- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Oracle Cloud Infrastructure (OCI) is an infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) used by enterprise-scale companies. It includes a full suite of over 30 managed services for hosting, storage, networking, databases, and more.
Use Datadog’s OCI integration to get full visibility into your OCI environment through metrics, logs, and resource data. This data enables you to power dashboards, helps with troubleshooting, and can be monitored for security and compliance posture.
Datadog’s OCI QuickStart is a fully managed, single-flow setup experience that helps you monitor your OCI infrastructure and applications in just a few clicks. OCI QuickStart creates the necessary infrastructure for forwarding metrics, logs, and resource data to Datadog, and automatically discovers new resources or OCI compartments for data collection.
Note: Only metrics are sent by default. Enable log collection and resource data collection from the Datadog OCI integration tile after completing this setup.
To set up the infrastructure for metric and log forwarding to Datadog:
The integration requires using Oracle Service Connector Hubs to forward data to Datadog. It is recommended that you request a service limit increase before completing the setup. The approximate number of Service Connector Hubs you need is:
$$\text"Service Connector Hubs" = \text"Number of compartments in tenancy" / \text"5"$$
Reach out through this form to request additional regions.
Return to the Datadog OCI integration tile and click Ready!
View oci.*
metrics in the OCI integration overview dashboard or Metrics Explorer page in Datadog.
oci.faas
namespace) and container instance metrics (oci_computecontainerinstance
namespace) are in Preview.After completing the setup, a configuration tab for the tenancy becomes available on the left side of the Datadog OCI integration tile. Apply tenancy-wide data collection configurations as outlined in the sections below.
On the General tab, select the regions for data collection from the Regions checkbox list. Region selections apply to the entire tenancy, for both metrics and logs.
Note: If you used the QuickStart setup method, and afterward subscribed to a new OCI region, reapply the initial setup stack in ORM. The new region then becomes available in the Datadog OCI tile.
Use the Metric collection and Log collection tabs to configure which metrics and logs are sent to Datadog:
key:value
format compartment tags. For example:datadog:monitored,env:prod*
includes compartments if either of these tags is present!env:staging,!testing
excludes compartments only if both tags are presentdatadog:monitored,!region:us-phoenix-1
includes compartments that both have the tag datadog:monitored
and do not have the tag region:us-phoenix-1
Notes:
On the Resource Collection tab of the Datadog OCI integration tile, click the Enable Resource Collection toggle. Resources are visible in the Datadog Resource Catalog.
To forward your OCI metrics to Datadog:
For a visual representation of this architecture, see the Architecture section.
Enter the OCID and home region of the tenancy you want to monitor in the Datadog OCI integration tile.
This Oracle Resource Manager (ORM) policy stack should only be deployed once per tenancy.
DatadogROAuthUser
DatadogROAuthUser
and click on the User resource that appears..pem
file in a text editor, or use a terminal command such as cat
to display the file’s contents.
b. Copy the entire contents, including -----BEGIN PRIVATE KEY-----
and -----END PRIVATE KEY-----
.REPOSITORY_READ
and REPOSITORY_UPDATE
permissions to pull and push images to a Docker repoNote: To verify the Docker registry login is correct, see Logging in to Oracle Cloud Infrastructure Registry.
The metric forwarding stack must be deployed for each combination of tenancy and region to be monitored. For the simplest setup, Datadog recommends creating all the necessary OCI resources with the Oracle Resource Manager (ORM) stack provided below. Alternatively, you can use your existing OCI networking infrastructure.
All resources created by Datadog’s ORM stack are deployed to the compartment specified, and for the region currently selected in the top right of the screen.
Create VCN
checked.If using an existing Virtual Cloud Network (VCN), the subnet’s OCID must be provided to the stack. Make sure that the VCN:
Create VCN
option and enter your VCN information:GENERIC_ARM
. Select GENERIC_X86
if deploying in a Japan region.Notes:
Use one of the methods below to send your OCI logs to Datadog:
The instructions below use the OCI portal to set up the integration.
data_log_group
for the name, and optionally provide a description and tags.For more information on OCI Logs, see Enabling Logging for a Resource.
func.py
with code from the Datadog OCI repofunc.yaml
with code from the Datadog OCI repo. DATADOG_TOKEN
and DATADOG_HOST
must be replaced with your Datadog API key and region logs intake linkrequirements.txt
with code from the Datadog OCI repoFor more information on OCI Object Storage, see Oracle’s Service Connector blog post.
