You are part of the cloud DevOps team managing thousands of compute Instances running in Oracle Cloud Infrastructure (OCI). The OCI Logging service is configured to collect logs from these Instances using a Unified Monitoring Agent. A requirement has been created to archive logging data into OCI Object Storage. What OCI capability can help you achieve this requirement?
A company wants to automate the infrastructure and configure OCI resources on OCI DevOps. Which tool should the company use? (Choose the best answer.)
The company should use Ansible to automate infrastructure and configure OCI resources on OCI DevOps. Ansible is a popular open-source automation tool that provides a simple and powerful way to automate infrastructure provisioning, configuration management, and application deployments. It uses a declarative language and follows an agentless architecture, making it easy to use and suitable for automating tasks across different environments, including OCI. While Jenkins is a widely used continuous integration and continuous delivery (CI/CD) tool, it is primarily focused on the software development and deployment process rather than infrastructure automation and resource configuration. Terraform is another popular infrastructure-as-code tool that enables the provisioning and man-agement of infrastructure resources. It is well-suited for creating and managing infrastructure re-sources in OCI and other cloud providers. However, in the context of the question, Ansible is specifically mentioned as the tool to use. Chef is a configuration management tool that helps automate the configuration and management of systems and applications. It can be used for infrastructure automation and configuration, but it is not as commonly used for provisioning and managing cloud resources as Ansible or Terraform. Therefore, the best answer for the given scenario is Ansible.
As a DevOps engineer working on containerizing a microservices-based application to be hosted on OCI Cloud platforms, which step can help ensure that the container images have not been modified after being pushed to OCI Registry?
The step that can help ensure that the container images have not been modified after being pushed to OCI Registry is signing the image using the Container Registry CLI and creating an image signature that associates the image with the master encryption key and key version in the Vault service. Image signing is a process of adding a digital signature to an image to verify its authenticity and integrity. You can use OCI Registry CLI to sign an image using a Vault managed key and create an image signature that contains information such as the image name, tag, digest, key OCID, key version OCID, etc. You can also use OCI Registry CLI to verify an image signature before pulling or running an image. Verified Reference: [Image Signing - Oracle Cloud Infrastructure Registry], [Signing Images - Oracle Cloud Infrastructure Registry]
You are part of the DevOps team and troubleshooting an issue related to a newly deployed web application. The clients for the web application have reported failures with creating records into the application over an HTTPS connection. The current logs collected by the Oracle Cloud Infrastructure (OCI) Logging service is not providing much information related to the issue. You have been asked to enable specific logs applicable to services along with con-figuring an alarm to monitor any new failures. Which two steps can you perform to meet this requirement?
The steps that you can perform to enable specific logs applicable to services along with configuring an alarm to monitor any new failures are:
Install the OCI compute agent software on client systems, enable Custom log and create an agent configuration selecting log path. The OCI compute agent is a software component that runs on your compute instances and collects logs from various sources, such as files, syslog, Windows Event Log, etc. You can use the OCI compute agent to enable Custom log, which is a type of log that allows you to define your own log source and format. You can also create an agent configuration that specifies the log path, log group, and log name for your Custom log.
Create custom filters with required data fields (for example: source, time, statusCode, message) to filter log messages, configure Service Connector with Monitoring for creating an Alarm. A custom filter is a query that allows you to filter and analyze your log messages based on various data fields, such as source, time, level, message, etc. You can use custom filters to search for specific patterns or conditions in your logs, such as failures or errors. You can also configure a Service Connector with Monitoring, which is a component that allows you to transfer data from one OCI service to another. You can use a Service Connector with Monitoring to send your filtered log messages to the OCI Monitoring service, which is a service that allows you to create metrics and alarms based on your logs. You can then create an Alarm, which is a rule that triggers an action when a metric meets a specified threshold. Verified Reference: [Compute Agent - Oracle Cloud Infrastructure Logging], [Custom Logs - Oracle Cloud Infrastructure Logging], [Custom Filters - Oracle Cloud Infrastructure Logging], [Service Connectors - Oracle Cloud Infrastructure Logging], [Monitoring - Oracle Cloud Infrastructure Logging], [Alarms - Oracle Cloud Infrastructure Logging]