Oracle Cloud Infrastructure Documentation

Sample Ansible Playbooks

Provided here is a catalog of sample Ansible playbooks for Oracle Cloud Infrastructure that illustrate how to carry out common infrastructure provisioning and configuration tasks. The samples are organized in groups associated with Oracle Cloud Infrastructure services:

  • Block Volume
  • Compute
  • Container Engine for Kubernetes
  • Database
  • File Storage
  • IAM
  • Load Balancing
  • Object Storage
  • Deployment Solution (MongoDB)

You find a brief description of each playbook in the sections that follow, along with links to each sample on the Oracle GitHub repository. Begin by reviewing the Readme.md file that you find in each playbook's root directory.

Block Volume

Attach a Block Volume to a Compute Instance

This sample playbook shows how to attach a block volume to a compute instance using the iSCSI volume attachment type, and then connect it to the compute instance using iscsiadm. The sample shows how to do the following:

  • Generate a temporary, host-specific SSH key pair.
  • Specify the public key from the key pair for connecting to the instance, and then launch the instance.
  • Create a new Block Volume for the instance, attach the volume to the instance, and specify iSCSI as the volume attachment type.
  • Connect to and then mount the volume from the compute instance by executing iscsiadm commands over SSH using an Ansible module.

Go to the sample on Oracle GitHub.

Compute

Launch a Compute Instance

This sample playbook shows how to launch a public Compute instance and then access the instance from an Ansible module over an SSH connection. The sample illustrates how to do the following:

  • Generate a temporary, host-specific SSH key pair.
  • Specify the public key from the key pair for connecting to the instance, and then launch the instance.
  • Connect to the newly launched instance using SSH.

Go to the sample on Oracle GitHub.

Use NAT to Enable Internet Access from a Compute Instance

This sample playbook shows how to enable internet access from a Compute instance in a private subnet. The example uses a network address translation (NAT) instance in a public subnet through an Ansible module. The sample illustrates how to do the following:

Note

For guidance setting up the network topology to support a NAT instance, see the white paper NAT Instance Configuration: Enabling Internet Access for Private Subnets. See also Tutorial: Automatically Set Up a NAT Instance in Oracle Cloud Infrastructure with Terraform.

  • Set up the applicable network topology, including creating the VCN, internet gateway, public and private subnets, and required security lists and route rules.
  • Provision a NAT instance in the public subnet, and a private instance in the private subnet.
  • Enable outbound internet access for the private instance through the NAT instance on the public subnet.

Go to the sample on Oracle GitHub.

Enable Internet Access from a Compute Instance using the Oracle Cloud Infrastructure NAT Gateway

This sample is similar to the previous sample except that while the previous sample configures a compute instance to operate as a NAT Gateway, the present sample employes the Oracle Cloud Infrastructure NAT Gateway service.

Note

For more information about the Oracle Cloud Infrastructure NAT Gateway service, see NAT Gateway. For a blog post discussing how to use the Oracle Cloud Infrastructure NAT Gateway, see Access Resources on the Public Internet Through an Oracle Cloud Infrastructure NAT Gateway.

The sample show how to complete the following:

  • Set up the VCN, the NAT Gateway, the Internet Gateway, the public and private subnets, and the necessary security lists and route rules.
  • Provision a bastion instance in the public subnet and a private instance in the private subnet.

Once set up, the private instance will have outbound Internet access through the Oracle Cloud Infrastructure NAT Gateway, and will be accessible using SSH from the bastion instance.

Go to the sample on Oracle GitHub

Create an Instance Pool

This sample shows how to manage your Compute instances using resources such as instance configurations and instance pools that are provided using Oracle Cloud Infrastructure Ansible modules. Instance pools help you create and provision multiple Compute instances within the same region based on a single instance configuration.

The sample illustrated completing the following tasks:

  • Generate a temporary, host-specific SSH key pair.
  • From the SSH key pair, specify the public key for connecting to the instance during launch.
  • Create an instance configuration that defines settings for creating a Compute instance as part of the instance pool. The configuration provides details such as base image, shape, and metadata.
  • Demonstrates how the Compute instances based on the instance configuration can be launched using instance pools.
  • Connect to one of the Compute instances using SSH.

Go to the sample on Oracle GitHub

Create Instance Console Connections and Capture Console History

This sample shows you can create VNC and serial console connections to a Compute instance, and how you can fetch and capture the serial Console data from the instance. For more information about Console connections, see Instance Console Connections.

This sample illustrates completing the following tasks:

  • Generate a temporary SSH key pair for the serial Console connection.
  • Create an instance Console connection for a Compute instance.
  • Capture serial Console data for a Compute instance, and then save the data to a local machine so you can troubleshoot and debug issues.

Go to the sample on Oracle GitHub

Access Object Storage from a Private Instance Using Service Gateway

This sample playbook hows how you can enable private access to anObject Storage from a Compute instance using a service gateway.

Note

For more information about service gateways, see Access to Oracle Services: Service Gateway. To read a blog post discussing how to connect Compute instances using the service gateway, see Connect Private Instances with Oracle Services Through an Oracle Cloud Infrastructure Service Gateway.

The sample shows how to complete the following tasks:

  • Set up a user, group, and policies required for managing buckets.
  • Create and upload the required API keys to the user.
  • Set up the VCN, the NAT gateway, the Internet gateway, the public and private subnets, as well as the required security lists and route tables. Note that a bastion instance is provisioned in the public subnet, and a private instance is provisioned in the private subnet.
  • Provision a Compute instance in the private subnet,
  • Install the Oracle Cloud Infrastructure command line interface (CLI) and configure the CLI using the cloud init script.
  • Disable the NAT gateway to restrict public access to the private instance.
  • Create a bucket from the private instance using the Oracle Cloud Infrastructure CLI, then verify that the bucket is created.

Following this setup, the private instnace will have private access to Object Storage.

Go to the sample on Oracle GitHub

Container Engine for Kubernetes

Create a Cluster Using Container Engine for Kubernetes

This sample playbook uses Container Engine for Kubernetes (OKE) to create a cluster and deploys a sample application on the cluster. This sample complements an existing example, Creating a Cluster with Oracle Cloud Infrastructure Container Engine for Kubernetes.

This sample illustrates how to do the following:

  • Creates and configures a VCN and related resources required for setting up an OKE cluster.
  • Creates a cluster.
  • Creates a node pool.
  • Downloads the kubeconfig file for the cluster.
  • Deploys a sample application on the cluster.
  • Verifies a successful deployment.

Go to the sample on Oracle GitHub.

Database

Bare Metal/VM Database Provisioning

This sample playbook shows how to retrieve the public and private IP addresses of a database system node so that you can access it through an Ansible module. The sample illustrates how to do the following:

  • Collect database node VNIC information for a specified database.
  • Extract public and private IP addresses of the database node from the VNIC.

Go to the sample on Oracle GitHub.

Autonomous Data Warehouse

This sample playbook shows how to create an Autonomous Data Warehouse and manage its lifecycle. The sample shows how to do the following:

  • Set up an Autonomous Data Warehouse.
  • List all of the Autonomous Data Warehouse instances available in a compartment, filtered by display name.
  • Get the "facts" for a specified Autonomous Data Warehouse.
  • Stop and start an Autonomous Data Warehouse instance.
  • Delete an Autonomous Data Warehouse instance.

Go to the sample on Oracle GitHub.

Autonomous Transaction Processing

This sample playbook shows how to create an Autonomous Transaction Processing database and manage its lifecycle. The sample shows how to do the following:

  • Set up an Autonomous Transaction Processing database instance.
  • List all of the Autonomous Transaction Processing instances in a compartment, filtered by display name.
  • Get the "facts" for a specified Autonomous Transaction Processing instance.
  • Delete an Autonomous Transaction Processing database instance.

