Instance OS Baseline Configuration Runbook

-

Overview & Scope

This runbook defines the standard baseline configuration procedure for new OCI compute instances across five supported operating system families. It is intended for use by Cloud SRE and operations personnel during initial instance provisioning.

Objectives

Each OS configuration procedure achieves the following baseline state:

       Set system timezone to Asia/Kolkata (IST, UTC+05:30)

       Apply all available OS security and feature updates

       Enable and configure the host-based firewall to permit SSH (Linux) or RDP (Windows) ingress exclusively from the VCN CIDR block

       Enable EPEL repository where applicable (Oracle Linux, Rocky Linux, Alma Linux)

       Create a named administrative user account separate from the default OCI-provisioned user (opc / Administrator)

       Set a strong password on the admin user to enable OCI Console Connection (serial/VNC console) authentication

       Install and initialise the OCI CLI

       Verify or install the OCI Cloud Agent

       Install rclone for OCI Object Storage / remote storage operations

In Scope

OS Family

Tested Versions

Oracle Linux

OL 8.x, OL 9.x (OCI Platform Image)

Ubuntu Linux

Ubuntu 22.04 LTS, 24.04 LTS (OCI Platform Image)

Rocky Linux

Rocky Linux 8.x, 9.x (OCI Marketplace Image)

Alma Linux

AlmaLinux 8.x, 9.x (OCI Marketplace Image)

Windows Server

Windows Server 2019, 2022, 2025   (OCI Platform Image)

Out of Scope

       Application-layer configuration or middleware installation

       OCI IAM / identity federation setup

       Exadata infrastructure and bare metal specialised configuration

       Custom VPN or private connectivity (FastConnect / IPSec) setup

       OCI Cloud Guard, Vulnerability Scanning Service, or OSMH onboarding

Variable Placeholders

The following placeholders are used throughout this runbook. Replace all occurrences before executing commands.

Placeholder

Description

<VCN_CIDR>

CIDR block of the OCI VCN (e.g., 10.0.0.0/16). SSH/RDP is restricted to this range.

<ADMIN_USERNAME>

Desired admin username (not "opc"). Example: oci-admin

<ADMIN_PASSWORD>

Strong password for the admin account (min 14 chars, mixed case, digits, symbols)

<OCI_REGION>

OCI home region identifier (e.g., ap-mumbai-1)

<TENANCY_OCID>

OCID of the OCI tenancy

<USER_OCID>

OCID of the OCI user for CLI authentication

OCI Console Connection – Password Requirement

OCI provides two console access methods for compute instances:

       SSH via OCI Console Connection: Uses a one-time SSH key pair generated by OCI. No OS password is required for this connection type.

       VNC Console Connection / Serial Console: Provides direct terminal access to the instance at the OS level. If the admin user does not have a password set, interactive login via serial console will fail.

 

NOTE: A password is set on the admin user in each section below to enable serial/VNC console access. SSH password authentication on the daemon itself remains DISABLED for security compliance.

Prerequisites

       OCI compute instance is provisioned and in RUNNING state

       SSH connectivity to the instance is confirmed via the default "opc" user (Linux) or "opc"/"Administrator" (Windows)

       Instance has outbound internet access (via NAT Gateway or Internet Gateway) for package downloads

       OCI VCN Security List or NSG allows SSH (TCP 22) or RDP (TCP 3389) ingress for the operator source IP

       Operator has noted the VCN CIDR to be used as the firewall source restriction


 

Oracle Linux – Baseline Configuration

NOTE: Applies to: Oracle Linux 8.x and 9.x provisioned from OCI Platform Images. All commands must be executed as the default "opc" user using sudo, via SSH or OCI Console Connection.

 

STEP 1

Verify OS Identity and Instance Connectivity

 

# Confirm OS version and release

cat /etc/oracle-release

cat /etc/os-release

 

# Confirm current user and hostname

whoami

hostname -f

ip addr show

 

STEP 2

Set System Timezone to Asia/Kolkata

 

# Set timezone

sudo timedatectl set-timezone Asia/Kolkata

 

# Verify

timedatectl status

# Expected output should show:

#   Time zone: Asia/Kolkata (IST, +0530)

 

STEP 3

Apply All OS Updates

 

sudo dnf update -y

sudo dnf upgrade -y

 

# Remove orphaned packages

sudo dnf autoremove -y

 

# Confirm kernel version post-update

uname -r

 

  WARNING: A system reboot is required after kernel updates. Schedule the reboot at the end of all configuration steps (Step 10).

 

STEP 4

Enable EPEL Repository

 

# Detect OS major version

OS_VER=$(rpm -E %{rhel})

echo "Detected RHEL-compatible version: ${OS_VER}"

 

# Install Oracle EPEL release package

sudo dnf install oracle-epel-release-el${OS_VER} -y

 

# Alternatively, enable via dnf config-manager

# sudo dnf config-manager --set-enabled ol${OS_VER}_developer_EPEL

 

# Enable CodeReady Builder (CRB) – often required as EPEL dependency

sudo dnf config-manager --set-enabled ol${OS_VER}_codeready_builder

 

# Verify EPEL is active

dnf repolist | grep -i epel

 

STEP 5

Enable and Configure firewalld – Allow SSH from VCN

 

# Ensure firewalld is enabled and running

sudo systemctl enable --now firewalld

sudo firewall-cmd --state

 

# Add rich rule: allow SSH only from VCN CIDR

sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="<VCN_CIDR>" service name="ssh" accept'

 

# Remove the default open SSH service (replaces with CIDR-scoped rule above)

sudo firewall-cmd --permanent --remove-service=ssh

 

# Reload and verify

sudo firewall-cmd --reload

sudo firewall-cmd --list-all

 

NOTE: Replace <VCN_CIDR> with the actual VCN CIDR block (e.g., 10.0.0.0/16). The OCI VCN Security List or NSG remains the primary network-layer control; firewalld provides host-level defence-in-depth.

 

STEP 6

Create Administrative User Account

 

# Create admin user with home directory, default shell

sudo useradd -m -s /bin/bash -G wheel <ADMIN_USERNAME>

 

# Set password (required for OCI serial/VNC console access)

sudo passwd <ADMIN_USERNAME>

# Enter <ADMIN_PASSWORD> when prompted (twice)

 

# Verify group membership

id <ADMIN_USERNAME>

 

# Verify sudo access (wheel group has sudo by default on OL)

sudo grep -E "^%wheel" /etc/sudoers

 

# Copy SSH authorized_keys from opc to the admin user

sudo mkdir -p /home/<ADMIN_USERNAME>/.ssh

sudo cp /home/opc/.ssh/authorized_keys /home/<ADMIN_USERNAME>/.ssh/

sudo chown -R <ADMIN_USERNAME>:<ADMIN_USERNAME> /home/<ADMIN_USERNAME>/.ssh

sudo chmod 700 /home/<ADMIN_USERNAME>/.ssh

sudo chmod 600 /home/<ADMIN_USERNAME>/.ssh/authorized_keys

 

  WARNING: SSH password authentication (PasswordAuthentication in sshd_config) remains set to "no". The password set above is exclusively for OCI console (serial/VNC) login and for sudo password prompts.

 

STEP 7

Install OCI CLI

 

# Switch to admin user context

sudo su - <ADMIN_USERNAME>

 

# Run OCI CLI installer (requires internet access)

bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)" -- --accept-all-defaults

 

# Reload shell environment

source ~/.bashrc

 

# Verify installation

oci --version

 

# Configure OCI CLI (interactive – provide Tenancy OCID, User OCID, Region, API key)

oci setup config

 

# Test connectivity

oci iam region list --output table

 

# Return to opc

exit

 

STEP 8

Verify or Install OCI Cloud Agent

 

# OCI platform images ship with oracle-cloud-agent pre-installed.

# Verify the service is active:

sudo systemctl status oracle-cloud-agent

sudo systemctl status oracle-cloud-agent-updater

 

# If not installed (non-OCI base image):

sudo dnf install oracle-cloud-agent -y

sudo systemctl enable --now oracle-cloud-agent

sudo systemctl enable --now oracle-cloud-agent-updater

 

# Confirm version

rpm -q oracle-cloud-agent

 

STEP 9

Install rclone

 

# Install rclone using the official install script

curl https://rclone.org/install.sh | sudo bash

 

# Verify installation

rclone --version

 

# Optional: configure rclone for OCI Object Storage

# rclone config

# (Select provider: Oracle Object Storage, Auth: Instance Principal or User principal)

 

STEP 10

Reboot and Post-Reboot Validation

 

sudo reboot

 

# --- After reboot, reconnect as <ADMIN_USERNAME> ---

 

# Validate timezone

timedatectl status

 

# Validate firewall

sudo firewall-cmd --list-all

 

# Validate admin user

id <ADMIN_USERNAME>

 

# Validate OCI CLI

oci --version

oci iam region list --output table

 

# Validate OCI Cloud Agent

sudo systemctl status oracle-cloud-agent | grep -E "Active|running"

 

# Validate rclone

rclone --version

 


 

Ubuntu Linux – Baseline Configuration

NOTE: Applies to: Ubuntu 22.04 LTS and 24.04 LTS provisioned from OCI Platform Images. All commands are executed as the default "ubuntu" or "opc" user using sudo.

 

STEP 1

Verify OS Identity

 

cat /etc/os-release

lsb_release -a

whoami && hostname -f

 

STEP 2

Set System Timezone to Asia/Kolkata

 

sudo timedatectl set-timezone Asia/Kolkata

timedatectl status

# Expected: Time zone: Asia/Kolkata (IST, +0530)

 

STEP 3

Apply All OS Updates

 

sudo apt update

sudo apt upgrade -y

sudo apt dist-upgrade -y

sudo apt autoremove -y

sudo apt autoclean

 

# Check if reboot is required

cat /var/run/reboot-required 2>/dev/null && echo "Reboot required" || echo "No reboot needed"

 

STEP 4

Enable and Configure UFW – Allow SSH from VCN

 

# Set default policies

sudo ufw default deny incoming

sudo ufw default allow outgoing

 

# Allow SSH only from VCN CIDR (do this BEFORE enabling UFW)

sudo ufw allow from <VCN_CIDR> to any port 22 proto tcp comment "Allow SSH from VCN"

 

# Enable UFW (--force skips the interactive prompt)

sudo ufw --force enable

 

# Verify rules

sudo ufw status verbose

 

NOTE: Ubuntu uses UFW (Uncomplicated Firewall). The default OCI Ubuntu image may have UFW inactive. Enable it after adding the SSH allow rule to avoid locking yourself out.

 

STEP 5

Create Administrative User Account

 

# Create admin user

sudo useradd -m -s /bin/bash -G sudo <ADMIN_USERNAME>

 

# Set password for console access

sudo passwd <ADMIN_USERNAME>

 

# Verify sudo group membership

id <ADMIN_USERNAME>

 

# Copy SSH authorized_keys

sudo mkdir -p /home/<ADMIN_USERNAME>/.ssh

sudo cp /home/ubuntu/.ssh/authorized_keys /home/<ADMIN_USERNAME>/.ssh/ 2>/dev/null || \

sudo cp /home/opc/.ssh/authorized_keys /home/<ADMIN_USERNAME>/.ssh/

sudo chown -R <ADMIN_USERNAME>:<ADMIN_USERNAME> /home/<ADMIN_USERNAME>/.ssh

sudo chmod 700 /home/<ADMIN_USERNAME>/.ssh

sudo chmod 600 /home/<ADMIN_USERNAME>/.ssh/authorized_keys

 

STEP 6

Install OCI CLI

 

sudo su - <ADMIN_USERNAME>

 

bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)" -- --accept-all-defaults

 

source ~/.bashrc

oci --version

 

# Configure OCI CLI

oci setup config

 

# Test

oci iam region list --output table

 

exit

 

STEP 7

Verify or Install OCI Cloud Agent (snap)

 

# OCI Ubuntu platform images install the agent via snap

sudo snap list oracle-cloud-agent

 

# If not found:

sudo snap install oracle-cloud-agent

sudo snap start oracle-cloud-agent

 

# Verify running

sudo snap services oracle-cloud-agent

 

STEP 8

Install rclone

 

curl https://rclone.org/install.sh | sudo bash

rclone --version

 

STEP 9

Reboot and Validation

 

sudo reboot

 

# Post-reboot validation

timedatectl status

sudo ufw status verbose

id <ADMIN_USERNAME>

oci --version

sudo snap services oracle-cloud-agent

rclone --version

 


 

Rocky Linux & Alma Linux – Baseline Configuration

NOTE: Applies to: Rocky and Alma Linux 8.x and 9.x. Steps are identical to Oracle Linux with the exception of EPEL installation and the OCI Cloud Agent package source. All commands use sudo.

 

Steps 1–3 and 5–9 are identical to the Oracle Linux section above. Only the differing steps are documented below.

STEP 4

Enable EPEL Repository and CRB

 

# Detect OS major version

OS_VER=$(rpm -E %{rhel})

echo "Rocky Linux ${OS_VER} detected"

 

# Install EPEL release

sudo dnf install epel-release -y

 

# Enable CodeReady Builder (CRB) – required by many EPEL packages

sudo dnf config-manager --set-enabled crb

 

# Verify

dnf repolist | grep -i epel

dnf repolist | grep -i crb

 

STEP 10

Reboot and Validation

 

sudo reboot

 

# Post-reboot

timedatectl status

sudo firewall-cmd --list-all

id <ADMIN_USERNAME>

oci --version

sudo systemctl status oracle-cloud-agent | grep Active

rclone --version

 


 

Windows Server – Baseline Configuration

NOTE: Applies to: Windows Server 2019 and 2022 provisioned from OCI Platform Images. All commands are executed in PowerShell 5.1 or later, run as Administrator, via RDP or OCI Console Connection.

 

STEP 1

Verify OS Identity and Current Session

 

# Run in PowerShell as Administrator

 

# Confirm OS version

[System.Environment]::OSVersion.VersionString

Get-ComputerInfo | Select-Object OsName, OsVersion, OsBuildNumber

 

# Confirm current user context

whoami

$env:COMPUTERNAME

 

STEP 2

Set System Timezone to IST (Asia/Kolkata)

 

# Windows uses "India Standard Time" as the identifier for IST (UTC+05:30)

Set-TimeZone -Id "India Standard Time"

 

# Verify

Get-TimeZone

# Expected: Id = India Standard Time, BaseUtcOffset = 05:30:00

 

# Sync system clock with NTP

w32tm /resync /force

w32tm /query /status

 

STEP 3

Apply Windows Updates

 

# Install PSWindowsUpdate module if not present

if (-not (Get-Module -ListAvailable -Name PSWindowsUpdate)) {

    Install-PackageProvider -Name NuGet -Force -Scope CurrentUser

    Install-Module PSWindowsUpdate -Force -Scope CurrentUser

}

 

Import-Module PSWindowsUpdate

 

# List available updates

Get-WindowsUpdate

 

# Install all updates (will reboot if required)

Install-WindowsUpdate -AcceptAll -AutoReboot

 

NOTE: The AutoReboot flag will restart the instance automatically. Reconnect via RDP after the instance returns to RUNNING state in the OCI Console.

 

STEP 4

Configure Windows Firewall – Allow RDP from VCN Only

 

# Add inbound rule permitting RDP only from the VCN CIDR

New-NetFirewallRule `

    -DisplayName "Allow-RDP-from-VCN" `

    -Direction Inbound `

    -Protocol TCP `

    -LocalPort 3389 `

    -RemoteAddress "<VCN_CIDR>" `

    -Action Allow `

    -Profile Any `

    -Description "Restrict RDP to OCI VCN CIDR only"

 

# Disable the default open RDP rule (if present)

Get-NetFirewallRule -DisplayName "*Remote Desktop*" |

    Where-Object { $_.RemoteAddress -eq "Any" } |

    Disable-NetFirewallRule

 

# Verify new rule

Get-NetFirewallRule -DisplayName "Allow-RDP-from-VCN" |

    Get-NetFirewallAddressFilter

 

  WARNING: Do not disable the default RDP rule until the VCN-scoped rule is confirmed active. Doing so in the wrong order will cut off your RDP session. The OCI VCN Security List / NSG is the primary control layer.

 

STEP 5

Create Administrative User Account

 

# Create secure password object

$SecurePass = ConvertTo-SecureString "<ADMIN_PASSWORD>" -AsPlainText -Force

 

# Create local user

New-LocalUser `

    -Name "<ADMIN_USERNAME>" `

    -Password $SecurePass `

    -FullName "OCI Platform Administrator" `

    -Description "OCI Baseline Admin – created by SRE runbook" `

    -PasswordNeverExpires $false `

    -UserMayNotChangePassword $false

 

# Add to Administrators group

Add-LocalGroupMember -Group "Administrators" -Member "<ADMIN_USERNAME>"

 

# Verify

Get-LocalUser -Name "<ADMIN_USERNAME>"

Get-LocalGroupMember -Group "Administrators"

 

NOTE: For OCI Console Connection (VNC), set the password via the GUI login prompt or via PowerShell as shown above. The password is required for interactive console session authentication.

