AsterionDB Zero Trust Architecture

Log output from 'oci setup config'

				
					[asterion@demo-box ~]$ oci setup config
    This command provides a walkthrough of creating a valid CLI config file.
    The following links explain where to find the information required by this
    script:
    User API Signing Key, OCID and Tenancy OCID:
        https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm#Other
    Region:
        https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm
    General config documentation:
        https://docs.cloud.oracle.com/Content/API/Concepts/sdkconfig.htm

Enter a location for your config [/home/asterion/.oci/config]: 
Enter a user OCID: ocid1.user.oc1..aaaaaaaa-----------ffjmbbptrjnolvs4a3hu7diofouhfwobvpa
Enter a tenancy OCID: ocid1.tenancy.oc1..aaaaaaaauof------------7apj55viuhl2kyn6fqr4yorlm7zfo65eoljbq
Enter a region by index or name(e.g.
1: ap-chiyoda-1, 2: ap-chuncheon-1, 3: ap-hyderabad-1, 4: ap-ibaraki-1, 5: ap-melbourne-1,
6: ap-mumbai-1, 7: ap-osaka-1, 8: ap-seoul-1, 9: ap-sydney-1, 10: ap-tokyo-1,
11: ca-montreal-1, 12: ca-toronto-1, 13: eu-amsterdam-1, 14: eu-frankfurt-1, 15: eu-zurich-1,
16: il-jerusalem-1, 17: me-dubai-1, 18: me-jeddah-1, 19: sa-santiago-1, 20: sa-saopaulo-1,
21: sa-vinhedo-1, 22: uk-cardiff-1, 23: uk-gov-cardiff-1, 24: uk-gov-london-1, 25: uk-london-1,
26: us-ashburn-1, 27: us-gov-ashburn-1, 28: us-gov-chicago-1, 29: us-gov-phoenix-1, 30: us-langley-1,
31: us-luke-1, 32: us-phoenix-1, 33: us-sanjose-1): 32
Do you want to generate a new API Signing RSA key pair? (If you decline you will be asked to supply the path to an existing key.) [Y/n]: 
Enter a directory for your keys to be created [/home/asterion/.oci]: 
Enter a name for your key [oci_api_key]: 
Public key written to: /home/asterion/.oci/oci_api_key_public.pem
Enter a passphrase for your private key (empty for no passphrase): 
Private key written to: /home/asterion/.oci/oci_api_key.pem
Fingerprint: 47:53:99:df:89:e1:96:1d:8a:3d:7d:f2:68:75:86:b7
Config written to /home/asterion/.oci/config

    If you haven't already uploaded your API Signing public key through the
    console, follow the instructions on the page linked below in the section
    'How to upload the public key':
        https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm#How2
        
[asterion@demo-box ~]$ cat .oci/oci_api_key_public.pem 
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJBWj1L99Z7zgJjF3i0P
yfa2JSycKhFiv+6WsgnvezlDg6MO+8YSEmr3Yg+sUxyIGxYRxckWtpHeqnzt2sBr
...
...
...
G/SBT/ITZGRTO0RdAQ9Uv27TIFh
mFkuxalDWO3i1sL28QCNVRHAsPzirP0yXFOM+8+DsV0/FPWHNlb97kbUFeLR1ZIP
2QIDAQAB
-----END PUBLIC KEY-----

Log output from 'setupLoadBalancer.sh'

				
					[asterion@demo-box setupLoadBalancer]$ pwd
/home/asterion/asterion/oracle/admin/setupLoadBalancer
[asterion@demo-box ~]$ ./setupLoadBalancer.sh
Mon Nov  1 04:27:10 GMT 2021
This script will setup an SSL enabled load balancer.
This script is designed to be run from an AsterionDB Marketplace Image
compute instance.  The instance this script is running from will be placed
in the backup sets assigned to the load balancer.
This script is limited to only creating a regional load balancer.  The VCN subnet
that you use must be created as a regional subnet (subnet_type = regional).
This instance will be used for Let's Encrypt registration and certification maintenance.
You will need to register the public IP address for the load balancer with your DNS provider.
