Oracle Cloud Infrastructure (OCI) Available in Juju Edge

Oracle Cloud Infrastructure

Support for Oracle’s OCI offering is ready for general availability.

Note that this is different to the Oracle cloud in Juju, which targets what Oracle now calls “OCI Classic”. We may change the names in future, but for now this new cloud provider is called “oci”.

To access this feature, you will need to install edge Juju like this:

sudo snap install juju --edge

To get started, you will need an OCI account, and you will need to generate a key-pair and upload your public key. For information on how to do this, see:
https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm

You will also need to ensure you have set up a tenancy and compartment as appropriate for the needs of your OCI account. See:
https://docs.cloud.oracle.com/iaas/Content/GSG/Concepts/settinguptenancy.htm

With this done, you are ready to add a new Juju cloud and credentials.

Cloud

Save the following file as oci-cloud.yaml, replacing the region as appropriate for your account.

clouds:
  oci-test:
    type: oci
    auth-types: [httpsig]
    regions:
      us-phoenix-1: {}

Then run:

juju add-cloud oci-test oci-cloud.yaml

Credential

Save the following file as oci-cred.yaml, replacing the variables as appropriate for your account.

credentials:
  oci-test:
    default-region: $REGION_FROM_YOUR_CLOUD_ABOVE
    DEFAULT:
      auth-type: httpsig
      fingerprint: $FINGERPRINT_FOR_YOUR_GENERATED_KEY
      key: |
          $PRIVATE_KEY_YOU_GENERATED
      pass-phrase: $PASSWORD_FOR_YOUR_KEY
      region: $REGION_FROM_YOUR_CLOUD_ABOVE
      tenancy: $OCID_FOR_YOUR_ACCOUNT_TENANCY
      user: $OCID_FOR_YOUR_ACCOUNT_USER

Then run:

 juju add-credential oci-test -f oci-cred.yaml

Bootstrapping

Bootstrapping requires that you supply an OCID for the compartment where you want your deployment to reside. So the bootstrap syntax is:

 juju bootstrap --config compartment-id=$OCID_FOR_YOUR_COMPARTMENT oci-test
1 Like

The final patches for implementing storage have landed.

Full functionality for the new cloud is available in the Juju edge snap.

I tested this again and it failed. There seems to be something wrong with the private SSL key. The top of the key file has:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,35AE3C29B4C1A53A9A02E168C3CBE14B

r3eJKzdasDYa3mR6pFBfssqFllSZBYFrwsVB9B/5TZIu5UD4dMqqoRchWRjQ9fNs

A test performed a few months back succeeded but the key used did not have those two top lines.

This is the error I get from bootstrap:

ERROR Service error:NotAuthenticated. The required information to complete authentication was not provided or was incorrect.. http status code: 401

I would also like to know if interactive mode to add-credential is supposed to accept a file path to the private key. It doesn’t appear to.

OCI requires that the key is provided in the PEM format. They provide a detailed guide on how to generate the key pair in their documentation:

https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm#How

Thanks for replying Tim. I forgot to update this thread to say that I got it to work. I had to clear out my credentials.yaml file.