{"id":955,"date":"2026-04-17T06:35:33","date_gmt":"2026-04-17T06:35:33","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-fleet-application-management-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-observability-and-management\/"},"modified":"2026-04-17T06:35:33","modified_gmt":"2026-04-17T06:35:33","slug":"oracle-cloud-fleet-application-management-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-observability-and-management","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-fleet-application-management-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-observability-and-management\/","title":{"rendered":"Oracle Cloud Fleet Application Management Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Observability and Management"},"content":{"rendered":"\n

Category<\/h2>\n\n\n\n

Observability and Management<\/p>\n\n\n\n

1. Introduction<\/h2>\n\n\n\n

Fleet Application Management is an Oracle Cloud (OCI)<\/strong> service in the Observability and Management<\/strong> category that helps you discover, organize, and manage applications as a fleet<\/strong>\u2014instead of treating every host as a one-off snowflake.<\/p>\n\n\n\n

In simple terms: you connect your servers, let OCI identify supported application installations and deployments, group them into a \u201cfleet,\u201d and then use one place to view inventory and perform management tasks<\/strong> (depending on what application types and actions are supported in your tenancy\/region).<\/p>\n\n\n\n

Technically, Fleet Application Management relies on OCI\u2019s management instrumentation (commonly the OCI Management Agent<\/strong>, depending on your environment and the application types you manage) to collect application signals and inventory. It then models this information as OCI resources (fleets, managed entities, application instances\/deployments) and applies standard OCI governance: compartments, IAM policies, tags, audit logs<\/strong>, and (where applicable) integrations with Logging\/Monitoring\/Notifications<\/strong>.<\/p>\n\n\n\n

The problem it solves is operational sprawl: as the number of environments, hosts, and application instances grows, teams struggle with:\n– consistent application inventory,\n– visibility of \u201cwhat\u2019s running where,\u201d\n– safe, repeatable operations across many instances,\n– governance and access control at scale.<\/p>\n\n\n\n

\n

Service status note: At the time of writing, Oracle\u2019s product documentation lists the service as Fleet Application Management<\/strong>. If you encounter older blog posts or internal references using abbreviations (for example, \u201cFAM\u201d), confirm terminology and current capabilities in the official documentation for your region\/tenancy.<\/p>\n<\/blockquote>\n\n\n\n

\n\n\n\n

2. What is Fleet Application Management?<\/h2>\n\n\n\n

Official purpose (high level)<\/strong>\nFleet Application Management is designed to provide a centralized way to manage applications across a fleet of hosts\/environments<\/strong> in Oracle Cloud. The service focuses on fleet-level<\/strong> visibility and operations rather than host-by-host manual work.<\/p>\n\n\n\n

Core capabilities (conceptual)<\/strong>\nWhile exact capabilities can vary by supported application type and region, the typical scope of Fleet Application Management includes:\n– Application discovery \/ inventory<\/strong> for supported application types installed on connected hosts\n– Fleet grouping<\/strong> to represent sets of applications that should be managed together (by environment, business unit, lifecycle stage, compliance boundary, etc.)\n– Centralized views<\/strong> of application deployments\/instances and their metadata\n– Governed operations<\/strong> using OCI compartments, IAM, tags, and audit logs<\/p>\n\n\n\n

Major components (how to think about it in OCI terms)<\/strong>\n– Fleet<\/strong>: The primary resource you create to group and manage applications at scale.\n– Managed hosts \/ managed entities<\/strong>: Compute instances or external hosts that are connected to OCI for discovery\/management.\n– Discovery\/collection mechanism<\/strong>: Typically the OCI Management Agent<\/strong> (exact mechanism depends on the workload; verify in official docs for your app type).\n– OCI governance controls<\/strong>: Compartments, IAM policies, tags, audit logs, and (optionally) events\/notifications.<\/p>\n\n\n\n

Service type<\/strong>\nA managed OCI control-plane service<\/strong> for application fleet operations (inventory and management workflows), integrated with standard OCI identity and governance.<\/p>\n\n\n\n

Scope (regional\/global\/account-scoped)<\/strong>\nFleet Application Management is an OCI service that you use within a tenancy<\/strong> and typically within a region<\/strong>, with resources organized by compartments<\/strong>.\nBecause OCI services differ in how they store and present data regionally, verify the regional behavior and cross-region visibility in the official docs<\/strong> for your tenancy and the specific features you plan to use.<\/p>\n\n\n\n

How it fits into the Oracle Cloud ecosystem<\/strong>\nFleet Application Management is part of the broader Observability and Management<\/strong> toolset and commonly complements:\n– Monitoring<\/strong> and Alarms<\/strong> (service health metrics and alerting)\n– Logging<\/strong> (operational logs for troubleshooting)\n– Notifications<\/strong> (routing alerts\/events)\n– Events<\/strong> (automation triggers)\n– OS Management Hub \/ patching services<\/strong> (host-level patching\/compliance)\n– Resource Manager (Terraform)<\/strong> (infrastructure provisioning)\n– Vault<\/strong> (secrets and key management)<\/p>\n\n\n\n

Official documentation entry point (start here):\n– Fleet Application Management docs: https:\/\/docs.oracle.com\/en-us\/iaas\/fleet-application-management\/home.htm (verify URL if it redirects in your region)<\/p>\n\n\n\n

\n\n\n\n

3. Why use Fleet Application Management?<\/h2>\n\n\n\n

Business reasons<\/h3>\n\n\n\n
    \n
  • Reduce operational cost<\/strong> by managing groups of application instances with consistent processes.<\/li>\n
  • Increase auditability<\/strong>: centralized inventory and controlled operations make it easier to answer \u201cwhat\u2019s deployed where\u201d for audits and risk reviews.<\/li>\n
  • Support environment growth<\/strong>: as teams scale to dozens\/hundreds of servers, manual tracking breaks down.<\/li>\n<\/ul>\n\n\n\n

    Technical reasons<\/h3>\n\n\n\n
      \n
    • Inventory and discovery<\/strong>: identify application installations\/deployments across many hosts in a consistent way (for supported app types).<\/li>\n
    • Standardize fleet constructs<\/strong>: represent your architecture in a manageable model (fleets by environment or product line).<\/li>\n
    • Integrate with OCI governance<\/strong>: use compartments and IAM rather than building your own RBAC database.<\/li>\n<\/ul>\n\n\n\n

      Operational reasons<\/h3>\n\n\n\n
        \n
      • Faster troubleshooting<\/strong>: faster identification of impacted application instances and where they run.<\/li>\n
      • Repeatable workflows<\/strong>: less \u201ctribal knowledge\u201d required to manage widely distributed application estates.<\/li>\n
      • Better change planning<\/strong>: centralized view helps plan updates and coordinate changes.<\/li>\n<\/ul>\n\n\n\n

        Security\/compliance reasons<\/h3>\n\n\n\n
          \n
        • Least privilege access<\/strong> via IAM policies.<\/li>\n
        • Improved accountability<\/strong> via OCI audit logs (who created fleets, changed configurations, initiated actions).<\/li>\n
        • Stronger separation of duties<\/strong> using compartments and policies aligned to org structure.<\/li>\n<\/ul>\n\n\n\n

          Scalability\/performance reasons<\/h3>\n\n\n\n
            \n
          • Fleet-first model<\/strong> scales better than per-host manual operations.<\/li>\n
          • Central control plane<\/strong> reduces the need for custom tooling to aggregate inventory and metadata.<\/li>\n<\/ul>\n\n\n\n

            When teams should choose it<\/h3>\n\n\n\n

            Choose Fleet Application Management when:\n– you have many application instances<\/strong> (or expect to),\n– you need a central inventory<\/strong> across environments,\n– you want OCI-governed operations<\/strong> on applications (not just hosts),\n– your app stack matches the supported discovery\/management scope<\/strong> for the service (verify in docs).<\/p>\n\n\n\n

            When teams should not choose it<\/h3>\n\n\n\n

            It may not be a fit when:\n– you only have a handful of hosts and can manage manually,\n– you primarily need deep application performance tracing<\/strong> (consider OCI APM instead),\n– your applications are fully managed PaaS\/SaaS with no host-level footprint to discover,\n– you need management for an application type not supported by Fleet Application Management (verify supported types in docs).<\/p>\n\n\n\n

            \n\n\n\n

            4. Where is Fleet Application Management used?<\/h2>\n\n\n\n

            Industries<\/h3>\n\n\n\n
              \n
            • Financial services (regulated environments needing inventory\/auditability)<\/li>\n
            • Healthcare (compliance and environment segmentation)<\/li>\n
            • Retail\/e-commerce (multiple environments, rapid change)<\/li>\n
            • Manufacturing (mixed on-prem + cloud footprints)<\/li>\n
            • Government\/public sector (strict governance, compartmentalization)<\/li>\n<\/ul>\n\n\n\n

              Team types<\/h3>\n\n\n\n
                \n
              • Platform engineering teams building internal platforms on OCI<\/li>\n
              • DevOps\/SRE teams responsible for uptime and change management<\/li>\n
              • Operations teams migrating from legacy CMDB\/manual inventory<\/li>\n
              • Security engineering teams supporting compliance reporting<\/li>\n
              • Application operations teams managing packaged middleware stacks<\/li>\n<\/ul>\n\n\n\n

                Workloads<\/h3>\n\n\n\n
                  \n
                • Traditional VM-based applications<\/li>\n
                • Hybrid estates (OCI + on-prem) where supported by the agent and connectivity model<\/li>\n
                • Enterprise application stacks where version visibility and change control matter<\/li>\n<\/ul>\n\n\n\n

                  Architectures<\/h3>\n\n\n\n
                    \n
                  • Multi-compartment enterprise landing zones<\/li>\n
                  • Hub-and-spoke networking with centralized governance<\/li>\n
                  • Blue\/green and multi-environment (dev\/test\/stage\/prod) footprints<\/li>\n<\/ul>\n\n\n\n

                    Real-world deployment contexts<\/h3>\n\n\n\n
                      \n
                    • Central IT managing fleets for multiple business units<\/li>\n
                    • Product teams that own an application but share base infrastructure<\/li>\n
                    • MSPs managing multiple customer compartments\/tenancies (where allowed)<\/li>\n<\/ul>\n\n\n\n