The instructions below use the OCI portal to set up the integration.
For more information on OCI Logs, see Enabling Logging for a Resource.
For more information on OCI Object Storage, see Putting Data into Object Storage.
func.py
with code from the Datadog OCI repofunc.yaml
with code from the Datadog OCI repo. DATADOG_TOKEN
and DATADOG_HOST
must be replaced with your Datadog API key and region logs intake linkrequirements.txt
with code from the Datadog OCI repoFor more information on OCI Object Storage, see Getting Started with Events.
For each region monitored, this setup option creates the following infrastructure within that region to forward metrics and logs to Datadog:
dd-function-app
)dd-metrics-forwarder
)dd-logs-forwarder
)dd-vcn
) with secure networking infrastructure:dd-vcn-private-subnet
)dd-vcn-natgateway
) for external access to the internetdd-vcn-servicegateway
) for internal access to OCI servicesdatadog-vault
) to store the Datadog API keyDatadog
)All resources are tagged with ownedby = "datadog"
.
This setup option creates the following IAM resources to enable data forwarding to Datadog:
dd-svc
)dd-svc-admin
) that the service user belongs todd-dynamic-group-connectorhubs
) that includes all service connectors in the Datadog compartmentdd-dynamic-group-function
) that includes all functions in the Datadog compartmentdd-svc-policy
) to give the service user read access to the tenancy resources, as well as access to manage OCI Service Connector Hubs and OCI Functions in the compartment created and managed by Datadog- Allow dd-svc-admin to read all-resources in tenancy
- Allow dd-svc-admin to manage serviceconnectors in Datadog compartment
- Allow dd-svc-admin to manage functions-family in Datadog compartment with specific permissions:
* FN_FUNCTION_UPDATE
* FN_FUNCTION_LIST
* FN_APP_LIST
- Endorse dd-svc-admin to read objects in tenancy usage-report
dd-dynamic-group-policy
to enable the service connectors to read data (logs and metrics) and interact with functions. This policy also allows the functions to read secrets in the Datadog compartment (the Datadog API and application keys stored in the KMS vault) - Allow dd-dynamic-group-connectorhubs to read log-content in tenancy
- Allow dd-dynamic-group-connectorhubs to read metrics in tenancy
- Allow dd-dynamic-group-connectorhubs to use fn-function in Datadog compartment
- Allow dd-dynamic-group-connectorhubs to use fn-invocation in Datadog compartment
- Allow dd-dynamic-group-functions to read secret-bundles in Datadog compartment
This setup option creates an OCI connector hub, function app, and secure networking infrastructure to forward OCI metrics to Datadog. The ORM stack for these resources creates a function container repository for the region in the tenancy, and the Docker image is pushed to it to be used by the function.
This setup option creates:
resource.type = 'serviceconnectors'
, to enable access to the connector hubDatadogAuthWriteUser
is added to, for pushing images through policy accessAllow dynamic-group Default/<GROUP_NAME> to read metrics in tenancy
Allow dynamic-group Default/<GROUP_NAME> to use fn-function in tenancy
Allow dynamic-group Default/<GROUP_NAME> to use fn-invocation in tenancy
Allow group Default/<USER_GROUP_NAME> to read all-resources in tenancy
Allow group Default/<WRITE_USER_GROUP_NAME> to manage repos in tenancy where ANY {request.permission = 'REPOSITORY_READ', request.permission = 'REPOSITORY_UPDATE', request.permission = 'REPOSITORY_CREATE'}
For a detailed list of metrics, select the appropriate OCI service in the metric namespace section.
The OCI integration does not include any service checks.
The OCI integration does not include any events.
Need help? Contact Datadog support.
Additional helpful documentation, links, and articles: