Oracle 1z0-1072-22 Oracle Cloud Infrastructure 2022 Architect Associate Exam Practice Test

To accept traffic from the internet, you create a public load balancer. The service assigns it a public IP address that serves as the entry point for incoming traffic. You can associate the public IP address with a friendly DNS name through any DNS vendor.

A public load balancer is regional in scope. If your region includes multiple availability domains, a public load balancer requires either a regional subnet (recommended) or two availability domain-specific (AD-specific) subnets, each in a separate availability domain. With a regional subnet, the Load Balancing service creates a primary load balancer and a standby load balancer, each in a different availability domain, to ensure accessibility even during an availability domain outage. If you create a load balancer in two AD-specific subnets, one subnet hosts the primary load balancer and the other hosts a standby load balancer. If the primary load balancer fails, the public IP address switches to the secondary load balancer. The service treats the two load balancers as equivalent and you cannot specify which one is "primary".

Whether you use regional or AD-specific subnets, each load balancer requires one private IP address from its host subnet. The Load Balancing service supplies a floating public IP address to the primary load balancer. The floating public IP address does not come from your backend subnets.

You cannot specify a private subnet for your public load balancer.

The backend servers (Compute instances) associated with a backend set can exist anywhere, as long as the associated network security groups (NSGs), security lists, and route tables allow the intended traffic flow.

Oracle recommends that you create your load balancer in a regional subnet.

Oracle recommends that you distribute your backend servers across all availability domains within the region.

References: https://blogs.oracle.com/cloud-infrastructure/introducing-oracle-cloud-infrastructure-data-transfer-service

https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html

Using the dbaascli utility, you can:

Change the password of a database user.

Start and stop a database.

Start and stop the Oracle Net listener

Check the status of the Oracle Data Guard configuration.

Perform switchover and failover in an Oracle Data Guard configuration.

Patch the database deployment.

Perform database recovery.

Rotate the master encryption key.

https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/dbaascli.html

https://docs.cloud.oracle.com/iaas/Conten t/Network/Tasks/managingVNICs.htm

References: The dialog will show you when you terminate the instance. If you want to preserve the boot volume associated with the instance, uncheck Permanently delete the attached Boot Volume.

https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/terminatinginstance.htm

https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/dns.htm

This is an Oracle-provided option that includes two parts:Internet Resolver: Lets instances resolve hostnames that are publicly published on the internet. The instances do not need to have internet access by way of either an internet gateway or a connection to your on-premises network (such as an IPSec VPN connection through a DRG ).VCN Resolver: Lets instances resolve hostnames (which you can assign) of other instances in the same VCN. For more information, see About the DNS Domains and Hostnames.By default, new VCNs you create use the Internet and VCN Resolver. If you’re using the Networking API, this choice refers to the VcnLocalPlusInternet enum in the DhcpDnsOption object.

The Internet and VCN Resolver does not let instances resolve the hostnames of hosts in your on-premises network connected to your VCN by IPSec VPN connection or FastConnect. Use your own custom DNS resolver to enable that.

https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/dns.htm?Highlight=DNS%20resolver#About

References: https://cloud.oracle.com/storage/object-storage/features

https://docs.cloud.oracle.com/iaas/Content/GSG/Concepts/baremetalintro.htm

References:

The terraform plan command is used to create an execution plan. Terraform performs a refresh, unless explicitly disabled, and then determines what actions are necessary to achieve the desired state specified in the configuration files.

This command is a convenient way to check whether the execution plan for a set of changes matches your expectations without making any changes to real resources or to the state. For example, terraform plan might be run before committing a change to version control, to create confidence that it will behave as expected.

An Oracle Data Guard implementation requires two DB systems, one containing the primary database and one containing the standby database. When you enable Oracle Data Guard for a virtual machine DB system database, a new DB system with the standby database is created and associated with the primary database. For a bare metal DB system, the DB system with the database that you want to use as the standby must already exist before you enable Oracle Data Guard.

Requirement details are as follows:

- Both DB systems must be in the same compartment.

- The DB systems must be the same shape type (for example, if the shape of the primary database is a virtual machine, then the shape of the standby database can be any other virtual machine shape).

- If your primary and standby databases are in different regions, then you must peer the virtual cloud networks (VCNs) for each database.

- Configure the security list ingress and egress rules for the subnets of both DB systems in the Oracle Data Guard association to enable TCP traffic to move between the applicable ports. Ensure that the rules you create are stateful (the default).

Dynamic groups allow you to group Oracle Cloud Infrastructure computer instances as "principal" actors (similar to user groups).

When you create a dynamic group, rather than adding members explicitly to the group, you instead define a set of matching rules to define the group members. For example, a rule could specify that all instances in a particular compartment are members of the dynamic group. The members can change dynamically as instances are launched and terminated in that compartment.