You will need the following information:
  -  Your domain name (i.e. your.domain.com)
  -  An email address to use when registering with Let's Encrypt
  -  The compartment OCID that the load balancer will be placed to
  -  The VCN subnet OCID that the load balancer will be placed in
Press ENTER to continue...
Do you want a production (default) or a test certificate [p|t]?  
Enter your domain name: cloud-demo.asteriondb.com
Enter your email address: support@no-spam.com
Enter the compartment OCID that the load balancer will be placed in: ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq
Enter the VCN subnet OCID that the load balancer will be placed in: ocid1.subnet.oc1.phx.aaaaaaaaxqmmkitrqitlwyaqu63vvsqgtrgfdpn3pg66a474hudssz4ofy6q
These are the load balancer shapes available:
  1 - Flexible (default)
  2 - 10Mbps-Micro (Always Free)
  3 - 10Mbps
  4 - 100Mbps
  5 - 400Mbps
  6 - 800Mbps
Enter the number of the desired shape [1]: 2
Press ENTER to begin the creation process...
Creating the load balancer...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
The load balancer has been created...
The public IP address of the load balancer for cloud-demo.asteriondb.com is: 132.226.124.231
Register this IP address with your DNS provider.
Verify that the DNS entry is available and then press ENTER to continue...
Installing Certbot and opening port 80...
Loaded plugins: langpacks, ulninfo
Resolving Dependencies
--> Running transaction check
---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
--> Processing Dependency: python2-certbot = 1.11.0-2.el7 for package: certbot-1.11.0-2.el7.noarch
--> Running transaction check
---> Package python2-certbot.noarch 0:1.11.0-2.el7 will be installed
--> Processing Dependency: python-parsedatetime >= 1.3 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-acme >= 1.8.0 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-configargparse >= 0.9.3 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-distro >= 1.0.1 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-josepy >= 1.1.0 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python-zope-component for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python-zope-interface for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-mock for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-pyrfc3339 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: pytz for package: python2-certbot-1.11.0-2.el7.noarch
--> Running transaction check
---> Package python-zope-component.noarch 1:4.1.0-5.0.1.el7 will be installed
--> Processing Dependency: python-zope-event for package: 1:python-zope-component-4.1.0-5.0.1.el7.noarch
---> Package python-zope-interface.x86_64 0:4.0.5-4.el7 will be installed
---> Package python2-acme.noarch 0:1.11.0-1.el7 will be installed
--> Processing Dependency: python-ndg_httpsclient for package: python2-acme-1.11.0-1.el7.noarch
--> Processing Dependency: python-requests-toolbelt for package: python2-acme-1.11.0-1.el7.noarch
--> Processing Dependency: python2-six for package: python2-acme-1.11.0-1.el7.noarch
---> Package python2-configargparse.noarch 0:0.11.0-2.el7 will be installed
---> Package python2-distro.noarch 0:1.5.0-1.el7 will be installed
---> Package python2-josepy.noarch 0:1.3.0-2.el7 will be installed
---> Package python2-mock.noarch 0:1.0.1-10.el7 will be installed
---> Package python2-parsedatetime.noarch 0:2.4-6.el7 will be installed
--> Processing Dependency: python2-future for package: python2-parsedatetime-2.4-6.el7.noarch
---> Package python2-pyrfc3339.noarch 0:1.1-3.el7 will be installed
---> Package pytz.noarch 0:2016.10-2.el7 will be installed
--> Running transaction check
---> Package python-ndg_httpsclient.noarch 0:0.3.2-1.el7 will be installed
---> Package python-requests-toolbelt.noarch 0:0.8.0-3.el7 will be installed
---> Package python-zope-event.noarch 0:4.0.3-2.el7 will be installed
---> Package python2-future.noarch 0:0.18.2-2.el7 will be installed
---> Package python2-six.noarch 0:1.9.0-0.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==============================================================================================================================================================================
 Package                                          Arch                           Version                                    Repository                                   Size
==============================================================================================================================================================================
Installing:
 certbot                                          noarch                         1.11.0-2.el7                               ol7_developer_EPEL                           46 k
Installing for dependencies:
 python-ndg_httpsclient                           noarch                         0.3.2-1.el7                                ol7_developer_EPEL                           42 k
 python-requests-toolbelt                         noarch                         0.8.0-3.el7                                ol7_developer_EPEL                           77 k
 python-zope-component                            noarch                         1:4.1.0-5.0.1.el7                          ol7_developer_EPEL                          227 k
 python-zope-event                                noarch                         4.0.3-2.el7                                ol7_developer_EPEL                           78 k
 python-zope-interface                            x86_64                         4.0.5-4.el7                                ol7_optional_latest                         138 k
 python2-acme                                     noarch                         1.11.0-1.el7                               ol7_developer_EPEL                           82 k
 python2-certbot                                  noarch                         1.11.0-2.el7                               ol7_developer_EPEL                          385 k
