In Part 2 - https://www.letsdosometech.com/post/part-2-building-a-short-end-to-end-environment-in-oci we have covered the building of VCN , subnets, Security List, Internet Gateway, NAT Gateway & Service Gateway.

Areas covered so far -
- Building Compartments. ( Completed in Part 1)
- Building VCN’s. ( Completed in Part 2)
- Building Compute instances.
- Building Load Balancer.
- Building DB Systems.
- Create domain zones.
- Create WAF.
- Create VCN Flow logs.
- Create Load balancer Logging.
- Create object storage & replication policies.
- Create resources in secondary region.
- Create DRG’s in both regions.
- Remote peering connections.
- Validate connectivity between both regions.
Let's continue with creating Compute instances and Load balancer in this article.
Pre-requisite & assumptions:
A ssh key pair has already been generated and is readily available.
A jump server would be created in mgmt subnet which would be used to further SSH to the app & database server in the private subnets.
Building a Compute instance:
Let's build a compute instance in mgmt subnet which servers as a jump server to ssh to the servers which we would create in the private subnet. Switch to the compartment - compute under NetworkArchitecture compartment. We would be using this compartment to hold all the compute instances.
Click on Compute -> Instances -> Create with the below data
Compartment : Compute
Primary VCN - WebVCN
Subnet - mgmtsubnet
Assign a public IP
Paste the public key generated.



Once the server is created, use the OCI CLI or putty to connect to the server using it's public IP and the PPK file generated(whose public key is tagged while creation).
Create compute instance in Appsubnet:
Click on Compute -> Instances -> Create with the below data
Compartment : Compute
Primary VCN - WebVCN
Subnet - appsubnet
Assign a private IP
Paste the public key generated.





Once the server is created, logon to the jump server first using the key(opc user) and further ssh to this newly created instance using the private key and the private IP.

Install tomcat on the webserver for our demonstration to point the load balancer to the tomcat service running on this server. (Tomcat installation is not covered in this article, please do put your comments incase you need one, will cover that as a separate topic)
Enable the firewall on the webserver to accept traffic on the ports - 80, 8080 & 8443 to & from the webserver. (Firewall service should be restarted post addition for the new rules to come into effect)

Creation of Load Balancer:
Let's create a load balancer to point to the tomcat services running on the web server we created.
Click on Network -> Load Balancer -> Create with below inputs -
Visibility - Public
VCN - WebVCN
Subnet - LBsubnet
Protocol - HTTP
Backend - Webserver
Port - 8080







Update the Load balancer security list to allow connections from internet and connections to the web server in the private subnet. Also, update the App subnet's security list to allow connections from the Load balancer subnet. Once these rules are made, we should be able to see the updated load balancer availability status.


The Backend health status should be always OK to make sure that the services on web server running and available.
To this point we have our Bastion server, tomcat web server & load balancer pointing to the tomcat web server is created. Let's now go ahead and create a DB system to complete the application setup. Please note that we are creating this for demo purpose only and won't be deploying any application on the tomcat web services to talk to database.
Building a Database Server:
We are going to create a DB System under database compartment as below -
VM shape - VM Standard 2.2
DB System - DemoDB
Db version - 19.16.0.0
Type - Enterprise edition with high performance
Licensing option - License included.












Let's meet again in the next part where we continue building our environment .
Rest of the parts can be accessed through -
Comments