Oracle Cloud Free Tier
Oracle's Always Free Resources
Put details of different tenancies here:
US Midwest (Chicago) - no VM.Standard.E2.1.Micro available
-
Go to https://www.oracle.com/cloud/free/ and click "Start for free
-
Go through the sign-up process.
-
You will be required to add a payment verification method. However, the account you are creating will be limited to the Always Free resources.
You are in a Free Trial. When your trial is over, your account is limited to Always Free resources. Upgrade at any time.
You have a few options when it comes to creating the compute instance. The ARM compute instance is very generous but very limited. Although there is a 1/8 OCPU AMD free tier, I couldn't find that shape in the GUI. To create an ARM instance, note the good advice of @killer23d:
Regarding Oracle (OCI), I have been using them for a while and there are a few minor annoyances that you need to know before signing up. First, they need a credit card verification even for the free tier to ensure you do not have duplicate accounts. They are very strict on this. Second, the A1.Flex VM are scarce and almost never available to free tier users because of "high demand". The ONLY way to get this is to upgrade the account to Pay As You Go, once approved you will have immediate access. The upgrade approval process can take hours to days depending on your risk level. My first account took 7 days, requiring some back and forth with a sales rep to provide access. My second account (using my wife's info) took 3 hours. OCI console lacks some features, mainly web SSH and the performance of the network are not as quick as GCP or AWS. Once all these are over, the A1 performance trumps the E1 Micro in every way.
-
Go to the Compute Instances page
-
Click "Create instance"
-
Give your new instance a name, such a
vaultwarden -
Poke around and change settings as you like, but pay attention to the following settings:
-
Security- Enable "Shielded instance" -
Image and shape- click Edit and Change shape-
Change image- Select Oracle Linux 9 -
Change shape- Under the "Always Free" tier, you are eligible for
3,000 OCPU hours and 18,000 GB hours per month(please confirm at https://www.oracle.com/cloud/free/). This equates to:- 4 OCPUs each month (one month is up to 744 hours, 4 OCPUs is up to 2976 OCPU hours each month)
- 24 GB RAM each month (24 GB RAM is up to 17856 GB hours each month)
- Choose anything up to these limits - you may reserve some OCPU/RAM for another VM, as you can have two under the free tier. I chose 1 OCPU and 4 GB RAM.
- Under the "Always Free" tier, you are eligible for
-
-
Add SSH keys- Generate a SSH key pair using your favorite tool and submit the public key -
Boot volume- Specify a custom boot volume size. 50GB will be more than enough space for a typical Vaultwarden install - the current 'Always Free' tier includes 2 volumes and up to 200GB.- (Optional) - Select "Use in-transit encryption"
-
-
Click 'Create'
-
If you're lucky, it will work. If you're not lucky, you'll get an error message like:
Out of capacity for shape VM.Standard.A1.Flex in availability domain AD-1. Create the instance in a different availability domain or try again later. If you specified a fault domain, try creating the instance without specifying a fault domain, otherwise try creating the instance in a different availability domain. If that doesn’t work, please try again later.
If this is the case, you can wait and try again, but it may never come available under your free tier. You can upgrade as mentioned by @killer23d above at https://cloud.oracle.com/account-management/payment-method. There is a method using the Cloud Shell below to keep trying automatically.
Using the Cloud Shell
-
Open a Cloud Shell from any Oracle Cloud page
-
See your tenancy OCID with
echo $OCI_TENENCY- this variable will be used throughout this guide -
We'll use the command
oci compute instance launchto create our instance, but first we need to get someOCIDs-
subnetId- This is the subnet you want your new instance to be on. You probably already have a default subnet, so to use that you can get the id with this command:oci network subnet list --compartment-id $OCI_TENANCY --query data[0].id
This command gets a list of your subnets and prints out the first one's id.