                      Production vs dev\/test usage<\/h3>\n\n\n\n
                        \n
                      • Production<\/strong>: most valuable for inventory, governance, and repeatable operational workflows.<\/li>\n
                      • Dev\/test<\/strong>: useful to standardize how app deployments are cataloged and managed; also helps validate discovery and access models before production rollout.<\/li>\n<\/ul>\n\n\n\n
                        \n\n\n\n

                        5. Top Use Cases and Scenarios<\/h2>\n\n\n\n

                        Below are realistic scenarios where Fleet Application Management is commonly useful. Exact capabilities depend on supported application types and your setup\u2014verify the service\u2019s supported discovery and actions in official docs.<\/p>\n\n\n\n

                        1) Fleet-wide application inventory for audits<\/h3>\n\n\n\n
                          \n
                        • Problem<\/strong>: Audit asks for a list of application instances, versions, and where they run.<\/li>\n
                        • Why this fits<\/strong>: Fleet model centralizes inventory across many hosts.<\/li>\n
                        • Example<\/strong>: Security team needs quarterly evidence that only approved application versions are running in the Prod compartment.<\/li>\n<\/ul>\n\n\n\n

                          2) Environment segmentation (dev\/test\/prod) with separate access<\/h3>\n\n\n\n
                            \n
                          • Problem<\/strong>: Too many people have production visibility or control.<\/li>\n
                          • Why this fits<\/strong>: OCI compartments + fleet resources let you segment visibility\/management.<\/li>\n
                          • Example<\/strong>: Create Payments-Prod-Fleet<\/code> in the Prod compartment; grant only SREs manage access.<\/li>\n<\/ul>\n\n\n\n

                            3) Operational readiness during migrations to OCI<\/h3>\n\n\n\n
                              \n
                            • Problem<\/strong>: During lift-and-shift, teams lose track of what moved and what\u2019s still on-prem.<\/li>\n
                            • Why this fits<\/strong>: Discovery and centralized inventory help track migration progress.<\/li>\n
                            • Example<\/strong>: A migration factory uses Fleet Application Management to confirm all expected app instances appear in OCI.<\/li>\n<\/ul>\n\n\n\n

                              4) Post-incident blast radius analysis<\/h3>\n\n\n\n
                                \n
                              • Problem<\/strong>: A host failure occurs; teams need to know which application instances were affected.<\/li>\n
                              • Why this fits<\/strong>: Fleet\/grouping and inventory views reduce time-to-identify.<\/li>\n
                              • Example<\/strong>: A compute node reboot causes outage; operations check the fleet to identify impacted deployments.<\/li>\n<\/ul>\n\n\n\n

                                5) Standardized tagging and ownership tracking<\/h3>\n\n\n\n
                                  \n
                                • Problem<\/strong>: No consistent \u201cowner\u201d metadata for applications across environments.<\/li>\n
                                • Why this fits<\/strong>: OCI tags (defined\/freeform) applied to fleets can enforce ownership.<\/li>\n
                                • Example<\/strong>: Enforce tags like CostCenter<\/code>, AppOwner<\/code>, DataClassification<\/code> on fleets.<\/li>\n<\/ul>\n\n\n\n

                                  6) Operational handoffs between teams<\/h3>\n\n\n\n
                                    \n
                                  • Problem<\/strong>: Dev teams deploy, ops teams run\u2014but asset inventory is incomplete.<\/li>\n
                                  • Why this fits<\/strong>: Fleet provides a shared operational object and consistent visibility.<\/li>\n
                                  • Example<\/strong>: New service onboarding requires adding deployments to a fleet before production go-live.<\/li>\n<\/ul>\n\n\n\n

                                    7) Multi-region operational visibility (where supported)<\/h3>\n\n\n\n
                                      \n
                                    • Problem<\/strong>: Teams run active-active stacks in multiple regions and need consistent inventory.<\/li>\n
                                    • Why this fits<\/strong>: Fleet constructs and compartments can align operational ownership; verify multi-region behavior in docs.<\/li>\n
                                    • Example<\/strong>: Regional SREs manage their own fleets; central team reviews standardized reports.<\/li>\n<\/ul>\n\n\n\n

                                      8) Compliance boundary enforcement by compartment and fleet<\/h3>\n\n\n\n
                                        \n
                                      • Problem<\/strong>: A regulated application must be strictly isolated and monitored.<\/li>\n
                                      • Why this fits<\/strong>: Use dedicated compartment + fleet + IAM policies.<\/li>\n
                                      • Example<\/strong>: HIPAA workload uses a dedicated compartment and fleet with restricted operators.<\/li>\n<\/ul>\n\n\n\n

                                        9) Change planning across many app instances<\/h3>\n\n\n\n
                                          \n
                                        • Problem<\/strong>: A planned change affects many instances; you need to identify scope.<\/li>\n
                                        • Why this fits<\/strong>: Fleet-level inventory supports safer planning.<\/li>\n
                                        • Example<\/strong>: A library update requires identifying which instances depend on a specific runtime.<\/li>\n<\/ul>\n\n\n\n

                                          10) Building a lightweight CMDB substitute for app estates<\/h3>\n\n\n\n
                                            \n
                                          • Problem<\/strong>: CMDB data is stale; manual spreadsheets are inaccurate.<\/li>\n
                                          • Why this fits<\/strong>: Automated discovery and centralized inventory reduce drift.<\/li>\n
                                          • Example<\/strong>: Replace \u201capp server spreadsheet\u201d with fleet inventory views and tag-driven reporting.<\/li>\n<\/ul>\n\n\n\n
                                            \n\n\n\n

                                            6. Core Features<\/h2>\n\n\n\n

                                            Because Oracle Cloud services evolve, treat this section as a practical guide and confirm exact feature availability (supported application types, actions, and regions) in the official Fleet Application Management documentation<\/strong>.<\/p>\n\n\n\n

                                            Fleet resource model (fleet-based organization)<\/h3>\n\n\n\n
                                              \n
                                            • What it does<\/strong>: Lets you define a \u201cfleet\u201d as a logical grouping for application management.<\/li>\n
                                            • Why it matters<\/strong>: You manage by group<\/em>, not by host.<\/li>\n
                                            • Practical benefit<\/strong>: Cleaner operations for multi-environment deployments; faster scoping for incidents and changes.<\/li>\n
                                            • Limitations\/caveats<\/strong>: Fleet design is only as good as your compartment\/tagging strategy.<\/li>\n<\/ul>\n\n\n\n

                                              Application discovery and inventory (for supported app types)<\/h3>\n\n\n\n
                                                \n
                                              • What it does<\/strong>: Collects metadata about application installations\/deployments from managed hosts.<\/li>\n
                                              • Why it matters<\/strong>: You can\u2019t manage what you can\u2019t reliably inventory.<\/li>\n
                                              • Practical benefit<\/strong>: Central view of \u201cwhat is running where\u201d without manual tracking.<\/li>\n
                                              • Limitations\/caveats<\/strong>: Discovery depends on supported application types and correct agent connectivity\/permissions.<\/li>\n<\/ul>\n\n\n\n

                                                Managed host onboarding (agent-based connectivity)<\/h3>\n\n\n\n
                                                  \n
                                                • What it does<\/strong>: Connects OCI compute instances (and potentially external hosts, depending on supported modes) to OCI so they can be inventoried\/managed.<\/li>\n
                                                • Why it matters<\/strong>: Fleet Application Management needs a trusted way to communicate with hosts.<\/li>\n
                                                • Practical benefit<\/strong>: Standard onboarding and credentialing; reduced bespoke scripts.<\/li>\n
                                                • Limitations\/caveats<\/strong>: Requires network egress to OCI endpoints and correct OS prerequisites.<\/li>\n<\/ul>\n\n\n\n

                                                  Compartment and IAM integration<\/h3>\n\n\n\n
                                                    \n
                                                  • What it does<\/strong>: Uses OCI IAM policies to control who can view\/manage fleets and related resources.<\/li>\n
                                                  • Why it matters<\/strong>: Governance is essential for production operations.<\/li>\n
                                                  • Practical benefit<\/strong>: Least privilege; separation of duties; consistent enterprise controls.<\/li>\n
                                                  • Limitations\/caveats<\/strong>: Mis-scoped policies can lead to over-permissioning or blocked operations.<\/li>\n<\/ul>\n\n\n\n

                                                    Tagging support (cost\/governance metadata)<\/h3>\n\n\n\n
                                                      \n
                                                    • What it does<\/strong>: Supports applying OCI tags to fleets\/resources (where available).<\/li>\n
                                                    • Why it matters<\/strong>: Tagging drives cost allocation, ownership, and automation.<\/li>\n
                                                    • Practical benefit<\/strong>: Better reporting; easier ops automation via tag-based queries.<\/li>\n
                                                    • Limitations\/caveats<\/strong>: Tag compliance requires organizational discipline; consider tag defaults and tag namespaces.<\/li>\n<\/ul>\n\n\n\n

                                                      Auditability (OCI Audit)<\/h3>\n\n\n\n
                                                        \n
                                                      • What it does<\/strong>: Records control-plane actions in OCI Audit.<\/li>\n
                                                      • Why it matters<\/strong>: You need a forensics trail of who changed what.<\/li>\n
                                                      • Practical benefit<\/strong>: Incident response, compliance evidence, and change accountability.<\/li>\n
                                                      • Limitations\/caveats<\/strong>: Audit logs show control-plane operations; they don\u2019t replace workload-level logging.<\/li>\n<\/ul>\n\n\n\n

                                                        Integration patterns with monitoring and notifications (where applicable)<\/h3>\n\n\n\n
                                                          \n
                                                        • What it does<\/strong>: Enables operational workflows where fleet changes or detected events can be integrated into Monitoring\/Events\/Notifications.<\/li>\n
                                                        • Why it matters<\/strong>: Operations teams rely on alerting and ticket automation.<\/li>\n
                                                        • Practical benefit<\/strong>: Consistent \u201cdetect \u2192 notify \u2192 remediate\u201d loops.<\/li>\n
                                                        • Limitations\/caveats<\/strong>: Exact event types and metrics vary\u2014verify in docs for your region.<\/li>\n<\/ul>\n\n\n\n
                                                          \n\n\n\n

