Pat Shuff's Blog

  • Iaas
    August 5, 2016

Orchestration vs CloudFormation

Today we are going to do a compare and contrast with Oracle Orchestration and Amazon CloudFormation. The two have the same objectives and can perform the same operations when provisioning an instance. The key difference is the way that they both operate and define the elements needed to create an instance. In the past few days we have gone through and looked that the three files needed to provision a WordPress blog. Information on Oracle Orchestration can be found in the documentation section and tutorial section. Information on Amazon CloudFormation can be found at the home page and tutorial section. We will dive into the WordPress example and look at the json file that is used to provision the service.

The key components to the json file are

"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : " ... ",
"Parameters" : { ... },
"Mappings" : { ... },
"Resources" : { ... },
"Outputs" : { ... }

We can create a simple storage element in S3 with the following file

"Resources" : {
"HelloBucket" : {
"Type" : "AWS::S3::Bucket"

Note that the only thing that we truly need is the definition of a resource. The resource has a label of "HelloBucket" and the resource consists of an element defined as "AWS::S3::Bucket". Note that the Type is very specific to AWS. We could not take this generic definition and port it to any other platform. We don't know how much storage to allocate because S3 is typically an open ended definition. This is radically different from out storage creation from a few days ago where we had to define the storage_pool, size of the disk, and properties of the instance like is it bootable, what image to boot from, and what account it is associated with. The CloudFormation interface assumes account information because it is run from a web based or command line based interface that has your account information embedded into the user interface.

We could get a little more complex and define an instance. With this instance we reference an AMI that predefines the content and operating system. We also define the security ports and connection keys for this instance in the definition.

"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" }, "MyExistingSecurityGroup" ],
"KeyName" : "mykey",
"ImageId" : "ami-7a11e213"
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access via port 22",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : ""
} ]

In this example we are going to provision an EC2 instance from ami-7a11e213. We will be using the security credentials labeled MyExistingSecurityGroup and open up port 22 for ssh access. We don't know what version the operating system unless we look up the characteristics of the ami. This is different from the Oracle Orchestration where we define the storage element and what operating system to boot from. They both define the security groups but do it a little differently but have the same effect.

We can also define some of the characteristics into the application. For CloudFormation we can configure WordPress with the following parameters

 "Parameters": {
"KeyName": {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access into the WordPress web server",
"Type": "AWS::EC2::KeyPair::KeyName"
"WordPressUser": {
"Default": "admin",
"NoEcho": "true",
"Description" : "The WordPress database admin account user name",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*"
"WebServerPort": {
"Default": "8888",
"Description" : "TCP/IP port for the WordPress web server",
"Type": "Number",
"MinValue": "1",
"MaxValue": "65535"

Note that we define these parameters based on the application and pass into the operating system as it is booted. Oracle Orchestration takes a different tactic when it comes to adding parameters to a configuration. Rather than having parameters defined for each application, customizations like this are done with a post install script that is executed at boot time. These configurations can be done from a snapshot or from a post install script based on how you like to initialize systems. This functionality started with Enterprise Manager and the scripts that you use for in house systems can be ported to the cloud without changing or updating.

In summary, the Amazon CloudFormation and Oracle Orchestration are very similar. The components that you use to define a system are done similarly. Amazon makes assumptions that you are running on AWS and gives you short cuts and shorthand that allows you to create predefined components quickly and easily. Unfortunately this configuration does not translate to any other cloud provider or an in house solution. Oracle Orchestration is a little more nuts and bolts but is designed to help you create everything from scratch and build upon the foundation for system definitions. CloudFormation has a graphical user interface that generates json files for you based on dragging and dropping components into a design pallet. Oracle takes a slightly different approach and uses the Oracle Marketplace to automatically generate the json files. There is not a graphical design tool that allows you to drag and drop components but there are tools to take a configuration that is in your data center and generate the parameter list that can be used to generate the json files for Orchestration. We are not saying that one is better than the other in this blog. We are mainly pointing out that they two tools and utilities have different target audiences and functionality. Unfortunately, you can't take one configuration and easily map it into the other configuration. Hopefully someone at some point will take these files and create a translator.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha