Oracle cloud provide an always free service for virtual machine, database and network creation & usage. It is a very good news because of free usage. This article will tell you how to register oracle always free cloud account and how to create virtual machine instance in it, it also tell you how to setup ShadowSocks server on it.
1. Steps To Create & Use Oracle Cloud Always Free Service.
- Register an oracle always free account.
- Login to oracle cloud service.
- Create virtual machine instance in the oracle cloud use always free image.
- Assign public ip address to above instance.
- Connect to the instance with ssh.
- Add firewall rule to allow client to use special protocol and port number to access the service ( for example ShadowSocks Server ) running on the instance.
2. Register Oracle Always Free Account.
The oracle always free account registration is very straight forward. Please follow below steps to finish it.
- Google oracle always free cloud keyword and open it’s registration page like below.
- Click the Start for free button in above page to begin registration process.
- Then input your email address, country, account usage, mobile number etc in later follow pages until you goto the last page to finish, the wizard is very straight forward. Now your oracle cloud account has been created successfully.
3. Login To Oracle Cloud Service.
- Go to above oracle cloud account registration page.
- Click the user icon at the page top right corner before the sentence Oracle Cloud Free Tier, then click the Sign in to Cloud link at the CLOUD ACCOUNT section of the popup menu.
- Input your oracle cloud account name in the next page, click Next button.
- Then it will direct you to the oracle cloud dashboard page, you can see the three item in the first line is always free service.
- If you can not login to the dashboard for so long time, you can change the country or region ( such as select hong kong instead of united state ). The nearest region will improve connection speed very much.
4. Create Virtual Machine Instance In Oracle Cloud.
- In above oracle cloud quick actions page, click the Create a VM instance link in the COMPUTE section. It will open an instance creation dialog window.
- You can also click the three horizontal line icon at page top left corner to open the oracle cloud main menu, then click Compute —> Instances menu item.
- If you see the Select a Compartment page like below, you should select your compartment from the COMPARTMENT List Scope at bottom left corner of the page.
- After you select one compartment, and when you click the Instances link at left panel, you can see the Create Instance button at page right side.
- Click the Create Instance button will open below oracle cloud Create Compute Instance page, input the instance name, and select one operating system image source, i choose Ubuntu.
- If you want to use other image source, click the Change Image Source button, it will list out all the image sources in a popup dialog window. You can select any image source as you like. The image source that is tagged with Always Free Eligible is always free image sources.
- Below above Change Image Source button, there is a Show Shape, Network and Storage Options link.
- When you click above link, it will expand the page to let you configure the instance networking options, you can select virtual cloud network and check assign public ip address radio button in the options. You can also choose not assign public ip address radio button here and assign public ip to the instance later.
- Because oracle use key pair file to authenticate user on linux so you need to create key pair files use below command in a terminal. The command name is ssh-keygen, it will create two key pair file in current folder ( ./oracle_cloud, ./oracle_cloud.pub ), and it will also print out the key fingerprint text. For more about ssh-keygen command usage, please read article Managing Key Pairs on Linux Instances.
$ ssh-keygen -t rsa -N "" -b 2048 -C "oracle_cloud" -f oracle_cloud Generating public/private rsa key pair. Your identification has been saved in oracle_cloud. Your public key has been saved in oracle_cloud.pub. The key fingerprint is: SHA256:ZYXOMiSvLloLJ2MEkR19LuI4aXt2fM+5LKR1SUDf3fQ oracle_cloud The key's randomart image is: +---[RSA 2048]----+ |.o.o .. .. . | |... . o.o o.. o .| |. o +.+o. . .E| | .. . . ++o | | +.. . .So. | |+o. .o o | |..* +.+ . | | o O.=.oo . | | +.o.. o*. | +----[SHA256]-----+
- Now go back to the Create Compute Instance page, scroll down the page to the Add SSH key section. Click the Choose Files button to select above ./oracle_cloud.pub file.
- Click Create button to create the oracle always free virtual machine instance. If you see below page, it means the virtual machine instance has been created successfully.
- If you meet error message like Out of host capacity. This means there is no spare host capacity for you to create. Also maybe you have already created one oracle cloud compute instance before, you should wait for some time to make the old oracle cloud compute instance terminated complete and recreate again.
4. Assign Public IP Address To Oracle Always Free Tier Virtual Machine Instance.
Only after you assign a public ip address to the virtual machine instance, then you can connect to the virtual machine instance use ssh client tool. You can follow below steps to assign public ip address to the virtual machine instance.
- After you create above virtual machine instance in oracle always free cloud service, you can click ORACLE Cloud —> Compute —> Instances menu item to go to the virtual machine instances list page.
- Click the running virtual machine instance’s name link to go to it’s detail page.
- In the virtual machine instance detail information page, scroll down to the Primary VNIC Information section, you can see the Public IP Address item’s value is Unavailable. So to connect to this virtual machine instance, you should first assign a public ip address to it.
- Continue to scroll down the page until you see the floating Resources link list in the page left side like below.
- Click the Attached VNICs link in above Resources link list. Then it will display below Attached VNICs list page.
