Note:
- This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
- It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.
Deploy Compute Instance and VCN using Pulumi in Oracle Cloud Infrastructure
Introduction
In this tutorial, we will deploy compute instance and Virtual Cloud Networks (VCN) using Pulumi. With Pulumi’s simplicity and Oracle Cloud Infrastructure’s (OCI) robust infrastructure, you will learn to automate deployment processes effortlessly. You will learn how to deploy and manage OCI resources with ease, unlocking new possibilities in cloud deployment.
Objective
- Deploy Compute Instance and VCN resources using Pulumi Infrastructure as code (IaC) tool in OCI.
Prerequisites
- Install and configure Pulumi, OCI providers and set the environment variables of OCI. For more information, see Install and Configure Pulumi Infrastructure as Code on Oracle Cloud Infrastructure.
Task 1: Create a VCN
Deploy a VCN using Pulumi.
-
Create a new directory for the Pulumi project.
-
Open the terminal or command prompt.
-
Navigate to the directory where you want to create your Pulumi project. You can use
cd
command to change directories. -
Create a new directory for your project.
For example:
mkdir my-oci-project cd my-oci-project
-
-
Run the following command to create a new Pulumi project using the OCI Python template. Here we rae using python as the programming langauge for pulumi, but you can use any of the supported programming langauge of your choice.
pulumi new oci-python
-
Pulumi will ask you to configure your project. Enter the necessary information, such as your project name, project description and stack name and click Enter.
For example:
Project name: my-oci-project Project description: This is an example of OCI Compute and VCN deployment Stack name: Dev
-
Copy and customize the code.
-
Pulumi will create a basic Python file named
__main__.py
in your project directory. -
Open this file using a text editor or IDE VS Code.
-
Write your OCI infrastructure code using Pulumi’s Python SDK and define your VCN, subnets, security groups and so on. For example, copy the provided Python code into a new file named
__main__.py
and customize the code by replacing the placeholder values with your actual OCI compartment IDs and display names. These changes ensure your resources are created in the correct compartment and have meaningful names."""A OCI Python Pulumi program""" import pulumi import pulumi_oci as oci from pulumi_oci import core from pulumi_oci import identity # Create a New VCN test_vcn = oci.core.Vcn("test_vcn", compartment_id="ocid1.compartment.oc1...xx...xxx", cidr_block="10.0.0.0/16", display_name="ocinetwork", dns_label="ocinetwork" ) #Code block for InternetGateway test_internet_gateway = oci.core.InternetGateway("test_internet_gateway", compartment_id="ocid1.compartment.oc1...xx...xxx", vcn_id=test_vcn.id, enabled="true", display_name="internet_gateway") #Code block for route table and attach to IG test_route_table = oci.core.RouteTable("test_route_table", compartment_id="ocid1.compartment.oc1...xx...xxx", vcn_id=test_vcn.id, display_name="route_table_ig", route_rules=[oci.core.RouteTableRouteRuleArgs( network_entity_id=test_internet_gateway.id, destination="0.0.0.0/0", destination_type="CIDR_BLOCK", )]) #Code block for security list security_list_resource = oci.core.SecurityList("securityListResource", compartment_id="ocid1.compartment.oc1...xx...xxx", vcn_id=test_vcn.id, display_name="sc_list", egress_security_rules=[oci.core.SecurityListEgressSecurityRuleArgs( destination="0.0.0.0/0", protocol="all", destination_type="CIDR_BLOCK", stateless=False, )], ingress_security_rules=[ oci.core.SecurityListIngressSecurityRuleArgs( protocol="6", source="0.0.0.0/0", description="Sor SSH", tcp_options=oci.core.SecurityListIngressSecurityRuleTcpOptionsArgs( max=22, min=22, ), source_type="CIDR_BLOCK", stateless=False, ), oci.core.SecurityListIngressSecurityRuleArgs( protocol="1", source="0.0.0.0/0", description="ICMP", icmp_options=oci.core.SecurityListIngressSecurityRuleIcmpOptionsArgs( type=3, code=4, ), source_type="CIDR_BLOCK", stateless=False, ) ] ) # Create a Public Subnet test_public_subnet = oci.core.Subnet("test_public_subnet", cidr_block="10.0.0.0/24", compartment_id="ocid1.compartment.oc1...xx...xxx", vcn_id=test_vcn.id , display_name="public_subnet", dns_label="publicsubnet", prohibit_internet_ingress="False", prohibit_public_ip_on_vnic="False", route_table_id=test_route_table.id, security_list_ids=[security_list_resource.id]) # Create a Private Subnet test_Private_subnet = oci.core.Subnet("test_private_subnet", cidr_block="10.0.1.0/24", compartment_id="ocid1.compartment.oc1...xx...xxx", vcn_id=test_vcn.id , display_name="private_subnet", dns_label="privatesubnet", prohibit_internet_ingress="true", prohibit_public_ip_on_vnic="true")
This code provisions a VCN in OCI along with its associated resources. It creates an internet gateway, attaches a route table to it for routing, and sets up a security list for controlling network traffic. Additionally, it creates both a public and a private subnet within the VCN, each with specific network configurations such as CIDR blocks and DNS labels. It ensures that the private subnet prohibits internet access and public IP assignment to instances, enhancing network security.
