Sign in Subscribe
3 min read cheatsheet

OCI-CLI cheatsheet

Oracle Cloud CLI

Useful locations

Config : ~/.oci/config
Possible installation location : ~/opt/oci/oracle-cli/

Activation/deactivation of venv for oracle-cli

source ~/opt/oci/oracle-cli/bin/activate
deactivate

Globally useful hacks

--generate-param-json-input

Not sure of parameters ? Run this:

oci compute instance launch --generate-param-json-input agent-config > example.json

Networking

                    +------------------+
                    |     Internet     |
                    +--------+---------+
                             |
                             v
                    +------------------+
                    | Internet Gateway |
                    +--------+---------+
                             |
                             v
                    +------------------+
                    |     VCN/Subnet   |
                    +--------+---------+
                             |
          +------------------+------------------+
          |                                     |
          v                                     v
+---------------------+             +------------------------+
|   Security List     |             | Network Security Group |
|  (applies to subnet)|             | (applies to VNIC only) |
|---------------------|             |------------------------|
| - Allow TCP/80      |             | - Allow TCP/443        |
| - Allow ICMP        |             | - Allow TCP/25         |
+---------------------+             +------------------------+
          |                                     |
          +------------------+------------------+
                             v
                    +------------------+
                    |   VNIC (adapter) |
                    +--------+---------+
                             |
                             v
                    +------------------+
                    | Compute Instance |
                    +------------------+

Security List

oci network security-list list --compartment-id <compartment_OCID>

Subnets

# See subnet info
oci network subnet get --subnet-id <subnet_OCID>

# Attach security list
oci network subnet update \
  --subnet-id <subnet_OCID> \
  --security-list-ids '[
    "<security_list_OCID>",
  ]'

Network Security Group

oci network nsg list --compartment-id <compartment_OCID>

oci network nsg get --nsg-id <nsg-id>

Manage network security group policies

oci network nsg rules list --nsg-id <nsg-id>

oci network nsg rules add --nsg-id <nsg-id> --security-rules [complex type]

oci network nsg rules update --nsg-id <nsg-id> --security-rules [complex type]

oci network nsg rules update --nsg-id <nsg-id> --security-rule-ids [complex type]

Network security group policies overwrite subnet security lists on attached resources.
See the official docs

Route table

oci network route-table list --compartment-id ocid1.tenancy.oc1..aaaaaaaaklpcnv7vrozdcc2p5by5pgkzpfll47fxpicn3biqkxoectxlixnq

oci network route-table update \
  --rt-id <route-table-id> \
  --route-rules '[
    {
      "destination": "0.0.0.0/0",
      "destinationType": "CIDR_BLOCK",
      "networkEntityId": "<internet-gateway-id>"
    }
  ]'
  
oci network subnet update \
  --subnet-id <subnet-id> \
  --route-table-id <route-table-id>

oci network route-table delete --rt-id <ocid_route_table>

The default route table for a oci compartment is restricted to private. For public access you MUST create a second, public route table and associate it with your .

Internet gateway

oci network internet-gateway list --compartment-id <ocid_compartment>

Virtual Network Interface Card

oci compute vnic-attachment list --compartment-id <compartment_OCID> --instance-id <instance_OCID>

oci network vnic update \
  --vnic-id <vnic_OCID> \
  --nsg-ids '["<nsg_OCID>"]'
  
oci network vnic update \
  --vnic-id <vnic_OCID> \
  --skip-source-dest-check true

oci network vnic get --vnic-id <vnic_OCID>

Compute Instances

oci compute instance launch --generate-param-json-input shape-config > shape-config-example.json
cat shape-config-example.json

oci compute instance list \
  --compartment-id <ocid_compartment> \
  --region eu-paris-1

Console connection ssh

oci compute instance-console-connection create --instance-id  {instance-id} --ssh-public-key-file {private-key-file-path}.pub
oci compute instance-console-connection list -c {compartement-id} --instance-id {instance-id}

ssh -i {private-key-file-path} -o ProxyCommand='ssh -W %h:%p -p 443 {connection-id}' {instance-id}

oci compute instance-console-connection delete --instance-console-connection-id {connection-id}

Copyleft Statement

Renoncé du droit d'auteur

Much of our content is freely available under the Creative Commons BY-NC-ND 4.0 licence, which allows free distribution and republishing of our content for non-commercial purposes, as long as Ronzz.org is appropriately credited and the content is not being modified materially to express a different meaning than it is originally intended for. It must be noted that some images on Ronzz.org are the intellectual property of third parties. Our permission to use those images may not cover your reproduction. This does not affect your statutory rights.

Nous mettons la plupart de nos contenus disponibles gratuitement sous la licence Creative Commons By-NC-ND 4.0, qui permet une distribution et une republication gratuites de notre contenu à des fins non commerciales, tant que Ronzz.org est correctement crédité et que le contenu n'est pas modifié matériellement pour exprimer un sens différent que prévu à l'origine.Il faut noter que certaines images sur Ronzz.org sont des propriétés intellectuelles de tiers. Notre autorisation d'utiliser ces images peut ne pas couvrir votre reproduction. Cela n'affecte pas vos droits statutaires.

Published by:

Rong Zhou

You might also like...

30
nov.

CopyQ Cheatsheet

1 min read

Member discussion