Oracle Cloud Free Tier – too good to be true?

Cloud-related topics are trendy for many years. There is no escape from that and sooner or later, every dev will need to get familiar at least with the key concepts. Yes, I know there are DevOps teams for that, and I have already heard complaints from developers that the maintenance of infrastructure is not their duty. Even if I somehow agree with that, having a dedicated environment to play in would be awesome.

Why Oracle Cloud?

I always hesitated to provide my payment card to cloud providers. While experimenting, it is not that difficult to make a mistake and eventually, get a huge bill to pay. A few of my colleagues had this kind of experience with AWS but fortunately, charges were moderately low for them (100-200 USD). In terms of the Oracle Cloud… the payment card also has to be provided, so what is the difference then? Oracle provides something called “Always free” resources that we can use without paying. Additionally, once we set up an account, we get 300 USD for experiments with the cloud. To be billed for their services from our own money, we need to explicitly upgrade the account. Without that, after the trial month, it is possible only to set up Always free resources (like VMs, Storage, etc.). I have searched a bunch of forums and devs confirmed it works exactly like that. Cool!

What’s included in the Free Tier?

All details can be found here: Cloud Free Tier | Oracle, but here is the screenshot from that page:

How good is that?

From the description above, we can spawn max 2x AMD-based and Arm-based VMs. We get 200GB of storage and the minimal amount for the machine is 50GB, therefore we can spawn no more than 4 VMs in the Free Tier:

When you create a compute instance, the default boot volume size for the instance is 50 GB, which counts towards your allotment of 200 GB. You can customize the instance’s boot volume size up to 200 GB; however, this will use up your full allotment of storage for Always Free Block Volume resources. Also, because the minimum boot volume size allowed for compute instances is 50 GB, launching four instances will use all your Always Free Block Volume resources. 

Always Free Resources (oracle.com)

While AMD-based machines are not that powerful (1/ OCPU, 1GB RAM, 50Mbps IPv4), Arm-based VMs are great. From the Oracle documentation):

Ampere A1 Compute instances (Arm processor): All tenancies get the first 3,000 OCPU hours and 18,000 GB hours per month for free for VM instances using the VM.Standard.A1.Flex shape, which has an Arm processor. For Always Free tenancies, this is equivalent to 4 OCPUs and 24 GB of memory

Always Free Resources (oracle.com)

It means we can use all of our ARM resources to create a single, powerful VM (with 4 OCPUs, 24GB of RAM, 100 GB of storage, and 4Gbps network bandwidth). For example, I have one powerful ARM VM and 2 weaker AMD-based ones (1GB of RAM and 50GBs of storage). Everything within the Free Tier. Very cool!

It is also possible to reserve a single IP address (very helpful in case we often spawn/terminate machines but do not want to update DNS entries) and create manual backups of our volumes.

What to do with these machines? In every setup, I have installed Docker and a bunch of useful things. You can install Java and deploy your apps. You can create a VPN server. Or just use the server as the WordPress host for your blog (this blog is a perfect example). With docker, setting up WordPress is very quick and it works like a charm. Other ideas? Check that link: awesome-selfhosted/awesome-selfhosted: A list of Free Software network services and web applications which can be hosted on your own servers (github.com). Imagination is your limit 🙂

Ok, I have created an account. What next?

Just create an instance and play around. You can choose either it has to be AMD or ARM, the size of the VM as well as the size of the storage. Pay attention to the “Always Free” badge for the resources that will be created (except arm-based VM that gets free time limits for the CPU and memory). All non-free resources will eventually be deleted after the trial period if you are not willing to pay for them.

IP address reservation

It is good to reserve the IP address and assign it to the machine you want. The Free Tier allows you to reserve one. To do it, just go to the “IP Management” section and reserve the address:

Once you reserve it, just assign that to the machine – go to Compute -> Instances -> Instance details -> Attached VNICs -> VNIC Details -> IPv4 Addresses. Edit the existing IP address:

and then attach the reserved IP to your instance:

Opening TCP ports

If you like to expose a web service, webpage, or just use package managers, you need to open TCP ports for the machine. Open the details of your machine, edit your VNC, and configure Ingress and Engress rules. For me, opening from 22 to 443 (you can open them separately, too) did the job:

[Optional] – Configuring UFW (Uncomplicated Firewall)

For the Ubuntu distro, the UFW is installed by default. In addition to opening specific TCP ports on the UI level, you can also configure UFW on the system level to ensure only selected ports are open.

