Skip to content

Latest commit

 

History

History
95 lines (58 loc) · 3.34 KB

README.md

File metadata and controls

95 lines (58 loc) · 3.34 KB
Raw

Lab 8a: Use OCI Bastion Service to work with MDS remotely

Key Objectives:

  • Learn how to create OCI Bastion Service to manage MDS remotely

Introduction

Oracle Cloud Infrastructure (OCI) Bastion provides restricted and time-limited access to target resources that don't have public endpoints. With OCI Bastion Service, you can manage MDS instance via secured connection remotely using OCI Bastion Service without a Bastion compute instance to connect to MDS For an overview of OCI Bastion Service, check OCI Bastion Service.

Steps

Step 1.1:

Log-in to your OCI tenancy. Once you have logged-in, select Identity & Security >> Bastion Service from the menu icon on the top left corner

Step 1.2:

Click on Create Bastion (make sure you have selected the right compartment on the left panel)

Step 1.3:

Fill in the details of the following fields:

  • Bastion Name: name of your Bastion service
  • Target Virtual Cloud Network: select your Virtual Cloud Network
  • Target Subnet: select the subnet where you created MDS
  • CIDR Block Allowlist: specify the IP where you will be connecting from (if unsure, you can use 0.0.0.0/0 for testing purpose)

Click on Create Bastion to create the bastion service

Step 1.4:

Once the Bastion service is creted, click on Create Session

Step 1.5:

Fill in the details of the following fields:

  • Session Type: select SSH port forwarding session from the dropdown list
  • Session Name: specify a name for the bastion session
  • Connect to the target host by using: select IP Address
  • IP Address: specify the IP address of MDS instance
  • Port: 3306 (default port number of MDS)
  • Add SSH Key: select generate SSH Key pair and click on Save Private Key (save the public key as well if required)

Click on Create Session

Connect to MDS via Bastion service

Step 1.1:

Click on the menu on the far right of your newly created Bastion Service, select View SSH Command

Step 1.2:

Copy the SSH command by clicking on Copy

Step 1.3:

Click on Cloud Shell to connect to MDS via Bastion service

Step 1.4:

Upload the downloaded Private Key to Cloud Shell and save the Private Key at your home directory in the Cloud Shell, for example, private-key.pem

Step 1.5:

Paste the SSH Command to Cloud Shell, specify the correct location of the private key and the port number of 3306, and start connecting to MDS using mysql client

ssh -i ~/private-key.pem -N -L 3306:10.0.1.109:3306 -p 22 ocid.really.long.id &
mysql -uadmin -h127.0.0.1 -P3306 -pPassword

Conclusion

In this bonus lab, you have learnt how to create a Bastion Service to connect to your MDS instance without the need of a Bastion compute. You can now go to the next lab to try to create MySQL Database Service High Availability configuration

<< Go to Lab 8a | Home | Go to Lab 8b >>