Hi [subscriber:firstname | default:subscriber],

This is OCI Newsletter #16, good morning!

Feedback is always valued. Contact me via Twitter @svilmune or just send an email if you have any ideas, comments or if you see I'm missing some good source for the weekly news.

New Features

Great new feature was rolled out on Wednesday, Network Security Groups (NSG)! These will work in parallel with Security Lists so you can choose to use either NSGs, SLs or both.

Where Security List is defined on subnet level and all VNICs on that subnet are handled by given Security List, the difference with Network Security Group is you can attach specific VNICs to Network Security Group. This enables you to make application specific security easily for example.

You can also attach source traffic for a NSG to be another NSG so in this sense this is similar to AWS security groups.

Personally I think this is good enhancement. You can now define specific rules on subnet level which applies to all resources running and then further define group specific rules for different applications without need to separate them into different subnets.

Here is a more detailed comparison between NSGs and SLs.

Another new feature this week is you use transit routing to connect your on-premise network to multiple VCNs where one VCN acts as a hub you can now use private IP as a destination. This gives you a possibility to inspect traffic going through for example.

Blogs & News

Stephen Cross has already a post about Network Security Groups which includes how you can provision them with Terraform.

If you need to mount OCI Object Storage bucket as a file system on Oracle Linux, here is a nice way to do it with clear examples.

Oracle employee written post about multi-cloud meaning now with Oracle partnering with Microsoft. I'm still not sure about the use case example where you run applications on one cloud and database on another. Wouldn't it be better to separate based on services you need just for the simplicity?

How to connect two VCNs together via Local Peering Gateway, related also to previously mentioned transit routing!

Another one from the same blogger, how to enable REST APIs to connect to your ATP/ADW database.

Good write up what to expect when upgrading to Terraform 0.12. I recently rewrote part of our Terraform code to support 0.12, in the end it was quite straightforward if you don't plan on adding some new features!

Tip of the week

Terraform Up & Running 2nd edition is available.

This has had major impact on me and how I write Terraform, now it's been rewritten based on Terraform 0.12. Gruntwork also has series of blog posts with good examples.

The author of the book, Yevgeniy Brikman, has a good presentation on Infrastructure as Code with reusable modules as well.


I'm not in partnership with Oracle in any way so all opinions are my personal views and should not be taken as an official statement from Oracle.

You can unsubscribe at any time using the link below if you feel this newsletter is not for you.

Have a great day, thanks for reading!