Practices: Create a Webserver Instance

Try this hands-on lab with the Oracle Cloud Free Tier. If you do not have a free
account, click here to get one.
In this practice, you will:
 Launch Cloud Shell
 Generate SSH Keys
 Create a Web Server on a Compute Instance

Copyright © 2021, Oracle and/or its affiliates.

Oracle Cloud Infrastructure Architect Associate Workshop 1

Practice: Launch Cloud Shell

Overview
In this practice, you will launch a Cloud Shell session for the OCI user account assigned to you
in preparation for the upcoming practices.

Tasks
1. Log in to your Oracle Cloud Free Tier Account.
2. Click the Cloud Shell icon in the OCI Console header, highlighted in the following
screenshot:

3. This will launch the Cloud Shell in a “drawer” at the bottom of the console. When it is
ready, you will see the terminal as shown below:

4. You can use the icons in the upper-right corner of the Cloud Shell window to minimize,
maximize, and close your Cloud Shell session.
You can also use the menu icon in the upper-left corner of the cloud-shell window to
upload or download files, restart console and different setting options.
5. For clipboard operations:
 Windows users can use Ctrl-C or Ctrl-Insert to copy, and Ctrl-V or Shift-
Insert to paste.
 For Mac OS users, use Cmd-C to copy and Cmd-V to paste.
To get started with Cloud Shell, you can run the below OCI CLI command. Your Cloud
Shell comes with the OCI CLI pre-authenticated, so there is no setup to do before you can
start using it.

This completes the practice on launching Cloud Shell. Keep this session active for the next
practice.

Copyright © 2021, Oracle and/or its affiliates.

2 Oracle Cloud Infrastructure Architect Associate Workshop

Practice: Generate SSH Keys

Overview
In this practice, you will generate SSH keys to be used later when launching an instance.

Tasks
1. Launch the Cloud Shell session as described in the previous practice.
2. Generate ssh-keys for your instance if you don’t have one. As long as an id_rsa and
id_rsa.pub keypair is present, they can be reused. By default, these are stored in ~/.ssh/
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
<Press Enter>
Enter passphrase (empty for no passphrase): <Press Enter>
Enter same passphrase again: <Press Enter>
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:tAn6nKkcZDTXl/vXRAD/pfLzdmF5rQ2948MQgz5CWe8
The key's randomart image is:
+---[RSA 2048]----+
| ... |
| . o . . |
| o o o = o . o|
| . + o * o + +.|
| + S o o +.=|
| o o o . + E.*+|
| . = . o B+=|
| . o ..B+|
| o .o=|
+----[SHA256]-----+

3. Make sure permissions are restricted as sometimes ssh fails if private keys have
permissive permissions.
$ chmod 0700 ~/.ssh
$ chmod 0600 ~/.ssh/id_rsa
$ chmod 0644 ~/.ssh/id_rsa.pub

Copyright © 2021, Oracle and/or its affiliates.

Oracle Cloud Infrastructure Architect Associate Workshop 3

4. Copy the contents of ~/.ssh/id_rsa.pub in a notepad. This is your Public SSH key to
connect to the instances. You will need this throughout the course so keep it handy.
$ cd ~/.ssh

$ cat id_rsa.pub

ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDYJdfGjh5/mZFGQFaN0z+2crXr4hCBjsZIqL
iHincmCxvAWQtbP6pMjox6nVk5Tzuc9Crcy+95PpqtjXCCs1BirZeSxjKK1vVWicSV
3isyAKGns3OdcttsqDp1iF7gniplMk1a9q/oSubSl7bcQ6qMWWpaphRqGNJQN4DTwr
agLMYBKprPrK67fTxGUpBmsvvjfX1WHN4B5EWE0gl/LOecJN7W0jSbXgWoTEcHyp5M
HeXOA+nfwYqbl26rsTiMpsyzQb5kvUgfeTvV3eiQj1OSOcxYNF7R4nqs9KzUTZEs68
GQUA3TNKEfmzptuqX04o/fVcwp7chtV8DEUsWc5jUz lab_user16@90f4f8d1e20e

This completes the practice on creating SSH keys.

Copyright © 2021, Oracle and/or its affiliates.

4 Oracle Cloud Infrastructure Architect Associate Workshop

Practice: Create a Web Server on a Compute Instance

Overview
In this practice, you will create a web server on a Compute instance by installing Apache.

