To be honest, this blog is really more for me, cause I cant seem to remeber how to setup OCI CLI each time I need. So effectively this is a cheat-sheet, for me and anyone else who needs it to support Oracle CLI. I will be doing a similiar post for AWS CLI. Its was not meant to compare/contrast….so no wagering please.
Th main parts of this process is the following:
- Install CLI bits (ensure your want this python version). Install of python3x is outside of this scope. I have purposely kept all the details from the installation. Its so well illustrated, its worth walking thru it.
- Configure for OCI tenancy (get tenancy, compartment details) including setting credentials
- Test oci cli commands
Note, this install is being done on OEL, but its pretty much the same on any plaform.
- First, we need to download/acquire the CLI bits. We do this by running curl get:
bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)" % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 13968 100 13968 0 0 22391 0 --:--:-- --:--:-- --:--:-- 22384 ****************************************************************************** You have started the OCI CLI Installer in interactive mode. If you do not wish to run this in interactive mode, please include the --accept-all-defaults option. If you have the script locally and would like to know more about input options for this script, then you can run: ./install.sh -h If you would like to know more about input options for this script, refer to: https://github.com/oracle/oci-cli/blob/master/scripts/install/README.rst ****************************************************************************** Downloading Oracle Cloud Infrastructure CLI install script from https://raw.githubusercontent.com/oracle/oci-cli/v2.5.15/scripts/install/install.py to /tmp/oci_cli_install_tmp_L7tU. ######################################################################## 100.0% Python3 not found on system PATH Running install script. python /tmp/oci_cli_install_tmp_L7tU -- Verifying Python version. -- Python version 2.7.5 okay. ===> In what directory would you like to place the install? (leave blank to use '/home/nitin/lib/oracle-cli'): -- Creating directory '/home/nitin/lib/oracle-cli'. -- We will install at '/home/nitin/lib/oracle-cli'. ===> In what directory would you like to place the 'oci' executable? (leave blank to use '/home/nitin/bin'): -- Creating directory '/home/nitin/bin'. -- The executable will be in '/home/nitin/bin'. ===> In what directory would you like to place the OCI scripts? (leave blank to use '/home/nitin/bin/oci-cli-scripts'): -- Creating directory '/home/nitin/bin/oci-cli-scripts'. -- The scripts will be in '/home/nitin/bin/oci-cli-scripts'. ===> Currently supported optional packages are: ['db (will install cx_Oracle)'] What optional CLI packages would you like to be installed (comma separated names; press enter if you don't need any optional packages)?: -- The optional packages installed will be ''. -- Downloading virtualenv package from https://github.com/pypa/virtualenv/archive/15.0.0.tar.gz. -- Downloaded virtualenv package to /tmp/tmpq_dJj9/15.0.0.tar.gz. -- Checksum of /tmp/tmpq_dJj9/15.0.0.tar.gz OK. -- Extracting '/tmp/tmpq_dJj9/15.0.0.tar.gz' to '/tmp/tmpq_dJj9'. -- Executing: ['/usr/bin/python', 'virtualenv.py', '--python', '/usr/bin/python', '/home/nitin/lib/oracle-cli'] Already using interpreter /usr/bin/python New python executable in /home/nitin/lib/oracle-cli/bin/python Installing setuptools, pip, wheel...done. -- Executing: ['/home/nitin/lib/oracle-cli/bin/pip', 'install', '--cache-dir', '/tmp/tmpq_dJj9', 'oci_cli', '--upgrade'] DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. Collecting oci_cli Downloading https://files.pythonhosted.org/packages/46/b3/8aa896440efaa39c4d000c2e35a8dde6efa6c140dfc1e2df116d381d6c5d/oci_cli-2.5.15-py2.py3-none-any.whl (4.0MB) |████████████████████████████████| 