As you probably know, Oracle 20c is available only as a preview on the cloud. If you’d like to create a new server on Oracle Cloud with 20c, here is a post with the instructions.
However, I thought of a way to still check the new dbca and it’s quite simple. Once you have a running server, it seems that the DB VM already contains tigervnc. So all you need to do is to start the vnc server, open the port, and connect to the server in order to start GUI session.
Start VNC server
If you do not how to do this, this is very simple as everything is already configured on the DB VM. Login as user oracle to the server and follow these steps:
- Run: vncserver
- You’ll be requested to enter a password for the session
- Choose if you’d like to enable a “read only” option
Here is how it looks like:
[oracle@db20 ~]$ vncserver
You will require a password to access your desktops.
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
New 'db20:1 (oracle)' desktop is db20:1
Starting applications specified in /home/oracle/.vnc/xstartup
Log file is /home/oracle/.vnc/db20:1.log
Now you can see that the session is db20:1. The port for the session is 5900 plus the number after the colon (so 5901 in my case). Unless you already have vnc server running, :1 will be used.
Open the port
There are 2 steps here. One is the cloud security rule and the other one is the firewall configured at the linux level.
VCN
To create a rule to allow VNC to the cloud server (screenshots below):
- login to your cloud account
- Go to Networking -> Virtual Cloud Networks
- Click on the VCN that your server is configured on
- Go to the relevant subnet
- Click on the security list at the bottom half of the screen
- Add an ingress rule
- Configure the rule with source: x.x.x.x/24 port: 5901 (assuming the VNC is running with :1). In the screenshot below you can see that I opened the entire internet to me VNC (using 0.0.0.0/0). This is not recommended, you should only open your IP/network.
Linux
The server has iptables running by default, so we need to allow the VNC port (5901 in our case) in at the OS level as well.
Unfortunately we can’t edit iptables to add a rule in the middle, so the process will be:
- Save the entire iptables ruleset to a file
- Add the rule to allow port 5901
- Restore the iptables rules from the file
To do that perform the following:
- Login to you OCI server
- Switch to root (command: sudo su -)
- Save the iptables rules (command: iptables-save > /tmp/iptables)
- Open the /tmp/iptables file
- Add the following line (screenshot below):
-A INPUT -p tcp -m tcp –dport 5901 -j ACCEPT
Right before the line:
-A INPUT -j REJECT –reject-with icmp-host-prohibited - Load the new rules (command: iptables-restore < /tmp/iptables)
Screenshot of my rules file (the new rule is highlighted):
Connect and run dbca
That’s it, now open a VNC client on your computer and connect to the public IP of the server with: x.x.x.x:1.
Once you’re in just run dbca and dbca will open:
