Get Started with Basic of Oracle Cloud Infrastructure
Introduction
The goal of this tutorial is to demonstrate the basic functionality of Oracle Cloud Infrastructure (OCI) and allow the learner to start thinking about creative ways to use cloud infrastructure. In this tutorial, we will show how simple it is to deploy a single instance web application environment in OCI. The application will need a secured virtual cloud network (VCN), an OCI Compute instance, and attached OCI Block Volumes storage. We will install and configure open source Apache for our web server. After the system has been successfully deployed, we will illustrate how easy it is to re-use the boot and block volumes from the initial instance. A similar architecture can prove useful with disaster recovery or scaling of compute and storage resources.
In this tutorial, you will learn to:
- Create a VCN.
- Deploy a Linux based virtual machine (VM) in the cloud.
- Attach OCI Block Volumes storage to the instance.
- Login remotely through secure connection.
- Install and configure a simple web application.
- Terminate the instance and transfer the boot and block volumes to another instance.
Objectives
- Get stated with basic features and functionality of OCI. We will create an OCI Compute instance and a cloud network, attach block storage, install a simple HTTP application, and migrate boot and block storage to a new instance.
Task 1: Create a VCN
Log in to the OCI Console, navigate to Networking and click Virtual Cloud Networks.
To create a VCN, you will need to be in a compartment where you have authorization to create resources. In the List Scope section, locate the Compartment drop-down menu and expand the root selection using the plus signs until you find your assigned compartment.
Your root compartment and tenancy may be different than as shown in the following image. If you are using our free Oracle-provided hands-on lab, select the compartment that was created for you, the name will begin with the word luna.
Note: You will not be able to create any resources in the root,
Luna-Labs
orManagedCompartmentForPaaS
compartments.Click Start VCN Wizard.
Note: Verify that you have chosen the correct compartment.
Select VCN with Internet Connectivity and click Start VCN Wizard.
In Configuration, enter the following information and click Next.
Note: The default CIDR blocks should be filled in already. Accept the defaults for this lab.
- VCN NAME: Enter
oci-basics-vcn
. - COMPARTMENT: Ensure your compartment is selected.
- VCN CIDR BLOCK: Enter a CIDR block for the entire network (
10.0.0.0/16
). - PUBLIC SUBNET CIDR BLOCK: Enter a CIDR block for the public facing network (
10.0.0.0/24
). - PRIVATE SUBNET CIDR BLOCK: Enter a CIDR block for the private internal network (
10.0.1.0/24
). - DNS RESOLUTION: Select Use DNS Hostnames in this VCN.
- VCN NAME: Enter
In Review, review the information and click Create.
Note: With just a few clicks, you are setting up subnets, gateways, security lists, public access, DNS labels, and more—tasks that once took hours or even days to complete are now accomplished in seconds.
You have created a virtual cloud network (VCN) with following components:
- VCN
- 1 x Public subnet
- 1 x Private subnet
- Internet gateway
- NAT gateway (NAT)
- Service gateway
- DNS domain information
- Security list and routing information
Click View Virtual Cloud Network to display your VCN details.
Now, change the VCN security list and open port 80 to the internet. This will allow http traffic to pass through to the application which we are going to deploy on our instance.
Click Security Lists and select Default Security list for <YOUR_VCN_NAME>.
Under Ingress Rules, click Add Ingress Rule.
Enter the following information to add a stateful ingress rule and click Add Ingress Rule.
- STATELESS: Deselect it.
- SOURCE TYPE: Select CIDR.
- SOURCE CIDR: Enter
0.0.0.0/0
. - IP PROTOCOL: Select TCP (default).
- SOURCE PORT RANGE: Select ALL (default).
- DESTINATION PORT RANGE: Enter 80
Note: This rule is telling the gateway to allow traffic from any location (
0.0.0.0/0
) to transport information over port80
(http) using the TCP protocol stack. You have now created a security rule to allow http traffic into your VCN.
In the next task, we will create and configure a compute instance and deploy a simple web application.
Task 2: Launch Compute Instance
To run their business applications, customers require computing resources. Oracle offers a variety of compute instances designed to meet diverse application and performance requirements. Oracle provides bare metal and virtual machine (VM) instance types with different CPU and memory configurations called shapes. In this task, we will learn how to deploy a compute instance with a simple web server application. This is the basis of cloud computing.
Go to the OCI Console, navigate to Compute and click Instances.
Click Create Instance.
Note: There is an Advanced Options section where you can select the fault domain, add a script to execute on boot, and more. We will not work with the advanced options in this tutorial but feel free to explore on your own.
