Teaching How to Provision Oracle Integration Cloud (OIC) with Cloud Stack and Terraform

We have covered multiple blogs on how to use Terraform to help automate the provisioning of environments and treat your Infrastructure as Code. Until now, for PaaS stacks, we have used Terraform together with Oracle PaaS Service Manager (PSM) CLI. This gives us great flexibility to script our own tailored PaaS stacks the way we want them. However, with flexibility comes responsibility, and in this case, if we choose to use PSM CLI, it’s up to us to script the whole provisioning/decommission of components that make up the stack. As well as what to do if we encounter an error half-way through, so that we leave things consistently.

A simpler way to provision PaaS stacks is by making use of Oracle Cloud Stack, that treats all components of the stack as a single unit, where all sub-components are provisioned/decommissioned transparently for us. For example, Oracle Integration Cloud (OIC) stack, is made of Oracle DB Cloud Service (DBCS), Integration Cloud Service (ICS), Process Cloud Service (PCS), Visual Builder Cloud Service (VBCS), IaaS, storage, network, etc. If we use Oracle Cloud Stack to provision an environment, we only have to pass a YAML template with the configuration of the whole stack and then, Cloud Stack handles the rest. Pretty awesome huh?

Similarly, as we have done in the past, we are going to use a “Build Server”. This will be used as a platform to help us provision our PaaS stacks. When provisioning this “Build Server”, I will add all the tooling it requires as part of its bootstrap process. For this, I am using Vagrant + Terraform, so that I can also treat my “Build Server” as “infrastructure as code” and I can easily get rid of it, after I built my target PaaS stack.

This is a graphical view of what I will be doing in this blog to provision an OIC stack via Cloud Stack:

Before we start

In this blog I assume that:

  • It is advisable that you are familiar with Vagrant. If not, it will take you 5-very-well-spent minutes. Click here.
  • I also encourage you to read the previous blogs, which I am building on top.
  • You already have an Oracle Cloud account. In case you don’t, request a free trial: https://cloud.oracle.com/tryit

Create your Build Server:

For this exercise, I am going to use the Vagrant Box that I made available in my devops Git repo. Also, in order to get it in the first place, I assume that you have already Git installed on your Host OS.

To create the build server in the first place:

  • Clone my devops repository:

    git clone https://github.com/solutionsanz/devops.git

  • Move into the buildServer directory:

    cd devops/buildServer

  • Now, start your vagrant box:

    vagrant up

    Note: Give it some time the first time. It will download the Box and install all dependencies. Subsequent times will be much faster.


  • Once it finishes, as per the bootstrap process, your Vagrant VM is going to come with Git and Terraform ready to go.
  • Vagrant ssh into it.

    vagrant ssh

  • Once in your guest VM, move to /vagrant

    cd /vagrant

  • Create a folder called ssh and bring your SSH private and public keys. Call them: “myPublic_sshKey.pub” and “myPrivate_sshKey” (or adjust accordingly at variables.tf)
  • Rename/Copy “terraform.tfvars_sample” to “terraform.tfvars“,

cp terraform.tfvars_sample terraform.tfvars

  • Open “terraform.tfvars” and set your variables, depending on where you want to deploy your “Build Server”.

    Note: Have a look at this blog if you need assistance to know how to configure your VM image (i.e. I use Ubuntu, but you can use whatever you want).

  • Rename/Copy “scripts/psm_config/psm_setup_config.json_sample” to “scripts/psm_config/psm_setup_config.json” (or adjust accordingly at terraform.tfvars)

    cp scripts/psm_config/psm_setup_config.json_sample scripts/psm_config/psm_setup_config.json

  • Open “scripts/psm_config/psm_setup_config.json” and set your variables, depending on where you want to target your PaaS services.

  • That’s it, now simply apply the Terraform plan to build your Build Server into the Oracle Cloud:

    terraform apply

  • Validate the Terraform plan and if all is right, accept by typing yes + enter


  • Terraform is going to start building the storage, network, security rules and ultimately the Build Server compute VM instance. You can keep track of the progress by looking at the console output or by browsing through the various Compute consoles tab in your browser. It will take like a minute or two. Once it finishes, it will show you in green the Public IP Address for your Build Server.

  • Your Build Server is ready to go. It comes out-of-the box with:
    • Terraform
    • PSM CLI (fully setup, pointing to your target Oracle Public Cloud account as indicated in the psm_setup_config.json file)
    • Python3
    • Pip
    • Git
    • Etc.
  • Since you used your public key to create the VM, now you can ssh into it using your private key.

    ssh -i myPrivateKey ubuntu@IP_ADDRESS


  • Congratulations, your Build Server is ready. Now we can create any type of Oracle PaaS you need. For example, in this case, let’s build a new Oracle Integration Cloud environment.

