Recently came across interesting use case, so thought to cover blog on that topic. One of my Customer was having issue to connect OIC to Oracle Autonomous Database (ADB) which is sitting in private subnet via Oracle Integration Cloud connectivity agent. So, I did some debugging and fix the issue and that learning I am going to cover here. I will explain here how we can setup an ATP Database in private subnet, setup all required security/firewall rules, setup OIC connectivity agent, bastion compute in public subnet and then connecting OIC to ATP DB sitting in private subnet via Connectivity agent.
In this fictitious scenario, customer HR division representative sending employee code to OIC REST endpoint to retrieve detailed information for an employee record which is been stored in Oracle ADB instance located in private subnet. Since, ADB is in private subnet it’s not accessible to outside world even app tier, and that’s where OIC Connectivity agent comes into picture to provide connectivity between OIC which is public internet and ADB database which is in private subnet.
Step-by-step guide discovering how to provision and build a business processwith OCI Process Automation
OCI Process Automation (shortly OPA) is an OCI PaaS Oracle Managed cloud service which helps customers to build their business processes based on Structured or Unstructured models. This is the best solution to easily manage business processes granting to business users to build their own implementations without coding but just using a web browser and drag&drop capabilities… what we usually call a “no code” environment
The article has the goal to explain how, step by step, we can quickly test the features included in OPA… starting from my experience with the tool.
Just to simplify the explanation, I will describe a “happy path” process … in my example building one business process which usually is quite loved by everyone…. mainly when talking about the Vacation Request Approvals 🙂
Oracle Fusion Applications are a suite of applications built on Oracle Cloud that include cloud-based applications for enterprise resource planning, enterprise performance management, supply chain management and manufacturing, human capital management, and customer experience.
There are numerous use cases where standard object resides inside Fusion ERP needs to be extended to include more fields or completely new Custom object needs to be created.
In this blog, I will be covering how you can create a new Custom Object inside Fusion ERP and trigger transactions for that Custom object.
A Custom Purchase Order (PO) will be created inside Fusion ERP, as soon as record will be created, it triggers the event which Oracle Integration Cloud (OIC) has subscribed and get all the data, once data reached integration layer, it is invoking a Visual Basic Cloud Service Web application REST API to insert that data into VBCS application. In turn that PO can further be updated inside VBCS and send back updated information to Fusion ERP.
My Objective in this blog to show the low-level steps needed at Fusion ERP to create & publish Custom object. The Oracle Integration Cloud Integrations & VBCS assets I will not be covering in details.
Oracle Visual Builder is a cloud based UX development Platform as a Service (PaaS) offering from Oracle Cloud. It provides an open-source standards-based solution to develop, collaborate on, and deploy Web and Mobile applications within Oracle Cloud.
VBCS also provide another awesome feature called Business Objects. A business object is a resource, such as an invoice or purchase order, like a database table; it has fields that hold the data for your application. Like a database table, a business object provides the structure for data used with business processes. Business objects are stored in a database.
Business Object also get exposed through REST Endpoint out-of-box, user doesn’t need to install/configure anything other than just creating a Business Object. However, those REST API are protected and need authentication when someone want to access from outside word.
In this blog, I am listing very simple steps what’s needed if developers want to expose Business Object REST API to outside world as anonymous users.
In the world of cloud computing there are often multiple ways to achieve the same or similar result. In Oracle Cloud Infrastructure (OCI) logs are generated by the platform itself such as audit logs, OCI native services such as the Network Firewall Service, and custom logs from compute instances or your applications. These logs typically live in OCI logging where you can view them, or search them if required.
Collecting and storing logs is useful, however if you want to produce insights then you will need a way to analyse and visualise the log data. OCI Logging Analytics allows you to index, enrich, aggregate, explore, search, analyse, correlate, visualise and monitor all log data from your applications and system infrastructure.
From OCI logging there are two common ways in which logs can be ingested into Logging Analytics. The first is using a Service Connector to send logs to an Object Storage bucket, and an Object Collection Rule to then import the logs into Logging Analytics. The second option uses a Service Connector to send the logs directly to Logging Analytics. Both are valid options however require some consideration before use.
