{"id":873,"date":"2026-04-16T12:21:52","date_gmt":"2026-04-16T12:21:52","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-oracle-linux-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-compute\/"},"modified":"2026-04-16T12:21:52","modified_gmt":"2026-04-16T12:21:52","slug":"oracle-cloud-oracle-linux-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-compute","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-oracle-linux-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-compute\/","title":{"rendered":"Oracle Cloud Oracle Linux Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Compute"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Category<\/h2>\n\n\n\n<p>Compute<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction<\/h2>\n\n\n\n<p>Oracle Linux is Oracle\u2019s enterprise Linux distribution and the default operating system choice for many Oracle Cloud Compute workloads. In Oracle Cloud, you typically use Oracle Linux by selecting an Oracle Linux image when you create a Compute instance (virtual machine or bare metal) or by importing\/building a custom image based on Oracle Linux.<\/p>\n\n\n\n<p>In simple terms: <strong>Oracle Linux is the operating system (OS) you run on Oracle Cloud Compute instances<\/strong>. You manage it like any Linux server\u2014users, packages, services, firewalls, logs\u2014while Oracle Cloud provides the underlying compute, networking, and storage building blocks.<\/p>\n\n\n\n<p>Technically, Oracle Linux is designed for enterprise reliability and compatibility, and it includes components such as the <strong>Unbreakable Enterprise Kernel (UEK)<\/strong> and access to Oracle\u2019s Linux packaging and update ecosystem. In Oracle Cloud, Oracle Linux integrates cleanly with core Compute capabilities (custom images, instance metadata\/cloud-init, block volumes, IAM policies controlling instance lifecycle, and monitoring\/telemetry through Oracle Cloud services).<\/p>\n\n\n\n<p><strong>What problem it solves:<\/strong> teams need a supported, secure, enterprise-grade Linux OS for running applications on Oracle Cloud Compute, with predictable lifecycle management, patching workflows, and a stable kernel\/platform suitable for production.<\/p>\n\n\n\n<blockquote>\n<p>Service name check: <strong>Oracle Linux<\/strong> is the current, official product name. It is not a separate \u201cmanaged cloud service\u201d in Oracle Cloud; it is an OS that you run on Oracle Cloud <strong>Compute<\/strong> resources. For OS management features (patch orchestration, reporting), Oracle Cloud provides separate services (for example, OS management offerings). Always verify the latest names and scope in official Oracle Cloud docs.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">2. What is Oracle Linux?<\/h2>\n\n\n\n<p><strong>Official purpose:<\/strong> Oracle Linux is an enterprise Linux distribution provided by Oracle for running server workloads. It is commonly used to run Oracle software (databases, middleware) and general-purpose Linux workloads.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Core capabilities<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Enterprise Linux operating system<\/strong> for servers (VMs, bare metal, on-premises).<\/li>\n<li><strong>Binary compatibility goals<\/strong> with common enterprise Linux ecosystems (verify the specific compatibility statements in official docs for the Oracle Linux version you use).<\/li>\n<li><strong>Kernel options<\/strong>, including Oracle\u2019s <strong>Unbreakable Enterprise Kernel (UEK)<\/strong> and (in many deployments) a Red Hat compatible kernel option (availability depends on Oracle Linux version\u2014verify in official docs).<\/li>\n<li><strong>Package management and repositories<\/strong> suitable for production patching and controlled updates.<\/li>\n<li><strong>Security updates<\/strong> and lifecycle support policies (support depends on subscriptions; verify current policies).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Major components (commonly encountered)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>UEK (Unbreakable Enterprise Kernel):<\/strong> Oracle\u2019s kernel optimized for performance and modern features (exact feature set varies by UEK release\u2014verify).<\/li>\n<li><strong>Userspace + tooling:<\/strong> systemd, SSH, firewall tooling, package manager (DNF on OL8\/OL9; YUM on OL7), logging, SELinux tooling.<\/li>\n<li><strong>Repository and update channels:<\/strong> Oracle-hosted package repositories and mirrors.<\/li>\n<li><strong>Optional enterprise patching technologies:<\/strong> such as Ksplice (availability and entitlement depend on support\/subscription; verify).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Service type<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Type:<\/strong> Operating system distribution (not a managed service).<\/li>\n<li><strong>How you consume it in Oracle Cloud:<\/strong> by choosing an <strong>Oracle Linux image<\/strong> when creating a <strong>Compute instance<\/strong>, or by using a custom image built from Oracle Linux.<\/li>\n<li><strong>Scope:<\/strong> Per-instance OS. Oracle Linux itself is not \u201cregional\u201d in the way a managed service is; however, <strong>Compute images are offered per Oracle Cloud region<\/strong> and you deploy instances into a specific region\/availability domain.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How it fits into the Oracle Cloud ecosystem<\/h3>\n\n\n\n<p>Oracle Linux is commonly paired with:\n&#8211; <strong>Oracle Cloud Compute<\/strong>: VM and bare metal instances running Oracle Linux.\n&#8211; <strong>Networking (VCN, subnets, security lists\/NSGs, load balancers)<\/strong>: controlling access to Oracle Linux hosts.\n&#8211; <strong>Block Volumes and Object Storage<\/strong>: persistent storage and backups.\n&#8211; <strong>IAM policies<\/strong>: controlling who can create, start\/stop, and access instances.\n&#8211; <strong>Monitoring and Logging<\/strong>: metrics and logs for the instances and applications.\n&#8211; <strong>OS management services<\/strong> (separate from Oracle Linux itself): patch and package governance across fleets (verify current Oracle Cloud service names and capabilities in official docs).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Why use Oracle Linux?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Business reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Vendor alignment<\/strong> for organizations standardizing on Oracle technologies and Oracle Cloud.<\/li>\n<li><strong>Enterprise support options<\/strong> (subscriptions) for regulated or mission-critical workloads (verify available support tiers).<\/li>\n<li><strong>Consistency across environments<\/strong>: many teams run Oracle Linux on-premises and in Oracle Cloud for a consistent operational model.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Technical reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Kernel choice and performance tuning<\/strong>: UEK is commonly selected for performance-sensitive workloads (feature set varies; verify).<\/li>\n<li><strong>Compatibility considerations<\/strong>: Oracle Linux is widely used in enterprise Linux environments; you can often reuse automation and tooling built for similar Linux distributions (always test).<\/li>\n<li><strong>Automation-friendly<\/strong>: cloud-init\/instance metadata, Terraform, Ansible, and standard Linux configuration management practices work well.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Predictable lifecycle management<\/strong>: standardized images, controlled repos, and patch windows.<\/li>\n<li><strong>Fleet management patterns<\/strong>: immutable image pipelines (golden images), configuration management, and (where used) OS management services.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/compliance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>SELinux, audit tooling, strong SSH defaults (when configured), and standard Linux hardening<\/strong>.<\/li>\n<li><strong>Integration with Oracle Cloud IAM<\/strong> for instance lifecycle control and with Oracle Cloud networking for segmentation.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scalability\/performance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Scale out using Compute<\/strong> plus autoscaling patterns (app-level or infrastructure-level).<\/li>\n<li><strong>High-performance storage and networking options<\/strong> available through Compute shapes and Block Volume performance tiers (separately priced).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should choose Oracle Linux<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You\u2019re running workloads on <strong>Oracle Cloud Compute<\/strong> and want a first-party enterprise Linux option.<\/li>\n<li>You want to standardize on a Linux distro aligned with Oracle\u2019s ecosystem.<\/li>\n<li>You need a platform for Oracle software or other Linux applications with enterprise controls.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should not choose Oracle Linux<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Your organization is mandated to use another distro (for example, Ubuntu LTS-only policy).<\/li>\n<li>You need a distro with specific vendor tooling that is only supported on another OS (for example, an appliance that requires a specific distribution).<\/li>\n<li>You are not prepared to manage Linux OS responsibilities (patching, hardening, configuration). In that case, consider managed platforms (Kubernetes, PaaS) rather than raw Compute.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">4. Where is Oracle Linux used?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Industries<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Finance, telecom, retail, manufacturing, healthcare, public sector\u2014anywhere Linux servers are used and governance matters.<\/li>\n<li>Organizations using Oracle Database and Oracle middleware stacks (on-prem and cloud).