Enter the following information.
- Name: Enter the compute instance name.
- Create in compartment: Select your compartment.
- Availability Domain: Select AD 1.
To select the operating system image to use for your VM instance, click Change Image.
Note: Shape size should default to
VM.Standard.E2.1
.Click Oracle Images and select Oracle Cloud Developer Image, I have reviewed and accept the Oracle Standard Terms and Restrictions and Select Image.
In the Primary VNIC information section, enter the following information.
Primary network: Select Select existing virtual cloud network.
VCN: Select the VCN you created in Task 1.
Subnet: Select Select existing subnet and confirm that public subnet from your VNC is displayed.
Private IPv4 address: Select Automatically assign private IPv4 address.
Public IPv4 address: Select Automatically assign public IPv4 address.
SSH keys are a requirement for secure connection to the instance you will be creating. This has changed recently to allow you to generate the necessary SSH keys directly from the OCI Console. This process is a little different from generating keys from a client operating system. Customers can use their own keys, load from the system, or copy and paste their own keys. For convenience we will use the OCI Console. we need to create and paste SSH keys so that you can securely access the new instance.
In the Add SSH keys section, select Generate a key pair for me to allow OCI to generate our key-pair. To download keys, click Save private Key and Save public key.
In the Boot volume section, leave the boxes deselect at their defaults.
Click Create to create the instance.
The instance will start provisioning, and its status will show as PROVISIONING. Within a few minutes, the status will change to RUNNING.
Examine the information in Instance Information. Identify the assigned fault domain, private and public IP addresses, and other important information.
Note: You can control your instance with Stop, Reboot, and Change Shape. If you forget how to connect to the instance you can click connect to a running instance for more information about how to connect to a cloud instance.
Task 3: Connect to the Instance
In the Instance details page, copy Public IP address as we will require the IP address as we connect to the instance.
Open Terminal Emulator from the main desktop applications menu.
Run the following command to navigate to the Downloads folder. The terminal will likely default to the user home directory, and the downloads directory should be directly in your path.
cd ~/Downloads
Note: SSH keys need to have special permissions in order to be used securely. We will need to change the permissions on the keys that we downloaded before use.
Run the following Linux
chmod
command to change the permissions torw
for root only.chmod 600 *.key
chmod 600 *.pub
Now you can use the keys securely without errors.
In the terminal window, enter the following SSH command.
Make sure you are in the same directory as the SSH key. The -i
switch is where you designate the name of the private key and following that is the IP address of your compute instance prefaced by the default admin username, opc
and the @
sign.
ssh -i <private key file> opc@<public_ip_address>
Enter yes to the prompt about accepting the identity and adding to the list of known hosts.
Note: You may be asked to provide a passphrase. You did not get the opportunity to provide this passphrase so a simple SSH identity command should take care of that. If you are asked for a passphrase, use the
ssh-add
command to add the identity to the key. Enter the following command followed by the private keyname.ssh-add <private key file>
Try again to login again using the SSH command in Task 3.5.
ssh -i <private key file> opc@<public_ip_address>
You have successfully created an instance and logged in through SSH. Explore the instance environment. In the next task, we will add external block storage to the instance for application data storage.
Task 4: Create and Mount OCI Block Storage
OCI offers 3 types of storage that offer different levels of performance, access, and redundancy for customer applications.
OCI Block Storage: It is based on physical blocks organized on a physical storage medium, namely Solid State Disks (SSDs), and organized using a file system. It is accessed through a dedicated storage network commonly referred to as a Storage Area Network (SAN). OCI Block Storage is limited to the physical size of the disk or array of disks, but it is also considered the highest performance option for most applications. It is ideal for databases and mission critical applications.
OCI Object Storage: It is a data storage architecture that manages data as objects. OCI Object Storage presents massive capacity and the ability to store unstructured data. It is commonly used for disaster recovery, document storage, and analytics data.
OCI File Storage: It is essentially an OS file system that's shared over the network and commonly referred to as Network Attached Storage (NAS). OCI File Storage is a basic Unix function and was commercialized as hardware file storage systems called NAS appliances.
To create OCI Block Storage, follow the steps:
Go to the OCI Console, navigate to Storage and click Block Volumes.
Ensure you are in the correct compartment and click Create Block Volume button.
Enter the following information and click Create Block Volume.
- Name: Enter a block volume name.
- Create in Compartment: Select your compartment.
- Availability Domain: Select the same AD as the instance.
- Volume size: Select Custom and enter 50 GB.
- Compartment for Backup Policies: Select your compartment.
