Automatic Transaction Quarantine

Want to quickly provision your autonomous database? Then look no further than Oracle Autonomous Database Serverless, one of the two deployment choices offered by Oracle Autonomous Database. Autonomous Database Serverless delegates all operational decisions to Oracle, providing you with a completely autonomous experience. Join hosts Lois Houston and Nikita Abraham, along with Oracle Database experts, as they discuss how serverless infrastructure eliminates the need to configure any hardware or install any software because Autonomous Database handles provisioning the database, backing it up, patching and upgrading it, and growing or shrinking it for you. Oracle Autonomous Database Episode: https://oracleuniversitypodcast.libsyn.com/oracle-autonomous-database Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X (formerly Twitter): https://twitter.com/Oracle_Edu Special thanks to Arijit Ghosh, David Wright, Rajeev Grover, and the OU Studio Team for helping us create this episode. -------------------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Lois: Hello and welcome to the Oracle University Podcast. I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Principal Technical Editor. Nikita: Hi everyone! Welcome back to a new season of the Oracle University Podcast. This time, our focus is going to be on Oracle Autonomous Database. We've got a jam-packed season planned with some very special guests joining us. 00:52 Lois: If you're a regular listener of the podcast, you'll remember that we'd spoken a bit about Autonomous Database last year. That was a really good introductory episode so if you missed it, you might want to check it out. Nikita: Yeah, we'll post a link to the episode in today's show notes so you can find it easily. 01:07 Lois: Right, Niki. So, for today's episode, we wanted to focus on Autonomous Database on Serverless Infrastructure and we reached out to three experts in the field: Hannah Nguyen, Sean Stacey, and Kay Malcolm. Hannah is an Associate Cloud Engineer, Sean, a Director of Platform Technology Solutions, and Kay, who's been on the podcast before, is Senior Director of Database Product Management. For this episode, we'll be sharing portions of our conversations with them. So, let's get started. 01:38 Nikita: Hi Hannah! How does Oracle Cloud handle the process of provisioning an Autonomous Database? Hannah: The Oracle Cloud automates the process of provisioning an Autonomous Database, and it automatically provisions for you a highly scalable, highly secure, and a highly available database very simply out of the box. 01:56 Lois: Hannah, what are the components and architecture involved when provisioning an Autonomous Database in Oracle Cloud? Hannah: Provisioning the database involves very few steps. But it's important to understand the components that are part of the provisioned environment. When provisioning a database, the number of CPUs in increments of 1 for serverless, storage in increments of 1 terabyte, and backup are automatically provisioned and enabled in the database. In the background, an Oracle 19c pluggable database is being added to the container database that manages all the user's Autonomous Databases. Because this Autonomous Database runs on Exadata systems, Real Application Clusters is also provisioned in the background to support the on-demand CPU scalability of the service. This is transparent to the user and administrator of the service. But be aware it is there. 02:49 Nikita: Ok…So, what sort of flexibility does the Autonomous Database provide when it comes to managing resource usage and costs, you know… especially in terms of starting, stopping, and scaling instances? Hannah: The Autonomous Database allows you to start your instance very rapidly on demand. It also allows you to stop your instance on demand as well to conserve resources and to pause billing. Do be aware that when you do pause billing, you will not be charged for any CPU cycles because your instance will be stopped. However, you'll still be incurring charges for your monthly billing for your storage. In addition to allowing you to start and stop your instance on demand, it's also possible to scale your database instance on demand as well. All of this can be done very easily using the Database Cloud Console. 03:36 Lois: What about scaling in the Autonomous Database? Hannah: So you can scale up your OCPUs without touching your storage and scale it back down, and you can do the same with your storage. In addition to that, you can also set up autoscaling. So the database, whenever it detects the need, will automatically scale up to three times the base level number of OCPUs that you have allocated or provisioned for the Autonomous Database. 04:00 Nikita: Is autoscaling available for all tiers? Hannah: Autoscaling is not available for an always free database, but it is enabled by default for other tiered environments. Changing the setting does not require downtime. So this can also be set dynamically. One of the advantages of autoscaling is cost because you're billed based on the average number of OCPUs consumed during an hour. 04:23 Lois: Thanks, Hannah! Now, let's bring Sean into the conversation. Hey Sean, I want to talk about moving an autonomous database resource. When or why would I need to move an autonomous database resource from one compartment to another? Sean: There may be a business requirement where you need to move an autonomous database resource, serverless resource, from one compartment to another. Perhaps, there's a different subnet that you would like to move that autonomous database to, or perhaps there's some business applications that are within or accessible or available in that other compartment that you wish to move your autonomous database to take advantage of. 04:58 Nikita: And how simple is this process of moving an autonomous database from one compartment to another? What happens to the backups during this transition? Sean: The way you can do this is simply to take an autonomous database and move it from compartment A to compartment B. And when you do so, the backups, or the automatic backups that are associated with that autonomous database, will be moved with that autonomous database as well. 05:21 Lois: Is there anything that I need to keep in mind when I'm moving an autonomous database between compartments? Sean: A couple of things to be aware of when doing this is, first of all, you must have the appropriate privileges in that compartment in order to move that autonomous database both from the source compartment to the target compartment. In addition to that, once the autonomous database is moved to this new compartment, any policies or anything that's defined in that compartment to govern the authorization and privileges of that said user in that compartment will be applied immediately to that new autonomous database that has been moved into that new compartment. 05:59 Nikita: Sean, I want to ask you about cloning in Autonomous Database. What are the different types of clones that can be created? Sean: It's possible to create a new Autonomous Database as a clone of an existing Autonomous Database. This can be done as a full copy of that existing Autonomous Database, or it can be done as a metadata copy, where the objects and tables are cloned, but they are empty. So there's no rows in the tables. And this clone can be taken from a live running Autonomous Database or even from a backup. So you can take a backup and clone that to a completely new database. 06:35 Lois: But why would you clone in the first place? What are the benefits of this? Sean: When cloning or when creating this clone, it can be created in a completely new compartment from where the source Autonomous Database was originally located. So it's a nice way of moving one database to another compartment to allow developers or another community of users to have access to that environment. 06:58 Nikita: I know that along with having a full clone, you can also have a refreshable clone. Can you tell us more about that? Who is responsible for this? Sean: It's possible to create a refreshable clone from an Autonomous Database. And this is one that would be synced with that source database up to so many days. The task of keeping that refreshable clone in sync with that source database rests upon the shoulders of the administrator. The administrator is the person who is responsible for performing that sync operation. Now, actually performing the operation is very simple, it's point and click. And it's an automated process from the database console. And also be aware that refreshable clones can trail the source database or source Autonomous Database up to seven days. After that period of time, the refreshable clone, if it has not been refreshed or kept in sync with that source database, it will become a standalone, read-only copy of that original source database. 08:00 Nikita: Ok Sean, so if you had to give us the key takeaways on cloning an Autonomous Database, what would they be? Sean: It's very easy and a lot of flexibility when it comes to cloning an Autonomous Database. We have different models that you can take from a live running database instance with zero impact on your workload or from a backup. It can be a full copy, or it can be a metadata copy, as well as a refreshable, read-only clone of a source database. 08:33 Did you know that Oracle University offers free courses on Oracle Cloud Infrastructure? You'll find training on everything from cloud computing, database, and security to artificial intelligence and machine learning, all of which is available free to subscribers. So, get going! Pick a course of your choice, get certified, join the Oracle University Learning Community, and network with your peers. If you are already an Oracle MyLearn user, go to MyLearn to begin your journey. If you have not yet accessed Oracle MyLearn, visit mylearn.oracle.com and create an account to get started. 09:12 Nikita: Welcome back! Thank you, Sean, and hi Kay! I want to ask you about events and notifications in Autonomous Database. Where do they really come in handy? Kay: Events can be used for a variety of notifications, including admin password expiration, ADB services going down, and wallet expiration warnings. There's this service, and it's called the notifications service. It's part of OCI. And this service provides you with the ability to broadcast messages to distributed components using a publish and subscribe model. These notifications can be used to notify you when event rules or alarms are triggered or simply to directly publish a message. In addition to this, there's also something that's called a topic. This is a communication channel for sending messages to subscribers in the topic. You can manage these topics and their subscriptions really easy. It's not hard to do at all. 10:14 Lois: Kay, I want to ask you about backing up Autonomous Databases. How does Autonomous Database handle backups? Kay: Autonomous Database automatically backs up your database for you. The retention period for backups is 60 days. You can restore and recover your database to any point in time during this retention period. You can initiate recovery for your Autonomous Database by using the cloud console or an API call. Autonomous Database automatically restores and recovers your database to the point in time that you specify. In addition to a point in time recovery, we can also perform a restore from a specific backup set. 10:59 Lois: Kay, you spoke about automatic backups, but what about manual backups? Kay: You can do manual backups using the cloud console, for example, if you want to take a backup say before a major change to make restoring and recovery faster. These manual backups are put in your cloud object storage bucket. 11:20 Nikita: Are there any special instructions that we need to follow when configuring a manual backup? Kay: The manual backup configuration tasks are a one-time operation. Once this is configured, you can go ahead, trigger your manual backup any time you wish after that. When creating the object storage bucket for the manual backups, it is really important-- so I don't want you to forget-- that the name format for the bucket and the object storage follows this naming convention. It should be backup underscore database name. And it's not the display name here when I say database name. 12:00 Kay: In addition to that, the object name has to be all lowercase. So three rules. Backup underscore database name, and the specific database name is not the display name. It has to be in lowercase. Once you've created your object storage bucket to meet these rules, you then go ahead and set a database property. Default_backup_bucket. This points to the object storage URL and it's using the Swift protocol. Once you've got your object storage bucket mapped and you've created your mapping to the object storage location, you then need to go ahead and create a database credential inside your database. You may have already had this in place for other purposes, like maybe you were loading data, you were using Data Pump, et cetera. If you don't, you would need to create this specifically for your manual backups. Once you've done so, you can then go ahead and set your property to that default credential that you created. So once you follow these steps as I pointed out, you only have to do it one time. Once it's configured, you can go ahead and use it from now on for your manual backups. 13:21 Lois: Kay, the last topic I want to talk about before we let you go is Autonomous Data Guard. Can you tell us about it? Kay: Autonomous Data Guard monitors the primary database, in other words, the database that you're using right now. Lois: So, if ADB goes down… Kay: Then the standby instance will automatically become the primary instance. There's no manual intervention required. So failover from the primary database to that standby database I mentioned, it's completely seamless and it doesn't require any additional wallets to be downloaded or any new URLs to access APEX or Oracle Machine Learning. Even Oracle REST Data Services. All the URLs and all the wallets, everything that you need to authenticate, to connect to your database, they all remain the same for you if you have to failover to your standby database. 14:19 Lois: And what happens after a failover occurs? Kay: After performing a failover, a new standby for your primary will automatically be provisioned. So in other words, in performing a failover your standby does become your new primary. Any new standby is made for that primary. I know, it's kind of interesting. So currently, the standby database is created in the same region as the primary database. For better resilience, if your database is provisioned, it would be available on AD1 or Availability Domain 1. My secondary, or my standby, would be provisioned on a different availability domain. 15:10 Nikita: But there's also the possibility of manual failover, right? What are the differences between automatic and manual failover scenarios? When would you recommend using each? Kay: So in the case of the automatic failover scenario following a disastrous situation, if the primary ADB becomes completely unavailable, the switchover button will turn to a failover button. Because remember, this is a disaster. Automatic failover is automatically triggered. There's no user action required. So if you're asleep and something happens, you're protected. There's no user action required, but automatic failover is allowed to succeed only when no data loss will occur. 15:57 Nikita: For manual failover scenarios in the rare case when an automatic failover is unsuccessful, the switchover button will become a failover button and the user can trigger a manual failover should they wish to do so. The system automatically recovers as much data as possible, minimizing any potential data loss. But you can see anywhere from a few seconds or minutes of data loss. Now, you should only perform a manual failover in a true disaster scenario, expecting the fact that a few minutes of potential data loss could occur, to ensure that your database is back online as soon as possible. 16:44 Lois: Thank you so much, Kay. This conversation has been so educational for us. And thank you once again to Hannah and Sean. To learn more about Autonomous Database, head over to mylearn.oracle.com and search for the Oracle Autonomous Database Administration Workshop. Nikita: Thanks for joining us today. In our next episode, we will discuss Autonomous Database on Dedicated Infrastructure. Until then, this is Nikita Abraham… Lois: …and Lois Houston signing off. 17:12 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

