Deploy Network Components for Oracle Fusion Analytics Service Endpoints

January 17, 2024 | 10 minute read
Text Size 100%:
rw

Published January 17th, 2024.
Updated v7 February 18th, 2024.

Introduction

Oracle Fusion Analytics (Fusion Analytics) is a family of prebuilt, cloud-native analytics services that run on OCI (Oracle Cloud Infrastructure). About Fusion Analytics is an overview.

overall

Private Fusion Analytics enables private network access to Fusion Analytics via private service endpoints and disallows traffic from the internet. Direct access is allowed only from private hosts in OCI or connected to OCI via a DRG (Dynamic Routing Gateway).
Internet access is possible using public proxies that connect privately to the service endpoints.

This post is a member of the Private Fusion Analytics series. It also:

Prerequisites
OCI Cloud Account

A cloud account to host Fusion Analytics. You must have sign-in credentials for this cloud account.

Oracle recommends using the cloud account hosting Oracle Fusion Cloud Applications for simplified user-group synchronization. 


OCI Region

A region supported by Fusion Analytics and subscribed to by the cloud account.


OCI Groups and Privileges

! You must have the proper privileges in the OCI cloud account to deploy the examples.

You must have:

  • Tenancy management privileges or
  • All of the following:
    • Management privileges for a specific compartment
    • Cloud-shell privileges
    • Tenancy read privileges.

Tenancy Management Privileges

You have tenancy management privileges if:

  • You are a member of the Administrators group in the Default Identity Domain.
  • Your Identity Domain Group is granted the same privileges via this policy rule:
    • Allow <Identity Domain>/<Group> to Manage All-Resources in Tenancy

--- or all of the following ---

Compartment Privileges

You have compartment privileges if:

  • Your Identity Domain Group is granted privileges to an existing compartment via this policy rule:
    • Allow <Identity Domain>/<Group> to Manage All-Resources in Compartment <Compartment>

Cloud Shell Privileges

You have Cloud Shell privileges if:

  • Your Identity Domain Group or the Any-User pseudo-group is granted the Cloud Shell privilege via this policy rule:
    • Allow <Identity Domain>/<Group> to Use Cloud-Shell in Tenancy <Compartment>
    • Allow Any-User to Use Cloud-Shell in Tenancy

Tenancy Read Privileges

You have tenancy read privileges if:

  • Your Identity Domain Group is granted tenancy read privileges via this policy rule:
    • Allow <Identity Domain>/<Group> to Read All-Resources in Tenancy
rw
Architecture
Initial State

Slide2

This diagram depicts an OCI region in a customer's cloud account (tenancy) with an Identity service and Oracle Fusion Cloud Applications provisioned.


Prepared State

Slide3

This diagram depicts the OCI network components required before provisioning Fusion Analytics service endpoints.

rw
Components

The deployment package deploys the following components. Component dependencies are illustrated below.

Prepared Components

rw
Deploy

A downloadable package of OCI Terraform resources, uploaded and run in an OCI Cloud Shell, deploys the network components required before provisioning Fusion Analytics with service endpoints.

An OCI cloud shell simplifies OCI authentication and provides a standardized method for various workstations.

Follow these steps to deploy the example components:

  1. Sign in to the OCI cloud account and identity domain designated for Fusion Analytics.
  2. Change to the OCI region designated for Fusion Analytics.
  3. Download the ZIP archive package from here.
  4. Unzip the ZIP archive package.
     
  5. Determine your Identity Domain OCID.
    • Click the User Avatar User_Avatar icon  on the top right portion of the screen.
    • Click Identity Domain:<Domain Name>
    • Click the OCID Copy link and paste the OCID into a note file for later use. IdentityDomainOCID
       
  6. If you do not have tenancy management privileges, determine your compartment OCID.
    • Navigate to Identity & Security > Compartments.
    • Navigate, if necessary, through the compartment tree until you see the compartment and click the Name.
    • Click the OCID Copy link and paste the OCID into a note file for later use. Compartment OCID
       
  7. Update the variables_upload.tf file.

    variables_upload_folder

    • Open the file from the unzipped folder and follow the instructions.
      • Update the Identity Domain OCID
      • If necessary, update the Compartment ID
    • Save and close the file.
       
  8. Click on Developer Tools and select Cloud Shell. Developer Tools
     
  9. Click on the GearIcon Gear Icon and select Upload.
     
    • Drop or Select the ZIP archive package.
      Prepare-v7-upload
    • Click Upload.
       
  10. Click on the GearIcon Gear Icon and select Upload
     
    • Drop or Select the variables_upload.tf file.
      variables_upload
    • Click Upload
       
  11. Decompress the uploaded package in Cloud Shell.
cd; [ -d $HOME/PREPARE ] && rm -r $HOME/PREPARE; unzip $HOME/PREPARE-v7.zip; 
  1. Deploy the components.
cd; bash ~/'PREPARE/resources/setup' > >(tee -a prepare_setup.log) 2> >(tee -a prepare_setup.log >&2)
  1. Download the provisioning_info file containing the following for use in provisioning Fusion Analytics.

    FA_Login

    • Click on the GearIcon Gear Icon and select Download.
    • Enter provisioning_info as the Filename and click Download.

      download_provisioning_info

    • Select a download location and click Save.
       
  2. Optionally, view the setup log file.
cd; more 'prepare_setup.log'
  1. Validate the components using the OCI console.

    • Navigate to Identity & Security > Compartments.
      • Navigate to the root Compartment if you are a tenancy administrator or to the compartment where you have privileges.
      • View the deployed child compartment, i.e., FA_Compartment.
         
    • Navigate to Identity & Security > Domains.
      • Select the FA_Compartment Compartment.
      • Click and view the deployed Child Domain, i.e., FA_Domain.
      • From the menu on the left of the screen, click Users and view the example User, i.e., Example.ServiceAdmin.
         
    • Navigate to Networking > Virtual Cloud Networks.
      • Choose the Region and the FA_Compartment Compartment.
      • Click the example VCN, i.e., FA_VCN.
        • View the VCN, private subnet, security list, and network security group.
rw
Explore More

You have prepared the environment and are ready to provision an instance of Fusion Analytics with service endpoints. For guidance on the next steps in your journey, proceed to Provisioning Private Oracle Fusion Analytics  or return to Overview of Private Fusion Analytics.

Explore Fusion Analytics by visiting the community links, blogs, and library.

Implementing Oracle Fusion Analytics Series

Fusion Analytics Implementation Guide

CEAL Implementation Guidance Sessions, September 2023

Fusion Analytics Community

Fusion Analytics Blogs

Fusion Analytics Library

rw

Dayne Carley


Previous Post

Enabling OCI Notifications for Data Flows in Oracle Analytics Cloud

Gabrielle Prichard | 6 min read

Next Post


Deploy Network Components for Oracle Fusion Analytics Service Endpoints Internet Access

Dayne Carley | 7 min read