Setting Up Oracle Cloud Free Instances with Docker and Traefik
Oracle Cloud Infrastructure (OCI) offers one of the most generous free tier programs among cloud providers, including “Always Free” resources that never expire. In this guide, I’ll walk you through the process of setting up Oracle Cloud free instances, enabling Pay-As-You-Go (PAYG) to unlock free ARM instances, and deploying services using Docker with Traefik as a reverse proxy.
Oracle Cloud Free Tier Overview
Oracle Cloud’s Free Tier includes:
- 2 AMD-based Compute VMs with 1/8 OCPU and 1GB memory each
- 4 ARM-based Ampere A1 cores and 24GB memory (requires PAYG account)
- 200GB total storage
- 10TB outbound data transfer per month
- Load balancer, monitoring, and notifications
The key advantage is that these resources never expire as long as you use them, unlike other cloud providers’ free tiers that typically last only 12 months.
Step 1: Creating an Oracle Cloud Account
- Visit Oracle Cloud Free Tier
- Click “Start for free”
- Fill in your personal information and verify your email address
- Complete the account verification process with a valid credit card (required for identity verification, but you won’t be charged unless you explicitly upgrade)
- Choose your home region (select one close to your target audience for better performance)
Step 2: Enabling PAYG to Unlock ARM Instances
By default, Oracle Cloud accounts start with a “Free Tier” status, which provides access to the AMD-based VMs. However, to access the more powerful ARM-based Ampere A1 instances (which are still free), you need to enable Pay-As-You-Go (PAYG):
- Log in to your Oracle Cloud account
- Navigate to the Account Management page
- Select “Payment Methods”
- Verify your payment method is active
- Go to “Upgrade to Paid”
- Select the “Pay as you go” option
Don’t worry - enabling PAYG doesn’t mean you’ll be charged automatically. You’ll still have access to all Free Tier resources, and Oracle will only charge you if you explicitly provision resources beyond the free limits.
Step 3: Creating an ARM-based Compute Instance
Now that you’ve enabled PAYG, you can create an ARM-based Ampere A1 instance:
- From the Oracle Cloud dashboard, navigate to “Compute” > “Instances”
- Click “Create Instance”
- Name your instance
- In the “Image and shape” section, click “Change image” and select Ubuntu instead of the default Oracle Linux image
- Click “Change shape”
- Select “Ampere” and choose the “VM.Standard.A1.Flex” shape
- Configure with 4 OCPUs and 24 GB memory (the maximum free allocation)
- In the networking section, create a new Virtual Cloud Network (VCN) or use an existing one
- Make sure to select “Assign a public IPv4 address”
- Upload your SSH public key or generate a new key pair
- Click “Create” to provision your instance
Step 4: Configuring Security and Access
Before you can access your instance, you need to configure security rules:
- Navigate to “Networking” > “Virtual Cloud Networks”
- Select your VCN
- Click on your subnet
- Go to the “Security Lists” section
- Add ingress rules for the following ports:
- SSH (port 22)
- HTTP (port 80)
- HTTPS (port 443)
- Any additional ports your applications might need
Step 5: Connecting to Your Instance
- From the Instances page, find your newly created instance
- Note the public IP address
- Connect via SSH:
Note: When using Ubuntu, the default username is ‘ubuntu’ instead of ‘opc’ which is used in Oracle Linux.ssh -i /path/to/your/private_key ubuntu@your_instance_public_ip
Step 6: Installing Docker and Docker Compose
Once connected to your instance, install Docker and Docker Compose:
# Update system packages
sudo apt update && sudo apt upgrade -y
# Install required packages
sudo apt install -y apt-transport-https ca-certificates curl software-properties-common zip unzip
# Add Docker's official GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
# Add Docker repository
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# Install Docker
sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io
# Start and enable Docker service
sudo systemctl start docker
sudo systemctl enable docker
# Add your user to the docker group
sudo usermod -aG docker $USER
# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/download/v2.20.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
# Verify installations
docker --version
docker-compose --versionLog out and log back in for the group changes to take effect.
