Terraform-OCI

Provision an instance ARM on Oracle OCI with Always Free features and standard machine type.

Important

Be aware of what is included in Always Free mode.
https://www.oracle.com/cloud/free/#free-cloud-trial

📋 Requirements:

• Terraform or OpenTofu.

• Proceed with OCI-CLI installation as per official documentation.

📌 Before executing:

Note

It is necessary to get credentials for Terraform execution.

1. These values are taken directly from the OCI Cloud Console:

• tenancy_ocid:

Login into your OCI Cloud Console account and then go to this address. In OCID click on Copy or Show, copy and paste into a notepad.

Clique to show example

• user_ocid:

Main Menu » Domains » OracleIdentityCloudService (Current domain) » Users. Click on your user. In OCID click on Copy or Show, copy and paste into a notepad.

• Run the commands below to generate a key pair required for authentication:

mkdir ~/.oci
openssl genrsa -out ~/.oci/oci_api_key.pem 2048
chmod go-rwx ~/.oci/oci_api_key.pem
openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem

• fingerprint:

Capture the public_key generated in the previous step (cat ~/.oci/oci_api_key_public.pem) » access Main Menu » Domains » OracleIdentityCloudService (Current domain) » Users » <<your-email>> » API Keys » Add API Key » Paste Public Key and paste the public key content.

This will generate your fingerprint And access information that you will need to add to the file ~/.oci/config.

• SSH:

A key pair may be required for SSH access to the instance. If not, generate a new pair with the command ssh-keygen -b 2048 -t rsa.

2. Add some variables to your .bashrc or .zshrc file by filling them in with the values obtained earlier:

export TF_VAR_tenancy_ocid=<your credencials>
export TF_VAR_user_ocid=<your credencials>
export TF_VAR_fingerprint=<your credencials>
export TF_VAR_private_key_path=~/.oci/oci_api_key.pem
export TF_VAR_public_key_path=$(cat /home/your-username/.ssh/<your-pub-key>.pub)

💻 Usage

Note

You will be able to choose between Ubuntu 20.04 until 24.04 or Oracle Linux or AlmaLinux (Marketplace) images.

1. Clone this repo.
2. By default an instance with Ubuntu 24.04 with ARM hardware will be provisioned, if you want another OS modify the module/ampere/instance.tf file on lines 29 to 32 if you wish.
3. Run terraform init, terraform plan -out= name-of-the-plan and terraform apply. At the end, terraform destroy for deletion of what was created in the OCI.

💾 Remote state

You might want to store your state file remotely in an OCI bucket. For this Main Menu » Storage » Object Storage & Archive Storage » Buckets. Create a Bucket with a uniquely named » Create Bucket. Click on the three dots » Create Pre-Authenticated Request » choose Bucket » Permit object reads and writes » Create Pre-Authenticated Request, and copy the given Pre-Authenticated Request URL.

In the main.tf file uncomment lines 9 to 12 and edit the URL in the address field. This is a purely optional step.

🔧 Post Install Scripts

You can also apply post-installation scripts to your instance through. This project counts as example scripts for nginx provisioning provided by Ansible Galaxy.

To work with these settings uncomment line 37 in the module/ampere/instance.tf file.