2 Tammi 202417min

In today's digital economy, data is a form of capital. Given the mission-critical role that it has, having a robust data management strategy is now more crucial than ever. Join Lois Houston and Nikita Abraham, along with Kay Malcolm, as they talk about the various Oracle Database offerings and discuss how to actually use them to efficiently manage data across a diverse but unified data tier. Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community X (formerly Twitter): https://twitter.com/Oracle_Edu LinkedIn: https://www.linkedin.com/showcase/oracle-university/ Special thanks to Arijit Ghosh, David Wright, Ranbir Singh, and the OU Studio Team for helping us create this episode. -------------------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Lois: Welcome to the Oracle University Podcast. I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Principal Technical Editor. Nikita: Hi there. If you've been following along with us these past few weeks, you'll know we've been revisiting our most popular episodes of the year. Lois: Right, and today's episode is the last one of the Best of 2023 series. It's a throwback to our conversation on Oracle's Data Management strategy and offerings with Kay Malcolm, Senior Director of Database Product Management at Oracle. Nikita: We'd often heard Kay say that Oracle's data management strategy is simply complete and completely simple. And so we began by asking her what she meant by that. 01:09 Kay: It's a fun play on words, right? App development paradigms are in a rapid state of transformation. Modern app development is simplifying and accelerating how you deploy applications. Also simplifying how data models and data analytics are used. Oracle data management embraces modern app development and transformations that go beyond technology changes. It presents a simply complete solution that is completely simple. Immediately you can see benefits of the easiest and most productive platform for developing and running modern app and analytics. 01:54 Kay: Oracle Database is a converged database that provides best of breed support for all different data models and workloads that you need. When you have converged support for application development, you eliminate data fragmentation. You can perform unique queries and transactions that span any data and create value across all data types and build into your applications. 02:24 Nikita: When you say all data types, this can include both structured and unstructured data, right? Kay: This also includes structured and unstructured data. The Oracle converged database has the best of breed for JSON, graph, and text while including other data types, relations, blockchain, spatial, and others. Now that we have the ability to access any data type, we have various workloads and converged data management that supports all modern transactional and analytical workloads. We have the unique ability to run any combination of workloads on any combination of data. Simply complete for analytics means the ability to include all of the transactions, including key value, IoT, or Internet of Things, along with operational data warehouse and lake and machine learning. 03:27 Kay: Oracle's decentralized database architecture makes decentralized apps simple to deploy and operate. This architecture makes it simple to use decentralized app development techniques like coding events, data events, API driven development, low code, and geo distribution. Autonomous Database or ADB now supports the Mongo database API adding more tools for architectural support. Autonomous Database or ADB has a set of automated tools to manage, provision, tune, and patch. It provides solutions for difficult database engineering with auto indexing and partitioning and is elastic. You can automatically scale up or down based on the workload. Autonomous Database is also very productive. It allows for focus on the data for solving business problems. ADB has self-service tools for analytics, data access, and it simplifies these difficult data engineering architectures. 04:43 Lois: OK…so can you tell us about running modern apps and analytics? Kay: Running applications means thinking about all the operational concerns and solving how to support mission-critical applications. Traditionally, this is where Oracle excels with high availability, security, operational solutions that have been proven over the years. Now, having developer tools and the ability to scale and reduce risk simplifies the development process without having to use complex sharding and data protection. Mission-critical capabilities that are needed for the applications are already provided in the functionality of the Oracle Data Management architecture. Disaster recovery, replication, backups, and security are all part of the Oracle Autonomous Database. 05:42 Kay: Even complex business-critical applications are supported by the operational security and availability of Oracle ADB. Transparently, it provides automated solutions for minimizing risk, dealing with complexity, and availability for all applications. Oracle's big picture data management strategy is simply complete and completely simple with the converged database, data management tools, and the best platform. It is focused on providing a platform that allows for modern app development across all data types, workloads, and development styles. It is completely scalable, available, and secure, leveraging the database technologies developed over several years. And it's available consistently across the environment. It is the simplest to use because of the available tools and running completely mission critical applications. 06:50 Nikita: Ah, so that's how we come to… Kay: Simply complete and completely simple. Easy to remember and easy to incorporate into your existing architectures. Lois: OK. So Kay, can you talk a little bit more about Autonomous Database? 07:04 Kay: Let's compare Autonomous Database to how you ran the database on premise. How you ran the database on the cloud using our earlier Cloud Services, Database Cloud Services, and Oracle Exadata Cloud Service. The key thing to understand is Autonomous Database, or ADB, is a fully managed service. We fully manage the infrastructure. We fully manage the database for you. In on premise, you manage everything-- the infrastructure, the database, everything. We also have a service in between that that we call a co-managed service. Here we manage the infrastructure, and you manage the database. That service is important for customers who are not yet up to 19c. Or they might be running a packaged application like E-Business Suite. But for the rest of you, ADB is really the place you want to go. 08:09 Nikita: And why is that? Kay: Because it's fully managed and, because it's fully managed, is a much, much lower cost way to go. So when you talk to your boss about why he wants to move to ADB, they often care about the bottom line. They want to know like, am I going to lower my costs? And with ADB, because we take care of a lot of the tedious chores that DBAs normally have to do and because we take care of best practices, configurations, we can do things at a really low cost. 08:49 Lois: Kay, what does it take for a customer to move to Oracle's Autonomous Database? Kay: We've got a tool that helps you look at your current database on prem. This tool will analyze what features you're using and let you know, hey, you know you're doing something that's not supported for ADB, for example. Like if you're running some release before 19c, we don't support it. If you're doing stuff like putting database tables in the system or sys schema, we don't support it. You know, there are a few things that very few customers do that we don't support. And this tool will flag those for you. And then the next step, it's pretty simple. You just use our Data Pump import/export tool to move your data out of your database on prem into the object store on the Cloud. And then you simply import-- you know how to use Data Pump to import-- the data off the file and the object store into the database. Then you're done. Pretty simple process. 09:57 Nikita: Do we assist our customers with data migration from on-prem to Cloud? Kay: More recently have come out with a new service on our Cloud called the Database Migration Service. With Autonomous Database Migration Service, you can just point us at your source database on prem or even on some other cloud. Whatever it is, we will take care of everything from there and move that, go through all the steps and move your database to ADB on the Cloud. Even better, we now are working with our Applications customers to make it really easy for them to move their packaged applications to Autonomous Database. The Oracle development teams that built JD Edwards, PeopleSoft, Siebel have now all certified that those packaged applications can run with Autonomous Database no problem. Our EBS team is working on it. And that'll be coming soon, sometime next year. 11:02 Lois: So, if I am an Apps customer, is there a special service for me? Kay: We have a fully managed service available on our Cloud that lets you take your entire application stack on the middle tier and the database tier, move it to our Cloud. Move the database part to Autonomous Database. And they will also manage your middle tier for you. 11:32 Want to get the inside scoop on Oracle University? Head on over to the all-new Oracle University Learning Community. Attend exclusive events. Read up on the latest news. Get first-hand access to new products and stay up-to-date with upcoming certification opportunities. If you are already an Oracle MyLearn user, go to MyLearn to join the community. You will need to log in first. If you have not yet accessed Oracle MyLearn, visit mylearn.oracle.com and create an account to get started. Join the community today! 12:11 Nikita: Welcome back! Kay, can you talk a bit about APEX? Kay: We have this great tool called APEX or Application Express. We have a version of Autonomous Database just for any APEX application. Well, APEX is a low-code tool. It is our low-code tool that lets you rapidly build data-driven applications where the data is in the Oracle Database, really easy and really rapidly. We estimate at least 10 times faster than doing traditional coding to build your applications. What we're seeing is much, much higher productivity than that. Sometimes 40, even 50 times faster coding. 13:01 Kay: Out of the box, it comes with really nice tools for building things-- your classical forms and reporting kinds of workloads. It gives you things like faceted search and capabilities to do things like see on an e-commerce website where you get to choose things like dimensions, like I want a product where the cost is in this range. And, you know, it might have some other attributes. And it can very quickly filter that data for you and return the best results. And it's a really nice tool for iterating. Now, if your user interface doesn't look quite right, it's very easy to tweak colors and backgrounds and themes. Another reason it's so productive is that the whole middle tier part of your application is fully automated for you. You don't have to do anything about connection management or state management. You don't have to worry about mapping data types from some other 3GL programming language to data types. All of that is done for you. The combination of ADB and APEX really rocks. 14:17 Lois: Do we have Extract, Transform, and Load capabilities in our ADB? Kay: We have ETL transformation tools. Again, they let you specify transformations in a drag-and-drop fashion on the screen. We have all sorts of other tools and, in the service, the full power of the converged analytic technologies, things like graph analytics, spatial analytics, machine learning. All of this is built into this new platform. Now, a big, new capability around machine learning is something that we call AutoML. That lets any data scientists give us a data set, tell us what the key feature is that they want to analyze, and what the predictions are. And we will come up with a machine learning model for them out of the box. Really that easy. Plus, we have the low-code tool APEX that I mentioned earlier. 15:17 Kay: So this environment is really powerful for doing more than traditional data warehouses. We can build data lakes. We are integrated with the object stores on Oracle Cloud and also on other clouds. And we can do massively parallel querying of data in the core database itself and the data lake. 15:38 Nikita: Beyond the database tech, there's the business side, right? How easy do we make a customer's path to ADB from a business standpoint, a decision-making standpoint? Kay: So if you're an existing Oracle customer, you have an existing Oracle Database license you're using on prem, we have something called BYOL, Bring Your Own License, to OCI. We have the Cloud Lift Service. This huge cloud engineering team across all regions of the world will help you move your existing on-prem database to ADB for free. 16:16 Kay: And then, finally, we announced fairly recently something called the Support Rewards Program. This is something our customers are really excited about. It lets them translate their spending on OCI to a reduction in their support bill. So if you're a customer using OCI, you get a $0.25 to $0.33 reward for every dollar you spend on Oracle's Cloud. You can then take that money from your rewards and apply it to your bill for customer support, for your technology support even, like the database. And this is exactly what customers want as they move their investment to the cloud. They want to lower the costs of paying for their on-prem support. Now, we've talked about money. This lowers costs greatly. So ADB has lots of value. But the big thing I think to think about is really that it lowers costs. It lowers that cost via automation, higher productivity, less downtime, all sorts of areas. 17:22 Lois: You make a very convincing case for ADB, Kay. Kay: ADB is a great place to go. Take those existing Oracle Databases you have. Move and modernize them to a modern cloud infrastructure that's going to give you all the benefits of cloud, including agility and lower cost. So on our Cloud, we have something called the Always Free Autonomous Database Service. This service lets you get your hands on ADB. Try it out for yourself. You don't have to believe what we claim about how great this technology is. And we have other technologies like Live Labs that you can find on developer.oracle.com/livelabs that lets you do all kinds of exercises on this Always Free ADB infrastructure. Really get your hands dirty. And see for yourself how productive it can be. 18:16 Nikita: Thanks, Kay, for telling us about ADB and our database offerings. To learn more about this, head over mylearn.oracle.com, create a profile if you don't already have one, and get started on our free Oracle Cloud Data Management Foundations Workshop. Lois: We hope you've enjoyed revisiting some of our most popular episodes these past few weeks. We're kicking off the new year with a new season of the Oracle University Podcast. And this time around, it'll be on Oracle Autonomous Database so make sure you don't miss it. Until next week, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 18:52 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

