Note:

Deploy Compute Instance and VCN using Pulumi in Oracle Cloud Infrastructure

Introduction

In this tutorial, we will deploy compute instance and Virtual Cloud Networks (VCN) using Pulumi. With Pulumi’s simplicity and Oracle Cloud Infrastructure’s (OCI) robust infrastructure, you will learn to automate deployment processes effortlessly. You will learn how to deploy and manage OCI resources with ease, unlocking new possibilities in cloud deployment.

Objective

Prerequisites

Task 1: Create a VCN

Deploy a VCN using Pulumi.

  1. Create a new directory for the Pulumi project.

    1. Open the terminal or command prompt.

    2. Navigate to the directory where you want to create your Pulumi project. You can use cd command to change directories.

    3. Create a new directory for your project.

      For example:

      mkdir my-oci-project
cd my-oci-project

  2. Run the following command to create a new Pulumi project using the OCI Python template. Here we rae using python as the programming langauge for pulumi, but you can use any of the supported programming langauge of your choice.

    pulumi new oci-python

  3. Pulumi will ask you to configure your project. Enter the necessary information, such as your project name, project description and stack name and click Enter.

    For example:

    Project name: my-oci-project
Project description: This is an example of OCI Compute and VCN deployment
Stack name: Dev

  4. Copy and customize the code.

    1. Pulumi will create a basic Python file named __main__.py in your project directory.

    2. Open this file using a text editor or IDE VS Code.

    3. Write your OCI infrastructure code using Pulumi’s Python SDK and define your VCN, subnets, security groups and so on. For example, copy the provided Python code into a new file named __main__.py and customize the code by replacing the placeholder values with your actual OCI compartment IDs and display names. These changes ensure your resources are created in the correct compartment and have meaningful names.

      """A OCI Python Pulumi program"""

import pulumi
import pulumi_oci as oci
from pulumi_oci import core
from pulumi_oci import identity


# Create a New VCN
test_vcn = oci.core.Vcn("test_vcn",
   compartment_id="ocid1.compartment.oc1...xx...xxx",
   cidr_block="10.0.0.0/16",
   display_name="ocinetwork",
   dns_label="ocinetwork"
)

#Code block for InternetGateway
test_internet_gateway = oci.core.InternetGateway("test_internet_gateway",
   compartment_id="ocid1.compartment.oc1...xx...xxx",
   vcn_id=test_vcn.id,
   enabled="true",
   display_name="internet_gateway")


#Code block for route table and attach to IG
test_route_table = oci.core.RouteTable("test_route_table",
   compartment_id="ocid1.compartment.oc1...xx...xxx",
   vcn_id=test_vcn.id,
   display_name="route_table_ig",
   route_rules=[oci.core.RouteTableRouteRuleArgs(
      network_entity_id=test_internet_gateway.id,
      destination="0.0.0.0/0",
      destination_type="CIDR_BLOCK",
   )])

#Code block for security list
security_list_resource = oci.core.SecurityList("securityListResource",
   compartment_id="ocid1.compartment.oc1...xx...xxx",
   vcn_id=test_vcn.id,
   display_name="sc_list",
   egress_security_rules=[oci.core.SecurityListEgressSecurityRuleArgs(
      destination="0.0.0.0/0",
      protocol="all",
      destination_type="CIDR_BLOCK",
      stateless=False,
   )],

   ingress_security_rules=[
      oci.core.SecurityListIngressSecurityRuleArgs(
            protocol="6",
            source="0.0.0.0/0",
            description="Sor SSH",
            tcp_options=oci.core.SecurityListIngressSecurityRuleTcpOptionsArgs(
               max=22,
               min=22,
            ),
            source_type="CIDR_BLOCK",
            stateless=False,
      ),
      oci.core.SecurityListIngressSecurityRuleArgs(
            protocol="1",
            source="0.0.0.0/0",
            description="ICMP",
            icmp_options=oci.core.SecurityListIngressSecurityRuleIcmpOptionsArgs(
               type=3,
               code=4,
            ),
            source_type="CIDR_BLOCK",
            stateless=False,
      )
   ]
)

# Create a Public Subnet
test_public_subnet = oci.core.Subnet("test_public_subnet",
   cidr_block="10.0.0.0/24",
   compartment_id="ocid1.compartment.oc1...xx...xxx",
   vcn_id=test_vcn.id ,
   display_name="public_subnet",
   dns_label="publicsubnet",
   prohibit_internet_ingress="False",
   prohibit_public_ip_on_vnic="False",
   route_table_id=test_route_table.id,
   security_list_ids=[security_list_resource.id])