 

STEP 6

Install OCI CLI

 

# Download and run the OCI CLI PowerShell installer

$installerUrl = "https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.ps1"

Invoke-WebRequest -Uri $installerUrl -OutFile "$env:TEMP\oci_install.ps1"

 

# Execute installer with silent defaults

powershell -ExecutionPolicy ByPass -File "$env:TEMP\oci_install.ps1" --accept-all-defaults

 

# Refresh environment and verify

$env:PATH = [System.Environment]::GetEnvironmentVariable("PATH","Machine")

oci --version

 

# Configure OCI CLI

oci setup config

 

# Test connectivity

oci iam region list --output table

 

STEP 7

Verify OCI Cloud Agent (Windows Service)

 

# OCI Windows platform images ship with oracle-cloud-agent as a Windows service

 

# Check service status

Get-Service -Name "*oracle*cloud*" -ErrorAction SilentlyContinue

 

# If found and stopped, start it:

Start-Service -Name "oracle-cloud-agent"

Set-Service -Name "oracle-cloud-agent" -StartupType Automatic

 

# Verify

Get-Service -Name "oracle-cloud-agent" | Select-Object Name, Status, StartType

 

STEP 8

Install rclone

 

# Download and extract rclone for Windows

$rcloneUrl = "https://downloads.rclone.org/rclone-current-windows-amd64.zip"

$zipPath   = "$env:TEMP\rclone.zip"

$installDir = "C:\rclone"

 

Invoke-WebRequest -Uri $rcloneUrl -OutFile $zipPath

Expand-Archive -Path $zipPath -DestinationPath $env:TEMP\rclone_extract -Force

 

# Move binary to install directory

New-Item -ItemType Directory -Path $installDir -Force | Out-Null

Get-ChildItem "$env:TEMP\rclone_extract" -Filter "rclone.exe" -Recurse |

    Copy-Item -Destination "$installDir\rclone.exe" -Force

 

# Add to system PATH

$currentPath = [System.Environment]::GetEnvironmentVariable("PATH","Machine")

if ($currentPath -notlike "*$installDir*") {

    [System.Environment]::SetEnvironmentVariable("PATH", "$currentPath;$installDir", "Machine")

}

 

# Verify (new PowerShell session may be needed)

& "C:\rclone\rclone.exe" --version

 

STEP 9

Final Reboot and Validation

 

# Reboot to apply all updates and configuration

Restart-Computer -Force

 

# --- After RDP reconnect ---

 

# Validate timezone

Get-TimeZone

 

# Validate firewall rule

Get-NetFirewallRule -DisplayName "Allow-RDP-from-VCN"

 

# Validate admin user

Get-LocalUser -Name "<ADMIN_USERNAME>"

Get-LocalGroupMember -Group "Administrators"

 

# Validate OCI CLI

oci --version

 

# Validate Cloud Agent

Get-Service -Name "oracle-cloud-agent" | Select-Object Name, Status

 

# Validate rclone

& "C:\rclone\rclone.exe" --version

 


 

Post-Deployment Verification Checklist

Use this checklist to confirm all baseline configuration tasks have been completed for each deployed instance. One copy per instance.

Instance Details

Field

Value

Notes

Instance Name

<INSTANCE_NAME>

 

Instance OCID

<INSTANCE_OCID>

 

OS & Version

<OS_VERSION>

 

Admin Username

<ADMIN_USERNAME>

Not "opc"

OCI Region

<OCI_REGION>

 

VCN CIDR Applied

<VCN_CIDR>

Firewall source restriction

Deployment Engineer

 

 

Deployment Date/Time

 

IST

Linux – Oracle Linux / Rocky Linux / Alma Linux

Done

Task

Verification Command / Evidence

Timezone set to Asia/Kolkata (IST)

timedatectl status shows IST, +0530

OS updates fully applied (dnf update -y)

