X

@OracleIMC Partner Resources & Training: Discover your Modernization options + Reach new potential through Innovation

Using Oracle Compute API Part 3 of 3 - Creating Compute Instance

Allen Wangu
Cloud Consultant

In the last two post you have seen how to get an Authentication Cookie, how to reserve a public IP and how to create storage. Now let take a look at creating a compute instance.

What is an Oracle Compute Instance?

An Oracle Compute instance is a virtual machine running a specific operating system and with CPU and memory resources that you specify. This instance is defined by its machine image and shape. A machine image is a virtual hard disk that has a specific operating system installed while shape defines the number of CPUs and RAM available to an instance.

Let's get Started:

For you to log in to your VMs you need to use secure shell (SSH). To do this you need to use SSH public/Private Key pair for the VM. You will need the public key during the creating of you VM and then you will need the private key pair to login to your VM. The first thing you will need to do is generate the SSH Key pairs. Please follow the instructions on how to do that here

Once the SSH Key pairs are generated, go to the Oracle Compute console:

1. Click on the Network Tab

2. Click on SSH Public Keys

3. Click on Add SSH Public Key 

Give you public Key a name the click on "Select File" to choose your file and click Add.

Now that we have our key uploaded, we need to do another exercise. By default, all ports on the Oracle Compute as disabled. You have to explicitly open the port you want to access from the internet. In order to do this, you need to define Security Lists and Security Rules. For this exercise i would like you to open SSH port. Below is a sample orchestration.

Security List

{ "policy": "",
"outbound_cidr_policy": "",
"name": "/Compute-{identityDomain}/{username}/allow_ssh"
}

Security List Script file

export COMPUTE_COOKIE=$(curl -i -X POST -H "Content-Type: application/oracle-compute-v3+json" -d '{"user":"/Compute-{identityDomain}/{username}","password":"{password}"}' https://api-z17.compute.em2.oraclecloud.com/authenticate/ | tr -d '\r' | sed -En 's/^Set-Cookie: (.*)/\1/p')
curl -i -X POST \
-H "Cookie: $COMPUTE_COOKIE" \
-H "Content-Type: application/oracle-compute-v3+json" \
-H "Accept: application/oracle-compute-v3+json" \
-d "@sshsecurityrule.json" {rest-api-url}/seclist/

Security Rule

{
"dst_list": "seclist:/Compute-{identityDomain}/{username}/allow_ssl",
"name": "/Compute-{identityDomain}/{username}/allowed-ssh-access",
"src_list": "seciplist:/Compute-{identityDomain}/{username}/public-internet",
"application": "/Compute-{identityDomain}/{username}/ssh",
"action": "PERMIT" }

Security Rule Script file:

export COMPUTE_COOKIE=$(curl -i -X POST -H "Content-Type: application/oracle-compute-v3+json" -d '{"user":"/Compute-{identityDomain}/{username}","password":"{password}"}' https://api-z17.compute.em2.oraclecloud.com/authenticate/ | tr -d '\r' | sed -En 's/^Set-Cookie: (.*)/\1/p')
curl -i -X POST \
-H "Cookie: $COMPUTE_COOKIE" \
-H "Content-Type: application/oracle-compute-v3+json" \
-H "Accept: application/oracle-compute-v3+json" \
-d "@sshsecurityrule.json" {rest-api-url}/secrule/

Once you have you security list/rules defined, now it's time to define a instance orchestration. Below is a sample of an instance orchestration.


{
  "description": "Simple instance with an ssh key and a security list",
  "name": "/Compute-{identityDomain}/{username}/simple_server_orchestration",
  "oplans": [
    {
      "label": "simple instance",
      "obj_type": "launchplan",
      "objects": [
        {
          "instances": [
            {
              "imagelist": "/oracle/public/OL_7.2_UEKR3_x86_64",
              "label": "simple_server",
              "networking": {
                "eth0": {
                  "seclists": [
                    "/Compute-{identityDomain}/{username}/allow_ssh"
                  ],
                  "nat": "ipreservation:/Compute-{identityDomain}/{username}/ip-res-1"
                }
              },
              "shape": "oc3",
              "storage_attachments": [
                {
                  "index": 1,
                  "volume": "/Compute-{identityDomain}/{username}/bootable-vol-1"
                  
                },
                {
                  "index": 2,
                  "volume": "/Compute-{identityDomain}/{username}/data-vol-1"
                }
              ],
              "boot_order": [1],
              "sshkeys": [
                "/Compute-{identityDomain}/{username}/simple_server_pub"
              ]
            }
          ]
        }
      ]
    }
  ]
}

We have our orchestration ready. We need to upload the orchestration and start it. Below is a video of how to do this. This video also show you how to use Oracle Developer Cloud Service to trigger this shell scripts.

 

 

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.