A dynamic group has no permissions until you write at least one policy that gives that dynamic group permission to either the tenancy or a compartment. When writing the policy, you can specify the dynamic group by using either the unique name or the dynamic group's OCID. Per the preceding note, even if you specify the dynamic group name in the policy, IAM internally uses the OCID to determine the dynamic group.

The Oracle Cloud Infrastructure Block Volume service lets you expand the size of block volumes and boot volumes. You have three options to increase the size of your volumes:

Expand an existing volume in place with offline resizing. See Resizing a Volume Using the Console for the steps to do this.

Restore from a volume backup to a larger volume. See Restoring a Backup to a New Volume and Restoring a Boot Volume.

Clone an existing volume to a new, larger volume. See Cloning a Volume and Cloning a Boot Volume.

Access to Your On-Premises Network

There are two ways to connect your on-premises network to Oracle Cloud Infrastructure:

VPN Connect: Offers multiple IPSec tunnels between your existing network's edge and your VCN, by way of a DRG that you create and attach to your VCN.

Oracle Cloud Infrastructure FastConnect: Offers a private connection between your existing network's edge and Oracle Cloud Infrastructure. Traffic does not traverse the internet. Both private peering and public peering are supported. That means your on-premises hosts can access private IPv4 addresses in your VCN as well as regional public IPv4 addresses in Oracle Cloud Infrastructure (for example, Object Storage or public load balancers in your VCN).

You can use one or both types of the preceding connections. If you use both, you can use them simultaneously, or in a redundant configuration. These connections come to your VCN by way of a single DRG that you create and attach to your VCN. Without that DRG attachment and a route rule for the DRG, traffic does not flow between your VCN and on-premises network. At any time, you can detach the DRG from your VCN but maintain all the remaining components that form the rest of the connection. You could then reattach the DRG again, or attach it to another VCN.

With FastConnect, you can choose to use private peering, public peering, or both.

Private peering: To extend your existing infrastructure into a virtual cloud network (VCN) in Oracle Cloud Infrastructure (for example, to implement a hybrid cloud, or a lift and shift scenario). Communication across the connection is with IPv4 private addresses (typically RFC 1918).

Public peering: To access public services in Oracle Cloud Infrastructure without using the internet. For example, Object Storage, the Oracle Cloud Infrastructure Console and APIs, or public load balancers in your VCN. Communication across the connection is with IPv4 public IP addresses. Without FastConnect, the traffic destined for public IP addresses would be routed over the internet.

The second tool, OCI IP Troubleshooting, helps troubleshoot issues with public facing IP addresses. This feature is also part of our Internet Intelligence toolset, providing analytical insight to help network operations teams reduce the time it takes to troubleshoot an issue by providing awareness of availability and latency across the Internet.

Ref: https://blogs.oracle.com/cloud-infrastructure/internet-intelligence,-now-available-in-the-oracle-cloud-infrastructure-console

You can scale up/down your Autonomous Database to scale both in terms of compute and storage only when needed, allows people to pay per use.

Oracle allows you to scale compute and storage independently, no need to do it together. these scaling activities fully online (no downtime required)

in Details page Autonomous Database click Scale Up/Down. Click on arrow to select a value for CPU Core Count or Storage (TB).

Or Select auto scaling to allow the system to automatically use up to three times more CPU and IO resources to meet workload demand, compared to the database operating with auto scaling disabled.

you may optionally specify one or more security lists for the subnet to use (up to five). If you don’t specify any, the subnet uses the cloud network’s default security list. You can change which security list the subnet uses at any time.

https://docs.cloud.oracle.com/iaas/Content/Network/Tasks/managingVCN s.htm

Oracle Cloud Infrastructure File Storage service provides a durable, scalable, secure, enterprise-grade network file system. You can connect to a File Storage service file system from any bare metal, virtual machine, or container instance in your Virtual Cloud Network (VCN). You can also access a file system from outside the VCN using Oracle Cloud Infrastructure FastConnect and Internet Protocol security (IPSec) virtual private network (VPN).

EXPORT

Exports control how NFS clients access file systems when they connect to a mount target. File systems are exported (made available) through mount targets. Each mount target maintains an export set which contains one or many exports. A file system must have at least one export in one mount target in order for instances to mount the file system. The information used by an export includes the file system OCID, mount target OCID, export set OCID, export path, and client export options. For more information, see Managing Mount Targets.

EXPORT SET

Collection of one or more exports that control what file systems the mount target exports using NFSv3 protocol and how those file systems are found using the NFS mount protocol. Each mount target has an export set. Each file system associated with the mount target has at least one export in the export set.

EXPORT PATH

A path that is specified when an export is created. It uniquely identifies the file system within the mount target, letting you associate up to 100 file systems to a single mount target. This path is unrelated to any path within the file system itself, or the client mount point path.

EXPORT OPTIONS

NFS export options are a set of parameters within the export that specify the level of access granted to NFS clients when they connect to a mount target. An NFS export options entry within an export defines access for a single IP address or CIDR block range. For more information, see Working with NFS Export Options.