8.7 KiB
8.7 KiB
OCI - Oracle Cloud Infrastructure
Este documento documenta a configuração e deployments relacionados à Oracle Cloud Infrastructure (OCI) para os projetos Invent Cloud e Nexus.
Projetos
Invent Cloud
- Empresa: Invista
- Projeto: Invent Finance
- Local:
C:\dev\inventcloud\invent-finance\ - Repositório Azure DevOps: Invent-finance
Nexus (MFE - Micro Frontends)
- Empresa: Invista
- Repositório Base:
C:\dev\C:devrepos_mfe\ - Templates Pipeline:
C:\dev\repos_mfe\azure-pipelines-templates\
Compartimentos OCI
| Ambiente | Compartment OCID |
|---|---|
| Dev | ocid1.compartment.oc1..aaaaaaaa76x3nykkjwvctpr6px34dysu3pbg7p62h2r65fegt7fvbrioll3a |
| HML | ocid1.compartment.oc1..aaaaaaaawc3hj6isbiibbiuokijw7le72ga3qa3qyblsdhrkj5gdygskzmwq |
| PROD | ocid1.compartment.oc1..aaaaaaaazjxk5dkwleol3hjq7huojevotvnjhvy5ngro4jtwcqx2fn2ujara |
Namespace OCI
- Namespace:
grbb7qzeuoag
Infraestrutura Existente (Dev)
VCN - Virtual Cloud Network
| Nome | CIDR | OCID |
|---|---|---|
| vcn-oke | 10.120.0.0/16 | ocid1.vcn.oc1.sa-saopaulo-1.amaaaaaasks3yliatayztbyd6doyk5oglrmrc57jekltu3xnnena6fvruwba |
Subnets
| Nome | CIDR | Tipo | OCID |
|---|---|---|---|
| sbn-lb-1 | 10.120.128.0/20 | Load Balancer | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaa2ezw57uocis6s2eioypdsnt2p4pwm4fwnjz5jdaqigrm6jaqexeq |
| sbn-lb-2 | 10.120.144.0/20 | Load Balancer | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaav7qtnmgil2qdt3lz6fnqkdcbymjd2dtjjeyo6y7z3s2omq4uvcqa |
| sbn-workers-1 | 10.120.0.0/20 | OKE Workers | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaazfomdghi4x4jpluyjooy7ajvsf5y57jq2xcqwf35guodkcn2wrwq |
| sbn-workers-2 | 10.120.16.0/20 | OKE Workers | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaahaqguwt67kzs2dad2vyz3zpjl5ac7ximeqg55gmsnd33c2qikija |
| sbn-workers-3 | 10.120.32.0/20 | OKE Workers | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaafzhmhvz2scr6sfsygixz2gjfnecggiirh3rvyhjcmfn3ohmohj6a |
Subnet para API Gateway
Usar sbn-lb-1 para deploy do API Gateway:
OCI_SUBNET_OCID=ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaa2ezw57uocis6s2eioypdsnt2p4pwm4fwnjz5jdaqigrm6jaqexeq
Buckets OCI
Status: ✅ Bucket mfe-user-dev criado via pipeline
| Bucket | Ambiente | Uso |
|---|---|---|
| mfe-user-dev | Dev | MFE User static hosting |
API Gateways
Status: ✅ API Gateway criado via pipeline
| Gateway | Ambiente | Uso |
|---|---|---|
| mfe-user-gateway | Dev | MFE User API Gateway |
VCNs e Subnets (Dev)
VCN Principal
- Nome: vcn-oke
- CIDR: 10.120.0.0/16
- OCID:
ocid1.vcn.oc1.sa-saopaulo-1.amaaaaaasks3yliatayztbyd6doyk5oglrmrc57jekltu3xnnena6fvruwba
Subnets Disponíveis
| Nome | CIDR | Uso | OCID |
|---|---|---|---|
| sbn-lb-1 | 10.120.128.0/20 | Load Balancer (pode ser usada para API Gateway) | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaa2ezw57uocis6s2eioypdsnt2p4pwm4fwnjz5jdaqigrm6jaqexeq |
| sbn-lb-2 | 10.120.144.0/20 | Load Balancer | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaav7qtnmgil2qdt3lz6fnqkdcbymjd2dtjjeyo6y7z3s2omq4uvcqa |
| sbn-workers-1 | 10.120.0.0/20 | Workers OKE | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaazfomdghi4x4jpluyjooy7ajvsf5y57jq2xcqwf35guodkcn2wrwq |
| sbn-workers-2 | 10.120.16.0/20 | Workers OKE | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaahaqguwt67kzs2dad2vyz3zpjl5ac7ximeqg55gmsnd33c2qikija |
| sbn-workers-3 | 10.120.32.0/20 | Workers OKE | ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaafzhmhvz2scr6sfsygixz2gjfnecggiirh3rvyhjcmfn3ohmohj6a |
Recomendação para API Gateway
Usar sbn-lb-1 como subnet para o API Gateway:
OCI_SUBNET_OCID=ocid1.subnet.oc1.sa-saopaulo-1.aaaaaaaa2ezw57uocis6s2eioypdsnt2p4pwm4fwnjz5jdaqigrm6jaqexeq
Comandos para verificar buckets
# Verificar namespace
oci os ns get
# Listar buckets (dev)
oci os bucket list --compartment-id "ocid1.compartment.oc1..aaaaaaaa76x3nykkjwvctpr6px34dysu3pbg7p62h2r65fegt7fvbrioll3a" --all
# Listar buckets (hml)
oci os bucket list --compartment-id "ocid1.compartment.oc1..aaaaaaaawc3hj6isbiibbiuokijw7le72ga3qa3qyblsdhrkj5gdygskzmwq" --all
