Overview of OS Management
The Oracle Cloud Infrastructure OS Management service allows you to manage and monitor updates and patches for the operating system environments on your Oracle Cloud instances, including instances managed by the OS Management Oracle Autonomous Linux service. OS Management also provides options for discovering and monitoring resources on your instances.
OS Management Components and Features
Review the following components and features to help you get started with OS Management.
- Managed Instance
-
A Compute instance that uses the OS Management service is referred to as a managed instance.
- Managed Instance Groups
-
Managed instance groups enable you to group your instances together for updates.
For more information, see Administering Managed Instance Groups.
- OS Management Service Agent Plugin
-
OS Management uses the OS Management Service Agent plugin for managing and applying updates. The Oracle Cloud Agent manages the OS Management Service Agent plugin. For more information about the Oracle Cloud Agent, see Managing Plugins with Oracle Cloud Agent.
The OS Management Service Agent plugin provides the necessary permissions to apply updates on managed instances:
- For Oracle Linux instances, the OS Management Service Agent plugin utilizes the standard Linux permissions for a sudo administrative account to apply updates.
- For Windows instances, the OS Management Service Agent plugin creates a virtual service account for applying updates on the instance. The virtual service account is OCAOSMS. Do not remove this account on instances where the OS Management service is used.
For more information about managing the OS Management Service Agent plugin, see Getting Started with OS Management.
- Software Sources
-
For Linux instances, OS Management uses software sources to provide packages to instances and to track the available updates to those packages.
For more information about software sources, see Managing Software Sources.
- Linux Package Management
-
For Linux instances, OS Management provides a search facility that you can use to check individual packages. Using this search facility, you can check for available updates. You can also use this facility to perform actions for managing Linux packages, such as installing, removing, and updating packages on managed instances and managed instance groups.
For more information, see Managing Linux Packages.
- Windows Update Management
-
For Windows instances, OS Management provides actions for installing Windows updates on managed instances and managed instance groups.
For more information, see Managing Windows Updates.
- Common Vulnerabilities and Exposures (CVE) Search
-
For Linux instances, OS Management provides a search facility that you can use to check individual CVEs. This facility helps you determine the level of exposure in your tenancy.
For more information about the CVE search facility, see Checking Exposure to Known Vulnerabilities.
- Oracle Autonomous Linux
- Oracle Autonomous Linux is a managed service for reducing the complexity and overhead of common OS management tasks.
- Resource Discovery and Monitoring
-
Resource Discovery and Monitoring allows auto-discovery and basic monitoring of resources running on Oracle Linux Compute instances managed by the OS Management service.
For more information, see Resource Discovery and Monitoring.
- Scheduled Jobs
-
When you use the OS Management service to manage updates on a managed instance or managed instance group, you have full control over when actions take place. If you specify that an action take place at a particular date and time, the OS Management service creates a scheduled job. OS Management provides two basic modes for scheduled jobs: one-time and recurring jobs.
For more information, see Managing Scheduled Jobs and Work Requests.
- Work Requests
-
OS Management actions such as installing, removing, or updating packages are asynchronous and initiate work requests. You can use the work request to track the status of operations, including the ability to see why an action failed.
For more information, see Managing Scheduled Jobs and Work Requests.
Retention Policy
OS Management periodically removes managed instances from the service that haven't communicated with the OS Management service in the last 30 days.
Orphaned OS Management resource objects in a tenancy are reclaimed after 90 days. For example:
- Recurring scheduled jobs assigned to a group with no instances for 90 days.
- Scheduled jobs assigned to an instance that's inactive for 90 days.
- Groups with no attached instances for 90 days.
- Custom software sources with no instances attached for 90 days.
Availability
The OS Management service is available in all Oracle Cloud Infrastructure commercial regions. See About Regions and Availability Domains for the list of available regions, along with associated locations, region identifiers, region keys, and availability domains.
Resource Identifiers
Most types of Oracle Cloud Infrastructure resources have a unique, Oracle-assigned identifier called an Oracle Cloud ID (OCID). For information about the OCID format and other ways to identify your resources, see Resource Identifiers.
Authorization and Authentication
Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, SDK or CLI, and REST API).
An administrator in your organization needs to set up groups, compartments, and policies that control which users can access which services, which resources, and the type of access. For example, the policies control who can create new users, create and manage the cloud network, launch instances, create buckets, download objects, etc. For more information, see Getting Started with Policies.
- For specific details about writing policies for OS Management, see Setting Up IAM Policies for OS Management and OS Management Policy Reference.
- For details about writing policies for other services, see Policy Reference.
If you’re a regular user (not an administrator) who needs to use the Oracle Cloud Infrastructure resources that your company owns, contact your administrator to set up a user ID for you. The administrator can confirm which compartment or compartments you should be using.
Creating Automation with Events
You can create automation based on state changes for your Oracle Cloud Infrastructure resources by using event types, rules, and actions. For more information, see Overview of Events. For reference information about OS Management events, see OS Management Events.
OS Management resources that emit events:
-
Managed instances
-
Managed instance groups
-
Scheduled jobs
-
Software sources
Ways to Access Oracle Cloud Infrastructure
You can access Oracle Cloud Infrastructure using the Console (a browser-based interface) or the REST API. Instructions for the Console and API are included in topics throughout this guide. For a list of available SDKs, see Software Development Kits and Command Line Interface.
To access the Console, you must use a supported browser. To go to the Console sign-in page, open the navigation menu at the top of this page and click Infrastructure Console. You prompted to enter your cloud tenant, your user name, and your password.
For general information about using the API, see REST APIs.