As of today (August 2018), there is still no internal capability in Oracle Cloud Infrastructure to change the shape of a given compute instance but manually removing and creating the whole machine. This would be indeed a great feature and really believe that Oracle is working to deploy it very soon.
Meanwhile, I have some customers that work with OCI in multiple regions, one as the primary and other as DR, and to save costs, they keep the DR instance running with the minimum required shape (usually VM.Standard2.1). However, in a DR scenario, they want to be able to rapidly change the shape on DR to a higher one (same as in Primary). They also want to be able to scale down fast when DR scenario is over.
As the steps to drop and create a machine are not trivial, I've develop a script that do all the work. The only requirement is to have 2 tools and bash: oci-cli and jq (command-line JSON processor).
They are available at:
The script is public available at my github oci-scripts page: oci_compute_instance_reshape.sh
How does it work?
The script is not complex. It works by getting all the current information of machine in json, including the attached disks, attached vnics and Reserved Public IPs (if assigned). Then it will remove and create the machine using the same boot volumes and properties, but with the new shape.
First it will create a action script and ask if you want to run it. So in case you get a problem in any steps, you know where it stopped and the next steps to manual resume the remaining actions.
The macro steps are:
- Soft stop the compute if it's running.
- Terminate the compute.
- Create a new compute with all same attributes but different shape (OCID will change).
- Update the Primary VNIC of the compute with same attributes from the old one.
- Assign reserved Public IP to Primary VNIC if it had one.
- Attach Secondary VNICs to the compute if any existed before.
- Assign reserved Public IP to Secondary VNICs if it had one.
- Attach Block Volumes to the compute.
- Generate ISCSI commands to be executed in the server.
Script Usage:
Script latest version can be downloaded from github at: https://github.com/dbarj/oci-scripts/blob/master/oci_compute_instance_reshape.sh
$ ./oci-compute-instance-reshape.sh ./oci-compute-instance-reshape.sh: Two arguments are needed.. given: 0 - 1st param = Compute Instance Name or OCID - 2nd param = Compute Instance Target Shape
Basically first parameter is the Compute Instance display name or OCID. The second parameter is the target Shape.
Before running anything, the script does multiple validations to ensure the given values are valid.
Execution Example:
Note: OCID values were masked for security.
$ ./oci-compute-instance-reshape.sh OCASTSTT00DBRE1 VM.Standard1.1 Machine will be moved from "VM.Standard1.2" to "VM.Standard1.1". Following steps will be executed: - Instance "OCASTSTT00DBRE1"(ocid1.instance.oc1.iad.xxx) will be stopped. - Instance "OCASTSTT00DBRE1"(ocid1.instance.oc1.iad.xxx) will be terminated. - New instance "OCASTSTT00DBRE1" will be created with same boot volume and attributes (new OCID generated). - Primary VNIC on new instance "OCASTSTT00DBRE1" will be updated. - Secondary VNICs will be reattach. - Block Volumes will be reattach. Execution script created at "ocid1.instance.oc1.iad.xxx/runall.sh" file. Type "YES" to execute it and apply the changes:
At this point, nothing was executed yet. You can check the steps that will be taken in runall.sh file before responding.
Type "YES" (all upper) to run it.
...
