Difficulty: intermediate
Estimated Time: 40 minutes

In this scenario you will create a Node JS application that creates files on OCI Object Storage. Then you will turn this application into a Function and deploy that function to Oracle Cloud Infrastructure. Next, you will expose this File Writer Function through API Gateway for public access. Finally, you will create, deploy and invoke a second function - RSSFeed Reader - that writes RSS Feed contents through FileWriter to OCI Object Storage.

You will use the OCI Console to verify the update of your API Deployment and to monitor the calls to API Gateway and check the creation of files on OCI Object Storage.

The scenario uses an Ubuntu 19.04 environment with Docker, OCI CLI and Fn CLI. Before you can start the steps in the scenario, the two Command Line interfaces are downloaded and installed. This will take about one minute. You will need Postman as well, if you want to invoke the API Gateway directly from your computer.

The scenario expects a number of preparations:

  • you already have deployed a function called hello# in an application called lab# where # is a number (either 1 or a number assigned to you in a workshop); the function app and function are in an OCI compartment lab-compartment. (this is part of the Functions on OCI scenario)
  • an API Gateway already has been provided in compartment lab-compartment with permissions to access functions in this compartment; the API Gateway is associated with a public subnet (this is part of the OCI Tenancy Preparation Scenario)
  • there is already an API Deployment on the API Gateway - called MY_API_DEPL#

Note: it is assumed that you prepared an OCI tenancy using the Katacoda scenario Preparation of Cloud Trial tenancy for REAL OCI scenarios. This preparation will have created the VCN you need for running functions in OCI as well as the lab-compartment in which the functions are created. Additionally, you should have created a key pair in this scenario and prepared the contents of the config and oci_api_key.pem files. If you have not gone through this OCI tenancy preparation, please do so before continuing with this scenario. You also need an Auth Token to login to the OCIR Container Registry; this too is created in the preparation scenario and used in the Function on OCI scenario.

The scenario was prepared for the Meetup Workshop Cloud Native application development on Oracle Cloud Infrastructure on January 20th, hosted by AMIS|Conclusion in Nieuwegein in collaboration with REAL (the Red Expert Alliance) and Link from Portugal. The scenario was updated for the REAL OCI Handson Webinar Series that started in June 2020.

Function on OCI to read RSS Feed and pass it to second Function (via API Gateway) to write to Object Storage

Functions, Object Storage and API Gateway on Oracle Cloud Infrastructure

Step 1 of 5

Step 1 - Prepare Environment Settings, Fn and OCI CLI

Wait for OCI CLI and Fn CLI to be installed

Execute the following command to install the OCI CLI:

curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh > install-oci-cli.sh
chmod +777 install-oci-cli.sh
sudo ./install-oci-cli.sh --accept-all-defaults

# add this line to ~/.profile - to make oci a recognized shell command
echo 'oci() { /root/bin/oci "[email protected]"; }' >> ~/.profile
# reload ~/.profile
. /root/.profile
# now oci is recognized as a command

# get workshop resource into scenario

git clone https://github.com/AMIS-Services/oracle-cloud-native-meetup-20-january-2020

You need to provide details on the OCI tenancy you will work in and the OCI user you will work as. Please open the IDE tab and edit these two files:

  • ~/.oci/config
  • ~/.oci/oci_api_key.pem

Paste the contents that you prepared in the OCI Tenancy preparation scenario.

Set the environment variable LAB_ID to 1 - unless you are in a workshop with multiple participants and each uses their own number.

export LAB_ID=1

Do not continue until you see the file /root/allSetInBackground appear. If it appears, then the OCI CLI has been installed and you can continue.

Try out the following command to get a list of all namespaces you currently have access to - based on the OCI Configuration defined above.

oci os ns get

If you get a proper response, the OCI is configured correctly and you can proceed. If you run into an error, ask for help from your instructor.