# Create a Private Subnet
test_Private_subnet = oci.core.Subnet("test_private_subnet",
   cidr_block="10.0.1.0/24",
   compartment_id="ocid1.compartment.oc1...xx...xxx",
   vcn_id=test_vcn.id ,
   display_name="private_subnet",
   dns_label="privatesubnet",
   prohibit_internet_ingress="true",
   prohibit_public_ip_on_vnic="true")

    This code provisions a VCN in OCI along with its associated resources. It creates an internet gateway, attaches a route table to it for routing, and sets up a security list for controlling network traffic. Additionally, it creates both a public and a private subnet within the VCN, each with specific network configurations such as CIDR blocks and DNS labels. It ensures that the private subnet prohibits internet access and public IP assignment to instances, enhancing network security.

  5. Deploy a VCN code.

    1. Run the following command to deploy a VCN resource.

      pulumi up

    2. Pulumi will detect the resources defined in your code and prompt you to confirm the deployment. Review the changes, and when prompted, enter yes to proceed.

  6. Once the deployment is complete, verify that your VCN and other resources have been provisioned in OCI. You can check the OCI Console or use the Oracle Cloud Infrastructure Command Line Interface (OCI CLI) to list the resources in your compartment.

Task 2: Create a Compute Instance

Let us expand the OCI deployment by adding OCI Compute instances to your existing VCN using Pulumi.

  1. To access the Pulumi project, navigate to the directory containing your Pulumi project and open the __main__.py file.

  2. Copy the following code and paste it into the __main__.py file to update after your existing VCN deployment code.

    # Create a Compute Instance
compartment_id = "ocid1.compartment.oc1..xxxxxx"
test_availability_domains = oci.identity.get_availability_domains(compartment_id="ocid1.compartment.oc1.xxx")
public_ssh_key = "Copy and Paste the Public SSH Key"

instance = oci.core.Instance("my-vm-instance",
   # Replace with your desired availability domain.
   availability_domain=test_availability_domains.availability_domains[0].name,
   # Replace with your compartment ID.
   compartment_id="ocid1.compartment.oc1..xxxxxxxx",
   # Using VM.Standard.E4.Flex shape.
   shape="VM.Standard.E4.Flex",
   # Replace with your subnet ID.
   create_vnic_details=oci.core.InstanceCreateVnicDetailsArgs(
      assign_private_dns_record=True,
      assign_public_ip="true",
      display_name="pulumideminst",
      subnet_id=test_public_subnet.id,
   ),
   # Metadata for the instance, including SSH keys for access.
   metadata={
      "ssh_authorized_keys": public_ssh_key
      #"ssh_authorized_keys": std.file_output(input=public_ssh_key).apply(lambda invoke: invoke.result)
   },
   # Use an Oracle-provided image or your own custom image.
   source_details=oci.core.InstanceSourceDetailsArgs(
      source_type="image",
      # Replace with the image OCID.
      source_id="ocid1.image.oc1.iad.aaaaaaaalbjc2slze7i3rbpho3p4ict6u4k2l6r2r3igvvkopbfd4xt2wwla",
   ),
   # Specifying the OCPU and memory configurations.
   shape_config=oci.core.InstanceShapeConfigArgs(
      ocpus=2.0,    # Number of OCPUs.
      memory_in_gbs=8.0,  # Amount of RAM in GBs.
   ),
   # Additional arguments like display name, can be specified here.
   display_name="pulumidemo_instance",)

# Exporting the public IP of the instance.
pulumi.export('instance_public_ip', instance.public_ip),
pulumi.export('create_shape', instance.shape)
pulumi.export('create_vnic', instance.create_vnic_details)
pulumi.export('create_vnic', instance.create_vnic_details["display_name"])

    Replace ocid1.compartment.oc1.xxxxxxx with your compartment ID, VM.Standard.E4.Flex with your desired instance shape, ocid1.image.oc1.iad.xxxxxxx with the desired image ID, and YOUR_SSH_PUBLIC_KEY with your SSH public key.

  3. Save your changes to __main__.py and deploy your updated stack using the Pulumi command line interface.

    pulumi up

  4. After deployment, verify that your compute instance have been provisioned successfully within the VCN. You can check the OCI Console or use the OCI CLI to list the instance in your compartment.

  5. You can now access OCI Compute instance via SSH. Ensure you have the necessary security groups and rules configured for access.

    Pulumi_OCI_Instance_Output

Acknowledgments

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.