SSH to the machine and ensure that the firewall is disabled:

sudo ufw disable

You can check the firewall status by

sudo ufw status

and it shall show now:

Status: inactive

OK! Let’s now configure it. First, edit the configuration:

sudo nano /etc/ufw/ufw.conf

and make it start with the system:

ENABLED=yes

Then, let’s reset the configuration, deny incoming traffic, allow outgoing, and allow traffic on SSH (this one for sure!) as well as i.e. HTTP and HTTPS:

sudo ufw reset
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https

Once UFW is configured, enable it (double-check that SSH is open):

sudo ufw enable

The ufw status will show in the above scenario:

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
22 (v6)                    ALLOW       Anywhere (v6)

Creating backups

Once you navigate to the instance and its boot volume, you will be able to create the manual backup of the volume. The Free Tier allows you to create max 5 backups – you will need to delete some before you can create additional ones.

Anything else for the start?

I think it is good to understand how free vs non-free resources work. It looks like free resources get the Always Free badge upon their creation and this will not change. For example, if you used 150GB (from 200 GB) of storage and you create an additional volume of 100GB (so exceeding the limit by 50GB), the newly created volume will not be classified as “Always Free”. Even if you remove old ones (so you fit in the 200GB limit), charges will apply to the new volume. Therefore, before creating VMs, volumes, etc. ensure you have the capacity up-front if you want to remain in the Free Tier. The good point is that you have the 300 USD given to do these kinds of experiments – with detailed reports of what services deducted money from that pool. It allows you to properly set up this small infrastructure for your website or applications.

Another cool thing is that Oracle Cloud has an Android app so you can manage your VMs from your mobile phone:

One disadvantage I noticed is it is not always possible to create ARM instances (the zone I used is Frankfurt, Germany). Once I had to wait a few hours until I successfully created the ARM instance. Somehow, it is not surprising to me 🙂

Last but not least, there is also a thread on this topic on Polish Pepper: (1) Oracle Cloud Free Tier – Darmowe VPSy z IPv4, bazy danych – Pepper.pl.

Free Tier – where is the catch?

So far I am still in the trial period and everything looks promising to me. The UI is simple, machines are pretty fast and stable, the Android app works well – and everything within the Free Tier does not end after i.e. a year (in comparison to other cloud providers). As I already mentioned, to find out more information about the Oracle Cloud and its Free Tier, I have searched different forums and read many opinions. And guess what – they are positive! People were using this tier for months or even years without any “surprises”. To me, this is a great move from Oracle and the way how companies shall promote their products. Have fun!

P.S. If you have already a machine spawned (or any other VPS) and would like to own a blog in a matter of minutes, read my next post – Own a blog in the cloud in less than 5 mins with Docker. Free, fast, and with SSL!.

Update from February 2023

Recently, Oracle Free Tier users (including myself) got an email, that their instances were idle and therefore, they will be stopped within a week. According to docs, “idle” means:

Oracle suggests converting the account to “Pay AS You Go”:

“You can keep idle compute instances from being stopped by converting your account to Pay As You Go (PAYG). With PAYG, you will not be charged as long as your usage for all OCI resources remains within the Always Free limits”

email from OCI

Alternatively, you can try just to make the machine a little busier (not an ideal solution from the environmental perspective, though). For example, you can use the “lookbusy” app to do the job:

curl -L http://www.devin.com/lookbusy/download/lookbusy-1.4.tar.gz -o lookbusy-1.4.tar.gz
tar -xzvf lookbusy-1.4.tar.gz
cd lookbusy-1.4/
./configure
make
sudo make install

Then create a new systemd service to ensure it is running even when the machine restarts:

sudo systemctl edit --full --force lookbusy.service

Edit the configuration (-c for CPU percentage, -m for memory, I defined only 25% of CPU usage):

[Unit]
Description=lookbusy service
 
[Service]
Type=simple
ExecStart=/usr/local/bin/lookbusy -c 25 -m 0MB
Restart=always
RestartSec=10
KillSignal=SIGINT
 
[Install]
WantedBy=multi-user.target

Then start and enable the service:

sudo systemctl enable --now lookbusy.service

Here is my htop after performing above – we can see the instance “busy”:

This also looks good in the OCI admin panel even after some time (April 2023):

You can find more solutions in this helpful blog post: Oracle Cloud Cleaning Up Idle Compute Instances & How to Keep it – Cybersecurity Memo (51sec.org).