Deploy a Windows Instance in Oracle Cloud Infrastructure: Difference between revisions
No edit summary |
No edit summary |
||
| Line 3: | Line 3: | ||
In this tutorial, we will deploy a Windows Instance (hop on machine, OCI Bastion host) in Oracle Cloud Infrastructure (OCI) which can be used as the first point of entry into your OCI environment and can be used to connect to other private instances inside your OCI environment or for testing purposes. | In this tutorial, we will deploy a Windows Instance (hop on machine, OCI Bastion host) in Oracle Cloud Infrastructure (OCI) which can be used as the first point of entry into your OCI environment and can be used to connect to other private instances inside your OCI environment or for testing purposes. | ||
[[File:profile.jpg|800px]] | [[File:profile..jpg|800px]] | ||
The following image illustrates how the environment will look like when we finish with the deployment and configuration. | The following image illustrates how the environment will look like when we finish with the deployment and configuration. | ||
| Line 18: | Line 18: | ||
- See [[this tutorial-CHANGE LINK]] to create the VCNs, public subnet and internet gateway. | - See [[this tutorial-CHANGE LINK]] to create the VCNs, public subnet and internet gateway. | ||
= Task 1 | = Task 1 - Create a Windows Instance = | ||
- Create an OCI Compute instances. | - Create an OCI Compute instances. | ||
1. Click the Oracle Cloud logo to return to the OCI Console homepage. | 1. Click the Oracle Cloud logo to return to the OCI Console homepage. | ||
<br> | |||
2. Click '''Instances''' or click hamburger menu and then navigate to '''Compute''', '''Instances'''. | 2. Click '''Instances''' or click hamburger menu and then navigate to '''Compute''', '''Instances'''. | ||
| Line 32: | Line 33: | ||
1. Enter the '''name''' of instance. | 1. Enter the '''name''' of instance. | ||
<br> | |||
2. Scroll down. | 2. Scroll down. | ||
| Line 41: | Line 43: | ||
1. In the '''Select an Image''' page, select '''Windows'''. | 1. In the '''Select an Image''' page, select '''Windows'''. | ||
<br> | |||
2. Scroll down. | 2. Scroll down. | ||
| Line 46: | Line 49: | ||
1. Select '''Windows Server 2022 Standard'''. | 1. Select '''Windows Server 2022 Standard'''. | ||
<br> | |||
2. Select '''I have reviewed and accept the following documents'''. | 2. Select '''I have reviewed and accept the following documents'''. | ||
<br> | |||
3. Click '''Select Image'''. | 3. Click '''Select Image'''. | ||
| Line 52: | Line 57: | ||
1. Notice that the '''Windows Server 2022 Standard''' Image is selected. | 1. Notice that the '''Windows Server 2022 Standard''' Image is selected. | ||
<br> | |||
2. Scroll down. | 2. Scroll down. | ||
| Line 57: | Line 63: | ||
1. Select the '''VCN''' that you want to attach to the instance. | 1. Select the '''VCN''' that you want to attach to the instance. | ||
<br> | |||
2. Select a '''Subnet'''. | 2. Select a '''Subnet'''. | ||
<br> | |||
3. Scroll down. | 3. Scroll down. | ||
| Line 77: | Line 85: | ||
1. After a few minutes, the status is changed to '''RUNNING'''. | 1. After a few minutes, the status is changed to '''RUNNING'''. | ||
<br> | |||
2. Note your '''Public IP address''' and your login credentials. You will need this in the later task when you try to log in to the instance. | 2. Note your '''Public IP address''' and your login credentials. You will need this in the later task when you try to log in to the instance. | ||
| Line 85: | Line 94: | ||
[[File:d776a4edd6be0208141e04b99f746ee4.png|800px]] | [[File:d776a4edd6be0208141e04b99f746ee4.png|800px]] | ||
= Task 2 | = Task 2 - Allow TCP 3389 Port on the Security List = | ||
We need to allow the TCP/`3389` Microsoft Remote Desktop Protocol (RDP) port on the security list that is currently attached to the VCN that includes your new Windows instance. | We need to allow the TCP/`3389` Microsoft Remote Desktop Protocol (RDP) port on the security list that is currently attached to the VCN that includes your new Windows instance. | ||
| Line 92: | Line 101: | ||
1. Click the hamburger menu (≡) in the OCI Console. | 1. Click the hamburger menu (≡) in the OCI Console. | ||
<br> | |||
2. Click '''Virtual cloud networks'''. | 2. Click '''Virtual cloud networks'''. | ||
| Line 102: | Line 111: | ||
1. Scroll down. | 1. Scroll down. | ||
<br> | |||
2. Click '''Security Lists'''. | 2. Click '''Security Lists'''. | ||
<br> | |||
3. Click the '''Default Security List for HUB-VCN''' for the VCN. | 3. Click the '''Default Security List for HUB-VCN''' for the VCN. | ||