 python2-configargparse                           noarch                         0.11.0-2.el7                               ol7_developer_EPEL                           30 k
 python2-distro                                   noarch                         1.5.0-1.el7                                ol7_developer_EPEL                           32 k
 python2-future                                   noarch                         0.18.2-2.el7                               ol7_developer_EPEL                          805 k
 python2-josepy                                   noarch                         1.3.0-2.el7                                ol7_developer_EPEL                           89 k
 python2-mock                                     noarch                         1.0.1-10.el7                               ol7_developer_EPEL                           91 k
 python2-parsedatetime                            noarch                         2.4-6.el7                                  ol7_developer_EPEL                           78 k
 python2-pyrfc3339                                noarch                         1.1-3.el7                                  ol7_developer_EPEL                           15 k
 python2-six                                      noarch                         1.9.0-0.el7                                ol7_developer_EPEL                          2.3 k
 pytz                                             noarch                         2016.10-2.el7                              ol7_latest                                   46 k
Transaction Summary
==============================================================================================================================================================================
Install  1 Package (+16 Dependent packages)
Total download size: 2.2 M
Installed size: 9.8 M
Downloading packages:
(1/17): python-ndg_httpsclient-0.3.2-1.el7.noarch.rpm                                                                                                  |  42 kB  00:00:00     
(2/17): certbot-1.11.0-2.el7.noarch.rpm                                                                                                                |  46 kB  00:00:00     
(3/17): python-requests-toolbelt-0.8.0-3.el7.noarch.rpm                                                                                                |  77 kB  00:00:00     
(4/17): python-zope-component-4.1.0-5.0.1.el7.noarch.rpm                                                                                               | 227 kB  00:00:00     
(5/17): python-zope-event-4.0.3-2.el7.noarch.rpm                                                                                                       |  78 kB  00:00:00     
(6/17): python2-acme-1.11.0-1.el7.noarch.rpm                                                                                                           |  82 kB  00:00:00     
(7/17): python2-configargparse-0.11.0-2.el7.noarch.rpm                                                                                                 |  30 kB  00:00:00     
(8/17): python2-certbot-1.11.0-2.el7.noarch.rpm                                                                                                        | 385 kB  00:00:00     
(9/17): python2-distro-1.5.0-1.el7.noarch.rpm                                                                                                          |  32 kB  00:00:00     
(10/17): python2-future-0.18.2-2.el7.noarch.rpm                                                                                                        | 805 kB  00:00:00     
(11/17): python2-mock-1.0.1-10.el7.noarch.rpm                                                                                                          |  91 kB  00:00:00     
(12/17): python2-josepy-1.3.0-2.el7.noarch.rpm                                                                                                         |  89 kB  00:00:00     
(13/17): python2-parsedatetime-2.4-6.el7.noarch.rpm                                                                                                    |  78 kB  00:00:00     
(14/17): python2-pyrfc3339-1.1-3.el7.noarch.rpm                                                                                                        |  15 kB  00:00:00     
(15/17): python2-six-1.9.0-0.el7.noarch.rpm                                                                                                            | 2.3 kB  00:00:00     
(16/17): python-zope-interface-4.0.5-4.el7.x86_64.rpm                                                                                                  | 138 kB  00:00:00     
(17/17): pytz-2016.10-2.el7.noarch.rpm                                                                                                                 |  46 kB  00:00:00     
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                         1.1 MB/s | 2.2 MB  00:00:01     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : python2-six-1.9.0-0.el7.noarch                                                                                                                            1/17 
  Installing : python2-josepy-1.3.0-2.el7.noarch                                                                                                                         2/17 
  Installing : python2-pyrfc3339-1.1-3.el7.noarch                                                                                                                        3/17 
  Installing : python-zope-interface-4.0.5-4.el7.x86_64                                                                                                                  4/17 
  Installing : pytz-2016.10-2.el7.noarch                                                                                                                                 5/17 
  Installing : python2-mock-1.0.1-10.el7.noarch                                                                                                                          6/17 
  Installing : python2-distro-1.5.0-1.el7.noarch                                                                                                                         7/17 
  Installing : python2-future-0.18.2-2.el7.noarch                                                                                                                        8/17 
  Installing : python2-parsedatetime-2.4-6.el7.noarch                                                                                                                    9/17 
  Installing : python-requests-toolbelt-0.8.0-3.el7.noarch                                                                                                              10/17 
  Installing : python-zope-event-4.0.3-2.el7.noarch                                                                                                                     11/17 
  Installing : 1:python-zope-component-4.1.0-5.0.1.el7.noarch                                                                                                           12/17 
  Installing : python-ndg_httpsclient-0.3.2-1.el7.noarch                                                                                                                13/17 
  Installing : python2-acme-1.11.0-1.el7.noarch                                                                                                                         14/17 
  Installing : python2-configargparse-0.11.0-2.el7.noarch                                                                                                               15/17 
  Installing : python2-certbot-1.11.0-2.el7.noarch                                                                                                                      16/17 
  Installing : certbot-1.11.0-2.el7.noarch                                                                                                                              17/17 
  Verifying  : python2-josepy-1.3.0-2.el7.noarch                                                                                                                         1/17 
  Verifying  : pytz-2016.10-2.el7.noarch                                                                                                                                 2/17 
  Verifying  : 1:python-zope-component-4.1.0-5.0.1.el7.noarch                                                                                                            3/17 
  Verifying  : python2-configargparse-0.11.0-2.el7.noarch                                                                                                                4/17 
  Verifying  : certbot-1.11.0-2.el7.noarch                                                                                                                               5/17 
  Verifying  : python-ndg_httpsclient-0.3.2-1.el7.noarch                                                                                                                 6/17 
  Verifying  : python-zope-event-4.0.3-2.el7.noarch                                                                                                                      7/17 
  Verifying  : python-zope-interface-4.0.5-4.el7.x86_64                                                                                                                  8/17 
  Verifying  : python2-acme-1.11.0-1.el7.noarch                                                                                                                          9/17 
  Verifying  : python2-pyrfc3339-1.1-3.el7.noarch                                                                                                                       10/17 
  Verifying  : python2-certbot-1.11.0-2.el7.noarch                                                                                                                      11/17 
  Verifying  : python2-six-1.9.0-0.el7.noarch                                                                                                                           12/17 
  Verifying  : python-requests-toolbelt-0.8.0-3.el7.noarch                                                                                                              13/17 
  Verifying  : python2-future-0.18.2-2.el7.noarch                                                                                                                       14/17 
  Verifying  : python2-distro-1.5.0-1.el7.noarch                                                                                                                        15/17 
  Verifying  : python2-parsedatetime-2.4-6.el7.noarch                                                                                                                   16/17 
  Verifying  : python2-mock-1.0.1-10.el7.noarch                                                                                                                         17/17 
Installed:
  certbot.noarch 0:1.11.0-2.el7                                                                                                                                               
Dependency Installed:
  python-ndg_httpsclient.noarch 0:0.3.2-1.el7             python-requests-toolbelt.noarch 0:0.8.0-3.el7             python-zope-component.noarch 1:4.1.0-5.0.1.el7            
  python-zope-event.noarch 0:4.0.3-2.el7                  python-zope-interface.x86_64 0:4.0.5-4.el7                python2-acme.noarch 0:1.11.0-1.el7                        
  python2-certbot.noarch 0:1.11.0-2.el7                   python2-configargparse.noarch 0:0.11.0-2.el7              python2-distro.noarch 0:1.5.0-1.el7                       
  python2-future.noarch 0:0.18.2-2.el7                    python2-josepy.noarch 0:1.3.0-2.el7                       python2-mock.noarch 0:1.0.1-10.el7                        
  python2-parsedatetime.noarch 0:2.4-6.el7                python2-pyrfc3339.noarch 0:1.1-3.el7                      python2-six.noarch 0:1.9.0-0.el7                          
  pytz.noarch 0:2016.10-2.el7                            
Complete!
success
success
Setting up security list...
