Configure a Bastion

You can configure a bastion compute instance on a public subnet to provide access to the WebLogic Server compute instances on a private subnet.

Note:

If you do not select this option, no status is returned for provisioning, then you must check the status of provisioning by connecting to each compute instance and confirm that the /u01/provStartMarker file exists with details found in the file /u01/logs/provisioning.log file.

It is recommended to deselect the Provision Bastion Instance option only in network with fast connect setup.

When you use a public subnet for an existing VCN and existing subnet, bastion is not required. However, when you create a new VCN, or create a new subnet for an existing VCN, you must create a bastion during stack creation.

To configure a bastion:

1. If your want to use a bastion compute instance with a reserved public IP, then select Assign Reserved Public IP to Bastion Instance.
2. For the bastion host subnet, specify one of the following:
   • If you want to use an existing regional subnet, then choose the name of an existing regional subnet from the list of regional and availability domain-specific subnets.
   • If you are creating a new regional subnet, specify a CIDR for the new subnet.

     Note:

     This is applicable if you are using an existing VCN with new subnets or creating a new VCN.
3. Select a shape for the bastion compute instance.
4. If you are using existing network security groups (NSGs) for an existing subnet, specify the NSG that is assigned to the bastion instance.