- Backup Policy: No selection is necessary.
- Volume Performance: Leave as Balanced but note that you can change according to requirement.
- Volume Encryption Select Encrypt using Oracle-managed keys.
Note: For volume size and performance, the default size is 1024 GB which is equal to roughly 1 TB. The following steps will require a formatted, mounted filesystem so we will need to decrease this size to 50GB to keep our lab simple and straightforward. Change the default size to Custom and change the size the 50GB.
The status will show as PROVISIONING. Within a few minutes, the status will change to AVAILABLE. It is now ready to use with your instance.
Attach the block volume to the compute instance. You can attach a block volume from either the Instance Details page or from the Block Volume Details page.
In the Block Volume Details page, click Attached Instances and Attach to Instance.
Enter the following information and click Attach.
- Attachment type: Select Paravirtualized.
- Access type: Select Read/Write.
- Instance: Select Select Instance.
- Choose Instance Select the instance created in Task 2.
- Device Name: Select the first available path from the drop-down menu.
After a few moments, you will get confirmation that your block volume has been attached.
Note: For this tutorial, we have used Paravirtualized attach because it is fast and simple. A paravirtualized attachment is a technique where the guest OS utilizes the hypervisor API to access remote storage directly as if it were a local device. It is fast and simple to mount storage. There may be a performance hit using paravirtualized block volumes so you may also want to be familiar with mounting storage directly using iSCSI. For more information about mounting storage to instances using iSCSI, see Press the Easy Button: Paravirtualized Block Volume Attachments for VMs! .
Switch back to the SSH session and verify that the block volume is attached, format it, create a filesystem, and mount it to the instance.
Log in to the instance again, if necessary. As the opc user, run the
lsblk
command to verify the paravirtualized block volume has mounted and confirm the device path. In this case, we used the console to choose/dev/sdb
and sized it to 50GB so we can verify the device has been mounted.Run the following command into the terminal window to format the volume for use by the operating system.
sudo fdisk /dev/sdb -l
Run the following command to create a filesystem on the volume using the
ext4
filesystem and naming the volumedata
. We are using the entire disk so enter Y at the prompt for a single partition.sudo mkfs.ext4 -L data /dev/sdb
Run the following command to create a mount point. Mount the block volume, and verify that it is mounted to the system.
sudo mkdir -p /mnt/www/html
sudo mount /dev/sdb /mnt/www/html
lsblk
You have successfully formatted and mounted the external block volume.
Task 5: Install and Configure a Web Application
In this task, we will install the Apache web server and configure it for use with simple application.
To install the
httpd
server, enter the following command in a terminal window connected to your OCI Compute instance.sudo yum install httpd -y
In Task 1, we added a security rule to allow traffic from the internet to port 80 through our virtual cloud network. You also need to configure the standard Linux firewall to allow traffic on the instance itself.
Open port 80 on the instance firewall to allow http traffic.
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --reload
Start up the web service and install a simple HTML application.
Run the following command to start the httpd service.
sudo systemctl enable httpd --now
Note: There will be no output for this command.
Run the following command from the opc users home directory to download a pre-built application and install it.
wget https://github.com/snafuz/oci-quickstart-lab/archive/master.zip
Unzip the file into the opc users home directory and copy the web application structure into the web servers document root.
unzip master.zip
sudo cp -R oci-quickstart-lab-master/static/* /mnt/www/html/
Modify the server configuration file (
httpd.conf
) with the application location. Usevi
or your favourite Linux text editor and modify the web server configuration file,/etc/httpd/conf/httpd.conf
. You will be editing this file to change the default location where web application files are stored, from/var/www/html
which would be located on the system drive, to/mnt/www/html
which is located on the block volume that we created for our server.Note:
- A good idea would be to make a copy of the configuration file with a
.bak
extension in case you make any mistakes or accidentally corrupt the file. - Launch
vi
, from the a terminal window.vi
is a standard text editor and available in every version of the Unix and Linux operating system. You can usegedit
, or whatever Unix/Linux editor you maybe be familiar with. You can usenano
,vim
,emacs
from the terminal, orgedit
, which is available on the Luna desktop or in the startup menu. The following examples will illustrate using vi.
sudo vi /etc/httpd/conf/httpd.conf
- A good idea would be to make a copy of the configuration file with a
Search for the string
/var/www
and replace it with/mnt/www
. You will make three replacements and one is a comment, you do not need to edit the comment if you do not want to. There are three references to thecgi-bin
directory. You do not need to change those.Make sure to save your changes. Use
:wq!
invi
.Enter the following command to change the security context of the application subdirectory and restart the httpd server.
sudo chcon -R --type=httpd_sys_rw_content_t /mnt
sudo systemctl restart httpd
Go to the compute instance details for your instance. Locate and copy the IP address.
