{"id":942,"date":"2026-04-17T05:26:09","date_gmt":"2026-04-17T05:26:09","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-cluster-placement-groups-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-networking-edge-and-connectivity\/"},"modified":"2026-04-17T05:26:09","modified_gmt":"2026-04-17T05:26:09","slug":"oracle-cloud-cluster-placement-groups-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-networking-edge-and-connectivity","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-cluster-placement-groups-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-networking-edge-and-connectivity\/","title":{"rendered":"Oracle Cloud Cluster Placement Groups Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Networking, Edge, and Connectivity"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Category<\/h2>\n\n\n\n<p>Networking, Edge, and Connectivity<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction<\/h2>\n\n\n\n<p><strong>What this service is<\/strong><br\/>\nIn Oracle Cloud (OCI), <strong>Cluster Placement Groups<\/strong> help you place compute instances physically closer together inside Oracle\u2019s infrastructure to improve <strong>east\u2013west network performance<\/strong> (instance-to-instance traffic) for latency-sensitive or bandwidth-heavy workloads.<\/p>\n\n\n\n<p><strong>Simple explanation (one paragraph)<\/strong><br\/>\nIf your application has multiple servers that constantly talk to each other\u2014like an HPC job, a distributed cache, a big analytics pipeline, or a microservices backend\u2014Cluster Placement Groups increase the chance those servers land near each other in the same data center area. That typically results in <strong>lower latency, higher throughput, and more consistent network behavior<\/strong> between instances.<\/p>\n\n\n\n<p><strong>Technical explanation (one paragraph)<\/strong><br\/>\nA Cluster Placement Group is a placement policy object in OCI that influences how the Compute service schedules instances onto physical hosts within an <strong>Availability Domain (AD)<\/strong>. When you launch compatible instances into a Cluster Placement Group, OCI attempts to place them in close network proximity (subject to capacity and shape availability). This improves the performance characteristics of intra-cluster communication compared to \u201crandom\u201d placement, while still using standard OCI primitives like VCNs, subnets, private IPs, and security lists\/NSGs.<\/p>\n\n\n\n<p><strong>What problem it solves<\/strong><br\/>\nMany distributed systems suffer when cluster members are spread across distant parts of a data center (or across racks\/segments with more hops). Even if you size compute correctly, <strong>east\u2013west network latency and jitter<\/strong> can become the bottleneck. Cluster Placement Groups address that by making placement more topology-aware\u2014without requiring you to manage physical hardware placement yourself.<\/p>\n\n\n\n<blockquote>\n<p>Important scope note (honesty about categorization): In OCI, Cluster Placement Groups are primarily a <strong>Compute placement<\/strong> feature, but they are commonly used to achieve <strong>networking performance objectives<\/strong>, which is why they fit the \u201cNetworking, Edge, and Connectivity\u201d conversation for architecture and design.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">2. What is Cluster Placement Groups?<\/h2>\n\n\n\n<p><strong>Official purpose<\/strong><br\/>\nCluster Placement Groups are designed to <strong>optimize the physical placement<\/strong> of instances for workloads that benefit from <strong>low-latency and high-throughput<\/strong> communication between those instances.<\/p>\n\n\n\n<p>Because OCI product pages and navigation can evolve, <strong>verify the latest \u201cCluster Placement Groups\u201d documentation<\/strong> in the official OCI docs search:<br\/>\nhttps:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Search\/search.htm?search=Cluster%20Placement%20Groups<\/p>\n\n\n\n<p><strong>Core capabilities<\/strong>\n&#8211; Create a <strong>Cluster Placement Group<\/strong> in a compartment.\n&#8211; Scope the group to an <strong>Availability Domain<\/strong> (typical design) to influence locality.\n&#8211; Launch compatible <strong>Compute instances<\/strong> into the group.\n&#8211; Manage lifecycle: list, update metadata\/tags, and delete the placement group (constraints apply if instances still reference it).<\/p>\n\n\n\n<p><strong>Major components<\/strong>\n&#8211; <strong>Cluster Placement Group resource<\/strong>: a control-plane object that represents your desired placement policy.\n&#8211; <strong>Compute instances<\/strong>: VM or bare metal instances (shape-dependent) that you launch into the group.\n&#8211; <strong>Availability Domain boundary<\/strong>: placement locality is typically only meaningful <em>within an AD<\/em> (verify the exact scoping in docs for your region).<\/p>\n\n\n\n<p><strong>Service type<\/strong>\n&#8211; A <strong>control-plane placement policy<\/strong> for the OCI Compute scheduler (not a data-plane networking service by itself).<\/p>\n\n\n\n<p><strong>Scope: regional\/global\/zonal\/etc.<\/strong>\n&#8211; OCI is organized as <strong>Regions<\/strong> containing one or more <strong>Availability Domains<\/strong> (ADs).\n&#8211; Cluster Placement Groups are generally <strong>region resources<\/strong> but <strong>associated to a specific AD<\/strong> for placement locality (verify exact behavior and constraints in your region).\n&#8211; They are <strong>compartment-scoped<\/strong> from an IAM perspective (created inside a compartment, controlled by policies).<\/p>\n\n\n\n<p><strong>How it fits into the Oracle Cloud ecosystem<\/strong>\nCluster Placement Groups complement:\n&#8211; <strong>Oracle Cloud Infrastructure (OCI) Compute<\/strong>: Instances that need predictable inter-node performance.\n&#8211; <strong>OCI Networking (VCN)<\/strong>: Communication still flows through VCN subnets, route tables, NSGs, and security lists. Placement groups change <em>where<\/em> instances land physically, not how packets are routed logically.\n&#8211; <strong>HPC \/ distributed systems patterns<\/strong>: Often combined with HPC shapes, RDMA-enabled shapes, or cluster-style deployments (verify which shapes support which networking features).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Why use Cluster Placement Groups?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Business reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Faster time-to-results<\/strong> for analytics\/HPC workloads: reduced communication overhead means jobs finish sooner.<\/li>\n<li><strong>More predictable performance<\/strong> for customer-facing services that depend on internal RPC calls.<\/li>\n<li><strong>Better infrastructure efficiency<\/strong>: reduce overprovisioning done solely to compensate for network variability.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Technical reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Lower intra-cluster latency<\/strong>: fewer network hops and better locality often reduces RTT and jitter.<\/li>\n<li><strong>Higher east\u2013west throughput<\/strong>: distributed workloads may see improved bandwidth between nodes.<\/li>\n<li><strong>Reduced tail latency<\/strong>: performance consistency can be as important as average latency.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Simpler than manual placement<\/strong>: you don\u2019t need to reason about racks\/hosts; OCI does the best-effort placement.<\/li>\n<li><strong>Repeatability<\/strong>: building a cluster becomes more deterministic when placement is intentional.<\/li>\n<li><strong>Easier scaling<\/strong>: add more nodes while preserving the \u201ccluster\u201d intention (subject to capacity).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/compliance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>No special security exposure<\/strong> required: you can keep instances private; placement groups do not require public IPs.<\/li>\n<li>Helps maintain <strong>controlled blast radius<\/strong> patterns when combined with compartments, tagging, and security zones (where applicable).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scalability\/performance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Improves performance for:<\/li>\n<li>Distributed compute frameworks<\/li>\n<li>Microservices with high internal call volume<\/li>\n<li>Replicated datastores needing fast replication\/consensus<\/li>\n<li>Caches, messaging, and streaming systems<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should choose it<\/h3>\n\n\n\n<p>Choose Cluster Placement Groups when:\n&#8211; Instance-to-instance traffic is heavy and performance-sensitive.\n&#8211; You operate a tightly-coupled cluster (HPC, MPI-like patterns, distributed training, etc.).\n&#8211; You see significant <strong>east\u2013west latency\/jitter variance<\/strong> in benchmarks.\n&#8211; You want better results without redesigning networking.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should not choose it<\/h3>\n\n\n\n<p>Avoid (or deprioritize) Cluster Placement Groups when:\n&#8211; Your workload is <strong>not network-bound<\/strong> (CPU, disk, or external dependencies dominate).\n&#8211; You need <strong>high availability via physical separation<\/strong> more than performance (placing everything close together may concentrate risk).\n&#8211; Your required instance shapes\/regions do <strong>not support<\/strong> placement groups or have limited capacity.\n&#8211; You are building a multi-AD active\/active design where <strong>cross-AD<\/strong> latency is acceptable and resilience matters more.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">4. Where is Cluster Placement Groups used?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Industries<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Financial services (risk analytics, pricing engines, low-latency internal services)<\/li>\n<li>Media and entertainment (render farms, transcoding pipelines)<\/li>\n<li>Telecom and network analytics<\/li>\n<li>Research and education (HPC)<\/li>\n<li>SaaS providers operating microservices at scale<\/li>\n<li>Retail\/e-commerce (high traffic, low latency internal APIs)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Team types<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Platform engineering teams building standardized cluster blueprints<\/li>\n<li>SRE\/operations teams tuning performance and consistency<\/li>\n<li>Data engineering teams running distributed compute<\/li>\n<li>HPC admins\/scientific computing teams<\/li>\n<li>DevOps teams building CI performance test clusters<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Workloads<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>HPC clusters and tightly coupled parallel jobs<\/li>\n<li>Distributed caches (e.g., sharded key-value stores)<\/li>\n<li>Distributed databases and consensus systems<\/li>\n<li>Large microservices meshes with chatty internal traffic<\/li>\n<li>Distributed build\/test systems<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Architectures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>N-tier apps with heavy service-to-service communication<\/li>\n<li>Stateful clusters with replication<\/li>\n<li>Batch compute clusters with frequent shuffle\/exchange traffic<\/li>\n<li>Kubernetes worker pools (where node-to-node traffic is meaningful), <strong>if<\/strong> the underlying instances can be placed into the group (verify your provisioning method and OCI CNI implications)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Real-world deployment contexts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Production<\/strong>: latency-sensitive clusters, replicated state, high throughput pipelines<\/li>\n<li><strong>Dev\/Test<\/strong>: performance baselines, load testing, capacity planning\u2014often smaller scale to validate gains before production rollout<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Top Use Cases and Scenarios<\/h2>\n\n\n\n<p>Below are realistic scenarios where Cluster Placement Groups commonly help.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) HPC MPI-style compute cluster<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: MPI workloads spend significant time communicating; latency dominates.<\/li>\n<li><strong>Why this service fits<\/strong>: close placement reduces network hops and variance.<\/li>\n<li><strong>Example<\/strong>: A research team launches 32 compute nodes into one Cluster Placement Group inside a single AD for a week-long simulation run.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Distributed data processing shuffle stage optimization<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Big data frameworks (shuffle\/exchange) require huge east\u2013west throughput.<\/li>\n<li><strong>Why it fits<\/strong>: improved locality can raise throughput and stabilize runtime.<\/li>\n<li><strong>Example<\/strong>: A Spark-style pipeline sees unpredictable shuffle times; the team pins workers into a placement group to reduce tail latency.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Low-latency microservices backend<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: A high-traffic API fans out to many internal services; p99 latency is high.<\/li>\n<li><strong>Why it fits<\/strong>: tighter placement can reduce internal RPC latency.<\/li>\n<li><strong>Example<\/strong>: A checkout service calls inventory, pricing, and fraud services; co-locating the service tier helps reduce p99.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Distributed cache cluster (sharded + replicated)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Cache replication and rebalancing cause latency spikes.<\/li>\n<li><strong>Why it fits<\/strong>: replication traffic benefits from low latency.<\/li>\n<li><strong>Example<\/strong>: A Redis-like sharded cache runs rebalancing frequently; placement groups reduce the time and impact of re-sharding.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) High-throughput messaging\/streaming cluster<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Brokers replicate partitions; network becomes a bottleneck.<\/li>\n<li><strong>Why it fits<\/strong>: broker-to-broker replication is east\u2013west heavy.<\/li>\n<li><strong>Example<\/strong>: A Kafka-like cluster is deployed; brokers are launched into a placement group to reduce replication lag.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Distributed database quorum\/consensus improvement<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Consensus round-trips (leader election, commits) increase latency.<\/li>\n<li><strong>Why it fits<\/strong>: lower RTT improves commit time (though resilience tradeoffs apply).<\/li>\n<li><strong>Example<\/strong>: A 3\u20135 node etcd\/consensus layer is co-located for performance; app layer remains more distributed.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Real-time analytics and feature store<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Feature computation services do frequent internal reads\/writes.<\/li>\n<li><strong>Why it fits<\/strong>: lower internal latency improves real-time SLA.<\/li>\n<li><strong>Example<\/strong>: Online feature serving uses multiple stateless nodes plus a replicated in-memory store; co-location improves end-to-end time.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) CI\/CD distributed build farm<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Build cache and artifact distribution cause slow builds.<\/li>\n<li><strong>Why it fits<\/strong>: build workers talk heavily; co-location speeds artifact exchange.<\/li>\n<li><strong>Example<\/strong>: A company spins up ephemeral build clusters inside a placement group during peak hours.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">9) Distributed training (parameter exchange heavy)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Gradient\/parameter exchange saturates network and adds latency.<\/li>\n<li><strong>Why it fits<\/strong>: improved locality can reduce synchronization overhead (shape\/network-feature dependent; verify GPU\/HPC support).<\/li>\n<li><strong>Example<\/strong>: A multi-node training run uses instances launched in the same placement group to reduce step time.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">10) Stateful game server fleet (zone servers)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Zone servers exchange state rapidly; jitter causes user-visible lag.<\/li>\n<li><strong>Why it fits<\/strong>: low-latency internal communication helps.<\/li>\n<li><strong>Example<\/strong>: A game backend keeps zone servers in one placement group per shard to stabilize tick times.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">11) Network function virtualization (NFV) service chain (internal hops)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Virtualized network functions add hop latency; service chaining is sensitive.<\/li>\n<li><strong>Why it fits<\/strong>: co-location reduces internal chain latency (verify licensing\/shape requirements).<\/li>\n<li><strong>Example<\/strong>: A telecom workload chains packet processing functions; placement groups reduce internal hops.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">12) Benchmarking and performance baselining<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Hard to reproduce performance results because placement changes.<\/li>\n<li><strong>Why it fits<\/strong>: consistent intent improves reproducibility.<\/li>\n<li><strong>Example<\/strong>: SRE runs weekly baseline tests with identical instance counts in a placement group to detect regressions.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">6. Core Features<\/h2>\n\n\n\n<blockquote>\n<p>The exact feature list can vary by region, shape, and OCI release. Always confirm in the official docs for <strong>Cluster Placement Groups<\/strong>:<br\/>\nhttps:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Search\/search.htm?search=Cluster%20Placement%20Groups<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 1: Placement intent for close instance proximity<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: tells OCI\u2019s scheduler you want instances placed near one another.<\/li>\n<li><strong>Why it matters<\/strong>: network performance between nodes often improves.<\/li>\n<li><strong>Practical benefit<\/strong>: lower RTT\/jitter; better throughput for east\u2013west traffic.<\/li>\n<li><strong>Caveats<\/strong>: best-effort and capacity-dependent; not a hard guarantee.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 2: Availability Domain\u2013aligned grouping (typical)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: keeps cluster placement within a locality boundary (commonly an AD).<\/li>\n<li><strong>Why it matters<\/strong>: physical proximity is meaningful within an AD; cross-AD is inherently farther.<\/li>\n<li><strong>Practical benefit<\/strong>: predictable locality domain for cluster design.<\/li>\n<li><strong>Caveats<\/strong>: reduces fault isolation vs spreading across ADs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 3: Integration with standard instance provisioning<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: you can launch instances \u201cinto\u201d a Cluster Placement Group during instance creation.<\/li>\n<li><strong>Why it matters<\/strong>: no separate data-plane; you keep using normal VCN\/subnet\/IP patterns.<\/li>\n<li><strong>Practical benefit<\/strong>: minimal changes to IaC; just add a placement group reference.<\/li>\n<li><strong>Caveats<\/strong>: provisioning flows differ by tool (Console, Terraform, OCI CLI\/SDK). Verify fields in your tool version.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 4: Compartment-level governance via IAM and tagging<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: placement groups are IAM-controlled resources; can be tagged.<\/li>\n<li><strong>Why it matters<\/strong>: enforce who can create\/attach placement groups; track costs by tags.<\/li>\n<li><strong>Practical benefit<\/strong>: consistent governance and auditability.<\/li>\n<li><strong>Caveats<\/strong>: ensure policies include both placement group and instance permissions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 5: Lifecycle management (create\/list\/delete)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: manage placement group resources as first-class objects.<\/li>\n<li><strong>Why it matters<\/strong>: supports repeatable cluster deployments.<\/li>\n<li><strong>Practical benefit<\/strong>: standardized \u201ccluster\u201d building block.<\/li>\n<li><strong>Caveats<\/strong>: deletion may require removing\/detaching or terminating instances first (verify exact constraints).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 6: Works with performance testing and observability workflows<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: enables consistent placement intent so performance tests are comparable.<\/li>\n<li><strong>Why it matters<\/strong>: reduces \u201cplacement noise\u201d in benchmarks.<\/li>\n<li><strong>Practical benefit<\/strong>: more stable baselines for SRE and capacity planning.<\/li>\n<li><strong>Caveats<\/strong>: you still need to measure and validate; results vary.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">7. Architecture and How It Works<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">High-level service architecture<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Control plane<\/strong>: You create a Cluster Placement Group (CPG) resource in a compartment, typically selecting an AD.<\/li>\n<li><strong>Compute scheduler<\/strong>: When you launch instances referencing that CPG, the scheduler attempts to co-locate them.<\/li>\n<li><strong>Data plane<\/strong>: Instances communicate via OCI VCN networking exactly as they normally would (subnets, private IPs, NSGs\/security lists, route tables).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Request\/control flow<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Admin creates a Cluster Placement Group in OCI.<\/li>\n<li>Admin launches instances and specifies the placement group.<\/li>\n<li>OCI attempts to place instances in close proximity (subject to available capacity).<\/li>\n<li>Instances boot and communicate over the VCN.<\/li>\n<li>Operators validate performance using benchmarking tools (ping, iperf3, application metrics).<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Integrations with related services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>OCI Compute<\/strong>: provisioning and instance lifecycle.<\/li>\n<li><strong>OCI Networking (VCN)<\/strong>: subnets, route tables, NSGs, security lists.<\/li>\n<li><strong>OCI IAM<\/strong>: policies controlling who can create CPGs and launch instances.<\/li>\n<li><strong>OCI Monitoring<\/strong>: instance metrics; network metrics where available.<\/li>\n<li><strong>OCI Logging\/Audit<\/strong>: track API calls and changes.<\/li>\n<li><strong>Terraform \/ Resource Manager<\/strong>: infrastructure-as-code (verify current resource support in the OCI Terraform provider).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Dependency services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>VCN and subnet (for instance networking)<\/li>\n<li>Instance images (Oracle Linux, Ubuntu, etc.)<\/li>\n<li>Shape capacity in your chosen AD<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/authentication model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI IAM: users\/groups dynamic groups, policies.<\/li>\n<li>API requests are signed (OCI CLI\/SDK); Console uses OCI auth.<\/li>\n<li>Use least privilege: separate \u201cnetwork admin\u201d, \u201ccompute admin\u201d, and \u201ccluster operator\u201d roles where practical.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Networking model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Placement groups do <strong>not<\/strong> replace VCN design.<\/li>\n<li>Use private subnets for internal cluster traffic when possible.<\/li>\n<li>Use NSGs for fine-grained east\u2013west rules.<\/li>\n<li>If measuring performance, prefer <strong>private IP-to-private IP<\/strong> tests to avoid external routing.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Audit logs<\/strong>: track create\/update\/delete of CPG and instance launches.<\/li>\n<li><strong>Instance metrics<\/strong>: CPU, memory (if agent), network bytes\/packets (shape-dependent).<\/li>\n<li><strong>Tagging<\/strong>: tag placement group and instances (cost tracking, ownership).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Simple architecture diagram (Mermaid)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart LR\n  user[Operator \/ IaC Pipeline] --&gt;|Create| cpg[Cluster Placement Group (AD-scoped)]\n  user --&gt;|Launch into CPG| instA[Instance A]\n  user --&gt;|Launch into CPG| instB[Instance B]\n  instA &lt;--&gt;|Low-latency east-west traffic| instB\n  subgraph OCI Region\n    subgraph Availability Domain\n      cpg\n      instA\n      instB\n    end\n  end\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Production-style architecture diagram (Mermaid)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart TB\n  subgraph OCI_Region[OCI Region]\n    subgraph AD1[Availability Domain 1]\n      subgraph VCN1[VCN: prod-vcn]\n        subgraph PrivateSubnet[Private Subnet: app-cluster-subnet]\n          CPG[Cluster Placement Group]\n          A1[App Node 1]\n          A2[App Node 2]\n          A3[App Node 3]\n        end\n        subgraph DBSubnet[Private Subnet: data-subnet]\n          DB[(Managed DB or DB VM)]\n        end\n        NSG1[NSG: app-cluster-nsg]\n        A1---NSG1\n        A2---NSG1\n        A3---NSG1\n      end\n      Bastion[Bastion Host \/ OCI Bastion Service]\n    end\n\n    Observability[Monitoring + Logging + Audit]\n    IAM[IAM Policies \/ Compartments]\n  end\n\n  Users[Admins\/CI] --&gt; IAM\n  Users --&gt;|SSH via Bastion| Bastion\n  Bastion --&gt; A1\n  Bastion --&gt; A2\n  Bastion --&gt; A3\n\n  A1 &lt;--&gt;|east-west| A2\n  A2 &lt;--&gt;|east-west| A3\n  A1 --&gt;|north-south| DB\n  A2 --&gt;|north-south| DB\n  A3 --&gt;|north-south| DB\n\n  A1 --&gt; Observability\n  A2 --&gt; Observability\n  A3 --&gt; Observability\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">8. Prerequisites<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Tenancy and account requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An active <strong>Oracle Cloud<\/strong> tenancy with permissions to create and manage compute\/network resources.<\/li>\n<li>Access to a <strong>Region<\/strong> that supports the required compute shapes and Cluster Placement Groups (availability varies; verify in official docs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Permissions \/ IAM policies<\/h3>\n\n\n\n<p>At minimum, you typically need permissions to:\n&#8211; Manage Cluster Placement Groups (resource type name can vary in policy language; <strong>verify in official IAM docs<\/strong>).\n&#8211; Launch and manage compute instances.\n&#8211; Manage VCN\/subnet\/NSG (or have these pre-created by a network admin).<\/p>\n\n\n\n<p>Because OCI IAM policy verbs and resource types are strict, use the official policy reference and search for the exact resource name:\n&#8211; OCI IAM docs: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Identity\/home.htm\n&#8211; Docs search for CPG policies: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Search\/search.htm?search=cluster%20placement%20group%20policy<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Billing requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cluster Placement Groups typically have <strong>no direct line-item cost<\/strong>, but the instances you launch do.<\/li>\n<li>You need a payment method or credits sufficient for the compute shapes you choose.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Tools (optional but recommended)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI Console (web UI)<\/li>\n<li>OCI CLI: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/Concepts\/cliconcepts.htm<\/li>\n<li>SSH client<\/li>\n<li>(Optional) <code>iperf3<\/code> and <code>ping<\/code> inside instances<\/li>\n<li>(Optional) Terraform + OCI provider (verify the provider supports CPG resources in your version)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Region availability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Placement groups and supported shapes can be region- and AD-dependent. <strong>Verify in official docs<\/strong> and your Console\u2019s shape availability for your AD.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas\/limits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Compute service limits (instances, cores, specific shapes).<\/li>\n<li>Placement group limits (count per compartment\/AD) may exist\u2014<strong>verify in Limits, Quotas and Usage<\/strong>:<\/li>\n<li>Limits overview: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/General\/Concepts\/servicelimits.htm<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisite services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A <strong>VCN<\/strong> with at least one subnet for your instances.<\/li>\n<li>Security controls (NSGs\/security lists).<\/li>\n<li>(Optional) OCI Bastion service for secure SSH access without public IPs.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">9. Pricing \/ Cost<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Current pricing model (accurate framing)<\/h3>\n\n\n\n<p><strong>Cluster Placement Groups are generally a placement\/control feature and are not typically billed as a separate metered service.<\/strong> The primary costs come from:\n&#8211; Compute instances (OCPU, memory)\n&#8211; Boot volumes and block storage\n&#8211; Network egress (data leaving OCI to the internet or to other regions)\n&#8211; Any load balancers, bastion, or other supporting services you deploy<\/p>\n\n\n\n<p>Because OCI pricing varies by region and resource type, do not rely on fixed numbers in third-party articles. Use official sources:\n&#8211; OCI pricing page: https:\/\/www.oracle.com\/cloud\/price-list\/\n&#8211; OCI cost estimator: https:\/\/www.oracle.com\/cloud\/costestimator.html (availability\/features may vary)\n&#8211; Compute pricing pages (region-specific): start from https:\/\/www.oracle.com\/cloud\/ and navigate to pricing for Compute<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing dimensions to understand<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Instance hours<\/strong>: billed per second\/minute\/hour depending on OCI pricing rules (check your shape and pricing details).<\/li>\n<li><strong>Shape type<\/strong>: VM vs bare metal; GPU\/HPC shapes cost more.<\/li>\n<li><strong>OCPU and memory<\/strong>: some shapes allow flexible sizing (Flex).<\/li>\n<li><strong>Boot volume<\/strong>: size and performance tier.<\/li>\n<li><strong>Block volumes<\/strong>: additional storage, performance units.<\/li>\n<li><strong>Public IP and egress<\/strong>: inbound is usually free; outbound internet egress is typically billed (verify).<\/li>\n<li><strong>Cross-region traffic<\/strong>: often billed.<\/li>\n<li><strong>Load balancer<\/strong>: billed by bandwidth and hourly usage.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Free tier considerations<\/h3>\n\n\n\n<p>OCI has an Always Free tier, but <strong>Always Free shapes may not support Cluster Placement Groups<\/strong> (shape support is the critical constraint). Treat Always Free as:\n&#8211; Great for learning OCI basics\n&#8211; Not guaranteed for placement-group performance labs<\/p>\n\n\n\n<p>Verify Always Free details:\n&#8211; https:\/\/www.oracle.com\/cloud\/free\/<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Cost drivers (direct and indirect)<\/h3>\n\n\n\n<p><strong>Direct<\/strong>\n&#8211; Number of instances in the group\n&#8211; Shape selection (network capabilities often increase with higher-end shapes)\n&#8211; Time running (leave clusters running = biggest cost driver)<\/p>\n\n\n\n<p><strong>Indirect<\/strong>\n&#8211; Benchmark tooling and test duration (keeping extra test nodes alive)\n&#8211; Logs and monitoring retention\n&#8211; Additional network services (NAT gateway, load balancer, bastion)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Network\/data transfer implications<\/h3>\n\n\n\n<p>Cluster Placement Groups aim to improve <strong>east\u2013west<\/strong> performance inside a region\/AD. Typically:\n&#8211; <strong>Intra-VCN traffic<\/strong> is not charged the same as internet egress, but pricing rules can be nuanced\u2014verify for your case.\n&#8211; Data leaving the region (internet egress, cross-region replication) is the usual \u201csurprise\u201d cost area.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How to optimize cost<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keep labs short-lived; automate <strong>cleanup<\/strong>.<\/li>\n<li>Start with the minimum number of nodes (2\u20133) to validate benefits.<\/li>\n<li>Use smaller shapes that still support CPGs (verify supported shapes).<\/li>\n<li>Use private subnets and a bastion; avoid public IPs unless necessary.<\/li>\n<li>Tag resources and use budgets\/alerts for governance.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Example low-cost starter estimate (no fabricated numbers)<\/h3>\n\n\n\n<p>A minimal lab often includes:\n&#8211; 1 VCN + 1 private subnet (no cost by itself)\n&#8211; 1 Cluster Placement Group (typically no direct cost)\n&#8211; 2 small compatible VM instances for 1\u20132 hours\n&#8211; Boot volumes (default sizes)\n&#8211; Optional bastion (or one temporary public IP instance)<\/p>\n\n\n\n<p>To estimate accurately:\n1. Select the exact shape(s) you plan to use and hours.\n2. Include boot volume size and performance tier.\n3. Include any gateways\/load balancers.\n4. Use the official estimator and pricing pages listed above.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Example production cost considerations<\/h3>\n\n\n\n<p>In production, costs depend on:\n&#8211; Cluster size (N nodes) and utilization\n&#8211; Higher-end shapes (HPC\/GPU) and capacity reservations\n&#8211; Storage and replication patterns\n&#8211; Observability volume (logs\/metrics)\n&#8211; Potential need for multiple clusters for isolation (dev\/stage\/prod)<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n<p>This lab focuses on a realistic, low-risk way to <strong>create a Cluster Placement Group<\/strong> and launch a small set of instances into it, then <strong>validate<\/strong> that instances are in place and can communicate. Performance gains depend on shape, region, and capacity; the validation focuses on connectivity and basic latency testing.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Objective<\/h3>\n\n\n\n<p>Create an OCI VCN and two compute instances placed into a <strong>Cluster Placement Group<\/strong>, then verify private connectivity and run basic latency\/throughput checks.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Lab Overview<\/h3>\n\n\n\n<p>You will:\n1. Create networking (VCN\/subnet\/NSG) suitable for private east\u2013west testing.\n2. Create a Cluster Placement Group in a specific Availability Domain.\n3. Launch 2 instances into that Cluster Placement Group.\n4. SSH to one instance (via bastion or temporary public IP), then test connectivity to the other using private IP.\n5. (Optional) Compare with two instances launched <strong>without<\/strong> a placement group.\n6. Clean up all resources.<\/p>\n\n\n\n<blockquote>\n<p>Cost control tip: Stop\/terminate instances immediately after validation.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Choose region, compartment, and naming plan<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In the OCI Console, pick a <strong>Region<\/strong> where you have capacity.<\/li>\n<li>Choose or create a <strong>compartment<\/strong> for the lab (example: <code>lab-cpg<\/code>).<\/li>\n<li>Decide consistent names:\n   &#8211; VCN: <code>cpg-lab-vcn<\/code>\n   &#8211; Subnet: <code>cpg-lab-subnet-private<\/code>\n   &#8211; NSG: <code>cpg-lab-nsg<\/code>\n   &#8211; CPG: <code>cpg-lab-ad1<\/code>\n   &#8211; Instances: <code>cpg-node-1<\/code>, <code>cpg-node-2<\/code><\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; You have a compartment and a clear naming scheme, which helps cleanup and governance.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Create a VCN and a private subnet<\/h3>\n\n\n\n<p>You can use the VCN Wizard or manual creation. For learning, the wizard is usually fastest.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Networking<\/strong> \u2192 <strong>Virtual Cloud Networks<\/strong>.<\/li>\n<li>Click <strong>Create VCN<\/strong> (or \u201cVCN Wizard\u201d).<\/li>\n<li>Create a VCN with:\n   &#8211; A CIDR block (example: <code>10.0.0.0\/16<\/code>)<\/li>\n<li>Create a <strong>private subnet<\/strong> (example CIDR <code>10.0.1.0\/24<\/code>):\n   &#8211; Do <strong>not<\/strong> require public IPs on VNICs\n   &#8211; Ensure route table supports your access approach:<ul>\n<li>If using <strong>OCI Bastion<\/strong>, you can keep it private.<\/li>\n<li>If you need package installs (e.g., <code>iperf3<\/code>) you may need a NAT gateway. For a minimal lab, you can skip installs and use <code>ping<\/code> only.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; A VCN exists with a private subnet where instances can communicate using private IP addresses.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Create an NSG for intra-cluster traffic<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Networking<\/strong> \u2192 <strong>Network Security Groups<\/strong>.<\/li>\n<li>Create NSG: <code>cpg-lab-nsg<\/code>.<\/li>\n<li>Add <strong>inbound rules<\/strong> that allow:\n   &#8211; SSH (TCP 22) from your admin source (bastion subnet CIDR or your IP if using a public IP approach)\n   &#8211; ICMP within the subnet CIDR (for <code>ping<\/code>)<br\/>\n   &#8211; (Optional) TCP 5201 within subnet CIDR (for <code>iperf3<\/code>)<\/li>\n<li>Add <strong>egress rules<\/strong> (default allow all egress is common in labs; in production restrict as needed).<\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; Instances in the NSG can reach each other for ICMP and optional iperf testing, and you can administer them via SSH.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Create a Cluster Placement Group<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to the area where OCI exposes <strong>Cluster Placement Groups<\/strong> (Console navigation can change; commonly this is under <strong>Compute<\/strong> features).  <\/li>\n<li>Click <strong>Create Cluster Placement Group<\/strong>.<\/li>\n<li>Choose:\n   &#8211; Compartment: <code>lab-cpg<\/code>\n   &#8211; Name: <code>cpg-lab-ad1<\/code>\n   &#8211; Availability Domain: select the AD you will use (e.g., \u201cAD-1\u201d)<\/li>\n<li>Add tags (optional but recommended):\n   &#8211; <code>Project=CPG-Lab<\/code>\n   &#8211; <code>Owner=&lt;your-team&gt;<\/code>\n   &#8211; <code>TTL=4h<\/code><\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; A Cluster Placement Group exists and is ready for instances to be launched into it.<\/p>\n\n\n\n<p><strong>Common error and fix<\/strong>\n&#8211; <strong>Error<\/strong>: You don\u2019t see Cluster Placement Groups in the Console.<br\/>\n<strong>Fix<\/strong>: Verify region availability, permissions, and service exposure in your tenancy. Use the docs search link for \u201cCluster Placement Groups OCI Console\u201d and confirm your account has access.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Launch instance #1 into the Cluster Placement Group<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Compute<\/strong> \u2192 <strong>Instances<\/strong> \u2192 <strong>Create instance<\/strong>.<\/li>\n<li>Name: <code>cpg-node-1<\/code><\/li>\n<li>Placement:\n   &#8211; Availability Domain: select the same AD as the placement group\n   &#8211; Find the field for <strong>Cluster Placement Group<\/strong> and select <code>cpg-lab-ad1<\/code><\/li>\n<li>Image: choose a common image (Oracle Linux is typical).<\/li>\n<li>Shape: choose a shape that <strong>supports Cluster Placement Groups<\/strong> (this is shape-dependent; <strong>verify supported shapes in official docs<\/strong>).<\/li>\n<li>Networking:\n   &#8211; VCN: <code>cpg-lab-vcn<\/code>\n   &#8211; Subnet: <code>cpg-lab-subnet-private<\/code>\n   &#8211; NSG: attach <code>cpg-lab-nsg<\/code>\n   &#8211; Public IP: <strong>No<\/strong> (preferred)  <\/li>\n<li>SSH keys: add your public key.<\/li>\n<li>Create the instance.<\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; <code>cpg-node-1<\/code> is running and shows a private IP in the subnet.\n&#8211; Instance details should show association with the chosen Cluster Placement Group (field names vary; verify in the Console).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Launch instance #2 into the same Cluster Placement Group<\/h3>\n\n\n\n<p>Repeat Step 5 with:\n&#8211; Name: <code>cpg-node-2<\/code>\n&#8211; Same AD, same VCN\/subnet\/NSG\n&#8211; Same Cluster Placement Group: <code>cpg-lab-ad1<\/code><\/p>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; Two instances are running in the same subnet and attached to the same Cluster Placement Group.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7 (Access option A): Connect via OCI Bastion (recommended for private subnet)<\/h3>\n\n\n\n<p>If you use OCI Bastion:\n1. Create or use an OCI Bastion in the same VCN.\n2. Create a bastion session to <code>cpg-node-1<\/code>.\n3. Connect using the SSH command provided by OCI Bastion.<\/p>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; You have an SSH shell on <code>cpg-node-1<\/code> without exposing public IPs.<\/p>\n\n\n\n<blockquote>\n<p>OCI Bastion docs: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Bastion\/home.htm<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7 (Access option B): Temporary public IP (simple but less secure)<\/h3>\n\n\n\n<p>If you don\u2019t have bastion set up and want a quick lab:\n&#8211; Either assign a public IP to <code>cpg-node-1<\/code> temporarily, or create a temporary jump host.\n&#8211; Restrict SSH to your IP in NSG\/security list rules.<\/p>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; You can SSH into <code>cpg-node-1<\/code>.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 8: Verify private connectivity (ping)<\/h3>\n\n\n\n<p>On <code>cpg-node-1<\/code>, run:<\/p>\n\n\n\n<pre><code class=\"language-bash\"># Replace with cpg-node-2 private IP\nping -c 5 &lt;PRIVATE_IP_OF_CPG_NODE_2&gt;\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; Successful replies with consistent RTT values (exact values vary widely by shape\/region).<\/p>\n\n\n\n<p><strong>Common error and fix<\/strong>\n&#8211; <strong>No response \/ packet loss<\/strong>:<br\/>\n  &#8211; Ensure ICMP is allowed in the NSG\/security list.\n  &#8211; Confirm you used the <strong>private IP<\/strong>.\n  &#8211; Confirm both instances are in the same subnet\/VCN and routing is correct.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 9 (Optional): Measure throughput with iperf3<\/h3>\n\n\n\n<p>If <code>iperf3<\/code> is available or you can install it (may require internet access via NAT gateway):\n1. On <code>cpg-node-2<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-bash\">iperf3 -s\n<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"2\">\n<li>On <code>cpg-node-1<\/code>:<\/li>\n<\/ol>\n\n\n\n<pre><code class=\"language-bash\">iperf3 -c &lt;PRIVATE_IP_OF_CPG_NODE_2&gt; -t 10\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; You get a throughput report. Record it as your baseline.<\/p>\n\n\n\n<p><strong>Common error and fix<\/strong>\n&#8211; <strong>Connection refused<\/strong>: allow TCP 5201 in NSG within subnet CIDR.\n&#8211; <strong>Command not found<\/strong>: install <code>iperf3<\/code> (requires repo access) or use another tool available on the image.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 10 (Optional): Compare against non-placement group instances<\/h3>\n\n\n\n<p>To understand benefit in your environment:\n1. Launch <code>baseline-node-1<\/code> and <code>baseline-node-2<\/code> in the same AD\/subnet <strong>without<\/strong> selecting a Cluster Placement Group.\n2. Repeat ping\/iperf tests.\n3. Compare:\n   &#8211; RTT average and variance\n   &#8211; Throughput\n   &#8211; Tail behavior under repeated runs<\/p>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; Often, the placement group pair shows improved consistency and sometimes improved average performance\u2014<strong>but results are not guaranteed<\/strong> due to capacity and underlying topology.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Validation<\/h3>\n\n\n\n<p>Use this checklist:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>[ ] Cluster Placement Group exists in the correct compartment and AD.<\/li>\n<li>[ ] Two instances are running and attached to the placement group.<\/li>\n<li>[ ] Instances have private IPs in the same subnet.<\/li>\n<li>[ ] <code>ping<\/code> between private IPs works.<\/li>\n<li>[ ] (Optional) <code>iperf3<\/code> works and reports throughput.<\/li>\n<\/ul>\n\n\n\n<p>For deeper validation, check:\n&#8211; Instance details page for placement group reference.\n&#8211; OCI Audit logs for create\/launch actions:\n  &#8211; Audit docs: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Audit\/home.htm<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Troubleshooting<\/h3>\n\n\n\n<p><strong>Issue: You cannot select a Cluster Placement Group during instance creation<\/strong>\n&#8211; Confirm the instance is being launched in the <strong>same Availability Domain<\/strong> as the placement group.\n&#8211; Confirm your chosen <strong>shape supports Cluster Placement Groups<\/strong> (verify in docs).\n&#8211; Confirm you have permissions to read\/use the placement group.<\/p>\n\n\n\n<p><strong>Issue: Instance launch fails with capacity errors<\/strong>\n&#8211; Try a different AD (but then you need a different placement group).\n&#8211; Try a different shape that supports placement groups.\n&#8211; Launch fewer instances or try later.\n&#8211; Consider capacity reservations for production (verify OCI capacity reservation options).<\/p>\n\n\n\n<p><strong>Issue: Network tests show no improvement<\/strong>\n&#8211; Placement is best-effort; your baseline placement might already be good.\n&#8211; Your workload may not be network-bound.\n&#8211; Use repeated runs and look at jitter\/tail latency, not just one test.\n&#8211; Ensure you tested private-to-private within the same AD and subnet.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Cleanup<\/h3>\n\n\n\n<p>To avoid ongoing charges, remove resources in a safe order:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Terminate instances: <code>cpg-node-1<\/code>, <code>cpg-node-2<\/code> (and any baseline nodes).<\/li>\n<li>Delete the Cluster Placement Group (if required, ensure no instances still reference it).<\/li>\n<li>Delete bastion session\/bastion (if created).<\/li>\n<li>Delete NSG: <code>cpg-lab-nsg<\/code>.<\/li>\n<li>Delete subnet(s).<\/li>\n<li>Delete VCN: <code>cpg-lab-vcn<\/code>.<\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome<\/strong>\n&#8211; No running compute instances or attached volumes remain from the lab.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">11. Best Practices<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Architecture best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use Cluster Placement Groups for <strong>tight east\u2013west<\/strong> clusters; keep other tiers independent.<\/li>\n<li>Keep the cluster in a <strong>single AD<\/strong> for locality, but compensate with:<\/li>\n<li>backups<\/li>\n<li>replication to other AD\/region (depending on RPO\/RTO needs)<\/li>\n<li>Consider splitting architecture into:<\/li>\n<li>performance-sensitive cluster (CPG)<\/li>\n<li>resilient control plane \/ data persistence (multi-AD or managed services)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">IAM\/security best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Apply least privilege:<\/li>\n<li>Separate who can <strong>create CPGs<\/strong> vs who can <strong>launch instances<\/strong> into them.<\/li>\n<li>Use compartments to isolate environments (dev\/stage\/prod).<\/li>\n<li>Use tags to enforce governance (owner, cost center, TTL).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Cost best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use scheduled cleanup \/ TTL tags for ephemeral clusters.<\/li>\n<li>Benchmark with minimal nodes first.<\/li>\n<li>Avoid overprovisioning; measure if the placement group delivers enough improvement to reduce node count.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Performance best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Validate with the <em>real<\/em> workload profile (RPC patterns, message sizes, concurrency).<\/li>\n<li>Measure:<\/li>\n<li>average latency<\/li>\n<li>p95\/p99<\/li>\n<li>jitter and packet loss<\/li>\n<li>Keep inter-node traffic on private IPs and private subnets.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Reliability best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Understand the tradeoff: co-location can increase correlated failure risk.<\/li>\n<li>For critical systems:<\/li>\n<li>keep quorum\/control plane resilient<\/li>\n<li>test failure scenarios (node loss, maintenance events)<\/li>\n<li>Use rolling deployment strategies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operations best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Standardize:<\/li>\n<li>naming conventions<\/li>\n<li>tagging<\/li>\n<li>automation for create\/destroy<\/li>\n<li>Use OCI Monitoring and Logging:<\/li>\n<li>alert on instance health and network errors (where metrics exist)<\/li>\n<li>Track OCI limits and request increases early.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Governance\/tagging\/naming best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tag placement groups and instances consistently:<\/li>\n<li><code>Environment<\/code><\/li>\n<li><code>Service<\/code><\/li>\n<li><code>Owner<\/code><\/li>\n<li><code>CostCenter<\/code><\/li>\n<li><code>TTL<\/code><\/li>\n<li>Use names that include AD and purpose: <code>cpg-&lt;app&gt;-ad1<\/code><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">12. Security Considerations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Identity and access model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>OCI IAM<\/strong> controls:<\/li>\n<li>who can create\/delete placement groups<\/li>\n<li>who can launch instances into them<\/li>\n<li>who can view resources in compartments<\/li>\n<li>Prefer group-based access and (where applicable) <strong>dynamic groups<\/strong> for automation.