Oracle Cloud Infrastructure Documentation

Create the VCN and Subnets to Use with Oracle Functions, if they don't exist already

Before users can start using Oracle Functions to create and deploy functions, a VCN containing the subnets in which to create functions and applications must already exist. The VCN can be, but need not be, owned by the same compartment to which other function-related resources will belong.

Each subnet in the VCN must have a CIDR block that provides at least a certain minimum number of free IP addresses, as follows:

  • AD-specific subnets must have a minimum of 12 free IP addresses
  • regional subnets must have a minimum of 32 free IP addresses

Note that Oracle strongly recommends each subnet has a CIDR block that provides more than the minimum number of free IP addresses.

To support the largest possible number of concurrent connections, Oracle also strongly recommends that the security lists used by subnets in the VCN only have stateless rules.

If a suitable VCN already exists, there's no need to create a new one.

If you do decide to create a new VCN, you have several options, including the following:

  • You can create the new VCN and have related resources created automatically at the same time (as described in this topic). In this case, three public subnets and an internet gateway are created, and a new route rule is added to the default route table.
  • You can create just the VCN initially, and then create the related resources yourself later (see VCNs and Subnets). In this case, you can choose whether to create public subnets and an internet gateway (see Internet Gateway), or private subnets and a service gateway (see Access to Oracle Services: Service Gateway). For example, if you don't want to expose traffic over the public internet, create private subnets and a service gateway.

Note that to use an external logging destination like Papertrail, you have to create a VCN with public subnets (see Storing and Viewing Function Logs).

To create a VCN to use with Oracle Functions (with related resources created automatically):

  1. Log in to the Console as a tenancy administrator.
  2. Open the navigation menu. Under Core Infrastructure, go to Networking and click Virtual Cloud Networks.
  3. Choose the compartment that will own the network resources (on the left side of the page). For example, acme-network.

    The VCN can be, but need not be, owned by the same compartment to which other function-related resources will belong. The page updates to display only the resources in that compartment.

  4. Click Create Virtual Cloud Network to create a new VCN.
  5. In the Create Virtual Cloud Network dialog box, enter the following:
    1. Name: A meaningful name for the cloud network, such as acme-functions-vcn. The name doesn't have to be unique, but it cannot be changed later in the Console. Avoid entering confidential information.
    2. Create Virtual Cloud Network Plus Related Resources: For convenience, select this option to create the VCN and associated resources (all with default properties) in a single operation.
    3. Use DNS Hostnames in this VCN: Select this option.

  6. Click Create Virtual Cloud Network to create the VCN, along with the related resources (three public subnets and an internet gateway).