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Team types<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Platform engineering teams building golden images and standard baselines.<\/li>\n<li>SRE\/operations teams managing Linux fleets.<\/li>\n<li>DevOps teams running CI\/CD agents and application servers.<\/li>\n<li>Security teams implementing OS hardening standards and audit controls.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Workloads<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Web applications (NGINX\/Apache, app servers).<\/li>\n<li>APIs and microservices (on VMs, or as Kubernetes nodes).<\/li>\n<li>Batch jobs and schedulers.<\/li>\n<li>Databases (including Oracle Database on Compute\u2014licensed separately).<\/li>\n<li>Logging, monitoring agents, reverse proxies, and bastion hosts.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Architectures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Single instance + block volume for small services.<\/li>\n<li>Multi-tier web\/app\/db with private subnets.<\/li>\n<li>Load-balanced stateless app tier with autoscaling and rolling updates.<\/li>\n<li>Immutable infrastructure: build an Oracle Linux image in a pipeline, deploy instances from that image.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Real-world deployment contexts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Production<\/strong>: hardened images, strict SSH policies, private networking, controlled patch windows, monitoring\/alerting.<\/li>\n<li><strong>Dev\/test<\/strong>: smaller shapes, Always Free eligible instances (where available), faster patch cycles, lower-cost storage.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Top Use Cases and Scenarios<\/h2>\n\n\n\n<p>Below are realistic scenarios where Oracle Linux on Oracle Cloud Compute fits well.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) Standard web server on Compute<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Host a simple website or reverse proxy quickly.<\/li>\n<li><strong>Why Oracle Linux fits:<\/strong> Stable Linux baseline, easy package installs, integrates with VCN security.<\/li>\n<li><strong>Example:<\/strong> Deploy NGINX on Oracle Linux 8\/9 and expose port 80\/443 via NSG rules.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Private API service behind a load balancer<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Serve APIs securely with controlled ingress.<\/li>\n<li><strong>Why it fits:<\/strong> Run API service on Oracle Linux instances in private subnets; expose via Oracle Cloud Load Balancer.<\/li>\n<li><strong>Example:<\/strong> Two Oracle Linux app servers in private subnet, LB in public subnet, DB in private subnet.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Bastion\/jump host for private access<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Secure administrative access to private instances without public IPs.<\/li>\n<li><strong>Why it fits:<\/strong> Minimal Oracle Linux instance locked down with SSH keys and strict firewall rules.<\/li>\n<li><strong>Example:<\/strong> Public bastion subnet with a hardened Oracle Linux host; admins SSH to private servers through it.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) CI\/CD runners and build agents<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Need Linux build capacity for pipelines.<\/li>\n<li><strong>Why it fits:<\/strong> Standard Linux tooling, easy scaling by adding instances.<\/li>\n<li><strong>Example:<\/strong> Oracle Linux build agents that compile code, build containers, run tests; ephemeral instances for cost control.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Lift-and-shift of existing enterprise Linux apps<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Migrate existing Linux workloads to Oracle Cloud with minimal change.<\/li>\n<li><strong>Why it fits:<\/strong> Familiar Linux stack; migration can often focus on networking\/storage rather than rewriting apps.<\/li>\n<li><strong>Example:<\/strong> Rehost a legacy Java app server from on-prem to Oracle Cloud Compute with Oracle Linux.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Database host (self-managed)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Run a database on IaaS with full OS control.<\/li>\n<li><strong>Why it fits:<\/strong> Full control over filesystem, kernel tuning, storage mount options, monitoring agents.<\/li>\n<li><strong>Example:<\/strong> PostgreSQL or MySQL on Oracle Linux with Block Volume for data, backups to Object Storage.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Kubernetes worker nodes (Compute-based)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Need Linux nodes for Kubernetes clusters.<\/li>\n<li><strong>Why it fits:<\/strong> Oracle Linux is commonly used as a node OS in enterprise environments.<\/li>\n<li><strong>Example:<\/strong> Oracle Linux instances as nodes for a managed Kubernetes control plane (verify current supported node OS options in OKE docs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Secure file processing \/ batch workloads<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Process files on a schedule, integrate with Object Storage.<\/li>\n<li><strong>Why it fits:<\/strong> Cron\/systemd timers, OCI CLI\/SDK, and secure VCN patterns.<\/li>\n<li><strong>Example:<\/strong> Nightly job pulls from Object Storage, processes, writes results back.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">9) Observability stack components<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Run self-managed telemetry tools (when you can\u2019t use SaaS).<\/li>\n<li><strong>Why it fits:<\/strong> Full control over agents, storage, and retention.<\/li>\n<li><strong>Example:<\/strong> Host a log forwarder or metrics collector on Oracle Linux in a private subnet.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">10) Hardened application appliance pattern<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Provide a locked-down VM image for internal teams.<\/li>\n<li><strong>Why it fits:<\/strong> Golden image pipeline + instance configuration gives repeatable deployment.<\/li>\n<li><strong>Example:<\/strong> Build a CIS-aligned Oracle Linux image, publish as a custom image, deploy across compartments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">11) Development sandbox environments<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Developers need disposable Linux boxes.<\/li>\n<li><strong>Why it fits:<\/strong> Fast instance provisioning; standard tooling; optional Always Free eligibility (verify).<\/li>\n<li><strong>Example:<\/strong> Developers create Oracle Linux instances, install toolchains, destroy after use.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">12) Network services (DNS caching, proxy, VPN endpoints)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Need infrastructure services near workloads.<\/li>\n<li><strong>Why it fits:<\/strong> Linux is ideal for network services; OCI networking provides segmentation and route controls.<\/li>\n<li><strong>Example:<\/strong> Run a caching proxy in a shared services subnet for egress control.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">6. Core Features<\/h2>\n\n\n\n<p>Oracle Linux as used in Oracle Cloud Compute is a combination of OS capabilities plus cloud integration patterns.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) Oracle Linux images for Compute<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Provides ready-to-boot OS images to launch VM\/bare metal instances.<\/li>\n<li><strong>Why it matters:<\/strong> Fast provisioning with a known baseline.<\/li>\n<li><strong>Practical benefit:<\/strong> Consistent builds for fleets; reduces manual OS installs.<\/li>\n<li><strong>Caveats:<\/strong> Image availability can vary by region and platform (x86 vs Arm). Verify in the Oracle Cloud Console for your region.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Enterprise kernel options (UEK and others)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Offers kernel choices, commonly UEK for performance\/features.<\/li>\n<li><strong>Why it matters:<\/strong> Kernel behavior affects performance, drivers, and compatibility.<\/li>\n<li><strong>Practical benefit:<\/strong> Ability to align kernel with workload needs.<\/li>\n<li><strong>Caveats:<\/strong> Kernel selection and default vary by Oracle Linux version and image; verify the running kernel and supported combinations for your workload.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Standard Linux package management (DNF\/YUM)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Installs and updates packages from repositories.<\/li>\n<li><strong>Why it matters:<\/strong> Patch management is foundational for security.<\/li>\n<li><strong>Practical benefit:<\/strong> Automated patching with standard tools.<\/li>\n<li><strong>Caveats:<\/strong> Repository configuration and update cadence must be governed. In production, avoid uncontrolled \u201clatest of everything\u201d upgrades.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) systemd service management<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Controls services (start\/stop\/restart), boot targets, journald logs.<\/li>\n<li><strong>Why it matters:<\/strong> Predictable operations and automation.<\/li>\n<li><strong>Practical benefit:<\/strong> Stable service lifecycle control.<\/li>\n<li><strong>Caveats:<\/strong> Misconfigured units can cause boot delays; validate changes in staging.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) SELinux (security policy enforcement)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Mandatory access control that confines processes.<\/li>\n<li><strong>Why it matters:<\/strong> Reduces blast radius of compromises.<\/li>\n<li><strong>Practical benefit:<\/strong> Stronger security posture, especially for internet-facing services.<\/li>\n<li><strong>Caveats:<\/strong> Can break apps if not configured; prefer fixing labels\/policies over disabling SELinux.