Type "YES" to execute it and apply the changes: YES
+ . ocid1.instance.oc1.iad.xxx/runall.sh
++ cd ocid1.instance.oc1.iad.xxx
++ oci compute instance action --instance-id ocid1.instance.oc1.iad.xxx --action SOFTSTOP --wait-for-state STOPPED --max-wait-seconds 3600
Action completed. Waiting until the resource has entered state: STOPPED
++ ret=0
++ oci compute instance terminate --force --instance-id ocid1.instance.oc1.iad.xxx --wait-for-state TERMINATED --preserve-boot-volume true --max-wait-seconds 3600
Action completed. Waiting until the resource has entered state: TERMINATED
++ ret=0
++ oci compute instance launch --availability-domain TfbK:US-ASHBURN-AD-1 --shape VM.Standard1.1 --display-name OCASTSTT00DBRE1 --source-boot-volume-id ocid1.bootvolume.oc1.iad.abuwcljtnx4mmmesipxjhjr5wbhp4l2f5miwdidr5thbkutxhqvnyvrpkzca --subnet-id ocid1.subnet.oc1.iad.yyy --private-ip 10.72.116.17 --wait-for-state RUNNING --max-wait-seconds 3600 --vnic-display-name OCASTSTT00DBRE1 --hostname-label echooi --skip-source-dest-check true --assign-public-ip false --defined-tags '{"Operations":{"CostCenter":"12"}}' --freeform-tags '{}' --metadata '{"ssh_authorized_keys":"ssh-rsa AAA...== rodrigo.jorge@dbarj.com","user_data":"I2Nsb3VkLWNvbmZpZwojCiMg...=="}' --extended-metadata '{}' --fault-domain FAULT-DOMAIN-1
Action completed. Waiting until the resource has entered state: RUNNING
++ ret=0
+++ oci compute instance list --all
+++ jq -rc '.data[] | select(."display-name" == "OCASTSTT00DBRE1" and ."lifecycle-state" != "TERMINATED") | ."id"'
++ v_newInstanceID=ocid1.instance.oc1.iad.zzz
+++ oci compute instance list-vnics --all --instance-id ocid1.instance.oc1.iad.zzz
+++ jq -rc '.data[] | select (."is-primary" == true) | ."id"'
++ v_newInstancePriVnicID=ocid1.vnic.oc1.iad.aaa
++ oci network vnic update --force --vnic-id ocid1.vnic.oc1.iad.aaa --defined-tags '{}' --freeform-tags '{}'
++ ret=0
+++ oci network private-ip list --all --ip-address 10.72.116.17 --subnet-id ocid1.subnet.oc1.iad.yyy
+++ jq -rc '.data[]."id"'
++ v_privateipid=ocid1.privateip.oc1.iad.bbb
++ oci network public-ip update --public-ip-id ocid1.publicip.oc1.iad.fff --private-ip-id ocid1.privateip.oc1.iad.bbb --wait-for-state ASSIGNED --max-wait-seconds 3600
Action completed. Waiting until the resource has entered state: ASSIGNED
++ ret=0
++ oci compute instance attach-vnic --instance-id ocid1.instance.oc1.iad.zzz --wait --subnet-id ocid1.subnet.oc1.iad.ccc --vnic-display-name 'Sec VNIC' --freeform-tags '{}' --private-ip 10.72.64.3 --skip-source-dest-check true --defined-tags '{}'
++ ret=0
++ oci compute volume-attachment attach --instance-id ocid1.instance.oc1.iad.zzz --type iscsi --volume-id ocid1.volume.oc1.iad.ddd --is-read-only false --wait-for-state ATTACHED --max-wait-seconds 3600
Action completed. Waiting until the resource has entered state: ATTACHED
++ ret=0
++ oci compute volume-attachment attach --instance-id ocid1.instance.oc1.iad.zzz --type iscsi --volume-id ocid1.volume.oc1.iad.eee --is-read-only false --wait-for-state ATTACHED --max-wait-seconds 3600
Action completed. Waiting until the resource has entered state: ATTACHED
++ ret=0
+ cd -
/u01/home/orchestrator/oci-cli/scripts
+ set +x
MACHINE RECREATED SUCCESSFULLY
Machine was successfully recreated with new shape. Now the script will provide the ISCSI commands to detected the new Block Volumes, if the machine had any:
... MACHINE RECREATED SUCCESSFULLY #### BEGIN - NEW DISKS IPS DISCOVERY #### set -x sudo iscsiadm -m node -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -p 169.254.2.2:3260 -u sudo iscsiadm -m node -o delete -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -p 169.254.2.2:3260 sudo iscsiadm -m node -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -p 169.254.2.3:3260 -u sudo iscsiadm -m node -o delete -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -p 169.254.2.3:3260 sudo iscsiadm -m node -o new -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -p 169.254.2.2:3260 sudo iscsiadm -m node -o update -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -n node.startup -v automatic sudo iscsiadm -m node -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -p 169.254.2.2:3260 -l sudo iscsiadm -m node -o new -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -p 169.254.2.3:3260 sudo iscsiadm -m node -o update -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -n node.startup -v automatic sudo iscsiadm -m node -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -p 169.254.2.3:3260 -l set +x #### END - NEW DISKS IPS DISCOVERY #### Script above must be executed in target machine. Type "YES" to apply the changes via SSH:
If you have SSH access to the server and keys for OPC in the current user, just type "YES" (all upper) and it will connect as OPC and run it for you:
... Script above must be executed in target machine. Type "YES" to apply the changes via SSH: YES Checking Server availability.. Server Available! Bouncing the instance.. + sudo iscsiadm -m node -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -p 169.254.2.2:3260 -u iscsiadm: No matching sessions found + sudo iscsiadm -m node -o delete -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -p 169.254.2.2:3260 iscsiadm: No records found + sudo iscsiadm -m node -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -p 169.254.2.3:3260 -u iscsiadm: No matching sessions found + sudo iscsiadm -m node -o delete -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -p 169.254.2.3:3260 iscsiadm: No records found + sudo iscsiadm -m node -o new -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -p 169.254.2.2:3260 New iSCSI node [tcp:[hw=,ip=,net_if=,iscsi_if=default] 169.254.2.2,3260,-1 iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6] added + sudo iscsiadm -m node -o update -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -n node.startup -v automatic + sudo iscsiadm -m node -T iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6 -p 169.254.2.2:3260 -l Logging in to [iface: default, target: iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6, portal: 169.254.2.2,3260] (multiple) Login to [iface: default, target: iqn.2015-12.com.oracleiaas:ffffffff-3a66-4b97-bd31-56058147cbf6, portal: 169.254.2.2,3260] successful. + sudo iscsiadm -m node -o new -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -p 169.254.2.3:3260 New iSCSI node [tcp:[hw=,ip=,net_if=,iscsi_if=default] 169.254.2.3,3260,-1 iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff] added + sudo iscsiadm -m node -o update -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -n node.startup -v automatic + sudo iscsiadm -m node -T iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff -p 169.254.2.3:3260 -l Logging in to [iface: default, target: iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff, portal: 169.254.2.3,3260] (multiple) Login to [iface: default, target: iqn.2015-12.com.oracleiaas:eeeeeeee-4701-45f5-b989-518ca9b898ff, portal: 169.254.2.3,3260] successful. + set +x + oci compute instance action --instance-id ocid1.instance.oc1.iad.zzz --action SOFTRESET --wait-for-state RUNNING --max-wait-seconds 3600 Action completed. Waiting until the resource has entered state: RUNNING + set +x
That's it. Machine ready and in new shape.
Ephemeral Public IPs
The downside of recreating a compute instance is that if you have Ephemeral Public IPs associated to it, this IP will change on instance recreation what can cause many issues. The script will thus warn if any ephemeral Public IP is found.
Hope this helps..
Have you enjoyed? Please leave a comment or give a 👍!
4 comments
Skip to comment form
Hey, I just found your script, Looks very promising and useful. I will let you know how it goes
Great script but if DNS is not enabled on a subnet, the new provision fails miserably as OCI won't allow or apply the "--hostname-label null" to any subnets lacking DNS enabled.
I was able to take the provision command, strip out the --hostname-label null and it built the new shape without issues.
Author
Thanks for the feedback Drew. This issue was corrected on version 1.07 of this script.
Regards,
RJ
Will this work for OCI- database system or only for OCI compute instances?