In this scenario you will create two Fn functions - with identical, fully generated implementation. You choose your runtime of choice - node, java, python, go, .... Both functions are deployed to an application. Both functions are exposed in an API Gateway API Deployment with separate routes. Finally, for both routes are Health Checks defined through OCI Monitoring; one health check will have a 5 min interval, the other a 15 minute interval. Inspecting the metrics collected by these healthchecks - we expect one function to remain hot and producing much faster responses than the second function that will not stay hot and needs to be reinitialized upon every health check request.
The scenario uses an Ubuntu 20.04 environment with Docker, OCI CLI and Fn CLI as well Visual Studio Code IDE. Before you can start the steps in the scenario, the two Command Line interfaces are downloaded and installed. This will take about one minute.
The scenario expects a number of preparations:
- an API Gateway already has been provided in compartment lab-compartment with permissions to access functions in this compartment; the API Gateway is associated with a public subnet (this is part of the OCI Tenancy Preparation Scenario)
Note: it is assumed that you prepared an OCI tenancy using the Katacoda scenario Preparation of Cloud Trial tenancy for REAL OCI scenarios. This preparation will have created the VCN you need for running functions in OCI as well as the lab-compartment in which the functions are created. Additionally, you should have created a key pair in this scenario and prepared the contents of the config and oci_api_key.pem files. If you have not gone through this OCI tenancy preparation, please do so before continuing with this scenario. You also need an Auth Token to login to the OCIR Container Registry; this too is created in the preparation scenario and used in the Function on OCI scenario.
The scenario was prepared in July 2020.
Summary
This completes this scenario.
You have:
- created and deployed two functions - hello1 and hello2
- created publicly accessible routes for the two functions in the API Gateway
- created health checks for the two routes (and indirectly the two functions)
- create alarms for the two health checks - to publish notifications when the function invocation time is slowish

Steps
Functions, Object Storage and API Gateway on Oracle Cloud Infrastructure
Step 1 - Prepare Environment Settings, Fn and OCI CLI
Wait for OCI CLI and Fn CLI to be installed
Execute the following command to install the OCI CLI:
curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh > install-oci-cli.sh
chmod +777 install-oci-cli.sh
sudo ./install-oci-cli.sh --accept-all-defaults
# add this line to ~/.profile - to make oci a recognized shell command
echo 'oci() { /root/bin/oci "[email protected]"; }' >> ~/.profile
# reload ~/.profile
. /root/.profile
# now oci is recognized as a command
# get workshop resource into scenario
git clone https://github.com/AMIS-Services/oracle-cloud-native-meetup-20-january-2020
You need to provide details on the OCI tenancy you will work in and the OCI user you will work as. Please open the IDE tab and edit these two files:
- ~/.oci/config
- ~/.oci/oci_api_key.pem
Paste the contents that you prepared in the OCI Tenancy preparation scenario.
Set the environment variable LAB_ID to 1 - unless you are in a workshop with multiple participants and each uses their own number.
export LAB_ID=1
Do not continue until you see the file /root/allSetInBackground
appear. If it appears, then the OCI CLI has been installed and you can continue.
Try out the following command to get a list of all namespaces you currently have access to - based on the OCI Configuration defined above.
oci os ns get
If you get a proper response, the OCI is configured correctly and you can proceed. If you run into an error, ask for help from your instructor.
You need to perform one more edit action on file ~/.oci/config. Open this file in the editor. Copy the entire contents and paste it below the current contents. Now change [DEFAULT]
to [FN]
in the duplicate block. The file will now look something like:
[DEFAULT]
user=ocid1.user.oc1..aaaaaaaazr7eselv5q
fingerprint=fd:db:13:bd:31
tenancy=ocid1.tenancy.oc1..aaaaaaaaggg6okq
region=us-ashburn-1
key_file=/root/.oci/oci_api_key.pem
[FN]
user=ocid1.user.oc1..aaaaaaaazr7eselv5q
fingerprint=fd:db:13:bd:31
tenancy=ocid1.tenancy.oc1..aaaaaaaaggg6okq
region=us-ashburn-1
key_file=/root/.oci/oci_api_key.pem
Environment Preparation
Check the installed version of Fn CLI. Note: we do not need the Fn server at this stage.
fn version
Configure and set remote context
List the currently available Fn contexts
fn list contexts
Create an appropriate Fn context for working with OCI as provider (see OCI Docs on Functions).
fn create context lab-fn-context --provider oracle
fn use context lab-fn-context
##Prepare a number of environment variables.