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Firewall tooling (firewalld\/iptables\/nftables)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Controls host-level ports and traffic rules.<\/li>\n<li><strong>Why it matters:<\/strong> Defense in depth in addition to VCN security rules.<\/li>\n<li><strong>Practical benefit:<\/strong> Minimizes exposed services and lateral movement.<\/li>\n<li><strong>Caveats:<\/strong> Don\u2019t rely on host firewall alone; use VCN security lists\/NSGs as primary network control.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) cloud-init and instance metadata (typical cloud pattern)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Automates first boot configuration (users, packages, scripts).<\/li>\n<li><strong>Why it matters:<\/strong> Repeatability and \u201cinfrastructure as code\u201d.<\/li>\n<li><strong>Practical benefit:<\/strong> Consistent server bootstrap without manual SSH steps.<\/li>\n<li><strong>Caveats:<\/strong> Metadata and user-data behaviors depend on the image. Verify cloud-init availability and supported datasource behavior for your image.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Custom images and golden image pipelines<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Enables you to bake hardened Oracle Linux images for repeatable deployment.<\/li>\n<li><strong>Why it matters:<\/strong> Reduces configuration drift and speeds up scaling.<\/li>\n<li><strong>Practical benefit:<\/strong> Faster, safer provisioning and easier compliance.<\/li>\n<li><strong>Caveats:<\/strong> Keep image build pipelines patched and versioned; avoid embedding secrets in images.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">9) Oracle Cloud Agent (Compute agent) integration (Compute feature)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Enables instance management features from Oracle Cloud (exact plugins vary).<\/li>\n<li><strong>Why it matters:<\/strong> Enables monitoring and management integrations.<\/li>\n<li><strong>Practical benefit:<\/strong> Better observability and control without manual agent installs (in some cases).<\/li>\n<li><strong>Caveats:<\/strong> Agent\/plugin capabilities and defaults vary by image and region; verify in Oracle Cloud docs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">10) Optional live patching (Ksplice) (entitlement-dependent)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Applies certain kernel\/security updates without reboot (conceptually).<\/li>\n<li><strong>Why it matters:<\/strong> Reduces downtime for patching.<\/li>\n<li><strong>Practical benefit:<\/strong> Helps meet uptime goals while staying secure.<\/li>\n<li><strong>Caveats:<\/strong> Requires correct entitlement\/support and has scope limitations (not every update is live-patchable). <strong>Verify current Ksplice availability and licensing for Oracle Linux on Oracle Cloud in official docs.<\/strong><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">7. Architecture and How It Works<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">High-level architecture (what runs where)<\/h3>\n\n\n\n<p>When you run Oracle Linux in Oracle Cloud:\n&#8211; The <strong>Compute service<\/strong> provides VM or bare metal capacity.\n&#8211; The <strong>Oracle Linux OS<\/strong> runs inside that instance.\n&#8211; You attach <strong>boot volumes<\/strong> and optional <strong>block volumes<\/strong> for persistent storage.\n&#8211; Networking is provided by <strong>VCN<\/strong>, <strong>subnets<\/strong>, <strong>route tables<\/strong>, <strong>security lists<\/strong>, and\/or <strong>NSGs<\/strong>.\n&#8211; Control plane actions (create\/stop\/attach volume) are governed by <strong>IAM policies<\/strong>.\n&#8211; Observability is handled by <strong>Monitoring<\/strong>, <strong>Logging<\/strong>, and optionally OS-level agents.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Control flow vs data flow<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Control plane flow:<\/strong> You (or Terraform\/CLI) call Oracle Cloud APIs to create\/update instance resources. IAM authorizes these actions. The instance is then provisioned with the selected Oracle Linux image and network settings.<\/li>\n<li><strong>Data plane flow:<\/strong> Client traffic flows through VCN routing and security rules to your instance\u2019s VNIC(s). Inside the instance, Linux services (e.g., nginx) listen on ports and serve traffic.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Integrations with related Oracle Cloud services<\/h3>\n\n\n\n<p>Common integrations include:\n&#8211; <strong>Networking:<\/strong> VCN, subnets, NSGs, public IPs, NAT gateway, service gateway.\n&#8211; <strong>Load balancing:<\/strong> Put Oracle Linux instances behind an Oracle Cloud Load Balancer for HA.\n&#8211; <strong>Storage:<\/strong> Block Volumes for persistent disks; Object Storage for backups\/artifacts.\n&#8211; <strong>Identity:<\/strong> IAM policies and compartments to segment environments.\n&#8211; <strong>Monitoring\/Logging:<\/strong> Use Oracle Cloud Monitoring metrics + OS logs (forwarded or collected by an agent).\n&#8211; <strong>Key Management:<\/strong> OCI Vault for encryption keys and secrets (store app secrets in Vault, not in files).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Dependency services<\/h3>\n\n\n\n<p>Oracle Linux itself depends on:\n&#8211; <strong>Compute<\/strong> (the instance)\n&#8211; <strong>Boot Volume service<\/strong> (boot disk)\n&#8211; <strong>VCN<\/strong> (network)\nOptionally:\n&#8211; <strong>Block Volume<\/strong>, <strong>Object Storage<\/strong>, <strong>Load Balancer<\/strong>, <strong>Vault<\/strong>, <strong>Monitoring\/Logging<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/authentication model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>API actions:<\/strong> authenticated via IAM (users\/groups\/federation, dynamic groups, instance principals).<\/li>\n<li><strong>OS access:<\/strong> typically SSH key-based authentication to the Oracle Linux host.<\/li>\n<li><strong>Network access:<\/strong> controlled at multiple layers:<\/li>\n<li>VCN security lists \/ NSGs (cloud firewall)<\/li>\n<li>Host firewall (firewalld)<\/li>\n<li>Application-level auth (TLS, tokens, OAuth, etc.)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Networking model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Instances have <strong>VNICs<\/strong> in subnets.<\/li>\n<li>Subnets can be public (public IP possible) or private (no direct internet ingress).<\/li>\n<li>Egress can be controlled with NAT gateways; private access to Oracle services via service gateways (verify availability for your region).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Track instance metrics (CPU, memory where available, disk, network).<\/li>\n<li>Centralize logs (systemd journal, \/var\/log) into Oracle Cloud Logging or a third-party system.<\/li>\n<li>Use compartments and tags to separate dev\/test\/prod and cost centers.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Simple architecture diagram (single instance web server)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart LR\n  U[User Browser] --&gt;|HTTP\/HTTPS| IGW[Internet Gateway]\n  IGW --&gt; VCN[VCN]\n  VCN --&gt; SUB[Public Subnet]\n  SUB --&gt; VM[Compute Instance\\nOracle Linux]\n  VM --&gt; BV[Boot Volume]\n  VM --&gt;|Optional| BLK[Block Volume]\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Production-style architecture diagram (HA web tier + private app\/db)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart TB\n  U[Users] --&gt; DNS[DNS]\n  DNS --&gt; LB[Load Balancer\\nPublic Subnet]\n  LB --&gt;|HTTP\/HTTPS| WEB1[Web VM 1\\nOracle Linux\\nPrivate Subnet]\n  LB --&gt;|HTTP\/HTTPS| WEB2[Web VM 2\\nOracle Linux\\nPrivate Subnet]\n\n  WEB1 --&gt; APP1[App VM 1\\nOracle Linux\\nPrivate Subnet]\n  WEB2 --&gt; APP2[App VM 2\\nOracle Linux\\nPrivate Subnet]\n\n  APP1 --&gt; DB[(Database\\nPrivate Subnet)]\n  APP2 --&gt; DB\n\n  APP1 --&gt; OBS[Object Storage\\nBackups\/Artifacts]\n  APP2 --&gt; OBS\n\n  WEB1 --&gt; MON[Monitoring\/Logging]\n  WEB2 --&gt; MON\n  APP1 --&gt; MON\n  APP2 --&gt; MON\n\n  subgraph VCN[VCN]\n    LB\n    WEB1\n    WEB2\n    APP1\n    APP2\n    DB\n  end\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">8. Prerequisites<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Oracle Cloud account\/tenancy<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An active <strong>Oracle Cloud<\/strong> account (tenancy).<\/li>\n<li>Access to a region where Compute is available.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Permissions \/ IAM<\/h3>\n\n\n\n<p>You need permissions to:\n&#8211; Create and manage <strong>Compute instances<\/strong>\n&#8211; Create\/use <strong>VCNs<\/strong>, subnets, and security rules (or use existing network)\n&#8211; Manage <strong>block volumes<\/strong> (optional)\n&#8211; Manage <strong>keys and secrets<\/strong> if using Vault (optional)<\/p>\n\n\n\n<p>If your organization uses strict compartment controls, ensure you have access to the correct compartment(s). For exact policies, <strong>verify in official Oracle Cloud IAM documentation<\/strong>, as policy syntax and best practices can evolve.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Billing requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A billable account may be required, even if using Always Free eligible resources.<\/li>\n<li>If using paid shapes, storage, load balancers, or data egress, charges apply.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Tools you may use<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Oracle Cloud Console (web)<\/li>\n<li>SSH client:<\/li>\n<li>macOS\/Linux: built-in <code>ssh<\/code><\/li>\n<li>Windows: Windows Terminal + OpenSSH, or PuTTY<\/li>\n<li>Optional automation:<\/li>\n<li>OCI CLI: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/SDKDocs\/cliinstall.htm<\/li>\n<li>Terraform (OCI provider): https:\/\/registry.terraform.io\/providers\/oracle\/oci\/latest<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Region availability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Oracle Linux images are typically broadly available, but <strong>specific images\/shapes (x86\/Arm) vary by region<\/strong>. Verify in the Console when selecting an image.