4

Advanced Compute Service

June 2018
v1.0

Copyright © 2017, Oracle and/or its affiliates. All rights reserved.

Objectives
After completing this lesson, you should be able to:
• Describe Instance Console Connections
• Create custom images – Import/Export
• Describe Bring your Own Image (Emulated Mode)
• Describe Bring your own Hypervisor (KVM)
• Describe GPU images
• Cloud-Init and other topics

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4-2
Compute: Bare Metal & Virtual Machines

Bare Metal (BM) Virtual Machine (VM)

Direct Hardware Access – customers get the full A hypervisor to virtualize the underlying Bare Metal
Bare Metal server server into smaller VMs
(single-tenant model) (multi-tenant model)
VMs

Hypervisor

Bare Metal Server Bare Metal Server

VM compute instances runs on the same hardware as a Bare Metal instances, leveraging the
same cloud-optimized hardware, firmware, software stack, and networking infrastructure

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4-3
Console Connections

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4-4
Instance Console Connections
The Oracle Cloud Infrastructure Compute service provides console connections that enable
you to remotely troubleshoot malfunctioning instances, such as:
• An imported or customized image that does not complete a successful boot.
• A previously working instance that stops responding.
• Add or reset the SSH keys for the opc user
• Edit system configuration files

There are two types of instance console connections:

• Serial console connections
• VNC console connections

NOTE: Instance Console Connections only works with Linux instances

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4-5
Creating the instance Console Connection
Before you can connect to the serial console or VNC console, you need to create the
instance console connection. Here are the steps to create it:
• In the Console, click Compute, choose your Compartment, and then click Instances.
• In the list of instances, find the instance you want to access the serial console for, and
then click the instance name.
• In the Resources section on the Instance Details page, click Console Connections,
and then click Create Console Connection.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4-6
Creating the instance Console Connection

• Specify the public key portion for the SSH key and then click Create Console
Connection

NOTE: This SSH key can be different than the one used to launch your instance

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4-7
Creating the instance Console Connection
• Once the console connection has been created and is available, the status changes to
ACTIVE.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4-8
Connecting to the Serial Console

• Once you have created the console connection for the instance, you can then connect to the
serial console by using a Secure Shell (SSH) connection.
• Once you are finished with the serial console and have terminated the SSH connection, you
should delete the serial console connection.
• If you do not disconnect from the session, Oracle Cloud Infrastructure will terminate the serial
console session after 24 hours and you will need to re-authenticate to connect again.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4-9
Connecting from Mac OS X and Linux Operating Systems
You connect to the serial console by using an SSH client. Mac OS X and most Linux
distributions by default include the SSH client OpenSSH.
• In the Console, on the Instances Details page, in the Resources section, click Console
Connections.
• Click the Actions icon, and then click Connect with SSH.
• Select LINUX/MAC OS for PLATFORM.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 10

Serial Console Troubleshooting
• Paste the connection string copied from the previous step to a terminal window on a Mac
OS X or Linux system, and hit enter to connect to the console.

• If you’re getting this error: ssh_exchange_identification: Connection closed by remote

host, one possible resolution is
Let's say you used the public key: ~/.ssh/my_key.pub, and the corresponding private key
file was ~/.ssh/my_key; modify the ssh connection string with the -i argument in 2 places,
as follows
# ssh -i /<path>/<ssh_key> -o ProxyCommand='ssh -i /<path>/<ssh_key> -W
%h:%p -p 443...

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 11

Troubleshooting Instances from Instance Console Connections
Boot your Linux instance into maintenance mode. Here are the steps:
1. Connect to your instance using SSH or VNC Console connection
2. Reboot the instance from the Console
3. Once the reboot process starts, switch back to the terminal window, and you see Console
messages start to appear in the window. As soon as you see the GRUB boot menu appear,
use the up/down arrow key to stop the automatic boot process, enabling you to use the boot
menu.
4. In the boot menu, highlight the top item in the menu, and type e to edit the boot entry.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 12

Troubleshooting Instances from Instance Console Connections
5. In edit mode, use the down arrow key to scroll down through the entries until you reach the
line that starts with either linuxefi for instances running Oracle Linux 7.x, or kernel for
instances running Oracle Linux 6.x.
6. At the end of that line, add the following: init=/bin/bash