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Encryption<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Data-in-transit between instances inside a VCN is not automatically application-encrypted. Use:<\/li>\n<li>TLS\/mTLS for service communication where required<\/li>\n<li>encrypted protocols for replication<\/li>\n<li>Data-at-rest depends on boot\/block volume encryption settings (OCI typically supports encryption; verify your exact configuration and compliance needs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network exposure<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keep cluster nodes in <strong>private subnets<\/strong>.<\/li>\n<li>Use <strong>OCI Bastion<\/strong> instead of assigning public IPs.<\/li>\n<li>Use NSGs to narrowly allow:<\/li>\n<li>SSH from bastion only<\/li>\n<li>intra-cluster ports only within subnet CIDR or within NSG<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secrets handling<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Do not bake secrets into images.<\/li>\n<li>Use OCI Vault for secrets\/keys where appropriate:<\/li>\n<li>Vault docs: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/KeyManagement\/home.htm<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Audit\/logging<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable and review <strong>Audit<\/strong> events for:<\/li>\n<li>placement group create\/update\/delete<\/li>\n<li>instance launch\/terminate<\/li>\n<li>networking changes<\/li>\n<li>Centralize logs and define retention policies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compliance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cluster Placement Groups influence locality; if you have data residency constraints:<\/li>\n<li>ensure region selection meets compliance<\/li>\n<li>confirm whether AD locality has any compliance relevance in your program<\/li>\n<li>Use compartments and policies to enforce separation of duties.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Common security mistakes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Leaving SSH open to the internet (0.0.0.0\/0).<\/li>\n<li>Using public IPs for east\u2013west traffic.<\/li>\n<li>Forgetting to clean up ephemeral clusters.<\/li>\n<li>Overly permissive IAM policies for automation.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secure deployment recommendations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Private subnets + bastion<\/li>\n<li>NSGs with minimum required ports<\/li>\n<li>TLS for internal service communication<\/li>\n<li>Tagging + budgets + alerts<\/li>\n<li>Periodic access reviews for IAM policies<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">13. Limitations and Gotchas<\/h2>\n\n\n\n<blockquote>\n<p>The most important limitations are typically <strong>shape support<\/strong> and <strong>capacity constraints<\/strong>. Always verify in official docs for your region and chosen shapes.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Known limitations (common patterns)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Best-effort placement<\/strong>: OCI attempts co-location but cannot always guarantee it.<\/li>\n<li><strong>Shape eligibility<\/strong>: not every compute shape supports Cluster Placement Groups.<\/li>\n<li><strong>Availability Domain constraints<\/strong>: you typically must launch instances in the same AD as the placement group.<\/li>\n<li><strong>Capacity errors<\/strong>: co-location requirements can make launches more sensitive to capacity.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas and service limits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Instance count\/core limits per region\/AD.<\/li>\n<li>Potential limits on number of placement groups.<\/li>\n<li>Limits vary by tenancy and region; check:<\/li>\n<li>https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/General\/Concepts\/servicelimits.htm<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Regional constraints<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Some OCI regions have:<\/li>\n<li>fewer ADs<\/li>\n<li>limited shape availability<\/li>\n<li>different networking characteristics<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing surprises<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Placement groups themselves may not cost extra, but:<\/li>\n<li>higher-end shapes used for performance do<\/li>\n<li>data egress and cross-region traffic can be expensive<\/li>\n<li>NAT gateways \/ load balancers add costs<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compatibility issues<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Your provisioning tool might not support placement groups in older versions (e.g., Terraform provider version mismatch). Upgrade and verify provider docs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational gotchas<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Deleting a placement group might require instances to be terminated\/detached first.<\/li>\n<li>If you need high availability, placing everything close can increase correlated failure impact.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Migration challenges<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Moving existing instances into a placement group may require re-provisioning (often you can\u2019t \u201cmove\u201d an existing instance\u2019s physical placement without recreating; verify current OCI capabilities).<\/li>\n<li>For stateful nodes, plan data migration and downtime windows.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Vendor-specific nuances<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI\u2019s AD\/FD model differs from \u201czones\u201d in other clouds; don\u2019t assume direct mapping.<\/li>\n<li>Networking performance is shape-dependent; always validate on the same shape you will run in production.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">14. Comparison with Alternatives<\/h2>\n\n\n\n<p>Cluster Placement Groups are one way to influence instance locality. Alternatives include other OCI constructs and services in other clouds.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Options overview table<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Option<\/th>\n<th>Best For<\/th>\n<th>Strengths<\/th>\n<th>Weaknesses<\/th>\n<th>When to Choose<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>OCI Cluster Placement Groups<\/strong><\/td>\n<td>Low-latency east\u2013west clusters within an AD<\/td>\n<td>Simple placement intent; integrates with normal instance launches<\/td>\n<td>Best-effort; capacity\/shape constraints; may reduce failure isolation<\/td>\n<td>When internal traffic dominates and you want better consistency<\/td>\n<\/tr>\n<tr>\n<td><strong>OCI Cluster Networks (HPC)<\/strong><\/td>\n<td>HPC workloads needing specialized networking (often RDMA-style)<\/td>\n<td>Purpose-built for HPC patterns; strong performance on supported shapes<\/td>\n<td>More specialized; may require specific shapes and design<\/td>\n<td>When you are explicitly building an HPC cluster and can use supported shapes<\/td>\n<\/tr>\n<tr>\n<td><strong>OCI Instance Pools<\/strong><\/td>\n<td>Scaling stateless instances<\/td>\n<td>Autoscaling, lifecycle automation<\/td>\n<td>Does not guarantee physical proximity<\/td>\n<td>When you need scaling\/HA more than topology locality<\/td>\n<\/tr>\n<tr>\n<td><strong>AWS EC2 Placement Groups (Cluster)<\/strong><\/td>\n<td>Similar placement intent in AWS<\/td>\n<td>Mature feature; well-known patterns<\/td>\n<td>AWS-specific semantics and constraints<\/td>\n<td>When deploying on AWS with similar needs<\/td>\n<\/tr>\n<tr>\n<td><strong>Azure Proximity Placement Groups<\/strong><\/td>\n<td>Co-locating VMs for low latency<\/td>\n<td>Good for multi-tier latency-sensitive apps<\/td>\n<td>Regional\/zone constraints; capacity<\/td>\n<td>When deploying on Azure and needing VM proximity<\/td>\n<\/tr>\n<tr>\n<td><strong>GCP placement policies \/ sole-tenant<\/strong><\/td>\n<td>Performance\/isolation controls<\/td>\n<td>Strong isolation options (sole-tenant)<\/td>\n<td>Different model; may be costlier<\/td>\n<td>When you need host-level isolation or placement controls in GCP<\/td>\n<\/tr>\n<tr>\n<td><strong>Kubernetes topology controls (self-managed)<\/strong><\/td>\n<td>Pod placement and spread<\/td>\n<td>Fine-grained scheduling at K8s level<\/td>\n<td>Does not control physical host locality beyond what cloud provides<\/td>\n<td>When you need logical placement but not guaranteed physical co-location<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<p><strong>Notes<\/strong>\n&#8211; OCI \u201cCluster Networks\u201d and \u201cCluster Placement Groups\u201d are <strong>not the same thing<\/strong>. Cluster Networks are typically an HPC-focused construct; Cluster Placement Groups are a more general placement intent mechanism. Verify your workload fit in OCI docs.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">15. Real-World Example<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Enterprise example: Real-time risk analytics cluster<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: A financial institution runs intraday risk calculations using distributed compute. Jobs miss deadlines due to inconsistent inter-node communication performance.<\/li>\n<li><strong>Proposed architecture<\/strong><\/li>\n<li>One OCI region, one AD for the compute cluster<\/li>\n<li>A <strong>Cluster Placement Group<\/strong> for 50\u2013200 compute nodes (size varies)<\/li>\n<li>Private subnet for cluster traffic<\/li>\n<li>Bastion for admin access<\/li>\n<li>Persistent data in managed storage\/database services (kept separate from the compute cluster)<\/li>\n<li>Centralized logging\/monitoring + audit<\/li>\n<li><strong>Why Cluster Placement Groups<\/strong><\/li>\n<li>The workload is communication-heavy; improving east\u2013west consistency reduces tail latency in job stages.