How do you access “none default ports” on your DBaaS VM server?
A.
Review a file called portlist.ini in your installation directory to acquire the list of “none default ports” that are assigned to your VM server.
B.
You file a service request with your DBaaS support team to have the “none default ports” opened for use.
C.
You create an SSH tunnel to the “none default port”.
D.
All communication to DBaaS services must be configured only by using the default ports that are assigned to your VM server during the installation of your
DBaaS instances.
Explanation:
To enable access to a compute node port, you enable the appropriate security rule. When you enable one of the predefined security rules, the given port on the
compute node is opened to the public internet. To enable access to a different port, or restrict access to a port, you must create a security rule.
Note: When a database deployment is created, the following Oracle Compute Cloud Service security rules are created, but set to a disabled status.
ora_p2_dbconsole, which controls access to port 1158, the port used by Enterprise Manager 11g Database Control.
ora_p2_dbexpress, which controls access to port 5500, the port used by Enterprise Manager Database Express 12c.
ora_p2_dblistener, which controls access to the port used by SQL*Net.
ora_p2_http, which controls access to port 80, the port used for HTTP connections.
ora_p2_httpssl, which controls access to port 443, the port used for HTTPS connections, including Oracle REST Data Services, Oracle Application Express, and
Oracle DBaaS Monitor.
References: Using Oracle Database Cloud Service (February 2017), page 3-7
https://docs.oracle.com/en/cloud/paas/database-dbaas-cloud/csdbi/using-oracle-database-cloud-service.pdf
I would say C… even in the detailed explanation given… there isn’t specified to open a service request with Oracle Support
Hi Cristina have you taken the exam already?
its look like C too ,cause the 2 methods to access compute node either
create a tunnels to the required ports or open those ports but it would be B since it is tricky caz in question its says “none default ports” and B hold none “default ports” wheras C hold none “default port” with S
I think the correct answer is B. I understand the “DBaaS support team” as the team responsible for configuring network, security, storage, create DB…
“To enable access to a compute node port, you enable the appropriate security rule.”
I think it should be C too.
C
B Or C?
Its definitely C. You can take a look at oracle documents(Page 132). It says
After you determine the EM Express port for the CDB or PDB that you want to
manage, you must choose one of the following two options to access EM Express on
that port:
• Unblock the port. You can unblock the port by Enabling Access to a Compute
Node Port.
After unblocking the port, you can access EM Express on that port as described in
Accessing EM Express Using the EM Express Port.
• Leave the port blocked. If your security requirements demand that you leave the
port blocked, you can still access EM Express by connecting to it through an SSH
tunnel, as described in Accessing EM Express Using an SSH Tunnel.
Creating an SSH Tunnel Using the ssh Utility on Linux
The Linux platform includes the ssh utility, an SSH client that supports SSH tunneling.
Chapter 3
Creating an SSH Tunnel to a Compute Node Port
3-4
Before you use the ssh utility to create an SSH tunnel, you need the following:
• The IP address of the target compute node.
The IP addresses associated with a database deployment on Oracle Database
Cloud Service are listed on the details page associated with the database
deployment. See Viewing Detailed Information for a Database Deployment.
• The SSH private key file that pairs with the public key used during the database
deployment creation process.
• The port number for which you want to create an SSH tunnel.