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas\/limits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Compute instance limits (OCPUs\/cores, number of instances) vary by tenancy and region.<\/li>\n<li>Network limits (VCNs, subnets, NSGs) also apply.<\/li>\n<li>Always Free limits (if used) can change\u2014<strong>verify current limits in official Oracle Cloud Free Tier documentation<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisite services<\/h3>\n\n\n\n<p>For this tutorial lab, you need:\n&#8211; A <strong>VCN<\/strong> with a subnet (public is simplest for a beginner lab)\n&#8211; A <strong>Compute instance<\/strong> using an Oracle Linux image\n&#8211; A way to connect (SSH) and optionally open HTTP port 80<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">9. Pricing \/ Cost<\/h2>\n\n\n\n<p>Oracle Linux pricing in Oracle Cloud needs to be understood correctly:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing model (what you pay for)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Oracle Linux OS image cost:<\/strong> typically <strong>no additional license fee<\/strong> to run Oracle Linux images on Oracle Cloud Compute. You pay for the underlying infrastructure resources.<\/li>\n<li><strong>Compute costs:<\/strong> depend on shape (VM\/bare metal), OCPU count, memory, and region.<\/li>\n<li><strong>Storage costs:<\/strong><\/li>\n<li>Boot volume (size and performance characteristics)<\/li>\n<li>Block volumes (size and performance tier)<\/li>\n<li>Object Storage (capacity, requests, retrieval) for backups\/logs<\/li>\n<li><strong>Network costs:<\/strong><\/li>\n<li>Data egress to the public internet is often a cost driver.<\/li>\n<li>Intra-region traffic rules vary by service\u2014verify OCI pricing details.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Support subscription costs (important nuance)<\/h3>\n\n\n\n<p>Oracle Linux can be used without a paid OS license, but <strong>enterprise support subscriptions<\/strong> (including access to certain enterprise features and support channels) may be purchased separately. If you require features such as live patching entitlements or vendor support SLAs, <strong>verify the current Oracle Linux support offerings and how they apply on Oracle Cloud<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Free Tier (if applicable)<\/h3>\n\n\n\n<p>Oracle Cloud offers an <strong>Always Free<\/strong> program with limited Compute\/Storage resources (subject to change). You may be able to run a small Oracle Linux instance under Always Free eligibility depending on region and shape availability. <strong>Verify current Always Free eligibility in official Oracle Cloud Free Tier docs.<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Cost drivers (direct + indirect)<\/h3>\n\n\n\n<p>Direct:\n&#8211; Shape size (OCPUs\/memory)\n&#8211; Number of instances and uptime (24\/7 vs scheduled)\n&#8211; Boot volume and block volume sizes\/performance\n&#8211; Load balancer (if used)\n&#8211; Backup storage in Object Storage<\/p>\n\n\n\n<p>Indirect:\n&#8211; Data egress (downloads, updates, serving traffic to users)\n&#8211; Snapshots and backups growth over time\n&#8211; Extra environments (dev\/stage\/prod duplication)\n&#8211; Operational overhead (time spent patching and hardening if not automated)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Hidden or surprising costs to watch<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Leaving instances running<\/strong> when not needed (dev\/test).<\/li>\n<li><strong>Oversized boot volumes<\/strong> and long retention of backups\/snapshots.<\/li>\n<li><strong>Public egress<\/strong> for high-traffic services.<\/li>\n<li><strong>Log retention<\/strong> if you centralize verbose logs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How to optimize cost (practical checklist)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use the smallest shape that meets performance needs; scale horizontally if appropriate.<\/li>\n<li>Turn off or terminate non-production instances outside working hours.<\/li>\n<li>Use autoscaling for stateless tiers (where appropriate).<\/li>\n<li>Right-size boot volumes; attach separate block volumes only where needed.<\/li>\n<li>Use Object Storage lifecycle policies for backups\/logs.<\/li>\n<li>Minimize internet egress by caching and using private endpoints where possible.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Example low-cost starter estimate (no fabricated numbers)<\/h3>\n\n\n\n<p>A minimal lab setup typically includes:\n&#8211; 1 small VM Compute instance (possibly Always Free eligible)\n&#8211; 1 boot volume (smallest practical size for OS + packages)\n&#8211; Minimal outbound traffic\n&#8211; No load balancer<\/p>\n\n\n\n<p>Exact monthly cost depends on region, shape, storage size\/performance, and usage hours. Use:\n&#8211; Official pricing: https:\/\/www.oracle.com\/cloud\/price-list\/\n&#8211; Cost Estimator\/Calculator (OCI): https:\/\/www.oracle.com\/cloud\/costestimator.html<br\/>\nVerify these URLs and the current calculator experience in official Oracle Cloud pages if they change.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Example production cost considerations<\/h3>\n\n\n\n<p>For a production web application on Oracle Linux you might add:\n&#8211; Multiple instances across fault domains\/ADs\n&#8211; Load balancer\n&#8211; Larger and\/or higher-performance block volumes\n&#8211; Backups and cross-region replication (if required)\n&#8211; Monitoring\/logging retention and ingestion costs\n&#8211; NAT gateway and egress costs<\/p>\n\n\n\n<p>In production, the OS is rarely the cost\u2014<strong>compute, storage performance, and egress<\/strong> are usually the primary drivers.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Objective<\/h3>\n\n\n\n<p>Launch an <strong>Oracle Linux<\/strong> Compute instance in <strong>Oracle Cloud<\/strong>, connect via SSH, install and expose a simple web server, and apply basic hardening and verification. This is designed to be low-cost and safe for beginners.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Lab Overview<\/h3>\n\n\n\n<p>You will:\n1. Create (or reuse) a VCN and a public subnet.\n2. Create an Oracle Linux Compute instance with an SSH key.\n3. Connect to the instance via SSH.\n4. Update the OS packages.\n5. Install and start NGINX (or Apache HTTP Server).\n6. Open port 80 at both the cloud network layer and the host firewall.\n7. Validate from a browser\/curl.\n8. Clean up resources to avoid ongoing charges.<\/p>\n\n\n\n<blockquote>\n<p>Notes before you begin:\n&#8211; Menu names in the Oracle Cloud Console can change. Follow the intent of each step and <strong>verify in the current Console<\/strong>.\n&#8211; Commands below target Oracle Linux 8\/9 style tooling (<code>dnf<\/code>, <code>firewalld<\/code>). If you selected Oracle Linux 7, some commands differ (use <code>yum<\/code>). Prefer Oracle Linux 8\/9 for modern labs unless you have a compatibility requirement.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Create or choose a compartment<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In the Oracle Cloud Console, open the navigation menu.<\/li>\n<li>Go to <strong>Identity &amp; Security<\/strong> \u2192 <strong>Compartments<\/strong>.<\/li>\n<li>Create a compartment such as:\n   &#8211; Name: <code>lab-oracle-linux<\/code>\n   &#8211; Description: <code>Oracle Linux Compute lab<\/code><\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome:<\/strong> You have a compartment to isolate lab resources and simplify cleanup.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Create a VCN (or use the VCN wizard)<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Networking<\/strong> \u2192 <strong>Virtual Cloud Networks<\/strong>.<\/li>\n<li>Select your compartment: <code>lab-oracle-linux<\/code>.<\/li>\n<li>Click <strong>Create VCN<\/strong>.<\/li>\n<li>Choose the quick start option such as <strong>VCN with Internet Connectivity<\/strong> (wording may vary), which typically creates:\n   &#8211; 1 VCN\n   &#8211; 1 public subnet\n   &#8211; Internet Gateway\n   &#8211; Route table rule to the Internet Gateway\n   &#8211; Default security list<\/li>\n<\/ol>\n\n\n\n<p>Use a clear naming scheme:\n&#8211; VCN: <code>vcn-lab-ol<\/code>\n&#8211; Public subnet: <code>subnet-public-lab-ol<\/code><\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> You have a public subnet capable of assigning a public IP to an instance.<\/p>\n\n\n\n<p><strong>Verification:<\/strong>\n&#8211; Open the subnet and confirm:\n  &#8211; It is marked <strong>Public<\/strong>\n  &#8211; A route rule exists to an Internet Gateway (0.0.0.0\/0)<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Create an SSH key pair (local)<\/h3>\n\n\n\n<p>On your local machine:<\/p>\n\n\n\n<pre><code class=\"language-bash\">ssh-keygen -t ed25519 -f ~\/.ssh\/oci_ol_lab -C \"oci-oracle-linux-lab\"\n<\/code><\/pre>\n\n\n\n<p>This produces:\n&#8211; Private key: <code>~\/.ssh\/oci_ol_lab<\/code>\n&#8211; Public key: <code>~\/.ssh\/oci_ol_lab.pub<\/code><\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> You have an SSH key pair to authenticate to the instance.<\/p>\n\n\n\n<p><strong>Verification:<\/strong><\/p>\n\n\n\n<pre><code class=\"language-bash\">ls -l ~\/.ssh\/oci_ol_lab*\ncat ~\/.ssh\/oci_ol_lab.pub\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Create an Oracle Linux Compute instance<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Compute<\/strong> \u2192 <strong>Instances<\/strong> \u2192 <strong>Create instance<\/strong>.<\/li>\n<li>Set:\n   &#8211; Name: <code>ol-web-01<\/code>\n   &#8211; Compartment: <code>lab-oracle-linux<\/code><\/li>\n<li>Placement: choose an availability domain (as offered).<\/li>\n<li>Image: select <strong>Oracle Linux<\/strong> (choose a current major version such as 8 or 9 if available).<\/li>\n<li>Shape: choose a small\/low-cost shape. If you want to try Always Free eligibility, pick an <strong>Always Free eligible<\/strong> shape where available (verify current eligibility).<\/li>\n<li>Networking:\n   &#8211; VCN: <code>vcn-lab-ol<\/code>\n   &#8211; Subnet: <code>subnet-public-lab-ol<\/code>\n   &#8211; Assign a public IPv4 address: <strong>Yes<\/strong> (for this beginner lab)<\/li>\n<li>Add SSH keys:\n   &#8211; Paste the contents of <code>~\/.ssh\/oci_ol_lab.pub<\/code><\/li>\n<\/ol>\n\n\n\n<p>Click <strong>Create<\/strong>.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Instance enters <strong>Provisioning<\/strong> then <strong>Running<\/strong> state.<\/p>\n\n\n\n<p><strong>Verification:<\/strong>\n&#8211; Open the instance details and note:\n  &#8211; Public IP address\n  &#8211; Username hint (often <code>opc<\/code> for Oracle-provided images\u2014<strong>verify on the instance page<\/strong>)<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Connect to Oracle Linux via SSH<\/h3>\n\n\n\n<p>From your local machine:<\/p>\n\n\n\n<pre><code class=\"language-bash\">ssh -i ~\/.ssh\/oci_ol_lab opc@&lt;PUBLIC_IP&gt;\n<\/code><\/pre>\n\n\n\n<p>Replace <code>&lt;PUBLIC_IP&gt;<\/code> with your instance public IP.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> You get a shell prompt on the Oracle Linux instance.<\/p>\n\n\n\n<p><strong>If you get \u201cPermission denied\u201d:<\/strong>\n&#8211; Verify you used the correct username shown in the Console.\n&#8211; Verify you used the private key <code>oci_ol_lab<\/code>, not the <code>.pub<\/code> key.\n&#8211; Verify the instance is in RUNNING state and you allowed time for first boot.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Update packages (basic patching)<\/h3>\n\n\n\n<p>On the instance:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sudo dnf -y update\nsudo reboot\n<\/code><\/pre>\n\n\n\n<p>Reconnect after reboot:<\/p>\n\n\n\n<pre><code class=\"language-bash\">ssh -i ~\/.ssh\/oci_ol_lab opc@&lt;PUBLIC_IP&gt;\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> OS packages are updated and the instance returns after reboot.<\/p>\n\n\n\n<p><strong>Verification:<\/strong><\/p>\n\n\n\n<pre><code class=\"language-bash\">cat \/etc\/oracle-release || cat \/etc\/os-release\nuname -r\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7: Install and start a web server (NGINX)<\/h3>\n\n\n\n<p>Install NGINX:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sudo dnf -y install nginx\n<\/code><\/pre>\n\n\n\n<p>Enable and start it:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sudo systemctl enable --now nginx\nsudo systemctl status nginx --no-pager\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> NGINX is active (running).<\/p>\n\n\n\n<p><strong>Verification (local on instance):<\/strong><\/p>\n\n\n\n<pre><code class=\"language-bash\">curl -I http:\/\/127.0.0.1\/\n<\/code><\/pre>\n\n\n\n<p>You should see an HTTP 200\/304 response or similar headers.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 8: Open port 80 at the Oracle Cloud network layer (NSG or Security List)<\/h3>\n\n\n\n<p>You must allow inbound TCP\/80 to reach your server.<\/p>\n\n\n\n<p>Option A (common for simple labs): <strong>Security List<\/strong>\n1. Go to your subnet \u2192 <strong>Security Lists<\/strong> (or the default security list for the VCN).\n2. Add an <strong>Ingress Rule<\/strong>:\n   &#8211; Source CIDR: <code>0.0.0.0\/0<\/code> (for a public lab; for production, restrict to known IP ranges)\n   &#8211; IP Protocol: TCP\n   &#8211; Destination port range: <code>80<\/code><\/p>\n\n\n\n<p>Option B: <strong>Network Security Group (NSG)<\/strong> (often preferred operationally)\n1. Create an NSG for web instances, attach it to the instance VNIC.\n2. Add ingress TCP\/80 to the NSG.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Oracle Cloud permits inbound traffic to port 80.<\/p>\n\n\n\n<p><strong>Verification:<\/strong> From your laptop:<\/p>\n\n\n\n<pre><code class=\"language-bash\">curl -I http:\/\/&lt;PUBLIC_IP&gt;\/\n<\/code><\/pre>\n\n\n\n<p>If it times out, continue to Step 9 (host firewall).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 9: Open port 80 on the host firewall (firewalld)<\/h3>\n\n\n\n<p>Check if firewalld is running:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sudo systemctl status firewalld --no-pager\n<\/code><\/pre>\n\n\n\n<p>If it\u2019s active, allow HTTP:<\/p>\n\n\n\n<pre><code class=\"language-bash\">sudo firewall-cmd --permanent --add-service=http\nsudo firewall-cmd --reload\nsudo firewall-cmd --list-all\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> Host firewall permits inbound HTTP.<\/p>\n\n\n\n<p><strong>Verification (from your laptop):<\/strong><\/p>\n\n\n\n<pre><code class=\"language-bash\">curl http:\/\/&lt;PUBLIC_IP&gt;\/\n<\/code><\/pre>\n\n\n\n<p>You should see the NGINX welcome page HTML.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 10: Create a simple custom index page<\/h3>\n\n\n\n<p>On the instance:<\/p>\n\n\n\n<pre><code class=\"language-bash\">echo \"Hello from Oracle Linux on Oracle Cloud Compute\" | sudo tee \/usr\/share\/nginx\/html\/index.html\nsudo systemctl restart nginx\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> Your page content is served.<\/p>\n\n\n\n<p><strong>Verification (from your laptop):<\/strong><\/p>\n\n\n\n<pre><code class=\"language-bash\">curl http:\/\/&lt;PUBLIC_IP&gt;\/\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Validation<\/h3>\n\n\n\n<p>Use this checklist:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Instance is running:\n   &#8211; Console shows status <strong>Running<\/strong><\/li>\n<li>SSH works:\n   &#8211; <code>ssh -i ~\/.ssh\/oci_ol_lab opc@&lt;PUBLIC_IP&gt;<\/code><\/li>\n<li>NGINX is running:\n   &#8211; <code>systemctl status nginx<\/code><\/li>\n<li>Network path is open:\n   &#8211; <code>curl http:\/\/&lt;PUBLIC_IP&gt;\/<\/code> returns your custom message<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Troubleshooting<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">Issue: SSH connection timeout<\/h4>\n\n\n\n<p>Possible causes:\n&#8211; No public IP assigned\n&#8211; Subnet is private or no route to internet gateway\n&#8211; Security list\/NSG blocks TCP\/22<\/p>\n\n\n\n<p>Fix:\n&#8211; Ensure public IP is assigned.\n&#8211; Verify subnet route table has <code>0.0.0.0\/0<\/code> to Internet Gateway.\n&#8211; Add ingress TCP\/22 from your IP (best) or temporarily <code>0.0.0.0\/0<\/code> for the lab.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Issue: \u201cPermission denied (publickey)\u201d<\/h4>\n\n\n\n<p>Possible causes:\n&#8211; Wrong username\n&#8211; Wrong private key file\n&#8211; SSH key not injected properly at creation<\/p>\n\n\n\n<p>Fix:\n&#8211; Verify the correct login username in instance details (commonly <code>opc<\/code>, but <strong>verify<\/strong>).\n&#8211; Ensure permissions on the key:\n  <code>bash\n  chmod 600 ~\/.ssh\/oci_ol_lab<\/code>\n&#8211; If needed, recreate instance with the correct public key.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Issue: HTTP works locally but not from the internet<\/h4>\n\n\n\n<p>Possible causes:\n&#8211; Cloud security rule missing for TCP\/80\n&#8211; Host firewall blocks port 80\n&#8211; NGINX not listening on 0.0.0.0:80<\/p>\n\n\n\n<p>Fix:\n&#8211; Confirm NGINX is listening:\n  <code>bash\n  sudo ss -lntp | grep :80<\/code>\n&#8211; Confirm NSG\/security list has TCP\/80 ingress.\n&#8211; Confirm firewalld allows HTTP.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Issue: <code>dnf update<\/code> fails due to repository\/network errors<\/h4>\n\n\n\n<p>Possible causes:\n&#8211; No outbound internet (missing NAT\/IGW route)\n&#8211; DNS issues\n&#8211; Corporate proxy requirements<\/p>\n\n\n\n<p>Fix:\n&#8211; For a public subnet lab, verify route to Internet Gateway.\n&#8211; Verify DNS resolver settings (usually automatic in OCI).\n&#8211; If in private subnet, use NAT gateway for outbound internet.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Cleanup<\/h3>\n\n\n\n<p>To avoid ongoing charges, remove resources you created:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>Terminate the instance<\/strong>\n   &#8211; Compute \u2192 Instances \u2192 <code>ol-web-01<\/code> \u2192 <strong>Terminate<\/strong>\n   &#8211; If prompted, choose whether to delete the boot volume (for a lab, deleting is typical if you don\u2019t need persistence).<\/p>\n<\/li>\n<li>\n<p><strong>Delete VCN resources<\/strong> (if created just for the lab)\n   &#8211; Networking \u2192 VCNs \u2192 <code>vcn-lab-ol<\/code> \u2192 <strong>Terminate<\/strong> (the console may guide you through dependent resources)<\/p>\n<\/li>\n<li>\n<p><strong>Delete compartment<\/strong> (optional)\n   &#8211; Only after all resources inside are deleted.<\/p>\n<\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome:<\/strong> No billable resources remain from the lab.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">11. Best Practices<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Architecture best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Prefer <strong>private subnets<\/strong> for most workloads; use a load balancer for public ingress rather than public IPs on every instance.<\/li>\n<li>Use <strong>multiple instances<\/strong> across fault domains\/ADs for availability when required.<\/li>\n<li>Adopt <strong>immutable infrastructure<\/strong>:<\/li>\n<li>Build a golden Oracle Linux image (patched + hardened)<\/li>\n<li>Deploy new instances from the image<\/li>\n<li>Replace instead of patching in place for stateless tiers<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">IAM\/security best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use compartments to separate environments (dev\/test\/prod).