From 4e77410f2cbd3d06c29242d9bf4ffc47e67d0bf4 Mon Sep 17 00:00:00 2001 From: W Date: Fri, 15 Sep 2023 11:43:46 +0100 Subject: [PATCH 01/19] oasys db pull from azure oasys db pull from azure --- ansible/group_vars/server_type_oasys_db.yml | 1 + .../tasks/standby_download_backup.yml | 9 ++++++ .../templates/update-db-az-sas-token.sh.j2 | 28 +++++++++++++++++++ 3 files changed, 38 insertions(+) create mode 100644 ansible/roles/oracle-db-standby-setup/templates/update-db-az-sas-token.sh.j2 diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index 081e8f660..a1f19b055 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -24,6 +24,7 @@ roles_list: - amazon-cli # - hugepages has issues - disks + - amazon-cli - azcopy - oracle-19c - oracle-secure-backup diff --git a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml index 48e717b2c..b0c587d9a 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml @@ -30,6 +30,15 @@ become_user: oracle when: db_primary.s3_bucket is defined and not ansible_check_mode + - name: Add generate sas token script + ansible.builtin.template: + src: "update-db-az-sas-token.sh.j2" + dest: "{{ {{ adhoc_backup_dir }} }}/update-db-az-sas-token.sh" + owner: oracle + group: oinstall + mode: 0755 + when: db_primary.storage_account_name is defined and not ansible_check_mode + - name: Download backup from Azure Storage Account ansible.builtin.shell: | set -eo pipefail diff --git a/ansible/roles/oracle-db-standby-setup/templates/update-db-az-sas-token.sh.j2 b/ansible/roles/oracle-db-standby-setup/templates/update-db-az-sas-token.sh.j2 new file mode 100644 index 000000000..6a11a794c --- /dev/null +++ b/ansible/roles/oracle-db-standby-setup/templates/update-db-az-sas-token.sh.j2 @@ -0,0 +1,28 @@ +#!/bin/bash +set -e + +application={{application}} +environment={{aws_environment}} +db_name=$(hostname) +expiry=$(date -d "60 days" +%Y-%m-%d) # default 60 days + +if [[ -z $environment || -z $db_name || -z $expiry ]]; then + echo "Usage: $0 " + echo + echo "e.g. $0 $environment t1-$application-db-a 2023-04-15" + echo + echo "Prereq: az logged in aws profile creds set" + echo "Note: use a short expiry" + exit 1 +fi + +if [[ $environment == "development" || $environment == "test" ]]; then + az_sas_token=$(az storage account generate-sas --subscription "NOMS Dev & Test Environments" --account-name strtcmonsazcopyorabkup --permissions rl --resource-types oc --services b --https-only --expiry "$expiry" | sed 's/"//g') +elif [[ $environment == "preproduction" || $environment == "production" ]]; then + az_sas_token=$(az storage account generate-sas --subscription "NOMS Production 1" --account-name strpdnomsazcopyorabkup --permissions rl --resource-types oc --services b --https-only --expiry "$expiry" | sed 's/"//g') +else + echo "Unexpected environment $environment" + exit 1 +fi +SSM_PATH="/database/$db_name" +aws ssm put-parameter --name "${SSM_PATH}/az_sas_token" --type "SecureString" --data-type "text" --value "$az_sas_token" --profile "$application-$environment" --overwrite From 502a800ced8317f5286b2f158cf27a772c1c1997 Mon Sep 17 00:00:00 2001 From: W Date: Fri, 15 Sep 2023 12:29:46 +0100 Subject: [PATCH 02/19] .. --- ansible/roles/azure-cli/README.md | 1 + ansible/roles/azure-cli/defaults/main.yml | 5 +++++ ansible/roles/azure-cli/handlers/main.yml | 1 + ansible/roles/azure-cli/tasks/install-rhel.yml | 13 +++++++++++++ ansible/roles/azure-cli/tasks/main.yml | 7 +++++++ 5 files changed, 27 insertions(+) create mode 100644 ansible/roles/azure-cli/README.md create mode 100644 ansible/roles/azure-cli/defaults/main.yml create mode 100644 ansible/roles/azure-cli/handlers/main.yml create mode 100644 ansible/roles/azure-cli/tasks/install-rhel.yml create mode 100644 ansible/roles/azure-cli/tasks/main.yml diff --git a/ansible/roles/azure-cli/README.md