4.0MB 3.2MB/s Collecting idna<2.7,>=2.5 (from oci_cli) Downloading https://files.pythonhosted.org/packages/27/cc/6dd9a3869f15c2edfab863b992838277279ce92663d334df9ecf5106f5c6/idna-2.6-py2.py3-none-any.whl (56kB) |████████████████████████████████| 61kB 14.8MB/s Collecting arrow==0.10.0 (from oci_cli) Downloading https://files.pythonhosted.org/packages/54/db/76459c4dd3561bbe682619a5c576ff30c42e37c2e01900ed30a501957150/arrow-0.10.0.tar.gz (86kB) |████████████████████████████████| 92kB 10.7MB/s Collecting jmespath==0.9.3 (from oci_cli) Downloading https://files.pythonhosted.org/packages/b7/31/05c8d001f7f87f0f07289a5fc0fc3832e9a57f2dbd4d3b0fee70e0d51365/jmespath-0.9.3-py2.py3-none-any.whl Collecting configparser==3.5.0 (from oci_cli) Downloading https://files.pythonhosted.org/packages/7c/69/c2ce7e91c89dc073eb1aa74c0621c3eefbffe8216b3f9af9d3885265c01c/configparser-3.5.0.tar.gz Collecting oci==2.2.14 (from oci_cli) Downloading https://files.pythonhosted.org/packages/da/5b/c56236eb269a95a6cdc055764d983d16c4f2ae9addceb696c5b534fe1b49/oci-2.2.14-py2.py3-none-any.whl (2.1MB) |████████████████████████████████| 2.1MB 9.9MB/s Collecting httpsig-cffi==15.0.0 (from oci_cli) Downloading https://files.pythonhosted.org/packages/93/f5/c9a213c0f906654c933f1192148d8aded2022678ad6bce8803d3300501c6/httpsig_cffi-15.0.0-py2.py3-none-any.whl Collecting cryptography==2.4.2 (from oci_cli) Downloading https://files.pythonhosted.org/packages/7f/ba/383b51cc26e3141c689ce988814385c7659f5ba01c4b5f2de38233010b5f/cryptography-2.4.2-cp27-cp27mu-manylinux1_x86_64.whl (2.1MB) |████████████████████████████████| 2.1MB 6.0MB/s Collecting terminaltables==3.1.0 (from oci_cli) Downloading https://files.pythonhosted.org/packages/9b/c4/4a21174f32f8a7e1104798c445dacdc1d4df86f2f26722767034e4de4bff/terminaltables-3.1.0.tar.gz Collecting click==6.7 (from oci_cli) Downloading https://files.pythonhosted.org/packages/34/c1/8806f99713ddb993c5366c362b2f908f18269f8d792aff1abfd700775a77/click-6.7-py2.py3-none-any.whl (71kB) |████████████████████████████████| 71kB 4.1MB/s Collecting retrying==1.3.3 (from oci_cli) Downloading https://files.pythonhosted.org/packages/44/ef/beae4b4ef80902f22e3af073397f079c96969c69b2c7d52a57ea9ae61c9d/retrying-1.3.3.tar.gz Collecting pytz==2016.10 (from oci_cli) Downloading https://files.pythonhosted.org/packages/f5/fa/4a9aefc206aa49a4b5e0a72f013df1f471b4714cdbe6d78f0134feeeecdb/pytz-2016.10-py2.py3-none-any.whl (483kB) |████████████████████████████████| 491kB 10.8MB/s Collecting PyYAML==3.13 (from oci_cli) Downloading https://files.pythonhosted.org/packages/9e/a3/1d13970c3f36777c583f136c136f804d70f500168edc1edea6daa7200769/PyYAML-3.13.tar.gz (270kB) |████████████████████████████████| 276kB 11.1MB/s Collecting certifi (from oci_cli) Downloading https://files.pythonhosted.org/packages/69/1b/b853c7a9d4f6a6d00749e94eb6f3a041e342a885b87340b79c1ef73e3a78/certifi-2019.6.16-py2.py3-none-any.whl (157kB) |████████████████████████████████| 163kB 13.0MB/s Collecting python-dateutil==2.7.3 (from oci_cli) Downloading https://files.pythonhosted.org/packages/cf/f5/af2b09c957ace60dcfac112b669c45c8c97e32f94aa8b56da4c6d1682825/python_dateutil-2.7.3-py2.py3-none-any.whl (211kB) |████████████████████████████████| 215kB 12.4MB/s Collecting pyOpenSSL==18.0.0 (from oci_cli) Downloading https://files.pythonhosted.org/packages/96/af/9d29e6bd40823061aea2e0574ccb2fcf72bfd6130ce53d32773ec375458c/pyOpenSSL-18.0.0-py2.py3-none-any.whl (53kB) |████████████████████████████████| 61kB 15.3MB/s Collecting six==1.11.0 (from oci_cli) Downloading https://files.pythonhosted.org/packages/67/4b/141a581104b1f6397bfa78ac9d43d8ad29a7ca43ea90a2d863fe3056e86a/six-1.11.0-py2.py3-none-any.whl Collecting enum34; python_version < "3" (from cryptography==2.4.2->oci_cli) Downloading https://files.pythonhosted.org/packages/c5/db/e56e6b4bbac7c4a06de1c50de6fe1ef3810018ae11732a50f15f62c7d050/enum34-1.1.6-py2-none-any.whl Collecting cffi!