|
| 1 | +--- |
| 2 | +display_name: Oracle Cloud Infrastructure (Linux) |
| 3 | +description: Provision Oracle Cloud Infrastructure VMs as Coder workspaces |
| 4 | +icon: ../../../../.icons/oci.svg |
| 5 | +maintainer_github: coder |
| 6 | +verified: false |
| 7 | +tags: [vm, linux, oci, oracle] |
| 8 | +--- |
| 9 | + |
| 10 | +# Remote Development on Oracle Cloud Infrastructure (Linux) |
| 11 | + |
| 12 | +Provision Oracle Cloud Infrastructure (OCI) VMs as [Coder workspaces](https://coder.com/docs/workspaces) with this example template. |
| 13 | + |
| 14 | +## Prerequisites |
| 15 | + |
| 16 | +### Authentication |
| 17 | + |
| 18 | +This template assumes that coderd is run in an environment that is authenticated with Oracle Cloud Infrastructure. The recommended authentication methods are: |
| 19 | + |
| 20 | +1. **Instance Principal** (Recommended for production): Run Coder on an OCI instance with proper IAM policies |
| 21 | +2. **API Key**: Set environment variables `OCI_TENANCY_OCID`, `OCI_USER_OCID`, `OCI_FINGERPRINT`, and `OCI_PRIVATE_KEY_PATH` |
| 22 | +3. **Configuration File**: Use `~/.oci/config` file |
| 23 | + |
| 24 | +For detailed authentication setup, see the [OCI Terraform provider documentation](https://registry.terraform.io/providers/oracle/oci/latest/docs#authentication). |
| 25 | + |
| 26 | +### Required IAM Policies |
| 27 | + |
| 28 | +The following IAM policies are required for the template to work: |
| 29 | + |
| 30 | +```json |
| 31 | +{ |
| 32 | + "statements": [ |
| 33 | + { |
| 34 | + "effect": "Allow", |
| 35 | + "action": [ |
| 36 | + "core:instance:create", |
| 37 | + "core:instance:delete", |
| 38 | + "core:instance:get", |
| 39 | + "core:instance:update", |
| 40 | + "core:volume:create", |
| 41 | + "core:volume:delete", |
| 42 | + "core:volume:get", |
| 43 | + "core:volume:update", |
| 44 | + "core:volumeAttachment:create", |
| 45 | + "core:volumeAttachment:delete", |
| 46 | + "core:volumeAttachment:get", |
| 47 | + "core:vcn:create", |
| 48 | + "core:vcn:delete", |
| 49 | + "core:vcn:get", |
| 50 | + "core:vcn:update", |
| 51 | + "core:subnet:create", |
| 52 | + "core:subnet:delete", |
| 53 | + "core:subnet:get", |
| 54 | + "core:subnet:update", |
| 55 | + "core:internetGateway:create", |
| 56 | + "core:internetGateway:delete", |
| 57 | + "core:internetGateway:get", |
| 58 | + "core:internetGateway:update", |
| 59 | + "core:routeTable:create", |
| 60 | + "core:routeTable:delete", |
| 61 | + "core:routeTable:get", |
| 62 | + "core:routeTable:update", |
| 63 | + "core:securityList:create", |
| 64 | + "core:securityList:delete", |
| 65 | + "core:securityList:get", |
| 66 | + "core:securityList:update", |
| 67 | + "core:image:get", |
| 68 | + "identity:compartment:get" |
| 69 | + ], |
| 70 | + "resource": "*" |
| 71 | + } |
| 72 | + ] |
| 73 | +} |
| 74 | +``` |
| 75 | + |
| 76 | +## Architecture |
| 77 | + |
| 78 | +This template provisions the following resources: |
| 79 | + |
| 80 | +- **OCI VM** (ephemeral, deleted on stop) |
| 81 | +- **OCI Block Volume** (persistent, mounted to `/home/coder`) |
| 82 | +- **VCN with Internet Gateway** (for network connectivity) |
| 83 | +- **Security List** (with SSH, HTTP, and HTTPS access) |
| 84 | + |
| 85 | +The template uses Ubuntu 22.04 LTS as the base image and includes: |
| 86 | + |
| 87 | +- Code Server for web-based development |
| 88 | +- JetBrains Gateway for IDE access |
| 89 | +- Persistent home directory storage |
| 90 | +- Automatic Coder agent installation |
| 91 | + |
| 92 | +## Usage |
| 93 | + |
| 94 | +1. **Set up authentication** using one of the methods above |
| 95 | +2. **Create a compartment** in your OCI tenancy |
| 96 | +3. **Deploy the template** with your compartment OCID |
| 97 | +4. **Optionally provide an SSH public key** for direct SSH access |
| 98 | + |
| 99 | +### Template Variables |
| 100 | + |
| 101 | +- `compartment_ocid`: The OCID of your OCI compartment |
| 102 | +- `ssh_public_key`: (Optional) SSH public key for direct access |
| 103 | + |
| 104 | +### Instance Shapes |
| 105 | + |
| 106 | +The template supports various OCI instance shapes: |
| 107 | + |
| 108 | +- **VM.Standard.A1.Flex**: ARM-based flexible shapes (1-4 OCPUs, 6-24 GB RAM) |
| 109 | +- **VM.Standard.E2.1.Micro**: Cost-effective micro instances |
| 110 | +- **VM.Standard.E2.1.Small**: Small instances for development |
| 111 | +- **VM.Standard.E2.1.Medium**: Medium instances for larger workloads |
| 112 | +- **VM.Standard.E3.Flex**: AMD-based flexible shapes |
| 113 | + |
| 114 | +### Regions |
| 115 | + |
| 116 | +The template supports all major OCI regions: |
| 117 | + |
| 118 | +- **Americas**: US East (Ashburn), US West (Phoenix), Canada Southeast (Montreal) |
| 119 | +- **Europe**: UK South (London), Germany Central (Frankfurt), Netherlands Northwest (Amsterdam), Switzerland North (Zurich) |
| 120 | +- **Asia Pacific**: Japan East (Tokyo), Japan Central (Osaka), South Korea Central (Seoul), Australia Southeast (Sydney), India West (Mumbai), India South (Hyderabad) |
| 121 | +- **Middle East**: Saudi Arabia West (Jeddah), UAE East (Dubai) |
| 122 | +- **South America**: Brazil East (São Paulo), Chile (Santiago) |
| 123 | + |
| 124 | +## Cost Optimization |
| 125 | + |
| 126 | +- Use **VM.Standard.A1.Flex** shapes for cost-effective ARM-based instances |
| 127 | +- Choose **VM.Standard.E2.1.Micro** for minimal development workloads |
| 128 | +- Consider **VM.Standard.E3.Flex** for AMD-based workloads requiring more memory |
| 129 | +- Use smaller home disk sizes (50 GB) for basic development |
| 130 | +- Stop workspaces when not in use to avoid charges |
| 131 | + |
| 132 | +## Security |
| 133 | + |
| 134 | +- Instances are created with public IP addresses for Coder access |
| 135 | +- SSH access is restricted to the provided public key |
| 136 | +- Security lists allow only necessary ports (22, 80, 443) |
| 137 | +- All resources are tagged with `Coder_Provisioned = true` |
| 138 | + |
| 139 | +## Troubleshooting |
| 140 | + |
| 141 | +### Common Issues |
| 142 | + |
| 143 | +1. **Authentication Errors**: Ensure proper OCI authentication is configured |
| 144 | +2. **Permission Errors**: Verify IAM policies are correctly set |
| 145 | +3. **Network Issues**: Check VCN and security list configuration |
| 146 | +4. **Volume Attachment**: Ensure the home volume is properly attached |
| 147 | + |
| 148 | +### Debugging |
| 149 | + |
| 150 | +- Check OCI console for instance status and logs |
| 151 | +- Verify network connectivity and security list rules |
| 152 | +- Review Terraform logs for detailed error messages |
| 153 | + |
| 154 | +## Contributing |
| 155 | + |
| 156 | +This template is designed to be a starting point! Edit the Terraform to extend the template to support your use case. |
| 157 | + |
| 158 | +For issues and contributions, please visit the [Coder Registry repository](https://github.com/coder/registry). |
| 159 | + |
| 160 | +## Contributors |
| 161 | + |
| 162 | +- [aybanda](https://github.com/aybanda) |
| 163 | + |
0 commit comments