Oracle Cloud Infrastructure OCI – Create Instance ,Attach Block Volume , Open Ports, Setup Firewall rules

Assumption : You have Oracle Cloud Infrastructure Account and you have access to create Instances and Resources, You have a Compartment already created ( its easy to create new one as well )

Goal : Create Oracle Linux Instance on OCI, Attach Block Volume, Install HTTPD ( Apache Server) , Open port for public internet

Getting started : Create SSH Keys

D:\BM>ssh-keygen -b 2048 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/madhurao/.ssh/id_rsa): bm_ssh_key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in bm_ssh_key.
Your public key has been saved in
The key fingerprint is:
SHA256:B1eLdzuhzjm69ymRCx7f8+5oQZGU/DtMUunc+3k4N5c [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|            .o.o.|
|           o .=o |
|        . o o *o.|
|         o . +.*o|
|        S . .o* o|
|         .ooo..* |
|         . +=+ o=|
|          ..=.*E=|
|          oo ++BB|

Create VCN

Login to cloud dashboard , select a compartment that has been already created , now create a VCN , if you do not have compartment created , then create and select it

You can create new VCN by selecting Networking Tab , we will create a new VCN in BlrCompartment by name BMVCN

Select Option “Create Virtual Network Cloud Plus Related Resources” 

This is Automatically create required subnets , internet gateways and route table

Create Instance : Click on Create Instance

Select Oracle Linux 7.4 and latest build

Browse the or you can edit in notepad and copy paste as well

Select the VCN that we created previously and we must be all set

with in few mins we should be able to see the instance running with public IP address

SSH to Instance
D:\BM>ssh -i bm_ssh_key [email protected]
The authenticity of host ' (' can't be established.
ECDSA key fingerprint is SHA256:ShqSAB1ytvSrCeBVPkX3kdLBmM1EyAA91rHYffxqYdw.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (ECDSA) to the list of known hosts.
[[email protected] ~]$ ls
[[email protected] ~]$ pwd
[[email protected] ~]$

Create Block Volume and Attach this Storage to Compute Instance

Create block volume of type ISCSI and You can change the default 1 TB to as many GBs as needed ,

Note this should be in same Availability Domain as the Compute Instance that we plan to attach

Select Compute and Attach the Block volume that we just created

Then Select the Instance Compute and Attach the newly created Block Volume

Making Block Volume available to Operating System

Copy the ISCASI Commands and paste into SSH terminal 

D:\BM>ssh -i bm_ssh_key [email protected]
Last login: Tue May 22 10:56:02 2018 from
[[email protected] ~]$ 
sudo iscsiadm -m node -o new -T -p iadm -m node -o update -T
iSCSI node [tcp:[hw=,ip=,net_if=,iscsi_if=default],3260,-1 iqn.2015-12.
com.oracleiaas:8d39fb55-b733-4990-b7a6-b1ff98424d96] added 8424d96
[[email protected] ~]$
sudo iscsiadm -m node -o update -T
-n node.startup -v automatic iadm -m node -T
[[email protected] ~]$ sudo iscsiadm -m node -T
-p -l Logging in to [iface: default, target:
90-b7a6-b1ff98424d96, portal:,3260] (multiple) Login to [iface: default, target:
7a6-b1ff98424d96, portal:,3260] successful.
We will now mount the block volume 
[[email protected] ~]$ lsblk
sda      8:0    0   47G  0 disk
├─sda1   8:1    0  512M  0 part /boot/efi
├─sda2   8:2    0    8G  0 part [SWAP]
└─sda3   8:3    0 38.1G  0 part /
sdb      8:16   0  100G  0 disk
[[email protected] ~]$ sudo fdisk -l

Disk /dev/sda: 50.5 GB, 50465865728 bytes, 98566144 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 1048576 bytes
Disk label type: dos
Disk identifier: 0x00000000

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1    97677311    48838655+  ee  GPT
Partition 1 does not start on physical sector boundary.

Disk /dev/sdb: 107.4 GB, 107374182400 bytes, 209715200 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 1048576 bytes

[[email protected] ~]$ sudo mkfs -t ext4 /dev/sdb
mke2fs 1.42.9 (28-Dec-2013)
/dev/sdb is entire device, not just one partition!
Proceed anyway? (y,n) y
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=256 blocks
6553600 inodes, 26214400 blocks
1310720 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=2174746624
800 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000, 7962624, 11239424, 20480000, 23887872

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

[[email protected] ~]$ sudo mkdir /mnt/home
[[email protected] ~]$ sudo mount /dev/sdb /mnt/home
[[email protected] ~]$ cd /mnt/home/
[[email protected] home]$ pwd
[[email protected] home]$

We can now add files to the newly mounted block volume

[[email protected] home]$ sudo vi demo.txt
[[email protected] home]$ cat demo.txt
Hi there this is just a demo file
[[email protected] home]$
Install and Auto Start HTTPD Apache
yum install httpd
  httpd.x86_64 0:2.4.6-80.0.1.el7                                                                                                                                                                                  

Dependency Installed:
  apr.x86_64 0:1.4.8-3.el7_4.1                    
apr-util.x86_64 0:1.5.2-6.0.1.el7
httpd-tools.x86_64 0:2.4.6-80.0.1.el7
mailcap.noarch 0:2.1.41-2.el7 Complete! [[email protected] home]$ sudo systemctl enable httpd Created symlink from /etc/systemd/system/
httpd.service to /usr/lib/systemd/system/httpd.service. [[email protected] home]$ sudo apachectl configtest Syntax OK

Add Firewall rule to accept incoming traffic

[[email protected] home]$ sudo firewall-cmd --permanent --zone=public --add-service=http
[[email protected] home]$ sudo firewall-cmd --reload

Add Index.html to Apache root directory

[[email protected] html]$ sudo su
[[email protected] html]# sudo echo "This is webserver 3" > /var/www/html/index.html
[[email protected] html]# curl 
[[email protected] html]# Connection Refused for Port 80

Allow port 80 for public URL access by Editing Ingres Rules


[[email protected] html]# curl 
[[email protected] html]# This is webserver 3 

MOST Important to Access from Web Browser

Restart Apache

[[email protected] ~]$ sudo su 
[[email protected] opc] # /sbin/service httpd
restart Redirecting to /bin/systemctl restart httpd.service [[email protected] opc] # /sbin/service httpd status Redirecting to
/bin/systemctl status httpd.service ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2018-05-22 13:03:32 GMT; 8s ago Docs: man:httpd(8)
man:apachectl(8) Main PID: 7652 (httpd) Status: "Processing requests..." CGroup: /system.slice/httpd.service ├─7652 /usr/sbin/httpd -DFOREGROUND
├─7653 /usr/sbin/httpd -DFOREGROUND ├─7654 /usr/sbin/httpd -DFOREGROUND ├─7655
/usr/sbin/httpd -DFOREGROUND ├─7656 /usr/sbin/httpd -DFOREGROUND
└─7657 /usr/sbin/httpd -DFOREGROUND May 22 13:03:32 webserver3 systemd[1]: Starting The Apache HTTP Server... May 22 13:03:32 webserver3 systemd[1]:
Started The Apache HTTP Server. [[email protected] opc]# curl This is webserver 3

What Next ? Create Object Buckets and Storing Objects in Buckets and setting up expiry links