Appendix - Setting up an SSH tunnel to a remote database
To allow FlexDeploy to deploy to a database instance on the Oracle cloud without having to open up the database ports via the firewall, a ssh tunnel can be established from an internal server. This ssh tunnel can then be configured to talk to the database listener via the ssh tunnel. To accomplish this, on a server on the local network that will serve as the endpoint to connect to the cloud database:
Step-by-step guide
-Setup the SSH to communicate from the internal endpoint to the cloud instance
Create an .ssh directory: Â Â
mkdir /home/oracle/.ssh/id_rsa
Populate the
id_rsa
 file with the private keyMake sure permissions on the directory and file are 600:  Â
chmod -R 600 /home/oracle/.ssh
Start the SSH tunnel as a background process:
Change
LOCALPORT
 to the port that FlexDeploy will connect to on the endpointChange
CLOUD_INSTANCE
 to the public DNS name or IP Address of the cloud instanceChange
CLOUD_DB_PORT
 to the listener port of the database on the cloudRun the command from the linux prompt: Â
ssh -i /home/oracle/.ssh/id_rsa -f -L LOCALPORT:CLOUD_INSTANCE:CLOUD_DB_PORT oracle@CLOUD_INSTANCE -N
EXAMPLE:
ssh -i /home/oracle/.ssh/id_rsa -f -L 1621: oc-129-144-43-94.compute.oraclecloud.com:1521 oracle@oc-129-144-43-94.compute.oraclecloud.com -N
Now configure FlexDeploy:
Setup an endpoint to the server that you created the ssh tunnel on.
Configure the Database plugin to point to a JDBC URL of localhost:1621:dbt03 on the endpoint that you set up.
Localhost will cause it to use the ssh tunnel on the current endpoint.
The port of 1621 is automatically forwarded via the ssh tunnel to the cloud instance’s port 1521.
The database dbt03 resides on the cloud instance.
Related articles
- style