In this article we will do the first steps on Oracle Database Cloud Service.  In my article "Oracle Cloud PaaS & SaaS Trials - Start to Play NOW!" I explained how you can request 30 days free of Oracle Cloud Services to practice, get in touch with Oracle Cloud, etc. 

In this article we will create an Oracle Container Database with a Pluggable Database in Oracle Public Cloud. We will use "Oracle Database Cloud Service" for this example. 

Firstable we have to create our public key, for that follow the next steps:

Deibys-MacBook-Pro:~ HDeiby$ cd $HOME
Deibys-MacBook-Pro:~ HDeiby$ ssh-keygen -b 2048 -t rsa -f mykey.rsa
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in mykey.rsa.
Your public key has been saved in
The key fingerprint is:
SHA256:HPUfHeXDris9lQc0NM34+Xmuy/orYx+a2bmUg21S8rY HDeiby@Deibys-MacBook-Pro.local
The key's randomart image is:
+---[RSA 2048]----+
| . .o=o|
| . . =++|
| . ...=+|
| . . .ooo|
| S . oo+|
| *.=+|
| +.@.o|
| .+&.=.|
| .*BE= |
Deibys-MacBook-Pro:~ HDeiby$

Deibys-MacBook-Pro:~ HDeiby$ ls -ltr mykey*
-rw-r--r-- 1 HDeiby staff 413 Jun 1 06:39
-rw------- 1 HDeiby staff 1675 Jun 1 06:39 mykey.rsa
Deibys-MacBook-Pro:~ HDeiby$

The following step is important, to change the permission on the files:

Deibys-MacBook-Pro:~ HDeiby$ chmod 600 mykey.rsa

The first step is going to

In that webpage we have to clic on the button "Create Service" as we see in the following image:

In the next section we have to decide which kind of Service Level we want to select. We have two options, in the first option oracle decides  which Instance parameter to use and in the second one we have more flexibility to create the database by ourself by using DBCA (Database Configuration Assistant) step by step. Also we have to decide either we want to pay hourly or Monthly. 

Now it's time to select which version of database we want to use. Oracle provides two versions. and also Selects the best for your:

In the next Step we have to fill out all the fields. For this example we will select in the field "Backup and Recovery Configuration" the value of "None". We will show how this works in upcoming articles but for now, we don't have to worry about. Also be aware that the password of SYS/SYSTEM will be the password that you will specify in the field "Administration Password" , if you click on the icon (?) next to the field "Administration password" you will see more information about this. In this step we also specify the name of the database, the name of the Pluggable Database because the database will be created as a Database Container (CDB). See that there is not any option to select a non-Container Database, this could be because Oracle is suppose to deprecate the non-Containers Databases in future versions. We have to select also how much power we would like on this machine, we specify the RAM and also the CPU that will be used by this database.  Another important fact is that in this form we have to use the public key that we created at the beginning, do you remember? Well for that you have to clic on the button "Edit" next to the field "SSH Public Key"

When you click on the button "Edit" next to the field "SSH Public Key", you will see the following window, in this window  we have to select the option "Key file name" and then click on the button "Explore", you have to select the public file in your computer, the file that we have to select is the one that ends with ".pub". In our example the file I have to use is "":

Once you selects the file you will see that the file names appears as you can see below:

In the next step, Oracle shows us a brief Summary of what we have selected. We just have to confirma and go on.

Excellent we have almost completed. Now the database is being created. You will see that the status is "In progress" and also the icon is like an icon loading. In this step we have just to wait. 

After some minutes our Database is created. We will see that we have a "Public IP", we have the database Port (1521) and the Pluggable Database name. This is important because we need the host, port and database name in order to create our connections. We also have in the details the "Connect String", you can use that in order to create TNS entries in your tnsnames.ora file.  

If you reached this step you have already your database. Now the next step is how to connect? , how to create a session?

Well, we can use any tool like SQL Developer, sqlplus, Toad, etc and all what we need is the Connect String and you already have this information. You just specify the Service Name, Host and the Port and you will be able to create sessions. But there is another important thing. The "Connect String" that Oracle gave you (in the above image) it says that the host is "CDB" this hostname resolves to the IP that Oracle provided you in the summary. So You can replace the hostname "CDB" by the IP or register this in your DNS. Another thing is that since the database that we created is Container Database (CDB) we can connect either to CDB$ROOT or the PDB that we specified, by default Oracle is expecting us to connect to the PDB, however you have to know that we can also connect to CDB$ROOT if we want. But you have to create by yourself the Connect String for it, by default the Connect String that Oracle provides is for PDB.  

Now in the following steps I will show you another method to create sessions. You have to know that we can connect to the "Virtual Host" where our database is running via SSH as you will see below. 