In the browser, open a new window or tab and enter
http://<your compute instance's public IP address>
in the URI locator.http://<COMPUTE_INSTANCE_PUBLIC_IP>
You should see the simple http application form in your browser.
Now, your application is up and running on OCI!
So far you have created a cloud network, launched an instance, created and attached block storage, configured a web server, and created a simple application. In the next task, we will delete the first compute instance. Then launch a new compute instance with the boot and block volume that you created for the first instance, thus retaining the configuration information from the first instance.
Task 6: Reuse the Boot and Block Volumes for a New Instance
In this task, we are going to detach the block volume and terminate the instance. We will then use the existing boot volume to launch a new compute instance and re-attach the block storage. This type of action can be helpful for customers with disaster recovery or building golden images which helps with resource re-use and streamlining of operations in the cloud.
SSH to the instance and unmount the block volume. Run the following command with the device path from your instance.
sudo umount /dev/<VOLUME_NAME>
Go to the OCI Console, navigate to Compute, Instances and click the instance created in Task 2. Select Attached Block Volumes in the Resources section, click the ellipsis icon and select Detach.
You will receive a warning about detaching iSCSI targets. This is an important warning but we have already unmounted the volume so, click Continue Detachment.
To reinforce the fact that dismounting a live data volume could result in errors and lost data, click OK on the Are you sure you want to detach this volume message.
Wait for the block volume to completely detach.
In the Instance Details page, click Stop to stop the compute instance.
Read the warning message and click Stop Instance to confirm your choice.
The instance will begin shutting down and the status will change to STOPPING. Shutdown will take a few moments. Once it shows the STOPPED status, select Boot Volume in the Resources section, click the ellipsis icon and select Detach. Click OK to confirm your selection.
Click Detach Boot Volume to confirm the detachment.
After a few minutes, the boot volume will report that it is been detached. Now, terminate the compute instance.
In the Instance Details page, click More Actions drop-down menu and Terminate to terminate the instance.
Note: In the confirmation window, do not select Permanently delete the attached Boot Volume.
Once the instance is terminated, click Boot Volume. The block volume shows Detached status. You can also click the ellipsis icon and select View Boot Volume Details.
In the Boot Volume Details page, click Create Instance.
Enter the following information to create a new OCI Compute instance and click Create.
Note: The information will be largely the same from the prior instance but we do not have to select an operating system image as it is already installed on the boot image. We also do not have to specify SSH keys because they are already installed on the instance boot volume.
- Name your instance: Enter
oci-basics-instance-02
. - Choose an operating system or image source: Defaults to Boot Volume.
- Availability Domain: Select availability domain.
- Instance Shape: Select
VM.Standard2.1
. - Virtual cloud network compartment: Select your compartment.
- Virtual cloud network: Select VCN created in Task 1.
- Subnet Compartment: Select your compartment.
- Subnet: Select the Public subnet.
- Use network security groups to control traffic: Leave deselect.
- Assign a public IP address: Select it.
- Add SSH Keys: No SSH keys.
- Name your instance: Enter
Once the instance shows RUNNING state, click Attached Block Volumes to attach the block volume to this new instance.
In the Attach Block Volume page, enter the following information and click Attach.
- Attachment type: select Paravirtualized.
- Block Volume: Select the block volume (
oci-basics-bv
) created in Task 3. - Device Path: select oraclevdb.
- Access: Select Read/Write.
Wait for the block volume to fully attach.
Once the volume has finished attaching, open a terminal window and SSH to the compute instance using the new IP address. Mount the block volume using the steps followed in Task 4.
Locate the IP address of the instance from the Instance Details page. You will have a new IP as it is a different instance.
Open a terminal window and SSH to the instance. Enter Yes to confirm the fingerprint.
ssh -i <your SSH key-name> opc@<your ip address>
Enter the following commands to mount the block volume and restart the web server.
lsblk
sudo mount /dev/sdb /mnt/www/html
sudo systemctl restart httpd
In the browser, open a new window or tab and enter
http://<your compute instance's public IP address>
in the URI locator. For example,http://10.10.0.1
.
You should see the simple form for the web application that you created in Task 5. We have successfully re-used the boot and block volume that were attached to another instance with all the data preserved. This simple example could be used to change compute shapes, create a re-usable golden image, or any solution where a portable instance might come in handy.
Acknowledgments
- Author - OHC Team