Wednesday 3 January 2018

Step 6 - Oracle DBCS : Enable Access To A Compute Node Port

Oracle Database Cloud Service uses access rules to provide secure network access to database deployments. You can use the Oracle Database Cloud Service console to perform network access operations such as enabling and disabling access rules and creating new access rules. 

Network access to the compute nodes associated with Oracle Database Cloud Service is primarily provided by SSH connections on port 22. When you access a compute node using SSH, you must provide the private key that matches the public key associated with database deployment. To access other network protocols and services may require additional configuration.

The following rules are created when a database deployment is created. They are set to disabled by default:

  • ora_p2_ssh: Controls access to port 22 and this port is used by SSH client to connect to the compute node. 
  • ora_p2_dbconsole: Controls access to port 1158 and this port is used by Enterprise Manager 11g Database Control.
  • ora_p2_dbexpress: Controls access to port 5500 and this port is used by Enterprise Manager Database Express 12c.
  • ora_p2_dblistener: Controls access to port 1521 and this port is used by SQL*Net.
  • ora_p2_http: Controls access to port 80 and this port is used for HTTP connections.
  • ora_p2_httpssl: Controls access to port 443 and this port is used for HTTPS connections, including Oracle REST Data Services (ORDS), Oracle Application Express (APEX), and Oracle DBaaS Monitor.

To access network protocols and services on a compute node by using a port other than port 22, require additional configuration:
  • Enable network access to the port: Use the Oracle Database Cloud Service console to enable access to a port on a compute node
  • Create an SSH tunnel to the port: Create SSH tunnel enables you to access a specific compute node port by using an SSH connection as the transport mechanism

    In this article we will demonstrate how to Enable Access to a Compute Node Port other than port 22 using Oracle Database Cloud Service console.


    Prerequisites
    • Access to Oracle Database Cloud Service console

    Steps to Enable Ports using Oracle Database Cloud Service Console

    • Open a web browser and enter the URL you received in the Welcome email to login to Oracle Cloud Account
      https://myservices-xxxxx-xxxxxxxxxxef4b21bb7ee3b2cf4123d1.console.oraclecloud.com/mycloud/faces/dashboard.jspx

    • Enter your username and password

    • On the home page, Click "Menu" under "Database" Cloud Service as shown below

    • Click "Open Service Console"

    • Click on Service Name. In my case "NSM-DBaaS" is the service name

      • Click on "Menu" and select "Access Rules"

      • By default only port 22 is enabled and all other ports are disabled for security reasons

      • To enable a port click on "Menu" and select "Enable". Here I am opening port 1521 used by SQL*Net access

      • Click "Enable"



      • We can see the port 1521 is now enabled

      • Similarly open port 443 used by HTTPS connection as shown below


      • Port 443 is now Enabled

      • Enable port 5500 used by EM Express


      • Port 5500 is now Enabled



      Conclusion


      In this article we have learned how to Enable Access to a Compute Node Port other than port 22 using Oracle Database Cloud Service console. Oracle Database Cloud Service uses access rules to provide secure network access to database deployments. You can use the Oracle Database Cloud Service console to perform network access operations such as enabling and disabling access rules and creating new access rules. 


      No comments:

      Post a Comment

      Comparing Oracle Database Appliance X8-2 Model Family

      September 2019 Oracle announced Oracle Database Appliance X8-2 (Small, Medium and HA). ODA X8-2 comes with more computing resources com...