| Line 114: | Line 125: | ||
1. '''Source:''' Enter '''CIDR'''. | 1. '''Source:''' Enter '''CIDR'''. | ||
<br> | |||
2. '''Source CIDR:''' Enter `0.0.0.0/0`. | 2. '''Source CIDR:''' Enter `0.0.0.0/0`. | ||
<br> | |||
3. '''IP Protocol:''' Enter '''TCP'''. | 3. '''IP Protocol:''' Enter '''TCP'''. | ||
<br> | |||
4. '''Destination Port Range:''' Enter `3389`. | 4. '''Destination Port Range:''' Enter `3389`. | ||
<br> | |||
5. Click '''Add Ingress Rules'''. | 5. Click '''Add Ingress Rules'''. | ||
| Line 129: | Line 144: | ||
[[File:6e3c61832b4c8306192400ffb6184871.png|800px]] | [[File:6e3c61832b4c8306192400ffb6184871.png|800px]] | ||
= Task 3 | = Task 3 - Add a Default Route towards the Internet Gateway = | ||
A public subnet and the VCN is not routing traffic to the internet. So you need to make sure that a route is present to route all traffic from the public subnet to the internet gateway. | A public subnet and the VCN is not routing traffic to the internet. So you need to make sure that a route is present to route all traffic from the public subnet to the internet gateway. | ||
| Line 140: | Line 155: | ||
1. Click '''Route Tables'''. | 1. Click '''Route Tables'''. | ||
<br> | |||
2. Click the '''Default Route Table''' for the VCN. | 2. Click the '''Default Route Table''' for the VCN. | ||
| Line 151: | Line 167: | ||
1. '''Target Type:''' Enter '''Internet Gateway'''. | 1. '''Target Type:''' Enter '''Internet Gateway'''. | ||
<br> | |||
2. '''Destination CIDR Block:''' Enter `0.0.0.0/0`. | 2. '''Destination CIDR Block:''' Enter `0.0.0.0/0`. | ||
<br> | |||
3. '''Target Internet Gateway:''' For this tutorial, it is `hub-internet-gw`. | 3. '''Target Internet Gateway:''' For this tutorial, it is `hub-internet-gw`. | ||
<br> | |||
4. Click '''Add Route Rules'''. | 4. Click '''Add Route Rules'''. | ||
| Line 168: | Line 187: | ||
[[File:3c76ff2c4145395db42a96d0bffa983e.png|800px]] | [[File:3c76ff2c4145395db42a96d0bffa983e.png|800px]] | ||
= Task 4 | = Task 4 - Connect to the Windows Instance using Microsoft Remote Desktop Protocol (RDP) = | ||
We have done instance creation, allowed TCP/`3389` port to the security list, and configured routing towards the internet. Now, we can connect to the Windows instance from the internet. | We have done instance creation, allowed TCP/`3389` port to the security list, and configured routing towards the internet. Now, we can connect to the Windows instance from the internet. | ||
| Line 177: | Line 196: | ||
1. Enter '''Display Name'''. | 1. Enter '''Display Name'''. | ||
<br> | |||
2. In '''Computer Name''', enter the IP address of the Windows instance created in Task 1. | 2. In '''Computer Name''', enter the IP address of the Windows instance created in Task 1. | ||
<br> | |||
3. In '''Port''', specify the RDP port. | 3. In '''Port''', specify the RDP port. | ||
<br> | |||
4. Click '''Credentials'''. | 4. Click '''Credentials'''. | ||
| Line 184: | Line 206: | ||
1. Select '''Specify username and passwords'''. | 1. Select '''Specify username and passwords'''. | ||
<br> | |||
2. Enter '''Username''' created in the Task 1. | 2. Enter '''Username''' created in the Task 1. | ||
<br> | |||
3. Enter '''Password''' create in the Task 1. | 3. Enter '''Password''' create in the Task 1. | ||
<br> | |||
4. Click '''Apply & Close''' to save the session. | 4. Click '''Apply & Close''' to save the session. | ||
[[File:186d941fa8f22db9688702eb515bbf90.png|800px]] | |||
- Double-click on the saved session to connect to the Windows instance. When you can successfully connect you will get a prompt to change your initial password. | - Double-click on the saved session to connect to the Windows instance. When you can successfully connect you will get a prompt to change your initial password. | ||
| Line 197: | Line 222: | ||
1. Enter old password. | 1. Enter old password. | ||
<br> | |||
2. Enter new password. | 2. Enter new password. | ||
<br> | |||
3. Enter new password again. | 3. Enter new password again. | ||
<br> | |||
4. Click right arrow (→). | 4. Click right arrow (→). | ||
[[File:8db6e19e3d3d04b3ea31c88502865529.png|800px]] | |||
- When you changed your password successfully, click '''OK'''. | - When you changed your password successfully, click '''OK'''. | ||
Revision as of 17:28, 7 June 2024
Introduction
In this tutorial, we will deploy a Windows Instance (hop on machine, OCI Bastion host) in Oracle Cloud Infrastructure (OCI) which can be used as the first point of entry into your OCI environment and can be used to connect to other private instances inside your OCI environment or for testing purposes.
