Explanation
A public IP address is an IPv4 address that is reachable from the internet. If a resourcein your tenancy needs to be directly reachable from the internet, it must have a public IP address. Depending on the type of resource, there might be other requirements.
There are two types of public IPs:
Ephemeral: Think of it as temporary and existingfor the lifetime of the instance.
Reserved: Think of it as persistent and existing beyond the lifetime of the instance it's assigned to. You can unassign it and then reassign it to another instance whenever you like. Exception: reserved public IPs on public load balancers.
To create a new reservedpublic IP in your pool
Confirm you're viewing the region and compartment where you want to create the reserved public IP.
Open the navigation menu. Under Core Infrastructure, go to Networking and click Public IPs.
Click Create Reserved Public IP.
Enter the following:
Name: An optional friendly name for the reserved public IP. The name doesn't have to be unique, and you can change it later. Avoid entering confidential information.
Compartment: Leave as is.
Tags:Optionally, you can apply tags. If you have permissionsto create a resource, you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you are not sure if you should apply tags, skip this option (you can apply tags later) or ask your administrator.
Click Create Reserved Public IP.
To assign a reserved public IP to a private IP
Prerequisite: The private IP must not have an ephemeral or reserved public IP already assigned to it. If it does, first delete the ephemeral public IP, or unassign the reserved public IP.
Confirm you're viewing the compartment that contains the instance with the private IP you're interested in.
Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
Click the instance to view its details.
Under Resources, click Attached VNICs.
The primary VNIC and any secondary VNICs attached to the instance are displayed.
Click the VNIC you're interested in.
Under Resources, click IP Addresses.
The VNIC's primary private IP and any secondary private IPs are displayed.
For the private IP you're interested in, click the Actions icon (three dots), and then click Edit.
In the Public IP Address section, for Public IP Type, select the radio button for Reserved Public IP.
Enter the following:
Compartment: The compartment that contains the reserved public IP you want to assign.
Reserved Public IP: The reserved public IP you want to assign. You have three choices:
Create a new reserved public IP. You may optionally provide a friendly name for it. The name doesn't have to be unique, and you can change it later. Avoid entering confidential information.
Assign a reserved public IP that is currently unassigned.
Move a reserved publicIP from another private IP.
Click Update.

Explanation
If your organization is small, or if you are still in the proof-of-concept stage of evaluating OracleCloud Infrastructure, consider placing all of your resources in the root compartment (tenancy). This approach makes iteasy for you to quickly view and manage all your resources. You can still writepolicies and create groups to restrict permissions on specific resources to only the users who need access.If you plan to maintain all your resources in the root compartment,we recommend setting up aseparate sandbox compartment to give users a dedicated space to try out features. In the sandbox compartment, you can grant users permissions to create and manage resources, whilemaintaining stricter permissions on the resourcesin your tenancy (root) compartment.
https://www.oracle.com/a/ocom/docs/best-practices-for-iam-on-oci.pdf

Explanation
When you create your VCN, you assign a contiguous IPv4 CIDR block of your choice. VCN sizes ranging from /16 (65,533 IP addresses) to /30 (1 IP address) are allowed. Example: 10.0.0.0/16, 192.168.0.0/24.

Explanation
A service gateway lets resources in your VCN privately access specific Oracle services, without exposing the data to aninternet gateway or NAT. The resources in the VCN can be in a private subnet and use only private IP addresses. The traffic from the VCN to the service of interest travels over the Oracle network fabric and never traverses the internet.
To give your VCN access to a given service CIDR label, you must enable that service CIDR label for the VCN's service gateway. You can do that when you create the service gateway, or later after it's created. You can also disable a service CIDR label for the service gateway at any time.
For traffic to be routed from a subnet in your VCN to a service gateway, you must add a rule accordingly to the subnet's route table. The rule must use the service gateway as the target.
Reference:https://blogs.oracle.com/cloud-infrastructure/connect-private-instances-with-oracle-servicesthrough-an

Explanation
Oracle Cloud Infrastructure File Storage service provides a durable, scalable, secure,enterprise-grade network file system. You can connect to a File Storage service file system from any bare metal, virtual machine, or container instance in your Virtual Cloud Network (VCN). You can also access a file system from outside the VCN using OracleCloud Infrastructure FastConnect and Internet Protocol security (IPSec) virtual private network (VPN).
EXPORT
Exports control how NFS clients access file systems when they connect to a mount target. File systems are exported (made available) through mounttargets. Each mount target maintains an export set which contains one or many exports. A file system must have at least one export in one mount target in order for instances to mount the file system. The information used by an export includes the file system OCID, mount target OCID, export set OCID, export path, and client export options. For more information, see Managing Mount Targets.
EXPORT SET
Collection of one or more exports that control what filesystems the mount target exports using NFSv3 protocol and how those file systems are found using the NFS mount protocol. Each mount target has an export set. Each file system associated with the mount target has at least one export in the export set.
EXPORT PATH
A path that is specified when an export is created. It uniquely identifies the file system within the mount target, letting you associate up to 100 file systems to a single mount target. This path is unrelated to any path within the file system itself, or the client mount point path.
EXPORT OPTIONS
NFS export options are a set of parameters within the export that specify the level of access granted to NFS clients when they connect to a mount target. An NFS export options entry within an export defines access for a single IP address or CIDR block range. For more information, see Working with NFS Export Options.