<\/li>\n<li>Apply least privilege IAM policies:<\/li>\n<li>Separate roles for networking, compute, security, and read-only auditing.<\/li>\n<li>Use <strong>instance principals<\/strong> (where appropriate) rather than storing API keys on disk (verify recommended patterns in OCI IAM docs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Cost best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Schedule non-prod instance shutdown\/termination.<\/li>\n<li>Right-size shapes and storage.<\/li>\n<li>Control log verbosity and retention.<\/li>\n<li>Watch egress: serve content via CDN or cache when appropriate (OCI has edge\/CDN options\u2014verify current offerings).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Performance best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Choose shapes appropriate to workload (CPU, memory, network bandwidth).<\/li>\n<li>Use block volume performance tiers aligned with IOPS\/throughput needs.<\/li>\n<li>Benchmark with realistic load; don\u2019t rely on defaults.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Reliability best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use load balancers and health checks.<\/li>\n<li>Deploy at least two instances for critical services.<\/li>\n<li>Back up:<\/li>\n<li>OS configuration (as code)<\/li>\n<li>Data volumes (snapshots\/backup policies)<\/li>\n<li>App artifacts (Object Storage)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operations best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Standardize:<\/li>\n<li>Package update policy<\/li>\n<li>Kernel update policy (including reboot windows)<\/li>\n<li>Base configuration (SSH, firewall, sysctl)<\/li>\n<li>Centralize monitoring and logs.<\/li>\n<li>Use tags for owner, environment, cost center, and data classification.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Governance\/tagging\/naming best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Naming pattern example:<\/li>\n<li><code>env-app-role-##<\/code> \u2192 <code>prod-payments-web-01<\/code><\/li>\n<li>Tagging example:<\/li>\n<li><code>Environment=prod<\/code><\/li>\n<li><code>Owner=platform-team<\/code><\/li>\n<li><code>CostCenter=1234<\/code><\/li>\n<li><code>DataClass=confidential<\/code><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">12. Security Considerations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Identity and access model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Oracle Cloud IAM<\/strong> controls who can create\/modify instances, networking, and volumes.<\/li>\n<li><strong>OS-level identity<\/strong> is separate: Linux users\/groups, sudoers policy, SSH keys.<\/li>\n<li>Recommended approach:<\/li>\n<li>Restrict who can attach public IPs and open security rules<\/li>\n<li>Use bastion\/jump hosts or session-based access patterns where appropriate<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Encryption<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>At rest:<\/strong> Boot and block volumes support encryption (Oracle-managed keys by default; customer-managed keys via Vault may be available\u2014verify in official docs).<\/li>\n<li><strong>In transit:<\/strong> Use TLS for applications; avoid plaintext for admin endpoints.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network exposure<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Avoid exposing SSH (22) to the internet broadly.<\/li>\n<li>Use NSGs\/security lists to allow only necessary ports and source IP ranges.<\/li>\n<li>Place databases in private subnets with no public IPs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secrets handling<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Don\u2019t bake secrets into images or commit them into repos.<\/li>\n<li>Use <strong>Oracle Cloud Vault<\/strong> for secrets\/keys when possible, and fetch at runtime via secure methods (verify SDK\/CLI patterns).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Audit\/logging<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use Oracle Cloud audit logs for API actions (resource creation, security changes).<\/li>\n<li>Collect OS logs:<\/li>\n<li>SSH auth logs<\/li>\n<li>sudo logs<\/li>\n<li>application logs<\/li>\n<li>Keep time synchronized (NTP\/chrony) for accurate incident timelines.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compliance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Build a hardened baseline (CIS-like controls) and document exceptions.<\/li>\n<li>Define patch SLAs and verify patch compliance.<\/li>\n<li>Use vulnerability scanning approaches appropriate for your org (agent-based or image scanning). Verify available Oracle Cloud services and third-party options.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Common security mistakes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Public IPs on all instances, with <code>0.0.0.0\/0<\/code> open to SSH.<\/li>\n<li>Disabling SELinux rather than fixing labels\/policies.<\/li>\n<li>Long-lived SSH keys shared across admins.<\/li>\n<li>Not rotating credentials or not centralizing logs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secure deployment recommendations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use private subnets + load balancer.<\/li>\n<li>Restrict admin access via bastion or tightly scoped IP allowlists.<\/li>\n<li>Enforce key-based SSH; disable password SSH if enabled.<\/li>\n<li>Automate patching and reboots with maintenance windows.<\/li>\n<li>Implement file integrity monitoring and alerting where required.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">13. Limitations and Gotchas<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Oracle Linux is not a managed service<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You are responsible for:<\/li>\n<li>Patching<\/li>\n<li>Kernel upgrades and reboots<\/li>\n<li>Hardening<\/li>\n<li>Backup and recovery<\/li>\n<li>Application operations<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Image\/version differences<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Oracle Linux 7 vs 8 vs 9 differ in package manager, defaults, and available packages.<\/li>\n<li>Some guides online target older versions\u2014confirm your OS version first.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Kernel compatibility<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>If you depend on a specific kernel module\/driver, validate UEK vs other kernel options for your workload.<\/li>\n<li>Third-party agents may only support specific kernels\u2014verify vendor support matrices.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network\/security layering can confuse beginners<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You must open ports in <strong>two places<\/strong>:\n  1) OCI security rules (NSG\/security list)\n  2) Host firewall (firewalld), if enabled<br\/>\nMissing either can break connectivity.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas and capacity<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Your tenancy may have low default quotas for certain shapes.<\/li>\n<li>Some shapes may have capacity constraints in certain regions\/ADs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing surprises<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Internet data egress can add up quickly.<\/li>\n<li>Leaving large volumes or snapshots in place can incur storage costs.<\/li>\n<li>Load balancers and NAT gateways are separate billable resources (verify pricing).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Migration challenges<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Lift-and-shift may expose assumptions about on-prem networks (static IP ranges, internal DNS, NFS mounts).<\/li>\n<li>Configuration drift from years of manual changes complicates migration; prefer rebuilding from a clean baseline.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">14. Comparison with Alternatives<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">In Oracle Cloud (nearest options)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Ubuntu images on Compute<\/strong>: common for developer-first stacks.<\/li>\n<li><strong>Windows Server images on Compute<\/strong>: for .NET\/Windows workloads (licensed differently).<\/li>\n<li><strong>Container\/Kubernetes managed services<\/strong>: reduce OS management burden (you still need node OS understanding depending on the model).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Other clouds (nearest analogs)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AWS:<\/strong> Amazon Linux, RHEL\/Ubuntu on EC2<\/li>\n<li><strong>Azure:<\/strong> Azure Linux\/Ubuntu\/RHEL on Virtual Machines<\/li>\n<li><strong>Google Cloud:<\/strong> Debian\/Ubuntu\/RHEL on Compute Engine<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Open-source\/self-managed alternatives<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Rocky Linux \/ AlmaLinux<\/strong> (community enterprise Linux rebuilds)<\/li>\n<li><strong>Debian<\/strong> (community-driven, conservative)<\/li>\n<li><strong>RHEL<\/strong> (commercial enterprise distro)<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Comparison table<\/h4>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Option<\/th>\n<th>Best For<\/th>\n<th>Strengths<\/th>\n<th>Weaknesses<\/th>\n<th>When to Choose<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Oracle Linux on Oracle Cloud Compute<\/strong><\/td>\n<td>Oracle Cloud workloads needing enterprise Linux alignment<\/td>\n<td>Oracle ecosystem alignment, enterprise kernel options, standard Linux tooling<\/td>\n<td>You still manage OS; support entitlements vary<\/td>\n<td>Standardizing on Oracle Cloud + enterprise Linux patterns<\/td>\n<\/tr>\n<tr>\n<td><strong>Ubuntu on Oracle Cloud Compute<\/strong><\/td>\n<td>Dev-centric stacks, fast-moving packages<\/td>\n<td>Large community, broad tutorials, popular for cloud-native<\/td>\n<td>Different enterprise support model; some orgs prefer RHEL-like distros<\/td>\n<td>Teams