                                                          7. Architecture and How It Works<\/h2>\n\n\n\n

                                                          High-level architecture<\/h3>\n\n\n\n

                                                          Fleet Application Management uses a control plane<\/strong> in OCI that stores fleet definitions and inventory metadata. Managed hosts run an agent\/collector<\/strong> that:\n1. securely registers with OCI,\n2. collects application metadata from the host (for supported app types),\n3. sends inventory\/telemetry to the service endpoints.<\/p>\n\n\n\n

                                                          OCI then provides:\n– UI and APIs to view and manage fleets\n– governance via compartments\/IAM\n– audit logging of actions<\/p>\n\n\n\n

                                                          Request\/data\/control flow (conceptual)<\/h3>\n\n\n\n
                                                            \n
                                                          1. Operator<\/strong> creates a Fleet in an OCI compartment.<\/li>\n
                                                          2. Operator<\/strong> onboards hosts by installing and registering an agent.<\/li>\n
                                                          3. The agent performs discovery\/collection and sends metadata to OCI.<\/li>\n
                                                          4. Fleet Application Management correlates hosts and application entities into the fleet model.<\/li>\n
                                                          5. Operators query inventory, review status, and perform supported management actions.<\/li>\n<\/ol>\n\n\n\n

                                                            Integrations with related OCI services (common patterns)<\/h3>\n\n\n\n
                                                              \n
                                                            • IAM<\/strong>: fine-grained access control to fleet resources.<\/li>\n
                                                            • Audit<\/strong>: records control-plane changes and operations.<\/li>\n
                                                            • Monitoring\/Alarms<\/strong>: alert on operational signals (verify which metrics are available for Fleet Application Management).<\/li>\n
                                                            • Logging<\/strong>: capture agent logs and service logs if configured (often via separate logging configuration).<\/li>\n
                                                            • Events + Notifications<\/strong>: automation hooks (verify event types for Fleet Application Management).<\/li>\n
                                                            • Vault<\/strong>: store secrets needed for operational tooling around fleets (not necessarily required by the service itself).<\/li>\n<\/ul>\n\n\n\n

                                                              Dependency services<\/h3>\n\n\n\n
                                                                \n
                                                              • OCI Identity and Access Management (IAM)<\/strong><\/li>\n
                                                              • Networking<\/strong> (VCN\/subnet for compute instances; outbound egress to OCI endpoints)<\/li>\n
                                                              • Compute<\/strong> (if you manage app instances on VMs)<\/li>\n
                                                              • Management Agent<\/strong> (commonly used for host connectivity\u2014verify exact agent requirements in docs)<\/li>\n<\/ul>\n\n\n\n

                                                                Security\/authentication model (conceptual)<\/h3>\n\n\n\n
                                                                  \n
                                                                • Users authenticate via OCI IAM<\/strong>.<\/li>\n
                                                                • Agents authenticate using OCI-managed mechanisms established during agent registration (commonly via install keys\/certificates; verify specifics in docs).<\/li>\n
                                                                • Authorization is enforced by IAM policies at the compartment\/tenancy level.<\/li>\n<\/ul>\n\n\n\n

                                                                  Networking model<\/h3>\n\n\n\n
                                                                    \n
                                                                  • Managed hosts typically require outbound connectivity<\/strong> to OCI service endpoints.<\/li>\n
                                                                  • If hosts are in private subnets, you commonly need a NAT Gateway<\/strong> or Service Gateway<\/strong> (depending on endpoint support) so the agent can reach OCI.<\/li>\n
                                                                  • In locked-down environments, allowlisting OCI endpoints and controlling egress is critical.<\/li>\n<\/ul>\n\n\n\n

                                                                    Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n
                                                                      \n
                                                                    • Treat fleets as first-class operational assets: enforce tags, naming standards, and access boundaries.<\/li>\n
                                                                    • Capture agent logs centrally (for example, via OCI Logging) to speed up troubleshooting.<\/li>\n
                                                                    • Use compartments to map to environments and compliance boundaries.<\/li>\n<\/ul>\n\n\n\n

                                                                      Simple architecture diagram (conceptual)<\/h4>\n\n\n\n
                                                                      flowchart LR\n  U[Operator \/ SRE] -->|Console \/ API| FAM[Fleet Application Management<br\/>Control Plane]\n  subgraph VCN[OCI VCN]\n    H1[Compute Instance(s)<br\/>App + Agent]\n  end\n  H1 -->|Inventory\/Discovery Data| FAM\n  FAM --> IAM[IAM Policies \/ Compartments]\n  FAM --> AUD[Audit Logs]\n<\/code><\/pre>\n\n\n\n
                                                                      Production-style architecture diagram (multi-environment)<\/h4>\n\n\n\n
                                                                      flowchart TB\n  subgraph Tenancy[OCI Tenancy]\n    IAM[IAM<br\/>Groups, Policies, Dynamic Groups]\n    AUD[Audit]\n    NOTIF[Notifications]\n    EVT[Events]\n    LOG[Logging]\n    MON[Monitoring & Alarms]\n\n    subgraph ProdComp[Compartment: Prod]\n      FAMProd[Fleet Application Management<br\/>Prod Fleet(s)]\n      subgraph ProdVCN[Prod VCN]\n        NAT1[NAT Gateway]\n        P1[App Hosts (Private Subnet)<br\/>Agent installed]\n      end\n    end\n\n    subgraph DevComp[Compartment: Dev\/Test]\n      FAMDev[Fleet Application Management<br\/>Dev Fleet(s)]\n      subgraph DevVCN[Dev VCN]\n        NAT2[NAT Gateway]\n        D1[App Hosts (Private Subnet)<br\/>Agent installed]\n      end\n    end\n  end\n\n  P1 -->|Egress via NAT| FAMProd\n  D1 -->|Egress via NAT| FAMDev\n\n  FAMProd --> AUD\n  FAMDev --> AUD\n  FAMProd --> EVT --> NOTIF\n  FAMDev --> EVT --> NOTIF\n  LOG --- P1\n  MON --- FAMProd\n  MON --- FAMDev\n<\/code><\/pre>\n\n\n\n
                                                                      \n\n\n\n
                                                                      8. Prerequisites<\/h2>\n\n\n\n
                                                                      Tenancy\/account requirements<\/h3>\n\n\n\n
                                                                        \n
                                                                      • An active Oracle Cloud<\/strong> tenancy.<\/li>\n
                                                                      • Access to an OCI compartment<\/strong> where you can create\/manage:<\/li>\n
                                                                      • Fleet Application Management resources<\/li>\n
                                                                      • any required agent resources\/keys (depending on onboarding method)<\/li>\n
                                                                      • compute\/network resources for the lab<\/li>\n<\/ul>\n\n\n\n
                                                                        Permissions \/ IAM roles<\/h3>\n\n\n\n
                                                                        For a beginner lab, the simplest approach is:\n– Use a user\/group with broad permissions in a dedicated lab compartment (for example, permissions equivalent to \u201cmanage all-resources\u201d in that compartment).<\/p>\n\n\n\n
                                                                        For production, create least-privilege policies for:\n– fleet creation and management\n– host onboarding\/agent management\n– read-only access for auditors<\/p>\n\n\n\n
                                                                        \n
                                                                        IAM policy syntax and service \u201cresource family\u201d names can change or be service-specific. Use the official IAM policy reference in the Fleet Application Management and Management Agent documentation and verify exact policy statements<\/strong>.<\/p>\n<\/blockquote>\n\n\n\n
                                                                        Billing requirements<\/h3>\n\n\n\n
                                                                          \n
                                                                        • Your tenancy must have billing enabled for paid resources used in the lab (primarily Compute<\/strong>, Block Volume<\/strong>, NAT Gateway<\/strong>, and data egress where applicable).<\/li>\n
                                                                        • Fleet Application Management pricing may be separate or may have $0 control-plane cost depending on Oracle\u2019s pricing model\u2014verify on the official pricing page<\/strong>.<\/li>\n<\/ul>\n\n\n\n
                                                                          Tools needed<\/h3>\n\n\n\n
                                                                            \n
                                                                          • OCI Console access<\/li>\n
                                                                          • SSH client (ssh<\/code>) to connect to a compute instance<\/li>\n
                                                                          • A terminal on your workstation<\/li>\n
                                                                          • (Optional) OCI CLI if you prefer automation. Not required for this lab.<\/li>\n<\/ul>\n\n\n\n
                                                                            Region availability<\/h3>\n\n\n\n
                                                                              \n
                                                                            • Fleet Application Management availability can be region-dependent. Confirm in:<\/li>\n
                                                                            • OCI Console service list for your region<\/li>\n
                                                                            • Official docs region notes (if provided)<\/li>\n<\/ul>\n\n\n\n
                                                                              Quotas\/limits<\/h3>\n\n\n\n
                                                                                \n
                                                                              • Compute instance limits (per shape, cores, VNICs)<\/li>\n
                                                                              • VCN\/NAT Gateway limits<\/li>\n
                                                                              • Any Fleet Application Management service limits (verify in official docs)<\/li>\n<\/ul>\n\n\n\n
                                                                                Prerequisite services<\/h3>\n\n\n\n
                                                                                  \n
                                                                                • OCI Compute<\/strong>: to host a sample application<\/li>\n
                                                                                • OCI Networking<\/strong>: VCN, subnet, and egress path<\/li>\n
                                                                                • OCI Management Agent<\/strong> (commonly): to connect the host for discovery\/management<\/li>\n<\/ul>\n\n\n\n
                                                                                  Management Agent docs entry point (verify URL if it redirects):\n– https:\/\/docs.oracle.com\/en-us\/iaas\/management-agent\/home.htm<\/p>\n\n\n\n
                                                                                  \n\n\n\n
                                                                                  9. Pricing \/ Cost<\/h2>\n\n\n\n
                                                                                  Pricing model (what to check)<\/h3>\n\n\n\n
                                                                                  Oracle Cloud pricing for Observability and Management services can vary by:\n– region\n– service feature\/SKU\n– data volume (GB ingested\/stored), if applicable\n– number of managed entities\/agents, depending on service<\/p>\n\n\n\n
                                                                                  For Fleet Application Management specifically, do not assume it is free or paid<\/strong> without checking current pricing. Use:\n– OCI\/Oracle Cloud price list: https:\/\/www.oracle.com\/cloud\/price-list\/\n– OCI Cost Estimator: https:\/\/www.oracle.com\/cloud\/costestimator.html<\/p>\n\n\n\n
                                                                                  Navigate the price list to Observability and Management<\/strong> and locate Fleet Application Management<\/strong> (if listed) or any dependency SKUs that apply.<\/p>\n\n\n\n
                                                                                  Common pricing dimensions (practical cost drivers)<\/h3>\n\n\n\n
                                                                                  Even if Fleet Application Management control plane is low-cost or $0, you still pay for dependencies:<\/p>\n\n\n\n
                                                                                    \n
                                                                                  1. Compute instances<\/strong>\n   – OCPU and memory pricing for the hosts you manage\n   – Boot volumes and block volumes<\/li>\n
                                                                                  2. Network egress<\/strong>\n   – Outbound data transfer from OCI to the internet or between regions\n   – NAT Gateway processing (and data processing) where applicable<\/li>\n
                                                                                  3. Logging\/Monitoring storage<\/strong>\n   – If you forward agent logs or store additional logs\/metrics, you may incur ingestion and storage costs (depending on which logging\/analytics services you enable).<\/li>\n
                                                                                  4. Operations overhead<\/strong>\n   – Extra compute overhead on hosts (agent CPU\/memory)\n   – Operational time to maintain least privilege and fleet governance<\/li>\n<\/ol>\n\n\n\n
                                                                                    Free tier considerations<\/h3>\n\n\n\n
                                                                                    Oracle Cloud has an Always Free tier for some services, but eligibility and included limits vary<\/strong>. Verify Always Free coverage for:\n– compute shapes (if using Always Free eligible VM shapes)\n– monitoring\/logging usage\n– any Fleet Application Management-specific free quota (if offered)<\/p>\n\n\n\n
                                                                                    Always Free overview (verify current limits):\n– https:\/\/www.oracle.com\/cloud\/free\/<\/p>\n\n\n\n
                                                                                    Hidden\/indirect costs to watch<\/h3>\n\n\n\n
                                                                                      \n
                                                                                    • NAT Gateway<\/strong>: In private subnet designs, NAT Gateway can become a steady monthly cost driver.<\/li>\n
                                                                                    • Cross-region data movement<\/strong>: If you centralize logging or inventory across regions, data transfer can add up.<\/li>\n
                                                                                    • Log retention<\/strong>: Long retention periods cost money\u2014set retention based on compliance needs.<\/li>\n<\/ul>\n\n\n\n
                                                                                      How to optimize cost<\/h3>\n\n\n\n
                                                                                        \n
                                                                                      • Start with one small fleet<\/strong> and a minimal number of hosts.<\/li>\n
                                                                                      • Prefer private subnets<\/strong> with controlled egress; design egress intentionally.<\/li>\n
                                                                                      • Don\u2019t enable expensive analytics features \u201cjust in case.\u201d<\/li>\n
                                                                                      • Set log retention to the minimum that meets compliance.<\/li>\n
                                                                                      • Use tags for cost tracking: CostCenter<\/code>, Environment<\/code>, App<\/code>, Owner<\/code>.<\/li>\n<\/ul>\n\n\n\n
                                                                                        Example low-cost starter estimate (qualitative)<\/h3>\n\n\n\n
                                                                                        A low-cost lab typically includes:\n– 1 small compute VM\n– 1 VCN + 1 subnet\n– (optional) NAT Gateway if you place the VM in a private subnet\n– minimal log retention<\/p>\n\n\n\n
                                                                                        Exact numbers are region- and SKU-dependent, so use the OCI Cost Estimator to model:\n– VM shape cost\n– NAT Gateway + data processing\n– expected data egress and logging<\/p>\n\n\n\n
                                                                                        Example production cost considerations<\/h3>\n\n\n\n
                                                                                        In production, cost typically scales with:\n– number of hosts\n– number of environments\/regions\n– amount of operational telemetry you ingest\/store\n– security posture (private endpoints, centralized logging, extended retention)<\/p>\n\n\n\n
                                                                                        \n\n\n\n
                                                                                        10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n
                                                                                        This lab focuses on a safe, minimal<\/strong> setup: one OCI compute instance, a management agent installed on it, and a Fleet Application Management fleet that can \u201csee\u201d the host and run discovery (where supported).<\/p>\n\n\n\n
                                                                                        Because application discovery depends on supported application types, your \u201cdiscovered applications\u201d results may vary. The lab is still valid if you end with:\n– a registered managed host\/agent visible in OCI, and\n– a fleet created and associated with that host.<\/p>\n\n\n\n
                                                                                        Objective<\/h3>\n\n\n\n
                                                                                          \n
                                                                                        • Create a Fleet in Fleet Application Management<\/strong><\/li>\n
                                                                                        • Provision a small OCI compute instance<\/li>\n
                                                                                        • Install and register the required agent (commonly OCI Management Agent)<\/li>\n
                                                                                        • Confirm the host appears in Fleet Application Management and that discovery\/inventory runs (as supported)<\/li>\n<\/ul>\n\n\n\n
                                                                                          Lab Overview<\/h3>\n\n\n\n
                                                                                          You will:\n1. Create a compartment and basic network (or reuse existing).\n2. Create a compute instance.\n3. Ensure outbound connectivity from the instance to OCI endpoints.\n4. Install and register the Management Agent (using the console-generated install workflow).\n5. Create a Fleet and associate the managed host.\n6. Validate visibility and inventory.\n7. Clean up resources to avoid ongoing costs.<\/p>\n\n\n\n
                                                                                          \n\n\n\n
                                                                                          Step 1: Prepare a compartment (recommended)<\/h3>\n\n\n\n
                                                                                          Console path<\/strong>: Identity & Security \u2192 Compartments<\/p>\n\n\n\n
                                                                                            \n
                                                                                          1. Create a compartment like:\n   – Name: lab-fam<\/code>\n   – Description: Fleet Application Management lab<\/code><\/li>\n
                                                                                          2. Record the compartment OCID (optional).<\/li>\n<\/ol>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– You have an isolated place to create and delete resources safely.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– In the compartment list, you can select lab-fam<\/code> and it shows as Active.<\/p>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 2: Create networking (VCN + subnet)<\/h3>\n\n\n\n
                                                                                            If you already have a VCN\/subnet you can use, reuse it. Otherwise:<\/p>\n\n\n\n
                                                                                            Console path<\/strong>: Networking \u2192 Virtual Cloud Networks \u2192 Start VCN Wizard<\/p>\n\n\n\n
                                                                                            Choose either:\n– Public subnet<\/strong> (simpler for labs; fewer moving parts), or\n– Private subnet + NAT Gateway<\/strong> (closer to production patterns).<\/p>\n\n\n\n
                                                                                            Recommended lab-simple option<\/strong>: Public subnet\n– Create VCN with Internet Gateway and a public subnet.\n– Ensure the subnet has a route rule to the Internet Gateway.\n– Ensure the instance will get a public IP.<\/p>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– Instance will have outbound internet access (needed to reach OCI endpoints for agent registration and updates).<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– Subnet route table includes a default route (0.0.0.0\/0<\/code>) to the Internet Gateway.\n– Security list allows outbound traffic (default is usually permissive egress).<\/p>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 3: Create a small compute instance<\/h3>\n\n\n\n
