This image shows primary and disaster recovery topologies across two Oracle Cloud Infrastructure (OCI) regions. The topologies in each region mirror one another and use dynamic routing gateways (DRGs) and remote peering to communicate. The Oracle Services Network in each region provide domain name service (DNS), registry, file and object storage, and backup and restore services. Each region provides a single availability domain and fault domain.

Each region provides 5 compartments:

  • Network Compartment: Provides 1 virtual cloud network (VCN) with the following gateways:
    • Internet gateway: Provides communications between public subnets and internet hosts with added security provided by Tailscale.
    • Network address translation (NAT) gateway: Enables private resources in a VCN to access external integrations and hosts on the internet without exposing those resources to incoming internet connections.
    • Service gateway: VCNs communicate with services such as object storage over the Oracle network fabric without traversing the internet.
    • Dynamic routing gateway (DRG): Provides private connectivity between on-premises networks and VCNs by using Site-to-Site VPN or FastConnect. A DRG also routes traffic between VCNs for remote peering.
    • Remote Peering: Allows subnet resources in different regions to communicate using private IP addresses without routing the traffic over the internet or through your on-premises network.
    The VCN provides load balancing and network security groups (NSG) for Bastion service, load balancer, and database access. The VCN provides public and private subnets with Bastion services augmented with Tailscale as well as private subnets for add development, management, and database resources.
  • Security Compartment: Provides Oracle Cloud Infrastructure Notifications, Oracle Cloud Infrastructure Logging, and Oracle Cloud Guard services.
  • Database Compartment: provides database resources which are synchronized across the regions by using Data Guard.
  • App Development Compartment: Provides Oracle APEX Application Development and applications augmented with Tailscale security.
  • Management Compartment: Includes Mythics image, finance, and security operations as well as tools augmented with Tailscale security including Jenkins, Git repository, and Oracle Linux Automation Manager (OLAM) in their Oracle Cloud Infrastructure Container Engine for Kubernetes cluster.