Oracle Cloud VMware solution for easy deployment and management of applications. In Oracle Cloud VMware Soft Data Center (SDDC), you're in complete control.
This solution, customer managed, is installed in a pure VMware cloud environment, within the customer's tenant. Familiar VMware tools, full control. Easily migrate or scale VMware workloads to the cloud without refactoring applications or replacements. As a result, users can deploy Tier 3 applications on this combined solution and access the full functionality of VMware SDDCs, including: High Availability: VMware components are distributed across different fault domains in OCI regional availability domains.
Scalability: Uses an intensive form factor, starting with 3 ESXi hosts, and a single SDDC can scale up to 64 hosts. In the standard mode, you can start with 3 hosts and scale up to 8 hosts in a single ESXi cluster.
Flexibility: Oracle Cloud VMware Solution is the most flexible solution in the cloud. Compute and storage resources that can be scaled independently. Use Oracle Cloud Infrastructure block volumes to scale storage, whether it's a standard form factor for primary data storage or a dense form factor for secondary data storage.
Migration and Relocation: Seamlessly migrate on-premises VMware workloads to VMware SDKs.
Fully integrated: The SDDC resides on a Virtual Cloud Network (VCN) and can be configured to communicate with other OCI resources, such as compute instances, database services, storage services, continuous integration and continuous deployment (CI CD), and more.
Easy to manage: The OCI console provides workflows for SDDC creation and network configuration.
Layer 2 network: Oracle Cloud VMware solution uses VLANs in OCI for SDDC connections. Applications that require sub-millisecond latency can be deployed or migrated to the cloud with confidence using OCI's Layer 2 network.
This reference architecture illustrates a three-tier application stack in Oracle Cloud Infrastructure (OCI) deployed in a VMware Soft-Defined Data Center (SDDC) created with Oracle Cloud VMware Solution. The load balancer receives client requests and allocates them to front-end application stack virtual machines (VMs) running in VMware SDDC. VMware SDDCs leverage three fault domains in the OCI region for high availability. Bare metal ESXi hosts are deployed across fault domains. VMs can vmotion to any ESXi host in the SDDC to ensure high availability. The application stack is connected to an Oracle Exadata Database Service dedicated infrastructure instance deployed in the same OCI region. Oracle Exadata Database Service's purpose-built infrastructure lets you harness the power of Exadata in the cloud. The scaled architecture of Oracle Exadata Database Service's purpose-built infrastructure enables users to independently and efficiently scale compute and storage resources to meet growing demand. Oracle's Exadata Database Service purpose-built infrastructure provides RDMA Beyond Converged Ethernet (Roce) networking for high bandwidth and low latency, Exadata RDMA Memory (XRMEM) for shared read acceleration, and intelligent Exadata software for high-performance database workload processing. Exadata Cloud Infrastructure deployments include built-in Oracle Maximum Availability Architecture (Oracle MAA) best practices to increase database availability. Oracle Exadata Database Service Dedicated Infrastructure reduces downtime and simplifies operations management by providing zero-downtime maintenance,** scaling, and automatic provisioning of Oracle Real Application Clusters (Oracle RAC) and Oracle Active Data Guard. For the resiliency of the application and database layers, it is recommended to use an alternate disaster recovery (DR) instance. DR instances can be deployed in different OCI regions with the same architecture. The following diagram illustrates the schema:
The components of the architecture are as follows:TenantsWhen you sign up for Oracle Cloud Infrastructure, Oracle sets up a secure and isolated tenant for you in Oracle Cloud. You can create, organize, and manage your Oracle Cloud resources within your tenant. A tenant is equivalent to a company or organization. Typically, a company will have one tenant and its organizational structure will be reflected within that tenant. A tenant is typically associated with a subscription, and a subscription typically has only one tenant. areaAn Oracle Cloud Infrastructure region is a geographically localized region that contains one or more data centers, called an Availability Domain. Regions are independent of other regions and may be far apart from each other (across countries or even continents). Available domainsAn availability domain is a separate, independent data center within a region. The physical resources within each Availability Domain are isolated from the resources of the other Availability Domains, providing failure tolerance. Availability Domains do not share infrastructure such as power or cooling, or a network of internal Availability Domains. As a result, a failure of one Availability Zone is unlikely to affect other Availability Domains within that region. Fault domainsA fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains, with independent power and hardware. When you distribute resources across multiple fault domains, your application can withstand physical server failures, system maintenance, and power failures within fault domains. Virtual Cloud Networks (VCNs) and SubnetsA VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like a traditional data center network, a VCN allows you to have complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks, which you can change after the VCN is created. You can split a VCN into subnets, which can be scoped to a region or an available domain. Each