                                                                                            Console path<\/strong>: Compute \u2192 Instances \u2192 Create instance<\/p>\n\n\n\n
                                                                                            Suggested lab settings:\n– Name: fam-lab-vm1<\/code>\n– Image: Oracle Linux (choose a current supported Oracle Linux image)\n– Shape: a small VM shape suitable for labs\n– Network: select your lab VCN and subnet\n– SSH keys: add your public key\n– Public IP: enabled (if using public subnet)<\/p>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– Instance is running and you can SSH into it.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– Instance lifecycle state is RUNNING<\/code>.\n– Note the public IP address (or private IP if you use bastion).<\/p>\n\n\n\n
                                                                                            SSH to the instance:<\/p>\n\n\n\n
                                                                                            ssh -i ~\/.ssh\/id_rsa opc@<PUBLIC_IP>\n<\/code><\/pre>\n\n\n\n
                                                                                            If you used Oracle Linux and the default user differs, follow the \u201cInstance access\u201d details shown in the OCI console for the image you selected.<\/p>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 4: Install a simple sample workload (optional but useful)<\/h3>\n\n\n\n
                                                                                            This step isn\u2019t strictly required for fleet onboarding, but it helps ensure the host looks realistic.<\/p>\n\n\n\n
                                                                                            On the instance:<\/p>\n\n\n\n
                                                                                            sudo dnf -y update || sudo yum -y update\n<\/code><\/pre>\n\n\n\n
                                                                                            Install a lightweight web server (example):<\/p>\n\n\n\n
                                                                                            sudo dnf -y install nginx || sudo yum -y install nginx\nsudo systemctl enable --now nginx\n<\/code><\/pre>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– A running service you can later use to sanity-check the host.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\nCheck service status:<\/p>\n\n\n\n
                                                                                            systemctl status nginx --no-pager\n<\/code><\/pre>\n\n\n\n
                                                                                            If your security list allows inbound TCP\/80 and you have a public IP, you can test from your laptop:<\/p>\n\n\n\n
                                                                                            curl -I http:\/\/<PUBLIC_IP>\n<\/code><\/pre>\n\n\n\n
                                                                                            \n
                                                                                            Note: Fleet Application Management discovery may or may not treat nginx as a \u201cdiscoverable application type.\u201d This step is for host realism and connectivity checks, not as a guaranteed discoverable application.<\/p>\n<\/blockquote>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 5: Create an agent install key and download the agent installer (console-driven)<\/h3>\n\n\n\n
                                                                                            Fleet Application Management commonly relies on the OCI Management Agent<\/strong> to connect hosts. The typical onboarding flow is:\n– create an agent install key in OCI,\n– download an installer or script,\n– run it on the host to register the agent.<\/p>\n\n\n\n
                                                                                            Console path (typical)<\/strong>: Observability & Management \u2192 Management Agent (or equivalent entry)\nFrom there, look for:\n– Install keys\n– Download agent\n– Registration instructions<\/p>\n\n\n\n
                                                                                            Because the exact navigation and UI labels can change, follow the current official steps here:\n– Management Agent documentation: https:\/\/docs.oracle.com\/en-us\/iaas\/management-agent\/home.htm<\/p>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– You obtain an install script or package and an install key tied to your compartment.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– In the console, you can see the install key exists and is Active (or usable).\n– You have downloaded the installer bundle or copied the install command.<\/p>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 6: Install and register the Management Agent on the compute instance<\/h3>\n\n\n\n
                                                                                            Run the install command exactly as provided by the OCI console for your install key and OS.<\/p>\n\n\n\n
                                                                                            Typical pattern (example only \u2014 do not copy blindly<\/strong>):\n– download installer\n– run as root with key\/parameters\n– start agent service<\/p>\n\n\n\n
                                                                                            Because Oracle may change the installer format, use the console-generated command<\/strong>.<\/p>\n\n\n\n
                                                                                            After installation, check the agent service. One of these patterns is common:<\/p>\n\n\n\n
                                                                                            sudo systemctl status oracle-cloud-agent --no-pager || true\nsudo systemctl status managementagent --no-pager || true\nsudo systemctl list-units --type=service | egrep -i \"agent|oracle\" || true\n<\/code><\/pre>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– The agent is installed and running.\n– The host registers back to OCI and appears in the Management Agent list.<\/p>\n\n\n\n
                                                                                            Verification (console)<\/strong>\n– Go to the Management Agent list in your compartment.\n– Confirm the agent\/host shows as Active<\/strong> (or similar healthy state).\n– Confirm last heartbeat time updates.<\/p>\n\n\n\n
                                                                                            Common error<\/strong>\n– Agent shows \u201cInactive\u201d or never appears.\n  – Fix: confirm outbound egress (DNS + HTTPS), confirm system time is correct (NTP), confirm you used the right compartment\/install key.<\/p>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 7: Create a Fleet in Fleet Application Management<\/h3>\n\n\n\n
                                                                                            Console path<\/strong>: Observability & Management \u2192 Fleet Application Management \u2192 Fleets \u2192 Create fleet<\/p>\n\n\n\n
                                                                                            Provide:\n– Name: lab-fleet-1<\/code>\n– Compartment: lab-fam<\/code>\n– Tags: optional, but recommended (for example Environment=Lab<\/code>)<\/p>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– Fleet resource is created.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– Fleet appears in the Fleets list with an Active lifecycle state.<\/p>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 8: Add the managed host to the fleet (association\/onboarding)<\/h3>\n\n\n\n
                                                                                            The UI typically provides a way to associate managed hosts\/entities with a fleet.<\/p>\n\n\n\n
                                                                                            Console path<\/strong> (conceptual): Fleet Application Management \u2192 your fleet \u2192 Managed hosts \/ Targets \/ Entities \u2192 Add<\/p>\n\n\n\n
                                                                                            Select the compute instance\/agent you registered.<\/p>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– Fleet now contains at least one managed host\/entity.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– Fleet details show the host in its inventory list.<\/p>\n\n\n\n
                                                                                            \n
                                                                                            If you do not see the host as selectable: verify compartments (fleet and agent may need to be in accessible compartments) and verify IAM permissions.<\/p>\n<\/blockquote>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 9: Run discovery \/ refresh inventory (if available)<\/h3>\n\n\n\n
                                                                                            Fleet Application Management may provide a discovery action, scheduled discovery, or refresh.<\/p>\n\n\n\n
                                                                                            In the fleet UI, look for:\n– Discover applications\n– Refresh inventory\n– Run discovery job<\/p>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– Inventory metadata is refreshed.\n– If supported application types are present, you may see discovered application instances\/deployments.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– The fleet shows updated timestamps.\n– Any discovered items appear in application inventory views.<\/p>\n\n\n\n
                                                                                            \n
                                                                                            If nothing is discovered, it may mean your installed workload isn\u2019t a supported discoverable type. The lab is still successful if the host is managed and the fleet association works.<\/p>\n<\/blockquote>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Validation<\/h3>\n\n\n\n
                                                                                            Use this checklist:<\/p>\n\n\n\n
                                                                                              \n
                                                                                            1. Compute instance is reachable<\/strong>\n   – SSH works and basic commands run:<\/li>\n<\/ol>\n\n\n\n
                                                                                              bash\n   uname -a<\/code><\/p>\n\n\n\n
                                                                                                \n
                                                                                              1. Agent is healthy<\/strong>\n   – System service running (name varies):<\/li>\n<\/ol>\n\n\n\n
                                                                                                bash\n   sudo systemctl --no-pager --full status managementagent || true\n   sudo systemctl --no-pager --full status oracle-cloud-agent || true<\/code><\/p>\n\n\n\n
                                                                                                  \n
                                                                                                1. \n
                                                                                                  Agent appears in OCI<\/strong>\n   – Management Agent list shows the host as Active\/Healthy.<\/p>\n<\/li>\n
                                                                                                2. \n
                                                                                                  Fleet exists and includes the host<\/strong>\n   – Fleet details show the managed host\/entity association.<\/p>\n<\/li>\n
                                                                                                3. \n
                                                                                                  Inventory refresh\/discovery runs<\/strong> (if available)\n   – Fleet inventory timestamps update and\/or discovered entities appear.<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                  \n\n\n\n
                                                                                                  Troubleshooting<\/h3>\n\n\n\n
                                                                                                  Issue: Agent doesn\u2019t show up in OCI<\/h4>\n\n\n\n
                                                                                                    \n
                                                                                                  • Check outbound connectivity<\/strong>:<\/li>\n
                                                                                                  • \n
                                                                                                    DNS resolution works:<\/p>\n
                                                                                                    bash\nnslookup oracle.com || getent hosts oracle.com<\/code><\/p>\n<\/li>\n
                                                                                                  • \n
                                                                                                    HTTPS outbound works:<\/p>\n
                                                                                                    bash\ncurl -I https:\/\/www.oracle.com<\/code><\/p>\n<\/li>\n
                                                                                                  • \n
                                                                                                    Check system time<\/strong> (TLS failures often occur with wrong clock):<\/p>\n<\/li>\n
                                                                                                  • \n
                                                                                                    On Oracle Linux:<\/p>\n
                                                                                                    bash\ntimedatectl<\/code><\/p>\n<\/li>\n
                                                                                                  • \n
                                                                                                    Review agent logs<\/strong><\/p>\n<\/li>\n
                                                                                                  • \n
                                                                                                    Log locations vary by agent and version. Use:<\/p>\n
                                                                                                    bash\nsudo journalctl -u managementagent --no-pager | tail -200 || true\nsudo journalctl -u oracle-cloud-agent --no-pager | tail -200 || true<\/code><\/p>\n<\/li>\n
                                                                                                  • \n
                                                                                                    If logs are elsewhere, consult the agent docs for your OS.<\/p>\n<\/li>\n<\/ul>\n\n\n\n
                                                                                                    Issue: You can\u2019t add the host to the fleet<\/h4>\n\n\n\n
                                                                                                      \n
                                                                                                    • Ensure:<\/li>\n
                                                                                                    • The fleet and the host\/agent are in the intended compartment(s).<\/li>\n
                                                                                                    • Your user\/group has permissions in both compartments.<\/li>\n
                                                                                                    • For production, implement explicit IAM policies (verify in docs).<\/li>\n<\/ul>\n\n\n\n
                                                                                                      Issue: Discovery finds no applications<\/h4>\n\n\n\n
                                                                                                        \n
                                                                                                      • Confirm:<\/li>\n
                                                                                                      • Your application type is supported by Fleet Application Management discovery in your region.<\/li>\n
                                                                                                      • Required plugins\/collectors are enabled (if the agent uses plugins).<\/li>\n
                                                                                                      • If you need guaranteed \u201cdiscoverable\u201d behavior, use an application type explicitly documented as supported.<\/li>\n<\/ul>\n\n\n\n
                                                                                                        \n\n\n\n
                                                                                                        Cleanup<\/h3>\n\n\n\n
                                                                                                        To avoid ongoing charges, delete in this order:<\/p>\n\n\n\n
                                                                                                          \n
                                                                                                        1. \n
                                                                                                          Terminate compute instance<\/strong>\n   – Compute \u2192 Instances \u2192 fam-lab-vm1<\/code> \u2192 Terminate\n   – Choose to delete attached boot volume (if you do not need it)<\/p>\n<\/li>\n
                                                                                                        2. \n
                                                                                                          Delete NAT Gateway<\/strong> (if created)\n   – Networking \u2192 NAT Gateways \u2192 delete<\/p>\n<\/li>\n