b/ansible/roles/azure-cli/README.md new file mode 100644 index 000000000..65dff955e --- /dev/null +++ b/ansible/roles/azure-cli/README.md @@ -0,0 +1 @@ +Installs az cli \ No newline at end of file diff --git a/ansible/roles/azure-cli/defaults/main.yml b/ansible/roles/azure-cli/defaults/main.yml new file mode 100644 index 000000000..dc56db951 --- /dev/null +++ b/ansible/roles/azure-cli/defaults/main.yml @@ -0,0 +1,5 @@ +--- +azure_package_name: azure-cli + +repo_key_url: https://packages.microsoft.com/keys/microsoft.asc +yum_repo_baseurl: https://packages.microsoft.com/yumrepos/azure-cli diff --git a/ansible/roles/azure-cli/handlers/main.yml b/ansible/roles/azure-cli/handlers/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/ansible/roles/azure-cli/handlers/main.yml @@ -0,0 +1 @@ +--- diff --git a/ansible/roles/azure-cli/tasks/install-rhel.yml b/ansible/roles/azure-cli/tasks/install-rhel.yml new file mode 100644 index 000000000..4be982649 --- /dev/null +++ b/ansible/roles/azure-cli/tasks/install-rhel.yml @@ -0,0 +1,13 @@ +--- +- name: Create the YUM repository + yum_repository: + name: "{{ azure_package_name }}" + baseurl: "{{ yum_repo_baseurl }}" + gpgkey: "{{ repo_key_url }}" + gpgcheck: yes + enabled: yes + +- name: Install the application package (RedHat) + package: + name: "{{ azure_package_name }}" + state: present diff --git a/ansible/roles/azure-cli/tasks/main.yml b/ansible/roles/azure-cli/tasks/main.yml new file mode 100644 index 000000000..eb070e118 --- /dev/null +++ b/ansible/roles/azure-cli/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- import_tasks: install-rhel.yml + tags: + - amibuild + - ec2provision + - ec2patch + when: ansible_distribution in ['RedHat', 'OracleLinux'] From 3af6f35a65dc8f46a074b44978652243377b3e01 Mon Sep 17 00:00:00 2001 From: W Date: Fri, 15 Sep 2023 13:13:37 +0100 Subject: [PATCH 03/19] Update server_type_oasys_db.yml --- ansible/group_vars/server_type_oasys_db.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index a1f19b055..e982db6d4 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -24,7 +24,7 @@ roles_list: - amazon-cli # - hugepages has issues - disks - - amazon-cli + - azure-cli - azcopy - oracle-19c - oracle-secure-backup From 78404a05641649890208334d1e9585f50de0364e Mon Sep 17 00:00:00 2001 From: W Date: Fri, 15 Sep 2023 13:38:37 +0100 Subject: [PATCH 04/19] .. --- ansible/roles/azure-cli/defaults/main.yml | 2 +- ansible/roles/azure-cli/tasks/install-rhel.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ansible/roles/azure-cli/defaults/main.yml b/ansible/roles/azure-cli/defaults/main.yml index dc56db951..cdaa08eac 100644 --- a/ansible/roles/azure-cli/defaults/main.yml +++ b/ansible/roles/azure-cli/defaults/main.yml @@ -1,5 +1,5 @@ --- azure_package_name: azure-cli - +yum_repo_description: Microsoft Azure CLI repo_key_url: https://packages.microsoft.com/keys/microsoft.asc yum_repo_baseurl: https://packages.microsoft.com/yumrepos/azure-cli diff --git a/ansible/roles/azure-cli/tasks/install-rhel.yml b/ansible/roles/azure-cli/tasks/install-rhel.yml index 4be982649..6d1f5e2e7 100644 --- a/ansible/roles/azure-cli/tasks/install-rhel.yml +++ b/ansible/roles/azure-cli/tasks/install-rhel.yml @@ -2,6 +2,7 @@ - name: Create the YUM repository yum_repository: name: "{{ azure_package_name }}" + description: "{{ yum_repo_description }}" baseurl: "{{ yum_repo_baseurl }}" gpgkey: "{{ repo_key_url }}" gpgcheck: yes From dc35ee548604d89cb69431a657ebc0341a442322 Mon Sep 17 00:00:00 2001 From: W Date: Fri, 15 Sep 2023 14:06:04 +0100 Subject: [PATCH 05/19] Update standby_download_backup.yml --- .../oracle-db-standby-setup/tasks/standby_download_backup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml index b0c587d9a..039718717 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml @@ -33,7 +33,7 @@ - name: Add generate sas token script ansible.builtin.template: src: "update-db-az-sas-token.sh.j2" - dest: "{{ {{ adhoc_backup_dir }} }}/update-db-az-sas-token.sh" + dest: "/usr/local/bin/update-db-az-sas-token.sh" owner: oracle group: oinstall mode: 0755 From 50f57007382acb282f003b5fd5a0fcb0d7286eaa Mon Sep 17 00:00:00 2001 From: W Date: Fri, 15 Sep 2023 16:45:21 +0100 Subject: [PATCH 06/19] Update environment_name_oasys_development.yml --- ansible/group_vars/environment_name_oasys_development.