HTTPS is essential as it protects the privacy of our data over the Internet. W3’s 2022 report shows nearly 80% of all websites use HTTPS as their default web protocol, up 6% on the previous year.
Getting started with HTTP/TLS is fairly straightforward. Obtain a CA signed certificate, configure it on your web servers and reverse proxy load balancers and you’re good to go. But how do you ensure your configuration stays up-to-date with current industry standards?
CyberSecurity is an arms race. As hardware and software evolves, so do the tools and techniques created to exploit them. This fierce race largely drives the innovation that we see in the industry today.
How does this relate to TLS? Since the inception of SSLv1 by Netscape in the 90’s there’s been many revisions, SSLv2, SSLv3, TLSv1.1, TLSv1.2 with the current version being TLSv1.3. TLSv1.1 was deprecated in 2021, with new versions being released approximately every 5 years. Given the rate at which exploits are discovered these release cycles will also need to keep pace.
For organisations this poses a number of interesting challenges because you can only control what TLS versions you support. Also if your website or API is public then it’s likely you have no control over the connecting client, or which TLS versions they’re able to use.
This blog title seems quite easy and simple but there are bit of steps to manage SOA Market Place Image (SOA MP) Database password reset configuration within application tier which I will discuss in this blog.
There could be multiple situations when user needs to change SOA MP Database password e.g. SOA MP DB password might got expired, or about to expire hence that’s must need to reset to new password which should get further updated all relevant places inside SOA application tier.
In my case it was for SOA dev/test environment eventually SOA MP DB password has default expiry set for 6-month time and it got expired, due to which SOA application was not coming up and constantly keep throwing below error-
Caused by: java.sql.SQLException: ORA-28001: the password has expired
A real implementation often has different aspects which need to be addressed. Some of them are:
A tool to be used for building the integration among applications and technologies, possibly leveraging a low code environment
A tool to expose the APIs enabling the integration with third party applications applying in addition security policies, caching capabilities, routing, etc
A tool to monitor from IT Operation perspective the entire solution as just one application skipping the need to manage several silos or frameworks
Oracle Cloud can provide the right answer to your developer needs using the best Cloud native services and here identified by OCI API Gateway (API GTW), Oracle Integration (OIC) and OCI Logging and Analytics (LA)
If you are already using Oracle Integration for your development purposes probably you have already noticed the chance you have to configure the API Management solution that you prefer, exposing what you have already built.
From OIC console, you can access the “Setting” section and configure properly what you need
Clicking on the “API Management” link you can configure the connection to your OCI API Gateway instance
How and where can you find the required information?
Tenancy OCID can be found navigating the OCI Console and clicking on “Tenancy” details
Copy and paste this value on the previous screen into the Oracle Integration console
User OCID can be found from OCI Console under the link “My Profile”.
Also in this case, copy and paste the “OCID Id” into the Oracle Integration console
Finger Print: from OCI Console, after having selected “User Profile”, click on “API Keys” and from here you can add a new API Key
Download the “private key” than click “add”
A new key will appear among those eventually already generated previously
Private Key: this one, in pem format, comes from the activities previously done during the API Key creation. Before uploading the key in the API Management setting, you need to convert this one. The key that you have downloaded is in PKCS8 format and this one must be converted to RSA (PKCS1) before using it for the API Management connection, using the following command from your shell
Once converted the file, you can upload your new key to complete the configuration with your API Management connection.
Click “Save” and that’s all
Now from your Oracle Integration console, you can work with your integration flows and after having completed your implementation you are now ready to publish your asset to you OCI API Gateway instance. I’m using the “ECHO” integration flow as an example
Clicking on API Management you can publish the integration flow providing all the required information and details as below presented
selecting the Compartment where your OCI API Gateway is running and the right API GTW instance (for example that one for the TEST environment)
Clicking on the “Deploy” button and wait for few seconds before seeing your service exposed into you OCI API Gateway instance (in my case “MyAPIGateway”)
Clicking on the active gateway instance, you can access to the deployed APIs
as below shown
Clicking on your service, it’s possible to configure the policy you want to apply. In the case below shown, a “Rate Limiting” policy has been applied to control and filter the use of this service
So, jumping again into the previous webpage, where your REST service is detailed, you can copy the URL of the API endpoint to use it for invocation
Open your REST client (or simply a browser) to test your service
The invocation has been successfully tested.