You need to perform one more edit action on file ~/.oci/config. Open this file in the editor. Copy the entire contents and paste it below the current contents. Now change [DEFAULT] to [FN] in the duplicate block. The file will now look something like:

[DEFAULT]
user=ocid1.user.oc1..aaaaaaaazr7eselv5q
fingerprint=fd:db:13:bd:31
tenancy=ocid1.tenancy.oc1..aaaaaaaaggg6okq
region=us-ashburn-1
key_file=/root/.oci/oci_api_key.pem
[FN]
user=ocid1.user.oc1..aaaaaaaazr7eselv5q
fingerprint=fd:db:13:bd:31
tenancy=ocid1.tenancy.oc1..aaaaaaaaggg6okq
region=us-ashburn-1
key_file=/root/.oci/oci_api_key.pem

Environment Preparation

Check the installed version of Fn CLI. Note: we do not need the Fn server at this stage.

fn version

Configure and set remote context

List the currently available Fn contexts

fn list contexts

Create an appropriate Fn context for working with OCI as provider (see OCI Docs on Functions).

fn create context lab-fn-context --provider oracle

fn use context lab-fn-context

Prepare a number of environment variables. Note: the assumptions here are that you have a compartment called lab-compartment, as well as an API Gateway lab-apigw in that same compartment as well as an API Deployment called MY_API_DEPL# on the API Gateway. We need to get references to these resources in order to create new resources in the right place.

export REGION=$(oci iam region-subscription list | jq -r '.data[0]."region-name"')
export REGION_KEY=$(oci iam region-subscription list | jq -r '.data[0]."region-key"')
export USER_OCID=$(oci iam user list --all | jq -r  '.data |sort_by(."time-created")| .[0]."id"')
export TENANCY_OCID=$(oci iam user list --all | jq -r  '.data[0]."compartment-id"') 
cs=$(oci iam compartment list)
export compartmentId=$(echo $cs | jq -r --arg display_name "lab-compartment" '.data | map(select(."name" == $display_name)) | .[0] | .id')

apigws=$(oci api-gateway gateway list -c $compartmentId)
export apiGatewayId=$(echo $apigws | jq -r --arg display_name "lab-apigw" '.data.items | map(select(."display-name" == $display_name)) | .[0] | .id')
depls=$(oci api-gateway deployment list -c $compartmentId)
deploymentEndpoint=$(echo $depls | jq -r --arg display_name "MY_API_DEPL_$LAB_ID" '.data.items | map(select(."display-name" == $display_name)) | .[0] | .endpoint')
apiDeploymentId=$(echo $depls | jq -r --arg display_name "MY_API_DEPL_$LAB_ID" '.data.items | map(select(."display-name" == $display_name)) | .[0] | .id')
# get namespace
nss=$(oci os ns get)
export ns=$(echo $nss | jq -r '.data')

Update the context with the settings relevant for this workshop.

fn update context oracle.compartment-id $compartmentId

fn update context api-url https://functions.$REGION.oci.oraclecloud.com

fn update context registry ${REGION_KEY,,}.ocir.io/$ns/cloudlab-repo

fn update context oracle.profile FN

You can list the currently available Fn contexts again and see whether your changes had an effect (of course they did)

fn list contexts

Login Docker to OCI Container Registry

Next and finally, login to the private Docker Registry that is prepared for you on OCI.

The username you have to provide is composed of <tenancy-namespace>/<username>.

NAMESPACE=$(oci os ns get| jq -r  '.data')
USER_USERNAME=$(oci iam user list --all | jq -r  '.data |sort_by(."time-created")| .[0]."name"')
echo "Username for logging in into Container Registry is $NAMESPACE/$USER_USERNAME"

The password is an Authentication Token generated for the specified user, in the OCI Tenancy preparation scenario. If you do not remember the authentication token, you can generate another one in the OCI Console: https://console.REGION.oraclecloud.com/identity/users//swift-credentials or using the instructions in the preparation scenario.

echo "Open the console at https://console.${REGION,,}.oraclecloud.com/identity/users/$USER_OCID/swift-credentials"

Now you can perform the login. Type the username and press enter, then type or paste the authentication token and press enter again.

docker login ${REGION_KEY,,}.ocir.io

And now we are finally ready to create Functions on Oracle Cloud Infrastructure and expose them through OCI API Gateway.