Sunday, May 11, 2025

Installation of OCI Command line

OCI CLI (Oracle Cloud Infrastructure Command Line Interface) is a powerful tool that allows users to manage and automate OCI resources directly from the command line.  This article talks about OCI CLI installation and configuration. 

Linux

yum install python36-oci-cli

bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)"

Mac OS X

brew update && brew install oci-cli

Windows
1. Open the PowerShell console using the Run as Administrator option.

2. The installer enables auto-complete by installing and running a script. To allow this script to run, you must enable the RemoteSigned execution policy.

To configure the remote execution policy for PowerShell, run the following command.

Set-ExecutionPolicy RemoteSigned

3. Force PowerShell to use TLS 1.2 for Windows 2012 and Windows 2016:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

4. Download the installer script:

Invoke-WebRequest https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.ps1 -OutFile install.ps1

5. Run the installer script with or without prompts:

(i).To run the installer script with prompts, run the following command:

iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.ps1'))

...and respond to the Installation Script Prompts.

 

(ii) To run the installer script without prompting the user, accepting the default settings, run the following command:

install.ps1 -AcceptAllDefaults 

Installation in Linux with all default values for directory option


[root@myshieldedinstance1 ~]# bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)"

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100 16926  100 16926    0     0  81768      0 --:--:-- --:--:-- --:--:-- 81768

 

    ******************************************************************************

 

===> In what directory would you like to place the install? (leave blank to use '/root/lib/oracle-cli'):

-- Creating directory '/root/lib/oracle-cli'.

-- We will install at '/root/lib/oracle-cli'.

 

===> In what directory would you like to place the 'oci' executable? (leave blank to use '/root/bin'):

-- Creating directory '/root/bin'.

-- The executable will be in '/root/bin'.

 

===> In what directory would you like to place the OCI scripts? (leave blank to use '/root/bin/oci-cli-scripts'):

-- Creating directory '/root/bin/oci-cli-scripts'.

-- The scripts will be in '/root/bin/oci-cli-scripts'.

.

.

===> Modify profile to update your $PATH and enable shell/tab completion now? (Y/n): y

 

===> Enter a path to an rc file to update (file will be created if it does not exist) (leave blank to use '/root/.bashrc'):

-- Backed up '/root/.bashrc' to '/root/.bashrc.backup'

-- Tab completion set up complete.

-- If tab completion is not activated, verify that '/root/.bashrc' is sourced by your shell.

--

-- ** WARNING: Other 'oci' executables are on your $PATH. **

-- Conflicting paths: /usr/bin/oci

-- You can run this installation of the CLI with '/root/bin/oci'.

--

-- ** Run `exec -l $SHELL` to restart your shell. **

--

-- Installation successful.

-- Run the CLI with /root/bin/oci --help

 

Right now OCI CLI is installed, but not configured with our tenancy to perform all command line operations. We need below prerequisites to configure OCICLI.

  Prerequisites

To collect below prerequisites login into OCI portal.

User OCID

Right click the top right corner icon to get the profile settings. In profile click the user name.

 

It will invoke user details where we can find user OCID.

 

Tenancy OCID

Right click the top right corner icon to get the profile settings. Click the Tenancy name.

It will invoke tenancy details page, copy the tenancy OCID.

SSH Key pair - (Keys which has been used to create OCI API Key). If we don’t have SSH key pair we can let the configuration procedure create the key pair.

Eg: OCICLI configuration

[Enter a location for your config [/root/.oci/config]:

Enter a user OCID: ocid1.user.oc1..aaaaaaaanswicp4lg4zx3qnql3yabcdbzmbn2jrnia

Enter a tenancy OCID: ocid1.tenancy.oc1..aaaaaaaap2v6pumkwkwwnvplozuf5kfu7cyva

Enter a region by index or name(e.g.

1: af-johannesburg-1, 2: ap-chiyoda-1, 3: ap-chuncheon-1, 4: ap-chuncheon-2, 5: ap-dcc-canberra-1,

6: ap-dcc-gazipur-1, 7: ap-hyderabad-1, 8: ap-ibaraki-1, 9: ap-melbourne-1, 10: ap-mumbai-1,

11: ap-osaka-1, 12: ap-seoul-1, 13: ap-seoul-2, 14: ap-singapore-1, 15: ap-singapore-2,

16: ap-suwon-1, 17: ap-sydney-1, 18: ap-tokyo-1, 19: ca-montreal-1, 20: ca-toronto-1,

21: eu-amsterdam-1, 22: eu-crissier-1, 23: eu-dcc-dublin-1, 24: eu-dcc-dublin-2, 25: eu-dcc-milan-1,

26: eu-dcc-milan-2, 27: eu-dcc-rating-1, 28: eu-dcc-rating-2, 29: eu-dcc-zurich-1, 30: eu-frankfurt-1,

31: eu-frankfurt-2, 32: eu-jovanovac-1, 33: eu-madrid-1, 34: eu-madrid-2, 35: eu-marseille-1,

