Oracle Cloud Infrastructure Documentation

Manage VM Clusters

Learn how to manage your VM clusters on Oracle Exadata Database Service on Exascale Infrastructure.

Related Topics

Parent topic: How-to Guides

Using the Console to Manage VM Clusters on Oracle Exadata Database Service on Exascale Infrastructure

Learn how to use the console to create, edit, and manage your VM Clusters on Oracle Exadata Database Service on Exascale Infrastructure.

Parent topic: Manage VM Clusters

Create a VM cluster in an Oracle Exadata Database Service on Exascale Infrastructure instance.

  1. Open the navigation menu. Click Oracle AI Database, then click Oracle Exadata Database Service on Exascale Infrastructure.

    The Exadata VM Clusters page is selected by default.

  2. Click Create VM Cluster.

    The Create VM Cluster page is displayed. Provide the required information to configure the VM cluster.

  3. Display name: Enter a user-friendly display name for the VM cluster. The name doesn't need to be unique. An Oracle Cloud Identifier (OCID) will uniquely identify the VM cluster. Avoid entering confidential information.
  4. Compartment: Select a compartment for the VM cluster resource.
  5. Provide the cluster name: Select the name of the VM cluster.
  6. Select an availability domain: Select the availability domain from the displayed options available.
  7. Configure the VM cluster: Provide the following information:

    In the ECPU section, Provide the following information:

    • Number of VMs in the cluster: Specify the number of the VMs that you want to configure for the cluster, between 1 and 10.

    • ECPUs enabled per VM: Specify the number of ECPU cores that you want to enable for the VM cluster. The minimum ECPUs is 8. The maximum number of ECPUs is 200 per VM, or limited by the number of total ECPUs you have specified for the VM. The value you select must be a multiple of 4. To reserve additional ECPUs, click Reserve additional ECPU.

      The Total memory across VM Cluster (GB) (read-only) field automatically updates to provide you with the total amount of memory allocated across the VM cluster, based on the memory allocation per VM that you specify.

      Note

      For information about reserved and enabled cores, and an overview of the ExaDB-XS architecture, see "About Exadata Database Service on Exascale Infrastructure"

  8. (Optional) If you select Reserve additional ECPU, then the Reserve Additional ECPU dialog displays.

    The number of VMs in the cluster is displayed. The current configuration of ECPUs enabled per VM and additional ECPUs reserved per VM.

    Total ECPUs per VM: Input a number to change the total number of ECPUs reserved per VM. The total number of ECPUs must be a number between 8 and 200, in multiples of 4 ECPUs.

    The number of additional ECPUs will be automatically calculated based on the total enabled ECPUs. Additional Reserved ECPUs are not active for licensing purposes but are reserved for your VM, and ready and waiting for scaling the Enabled ECPUs.

    You can review additional read-only fields that show more information about the ECPUs.

    • Total ECPUs across VM Cluster: Automatically updates to show you the total number of ECPUs allocated for all VMs in the cluster.

    • Memory per VM (GB): Automatically updates to show you the reserved memory per VM

    • Total Memory across VM cluster (GB): Shows the total reserved memory across the VM cluster.

  9. The Storage section contains the input fields Exascale smart storage (the default), and Exascale block storage, which is required for Oracle Database 19c deployments. Note the following:

    • If your VM cluster uses Exascale smart storage, then the following rules apply:

      • You can only have an Oracle Grid Infrastructure 26ai Grid home on this VM. You cannot place an Oracle Database 19c Grid home on the VM.
      • You can only provision Oracle AI Database 26ai databases on this VM cluster configured with Exascale smart storage. All database files will be stored directly on the Exascale storage through the Exascale storage vault, eliminating the need for an Automatic Storage Management (ASM).
    • If your VM cluster uses Exascale block storage compatible with Oracle Database 19c, then the following rules apply:
      • You can provision either an Oracle Grid Infrastructure 19c Grid home (the default option) or an Oracle Grid Infrastructure 26ai Grid home.
      • You can provision only Oracle Database 19c Oracle homes on this VM cluster configured with Exascale block storage. All database files will be stored on the database-specific +DATA, +RECO, and +REDO ASM disk groups created on Exascale Block volumes.

  10. Under the VM file system storage section, provide the following information:

    VM File system storage capacity (GB): Specify storage capacity per VM in gigabytes (GB).

    Provide how much storage you want for all VM file systems together. The VM file systems storage includes /u02 capacity, where your Database Homes will go, along with all of the other VM file systems (/, /boot, /tmp, /var, /var/log, /var/log/audit, /home, swap, kdump, /u01, grid, /u02). Any extra capacity selected beyond system minimums will go into /u02. The read-only field Total file system storage capacity across VM Cluster (Read-only) automatically updates to show the total memory allocated across the VM cluster.

  11. In the Database storage section, provide the following information:

    Exascale Database Storage Vault: Select either Create new Storage Vault or Select existing Storage Vault. If you select an existing vault, then select the vault in the compartment. Click Compartment to select a vault in a different compartment

    When you create a new vault, the Provisioning status window opens to provide you with the status of vault creation, and the name of the vault that is being created in the format Vault-YYYYMMDDHHMM indicating the creation date, where YYYY is the year, MM is the month, DD is the day, HH is the hour, and MM is the minute.

    Note

    If the vault creation failed, then the Provisioning status window provides you with the work request error message indicating the point where the vault creation operation failed, and the work request ID. Make a note of this work request ID, and open a Service Request with My Oracle Support.

  12. Storage Capacity for Databases (GB): Specify storage capacity for the databases. You can either specify storage limits manually, or set an auto scaling limit. With auto scale, the system will scale storage capacity by 10 percent up to a user-defined limit. If you specify storage space manually, then the space you reserve must be between 300 to 100,000 GB.

    • Storage Capacity for Databases (GB): Specify storage capacity for the databases between 300 to 100,000.

    • Storage auto scaling: For Exascale smart storage, this option is enabled by default.

    • Auto scaling limit (GB): Specify the maximum limit for auto scale.

      Note

      • The storage auto scaling feature is not available with Oracle Database 19c.
      • Auto scale is primarily intended to accommodate the ongoing, organic growth of databases. For large, sudden data loads or rapid data growth that can exceed 5% of the allocated vault size within a short time period, it is recommended to manually scale storage in advance to avoid potential out-of-space errors.
      • Tablespaces with auto-extend enabled can cause out-of-space errors if the auto-extend increment size is greater than 5% of the allocated vault storage. This could be caused if a single, large tablespace auto-extension suddenly exceeds the available space in the vault before crossing the auto scale threshold. Or, it could also be caused by multiple tablespaces extensions occurring concurrently, resulting in the same effect. It is recommended that you manage your tablespace auto-extend increment settings to avoid having more than 5% of the allocated vault storage added at once when using auto scale.

    • (Optional) Click Smart flash options to configure some of your storage as smart flash cache: 

      Smart flash cache to be added (GB).

      • Add smart flash cache as a percentage of storage capacity provisioned (%): Select this option to purchase and specify an additional amount of flash cache over and above the amount of default flash cache that is included in the normal Storage capacity for Databases. Additional flash cache can potentially enable increased performance without adding additional storage capacity in some workloads. Additional flash cache also includes additional memory cache. Specify the additional flash cache as a percentage of the total storage provisioned. The minimum value is 34, and the maximum value is 300.

      • Smart flash cache to be added (GB) The amount of smart flash cache in GB that will be added is specified in the read-only field. The minimum value is 100

  13. Configure Grid Infrastructure: Select the Grid Infrastructure release from the list of available releases. Grid Infrastructure version: Select the release update version from the list of available versions.

  14. Add SSH key: Add the public key portion of each key pair that you want to use for SSH access to the VM cluster:
    • Generate SSH key pair: (Default option) Select this option to generate an SSH keypair. Then in the dialog below, click Save private key to download the key, and optionally click Save public key to download the key.
      Note

      Download the private key so that you can connect to the database system using SSH. It will not be shown again.
    • Upload SSH key files: Select this option to browse or drag and drop .pub files.
    • Paste SSH keys: Select this option to paste in individual public keys.

  15. Network settings: You can have Oracle provision networks for you by selecting Create default VCN, or you can configure networks manually.

    • Create Default VCN

      When you select this option, a new VCN is created for you with default settings. The default settings use an overall network range of 10.2.0.0/24, with 10.2.0.0/26 for the Client subnet and 10.2.0.64/26 for the backup subnet. These default settings will auto-populate for this new VCN and automatically be used for your VM Cluster. You provide only the display name for this VCN. If you do not want to use the default network settings, then do not alter the generated settings. Instead, follow the instructions in the following option, "Create VCN Manually".

      • Display name: Provide a display name for the network. You must provide a name.

      • Compartment: By default, Virtual Cloud Networks in the compartment that you have selected for the VM cluster resource are displayed. Select a Virtual Cloud Network in that compartment from the drop-down list. To select a Virtual Cloud Network from a different compartment (a non-default choice), select Change compartments.