                                                                                                        3. \n
                                                                                                          Delete VCN<\/strong> (if created for the lab)\n   – Networking \u2192 VCNs \u2192 delete (wizard typically deletes dependent resources)<\/p>\n<\/li>\n
                                                                                                        4. \n
                                                                                                          Delete fleet<\/strong>\n   – Fleet Application Management \u2192 Fleets \u2192 delete lab-fleet-1<\/code><\/p>\n<\/li>\n
                                                                                                        5. \n
                                                                                                          Delete agent install keys<\/strong> (optional hygiene)\n   – Management Agent \u2192 Install keys \u2192 delete lab keys<\/p>\n<\/li>\n
                                                                                                        6. \n
                                                                                                          Delete compartment<\/strong> (optional, only if empty)\n   – Remove any remaining resources first.<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                          \n\n\n\n
                                                                                                          11. Best Practices<\/h2>\n\n\n\n
                                                                                                          Architecture best practices<\/h3>\n\n\n\n
                                                                                                            \n
                                                                                                          • Design fleets around ownership and operational boundaries<\/strong>, not purely around technical topology.<\/li>\n
                                                                                                          • Good fleet boundaries: environment (prod\/dev), business unit, SLA tier, compliance boundary.<\/li>\n
                                                                                                          • Use compartments to enforce environment separation<\/strong> and apply IAM and quotas cleanly.<\/li>\n
                                                                                                          • Prefer private subnets<\/strong> for production hosts; control egress with NAT and allowlists.<\/li>\n<\/ul>\n\n\n\n
                                                                                                            IAM\/security best practices<\/h3>\n\n\n\n
                                                                                                              \n
                                                                                                            • Use least privilege<\/strong>:<\/li>\n
                                                                                                            • Separate roles: fleet viewers, fleet operators, fleet administrators.<\/li>\n
                                                                                                            • Keep onboarding privileges (agent install keys, registration) restricted.<\/li>\n
                                                                                                            • Use dynamic groups<\/strong> only when required by your chosen integration; prefer explicit user\/group permissions for administrative actions.<\/li>\n<\/ul>\n\n\n\n
                                                                                                              Cost best practices<\/h3>\n\n\n\n
                                                                                                                \n
                                                                                                              • Avoid always-on NAT Gateways in small dev environments unless required.<\/li>\n
                                                                                                              • Keep telemetry\/log retention minimal while meeting compliance.<\/li>\n
                                                                                                              • Tag fleets and hosts for cost allocation and chargeback.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                Performance best practices<\/h3>\n\n\n\n
                                                                                                                  \n
                                                                                                                • Validate agent overhead on representative hosts before large-scale rollout.<\/li>\n
                                                                                                                • Stagger discovery\/refresh jobs (if configurable) to avoid thundering herd effects.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                  Reliability best practices<\/h3>\n\n\n\n
                                                                                                                    \n
                                                                                                                  • Treat agents as part of your production runtime dependencies:<\/li>\n
                                                                                                                  • monitor agent health,<\/li>\n
                                                                                                                  • automate reinstall\/repair runbooks,<\/li>\n
                                                                                                                  • standardize golden images if possible.<\/li>\n
                                                                                                                  • Use compartments and tagging to ensure correct scoping when hosts are replaced.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                    Operations best practices<\/h3>\n\n\n\n
                                                                                                                      \n
                                                                                                                    • Centralize operational logs (agent logs, key service logs) with consistent retention.<\/li>\n
                                                                                                                    • Establish a naming convention:<\/li>\n
                                                                                                                    • Fleets: <App>-<Env>-<Region><\/code> or <Domain>-<Env><\/code><\/li>\n
                                                                                                                    • Hosts: include environment and role<\/li>\n
                                                                                                                    • Create runbooks for:<\/li>\n
                                                                                                                    • onboarding\/offboarding hosts<\/li>\n
                                                                                                                    • common discovery failures<\/li>\n
                                                                                                                    • access review procedures<\/li>\n<\/ul>\n\n\n\n
                                                                                                                      Governance\/tagging\/naming best practices<\/h3>\n\n\n\n
                                                                                                                        \n
                                                                                                                      • Mandatory tags (common):<\/li>\n
                                                                                                                      • Environment<\/code>, Owner<\/code>, CostCenter<\/code>, DataClassification<\/code><\/li>\n
                                                                                                                      • Use defined tags with allowed values to prevent drift.<\/li>\n
                                                                                                                      • Align fleet design with landing zone guardrails.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                        \n\n\n\n
                                                                                                                        12. Security Considerations<\/h2>\n\n\n\n
                                                                                                                        Identity and access model<\/h3>\n\n\n\n
                                                                                                                          \n
                                                                                                                        • Users access Fleet Application Management via OCI IAM<\/strong>.<\/li>\n
                                                                                                                        • Use compartments to constrain blast radius.<\/li>\n
                                                                                                                        • Prefer separate groups:<\/li>\n
                                                                                                                        • FAM-Admins<\/code>: create\/delete fleets, configure discovery<\/li>\n
                                                                                                                        • FAM-Ops<\/code>: day-2 operations<\/li>\n
                                                                                                                        • FAM-Viewers<\/code>: read-only for auditors\/support<\/li>\n<\/ul>\n\n\n\n
                                                                                                                          Encryption<\/h3>\n\n\n\n
                                                                                                                            \n
                                                                                                                          • OCI control-plane services generally encrypt data at rest and in transit as part of the platform.\n  Verify service-specific encryption statements in the official documentation and compliance docs.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                            Network exposure<\/h3>\n\n\n\n
                                                                                                                              \n
                                                                                                                            • Managed hosts should not require inbound internet connectivity for agent operation in many designs; outbound egress is more typical.<\/li>\n
                                                                                                                            • For production:<\/li>\n
                                                                                                                            • keep hosts private,<\/li>\n
                                                                                                                            • restrict egress destinations,<\/li>\n
                                                                                                                            • avoid broad 0.0.0.0\/0<\/code> inbound rules.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                              Secrets handling<\/h3>\n\n\n\n
                                                                                                                                \n
                                                                                                                              • Do not store credentials in scripts or on hosts.<\/li>\n
                                                                                                                              • Use OCI Vault<\/strong> for secrets used by operational tooling around fleets.<\/li>\n
                                                                                                                              • Rotate agent-related keys\/tokens per documented procedures.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                Audit\/logging<\/h3>\n\n\n\n
                                                                                                                                  \n
                                                                                                                                • Use OCI Audit<\/strong> to track who changed fleet configuration and onboarding keys.<\/li>\n
                                                                                                                                • Export audit logs to your SIEM if required.<\/li>\n
                                                                                                                                • Collect agent logs centrally to detect tampering or repeated registration failures.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                  Compliance considerations<\/h3>\n\n\n\n
                                                                                                                                    \n
                                                                                                                                  • Map fleets to compliance boundaries:<\/li>\n
                                                                                                                                  • PCI, HIPAA, SOC2, ISO27001<\/li>\n
                                                                                                                                  • Apply compartment-level policies and tagging.<\/li>\n
                                                                                                                                  • Ensure evidence collection:<\/li>\n
                                                                                                                                  • inventory exports\/screenshots (where accepted),<\/li>\n
                                                                                                                                  • audit logs,<\/li>\n
                                                                                                                                  • change records.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                    Common security mistakes<\/h3>\n\n\n\n
                                                                                                                                      \n
                                                                                                                                    • Over-permissioned policies (\u201cmanage all-resources in tenancy\u201d) in production.<\/li>\n
                                                                                                                                    • Public subnets for production app hosts.<\/li>\n
                                                                                                                                    • Not monitoring agent health (silent visibility loss).<\/li>\n
                                                                                                                                    • Long-lived onboarding keys not rotated\/revoked.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                      Secure deployment recommendations<\/h3>\n\n\n\n
                                                                                                                                        \n
                                                                                                                                      • Start with a pilot<\/strong> compartment and a small set of hosts.<\/li>\n
                                                                                                                                      • Lock down IAM before scaling.<\/li>\n
                                                                                                                                      • Use a dedicated subnet\/NSG for managed hosts and standardize egress.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                        \n\n\n\n
                                                                                                                                        13. Limitations and Gotchas<\/h2>\n\n\n\n
                                                                                                                                        Because capabilities vary by region and supported application types, confirm details in official docs. Common gotchas include:<\/p>\n\n\n\n
                                                                                                                                          \n
                                                                                                                                        • Supported application types<\/strong>: Discovery and management actions typically apply only to specific stacks. If your app type isn\u2019t supported, you may only get host-level association (or nothing beyond agent health).<\/li>\n
                                                                                                                                        • Region availability<\/strong>: Service may not be available in every region or may have feature differences.<\/li>\n
                                                                                                                                        • Network requirements<\/strong>: Agent needs outbound connectivity to OCI endpoints; private subnet deployments require NAT or equivalent.<\/li>\n