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ansible/group_vars/environment_name_oasys_development.yml b/ansible/group_vars/environment_name_oasys_development.yml index 904262631..ee029209e 100644 --- a/ansible/group_vars/environment_name_oasys_development.yml +++ b/ansible/group_vars/environment_name_oasys_development.yml @@ -9,3 +9,6 @@ dns_search_domains: - hmpps-oem.hmpps-development.modernisation-platform.internal - azure.noms.root s3_bucket: devtest-oasys-20230411143832198800000001 + + +db_backup_s3_bucket_name: devtest-oasys-db-backup-bucket-20230721145548176300000001 \ No newline at end of file From 3bc1c6413780645a12851d0b8e07a6a3bf556c81 Mon Sep 17 00:00:00 2001 From: W Date: Tue, 19 Sep 2023 12:54:09 +0100 Subject: [PATCH 07/19] Update server_type_oasys_db.yml --- ansible/group_vars/server_type_oasys_db.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index e982db6d4..3eaf5b99b 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -27,6 +27,7 @@ roles_list: - azure-cli - azcopy - oracle-19c + - oracle-db-standby-setup # remove after testing - oracle-secure-backup - oracle-db-backup From 20dc7a7342960542b27162e71d67649368574e00 Mon Sep 17 00:00:00 2001 From: W Date: Tue, 19 Sep 2023 13:25:10 +0100 Subject: [PATCH 08/19] Update server_type_oasys_db.yml --- ansible/group_vars/server_type_oasys_db.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index 3eaf5b99b..0fe875e33 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -27,7 +27,7 @@ roles_list: - azure-cli - azcopy - oracle-19c - - oracle-db-standby-setup # remove after testing + # - oracle-db-standby-setup should only be run on a standby? - oracle-secure-backup - oracle-db-backup From 0f1bad83dbe50467324e8c6d1536f1442f06e0f3 Mon Sep 17 00:00:00 2001 From: W Date: Tue, 19 Sep 2023 13:27:18 +0100 Subject: [PATCH 09/19] .. --- ansible/group_vars/server_type_oasys_db.yml | 2 +- .../oracle-db-standby-setup/tasks/standby_download_backup.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index 0fe875e33..0b66f61b0 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -27,7 +27,7 @@ roles_list: - azure-cli - azcopy - oracle-19c - # - oracle-db-standby-setup should only be run on a standby? + - oracle-db-standby-setup # manually run on a standby - oracle-secure-backup - oracle-db-backup diff --git a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml index 039718717..d78eaffa1 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml @@ -37,7 +37,7 @@ owner: oracle group: oinstall mode: 0755 - when: db_primary.storage_account_name is defined and not ansible_check_mode + # when: db_primary.storage_account_name is defined and not ansible_check_mode - name: Download backup from Azure Storage Account ansible.builtin.shell: | From 186b7f765eeec6cc026d5a89434f9c47728012f8 Mon Sep 17 00:00:00 2001 From: W Date: Tue, 19 Sep 2023 13:29:02 +0100 Subject: [PATCH 10/19] Update standby_download_backup.yml --- .../oracle-db-standby-setup/tasks/standby_download_backup.