      • CIDR (Read-only): The Classless Inter-Domain Routing (CIDR) range of IP addresses is displayed. CIDR addresses are allocated during the configuration of your tenancy. The CIDR notation includes the IP address and a suffix that indicates how many bits of the address are used for the network prefix. This method of allocating IP addresses and routing internet traffic more efficiently than traditional methods. For more information, see:

        CIDR Blocks and OCI Functions

      After you finish selecting the VNC configuration options, click Create

      The Create Default VCN dialog box opens, and displays the status of your network configuration. If you want to use the automatically generated VCN, do not alter the generated settings. When the network configuration is complete, click Close.

    • Create VCN Manually

      If you do not click Create default VCN, then select your configuration information in the following input fields:

      • Virtual cloud network: Select the virtual cloud network (VCN) for the compartment in which you want to create the VM cluster. Click Compartment to select a VCN in a different compartment.

      • Client subnet: Select the client subnet in the compartment. This is the subnet to which the VM cluster should attach. Click Compartment to select a subnet in a different compartment.
        Note

        You must select the VCN before you can select a client subnet.

        Do not use a subnet that overlaps with 192.168.16.16/28, which is used by the Oracle Clusterware private interconnect on the database instance. Specifying an overlapping subnet causes the private interconnect to malfunction.

      • Backup subnet: Select the subnet to use for the backup network, which is typically used to transport backup information to and from the Backup Destination, and for Data Guard replication. Click Compartment to select a subnet in a different compartment, if applicable.

        Do not use a subnet that overlaps with 192.168.128.0/20. This restriction applies to both the client subnet and backup subnet.

        Note

        You must select the VCN before you can select a backup client subnet.

      • Use network security groups to control traffic: Optionally, you can select this option to use one or more network security groups (NSGs) for both the client and backup networks. NSGs function as virtual firewalls, allowing you to apply a set of ingress and egress security rules to your Oracle Exadata Database Service on Exascale Infrastructure VM cluster.

        Note that if you choose a subnet with a security list, then the security rules for the VM cluster will be a union of the rules in the security list and the NSGs.

        To use network security groups:

        • Check the Use network security groups to control traffic check box. This box appears under both the selector for the client subnet and the backup subnet. You can apply NSGs to either the client or the backup network, or to both networks. Note that you must have a virtual cloud network selected to be able to assign NSGs to a network.
        • Network security groups: From the list of available NSGs, select an NSG to use with the network. Click Another network security group if you require more than one NSG. If you're not sure, contact your network administrator.

      • Hostname prefix: Provide your choice of hostname for the Exadata VM cluster. The host name must begin with an alphabetic character and can contain only alphanumeric characters and hyphens (-). The maximum number of characters allowed for an Exadata VM cluster is 12.

        Caution:

        The hostname must be unique within the subnet. If it is not unique, then the VM cluster will fail to provision.

      • Host Domain Name: The domain name for the VM cluster. This is a read-only field. Make a note of the host domain name for your reference.

        If you plan to store database backups in Autonomous Recovery service, Oracle recommends that you use a VCN Resolver for DNS name resolution for the client subnet because it automatically resolves the Swift endpoints used for backups.

        Note

        Starting August 06, 2025, for tenancies created in the FRA, PHX, or NRT regions, Autonomous Recovery Service will be the only backup destination when you enable automatic backup on databases.
      • Host and domain URL: This read-only field combines the host and domain names to display the fully qualified domain name (FQDN) for the database. The maximum length is 63 characters.

  16. Choose a license type: The type of license that you want to use for the VM cluster. Your choice affects metering for billing.

    • License Included means the cost of the cloud service includes a license for the Database service.
    • Bring Your Own License (BYOL) means you are an Oracle Database customer with an Unlimited License Agreement or Non-Unlimited License Agreement, and you want to use your license with Oracle Cloud Infrastructure. This option removes the need for separate on-premises licenses and cloud licenses.
  17. Diagnostics collection: By default, diagnostic collection is enabled. Enabling diagnostics collection and notifications allows you and Oracle Cloud operations to identify, investigate, track, and resolve guest VM issues quickly and effectively. You must subscribe to events to receive notification.

  18. (Optional) Click Show Advanced Options to specify advanced options for the VM cluster. These options are located under three tabbed sections:

    • Management: This option provides timezone options. The default time zone for the VM cluster is UTC, but you can specify either the time zone detected by your browser client, or select a different time zone. The time zone options are those supported in both the Java.util.TimeZone class and the Oracle Linux operating system.

      Note

      If you want to set a time zone other than UTC or the browser-detected time zone, and if you do not see the time zone you want, try selecting the Select another time zone, option, then selecting "Miscellaneous" in the Region or country list and searching the additional Time zone selections.

    • Network: This option enables you to specify the single client access network (SCAN) port. You can assign a SCAN listener port (TCP/IP) in the range between 1024 and 8999. The default is 1521.
      Note

      Manually changing the SCAN listener port of a VM cluster after provisioning using the backend software is not supported. This change can cause Data Guard provisioning to fail.
    • Security: This option helps you control access for your resources. You can select the Namespace from the list, its key, and the value. Click Add security attribute if you require more than one security attribute.
    • Tags: Tags can assist you with managing resources. You can select a tag namespace, provide a tag key, and provide a tag value. If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you are not sure whether to apply tags, skip this option (you can apply tags later) or ask your administrator.
  19. Click Create.
  20. (Optional) Provide a contact for your VM Cluster. Oracle Exadata Database Service on Exascale Infrastructure leverages the OCI Announcements Service. Oracle recommends that you provide your contact details here. Oracle then automatically subscribes you to announcements relevant to this service, including maintenance and outage notifications, among others. If you do not choose to provide a contact now, then you will have to subscribe to announcements manually later, leveraging the OCI Announcements Service directly. To learn more about subscribing, see Subscribing to Announcements.

To add database server or storage server capacity to a cloud VM cluster

This topic describes how to use the Oracle Cloud Infrastructure (OCI) Console to add the new capacity to your cloud VM cluster.

If you have added additional database (compute) or storage servers to the service instance, then you must add the additional capacity to the cloud VM cluster to utilize the additional resources.

  1. Navigate to Exadata VM Clusters
  2. In the list of cloud VM clusters, click the name of the cluster to which you want to add capacity.
  3. On the VM Cluster Details page, click Scale VM Cluster.
  4. If you have additional capacity available as a result of scaling the cloud Exadata infrastructure resource, a banner at the top of the Scale VM Cluster panel provides a message telling you the type and amount of additional capacity available to the VM cluster. Check the Add Capacity box.
  5. Select either the Add Database Server or the Add Storage radio button, depending on which type of capacity you want to add to the cloud VM cluster.
  6. Click Update. The cloud VM cluster goes into the Updating state. When the capacity has been successfully added, the cluster returns to the Available state.
Note

If you have added additional database servers to the cluster, then you can allocate the new storage after the cluster is in the Available state by clicking the Scale VM Cluster button again.

To Enable, Partially Enable, or Disable Diagnostics Collection

You can enable, partially enable, or disable diagnostics collection for your Guest VMs after provisioning the VM cluster. Enabling diagnostics collection at the VM cluster level applies the configuration to all the resources such as DB home, Database, and so on under the VM cluster.

Note

  • You are opting in with the understanding that the list of events, metrics, and log files collected can change in the future. You can opt-out of this feature at any time.
  • Oracle may add more metrics in the future, but if you have already chosen to collect metrics, you need not update your opt-in value. It will remain enabled/disabled based on your current preference.
  • If you have previously opted in for incident log and trace file collection and decide to opt out when Oracle Cloud operations run a log collection job, then the job will run its course and will not cancel. Future log collections won't happen until you opt-in again to the incident logs and trace file collection option.
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Choose the Region that contains your Exadata infrastructure.
  3. Click VM Clusters.
  4. Click the name of the VM cluster you want to enable or disable diagnostic data collection.
  5. On the VM Cluster Details page, under General Information, enable, partially enable, or disable Diagnostics Collection beside Diagnostics Collection.
  6. In the Edit Diagnostics Collection Settings dialog, enable or disable any of the Diagnostics Collections. By enabling diagnostics collection and notifications, Oracle Cloud Operations and you will be able to identify, investigate, track, and resolve guest VM issues quickly and effectively. Subscribe to Events to get notified about resource state changes.
    • Enable Diagnostics Events Allow Oracle to collect and publish critical, warning, error, and information events to me. For more information, see Overview of Database Service Events
    • Enable Health Monitoring Allow Oracle to collect health metrics/events such as Oracle Database up/down, disk space usage, and so on, and share them with Oracle Cloud operations. You will also receive notification of some events.
    • Enable Incident logs and trace collection. Allow Oracle to collect incident logs and traces to enable fault diagnosis and issue resolution.

      Note: You had previously opted in for incident log and trace file collection and decide to opt-out when Oracle Cloud operations run a log collection job, the job will run its course and will not cancel. Future log collections will not run until you opt-in again to the incident logs and trace file collection option.

