Victor is a full stack software engineer who loves travelling and building things. Most recently created Ewolo, a cross-platform workout logger.
How to open ports on an Oracle Cloud VM running on Ubuntu 20.04

For a recent project, I decided to try out Oracle cloud's free forever tier which includes a VM with 1 vCPU and 1Gb RAM. Setup was pretty straightforward except that I needed to provide a credit card linked to my bank account rather than the online card that I generally use. Setting up a VM was also not too complicated but getting an app running and accessible via the internet was a bit tricky. In this article, we will look at opening up ports for an Oracle cloud VM that uses the Ubuntu 20.04 LTS image. TLDR: open ingress ports, disable ufw, setup firewalld and open the ports that you require.

Suppose we would like to enable http and https access to our VM, then the first step is to head over to the Oracle cloud dashboard and into the VM network and then the subnet. If the defaults were selected on VM creation, then the network should have a default security list. Click into it and add ingress rules for the ports that you would like.

Oracle cloud networking ingress rules. Note that I had initially set the source IP to be the same as the destination IP and this very obviously did not work leading to a wasted couple of hours :(.

The next step is to disable Ubuntu's default firewall via sudo ufw disable as it does not play well with Oracle cloud infrastructure.

The final step is to allow the VM to accept connections on the aforementioned ports. This can be achieved by manually updating the iptables rules or a cleaner approach would be to install firewalld:

sudo apt install firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --permanent --zone=public --add-port=80/tcp
sudo firewall-cmd --permanent --zone=public --add-port=443/tcp
sudo firewall-cmd --reload

In case there are any issues, ensure that the firewall service uses iptables as the FirewallBackend in its config: /etc/firewalld/firewalld.config. The VM should now be accessible from the internet :).