Installing Debian on an Oracle Cloud Free Tier VPS

Introduction

According to Oracle Cloud Free Tier → Product → Compute, two architectures are available:

• AMD. You can create no more than 2 instances, each having 1 GB RAM.
• Arm a.k.a. Ampere instances. For these, you have 3000 OCPU hours and 18000 GB hours of RAM per month. When used continuously, i.e. during the whole month, that means you can have no more than 4 VMs for free. Important: to be able to connect to these Arm instances, you will have to make some simple changes to your OS image - see below.

You also get a total of 200 GB of storage that you share for everything, from boot volumes for your VMs, to storage, backups and your custom OS images. And because each VMs uses minimum ~47 GB, that also means you can't have more than 4 free VMs total.

Debian Images

1. Go to cdimage.debian.org/cdimage/cloud and download a qcow2 image for your architecture: arm64 for Arm and amd64 for AMD.

   • Debian 10: cdimage.debian.org/cdimage/cloud/buster/latest
   • Debian 11: cdimage.debian.org/cdimage/cloud/bullseye/latest
   • Debian 12: cdimage.debian.org/cdimage/cloud/bookworm/latest

   (Back in 2021 and for AMD I used debian-10-generic-amd64-20210208-542.qcow2, although I got a comment from someone who has had success with the debian-10-genericcloud-amd64-20211011-792.qcow2 version. Now you can use debian-12-genericcloud-amd64.qcow2 for AMD.)

   Choosing between generic and genericcloud:

   The cloud kernel omits modules that are unlikely to be useful in a cloud environment. (…) But if you're worried and don't want to mess with it, generic is a more conservative choice.

   As for Generic vs Genericcloud, indeed, what changes is the kernel. The idea behind the Generic image is that the image can be used with Ironic, on baremetal hardware, where the Genericcloud may not.

2. Upload the image file to object storage (create a new bucket if needed). If using the Archive Storage Tier, after the file has finished uploading and became an object in the bucket, restore it for 24 hours – or else you'll be getting The PAR/object provided for image import is in archived state. Please restore it and try importing again if you try to create a Custom Image using a file that's archived. My advice is to restore for 24 hours because restoring takes long, and if you choose 24 hours, you have room to return to this the next day while the file is still there.

3. Create an OCI Custom Image from your bucket object. Go to Custom Images, click Import Image and choose Import from an Object Storage bucket. Select the bucket where you uploaded the image, and then select the image. The image type is QCOW2 and I kept Paravirtualized mode.

4. The new image should appear on the Custom Images page. Wait for it to complete importing. Then go to Custom image details and under Edit details select the free tier shapes: VM.Standard.E2.1.Micro for AMD and VM.Standard.A1.Flex for Arm; you can deselect other shapes. 4.1. Arm-specific note: on the same Custom image details page click Edit image capabilities and set the following:

   • Firmware = UEFI_64 checked and selected as preferred; BIOS deselected
   • Launch mode = CUSTOM checked and selected as preferred; everything else deselected
   • Consistent volume naming = Disabled

   Otherwise you won't be able to connect to your Arm VMs.

5. Create an OCI VM instance, under Placement and hardware choose the image you have just created

6. Define your SSH keys, or make sure to save the auto generated ones

7. Start the instance if not started automatically

8. Connect using ssh -i /path/to/private/key -p 22 debian@ip If you changed the SSH port during install, see amending OCI firewall rules. Important: debian is the username to log in with, and as always, you can elevate to root using sudo su -.

Lastly, if you can't connect to your newly created instance - it doesn't respond to ping and SSH times out - make sure you created the necessary ingress rules and the Internet gateway exists. See this Stackoverflow answer for more info: racle Cloud Instance connectivity issue.

In short:

1. Go to Virtual Cloud Networks list and open the VCN you're using for your free VPS

2. Once inside the Virtual Cloud Network Details, go to Internet Gateways tab. There should be at least one. Otherwise click Create Internet Gateway and in the blade/popup that slides from the left, just give your new gateway a name. Do not make any Route Table Association under Advanced options.

3. Go to the Virtual Cloud Network Details → Route Tables tab that is neighbouring to the Internet Gateways. Make sure you have at least one, in my case the default is named Default Route Table for my-VCN-name. Inside, the Route Rules for that table should be:

   • Destination = 0.0.0.0/0
   • Target Type = Internet Gateway
   • Target = (the Internet Gateway we created above)
   • Route Type = Static

4. Finally, under the Virtual Cloud Network Details → Subnets tab (located again under the same level as Internet Gateways and Route Tables) and open the subnet you should already have there. Then under Security Lists open the one that's already there. Edit the Ingress Rules (incoming traffic) and Egress Rules (outgoing traffic).

   • A normal ingress rule in my case has Stateless = No, Source = 0.0.0.0/0, IP Protocol = TCP, Source Port Range = All and Port = (whatever port you need to allow access to, e.g. 22 for SSH or 80,443 for HTTP)
   • A one size fits all egress rule in my case is the same as above, except IP Protocol = All Protocols and no ports defined at all, thus allowing all outgoing traffic

Reboot the VPS after making the above changes.

Sources:

• reddit.com/r/debian/comments/jayys3/what_happened_with_the_debian_images_for_oracle
• Re: Difference between Debian cloud images: openstack/generic/genericcloud by Ross Vandegrift and Re: Difference between Debian cloud images: openstack/generic/genericcloud by Thomas Goirand
• reddit.com/r/oraclecloud/comments/rxjpil/debian_byoi_on_ampere_a1_shapes_help_needed