36: eu-milan-1, 37: eu-paris-1, 38: eu-stockholm-1, 39: eu-zurich-1, 40: il-jerusalem-1,

41: me-abudhabi-1, 42: me-abudhabi-2, 43: me-abudhabi-3, 44: me-abudhabi-4, 45: me-alain-1,

46: me-dcc-doha-1, 47: me-dcc-muscat-1, 48: me-dubai-1, 49: me-jeddah-1, 50: me-riyadh-1,

51: mx-monterrey-1, 52: mx-queretaro-1, 53: sa-bogota-1, 54: sa-santiago-1, 55: sa-saopaulo-1,

56: sa-valparaiso-1, 57: sa-vinhedo-1, 58: uk-cardiff-1, 59: uk-gov-cardiff-1, 60: uk-gov-london-1,

61: uk-london-1, 62: us-ashburn-1, 63: us-chicago-1, 64: us-gov-ashburn-1, 65: us-gov-chicago-1,

66: us-gov-phoenix-1, 67: us-langley-1, 68: us-luke-1, 69: us-phoenix-1, 70: us-saltlake-2,

71: us-sanjose-1, 72: us-somerset-1, 73: us-thames-1): us-phoenix-1

Do you want to generate a new API Signing RSA key pair? (If you decline you will be asked to supply the path to an existing key.) [Y/n]: Y

Enter a directory for your keys to be created [/root/.oci]:

Enter a name for your key [oci_api_key]:

Public key written to: /root/.oci/oci_api_key_public.pem

Enter a passphrase for your private key ("N/A" for no passphrase):

Repeat for confirmation:

Private key written to: /root/.oci/oci_api_key.pem

Fingerprint: 95:54:da:9f:29:67:c7:04:14:c6:f5:57:6b:0a:9d:bf

Config written to /root/.oci/config

 

 

    If you haven't already uploaded your API Signing public key through the

    console, follow the instructions on the page linked below in the section

    'How to upload the public key':

        https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm#How2

In the above configuration output we could see User OCID and Tenancy OCID and region details were provided according to our tenancy. We have chosen option to create SSH keys through configuration script. For all other inputs we went with default values. The below files are created as part of configuration.

# ls -ltr /root/.oci

total 12

-rw-------. 1 root root  451 May 11 14:41 oci_api_key_public.pem

-rw-------. 1 root root 1719 May 11 14:41 oci_api_key.pem

-rw-------. 1 root root  293 May 11 14:41 config Public key, private key and configuration file got created.

# cat /root/.oci/config

[DEFAULT]

user=ocid1.user.oc1..aaaaaaaanswicpabcd6ovskdbycbzmbn2jrnia

fingerprint=95:54:da:9f:29:67:c7:04:14:c6:f5:57:6b:0a:9d:bf

key_file=/root/.oci/oci_api_key.pem

tenancy= ocid1.tenancy.oc1..aaaaaaaap2v6pumkwkwwnvplozuf5kfu7cyva

region=us-phoenix-1

The config file has the required attributes to login into OCI through CLI. But this SSH key should get registered with our tenancy. 

Login into OCI and move to user settings

 

In the user settings page, we can find resource section in the bottom.

Click API keys link and Click Add API Key button

Provide the public key created through the configuration script. By default it will at /root/.oci/oci_api_key_public.pem. Either we can click option “choose public key file” or Paste public key.

Click Add button. It will give information about config which we can cross check with config file created in /root/.oci directory.

 

 

At this stage OCICLI is installed and configured. We can access Tenancy and can perform all operations through CLI.

For example to upload a file to object storage we can use OCI CLI commands.
First collect the required parameters to execute the command. In our example we need namespace and bucket name of the object storage.

Collect the name space of the object storage bucket.

oci os object put -ns ax8wgbh7cuxr -bn OIC --file /tmp/ oci_cli_install_tmp_anN1

-ns -> Namespace

 

-bn -> Object storage bucket name

--file -> the file name in target local machine.

# oci os object put -ns ax8wgbh7cuxr -bn OIC --file /tmp/oci_cli_install_tmp_anN1

Uploading object  [####################################]  100%

{

  "etag": "144a9b9e-0cc7-4771-adbc-8377107eddb7",

  "last-modified": "Sun, 11 May 2025 15:01:45 GMT",

  "opc-content-md5": "rB0cHstF/HDsR3p8ldzztw=="

}

 

 

 

 

 

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

  Extract SSL certificate from Oracle Autonomous Database Wallet   In most real-world environments, Autonomous Databases are deployed wi...

  • (no title)
      Extract SSL certificate from Oracle Autonomous Database Wallet   In most real-world environments, Autonomous Databases are deployed wi...
  • (no title)
    OCI IAM – OCI Command Line - User Creation (Default and Custom Domain) One of the major pillars of Oracle Cloud Infrastructure is Identity...
  • (no title)
      OCI Resource Manager OCI Resource manager is an automation tool for infrastructure. It can be considered as Infrastructure as a code too...