No updates pending

EPEL repository enabled

dnf repolist shows EPEL

CRB / CodeReady Builder enabled

Required for EPEL on RHEL-compat distros

firewalld enabled and active

systemctl status firewalld shows active

SSH restricted to VCN CIDR (rich rule)

firewall-cmd --list-all shows rich rule

Default SSH service removed from firewalld

No open ssh service without CIDR scope

Admin user created (non-opc)

useradd confirmed, id shows correct groups

Admin user added to wheel group

sudo -l works for admin user

Password set on admin user

Required for serial/VNC console access

SSH authorized_keys copied to admin user

SSH login works as admin user

OCI CLI installed

oci --version returns version string

OCI CLI configured (oci setup config)

oci iam region list succeeds

OCI Cloud Agent active

systemctl status oracle-cloud-agent shows active

rclone installed

rclone --version returns version string

System reboot performed post-update

Running kernel matches latest installed

Linux – Ubuntu

Done

Task

Verification Command / Evidence

Timezone set to Asia/Kolkata (IST)

timedatectl status shows IST, +0530

OS updates fully applied (apt upgrade -y)

No updates pending; dist-upgrade run

UFW enabled and active

sudo ufw status shows active

Default deny incoming policy set

ufw default deny incoming

SSH restricted to VCN CIDR

ufw status shows allow from <VCN_CIDR>

Admin user created (non-opc/ubuntu)

useradd confirmed

Admin user added to sudo group

id shows sudo group

Password set on admin user

Required for serial/VNC console access

SSH authorized_keys copied to admin user

SSH login works as admin user

OCI CLI installed

oci --version returns version string

OCI CLI configured

oci iam region list succeeds

OCI Cloud Agent active (snap)

snap services oracle-cloud-agent shows active

rclone installed

rclone --version returns version string

System reboot performed post-update

No pending reboot flag

Windows Server

Done

Task

Verification Command / Evidence

Timezone set to India Standard Time (IST)

Get-TimeZone shows India Standard Time

Windows Updates fully applied

No pending updates; AutoReboot completed

Windows Firewall rule: Allow RDP from VCN

New-NetFirewallRule confirmed active

Default open RDP rule disabled

Existing "Any" RDP rules disabled

Admin user created (non-Administrator)

New-LocalUser confirmed

Admin user added to Administrators group

Get-LocalGroupMember confirms membership

Password set on admin user

Required for VNC Console Connection

OCI CLI installed

oci --version returns version string

OCI CLI configured

oci iam region list succeeds

OCI Cloud Agent service active

Get-Service shows Running status

rclone installed and in system PATH

rclone --version returns version string

System reboot performed post-update

Instance returned to RUNNING state

 


Comments

Post a Comment

Popular posts from this blog

Access Oracle OCI Object Storage through GUI Client

-
Image
 As we already know that there are several GUI clients available for Amazon AWS S3 Object storage like - S3 Browser (https://s3browser.com/), CloudBerry Explorer (https://www.msp360.com/explorer/windows/amazon-s3.aspx), CyberDuck (https://cyberduck.io/) etc. Using these tools we can easily connect to the Object Storage service, upload & download "objects" i.e files and folders and also do some advance management like Bucket Policies, Replication, Versioning, lifecycle policies etc. Now these tools can also be used with Oracle OCI Object storage, but there are some prerequisites to get the proper credentials. You need to get following information before you can connect to you OCI Object storage - Object Storage Namespace: REST Endpoint: Access Key: Secret Key ID: How to get these details - Login to your OCI Account, head over to - Hamburger Icon on left hand top corner -> Storage -> Under Object Storage & Archive -> Buckets. It will list all the buckets in thi...
Read more

Accessing OCI Compute Instances Using VNC Console (Instance Console Connection)

-
Image
  Overview In Oracle Cloud Infrastructure (OCI), administrators occasionally face scenarios where SSH access to a compute instance is unavailable —for example, due to network misconfiguration, firewall issues, or OS-level boot problems. To handle such situations, OCI provides Instance Console Connection , which enables VNC-based graphical console access and serial console access to compute instances. In this post, I demonstrate how to access an OCI Compute instance using the VNC console , explain when to use it, and highlight best practices for secure and effective troubleshooting. ⚠️ This demonstration is performed in a personal OCI tenancy using test instances. No customer environments or confidential information are exposed. Oracle Products Used Oracle Cloud Infrastructure OCI Compute Instance Console Connection OCI IAM Virtual Cloud Network (VCN) What Is Instance Console Connection? Instance Console Connection provides ou...
Read more