7. Reboot the instance from the terminal window by entering the keyboard shortcut CTRL+x
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 13
Troubleshooting Instances from Instance Console Connections
5. In edit mode, use the down arrow key to scroll down through the entries until you reach the
line that starts with either linuxefi for instances running Oracle Linux 7.x, or kernel for
instances running Oracle Linux 6.x.
6. At the end of that line, add the following: init=/bin/bash
7. Reboot the instance from the terminal window by entering the keyboard shortcut Ctrl+x

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 14

Custom Images and Import/Export

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 15

Custom Images
• Create a custom image of an instance’s boot disk and use it to launch other instances
• Instances you launch from your custom image include customizations, configuration, and
software installed when you created the image
• During the process, instance shuts down and remains unavailable for several minutes. The
instance restarts when the process completes
• Custom images do not include the data from any attached block volumes
• A custom image cannot exceed 300 GB
• Windows custom images cannot be exported or downloaded
• You cannot create an image of an Oracle Database instance
• Create a custom image of your system drive each time you change the image
• Support Generalized and Specialized images for Windows
• Generalized image - generalized OS disk, cleaned of computer-specific information.
• Specialized image - OS disk that is already fully installed, and a copy of the original BM or VM

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 16

X5 and X7 Compatibility for Custom Images

• Oracle X5 and X7 servers have different host hardware. As a result, using an X5 image on an X7 bare
metal or virtual machine (VM) instance may not work without additional modifications.

• If you do attempt to use an existing X5 image on X7 hardware, note that Ubuntu 14.04 and all Windows
and CentOS versions are not cross-compatible.

• Oracle Linux and Ubuntu 16.04 are cross-compatible, however you need to update the kernel to the
most recent version to install the latest device drivers. To do so, run the following commands from a
terminal session:

• Oracle Linux: # yum update

• Ubuntu 16.04: # apt-get update apt-get dist-upgrade

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 17

Create a Custom Image
• In the Console, click Compute, and then choose your Compartment.

• Click Instances, if necessary, and find the instance you want to use as the basis for an image.

• Click the Actions icon, and then click Create Custom Image

• Enter a name for the image, and then click Create Custom Image

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 18

Launch an instance from Custom Image

• In the Console, click Compute, and then choose your Compartment.

• Click Custom Images and find the custom image you want to use

• Click the Actions icon, and then click Create Instance

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 19

Image Import/Export
• Compute service enables you to share custom images across tenancies and regions using
image import/export
• Image import/export uses OCI Object Storage service
• Supports
• Emulated mode for images generated from non-OCI instances; e.g., your BYOI images
• Native mode for images generated from OCI
• Currently supported for Linux images only
• You can also find more information about custom images here:
https://cloud.oracle.com/iaas/whitepapers/deploying_custom_os_images.pdf

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 20

Custom Image x Boot Volume Backup
• Custom Image
• Pros:
• You can export a custom image across regions and tenancies
• No cost associated to store your custom images.
• Cons:
• instance shuts down and remains unavailable for several minutes until the process finished
• Limit of 25 custom images per compartment

• Boot Volume Backup

• Pros:
• Preserve the entire state of your running operating system as a backup.
• It doesn’t require a downtime
• Cons:
• Cost associated with the amount of Object Storage used to store your backup
• Creating a boot volume backup while instance is running creates a crash-consistent backup

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 21

Bring Your own Image / Hypervisor

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 22

Bring Your Own Image (BYOI)
To enable the lift-and-shift of customer workloads from on-premise to the cloud, OCI supports the
Bring Your Own Image (BYOI) feature. Currently OCI supports two launch modes:

1. Emulated Mode:
Fully emulated NIC, block boot, legacy BIOS boot.
•Pro’s: compatibility with wide range of older/custom OS
•Con’s: Low Performance – 20% less compared with Native mode

2. Native Mode:
Current OCI VM experience offering maximum performance with modern OS’s.
•Pro’s: Available for Oracle provided smaller set of modern OS’s only
•Con’s: Near Bare-metal Performance

