# pip show virtualenv Name: virtualenv Version: 16.0.0 Summary: Virtual Python Environment builder Home-page: https://virtualenv.pypa.io/ |
virtualenv -v /python-virtualenv/oci |
[username@ansible-host tmp]# source /python-virtualenv/oci/bin/activate (oci) [username@ansible-host tmp]# |
(oci) [username@ansible-host oci]# pip install oci (oci) [username@ansible-host tmp]# pip list Package Version --------------- --------- asn1crypto 0.24.0 ... six 1.11.0 wheel 0.32.0 |
(oci) [username@ansible-host tmp]# git clone https://github.com/oracle/oci-ansible-modules.git (oci) [username@ansible-host tmp]# cd oci-ansible-modules (oci) [username@ansible-host oci-ansible-modules]# ./install.py |
(oci) [username@ansible-host tmp] deactivate [username@ansible-host tmp] |
(oci) [zdudic@ansible-host oci] git clone git@gitlab-server.domain.com:sysadmins/ansible.git (oci) [zdudic@ansible-host oci] cd ansible/oci (oci) [zdudic@ansible-host oci] (oci) [zdudic@ansible-host oci] ls list_oci_compartment.yml list_oci_policy.yml list_oci_shapes.yml list_oci_users.yml ... and more ... |
---
- name : Create Oracle Cloud Instance playbook
connection: local
hosts: localhost
tasks:
- name: Launch/create an instance using an image, look through 'item'
oci_instance:
name: "{{ item }}"
availability_domain: "DSdu:US-ASHBURN-AD-2"
# labops compartment
compartment_id: "ocid1.compartment.oc1..aaaaa..4ffpyyra"
source_details:
source_type: image
# image Oracle-Linux-7.5-2018.08.14-0
image_id: "ocid1.image.oc1.iad.aaaaaa..eiga4cnxa"
preserve_boot_volume: no # remove boot volume when an instance is terminated
shape: "VM.Standard1.4" # low usage of this shape as per service limit
vnic:
#name: some name
#hostname_label: some name
# subnet Web-AD2-iad.sub
subnet_id: "ocid1.subnet.oc1.iad.aaaa..pe545jq"
# adding ssh public key
metadata: {
"ssh_authorized_keys": "ssh-rsa AAAAB3NzaC1yc2...umoH2tVhW+BK6ZSyCoWosR linuxandvirtualization"
}
volume_details: # volume details is in experimental mode, seems doesn't do anything!!
environment: {OCI_ANSIBLE_EXPERIMENTAL: True}
attachment_name: second_disk
attachment_state: present
type: iscsi
# this block volume already exist from before
volume_id: "ocid1.volume.oc1.iad.abuwclj...hneneg26a"
state: "present" # an instance must be present, so create it if doesn't exist
wait: yes
wait_until: RUNNING
with_items: # note item is in plural !!
- ca-oci-zarko1
- ca-oci-zarko2
- ca-oci-zarko3
|
---
- name : User playbook for creating and sending email
connection: local
hosts: localhost
vars:
oracle_ldap_srv: gmldap.domaincorp.com
ldap_search_base: "DC=DOMAIN,DC=COM"
vars_prompt:
- name: user_name
prompt: "Enter user's email address"
#default: no_default_user
private: no
- name: users_grp
prompt: "Enter list of groups user belogs to (separate by comma): grp1,grp2 "
default: "[]" # no group by default
private: no
tasks:
# ----------------------------
# Is a user in corporate LDAP ?
# -----------------------------
- name: Check corporate ldap for {{ user_name }}
command: ldapsearch -LLL -x -h {{oracle_ldap_srv}} -b "{{ldap_search_base}}" "mail={{ user_name }}"
register: result
# exit if users doesn't exist
#- debug: # if you don't want play to fail, just a message
- fail:
msg: "Exit: {{user_name}} is not Oracle employee"
when: result.stdout.find('{{user_name}}') == -1
- name: Print that user exists
debug:
msg: "OK: {{user_name}} is Oracle employee!"
