Installing on Oracle OCI

Overview

Oracle Cloud Infrastructure Compute Service is Oracle Cloud Infrastructure's (OCI) virtual machine (VM) and compute offering. It provides flexible, scalable, and high-performance computing resources for running applications, databases, and workloads in the cloud.

Key features of OCI Compute include the following:

• Virtual machines (VMs) and “bare metal”: Choose between virtualized environments or dedicated physical servers.

• Scalability and auto-scaling: Automatically adjust resources based on demand.

• Multiple OS options: Supports Oracle Linux, Windows, Ubuntu, CentOS, and more.

• High availability and fault domains: Ensures uptime with redundancy.

• Security and networking: Integrates with OCI Virtual Cloud Networks (VCNs) for secure and isolated environments.

Use cases of OCI Compute include the following:

• Cloud file storage: Store and access files across global teams.

• Data archiving and backup: Use OCI Object Storage for scalable, cost-effective data retention.

• Hybrid and multi-cloud environments: Extend on-premises storage into OCI without re-architecting applications.

Considerations include the following:

• Most modern OCI compute shapes support UEFI 64-bit operating systems. This includes:

  • Flexible VM shapes such as VM.Standard.E5.Flex, VM.Standard.E6.Flex, and VM.Standard.A1.Flex.

  • Bare Metal Standard shapes such as BM.Standard3, BM.Standard.E4, and BM.Standard.E5.

  • VM Standard shapes such as VM.Standard1, VM.Standard2, and VM.Standard3.Flex.

These shapes (known as Instance Type) automatically use UEFI firmware when instances are launched.
You can specify the firmware type using the --extended-metadata flags during instance launch. However, by default, UEFI is used for most newer shapes. Older shapes, such as VM.Standard1 or certain custom shapes, might default to BIOS instead.

Nasuni OCI Deployment Sizing Guidelines

Nasuni provides flexible deployment sizing to meet performance and scalability requirements while optimizing for cost and efficiency. For details, see Installing Edge Appliance on KVM.

Tip: For OCI Compute Shapes recommendation, see Compute Shapes.

OCI IAM Policies and Permissions

In OCI, access control is managed through Identity and Access Management (IAM) policies. These policies define who can perform what actions on which resources and where (tenancy or compartment).

There are two primary levels at which permissions can be applied:

• Tenancy-Level Policies
  These policies apply across the entire tenancy, granting access to all compartments and resources within it. While this approach simplifies management, it also increases the scope of access, potentially exposing more resources than necessary.

• Compartment-Level Policies
  These policies restrict access to specific compartments and their contained resources. This approach aligns with the principle of least privilege, limiting user permissions to only what is needed for their role or workload. It also provides better isolation and reduces the risk of unintended access.

Nasuni Recommendation
Nasuni strongly recommends applying IAM policies at the compartment level wherever possible. This ensures minimal exposure, tighter security boundaries, and greater control over resource access. Tenancy-level policies should only be used when absolutely required for global administrative or operational needs.

Important Prerequisites

These prerequisites are necessary before deploying a Nasuni Instance within the OCI Compute service:

• General knowledge of the following OCI components is helpful: compartments, VCNs, security rules, compute, block storage, and object storage is needed. For details, see "Tutorial: Launching Your First Instance".

• OCI CLI installed and configured. This is required if you are planning to deploy Nasuni via OCI CLI. For details, see Installing the CLI.

• Before you begin, ensure that the required infrastructure components are set up and that you have all the necessary information readily available.

  • Make sure you understand the OCI S3 Compatibility API. For details, see Object Storage Amazon S3 Compatibility API

  • A Virtual Cloud Network (VCN) configured. For details, see Create and Configure a Virtual Cloud Network.

  • A Subnet in the VCN to use with the Nasuni instances. For details, see Creating a Subnet.

  • Make sure the following ports are open in the Subnet or VCN (the required ports are 443, 8443). For details, see Security Lists.

  • Other ports that might need to be opened depending on protocols used with Nasuni. For details, see Firewall and Port Requirements.

  • Subnet OCID. For details, see Getting a Subnet's Details.

  • Generating SSH Keys. For details, see Managing Key Pairs on Linux Instances.

  • Compartment OCID. For details, see Finding the OCID of a Compartment.

Tip: If you do not have the required permissions to configure the necessary network infrastructure (such as VCNs, subnets, or security rules), ensure that someone with the appropriate access sets them up for you and provides the corresponding OCIDs.

Deployment Prerequisites  

You are expected to complete a list of prerequisite tasks to successfully deploy a Nasuni Instance within the OCI Compute service. Nasuni supports deployment using both Web UI and OCI CLI.

Downloading the compatible KVM image

Download the latest supported KVM GA release image for OCI compute deployment. For details, see Using Nasuni Portal to download software.

