Setting Up Networking Resources

Batch relies on OCI networking infrastructure to securely connect tasks to storage and other services. When you configure a subnet for Batch, the batch context creates a private endpoint within that subnet. This endpoint is used for egress traffic from containers running tasks in the batch context and for connections to the NFS endpoints mounted into the containers.

Task code can't reference target IPs directly. It must use FQDNs and DNS configured in containers to resolve them to the target Network Address Translation (NAT) IPs. Further, the DNS resolver associated with the provided subnet must be able to resolve these FQDNs to the correct target IPs. DNS in the subnet can be configured using the OCI DNS service.

Proper network configuration ensures tasks can access necessary resources, such as NFS, license servers, and any other endpoint reachable from the subnet. Users can set up subnet connectivity to access endpoints in other subnets or VCNs in OCI, OCI services, internet endpoints, or on-premises environments.

For more information on creating a VCN and subnet to connect the Batch service to the network, see Creating a VCNand Creating a Subnet.

If batch tasks read from or write to shared files, you must provide an NFS file system. Any file storage solution that supports NFS protocol version 3 or 4 is acceptable, such as OCI File Storage. NFS provides a central location for task input and output files. Similar to other network resources, NFS endpoints must be referenced using their FQDNs. For more information on setting up NFS, see Creating a File System.

Security lists and network security groups control the network traffic allowed to and from resources in the subnet. Correctly configuring these rules is essential for Batch to function.