Deibys-MacBook-Pro:~ HDeiby$ ssh -i mykey.rsa -L 1024: opc@
The authenticity of host ' (' can't be established.
RSA key fingerprint is SHA256:FQvNxbwMOw+UDRNxT0adzp0x8zH6ahccKKATGeOvECA.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (RSA) to the list of known hosts.
-bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory
[opc@CDB ~]$

From that information we can say that the IP used (in blue color) is the IP the "Public IP" that Oracle provided us.  You can also see that the Port used (in green color) is the same Port that Oracle specified in the Summary. and  finally you can see that we are connecting to the OS in order to access the database, we are using the OS user called "opc" for this (red color). I had a conversation with a friend about this, In my mind I was comparing "Oracle Database Cloud Service" with Amazon RDS, and one my questions was, why oracle allows us the access to the OS? When we use "Database Cloud Service" (not compute) we don't decide the OS for our database, all what we have to specify is the database name and some other parameters as we will see. So in the conversation I had with my friend, we discussed that Oracle probably is allowing this, since some times we have or we want to do some troubleshooting at OS level, like checking the database alert log, OS alert log, etc. From that perspective, to have access to the OS is an advantage. You could think, well, we have access to OS but to the non-provileged user "opc", we don't have access as root. If you are thinking that, wait some minutes until you reach the end of this article ;)

[opc@CDB ~]$ ps -ef |grep pmon
oracle 12838 1 0 13:27 ? 00:00:00 ora_pmon_CDB
opc 27970 27532 0 13:50 pts/0 00:00:00 grep pmon
[opc@CDB ~]$ . oraenv
ORACLE_SID = [opc] ? CDB
ORACLE_BASE environment variable is not being set since this
information is not available for the current user ID opc.
You can set ORACLE_BASE manually if it is required.
Resetting ORACLE_BASE to its previous value or ORACLE_HOME
The Oracle base has been set to /u01/app/oracle/product/12.1.0/dbhome_1

Now that we have access to the OS, let's create a session like if we were on premise :)

Firstable you have to know that "/ as sysdba" is not allowed by default as you can see below:

[opc@CDB ~]$ sqlplus / as sysdba

SQL*Plus: Release Production on Thu Jun 2 02:53:54 2016

Copyright (c) 1982, 2014, Oracle. All rights reserved.

ORA-01017: invalid username/password; logon denied

If you want to create a session you must use a user but also the password as I show you below:

[opc@CDB ~]$ sqlplus sys/*** as sysdba

SQL*Plus: Release Production on Wed Jun 1 13:50:56 2016

Copyright (c) 1982, 2014, Oracle. All rights reserved.

Connected to:
Oracle Database 12c Enterprise Edition Release - 64bit Production
With the Oracle Label Security option

SQL> select name from v$database;


Let's see to which container we are connected:

SQL> show con_name


We are connected to CDB$ROOT because we didn't connect to a service name, we just connected to the local instance. In the meantime let's verify if our CDB has some PDBs:

SQL> select name from v$pdbs;


Now let's use the "Connect String" that Oracle provided us:

[opc@CDB ~]$ sqlplus sys/***@CDB:1521/PDB1.gtnuvolasa.oraclecloud.internal as sysdba

SQL*Plus: Release Production on Wed Jun 1 13:55:25 2016

Copyright (c) 1982, 2014, Oracle. All rights reserved.

Connected to:
Oracle Database 12c Enterprise Edition Release - 64bit Production

SQL> show con_name


Excellent! we created a session to our PDB. Did you see that in the "Connect String" I used "CDB" as a hostname? As I told you, this is a local hostname that resolves to a local IP, this is not the Public IP that Oracle provided, as you see below:

[opc@CDB ~]$ ping CDB
PING CDB.compute-gtnuvolasa.oraclecloud.internal ( 56(84) bytes of data.
64 bytes from CDB.compute-gtnuvolasa.oraclecloud.internal ( icmp_seq=1 ttl=64 time=0.028 ms
64 bytes from CDB.compute-gtnuvolasa.oraclecloud.internal ( icmp_seq=2 ttl=64 time=0.038 ms
64 bytes from CDB.compute-gtnuvolasa.oraclecloud.internal ( icmp_seq=3 ttl=64 time=0.062 ms
--- CDB.compute-gtnuvolasa.oraclecloud.internal ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2443ms
rtt min/avg/max/mdev = 0.028/0.042/0.062/0.016 ms

There is magic on here. This is just a Virtual Server where  an Oracle Database is running. If we check the "hosts" file we will see that the hostname "CDB" is registered there:

[opc@CDB ~]$ cat /etc/hosts localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 CDB.compute-gtnuvolasa.oraclecloud.internal CDB
[opc@CDB ~]$

And finally the last tip, with the user "opc" we can become root :)

[opc@CDB ~]$ sudo su -
[root@CDB ~]#

[root@a1 ~]# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@a1 ~]# 

Time to have fun!

Follow me: