1. Enable a split-stack architecture spanning Oracle Cloud and other providers using Equinix
  2. Enable a Split-Stack Architecture Spanning Oracle Cloud and Other Providers Using Equinix

Enable a Split-Stack Architecture Spanning Oracle Cloud and Other Providers Using Equinix

Oracle Cloud provides the best performance at the lowest cost for your database workloads. If your applications are deployed on another cloud provider, leverage the cost and performance advantages of Oracle Cloud by implementing a split-stack architecture. Move your database to Oracle Cloud, and implement secure cross-cloud connectivity with the remainder of the stack.

This reference architecture shows how you can set up private connectivity between an application hosted by a third-party cloud provider and an autonomous database in Oracle Cloud Infrastructure, using Equinix Network Edge. Equinix is a global digital infrastructure provider with over 220 locations and provides private interconnection to all the major cloud providers.

Architecture

The multicloud topology in this reference architecture has an autonomous database deployed in an Oracle Cloud region serving an application running in an Amazon Web Services (AWS) region.

Network communication between the application in AWS and the database in Oracle Cloud is routed through private circuits built over Equinix Fabric using AWS Direct Connect and Oracle Cloud Infrastructure FastConnect. Routing between the two circuits is performed by a virtual router hosted by the Equinix Network Edge network function virtualization (NFV) platform.


Description of oci-aws-equinix.png follows
Description of the illustration oci-aws-equinix.png

oci-aws-equinix.zip

The architecture has the following components:

  • Oracle Cloud components
    • Region

      An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

    • Virtual cloud network (VCN)

      A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.

    • Dynamic routing gateway (DRG)

      The DRG is a virtual router that provides a path for private network traffic between a VCN and a network outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or a network in another cloud provider.

    • FastConnect

      Oracle Cloud Infrastructure FastConnect provides an easy way to create a dedicated, private connection between your data center and Oracle Cloud Infrastructure. FastConnect provides higher-bandwidth options and a more reliable networking experience when compared with internet-based connections.

    • Database

      Oracle Cloud Infrastructure offers multiple database services. All of them are qualified for this architecture. This example shows an autonomous database.

      Oracle Cloud Infrastructure autonomous databases are fully managed, preconfigured database environments that you can use for transaction processing and data warehousing workloads. You do not need to configure or manage any hardware, or install any software. Oracle Cloud Infrastructure handles creating the database, as well as backing up, patching, upgrading, and tuning the database.

  • Amazon Web Services components
    • Compute EC2

      Compute EC2 is a web service that provides compute capacity in the cloud. In this architecture, the application is hosted on a Compute EC2 instance.

    • Virtual private cloud (VPC)

      A VPC is a virtual network that you create in an AWS region.

    • Direct Connect

      Direct Connect is a private network circuit between a VPC and a network outside AWS. It offers stable throughput and low latency, bypassing the public Internet. It's the AWS-equivalent of Oracle Cloud Infrastructure FastConnect.

    • Private virtual interface (VIF)

      A private VIF allows the association between a Direct Connect gateway and a virtual private gateway.

    • Virtual private gateway (VPGW)

      A VPGW allows connectivity between a private VIF and resources located in a VPC on private IP addresses.

  • Equinix components
    • Equinix Fabric

      Equinix Fabric is a switch platform that provides private connectivity to a large selection of public cloud and other service providers from Equinix locations, in the form of virtual connections. These connections are provisioned using software-defined networking, and you manage them through a portal or using API. Equinix Fabric also interconnects Equinix locations globally, and connects to other Equinix services, such as Network Edge or Metal.

    • Equinix Network Edge virtual router

      Network Edge is a network function virtualization (NFV) infrastructure managed by Equinix. It allows deploying virtual instances of network appliances (routers, firewalls, SD-WAN, and so on) from various providers, such as Cisco, Juniper Networks, Fortinet, and Palo Alto Networks.

Recommendations

Use the following recommendations as a starting point. Your requirements might differ from the architecture described here.

  • Network CIDR blocks

    Select CIDR blocks that don't overlap with any other network (in Oracle Cloud Infrastructure, your on-premises data center, or another cloud provider) to which you intend to set up private connections.

  • Choice of interconnection location

    This architecture requires one or more geographic locations for its components: the Oracle Cloud Infrastructure region and associated FastConnect edge node, the AWS region and associated Direct Connect edge node, and the Equinix location with Fabric and Network Edge. If your application doesn't have stringent dependencies on the network latency between the front end and the database, you can choose virtually any Oracle Cloud Infrastructure region, any AWS region, and any Equinix location; and use the global reach of Equinix Fabric to interconnect the cross-region topology.

    However, to keep the network latency between the application and the database low, Oracle recommends that you select a city that has an Oracle Cloud Infrastructure region, an AWS region, and an Equinix location with Fabric and Network Edge services. The following are a few examples of such cities: London, UK; Frankfurt, Germany; Ashburn, Virginia, USA; and Tokyo, Japan.

  • High availability

    The architecture shows a single end-to-end multicloud interconnection. For high availability in production environments, Oracle recommends that you deploy redundant network resources for each component of the interconnection.

Considerations

When implementing connectivity for a cross-cloud topology, consider the following factors:

  • Performance

    Besides latency, another important factor that affects performance is the throughput available between components. For Oracle Cloud Infrastructure FastConnect, AWS Direct Connect, and Equinix Fabric Virtual connections, you can select the size of the link according to your needs.

    The throughput of Network Edge depends on the license model that you select. You can either bring your own license (BYOL) or buy from Equinix on a pay-as-you-go basis.

  • Security

    The cross-cloud interconnection shown in this architecture is based on a private connection, which is more secure than the public internet. Note that though this connection is private, the traffic is not encrypted. You and Equinix share the responsibility for the security of the Equinix Network Edge virtual router. Out-of-band management is supported through an internet link for SSH sessions.

  • Cost

    The cost of the cross-cloud interconnection shown in this architecture depends on the costs of the following resources:

    • Equinix
      • Virtual router infrastructure
      • License for the virtual router (if you don't use the BYOL model)
      • Virtual connection to Oracle Cloud (plus remote VC charges if the Oracle Cloud Infrastructure FastConnect node is in another city)
      • Virtual connection to AWS (plus remote VC charges if AWS Direct Connect node is in another city)
    • AWS
      • Direct Connect
      • Egress data transfer
    • Oracle Cloud Infrastructure FastConnect

Explore More

Learn more about implementing connectivity for multicloud topologies with Oracle Cloud and other providers using Equinix Network Edge.