Action completed. Waiting until the resource has entered state: ('AVAILABLE',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "defined-tags": {
      "Oracle-Tags": {
        "CreatedBy": "oracleidentitycloudservice/sguil4d@no-spam.net",
        "CreatedOn": "2021-11-01T03:37:33.570Z"
      }
    },
    "display-name": "Default Security List for vcn-20211031-2036",
    "egress-security-rules": [
      {
        "description": "Created by setupLoadBalancer script.",
        "destination": "0.0.0.0/0",
        "destination-type": "CIDR_BLOCK",
        "icmp-options": null,
        "is-stateless": false,
        "protocol": "all",
        "tcp-options": null,
        "udp-options": null
      }
    ],
    "freeform-tags": {},
    "id": "ocid1.securitylist.oc1.phx.aaaaaaaaok4ov3xl6kxiyia5jknptun5ty7gagr2adlch6wq6437jxv3vrxa",
    "ingress-security-rules": [
      {
        "description": "Created by setupLoadBalancer script.",
        "icmp-options": null,
        "is-stateless": false,
        "protocol": "6",
        "source": "0.0.0.0/0",
        "source-type": "CIDR_BLOCK",
        "tcp-options": {
          "destination-port-range": {
            "max": 443,
            "min": 443
          },
          "source-port-range": null
        },
        "udp-options": null
      },
      {
        "description": "Created by setupLoadBalancer script.",
        "icmp-options": null,
        "is-stateless": false,
        "protocol": "6",
        "source": "0.0.0.0/0",
        "source-type": "CIDR_BLOCK",
        "tcp-options": {
          "destination-port-range": {
            "max": 80,
            "min": 80
          },
          "source-port-range": null
        },
        "udp-options": null
      },
      {
        "description": "Created by setupLoadBalancer script.",
        "icmp-options": null,
        "is-stateless": false,
        "protocol": "6",
        "source": "0.0.0.0/0",
        "source-type": "CIDR_BLOCK",
        "tcp-options": {
          "destination-port-range": {
            "max": 22,
            "min": 22
          },
          "source-port-range": null
        },
        "udp-options": null
      },
      {
        "description": "Created by setupLoadBalancer script.",
        "icmp-options": null,
        "is-stateless": false,
        "protocol": "6",
        "source": "10.0.0.0/24",
        "source-type": "CIDR_BLOCK",
        "tcp-options": {
          "destination-port-range": {
            "max": 8080,
            "min": 8080
          },
          "source-port-range": null
        },
        "udp-options": null
      },
      {
        "description": "Created by setupLoadBalancer script.",
        "icmp-options": {
          "code": 4,
          "type": 3
        },
        "is-stateless": false,
        "protocol": "1",
        "source": "0.0.0.0/0",
        "source-type": "CIDR_BLOCK",
        "tcp-options": null,
        "udp-options": null
      },
      {
        "description": "Created by setupLoadBalancer script.",
        "icmp-options": {
          "code": null,
          "type": 3
        },
        "is-stateless": false,
        "protocol": "1",
        "source": "10.0.0.0/16",
        "source-type": "CIDR_BLOCK",
        "tcp-options": null,
        "udp-options": null
      }
    ],
    "lifecycle-state": "AVAILABLE",
    "time-created": "2021-11-01T03:37:33.705000+00:00",
    "vcn-id": "ocid1.vcn.oc1.phx.amaaaaaaqgjjq6yat454tlkukg4lrezdfitakswur7s36vmmsle3xu3qznfa"
  },
  "etag": "9a14aecc"
}
Creating certbot_bs backend set...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaajmtvajmffnbvrvolzukf2w3lhxv2ewyxy2k2p2v5xwk33ctpn7tq",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"3e2e33ba-10e2-4cee-b2cb-d33f85ac7196\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddBackendSetWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaajmtvajmffnbvrvolzukf2w3lhxv2ewyxy2k2p2v5xwk33ctpn7tq\"\n}",
