Getting Started with Oracle Linux

Navigate to the compute instances page and start the Create Instance workflow.

1. Open the navigation menu and select Compute. Under Compute, select Instances.
2. Click Create instance.
3. Enter the Name and select the compartment from Create in compartment.

   You can add or change the name later. The name does not need to be unique, because an Oracle Cloud Identifier (OCID) uniquely identifies the instance.

4. In the Placement section:
   • Select the Availability domain.
   • (Optional) Select a capacity type, turn on cluster placement group, or specify a fault domain, click Show advanced options. For more information, see Define instance details.
5. In the Image and shape section:
   • Under Image, select an Oracle Linux image for the instance. By default, an Oracle Linux image is used to boot the instance. To select a different Oracle Linux image or a boot volume, click Change image. For more information, see Selecting an image, Oracle-provided images, and Marketplace images.
   • Under Shape, select a shape for the instance. By default, the shape is an AMD virtual machine. To select a different shape or change the configuration of the default shape, click Change shape. For more information, see Selecting a shape.
   • (Optional) Click Show advanced options to configure the following for the instance:
     • Management - instance metadata service, initialization script, tagging, and security attributes.
     • Availability - live migration options.
     • Oracle Cloud Agent - plugins to run on the instance. By default, Custom Logs Monitoring, Compute Instance Run Command, Compute Instance Monitoring, and Cloud Guard Workload Protection are selected.

     For more information, see configuring advanced options and live migration.

6. Click Next.

Enable either shielded instances or confidential computing but not both, simultaneously.

1. (Optional) Enable Shielded instance.
2. (Optional) Enable Confidential computing.
3. Click Next.

Configure a virtual network interface card (VNIC) using a virtual cloud network (VCN). You have the option of creating a new VCN or using an existing one; however, to have the full range of options, we recommend that you create a VCN before creating an instance.

If you are unsure of your networking needs, review:

• Networking Scenarios
• Configure Primary VNIC
• Configure Primary IP Address
• Configure Advanced Network Settings

To configure a VNIC and optionally add SSH keys, complete the following steps:

1. Enter a VNIC name.
2. For the Primary network select one of the following options:
   • Select existing virtual cloud network

     Use this option if you already have a VCN. Select the VCN compartment and the VCN name from the lists.

   • Create new virtual cloud network

     Use this option if you do not have an existing VCN or do not want to use an existing one. Enter a name for the new VCN and select a compartment for it.

3. For the Subnet select one of the following options:
   • Select existing subnet

     Use this option if you already have a subnet. Select the subnet compartment and subnet name from the lists.

   • Create new public subnet

     Use this option if you created a new VCN in the previous step or if you want a new subnet for an existing VCN. Enter a name for the new subnet, select a compartment for it, and enter a CIDR block.

4. In the Primary VNIC IP addresses section:
   • If you created a new public subnet in the previous step, the private and public IPv4 addresses are automatically assigned.
   • If you are using an existing subnet:
     • For Private IPv4 address, select Automatically assign or Manually assign. For the manually assign option, enter an IP address.
     • For Public IPv4 address, leave the default option which assigns a public IP address. Or, clear the default option if you do not need a public IP address. If you are unsure, you can always assign one later, if needed.
     • For IPv6 addresses, you must enable IPv6 addressing on the VCN and subnet before you can assign IPv6 addresses to the instance.
   • (Optional) Expand Advanced Options and configure any of the following:
     • Use network security groups to control traffic: Select this option to add the instance's primary VNIC to one or more network security groups (NSGs).
     • DNS record: Select whether to assign the VNIC a private DNS record. See DNS in Your Virtual Cloud Network.
     • Launch options: Select the networking launch type.
5. In the Add SSH Keys section, select one of the following options:
   • Generate a key pair for me - click Download private key and Download public key to save the key pair locally.
   • Upload public key file (.pub) - select or drop your public key in the SSH public key field.
   • Paste public key - copy an existing public key and paste it in the SSH public key field.
   • No SSH keys - If you don't provide SSH keys, you will not be able to connect to the instance using SSH.

   For more information, see Add SSH Keys or Managing Key Pairs on Linux Instances.

6. Click Next.

Configure boot and block volumes.

1. (Optional) In the Boot Volume section, configure the size and encryption options for the instance's boot volume:
   • Enable Specify a custom boot volume size and keep the default values which provides balanced performance or change them for your performance needs.
   • By default, Use in-transit encryption is enabled. Disable if you do not want to encrypt data.
   • Enable Encrypt this volume with a key that you manage to use an existing key.
   For more information, see Configure Boot Volume.
2. (Optional) In the Block Volume section, click Attach block volume to open the panel.
   1. For Volume, select a volume from a compartment, create a new volume, or enter a volume OCID.
   2. Determine the Attachment type. By default, the recommended attachment type is ISCSI. Optionally, select a device path for the block volume.
   3. Select an Access type option of Read/write, Read/write, shareable, or Read only, shareable.
   4. Click Attach.