Note: the assumptions here are that you have a compartment called lab-compartment, as well as an API Gateway lab-apigw in that same compartment as well as an API Deployment called MY_API_DEPL# on the API Gateway. We need to get references to these resources in order to create new resources in the right place.**
export REGION=$(oci iam region-subscription list | jq -r '.data[0]."region-name"')
export REGION_KEY=$(oci iam region-subscription list | jq -r '.data[0]."region-key"')
export USER_OCID=$(oci iam user list --all | jq -r '.data |sort_by(."time-created")| .[0]."id"')
export TENANCY_OCID=$(oci iam user list --all | jq -r '.data[0]."compartment-id"')
cs=$(oci iam compartment list)
export compartmentId=$(echo $cs | jq -r --arg display_name "lab-compartment" '.data | map(select(."name" == $display_name)) | .[0] | .id')
apigws=$(oci api-gateway gateway list -c $compartmentId)
export apiGatewayId=$(echo $apigws | jq -r --arg display_name "lab-apigw" '.data.items | map(select(."display-name" == $display_name)) | .[0] | .id')
depls=$(oci api-gateway deployment list -c $compartmentId)
deploymentEndpoint=$(echo $depls | jq -r --arg display_name "MY_API_DEPL_$LAB_ID" '.data.items | map(select(."display-name" == $display_name)) | .[0] | .endpoint')
apiDeploymentId=$(echo $depls | jq -r --arg display_name "MY_API_DEPL_$LAB_ID" '.data.items | map(select(."display-name" == $display_name)) | .[0] | .id')
vcns=$(oci network vcn list -c $compartmentId)
vcnId=$(echo $vcns | jq -r --arg display_name "vcn-lab" '.data | map(select(."display-name" == $display_name)) | .[0] | .id')
subnets=$(oci network subnet list -c $compartmentId --vcn-id $vcnId)
export subnetId=$(echo $subnets | jq -r --arg display_name "Public Subnet-vcn-lab" '.data | map(select(."display-name" == $display_name)) | .[0] | .id')
# get namespace
nss=$(oci os ns get)
export ns=$(echo $nss | jq -r '.data')
Update the context with the settings relevant for this workshop.
fn update context oracle.compartment-id $compartmentId
fn update context api-url https://functions.$REGION.oci.oraclecloud.com
fn update context registry ${REGION_KEY,,}.ocir.io/$ns/cloudlab-repo
fn update context oracle.profile FN
You can list the currently available Fn contexts again and see whether your changes had an effect (of course they did)
fn list contexts
Login Docker to OCI Container Registry
Next and finally, login to the private Docker Registry that is prepared for you on OCI.
The username you have to provide is composed of <tenancy-namespace>/<username>
.
NAMESPACE=$(oci os ns get| jq -r '.data')
USER_USERNAME=$(oci iam user list --all | jq -r '.data |sort_by(."time-created")| .[0]."name"')
echo "Username for logging in into Container Registry is $NAMESPACE/$USER_USERNAME"
The password is an Authentication Token generated for the specified user, in the OCI Tenancy preparation scenario. If you do not remember the authentication token, you can generate another one in the OCI Console: https://console.REGION.oraclecloud.com/identity/users/
echo "Open the console at https://console.${REGION,,}.oraclecloud.com/identity/users/$USER_OCID/swift-credentials"
Now you can perform the login. Type the username and press enter, then type or paste the authentication token and press enter again.
docker login ${REGION_KEY,,}.ocir.io
And now we are finally ready to create Functions on Oracle Cloud Infrastructure and expose them through OCI API Gateway.