Permitting Ping Requests to Oracle Compute Cloud Service Instances

Purpose

This tutorial shows you how to allow ping requests to Oracle Compute Cloud Service instances, for the following scenario:

You want to allow ping requests from a particular host outside Oracle Cloud to all the nodes in an Oracle Java Cloud Service instance.

Time to Complete

10 minutes

Background

When you provision an Oracle Java Cloud Service or Oracle Database Cloud Service instance, by default, certain ports on the underlying Oracle Compute Cloud Service nodes are open. See the links at the end of this tutorial, in the Want to Learn More? section.

But ping requests are not permitted by default. To allow ping requests, you must configure Oracle Compute Cloud Service to permit pings.

What You Need

To perform the steps in this tutorial, you must be a service user with the Compute Monitor and Compute Operations roles.

To allow ping requests from a host outside Oracle Cloud to your Oracle Java Cloud Service or Oracle Database Cloud Service nodes, you should store that external host's IP address in an security IP list in Oracle Compute Cloud Service.

1. Sign in to Oracle Cloud My Services and navigate to the Oracle Compute Cloud Service console.
2. Click the Network tab and then click the Security IP List tab in the left pane.
3. On the Security IP List page, click Create Security IP List.
4. In the Create Security Application dialog box, do the following:
   • Name: Enter a name for the new security IP list (for example, admin_host). Note this name. You'll use it later in this tutorial.
   • Security IP List: Enter the IP address of the host from which you want to allow ping requests.
   • Description: Enter a description for the new security IP list (for example, Admin host).

   

5. Click Create.

Next, you must create a security rule to permit ping requests from the external host you defined just now to your Oracle Java Cloud Service and Oracle Database Cloud Service nodes, as described in the next section.

1. Sign in to Oracle Cloud My Services and navigate to the Oracle Compute Cloud Service console.
2. Go to the Network tab.
3. Click the Security Rules tab in the left pane.
4. Click Create Security Rule, and do the following:
   • Name: Enter a name for the rule (for example, allow_p2ms_pings).
   • Status: Select Enabled.
   • Security Application: Select the pings security application.
   • Source: From the Security IP Lists drop-down list, select admin_host, which is the security IP list that you created earlier in this tutorial.
   • Destination: Select ora_ms, which is the security list to which the Oracle Java Cloud Service nodes belong.
   • Description: Enter a description for the rule (for example, Allow pings to managed servers from specific hosts).

   

5. Click Create.

You can now ping all the nodes in your Oracle Java Cloud Service instance from the host you defined in the admin_host security IP list.

Note: To permit ping requests to Oracle Database Cloud Service nodes, create another security rule, but with Destination set to ora_db.

At any time, you can temporarily suspend security rules by disabling them. You can also delete security rules that you no longer need.

Disabling a Security Rule

1. Sign in to Oracle Cloud My Services and navigate to the Oracle Compute Cloud Service console.
2. Go to the Network tab.
3. Click the Security Rules tab in the left pane.
4. Identify the security rule you want to disable.
5. From the Actions menu, select Update.
6. In the resulting dialog box, change Status to Disabled.
7. Click Update.

Deleting a Security Rule

1. Sign in to Oracle Cloud My Services and navigate to the Oracle Compute Cloud Service console.
2. Go to the Network tab.
3. Click the Security Rules tab in the left pane.
4. Identify the security rule that you want to delete.
5. From the Actions menu, select Delete.
6. At the confirmation prompt, click Yes.

• Understanding the Default Access Ports in Using Oracle Java Cloud Service

• Enabling Access to a Port in the Virtual Machine in Using Oracle Database Cloud Service (Database as a Service)

• Managing Security Rules in Using Oracle Compute Cloud Service (for PaaS)

• Managing Security IP Lists in Using Oracle Compute Cloud Service (for PaaS)

• Permitting Public TCP Traffic to Oracle Compute Cloud Service Instances OBE

• Permitting Traffic Between Oracle Compute Cloud Service Instances OBE

• Lead Curriculum Developer: Kumar Dhanagopal

• Other Contributors: Octave Orgeron