Go to the sample on Oracle GitHub.

File Storage

Create and Mount a File System

The sample shows how to create a file system that you can access through an Oracle Cloud Infrastructure Compute instance using Ansible cloud modules. The sample illustrates completing the following tasks:

  • Creates network dependencies like VCNs, subnets, and so forth, as well as a security list that is configured as required by the File Systems service.
  • Generates the certificates required by the Compute instances.
  • Demonstrates how to create File Storage service components, such as mount targets, file systems, exports, and snapshots.
  • Demonstrates how to mount the file system using a Compute instance, and how to then access the file system content from a different Compute instance.

Go to the sample on Oracle GitHub

Multiple File Systems with Mount Targets

This sample shows how one you can export one file system using two different export paths located on two different mount targets. It also shows how a single mount target can export paths from two different file systems. The sample illustrates completing the following tasks:

  • Creates network dependencies like VCNs, subnets, and so forth, as well as a security list that is configured as required by the File Systems service.
  • Generates the certificates required by the Compute instances.
  • Demonstrates how to create File Storage service components, such as mount targets, file systems, exports, and snapshots.
  • Demonstrates how one file system can be exported onto two different mount targets.
  • Demonstrates how a single mount target can export paths from two different file systems.
  • Demonstrates how to mount the file system using an Oracle Cloud Infrastructure Compute instance.

Go to the sample on Oracle GitHub

IAM

Use Ansible Modules to Perform IAM Tasks

This sample shows how to perform basic identity and access management (IAM) tasks using Ansible modules. The sample also shows how to execute an Ansible playbook or execute individual tasks as a different user. The sample illustrates how to do the following:

  • Create groups (ObjectReaders and ObjectWriters).
  • Create an IAM policy the enables the following:
    • ObjectReaders to list and read buckets and objects.
    • ObjectWriters to create, update, list, and read buckets and objects in a specified compartment.
    • Assign the policy to groups.
  • Create users (alice and bob) and then do the following:
    • Add alice to the ObjectWriters group.
    • Add bob to the ObjectReaders group.
    • Run as alice to create a bucket, then upload objects to the bucket.
    • Run as bob to list all objects in a bucket.

Go to the sample on Oracle GitHub.

Load Balancing

This sample playbook shows how to create a public load balancer using an Ansible module. The sample illustrates the following:

  • Generating network-related artifacts, such as subnets and VCNs, for example.
  • Generating the required certificates for the load balancer.
  • Using an Ansible playbook to create a public load balancer.

Go to the sample on Oracle GitHub.

Object Storage

List Objects and Buckets

This sample playbook shows how to list all objects and buckets in a namespace.

Go to the sample on Oracle GitHub.

Delete Objects

This sample playbook shows how to delete objects created within a specified range of days from the specified the buckets. You can also modify the sample so it deletes objects older than a specified number of days, which helps you prune old or unwanted objects that are stored in the service.

Go to the sample on Oracle GitHub.

MongoDB Deployment

Use Ansible Modules to Deploy a MongoDB Database

This sample playbook shows how to deploy a MongoDB database in the securely in the cloud using Ansible modules. The sample implements security measures using the Castle strategy ("defense in depth"), which is discussed in the article Secure MongoDB on Oracle Bare Metal Cloud Services.

Go to the sample on Oracle GitHub.

Networking

Use Ansible Modules to Provision a VCN

This sample playbook shows how to provision a virtual cloud network (VCN) with two private subnets in different availability domains, and an IPSec VPN.The sample provisions infrastructure resources that are illustrated in the knowledge base article Scenario B: Private Subnet with a VPN. The sample provisions the following resources:

  • A VCN.
  • Two private subnets.
  • A dynamic routing gateway (DRG).
  • Customer premises equipment (CPE).
  • An IPSec connection between the DRG and the CPE, and retrieves IPSec configuration information and status.

Go to the sample on Oracle GitHub.