                                                                                                                                        • IAM scoping pitfalls<\/strong>:<\/li>\n
                                                                                                                                        • Fleet in one compartment, agent\/host in another can cause visibility\/association issues.<\/li>\n
                                                                                                                                        • Agent lifecycle management<\/strong>:<\/li>\n
                                                                                                                                        • OS upgrades, firewall changes, or certificate\/time drift can break registration.<\/li>\n
                                                                                                                                        • Telemetry costs<\/strong>:<\/li>\n
                                                                                                                                        • If you integrate with additional logging\/analytics services, costs can rise quickly.<\/li>\n
                                                                                                                                        • Operational expectation mismatch<\/strong>:<\/li>\n
                                                                                                                                        • Fleet Application Management is not the same as deep APM tracing; use OCI APM for request traces and code-level diagnostics.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                          \n\n\n\n
                                                                                                                                          14. Comparison with Alternatives<\/h2>\n\n\n\n
                                                                                                                                          Fleet Application Management sits in the middle ground between \u201chost management\u201d and \u201cdeep application observability.\u201d Consider what you actually need: inventory, patching, runtime metrics, traces, or configuration management.<\/p>\n\n\n\n
                                                                                                                                          Comparison table<\/h3>\n\n\n\n
                                                                                                                                          \n\n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                          Option<\/th>\nBest For<\/th>\nStrengths<\/th>\nWeaknesses<\/th>\nWhen to Choose<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                          OCI Fleet Application Management<\/strong><\/td>\nFleet-level application inventory\/management in OCI<\/td>\nFleet grouping, OCI governance (IAM\/compartments), centralized inventory (supported types)<\/td>\nDiscovery\/actions depend on supported app types; region\/feature variability<\/td>\nWhen you need application estate inventory and fleet operations in OCI<\/td>\n<\/tr>\n
                                                                                                                                          OCI Application Performance Monitoring (APM)<\/strong><\/td>\nPerformance tracing and diagnostics<\/td>\nDistributed tracing, service maps, app-centric diagnostics<\/td>\nNot primarily an inventory\/CMDB tool; requires instrumentation<\/td>\nWhen you need deep performance visibility and traces<\/td>\n<\/tr>\n
                                                                                                                                          OCI Logging \/ Logging Analytics<\/strong><\/td>\nCentralized logs and log analytics<\/td>\nFlexible ingestion, search, retention, dashboards (service-dependent)<\/td>\nCost can scale with ingestion\/retention; doesn\u2019t inherently model \u201cfleets\u201d<\/td>\nWhen logs are your primary operational signal<\/td>\n<\/tr>\n
                                                                                                                                          OCI OS Management Hub<\/strong><\/td>\nOS patching and package lifecycle<\/td>\nPatch compliance, scheduling, OS\/package inventory<\/td>\nFocused on OS-level, not app-level modeling<\/td>\nWhen your main goal is OS patching\/compliance at scale<\/td>\n<\/tr>\n
                                                                                                                                          Oracle Enterprise Manager (self-managed)<\/strong><\/td>\nDeep enterprise monitoring for Oracle stacks (on-prem\/hybrid)<\/td>\nMature management for Oracle middleware\/db in many enterprises<\/td>\nRequires infrastructure and admin overhead; separate platform<\/td>\nWhen you already standardize on Enterprise Manager for enterprise estates<\/td>\n<\/tr>\n
                                                                                                                                          AWS Systems Manager<\/strong><\/td>\nHost and application operations on AWS<\/td>\nMature fleet operations (Run Command, Patch Manager, Inventory)<\/td>\nAWS-specific; not OCI-native<\/td>\nWhen your fleet is on AWS and you want native tooling<\/td>\n<\/tr>\n
                                                                                                                                          Azure Arc + Azure Monitor<\/strong><\/td>\nHybrid management across clouds\/on-prem<\/td>\nStrong hybrid story; policy integrations<\/td>\nAzure-centric control plane; onboarding overhead<\/td>\nWhen you\u2019re standardized on Azure for hybrid ops<\/td>\n<\/tr>\n
                                                                                                                                          Open-source (Ansible + Prometheus + Grafana)<\/strong><\/td>\nCustomizable self-managed operations<\/td>\nHighly flexible; portable<\/td>\nMore engineering\/ops burden; governance and inventory are DIY<\/td>\nWhen you need portability and can run\/operate the stack yourself<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                          \n\n\n\n
                                                                                                                                          15. Real-World Example<\/h2>\n\n\n\n
                                                                                                                                          Enterprise example: Regulated payments platform on OCI<\/h3>\n\n\n\n
                                                                                                                                          Problem<\/strong>\nA payments company runs 200+ VM-based application instances across dev\/test\/prod compartments. Auditors require evidence of:\n– where applications run,\n– who can operate them,\n– change accountability.<\/p>\n\n\n\n
                                                                                                                                          Proposed architecture<\/strong>\n– Use compartments per environment and compliance boundary.\n– Create fleets per business capability (Payments, Billing, Risk) and environment (Prod\/NonProd).\n– Onboard hosts with the management agent.\n– Centralize audit logs and integrate with Notifications for operational events (where available).<\/p>\n\n\n\n
                                                                                                                                          Why Fleet Application Management was chosen<\/strong>\n– Fleet-first model aligns with enterprise governance.\n– Integrates with OCI IAM, compartments, and audit.\n– Provides centralized inventory without building a custom CMDB pipeline.<\/p>\n\n\n\n
                                                                                                                                          Expected outcomes<\/strong>\n– Faster audit evidence generation.\n– Reduced \u201cunknown application instance\u201d drift.\n– Clearer separation of duties and reduced over-permissioning.<\/p>\n\n\n\n
                                                                                                                                          Startup\/small-team example: SaaS with 20 app servers scaling quickly<\/h3>\n\n\n\n
                                                                                                                                          Problem<\/strong>\nA SaaS startup is growing from 10 to 60 VMs across regions. They don\u2019t want to maintain spreadsheets of which app version runs where.<\/p>\n\n\n\n
                                                                                                                                          Proposed architecture<\/strong>\n– One non-prod and one prod compartment.\n– Fleets per environment and service boundary.\n– Tagging for ownership and cost.\n– Minimal logging retention for cost control.<\/p>\n\n\n\n
                                                                                                                                          Why Fleet Application Management was chosen<\/strong>\n– Centralized inventory and governance with low operational overhead.\n– Works well with OCI-native patterns.<\/p>\n\n\n\n
                                                                                                                                          Expected outcomes<\/strong>\n– Cleaner operational handoffs as the team grows.\n– Less time spent tracking deployments manually.\n– A better foundation for compliance as customers demand SOC2.<\/p>\n\n\n\n
                                                                                                                                          \n\n\n\n
                                                                                                                                          16. FAQ<\/h2>\n\n\n\n
                                                                                                                                          1) Is Fleet Application Management the same as APM?<\/strong>\nNo. APM focuses on performance telemetry like traces and spans. Fleet Application Management focuses on organizing and managing application estates as fleets (inventory\/management workflows).<\/p>\n\n\n\n
                                                                                                                                          2) Does Fleet Application Management work for any application?<\/strong>\nNot necessarily. Discovery and actions typically depend on supported application types. Verify supported stacks in the official docs.<\/p>\n\n\n\n
                                                                                                                                          3) Do I need an agent on every host?<\/strong>\nIn most fleet-style management models, yes\u2014some kind of agent\/collector is typically required to discover inventory and report health. Verify exact requirements in OCI docs.<\/p>\n\n\n\n
                                                                                                                                          4) Can I manage on-prem hosts?<\/strong>\nPossibly, depending on supported onboarding modes and connectivity requirements. Verify hybrid support in official documentation.<\/p>\n\n\n\n
                                                                                                                                          5) How does access control work?<\/strong>\nThrough OCI IAM policies and compartments. You can restrict who can view or manage fleets and related resources.<\/p>\n\n\n\n
                                                                                                                                          6) Is Fleet Application Management regional?<\/strong>\nOCI services often have region-scoped behavior. Verify whether fleet resources and inventory are region-specific in the official docs.<\/p>\n\n\n\n
                                                                                                                                          7) What network ports\/protocols are required?<\/strong>\nAgents commonly need outbound HTTPS to OCI endpoints. Exact endpoints and ports should be taken from official docs for your agent version and region.<\/p>\n\n\n\n
                                                                                                                                          8) Can I use private subnets?<\/strong>\nYes, commonly. Provide outbound egress (NAT Gateway or other controlled egress) so the agent can reach OCI endpoints.<\/p>\n\n\n\n
                                                                                                                                          9) How do I troubleshoot agent registration issues?<\/strong>\nCheck DNS, outbound HTTPS, system time, and agent logs. Confirm you used the correct install key and compartment.<\/p>\n\n\n\n
                                                                                                                                          10) Will it increase my OCI bill?<\/strong>\nPotentially. Even if the service control plane is low-cost, compute, NAT, data egress, and log storage can add cost. Use the Oracle price list and cost estimator.<\/p>\n\n\n\n
                                                                                                                                          11) Can I automate fleet creation?<\/strong>\nOften yes via APIs\/SDKs\/CLI if supported. Confirm API availability for Fleet Application Management in the official API reference.<\/p>\n\n\n\n
                                                                                                                                          12) Does it integrate with OCI Events and Notifications?<\/strong>\nMany OCI services can emit events, but availability varies. Verify Fleet Application Management event types and metrics in docs.<\/p>\n\n\n\n
                                                                                                                                          13) How should I name fleets?<\/strong>\nUse names that encode ownership and environment, e.g., Payments-Prod<\/code>, Billing-NonProd<\/code>, plus region if needed.<\/p>\n\n\n\n
                                                                                                                                          14) What is the best first production rollout strategy?<\/strong>\nStart with a pilot: one compartment, one fleet, a small set of hosts, validate IAM and discovery, then expand gradually.<\/p>\n\n\n\n
                                                                                                                                          15) What\u2019s the difference between host management and application fleet management?<\/strong>\nHost management focuses on OS patching and instance lifecycle. Application fleet management models and groups application instances\/deployments so you can operate at the app boundary.<\/p>\n\n\n\n
                                                                                                                                          \n\n\n\n
                                                                                                                                          17. Top Online Resources to Learn Fleet Application Management<\/h2>\n\n\n\n
                                                                                                                                          \n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                          Resource Type<\/th>\nName<\/th>\nWhy It Is Useful<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                          Official Documentation<\/td>\nFleet Application Management docs \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/fleet-application-management\/home.htm<\/td>\nPrimary source for current features, concepts, and workflows<\/td>\n<\/tr>\n
                                                                                                                                          Official Documentation<\/td>\nManagement Agent docs \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/management-agent\/home.htm<\/td>\nRequired for host onboarding and troubleshooting agent issues<\/td>\n<\/tr>\n
                                                                                                                                          Official Pricing<\/td>\nOracle Cloud Price List \u2013 https:\/\/www.oracle.com\/cloud\/price-list\/<\/td>\nAuthoritative pricing reference (region\/SKU dependent)<\/td>\n<\/tr>\n
                                                                                                                                          Pricing Tool<\/td>\nOCI Cost Estimator \u2013 https:\/\/www.oracle.com\/cloud\/costestimator.html<\/td>\nEstimate end-to-end costs including compute\/network\/logging<\/td>\n<\/tr>\n
                                                                                                                                          Free Tier<\/td>\nOracle Cloud Free Tier \u2013 https:\/\/www.oracle.com\/cloud\/free\/<\/td>\nUnderstand Always Free limits and eligibility<\/td>\n<\/tr>\n
                                                                                                                                          Architecture Center<\/td>\nOCI Architecture Center \u2013 https:\/\/docs.oracle.com\/solutions\/<\/td>\nReference architectures and best practices (use search for observability\/management patterns)<\/td>\n<\/tr>\n
                                                                                                                                          Governance<\/td>\nOCI IAM docs \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Identity\/home.htm<\/td>\nPolicies, compartments, and least-privilege design<\/td>\n<\/tr>\n
                                                                                                                                          Observability<\/td>\nOCI Monitoring docs \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Monitoring\/home.htm<\/td>\nAlerts\/alarms patterns that often complement fleet operations<\/td>\n<\/tr>\n
                                                                                                                                          Logging<\/td>\nOCI Logging docs \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Logging\/home.htm<\/td>\nCentral log collection patterns for agents and workloads<\/td>\n<\/tr>\n