=1.11.3,>=1.7 (from cryptography==2.4.2->oci_cli) Downloading https://files.pythonhosted.org/packages/8d/e9/0c8afd1579e5cf7bc0f06fbcd7cdb954cbc0baadd505973949a99337da1c/cffi-1.12.3-cp27-cp27mu-manylinux1_x86_64.whl(415kB) |████████████████████████████████| 419kB 12.5MB/s Collecting asn1crypto>=0.21.0 (from cryptography==2.4.2->oci_cli) Downloading https://files.pythonhosted.org/packages/ea/cd/35485615f45f30a510576f1a56d1e0a7ad7bd8ab5ed7cdc600ef7cd06222/asn1crypto-0.24.0-py2.py3-none-any.whl (101kB) |████████████████████████████████| 102kB 10.9MB/s Collecting ipaddress; python_version < "3" (from cryptography==2.4.2->oci_cli) Downloading https://files.pythonhosted.org/packages/fc/d0/7fc3a811e011d4b388be48a0e381db8d990042df54aa4ef4599a31d39853/ipaddress-1.0.22-py2.py3-none-any.whl Collecting pycparser (from cffi!=1.11.3,>=1.7->cryptography==2.4.2->oci_cli) Downloading https://files.pythonhosted.org/packages/68/9e/49196946aee219aead1290e00d1e7fdeab8567783e83e1b9ab5585e6206a/pycparser-2.19.tar.gz (158kB) |████████████████████████████████| 163kB 12.6MB/s Building wheels for collected packages: arrow, configparser, terminaltables, retrying, PyYAML, pycparser Building wheel for arrow (setup.py) ... done Stored in directory: /tmp/tmpq_dJj9/wheels/ce/4f/95/64541c7466fd88ffe72fda5164f8323c91d695c9a77072c574 Building wheel for configparser (setup.py) ... done Stored in directory: /tmp/tmpq_dJj9/wheels/a3/61/79/424ef897a2f3b14684a7de5d89e8600b460b89663e6ce9d17c Building wheel for terminaltables (setup.py) ... done Stored in directory: /tmp/tmpq_dJj9/wheels/30/6b/50/6c75775b681fb36cdfac7f19799888ef9d8813aff9e379663e Building wheel for retrying (setup.py) ... done Stored in directory: /tmp/tmpq_dJj9/wheels/d7/a9/33/acc7b709e2a35caa7d4cae442f6fe6fbf2c43f80823d46460c Building wheel for PyYAML (setup.py) ... done Stored in directory: /tmp/tmpq_dJj9/wheels/ad/da/0c/74eb680767247273e2cf2723482cb9c924fe70af57c334513f Building wheel for pycparser (setup.py) ... done Stored in directory: /tmp/tmpq_dJj9/wheels/f2/9a/90/de94f8556265ddc9d9c8b271b0f63e57b26fb1d67a45564511 Successfully built arrow configparser terminaltables retrying PyYAML pycparser Installing collected packages: idna, six, python-dateutil, arrow, jmespath, configparser, enum34, pycparser, cffi, asn1crypto, ipaddress, cryptography, pyOpenSSL, pytz, certifi, oci, httpsig-cffi, terminaltables, click, retrying, PyYAML, oci-cli Successfully installed PyYAML-3.13 arrow-0.10.0 asn1crypto-0.24.0 certifi-2019.6.16 cffi-1.12.3 click-6.7 configparser-3.5.0 cryptography-2.4.2 enum34-1.1.6 httpsig-cffi-15.0.0 idna-2.6 ipaddress-1.0.22 jmespath-0.9.3 oci-2.2.14 oci-cli-2.5.15 pyOpenSSL-18.0.0 pycparser-2.19 python-dateutil-2.7.3 pytz-2016.10 retrying-1.3.3 six-1.11.0 terminaltables-3.1.0 ===> Modify profile to update your $PATH and enable shell/tab completion now? (Y/n): Y ===> Enter a path to an rc file to update (leave blank to use '/home/nitin/.bashrc'): -- Backed up '/home/nitin/.bashrc' to '/home/nitin/.bashrc.backup' -- Tab completion set up complete. -- If tab completion is not activated, verify that '/home/nitin/.bashrc' is sourced by your shell. -- -- ** Run `exec -l $SHELL` to restart your shell. ** -- -- Installation successful. -- Run the CLI with /home/nitin/bin/oci --help [nitin@cloudmac ~]$
2. Now lets configure our pem keys (private and public). We use openssl to gen our keys
[nitin@cloudmac ~]$ openssl genrsa -out ./nitin-oci-key.pem 2048 Generating RSA private key, 2048 bit long modulus ..................+++ .......+++ e is 65537 (0x10001) [nitin@cloudmac ~]$ chmod go-rwx ./nitin-oci-key.pem [nitin@cloudmac ~]$ openssl rsa -pubout -in ./nitin-oci-key.pem -out ./nitin-oci-key-pub.pem writing RSA key [nitin@cloudmac ~]$ ls -ltr nitin-oci* -rw-------. 1 nitin nitin 1679 Jun 19 13:12 nitin-oci-key.pem -rw-rw-r--. 1 nitin nitin 451 Jun 19 13:14 nitin-oci-key-pub.pem
