OCI Guidance Report
Site24x7’s OCI Guidance Report provides best practice recommendations to help optimize your Oracle Cloud Infrastructure (OCI) setup. These recommendations are designed to fine-tune your OCI configuration, ensuring optimal performance, enhanced reliability, and cost efficiency.
By following the suggested best practices, you can improve the performance of your cloud resources, avoid potential issues, and maintain a secure and well-architected OCI environment. Site24x7's Guidance Report has grouped the recommendations under the Availability category at three severity levels: High, Moderate, and Low.
Benefits of using the OCI Guidance Report
With the OCI Guidance Report feature, you can leverage the following benefits:
- Stay ahead of potential issues by proactively identifying areas of improvement in your OCI setup.
- Receive clear recommendations that are easy to implement, ensuring quick and effective adjustments.
- Maximize the value of your OCI services by eliminating inefficiencies and optimizing resource allocation.
- Ensure your cloud environment adheres to the best practices, reducing the risk of vulnerabilities.
Use case
Let's say you are running critical applications on an OCI Block Volume, but do not have a backup policy attached to it. Without a backup policy, the data stored in the Block Volume is vulnerable to availability domain failures, which could result in potential data loss and disruption of critical services.
Site24x7 identifies this issue and provides the recommendation to attach a backup policy to the Block Volume. By following this recommendation, you can regularly back up your data, ensure its availability, and protect its applications against unexpected failures in the availability domain.
Viewing the Guidance Report and compliance checks
To view the compliance data along with the guidance report:
- Login to Site24x7.
- Navigate to Cloud > OCI.
- Select the applicable OCI service.
- Select the Guidance Report dashboard.
- Review the recommendations provided for each resource.
- Follow the action steps to implement changes and optimize your OCI environment.
Best practice checks for OCI services
The recommendation checks available for various OCI services include:
Compute Instance
OCI Compute - Single Fault Domain (Priority: Low)
Baseline:
Checks whether all instances in an availability domain are present in a single fault domain.
Description:
By placing Compute Instances in different fault domains inside an availability zone, you can ensure that a failure of any one fault domain does not result in an outage for your application.
Recommendation:
Consider changing the fault domain of the Compute Instance.
Required permission:
- GetInstance - INSTANCE_READ
Block Volume
OCI Block Volume - Backup Policy (Priority: High)
Baseline:
Checks whether the block volume has a backup policy attached.
Description:
It is recommended to take backup of critical applications to protect against failure of the availability domain and ensure data availability.
Recommendation:
Consider attaching a backup policy to the block volume.
Required permission:
- GetVolumeBackupPolicyAssetAssignment - BACKUP_POLICY_ASSIGNMENT_INSPECT and VOLUME_INSPECT
Autonomous Database
OCI Autonomous Database - Backup Retention Period (Priority: Medium)
Baseline:
Checks whether an autonomous database has a backup retention period of at least seven days.
Description:
It is recommended to have a minimum backup retention period of seven days in order to achieve compliance requirements.
Recommendation:
Consider setting the backup retention period of an autonomous database to at least seven days.
Required permission:
- GetAutonomousDatabase - AUTONOMOUS_DATABASE_INSPECT
Object Storage Bucket
OCI Storage Bucket - Replication Disabled (Priority: Medium)
Baseline:
Checks whether the storage buckets have a replication policy created.
Description:
Replication policy provides protection from regional outages, aids in disaster recovery efforts, and addresses data redundancy compliance requirements. Maintaining multiple copies of data in regional locations closer to user access can also reduce latency.
Recommendation:
Consider creating a replication policy for storage bucket.
Required permission:
- GetBucket - BUCKET_READ
Subnet
OCI Subnet - Availability Domain Specific Subnets (Priority: High)
Baseline:
Checks whether subnets are specific to the availability domain.
Description:
Opting for a regional subnet will mitigate availability domain failures since resources can be in any of the region's availability domain.
Recommendation:
It is recommended by Oracle to create a regional subnet as opposed to an availability domain-specific subnet. Consider replacing the availability domain-specific subnets with regional subnets.
Required permission:
- ListSubnets - SUBNET_READ
Related topics