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml index d78eaffa1..65cb33847 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml @@ -37,7 +37,6 @@ owner: oracle group: oinstall mode: 0755 - # when: db_primary.storage_account_name is defined and not ansible_check_mode - name: Download backup from Azure Storage Account ansible.builtin.shell: | From 36f455e121da85ed80ccc31d11bf9f5f7d02b8ba Mon Sep 17 00:00:00 2001 From: W Date: Tue, 19 Sep 2023 14:06:24 +0100 Subject: [PATCH 11/19] .. --- .../tasks/prepare_primary_for_standby.yml | 8 ++++++++ .../tasks/standby_download_backup.yml | 8 -------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml b/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml index 656a3046c..37597304b 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml @@ -1,6 +1,14 @@ --- - name: Setup Primary database for HA block: + - name: Add generate sas token script + ansible.builtin.template: + src: "update-db-az-sas-token.sh.j2" + dest: "/usr/local/bin/update-db-az-sas-token.sh" + owner: oracle + group: oinstall + mode: 0755 + - name: Copy setup files for execution ansible.builtin.template: src: "{{ item }}.j2" diff --git a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml index 65cb33847..48e717b2c 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/standby_download_backup.yml @@ -30,14 +30,6 @@ become_user: oracle when: db_primary.s3_bucket is defined and not ansible_check_mode - - name: Add generate sas token script - ansible.builtin.template: - src: "update-db-az-sas-token.sh.j2" - dest: "/usr/local/bin/update-db-az-sas-token.sh" - owner: oracle - group: oinstall - mode: 0755 - - name: Download backup from Azure Storage Account ansible.builtin.shell: | set -eo pipefail From 9478cdc95a8fcc6c7c019477e59b4d91262d2f97 Mon Sep 17 00:00:00 2001 From: W Date: Tue, 19 Sep 2023 16:01:27 +0100 Subject: [PATCH 12/19] .. --- ansible/roles/oracle-db-standby-setup/tasks/main.yml | 8 ++++++++ .../tasks/prepare_primary_for_standby.yml | 10 +--------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/roles/oracle-db-standby-setup/tasks/main.yml b/ansible/roles/oracle-db-standby-setup/tasks/main.yml index 4df9dc9fc..01fee19fe 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/main.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/main.yml @@ -18,6 +18,14 @@ - always when: db_primary_name is defined and db_standby_name is defined +- name: Add generate sas token script + ansible.builtin.template: + src: "update-db-az-sas-token.sh.j2" + dest: "/usr/local/bin/update-db-az-sas-token.sh" + owner: oracle + group: oinstall + mode: 0755 + - import_tasks: prepare_primary_for_standby.yml tags: - oracle-db-standby-setup-on-primary diff --git a/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml b/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml index 37597304b..0f21745fb 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml @@ -1,14 +1,6 @@ --- - name: Setup Primary database for HA - block: - - name: Add generate sas token script - ansible.builtin.template: - src: "update-db-az-sas-token.sh.j2" - dest: "/usr/local/bin/update-db-az-sas-token.sh" - owner: oracle - group: oinstall - mode: 0755 - + block: - name: Copy setup files for execution ansible.builtin.template: src: "{{ item }}.j2" From f8d0693a783e388cd1b2e2d98d3271711859c6ba Mon Sep 17 00:00:00 2001 From: W Date: Tue, 19 Sep 2023 16:45:08 +0100 Subject: [PATCH 13/19] Update server_type_oasys_db.yml --- ansible/group_vars/server_type_oasys_db.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index 0b66f61b0..6a8db17cd 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -25,6 +25,7 @@ roles_list: # - hugepages has issues - disks - azure-cli + - amazon-cli - azcopy - oracle-19c - oracle-db-standby-setup # manually run on a standby From 8b7a6cb0ee3e36cded4aa6465f42872b3c0ad2f0 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 25 Sep 2023 12:52:30 +0000 Subject: [PATCH 14/19] Commit changes made by code formatters --- ansible/group_vars/environment_name_oasys_development.yml | 3 +-- .../tasks/prepare_primary_for_standby.