2018-03-15 Ansible Roles
Overview
I have accumulated several Ansible playbooks so far, and the complexity is starting to bite. I am now going to start using roles as the recommended way to manage the complexity.
References
Design
Roles Selected
I am going to start with three (3) roles:
Procedure
Create Roles
To create these roles, I run the following commands on AUBURN:
cd /etc/ansible/roles ansible-galaxy init common ansible-galaxy init oracle_user ansible-galaxy init oracle_gi
The output is:
douglas@auburn:/etc/ansible/roles$ ansible-galaxy init common - common was created successfully douglas@auburn:/etc/ansible/roles$ ansible-galaxy init oracle_user - oracle_user was created successfully douglas@auburn:/etc/ansible/roles$ ansible-galaxy init oracle_gi - oracle_gi was created successfully
Playbook for Oracle User Role
I created the main playbook for the oracle_user role in /etc/ansible/roles/oracle_user/tasks/main.yml with the following code:
--- # tasks file for oracle_user # ============================================================================= # (1) Creates the Oracle User through the Oracle pre-installation RPM # (2) Creates the installation directories # (3) Adds additional groups to the oracle user # (4) Mounts software directory on NFS # ============================================================================== - name: Set up ORACLE user block: - import_tasks: preinstall.yml - import_tasks: install_dir.yml - import_tasks: user_groups.yml - import_tasks: oracle_software_src.yml become: yes become_user: root ...
Here I use the block to apply the privilege escalation to all of the imported tasks.
Playbook for Oracle GI Role
I created the main playbook for the oracle_gi role in /etc/ansible/roles/oracle_gi/tasks/main.yml with the following code:
--- # tasks file for oracle_gi # ============================================================================= # (1) Install Oracle ASMLib Driver # (2) Configure Oracle ASMLib Driver # ============================================================================== - name: Install and configure Oracle ASMLib driver block: - import_tasks: gi_asm.yml - import_tasks: oracleasm.yml become: yes become_user: root ...
Here I use the block to apply the privilege escalation to all of the imported tasks.
Main Playbook
I created the main playbook for the oracle_user role in /etc/ansible/sites.yml with the following code:
--- - hosts: redfern1.yaocm.id.au roles: - oracle_user - oracle_gi ...
I did not include privilege escalation here because some future tasks will have to run as the oracle user.
Execute Main Playbook
The complete playbook, sites.yml, was executed as follows:
ansible-playbook --ask-become-pass sites.yml
The output was:
SUDO password: PLAY [redfern1.yaocm.id.au] **************************************************** TASK [Gathering Facts] ********************************************************* ok: [redfern1.yaocm.id.au] TASK [oracle_user : Install Oracle 12.1 pre-installation RPM] ****************** ok: [redfern1.yaocm.id.au] TASK [oracle_user : Creating the Oracle Home and Oracle Base Directory] ******** ok: [redfern1.yaocm.id.au] => (item=app/12.1.0/grid)ok: [redfern1.yaocm.id.au] => (item=app/grid)ok: [redfern1.yaocm.id.au] => (item=app/oracle) TASK [oracle_user : Add Oracle and Grid groups] ******************************** ok: [redfern1.yaocm.id.au] => (item={u'gid': 54321, u'name': u'oinstall'})ok: [redfern1.yaocm.id.au] => (item={u'gid': 54322, u'name': u'dba'})ok: [redfern1.yaocm.id.au] => (item={u'gid': 54323, u'name': u'oper'})ok: [redfern1.yaocm.id.au] => (item={u'gid': 54327, u'name': u'asmdba'})ok: [redfern1.yaocm.id.au] => (item={u'gid': 54328, u'name': u'asmoper'})ok: [redfern1.yaocm.id.au] => (item={u'gid': 54329, u'name': u'asmadmin'}) TASK [oracle_user : Set groups and password for Oracle user] ******************* ok: [redfern1.yaocm.id.au] TASK [oracle_user : Install NFS Utilities Software] **************************** ok: [redfern1.yaocm.id.au] TASK [oracle_user : Create Mount Point for Oracle Installation Software] ******* ok: [redfern1.yaocm.id.au] TASK [oracle_user : Mount NFS Share for Oracle Installation Software] ********** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : Install Oracle ASMLib RPM] *********************************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : Install other packages for ASM] ****************************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : Get Oracle ASMLib Driver Configuration] ********************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : debug] ******************************************************* skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Set Owner for Oracle ASMLib Driver] ************************** skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Set Group for Oracle ASMLib Driver] ************************** skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Enable Oracle ASMLib Driver] ********************************* skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Check Oracle ASMLib Driver Status] *************************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : debug] ******************************************************* skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Load and initialize Oracle ASMLib Driver] ******************** skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Verify Oracle ASMLib Driver is loaded and initialized] ******* ok: [redfern1.yaocm.id.au] TASK [oracle_gi : include_tasks] *********************************************** included: /etc/ansible/roles/oracle_gi/tasks/oracleasm_init_disk.yml for redfern1.yaocm.id.auincluded: /etc/ansible/roles/oracle_gi/tasks/oracleasm_init_disk.yml for redfern1.yaocm.id.auincluded: /etc/ansible/roles/oracle_gi/tasks/oracleasm_init_disk.yml for redfern1.yaocm.id.auincluded: /etc/ansible/roles/oracle_gi/tasks/oracleasm_init_disk.yml for redfern1.yaocm.id.auincluded: /etc/ansible/roles/oracle_gi/tasks/oracleasm_init_disk.yml for redfern1.yaocm.id.au TASK [oracle_gi : Query status of disk "/dev/xvdd1"] *************************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : debug] ******************************************************* skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Ensure that there is one partition that occupies whole disk "/dev/xvdd"] *** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : Initialize "/dev/xvdd1" as "DATA"] *************************** skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Query status of disk "/dev/xvde1"] *************************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : debug] ******************************************************* skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Ensure that there is one partition that occupies whole disk "/dev/xvde"] *** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : Initialize "/dev/xvde1" as "FRA"] **************************** skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Query status of disk "/dev/xvdf1"] *************************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : debug] ******************************************************* skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Ensure that there is one partition that occupies whole disk "/dev/xvdf"] *** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : Initialize "/dev/xvdf1" as "REDO1"] ************************** skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Query status of disk "/dev/xvdg1"] *************************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : debug] ******************************************************* skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Ensure that there is one partition that occupies whole disk "/dev/xvdg"] *** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : Initialize "/dev/xvdg1" as "REDO2"] ************************** skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Query status of disk "/dev/xvdh1"] *************************** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : debug] ******************************************************* skipping: [redfern1.yaocm.id.au] TASK [oracle_gi : Ensure that there is one partition that occupies whole disk "/dev/xvdh"] *** ok: [redfern1.yaocm.id.au] TASK [oracle_gi : Initialize "/dev/xvdh1" as "VOTE"] *************************** skipping: [redfern1.yaocm.id.au] PLAY RECAP ********************************************************************* redfern1.yaocm.id.au : ok=28 changed=0 unreachable=0 failed=0