Operating Systems AWS

Oracle Linux 10 User Guide

| Product: Oracle Linux 10

Overview

This guide covers the deployment and configuration of Oracle Enterprise Linux 10 on AWS using cloudimg AMIs from the AWS Marketplace. Oracle Linux 10 is the latest major release of Oracle's enterprise Linux distribution, delivering modern kernel features with UEK 8, enhanced security, and improved performance for cloud workloads.

What's included in this AMI:

  • Oracle Enterprise Linux 10 with latest security patches
  • AWS CLI for AWS service management
  • AWS CloudWatch Agent for monitoring and log collection
  • AWS Systems Manager Agent for remote management
  • Cloud Init for instance initialization
  • OS package update script for keeping the system current
  • 24/7 cloudimg support with guaranteed 24 hour response SLA

Prerequisites

Before launching this AMI, ensure you have:

  1. An active AWS account
  2. An active subscription to Oracle Linux 10 on AWS Marketplace
  3. An EC2 key pair for SSH access
  4. Familiarity with EC2 instance management and SSH

Recommended Instance Type: t3.small (2 vCPU, 2 GB RAM) or larger. The minimum requirements are 1 vCPU, 1 GB RAM, and 50 GB disk space.

Step 1: Launch the AMI

  1. Navigate to the AWS Marketplace and search for "Oracle Linux 10 cloudimg"
  2. Click Continue to Subscribe, accept the terms, then Continue to Configuration
  3. Select your preferred Region and Software Version
  4. Click Continue to Launch
  5. Choose Launch through EC2 for full control over instance configuration
  6. Select your instance type (t3.small recommended)
  7. Configure storage: 50 GB gp3 minimum
  8. Configure your Security Group with the following inbound rules:
Port Protocol Source Purpose
22 TCP Your IP SSH access
  1. Select your EC2 key pair and launch the instance

Step 2: Connect via SSH

Once your instance is running and has passed both status checks (2/2), connect using SSH:

ssh -i your-key.pem ec2-user@<public-ip-address>

To switch to the root user:

sudo su -

Note: Please allow the EC2 instance to reach 2/2 successful status checks before attempting to connect. Early SSH attempts may result in "Permission denied" errors. This is expected and will resolve once the instance has fully initialized.

Step 3: Verify the System

Check the OS version:

cat /etc/oracle-release

Check kernel version:

uname -r

Using AWS CLI

The AWS CLI is preinstalled:

aws --version

Configure credentials with aws configure or attach an IAM role to the instance.

Configuring CloudWatch Agent

Run the configuration wizard as root:

/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard

Start the agent:

/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json

Check status:

/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m ec2 -a status

Using Systems Manager

Check SSM Agent status:

systemctl status amazon-ssm-agent

Ensure the instance has an IAM role with AmazonSSMManagedInstanceCore policy.

Configuring Cloud Init

Edit the Cloud Init configuration:

vi /etc/cloud/cloud.cfg

Server Components

Component Version Install Path
AWS CLI 2.34.26 /usr/local/aws-cli
AWS CloudWatch Agent 1.300064.1b1344 /opt/aws/amazon-cloudwatch-agent
AWS Systems Manager Agent Latest /usr/bin/amazon-ssm-agent
Cloud Init 24.4 /etc/cloud

Filesystem Layout

Mount Point Size Description
/ 46 GB Root filesystem (LVM on NVMe)
/boot 960 MB Operating system kernel files

Note: Oracle Linux 10 uses NVMe storage devices on supported instance types.

