In Part 4 - https://www.letsdosometech.com/post/part-4-building-a-short-end-to-end-environment-in-oci, we have covered creation of Domain Zones and Web Application Firewall.
Areas covered so far -
- Building Compartments. ( Completed in Part 1 )
- Building VCN’s. ( Completed in Part 2 )
- Building Compute instances. ( Completed in Part 3 )
- Building Load Balancer. ( Completed in Part 3 )
- Building DB Systems. ( Completed in Part 3 )
- Create domain zones. ( Completed in Part 4 )
- Create WAF. ( Completed in Part 4 )
- Create VCN Flow logs.
- Create Load balancer Logging.
- Create object storage & replication policies.
- Create resources in secondary region.
- Create DRG’s in both regions.
- Remote peering connections.
- Validate connectivity between both regions.
Let's start with creation of VCN Flow logs and Load balancer logging in this part.
Create VCN Logs:
Agenda: Creating VCN Flow logs for the AppSubnet created in our VCN.
Step 1: Log on to the cloud account, switch to the VCN - Appsubnet created.
Step 2: Under Resources select Logs, we will find flow logs category under logs.
Step 3: Click on the Enable log, please note that by default it would under "Not Enabled" state.
Step 4: Select the appropriate compartment, log group while creation. Incase there's no available log group, create new log groups as per requirement.
Step 5: Click on Enable log post selection and the we would see the status as enabled under logs.
We can validate the logs created by moving under Observability & Management -> Logging -> Logs.
The flow logs data can be explored under the explore log & metrics.
Create Loadbalancer Logging:
Step 1: Move the Load balancer for which we want to enable logging.
Step 2: Select Log under Resources.
Step 3: By default the Access Logs would stand "Not Enabled". Click on the option to enable the Logging.
Step 4: Select the appropriate compartment, Load Balancer details, Log groups while creating the logging.
Step 5: Click on Enable log once data filled completely.
Validate the logs created by moving to the Logging service.
Creation of Object Storage and cross region replication policies:
Agenda: Here we would be creating object storage buckets in Mumbai & Hyderabad regions and enable replication policies to replicate data from one bucket to the other.
Storage bucket under Mumbai would be our target whereas storage bucket under Hyderabad would be our source.
Please note that we should have subscription for the regions to perform this activity.
Step 1: Create a bucket under Hyderabad region with name source-rep. I have used the default Standard tier and the option of using encryption using Oracle Managed keys by default for this setup.
Step 2: Create a bucket under Mumbai region as target-rep and upload an object for sample purpose.
Please observe multiple options which are enabled when clicking on three dots for specific object.
Step 3: Switch to source-rep bucket under Hyderabad Region.
Step 4: Under Resources, check for replication and create replication policy -
Step 5: Select the appropriate region and the bucket target-rep and click Create.
Please note that once replication is enabled, the target bucket would be read-only and we can just view the existing object details but wouldn't be able to rename or delete them.
Let's now try uploading an object in the source bucket and check if it's being replicated to the target bucket.
A sample object is now uploaded to source-rep bucket in Hyderabad region.
Let's check if the object has been replicated to target-rep bucket in Mumbai and yesss it's replicated as you can see below -
That's all for this part guys !! To wrap up , we have covered VCN flow logging , Load balancer logging and Cross region object storage replication in this part. Let's meet in our next part which would be the last one to cover the creation of the resources in secondary region and setting up remote peering connections.
Rest of the parts can be accessed through -
Comments