Plan Your Deployment Strategy
.tfvars
files or JSON configurations where no coding is needed.
For example, you can use OCI Landing Zones which enable repeatable, 1-click provisioning of a CIS-hardened tenancy and workload infrastructure, including essential cloud services like identity, security, networking, observability, and governance. Workload resources can then be deployed on top for specific applications.
Choose a Region Based on Your Customers and Data
Cloud Architect, Network Architect, Cloud Operations Manager
Adopt Infrastructure as Code
Cloud Architect, DevOps Architect, Cloud Operations Manager
The following elements enable you to define and manage your infrastructure using code:
- Oracle Cloud Infrastructure Landing Zones
OCI Landing Zones provide you with a complete set of OCI blueprints, that include ready-to-use designs, configurations, and declarative IaC Terraform modules that can be used for any OCI architecture and deployment model.
- Oracle Cloud Infrastructure Resource
Manager
Resource Manager automates the process of provisioning your OCI resources by using Terraform to help you install, configure, and manage resources through the infrastructure-as-code model.
- Oracle Cloud Infrastructure Events
Events automate the response to resource changes in your tenancy. OCI services emit event messages, which are structured messages that indicate changes in resources. You can create automation based on the state changes of resources throughout your tenancy and allow your development teams to automatically respond when a resource changes its state.
- Oracle Cloud Infrastructure
Functions
Functions provide a highly scalable and fully managed serverless platform. After you deploy your code, you can use events to trigger operational procedures that are coded as functions.
Adopt Terraform to Implement Repeatable Workflows
DevOps Architect, Application Architect, Cloud Operations Manager
You can share these files among team members, treat them as code, edit, review, and version them.
You can use the OCI Terraform provider to manage OCI resources wherever you use a Terraform distribution, including Terraform Cloud and Oracle Cloud Infrastructure Resource
Manager. On top of the OCI Terraform provider, you can leverage OCI Landing Zones Terraform modules that provide a declarative configurable approach with classic .tfvars
or JSON configuration files where no coding skills are needed.
When using Terraform with OCI, consider the following:
- Terraform is code and should be treated as such using a control version system. OCI Resource Manager can leverage Git repositories to run the code.
- Consider using Instance Principal as authentication for the OCI Provider if you're running on a VM Compute Instance in OCI.
- Maintain Terraform state files in secure locations accessible by your Terraform stack and its runtime, with the correct level of granularity. Segregate and split your resources in Terraform stacks when you expand your OCI resources; because all resources in one stack will be in one single state file, which can take time to process, that can potentially block important updates on other resources. When using OCI Resource Manager, each stack will contain its own state file.
- OCI Landing Zones blueprints are configurations built to run with OCI Landing Zones Terraform modules. You can use these blueprints out of the box as they implement many best practices, or modify them to support your unique use cases. If you use the declarative approach using JSON configurations no Terraform coding skills are needed to run your deployment.
Adopt the OCI Designer Toolkit (OKIT)
DevOps Architect, Infrastructure Architect, Cloud Operations Manager
The web-based interface enables architects and designers to build a visual representation of their infrastructure and then export this in a number of formats. Once completed, you can enhance the design to add key property information allowing you to export the designed infrastructure to a number of DevOps frameworks.
You can use OKIT to introspect existing OCI environments, through simple query functionality embedded within the web interface, to provide a portable generic JSON file. You can use the JSON file to visualize existing systems or generate a set of Terraform or Ansible scripts that you can use to build the designed OCI infrastructure as a zip file.
OKIT models supports the use of Cloud Init
scripts to
further automate compute resource deployments. OKIT is essentially a single user tool
best suited to run locally, as it's using a user's personal keys to authenticate to a
tenancy. Using Oracle Cloud Infrastructure Resource
Manager allows you to share designs. You can export OKIT designs in JSON format, which you
can version control.
Automate Simple and Repeatable Actions
DevOps Architect, Cloud Operations Manager
The CLI provides the same core functionality as the Console, plus additional commands. Some of these, such as the ability to run scripts, extend the OCI Console functionality. The CLI supports Python versions 3.6 and later running on MacOS, Windows, or a supported Linux distribution. Additionally, you can configure it to leverage federated identities instead of relying on static credentials.
Adopt Configuration Management Tools
DevOps Architect, Infrastructure Architect, Cloud Operations Manager
Ansible modules enable you to automate configuring and provisioning your cloud infrastructure, deploying and updating software assets, and orchestrating your complex operational processes to reduce risk and achieve agility with workloads deployment and configuration. Ansible playbooks automate configuration, deployment, and orchestration tasks.
OCI supports the use of Ansible modules to automate cloud infrastructure provisioning and configuration, orchestration of complex operational processes, and deployment and update of your software assets. The OCI Ansible collection supports Ansible Tower and AWX.
Adopt Build and Deployment Management Systems
DevOps Architect, Cloud Operations Manager