subnet contains a series of contiguous addresses that do not overlap with other subnets in the VCN. You can change the size of the subnet after it has been created. Subnets can be public or private. Routing tablesThe virtual routing table contains rules for routing subnet traffic to destinations outside the VCN, typically through a gateway. Safe listsFor each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet. fastconnectOracle Cloud Infrastructure FastConnect provides an easy way to create a private, private connection between your data center and Oracle Cloud Infrastructure. FastConnect offers higher bandwidth options and a more reliable network experience than internet-based connections. Internet gatewaysAn internet gateway allows traffic between a public subnet in a VCN and the public internet. Dynamic Routing Gateway (DRG).A DRG is a virtual router that provides paths for private network traffic between VCNs within the same region, and between VCNs and networks outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or another cloud provider's network. Services GatewayThe Services Gateway provides a way for the VCN to access other services, such as Oracle Cloud Infrastructure Object Storage. Traffic from the VCN to the Oracle service travels through the Oracle network fabric and does not traverse the Internet. Bastion serviceOracle Cloud Infrastructure Bastion provides limited and time-bound secure access to resources that do not have public endpoints and require strict resource access controls, such as bare metal and virtual machines, Oracle MySQL Database Service, Autonomous Transaction Processing (ATP), Oracle Container Engine (OKE), and any other resource that allows access to Secure Shell Protocol (SSH). With Oracle Cloud Infrastructure Bastion Service, you can enable access to private hosts without deploying and maintaining springboard hosts. In addition, you can gain an improved security posture with identity-based permissions and centralized, recorded, time-bound SSH sessions. Oracle Cloud Infrastructure Bastion eliminates the need for public IPs for bastion access, eliminating the hassle and potential attack surface when providing remote access. Load balancingdeviceOracle Cloud Infrastructure Load Balancing provides automated traffic distribution to multiple servers on the backend from a single point of entry. CalculationsOracle Cloud Infrastructure Compute enables you to provision and manage compute hosts in the cloud. You can launch compute instance shapes that match your CPU, memory, network bandwidth, and storage resource needs. Once you have created a compute instance, you can safely access it, restart it, attach and detach the volume, and terminate it when you no longer need it. Bare metalOracle's bare metal servers provide isolation, visibility, and control through the use of dedicated compute instances. These servers support applications that require high core counts, large amounts of memory, and high bandwidth. They can scale to the industry's largest 160 cores, 2 TB of RAM, and up to 1 PB of block storage. Customers can build cloud environments on Oracle's bare metal servers, delivering significant performance gains compared to other public cloud and on-premises data centers. Dedicated infrastructure for Oracle Exadata Database ServicesOracle Exadata Database Service Dedicated Infrastructure provides Oracle Exadata Database machines as a service in Oracle Cloud Infrastructure (OCI) data centers. An Oracle Exadata Database Service Dedicated Infrastructure Instance is a cluster of virtual machines (VMs) that is deployed on an Exadata rack in an OCI Region. Object storageObject storage provides fast access to large amounts of structured and unstructured data, including database backups, analytics data, and rich content such as images and data. You can store your data securely and securely and then retrieve it directly from within the internet or cloud platform. You can seamlessly scale your storage without experiencing degradation in performance or service reliability. For "hot" storage that you need fast, immediate, and frequent access, use standard storage. Use archive storage for "cold" storage that you keep for long periods of time and have little or no access. Block volumesWith block volumes, you can create, attach, connect, and move volumes, and change volume performance to meet your storage, performance, and application needs. After attaching and attaching a volume to an instance, you can use the volume as if it were a hard disk. You can also disconnect a volume and attach it to another instance without data loss. Identity and Access Management (IAM).Oracle Cloud Infrastructure Identity and Access Management (IAM) is the access control plane for Oracle Cloud Infrastructure (OCI) and Oracle Cloud Applications. The IAM API and user interface enable you to manage your identity domain and the resources within it. Each OCI IAM identity domain represents a separate identity and access management solution or a different group of users. AuditsOracle Cloud Infrastructure Auditing automatically logs calls to all supported Oracle Cloud Infrastructure public application programming interface (API) endpoints as log events. Currently, all services support logging by Oracle Cloud Infrastructure Auditing. LogsLogging is a highly scalable and fully managed service that provides the ability to access the following types of logs from resources in the cloud: Audit logs: Logs related to events emitted by the audit service.
Service logs: logs emitted by various services, such as API gateways, events, functions, Server Load Balancers, Object Storage Service, and VCN traffic logs.
Custom logs: Logs that contain diagnostic information for custom applications, other cloud providers, or on-premises environments.
Oracle Cloud VMware Solution SDDC is deployed on Oracle Cloud Infrastructure (OCI) bare metal servers. You can start with 3 ESXi hosts in a usage-intensive form factor and scale up to 64 hosts in a single SDDC. VMs are isolated in NSX overlay subnets. NSX Edge provides Network Address Translation (NAT) from IP in NSX overlays to OCI Virtual Local Area Network (VLAN). OCVS SDDC uses Oracle Cloud Infrastructure Block Volumes, Oracle Cloud Infrastructure File Storage, and Oracle Cloud Infrastructure Object Storage to meet VM file system and application storage needs. The following diagram illustrates the architecture of Oracle Cloud VMware Solution, the software-defined data center (SDDC). 
In addition to the components of the common architecture described above, the architecture includes the following components: VMware vSphere (ESXI)VMware vSphere ESXI is an enterprise-grade, type-1 hypervisor. In this architecture, the hypervisor runs on bare metal compute instances that use intensive IO form factors, providing a solid foundation for the entire SDDC.
Compute Virtual Machines: The virtual machines (VMs) in this architecture run on VMware ESXi hypervisors. You can select the guest operating system of the VM and specify the CPU and memory you want. For example, you can deploy a simple Python Flask application running on CentOS 8 with two CPUs and 2 GB of RAM.
When you subscribe to Oracle Exadata Database Service Dedicated Infrastructure, Oracle owns and manages the Exadata infrastructure, while customers manage everything that runs in database virtual machines (VMs). Customer VMs include Oracle Grid infrastructure software, database software, customer data, schemas, and encryption keys. You can schedule a maintenance window to allow Oracle to perform infrastructure maintenance at a time that best suits your business needs. Oracle Exadata Database Service Dedicated Infrastructure simplifies lifecycle tasks such as configuration, scaling, updating, backup, and disaster recovery with Oracle Cloud Infrastructure automation. Application users and administrators can only connect to the database server through the client and backup network that you created earlier with the VCN. Your administrator can connect to your Exadata database service over an HTTPS connection using the web-based Oracle Cloud Infrastructure (OCI) console, OCI command line interface (CLI), and REST API. You can access your database through standard Oracle connectivity methods such as Oracle NET, and can connect to VM clusters through traditional Oracle Linux methods such as token-based Secure Shell (SSH). The following diagram illustrates the high-level network architecture of Oracle Exadata Database Service dedicated infrastructure. 
Oracle Exadata Database Service Dedicated Infrastructure: The Oracle Exadata Database Service Dedicated Infrastructure architecture consists of at least two Exadata Database Servers and three Exadata Storage Servers.
The physical database and storage servers are connected by using a high-speed, low-latency internal ROCE network fabric. Oracle Database uses this network for Oracle Real Application Clusters (RAC) to interconnect traffic and access data on Exadata storage servers.
This minimal configuration provides high availability (HA) protection against device failures and allows ASM in the storage layer to be configured in high redundancy mode (providing triple mirroring of data across storage servers) to protect against disk and storage server failures.
When you need more performance or capacity, you can scale your Oracle Exadata Database Service dedicated infrastructure by simply adding a database or storage server**.
Oracle Exadata Database Service Dedicated Infrastructure Instances are clusters of virtual machines (VMs) deployed on Exadata Cloud Infrastructure.
VMs run on physical Exadata database servers, and the VMs of each Exadata database server form a VM cluster.
A VM can host one or more database hosts, and a database host can host one or more RAC databases.
Client networking: The client network connects the Exadata database server to your existing client network and is used by the client to access the virtual machine. Applications access databases on Exadata Database Services over this network by using a Single Client Access Name (SCAN) and an Oracle RAC Virtual IP (VIP) interface. The client access network uses a pair of network interfaces on each database server to connect to the client network.
Backup Network: A backup network is similar to a client access network in that it connects to the Exadata database server, separating backup traffic and bulk transport from application traffic. Like the client network, the backup network connects to the client network using a pair of network interfaces on each database server.
The following are recommendations for starting points for deploying VMware SDDC workloads in Oracle Cloud Infrastructure (OCI). Your needs may differ from the architecture described here. vcnWhen you create a VCN, determine the number of CIDR blocks you need and the size of each block based on the number of resources you plan to connect to the VCN subnet. CIDR blocks within a standard private IP address space are used.
Select a CIDR block that does not overlap with any other networks (in Oracle Cloud Infrastructure, your on-premises data center, or other cloud providers) that you intend to have a private connection to.
Once the VCN is created, you can change, add, and remove its CIDR blocks.
When designing your subnets, consider your traffic flow and security needs. Attaching all resources within a specific tier or role to the same subnet can serve as a security boundary.
Use regional subnets.
VCN stands for the underlay network of the data center that hosts the VMware SDDC cluster. Oracle Cloud VMWARE Solution creates the subnets and VLANs required for the SDDC cluster. Alternatively, you can use an existing subnet and VLAN as an SDDC. If using existing subnets and VLANs, administrators should create all required VLAN and network security rules beforehand.