-
imageId- This is the image you want to put on your vm. The command to see a list of the imageOCIDs isoci compute image list \ --compartment-id $OCI_TENANCY \ --shape VM.Standard.A1.Flex \ --operating-system "Oracle Linux" \ --operating-system-version "9"
If you just want the latest, you can include the query parameter:
oci compute image list \ --compartment-id $OCI_TENANCY \ --sort-by TIMECREATED \ --query 'data[0].{name: "display-name", id: id}' \ --shape VM.Standard.A1.Flex \ --operating-system "Oracle Linux" \ --operating-system-version "9"
You can play around with the different parameters, such as
--operating-systemand--operating-system-version. Pick one with the most recenttime-createdproperty and copy/save theidproperty. It will look something like"id": "ocid1.image.oc1.us-chicago-1.aa...zd3kna" -
-
Generate a SSH key pair using your favorite tool and upload the public key into your Cloud Shell by dragging it and dropping it into the shell:
-
Copy and modify this
jsonblock and save it asprovision.json- Change
displayNameif desired. - Update
subnetIdandimageIdfrom your steps earlier - Update
sshAuthorizedKeysFileto the name of your public key - You're welcome to play around with other parameters as outlined in the docs - the json template is here
{ "displayName": "vaultwarden", "subnetId": "OCID_SUBNET", "imageId": "OCID_IMAGE", "sshAuthorizedKeysFile": "KEY.PUB", "assignPrivateDnsRecord": true, "assignPublicIp": true, "bootVolumeSizeInGbs": 50, "isPvEncryptionInTransitEnabled": true, "shape": "VM.Standard.A1.Flex", "shapeConfig": { "memoryInGBs": 4, "ocpus": 1 } } - Change
-
Select an availability domain to use, and copy its name to use below:
oci iam availability-domain list
-
Now you can run the command to provision your vm (this command can take a couple minutes to return):
oci compute instance launch -c $OCI_TENANCY --from-json file://provision.json --availability-domain AVAILABILITY_DOMAINIt's likely that if you have a free account, there won't be any availability:
ServiceError: { ... "message": "Out of host capacity.", ... "status": 500, ... }There is a limited number of these resources available to free customers. If you have this error, you can either
- Keep trying. See below for a script to loop through and keep trying.
- Upgrade your account. You can upgrade as mentioned by @killer23d above at https://cloud.oracle.com/account-management/payment-method.
Assuming you have completed the steps to provision your account through the Cloud Shell, you can automate attempts that cycle through all of your availability domains and keeps trying until it succeeds. Credit to https://stackoverflow.com/q/72439600/1486966 for the idea.
Copy the script here into your cloud shell and execute it:
while true; do
for ad in $(oci iam availability-domain list --query "data[*].name | join(' ', @)" --raw-output); do
echo "Trying AD: $ad";
output=$(oci compute instance launch -c $OCI_TENANCY --from-json file://provision.json --availability-domain $ad 2>&1);
if [[ $output == *"ServiceError"* ]]; then
error_message=$(echo "$output" | sed '1d' | jq -r '"\(.status): \(.message)"');
echo "Failed: $error_message";
else
instance_id=$(echo "$output" | jq -r .data.id);
echo "Success! Instance ID: $instance_id";
break 2
fi
echo "$ad had no capacity, waiting 3 minutes..."
sleep 180
done
doneWhat this does:
- The outer while loop keep going until a later success breaks out of it.
- The inner for loop will iterate over your availability domains.
- The
output=...line will make the attempt to provision using your providedprovision.jsonfile and the current availability domain. - It will then check the output for an error or success.
- If it was a failure, it will sleep for 3 minutes before trying again. You may modify the sleep time but you might get rate-limited.
Example:
me@cloudshell:~ (us-chicago-1)$ while true; do
> for ad in $(oci iam availability-domain list --query "data[*].name | join(' ', @)" --raw-output); do
> echo "Trying AD: $ad";
> output=$(oci compute instance launch -c $OCI_TENANCY --from-json file://provision.json --availability-domain $ad 2>&1);
> if [[ $output == *"ServiceError"* ]]; then
> error_message=$(echo "$output" | sed '1d' | jq -r '"\(.status): \(.message)"');
> echo "Failed: $error_message";
> else
> instance_id=$(echo "$output" | jq -r .data.id);
> echo "Success! Instance ID: $instance_id";
> break 2
> fi
> echo "$ad had no capacity, waiting 3 minutes..."
> sleep 180
> done
> done
Trying AD: RVIY:US-CHICAGO-1-AD-1
Failed: 500: Out of host capacity.
RVIY:US-CHICAGO-1-AD-1 had no capacity, waiting 3 minutes...
Trying AD: RVIY:US-CHICAGO-1-AD-2