  7. Select or clear the checkboxes and then click Save Changes.

Using the Console to Update the License Type on a VM Cluster

To modify licensing, be prepared to provide values for the fields required for modifying the licensing information.

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Choose the Region and Compartment that contains the VM cluster for which you want to update the license type.
  3. Click Exadata VM Clusters.
  4. Click the name of the VM cluster for which you want to update the license type.

    The VM Cluster Details page displays information about the selected VM cluster.

  5. Click Update license type.
  6. In the resulting Update license type window, choose one of the following license types and then click Save.
    • Bring Your Own License (BYOL): Select this option if your organization already owns Oracle Database software licenses that you want to use on the VM cluster.
    • License Included: Select this option to subscribe to Oracle Database software licenses as part of Oracle Exadata Database Service on Exascale Infrastructure.

    Updating the license type does not change the functionality or interrupt the operation of the VM cluster. Customers are permitted to change the license type for a VM Cluster at most once per month.

Increase or decrease the ECPUs, memory or storage available to a VM cluster in Oracle Exadata Database Service on Exascale Infrastructure

Note

Oracle doesn't stop billing when a VM or VM Cluster is stopped. To stop billing for a VM Cluster, lower the ECPU count to zero.

You can scale ECPUs enabled per VM. Keep in mind that memory scales with the total ECPU count.

Scaling up or down VM cluster resources requires thorough auditing of existing usage and capacity management by the customer DB administrator. Review the existing usage to avoid failures during or after a scale down operation. While scaling up, consider how much of these resources are left for the next VM cluster you are planning to create. Oracle Exadata Database Service on Exascale Infrastructure tooling calculates the current usage of memory, local disk, and ASM storage in the VM cluster, adds headroom to it, and arrives at a minimum value below which you cannot scale down, and expects that you specify the value below this minimum value.

Note

When scaling a VM Cluster, setting the number of ECPUs to zero will shut down the VM Cluster and eliminate billing related to enabled ECPU usage.

  1. Navigate to the VM Cluster Details page

  2. Click Scale VM Cluster.

    The Scale VM Resources window opens, and displays the current configuration of your VM cluster.

  3. In the Configure section, make selections as needed.

    • ECPUs enabled per VM: Specify the number of ECPU cores that you want to enable for the VM cluster. The minimum value is zero. If you do not select zero ECPUs, then the minimum enabled ECPUs for each VM is eight. The maximum number of ECPUs is 200 per VM, or limited by the number of total ECPUs you have specified for the VM. The value you select must be a multiple of 4. You can open the reserve additional ECPU section to reserve additional ECPUs. The Total ECPUs enabled across VM Cluster field automatically updates as you make selections.

      Note

      Enabled ECPU can be scaled to zero after initial provisioning to temporarily shut down VMs and stop usage billing. Infrastructure billing (for Total ECPU) will continue.

    • Additional ECPUs: Expand these fields as needed.

      The read-only fields ECPUs additional reserved per VM and Total additional ECPUs reserved across VM Cluster: display the reserved ECPUs for each VM, and for the VM cluster. The number of additional ECPUs in these fields will be automatically updated as you add or remove ECPUs.

    • Total ECPUs per VM: Provide a total number of ECPUs to allocate per VM. The total must be a number between 8 and 200.

    • Memory per VM (GB): This is a read-only field. It displays amount of memory allocated to each VM. Memory is calculated based on 11 GB per total cores.

    • Total memory across VM Cluster (GB): This field automatically updates to provide you with the total amount of memory allocated across the VM cluster, based on the memory allocation per VM that you specify.

  4. VM File System Storage: Expand these fields as needed.

    • VM file system storage capacity per VM (GB): Specify storage capacity per VM in gigabytes (GB).

      Provide how much storage you want for all VM filesystems together. The VM Filesystems storage includes /u02 capacity, where your Database Homes will go, along with all of the other VM filesystems (/, /boot, /tmp, /var, /var/log, /var/log/audit, /home, swap, kdump, /u01, grid, /u02). Any extra capacity selected beyond system minimums will go into /u02.

    • Total file system storage capacity across VM Cluster: This read-only field automatically updates to display the total file system storage capacity.
    Note

    For information about reserved and enabled cores, and an overview of the ExaDB-XS architecture, see "About Exadata Database Service on Exascale Infrastructure"

To add SSH keys to a VM cluster

The VM cluster exists, and you wish to add another user which requires another SSH key.

  1. Open the navigation menu. Click Oracle AI Database, then click Oracle Exadata Database Service on Exascale Infrastructure

    The Exadata VM Clusters page is selected by default.

  2. In the list of VM clusters, find the cluster you want to manage and click its highlighted name to view the details page for the cluster.
  3. Click the Actions button and select Add SSH keys from the list.
  4. Select one of the following options:

    • Generate SSH key pair: Use this option to create a new SSH key pair. Click both Save Private Key and Save Public Key when using this option. The private key is downloaded to your local machine, and should be stored in a safe location. You cannot download another copy of the private key generated during this operation after completing the operation.

    • Upload SSH key files: Select this option to browse or drag and drop .pub files.

    • Paste SSH keys: Select this option to paste in individual public keys. To paste multiple keys, click + Another SSH Key, and supply a single key for each entry.

  5. Click Save.

To Add SSH Keys After Creating a VM Cluster

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click VM Clusters.
  3. Click the name of the VM cluster that you want to add SSH key(s).
  4. In the VM Cluster Details page, click Add SSH Keys.
  5. In the ADD SSH Keys dialog, choose any one of the methods:
    • Generate SSH key pair: Select this option if you want the Control Plane to generate public/private key pairs for you.

      Click Save Private Key and Save Public Key to download and save SSH Key pair.

    • Upload SSH key files: Select this option to upload the file that contains SSH Key pair.
    • Paste SSH keys: Select this option to paste the SSH key string.

      To provide multiple keys, click Another SSH Key. For pasted keys, ensure that each key is on a single, continuous line. The length of the combined keys cannot exceed 10,000 characters.

  6. Click Save.

To Stop, Start, or Reboot a VM Cluster Virtual Machine

Use the console to stop, start, or reboot a virtual machine.

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Choose the Region and Compartment that is associated with the VM cluster that contains the virtual machine that you want to stop, start, or reboot.
  3. Click VM Clusters.
  4. Click the name of the VM cluster that contains the virtual machine that you want to stop, start, or reboot.

    The VM Cluster Details page displays information about the selected VM cluster.

  5. In the Resources list, click Virtual Machines.

    The list of virtual machines is displayed.

  6. In the list of nodes, click the Actions icon (three dots) for a node, and then click one of the following actions:
    1. Start: Restarts a stopped node. After the node is restarted, the Stop action is enabled.
    2. Stop: Shuts down the node. After the node is stopped, the Start action is enabled.
    3. Reboot: Shuts down the node, and then restarts it.

To Check the Status of a VM Cluster Virtual Machine

Review the health status of a VM cluster virtual machine.

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Choose the Region and Compartment that is associated with the VM cluster that contains the virtual machine that you are interested in.
  3. Click VM Clusters.
  4. Click the name of the VM cluster that contains the virtual machine that you are interested in.

    The VM Cluster Details page displays information about the selected VM cluster.

  5. In the Resources list, click Virtual Machines.

    The list of virtual machines displays. For each virtual machine in the VM cluster, the name, state, and client IP address are displayed.

  6. In the node list, find the virtual machine that you are interested in and check its state.

    The color of the icon and the associated text it indicates its status.

    • Available: Green icon. The node is operational.
    • Starting: Yellow icon. The node is starting because of a start or reboot action in the Console or API.
    • Stopping: Yellow icon. The node is stopping because of a stop or reboot action in the Console or API.
    • Stopped: Yellow icon. The node is stopped.
    • Failed: Red icon. An error condition prevents the continued operation of the virtual machine.

To Create a Snapshot of Virtual Machines

Enable users to initiate self-service Virtual Machine (VM) file system snapshot.

You can mount a VM snapshot in read-only mode to access and copy files exactly as they existed at the time the snapshot was taken. This is useful when you need to restore specific configurations of your VM to a previous state—for example, recovering earlier SSH keys, and so on.

  1. Navigate to the VM Cluster main page.
  2. In the list of VM clusters, find the cluster you want to manage and click its highlighted name to view the details page for the cluster.
  3. Click the Virtual Machines tab.
  4. From the Virtual Machines table, click the name of the virtual machine for which you want to create a snapshot.
  5. Click the VM File System Snapshots tab.
  6. Click Create Snapshot.
  7. Enter a name for your snapshot, and click Create.

    When the snapshot creation is complete, the state changes from Creating to Available.

To Delete a Snapshot of Virtual Machines

Use the console to delete the snapshot of a Virtual Machine (VM).

