Open http and https Traffic
The host definitely needs to accept http and/or https traffic. I’m going to just add both http and https for now. SSH to the host and run the following commands as root.
firewall-cmd --add-service=http --zone=public --permanent firewall-cmd --add-service=https --zone=public --permanent firewall-cmd --reload
Install and Configure NGINX
As I wrote in my previous post, I’m planning to use NGINX as a reverse proxy. If you need to know what reverse proxy is, please read this article. Let’s install it!
$ sudo yum -y install nginx
We will start it and enable it so that it will survive reboots.
$ sudo systemctl start nginx $ sudo systemctl enable nginx
If you run curl, you can check if the service is actually up and running locally.
$ curl http://localhost
If you try to access NGINX from your desktop, however, it cannot be reached. That’s because your VCN (Virtual Cloud Network) doesn’t know how to route the traffic from outside to the internal resources within OCI. I will write up how to route TCP 80 traffic to the internal resources in OCI.
Open Menu -> Networking -> Virtual Cloud Networks.
Select the VCN that’s already there by clicking the link.
Click Security Lists under Resources section and select the security list that already exists.
Under Ingress Rules, click Add Ingress Rules button.
Enter 0.0.0.0/0 in SOURCE CIDR. Select TCP as IP PROTOCOL. Enter 80 in DESTINATION PORT RANGE. Finally, enter text like “HTTP traffic” in DESCRIPTION. It’s optional but it’s good to note what your intention was when you created this Ingress Rule.
Now when you try to hit the public IP address of the instance, you can now see the test page for NGINX.
Recap
We have learned to spin up an instance of Oracle Linux and to allow traffic from outside to the resource. We will keep trying. 🙂