Attaching a Restored Boot Volume to an Existing Instance

I did some research on attaching a restored boot volume to an existing instance but per this document, it might not be possible.

Here is the part I think it may not be possible.

You can use a boot volume backup to create an instance or you can attach it to another instance as a data volume.

This kind of tells me you can only create a new instance from the backup or attach it as a data volume.

Well, I’m not giving up my hope. How about cloning? I wonder if you can attach the cloned boot volume to an existing instance? I will find out.

How to Backup an Instance and Restore on Oracle Cloud Infrastructure

Backup

I would like to backup the boot volume of an instance to Object Storage and be able to restore the backed up image. Here are the steps.

I am going to ssh into the instance that I provisioned and create a file under my home directory.

So I have test.txt under my home directory. And then, I am going to backup the boot volume in Object Storage.

If you click Boot Volume link, it takes you to the link.

And if you click the link, you get to see the following options.

Now, click on Boot Volume Backups link. Now you can create a Boot Volume Backup as you can see in the image below.

Once you click Create Boot Volume Backup button, you can create a backup like the below. Click on Create Boot Volume Backup blue button to start the process

Once backup is complete, you should see it’s available now.

Just to be able to check if the boot volume has been restored, I am adding another line in test.txt. When I restore the volume, the second line should be gone.

I’m going to run the following commands after the backup. I should be able to run those commands again to update the OS after restoring the boot volume.

sudo apt update && sudo apt upgrade

Restoration

If you navigate to Menu-> Storage -> Block Storage -> Boot Volume Backups, you should see the list of boot volume backup. Now click on the target backup.

Click on the target backup and then click Restore Boot Volume button.

Now if you navigate to Menu -> Storage -> Block Storage -> Boot Volumes, you can see the one you just restored.

Once the boot volume is restored, attach it to the instance you already have. But first, you have to stop the instance and detach the boot volume.

If you go to the boot volume section of the instance details, you can detach the boot volume.

Well, I am not seeing the action item to attach restored boot volume in the menu. So I am restoring to OCI CLI to see if it works.

The following command may just work for me.

oci compute boot-volume-attachment attach --boot-volume-id [text] --instance-id [text]

It looks easy enough. Well, but it didn’t work.

ServiceError:
{
    "code": "Conflict",
    "message": "Boot volume ocid1.bootvolume.oc1.iad.abuwcljro5zeuegg7i2ms7xoaxgeft5mpef3ucykogfehtjhjde3zy676ddq cannot be attached to instance ocid1.instance.oc1.iad.anuwcljroksebviczqhtrjxzsu2d7angpz3bnpnl5z5gko27spvqlacxvicq. It can only be attached to its parent instance.",
    "opc-request-id": "98ECF81CD426418EB99DBB929733865A/38C80819B5A2267CEF1E0F89086F26D6/164678769EA39E4C60B724840D7F9F87",
    "status": 409
}

I googled it but could not figure out why. I will look into the issue when I have some time. Now my only option is to create a new instance out of the restored boot volume.

If you navigate to the restored boot volume, you can create a new instance.

Now that I was able to create an instance out of the restored boot volume, I was able to get the text.txt file I created in my home directory. And the second line I created after backing up was not there.

In a sense, this experiment was successful but I still need to figure out why I was not able to attach the restored boot volume to the existing instance.

Free Oracle Cloud Infrastructure Certification

Oracle is offering free Oracle Cloud Infrastructure certification taking. I got notified about it a few weeks ago and studied for it to get my certification for Oracle Cloud Infrastructure Foundation.

If you head on over to https://education.oracle.com/oracle-oci-certification, you can still access the study materials for free and take exams for free until 12/31/2021.

Oracle Cloud Infrastructure Foundations 2021 Certified Associate

I studied for Oracle Cloud Infrastructure Foundation Certified Associate and took the exam today. I passed it!

This is a basic knowledge check for Oracle Cloud Infrastructure, so it wasn’t too hard. I did spend time to study for it though. There were some information I wish I had known a while ago… Oracle offers good study resources on their site.

Certification doesn’t determine your skill level but it’s good to go over it because there are pieces of information that you never come across through your daily work.

I will continue to go for a few more certifications as time allows.

How to Start a Local Git Repo and Upload it to GitHub

You start to write code locally in a directory and you want to keep track on file changes in a Git database and then upload (push) it to GitHub.

You have some files already in a directory and you start a Git repo locally by executing git init.

Now stage it and commit it.

git add .

git commit -m 'initial commit'

Once you create a repo on GitHub, you have a link to the GitHub repo in the page. Using that SSH repo link, you can push it to GitHub.

Now configure the remote repo in local Git database.

git remote add origin git@github.com:hiriumi/oci-resources.git

And then, push it to the upstream repo.

git push --set-upstream origin master

You won’t need --setup-upstream origin master from the subsequent pushes.