-
-
Deploy a VCN code.
-
Run the following command to deploy a VCN resource.
pulumi up
-
Pulumi will detect the resources defined in your code and prompt you to confirm the deployment. Review the changes, and when prompted, enter
yes
to proceed.
-
-
Once the deployment is complete, verify that your VCN and other resources have been provisioned in OCI. You can check the OCI Console or use the Oracle Cloud Infrastructure Command Line Interface (OCI CLI) to list the resources in your compartment.
Task 2: Create a Compute Instance
Let us expand the OCI deployment by adding OCI Compute instances to your existing VCN using Pulumi.
-
To access the Pulumi project, navigate to the directory containing your Pulumi project and open the
__main__.py
file. -
Copy the following code and paste it into the
__main__.py
file to update after your existing VCN deployment code.# Create a Compute Instance compartment_id = "ocid1.compartment.oc1..xxxxxx" test_availability_domains = oci.identity.get_availability_domains(compartment_id="ocid1.compartment.oc1.xxx") public_ssh_key = "Copy and Paste the Public SSH Key" instance = oci.core.Instance("my-vm-instance", # Replace with your desired availability domain. availability_domain=test_availability_domains.availability_domains[0].name, # Replace with your compartment ID. compartment_id="ocid1.compartment.oc1..xxxxxxxx", # Using VM.Standard.E4.Flex shape. shape="VM.Standard.E4.Flex", # Replace with your subnet ID. create_vnic_details=oci.core.InstanceCreateVnicDetailsArgs( assign_private_dns_record=True, assign_public_ip="true", display_name="pulumideminst", subnet_id=test_public_subnet.id, ), # Metadata for the instance, including SSH keys for access. metadata={ "ssh_authorized_keys": public_ssh_key #"ssh_authorized_keys": std.file_output(input=public_ssh_key).apply(lambda invoke: invoke.result) }, # Use an Oracle-provided image or your own custom image. source_details=oci.core.InstanceSourceDetailsArgs( source_type="image", # Replace with the image OCID. source_id="ocid1.image.oc1.iad.aaaaaaaalbjc2slze7i3rbpho3p4ict6u4k2l6r2r3igvvkopbfd4xt2wwla", ), # Specifying the OCPU and memory configurations. shape_config=oci.core.InstanceShapeConfigArgs( ocpus=2.0, # Number of OCPUs. memory_in_gbs=8.0, # Amount of RAM in GBs. ), # Additional arguments like display name, can be specified here. display_name="pulumidemo_instance",) # Exporting the public IP of the instance. pulumi.export('instance_public_ip', instance.public_ip), pulumi.export('create_shape', instance.shape) pulumi.export('create_vnic', instance.create_vnic_details) pulumi.export('create_vnic', instance.create_vnic_details["display_name"])
Replace
ocid1.compartment.oc1.xxxxxxx
with your compartment ID,VM.Standard.E4.Flex
with your desired instance shape,ocid1.image.oc1.iad.xxxxxxx
with the desired image ID, andYOUR_SSH_PUBLIC_KEY
with your SSH public key. -
Save your changes to
__main__.py
and deploy your updated stack using the Pulumi command line interface.pulumi up
-
After deployment, verify that your compute instance have been provisioned successfully within the VCN. You can check the OCI Console or use the OCI CLI to list the instance in your compartment.
-
You can now access OCI Compute instance via SSH. Ensure you have the necessary security groups and rules configured for access.
Related Links
Acknowledgments
- Authors - Akarsha I K (Cloud Architect), Maninder Flora (Cloud Architect)
More Learning Resources
Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.
For product documentation, visit Oracle Help Center.
Deploy Compute Instance and VCN using Pulumi in Oracle Cloud Infrastructure
F98516-01
May 2024