    "time-accepted": "2021-11-01T04:31:51.745000+00:00",
    "time-finished": "2021-11-01T04:32:01.240000+00:00",
    "type": "CreateBackendSet"
  }
}
Creating https_bs backend set...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaiyj3awuqnfo4wlrwtjgsbwo6ntiykgb5ccq73jaeinlcg5jvta4q",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"4b8e6368-bd5d-434c-9007-15d22a906fdc\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddBackendSetWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaiyj3awuqnfo4wlrwtjgsbwo6ntiykgb5ccq73jaeinlcg5jvta4q\"\n}",
    "time-accepted": "2021-11-01T04:32:09.387000+00:00",
    "time-finished": "2021-11-01T04:32:51.257000+00:00",
    "type": "CreateBackendSet"
  }
}
Creating https backend...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaxhs6xsmuofod3nfqmbqqqiizdwnozhg624k7pv35drajkdndfzaq",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"6313da3e-d659-477a-9d8c-8f6f93329ee8\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddBackendWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaxhs6xsmuofod3nfqmbqqqiizdwnozhg624k7pv35drajkdndfzaq\"\n}",
    "time-accepted": "2021-11-01T04:32:58.816000+00:00",
    "time-finished": "2021-11-01T04:33:14.148000+00:00",
    "type": "CreateBackend"
  }
}
Creating certbot backend...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaict5ykfmgpv7c3s2brdcz7eauysdqc5c7zuipcq34g4wflt33bnq",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"2d77f9d8-926a-4dc1-9d8d-e0b3e9ac1011\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddBackendWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaict5ykfmgpv7c3s2brdcz7eauysdqc5c7zuipcq34g4wflt33bnq\"\n}",
    "time-accepted": "2021-11-01T04:33:22.117000+00:00",
    "time-finished": "2021-11-01T04:33:35.158000+00:00",
    "type": "CreateBackend"
  }
}
Creating routing policy for certbot...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaa5um2qihlubmilepodeejlcsjnctm4hijq5nsber73ycnzfglykqa",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"640295f1-47eb-4591-8c22-5fad6317b579\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddRoutingPolicyWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaa5um2qihlubmilepodeejlcsjnctm4hijq5nsber73ycnzfglykqa\"\n}",
    "time-accepted": "2021-11-01T04:33:43.155000+00:00",
    "time-finished": "2021-11-01T04:33:56.869000+00:00",
    "type": "AddRoutingPolicy"
  }
}
Creating HTTP redirect rule set...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaa2g2idwce7kp4iswnhjja455dlyq7ggzhpi4bntq3c5ujbgde6v5q",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"65222d10-00fe-42f1-91e4-b48dc9a8f64c\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddRuleSetWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaa2g2idwce7kp4iswnhjja455dlyq7ggzhpi4bntq3c5ujbgde6v5q\"\n}",
    "time-accepted": "2021-11-01T04:34:08.703000+00:00",
    "time-finished": "2021-11-01T04:34:18.997000+00:00",
    "type": "CreateRuleSet"
  }
}
Creating HTTP listener...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaen35wntmcouiqtdgjrp3rgtiyjdwzjdxriu4wrzye5s7aagvhw2q",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"4be5c6bb-966c-4b62-98c8-4b4ba73559bf\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddListenerWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaen35wntmcouiqtdgjrp3rgtiyjdwzjdxriu4wrzye5s7aagvhw2q\"\n}",
    "time-accepted": "2021-11-01T04:34:32.411000+00:00",
    "time-finished": "2021-11-01T04:34:50.796000+00:00",
    "type": "CreateListener"
  }
}
Getting letsEncrypt certificate...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Account registered.
Requesting a certificate for cloud-demo.asteriondb.com
Performing the following challenges:
http-01 challenge for cloud-demo.asteriondb.com
Waiting for verification...