<\/li>\n<li>Placement intent simplifies operations compared to ad hoc benchmarking per deployment.<\/li>\n<li><strong>Expected outcomes<\/strong><\/li>\n<li>More predictable job runtime<\/li>\n<li>Potential reduction in overprovisioned nodes<\/li>\n<li>Clear operational model: \u201crisk cluster\u201d is a repeatable deployment unit<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Startup\/small-team example: High-traffic API microservices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: A startup experiences p99 latency spikes during peak traffic; investigation shows internal service calls contribute significantly.<\/li>\n<li><strong>Proposed architecture<\/strong><\/li>\n<li>A small microservices tier (8\u201320 nodes) in a Cluster Placement Group<\/li>\n<li>Internal services communicate over private IPs<\/li>\n<li>External traffic via a managed load balancer (if used) to a small edge tier<\/li>\n<li>CI pipeline provisions and tears down performance test clusters using tags\/TTL<\/li>\n<li><strong>Why Cluster Placement Groups<\/strong><\/li>\n<li>Simple way to reduce internal RPC latency variability without large code changes.<\/li>\n<li>Helps stabilize latency during peak scaling events (subject to capacity).<\/li>\n<li><strong>Expected outcomes<\/strong><\/li>\n<li>Lower and more stable internal service-to-service RTT<\/li>\n<li>Improved p99 latency and fewer user-visible spikes<\/li>\n<li>A practical performance testing pattern that\u2019s easy to repeat<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">16. FAQ<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1) Are Cluster Placement Groups a networking service or a compute feature?<\/h3>\n\n\n\n<p>They are primarily a <strong>Compute placement feature<\/strong> in Oracle Cloud, but they are used to improve <strong>network performance between instances<\/strong>, which is why they matter in networking architecture.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2) Do Cluster Placement Groups guarantee low latency?<\/h3>\n\n\n\n<p>No. Placement is typically <strong>best-effort<\/strong> and depends on capacity and shape availability. You must benchmark in your region and AD.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3) Do Cluster Placement Groups cost extra?<\/h3>\n\n\n\n<p>Usually the placement group object itself is <strong>not<\/strong> a separately metered service, but you pay for the <strong>instances and related resources<\/strong> you run. Verify on OCI pricing pages for your region.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4) Can I use Cluster Placement Groups with any shape?<\/h3>\n\n\n\n<p>Not necessarily. Support is typically <strong>shape-dependent<\/strong>. Check the official docs for supported shapes and constraints.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">5) Do all instances in the placement group need to be in the same Availability Domain?<\/h3>\n\n\n\n<p>In most designs, yes\u2014because the placement group is typically associated with an AD for locality. Verify the exact rule in the docs for your tenancy\/region.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">6) Is a placement group the same as a Fault Domain?<\/h3>\n\n\n\n<p>No. Fault Domains are OCI constructs for <strong>failure isolation<\/strong> within an AD. A placement group is an intent to <strong>co-locate<\/strong> instances for performance.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">7) Is it safe to put all nodes of a critical cluster in one placement group?<\/h3>\n\n\n\n<p>It depends. Co-location can increase correlated failure risk. For critical systems, balance performance with resilience (multi-AD patterns, backups, and recovery plans).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">8) Can I move an existing running instance into a Cluster Placement Group?<\/h3>\n\n\n\n<p>Often, physical placement changes require <strong>recreating<\/strong> instances. Verify whether OCI supports attaching an existing instance after creation and what it implies (documentation may change).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">9) How do I verify an instance is in a Cluster Placement Group?<\/h3>\n\n\n\n<p>Check the instance details in the OCI Console or via API\/CLI fields (exact field names vary). Also verify via audit logs and resource relationships.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">10) What metrics prove the placement group helped?<\/h3>\n\n\n\n<p>Measure:\n&#8211; private-IP RTT distribution (average, p95\/p99)\n&#8211; throughput (iperf-style)\n&#8211; application-level latency and stage times\n&#8211; jitter under load<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">11) Does Cluster Placement Group improve north\u2013south traffic (to the internet)?<\/h3>\n\n\n\n<p>Not directly. It mainly targets <strong>east\u2013west<\/strong> communication within OCI infrastructure.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">12) Does it help across subnets?<\/h3>\n\n\n\n<p>It can, because placement is physical and independent of subnet boundaries, but your routing and security rules must permit traffic. Best practice is to keep cluster nodes in the same private subnet unless you need segmentation.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">13) Can I use it with Kubernetes worker nodes?<\/h3>\n\n\n\n<p>Potentially, if your node provisioning method supports launching instances into the placement group. Validate your provisioning tooling and the OCI Kubernetes integration you use.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">14) What\u2019s the difference between Cluster Placement Groups and HPC Cluster Networks?<\/h3>\n\n\n\n<p>Cluster Networks are typically an <strong>HPC-focused<\/strong> construct (often with specialized networking features and constraints). Cluster Placement Groups are a more general <strong>placement intent<\/strong> feature. Choose based on your workload and supported shapes.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">15) What are the most common reasons instance launches fail with a placement group?<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Shape not supported<\/li>\n<li>AD mismatch between the instance and placement group<\/li>\n<li>Capacity constraints in the chosen AD for co-location<\/li>\n<li>Insufficient service limits (cores\/instances)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">16) Should I use multiple placement groups?<\/h3>\n\n\n\n<p>Use multiple placement groups when you want:\n&#8211; separate clusters for isolation\n&#8211; shard-level separation\n&#8211; different ADs (each group aligned to its AD)\nBut don\u2019t over-fragment if it complicates operations.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">17. Top Online Resources to Learn Cluster Placement Groups<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Resource Type<\/th>\n<th>Name<\/th>\n<th>Why It Is Useful<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Official documentation (search)<\/td>\n<td>OCI Docs Search: Cluster Placement Groups \u2014 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Search\/search.htm?search=Cluster%20Placement%20Groups<\/td>\n<td>Most reliable way to find the current, official CPG pages as URLs can change<\/td>\n<\/tr>\n<tr>\n<td>Official Compute docs<\/td>\n<td>OCI Compute documentation \u2014 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Compute\/home.htm<\/td>\n<td>Cluster Placement Groups are typically documented as part of Compute capabilities<\/td>\n<\/tr>\n<tr>\n<td>Official Networking docs<\/td>\n<td>OCI Networking documentation \u2014 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Network\/home.htm<\/td>\n<td>Helps you design VCN\/subnet\/NSG correctly for east\u2013west traffic testing<\/td>\n<\/tr>\n<tr>\n<td>Official IAM docs<\/td>\n<td>OCI Identity and Access Management \u2014 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Identity\/home.htm<\/td>\n<td>Required to write correct policies and follow least privilege<\/td>\n<\/tr>\n<tr>\n<td>Official Audit docs<\/td>\n<td>OCI Audit \u2014 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Audit\/home.htm<\/td>\n<td>Track creation and usage events for governance and troubleshooting<\/td>\n<\/tr>\n<tr>\n<td>Official CLI docs<\/td>\n<td>OCI CLI Concepts \u2014 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/Concepts\/cliconcepts.htm<\/td>\n<td>Learn how to automate resource creation; verify exact CLI commands for CPG in your version<\/td>\n<\/tr>\n<tr>\n<td>Official Terraform docs (provider)<\/td>\n<td>OCI Terraform Provider docs \u2014 https:\/\/registry.terraform.io\/providers\/oracle\/oci\/latest\/docs<\/td>\n<td>Infrastructure-as-code; verify if\/when CPG resources are supported<\/td>\n<\/tr>\n<tr>\n<td>Official pricing<\/td>\n<td>OCI Price List \u2014 https:\/\/www.oracle.com\/cloud\/price-list\/<\/td>\n<td>Authoritative pricing references (region\/SKU dependent)<\/td>\n<\/tr>\n<tr>\n<td>Official cost estimator<\/td>\n<td>OCI Cost Estimator \u2014 https:\/\/www.oracle.com\/cloud\/costestimator.html<\/td>\n<td>Build scenario-based estimates without guessing<\/td>\n<\/tr>\n<tr>\n<td>Official Free Tier<\/td>\n<td>Oracle Cloud Free Tier \u2014 https:\/\/www.oracle.com\/cloud\/free\/<\/td>\n<td>Understand what you can test at low\/no cost (shape support still must be verified)<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">18. Training and Certification Providers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Institute<\/th>\n<th>Suitable Audience<\/th>\n<th>Likely Learning Focus<\/th>\n<th>Mode<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps engineers, SREs, platform teams<\/td>\n<td>DevOps practices, cloud operations, automation, CI\/CD; may include OCI modules (check site)<\/td>\n<td>check website<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>ScmGalaxy.com<\/td>\n<td>Beginners to intermediate DevOps practitioners<\/td>\n<td>SCM, DevOps tooling, automation fundamentals; cloud integrations (check site)<\/td>\n<td>check website<\/td>\n<td>https:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n<tr>\n<td>CLoudOpsNow.in<\/td>\n<td>Cloud engineers and operations teams<\/td>\n<td>Cloud operations, monitoring, reliability practices; cloud platform topics (check site)<\/td>\n<td>check website<\/td>\n<td>https:\/\/cloudopsnow.in\/<\/td>\n<\/tr>\n<tr>\n<td>SreSchool.com<\/td>\n<td>SREs, operations teams, architects<\/td>\n<td>Reliability engineering, SLIs\/SLOs, incident response; cloud reliability patterns (check site)<\/td>\n<td>check website<\/td>\n<td>https:\/\/sreschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>AiOpsSchool.com<\/td>\n<td>Operations and platform engineers<\/td>\n<td>AIOps concepts, observability, automation with ML where applicable (check site)<\/td>\n<td>check website<\/td>\n<td>https:\/\/aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">19. Top Trainers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Platform\/Site<\/th>\n<th>Likely Specialization<\/th>\n<th>Suitable Audience<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>RajeshKumar.xyz<\/td>\n<td>DevOps\/cloud training content (verify offerings)<\/td>\n<td>Students, engineers looking for practical guidance<\/td>\n<td>https:\/\/rajeshkumar.xyz\/<\/td>\n<\/tr>\n<tr>\n<td>devopstrainer.in<\/td>\n<td>DevOps training programs (verify course catalog)<\/td>\n<td>DevOps engineers, teams<\/td>\n<td>https:\/\/devopstrainer.in\/<\/td>\n<\/tr>\n<tr>\n<td>devopsfreelancer.com<\/td>\n<td>DevOps freelancing\/training platform (verify services)<\/td>\n<td>Teams seeking short-term help or training resources<\/td>\n<td>https:\/\/devopsfreelancer.com\/<\/td>\n<\/tr>\n<tr>\n<td>devopssupport.in<\/td>\n<td>DevOps support\/training resources (verify scope)<\/td>\n<td>Operations teams, DevOps practitioners<\/td>\n<td>https:\/\/devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">20. Top Consulting Companies<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Company Name<\/th>\n<th>Likely Service Area<\/th>\n<th>Where They May Help<\/th>\n<th>Consulting Use Case Examples<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>cotocus.com<\/td>\n<td>Cloud\/DevOps consulting (verify OCI specialization)<\/td>\n<td>Architecture reviews, implementation support, automation<\/td>\n<td>Designing OCI network + compute patterns; building IaC pipelines; performance benchmarking approach<\/td>\n<td>https:\/\/cotocus.com\/<\/td>\n<\/tr>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps and cloud consulting\/training (check service pages)<\/td>\n<td>DevOps transformations, automation, platform engineering<\/td>\n<td>Implementing standardized OCI landing zones; observability rollout; CI\/CD optimization<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>DEVOPSCONSULTING.IN<\/td>\n<td>DevOps consulting services (verify offerings)<\/td>\n<td>Toolchain integration, operations maturity, cloud migrations<\/td>\n<td>Building secure access patterns (bastion, IAM); cost governance; performance test frameworks<\/td>\n<td>https:\/\/devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">21. Career and Learning Roadmap<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn before Cluster Placement Groups<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI fundamentals: regions, ADs, compartments<\/li>\n<li>OCI VCN fundamentals: subnets, route tables, gateways<\/li>\n<li>Security basics: NSGs vs security lists, SSH hardening<\/li>\n<li>Compute basics: shapes, images, boot volumes<\/li>\n<li>Observability basics: Monitoring, Logging, Audit<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn after Cluster Placement Groups<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Performance engineering:<\/li>\n<li>benchmarking methodology<\/li>\n<li>workload profiling and bottleneck analysis<\/li>\n<li>Higher-level cluster constructs (as applicable in OCI):<\/li>\n<li>HPC-focused services and patterns<\/li>\n<li>autoscaling and instance pools for stateless tiers<\/li>\n<li>Infrastructure as Code:<\/li>\n<li>Terraform for OCI<\/li>\n<li>CI\/CD pipelines for environment lifecycle<\/li>\n<li>Reliability engineering:<\/li>\n<li>multi-AD and multi-region strategies<\/li>\n<li>disaster recovery runbooks<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Job roles that use it<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud Solutions Architect<\/li>\n<li>DevOps Engineer \/ Platform Engineer<\/li>\n<li>Site Reliability Engineer (SRE)<\/li>\n<li>HPC Engineer \/ Scientific Computing Engineer<\/li>\n<li>Cloud Network Engineer (for performance-sensitive east\u2013west designs)<\/li>\n<li>FinOps \/ Cost Analyst (to evaluate cost vs performance gains)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Certification path (if available)<\/h3>\n\n\n\n<p>Oracle certifications evolve over time; verify current OCI certification paths on Oracle University:\n&#8211; https:\/\/education.oracle.com\/<\/p>\n\n\n\n<p>A practical path often includes:\n&#8211; OCI foundations\n&#8211; OCI architect associate\/professional tracks (as available)\n&#8211; Networking and security specialty learning<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Project ideas for practice<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Build a repeatable Terraform module that:\n   &#8211; creates a VCN + private subnet + NSG\n   &#8211; creates a Cluster Placement Group\n   &#8211; launches N instances into it<\/li>\n<li>Create a performance test harness:\n   &#8211; ping jitter analysis\n   &#8211; iperf3 throughput tests\n   &#8211; results logged to a central location<\/li>\n<li>Compare architectures:\n   &#8211; single placement group vs spread across fault domains (performance vs resilience)<\/li>\n<li>Build a \u201ccluster lifecycle\u201d pipeline:\n   &#8211; create cluster on demand\n   &#8211; run tests\n   &#8211; destroy automatically using TTL tags<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">22. Glossary<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Availability Domain (AD)<\/strong>: A physically isolated data center within an OCI region. Regions can have multiple ADs depending on geography.<\/li>\n<li><strong>Cluster Placement Group (CPG)<\/strong>: An OCI resource that influences compute scheduling to place instances closer together for better inter-instance performance.<\/li>\n<li><strong>Compartment<\/strong>: A logical isolation boundary in OCI IAM for organizing and controlling access to resources.<\/li>\n<li><strong>East\u2013west traffic<\/strong>: Network traffic between servers inside a data center\/VCN (service-to-service, node-to-node).<\/li>\n<li><strong>Fault Domain (FD)<\/strong>: A grouping within an AD to provide anti-affinity and reduce correlated failure risk.<\/li>\n<li><strong>NSG (Network Security Group)<\/strong>: Virtual firewall rules applied to VNICs for granular security control.<\/li>\n<li><strong>Security List<\/strong>: Subnet-level firewall rules in OCI (older\/less granular than NSGs for many use cases).<\/li>\n<li><strong>VCN (Virtual Cloud Network)<\/strong>: OCI\u2019s virtual network construct where subnets, routing, and security controls are defined.<\/li>\n<li><strong>Jitter<\/strong>: Variability in latency over time; often harms real-time and distributed systems.<\/li>\n<li><strong>p95\/p99 latency<\/strong>: Tail latency metrics indicating the response time below which 95%\/99% of requests fall.<\/li>\n<li><strong>iperf3<\/strong>: A common network testing tool for measuring throughput between two hosts.<\/li>\n<li><strong>Bastion<\/strong>: A secure access method to reach private instances without exposing public IPs (OCI has a managed Bastion service).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">23. Summary<\/h2>\n\n\n\n<p><strong>What it is<\/strong><br\/>\nIn Oracle Cloud, <strong>Cluster Placement Groups<\/strong> are a compute placement mechanism that helps keep instances physically closer together to improve <strong>east\u2013west network performance<\/strong>.<\/p>\n\n\n\n<p><strong>Why it matters<\/strong><br\/>\nMany distributed workloads are limited by inter-node latency, jitter, or throughput. Cluster Placement Groups can improve <strong>consistency<\/strong> and sometimes <strong>raw performance<\/strong>, leading to faster jobs, better p99 latency, and potentially lower infrastructure requirements.<\/p>\n\n\n\n<p><strong>Where it fits<\/strong><br\/>\nIt sits at the intersection of <strong>Compute scheduling<\/strong> and <strong>Networking, Edge, and Connectivity<\/strong> architecture: you still design VCNs and security the same way, but you add placement intent to improve intra-cluster behavior.<\/p>\n\n\n\n<p><strong>Key cost\/security points<\/strong>\n&#8211; Costs mainly come from <strong>compute instances and supporting resources<\/strong>, not usually from the placement group itself (verify pricing rules for your tenancy).\n&#8211; Use <strong>private subnets + NSGs + Bastion<\/strong> and least-privilege IAM.\n&#8211; Benchmark and validate\u2014placement is typically best-effort and capacity-dependent.<\/p>\n\n\n\n<p><strong>When to use it<\/strong>\n&#8211; When your cluster is communication-heavy and performance-sensitive, and you can accept tighter locality tradeoffs.\n&#8211; Avoid relying on it as a hard guarantee; design resilience thoughtfully.<\/p>\n\n\n\n<p><strong>Next learning step<\/strong>\nUse the official OCI docs search link to confirm current constraints (supported shapes, AD rules, IAM policy resource types), then automate the lab with Terraform for repeatable performance testing:\nhttps:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Search\/search.htm?search=Cluster%20Placement%20Groups<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Networking, Edge, and Connectivity<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[74,62],"tags":[],"class_list":["post-942","post","type-post","status-publish","format-standard","hentry","category-networking-edge-and-connectivity","category-oracle-cloud"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/942","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=942"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/942\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=942"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=942"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=942"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}