Dedicated Virtual Machine Hosts

The Oracle Cloud Infrastructure Compute service's dedicated virtual machine host feature gives you the ability to run Compute virtual machine (VM) instances on dedicated servers that are a single tenant and not shared with other customers. This feature lets you meet compliance and regulatory requirements for isolation that prevent you from using shared infrastructure. You can also use this feature to meet node-based or host-based licensing requirements that require you to license an entire server.

Support and Limitations

When you create a dedicated virtual machine host, you select a shape for the host. For the available shapes and shape details for dedicated virtual machine hosts, see Dedicated Virtual Machine Host Shapes. Note that there is a difference between the number listed for billed OCPUs compared to available OCPUs. This is because four OCPUs are reserved for virtual machine management.

You are billed for the dedicated virtual machine host as soon as you create it, but you are not billed for any of the individual VM instances you place on it. You will still be billed for image licensing costs if they apply to the image you are using for the VM instances.

For instances launched on a dedicated virtual machine host, all of the VM.Standard2 shapes are supported. For details about these shapes, see VM Shapes. Most of the Compute service features for VM instances are supported for instances running on dedicated virtual machine hosts, however the following features are not supported:

  • Instance configurations

  • Instance pools

  • Autoscaling

Reboot migration is also not supported for dedicated virtual machine hosts. In this scenario, you need to manually migrate the instance. See Moving an Instance with Manual Migration for this process.

You can mix VM instances with different shapes on the same dedicated virtual machine host. This might impact the maximum number of instances you can place on the dedicated virtual machine host. For more information, see Optimizing Capacity on your Dedicated Virtual Machine Host.

Managing Dedicated Virtual Machine Hosts

Required IAM Policy

To use Oracle Cloud Infrastructure, you must be given the required type of access in a policy  written by an administrator, whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you try to perform an action and get a message that you don’t have permission or are unauthorized, confirm with your administrator the type of access you've been granted and which compartment  you should work in.

For administrators: The simplest policy to enable users to work with dedicated virtual machine hosts is listed in Let users manage Compute dedicated virtual machine hosts. It gives the specified group access to launch instances on dedicated virtual machine hosts and manage dedicated virtual machine hosts.

See Let users launch Compute instances on dedicated virtual machine hosts for an example of a policy that allows users to launch instances on dedicated virtual machine hosts without giving them full administrator access to dedicated virtual machine hosts.

Creating a Dedicated Virtual Machine Host

You must create a dedicated virtual machine host before you can place any instances on it. When creating the dedicated virtual machine host, you select an availability domain and fault domain to launch it in. All the VM instances that you place on the host will subsequently be created in this availability domain and fault domain. You also select a compartment when you create the dedicated virtual machine host, but you can move the host to a new compartment later without impacting any of the instances placed on it. You can also create the instances in a different compartment than the dedicated virtual machine host, or move them to difference compartments after they have been launched.

To create a dedicated virtual machine host using the Console
To create a dedicated virtual machine host using the CLI

Deleting a Dedicated Virtual Machine Host

To delete a dedicated virtual machine host using the Console
To delete a dedicated virtual machine host using the CLI

Using the API

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use the following operations for working with dedicated virtual machine hosts:

Instances on Dedicated Virtual Machine Hosts

Placing an Instance on a Dedicated Virtual Machine Host

You place an instance on a dedicated virtual machine host at the time that you create the instance. The steps are the same as creating a regular instance, you just need specify that you want to create the instance on a dedicated virtual machine host when you create the instance. See Creating an Instance for the steps to create an instance. Once you get to the Advanced Options section of the form, using the following steps to place the instance on a dedicated virtual machine host.

To place an instance on a dedicated virtual machine host using the Console

If you're using the CLI or REST API to create the instance, pass the dedicated virtual machine host OCID in the optional parameter dedicatedVmHostId when you use the LaunchInstance operation. If you try to launch an instance with a shape that requires more capacity than what is available on the dedicated virtual machine host you are trying to place it on, the launch operation will fail. To avoid this, you can use the ListDedicatedVmHosts operation and pass the shape you want to use when launching the instance in the InstanceShapeNameQueryParam parameter. This will return all the dedicated virtual machine hosts that you can place the instance on.

The following example demonstrates how to call this operation in the CLI to return all the dedicated virtual machine hosts with sufficient capacity for you to place an instance launched using the VM.Standard2.16 shape:

compute dedicated-vm-host list --compartment-id <compartment_ID> --instance-shape-name VM.Standard2.16

Auditing your Dedicated Virtual Machine Host

To fully meet requirements for some compliance scenarios, you might be required to validate that your instances are running on a dedicated virtual machine host and not using shared infrastructure. The Oracle Cloud Infrastructure Audit service provides you with the functionality to do this. Use the steps described in Viewing Audit Log Events to access the log events for the dedicated virtual machine host.

The steps described in the To search log events section walk you through how to retrieve the log events with the data you need to verify that your instances are running on a dedicated virtual machine host. For this procedure:

  • Ensure that you select the dedicated virtual machine host's compartment and not the compartment for the instances that are hosted on it.

  • Use the dedicated virtual machine host's OCID as the search keyword.

After you have retrieved the log events for the dedicated virtual machine host, view the log event lower-level details, and check the contents of the responsePayload property. This property should contain the OCIDs for the instances that are running on the dedicated virtual machine host.

Optimizing Capacity on your Dedicated Virtual Machine Host

When you place an instance on a dedicated virtual machine host using the Console, only dedicated virtual machine hosts with sufficient capacity to launch an instance based on the shape that you have specified are displayed in the Dedicated Virtual Machine Host drop-down list. If you don't see your dedicated virtual machine host in the list, to understand why, it can help to understand how instances are launched in this scenario.

When you place instances on a dedicated virtual machine host, Oracle Cloud Infrastructure launches the instances in a manner to optimize performance. For example, a dedicated virtual machine host created based on the DVH.Standard2.52 shape has two sockets with 24 cores configured per socket. Instances are placed so that each instance will only use resources local to a single physical socket. In scenarios where you are creating and terminating instances with a mix of shapes, this can result in an inefficient distribution of resources, meaning that not all OCPUs on a dedicated virtual machine host are available to be used. In this scenario, it might appear that a dedicated virtual machine has enough OCPUs to launch an additional instance on it, but the instance will fail to launch because of the distribution of existing instances.

In this example, if you are launching instances using a shape with 16 OCPUs on a dedicated virtual machine host, you can only launch a maximum of two instances using that shape. You cannot launch a third instance with 16 OCPUs, even though the remaining number of OCPUs showing for the dedicated virtual machine host is 16. You can launch additional instances using shapes with a smaller number of OCPUs.

When designing your cloud footprint, we recommend that you plan to always launch the largest instance first.