Add Oracle Public Cloud¶
A Keypair (both public and private keys) must be added to Morpheus with the Public Key in ssh-rsa format added to Oracle Cloud users keys in Oracle Cloud console for authentication.
Information on uploading the Public Key and generating Tenancy’s OCID and User’s OCID can be found at https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm
- Name of the Cloud in Morpheus
- Unique code used for api/cli, automation and policies.
- Description field for adding notes on the cloud, such as location.
- For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
- If Visibility is set to Private, select the Tenant the Cloud resources will assigned to.
- When disabled, automatic Cloud sync is paused and the Cloud will not be selectable for provisioning.
- AUTOMATICALLY POWER ON VMS
When enabled, Morpheus will maintain the expected powered on state of managed VM’s and power on any managed VM’s in the cloud that have been shut down for unknown reasons (not powered off by Morpheus) to ensure availability of services.
When “AUTOMATICALLY POWER ON VMS” is enabled, the power state of managed VM’s should be maintained in Morpheus. This setting is not applicable to discovered/unmanaged resources.
- TENANCY OCID
- The OCID string from Tenancy Information section in Oracle Cloud
- USER OCID
- OCID String for the OPC API user
- SELECT KEY PAIR
- Select a keypair added to Morpheus matching the public key added to specified OPC API user
- Select the OPC region (populates after successful account authentication)
- Select Compartment (populates after successful account authentication)
- Turn on for Morpheus to discover and sync existing VMs
- Specify a default domain for instances provisioned to this Cloud.
- SCALE PRIORITY
- Only affects Docker Provisioning. Specifies the priority with which an instance will scale into the cloud. A lower priority number means this cloud integration will take scale precedence over other cloud integrations in the group.
- APPLIANCE URL
- Alternate Appliance url for scenarios when the default Appliance URL (configured in admin -> settings) is not reachable or resolvable for Instances provisioned in this cloud. The Appliance URL is used for Agent install and reporting.
- TIME ZONE
- Configures the time zone on provisioned VM’s if necessary.
- DATACENTER ID
- Used for differentiating pricing among multiple datacenters. Leave blank unless prices are properly configured.
- NETWORK MODE
- Unmanaged or select a Network Integration (NSX, ACI etc)
- LOCAL FIREWALL
- On or Off. Enable to managed Host and VM firewall/IP Table rules (linux only)
- SECURITY SERVER
- Security Server setting is for Security Service Integrations such as ACI
- TRUST PROVIDER
- Select Internal (Morpheus) or an existing Trust Provider Integration
- STORAGE MODE
- Single Disk, LVM or Clustered
- BACKUP PROVIDER
- Select Internal Backups (Morpheus) or a Backup Integration
- REPLICATION PROVIDER
- Sets the default Replication Provider for the Cloud. Select an existing Replication Provider Integration
- Enable Guidance recommendations on cloud resources.
- Enable for Morpheus to sync Costing data from the Cloud provider, when available. If your organization utilizes reserved instances and you want to pull in related pricing data, select Costing and Reservations. If this is not relevant, select Costing to save money on additional calls to the AWS Cost Explorer API or similar service for other clouds.
- DNS INTEGRATION
- Records for instances provisioned in this cloud will be added to selected DNS integration.
- SERVICE REGISTRY
- Services for instances provisioned in this cloud will be added to selected Service Registry integration.
- CONFIG MANAGEMENT
- Select a Chef, Salt, Ansible or Puppet integration to be used with this Cloud.
- Select CMDB Integration to automatically update selected CMDB.
- CHANGE MANAGEMENT
- Select an existing Change Management Integration to set on the Cloud. ex: Cherwell
- AGENT INSTALL MODE
- SSH / WINRM: Morpheus will use SSH or WINRM for Agent install.
- Cloud Init / Unattend (when available): (DEFAULT) Morpheus will utilize Cloud-Init or Cloudbase-Init for agent install when provisioning images with Cloud-Init/Cloudbase-Init installed. Morpheus will fall back on SSH or WINRM if cloud-init is not installed on the provisioned image. Morpheus will also add Agent installation to Windows unattend.xml data when performing Guest Customizations or utilizing syspreped images.
- API PROXY
- Set a proxy for outbound communication from the Morpheus Appliance to the Cloud endpoints. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
- INSTALL AGENT
- Enable to have Agent Installation on by default for all provisioning into this Cloud. Disable for Agent Installation to be off by default for all provisioning into this Cloud.
- Set a proxy for inbound communication from Instances to the Morpheus Appliance. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
- Bypass Proxy for Appliance URL
- Enable to bypass proxy settings (if added) for Morpheus Agent communication to the Appliance URL.
- USER DATA (LINUX)
- Add cloud-init user data. Morpheus 4.1.0 and earlier assumes bash syntax. Morpheus 4.1.1 and later supports all User Data formats. Refer to https://cloudinit.readthedocs.io/en/latest/topics/format.html for more information.
Enable Live Costing for Oracle Public Cloud¶
Morpheus version 4.2.1 and higher support live costing data from the Oracle Cloud metering API. In order to authenticate with this API, edit your existing Oracle Cloud account integration or begin the process of newly integrating an account that wasn’t previously consumable in Morpheus (Infrastructure > Clouds > +ADD).
In the advanced options section of the add/edit cloud modal for Oracle Public Cloud, the COSTING KEY and COSTING SECRET fields must be completed to work with metering API data in Morpheus. Unlike the OCI API authentication used to initially integrate Oracle Cloud, the metering API uses token-based authentication. We must access a Client ID and Client Secret value from the Oracle Public Cloud console to complete these fields.
Navigate to Oracle cloud sign in page, the URL for which is similar to the following example:
If you’re not redirected to the admin console similar to the one pictured below, log out and replace ‘signin’ at the end of the URL with ‘adminconsole’ as in the following example:
You’ll immediately be redirected back to the same signin page but in doing that you should be taken to the admin console after authenticating your session once again.
Create a new application and select the type “Confidential Application”.
On the Details tab, enter a “Name” value and click “Next”.
On the Client tab, choose to “Configure this application as a client now” to reveal additional fields. Then, in the Authorization section, mark the boxes for “Client Credentials” and “JWT Assertion”.
In the Token Issuance Policy section, click the “+Add Scope” button. Click the right-facing arrow button in the row for “CloudPortalResourceApp”. Mark the box to give read access for metering and click “Add”.
Click “Next” until the “Finish” button is shown, then click “Finish”
The Client ID and Client Secret value will be shown at this point. If these values need to be referenced in the future, simply edit the application and go to the Configuration tab. The Client ID and Client Secret are shown in the General Information section.
Back in Morpheus, enter these values in the COSTING KEY and COSTING SECRET fields of the add/edit cloud modal for your Oracle Public Cloud integration. You also need to fill in the IDENTITY SERVICE value. This value can be found in the URL for your Oracle admin console as shown in the image below. It will be in a format
Save changes to the Cloud.