ODSA versus the OCI-Azure Interconnect
February 27, 2023 | 11 minute readIn 2019, Oracle and Microsoft announced a partnership to enhance cloud interoperability by connecting Oracle Cloud Infrastructure (OCI) and Microsoft Azure clouds by a private, secure, low-latency, and high-throughput network: The Oracle Interconnect for Azure, also called the OCI-Azure Interconnect. This partnership enables enterprises with many on-premises, mission-critical applications that utilize Oracle and Microsoft technologies to migrate easily to public clouds. This one-of-a-kind “connected clouds” alliance built for our mutual customers and complementary cloud services opens the door to swift migration of on-premises applications.
Figure 1: A sample OCI-Azure Interconnect architecture
In 2022, Oracle launched the Oracle Database Service for Azure (ODSA), an Oracle-managed service that enables customers to easily provision, access, and operate enterprise-grade Oracle Database services in OCI with a familiar Azure-like experience. The ODSA service builds on the existing capabilities of the OCI-Azure Interconnect and further simplifies the setup, management, and connectivity of application components in Azure to databases running in OCI. With ODSA, Azure teams can treat databases running on OCI like an Azure resource.
Figure 2: ODSA architecture
Today, we have twelve interconnected cloud regions between OCI and Azure available globally, and we are adding more interconnect regions.
Figure 3: ODSA and OCI-Azure Interconnect regions
Customers often ask which service to choose over the other. What do they need to know about the service before using the one for the split stack architecture deployed between OCI and Azure? What are the recommendations and restrictions from Oracle for ODSA vs OCI-Azure Interconnect?
This blog post highlights the values of using the OCI-Azure Interconnect and ODSA for various types of Oracle workloads. It also provides recommendations to choose ODSA or OCI-Azure Interconnect.
This blog post doesn’t show the steps or procedure for OCI-Azure interconnect or the configuration steps for ODSA. You can follow the OCI-Azure interconnect configuration steps and the ODSA onboarding and configurations steps.
Comparison between ODSA and OCI-Azure Interconnect
The ODSA and OCI-Azure Interconnect are designed to meet the requirement of various use cases that require running different workloads in different clouds. However, ODSA is designed to run OCI database workloads on OCI and connect from applications and data analytics running on Azure. Contrastively, OCI-Azure interconnection allows the running of any workloads with a private endpoint on OCI connecting to any workloads running on Azure with a private endpoint. ODSA is an Oracle-managed solution that provides an Azure-like portal for customers to provision OCI database services and seamless connectivity between the Azure application tier and OCI database tier. The OCI-Azure Interconnect is a customer-managed network service that facilitates the deployment of any workload requiring cross-cloud network connections.
The following table compares ODSA and OCI-Azure Interconnect at a high level:
|
ODSA |
OCI-Azure Interconnect |
|
|
What is it? |
An Azure-like portal to manage OCI Database services with UX experience familiar to Azure users and private connectivity through network peering. |
Direct private connectivity between OCI and Azure using OCI’s FastConnect circuit and Azure’s ExpressRoute circuit. |
|
Primary use case |
Oracle Database, Exadata Cloud service, BaseDB, Autonomous Database Shared, and MySQL Heatwave |
All OCI services including databases and Azure services |
|
Support |
Collaborative support model through ODSA portal |
Collaborative support model |
|
Service license agreement (SLA) or service level objective (SLO) |
SLO for availability and performance |
Customer-managed (SLA for ExpressRoute port and SLA for FastConnect port) |
|
OCI tenancy |
Must be Identity and Access Mangement (IAM) domain enabled OCI tenancy |
Works with any kind of OCI tenancy |
|
Network latency (approximate) |
2 ms (TCP/UDP and ICMP) |
2 ms (TCP/UDP and ICMP) |
|
Network throughput |
Shared network throughput |
Dedicate network throughput |
|
Interconnection cost |
Zero cost to the customer for Interconnect |
The customer pays for the FC port, ER port, and ER gateway cost. |
|
Network charges |
The customer pays data egress and ingress charges for Azure VNet peering ($0.01 /GB) |
Zero data ingress/egress charges (must use local SKU for ExpressRoute port) |
|
Connectivity |
Dedicate private tunnel between OCI and Azure through Oracle-managed shared FC and ER |
Dedicate private interconnect between OCI and Azure |
|
Network throughput scaling |
Autoscaling |
Customer-managed |
|
Monitoring |