Creating Nasuni bucket

This procedure uses the Web UI. To use the OCI CLI, see "Nasuni image import and instance creation using OCI CLI".

Create a bucket for the custom image by following these steps:

1. Navigate to OCI Object Storage and Archive. Ensure that you are in the right Compartment.
   

2. To create a new bucket for the image, click Create bucket.

3. On the Create bucket page, provide a Bucket Name.

   

4. Click Create bucket.

5. Click the newly created bucket and, on the Objects page, click ‘Upload objects’.
   
   For details, see Creating an Object Storage Bucket.

6. On the Upload objects page, provide the Object name prefix, use the default Standard as the Storage tier, and select the image to upload.
   

7. Click Next, then click ‘Upload objects’.

   Note: System administrators typically set a 5-minute console timeout. To avoid timeout issues, import the image using the OCI CLI instead.

Importing the Nasuni image to target bucket

Import the Nasuni custom image by following these steps:

1. Navigate to Compute and click Custom Image.

2. Click the import image and specify the following:

   1. Name of the image to import.

   2. Operating System: leave as the default.

   3. Bucket where the custom image is to be stored.

   4. From the Object name drop-down list, select the image to import.

   5. For Image type, select QCOW2.

   6. For Launch mode, select Paravirtualized.

   

3. Click Import image.

Checking the Nasuni custom image

Check custom image attributes by following these steps:

1. Navigate to Compute.

2. Click Custom images.

3. Click the target custom image.

4. In Custom images, navigate to the “Actions” drop-down menu and click “Edit image capabilities”.

Tip: Default firmware is set to BIOS when an image is imported. Failure to set the correct firmware attribute would result in the Nasuni instance to fail to instantiate.

Tip: Make sure that Firmware is set to: - Firmware: UEFI_64

Tip: You can also check under Image capabilities to confirm that Firmware is set correctly.

Creating block volumes

This procedure uses the Web UI. To use the OCI CLI, see Creating block volumes.

Create block volumes by following these steps:

1. Navigate to Storage.

2. Click Block Volumes.

3. For both COW and Cache disks, click Create block volume.
   For sizing details, see Installing Edge Appliance on KVM.

   Tip: The Nasuni Management Console only requires the  Cache volume.

Deploying Nasuni using Web UI

Ensure that the customer prerequisites are complete before deploying Nasuni.

To deploy Nasuni using Web UI, follow these steps:

1. Navigate to Compute service.

2. Click Create instance.

3. In “Image and shape”, select the Nasuni custom image and select a supported Shape.

4. In Security, the Shielded instance option is supported and recommended.

5. In Networking, select the target virtual cloud network and public subnet.

Tip: To create a new Virtual Cloud Network, see Creating a VCN for more information.
To create a new Public Subnet, see Creating a Subnet for more information.

6. For “Primary VNIC IP addresses”, you can leave “Automatically assign private IPv4 address“ as the default.
   Alternatively, you can manually assign a new private IPv4 address.

Tip: When manually assigning private IPv4 address, refer to your existing subnet ranges to avoid conflict and overlapping IP Addresses.

7. For “Add SSH keys”, you can either generate a new key pair, or use an existing key pair and click Next.

8. When you click Create, this automatically starts the Instance. Therefore, make sure that you have completed the block volume prerequisite above. Otherwise, the Nasuni Edge Appliance fails to instantiate because it cannot provision the Cache.
   Then click Create.  

9. Immediately after creating the instance, click the instance that you have created and then, under Resources, click “Attached block volumes”.

10. In “Attached block volumes”, click “Attach block volume”.

11. In Volume, select the Cache block volume.

12. Repeat Step 11 for the COW block volume.

    Tip: Only the Cache block volume is required for the Nasuni Management Console instance.

Deploying Nasuni using the OCI CLI

OCI CLI Schema

The following provides a high level OCI CLI Schema for OCI CLI deployment.

Tip: For a comprehensive OCI CLI deployment, follow the detailed instructions from "Appendix C: Creating Customer secret keys via OCI CLI" onwards.

Create Block Volume Script

oci bv volume create \

   --compartment-id <Compartment_Id> \

   --availability-domain "Availability_Domain" \

   --size-in-gbs <size> \

   --display-name "Cache_Disk_Name"

oci bv volume create \

   --compartment-id <Compartment_Id> \

   --availability-domain "Availability_Domain" \

   --size-in-gbs <size> \

   --display-name "Cow_Disk_Name"

Compute Instance Launch Script

oci compute instance launch \

   --compartment-id <Compartment_Id>\

   --availability-domain "<Availability_Domain>" \

   --shape "<Shape_Name>" \

   --subnet-id <Subnet_Id> \

   --image-id <Image_Id> \

   --display-name "Instance_Name" \

   --assign-public-ip true \

   --metadata '{"ssh_authorized_keys": "ssh-rsa_key” \

   --shape-config '{

       "memory-in-gbs": 16,

       "ocpus": 8.0

   }' \

--extended-metadata '{"firmware": "UEFI_64"}'