   For more information, see Attach Block Volumes.

3. Click Next.

Review the instance configuration and do one of the following:

• If you are satisfied with the configuration, click Create. The instance's detail page is created and its status displays Provisioning. To track the progress of the operation and troubleshoot errors that occur during instance creation, use the associated work request.
• To return to any section and make changes, click Previous.
• To stop the create instance workflow, click Cancel.
• To create a stack that you can use to install, configure, and manage your compute instance through the "infrastructure-as-code" model, click Save as stack. For more information, see Creating a Stack from a Resource Creation Page.

Instances connected to the service gateway automatically have access to the regional yum servers. The $ociregion and $ocidomain yum variables determine which regional server the instance connects to.

For example, the baseurl to the _latest repository for Oracle Linux 8 is:

baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL8/baseos/latest/$basearch/

• Set the $ociregion variable by populating content in /etc/yum/vars/ociregion.

  If the ociregion file does not exist or is empty, the baseurl points to the publicly accessible Oracle Linux yum server. Typically, when you create the instance the $ociregion variable is set to point to the closest regional yum server on the Oracle Cloud Infrastructure service network. For example, if $ociregion is set to -phx, the baseurl expands to point to the regional yum server in Phoenix.

• Set the $ocidomain variable by populating content in /etc/yum/vars/ocidomain.

To access ULN content on the regional yum servers, install the appropriate release-elx packages and enable the repositories that you require access to.

For example, on Oracle Linux 8, you can run the following commands to access the ol8_oci_included repository, where tools like Oracle InstantClient, the Oracle Java Development Kit and Oracle Java Runtime Environment are located:

sudo dnf install oci-included-release-el8
sudo dnf config-manager --enable ol8_oci_included

Other ULN channels are also available directly through the Oracle Cloud Infrastructure regional yum servers. For example, to access the Ksplice channels on an Oracle Linux 8 compute instance, you can do:

sudo yum install ksplice-release-el8
sudo yum-config-manager --enablerepo ol8_ksplice ol8_x86_64_userspace_ksplice

Most of these channels are installed and available by default in the latest platform images.

You can use OS Management Hub to manage packages on Oracle Linux instances, including installing, removing, and updating packages. See Oracle Linux Package Management for more information.

OS Management Hub uses software sources to provide packages to instances, and to track the available updates to those packages. A software source is a collection of packages. Software sources enable you to control which packages can be installed on instances without having to manually log in and configure the repositories on each instance. See Managing Software Sources for more information.

You can use Oracle Ksplice to patch a system without requiring a reboot. However, these updates only occur in-memory. You must also update packages on-disk to their latest versions, so that when the system reboots, it starts from the most current release. Follow the recommendations in Maintaining the System.

You can use OS Management Hub to manage and monitor updates for the OS environments Oracle Linux instances. OS Management Hub allows you to group instances for updates, providing automated patch and fleet management capabilities. See Oracle Linux Package Management for more information.

Autonomous Linux can automatically handle system package updates on a regular schedule. Autonomous Linux provides automatic daily updates in addition to the zero-downtime Ksplice updates for kernel, OpenSSL, and glibc libraries. These updates are referred to as autonomous updates. When you create an Autonomous Linux instance, the service automatically creates a controlled scheduled job for autonomous updates. You can update the start time for the daily autonomous updates using the Console, CLI, or API.

Regularly update the operating system and user space packages to obtain the latest bug fixes and security patches.

Oracle recommends that you:

1. Subscribe the instance to the _latest yum repository for your Oracle Linux release.

2. Update any software that was installed outside of the Oracle Linux yum package manager.

   For example, tools such as flatpak and snap, for installing desktop applications; and pip, gem and npm, for installing Python, Ruby and Node libraries and modules, all have their own software update mechanisms.

3. Always update instances to the most recent release of the operating system.

   Oracle Linux uses a rolling update level approach for keeping software up to date. For example, Oracle Linux 8.4 or Oracle Linux 8 Update 4, are rolling snapshots of the latest supported packages for the Oracle Linux release and are not considered independent versions of Oracle Linux.

4. Manually update packages or install and configure the appropriate tool for automatic updates.

   • For Oracle Linux 7 instances you can use the yum-cron utility described in Oracle Linux 7: Managing Software.
   • For Oracle Linux 8 and 9 instances you can use the dnf-automatic utility described in Oracle Linux 8: Managing Software on Oracle Linux and Oracle Linux 9: Managing Software in Oracle Linux.