, processes the image, and stores the metadata back to Object Storage. Oracle Functions uses Docker containers hosted on Oracle Cloud Infrastructure Registry.

  • Events

    Oracle Cloud Infrastructure services emit events, which are structured messages that indicate changes in resources. Events include create, read, update, or delete (CRUD) operations, resource lifecycle state changes, and system events that impact a resource. An event can be emitted when a backup finishes or fails, or when a file in an Object Storage bucket is added, updated, or deleted.

  • Object Storage

    Oracle Cloud Infrastructure Object Storage is an internet-scale, high-performance storage platform that offers reliable and cost-efficient data durability. Object Storage can store an unlimited amount of unstructured data of any content type, including analytic data and rich content, like images and videos. Two distinct storage tiers address the need for frequently accessed "hot" storage (Standard) and less frequently accessed "cold" storage (Archive). Standard Object Storage is for data that you need to access quickly, immediately, and frequently. Archive Storage is for data that you need to seldom or rarely access, but that must be retained and preserved for long periods of time.


Your requirements might differ from the architecture described here. Use the following recommendations as a starting point.

  • VCN

    When you create the VCN, determine how many IP addresses your cloud resources in each subnet require. Using Classless Inter-Domain Routing (CIDR) notation, specify a subnet mask and a network address range large enough for the required IP addresses.

    After you create a VCN, you can't change its address range.

    This architecture uses a public VCN to deploy the function. The function is hosted on a public regional subnet in the VCN. You can also use a private VCN. In that case, you must use a NAT gateway to have access to the internet.

  • Oracle Functions

    In this architecture, Java programming was used to develop the functions. Because the Fn Project supports multiple programming languages, you can use the language of your choice to develop the functions and deploy them.

  • Object Storage

    This architecture uses Standard Object Storage to upload an image and store it, so that the Events service can pick it up when the object is created. Object Storage stores the metadata about the object after Functions processes.

  • Events

    In this architecture, the Oracle Cloud Infrastructure Events service is configured to listen to changes in Object Storage creation. The service is invoked after the object is uploaded to Object Storage and calls the function for processing.


  • Resource limits
    • The maximum object size is 10 TiB.
    • A multipart object can have up to 10000 parts, with each part limited to 50 GiB.
    • The object metadata are stored in JSON format in UTF-8 encoding. The total size of all the metadata assigned to an object is limited to 4000 bytes.
    • Object Storage uses the CIDR IP address block for all regions.
    • You can create a maximum of 10 applications and 20 functions in a tenancy.
    • You can send a maximum of 6 MB of data to a function (the function's request payload). The maximum amount of data that a function can return in response to a request (the function's response payload) is 6 MB. These limits are fixed and can’t be changed.
    • The Events service has a limit of 50 rules per tenancy.
  • Availability

    The Events service is not available in regions within the Government Cloud realm.

  • Manageability

    This architecture uses a sample Java application to write the functions. However, you can use the programming language of your choice.

  • Security

    Use policies to restrict who can access the Oracle Cloud Infrastructure resources that your company has and how.

    For Object Storage, encryption is enabled by default and can’t be turned off.

    All access to functions deployed in Oracle Functions is controlled through Oracle Cloud Infrastructure Identity and Access Management (IAM). IAM allows both function management and function invocation privileges to be assigned to specific users and user groups.

  • Cost

    You pay for only the resources used while a function is running.


The Terraform code for this reference architecture is available on GitHub.

  1. Go to GitHub.
  2. Clone or download the repository to your local computer.
  3. Follow the instructions in the README document.