when: result.stdout.find('{{user_name}}') != -1
# ----------------------------
# Create OCI account
# -----------------------------
- name: Create User with password and group memberships
oci_user:
name: "{{ user_name }}"
description: "Local account {{ user_name }}"
user_groups: "{{ users_grp }}"
create_or_reset_ui_password: True
state: 'present'
register: result
#- fail:
# msg="Exit, I'd say {{ user_name }} already exists, please check it. "
# #when: result.user.password == -1
- debug:
msg="User {{ user_name }} is created with password {{result.user.password}}"
when: result.user.password != -1
# ----------------------------
# Email details to a user
# -----------------------------
- name: Send an email to a user
mail:
host: "internal-mail-router.domain.com"
from: "ca-labops-support@domain.com"
to: "{{ user_name }}"
subject: OCI account {{ user_name }} has been created!
body: "
\n
Login URL for OCI Console: \n
https://console.us-some_city-1.oraclecloud.com/?tenant=linuxandvirtualization
\n\n Username: \n
{{ user_name }}
\n\n The password: \n
{{result.user.password}}
\n\n You are in group(s): \n
{{users_grp}}
\n"
when: result.user.password != -1 # prevents sending duplicated emails
- debug:
msg="Emailed details to {{ user_name }} "
when: result.user.password != -1
|
---
- name: Delete user playbook
connection: local
hosts: localhost
tasks:
- name: Delete a user
oci_user:
user_id: "{{item}}"
# If force='no' and if the user is part of a group, user will not be deleted.
# To delete a user associated with group(s), use state=yes.
force: yes
state: absent
loop:
#- ocid1.user.oc1..aaaa...4c5f4p4c2q
#- ocid1.user.oc1..aaaaa..edsdgwea
|
---
- name : Users playbook
connection: local
hosts: localhost
tasks:
- name: List all OCI existing users in Linuxandvirtualization tenancy
oci_user_facts:
# need for showing output
register: result
- name: Dump result
debug:
#msg: '{{result}}'
msg: "{{result | json_query('users[*].name')}}"
#- set_fact:
#OCI_users : "{{result | json_query('users[*].name')}}"
|
---
- name : Instance playbook
connection: local
hosts: localhost
tasks:
- name: get details of all instances for provided compartment and availability domain
oci_instance_facts:
# compartment is labops
compartment_id: "ocid1.compartment.oc1..aaaaaaa....j7mld4ffpyyra"
availability_domain: "DSdu:US-ASHBURN-AD-2"
# need for showing output
register: result
- name: Dump result
debug:
#msg: '{{result}}'
msg: "{{result | json_query('instances[*].display_name')}}"
|
---
- name : Shapes playbook
connection: local
hosts: localhost
tasks:
- name: List all OCI shapes in LV tenancy
oci_shape_facts:
compartment_id: "ocid1.tenancy.oc1..aaaaa..........prugdvqydygfq"
# need for showing output
register: result
- name: Dump result
debug:
msg: '{{result}}'
|
---
- name : VCN playbook
connection: local
hosts: localhost
tasks:
- name: List all VCN in Networks compartment
oci_vcn_facts:
# Networks compartment
compartment_id: "ocid1.compartment.oc1..aaaaaa.........4x6leabhnmeibiq"
# need for showing output
register: result
- name: Dump result
debug:
msg: '{{result}}'
|
---
- name : Block Volume playbook
connection: local
hosts: localhost
tasks:
- name: List all volumes for an availability domain and compartment
oci_volume_facts:
availability_domain: DSdu:US-ASHBURN-AD-2
# labops compartment
compartment_id: "ocid1.compartment.oc1..aaaaa.....7mld4ffpyyra"
# need for showing output
register: result
- name: Dump result
debug:
msg: '{{result}}'
|
---
- name : Region playbook
connection: local
hosts: localhost
tasks:
- name: List details of all offered regions
oci_region_facts:
# tenancy can be commented out
#tenancy: "ocid1.tenancy.oc1..aaa.....oprugdvqydygfq"
# need for showing output
register: result
- name: Dump result
debug:
msg: '{{result | json_query("regions")}}' # filter only regions
#msg: '{{result}}' # show everything
|
ansible-playbook -vvv <playbook_name> --check |
ansible-playbook -vvv <playbook_name> |