26 Joulu 202319min

In this episode, Lois Houston and Nikita Abraham, along with Rohit Rahi, look at two important services that Oracle Cloud Infrastructure provides: Compute and Load Balancing. They also discuss the basics of instances. Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community X (formerly Twitter): https://twitter.com/Oracle_Edu LinkedIn: https://www.linkedin.com/showcase/oracle-university/ Special thanks to Arijit Ghosh, Kiran BR, David Wright, the OU Podcast Team, and the OU Studio Team for helping us create this episode. -------------------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Nikita: Hello and welcome to the Oracle University Podcast. I'm Nikita Abraham, Principal Technical Editor with Oracle University, and with me is Lois Houston, Director of Innovation Programs. Lois: Hi there. You're listening to our Best of 2023 series, where over the last few weeks, we've been revisiting our most popular episodes of the year. 00:47 Nikita: In today's episode, which is #5 of 6, we'll listen in to a conversation Lois and I had earlier this year with Rohit Rahi, Vice President of CSS OU Cloud Delivery, on OCI Compute and Load Balancing. We began by asking Rohit why one would use Load Balancer. Lois: So let's get right to it! 01:06 Rohit: You would use Load Balancer to achieve high availability and also achieve scalability. So typically the way Load Balancer works is, they're also referred to as Reverse Proxies, you would have a Load Balancer, which would be used accessed by multiple clients, various clients. And these clients would hit the Load Balancer, and the Load Balancer would proxy that traffic to the various backend servers. So in this way, it not only protects the various backend servers, but also provides high availability. In case a particular backend server is not available, the application can still be up and running. And then it also provides scalability because if lots of clients start hitting the Load Balancer, you could easily add more backend servers. And there are several other advanced capabilities like SSL termination and SSL passthrough and a lot of other advanced features. So the first type of Load Balancer we have in OCI is a layer 7 Load Balancer. Layer 7 basically means it understands HTTP and HTTPS. That's the OSI model. And then there are various capabilities available here. 02:13 Nikita: The Load Balancer comes in two different shapes, right? Can you tell us a little about that? Rohit: One is called a flexible shape where you define the minimum and the maximum and you define the range. And your Load Balancer can achieve any kind of-- support any kind of traffic in that particular range, going from 10 Mbps all the way to 8 Gbps. The second kind of shape is called dynamic where you predefine the shapes. So you have micro, small, medium, large, and you predefine the shape. And you don't have to warm up your Load Balancer. If the traffic comes to that particular shape, the Load Balancer automatically scales. 02:53 Rohit: You can always do a public and a private Load Balancer. Public means Load Balancer is available on the web. Private means your multiple tiers, like a web tier, can talk to your database tier and balance the traffic between them, but both tiers don't have to be public. A Load Balancer is highly available, highly scalable by design. 03:12 Lois: And what about the second type of Load Balancer? Rohit: The second kind of Load Balancer we have in OCI is called the Network Load Balancer. And as the name specify, Network Load Balancer operates at layer 4, layer 3, and layer 4 so it understands TCP, UDP, also supports ICMP. Again, like HTTP Load Balancer, it has both public and a private option, so you could create a public Network Load Balancer or a private Network Load Balancer. It's highly available, highly scalable, all those features are supported. 03:42 Nikita: Now, why would you use Network Load Balancer over an HTTP Load Balancer? Rohit: The primary reason you would use it is it's much faster than HTTP Load Balancer. It has much lower latency. So if performance is a key criteria for you, go with Network Load Balancer. On the contrary, the HTTP Load Balancer has higher level intelligence because it can look at the packets, it can inspect the packets, and it gets that intelligence. So if you're looking for that kind of routing intelligence, then go with HTTP Load Balancer. 04:15 Rohit: So OCI Compute service provides you virtual machines and bare metal servers to meet your compute and application requirements. The three defining characteristics of this service include this scalability, high performance, and lower pricing. So the first thing in the OCI Compute service is you have this notion of flexible shape. What does it mean? Well, it means you could choose your own course, your CPU processors, and you could also choose your own memory. Literally, there are thousands and thousands of configurations you can choose from. 04:49 Lois: But what's the use of doing this? Rohit: The use of doing this is you could select the right machine type by using our flexible shapes. And in the cloud, there's this notion of T-shirt sizing. So you have a small, medium, large kind of shapes, and your application has to fit those shapes. And sometimes you overprovision or underprovision, and you have to go through that painful process of changing your machine types. We hope with this flexible shapes, you don't have to do that. 05:20 Rohit: If you still want to use the traditional approach, we have virtual machines, we have bare metal servers, and we have dedicated host. And you could use either one of them or all of them. And bare metal servers basically means you get a full machine, a full server which is completely dedicated to you. Dedicated host basically means that you get a full dedicated bare metal machine. But on top of that, you could run virtual machines. Not only this, but OCI is only one of the two cloud providers to provide you options on processors. So you can run AMD-based instances, you could run Intel-based instances, and you could also run Arm-based instances-- are really a powerful thing for mobile computing. The phones you are using today are probably running on Arm processors. Now, Arm is coming into the data centers. 06:16 Have something interesting to share with the Oracle University Learning Community? Present your topic at an exclusive community event. Help yourself by helping others. Start building your reputation and personal brand today. If you are already an Oracle MyLearn user, go to MyLearn to join the community. You will need to log in first. If you have not yet accessed Oracle MyLearn, visit mylearn.oracle.com and create an account to get started. 06:48 Nikita: What can you tell us about the pricing of this, Rohit? Rohit: On the pricing side, the service implements pay-as-you-go pricing. We are 50% cheaper than any other cloud out there, just to begin with. And not only that, you could use something like a Preemptable VMs to reduce your cost by more than 50% from your regular instances. Preemptable VMs are low cost, short lived VMs suited for batch jobs and fault tolerant workloads. These are similar to regular instances, but priced 50% lower. So you can use them to reduce your cost further. So when we say an instance, what we mean is a compute host. And it has several dependencies. So let's look at them. 07:31 Rohit: So you have an Oracle Cloud region here. A region is comprised of multiple ADs. An AD is nothing but a data center. The first dependency the compute service has or compute hosts have is on Virtual Cloud Network. So in order to spin up a compute instance, you need a Virtual Cloud Network. You have a network divided into smaller portions called subnets. So you have a subnetwork here, and you need to create these before you can spin up a compute host. 08:00 Rohit: Now you can spin up a compute host. It's a physical construct. Networking is a virtual construct. So how are they related? Within a compute host, you have a physical network interface card, and you virtualize that card. We give you this virtual NIC. And that virtual NIC is placed inside the subnet. And that's the association for the compute host. And that's where the private IP for the compute host comes from, because every compute host or VM you are running, or a bare metal machine, has a private IP address. Now, there is another set of dependency the compute instances have, and that's to the boot volume and the boot disk and the block volumes. 08:42 Lois: What does that mean, exactly? Rohit: Well, each of these compute hosts you are spinning up has an operating system. And the image that's used to launch an instance determines its operating system and other software. So you have this concept of an image that comes from this network storage disk called a boot disk. So it doesn't stay on the compute host, it's actually living on the network somewhere. And you also have data, like file systems, etc. You're working on the compute instances. They also live on the network. So there is the data disks and operating system disks together. There's a service called block volume service which the compute host uses to run its operating system and run its data disks. Now, these are remote storage. 09:33 Rohit: There is one more feature which is really relevant when you are talking about compute instances, and that's live migration. We know that computers fail all the time. So how do we make sure that whatever compute host you are running is always up and running, itself? So we have this feature called live migrate. And the idea here is if one of the compute hosts goes down, there's a problem, we would migrate your VM to another host in our data center, and it will be transparent to you. There are multiple options you provide-- whether opt-in or opt-out-- you can choose from. But the idea is we migrate your virtual machines so you can live-migrate between hosts without rebooting. This keeps your applications running even during maintenance events. To achieve this in your own data centers is a not-so-trivial task, but we make that seamless within OCI. 10:22 Nikita: Thanks for that, Rohit. To learn more about OCI, please visit mylearn.oracle.com, create a profile if you don't already have one, and get started on our free OCI Foundations training. Lois: You will find skill checks that you can take throughout the course to ensure that you are on the right track. Nikita: We hope you enjoyed that conversation. Join us next week for our final throwback episode. Until then, this is Nikita Abraham... Lois: And Lois Houston, signing off! 10:54 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

19 Joulu 202311min

When you work with Oracle Cloud Infrastructure, one of the first steps is to set up a virtual cloud network (VCN) for your cloud resources. In this episode, Lois Houston and Nikita Abraham, along with Rohit Rahi, discuss Oracle's Virtual Cloud Network, VCN routing, and security. Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community X (formerly Twitter): https://twitter.com/Oracle_Edu LinkedIn: https://www.linkedin.com/showcase/oracle-university/ Special thanks to Arijit Ghosh, Kiran BR, Rashmi Panda, David Wright, the OU Podcast Team, and the OU Studio Team for helping us create this episode. --------------------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Lois: Hello and welcome to the Oracle University Podcast. I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Principal Technical Editor. Nikita: Hi everyone. We hope you've been enjoying these last few weeks as we've been revisiting our most popular episodes of the year. 00:47 Lois: Today's episode is the fourth of six we'll have in this series and it's a throwback to a conversation with Rohit Rahi, our Vice President of CSS OU Cloud Delivery, talking about Networking in OCI. We began by asking Rohit to explain what a Virtual Cloud Network is. Let's listen in. 01:06 Rohit: At its core, it's a private software defined network you create in Oracle Cloud. It's used for secure communication. Whether instances talking to each other, instances talking to on-premises environments, or instances talking to other instances in different regions, you would use Virtual Cloud Network. It lives in an OCI region. Like we said, it's a regional service. It's highly available, massively scalable, and secure. And we take care of these things for you. So before we dive deep into the VCN and all the characteristics and all the features it has, let's look at some of the basic stuff. 01:44 Rohit: So the first thing is VCN has an address space. In this case, you see this address space is denoted in a CIDR notation. CIDR stands for classless interdomain routing. The VCN has an IP addressing range. And what that means is you have an address range. You take that range. And you can break it down into smaller networks which are called subnetworks. And these subnetworks are where you would instantiate your compute instances. 02:16 Nikita: And what can you tell us about the different mechanisms that exist inside a VCN? Rohit: So first, there is a notion of internet gateway. This is a gateway which is massively scalable, highly available, and is used for communication to anything on the internet. So if you have a web server which wants to talk to other websites on the web being able to be accessed publicly, you would use an internet gateway. So going to the internet and coming back from the internet. You also have this highly available, massively scalable router called NAT gateway. And it is used for providing NAT as a service. 02:53 Rohit: So what this means is the traffic is unidirectional. It can go from your private subnets to the internet. But users from the internet cannot use the NAT gateway to reach your instances running in a private subnet. So the idea with the NAT gateway is to enable outbound communication to the internet, but block inbound communications or connections initiated from the internet. Then we have another router which is called Service Gateway. And the idea is it lets resources in VCN access public OCI services such as object storage, but without using an internet or NAT gateway. So these are the three scenarios-- Internet gateway for internet, NAT gateway also for internet but unidirectional, and Service gateway for accessing OCI public services, which are available on the internet but accessing them in a secure manner. And then the other construct is called Dynamic Routing Gateway. This is a virtual router that provides a path for private traffic between your VCN and destinations other than the internet. 04:00 Lois: So what can these destinations be? Rohit: Well, this can be your on-premises environment. VCN uses route tables to send traffic out of the VCN to the internet, to on-premises networks, or to peered VCN, and we look at each of these scenarios. Route tables consist of a set of route rules. Each rule specifies a destination CIDR block and a route target. Think about route target as the next hop for the traffic that matches that destination CIDR block. Now, one thing to keep in mind is traffic within the VCN subnet is automatically handled by the VCN local routing. 04:44 Lois: Want to get the inside scoop on Oracle University? Head on over to the all-new Oracle University Learning Community. Attend exclusive events. Read up on the latest news. Get first-hand access to new products and stay up-to-date with upcoming certification opportunities. If you are already an Oracle MyLearn user, go to MyLearn to join the Community. You will need to log in first. If you have not yet accessed Oracle MyLearn, visit mylearn.oracle.com and create an account to get started. Join the Community today! 05:20 Nikita: Getting back to our discussion… if you have multiple networks, how do they talk to each other? Rohit: So there are two scenarios which are possible here. If the networks are within the same OCI region, they can talk to each other through a mechanism called local peering. If the two networks are in two different OCI data center regions, then you have the same concept, a similar concept, but it's a remote peering now. And instead of using local peering, now you're using the Dynamic Routing Gateways. Remember we talked about Dynamic Routing Gateways used for on-premises communication, anything which is not for internet. So this is also a use case for Dynamic Routing Gateway enabling communication between networks in different regions. 06:05 Rohit: So within VCN, you have this concept of security list. Think about security list as firewall rules associated with a subnet and applied to all instances inside the subnet. So what does it look like? The security list consists of rules that specify the type of traffic allowed in or out of the subnet. This applies to a given instance, whether it is talking with another instance in the VCN or a host outside the VCN. There's also another concept, which is called network security groups, or NSG. These are very similar construct as security list, but the key difference is these apply only to a set of virtual network interface cards in a single VCN. And another big difference here is NSGs can be the source or destination in the rules. Contrast this with the security list rules where you specify a CIDR, only a CIDR, as the source or destination. 07:06 Lois: Thanks for that, Rohit. To learn more about OCI, please visit mylearn.oracle.com, create a profile if you don't already have one, and get started learning on our free OCI Foundations training. Nikita: You can also practice what you learn in a safe environment with our hands-on labs, without the anxiety of working in a live environment. 07:27 Nikita: We hope you enjoyed that conversation. Join us next week for another throwback episode. Until then, this is Nikita Abraham... Lois: And Lois Houston, signing off! 07:37 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