The following image illustrates how the environment will look like when we finish with the deployment and configuration.
Objective
- Deploy a Windows instance in OCI. We will make the necessary infrastructure changes on the VCN like allowing the RDP port on the security list and adding a default route towards the internet gateway.
Prerequisites
- VCN, a public subnet, and internet gateway. - See this tutorial-CHANGE LINK to create the VCNs, public subnet and internet gateway.
Task 1 - Create a Windows Instance
- Create an OCI Compute instances.
1. Click the Oracle Cloud logo to return to the OCI Console homepage.
2. Click Instances or click hamburger menu and then navigate to Compute, Instances.
- Click Create Instance.
1. Enter the name of instance.
2. Scroll down.
- Click Change Image to change from the default Oracle Linux 8 Image to a Windows Image.
1. In the Select an Image page, select Windows.
2. Scroll down.
1. Select Windows Server 2022 Standard.
2. Select I have reviewed and accept the following documents.
3. Click Select Image.
1. Notice that the Windows Server 2022 Standard Image is selected.
2. Scroll down.
1. Select the VCN that you want to attach to the instance.
2. Select a Subnet.
3. Scroll down.
- Scroll down.
- Click Create to create the instance.
- Notice that the status of the instance is PROVISIONING.
1. After a few minutes, the status is changed to RUNNING.
2. Note your Public IP address and your login credentials. You will need this in the later task when you try to log in to the instance.
- The following image illustrates the visual representation of what we have created.
Task 2 - Allow TCP 3389 Port on the Security List
We need to allow the TCP/`3389` Microsoft Remote Desktop Protocol (RDP) port on the security list that is currently attached to the VCN that includes your new Windows instance.
- Add ingress rules.
1. Click the hamburger menu (≡) in the OCI Console.
2. Click Virtual cloud networks.
- Click the VCN that includes your instance. In this tutorial, it is `HUB-VCN`.
1. Scroll down.
2. Click Security Lists.
3. Click the Default Security List for HUB-VCN for the VCN.
- Click Add Ingress Rules.
- Enter the following information.
1. Source: Enter CIDR.
2. Source CIDR: Enter `0.0.0.0/0`.
3. IP Protocol: Enter TCP.
4. Destination Port Range: Enter `3389`.
5. Click Add Ingress Rules.
- Notice that the security rule is added to allow the TCP/`3389` port on the security list that is attached to VCN. This will allow you to set up an RDP connection from the internet towards this new Windows instance.
- The following image illustrates the visual representation of what we have created.
Task 3 - Add a Default Route towards the Internet Gateway
A public subnet and the VCN is not routing traffic to the internet. So you need to make sure that a route is present to route all traffic from the public subnet to the internet gateway.
- Go to Networking and Virtual Cloud networks.
- Click the VCN that includes your instance. In this tutorial, it is `HUB-VCN`.
1. Click Route Tables.
2. Click the Default Route Table for the VCN.
- Click Add Route Rules.
- Enter the following information.
1. Target Type: Enter Internet Gateway.
2. Destination CIDR Block: Enter `0.0.0.0/0`.
3. Target Internet Gateway: For this tutorial, it is `hub-internet-gw`.
4. Click Add Route Rules.
- Notice that the default route towards the internet gateway is added.
The route tables you configured at the VCN level are attached to a subnet. By default the VCN has the default route table and that the Default Route Table is associated with all the subnets. As this is also the case for your public subnet, instances attached to the public subnet will know how to route traffic towards the internet.
note
- The following image illustrates visual representation of what we have created. Notice that the colors of the routing table match the association of the subnets (The orange blocks with "RT").
Task 4 - Connect to the Windows Instance using Microsoft Remote Desktop Protocol (RDP)
We have done instance creation, allowed TCP/`3389` port to the security list, and configured routing towards the internet. Now, we can connect to the Windows instance from the internet.
In this tutorial, we are using an application called Royal TSX for the connection but you can use any RDP client.
- In the Remote Desktop Connection Settings page, enter the following information.
1. Enter Display Name.
2. In Computer Name, enter the IP address of the Windows instance created in Task 1.
3. In Port, specify the RDP port.
4. Click Credentials.
1. Select Specify username and passwords.
2. Enter Username created in the Task 1.
3. Enter Password create in the Task 1.
4. Click Apply & Close to save the session.
- Double-click on the saved session to connect to the Windows instance. When you can successfully connect you will get a prompt to change your initial password.
- Click OK.
1. Enter old password.
2. Enter new password.
3. Enter new password again.
4. Click right arrow (→).
- When you changed your password successfully, click OK.
- Click Yes.
- Now, you can use your new Windows instance as your first point of entry into your OCI environment and use it to connect to other private instances inside your OCI environment, or for testing purposes.
- The following image illustrates the visual representation of what we have created so far.