already standardized on Ubuntu tooling<\/td>\n<\/tr>\n<tr>\n<td><strong>RHEL on Oracle Cloud Compute<\/strong><\/td>\n<td>Strict vendor certification requirements<\/td>\n<td>Strong commercial support and certification ecosystem<\/td>\n<td>Licensing\/subscription costs and management<\/td>\n<td>Workloads requiring explicit RHEL certification<\/td>\n<\/tr>\n<tr>\n<td><strong>Rocky\/AlmaLinux on Compute<\/strong><\/td>\n<td>Community enterprise Linux-like experience<\/td>\n<td>Familiar ecosystem, community-driven<\/td>\n<td>Support model differs; org policy may restrict<\/td>\n<td>Cost-sensitive teams with strong in-house Linux ops<\/td>\n<\/tr>\n<tr>\n<td><strong>Managed Kubernetes \/ PaaS<\/strong><\/td>\n<td>Reduce OS management<\/td>\n<td>Less patching burden at VM level, faster app iteration<\/td>\n<td>Different operational model; not ideal for all apps<\/td>\n<td>When you can run your app as containers\/services instead of VMs<\/td>\n<\/tr>\n<tr>\n<td><strong>On-prem Oracle Linux<\/strong><\/td>\n<td>Data residency\/legacy constraints<\/td>\n<td>Full control, existing integrations<\/td>\n<td>Hardware ops overhead<\/td>\n<td>When workloads must remain on-prem but you want same OS family<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">15. Real-World Example<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Enterprise example: Regulated internal API platform on Oracle Cloud<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> A financial services company needs an internal API platform with strict segmentation, auditing, and predictable patching.<\/li>\n<li><strong>Proposed architecture:<\/strong><\/li>\n<li>Oracle Linux instances in <strong>private subnets<\/strong> across at least two fault domains<\/li>\n<li>Public <strong>Load Balancer<\/strong> terminates TLS and forwards to web tier<\/li>\n<li>App tier and database tier isolated in separate subnets<\/li>\n<li>Centralized logs to a governed logging destination<\/li>\n<li>Golden image pipeline for Oracle Linux with hardened baseline<\/li>\n<li><strong>Why Oracle Linux was chosen:<\/strong><\/li>\n<li>Enterprise Linux baseline aligned with internal standards<\/li>\n<li>Kernel and patching controls suitable for regulated environments<\/li>\n<li>Consistent operations between on-prem and Oracle Cloud<\/li>\n<li><strong>Expected outcomes:<\/strong><\/li>\n<li>Reduced configuration drift via image-based deployments<\/li>\n<li>Improved auditability (cloud audit logs + centralized OS\/app logs)<\/li>\n<li>Safer patching with defined windows and repeatable rollouts<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Startup\/small-team example: Cost-controlled web app backend<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> A small SaaS team needs a reliable Linux host for a backend service with minimal spend and simple operations.<\/li>\n<li><strong>Proposed architecture:<\/strong><\/li>\n<li>One Oracle Linux VM in a public subnet initially<\/li>\n<li>Tight ingress rules (only 22 from admin IPs; 443 from internet)<\/li>\n<li>Automated backups to Object Storage<\/li>\n<li>Later: add a second instance and load balancer as traffic grows<\/li>\n<li><strong>Why Oracle Linux was chosen:<\/strong><\/li>\n<li>No separate OS license cost typically required for Oracle Linux images on Compute<\/li>\n<li>Stable Linux base and easy automation<\/li>\n<li><strong>Expected outcomes:<\/strong><\/li>\n<li>Low operational complexity at small scale<\/li>\n<li>Clear growth path to HA architecture<\/li>\n<li>Cost visibility tied mainly to compute hours and egress<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">16. FAQ<\/h2>\n\n\n\n<p>1) <strong>Is Oracle Linux a separate Oracle Cloud service?<\/strong><br\/>\nOracle Linux is an operating system you run on <strong>Oracle Cloud Compute<\/strong> instances. It is not a managed service like a database PaaS.<\/p>\n\n\n\n<p>2) <strong>Do I pay extra to use Oracle Linux on Oracle Cloud?<\/strong><br\/>\nTypically, you pay for the Compute, storage, and networking resources. Oracle Linux images generally do not add an extra OS license line item. If you need paid support subscriptions, that is separate\u2014verify your entitlements and agreements.<\/p>\n\n\n\n<p>3) <strong>Which Oracle Linux version should I use (7 vs 8 vs 9)?<\/strong><br\/>\nPrefer current supported major versions (often 8 or 9) unless an application requires an older release. Always verify your organization\u2019s support policy and the application vendor\u2019s compatibility.<\/p>\n\n\n\n<p>4) <strong>What username do I use to SSH into an Oracle Linux instance?<\/strong><br\/>\nIt is often <code>opc<\/code> on Oracle-provided images, but <strong>verify in the Oracle Cloud Console instance details<\/strong> or image documentation.<\/p>\n\n\n\n<p>5) <strong>How do I patch Oracle Linux?<\/strong><br\/>\nUse <code>dnf update<\/code> (Oracle Linux 8\/9) or <code>yum update<\/code> (Oracle Linux 7), ideally in a controlled maintenance window and with automation.<\/p>\n\n\n\n<p>6) <strong>Do I need to reboot after updates?<\/strong><br\/>\nKernel updates typically require reboot to take effect. Some environments use live patching technologies where entitled, but you should still plan for periodic reboots\u2014verify your patch strategy.<\/p>\n\n\n\n<p>7) <strong>Why can\u2019t I reach my web server even after starting NGINX?<\/strong><br\/>\nMost commonly, port 80\/443 is blocked either by OCI NSG\/security lists or by the host firewall. You must open it in both places if firewalld is active.<\/p>\n\n\n\n<p>8) <strong>Should I put my Oracle Linux instance in a public subnet?<\/strong><br\/>\nFor production, usually no. Use private subnets and expose services through a load balancer or other controlled ingress. Public subnets are fine for small labs and bastion hosts with strict rules.<\/p>\n\n\n\n<p>9) <strong>What is UEK and do I need it?<\/strong><br\/>\nUEK is Oracle\u2019s kernel option designed for performance and modern features. Whether you should use it depends on workload requirements and compatibility\u2014verify against your vendor\/application requirements.<\/p>\n\n\n\n<p>10) <strong>Can I use Terraform to provision Oracle Linux instances?<\/strong><br\/>\nYes. Oracle Cloud Infrastructure supports Terraform via the OCI provider. You would select an Oracle Linux image OCID appropriate for your region.<\/p>\n\n\n\n<p>11) <strong>How do I create a \u201cgolden image\u201d for Oracle Linux?<\/strong><br\/>\nCommon pattern: launch a base Oracle Linux instance, apply updates\/hardening, install baseline agents, then create a custom image and deploy from it. Ensure you do not embed secrets.<\/p>\n\n\n\n<p>12) <strong>How do I store secrets securely for apps running on Oracle Linux?<\/strong><br\/>\nUse Oracle Cloud Vault (where available) and fetch secrets at runtime using secure IAM patterns. Avoid storing secrets in images or source code.<\/p>\n\n\n\n<p>13) <strong>What\u2019s the difference between cloud firewall rules and host firewall rules?<\/strong><br\/>\nOCI NSGs\/security lists control traffic at the VCN level. Host firewalls (firewalld) control traffic at the OS level. Use both for defense in depth.<\/p>\n\n\n\n<p>14) <strong>Can Oracle Linux run on Arm shapes in Oracle Cloud?<\/strong><br\/>\nOracle Cloud offers Arm-based shapes in many regions. Oracle Linux availability depends on image support for the platform\u2014verify in the image selection list in your region.<\/p>\n\n\n\n<p>15) <strong>How do I monitor Oracle Linux instances?<\/strong><br\/>\nUse Oracle Cloud Monitoring for infrastructure metrics and centralize OS\/app logs into a logging system. Agent-based approaches vary\u2014verify current Oracle Cloud monitoring\/logging options and recommended agents.<\/p>\n\n\n\n<p>16) <strong>Is Oracle Linux good only for Oracle products?<\/strong><br\/>\nNo. It can run many general Linux workloads. Still, you should validate package availability and vendor support for your specific applications.<\/p>\n\n\n\n<p>17) <strong>What\u2019s the quickest secure improvement after first launch?<\/strong><br\/>\nRestrict SSH ingress to known IP ranges, ensure key-based SSH, apply updates, and enable centralized logging.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">17. Top Online Resources to Learn Oracle Linux<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Resource Type<\/th>\n<th>Name<\/th>\n<th>Why It Is Useful<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Official product page<\/td>\n<td>https:\/\/www.oracle.com\/linux\/<\/td>\n<td>High-level overview, links to docs and downloads<\/td>\n<\/tr>\n<tr>\n<td>Official documentation (Oracle Linux)<\/td>\n<td>https:\/\/docs.oracle.com\/en\/operating-systems\/oracle-linux\/<\/td>\n<td>Versioned Oracle Linux documentation set<\/td>\n<\/tr>\n<tr>\n<td>Oracle Linux downloads \/ yum info<\/td>\n<td>https:\/\/yum.oracle.com\/<\/td>\n<td>Repository and package update information<\/td>\n<\/tr>\n<tr>\n<td>OCI Compute documentation<\/td>\n<td>https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Compute\/home.htm<\/td>\n<td>How to work with Compute instances on Oracle Cloud<\/td>\n<\/tr>\n<tr>\n<td>OCI CLI install guide<\/td>\n<td>https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/SDKDocs\/cliinstall.htm<\/td>\n<td>Automate instance and network tasks<\/td>\n<\/tr>\n<tr>\n<td>OCI pricing page<\/td>\n<td>https:\/\/www.oracle.com\/cloud\/price-list\/<\/td>\n<td>Official pricing reference for Compute\/Storage\/Network<\/td>\n<\/tr>\n<tr>\n<td>OCI cost estimator<\/td>\n<td>https:\/\/www.oracle.com\/cloud\/costestimator.html<\/td>\n<td>Estimate costs without guessing numbers<\/td>\n<\/tr>\n<tr>\n<td>OCI Architecture Center<\/td>\n<td>https:\/\/docs.oracle.com\/en\/solutions\/<\/td>\n<td>Reference architectures and best practices patterns<\/td>\n<\/tr>\n<tr>\n<td>Oracle Cloud Free Tier<\/td>\n<td>https:\/\/www.oracle.com\/cloud\/free\/<\/td>\n<td>Always Free\/Free Trial details (limits can change)<\/td>\n<\/tr>\n<tr>\n<td>Terraform OCI provider<\/td>\n<td>https:\/\/registry.terraform.io\/providers\/oracle\/oci\/latest<\/td>\n<td>Infrastructure-as-code for Oracle Cloud resources<\/td>\n<\/tr>\n<tr>\n<td>Official Oracle YouTube<\/td>\n<td>https:\/\/www.youtube.com\/user\/oracle<\/td>\n<td>Videos, webinars, and product updates (search Oracle Linux + OCI)<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<blockquote>\n<p>If a specific page moves, use the Oracle documentation home and search for the service name and feature (for example, \u201cOCI Compute Oracle Linux image\u201d, \u201cOS management Oracle Cloud\u201d).