Cleaning up challenges
Running deploy-hook command: /home/asterion/asterion/oracle/admin/setupLoadBalancer/deployHook.sh
Output from deploy-hook command deployHook.sh:
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaxn5emegubvbt56ly3ajzubrjts4tt5av3hirxngsidm5kcp6euuq",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"81bef208-7835-489d-b31b-70281c4927f5\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddCertificateWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaxn5emegubvbt56ly3ajzubrjts4tt5av3hirxngsidm5kcp6euuq\"\n}",
    "time-accepted": "2021-11-01T04:35:18.064000+00:00",
    "time-finished": "2021-11-01T04:35:35.045000+00:00",
    "type": "CreateCertificate"
  }
}
Error output from deploy-hook command deployHook.sh:
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/cloud-demo.asteriondb.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/cloud-demo.asteriondb.com/privkey.pem
   Your certificate will expire on 2022-01-30. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again. To non-interactively renew *all* of your
   certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:
   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le
Updating HTTP listener...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaxvqe2pogdhmfxhv6wqpyle6umx5kjxgz2naat3uozuaszaw26bgq",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"b86cc5b5-e5ce-4f98-b737-99b11429cd32\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"PutListenerWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaaxvqe2pogdhmfxhv6wqpyle6umx5kjxgz2naat3uozuaszaw26bgq\"\n}",
    "time-accepted": "2021-11-01T04:35:49.866000+00:00",
    "time-finished": "2021-11-01T04:35:57.373000+00:00",
    "type": "UpdateListener"
  }
}
Creating HTTPS listener...
Action completed. Waiting until the work request has entered state: ('SUCCEEDED',)
{
  "data": {
    "compartment-id": "ocid1.compartment.oc1..aaaaaaaavlq5inzaax6pdbc576ertgntmbooa3tjbaoewx3ryxu67uml5evq",
    "error-details": [],
    "id": "ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaa5b7jgq6bymxheap7yxmxtzvkjw7onqk37ajs7pfphztadvobtmvq",
    "lifecycle-state": "SUCCEEDED",
    "load-balancer-id": "ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq",
    "message": "{\n  \"eventId\" : \"a4546f42-0e18-453f-82f2-e0c2dca20fd3\",\n  \"loadBalancerId\" : \"ocid1.loadbalancer.oc1.phx.aaaaaaaabstamcc7an63bpuc6p5rrs2x2fqrneb7wgtxuh7xchygqxub7shq\",\n  \"workflowName\" : \"AddListenerWorkflow\",\n  \"type\" : \"SUCCESS\",\n  \"message\" : \"OK\",\n  \"workRequestId\" : \"ocid1.loadbalancerworkrequest.oc1.phx.aaaaaaaa5b7jgq6bymxheap7yxmxtzvkjw7onqk37ajs7pfphztadvobtmvq\"\n}",
    "time-accepted": "2021-11-01T04:36:05.399000+00:00",
    "time-finished": "2021-11-01T04:36:59.514000+00:00",
    "type": "CreateListener"
  }
}
Setting up Certbot cron job...
Success...!!!  Your AsterionDB installation is now secure and behind an SSL enabled load balancer.
You can now proceed with installing AsterionDB by running the updateConfig.sh and applyConfig.sh scripts.
Mon Nov  1 04:37:02 GMT 2021

Log output from 'updateConfig.sh' and 'applyConfig.sh'

				
					[asterion@demo-box admin]$cd ~/asterion/oracle/admin
[asterion@demo-box admin]$./updateConfig.sh 
Enter in Database type AUTONOMOUS(default), PDB, STANDARD - 
Enter in Database connection string or alias db202009181412_high(default) - 
Database Admin User ADMIN(default) - 
Database Admin Password - 
Enter the External facing Hostname:Port localhost:8080(default) - cloud-demo.asteriondb.com
Do you want enable SSL (y/n - default y)?  
AsterionDB Administrator Username asteriondb_admin(default) - 
Enter the AsterionDB Administrator Password - 
NOTE:
 ~/asterion/oracle/admin/installSettings.sh will be created and will contain
   Security Sensitive values. After the AsterionDB installation has completed,
   consider it's disposition, it is not required for the operation of the
   product services.
[asterion@demo-box admin]$./applyConfig.sh 
Creating symbolic links...
Setting up admin scripts and config files...
Installing DbTwig Middle-Tier Listener...
SQL*Plus: Release 21.0.0.0.0 - Production on Mon Nov 1 04:51:49 2021
Version 21.3.0.0.0
Copyright (c) 1982, 2021, Oracle.  All rights reserved.
