How to List Images for a Region in OCI CLI

I am in the process of creating my own infrastructure in Oracle Cloud Infrastructure (OCI). I’ve set up a VCN (virtual cloud network) in Tokyo region and now I want to spin up a VM. I need to know which image to use and Terraform OCI provider requires image ID. Here is a way to list available images with their IDs (OCID) in OCI CLI.

oci compute image list -c $TENANCY_ID --region ap-tokyo-1 \
--query "data[*]".{'name:"display-name",id:id'} --output table

Here is the kind of data you’d get.

| ocid1.image.oc1.ap-tokyo-1.aaaaaaaaec34d6ybpedtu5sxhtwvurvdy4kp7bqr4ijnqiwvh75xxmkqnufq | Windows-Server-2019-Standard-Edition-VM-Gen2-2020.10.22-0              |
| ocid1.image.oc1.ap-tokyo-1.aaaaaaaatdmex2izbi7d7zdznvkyxdeygamojfnd3kroplg4d3p4i5rdnnra | Windows-Server-2019-Standard-Edition-VM-Gen2-2020.09.21-0              |
<SNIP>
| ocid1.image.oc1.ap-tokyo-1.aaaaaaaayqu2pdreelb4dtqyrroiyi5vzc4fkpgh24dnrhfdhbk2irkhetyq | Canonical-Ubuntu-20.04-Minimal-2020.08.24-0                            |
| ocid1.image.oc1.ap-tokyo-1.aaaaaaaahk3krxqgimom7cy2z4b5lsoakm6bhmnbaaaincvgtuu4wivntxjq | Canonical-Ubuntu-20.04-2020.10.14-0                                    |
| ocid1.image.oc1.ap-tokyo-1.aaaaaaaa3ioe7z5wmi7lfk4xyoret7tmlyr2g2jowsqzh4hz6qcd5pakdtda | Canonical-Ubuntu-20.04-2020.09.07-0                                    |
| ocid1.image.oc1.ap-tokyo-1.aaaaaaaax6wjwsktl7kpl3zw3gfn34cqp76b36usraojs4jors3lmfmg52ba | Canonical-Ubuntu-20.04-2020.08.21-0                                    |

Take a note of the ID for the image you want to use and save it in one of the Terraform files to use it.

For a convenience, you may want to know how to list Shapes as well.

oci compute shape list -c $TENANCY_ID \
--query "data[*]".{'shape:shape,memory:"memory-in-gbs",ocpus:ocpus'} \
--output table
| 768.0  | 52.0  | BM.Standard2.52        |
| 2048.0 | 128.0 | BM.Standard.E3.128     |
<SNIP>
| 64.0   | 8.0   | VM.Standard.E2.8       |
| 1.0    | 1.0   | VM.Standard.E2.1.Micro |
| 56.0   | 8.0   | VM.Standard1.8         |

How to List All Available Regions in OCI CLI

When you use Terraform, you are going to want to know the name of the region to use. I’ll show you in a easy-to-see way.

oci iam region list \
--query "data[*]".{'key:key,name:name'} --output table

The command above shows the following output.

+-----+----------------+
| key | name           |
+-----+----------------+
| AMS | eu-amsterdam-1 |
| BOM | ap-mumbai-1    |
| DXB | me-dubai-1     |
| FRA | eu-frankfurt-1 |
| GRU | sa-saopaulo-1  |
| HYD | ap-hyderabad-1 |
| IAD | us-ashburn-1   |
| ICN | ap-seoul-1     |
| JED | me-jeddah-1    |
| KIX | ap-osaka-1     |
| LHR | uk-london-1    |
| MEL | ap-melbourne-1 |
| NRT | ap-tokyo-1     |
| PHX | us-phoenix-1   |
| SJC | us-sanjose-1   |
| SYD | ap-sydney-1    |
| YNY | ap-chuncheon-1 |
| YUL | ca-montreal-1  |
| YYZ | ca-toronto-1   |
| ZRH | eu-zurich-1    |
+-----+----------------+

It is possible to view available regions from the web console though it’s paged. Click the region -> Manage Regions to view.

It is wise to subscribe to only the regions you are going to use. Subscribing to regions do not cost at all, however.

What I Wish I Had Known about Terraform When I Started

I feel extremely lucky that I am working for the company that I am working for. It’s a job and there are things I don’t like but I am doing what I have wanted to do. I think Terraform is an important technology to manage cloud resources, so I am listing the things I wish I had known

  1. Terraform is a compiled go-lang executable.
  2. Terraform communicates with Terraform state file. It reads from and writes to the state file.
  3. Terraform communicates with cloud through provider.
  4. Terraform state file can be stored locally or on Object Storage.
  5. Terraform can import existing cloud resources to the state file.

The list can go on. I will add more when they pop in my mind.

How to Start Terraform with Oracle Cloud Infrastructure (OCI)

Terraform, as you may know, is a very convenient way to manage resources in cloud services and Oracle Cloud Infrastructure (OCI) is one of them. Infrastructure as code is the way to go for sure. I’m not going to discuss how great it is here but I will introduce how to get started with Terraform with OCI.

Prerequisites

  1. OCI Account. Free Oracle Cloud Promotion is available from here if you don’t have one.
  2. You already have OCI CLI installed and it is in a working state. Please go through this blog article if you have not.

Download and Install Terraform

You can download Terraform from here. Terraform is a single executable so installation is simply place it somewhere and give the location to $PATH.

terraform --version

I am using Terraform v0.13.4 as of October 2020.

Steps

Terraform can use the credential that is already set up for OCI CLI. I will show how to do it below.

Create a directory where you store all the Terraform files. e.g. ~/dev/terraform

Now Create terraform.tfvars with the following contents.

user_profile = "DEFAULT"

The “DEFAULT” indicates the profile to use for Terraform to communicate with OCI in ~/.oci/config file created when you setup for OCI CLI.

Create provider.tf file with the following contents.

provider "oci" {
    alias = "us-ashburn-1"
    region = "us-ashburn-1"
    tenancy_ocid = var.tenancy_id
    config_file_profile = var.user_profile
}

Create variables.tf with the following contents. Replace the tenancy_id with your own.

variable "tenancy_id" {
    default = "ocid1.tenancy.oc1..aaaaaaaaca7lntmtszny3mgfhmzb5jb5oi6xucnrb7z6emorxdzheos4m4pa"
}

variable "user_profile" {
    default = ""
}

variable "fingerprint" {
    default =  ""
}

variable "private_key_path" {
    default = ""
}

variable "user_ocid" {
    default = ""
}

At this point, you should have the following 3 files in the directory.

  • provider.tf
  • terraform.tfvars
  • variables.tf

Now execute the following command to initialize terraform.

terraform init

The command creates .terraform directory and it has some stuff you really shouldn’t modify.

Then execute this.

terraform plan

You should see…

No changes. Infrastructure is up-to-date.

Let’s see if we can create a compartment. In case you don’t know, a compartment is a logical group of resources on OCI.

Create a file compartments.tf with the following contents. Replace the value of compartment_id to your tenancy ID. It indicates the parent compartment of the compartment you are planning to create. In this case, the compartment is going to be created at the root level of the tenancy, so I am specifying the tenancy ID.

resource "oci_identity_compartment" "blog" {
    compartment_id = "ocid1.tenancy.oc1..aaaaaaaaca7lntmtszny3mgfhmzb5jb5oi6xucnrb7z6emorxdzheos4m4pa"
    description = "blog compartment"
    name = "blog"
    enable_delete = "true"
}

Once it’s done, execute terraform plan to show what Terraform is going to do.

terraform plan

Here is the plan output.

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # oci_identity_compartment.blog will be created
  + resource "oci_identity_compartment" "blog" {
      + compartment_id = "ocid1.tenancy.oc1..aaaaaaaaca7lntmtszny3mgfhmzb5jb5oi6xucnrb7z6emorxdzheos4m4pa"
      + defined_tags   = (known after apply)
      + description    = "blog compartment"
      + enable_delete  = true
      + freeform_tags  = (known after apply)
      + id             = (known after apply)
      + inactive_state = (known after apply)
      + is_accessible  = (known after apply)
      + name           = "blog"
      + state          = (known after apply)
      + time_created   = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Once it looks good, apply the change by executing terraform apply.

terraform apply

Enter yes when prompted and hit enter. If you see it on OCI web console, you should actually see the new compartment under the root.

One thing to note is that terraform apply generates terraform.tfstate file. Do not delete or manually modify it. It has the information of your OCI resources that you are managing with Terraform.

Terraform can pretty much manage all resources in OCI. The OCI provider reference of Terraform can be found here. Now that my Terraform can talk to my OCI tenancy, I plan to manage resources with it.