This image shows a region with one availability domain and 3 fault domains. The region provides access policies, as well as streaming, logging, auditing, and object storage services for the region.

The region provides a single virtual cloud network (VCN) with an internet gateway for communications with online users and third-party tools, a network address translation (NAT) gateway for secure communications, and five subnets arranged as functional tiers. Each subnet provides security lists and a routing table.

• Load Balancer tier (public subnet): Provides load balancers and an API gateway.
• Management tier (public subnet): Provides a management node virtual machine (VM) in fault domain 2.
• Application tier (private subnet): Provides block storage and a VM for the application node in each of the fault domains.
• Microservices tier (private subnet): Provides block storage and a VM for the worker node in each of the fault domains. The subnet also provides Oracle Container Engine for Kubernetes in fault domain 2 and file storage for the subnet.
• Database tier (private subnet): Provides the following:
  • File storage for the subnet
  • Block storage and a VM for the Document store in fault domain 1
  • A VM for SPIRE workload attestation and an instance of Oracle MySQL Database Service in fault domain 2
  • Block storage, a VM for the Redis cache node, and an instance of Oracle MySQL Database Service in fault domain 3