12 Joulu 20238min

Data breaches occur more often than we'd like them to. As businesses embrace remote work practices, IT resources are more at risk than ever before. Oracle Identity and Access Management (IAM) is an essential tool for protecting enterprise resources against cybersecurity threats. Join Lois Houston and Nikita Abraham, along with Rohit Rahi, as they examine IAM and the key aspects of this service, and discuss how you can control who has access to your resources. Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community X (formerly Twitter): https://twitter.com/Oracle_Edu LinkedIn: https://www.linkedin.com/showcase/oracle-university/ Special thanks to Arijit Ghosh, Kiran BR, Rashmi Panda, David Wright, the OU Podcast Team, and the OU Studio Team for helping us create this episode. -------------------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Nikita: Hello and welcome to the Oracle University Podcast. I'm Nikita Abraham, Principal Technical Editor with Oracle University, and with me is Lois Houston, Director of Innovation Programs. Lois: Hi everyone. Thanks for joining us for this Best of 2023 series, where we're playing you six of our most popular episodes of the year. 00:47 Nikita: Today's episode is #3 of 6 and is a throwback to a conversation with Rohit Rahi, Vice President of CSS OU Cloud Delivery, on Identity and Access Management, which is one of OCI's top security features. So, let's get straight into it. 01:03 Rohit: IAM stands for Identity and Access Management service. It's also sometimes referred to as fine-grained access control or role-based access control service. There are two key aspects to this service. The first one is called authentication, or also referred to as AuthN. And the second aspect is referred to as authorization or also referred to as AuthZ. Authentication has to deal with identity or who someone is, while authorization has to deal with permission or what someone is allowed to do. 01:37 Rohit: So basically what the service ensures is making sure that a person is who they claim to be. And as far as authorization is concerned, what the service does is it allows a user to be assigned one or more pre-determined roles, and each roles comes with a set of permissions. Now, there are various concepts which are part of this service or various features which are part of this service, starting with identity domains, principles, groups, dynamic groups, compartments, et cetera. Now identity domains is basically a container for your users and groups. So think about this as a construct which represents a user population in OCI and the associated configurations and security settings. 02:30 Lois: So, how does this work in practice? Rohit: Well, what we do first is we create an identity domain, and then we create users and groups within that identity domain. And then we write policies against those groups, and policies are scoped to a tenancy, an account, or a compartment. And of course, the resources are available within a compartment. And again, compartment is kind of a logical isolation for resources. So this is how the whole service works. 03:03 Rohit: And users and the groups, authentication is done by common mechanisms like username and password, and policies is basically where you provide this role-based access control. So you put these groups in one of the pre-determined roles, and then you assign some permissions against those roles. So this is how the service works in a nutshell. Now anything you create in the cloud, all these objects, whether it's a block storage, it's a compute instance, it's a file storage, it's a database, these are all resources. And if these things are resources, there has to be a unique identifier for these resources, else how are you going to operate on these resources? So what OCI does is it provides its own assigned identifier, which is called Oracle Cloud ID, OCID. You don't have to provide this. We do this automatically for all the resources. 04:02 Nikita: Thanks for that rundown, Rohit. Another feature of OCI is compartments, right? Can you tell us a bit about compartments? Rohit: When you open an account in OCI, you get a tenancy. That's another fancy name for an account. And we also give you a Root Compartment. So think of Root Compartment as this logical construct where you can keep all of your cloud resources. And then what you could do is, you could create your own individual compartments. And the idea is, you create these for isolation and controlling access. And you could keep a collection of related resources in specific compartments. So the network resource has-- a network compartment has network resources, and storage compartment has storage resources. 04:46 Rohit: Now, keep in mind, Root Compartment, as I said earlier, can hold all of the cloud resources. So it can be sort of a kitchen sink. You could put everything in there. But the best practice is to create dedicated compartments to isolate resources. You will see why. Let me just explain. So first thing is, each resource you create belongs to a single compartment. So you create a virtual machine, for example. It goes to Compartment A. It cannot go to Compartment B again. You have to move it from Compartment A, or delete, and re-create in Compartment B. Keep in mind, each resource belongs to a single compartment. 05:21 Rohit: Why you use compartments in the first place is for controlling access and isolation. So the way you do that is, you have the resources, let's say in this case a block storage, kept in Compartment A. You don't want those to be used by everyone. You want those to be used only by the compute admins and storage admins. So you create those admins as users and groups, write these policies, and they can access these resources in this compartment. So it's very important. Do not put all of your resources in the Root Compartment. Create resource-specific compartments, or whichever way you want to divide your tenancies, and put resources accordingly. 06:00 Lois: Now, how do resources interact if they are in different compartments? Do they all have to be in the same compartment? Rohit: Absolutely not! Resources in one compartment can interact with the resource in another compartment. Here, the Virtual Cloud Network is-- the compute instance uses the Virtual Cloud Network, but these are in two different compartments. So this is absolutely supported. And it keeps your design much cleaner. Keep in mind that resources can also be moved from one compartment to another. So in this example, Compartment A had a virtual machine. We can move that from Compartment A to Compartment B. Another concept, which is very important to grasp is the compartments are global constructs, like everything in identity. So resources from multiple regions can be in the same compartment. So when you go to Phoenix, you see this compartment existing. You go to Ashburn, you see the same compartment. 06:55 Rohit: Now, you can write policies to prevent users from accessing resources in a specific region. You could do that. But keep in mind, all the compartments you create are global, and they are available in every region you have access to. Compartments can also be nested. So you have up to six levels nesting provided by compartments. You would do this again because this can mimic your current design, whether it's your organizational design or whether it's your ID hierarchy. You could create nested compartments. It just helps keep your design cleaner. 07:32 Rohit: And then, finally, you could set quotas and budgets on compartments. So you could say that, my particular compartment, you cannot create a bare metal machine. Or you cannot create an Exadata resource. So you could control it like that. And then you could also create budgets on compartments. So you could say that, if the usage in a particular compartment goes beyond $1,000, you'd get flagged, and you get notified. So you could do that. So that's compartments for you. It's a very unique feature within OCI. We believe it helps keep your tenancies much better organized. And it really supports your current ID hierarchy and design. 08:12 Boosting your professional reputation is now easier than ever. Oracle University Learning Community is a collaborative, dynamic community that gives you the power to create your own personal brand. Achieve champion levels and acquire badges. Get inducted into the Hall of Fame. Become a thought leader. If you are already an Oracle MyLearn user, go to MyLearn to join the community. You will need to log in first. If you have not yet accessed Oracle MyLearn, visit mylearn.oracle.com and create an account to get started. 08:53 Nikita: Welcome back! So Rohit, can you tell us a little bit about principals? Rohit: A principal is an IAM entity that is allowed to interact with OCI resources. There are two kinds of principals primarily in OCI. One is your users. Think about people who are logging on to your console or using your CLI or SDKs, users… human beings actually using your cloud resources. And then the resources themselves can be principals. So a good example of a resource principal is an instance principal which is actually an instance which becomes a principal, which means that it can make API calls against other OCI services like storage. 09:34 Rohit: Also, when we talk about principles we have groups. And groups are basically collection of users who have the same type of access requirements to resources. So you can have a storage admin group where you could group all the human beings who are storage administrators and so on and so forth. So let's look at some of the details, starting with authentication. Authentication is sometimes also referred to as AuthN. Authentication is basically figuring out are you who you say you are. And the easiest way to understand this is all of us deal with this on everyday basis. When you go to our website and you provide your username and password to access some of the content, you are being authenticated. 10:15 Rohit: There are other ways to do authentication. The one common for cloud is API Signing Keys. So when you are making API calls, whether you're using the SDK or the CLI, you would use the API Signing Keys which use a public private key pair to sign these APIs calls and authenticate these APIs calls. It uses an RSA key pair, with both a public key and a private key. There is also a third way to do authentication, and that's based on authentication tokens. And these are Oracle-generated token strings. And the idea here is you can authenticate third-party APIs which don't support OCI authentication model. 10:56 Lois: So, then, what are authorizations? Rohit: So authorization deals with permissions and figuring out what permissions do you have. In OCI, authorization is done through what we call as IAM policies. And policies, think about these as human readable statements to define granular permissions. Remember, policies can be attached to a compartment or they could be attached to a tenancy. If they're attached to a tenancy, it applies to everything within that tenancy. If it's applied to a compartment, it applies to only the resources within that compartment. 11:33 Rohit: The syntax is always you have to start with an allow. Everything is denied by default, so you don't really have to write a deny statement. So you say allow group_name. A group is basically a collection of users. So you cannot write a policy on individual users, you always operate at a group level. To do something, there's a verb. On some resources, there's a resource-type and there's a location. Location can be a tenancy. Location can be a compartment. And you can make these policies really complex with adding conditions. So just to give you an idea of what the verbs might look like. There are four levels of verb. There is a manage, there's a use, there's a read, and there's a inspect. And as you go down, these become additive. 12:17 Rohit: So manage basically means you can manage your resources, use basically means you can read but you could not do things like update and delete and so on and so forth. And you can read more on the documentation. Resource type basically can be all resources, meaning everything in your account, or it could be compute resources, database resources, whatnot, all the resources you have. Now, you could operate at a family level, which is meaning all the entities within that resource family, or you could even go very granular. So you could say that in compute, I just want somebody to operate on the instances, but not work on the instance images. So you could actually do that. So this is how you would write a policy. 12:58 Nikita: For more on OCI, please visit mylearn.oracle.com, create a profile if you don't already have one, and get started on our free training on OCI Foundations. Taking this training will help you advance and future-proof your career and prepare you for our OCI Foundations Associate exam. Nikita: We hope you enjoyed that conversation. Join us next week for another throwback episode. Until then, this is Nikita Abraham... Lois: And Lois Houston, signing off! 13:27 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