Let’s provision Oracle Integration Cloud (OIC) stack with Cloud Stack and Terraform

Once that you have created your Build Server and have ssh into it, let’s provision a new PaaS environment such as Oracle Integration Cloud (OIC)

  • In your new Build Server, choose a folder to once again git clone my devops repo.

    git clone https://github.com/solutionsanz/devops.git

    Note: Previously we Git cloned devops repo in a Vagrant Box locally on your laptop, this time we are doing it inside the new Build Server VM that we just provisioned.

  • This time go into the provisionPaaS directory:

    cd devops/ provisionPaaS

  • Create a folder called ssh and bring your public SSH key. Call it: “myPublic_sshKey.pub
  • Rename/Copy “terraform.tfvars_sample” to “terraform.tfvars“,

cp terraform.tfvars_sample terraform.tfvars

  • Open “terraform.tfvars” and set your variables, depending on where you want to deploy your OIC environment.
  • Now, inside the templates folder, you will find sample YAML files that will ultimately configure your new PaaS stack. In this case, for OIC, we are going to use “ProdCastleOIC-template.yaml“. Although I tried to parameterise with @XXX@ notations all those values that are more likely to change, I still encourage you to have a good look at the different configuration settings and make sure that they match your requirements. Especially in terms of region, api, shapes, editions, sizes, feature set, versions, etc. In my case I used Chicago DC in US.

    For OIC, these are the 2 files that you want to look at:

    • ProdCastleOIC-template.yaml: This template contains the configuration for all the OIC sub components, e.g. DBCS and IC configurations. Have a look at all default values and make sure all parameters are set properly. Theses values are automatically replaced at runtime by using the values provided in your terraform.tfvars file. These values are passed by terraform main.tf file.
    • ProdCastleOIC-destroy.json: This template contains the OIC configuration to be applied when destroying/decommissioning the OIC stack. Similarly, as with the previous configuration file, the values are automatically replaced at runtime by using the values provided in your terraform.tfvars file. These variables are passed by terraform main.tf file.
  • Once you feel comfortable with your stack template, go to the top provisionPaaS directory and run terraform init to download and configure the providers being used i.e. opc and null:

    terraform init

  • Then apply the Terraform plan:

    terraform apply

    Review and accept the changes by typing yes + enter

  • First, it is going to create the required stack pre-requisites, such as Object storage, network configuration, DB, etc… But we don’t have to know about it, all is handled transparently by Cloud Stack. Yes, I know, it is awesome!!!
  • After a little while, your new OIC stack (or any other stack you chose to provision) will be ready to go with all its dependencies:

  • If you want to get rid of it, simply do a terraform destroy from your Build Server and it will go as a single unit.

Feel free to go to Oracle Cloud Stack console and browse across lots of PaaS stacks templates that Oracle maintains up to date and makes available for us to provision via the browser or automate like what we did with Terraform in this blog. There are templates for both Autonomous and Non-autonomous stacks.

For example:

Congratulations!!! You have enough to start provisioning your own OIC stacks or bring your own Cloud Stack template to provision any other PaaS stack (autonomous or not).

I will keep publishing more blogs as I keep adding templates for other stacks, e.g. API Platform, OMCe, DIPC, Visual Builder, etc. So, you better stay tuned!

I hope you found this blog useful. If you have any question or comment, feel free to contact me directly at https://www.linkedin.com/in/citurria/

Thanks for your time.

Author: Carlos Rodriguez Iturria

I am extremely passionate about people, technology and the most effective ways to connect the two by sharing my knowledge and experience. Working collaboratively with customers and partners inspires and excites me, especially when the outcome is noticeable valuable to a business and results in true innovation. I enjoy learning and teaching, as I recognise that this is a critical aspect of remaining at the forefront of technology in the modern era. Over the past 10+ years, I have developed and defined solutions that are reliable, secure and scalable, working closely with a diverse range of stakeholders. I enjoy leading engagements and am very active in the technical communities – both internal and external. I have stood out as a noticeable mentor running technology events across major cities in Australia and New Zealand, including various technology areas such as, Enterprise Integrations, API Management, Cloud Integration, IaaS and PaaS adoption, DevOps, Continuous Integration, Continuous Automation among others. In recent years, I have shaped my role and directed my capabilities towards educating and architecting benefits for customers using Oracle and AWS Cloud technologies. I get especially excited when I am able to position both as a way to exceed my customers’ expectations. I hold a bachelor degree in Computer Science and certifications in Oracle and AWS Solutions Architecture.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s