Step 7: Setting Up Traefik as a Reverse Proxy
Traefik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Let’s set it up with Docker:
- Create a new directory for your Traefik configuration:
mkdir -p ~/traefik/config
cd ~/traefik- Create a
docker-compose.ymlfile:
version: '3'
services:
traefik:
image: traefik:v2.10
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./config/traefik.yml:/traefik.yml:ro
- ./config/acme.json:/acme.json
networks:
- proxy
networks:
proxy:
external: true- Create a
config/traefik.ymlfile:
api:
dashboard: true
insecure: true
entryPoints:
http:
address: ":80"
http:
redirections:
entryPoint:
to: https
scheme: https
https:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
certificatesResolvers:
letsencrypt:
acme:
email: your-email@example.com
storage: acme.json
httpChallenge:
entryPoint: http- Create an empty
acme.jsonfile and set proper permissions:
touch ~/traefik/config/acme.json
chmod 600 ~/traefik/config/acme.json- Create the external Docker network:
docker network create proxy- Start Traefik:
docker-compose up -dStep 8: Using nip.io for Domain Name Resolution
nip.io is a free service that provides wildcard DNS for any IP address. This eliminates the need to configure DNS records for your applications. The format is <anything>.<your-ip>.nip.io.
For example, if your server’s IP address is 123.456.789.10, you can access your applications at:
app1.123.456.789.10.nip.ioapp2.123.456.789.10.nip.io
This is particularly useful for development and testing environments.
Step 9: Deploying Applications with Docker Compose and Traefik
Let’s deploy a simple web application using Docker Compose and Traefik:
- Create a directory for your application:
mkdir -p ~/apps/webapp
cd ~/apps/webapp- Create a
docker-compose.ymlfile:
version: '3'
services:
webapp:
image: nginx:alpine
container_name: webapp
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.webapp.rule=Host(`webapp.${SERVER_IP}.nip.io`)"
- "traefik.http.routers.webapp.entrypoints=https"
- "traefik.http.routers.webapp.tls=true"
- "traefik.http.routers.webapp.tls.certresolver=letsencrypt"
- "traefik.http.services.webapp.loadbalancer.server.port=80"
networks:
- proxy
networks:
proxy:
external: true- Create a
.envfile with your server’s IP address:
SERVER_IP=your_server_ip_address- Start the application:
docker-compose up -d- Access your application at
https://webapp.your_server_ip.nip.io
Example: Deploying a WordPress Site
Here’s a more complex example deploying WordPress with MySQL:
version: '3'
services:
wordpress_db:
image: mysql:5.7
container_name: wordpress_db
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: your_mysql_root_password
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: your_wordpress_db_password
volumes:
- wordpress_db_data:/var/lib/mysql
networks:
- proxy
wordpress:
image: wordpress:latest
container_name: wordpress
restart: unless-stopped
depends_on:
- wordpress_db
environment:
WORDPRESS_DB_HOST: wordpress_db
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: your_wordpress_db_password
WORDPRESS_DB_NAME: wordpress
volumes:
- wordpress_data:/var/www/html
labels:
- "traefik.enable=true"
- "traefik.http.routers.wordpress.rule=Host(`wordpress.${SERVER_IP}.nip.io`)"
- "traefik.http.routers.wordpress.entrypoints=https"
- "traefik.http.routers.wordpress.tls=true"
- "traefik.http.routers.wordpress.tls.certresolver=letsencrypt"
- "traefik.http.services.wordpress.loadbalancer.server.port=80"
networks:
- proxy
volumes:
wordpress_db_data:
wordpress_data:
networks:
proxy:
external: trueConclusion
Oracle Cloud’s free tier offers an excellent opportunity to host your applications without cost. By enabling PAYG, you gain access to powerful ARM-based instances while still staying within the free tier limits. Combined with Docker, Traefik, and nip.io, you can create a robust, scalable hosting environment for your projects.
Remember to monitor your resource usage to ensure you stay within the free tier limits. Oracle provides a budget tracking tool that can alert you if you’re approaching any paid service thresholds.
With this setup, you can host multiple web applications, APIs, or services on a single Oracle Cloud instance, making it an ideal solution for developers, hobbyists, or small businesses looking to minimize infrastructure costs.