OCI FortiGate HA Cluster – Reference Architecture: Code Review and Fixes
Introduction OCI Quick Start repositories on GitHub are collections of Terraform scripts and configurations provided by Oracle. These repositories ... Read More
Découvrez pourquoi Eclipsys a été nommée 2023 Best Workplaces in Technology, Great Place to Work® Canada et Canada's Top 100 SME !
En savoir plus !Catchy title I give you that, but there is more in this article than its title. Besides getting familiar with OCI-ClI, this lab will introduce another way to work with OCI API requests as described in the OCI Operations Associate exam(1Z0-1067) training.
The tutorial will not only walk you through the required steps to have an instance spun in the cloud, but you will be able to do it elegantly, through interactive shell scripts that’ll transform your infrastructure as code experience. Although it won’t replace solutions like terraform, it’s still an agile way to adapt your Cloud vendor’s IaC.
Some of you already know that OCI-CLI and JSON make it challenging to manage resources without making mistakes with ocids and lookups syntax. That’s why you won’t see another post with random oci-cli commands thrown at you. Instead, I created 7 interactive BASH scripts that will make the task easier and reusable. It took me a few days instead of 2 hours to do this but I hope the scripts would help the beginners get introduced to oci-cli. Feel free to clone my GitHub repo before starting this tutorial.
Topology
The following illustration shows the layers involved between your workstation an Oracle cloud infrastructure while running the oci-cli commands along with the instance attributes we will be provisioning (Some names might be changed).
CLI setup and assumptions
This is beyond the scope of this article but please follow my previous Blog post if you haven’t configured your CLI environment yet. Also since I’m on windows I mainly used Gitbash (or WSL) as bash terminal client.
I will assume that the below elements are present/configured in your workstation
The OCI config file: (refer to my Blog post for details on how to set it up)
$ cat /c/Users/brokedba/.oci/config [DEFAULT] user=ocid1.user.oc1..aaaaaaaayd2yf6ru5xxxxxxxxxx fingerprint=bf:3b:2e:48:a2:98:xx:xx:xx:xx:xx:xx:xx key_file=C:\Users\brokedba\.oci\oci_api_key.pem tenancy=ocid1.tenancy.oc1..aaaaaaxxxx region=ca-toronto-1 ## adapt the above info to your default OCI Profile
$ oci setup oci-cli-rc
# adds parameters such as command aliases and predefined queries
$ export OCI_CLI_SUPPRESS_FILE_PERMISSIONS_WARNING=True
$ oci iam availability-domain list --output table +-----------------------------+------------------+------------------------+ | compartment-id | id | name | +-----------------------------+------------------+------------------------+ | ocid1.tenancy.oc1..aaaa5g4a | ocid1.availabili | BahF:CA-TORONTO-1-AD-1 | +-----------------------------+------------------+------------------------+
$ git clone https://github.com/brokedba/oci-cli-examples.git
Note: You can also use Git GUI to clone it as shown below
export T="ocid1.tenancy.oc1.xxxx" export U="ocid1.user.oc1..xxx" export C="ocid1.tenancy.oc1..xxx"
1. CREATE A VCN
brokedba@ MINGW64> ./create_vcn.sh Enter the VCN name you wish to create [CLI-VCN]: selected VCN name : CLI-VCN Enter the VCN network CIDR to assign [192.168.0.0/16]: 192.168.0.0/20 == VCN information === VCN name = CLI-VCN CIDR = 192.168.0.0/20 VCN Dns-Label = CLIVCN ==== Created VCN details ==== +----------------+--------+----------------------+----------+ | CIDR | DNS | DOMAIN_NAME | VCN_NAME | +----------------+--------+----------------------+----------+ | 192.168.0.0/20 | clivcn | clivcn.oraclevcn.com | CLI-VCN | +----------------+--------+----------------------+----------+ Delete command ==> oci network vcn delete --vcn-id ocid1.vcn.oc1.ca-toronto-1.aq --force
Tip: click on the script to see its content.
Delete command is also included in each script so you could destroy/repeat without using the Web Console
2. CREATE A SUBNET WITHIN THE VCN
brokedba@ MINGW64> ./create_subnet.sh +-----------------+--------+----------------------+----------+ | CIDR | DNS | DOMAIN_NAME | VCN_NAME | +-----------------+--------+----------------------+----------+ | 192.168.0.0/20 | clivcn | clivcn.oraclevcn.com | CLI-VCN | +-----------------+--------+----------------------+----------+ select the VCN you wish to attach your subnet to []: CLI-VCN selected VCN name : CLI-VCN Enter the subnet name you wish to create [CLI-SUB]: selected SUBNET name : CLI-SUB ============ SUBNET CIDR ========================== subnet CIDR must be contained in its VCN CIDR block 192.168.0.0/20 =================================================== Enter the VCN network CIDR to assign [192.168.10.0/24]: == Subnet information === VCN name = CLI-VCN == Subnet information === VCN CIDR = 192.168.0.0/20 SUBNET name = CLI-SUB SUBNET CIDR = 192.168.10.0/24 ==== Created SUBNET details ==== +---------+-----------------+-------------------+-----------------------------+ | SUBNAME | SUB_CIDR | SUB_OCID | subdomain | +---------+-----------------+-------------------+-----------------------------+ | CLI-SUB | 192.168.10.0/24 | ocid1.subnet.xxxx | clisub.clivcn.oraclevcn.com | +---------+-----------------+-------------------+-----------------------------+ delete command ==> oci network subnet delete --subnet-id ocid1.subnet.oc1.ca-toronto-1.aaaaaaaaoly2q --force
Note: The script still checks if the entered CIDR for the subnet has a prefix that is between the VCN’s and /30.