Scripts and Log Files

Script/Log Path Description
initial_boot_update.sh /stage/scripts Updates the OS with the latest packages on first boot
initial_boot_update.log /stage/scripts Output log for the boot update script

On Startup

An OS package update script runs on first boot. Disable it with:

rm -f /stage/scripts/initial_boot_update.sh

crontab -e
# Delete the @reboot line, save and exit

Common Administration Tasks

Update all packages:

dnf update -y

Install a package:

dnf install -y package-name

Search for packages:

dnf search keyword

Manage services:

systemctl start service-name
systemctl stop service-name
systemctl enable service-name
systemctl status service-name

View system logs:

journalctl -f

Check listening ports:

ss -tlnp

Oracle Linux Specific Features

Unbreakable Enterprise Kernel (UEK)

Oracle Linux 10 includes the Unbreakable Enterprise Kernel (UEK) 8, Oracle's optimized kernel built for enterprise workloads. UEK 8 is based on the Linux 6.12 LTS kernel and provides enhanced performance, advanced diagnostics, and improved hardware support compared to the Red Hat Compatible Kernel (RHCK).

Verify which kernel is running:

uname -r

If the output contains uek, you are running the Unbreakable Enterprise Kernel. If it contains el10, you are running the RHCK.

Switch between kernels:

# List installed kernels
grubby --info=ALL | grep title

# Set the default kernel (example for RHCK)
sudo grubby --set-default /boot/vmlinuz-<rhck-version>

# Reboot to apply
sudo reboot

UEK 8 highlights: - Based on Linux 6.12 LTS with Oracle enhancements - Optimized for Oracle Database and middleware workloads - DTrace tracing framework for advanced diagnostics - Enhanced Btrfs filesystem support - Improved NVMe, RDMA, and network driver performance - Virtio and cloud platform optimizations

Ksplice Zero Downtime Patching

Oracle Linux includes Ksplice, a technology that applies critical kernel security patches without rebooting. This is ideal for production database servers where uptime is critical.

Check Ksplice status:

sudo ksplice kernel show

Apply available patches without reboot:

sudo ksplice kernel upgrade

Note: Ksplice requires an Oracle Linux Premier Support subscription for full functionality. Install Ksplice with sudo dnf install -y ksplice if needed.

Oracle Database Compatibility

Oracle Linux 10 is Oracle's recommended operating system for the latest Oracle Database deployments. Key advantages include:

  • Prevalidated and certified for current Oracle Database versions
  • Required Oracle prerequisite packages available via oracle-database-preinstall RPMs
  • Automatic Storage Management (ASM) kernel driver support via UEK
  • Optimized huge pages and shared memory configuration for database workloads

Install Oracle Database prerequisites:

sudo dnf install -y oracle-database-preinstall-23ai

This automatically configures kernel parameters, user accounts, and resource limits required for Oracle Database installation.

Troubleshooting

Cannot connect via SSH

  1. Verify the instance has passed 2/2 status checks
  2. Check your security group allows port 22 from your IP
  3. Ensure you are using the correct key pair and username (ec2-user)

dnf update fails

  1. Verify internet access (public subnet or NAT gateway)
  2. Check DNS resolution: nslookup yum.oracle.com
  3. Check disk space: df -h

CloudWatch Agent not working

  1. Verify agent status with the amazon-cloudwatch-agent-ctl command
  2. Check IAM role has CloudWatchAgentServerPolicy
  3. Review logs: tail -f /opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log

Security Recommendations

  • Restrict SSH access: Only allow port 22 from trusted IP addresses
  • Use IAM roles for AWS API access instead of access keys
  • Keep the system updated: Run dnf update regularly
  • Enable SELinux: Verify with getenforce
  • Configure firewalld for host level security
  • Monitor with CloudWatch for CPU, memory, and disk alerts
  • Use SSM Session Manager for secure, auditable remote access
  • Harden SSH configuration: Disable password authentication, use key based auth only

Support

If you encounter any issues with this product, contact cloudimg support:

  • Email: support@cloudimg.co.uk
  • Website: www.cloudimg.co.uk
  • Support hours: 24/7 with guaranteed 24 hour response SLA

Deploy on AWS

Launch Oracle Linux 10 with 24/7 support from cloudimg.

View on Marketplace

Need Help?

Our support team is available 24/7.

support@cloudimg.co.uk