3. Configure the OCI configuration file.
a. Upload the PEM keys in the Users tab of the OCI Menu. After uploading you’ll see a Fingerprint tag associated with User
b, Use your UI to collect the following info USER OCID, Fingerprint, Tenancy OCID and Compartment OCID
c. Create a file called $HOME/.oci/configure
[DEFAULT] # OCID info for Nitin user=ocid1.user.oc1..aaaaaaaacugvqgd4c7ecym6phvvrkcoeqjnenjauva7njcqq7jui6qbdfeaq fingerprint=70:23:4c:9b:14:c9:af:d4:dd:96:cc:65:4d:xx:xx:yy key_file=/home/nitin/nitin-oci-key.pem tenancy=ocid1.tenancy.oc1..aaaaaaaa3k7dq4u32duuege5of24ibxsh5d2dfxqo7lxxxxxxxxxx region=us-ashburn-1
4. Now lets do a simple test to verify the credentials. One test will be to list the regions, the 2nd test will be to list the VCNs (if you have correct IAM role). Note, for illustration, I have shown output as displayed in tabular an JSON format
oci iam region list --output table +-----+----------------+ | key | name | +-----+----------------+ | FRA | eu-frankfurt-1 | | IAD | us-ashburn-1 | | ICN | ap-seoul-1 | | LHR | uk-london-1 | | NRT | ap-tokyo-1 | | PHX | us-phoenix-1 | | YYZ | ca-toronto-1 | +-----+----------------+ oci network vcn list --compartment-id ocid1.compartment.oc1..aaaaaaaadwopyqsoqdtsv5ykghdje7f6nvk5moxdo7xxxxxxxxxx { "data": [ { "cidr-block": "10.224.32.0/19", "compartment-id": "ocid1.compartment.oc1..aaaaaaaadwopyqsoqdtsv5ykghdje7f6nvk5moxdo7xxxxxxxxx", "default-dhcp-options-id": "ocid1.dhcpoptions.oc1.iad.aaaaaaaa6xiy26rweb2ydcjp4lqsvk7zkpuhglyakjpnhdfuhvvjjpjtd4aq", "default-route-table-id": "ocid1.routetable.oc1.iad.aaaaaaaa6mzxjyh3yszohnz2kn7sfsy6ykpvvlgn5a3c5mf3ki3l4ycqzgka", "default-security-list-id": "ocid1.securitylist.oc1.iad.aaaaaaaaun4berdcdxlrg4mg6veoqdvwdzz3p6zbldets76y6otxmlxn3o3a", "defined-tags": {}, "display-name": "ASH-Exadata", "dns-label": "ashexadata", "freeform-tags": {}, "id": "ocid1.vcn.oc1.iad.aaaaaaaahe7kvbrqla25w27id5szra7j6oda2aelfbwt5w67x3c655bvsntq", "lifecycle-state": "AVAILABLE", "time-created": "2018-01-29T19:55:54.760000+00:00", "vcn-domain-name": "ashexadata.oraclevcn.com" } ] } Here's a quick example of query and retreiving information from OCI. In this example I'm gonna pull all database versions available to me for creating. The second example polls with the db-system-shape [nitin@cloudmac ~]$ oci db version list -c $COMPID --db-system-shape "VM.Standard1.1" --all --output table +-----------------------------+--------------+-----------------+ | is-latest-for-major-version | supports-pdb | version | +-----------------------------+--------------+-----------------+ | True | False | 11.2.0.4 | | False | False | 11.2.0.4.181016 | | False | False | 11.2.0.4.190115 | | False | False | 11.2.0.4.190416 | | True | True | 12.1.0.2 | | False | True | 12.1.0.2.181016 | | False | True | 12.1.0.2.190115 | | False | True | 12.1.0.2.190416 | | True | True | 12.2.0.1 | | False | True | 12.2.0.1.181016 | | False | True | 12.2.0.1.190115 | | False | True | 12.2.0.1.190416 | | True | True | 18.0.0.0 | | False | True | 18.4.0.0 | | False | True | 18.5.0.0 | | False | True | 18.6.0.0 | +-----------------------------+--------------+-----------------+ [nitin@cloudmac ~]$ oci db version list -c $COMPID --all --output table +-----------------------------+--------------+----------+ | is-latest-for-major-version | supports-pdb | version | +-----------------------------+--------------+----------+ | True | False | 11.2.0.4 | | True | True | 12.1.0.2 | | True | True | 12.2.0.1 | | True | True | 18.0.0.0 | +-----------------------------+--------------+----------+ In the next Blog post, I'll work through an entire DB creation