                                                                                                                                          Community (reputable)<\/td>\nOracle Cloud customer architecture\/blog resources \u2013 https:\/\/blogs.oracle.com\/cloud\/<\/td>\nPractical posts and updates; validate against official docs<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                          \n\n\n\n
                                                                                                                                          18. Training and Certification Providers<\/h2>\n\n\n\n
                                                                                                                                          \n\n\n\n\n\n\n\n\n
                                                                                                                                          Institute<\/th>\nSuitable Audience<\/th>\nLikely Learning Focus<\/th>\nMode<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                          DevOpsSchool.com<\/td>\nDevOps engineers, SREs, cloud engineers<\/td>\nDevOps practices, automation, cloud ops foundations (verify OCI-specific coverage)<\/td>\nCheck website<\/td>\nhttps:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                          ScmGalaxy.com<\/td>\nBeginners to intermediate DevOps learners<\/td>\nSCM, CI\/CD, DevOps fundamentals<\/td>\nCheck website<\/td>\nhttps:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n
                                                                                                                                          CLoudOpsNow.in<\/td>\nCloud ops practitioners<\/td>\nOperations, monitoring, cloud management concepts<\/td>\nCheck website<\/td>\nhttps:\/\/www.cloudopsnow.in\/<\/td>\n<\/tr>\n
                                                                                                                                          SreSchool.com<\/td>\nSREs and reliability-focused engineers<\/td>\nSRE practices, incident management, observability<\/td>\nCheck website<\/td>\nhttps:\/\/www.sreschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                          AiOpsSchool.com<\/td>\nOps and platform teams exploring AIOps<\/td>\nAIOps concepts, event correlation, operational analytics<\/td>\nCheck website<\/td>\nhttps:\/\/www.aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                          \n\n\n\n
                                                                                                                                          19. Top Trainers<\/h2>\n\n\n\n
                                                                                                                                          \n\n\n\n\n\n\n\n
                                                                                                                                          Platform\/Site<\/th>\nLikely Specialization<\/th>\nSuitable Audience<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                          RajeshKumar.xyz<\/td>\nDevOps\/cloud training content (verify latest topics)<\/td>\nBeginners to working professionals<\/td>\nhttps:\/\/rajeshkumar.xyz\/<\/td>\n<\/tr>\n
                                                                                                                                          devopstrainer.in<\/td>\nDevOps training<\/td>\nEngineers building CI\/CD and ops skills<\/td>\nhttps:\/\/www.devopstrainer.in\/<\/td>\n<\/tr>\n
                                                                                                                                          devopsfreelancer.com<\/td>\nDevOps freelance\/training services (verify offerings)<\/td>\nTeams needing short-term enablement<\/td>\nhttps:\/\/www.devopsfreelancer.com\/<\/td>\n<\/tr>\n
                                                                                                                                          devopssupport.in<\/td>\nDevOps support\/training resources (verify offerings)<\/td>\nOps teams needing troubleshooting support<\/td>\nhttps:\/\/www.devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                          \n\n\n\n
                                                                                                                                          20. Top Consulting Companies<\/h2>\n\n\n\n
                                                                                                                                          \n\n\n\n\n\n\n
                                                                                                                                          Company<\/th>\nLikely Service Area<\/th>\nWhere They May Help<\/th>\nConsulting Use Case Examples<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                          cotocus.com<\/td>\nCloud\/DevOps consulting (verify service catalog)<\/td>\nImplementation support, platform engineering<\/td>\nLanding zone setup, observability rollout planning, governance design<\/td>\nhttps:\/\/cotocus.com\/<\/td>\n<\/tr>\n
                                                                                                                                          DevOpsSchool.com<\/td>\nDevOps consulting and enablement<\/td>\nTraining + implementation guidance<\/td>\nFleet onboarding process design, IaC enablement, ops runbooks<\/td>\nhttps:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                          DEVOPSCONSULTING.IN<\/td>\nDevOps consulting (verify service catalog)<\/td>\nDevOps process and tooling<\/td>\nCI\/CD modernization, monitoring strategy, operational maturity improvements<\/td>\nhttps:\/\/www.devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                          \n\n\n\n
                                                                                                                                          21. Career and Learning Roadmap<\/h2>\n\n\n\n
                                                                                                                                          What to learn before Fleet Application Management<\/h3>\n\n\n\n
                                                                                                                                            \n
                                                                                                                                          • OCI fundamentals:<\/li>\n
                                                                                                                                          • compartments, VCNs, subnets, routing, security lists\/NSGs<\/li>\n
                                                                                                                                          • IAM basics:<\/li>\n
                                                                                                                                          • groups, policies, dynamic groups, least privilege<\/li>\n
                                                                                                                                          • Linux basics:<\/li>\n
                                                                                                                                          • services (systemctl<\/code>), logs (journalctl<\/code>), networking<\/li>\n
                                                                                                                                          • Observability basics:<\/li>\n
                                                                                                                                          • metrics vs logs vs traces; alerting fundamentals<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                            What to learn after Fleet Application Management<\/h3>\n\n\n\n
                                                                                                                                              \n
                                                                                                                                            • OCI Monitoring + Alarms: operational alerting<\/li>\n
                                                                                                                                            • OCI Logging and (optionally) Logging Analytics: centralized troubleshooting<\/li>\n
                                                                                                                                            • OCI Events + Functions: automation for common operational tasks<\/li>\n
                                                                                                                                            • OS Management Hub: OS patch compliance at scale<\/li>\n
                                                                                                                                            • IaC with Terraform\/Resource Manager: standardized provisioning and drift control<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                              Job roles that use it<\/h3>\n\n\n\n
                                                                                                                                                \n
                                                                                                                                              • Cloud Engineer \/ Cloud Operations Engineer<\/li>\n
                                                                                                                                              • DevOps Engineer<\/li>\n
                                                                                                                                              • Site Reliability Engineer (SRE)<\/li>\n
                                                                                                                                              • Platform Engineer<\/li>\n
                                                                                                                                              • Security Engineer (governance and auditability)<\/li>\n
                                                                                                                                              • Solutions Architect (operational architecture design)<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                Certification path (if available)<\/h3>\n\n\n\n
                                                                                                                                                Oracle certification offerings change over time. Check current OCI certification paths here:\n– https:\/\/education.oracle.com\/<\/p>\n\n\n\n
                                                                                                                                                Look for certifications related to:\n– OCI Foundations\n– OCI Architect \/ Operations tracks\n– Observability\/Management topics (if offered)<\/p>\n\n\n\n
                                                                                                                                                Project ideas for practice<\/h3>\n\n\n\n
                                                                                                                                                  \n
                                                                                                                                                1. Build a multi-compartment lab (dev\/prod) and implement fleet separation with least privilege.<\/li>\n
                                                                                                                                                2. Onboard 5\u201310 hosts and standardize tags, naming, and access roles.<\/li>\n
                                                                                                                                                3. Create a runbook for agent failures and implement centralized agent log collection.<\/li>\n
                                                                                                                                                4. Integrate alarms\/notifications for operational signals relevant to your fleet.<\/li>\n<\/ol>\n\n\n\n
                                                                                                                                                  \n\n\n\n
                                                                                                                                                  22. Glossary<\/h2>\n\n\n\n
                                                                                                                                                    \n
                                                                                                                                                  • OCI (Oracle Cloud Infrastructure)<\/strong>: Oracle Cloud\u2019s IaaS\/PaaS platform.<\/li>\n
                                                                                                                                                  • Observability and Management<\/strong>: OCI category covering monitoring, logging, and operational services.<\/li>\n
                                                                                                                                                  • Fleet<\/strong>: A logical group used to manage multiple application instances\/deployments together.<\/li>\n
                                                                                                                                                  • Compartment<\/strong>: An OCI governance boundary for organizing and isolating resources.<\/li>\n
                                                                                                                                                  • IAM Policy<\/strong>: A rule that grants permissions in OCI (who can do what in which compartment).<\/li>\n
                                                                                                                                                  • Managed host\/entity<\/strong>: A server\/instance connected to OCI for inventory\/management.<\/li>\n
                                                                                                                                                  • Management Agent<\/strong>: Host-based agent used to connect workloads to OCI management services (exact usage depends on service and configuration).<\/li>\n
                                                                                                                                                  • NAT Gateway<\/strong>: Provides outbound internet connectivity for private subnet resources without exposing them to inbound internet traffic.<\/li>\n
                                                                                                                                                  • Audit log<\/strong>: OCI record of control-plane actions for governance and forensics.<\/li>\n
                                                                                                                                                  • Tags (defined\/freeform)<\/strong>: Metadata used for governance, search, and cost allocation.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                    \n\n\n\n
                                                                                                                                                    23. Summary<\/h2>\n\n\n\n
                                                                                                                                                    Fleet Application Management in Oracle Cloud<\/strong> (under Observability and Management<\/strong>) helps you manage applications at scale using a fleet-based model<\/strong>: discover supported application inventory on connected hosts, group assets into fleets, and operate with OCI-native governance (compartments, IAM, tags, audit).<\/p>\n\n\n\n
                                                                                                                                                    It matters because operational complexity grows faster than infrastructure count. Fleets give you a practical structure for inventory, change planning, and access control\u2014especially in multi-environment, multi-team organizations.<\/p>\n\n\n\n
                                                                                                                                                    Cost-wise, the main drivers are usually compute<\/strong>, network egress\/NAT<\/strong>, and any additional logging\/telemetry retention<\/strong> you enable. Security-wise, success depends on least privilege IAM<\/strong>, controlled egress for agents, and strong compartment\/tag governance.<\/p>\n\n\n\n
                                                                                                                                                    Use Fleet Application Management when you need centralized application estate visibility and fleet operations<\/strong> in OCI. If your priority is deep performance tracing, choose OCI APM<\/strong> instead, and if you mainly need OS patching, consider OS Management Hub<\/strong>.<\/p>\n\n\n\n
                                                                                                                                                    Next learning step: review the official Fleet Application Management docs and validate which application types are supported in your region, then build a small pilot fleet in a dedicated compartment:\n– https:\/\/docs.oracle.com\/en-us\/iaas\/fleet-application-management\/home.htm<\/p>\n","protected":false},"excerpt":{"rendered":"
                                                                                                                                                    Observability and Management<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[75,62],"tags":[],"class_list":["post-955","post","type-post","status-publish","format-standard","hentry","category-observability-and-management","category-oracle-cloud"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/955","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=955"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/955\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=955"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=955"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=955"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}