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 23

Bring Your Own Custom Image for Emulation Mode Virtual Machines

You can import a wide range of new and legacy production operating systems, using the
QCOW2 or VMDK formats, and then run them on Compute VMs using emulated hardware.
The following table lists the operating systems that are supported for emulation mode VMs

Image Name Supported versions

RHEL 4.5, 5.9, 5.11, 6.9, 7.4
CentOS 4.0, 4.8, 5.11, 6.9, 7.x
Oracle Linux 4.5, 4.8, 5.11, 6.2, 6.5, 6.9, 7.4
Ubuntu 12.04, 14.04, 16.04
2008 R2 Standard, Enterprise, Datacenter
2012 Standard, Datacenter
Windows Server
2012 R2 Standard, Datacenter
2016 Standard, Datacenter

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 24

Custom Image Requirements for Emulation Mode Virtual Machines
Linux-based and Windows-based custom images imported for emulation mode VMs must meet
the following requirements:
• The image must be set up for BIOS boot
• The maximum image size is 300 GB
• Only one disk is supported, and it must be the boot drive with a valid MBR and boot loader
• The boot process must not require additional data volumes to be present for a successful
boot
• The disk image cannot be encrypted
• The disk image must be a VMDK or QCOW2 file. VMDK files must be either the "single
growable" (monolithicSparse) type or the "stream optimized" (streamOptimized) type, both of
which will consist of a single VMDK file. All other VMDK formats such as those that use
multiple files, split volumes, or contain snapshots, are not supported.
• Existing network interfaces will not be recreated. Instead, a single network interface will be
created after the import process is complete. You should use DHCP on this interface to
discover the network settings.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 25

Custom Image Import Process
The following is a high-level outline of the steps required to import custom images for emulation
mode VMs:
1. Prepare the image for import. This includes enabling serial console access for all Linux-based custom
images and configuring a network interface without a static MAC address and to support DHCP. For
more information, see Preparing a Custom Linux Image for Emulation Mode and Preparing a Custom
Windows Image for Emulation Mode.

2. Export the image as VMDK or QCOW2 format using existing virtualization tools. See the tools
documentation for your virtualization environment.

3. Upload the image to Oracle Cloud Infrastructure Object Storage. See Managing Objects and Overview
of Object Storage for more information.

4. Import the image. See Importing Custom Images for Emulation Mode.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 26

Bring your own Hypervisor – KVM
Offering KVM in a cloud environment has two benefits:
• It allows the extension of existing on-premises KVM environments into the Oracle Cloud
• It provides the ability to install legacy operating systems and prepackaged virtual machines to
use within your environment.
The ability to bring the KVM hypervisor is unique to Oracle and is enabled by using several
Oracle Cloud Infrastructure features:
• Block Volume service
• Compute instances
• Multiple virtual network interface cards (multi-VNIC) capabilities within the Networking service

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 27

Multiple VNICs on bare metal instances for BYOH

Availability Domain 1
ORACLE CLOUD INFRASTRUCTURE (REGION)
AD2
• In a BYOH scenario, each guest VM can get
AD3
one or more secondary VNICs.
Subnet A
10.0.0.0/24
Subnet B
10.0.1.0/24 • In case SR-IOV virtual functions (VF) are
being used by the hypervisor to provide
VNIC1 VNIC2 VNIC3 VNIC4 network access to the guest VMs, each VF
can be configured with the VLAN tag and
MAC address of a secondary VNIC.
primar
• Guest-VM can have a private and a public IP
y
NIC associated
VF2
VF1

VF3

1
Hypervisor
• Each Shape has a limit on the amount of
VNICs you can have. Please check compute
shapes documentation for more information
Guest VM3
Guest VM2

VNIC5
Guest VM1

Subnet X
172.16.0.0/2
Bare metal instance 4
NIC2

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 28

Oracle Linux KVM Image for Oracle Cloud Infrastructure

• Oracle Linux KVM image is available for deployment as a custom image for Oracle Cloud
infrastructure.
• This Oracle packaged image simplifies the deployment of virtual machines (VMs) by
integrating with services such as block storage and virtual network interfaces through the use
of scripted tools
• These tools include support for defining the VM guest domain, allocating a specific block
device or VNIC and launching and removing VMs on Oracle Cloud Infrastructure
• Currently, the BM.Standard1.36 and BM.Standard2.52 shapes are supported
• Users should be familiar with managing virtual guests using libvirt, specifically virsh and virt-
install

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 29

Import the KVM Image for Oracle Cloud Infrastructure

1. Login to your Oracle Cloud Infrastructure account.

2. From the Oracle Cloud Infrastructure console, go to the Compute tab, select the Images link
and click on Import Image.
3. Import the KVM image into the appropriate Compartment with the following options:
• Operating System: Oracle Linux
• Object Storage URL: https://objectstorage.us-phoenix-
1.oraclecloud.com/p/G6HU38SfaIZvpzatz3f2tyiG-D7jnfW-
irEFJQ_VQwo/n/oraclelinux/b/kvm-releases/o/KVM-BM-1.3
• Image Type: QCOW2
• Launch Mode: Native Mode
4. Click on Import Image.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 30

Launch KVM Host on Oracle Cloud Infrastructure
1. Login to your Oracle Cloud Infrastructure account.
2. From the Oracle Cloud Infrastructure console, go to the Compute tab, select Instances and
click on Create Instance.
3. For Boot Volume, select Custom Image and select the KVM image you imported before.
4. Enter all the requirements to create an instance and click Create Instance

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 31

Add a second VNIC for guest VM
1. Under Resources click Attached VNICs and create a second VNIC.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 32

Preparing to create a new guest Virtual Machine – KVM

Prior to creating a new virtual machine, take note of what resources are required. In particular:

• Number of CPUs, amount of memory, size of root disk, and subnet.

• Each guest requires a dedicated OCI Block Storage device and OCI VNIC.
• Create and attach these resources as necessary.
• When using KVM image, you can easily deploy an KVM guest using oci-kvm command.
Here is one example:

# oci-kvm create -D guest-01 --disk /dev/sdX –net <internal IP address> -V --vcpus 4 --memory
8192 --boot cdrom,hd --location /home/opc/Oracle-Linux-7.4-Boot-ISO.iso --nographics --console
pty,target_type=serial --console pty,target_type=virtio --noautoconsole --os-variant=rhel7 --
extra-args "console=tty0 console=ttyS0,115200n8 serial"

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 33

NVIDIA GPU images

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 34

NVIDIA GPU Cloud – NGC
• NVIDIA GPU Cloud (NGC) is a GPU-accelerated cloud platform optimized for deep learning
and scientific computing. This topic provides an overview of how to use NGC with Oracle
Cloud Infrastructure.

• NVIDIA makes available on Oracle Cloud Infrastructure a customized Compute image

optimized for the NVIDIA® Tesla Volta™ and Pascal™ GPUs . Running NGC containers on
this instance provides optimum performance for deep learning jobs.

• For those familiar with Oracle Cloud Infrastructure, to use NGC, you need to log into the
Console, configure the settings as needed, and then create an instance based on the NGC
image by specifying the image OCID. After launching the instance, you can SSH into the
instance and start running deep learning jobs using framework containers from the NGC
container registry.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 35

Generate your NGC API Key

1. Log into the NGC website.

2. On the NGC Registry page, click Get API Key.
3. Click Generate API Key and then click Confirm to generate the key. If you have an existing
API key it will become invalid once you generate a new key.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 36

Launching an instance based on the NGC image
1.Open the Console, see Signing In to the Console for steps on how to do this.
2.Click Compute, choose a compartment you have permission to work in, and then click Create
Instance.
3.In the Create Instance dialog box, specify the instance name, and select the availability
domain for the instance.
4.Select Image OCID for Boot Volume.
5.Specify the image OCID applicable to your region as the Image OCID.

Image Name Supported versions

us-ashburn-1 ocid1.image.oc1.iad.aaaaaaaaikn6ub6heefqxbe5fkiv4otbfe6ivza6y7di5khnkxkyvf2bkdta
ocid1.image.oc1.eu-frankfurt-
eu-frankfurt-1
1.aaaaaaaayqvmnezqsrzwwdimzmvmt3w3ncqri4gce7qazfaapwpa53c3d7va

6. Select Bare Metal Machine for Shape Type

7. Select a virtual cloud network, and then click Create Instance

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 37

Cloud-Init, NTP server and Kernel
Updates

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 38

Instance Initialization using cloud-init
On Oracle Cloud Infrastructure environments the provided Linux OS images, including Oracle
Linux, support cloud-init initialization by providing the user_data entry under Advanced Options
when launching an instance.

The content of the user_data attribute must be a base64 encoded script in any of the cloud-init
formats supported by the OS being launched, including:

• Cloud Config Data - #cloud-config

• User Data Script #! (e.g. #!/bin/bash)
• Include File #include
• Cloud Boothook #cloud-boothook

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 39

Example of cloud-init – User Data Script
When launching an instance you can use the advanced options to input scripts to be executed
during provision time. On the example below we are installing a LAMP Stack using cloud-init

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 40

Instance Metadata
• Instance Metadata includes its OCID, name, compartment, shape, region, AD, creation date,
state, image, and any custom metadata such as an SSH public key
• Service runs on every instance and is an HTTP endpoint listening on 169.254.169.254
• Get instance metadata by logging in to the instance and using the metadata service
• Oracle provided Linux instances
• curl http://169.254.169.254/opc/v1/instance/
• curl http://169.254.169.254/opc/v1/instance/metadata
• curl http://169.254.169.254/opc/v1/instance/metadata/<key-name>

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 41

IP Addresses Reserved for Use by Oracle
IP Addresses
169.254.0.2,
For iSCSI connections to the boot and block volumes
169.254.2.2-169.254.2.254
169.254.0.3 For uploads relating to kernel updates
169.254.169.254 For DNS (port 53) and Metadata (port 80) services
For Windows instances to activate with Microsoft Key
169.254.169.253
Management Service (KMS)

The first two IP addresses and the last one in each subnet's CIDR are reserved

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 42

Uninterrupted Access to the Instance

• Make sure to keep the DHCP client running so you can always access the instance
• If you stop the DHCP client manually or disable NetworkManager (which stops the DHCP
client on Linux instances), the instance can't renew its DHCP lease and will become
inaccessible when the lease expires (typically within 24 hours)

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 43

NTP Server

• OCI offers a fully managed, secure, and highly available NTP (Network Time Protocol) server
• You can use the NTP service to set the date, time, and time zone for your compute and DBaaS instances
• Multiple internal services including Exadata, 2-node RAC, compute, and audit services use the NTP time
source
• Any new compute and DBaaS instance created on OCI is automatically configured to use the NTP service
through DHCP. You can also choose use a public NTP server or use FC to leverage an on-premises NTP
server.
• Steps to configure NTP service (NTP service offers a Stratum 2 clock source accurate to within 1 second)
[root@webserver1 opc]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*169.254.169.254 192.168.0.4 2 u 34 64 1 0.338 0.118 0.242

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 44

OS Kernel updates
• Oracle Cloud Infrastructure boots each instance from a network drive. This is the sequence
• Hardware UEFI firmware executes PXE (a very simple protocol for network booting) from a baked-in PXE
implementation
• Via PXE, it loads an iPXE implementation (a popular open-source implementation of the PXE protocol + a lot of
additional functionality)
• iPXE executes a script (iPXE contains an interpreter for a very fully-featured scripting language)
• This script boots Linux
• During the boot process, the system downloads the kernel, the initrd file, and the kernel boot parameters
from the network
• The instance does not use the host's GRUB boot loader so "yum update kernel," which normally affects the
next boot by editing grub.cfg doesn’t work
• All of our public images include an Oracle yum plug-in that seamlessly handles the yum update kernel-uek
command
• However, customers who roll their own image will have to add this yum plugin as well, or "yum update
kernel" won't work on instances booted from the customer's image.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 45

Summary

• Describe and validate instance console connections

• Use Custom images to create templates and customize your OS
• Understand Emulated and Native mode when Bring your own image
• Use pre-build KVM image for OCI to take advantage of Bring your own Hypervisor
• Utilize NVIDIA GPU NGC registry
• Describe how to use Cloud-init, local NTP server and Kernel updates

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 - 46