OCI Container Instances run your containers on serverless compute optimized for container workloads. The underlying infrastructure is fully managed and hardened by OCI. You can focus on building your applications without having to worry about provisioning, patching, or managing servers.
You only pay for the CPU and memory resources allocated to your container instance at the same price as the regular Compute Instances for the chosen shape. There are no additional charges or tax for the seamless operations provided by the serverless platform. With better performance, security, and a similar price as DIY, letting go of the management overhead is an easy decision.
Running a new container instance with one or more containers only requires a few simple parameters via CLI, API, or the OCI console. You have the flexibility to specify your preferred shape (such as E3/E4 Flex), CPU and memory resources required, and networking configuration. You can also configure environment variables, startup options, resource limits, etc. for each container. This enables you to launch containers instantly, configured just the way you want them to support your needs.
You can allocate all the CPU and memory provided by the underlying compute shape to a container instance to run even the most demanding workloads. For example, you can allocate up to 64 cores (128 vCPU) and 1024 GB memory to a container instance with E3/E4 Flex shapes.
OCI Container Instances support pulling container images from Open Container Initiative–compliant container registries, including OCI Container Registry. You can also set up OCI Container Registry with private access and enable security scanning for your container images.
Container Instances provide a dedicated environment with strong isolation to each container instance—same as VMs. Containers running on a container instance do not share OS kernel and CPU/memory resources with other container instances. This enhances your application’s security posture, without compromising on its performance.
Each container instance is connected to a subnet in your VCN, ensuring secure communication. You can optionally assign a public IP to a container instance if containers need to be accessed publicly. Using OCI Identity and Access Management, you can configure policies to control access to other OCI services/resources from container instances.
Using the built-in logging, you can view your container logs in the OCI Console or pull them using the API. OCI Container Instances also provides built-in metrics to monitor CPU and memory utilization, disk I/O, network receive/transmit bytes, etc.