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/ansible/group_vars/environment_name_oasys_development.yml b/ansible/group_vars/environment_name_oasys_development.yml index ee029209e..dbd0e1895 100644 --- a/ansible/group_vars/environment_name_oasys_development.yml +++ b/ansible/group_vars/environment_name_oasys_development.yml @@ -10,5 +10,4 @@ dns_search_domains: - azure.noms.root s3_bucket: devtest-oasys-20230411143832198800000001 - -db_backup_s3_bucket_name: devtest-oasys-db-backup-bucket-20230721145548176300000001 \ No newline at end of file +db_backup_s3_bucket_name: devtest-oasys-db-backup-bucket-20230721145548176300000001 diff --git a/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml b/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml index 0f21745fb..656a3046c 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/prepare_primary_for_standby.yml @@ -1,6 +1,6 @@ --- - name: Setup Primary database for HA - block: + block: - name: Copy setup files for execution ansible.builtin.template: src: "{{ item }}.j2" From 344be0a425b279ab2e0c7630aba587cb833308e5 Mon Sep 17 00:00:00 2001 From: W Date: Mon, 25 Sep 2023 15:25:23 +0100 Subject: [PATCH 15/19] .. --- ansible/group_vars/server_type_oasys_db.yml | 17 +++++++++++++++++ ansible/roles/oracle-19c/tasks/prereqs.yml | 8 ++++++++ .../templates/update-db-az-sas-token.sh.j2 | 0 .../oracle-db-standby-setup/tasks/main.yml | 8 -------- 4 files changed, 25 insertions(+), 8 deletions(-) rename ansible/roles/{oracle-db-standby-setup => oracle-19c}/templates/update-db-az-sas-token.sh.j2 (100%) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index 6a8db17cd..6fc588913 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -78,3 +78,20 @@ oracle_install_group: oinstall oracle_inventory: /u01/app/oraInventory database_home: /u01/app/oracle/product/19c/db_1 grid_home: /u01/app/oracle/product/19c/gridhome_1 + + + + +# preprod oasys in aws needs to +# grab db backups from prod storage account strpdnomsazcopyorabkup on a weekly basis +# so need: +(deps) + az login, cli + az creds as ssm params + aws cli + +(do weekly) +az login +generate sas token for strpdnomsazcopyorabkup and put as ssm param (update db az sas token script does this) +download backup +probably some oracle command? diff --git a/ansible/roles/oracle-19c/tasks/prereqs.yml b/ansible/roles/oracle-19c/tasks/prereqs.yml index 1943399cb..2532730e1 100644 --- a/ansible/roles/oracle-19c/tasks/prereqs.yml +++ b/ansible/roles/oracle-19c/tasks/prereqs.yml @@ -37,6 +37,14 @@ msg: "Please define disks_partition variable with oracle_group and oracle_label defined with at least one data disk" when: oracle_data_diskgroup|length == 0 +- name: Add generate sas token script + ansible.builtin.template: + src: "update-db-az-sas-token.sh.j2" + dest: "/usr/local/bin/update-db-az-sas-token.sh" + owner: oracle + group: oinstall + mode: 0755 + - name: Fail when flash disks are not defined fail: msg: "Please define disks_partition variable with oracle_group and oracle_label defined with at least one flash disk" diff --git a/ansible/roles/oracle-db-standby-setup/templates/update-db-az-sas-token.sh.j2 b/ansible/roles/oracle-19c/templates/update-db-az-sas-token.sh.j2 similarity index 100% rename from ansible/roles/oracle-db-standby-setup/templates/update-db-az-sas-token.sh.j2 rename to ansible/roles/oracle-19c/templates/update-db-az-sas-token.sh.j2 diff --git a/ansible/roles/oracle-db-standby-setup/tasks/main.yml b/ansible/roles/oracle-db-standby-setup/tasks/main.yml index 01fee19fe..4df9dc9fc 100644 --- a/ansible/roles/oracle-db-standby-setup/tasks/main.yml +++ b/ansible/roles/oracle-db-standby-setup/tasks/main.yml @@ -18,14 +18,6 @@ - always when: db_primary_name is defined and db_standby_name is defined -- name: Add generate sas token script - ansible.builtin.template: - src: "update-db-az-sas-token.sh.j2" - dest: "/usr/local/bin/update-db-az-sas-token.sh" - owner: oracle - group: oinstall - mode: 0755 - - import_tasks: prepare_primary_for_standby.yml tags: - oracle-db-standby-setup-on-primary From 102135935b087d813d88d18cd25062a9634b4f9f Mon Sep 17 00:00:00 2001 From: W Date: Mon, 25 Sep 2023 15:49:08 +0100 Subject: [PATCH 16/19] Update server_type_oasys_db.yml --- ansible/group_vars/server_type_oasys_db.yml | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index 6fc588913..1faa154bf 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -79,19 +79,3 @@ oracle_inventory: /u01/app/oraInventory database_home: /u01/app/oracle/product/19c/db_1 grid_home: /u01/app/oracle/product/19c/gridhome_1 - - - -# preprod oasys in aws needs to -# grab db backups from prod storage account strpdnomsazcopyorabkup on a weekly basis -# so need: -(deps) - az login, cli - az creds as ssm params - aws cli - -(do weekly) -az login -generate sas token for strpdnomsazcopyorabkup and put as ssm param (update db az sas token script does this) -download backup -probably some oracle command? From 900c9f9a39e413bb54a67024882fed9fa1f894c8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 25 Sep 2023 14:50:33 +0000 Subject: [PATCH 17/19] Commit changes made by code formatters --- ansible/group_vars/server_type_oasys_db.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index 1faa154bf..6a8db17cd 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -78,4 +78,3 @@ oracle_install_group: oinstall oracle_inventory: /u01/app/oraInventory database_home: /u01/app/oracle/product/19c/db_1 grid_home: /u01/app/oracle/product/19c/gridhome_1 - From 5609088c28dd2690e36d39e499351e45b48f6918 Mon Sep 17 00:00:00 2001 From: W Date: Tue, 26 Sep 2023 12:03:01 +0100 Subject: [PATCH 18/19] .. --- ansible/group_vars/server_type_oasys_db.yml | 3 +-- ansible/roles/amazon-cli/tasks/install-rhel.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/ansible/group_vars/server_type_oasys_db.yml b/ansible/group_vars/server_type_oasys_db.yml index 6a8db17cd..141a752ae 100644 --- a/ansible/group_vars/server_type_oasys_db.yml +++ b/ansible/group_vars/server_type_oasys_db.yml @@ -25,10 +25,9 @@ roles_list: # - hugepages has issues - disks - azure-cli - - amazon-cli - azcopy - oracle-19c - - oracle-db-standby-setup # manually run on a standby + # - oracle-db-standby-setup # manually run on a standby - oracle-secure-backup - oracle-db-backup diff --git a/ansible/roles/amazon-cli/tasks/install-rhel.yml b/ansible/roles/amazon-cli/tasks/install-rhel.yml index 4d11c14be..a3b0ce263 100644 --- a/ansible/roles/amazon-cli/tasks/install-rhel.yml +++ b/ansible/roles/amazon-cli/tasks/install-rhel.yml @@ -30,7 +30,7 @@ - name: Run aws cli installer shell: | - {{ awscli_installer_dir }}/aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli --update + {{ awscli_installer_dir }}/aws/install --bin-dir /bin --install-dir /usr/local/aws-cli --update - name: Cleanup installer files ansible.builtin.file: From 720e00624a6d6a1f63eeed2e0468f6506e2c3a64 Mon Sep 17 00:00:00 2001 From: W Date: Tue, 26 Sep 2023 14:57:20 +0100 Subject: [PATCH 19/19] Update update-db-az-sas-token.sh.j2 --- ansible/roles/oracle-19c/templates/update-db-az-sas-token.sh.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/oracle-19c/templates/update-db-az-sas-token.sh.j2 b/ansible/roles/oracle-19c/templates/update-db-az-sas-token.sh.j2 index 6a11a794c..62f1de5f4 100644 --- a/ansible/roles/oracle-19c/templates/update-db-az-sas-token.sh.j2 +++ b/ansible/roles/oracle-19c/templates/update-db-az-sas-token.sh.j2 @@ -3,7 +3,7 @@ set -e application={{application}} environment={{aws_environment}} -db_name=$(hostname) +db_name={{ ec2.tags["Name"] }} expiry=$(date -d "60 days" +%Y-%m-%d) # default 60 days if [[ -z $environment || -z $db_name || -z $expiry ]]; then