5 Joulu 202313min

Oracle's next-gen cloud platform, Oracle Cloud Infrastructure, has been helping thousands of companies and millions of users run their entire application portfolio in the cloud. Today, the demand for OCI expertise is growing rapidly. Join Lois Houston and Nikita Abraham, along with Rohit Rahi, as they peel back the layers of OCI to discover why it is one of the world's fastest-growing cloud platforms. Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X (formerly Twitter): https://twitter.com/Oracle_Edu Special thanks to Arijit Ghosh, Kiran BR, Rashmi Panda, David Wright, the OU Podcast Team, and the OU Studio Team for helping us create this episode. ------------------------------------------------------ Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Lois: Welcome to the Oracle University Podcast. I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me today is Nikita Abraham, Principal Technical Editor. Nikita: Hi there! You're listening to our Best of 2023 series, where over the next few weeks, we'll be revisiting six of our most popular episodes of the year. 00:47 Lois: Today is episode 2 of 6, and we're throwing it back to our very first episode of the Oracle University Podcast. It was a conversation that Niki and I had with Rohit Rahi, Vice President, CSS OU Cloud Delivery. During this episode, we discussed Oracle Cloud Infrastructure's core coverage on different tiers. Nikita: But we began by asking Rohit to explain what OCI is and tell us about its key components. So, let's jump right in. 01:14 Rohit: Some of the world's largest enterprises are running their mission-critical workloads on Oracle's next generation cloud platform called Oracle Cloud Infrastructure. To keep things simple, let us break them down into seven major categories: Core Infrastructure, Database Services, Data and AI, Analytics, Governance and Administration, Developer Services, and Application Services. But first, the foundation of any cloud platform is the global footprint of regions. We have many generally available regions in the world, along with multi-cloud support with Microsoft Azure and a differentiated hybrid offering called Dedicated Region Cloud@Customer. 01:57 Rohit: We have building blocks on top of this global footprint, the seven categories we just mentioned. At the very bottom, we have the core primitives: compute, storage, and networking. Compute services cover virtual machines, bare metal servers, containers, a managed Kubernetes service, and a managed VMWare service. These services are primarily for performing calculations, executing logic, and running applications. Cloud storage includes disks attached to virtual machines, file storage, object storage, archive storage, and data migration services. 02:35 Lois: That's quite a wide range of storage services. So Rohit, we all know that networking plays an important role in connecting different services. These days, data is growing in size and complexity, and there is a huge demand for a scalable and secure approach to store data. In this context, can you tell us more about the services available in OCI that are related to networking, database, governance, and administration? 03:01 Rohit: Networking features let you set up software defined private networks in Oracle Cloud. OCI provides the broadest and deepest set of networking services with the highest reliability, most security features, and highest performance. Then we have database services, we have multiple flavors of database services, both Oracle and open source. We are the only cloud that runs Autonomous Databases and multiple flavors of it, including OLTP, OLAP, and JSON. And then you can run databases and virtual machines, bare metal servers, or even Exadata in the cloud. You can also run open source databases, such as MySQL and NoSQL in the Oracle Cloud Infrastructure. 03:45 Rohit: Data and AI Services, we have a managed Apache Spark service called Dataflow, a managed service for tracking data artifacts across OCI called Data Catalog, and a managed service for data ingestion and ETL called Data Integration. We also have a managed data science platform for machine learning models and training. We also have a managed Apache Kafka service for event streaming use cases. Then we have Governance and Administration services. These services include security, identity, and observability and management. We have unique features like compartments that make it operationally easier to manage large and complex environments. Security is integrated into every aspect of OCI, whether it's automatic detection or remediation, what we typically refer as Cloud Security Posture Management, robust network protection or encryption by default. We have an integrated observability and management platform with features like logging, logging analytics, and Application Performance Management and much more. 04:55 Nikita: That's so fascinating, Rohit. And is there a service that OCI provides to ease the software development process? Rohit: We have a managed low code service called APEX, several other developer services, and a managed Terraform service called Resource Manager. For analytics, we have a managed analytics service called Oracle Analytics Cloud that integrates with various third-party solutions. Under Application services, we have a managed serverless offering, call functions, and API gateway and an Events Service to help you create microservices and event driven architectures. 05:35 Rohit: We have a comprehensive connected SaaS suite across your entire business, finance, human resources, supply chain, manufacturing, advertising, sales, customer service, and marketing all running on OCI. That's a long list. And these seven categories and the services mentioned represent just a small fraction of more than 80 services currently available in OCI. Fortunately, it is quick and easy to try out a new service using our industry-leading Free Tier account. We are the first cloud to offer a server for just a penny per core hour. Whether you're starting with Oracle Cloud Infrastructure or migrating your entire data set into it, we can support you in your journey to the cloud. 06:28 Have an idea and want a platform to share your technical expertise? Head over to the new Oracle University Learning Community. Drive intellectual, free-flowing conversations with your peers. Listen to experts and learn new skills. If you are already an Oracle MyLearn user, go to MyLearn to join the Community. You will need to log in first. If you have not yet accessed Oracle MyLearn, visit mylearn.oracle.com and create an account to get started. Join the conversation today! 07:04 Nikita: Welcome back! Now let's listen to Rohit explain the core constructs of OCI's physical architecture, starting with regions. Rohit: Region is a localized geographic area comprising of one or more availability domains. Availability domains are one or more fault tolerant data centers located within a region, but connected to each other by a low latency, high bandwidth network. Fault domains is a grouping of hardware and infrastructure within an availability domain to provide anti-affinity. So think about these as logical data centers. Today OCI has a massive geographic footprint around the world with multiple regions across the world. And we also have a multi-cloud partnership with Microsoft Azure. And we have a differentiated hybrid cloud offering called Dedicated Region Cloud@Customer. 08:02 Lois: But before we dive into the physical architecture, can you tell us…how does one actually choose a region? Rohit: Choosing a region, you choose a region closest to your users for lowest latency and highest performance. So that's a key criteria. The second key criteria is data residency and compliance requirements. Many countries have strict data residency requirements, and you have to comply to them. And so you choose a region based on these compliance requirements. 08:31 Rohit: The third key criteria is service availability. New cloud services are made available based on regional demand at times, regulatory compliance reasons, and resource availability, and several other factors. Keep these three criteria in mind when choosing a region. So let's look at each of these in a little bit more detail. Availability domain. Availability domains are isolated from each other, fault tolerant, and very unlikely to fail simultaneously. Because availability domains do not share physical infrastructure, such as power or cooling or the internal network, a failure that impacts one availability domain is unlikely to impact the availability of others. A particular region has three availability domains. One availability domain has some kind of an outage, is not available. But the other two availability domains are still up and running. 09:26 Rohit: We talked about fault domains a little bit earlier. What are fault domains? Think about each availability domain has three fault domains. So think about fault domains as logical data centers within availability domain. We have three availability domains, and each of them has three fault domains. So the idea is you put the resources in different fault domains, and they don't share a single point of hardware failure, like physical servers, physical rack, top of rack switches, a power distribution unit. You can get high availability by leveraging fault domains. We also leverage fault domains for our own services. So in any region, resources in at most one fault domain are being actively changed at any point in time. This means that availability problems caused by change procedures are isolated at the fault domain level. And moreover, you can control the placement of your compute or database instances to fault domain at instance launch time. So you can specify which fault domain you want to use. 10:29 Nikita: So then, what's the general guidance for OCI users? Rohit: The general guidance is we have these constructs, like fault domains and availability domains to help you avoid single points of failure. We do that on our own. So we make sure that the servers, the top of rack switch, all are redundant. So you don't have hardware failures or we try to minimize those hardware failures as much as possible. You need to do the same when you are designing your own architecture. So let's look at an example. You have a region. You have an availability domain. And as we said, one AD has three fault domains, so you see those fault domains here. 11:08 Rohit: So first thing you do is when you create an application you create this software-defined virtual network. And then let's say it's a very simple application. You have an application tier. You have a database tier. So first thing you could do is you could run multiple copies of your application. So you have an application tier which is replicated across fault domains. And then you have a database, which is also replicated across fault domains. 11:34 Lois: What's the benefit of this replication, Rohit? Rohit: Well, it gives you that extra layer of redundancy. So something happens to a fault domain, your application is still up and running. Now, to take it to the next step, you could replicate the same design in another availability domain. So you could have two copies of your application running. And you can have two copies of your database running. 11:57 Now, one thing which will come up is how do you make sure your data is synchronized between these copies? And so you could use various technologies like Oracle Data Guard to make sure that your primary and standby-- the data is kept in sync here. And so that-- you can design your application-- your architectures like these to avoid single points of failure. Even for regions where we have a single availability domain, you could still leverage fault domain construct to achieve high availability and avoid single points of failure. 12:31 Nikita: Thank you, Rohit, for taking us through OCI at a high level. Lois: For a more detailed explanation of OCI, please visit mylearn.oracle.com, create a profile if you don't already have one, and get started on our free training on OCI Foundations. Nikita: We hope you enjoyed that conversation. Join us next week for another throwback episode. Until then, this is Nikita Abraham... Lois: And Lois Houston, signing off! 12:57 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

28 Marras 202313min

Sergio Castro joins Lois Houston and Nikita Abraham to explore multicloud, some of its use cases, and the reasons why many businesses are embracing this strategy.   A-Team Chronicles: https://www.ateam-oracle.com/ Oracle University Blog: https://blogs.oracle.com/oracleuniversity/ Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community X (formerly Twitter): https://twitter.com/Oracle_Edu LinkedIn: https://www.linkedin.com/showcase/oracle-university/   Special thanks to Arijit Ghosh, David Wright, the OU Podcast Team, and the OU Studio Team for helping us create this episode.   --------------------------------------------------------   Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Principal Technical Editor with Oracle University, and with me is Lois Houston, Director of Innovation Programs. Lois: Hi there! If you've been following along with us, you'll know we just completed our first three seasons of the Oracle University Podcast. We've had such a great time exploring OCI, Data Management, and Cloud Applications business processes. And we've had some pretty awesome special guests, too. 00:56 Nikita: Yeah, it's been so great having them on and so educational so do check out those episodes if you missed any of them.  Lois: As we close out the year, we thought this would be a good time to revisit some of our most popular episodes with you. Over the next few weeks, you'll be able to listen to six of our most popular episodes from this year.  Nikita: Right, this is the best of the best–according to you–our listeners.   01:20 Lois: Today's episode is #1 of 6 and is a throwback to a discussion with our Principal OCI Instructor Sergio Castro on multi-cloud. Keep in mind that this chat took place before the release of Oracle University's course and certification on multi-cloud. It's available now on mylearn.oracle.com so if it interests you, you should go check it out. Nikita: We began by asking Sergio to help us with the basics and explain what multi-cloud is. So, let's dive right in. Here we go! 01:51 Sergio: Good question. So multi-cloud is leveraging the best offering of two or more cloud service providers. This as a strategy for an IT solution. And Oracle embraces multi-cloud. This strategy was clearly communicated during Open World in Las Vegas last year. We even had demos where OCI presenters opened the cloud Graphic User Interface of other providers during our live sessions. So the concise answer to the question is multi-cloud is two or more cloud vendors providing a consolidated solution to a customer.  02:29 Nikita: So, would an example of this be when a customer uses OCI and Azure? Sergio: Absolutely. Yes, exactly. That's what it is. We can say that our official multi-cloud approach started with the interconnect agreement with Azure. But customers, they have already been leveraging our FastConnect partners for interconnecting with other cloud providers. The interconnect agreement with Azure just made it easier. Oracle tools such as Oracle Integration and Golden Gate have been multi-cloud ready even prior to our official announcement. And if you look at the Oracle's document... the documents from Oracle, you can find VPN access to other cloud providers, but we can talk about that shortly. 03:16 Nikita: OK. So, why would organizations use a multi-cloud strategy? What do they gain by doing that? Sergio: Oh, there are many reasons why organizations might want to use a multi-cloud strategy. For example, a customer might want to have vendor redundancy. Having the application running with one vendor and having the other vendor just stand by in case something goes wrong with that cloud provider. So it is best practices not to rely on just one cloud service provider. Another customer might want to have the application with one tier or the application tier with one cloud provider and their database tier with another cloud provider. 03:53 Sergio: So this is a solution leveraging the best to cloud providers. Another company or another reason might be a company acquired another one, you know purchasing a second company, and they have different cloud providers and they just want to integrate their cloud resources. So every single cloud provider offer unique solutions and customers want to leverage these strong points. For example, we all know that AWS was the first infrastructure access service provider, and the industry adopted them. Then other players came along like OCI and customers realized that there are better and less expensive options that now they can take advantage of. So cloud migration is another reason why multi-cloud interconnectivity is needed. 04:42 Lois: Wow! There really are a lot of different use cases for multi-cloud. Sergio: Yeah, absolutely. There is, Lois. So Golden Gate, for example, this is an Oracle product. Oracle Golden Gate allows replication from two different databases. So if a customer wants to replicate the Oracle Database in OCI, in Oracle Cloud Infrastructure, to a SQL server in Azure, this is possible. And now there's an OCI to Azure interconnect (live) and it can facilitate this, this database replication. And if a start-up needs to communicate OCI to Google Cloud Platform, for example, but a digital circuit is not economically viable, then we have published step-by-step configuration instructions for site-to-site VPN, and this includes all the steps on the Google Cloud Platform as well. So these are some of the different use cases. 05:37 Lois: So, what should you keep in mind when you're designing a multi-cloud solution? Sergio: The first thing that comes to mind is business continuity. It is very important to have High Availability and Disaster Recovery strategies. This to keep the lights on and focus on the organization's current technology, the organization's current needs, the company's vision, and the offering from the cloud service providers out there. The current offerings that each cloud service provider brings to this company. For example, if an organization's on-premises, current deployment consists of Microsoft applications and Oracle Databases, and they want to use as much as they can of their current knowledge base that their staff has acquired through the years, it only makes sense to take the apps to Azure and the database to Oracle Cloud Infrastructure and either leverage ODSA, Oracle Database Solution for Azure, or our OCI-Azure interconnect regions. We have 12 of those. 06:39 Sergio: So ODSA was designed with Azure cloud architects in mind. The Oracle Database solution for Azure. For each database provision using ODSA, the service delivers OCI database metrics, OCI events, and OCI logs to tools such as Azure Application Insights, Azure Event Grid, and Azure Log Analytics. But the concise key points to keep in mind are latency, security, data movement, orchestration, and operation management. 07:10 Nikita: So, latency... security... Can you tell us a little bit more about these? Sergio: Yes, latency is crucial. If an application needs, let's say X milliseconds, 3 milliseconds response time, the multi-cloud solution better meet these needs. We recently published a blog post where we released the millisecond response of our 12 interconnect sites to Azure and OCI. We have 12 interconnect sites of Azure regions to 12 regions from OCI. Now, regarding security, in Oracle, we pride ourselves for being a security company. Security is at our core of who we are and we have taken this approach to multi-cloud. This for encryption of data at rest, encryption of data in transit, masking the data in the database, security key management, patching service, Identity and Access Management, Web Application Firewall. All of these solutions from Oracle are very well suited for multi-cloud approach. 08:17 Lois: OK, what about data movement, orchestration and operation management? You mentioned those. Sergio: I mentioned Golden Gate earlier. So you can use this awesome tool for replication. You can also use this for migration. But data movement is much more than replication, like real live transactions taking place and backup strategies. We have options for all of this. Our object storage, our bulky regions backup strategies. Now for orchestration, the Oracle API Gateway avoids vendor lock-in and enables you to publish APIs with private endpoints that are accessible from within your network and which you can expose with a public IP address. This in case you want to accept traffic from the internet. 09:07 Nikita: Ah, that makes sense. Thanks for explaining those, Sergio. Now, what multi-cloud services does OCI have? Sergio: So I already mentioned a few like ODSA, the Oracle Database Solution for Azure. So, this is where Azure customers can easily provision, access, and operate an Oracle Database enterprise-grade and the Oracle Cloud Infrastructure with a familiar Azure-like experience. ODSA was jointly announced back in July 2022 by our CTO Larry Ellison and Microsoft's Satya Nadella. He's the CEO. This was last year. And we also announced the MySQL Heatwave, which is available on AWS. This solution offers online transactional processing analytics, machine learning, and automation with a single, MySQL database. So OCI multi-cloud approach started when the OCI regions interconnected via FastConnect to Azure regions Express Route. This was back in June of 2019.  10:12 Sergio: Other products for multi-cloud include OCI integration services, OCI Golden Gate, the Oracle API Gateway, Observability and Management, and Oracle Data Sync to name a few. Nikita: So we've been working in multi-cloud services since 2019. Interesting.  Lois: It really is. Sergio, can you tell us a little bit about the type of organizations that can benefit from multi-cloud? 10:36 Sergio: Absolutely. My pleasure. So organizations of all sizes and of all industries can benefit from multi-cloud, from start-ups to companies in the top 100 of the Forbes list and from every corner of the world, you name it, every corner of the world. So it's available worldwide for customers, the Oracle customers. There are also customers, and we know this of other providers. So in terms of cloud, it's to the customers' benefit that cloud service providers have a multi-cloud strategy. In OCI , OCI has been a pioneer in multi-cloud. It was in 2019 when the FastConnect to Express Route partnership was announced. And Site-to-Site VPN is also available to all three of our major cloud competitors. So the beauty of the last word, cloud competitors, is that indeed they are our competitors and we try to win businesses away from them. 11:29 Sergio: But at the same time, our customers demand the ability for cloud providers to work with each other and our customers are right. And for this reason, we embrace multi-cloud. Recently, the federal government announced that they selected four cloud providers: OCI, AWS, Azure, and Google Cloud Platform. And also, Uber announced a major deal with OCI and Google Cloud Platform. So these customers, they want us to work together. So multi-cloud is a way to go, strategy and we want to make our customers happy. So we will operate and work with these cloud providers, service providers. 12:09 Nikita: That's really great. So a customer can take advantage of the benefits of OCI, even if they have other services running on another cloud provider. Now if I wanted to become a multi-cloud developer or a cloud architect, how would I go about getting started? Is there a certification I can get? Sergio: Absolutely. Excellent question. I love this question. So this depends on where you are in your cloud journey. If you are already a cloud knowledgeable engineer with either AWS or Azure, you can start with our OCI for Azure Architect and OCI for AWS Architect. We have courses for both. And if you are just getting started with cloud and you want to learn OCI, you can start with our OCI Foundations as the path to OCI and as you progress along, we have OCI Architect Associate, we have OCI Architect Professional. So there's a clear path, but if you have a specialty like a developer's or operations or multi-cloud certification, so we have all of this for you. And regarding the OCI Architect Professional certification, it contains in the learning path a lesson and a demo on how to interconnect OCI and Azure from the ground up. 13:23 Lois: And all of this training is available for free on mylearn.oracle.com, right? Sergio: Yes, that is correct, Lois. Just visit the site, mylearn.oracle.com, and create an account. The site keeps track of your learning progress and you can always come back and continue from where you left off, at your own speed. 13:42 Lois: That's great. And what if I don't want to get certified right now? Sergio: Of course, you do not have to be pursuing a certification to gain access to the training in MyLearn. If you are only interested in the OCI to Azure interconnection lesson, for example, you can go right to that course in MyLearn, bypassing all the other material. Just watch that lesson. If you're interested, follow along with the demo on your own environments. 14:09 Nikita: So you can take as much or as little training as you want. That's wonderful. Sergio: Absolutely it is. And with regards to other OCI products that are great for multi-cloud, our API Gateway is greatly covered in our OCI Developer Professional certification. The awesome news that I'm bringing to you right now is that soon Oracle University will release a new OCI multi-cloud certification. This is going to be accompanied by with the learning path and the multi-cloud certification, this is what I'm currently at this moment working on. We are designing the material. We are having fun right now doing the labs, and shortly, we will write the test questions.  14:51 Lois: That's great news. You know I love to share a sneak peek at new training we're working on. Thank you so much, Sergio, for giving us your time today. This was really insightful. Sergio: On the contrary, thank you. And thanks to everyone who's listening. I encourage you to go ahead and link your multiple cloud accounts and if you have questions, feel free to reach out. You can find me in the Oracle University Learning Community. 15:15 Nikita: We hope you enjoyed that conversation. And like we were saying before, the multi-cloud course has been released and has quickly become one of our most sought-after certifications. So, if you want to access the multi-cloud course, visit mylearn.oracle.com. Lois: Join us next week for another throwback episode. Until then, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 15:39 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