- Click the Primary VNIC name link in above page, it will direct you to the selected Attached VINC detail information page.
- Scroll down the Attached VNIC detail information page, and you can see the IP Addresses (1) link in left floating Resources link list, click it will direct you to the IP Address detail page like below.
- At the end of the IP Address line item, there are three dot. Hover your mouse key on it, it will popup a menu list, clic the Edit menu item in it, then it will popup an ip address edit dialog window.
- In the Public IP Address section, by default the NO PUBLIC IP radio button is selected. You should select the RESERVED PUBLIC IP radio button. And then click the Create a New Reserved Public IP item in the RESERVED PUBLIC IP drop down list. Then you can input a name in the RESERVED PUBLIC IP NAME input text box, but this is optional. Then click the Update button to assign a reserved public ip to this virtual machine instance. When the process complete success, you can get the assigned public ip address in the IP Addresses list page.
5. Connect To Oracle Always Free Tier Virtual Machine Instance.
- Open a terminal in Mac OS and run below command in it. If you meet below error ( Host key verification failed ), that means you are now using a new key pair file which is not the one when you create the oracle cloud virtual machine instance.
$ ssh -i ./oracle_cloud [email protected]_oracle_virtual_instance_public_ip_address @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256:B1QN8JZXnYm+Bz4qmgMSkXFR5oL37Brh4x7OGJsd8D8. Please contact your system administrator. Add correct host key in /Users/songzhao/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /Users/songzhao/.ssh/known_hosts:1 ECDSA host key for your_oracle_virtual_instance_public_ip_address has changed and you have requested strict checking. Host key verification failed.
- To fix above error, you need to run below command in terminal.
$ ssh-keygen -R your_oracle_virtual_instance_public_ip_address # Host your_oracle_virtual_instance_public_ip_address found: line 1 /Users/songzhao/.ssh/known_hosts updated. Original contents retained as /Users/songzhao/.ssh/known_hosts.old
- You may also meet below error which said the key pair public file ( ./oracle_cloud.pub ) permission is too open ( 0644 ), you should change it’s permission to ( 0600 )
$ ssh -i ./oracle_cloud [email protected]_oracle_virtual_instance_public_ip_address The authenticity of host 'your_oracle_virtual_instance_public_ip_address (your_oracle_virtual_instance_public_ip_address)' can't be established. ECDSA key fingerprint is SHA256:B1QN8JZXnYm+Bz4qmgMSkXFR5oL37Brh4x7OGJsd8D8. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'your_oracle_virtual_instance_public_ip_address' (ECDSA) to the list of known hosts. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for './oracle_cloud.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Load key "./oracle_cloud.pub": bad permissions [email protected]_oracle_virtual_instance_public_ip_address: Permission denied (publickey).
- Run below command in terminal to change the file’s permission to 0600.
$ sudo chmod 0600 ./oracle_cloud.pub $ ls -l ./oracle_cloud.pub -rw------- 1 songzhao staff 394 Nov 26 20:50 ./oracle_cloud.pub
- Now reconnect to the oracle cloud virtual instance again with below command. Then you are logged into the remote virtual machine instance. Below output message says System restart required, so we should run sudo reboot command to restart it.
$ ssh -i ./oracle_cloud [email protected]_oracle_virtual_instance_ip_address Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-1029-oracle x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage System information as of Wed Nov 27 12:42:50 UTC 2019 System load: 0.05 Processes: 106 Usage of /: 3.2% of 44.97GB Users logged in: 0 Memory usage: 32% IP address for ens3: 10.0.0.3 Swap usage: 0% * Overheard at KubeCon: "microk8s.status just blew my mind". https://microk8s.io/docs/commands#microk8s.status * Canonical Livepatch is available for installation. - Reduce system reboots and improve kernel security. Activate at: https://ubuntu.com/livepatch 16 packages can be updated. 0 updates are security updates. *** System restart required *** The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. To run a command as administrator (user "root"), use "sudo <command>". See "man sudo_root" for details. [email protected]:~$ sudo reboot
6. Add Firewall Rule To Allow Special Network Protocol & Port Number Request To Service Running On The Instance.
- Click ORACLE Cloud —> Networking —> Virtual Cloud Networks menu item to open VCN list page.
- Click the virtual cloud network name link that is assigned to the oracle cloud virtual instance.
- Then it will open the VCN detail page, scroll down the page until you see Security Lists link in the page left side.
- When you click the Security Lists link menu in the page left side, it will open the security list page like below.
- Click the default security list name link, then it will open it’s detail page. Scroll down the page to the Ingress / Egress Rules area, then you can add firewall rule there. The Ingress Rules means inbound rules, and the Egress Rules means outbound rules.
- In this example we want to install ShadowSocks server in oracle cloud instance, and ShadowSocks server listen on special port use tcp protocol, so you can add one ingress rule to allow ShadowSocks server used port number be accessed from outside. If you want to learn more about install and configure ShadowSocks server, you can read article How To Setup ShadowSocks VPN On Mac, Windows And Linux