Overview of OS Management
The Oracle Cloud Infrastructure OS Management service allows you to manage updates and patches for the operating system environment on your Oracle Cloud Infrastructure instances.
OS Management Concepts
Review the following concepts and terms to help you get started with OS Management.
- Managed Instance
A Compute instance that uses the OS Management service is referred to as a managed instance.
- Managed Instance Groups
Managed instance groups enable you to group your instances together for updates.
For more information, see Administering Managed Instance Groups.
- OS Management Service Agent Plugin
OS Management uses the OS Management Service Agent plugin for managing and applying updates. The the Oracle Cloud Agent manages the OS Management Service Agent plugin. For more information about the Oracle Cloud Agent, see Managing Plugins with Oracle Cloud Agent.
The OS Management Service Agent plugin provides the necessary permissions to apply updates on the respective operating system:
- For Oracle Linux instances, the OS Management Service Agent plugin utilizes the standard Linux permissions for a sudo administrative account to apply updates.
- For Windows instances, the OS Management Service Agent plugin creates a virtual service account for applying updates on the instance. The virtual service account is OCAOSMS. Do not remove this account on instances where the OS Management service is used.
For more information about managing the OS Management Service Agent plugin, see Getting Started with OS Management.
- Software Sources
For Linux instances, OS Management uses software sources to provide packages to instances and to track the available updates to those packages.
For more information about software sources, see Managing Software Sources.
- Linux Package Management
For Linux instances, OS Management provides a search facility that you can use to check individual packages. Using this search facility, you can check for available updates. You can also use this facility to perform actions for managing Linux packages, such as installing, removing, and updating packages on managed instances and managed instance groups.
For more information, see Managing Linux Packages.
- Windows Update Management
For Windows instances, OS Management provides actions for installing Windows updates on managed instances and managed instance groups.
For more information, see Managing Windows Updates.
- CVE Search
For Linux instances, OS Management provides a search facility that you can use to check individual CVEs (Common Vulnerabilities and Exposures). This facility helps you determine the level of exposure in your tenancy.
For more information about the CVE search facility, see Checking Exposure to Known Vulnerabilities.
- Scheduled Jobs
When you use the OS Management service to manage updates on a managed instance or managed instance group, you have full control over when actions take place. If you specify that an action take place at a particular date and time, the OS Management service creates a scheduled job. OS Management provides two basic modes for scheduled jobs: one-time and recurring jobs.
For more information, see Managing Scheduled Jobs and Work Requests.
- Work Requests
OS Management actions such as installing, removing, or updating packages are asynchronous and initiate work requests. You can use the work request to track the status of operations, including the ability to see why an action failed.
For more information, see Managing Scheduled Jobs and Work Requests.
Managed Instance Lifecycle
The OS Management service runs a process that periodically removes managed instances under the following conditions:
- The OS Management service can retrieve the Compute instance and the instance is either in the terminating or terminated state.
- The managed instance has not checked in with the OS Management service in the last 30 days.
This process runs several times per day.
|Geography||Region Name||Region Location||Region Key|
|APAC||Australia East (Sydney)||Sydney, Australia||SYD|
|APAC||Australia Southeast (Melbourne)||Melbourne, Australia||MEL|
|APAC||India South (Hyderabad)||Hyderabad, India||HYD|
|APAC||India West (Mumbai)||Mumbai, India||BOM|
|APAC||Japan Central (Osaka)||Osaka Japan||KIX|
|APAC||Japan East (Tokyo)||Tokyo, Japan||NRT|
|APAC||South Korea Central (Seoul)||Seoul, South Korea||ICN|
|APAC||South Korea North (Chuncheon)||Chuncheon, South Korea||YNY|
|EMEA||Germany Central (Frankfurt)||Frankfurt, Germany||FRA|
|EMEA||Netherlands Northwest (Amsterdam)||Amsterdam, Netherlands||AMS|
|EMEA||Saudi Arabia West (Jeddah)||Jeddah, Saudi Arabia||JED|
|EMEA||Switzerland North (Zurich)||Zurich, Switzerland||ZRH|
|EMEA||UAE East (Dubai)||Dubai, UAE||DXB|
|EMEA||UK South (London)||London, United Kingdom||LHR|
|EMEA||UK West (Newport)||Newport, United Kingdom||CWL|
|LAD||Brazil East (Sao Paulo)||Sao Paulo, Brazil||GRU|
|LAD||Chile (Santiago)||Santiago, Chile||SCL|
|North America||Canada Southeast (Montreal)||Montreal, Canada||YUL|
|North America||Canada Southeast (Toronto)||Toronto, Canada||YYZ|
|North America||US East (Ashburn)||Ashburn, VA||IAD|
|North America||US West (Phoenix)||Phoenix, AZ||PHX|
|North America||US West (San Jose)||San Jose, CA||SJC|
Authorization and Authentication
Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, SDK or CLI, and REST API).
An administrator in your organization needs to set up groups, compartments, and policies that control which users can access which services, which resources, and the type of access. For example, the policies control who can create new users, create and manage the cloud network, launch instances, create buckets, download objects, etc. For more information, see Getting Started with Policies. For specific details about writing policies for OS Management, see Setting Up Policies for OS Management and OS Management Policy Reference.
If you’re a regular user (not an administrator) who needs to use the Oracle Cloud Infrastructure resources that your company owns, contact your administrator to set up a user ID for you. The administrator can confirm which compartment or compartments you should be using.
Creating Automation with Events
You can create automation based on state changes for your Oracle Cloud Infrastructure resources by using event types, rules, and actions. For more information, see Overview of Events. For reference information about OS Management events, see OS Management Events.
OS Management resources that emit events:
Managed instance groups
Ways to Access Oracle Cloud Infrastructure
You can access Oracle Cloud Infrastructure using the Console (a browser-based interface) or the REST API. Instructions for the Console and API are included in topics throughout this guide. For a list of available SDKs, see Software Development Kits and Command Line Interface.
To access the Console, you must use a supported browser. You can use the Console link at the top of this page to go to the sign-in page. You will be prompted to enter your cloud tenant, your user name, and your password.
For general information about using the API, see REST APIs.