Now, you can monitor the metrics from the OCI API Gateway console in the “Metrics” section to get more details about the behavior; you can select the right time interval to check and get visibility of the API execution
At the same time, you can also have a look at your Oracle Integration console to see how the calls have been managed by the integration platform and if needed you can submit again manually the requests in case of error if, of course, they are involving back-end systems which ahd some problems (networking issues, maintenance, …).
and getting further info about the execution and all details about the business message
In this case, I have used 2 different consoles to monitor OCI API Gateway and Oracle Integration respectevely.
Keep in mind that Oracle Cloud Infrastructure can help you in case you want to consolidate in just one console several information coming from different and disparate OCI Services.
This is the right case for using OCI Logging & Analytics; it allows you to build your own dashboard collecting all info you need from IT Operations perspective and just if needed you can use the dedicated console of each service to leverage deeper and specific management capabilities (errors management, resubmitting faulted instances, changing scheduling parameters, modifying security policies, tuning caching options, etc).
How to use OCI Logging & Analytics?
Using OCI Console and clicking on “Observability and Management” as below described
and select “Logging Analytics” link
From here you can create your own dashboard to include all information you need. In my case I have built a dashboard (“My OCI Dashboard”) collecting info from OCI API Gateway, Oracle Integration and Logging & Analytics itself, as below described:
The screenshot upper represented, includes 6 different widgets which are collecting metrics from different sources so including in just one console all information you want about latency, inbound requests, bytes ingested, bytes sent, etc
How to create a Logging & Analytics dashboard?
Not really hard… on the contrary very straightforward procedure and you can get more details looking at the following blog post:
There is nothing like experience. Having been there and having done that is the best benefit that one can offer to those who require our services, the knowhow. Cloud, specifically Infrastructure as a Service (IaaS), is a skill that is in high demand. One way to validate the gained experience is via a certification from your IaaS provider of choice. You are reading this blog post on Red Thunder, which means that Oracle Cloud Infrastructure (OCI) is your vendor of choice!
A certification is also a great way to start gaining experience, and the good news is that there is no better time for earning OCI certifications than today because for the rest of 2021 you can pursuit and earn OCI certifications for free!!! Not only can you secure a free 30 day trial on OCI (including always free resources), but also you can study all the OCI learning material free of charge. Oracle and Oracle University have released all the learning material that serves as a guide to OCI certifications, in addition to free OCI training, OCI certification testing is also free until 31 December, 2021
These are the some of the OCI certifications that you can pursuit and earn free of charge:
Summarizing, the learning material from Oracle University is free of charge, the certification testing is also free until 31 December, 2021. You can subscribe to a free 30 day Oracle Cloud Infrastructure trial, which you can use for doing OCI labs, and you can keep the always free resources for life; resources such as Compute, Virtual Cloud Network, Autonomous Database, Network Load Balancer, among others. Therefore, whether you are new to OCI or already have hands-on experience today is the best time for pursuing your OCI certification.
In today’s world, the norm for videos is that they should be short in length, even if they are instructional videos. They cite the short attention span of the targeted audience…. And I do agree to some extent. However, in tech there are many occasions that require a longer length so they can properly address all the details of the topic at hand. Back in March 2021, I recorded myself for the purpose of demonstrating how to configure to completion an Inter-Cloud VPN connection using the Oracle Cloud Infrastructure (OCI) native IPSec VPN tunnel against a Customer Premises Equipment (CPE) with LibreSwan on an Amazon Web Services (AWS) Elastic Cloud Compute (EC2) instance. The video is nearly 30 minutes long! Only the truly committed will follow along, which is the intention.
I used official OCI documentation as a basis. Basically I explain every single step on this document while I perform them on both OCI and AWS consoles.