Creating a VM On Oracle Cloud

Introduction

In this article, we're going to see how easy it is to create a VM within Oracle Cloud and deploy a basic Apache HTTP server to the instance.

Why Oracle Cloud? Oracle Cloud provides several free services that are always free. For compute services (i.e. a VM), the following is offered.

2 virtual machines with 1/8 OCPU and 1 GB memory each.

Within this article, we'll see how to create a VM, how to SSH into the instance and then how to configure the Security to allow HTTP access to the instance.

This article assumes that you have an Oracle Cloud account. If you haven't, it's easy to sign up. You will need a Credit Card to sign up, but at time of writing, Oracle state that no charges will be applied to your account until you upgrade. As usual with cloud services, be careful with what you spend !

OK. Obligatory warning over, let's get started.

Creating the VM

After logging in to your Oracle Cloud account, you are presented with the top level dashboard.

oc1.png

As can be seen in the image above, the first option in the dashboard is Create a VM instance. Select this option. The Create Compute Instance page is displayed.

oc2.png

On this page, we can define the settings that we wish to use for the VM we are going to create. The first setting is the name of the instance, in this example, web-server. If you don't enter a name of the instance, one will automatically be provided for you.

Next, we can choose the default operating system that will be installed on the VM. The default is Oracle Linux 7.7, however Ubuntu, CentOS and Windows are available (Note, that Windows is not available in the Free tier).

After choosing the OS, the next option is to choose what type of VM to deploy. This is selected by pressing the Show Shape, Network, Storage Options link.

oc3.png

Within this screen, we can first select the Availability Domain to deploy the VM into. In the case of London, there are 3 Availability Domains, only one of which is Free Tier eligible. Ensure you select the Domain that is Free Tier eligible.

The Instance Shape option allows us to determine how much RAM, CPU and Bandwidth the instance is allocated. Different Instance Shapes are available for the Free Tier than for other tiers. For the Free Tier, the VM.Standard.E2.1.Micro can be selected which has 1 OCPU, 1GB RAM and 480 Mbps bandwidth.

oc4.png

All of the remaining options can be left as their default values apart from entering a SSH key. This is required to allow you to log into the VM.

oc5.png

You can either paste or upload your public ssh key. This is usually stored within the ~/.ssh/id_rsa.pub file. Note, that if you're on a Mac, you can easily copy your public key to the clipboard with the following:

> cat ~/.ssh/id_rsa.pub | pbcopy

That should be everything that is needed to create the VM, so press the Create button and relax. Your VM is on its way.

Connecting to the VM

Within a few seconds, you will see the instance details for the newly created VM. If all goes well, the icon on the left of the screen will turn green indicating that the VM has been deployed and started successfully.

oc6.png

On this screen, you'll see the Public IP Address within the Primary VNIC Information section. If you submitted your SSH keys successfully to the creation wizard, you should be able to log on now by executing ssh opc@instance-ip

> ssh opc@140.238.84.136        
The authenticity of host '140.238.84.136 (140.238.84.136)' can't be established.
ECDSA key fingerprint is SHA256:qcmmG661MkiQG+0YK2sRd6a4ta/zFYpCIH4fccBNOwQ.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '140.238.84.136' (ECDSA) to the list of known hosts.
[opc@web-server ~]$

If all goes well, you've successfully connected via SSH into the VM. Next, let's take a look at how we can install Apache HTTP onto the instance so that we can check it is accessible from the internet.

Installing Apache HTTP

After logging into the instance, ensure that the Operating System is up to date:

[opc@web-server ~]$ sudo yum update
Loaded plugins: langpacks, ulninfo
ol7_UEKR5                                                                                        | 2.8 kB  00:00:00     
ol7_addons  
...
...

Then use yum to install Apache HTTP.

[opc@web-server ~]$ sudo yum install httpd -y
Loaded plugins: langpacks, ulninfo
ol7_developer 
...
...
Installed:
  httpd.x86_64 0:2.4.6-90.0.1.el7                                                                                       

Dependency Installed:
  apr.x86_64 0:1.4.8-5.el7           apr-util.x86_64 0:1.5.2-6.0.1.el7      httpd-tools.x86_64 0:2.4.6-90.0.1.el7     
  mailcap.noarch 0:2.1.41-2.el7     

Complete!

Finally, start apache and ensure that it starts when the VM is rebooted.

[opc@web-server ~]$ sudo service httpd start
Redirecting to /bin/systemctl start httpd.service
[opc@web-server ~]$ sudo chkconfig httpd on
Note: Forwarding request to 'systemctl enable httpd.service'.
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

Apache is now installed and ready for use. However, if you try and access the VM via a browser, your browser will complain that the site can't be reached. We'll solve this issue in the next section.

Configuring Network Access

Finally, we need to configure both the firewall on the Operating System and the Security Lists within Oracle Cloud to allow access.

Firewall

Initially, we can query the firewall to ensure that http access is currently blocked.

[opc@web-server ~]$ sudo firewall-cmd --list-services
dhcpv6-client ssh

We see a list of services (dhcpv6-client, ssh) that are allowed through the firewall. We need to allow access to the http service, so execute:

[opc@web-server ~]$ sudo firewall-cmd --add-service=http --permanent
success
[opc@web-server ~]$ sudo firewall-cmd --reload
success

This adds access to the http service permanently and then reloads the firewall rules so that they take effect immediately.

We can now query the firewall services again to ensure we've added access.

[opc@web-server ~]$ sudo firewall-cmd --list-services
dhcpv6-client http ssh

As you can see, http is now in the list of services, so we can move on and configure the Security Lists within Oracle Cloud.

Security Lists

From the Instance Details page, click on the Public Subnet link within the VNIC Information section. This will take us to a page showing all the subnets that are available to the instance.

Click on the Security Lists link along the side of the page to see the security lists defined for the instance (at present, there is only the default Security List that was created when the VM was deployed).

oc8.png Open up the Security List and you will see a list of Ingress Rules. These are essentially firewall rules within the Oracle Cloud that define what protocols can access the VM.

Add an Ingress Rule with the following settings:

  • Stateless: No
  • Source Type: CIDR
  • Source CIDR: 0.0.0.0/0
  • IP Protocol: TCP
  • Destination Port Range: 80

oc10.png

Upon specifying the Ingress Rule, the settings will automatically be applied and there is no need to restart the instance.

Now, navigating to the IP address of the instance should show the Apache HTTP welcome page

oc11.png

Summary.

In this article, we've seen how to deploy a Virtual Machine to the Oracle Cloud. We then saw how to connect to the instance via SSH and how to install Apache HTTP and configure network access for it.

Don't forget, it's always good practice to terminate any resources you've created that you don't need to ensure you don't get charged for them.

Credits

Photo by Pero Kalimero on Unsplash

No Comments Yet