Tasks
1. Terminate if any running compute instances that are created in earlier practices.
2. In the OCI Console, navigate to MENU > Compute > Instances.
3. Click Create Instance.
4. Enter the following details for your Compute instance:
 Name: web-server
 Image or Operating System: Select the default Oracle Linux image.
 Availability Domain: Select any Availability Domain (Make note of what you select).
 Shape: VM.Standard2.1 (Virtual Machine)
Note: To change the Shape and type of instance, you can click Change Shape and
make selections.
 Networking: (Virtual Cloud Network – VCN)
 VCN Compartment: Ensure your Compartment has been selected.
 VCN: Select the VCN.
 Subnet Compartment: Ensure your Compartment has been selected.
 Subnet: Select your Public Subnet.
 Select Assign a public IP address.
 Boot Volume Size: Use the default.
 SSH Key: Select the Paste SSH keys option and paste the contents of your Public
SSH key copied in the previous practice (Also available in ~/.ssh/id_rsa.pub).
5. Finally, click Create to create the Compute instance.
As you can see, creating a Compute instance is simple and intuitive with few options to
select. Provisioning of the Compute instance will be completed in less than a minute and
the instance state will change from Provisioning to Running.
6. When the instance state changes to Running, you can SSH to the Public IP address of the
instance.

Copyright © 2021, Oracle and/or its affiliates.

Oracle Cloud Infrastructure Architect Associate Workshop 5

7. You will use Cloud Shell to connect to the instance. Bring up the minimized Cloud Shell
terminal and enter the following command. Enter Yes, when prompted, to continue
connecting.
$ ssh opc@<Public_IP_of_Compute>
Note: In general, for OCI Linux–based Compute instances, the default username is opc.

After it is successfully connected, you can see the change in the command prompt to
ensure you are now logged in to your “web-server” Compute instance.

8. For this practice, we are going to install an Apache HTTP web server and try to connect to
it over the public internet.
Note: Apache HTTP Server is an open-source web server developed by the Apache
Software Foundation. The Apache server hosts web content, and responds to requests for
this content from web browsers such as Chrome or Firefox.
While connected to your Compute instance, i.e. web-server via SSH, run the following
commands:
Install Apache http:
$ sudo yum install httpd -y

 Start the Apache server and configure it to start every time the system reboots:
$ sudo apachectl start
$ sudo systemctl enable httpd

 Run a quick check on Apache configurations:

$ sudo apachectl configtest

Your output should be:

Syntax OK

 Create firewall rules to allow access to the ports on which the HTTP server listens and
reloads:
$ sudo firewall-cmd --permanent --zone=public --add-service=http
$ sudo firewall-cmd --reload

Copyright © 2021, Oracle and/or its affiliates.

6 Oracle Cloud Infrastructure Architect Associate Workshop

 Your output for the above commands should be:
Success

 Create an index file with a personalized message for your web server:
$ sudo bash -c 'echo This is my Web-Server running on Oracle Cloud
Infrastructure >> /var/www/html/index.html'

9. Open your browser and navigate to http://Public-IPAddress (Replace the Public IP

address of your web server. Example: http://111.111.111.111)
Note: Your browser will not return anything because port 80 was not opened into the
Security Lists.
10. While still on your Compute instance details page in the OCI Console, click the Virtual
Cloud Network link, i.e. the name of your VCN - FirstVCN.
11. On the VCN details page, under the Resources section, click Security Lists in the left
navigation bar.
12. Click the Default Security List. Here you need to open port 80.
Click Add Ingress Rules and add the following values as shown below. Review the
following screenshot to get an idea of what needs to be entered:
 Source Type: CIDR
 Source CIDR: 0.0.0.0/0
 IP Protocol: TCP
 Source Port Range: All
 Destination Port Range: 80

Copyright © 2021, Oracle and/or its affiliates.

Oracle Cloud Infrastructure Architect Associate Workshop 7

  Click Add Ingress Rules at the bottom.

13. Navigate to http://public_IP_Address again in your browser. This time, you should be
able to see the index page of the web server, which was created previously.
Here are some troubleshooting steps if required:
If you are unable to access the index page of your web server on your browser, possible
scenarios include:
 VCN Security Lists is blocking traffic. Check the VCN Security List again for an ingress
rule for port 80.
 Check if you have a firewall at your end or a VPN connecting that is blocking traffic.

Copyright © 2021, Oracle and/or its affiliates.

8 Oracle Cloud Infrastructure Architect Associate Workshop