Oracle Cloud WireGuard Setup Complete Guide 甲骨文服务器配置指南

1 Oracle Cloud

Oracle Cloud Infrastructure (OCI),甲骨文提供了Always Free 免费云技术服务,优势在于性价比高:

Oracle Cloud is the public cloud designed from the ground up to provide a superior experience for every application. By reimagining core engineering and system design for cloud computing, Oracle has developed innovations that address the challenges customers face with current public clouds. Oracle expedited the migration of existing enterprise workloads, enhance reliability and performance for all applications, and provide the comprehensive services to create innovative cloud applications. 

1. Simplified Migration of Enterprise Workloads
Migrating critical enterprise applications to the cloud can be a daunting task, especially with traditional hyperscale cloud providers that rely on a virtual machine model. Oracle Cloud Infrastructure (OCI) is designed to facilitate this transition by addressing the unique requirements of enterprise applications. Key innovations such as off-box virtualization, custom security chips, non-blocking networks, and RDMA cluster networking enable seamless migration without significant modifications, ensuring optimal performance and availability.

2. Comprehensive Tools for Cloud-Native Applications
OCI not only excels in supporting enterprise applications but also provides a robust environment for building modern cloud-native applications. With a wide array of services, including API management, machine learning, serverless computing, and container orchestration, OCI empowers developers to create resilient and scalable applications efficiently.

3. Autonomous Services for Enhanced Security and Performance
Oracle’s autonomous services automate critical tasks such as patching, performance tuning, and resource scaling, significantly reducing the risk of human error. This automation ensures that applications remain secure and optimized, allowing organizations to focus on innovation rather than maintenance.

4. Strong Support for Hybrid Cloud Strategies
OCI is built to accommodate diverse deployment options, enabling organizations to run entire OCI regions within their data centers or migrate VMware environments to the cloud. The unique interconnection with Microsoft Azure further enhances multicloud capabilities, providing customers with flexibility and control over their cloud strategies.

5. Security by Design
Oracle Cloud prioritizes security by integrating it into the core architecture from the outset. With default secure configurations, automated detection and remediation of vulnerabilities, and built-in security tools at no additional cost, OCI offers a comprehensive security framework that protects applications and data.

6. Competitive Price-Performance Ratio
OCI is designed to deliver superior performance at a competitive price. With consistent global pricing, no hidden costs for essential services, and comprehensive service-level agreements (SLAs), OCI provides organizations with a cost-effective solution for their cloud needs. Additionally, the Cloud Lift program offers free migration support, further reducing the total cost of ownership.

In conclusion, Oracle Cloud Infrastructure stands out as a compelling choice for organizations looking to migrate, modernize, and innovate in the cloud. Its unique features and customer success stories underscore its effectiveness in meeting the demands of modern enterprise workloads. 

1.1 Create account 账户准备

Oracle Cloud Free Tier 免费套餐注册入口

1.1.1 Origin 地区选择
地区

支持多地部署。Allow users to deploy servers in multiple regions through subscription.

比如同时部署美国、日本及新加坡地区的服务器。

1.1.2 完成注册

整个工作流可能最先出现问题的环节就是账户注册,具体解决办法参考这里

1.2 Instant

1.2.1 Creat创建实例

选择Instant——>Create

1.2.2 登入Dashboard控制台

1.3 Oracle Cloud 配置指南

2 Server settings服务器设置

AI Agent

以下内容以Canonical Ubuntu 22.04为例:

2.1 安装必要依赖

sudo -i
apt update
apt upgrade
apt install iptables
sudo apt install wireguard

2.2 防火墙配置

2.2.1 Oracle网络安全配置

Instance ——> Primary VNIC ——> Subnet ——> Security Lists ——> Ingress Rules:

配置UDP的端口范围

2.2.2 服务器后端配置

Oracle默认创建的Instance会启用ufw及nftable,由于WG使用iptable配置规则,为避免网络配置冲突,需要进行以下调整:

sudo ufw status
sudo ufw disable

sudo nft list ruleset
sudo systemctl stop nftables
sudo systemctl disable nftables
sudo nft flush ruleset

2.3 WG 配置

2.3.1 检查当前服务器网络环境
ifconfig

记录第一行的网络信息名称,比如:enp0s6

创建配置文件

sudo vi /etc/wireguard/wg0.conf
2.3.2 配置文件详细设定

服务器及客户端配置,详见配置文件资料

Oracle WireGuard Conf 配置文件 资料

3 Trouble Shooting 常见问题

3.1 如何彻底删除Instance

先将关联的资源进行关闭或删除操作后,再提交实例的关闭。

3.2 如何镜像Instance备份

在完成基础配置的Instance界面选择Custom Image进行镜像创建,完成后即可通过镜像创建新的Instance。

3.3 无法注册Oracle Cloud,总在最后一步提示失败

更换网络环境或浏览器后进行多次尝试。

3.4 如何搭载Cloudflare网络

具体操作步骤参考以下文章:

Cloudflare WARP Zero-Trust如何开通、部署及使用1.1.1.1

3.5 是否支持访问ChatGPT

不可以。错误提示与AWS服务器基本一致,属于被拦截ISP(Disallowed ISP)。

但采用Cloudflare转化后的网络可以被OpenAI识别为允许的ISP。具体请参考我们的专题:

《Cloudflare WARP Zero-Trust如何开通、部署及使用1.1.1.1》

3.6 服务器更新导致网络服务重置

在sudo apt update之后,部分更新触发nftable防火墙重置,可以在更新后添加自动脚本处理:

After sudo apt update, some updates trigger the reset of the nftable firewall. You can add an automatic script to handle it after the update.

sudo wg-quick down wg0 && sudo nft flush ruleset && sudo systemctl stop nftables && sudo systemctl disable nftables && sudo nft list ruleset && sudo echo sudo wg-quick up wg0

Free AI Research Guidebook:

AI Agent Complete Guidebook help gear you up人工智能助手指南

Shopping Cart
Scroll to Top