  1. Navigate to the VM Cluster main page.
  2. In the list of VM clusters, find the cluster you want to manage and click its highlighted name to view the details page for the cluster.
  3. Click the Virtual Machines tab.
  4. From the Virtual Machines table, click the name of the virtual machine for which you want to delete a snapshot.
  5. Click the VM File System Snapshots tab.
  6. In the row corresponding to the snapshot that you want to delete, click the Action menu.
  7. Click Delete.

    Read the message and acknowledge that you want to delete the VM snapshot.

To Mount a Snapshot of Virtual Machines

Use the console to mount the snapshot of a Virtual Machine (VM) in read-only mode.

  1. Navigate to the VM Cluster main page.
  2. In the list of VM clusters, find the cluster you want to manage and click its highlighted name to view the details page for the cluster.
  3. Click the Virtual Machines tab.
  4. Click the VM File System Snapshots tab.
  5. Select the snapshot to mount and click the Action menu.
  6. Click Mount.
  7. Read the message and acknowledge that you want to mount the snapshot.

When the snapshot mount is complete, the mount point is displayed in the Resources list of the VM filesystem snapshots. You can then use this mount point to copy the files from selected VM snapshot.

Note

Snapshots are mounted as read-only filesystems.

To Unmount a Snapshot of Virtual Machines

Use the console to unmount the snapshot of a Virtual Machine (VM).

  1. Navigate to the VM Cluster main page.
  2. In the list of VM clusters, find the cluster you want to manage and click its highlighted name to view the details page for the cluster.
  3. Click the Virtual Machines tab.
  4. From the Virtual Machines table, click the name of the virtual machine for which you want to unmount a snapshot.
  5. Click the VM File System Snapshots tab.
  6. In the row corresponding to the snapshot that you want to unmount, click the Action menu.
  7. Click Unmount.
  8. Read the message and acknowledge that you want to unmount the snapshot.

To Create VM File System Snapshots for VM Cluster

Use the console to create snapshots of all the VMs in a VM Cluster.

  1. Navigate to the VM Cluster main page.
  2. In the list of VM clusters, find the cluster you want to manage and click its highlighted name to view the details page for the cluster.
  3. Click the Virtual Machines tab to view the list of Virtual Machines present in the cluster.
  4. Click Create VM file system snapshot for entire VM Cluster.
  5. Enter a name for your snapshot, and click Create.

    When the snapshot creation is complete, the state of the Virtual Machines changes from Updating to Available.

    Note

    • These snapshots are not available at the VM Cluster level, but are created synchronously for all individual Virtual Machines in the VM cluster.
    • To restore the entire cluster, you must restore each individual Virtual Machine located in the cluster. For more information, see To Mount Snapshots of Virtual Machines.

To Move a VM Cluster to Another Compartment

To change the compartment that contains your VM cluster on Oracle Exadata Database Service on Exascale Infrastructure, use this procedure.

When you move a VM cluster, the compartment change is also applied to the virtual machines and databases that are associated with the VM cluster. However, the compartment change does not affect any other associated resources, such as the Exadata infrastructure, which remains in its current compartment.

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Choose the Region and Compartment that contains the VM cluster that you want to move.
  3. Click VM Clusters.
  4. Click the name of the VM cluster that you want to move.

    The VM Cluster Details page displays information about the selected VM cluster.

  5. Click More actions, then click Move resource.
  6. In the resulting dialog, choose the new compartment for the VM cluster, and click Move.

To change the VM cluster display name

Note

This topic only applies to Oracle Exadata Database Service on Exascale Infrastructure instances using the new Oracle Exadata Database Service on Exascale Infrastructuree instance resource model.
  1. Open the navigation menu. Click Oracle AI Database, then click Oracle Exadata Database Service on Exascale Infrastructure
  2. Choose your Compartment.
  3. Click Exadata VM Clusters under Oracle Exadata Database Service on Exascale Infrastructure.

  4. In the list of Exadata VM Clusters resources, click the name of the VM Cluster you're interested in

  5. On rthe Infrastructure Details page, click More Actions and Update Display Name .
  6. In the Update Display Name dialog, Enter the New display name, and the current display name as instructed.
  7. Click Update.

Using the Console to Terminate a VM Cluster

Before you can terminate a VM cluster, you must first terminate the databases that it contains.

Terminating a VM cluster removes it from the Cloud Control Plane. In the process, the virtual machines and their contents are destroyed.
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
    The Exadata VM Clusters page is selected by default.
  2. Click the name of the VM cluster that you want to terminate.

    The VM Cluster Details page displays information about the selected VM cluster.

  3. Click Actions, and then click Terminate.
  4. In the resulting dialog:
    • Review the message about the backup retention policy
    • Enter the name of the VM cluster
    • Click Terminate to confirm the action.
    Note

    The database stays in a terminated state with backups listed until all backups are expired.

    The Exascale Vault that had been associated with the VM Cluster survives the deletion of the VM Cluster. This is because Exascale Vaults can be shared among multiple VM Clusters. If the VM Cluster you've terminated was the only one using the VM Cluster, then you should also terminate the Exascale Vault to stop billing related to the Database Storage. See Managing Exascale Database Storage Vaults for more information.

To view details about private DNS configuration

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Choose the Region that contains your Exadata infrastructure.
  3. Choose the Compartment that contains your Exadata infrastructure.
  4. Click VM Clusters.
  5. Click the name of the VM cluster that is configured with a private DNS you want to view.
  6. Under the Network section, Private DNS and Private Zone are displayed, if a private DNS is configured.
  7. Click the Private View name to edit the configuration.

Adding or Removing a VM From a VM Cluster

You can scale VM Clusters horizontally by adding or removing VMs to or from an existing VM Cluster.

Parent topic: Manage VM Clusters

Add a VM to a VM Cluster

Add a Virtual Machine to a VM Cluster

Note

  • This operation is only available with Multi-VM enabled Infrastructure.
  • To add a VM to a VM Cluster requires that all TCP ports are open for the client subnet CIDR for ingress and egress.
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.

    The Exadata VM Clusters page is selected by default.

  2. On the Exadata VM Clusters page, ensure that the compartment filter shows the compartment that contains the VM Cluster where you want to add the VM cluster, and click the name of the VM cluster to which you want to add a virtual machine.
  3. Click the Virtual Machines tab. The VM Cluster details page for the cluster is displayed.
  4. Click Add Virtual Machines.
  5. In the Add Virtual Machines dialog, click to select the number of virtual machines that you want to add.
    Note

    The VM that is added will have the same resources as the other VMs in the cluster.
Note

Add a VM to a VM Cluster is NOT supported using Terraform.

Remove a VM from a VM Cluster

To remove a virtual machine from a provisioned cluster, use this procedure.

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.

    The Exadata VM Clusters page is selected by default.

  2. On the Exadata VM Clusters page, ensure that the compartment filter shows the compartment that contains the VM Cluster where you want to remove the VM cluster, and click the name of the VM cluster to which you want to remove a virtual machine.
  3. Click the Virtual Machines tab. The VM Cluster details page for the cluster is displayed.
  4. In the Virtual Machine table, find the name of the virtual machine that you want to remove, and click the Actions menu after the last column in that row.
  5. In the Actions list, click Remove.
Note

Remove a VM from a VM Cluster is not supported using Terraform at this time.

Overview of Automatic Diagnostic Collection

By enabling diagnostics collection and notifications, Oracle Cloud Operations and you will be able to identify, investigate, track, and resolve guest VM issues quickly and effectively. Subscribe to Events to get notified about resource state changes.

  • Enable Diagnostic Events

    Allow Oracle to collect and publish critical, warning, error, and information events to you. For more information, see Database Service Events.

  • Enable Health Monitoring

    Allow Oracle to collect health metrics/events such as Oracle Database up/down, disk space usage, and so on, and share them with Oracle Cloud operations. You will also receive notification of some events. For more information, see Health Metrics.

  • Enable Incident Logs and Trace Collection

    Allow Oracle to collect incident logs and traces to enable fault diagnosis and issue resolution. For more information, see Incident Logs and Trace Files.

Diagnostics Collection is:

  • Enabled: When you choose to collect diagnostics, health metrics, incident logs, and trace files (all three options).
  • Disabled: When you choose not to collect diagnostics, health metrics, incident logs, and trace files (all three options).
  • Partially Enabled: When you choose to collect diagnostics, health metrics, incident logs, and trace files (one or two options).

Disabling diagnostic events and health monitoring will only stop the collection and notification of data/events from the time you uncheck the checkboxes tied to the options. However, historical data will not be purged from Oracle Cloud Operations data repositories.

Parent topic: Manage VM Clusters

Incident Logs and Trace Files

This section lists all of the files that can be collected by Oracle Support if you opt-in for incident logs and trace collection.

Note

  • Oracle will create a service request (SR) against the infrastructure Customer Support Identifier (CSI) when an issue is detected and needs customer interaction to resolve.
  • The customer's Oralce Cloud Infrastructure tenancy admin email will be used as the CSI contact to create SR and attach logs to it. Ensure tenancy admin is added as a CSI contact in My Oracle Support (MOS).

Oracle Trace File Analyze (TFA) Component Driven Logs Collections

The directories are generally assigned to a component and that component can then be used to guide TFA to the files it needs to collect, for example, requesting the CRS component would tell TFA to look at directories mapped to the CRS component and find files that match the required collection time frame.

Note

If have previously opted in for incident log and trace file collection and decide to opt out when Oracle Cloud operations run a log collection job, then the job will run its course and will not cancel. Future log collections won't happen until you opt-in again to the incident logs and trace file collection option.

TFA is shipped with scripts that run when a particular component is requested, for example, for CRS component, crscollect.pl will run a number of crsctl commands and gather the input. By default, TFA does not redact collected logs.

Table 5-1 Oracle Trace File Analyze (TFA) Component Driven Logs Collections

Component Script Files/Directories

OS: Operating system logs

oscollect.pl
  • /var/log/messages
  • OSWatcher archive
  • Exadata Only: ExaWatcher archive

    /opt/oracle.ExaWatcher/archive/

CRS: Grid Infrastructure and cluster logs

crscollect.pl
  • /etc/oracle
  • GIHOME/crf/db/HOSTNAME1
  • GIHOME/crs/log
  • GIHOME/css/log
  • GIHOME/cv/log
  • GIHOME/evm/admin/log
  • GIHOME/evm/admin/logger
  • GIHOME/evm/log
  • GIHOME/log/-/client
  • GIHOME/log/HOSTNAME1
  • GIHOME/log/HOSTNAME1/admin
  • GIHOME/log/HOSTNAME1/client
  • GIHOME/log/HOSTNAME1/crflogd
  • GIHOME/log/HOSTNAME1/crfmond
  • GIHOME/log/HOSTNAME1/crsd
  • GIHOME/log/HOSTNAME1/cssd
  • GIHOME/log/HOSTNAME1/ctssd
  • GIHOME/log/HOSTNAME1/diskmon
  • GIHOME/log/HOSTNAME1/evmd
  • GIHOME/log/HOSTNAME1/gipcd
  • GIHOME/log/HOSTNAME1/gnsd
  • GIHOME/log/HOSTNAME1/gpnpd
  • GIHOME/log/HOSTNAME1/mdnsd
  • GIHOME/log/HOSTNAME1/ohasd
  • GIHOME/log/HOSTNAME1/racg
  • GIHOME/log/HOSTNAME1/srvm
  • GIHOME/log/HOSTNAME1/xag
  • GIHOME/log/diag/asmtool
  • GIHOME/log/diag/clients
  • GIHOME/log/procwatcher/PRW_SYS_HOSTNAME1
  • GIHOME/network/log
  • GIHOME/opmn/logs
  • GIHOME/racg/log
  • GIHOME/scheduler/log
  • GIHOME/srvm/log
  • GRIDBASE/crsdata/@global/cvu
  • GRIDBASE/crsdata/HOSTNAME1/core
  • GRIDBASE/crsdata/HOSTNAME1/crsconfig
  • GRIDBASE/crsdata/HOSTNAME1/crsdiag
  • GRIDBASE/crsdata/HOSTNAME1/cvu
  • GRIDBASE/crsdata/HOSTNAME1/evm
  • GRIDBASE/crsdata/HOSTNAME1/output
  • GRIDBASE/crsdata/HOSTNAME1/ovmmwallets
  • GRIDBASE/crsdata/HOSTNAME1/scripts
  • GRIDBASE/crsdata/HOSTNAME1/trace
  • GRIDBASE/diag/crs/-/crs/cdump
  • GRIDBASE/diag/crs/HOSTNAME1/crs/cdump
  • GRIDBASE/diag/crs/HOSTNAME1/crs/incident
  • GRIDBASE/diag/crs/HOSTNAME1/crs/trace

Database: Oracle Database logs

No DB Specific Script - runs opatch lsinventory for the ORACLE_HOME the DB runs from TFA will run ipspack based on the time range for certain DB incidents.

  • ORACLE_BASE/diag/rdbms/<dbname>/<instance_name>/cdump
  • ORACLE_BASE/diag/rdbms/<dbname>/<instance_name>/trace
  • ORACLE_BASE/diag/rdbms/<dbname>/<instance_name>/incident

Cloud Tool Logs

  • Creg files: /var/opt/oracle/creg/*.ini files with masked sensitive info
  • Cstate file: /var/opt/oracle/cstate.xml

  • Database related tooling logs:

    If dbName specified, /var/opt/oracle/log/<dbName>, else collect logs for all databases /var/opt/oracle/log/

    If dbName specified, /var/opt/oracle/dbaas_acfs/log/<dbName>, else collect logs for all databases /var/opt/oracle/log/<dbName>

  • Database env files: If dbName specified, /home/oracle/<dbName>.env, else collect logs for all databases /home/oracle/*.env
  • Pilot logs: /home/opc/.pilotBase/logs
  • List of log directories:
    • /var/opt/oracle/log
    • /var/opt/oracle/dbaas_acfs/log
    • /var/opt/oracle/dbaas_acfs/dbsystem_details
    • /var/opt/oracle/dbaas_acfs/job_manager
    • /opt/oracle/dcs/log

DCS Agent Logs

  • /opt/oracle/dcs/log/

Tooling-Related Grid Infrastructure/Database Logs

  • Grid Infrastructure: GI_HOME/cfgtoollogs
  • Database alertlog: /u02/app/oracle/diag/rdbms/*/*/alert*.log

Parent topic: Manage VM Clusters

Health Metrics

Review the list of database and non-database health metrics collected by Oracle Trace File Analyzer.

Note

Oracle may add more metrics in the future, but if you have already chosen to collect metrics, you need not update your opt-in value. It will remain enabled/disabled based on your current preference.

Guest VM Health Metrics List - Database Metrics

Table 5-2 Guest VM Health Metrics List - Database Metrics

Metric Name Metric Display Name Unit Aggregation Interval Collection Frequency Description

CpuUtilization

CPU Utilization

Percentage

Mean

One minute

Five minutes

The CPU utilization is expressed as a percentage, which is aggregated across all consumer groups. The utilization percentage is reported with respect to the number of CPUs the database is allowed to use, which is two times the number of ECPUs.

StorageUtilization

Storage Utilization

Percentage

Mean

One hour

One hout

The percentage of provisioned storage capacity currently in use. Represents the total allocated space for all tablespaces.

BlockChanges

DB Block Changes

Changes per second

Mean

One minute

Five minutes

The Average number of blocks changed per second.

ExecuteCount

Execute Count

Count

Sum

One minute

Five minutes

The number of user and recursive calls that executed SQL statements during the selected interval.

CurrentLogons

Current Logons

Count

Sum

One minute

Five minutes

 The number of successful logons during the selected interval.

TransactionCount

Transaction Count

Count

Sum

One minute

Five minutes

The combined number of user commits and user rollbacks during the selected interval.

UserCalls

User Calls

Count

Sum

One minute

Five minutes

The combined number of logons, parses, and execute calls during the selected interval.

ParseCount

Parse Count

Count

Sum

One minute

Five minutes

The number of hard and soft parses during the selected interval.

StorageUsed

Storage Space Used

GB

Max

One hour

One hour

Total amount of storage space used by the database at the collection time.

StorageAllocated

Storage Space Allocated

GB

Max

One hour

One hour

Total amount of storage space allocated to the database at the collection time.

StorageUsedByTablespace

Storage Space Used By Tablespace

GB

Max

One hour

One hour

Total amount of storage space used by tablespace at the collection time. In the case of container databases, this metric provides root container tablespaces.

StorageAllocatedByTablespace

Allocated Storage Space By Tablespace

GB

Max

One hour

One hour

Total amount of storage space allocated to the tablespace at the collection time. In the case of container databases, this metric provides root container tablespaces.

StorageUtilizationByTablespace

Storage Space Utilization By Tablespace

Percentage

Mean

One hour

One hour

This indicates the percentage of storage space utilized by the tablespace at the collection time. In the case of container databases, this metric provides root container tablespaces.

Guest VM Health Metrics List - Non-Database Metrics

Table 5-3 Guest VM Health Metrics List - Non-Database Metrics

Metric Name Metric Display Name Unit Aggregation Collection Frequency Description

FilesystemUtilization

Filesystem Utilization

Percentage

Max

One minute

Percent utilization of provisioned filesystem.

CpuUtilization

CPU Utilization

Percentage

Mean

One minute

Percent CPU utilization.

MemoryUtilization

Memory Utilization

Percentage

Mean

One minute

Percentage of memory available for starting new applications, without swapping. The available memory can be obtained via the following command: cat /proc/meminfo.

SwapUtilization

Swap Utilization

Percentage

Mean

One minute

Percent utilization of total swap space.

LoadAverage

Load Average

Number

Mean

One minute

System load average over 5 minutes.

NodeStatus

Node Status

Integer

Mean

One minute

Indicates whether the host is reachable.

Parent topic: Manage VM Clusters

Using the API to Manage Oracle Exadata Database Service on Exascale Infrastructure Instance

Use these API operations to manage Exadata Cloud Infrastructure virtual machines (VMs) and databases on Oracle Exadata Database Service on Exascale Infrastructure (ExaDB-XS).

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these API operations to manage Oracle Exadata Database Service on Exascale Infrastructure instance components.

Exascale Database Storage Vault resource

Exadata VM cluster

Parent topic: Manage VM Clusters

Troubleshooting Virtual Machines Using Console Connections

You can troubleshoot malfunctioning virtual machines using console connections. For example, a previously working Guest VM stops responding.

Note

Exadata System Software 23.1.13 is the minimum required version. Also, make sure to review all prerequisites stated below, including setting a password for either the opc or the root user. Failure to make necessary changes to meet these requirements in advance will result in the inability to urgently connect to the serial console when the need arises when the VM is not otherwise accessible.

To connect to a running instance for administration and general use, use a Secure Shell (SSH). For more information, see Connecting to a Virtual Machine with SSH.

To make an SSH connection to the serial console, follow these configuration steps.

  1. Ensure that you have the correct permissions.
  2. Complete the prerequisites, including creating your SSH key pair (in case you don't have one yet).
  3. Create the Virtual Machine Serial Console.
  4. Connect to the serial console via SSH.

To check the DB server version installed, follow these steps:

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Choose your Compartment.
  3. Click Exadata Infrastructure under Oracle Exadata Database Service on Exascale Infrastructure.
  4. Click the name of the infrastructure that you are interested in.
  5. In the resulting Infrastructure Details page, go to the Version section to find the DB Server version installed.

Parent topic: Manage VM Clusters

Required IAM Policies

An administrator must grant you secure access to the virtual machine console on the Oracle Exadata Database Service on Exascale Infrastructure system through an IAM policy.

This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tools. If you get a message that you don’t have permission or are unauthorized, verify with your administrator what type of access you have and which compartment to work in.

To create virtual machine console connections, an administrator needs to grant user access to read and manage virtual machine console connections through an IAM policy. The resource name for virtual machine console connections is dbnode-console-connection. The resource name for the virtual machine is db-nodes. The following policies grant users the ability to create virtual machine console connections: 

Allow group <group_name> to manage dbnode-console-connection in tenancy
Allow group <group_name> to read db-nodes in tenancy

Prerequisites

You must install an SSH client and create SSH key pairs.

Install an SSH Client and a Command-line Shell (Microsoft Windows)

Microsoft Windows does not include an SSH client by default. If you are connecting from a Windows client, you need to install an SSH client. You can use PuTTY plink.exe with Windows PowerShell or software that includes a version of OpenSSH such as:

The instructions in this topic frequently use PuTTY and Windows PowerShell.

If you want to make the console connection from Windows with Windows PowerShell, PowerShell might already be installed on your Windows operating system. If not, follow the steps at the link. If you are connecting to the instance from a Windows client using PowerShell, plink.exe is required. plink.exe is the command link connection tool included with PuTTY. You can install PuTTY or install plink.exe separately. For installation information, see https://www.putty.org.

Create SSH Key Pairs

To create the secure console connection, you need an SSH key pair. The method to use for creating key pairs depends on your operating system. When connecting to the serial console, you must use an RSA key. The instructions in this section show how to create an RSA SSH key pair.

Create the SSH key Pair for Linux

If you're using a UNIX-style system, you probably already have the ssh-keygen utility installed. To determine whether the utility is installed, type ssh-keygen on the command line. If the utility isn't installed, you can download OpenSSH for UNIX from https://www.openssh.com/portable.html and install it.

  1. Open a shell or terminal for entering the commands.
  2. At the prompt, enter ssh-keygen and provide a name for the key when prompted. Optionally, include a passphrase.

    The keys will be created with the default values: RSA keys of 2048 bits.

    Alternatively, you can type a complete ssh-keygen command, for example:
    ssh-keygen -t rsa -N "" -b 2048 -C "<key_name>" -f <path/root_name>
    Argument Description
    -t rsa Use the RSA algorithm.
    -N "<passphrase>" A passphrase to protect the use of the key (like a password). If you don't want to set a passphrase, don't enter anything between the quotes.

    A passphrase is not required. You can specify one as a security measure to protect the private key from unauthorized use. If you specify a passphrase, when you connect to the instance you must provide the passphrase, which typically makes it harder to automate connecting to an instance.
    -b 2048 Generate a 2048-bit key. You don't have to set this if 2048 is acceptable, as 2048 is the default.

    A minimum of 2048 bits is recommended for SSH-2 RSA.
    -C "<key_name>" A name to identify the key.
    -f <path/root_name> The location where the key pair will be saved and the root name for the files.

Create the SSH Key Pair for Windows Using PuTTY

If you are using a Windows client to connect to the instance console connection, use an SSH key pair generated by PuTTY.

Note

Ensure that you are using the latest version of PuTTY. See https://www.putty.org.

  1. Find puttygen.exe in the PuTTY folder on your computer, for example, C:\Program Files (x86)\PuTTY. Double-click puttygen.exe to open it.
  2. Specify a key type of SSH-2 RSA and a key size of 2048 bits:
    • In the Key menu, confirm that the default value of SSH-2 RSA key is selected.
    • For the Type of key to generate, accept the default key type of RSA.
    • Set the Number of bits in a generated key to 2048 if not already set.
  3. Click Generate.
  4. To generate random data in the key, move your mouse around the blank area in the PuTTY window.

    When the key is generated, it appears under Public key for pasting into OpenSSH authorized_keys file.

  5. A Key comment is generated for you, including the date and timestamp. You can keep the default comment or replace it with your own more descriptive comment.
  6. Leave the Key passphrase field blank.
  7. Click Save private key, and then click Yes in the prompt about saving the key without a passphrase.

    The key pair is saved in the PuTTY Private Key (PPK) format, which is a proprietary format that works only with the PuTTY tool set.

    You can name the key anything you want but use the ppk file extension. For example, mykey.ppk.

  8. Select all of the generated keys that appear under Public key for pasting into OpenSSH authorized_keys file, copy it using Ctrl + C, paste it into a text file, and then save the file in the same location as the private key.
    Note

    Do not use the Save public key option because it does not save the key in the OpenSSH format.

    You can name the key anything you want, but for consistency, use the same name as the private key and a file extension of pub. For example: mykey.pub.

  9. Write down the names and locations of your public and private key files. You need the public key when creating an instance console connection. You need the private key to connect to the instance console connection using PuTTY. For example: $HOME\Documents\mykey.ppk.

To create a connection using the SSH key pair generated using PuTTY

For more information about generating SSH key pairs, see Create the SSH Key Pair for Windows Using PuTTY

Do the following on the Create serial console access window:

  1. Paste the SSH Key generated from OpenSSH format or choose Upload SSH key file and provide the path of the public key saved at step 8 in Create the SSH Key Pair for Windows Using PuTTY.
  2. Once the connection is Active, click Copy serial console connection for Windows.
  3. Paste the connection string copied from the previous step into a text file.
  4. In the text file, replace <PATH_FILE_PUTTY_PRIVATE.ppk> to point to your PuTTY Private Key (PPK) file path on your computer. For example, if you have saved .ppk file at $HOME\Documents\mykey.ppk.
  5. Paste the modified connection string into the PowerShell window, and then press Enter to connect to the console.

Sign in to a Virtual Machine From the Serial Console

If you want to sign in to a virtual machine using a virtual machine console connection, you can use Secure Shell (SSH) connection to sign in. If you want to sign in with a username and password, you need a user account with a password. Oracle Exadata Cloud does not set a default password for the opc or root users. Therefore, if you want to sign in as the opc or root user, you need to create a password for the opc or root user. Otherwise, add a different user with a password and sign in as that user. This should be completed in advance, before a potential situation that might require you to log in to the serial console.

Connect Through Firewalls

If the client you will use to access the serial console is behind a firewall, you must ensure that this client can reach the required endpoint to access the serial console of the virtual machine. The client system connecting to the serial console must be able to reach the serial console server (for example, vm-console-ad1.exacs.us-ashburn-1.oci.oraclecloud.com) over SSH using port 443, directly or through a proxy.

Create the Virtual Machine Serial Console Connection

Before you can make a local connection to the serial console, you need to create the virtual machine console connection.

Virtual machine console connections are limited to one client at a time. If the client fails, the connection remains active for approximately five minutes. During this time, no other client can connect. After five minutes, the connection is closed, and a new client can connect. During the five-minute timeout, any attempt to connect a new client fails with the following message:
channel 0: open failed: administratively prohibited: console access is limited to one connection at a time
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click the VM Cluster that you're interested in.
  3. In the resulting VM Cluster Details page, click the name of the virtual machine that you're interested in.

    Under Resources, Console connections is selected by default.

  4. Click Create console connection.
  5. In the resulting Create serial console access window, you have three options for adding the SSH key
    • Generate a key pair for me: You can have Oracle Cloud Infrastructure generate an SSH key pair to use. If you are using PowerShell or PuTTY to connect to the instance from a Windows client, you cannot use the generated SSH key pair without first converting it to a .ppk file.
    • Upload public key file: Browse to a public key file on your computer. If you followed the steps in Creating SSH Key Pairs in the Prerequisites section to create a key pair, use this option to navigate to the .pub file.
    • Paste public key: Paste the content of your public key file into the text box.
  6. Click Create console connection.

    When the console connection has been created and is available, the state changes to Active.

Make an SSH Connection to the Serial Console

After you create the console connection for the virtual machine, you can connect to the serial console using a Secure Shell (SSH) connection. When making an SSH connection to the serial console, you must use an RSA key. You can use the same SSH key for the serial console that was used when you launched the instance, or you can use a different SSH key.

When you are finished with the serial console and have terminated the SSH connection, you should delete the serial console connection. If you do not disconnect from the session, Oracle Cloud Infrastructure terminates the serial console session after 24 hours and you must reauthenticate to connect again.

Validate Server Host Keys

When you first connect to the serial console, you're prompted to validate the fingerprint of the server host key. The fingerprint of the server host key is the SHA256 hash of the server host's public SSH key. The server SSH handshake response is signed with the associated private key. Validating the server host key's fingerprint protects against potential attacks.

When you make a manual connection to the serial console, the fingerprint of the server host key is not automatically validated. To manually validate the fingerprint, compare the fingerprint value displayed in the Oracle Cloud Infrastructure Console to the value of the RSA key fingerprint that appears in the terminal when you connect.

To find the fingerprint of the server host key in the Console, on the Virtual Machine details page, under Resources, click Console connection. The table displays the fingerprint of the server host key. The fingerprint in the Console should match the value of the RSA key fingerprint shown in the terminal when you connect to the serial console.

The server host keys are periodically rotated for security purposes. Key rotation reduces the risk posed when keys are compromised by limiting the amount of data encrypted or signed by one key version. When your key is rotated and you try to connect to the serial console, a warning appears indicating a potential attack. The warning includes an Host key verification failed error and a line number in your .ssh/known_hosts file. Delete that line in your .ssh/known_hosts file and then reconnect to the serial console. You are then prompted to accept a new server host key fingerprint.

Connect from Mac OS X and Linux Operating Systems

Use an SSH client to connect to the serial console. Mac OS X and most Linux and UNIX-like operating systems include the SSH client OpenSSH by default.

To connect to the serial console using OpenSSH on Mac OS X or Linux:

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click the VM Cluster that you're interested in.
  3. In the resulting VM Cluster Details page, click the name of the virtual machine that you're interested in.
  4. On the Virtual Machine details page in the Oracle Cloud Infrastructure Console, under Resources, click Console connection.
  5. Click the Actions menu (three dots), and then click Copy serial console connection for Linux/Mac.
  6. Paste the connection string into a terminal window on a Mac OS X or Linux system, and then press Enter to connect to the console.

    If you are not using the default SSH key or ssh-agent, modify the serial console connection string to include the identity file flag, -i to specify the private key portion for the SSH key to use, for example, id_rsa. Specify this flag for both the SSH connection and the SSH Proxy Command, as shown in the following line: 

    ssh -i /<path>/<ssh_key> -o ProxyCommand='ssh -i /<path>/<ssh_key> -W %h:%p -p 443...
  7. If prompted, validate and accept the fingerprint of the server host key.

    If you have previously accepted a fingerprint for the server host key but the key has been rotated, a warning appears indicating a potential attack. The warning includes an Host key verification failed error and a line number in your .ssh/known_hosts file. Delete the specified line in your .ssh/known_hosts file and then reconnect to the serial console. Validate and accept the new server host key fingerprint.

  8. Press Enter again to activate the console.

    If the connection is active, a message appears in the console:

    =================================================
IMPORTANT: You are now connected to the serial console for this VM. This should be used in emergency situations only.
See product documentation for more details and alternative connectivity options for normal operations
=================================================
  9. Reboot your virtual machine.

    You do not need to enter a user name or password. If the Virtual Machine is functional and the connection is active, the serial output appears in your console. If the serial output does not appear in the console, the Guest VM operating system is not booting.

    For more troubleshooting options, see Troubleshooting Virtual Machines from Guest VM Console Connections on Linux Operating Systems.

    1. Go to the ExaDB-XS VM Cluster Details page.
    2. Under Resources, click Virtual Machines.
    3. Select Reboot from the Actions menu (three dots) for the virtual machine that you want to reboot.

Connect from Windows Operating Systems

The steps to connect to the serial console from Microsoft Windows PowerShell are different from the steps for OpenSSH. The following steps do not work in the Windows terminal.

If you are connecting to the instance from a Windows client using PowerShell, plink.exe is required. plink.exe is the command link connection tool included with PuTTY. You can install PuTTY or install plink.exe separately. For more information, see Installing an SSH Client and a Command-line Shell (Windows).

To connect to the serial console on Microsoft Windows:

  1. On the Virtual Machine details page in the Oracle Cloud Infrastructure Console, under Resources, click Console connection.
  2. Click the Actions menu (three dots).

    Depending on which SSH client you are using, do one of the following:

    • If you are using Windows PowerShell, click Copy serial console connection for Windows.
    • If you are using OpenSSH, click Copy serial console connection for Linux/Mac.
    Note

    The copied connection string for Windows contains the parameter -i specifying the location of the private key file. The default value for this parameter in the connection string references an environment variable that might not be configured on your Windows client, or it might not represent the location where the private key file is saved. Verify the value specified for the -i parameter and make any required changes before proceeding to the next step.
  3. Paste the connection string copied from the previous step into a text file so that you can add the file path to the private key file.
  4. In the text file, replace $env:homedrive$env:homepath\oci\console.ppk with the file path to the .ppk file on your computer. This file path appears twice in the string. Replace it in both locations.
    Note

    For PuTTY versions 0.82 and above, add parameter -legacy-stdio-prompts to the first call to plink.
  5. Paste the modified connection string into the PowerShell window or your OpenSSH client, and then press Enter to connect to the console.
  6. If prompted, validate and accept the fingerprint of the server host key.

    If you have previously accepted a fingerprint for the server host key, but the key has been rotated, a warning appears indicating a potential attack. The warning includes a Host key verification failed error and a line number in your .ssh/known_hosts file. Delete the specified line in your .ssh/known_hosts file and then reconnect to the serial console. Validate and accept the new server host key fingerprint.

  7. Press Enter again to activate the console.
  8. Reboot your virtual machine.

    You do not need to enter a user name or password. If the Virtual Machine is functional and the connection is active, the serial output appears in your console. If the serial output does not appear in the console, the Guest VM operating system is not booting.

    For more troubleshooting options, see Troubleshooting Virtual Machines from Guest VM Console Connections.

    1. Go to the ExaDB-XS VM Cluster Details page.
    2. Under Resources, click Virtual Machines.
    3. Select Reboot from the Actions menu (three dots) for the virtual machine that you want to reboot.

To create a connection using the SSH key pair generated using the OCI Console:

Do the following on the Create serial console access window:

  1. Click Generate a key pair for me.
  2. Click Save Private Key.
  3. Click Create console connection.
    Note

    Ensure that you are using the latest version of PuTTY, see http://www.putty.org.
  4. Find puttygen.exe in the PuTTY folder on your computer, for example, C:\Program Files (x86)\PuTTY. Double-click puttygen.exe to open it.
  5. On the PuTTY Key Generator, click the Conversions menu and then click Import.
  6. On the Windows Explorer, select OCI Console generated SSH key (step 1) and then click Open.

    PuTTY imports the key and displays information about the key on the PuTTY Key Generator window.

  7. Click Save private key.
  8. Click Yes when prompted about saving the key without a passphrase.

    The key pair is saved in the PuTTY Private Key (PPK) format, which is the proprietary format that works only with the PuTTY tool set.

    You can name the key anything you want but use the .ppk file extension. For example, $HOME\Desktop\key-vm-console.ppk.

  9. Use a text editor to change the command to point to your PuTTY Private Key (PPK) path. Replace <PATH_FILE_PUTTY_PRIVATE.ppk> to point to your PuTTY Private Key (PPK) file path on your computer. For example, if you have saved .ppk file at $HOME\Desktop\key-vm-console.ppk.
  10. Paste the modified connection string into the PowerShell window, and then press Enter to connect to the console.

To convert a generated .key private key file:

  1. Open PuTTYgen.
  2. Click Load, and select the private key generated when you created the instance.

    The extension for the key file is .key.

  3. Click Save private key.
  4. Specify a name for the key.

    The extension for the new private key is .ppk.

  5. Click Save.

Using Cloud Shell to Connect to the Serial Console

You can connect to the serial console quickly and easily using the Cloud Shell integration. Cloud Shell is a web browser-based terminal accessible from the Console. The Cloud Shell integration automatically creates the instance console connection and a temporary SSH key. The only prerequisite for connecting to the serial console from Cloud Shell is granting users the correct permissions. For an introductory walkthrough of using Cloud Shell, see Using Cloud Shell.

Note

  • By default, Cloud Shell limits network access to OCI internal resources in your tenancy home region only unless you have enabled the Cloud Shell managed Public Network. Your administrator must configure an Identity policy to enable Cloud Shell Public Network. For more information, see Cloud Shell Networking.
  • You cannot concurrently connect to more than one DB node using Cloud Shell. As an example, if you have an open connection to DBnode1 and want to connect to DBnode2, you must first exit the active Cloud Shell from DBnode1 and then establish a connection to DBnode2.

When you are finished with the serial console and have terminated the SSH connection, you should delete the serial console connection. If you do not disconnect from the session, Oracle Cloud Infrastructure terminates the serial console session after 24 hours and you must re-authenticate to connect again.

To connect to the serial console using Cloud Shell
  1. Sign in to the Console.
  2. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  3. On the instance details page in the Oracle Cloud Infrastructure Console, under Resources, click Console connection.
  4. Click Launch Cloud Shell connection.

    This action displays the Cloud Shell in a "drawer" at the bottom of the Console.

  5. If a console connection already exists, you are asked if you want to delete the existing resource. Press y, and then press Enter.
  6. When you are done, exit the instance console connection.

Displaying the Console History for a Virtual Machine

You can capture and display recent serial console data for a Virtual Machine. The data includes configuration messages that occur when the Virtual Machine boots, such as kernel and BIOS messages, and is useful for checking the status of the Virtual Machine or diagnosing and troubleshooting problems.

The console history captures up to a megabyte of the most recent serial console data for the specified Virtual Machine. Note that the raw console data, including multi-byte characters, is captured.

The console history is a point-in-time record. To troubleshoot a malfunctioning Virtual Machine using an interactive console connection, use a serial console connection.

Managing Console History Data

You can use the Console or API to manage console history captures. Console history lets you see serial output from your Virtual Machine without having to connect to the instance remotely. The console history can be used to audit previous access and actions taken with the serial console.

On the instance details page in the Console, you can capture and download console histories, view and edit metadata details, and delete console history captures.

Using the Console to Capture the Console History
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click the VM Cluster that you're interested in.
  3. On the resulting VM Cluster Details page, click the name of the virtual machine that you're interested in.

    Under Resources, Console connection is selected by default.

  4. Click Console history.
  5. Click the name of the history that you're interested in.
  6. On the resulting window, click Download to download a copy of the console history.
  7. Click Save and close to save the history and close the window.
Using the Console to Download Console History Captures
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click the VM Cluster that you're interested in.
  3. On the resulting VM Cluster Details page, click the name of the virtual machine that you're interested in.

    Under Resources, Console connection is selected by default.

  4. Click Console history.
  5. Click the name of the history that you're interested in.
  6. On the resulting window, click Download to download a copy of the console history.
Using the Console to View Console History Captures
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click the VM Cluster that you're interested in.
  3. On the resulting VM Cluster Details page, click the name of the virtual machine that you're interested in.

    Under Resources, Console connection is selected by default.

  4. Click Console history.
  5. Click the name of the history that you're interested in.
  6. On the console history list, for the console history capture that you want to view, click the Actions menu, and then click View details.
Using the Console to View and Edit the Metadata Details of a Console History Capture
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click the VM Cluster that you're interested in.
  3. On the resulting VM Cluster Details page, click the name of the virtual machine that you're interested in.

    Under Resources, Console connection is selected by default.

  4. Click Console history.
  5. On the console history list, for the console history capture that you want to view, click the Actions menu, and then click View details.
  6. Optionally, edit the name for the console history. Avoid entering confidential information.
  7. To view or edit tags, click Show tagging options.
  8. To edit or remove tags, click the edit icon next to the tag. To edit a tag, in the Edit Tag dialog, make any changes, and then click Save. To remove a tag, click Remove Tag.
  9. Click Save and close.
Using the Console to Delete Console History Captures
  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click the VM Cluster that you're interested in.
  3. On the resulting VM Cluster Details page, click the name of the virtual machine that you're interested in.

    Under Resources, Console connection is selected by default.

  4. Click Console history.
  5. On the console history list, for the console history capture that you want to view, click the Actions menu, and then click Delete.
  6. On the confirmation dialog, click Delete console history.
Using the API to Manage the Console History Data

Review the list of API calls to manage console history data.

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

For the complete list of APIs, see Database Service API.

Use the following API operations to manage the console history data.

  • To capture the console history, use the createDbNodeConsoleHistory method.
  • To get details of console history metadata, use the getDbNodeConsoleHistory method.
  • To get the details of console history content, use the getDbNodeConsoleHistoryContent method.
  • To edit console history metadata, use the updateDbNodeConsoleHistory method.
  • To list console history captures, use the listDbNodeConsoleHistories method.
  • To delete console history captures, use the deleteDbNodeConsoleHistory method.
Troubleshooting Virtual Machines from Guest VM Console Connections on Linux Operating Systems

After you are connected with an instance console connection, you can perform various tasks, such as:

  • Edit system configuration files.
  • Add or reset the SSH keys for the opc user.
  • Reset the password for the opc user.

These tasks require you to boot into a Bash shell in maintenance mode.

To boot into maintenance mode

Note

Default user and password:

  • Account: Grub boot loader
  • Username: root
  • Default Password: sos1Exadata
  • Account Type: Operating system user

For more information, see Default User Accounts for Oracle Exadata.

  1. Reboot the VM from the VM Cluster.
  2. For virtual machines running Oracle Linux 7.x or Oracle Linux 8.x, when the reboot process starts, switch back to the terminal window, and you see Console messages start to appear in the window. As soon as the GRUB boot menu appears, use the up/down arrow key to stop the automatic boot process, enabling you to use the boot menu.
  3. In the boot menu, highlight the top item in the menu, and press e to edit the boot entry.
  4. In edit mode, use the down arrow key to scroll down through the entries until you reach the line that starts with linux16.
  5. At the end of that line, add the following:
    init=/bin/bash
  6. Reboot the instance from the terminal window by entering the keyboard shortcut CTRL+X.

    When the instance has rebooted, you see the Bash shell command-line prompt, and you can proceed with the following procedures.

To edit the system configuration files

  1. From the Bash shell, run the following command to load the SElinux policies to preserve the context of the files you are modifying:
    /usr/sbin/load_policy -i
  2. Run the following command to remount the root partition with read/write permissions:
    /bin/mount -o remount, rw /
  3. Edit the configuration files as needed to try to recover the instance.
  4. After you have finished editing the configuration files, to start the instance from the existing shell, run the following command:
    exec /usr/lib/systemd/systemd
    Alternatively, to reboot the instance, run the following command:
    /usr/sbin/reboot -f

To add or reset the SSH key for the opc user

  1. From the Bash shell, run the following command to load the SElinux policies to preserve the context of the files you are modifying:
    /usr/sbin/load_policy -i
  2. Run the following command to remount the root partition with read/write permissions:
    /bin/mount -o remount, rw /
  3. From the Bash shell, run the following command to change to the SSH key directory for the opc user: cd ~opc/.ssh
  4. Include your public key entry to the authorized_keys file.
    Note

    You can edit the file and remove your previous key if you want to. However, make sure to keep the cloud automation keys to prevent cloud automation from breaking.
    echo '<contents of public key file>' >> authorized_keys
  5. Restart the instance by running the following command:
    /usr/sbin/reboot -f

To reset the password for the opc user

  1. From the Bash shell, run the following command to load the SElinux policies to preserve the context of the files you are modifying.

    This step is necessary to sign in to your instance using SSH and the Console.

    /usr/sbin/load_policy -i
  2. Run the following command to remount the root partition with read/write permissions:
    /bin/mount -o remount, rw /
  3. Run the following command to reset the password for the opc user:
    sudo passwd opc
  4. Restart the instance by running the following command:
    sudo reboot -f
    Note

    Setting a root password would be an acceptable alternative to setting an opc password.
Exiting the Virtual Machine Serial Console Connection

To exit the serial console connection

When using SSH, the ~ character at the beginning of a new line is used as an escape character.

  1. To exit the serial console, enter:
    ~.
  2. To suspend the SSH session, enter:
    ~^z

    The ^ character represents the CTRL key.

  3. To see all the SSH escape commands, enter:
    ~?

To delete the serial console connection for a Virtual Machine

  1. Open the navigation menu. Under Oracle AI Database, click Oracle Exadata Database Service on Exascale Infrastructure.
  2. Click the VM Cluster that you're interested in.
  3. In the resulting VM Cluster Details page, click the name of the virtual machine that you're interested in.

    Under Resources, Console connection is selected by default.

  4. Click the Actions menu, and then click Delete. Confirm when prompted.