<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">18. Training and Certification Providers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Institute<\/th>\n<th>Suitable Audience<\/th>\n<th>Likely Learning Focus<\/th>\n<th>Mode<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps engineers, SREs, platform teams<\/td>\n<td>Linux + cloud ops, automation, CI\/CD practices<\/td>\n<td>check website<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>ScmGalaxy.com<\/td>\n<td>Beginners to intermediate IT professionals<\/td>\n<td>DevOps fundamentals, SCM, automation foundations<\/td>\n<td>check website<\/td>\n<td>https:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n<tr>\n<td>CLoudOpsNow.in<\/td>\n<td>Cloud engineers, operations teams<\/td>\n<td>Cloud operations, monitoring, reliability practices<\/td>\n<td>check website<\/td>\n<td>https:\/\/www.cloudopsnow.in\/<\/td>\n<\/tr>\n<tr>\n<td>SreSchool.com<\/td>\n<td>SREs, reliability and operations engineers<\/td>\n<td>SRE principles, monitoring, incident response<\/td>\n<td>check website<\/td>\n<td>https:\/\/www.sreschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>AiOpsSchool.com<\/td>\n<td>Ops teams adopting AIOps<\/td>\n<td>AIOps concepts, operational analytics<\/td>\n<td>check website<\/td>\n<td>https:\/\/www.aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">19. Top Trainers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Platform\/Site<\/th>\n<th>Likely Specialization<\/th>\n<th>Suitable Audience<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>RajeshKumar.xyz<\/td>\n<td>DevOps\/Linux\/cloud training content (verify current offerings)<\/td>\n<td>Individuals and teams seeking practical guidance<\/td>\n<td>https:\/\/www.rajeshkumar.xyz\/<\/td>\n<\/tr>\n<tr>\n<td>devopstrainer.in<\/td>\n<td>DevOps tooling and hands-on training (verify scope)<\/td>\n<td>Beginners to intermediate DevOps learners<\/td>\n<td>https:\/\/www.devopstrainer.in\/<\/td>\n<\/tr>\n<tr>\n<td>devopsfreelancer.com<\/td>\n<td>Freelance DevOps support\/training platform (verify services)<\/td>\n<td>Teams needing short-term help or coaching<\/td>\n<td>https:\/\/www.devopsfreelancer.com\/<\/td>\n<\/tr>\n<tr>\n<td>devopssupport.in<\/td>\n<td>DevOps support and enablement (verify scope)<\/td>\n<td>Ops\/DevOps teams needing guided support<\/td>\n<td>https:\/\/www.devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">20. Top Consulting Companies<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Company Name<\/th>\n<th>Likely Service Area<\/th>\n<th>Where They May Help<\/th>\n<th>Consulting Use Case Examples<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>cotocus.com<\/td>\n<td>DevOps, cloud, automation (verify exact offerings)<\/td>\n<td>Platform engineering, cloud migration planning<\/td>\n<td>Landing zones, CI\/CD pipelines, Linux fleet ops<\/td>\n<td>https:\/\/cotocus.com\/<\/td>\n<\/tr>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>Training + consulting (verify service catalog)<\/td>\n<td>DevOps transformations, coaching, implementation<\/td>\n<td>Infrastructure-as-code rollout, observability setup<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>DEVOPSCONSULTING.IN<\/td>\n<td>DevOps consulting (verify scope and regions served)<\/td>\n<td>Automation and operations process improvement<\/td>\n<td>Build\/release automation, incident response processes<\/td>\n<td>https:\/\/www.devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">21. Career and Learning Roadmap<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn before Oracle Linux on Oracle Cloud Compute<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Linux fundamentals:<\/li>\n<li>SSH, users\/groups, sudo<\/li>\n<li>systemd, logs, networking basics<\/li>\n<li>package management (dnf\/yum)<\/li>\n<li>Cloud fundamentals:<\/li>\n<li>VPC\/VCN concepts, subnets, routing<\/li>\n<li>security groups\/NSGs, firewalls<\/li>\n<li>Basic security:<\/li>\n<li>key-based auth<\/li>\n<li>patching mindset<\/li>\n<li>least privilege principles<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn after<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Infrastructure as Code:<\/li>\n<li>Terraform with OCI provider<\/li>\n<li>Configuration management:<\/li>\n<li>Ansible (or equivalent)<\/li>\n<li>Observability:<\/li>\n<li>Metrics, logs, tracing, alerting design<\/li>\n<li>HA and scaling patterns:<\/li>\n<li>Load balancing, autoscaling, rolling deployments<\/li>\n<li>Hardening\/compliance:<\/li>\n<li>CIS-style baselines, vulnerability management<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Job roles that use it<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud engineer<\/li>\n<li>DevOps engineer<\/li>\n<li>Site Reliability Engineer (SRE)<\/li>\n<li>Platform engineer<\/li>\n<li>Linux systems administrator<\/li>\n<li>Security engineer (infrastructure\/security operations)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Certification path (if available)<\/h3>\n\n\n\n<p>Oracle and ecosystem certifications change over time. For Oracle Cloud, check current Oracle certification tracks and role-based learning paths on Oracle\u2019s official education site. <strong>Verify current certification names and relevance<\/strong>:\n&#8211; https:\/\/education.oracle.com\/<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Project ideas for practice<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Build a golden Oracle Linux image with cloud-init hardening (no secrets).<\/li>\n<li>Deploy a two-instance web tier behind an Oracle Cloud load balancer.<\/li>\n<li>Implement private subnets + bastion-only admin access.<\/li>\n<li>Centralize logs and create alerts for SSH failures and CPU spikes.<\/li>\n<li>Create a patching runbook: test \u2192 stage \u2192 prod with rollback plan.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">22. Glossary<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AD (Availability Domain):<\/strong> A physically isolated data center within an Oracle Cloud region (term usage depends on region).<\/li>\n<li><strong>Block Volume:<\/strong> Persistent disk storage you can attach to Compute instances.<\/li>\n<li><strong>Boot Volume:<\/strong> The disk that contains the operating system for an instance.<\/li>\n<li><strong>Compartment:<\/strong> OCI\u2019s logical container for organizing and isolating resources for IAM and billing.<\/li>\n<li><strong>Compute Instance:<\/strong> A VM or bare metal server provided by Oracle Cloud Compute.<\/li>\n<li><strong>DNF\/YUM:<\/strong> Linux package managers used to install and update software.<\/li>\n<li><strong>Firewall (host):<\/strong> OS-level traffic control (e.g., firewalld).<\/li>\n<li><strong>IGW (Internet Gateway):<\/strong> Enables internet connectivity for public subnets.<\/li>\n<li><strong>IAM:<\/strong> Identity and Access Management; controls access to Oracle Cloud APIs and resources.<\/li>\n<li><strong>NSG (Network Security Group):<\/strong> Virtual firewall rules applied to VNICs for fine-grained access control.<\/li>\n<li><strong>SELinux:<\/strong> Security Enhanced Linux; mandatory access control framework.<\/li>\n<li><strong>SSH:<\/strong> Secure Shell; secure remote access protocol for Linux administration.<\/li>\n<li><strong>UEK:<\/strong> Unbreakable Enterprise Kernel (Oracle Linux kernel option).<\/li>\n<li><strong>VCN:<\/strong> Virtual Cloud Network; OCI\u2019s virtual network construct.<\/li>\n<li><strong>VNIC:<\/strong> Virtual Network Interface Card attached to an instance.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">23. Summary<\/h2>\n\n\n\n<p>Oracle Linux is Oracle\u2019s enterprise Linux distribution and a common operating system choice for running workloads on <strong>Oracle Cloud Compute<\/strong>. It matters because it provides a stable, enterprise-friendly Linux baseline that integrates naturally with core Oracle Cloud services like VCN networking, block storage, IAM-controlled instance lifecycle operations, and cloud monitoring\/logging patterns.<\/p>\n\n\n\n<p>Cost-wise, you generally pay for <strong>Compute, storage, and networking<\/strong>, not an extra Oracle Linux license line item\u2014though <strong>enterprise support subscriptions<\/strong> may apply depending on your requirements (verify entitlements). Security-wise, the most important practices are limiting network exposure (private subnets + controlled ingress), enforcing strong SSH access controls, keeping patching disciplined, and centralizing logs and audits.<\/p>\n\n\n\n<p>Use Oracle Linux when you need a reliable Linux OS on Oracle Cloud with enterprise operational patterns and alignment with Oracle ecosystems. Next, deepen your skills by automating instance builds with Terraform, creating golden images, and implementing HA architectures with load balancers and private subnets.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Compute<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26,62],"tags":[],"class_list":["post-873","post","type-post","status-publish","format-standard","hentry","category-compute","category-oracle-cloud"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/873","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=873"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/873\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=873"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=873"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=873"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}