Connected.
SQL> 
PL/SQL procedure successfully completed.
SQL> 
Synonym created.

Session altered.
SQL> 
Table created.
SQL> 
Table created.
SQL> 
Package created.
No errors.
Package body created.
No errors.
SQL> 
Grant succeeded.
SQL> 
SQL> exit;
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.13.0.1.0
Installing Object Vault...
SQL*Plus: Release 21.0.0.0.0 - Production on Mon Nov 1 04:51:54 2021
Version 21.3.0.0.0
Copyright (c) 1982, 2021, Oracle.  All rights reserved.
Connected.
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.13.0.1.0
Enabling default object types...
SQL*Plus: Release 21.0.0.0.0 - Production on Mon Nov 1 04:52:07 2021
Version 21.3.0.0.0
Copyright (c) 1982, 2021, Oracle.  All rights reserved.
Connected.
Session altered.

PL/SQL procedure successfully completed.
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.13.0.1.0
The AsterionDB SecureObject Vault has been successfully installed...!!!
Please review the installation.  If successfull, we recommend that you run the post installation cleanup to
remove security sensitive information from this middle tier compute node.
Are you sure you want to run the post installtion cleanup script?  Type 'Yes' to run the script. 
Exiting without running the post install cleanup script.
If you want to run this script later, you can find it at /home/asterion/asterion/oracle/admin/postInstallCleanup.sh
Created symlink from /etc/systemd/system/multi-user.target.wants/dbTwig.service to /usr/lib/systemd/system/dbTwig.service.
● dbTwig.service - DbTwig - Ultra-Thin MiddleTier Listener
   Loaded: loaded (/usr/lib/systemd/system/dbTwig.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/dbTwig.service.d
           └─override.conf
   Active: active (running) since Mon 2021-11-01 04:52:10 GMT; 220ms ago
 Main PID: 22778 (node)
    Tasks: 1
   Memory: 5.1M
   CGroup: /system.slice/dbTwig.service
           └─22778 /usr/bin/node /home/asterion/asterion/oracle/dbTwig/middleTier/index.js
Nov 01 04:52:10 demo-box systemd[1]: Started DbTwig - Ultra-Thin MiddleTier Listener.
Created symlink from /etc/systemd/system/multi-user.target.wants/dbStreamer.service to /usr/lib/systemd/system/dbStreamer.service.
● dbStreamer.service - AsterionDB DbStreamer Database Streaming Server
   Loaded: loaded (/usr/lib/systemd/system/dbStreamer.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/dbStreamer.service.d
           └─override.conf
   Active: active (running) since Mon 2021-11-01 04:52:11 GMT; 204ms ago
 Main PID: 22838 (dbStreamer)
    Tasks: 2
   Memory: 5.5M
   CGroup: /system.slice/dbStreamer.service
           └─22838 /home/asterion/asterion/oracle/bin/dbStreamer
Nov 01 04:52:11 demo-box systemd[1]: Started AsterionDB DbStreamer Database Streaming Server.
Created symlink from /etc/systemd/system/multi-user.target.wants/dbObscura.service to /usr/lib/systemd/system/dbObscura.service.
● dbObscura.service - AsterionDB DbObscura File System Gateway
   Loaded: loaded (/usr/lib/systemd/system/dbObscura.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/dbObscura.service.d
           └─override.conf
   Active: active (running) since Mon 2021-11-01 04:52:14 GMT; 241ms ago
  Process: 22892 ExecStart=/home/asterion/asterion/oracle/bin/dbObscura (code=exited, status=0/SUCCESS)
 Main PID: 22997 (dbObscura)
    Tasks: 4
   Memory: 6.4M
   CGroup: /system.slice/dbObscura.service
           └─22997 /home/asterion/asterion/oracle/bin/dbObscura
Nov 01 04:52:12 demo-box systemd[1]: Starting AsterionDB DbObscura File System Gateway...
Nov 01 04:52:14 demo-box systemd[1]: Started AsterionDB DbObscura File System Gateway.
[asterion@demo-box admin]$

Follow Us

© 2023 By AsterionDB, Inc. All Rights Reserved