AWS Workspaces Cost

I tried AWS Workspaces for a few days and the cost so far is the following.

$5.67 in just 3 days… The cost per month would be about $56.7. When I provisioned a Windows host, it said “Free Eligible”. I’m probably not understanding what’s costing me but that’s misleading to me.

So if that’s the cost I am going to have to bear, I am removing the workspace. Sorry Amazon, this is no go for me.

Amazon Workspaces

AWS has a feature called Workspaces. You can have Windows desktop on AWS cloud for relatively cheap price. I just provisioned one that says “Free Eligible” so I don’t know exactly how much it costs (AWS always has something to charge…) so I will see how it goes in the next few weeks and I’ll report the cost here.

It’s really nice to have a desktop on Cloud in a sense that I don’t have to manage hardware. That said, I am not sure if it can be used as my development machine because the free tier spec is quite weak.

Here is the spec of the virtual desktop.

  • 1 CPU (at 2.5 GHz)
  • Memory: 4GB
  • Diskspace: 80GB+40GB

How to Generate Free SSL by Let’s Encrypt

I attempted to use Certbot by Let’s Encrypt for free SSL certificate for my subdomain using a Docker container but it was never successful, so I left it alone for a while. The DNS service that I use provides SSL certs but it charges me extra for subdomain. There are other services such as SSL for Free but they either limit the number of certificates or they charge for subdomains or they want me to pay like $10 per month for wildcard certificate. That’s pretty steep considering the host is being used only privately. The alternative is to create your own private CA authority and issue SSL cert and have the root CA cert on the machines that you use the hosts.

But this morning, I figured out a way to generate the free SSL cert for my subdomain using Certbot. I will write about what worked for me.

I followed this instruction to install snapd on Ubuntu.

First, remove certbot if installed by apt.

sudo apt-get remove certbot

Install Certbot.

sudo snap install --classic certbot

Prepare the Certbot command.

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Now prepare your NGINX server to accept HTTP traffic for acme challenge.

Edit nginx.conf to accept HTTP (port 80).

   server {
      location / {
          root   /var/www/html;
          index  index.html index.htm;
      }
      listen       80 default_server;
      listen       [::]:80 default_server;
      server_name  _;

If you have the HTTP redirect to HTTPS, comment the line out.

# return 301 https://jenkins.hayato-iriumi.net$request_uri;

Now back to Certbot, execute the following command to start to issue your ssl cert.

sudo certbot certonly -a manual --rsa-key-size 4096 --email hiriumi@gmail.com -d jenkins.hayato-iriumi.net

You will see an output like the following.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for jenkins.hayato-iriumi.net

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.

Are you OK with your IP being logged?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Create a file containing just this data:

s8wH1u2z00ePejV4hyy4y3CTyW3pYvrFgxwxwsPVdd8.O3THIaz5tgLf8NuxfBYw8FZfrdQNf_Y_1U--J0PsgqQ

And make it available on your web server at this URL:

http://jenkins.hayato-iriumi.net/.well-known/acme-challenge/s8wH1u2z00ePejV4hyy4y3CTyW3pYvrFgxwxwsPVdd8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue

Now you should create the file with the data specified in the output. Once you have that hit Enter to get the cert generated.

Lastly, when the cert generation is successful, you will see the output like the following.

Now switch to the root user by executing…

sudo -i

The cert files are at /etc/letsencrypt/archive/jenkins.hayato-iriumi.net

Copy cert1.pem and privkey1.pem to the directory where you would like to store your SSL files. In my ssl.conf file, I have specified the cert files like the following.

server {
    server_name jenkins.hayato-iriumi.net;
    listen 443 ssl;
    ssl_certificate /etc/nginx/conf.d/ssl/cert1.pem;
    ssl_certificate_key /etc/nginx/conf.d/ssl/privkey1.pem;
    client_max_body_size 3000m;

Now unc0mment the line in ssl.conf to redirect HTTP to HTTPS traffic. Once you restart your NGINX, NGINX starts to service the traffic in SSL.

I’m sure there are ways to automate this and I am thinking of exploring the way to do it but it works well for now.

Surface Pro 7 is Back

I had my Surface Pro 7 being repaired (replaced) and it had been away from me for about a month. It had come back to me in about 2 weeks when I first sent it back to Microsoft but the one that came back to me was a faulty one. I had to send it back to Microsoft again to get a replacement again. Not having my personal laptop made me feel somewhat crippled but it finally came back to me yesterday.

This time, things are working as expected. It will take some time for me to get back the software I usually use and set it up to the usable state.

Now that Windows 11 has been released officially, I have upgraded the OS to Windows 11.