# Listar buckets (prod)
oci os bucket list --compartment-id "ocid1.compartment.oc1..aaaaaaaazjxk5dkwleol3hjq7huojevotvnjhvy5ngro4jtwcqx2fn2ujara" --all
MFEs - Micro Frontends
Status dos MFEs (18/02/2026)
| Repositório | Branch Pipeline | Pipeline OCI | Bucket | Status |
|---|---|---|---|---|
| mfe-user | devops | ✅ azure-pipelines.yml |
mfe-user-dev | ✅ Funcionando |
| mfe-auth | devops | ✅ azure-pipelines-oci.yml |
mfe-auth-dev | 🔄 Pipeline criada |
| mfe-person | devops | ✅ azure-pipelines-oci.yml |
mfe-person-dev | 🔄 Pipeline criada |
| mfe-shell | devops | ✅ azure-pipelines-oci.yml |
mfe-shell-dev | 🔄 Pipeline criada |
| mfe-poc | devops | ✅ azure-pipelines-oci.yml |
mfe-poc-dev | 🔄 Pipeline criada |
| mfe-formalization | devops | ✅ azure-pipelines-oci.yml |
mfe-formalization-dev | 🔄 Pipeline criada |
Pipeline OCI - Estrutura
Todos os MFEs seguem o mesmo padrão de pipeline:
┌─────────────┐
│ BUILD │ → npm ci + npm run build:dev
└─────────────┘
│
▼
┌─────────────┐
│ UPLOADTO │ → Upload para OCI Object Storage
│ OCI │ Bucket: mfe-<nome>-dev
└─────────────┘
│
▼
┌─────────────┐
│ CREATEPAR │ → Cria Pre-Authenticated Request
└─────────────┘
Arquivos de Pipeline
| MFE | Arquivo | Branch |
|---|---|---|
| mfe-user | azure-pipelines.yml (unificado AWS+OCI) |
devops |
| mfe-auth | azure-pipelines-oci.yml |
devops |
| mfe-person | azure-pipelines-oci.yml |
devops |
| mfe-shell | azure-pipelines-oci.yml |
devops |
| mfe-poc | azure-pipelines-oci.yml |
devops |
| mfe-formalization | azure-pipelines-oci.yml |
devops |
Variable Groups Necessários
| Variable Group | Variáveis |
|---|---|
oci-terraform |
OCI_TENANCY_OCID, OCI_USER_OCID, OCI_FINGERPRINT, OCI_PRIVATE_KEY_B64, OCI_REGION, TF_VAR_compartment_parent_ocid |
mfe-credentials |
CLOUDFLARE_ZONE_ID, CLOUDFLARE_API_TOKEN |
aws-credentials-dev |
Credenciais AWS (para pipeline unificada) |
Commits Recentes (mfe-user)
19dced5(18/02/2026) - chore: remove DeployToAPIGateway stage from pipeline9948430(18/02/2026) - fix: use correct variable name TF_VAR_compartment_parent_ocid6836035(18/02/2026) - fix: improve bucket creation error handlingfd780bd(18/02/2026) - fix: correct OCI CLI commands for namespace
MS-POC - Microservice POC
Status: ❌ NÃO PUBLICADO EM OBJECT STORAGE
O ms-poc está configurado no cluster Kubernetes (OKE) conforme ingresses.yaml, mas NÃO foi publicado em nenhum Object Storage.
Ingressos ms-poc (Kubernetes)
# Internal
- host: ms-poc.dev-01.interno.invista.com.br
namespace: nexus-services
# External
- host: ms-poc.dev.invista.com.br
namespace: nexus-services
Próximos Passos para ms-poc
Para publicar no OCI Object Storage:
- Criar bucket:
nexus-ms-poc-dev - Criar pipeline Azure DevOps para build e upload
- Configurar API Gateway ou usar OKE para deploy
Clusters OKE (Oracle Kubernetes Engine)
Clusters Disponíveis
| Ambiente | Cluster OCID |
|---|---|
| Dev Cluster 1 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaaxernqctehleyduukfuyfgcnmm6fuk5l4mkgdaocsdcobrewkvc3a |
| Dev Cluster 2 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaancdtl3rrcblzsifl6h3vguxhj5byqldtzakgg7tv5cifn2eknv6q |
| Dev Cluster 3 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaaxbelg5ztrdn3ca3tm5mohq363c5v6yhmjhbwlgyndcrszb62robq |
| HML Cluster 1 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaaf26wiaoq2arf66a6jfah3ywbuyreik5mvcdxazyz2cwmskgdnxja |
| HML Cluster 2 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaadquto7tpcrqx6k7i7bz5ufyxg7o423ekkbcagpy3tcx3w46e6rfa |
| HML Cluster 3 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaais3nc43lvmestqxmj2tvay4jva4eqihjf55mn72yvc5tbieh3qgq |
| PROD Cluster 1 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaasseprhgtgw7chdhrlo362vsqcmr3j6reeomvy6ahyc7geg5htaga |
| PROD Cluster 2 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaa4zzx3jxqsf2asqlvvvbfrmi3birowx4mrc4xcwjklc5wbegb6xea |
| PROD Cluster 3 | ocid1.cluster.oc1.sa-saopaulo-1.aaaaaaaalazuvvqgci4zd6b473mpbrpxhrznqp7i3an6kae62cuugdaohyra |
Referências
- Templates Pipeline:
C:\dev\repos_mfe\azure-pipelines-templates\ - Infra Terraform:
C:\dev\tf_oci_clusters\ - Clusters Config:
C:\dev\repos_mfe\azure-pipelines-templates\config\oke-clusters.json