If known, you can provide the NSX workload CIDR. Oracle Cloud VMWARE Solution creates an NSX overlay segment and creates an NSX distributed port group called the workload in the VMware vCenter server.
vmware esxiVirtual machinesThe compute instance of the monitorOracle Cloud VMware Solution supports adding and removing hypervisor host capacity to SDDC clusters. As a result, you can start small and scale up as needed. For a healthy cluster to run, an SDDC cluster requires at least three nodes, and you can scale up to 64 hosts in a given SDDC cluster. In order to identify ESXi hosts that belong to an SDDC cluster, you can define a user-friendly prefix for ESXi compute instances.
Currently, BMdenseio2.52. High-throughput IO and flexible computing form support the native deployment of VMware SDDC on OCI. The VMware vSphere cluster in Oracle Cloud VMWare Solution provides a 3-node ESXi cluster with 156 ocpus and 225 TB memory and can scale up to 64 nodes in a cluster. OCI manages the high availability of the bare metal compute instances that host the hypervisor.
For a production environment, you need at least three form factors of hypervisors, including high-io, flexible compute, and standard form factor bare metal deployments.
Network Security Group (NSGS).You can use NSGS to define a set of inbound and outbound rules that apply to a specific VNIC. We recommend using NSGS instead of security lists because NSGS enables you to separate the subnet architecture of your VCN from the security needs of your application.
In the reference architecture, network communication between all load balancers, VMs, and databases is controlled through NSGS.
Disaster Recovery (DR).We recommend that enterprise applications use standby DR instances in different OCI regions.
DR policies must be consistent across three tiers to meet SLA and data durability requirements.
The DR Oracle Cloud VMware Solution environment is synchronized with the production environment using replication tools from VMware (SRM, HCX) and third-party solutions such as Zerto and Veeam replication.
The dedicated infrastructure for Oracle Exadata Database Service uses Oracle Data Guard to synchronize with the production environment. The standby Oracle Exadata Database Service dedicated infrastructure is a transactionally consistent copy of the primary database. Oracle Data Guard automatically maintains synchronization between databases by transferring and applying redone data from the primary database. In the event of a disaster in the primary region, Oracle Data Guard automatically fails over to the standby database in the secondary region.
Front-end load balancers are deployed in standby mode of a network load balancer or use a load balancer as a service (LBaaS) for high availability.
in OraclePlatform-as-a-Servicepaas) and custom appsFor example, Oracle SOA Cloud Service and Oracle WebLogic Server use most of these resources (compute, block volumes, file storage, networking, databases) internally for PaaS services such as OCI. They require a specific disaster recovery strategy to consistently protect all the different layers. Oracle provides detailed best practices designed to create maximum availability architectures (MAAs) and protect such systems from disasters. For specific documentation on disaster recovery (DR) for PaaS, see More Exploration.
Considerations:Consider the following design options when implementing a VMware-based software-defined data center (SDDC) in Oracle Cloud Infrastructure (OCI). Performance: You can vertically scale the CPU and RAM of your VM based on the resource needs of your application.
AvailabilityOracle Cloud VMware Solution adopts VMware's recommended high availability best practices.
VMware components are distributed across different fault domains within the availability domain of a given OCI region.
Oracle Exadata Database Service's purpose-built infrastructure runs with zero data loss.
Data Guard provides transaction-level database disaster recovery and high availability.
Low-latency networks facilitate transaction-level replication.
Block volume zone replication allows for zone-level high availability for VMs and hypervisors.
As an Oracle Premier Partner, Agilewing is redefining the way enterprises experience Oracle Cloud Services. With its streamlined account opening process and best-in-class technical support, Agilewing transforms the complex process of account opening and operation into an easy, intuitive experience. With our one-stop shop, you can quickly get up and running with the full range of Oracle Cloud services, so you can seamlessly integrate into the cloud. Agilewing's AgileCDN service, combined with OCI's cloud-based services, provides a best-in-class global content acceleration solution. A strong network of more than 2,800 global POP nodes and 7,000 direct connection points ensures efficient and stable operation no matter where your business expands to the world. Leveraging the advanced technology of Oracle Cloud, Agilewing is committed to simplifying the process of cloud service building, cloud migration, and business going global. "Our partnership model provides customers with cost-effective solutions that allow them to focus more on their core business while enjoying the high performance and security of Oracle Cloud." Oracle Cloud Service, as a promising field, opens the door to new opportunities for enterprises with its high performance, security, and globally consistent service standards. Through Agilewing's professional services, both individual users and enterprises can easily enter this new era full of technological innovation and high performance. Let Agilewing start exploring Oracle Cloud Services and open the door to a whole new world today.