Oracle Cloud Infrastructure OCI – Create Instance ,Attach Block Volume , Open Ports, Setup Firewall rules

Assumption : You have Oracle Cloud Infrastructure Account and you have access to create Instances and Resources, You have a Compartment already created ( its easy to create new one as well )

Goal : Create Oracle Linux Instance on OCI, Attach Block Volume, Install HTTPD ( Apache Server) , Open port for public internet

Getting started : Create SSH Keys

D:\BM>ssh-keygen -b 2048 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/madhurao/.ssh/id_rsa): bm_ssh_key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in bm_ssh_key.
Your public key has been saved in
The key fingerprint is:
SHA256:B1eLdzuhzjm69ymRCx7f8+5oQZGU/DtMUunc+3k4N5c madhurao@MADHURAO-IN
The key's randomart image is:
+---[RSA 2048]----+
|            .o.o.|
|           o .=o |
|        . o o *o.|
|         o . +.*o|
|        S . .o* o|
|         .ooo..* |
|         . +=+ o=|
|          ..=.*E=|
|          oo ++BB|

Create VCN

Login to cloud dashboard , select a compartment that has been already created , now create a VCN , if you do not have compartment created , then create and select it

You can create new VCN by selecting Networking Tab , we will create a new VCN in BlrCompartment by name BMVCN

Select Option “Create Virtual Network Cloud Plus Related Resources” 

This is Automatically create required subnets , internet gateways and route table

Create Instance : Click on Create Instance

Select Oracle Linux 7.4 and latest build

Browse the or you can edit in notepad and copy paste as well

Select the VCN that we created previously and we must be all set

with in few mins we should be able to see the instance running with public IP address

SSH to Instance
D:\BM>ssh -i bm_ssh_key opc@
The authenticity of host ' (' can't be established.
ECDSA key fingerprint is SHA256:ShqSAB1ytvSrCeBVPkX3kdLBmM1EyAA91rHYffxqYdw.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (ECDSA) to the list of known hosts.
[opc@webserver3 ~]$ ls
[opc@webserver3 ~]$ pwd
[opc@webserver3 ~]$

Create Block Volume and Attach this Storage to Compute Instance

Create block volume of type ISCSI and You can change the default 1 TB to as many GBs as needed ,

Note this should be in same Availability Domain as the Compute Instance that we plan to attach

Select Compute and Attach the Block volume that we just created

Then Select the Instance Compute and Attach the newly created Block Volume

Making Block Volume available to Operating System

Copy the ISCASI Commands and paste into SSH terminal 

D:\BM>ssh -i bm_ssh_key opc@publicIP
Last login: Tue May 22 10:56:02 2018 from
[opc@webserver3 ~]$ 
sudo iscsiadm -m node -o new -T -p iadm -m node -o update -T
iSCSI node [tcp:[hw=,ip=,net_if=,iscsi_if=default],3260,-1 iqn.2015-12.
com.oracleiaas:8d39fb55-b733-4990-b7a6-b1ff98424d96] added 8424d96
[opc@webserver3 ~]$
sudo iscsiadm -m node -o update -T
-n node.startup -v automatic iadm -m node -T
[opc@webserver3 ~]$ sudo iscsiadm -m node -T
-p -l Logging in to [iface: default, target:
90-b7a6-b1ff98424d96, portal:,3260] (multiple) Login to [iface: default, target:
7a6-b1ff98424d96, portal:,3260] successful.
We will now mount the block volume 
[opc@webserver3 ~]$ lsblk
sda      8:0    0   47G  0 disk
├─sda1   8:1    0  512M  0 part /boot/efi
├─sda2   8:2    0    8G  0 part [SWAP]
└─sda3   8:3    0 38.1G  0 part /
sdb      8:16   0  100G  0 disk
[opc@webserver3 ~]$ sudo fdisk -l

Disk /dev/sda: 50.5 GB, 50465865728 bytes, 98566144 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 1048576 bytes
Disk label type: dos
Disk identifier: 0x00000000

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1    97677311    48838655+  ee  GPT
Partition 1 does not start on physical sector boundary.

Disk /dev/sdb: 107.4 GB, 107374182400 bytes, 209715200 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 1048576 bytes

[opc@webserver3 ~]$ sudo mkfs -t ext4 /dev/sdb
mke2fs 1.42.9 (28-Dec-2013)
/dev/sdb is entire device, not just one partition!
Proceed anyway? (y,n) y
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=256 blocks
6553600 inodes, 26214400 blocks
1310720 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=2174746624
800 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000, 7962624, 11239424, 20480000, 23887872

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

[opc@webserver3 ~]$ sudo mkdir /mnt/home
[opc@webserver3 ~]$ sudo mount /dev/sdb /mnt/home
[opc@webserver3 ~]$ cd /mnt/home/
[opc@webserver3 home]$ pwd
[opc@webserver3 home]$

We can now add files to the newly mounted block volume

[opc@webserver3 home]$ sudo vi demo.txt
[opc@webserver3 home]$ cat demo.txt
Hi there this is just a demo file
[opc@webserver3 home]$
Install and Auto Start HTTPD Apache
yum install httpd
  httpd.x86_64 0:2.4.6-80.0.1.el7                                                                                                                                                                                  

Dependency Installed:
  apr.x86_64 0:1.4.8-3.el7_4.1                    
apr-util.x86_64 0:1.5.2-6.0.1.el7
httpd-tools.x86_64 0:2.4.6-80.0.1.el7
mailcap.noarch 0:2.1.41-2.el7 Complete! [opc@webserver3 home]$ sudo systemctl enable httpd Created symlink from /etc/systemd/system/
httpd.service to /usr/lib/systemd/system/httpd.service. [opc@webserver3 home]$ sudo apachectl configtest Syntax OK

Add Firewall rule to accept incoming traffic

[opc@webserver3 home]$ sudo firewall-cmd --permanent --zone=public --add-service=http
[opc@webserver3 home]$ sudo firewall-cmd --reload

Add Index.html to Apache root directory

[opc@webserver3 html]$ sudo su
[root@webserver3 html]# sudo echo "This is webserver 3" > /var/www/html/index.html
[root@webserver3 html]# curl 
[root@webserver3 html]# Connection Refused for Port 80

Allow port 80 for public URL access by Editing Ingres Rules


[root@webserver3 html]# curl 
[root@webserver3 html]# This is webserver 3 

MOST Important to Access from Web Browser

Restart Apache

[opc@webserver3 ~]$ sudo su 
[root@webserver3 opc] # /sbin/service httpd
restart Redirecting to /bin/systemctl restart httpd.service [root@webserver3 opc] # /sbin/service httpd status Redirecting to
/bin/systemctl status httpd.service ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2018-05-22 13:03:32 GMT; 8s ago Docs: man:httpd(8)
man:apachectl(8) Main PID: 7652 (httpd) Status: "Processing requests..." CGroup: /system.slice/httpd.service ├─7652 /usr/sbin/httpd -DFOREGROUND
├─7653 /usr/sbin/httpd -DFOREGROUND ├─7654 /usr/sbin/httpd -DFOREGROUND ├─7655
/usr/sbin/httpd -DFOREGROUND ├─7656 /usr/sbin/httpd -DFOREGROUND
└─7657 /usr/sbin/httpd -DFOREGROUND May 22 13:03:32 webserver3 systemd[1]: Starting The Apache HTTP Server... May 22 13:03:32 webserver3 systemd[1]:
Started The Apache HTTP Server. [root@webserver3 opc]# curl This is webserver 3

What Next ? Create Object Buckets and Storing Objects in Buckets and setting up expiry links