3. CREATE AN INTERNET GATEWAY
brokedba@ MINGW64> ./create_igateway.sh select the VCN you wish to add thye I-Gateway to []: CLI-VCN selected VCN name : CLI-VCN Creating a New Internet gateway Enter the Internet gateway name you wish to create [CLI-IGW]: +---------+---------------------------------------+----------+ | ENABLED | GTID | GTW_NAME | +---------+---------------------------------------+----------+ | True | ocid1.internetgateway.oc1.ca-toronto-1| CLI-IGW | +---------+---------------------------------------+----------+ Delete command ==> oci network internet-gateway delete --ig-id ocid1.internetgateway.oc1.ca-toronto-1.aaaaaaaasxx --force
4. SETUP ROUTE TABLE
brokedba@ MINGW64> ./create_route.sh select the VCN you wish to set the route table for []: CLI-VCN selected VCN name : CLI-VCN Internet gateway exists => Seting up the default Route table ... ==== Default Route table entries for CLI-VCN ==== +-----------+------------------------+-----------------------+-----------+ | CIDR | RT_OCID | Route | dest | +-----------+------------------------+-----------------------+-----------+ | 0.0.0.0/0 | ocid1.routetable.oc1.xx| Default Route CLI-VCN | 0.0.0.0/0 | +-----------+------------------------+-----------------------+-----------+
5. LIST IMAGES
brokedba@ MINGW64> ./check_image.sh ******* Oci Image Selecta ! ************ Choose your Destiny ||{**}|| 1) Oracle-Linux 5) Windows 2) CentOS 6) Exit? 3) Oracle Autonomus Linux 7) All 4) Ubuntu Select an option and press Enter: 2 +-----------------------+-------------------------+--------+-------+------------+ | ImageName | OCID | OS | Size | time | +-----------------------+-------------------------+--------+-------+------------+ | CentOS-7-2020.05.20-0 | ocid1.image.oc1.ca.aaaaa| CentOS | 47694 | 2020-05-26T| +-----------------------+-------------------------+--------+-------+------------+
6. CREATE INSTANCE
brokedba@ MINGW64> ./create_instance.sh ******* Oci instance launch ! ************ Choose your Shape ||{**}|| +----------+--------+--------------------------+ | CPUcores | Memory | ShapeName | +----------+--------+--------------------------+ | 1.0 | 1.0 | VM.Standard.E2.1.Micro | +----------+--------+--------------------------+ Note: If VM.Standard2.1 is not listed that means that your FreeTier trial is over [Default option =Micro compute] Enter the Shape name you wish to create [VM.Standard.E2.1.Micro]: Enter the Path of your ssh key [/c/Users/brokedba/oci/.ssh/id_rsa.pub]: Enter the name of your new Instance [Demo-Cli-Instance]: Choose your Image ||{**}|| 1) Oracle-Linux 4) Ubuntu 2) CentOS 5) Windows 3) Oracle Autonomus Linux 6) Abort? Select an option and press Enter: 2 +-----------------------+----------------+--------+-------+ | ImageName | OCID | OS | Size | +-----------------------+----------------+--------+-------+ | CentOS-7-2020.05.20-0 | ocid1.image.oc | CentOS | 47694 | +-----------------------+----------------+--------+-------+ ****************** Network ******************* +-----------------+--------+----------------------+----------+ | CIDR | DNS | DOMAIN_NAME | VCN_NAME | +-----------------+--------+----------------------+----------+ | 192.168.0.0/20 | clivcn | clivcn.oraclevcn.com | CLI-VCN | +-----------------+--------+----------------------+----------+ select the VCN for your new instance []: CLI-VCN selected VCN name : CLI-VCN +---------+-----------------+----------------------------+ | SUBNAME | SUB_CIDR | SUB_OCID | +---------+-----------------+----------------------------+ | CLI-SUB | 192.168.10.0/24 | ocid1.subnet.oc1.xxxxxxxx. | +---------+-----------------+----------------------------+ Select The Subnet for your new instance [CLI-SUB]: ===== Instance Deployment Detail ======== selected Subnet name : CLI-SUB selected Instance name : Demo-Cli-Instance selected shape: VM.Standard.E2.1.Micro selected public key: /c/Users/brokedba/oci/.ssh/id_rsa.pub Action completed. Waiting until the resource has entered state: ('RUNNING') ==================================== Check the status of the new Instance ==================================== +------------+------------------+------------------+----------------------+---------+ | FD | id | name | shape | state | +------------+------------------------------------------------------------+---------+ | FAULT-DO-3 | ocid1.instance.xx|Demo-Cli-Instance |VM.Standard.E2.1.Micro| RUNNING | +----------------+--------------------------------------------------------+---------+ +-------------------+--------------+-----------------+ | Instance | private | public | +-------------------+--------------+-----------------+ | Demo-Cli-Instance | 192.168.10.2 | 132.145.111.128 | +-------------------+--------------+-----------------+ Termination command ==> oci compute instance terminate --instance-id ocid1.instance.oc1.ca-toronto-1.an2g6ljrajjjavactxqkdwztgublv2okiaa --force
7. CONNECTION TO THE INSTANCE AND CHECK THE STATUS
$ ssh -i .ssh/id_rsa opc@132.145.111.128
[opc@hostcli-demo ~]$ cat /etc/redhat-release
CentOS Linux release 7.8.2003 (Core)
brokedba@ MINGW64> ./check_instance.sh
Introduction OCI Quick Start repositories on GitHub are collections of Terraform scripts and configurations provided by Oracle. These repositories ... Read More
Introduction So far, I have used Oracle AutoUpgrade, many times in 3 different OS’. Yet the more you think you’ve seen it all and reached the ... Read More