Important: The following is the most important attribute when deploying Nasuni in OCI via CLI. Without this metadata, the VM fails to instantiate:

--extended-metadata '{"firmware": "UEFI_64"}'

Attach Block Volume Script

oci compute volume-attachment attach \

   --instance-id <New_Instance_Id> \

   --volume-id <Cache_Disk_Id> \

   --type paravirtualized

oci compute volume-attachment attach \

   --instance-id <New_Instance_Id>  \

   --volume-id <Cow_Disk_Id> \

Deployment workflow  

To deploy Nasuni using the CLI scripts, perform the following steps:

1. Run the Create Block Volume Script.
   After the block volume is created, make a note of the block volume instance id because you need this in step 3.

2. Run the Compute Instance Launch Script.
   Immediately after running the Compute Instance Launch Script, run the Attach Block Volume Script to attach both Cache and COW block volumes, because this is required to successfully deploy the Nasuni Edge Appliance.

3. Run the Attach Block Volume Script.

   Tip: The Nasuni Management Console only requires the Cache volume.

Post-deployment checks and troubleshooting

If you experience any issues accessing the Nasuni Edge Appliance or the Nasuni Management Console, verify your Virtual Cloud Network (VCN) configuration to ensure that the appropriate firewall rules are in place. The screenshot shown below is provided as an example. Customers should review their own firewall rule configurations carefully to ensure that only trusted sources are safelisted to maintain a secure environment.

Appendices

Appendix A: Using Nasuni Portal to download software for Oracle OCI installation

1. Log in to Nasuni Portal.
   

2. Click Setup, then click Installs.
   

3. On the Installs page, follow these steps:

   1. In the Nasuni Edge area, click Universal.
      

   2. On the side panel that appears, click QCOW2.
      

      Tip: For Oracle Cloud Infrastructure, Nasuni recommends using the latest GA release KVM image build ‘QCOW2‘.

4. To install the Nasuni Management Console (NMC), on the Installs page, follow these steps:

   1. In the Nasuni Management Console (NMC) area, click Universal.

   2. On the side panel that appears, click QCOW2.

      Tip: For Oracle Cloud Infrastructure, Nasuni recommends using the latest GA release KVM image build ‘QCOW2‘.

Tip: To import the image to an OCI Object Storage bucket, see Importing Nasuni image to target bucket section.

Appendix B: Creating Customer secret keys required for configuring the target object storage in Nasuni

Note: Customer secret keys are located in Identity→ Domains → <Domain Name> → User Management → <User Name> ‘Profile’ under ‘Tokens and keys‘.

1. In “Identity & Security”, navigate to the ‘Tokens and keys’ tab.

2. Navigate to Customer secret keys and click ‘Generate secret key’.

3. Provide a Name for the customer secret key  and click ‘Generate secret key’.

Tip: Save the secret in a secure location where you can access it later, because it is required for configuring Cloud Credentials in the Nasuni Management Console and/or on the Nasuni Edge Appliance.

Appendix C: Creating Customer secret keys via OCI CLI

In the following examples provided, variables are used to make commands easier to reuse and maintain throughout the deployment of Nasuni instances in OCI Compute service.

To obtain the Nasuni user OCID:

$ oci iam user list --query "data[?\"name\" == '<user name>'].[id]"

Example:
$ oci iam user list --query "data[?\"name\" == 'nasuni-user'].[id]"
[
"ocid1.user.oc1..aaaaaaaa1aaaaaaaaaaa1aa11hhhg1zxqlcoaepthdwzwpjqfgtc111aaaaa
<--- USE THIS OCID FOR CREATING SECRET KEY
". ]
[
]

To create the secret key for the Nasuni user

$ oci iam customer-secret-key create --user-id <user ocid> --display-name
<display name>

Example:
oci iam customer-secret-key create --user-id
ocid1.user.oc1..aaaaaaaa1aaaaaaaaaaa1aa11hhhg1zxqlcoaepthdwzwpjqfgtc111aaaaa
--display-name nasuni-key
"data": {
"access-key": "aa11a1aa1a1a1111aa1e1111111111d11a111a11",
<--- COPY THIS ACCESS KEY, YOU WILL NEED IT FOR THE NASUNI "CLOUD
CREDENTIALS"
"display-name": "nasuni-key",
"id":
"ocid1.customersecretkey.oc1...aaaaaaaa1aaaaaaaaaaa1aa11hhhg1zxqlcoaepthdwzwp
jqfgtc111aaaaa",
"inactive-state": null,
"key":
"AaAAAAaaaaaA1A1AaAjbsZAN1AAAAaaaL+1aaAaaaAA=", <---
COPY THIS SECRET KEY, YOU WILL NEED IT FOR THE NASUNI"CLOUD CREDENTIALS"
"lifecycle-state": "ACTIVE",
"time-created": "2025-10-20T14:56:00.000000+00:00",
"time-expires": null,
"user-id":
"ocid1.user.oc1..aaaaaaaa1aaaaaaaaaaa1aa11hhhg1zxqlcoaepthdwzwpjqfgtc111aaaaa
"
},
"etag": "1a1a111a1aa3541bc58a33f0b423c3080ae6c21e96e27c6d2dc111c1aa111111"
}