21 Marras 202316min

In the final episode of this season, hosts Lois Houston and Nikita Abraham, along with Sr. Principal ERP Learning Strategist David Barnacle, dive into the Accounting Transformation process flow, which covers how financial transactions are converted into journal entries and how subledger journal entries are processed through subledger accounting. They also explore the Budget to Report process flow, which focuses on planning, accounting for transactions, and reporting financial information to the appropriate stakeholder. Budget reporting goes a long way in helping businesses take corrective actions and improve their financial performance. Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X (formerly Twitter): https://twitter.com/Oracle_Edu Special thanks to Arijit Ghosh, David Wright, Radhika Banka, Parvathy Narayan, and the OU Studio Team for helping us create this episode. -------------------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Nikita: Hello and welcome to the Oracle University Podcast. I'm Nikita Abraham, Principal Technical Editor with Oracle University, and with me is Lois Houston, Director of Innovation Programs. Lois: Hi there! Last week, we had David "Barney" Barnacle, Sr. Principal ERP Learning Strategist, with us, who spoke about Procure to Pay and Asset Acquisition to Retirement, which are two major business processes within the Oracle Financials Business Process Model. Barney is here with us for one last time this season to take us through the last two business processes, Accounting Transformation and Budget to Report. 01:02 Nikita: Welcome back, Barney! Barney: Hi Niki! Hi Lois! Nikita: So Barney, what can you tell us about Accounting Transformation? Barney: Accounting Transformation is one of the most important business processes in the Oracle Cloud Financials Business Process Model. All our enterprises are required to record their financial transactions, and the Oracle Fusion Cloud: ERP application supports businesses in recording these transactions with the help of best practice life cycles like Invoice to Cash, Procure to Pay, and Asset Acquisition to Retirement. 01:32 Nikita: Everything we've discussed in our previous episodes. Barney: Right. Now, Accounting Transformation refers to the process of converting business transactions from Oracle subledgers, or transactions from external source systems, into detailed, auditable journal entries. Source systems are typically industry-specific applications that are either purchased from third parties or built internally within the customer organization. Examples of such systems include core banking applications, insurance policy administration applications, billing applications, and point of sales applications. And to do this transformation, we have a very powerful tool called the Accounting Engine. If the accounting engine is only used in Oracle Cloud Subledgers (for example, Assets, Payables, etc.), then this engine is referred to as the Subledger Accounting Engine. 02:24 Lois: And what does this Subledger Accounting Engine do? Barney: The Subledger Accounting Engine, also known as SLA, is loaded with predefined event models and accounting methods, i.e. the accounting rules. And within this engine, users can also create user-defined accounting methods, i.e. new rules, to achieve multiple financial reporting requirements. The accounting engine's job is to convert business transactions into auditable and balanced accounting journal entries. 02:55 Lois: Is SLA a separate product? Barney: SLA is not a separate product itself but is Oracle's common engine, which caters to the accounting needs of all the Oracle subledgers. Subledger Accounting is a rules-based accounting engine that is centralized for use by all the Oracle Cloud subledgers. 03:13 Nikita: So how does Subledger Accounting work? Barney: When using Oracle Cloud Financials, financial transactions such as invoices or payments are recorded in the Oracle Cloud subledger products, whereas transactions from legacy systems are recorded in Oracle Fusion Cloud Accounting Hub. Each financial transaction has some accounting event type associated with it. For example, creating a customer invoice, adjusting a payment, validating a supplier invoice, and so on. As I was saying earlier, Subledger Accounting has predefined accounting rule sets, also known as accounting methods. And these accounting methods follow industry practices (for example, Standard accruals). 03:53 Nikita: And how do accounting rules work? Barney: The accounting rules pick the accounting event type associated with the business transaction. It uses relevant transaction attributes like Amounts, Currencies, Dates, Customers, or Suppliers. Then, it converts the transactional attributes into balanced and auditable Subledger and ultimately General Ledger journal entries, which may also require the copying or complete creation of account code combinations. 04:19 Lois: Can all the accounting requirements of a business be met with the help of standard accounting methods? Barney: No, Lois. Sometimes, standard accrual accounting methods don't meet all the accounting or business requirements. But then subledger accounting can support user-defined accounting methods to generate different accounting entries to support these different regulatory or business requirements. For example, by using a local GAAP. 04:44 Nikita: Barney, can you tell us in more detail the various steps involved in the accounting transformation process? Barney: So, the first step is to record business transactions using modern business life cycles. As the user processes these transactions, with such actions as create, validate, adjust, delete etc., these actions are recorded as event types. The accounting engine uses these types and the accounting method rules to create detailed subledger journals. It is the accounting rules that take the transaction source attributes, such as amount, date, customer supplier, etc., and converts them into a balanced detailed subledger journal that can be audited. If there are insufficient or incorrect account or no account values within the source transactions, then the account rules, mapping sets, and user-defined formula that can be configured to create the correct account combinations. 05:39 Barney: To create these journals, the create accounting process can be automated to run on a regular basis, typically at least once a day. The Create Accounting process first generates detailed subledger journals in draft or final mode within the SLA data repository. If these SLA journals are in final mode, then they can also be transferred to create summarized or detailed general ledger journals. Once posted, these GL journals update the account balances of all dimensions stored within the GL Essbase cubes. From these account balances, you can create flexible financial reports to meet the requirements of all stakeholders. And the best part is any role that's assigned SLA privileges can carry out these tasks. 06:30 Have an idea for a new course or learning opportunity? We'd love to hear it! Visit the Oracle University Learning Community and share your thoughts with us. Your suggestion could find a place in future development projects. If you're already an Oracle MyLearn user, go to MyLearn to join the community. You will need to log in first. If you've not yet accessed Oracle MyLearn, visit mylearn.oracle.com and create an account to get started. 06:59 Nikita: Welcome back. So, transactions are created, accounting is generated using the powerful SLA engine, and then when that's done, organizations can publish their financial reports and submit them to government authorities and their stakeholders, right? So, how do they administer control over their financial planning and spending? And how do organizations create these different reports? 07:23 Barney: Financial reports/statements are key to assessing the financial efficiency and determining the key performance indicators of any organization or enterprise. In Oracle Fusion Cloud, we talk of producing reports across three key axes, the legal, the management, and the functional axis, to match the varying requirements of stakeholders. Some organizations, to drive good financial control, plan and generate budgets and/or forecasts. This is so that they can estimate their revenue and expenses for a specific future period. In fact, some enterprises go much further and use budgetary control and encumbrance accounting to ensure expenditure remains within budgeted control levels per period and they can block further expenditure on items that have spent over planned budgeted amounts. 08:15 Barney: Other enterprises may have a rolling 12-month budget that can be updated at the end of each financial period. Simple to complex budgets or forecasts can be loaded into the GL Essbase cubes and the planned budgeted account balances over a period can easily be compared with actual performance using a variety of financial reporting tools provided by Oracle Cloud. Any budget variance can be used to drive financial control and analysis, while contributing to effective, strategic decision-making. The Oracle Fusion Cloud Budget to Report process focuses on planning, accounting for transactions, and reporting financial information to the appropriate stakeholder. 08:59 Lois: Why is this process so important for organizations? What are the benefits of budget reporting? Barney: It is a great way to drive financial control by efficiently tracking the company's performance versus the budget or forecast plan. Budget reporting allows an organization to perform frequent comparisons of forecasted and actual results with the purpose of fixing the key deviations. It allows organizations to allocate cash to assets worth the investment, make acquisitions, or create disposals or disinvestment strategies. 09:32 Lois: Barney, what are the key processes within Budget to Report? Barney: Within the Budget to Report processes life cycle, there are three key subprocesses: managing budgets and forecasts, capturing transactions (i.e. account balances), and period close to financial reporting. Accountants will cycle through these three processes on a regular basis, which is typically monthly. Let's start with the Manage Budgets and Forecasts process. This process refers to the entire cycle of events that start with planning and formulating and ultimately ends with creating budgets and forecasts in the application. Oracle General Ledger simplifies budget and forecast uploads into the system by the use of Excel spreadsheets. 10:15 Barney: Next is the Capture Transactions and Journal Entry process. Financial transactions captured in the subledgers are accounted for via the SLA accounting engine and are converted into detailed subledger and summarized general ledger journals (i.e. the accounting process we have just discussed under SLA). Manual journals can also be created with the use of the user interface or via spreadsheet uploads. The account combinations on these journal lines, once posted, that record the actual account balances, which detail organization revenue, expenditure, taxation, and so on over a period. 10:52 Barney: The Period Close to Financial Reporting process starts with the period closure for each subledger application, ensuring all financial transactions are captured and reported in the correct period. It includes the reconciliation of all key suspense accounts or key accounts (for example, cash balances, tax debtors, liabilities, etc.), special period-end processing, such as foreign currency requirements for revaluation and translations or allocation journals to spread the account distribution of central costs or revenue pools, and the use of consolidation ledgers, with requirements to move currency account balances between ledgers. Finally, from these consolidated, reconciled account balances, a variety of reporting tools can be used to generate the required financial reports/statements for both internal and external stakeholders. 11:42 Barney: Some of these reports will include the comparison of actual versus budgeted values, and any key variances will be used to revise or amend the budgets/forecast plans. We return to where we started with a review or modification of our strategic financial plans. 11:59 Nikita: Barney, what are the key job roles associated with the Budget to Report process? Barney: There are three job roles associated with this process that are predefined as standard by Oracle: General Accountant, Financial Analyst, and General Accounting Manager. The General Accountant manages all financial transactions and revenue, expenses, assets, liability, and equity accounts, and is responsible for recording accounting adjustments, such as accruals, allocations, currency revaluations, and translations. The Financial Analyst analyzes the financial performance of an enterprise or an organization. The General Accounting Manager manages the general accounting functions of an enterprise, including general ledger, subsidiary ledgers. They also manage period close activities. 12:49 Lois: Any final words, Barney, as we conclude this series on ERP Financials business processes? Barney: So, in these last couple of episodes, we discussed the five financial business process life cycles. These processes are collectively known as Record to Report. The Record to Report process includes data extraction, collection, and processing to deliver accurate and timely financial information and enhance decision-making within the organization or enterprise. Using embedded analytics to drive an error-free financial close process, Oracle Fusion Cloud can not only automate and transform the R2R process, but also enable timely, real-time financial performance reporting. 13:37 Nikita: Thank you so much, Barney, for being our guide and taking us through the Oracle Financials Business Process Model. Barney: Thank you. It's been great being here with both of you. Lois: If you missed any of our earlier episodes with Barney, you should go back and check them out. And if you're interested in learning more about Oracle's business process training and getting certified, visit mylearn.oracle.com. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 14:03 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

14 Marras 202314min