Consolidated metrics, alerts, and events consumed in Azure app insights, Azure log analytics, and event grids |
Customer-managed |
|
Region availability |
12 Interconnect regions globally |
12 Interconnect regions globally |
|
High availability |
Oracle-managed |
Customer-managed |
|
Disaster recovery |
Subscribe to another region through ODSA portal |
The customer needs to provision more virtual circuits (FastConnect and disaster recovery) in another interconnect region |
Prerequisites
The two services have different prerequisites and onboarding requirements. The following table shows the prerequisites for ODSA and OCI-Azure Interconnect:
|
Onboarding prerequisites |
ODSA |
OCI-Azure Interconnection |
|
OCI tenancy |
Must use an IAM domain enabled OCI tenancy |
Any OCI tenancy |
|
Azure tenant |
A paid Azure tenant |
Any Azure tenant |
|
Azure AD user |
A user with an Azure global admin role |
Any Azure AD user |
|
OCI tenancy user |
An Administrator group user of the OCI tenancy |
Any user of OCI tenancy with privilege to provision network resources |
|
Azure subscription |
Azure AD user must be owner or contributor of the subscription |
Any user role in Azure subscription with privilege to provision network resources |
The following table compares the ODSA and OCI-Azure Interconnect during onboarding:
|
During onboarding |
ODSA |
OCI-Azure Interconnection |
|
ODSA application |
Deploy Oracle Database service application on Azure AD tenant |
No custom application requirement. The customer needs to provision the Azure ExpressRoute circuit, Azure ExpressRoute gateway, and OCI Fastconnect circuit |
|
ARM role consent |
Azure global admin user must approve user consent |
No other user consent |
|
Azure and OCI tenancy linking |
Between OCI tenancy and Azure tenant, always a 1:1 relationship. The same Azure tenant or same OCI tenancy can’t be used for another multicloud link. |
The same OCI tenancy and/or Azure tenant can connect to other OCI tenancy and another Azure tenant. |
|
Azure AD user federation |
Can choose to federate Azure AD users to OCI |
Can set up the Azure AD user federation manually |
|
Azure subscription Llnking |
Many subscriptions from one Azure tenant can link to one OCI tenancy |
The VNet from other Azure subscriptions can route the traffic to OCI through VNet peering |
The following table shows the comparison of the ODSA and OCI-Azure Interconnect after onboarding:
|
Post-onboarding |
ODSA |
OCI-Azure Interconnection |
|
Managing ODSA user role |
Manage ODSA user role using Azure Portal |
No other role required |
|
Provision of OCI Database Ssrvice |
OCI Database needs to provision through the ODSA portal |
OCI Database needs to provision using the Oracle Cloud Console |
|
Managing OCI Database service |
Manage Database using ODSA Portal, Oracle Cloud Console, and Azure Portal |
Manage Database using Console |
|
Manage Azure AD user federation |
Needs to manage the Azure AD user add or remove user sync with OCI using azure enterprise application “MultiCloud_OCI_Azure_Federation” |
Automatically sync Azure AD user add or remove with OCI |
Conclusion
Both the OCI-Azure Interconnect and ODSA allow enterprise customers to migrate or deploy their Oracle-centric workloads to OCI and Microsoft-centric workloads to Azure without refactoring and rearchitecture of the application workloads. With the help of low-latency and secure private network connectivity between OCI and Azure, customers can run their business-critical workloads without compromising performance.
OCI-Azure interconnection is a customer-managed solution that allows running any workloads with a private endpoint on OCI connecting to any workloads running on Azure with a private endpoint. ODSA is an Oracle-managed service that enables running OCI database services on OCI through an Azure-like portal, that connects to applications running on Azure seamlessly
Learn more about multicloud use cases using Oracle Interconnect for Azure and ODSA. For more information, see the following resources:
-
Oracle Cloud Infrastructure and Azure Interconnect solution playbook docs
-
Getting started with Oracle Database Service for Microsoft Azure
-
Read industry analyst commentary
-
Oracle Database Service for Microsoft Azure technical overview
-
Learn About Disaster Recovery in Oracle Cloud Infrastructure
-
Meet Cloud’s New Power Couple: Oracle Cloud Infrastructure and Microsoft Azure
Niranjan Mohapatra
Senior Principal Solution Architect
Niranjan Mohapatra is a senior principal solution architect in the Oracle Cloud Infrastructure team and has over 25 years of IT experience. Niranjan is experienced with Multicloud, Hybrid cloud, and Private cloud. He is an Oracle-certified cloud solution architect and Oracle-certified database professional. He is experienced with on-prem data center solutions as well as public cloud solutions.