ChatGPT said:

Set an environment variable for the compartment OCID:
$ export COMP_ID="<compartment ocid>"

Example:
$ export
1ktwea1aaaaaaa"
COMP_ID="ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezl

Creating a bucket

$ oci os bucket create --name <bucket name> --compartment-id <compartment
name>

Example:
$ oci os bucket create --name MyBucketName --compartment-id $COMP_ID

Uploading Nasuni images into a bucket

$ oci os object put --bucket-name <bucket name> --file <Nasuni image file
name>

Tip: Run this command for each Nasuni image

Appendix E: Importing Nasuni images from the object storage bucket to create custom images

Run the following for each Nasuni image to import Nasuni images from the object storage bucket to create custom images:

Import the Nasuni image from the bucket:
$ oci compute image import from-object \
--compartment-id <compartment ocid> \
--namespace <tenancy object namespace name> \
--bucket-name <bucket name> \
--name <name of Nasuni image uploaded to bucket> \
--display-name <display name> \
--source-image-type QCOW2 \
--launch-mode PARAVIRTUALIZED

Appendix F: Retrieving the image ocid and setting the image ocid as an environmental variable

$ oci compute image list --display-name <display name> --compartment-id
<compartment ocid> --query "data[*]".{"id:\"id\""}
Export a separate variable for each Nasuni image created:
$ export NMC_IMAGE_ID="<image ocid>"
$ export EDGE_IMAGE_ID="<image ocid>"

Example:
$ oci compute image list --display-name nasuni-mgmt-console --compartment-id
$COMP_ID --query "data[*]".{"id:\"id\""}
[
{
"id":
"ocid1.image.oc1.iad.aaaaaaa1aa1aaaaa1aaaaaaaaaaaaaaaaaaaaaaaa11a1aaaaaaa11a"
<--THIS IS THE ID STRING TO EXPORT
}
]
$ export
NMC_IMAGE_ID="ocid1.image.oc1.iad.aaaaaaa1aa1aaaaa1aaaaaaaaaaaaaaaaaaaaaaaa11
a1aaaaaaa11a"
$ oci compute image list --display-name nasuni-edge --compartment-id $COMP_ID
--query "data[*]".{"id:\"id\""}
[
{
"id":
"ocid1.image.oc1.iad.aaaaaaa2aa2aaaaa2aaaaaaaaaaaaaaaaaaaaaaaa22a2aaaaaaa22a"
<--THIS IS THE ID STRING TO EXPORT
}
]
$ export
EDGE_IMAGE_ID="ocid1.image.oc1.iad.aaaaaaa2aa2aaaaa2aaaaaaaaaaaaaaaaaaaaaaaa2
2a2aaaaaaa22a"

Appendix G: Getting the image schema and setting the OCID and version as a variable

$ oci compute global-image-capability-schema list --all
oci compute global-image-capability-schema-version get \
--global-image-capability-schema-id <schema ocid> \
--global-image-capability-schema-version-name <schema version name>

Example:
{
$ oci compute global-image-capability-schema list --all
"data": [
{
"compartment-id": null,
"current-version-name": "515412e5-695c-4d22-866f-a1123b1023c4", <--USE
THIS VERSION NAME
"defined-tags": {},
"display-name": "OCI.ComputeGlobalImageCapabilitySchema",
"freeform-tags": {},
"id":
"ocid1.computeglobalimgcapschema.oc1.iad.aaaaaaaa123aaaa45uhrg11h1gcn1xs11aaa
aaaaaaaa11aaaaaa1a1a11a", <---USE THIS OCID
"time-created": "2020-03-25T21:06:47.185000+00:00"
}
]
}
$ export
SCHEMA_ID="ocid1.computeglobalimgcapschema.oc1.iad.aaaaaaaa123aaaa45uhrg11h1g
cn1xs11aaaaaaaaaaa11aaaaaa1a1a11a"
$ export SCHEMA_VERS="515412e5-695c-4d22-866f-a1123b1023c4"

Appendix H: Creating a json file so UEFI_64 is the default firmware

Below is an example of what this looks like.

{
"Compute.Firmware": {
"default-value": "UEFI_64",
"descriptor-type": "enumstring",
"source": "GLOBAL",
"values": [
"UEFI_64"]
}
}

Appendix I: Creating an image-capability-schema for the custom image

$ oci compute image-capability-schema create \
--compartment-id <COMPARTMENT_ID> \
--image-id <IMAGE_ID> \
--global-image-capability-schema-version-name <VERSION_NAME> \
--schema-data=file:// <SCHEMA_DATA_FILE>.json

Example:
$ oci compute image-capability-schema create \
--compartment-id $COMP_ID \
--image-id $EDGE_IMAGE_ID \
--global-image-capability-schema-version-name $SCHEMA_VERS \
--schema-data=file://schema.json
{
"data": {
"compartment-id": "ocid1.tenancy.oc1..aaaa...",
"compute-global-image-capability-schema-id":
"ocid1.computeglobalimgcapschema.oc1.iad.aaaa...",
"compute-global-image-capability-schema-version-name": "515412e1-691c-
4d22-866f-a1123b1023c4",
"defined-tags": {},
"display-name": "computeimgcapschema20251017173046",
"freeform-tags": {},
"id": "ocid1.computeimgcapschema.oc1.iad.aaaa...",
"image-id": "ocid1.image.oc1.iad.aaaa...",
"schema-data": {
"Compute.Firmware": {
"default-value": "UEFI_64",
"descriptor-type": "enumstring",
"source": "IMAGE",
"values": [
"UEFI_64"
]
}
},
"time-created": "2025-10-17T17:30:46.988000+00:00"
},
"etag": "4e5e995f4bf3541bc58a33f0b423c3080ae6c21e96e27c6d2dc627c8cb549698"
}

Tip: Repeat this process for the $NMC_IMAGE_ID.

Appendix J: Verifying the schema

$ oci compute image-capability-schema list --image-id $EDGE_IMAGE_ID

Example output
{
"data": [
{
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa",
"compute-global-image-capability-schema-version-name": "515412e5-695c-
4d22-866f-e8823f5049c5",
"defined-tags": {},
"display-name": "computeimgcapschema20251017173046",
"freeform-tags": {},
"id":
"ocid1.computeimgcapschema.oc1.iad.aaaaaaaa1aaih1h1cx1igurwrkzzdv1doydlt1a1aa
aaa1aaaaaaaaaaa11a",
"image-id":
"ocid1.image.oc1.iad.aaaaaaa1aa1aaaaa1aaaaaaaaaaaaaaaaaaaaaaaa11a1aaaaaaa11a"
,
"schema-data": {
"Compute.AMD_SecureEncryptedVirtualization": {
"default-value": false,
"descriptor-type": "boolean",
"source": "GLOBAL"
},
"Compute.Firmware": {
"default-value": "UEFI_64", <--- Firmware default value
is UEFI_64
"descriptor-type": "enumstring",
"source": "IMAGE",
"values": [
"UEFI_64" <--- Firmware only value
UEFI_64
]
},
"Compute.LaunchMode": {
"default-value": "PARAVIRTUALIZED",
"descriptor-type": "enumstring",
"source": "GLOBAL",
"values": [
"NATIVE",
"EMULATED",
"VDPA",
"PARAVIRTUALIZED",
"CUSTOM"
]
},
[...snip...]

Tip: Repeat this process for the $NMC_IMAGE_ID.

Tip: You can also use the console to verify the setting by navigating to Compute → Custom Images → Image display name and verifying the "Firmware" setting.

Appendix K: Determining an availability zone and setting the environmental variable

$ ]$ oci iam availability-domain list --compartment-id $COMP_ID

Example:
{
$ oci iam availability-domain list --compartment-id $COMP_ID
"data": [
{
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa",
"id":
"ocid1.availabilitydomain.oc1..aaaaaaaaaaaaaaa1ae1yw1vghp1go1zceaon1wiioe1tnh
1vlaxjjl1n1a",
"name": "rGLR:US-ASHBURN-AD-1"
<-- Pick one of these to be your availability domain
},
{
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa",
"id":
"ocid1.availabilitydomain.oc1..aaaaaaaatrwxaogr2dl2yschqtrmqrdv6uzis2mgbnomia
gqrfhcb2mxsfdq",
"name": "rGLR:US-ASHBURN-AD-
2"
<-- Pick one of these to be your availability domain
},
{
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa",
"id":
"ocid1.availabilitydomain.oc1..aaaaaaaaaaa3a3aaaaa3aaaaaaaaajcukrijtmcltvfwxa
zmitk235wyohta",
"name": "rGLR:US-ASHBURN-AD-
3"
<-- Pick one of these to be your availability domain
}
]
}

Set the environmental variable:
$ export AD="rGLR:US-ASHBURN-AD-1"

Appendix L: Creating block volumes using the OCI CLI

The following volumes are required when deploying Nasuni Edge Appliance and Nasuni Management Console.

For Nasuni Edge Appliance volume requirements, you need two volumes created and this includes:

• --size-in-gbs <CacheDiskSizeInGB>

• --display-name <NEA_Cache_Disk>

$ oci bv volume create --compartment-id $COMP_ID \
--availability-domain $AD \
--size-in-gbs <volume size in GB> \
--display-name <volume display name>

Example:
$ oci bv volume create --compartment-id $COMP_ID --availability-domain $AD --
size-in-gbs 250 --display-name nasuni-cache
{
"data": {
"auto-tuned-vpus-per-gb": 10,
"autotune-policies": [
{
"autotune-type": "DETACHED_VOLUME"
}
],
"availability-domain": "rGLR:US-ASHBURN-AD-1",
"block-volume-replicas": null,
"cluster-placement-group-id": null,
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa",
"defined-tags": {},
"display-name": "nasuni-cache",
"freeform-tags": {},
"id":
"ocid1.volume.oc1.iad.aaaaaaaaaaaaaaaaaaa1cnajtue11u1l1ojk1gotukxxcd1rzfevss1
1qub1aa", <---COPY THIS OCID AND SET AS ENVIRONMENTAL VARIABLE
"is-auto-tune-enabled": true,
"is-hydrated": null,
"is-reservations-enabled": false,
"kms-key-id": null,
"lifecycle-state": "PROVISIONING",
"size-in-gbs": 250,
"size-in-mbs": 256000,
"source-details": null,
"system-tags": {},
"time-created": "2025-10-17T21:02:00.686000+00:00",
"volume-group-id": null,
"vpus-per-gb": 10
},
"etag": "873bfc01ec1ade0f974c38a1ddd44ac1"
}

Create an environmental variable for each volume ocid:
$ export <VOLUME ROLE VARIABLE NAME>="<volume ocid>"
Example:
$ export
CACHE_VOL="ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwez
lw1ktwea1aaaaaaa"

Tip: Repeat this process for all the volumes needed for the Nasuni Edge Appliance, giving each their own variable name: NEA_Cache_Vol, NEA_CoW_Vol. For the Nasuni Management Console, you only need NMC_Cache_Vol.

Tip: Take note of the created volume OCID, and set an environmental variable for the volume with the role in the variable name, so you can use it later to attach to the compute instance.

Appendix M: Prerequisites for Launching the Nasuni instances

Determine the path to your public ssh key file, export the path as a variable.

$ export KEY_PUB="<path to public ssh key file>"

Example:
$ export KEY_PUB="/home/opc/.ssh/id_rsa.pub"

Determine or create the Virtual Cloud Network and subnet where the Nasuni instances are to be launched.

$ oci network subnet list --compartment-id $COMP_ID

Example:
{
$ oci network subnet list --compartment-id $COMP_ID
"data": [
{
"availability-domain": null,
"cidr-block": "10.0.0.0/24",
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa",
"defined-tags": {},
"dhcp-options-id":
"ocid1.dhcpoptions.oc1.iad.aaaaaaaa11r1fusu11rfxlunymwtx1rj1nhha11m1kptnbp1lf
iblaq111aa",
"display-name": "subnet-20210420-1050",
"dns-label": "subnet04201101",
"freeform-tags": {},
"id":
"ocid1.subnet.oc1.iad.aaaaaaaapz1i1qmcft1eug11huhsderejmsv1lcfn1h1ak1dzt1tao1
ti1aa", <--- SELECT A SUBNET AND COPY THE OCID FOR AN ENVIRONMENT VARIABLE
"ipv6-cidr-block": null,
"ipv6-cidr-blocks": null,
"ipv6-virtual-router-ip": null,
"lifecycle-state": "AVAILABLE",
"prohibit-internet-ingress": false,
"prohibit-public-ip-on-vnic": false,
"route-table-id":
"ocid1.routetable.oc1.iad.aaaaaaaamlbba1mnunhtt1j1htmiwg1uzqo1shbqpnszgtu1ddu
elm1aaaaa",
"security-list-ids": [
"ocid1.securitylist.oc1.iad.aaaaaaaaxvqcfvkwxolglxmgobtt1mhxsb1al1svpidrwxtw1
tb1m1pw1aaa"
],
"subnet-domain-name": "subnet04201101.vcn04201101.oraclevcn.com",
"time-created": "2021-04-20T18:01:59.099000+00:00",
"vcn-id":
"ocid1.vcn.oc1.iad.amaaaaaafgg11oaaatcgm1gl1d1x1fwo1w1nfuk1vjsankr1aaaaaaaaaa
1a",
"virtual-router-ip": "10.0.0.1",
"virtual-router-mac": "00:00:17:F9:C4:E2"
},
{
"availability-domain": null,
"cidr-block": "10.0.0.0/24",
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa",
"defined-tags": {},
"dhcp-options-id":
"ocid1.dhcpoptions.oc1.iad.aaaaaaaatpzkjed1o1ao1oaor1qiymxgummcs11f1t1pfwo1bz
gw1aaaaaaa",
"display-name": "subnet-20210322-1510",
"dns-label": "subnet03221525",
"freeform-tags": {},
"id":
aaaaa", "ocid1.subnet.oc1.iad.aaaaaaaamlf1fple1f11rvz1nqvnqkmcoyq1gbdbskta1aaaaaaaaaa
<--- SELECT A SUBNET AND COPY THE OCID FOR AN ENVIRONMENT
VARIABLE
"ipv6-cidr-block": null,
"ipv6-cidr-blocks": null,
"ipv6-virtual-router-ip": null,
"lifecycle-state": "AVAILABLE",
"prohibit-internet-ingress": false,
"prohibit-public-ip-on-vnic": false,
"route-table-id":
"ocid1.routetable.oc1.iad.aaaaaaaaeaatkg11s111nzjau1x111gw11aapmshlo1t11tw1h1
fy1sh1aaa",
"security-list-ids": [
"ocid1.securitylist.oc1.iad.aaaaaaaa1r1zkx1xlhxxzkobdbyqyjntk1chz1op1xb11w1rq
fcr1aaaaaaa"
],
"subnet-domain-name": "subnet03221525.vcn03221525.oraclevcn.com",
"time-created": "2021-03-22T22:25:29.785000+00:00",
"vcn-id":
"ocid1.vcn.oc1.iad.amaaaaaafgg11oaalvu4knuilzx1jk1dn1qmwfnwf1ov11vphjxun1aaaa
aa",
"virtual-router-ip": "10.0.0.1",
"virtual-router-mac": "00:00:17:10:A3:DF"
},

After you select a subnet, export the subnet ID to an environmental variable.

$ export SUBNET_ID="<subnet ocid"

Example:
export
SUBNET_ID="ocid1.subnet.oc1.iad.aaaaaaaamlf1fple1f11rvz1nqvnqkmcoyq1gbdbskta1
aaaaaaaaaaaaaaa"

Tip: Set the instance shape environmental variable. VM.Standard.E4.Flex or VM.Standard.E5.Flex is recommended.
(For example, ($ export SHAPE="VM.Standard.ER.FLex").
In this example we use VM.Standard.E4.Flex.)
For a full list of instance shapes that support UEFI_64 Firmware, see Compute Shapes.

Set environmental variables for display names for each Nasuni instance

$ export FILER_DISPLAY="nasuni-edge-filer"
$ export NMC_DISPLAY="nasuni-mgt-console"

Tip: Launch compute instances for each Nasuni shape using the environmental variables set. The minimum memory should be set to 16GB and the minimum CPUs should be set to 8.

Required commands to launch the Nasuni Edge Appliance instance

$ oci compute instance launch --compartment-id $COMP_ID \
--display-name $FILER_DISPLAY \
--availability-domain $AD \
--subnet-id $SUBNET_ID \
--image-id $EDGE_IMAGE_ID \
--shape $SHAPE \
--ssh-authorized-keys-file $KEY_PUB \
--assign-public-ip true \
--shape-config '{"ocpus": 8, "memoryInGBs": 16}' \
--extended-metadata '{"firmware": "UEFI_64"}'

Example output:
{
"data": {
"agent-config": {
"are-all-plugins-disabled": false,
"is-management-disabled": false,
"is-monitoring-disabled": false,
"plugins-config": null
},
"availability-config": {
"is-live-migration-preferred": null,
"recovery-action": "RESTORE_INSTANCE"
},
"availability-domain": "rGLR:US-ASHBURN-AD-1",
"capacity-reservation-id": null,
"cluster-placement-group-id": null,
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa,
"defined-tags": {},
"display-name": "nasuni-edge-filer",
"extended-metadata": {
"firmware": "UEFI_64"
},
"fault-domain": "FAULT-DOMAIN-2",
"freeform-tags": {},
"id":
xy2gqta", "image-id":
"ocid1.instance.oc1.iad.anuwcljsfgg62oacngiakkol3mkyhvlaptzb4q6gmdzuiuji7lssy
<--- COPY THIS OCID FOR BLOCK ATTACHMENT IN NEXT STEP
"ocid1.image.oc1.iad.aaaaaaa2aa2aaaaa2aaaaaaaaaaaaaaaaaaaaaaaa22a2aaaaaaa22a"
,
"instance-configuration-id": null,
"instance-options": {
"are-legacy-imds-endpoints-disabled": false
},
"ipxe-script": null,
"is-ai-enterprise-enabled": null,
"is-cross-numa-node": false,
"launch-mode": "PARAVIRTUALIZED",
"launch-options": {
"boot-volume-type": "PARAVIRTUALIZED",
"firmware": "UEFI_64",
"is-consistent-volume-naming-enabled": true,
"is-pv-encryption-in-transit-enabled": false,
"network-type": "PARAVIRTUALIZED",
"remote-data-volume-type": "PARAVIRTUALIZED"
},
"licensing-configs": null,
"lifecycle-state": "PROVISIONING",
"metadata": {
"ssh_authorized_keys": "ssh-rsa BBBBB1NzaC1yc1EAAAADAQABAAACAQDrAHfL
<snip> foo@racle.com\n"
},
"placement-constraint-details": null,
"platform-config": null,
"preemptible-instance-config": null,
"region": "iad",
"security-attributes": {},
"security-attributes-state": "STABLE",
"shape": "VM.Standard.E4.Flex",
"shape-config": {
"baseline-ocpu-utilization": null,
"gpu-description": null,
"gpus": 0,
"local-disk-description": null,
"local-disks": 0,
"local-disks-total-size-in-gbs": null,
"max-vnic-attachments": 8,
"memory-in-gbs": 16.0,
"networking-bandwidth-in-gbps": 8.0,
"ocpus": 8.0,
"processor-description": "2.55 GHz AMD EPYC™ 7J13 (Milan)",
"resource-management": null,
"vcpus": 16
},
"source-details": {
"boot-volume-size-in-gbs": null,
"boot-volume-vpus-per-gb": null,
"image-id":
"ocid1.image.oc1.iad.aaaaaaa2aa2aaaaa2aaaaaaaaaaaaaaaaaaaaaaaa22a2aaaaaaa22a"
,
"instance-source-image-filter-details": null,
"kms-key-id": null,
"source-type": "image"
},
"system-tags": {},
"time-created": "2025-10-20T18:35:52.699000+00:00",
"time-maintenance-reboot-due": null
},
"etag": "342f29706161615689e35ea58200e5dccc5f152673e4c648fa68128d2ecac965",
"opc-work-request-id":
"ocid1.coreservicesworkrequest.oc1.iad.aaaaaaaa1uomxuaybut1zkghtmpyztphcbgdav
zfjcbuvunxsyz1mv1a1aaa"
}

Attach the block volumes to the Nasuni Edge Appliance instance

$ oci compute volume-attachment attach \
--instance-id <instance ocid from launch> \
--volume-id $NEA_Cache_Vol \
--type paravirtualized
$ oci compute volume-attachment attach \
--instance-id <instance ocid from launch> \
--volume-id $NEA_CoW_Vol
--type paravirtualized

Example output:
"data": {
"attachment-type": "paravirtualized",
"availability-domain": "rGLR:US-ASHBURN-AD-1",
"compartment-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa",
"device": null,
"display-name": "volumeattachment20251020183741",
"id":
"ocid1.volumeattachment.oc1.iad.aaaaaaaaaaa11oacguur1o1wvtjzqhzuksxbz1r1sbitd
jor1pl1r1aaaaaa",
"instance-id":
"ocid1.instance.oc1.iad.anuwcljsfgg62oacngiakkol3mkyhvlaptzb4q6gmdzuiuji7lssy
xy2gqta",
"is-multipath": null,
"is-pv-encryption-in-transit-enabled": false,
"is-read-only": false,
"is-shareable": false,
"is-volume-created-during-launch": false,
"iscsi-login-state": null,
"lifecycle-state": "ATTACHING",
"time-created": "2025-10-20T18:37:42.048000+00:00",
"volume-id":
"ocid1.compartment.oc1..aaaaaaaaaaaaa1msmfa1c11moicw1p1rryuurm1cwezlw1ktwea1a
aaaaaa"
},
"etag": "789e31a9a49ee8b5abbb2c5ac4ed381d2f2e38e0d6b369effc3dd3445aa7ab39"
}

Required commands to launch the Nasuni Management Console instance

$ oci compute instance launch --compartment-id $COMP_ID \
--display-name $NMC_DISPLAY \
--availability-domain $AD \
--subnet-id $SUBNET_ID \
--image-id $NMC_IMAGE_ID \
--shape $SHAPE \
--ssh-authorized-keys-file $KEY_PUB \
--assign-public-ip true \
--shape-config '{"ocpus": 8, "memoryInGBs": 16}' \
--extended-metadata '{"firmware": "UEFI_64"}'

Tip: Output should look similar to the previous instance launch. Be sure to copy the instance ocid in the output to attach the block volume.

Attach the block volumes to the Nasuni Management Console Instance

$ oci compute volume-attachment attach \
--instance-id <instance ocid from launch> \
--volume-id $NMC_Cache_Vol
--type paravirtualized