├── .DS_Store ├── .gitattributes ├── .github └── CODEOWNERS ├── CODE_OF_CONDUCT.md ├── LICENSE ├── Oracle on Azure IaaS Recommended Practices for Success.pdf ├── README.md ├── SECURITY.md ├── SUPPORT.md ├── az-oracle-sizing ├── AWR Analysis template spreadsheet 20230620.xltx ├── AWR Sizing Instructions.pdf ├── README.md ├── awr_capture.sh ├── busiest_awr.sql ├── busiest_statspack.sql └── dbspace.sql ├── azbackup ├── README.md └── azbackup_verify.sh ├── levelup-oracle-database-at-azure ├── Module-1 │ └── Module-1-Final-for-Part-1.pptx ├── Module-2 │ └── Module-2-BCDR.pptx └── Module-4 │ ├── .gitattributes │ └── Application Monitoring and Oracle Database@Azure LevelUp Series.pptx ├── levelup-oracle-database-at-azure~b05c532c13db3562078fa1eaba4dbbf0a7e80f73 ├── levelup-oracle-on-iaas ├── lab1 │ ├── Lab1-Capacity Planning.pptx │ ├── awr │ │ ├── AWR_DBS.html │ │ ├── AWR_DBT.html │ │ ├── AWR_DBU.html │ │ ├── AWR_DBV.html │ │ ├── AWR_DBW.html │ │ ├── AWR_DBX.html │ │ ├── AWR_DBY.html │ │ ├── AWR_DBZ.html │ │ ├── Lab1-SampleReport.xlsm │ │ ├── dbspace_DBS.lst │ │ ├── dbspace_DBT.lst │ │ ├── dbspace_DBU.lst │ │ ├── dbspace_DBV.lst │ │ ├── dbspace_DBW.lst │ │ ├── dbspace_DBX.lst │ │ ├── dbspace_DBY.lst │ │ └── dbspace_DBZ.lst │ ├── media │ │ ├── omat_awr_details.png │ │ ├── omat_recommendation_filters.png │ │ ├── omat_recommended_nas_1.png │ │ ├── omat_recommended_nas_2.png │ │ ├── omat_recommended_nas_3.png │ │ ├── omat_recommended_vms_1.png │ │ ├── omat_recommended_vms_2.png │ │ ├── omat_recommended_vms_2_managed_disks.png │ │ ├── omat_recommended_vms_3.png │ │ ├── omat_recommended_vms_3_managed_disks.png │ │ ├── omat_settings_1.png │ │ ├── omat_settings_3.png │ │ ├── omat_summary_by_azurevm_1.png │ │ ├── omat_summary_by_azurevm_2.png │ │ ├── omat_summary_by_azurevm_3.png │ │ ├── omat_summary_by_db_1.png │ │ ├── omat_summary_by_db_2.png │ │ ├── omat_summary_by_dbinstance.png │ │ └── omat_summary_by_host.png │ └── readme.md ├── lab2 │ ├── CODE_OF_CONDUCT.md │ ├── LICENSE │ ├── README.md │ ├── SECURITY.md │ ├── SUPPORT.md │ ├── ansible │ │ └── bootstrap │ │ │ └── single_instance │ │ │ ├── README.md │ │ │ ├── ansible.cfg │ │ │ ├── group_vars │ │ │ └── all │ │ │ │ └── vars.yml │ │ │ ├── playbook.yml │ │ │ └── roles │ │ │ ├── common │ │ │ ├── defaults │ │ │ │ └── main.yaml │ │ │ └── tasks │ │ │ │ └── main.yaml │ │ │ ├── dbca │ │ │ ├── defaults │ │ │ │ └── main.yml │ │ │ ├── tasks │ │ │ │ └── main.yml │ │ │ └── templates │ │ │ │ ├── dbca.rsp.j2 │ │ │ │ └── dbora.j2 │ │ │ ├── grid │ │ │ ├── defaults │ │ │ │ └── main.yaml │ │ │ ├── tasks │ │ │ │ └── main.yaml │ │ │ ├── templates │ │ │ │ ├── bash_rc │ │ │ │ └── gridsetup.rsp.j2 │ │ │ └── vars │ │ │ │ └── main.yml │ │ │ └── oracle19c │ │ │ ├── defaults │ │ │ └── main.yml │ │ │ ├── tasks │ │ │ └── main.yml │ │ │ ├── templates │ │ │ └── db_install.rsp.j2 │ │ │ └── vars │ │ │ └── main.yml │ ├── docs │ │ ├── media │ │ │ ├── complete.jpg │ │ │ ├── fixtures.jpg │ │ │ ├── inventory.jpg │ │ │ ├── port2222.png │ │ │ ├── provisioned.jpg │ │ │ ├── publicip.jpg │ │ │ ├── run_command1.png │ │ │ ├── run_command2.png │ │ │ ├── single-instance-overview.png │ │ │ ├── single_vm.png │ │ │ ├── ssh-for-cloud-shell.jpg │ │ │ ├── sshport.jpg │ │ │ ├── test.jpg │ │ │ └── warnings.jpg │ │ └── wiki │ │ │ ├── ANSIBLE.md │ │ │ ├── CLONE.md │ │ │ ├── Contributing.md │ │ │ ├── FAQ.md │ │ │ ├── Home.md │ │ │ ├── KnownIssues.md │ │ │ ├── REVIEW_INFRA.md │ │ │ ├── TERRAFORM.md │ │ │ ├── TEST.md │ │ │ ├── Versioning.md │ │ │ └── WhatsNew.md │ ├── terraform │ │ └── bootstrap │ │ │ └── single_instance │ │ │ ├── README.md │ │ │ ├── backend.tf │ │ │ ├── images │ │ │ └── single_vm.png │ │ │ ├── module.tf │ │ │ ├── outputs.tf │ │ │ ├── providers.tf │ │ │ ├── transform.tf │ │ │ ├── variables.md │ │ │ ├── variables_global.tf │ │ │ └── variables_local.tf │ └── terraform_units │ │ └── modules │ │ ├── common_infrastructure │ │ ├── infrastructure.tf │ │ ├── outputs.tf │ │ ├── providers.tf │ │ ├── resource_lock.tf │ │ ├── role_assignments.tf │ │ ├── variables_global.tf │ │ └── variables_local.tf │ │ ├── compute │ │ ├── azure_extension_diagnostics_linux_syslogevents.json │ │ ├── diagnostic_settings.tf │ │ ├── outputs.tf │ │ ├── providers.tf │ │ ├── resource_lock.tf │ │ ├── role_assignments.tf │ │ ├── variable_global.tf │ │ ├── variable_local.tf │ │ ├── vm.tf │ │ └── vm_role_assignment.tf │ │ ├── network │ │ ├── diagnostic_settings.tf │ │ ├── nic.tf │ │ ├── nsg.tf │ │ ├── outputs.tf │ │ ├── providers.tf │ │ ├── resource_lock.tf │ │ ├── role_assignments.tf │ │ ├── subnet.tf │ │ ├── variables_global.tf │ │ ├── variables_local.tf │ │ └── vnet.tf │ │ └── storage │ │ ├── data_disk.tf │ │ ├── outputs.tf │ │ ├── providers.tf │ │ ├── resource_lock.tf │ │ ├── role_assignments.tf │ │ ├── variables_global.tf │ │ └── variables_local.tf ├── lab3 │ ├── CODE_OF_CONDUCT.md │ ├── LICENSE │ ├── SECURITY.md │ ├── SUPPORT.md │ ├── lab-images │ │ └── media │ │ │ ├── image1.png │ │ │ ├── image2.png │ │ │ ├── image3.png │ │ │ ├── image4.png │ │ │ ├── image5.png │ │ │ ├── image6.png │ │ │ ├── image7.png │ │ │ └── image8.png │ └── readme.md ├── lab4 │ ├── customscript.bicep │ ├── dep.sh │ ├── main.bicep │ ├── main.bicepparam │ ├── observer.sh │ ├── oravm.bicep │ ├── primary.sh │ ├── readme.md │ ├── scenarios.md │ ├── secondary.sh │ └── variables.txt └── readme.md ├── omat ├── README.md ├── media │ ├── data-awr-details.png │ ├── data-summary-by-db.png │ ├── recommendations-filters.png │ ├── recommendations-storage.png │ ├── recommendations-vms.png │ └── settings.png ├── omat.ps1 ├── readme ├── setup.ps1 └── template.xlsm ├── oradg ├── README.md ├── cr_oradg.sh └── cr_oradg_output.txt ├── orapcs ├── README.md ├── cr_orapcs.sh └── orapcs_output.txt └── oravm ├── README.md ├── cr_oravm.sh └── oravm_output.txt /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/.DS_Store -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | *.mp4 filter=lfs diff=lfs merge=lfs -text 2 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @Azure/lza-oracle-codeowners -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Microsoft Open Source Code of Conduct 2 | 3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). 4 | 5 | Resources: 6 | 7 | - [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/) 8 | - [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) 9 | - Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns 10 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) Microsoft Corporation. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE 22 | -------------------------------------------------------------------------------- /Oracle on Azure IaaS Recommended Practices for Success.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/Oracle on Azure IaaS Recommended Practices for Success.pdf -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Support for Oracle Database workloads within Azure Infrastructure-as-a-Service (IaaS) 2 | 3 | This repository contains sub-folders representing multiple separate projects... 4 | 5 | ### 1. az-oracle-sizing 6 | This project documents the method of sizing on-prem Oracle Database workloads for initial migration into Azure. Too often, people capture the number of CPUs, amount of RAM, and quantity of storage configured to the on-prem infrastructure, and then they configure Azure resources based on those metrics. Unfortunately, they don't know if the database was using all or just some of those allocated resources. We focus on capturing actual observed information for: 7 | 1) observed CPU utilization 8 | 2) observed memory utilization 9 | 3) observed I/O utilization 10 | 11 | ...from standard Oracle AWR (automatic workload repository) reports, preferably generated during peak workload periods. This project consists of documentation in PDF form, a sample MS-Excel spreadsheet for capturing the metrics needed from Oracle AWR reports. The spreadsheet has two worksheets, the first to capture AWR information, and the second to generate estimates for choosing compute and storage resources from Azure. This repository also holds an Oracle SQL\*Plus script named "dbspace.sql" which can be used to capture information not included in AWR reports, such as database size, table compression, volume of full and incremental RMAN backups, and daily volume of archived redo logs. 12 | 13 | ### 2. azbackup 14 | This project relates to app-consistent Oracle database backups using Azure Backup. Present is a bash-shell script for troubleshooting and training videos for configuring and restoring VMs supporting one or more Oracle database workloads. 15 | 16 | ### 3. oravm 17 | This project contains an "accelerator" script for automating the creation of a single VM with a running Oracle database with integration to Azure Backup configured. The bash-shell script "cr_oravm.sh" requires a subscription and a resource group as prerequisites, and within the resource group it builds a virtual net, a subnet, a network security group, as well as a VM with a NIC, public IP address, and storage using either premium SSD or Azure NetApp Files. All is built automatically in about 30-35 minutes. For more detailed information, please refer to the README within the folder. 18 | 19 | ### 4. oradg 20 | This project contains an "accelerator" script for automating the creation of an Oracle DataGuard primary and standby database, each on separate VMs in separate availability zones, as well as a third VM with the Oracle DataGuard Broker observer. The bash-shell script "cr_oradg.sh" requires a subscription and a resource group as prerequisites, and within the resource group it builds a virtual net, a subnet, a network security group, as well as three VMs with NICs, public IP addresses, and storage using premium SSD. Everything is built automatically in about 40 minutes. For more detailed information, please refer to the README within the folder. 21 | 22 | ### 5. orapcs 23 | This project contains an "accelerator" script for automating the creation of Linux Pacemaker/Corosync (PCS) HA cluster for an Oracle database, with a database on shared storage maintained by two VMs within the same availability set and proximity placement group in a single availability zone, as well as a third VM intended as an observer. The bash-shell script "cr_orapcs.sh" requires a subscription and a resource group as prerequisites, and within the resource group it builds a virtual net, a subnet, a network security group, as well as three VMs with NICs, public IP addresses, and storage using premium SSD. Everything is built automatically in about 40 minutes. For more detailed information, please refer to the README within the folder. 24 | 25 | ## Contributing 26 | 27 | This project welcomes contributions and suggestions. Most contributions require you to agree to a 28 | Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us 29 | the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com. 30 | 31 | When you submit a pull request, a CLA bot will automatically determine whether you need to provide 32 | a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions 33 | provided by the bot. You will only need to do this once across all repos using our CLA. 34 | 35 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). 36 | For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or 37 | contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. 38 | 39 | ## Trademarks 40 | 41 | This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft 42 | trademarks or logos is subject to and must follow 43 | [Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general). 44 | Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. 45 | Any use of third-party trademarks or logos are subject to those third-party's policies. 46 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ## Security 4 | 5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/). 6 | 7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below. 8 | 9 | ## Reporting Security Issues 10 | 11 | **Please do not report security vulnerabilities through public GitHub issues.** 12 | 13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report). 14 | 15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc). 16 | 17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 18 | 19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: 20 | 21 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) 22 | * Full paths of source file(s) related to the manifestation of the issue 23 | * The location of the affected source code (tag/branch/commit or direct URL) 24 | * Any special configuration required to reproduce the issue 25 | * Step-by-step instructions to reproduce the issue 26 | * Proof-of-concept or exploit code (if possible) 27 | * Impact of the issue, including how an attacker might exploit the issue 28 | 29 | This information will help us triage your report more quickly. 30 | 31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs. 32 | 33 | ## Preferred Languages 34 | 35 | We prefer all communications to be in English. 36 | 37 | ## Policy 38 | 39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd). 40 | 41 | -------------------------------------------------------------------------------- /SUPPORT.md: -------------------------------------------------------------------------------- 1 | # TODO: The maintainer of this repo has not yet edited this file 2 | 3 | **REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project? 4 | 5 | - **No CSS support:** Fill out this template with information about how to file issues and get help. 6 | - **Yes CSS support:** Fill out an intake form at [aka.ms/spot](https://aka.ms/spot). CSS will work with/help you to determine next steps. More details also available at [aka.ms/onboardsupport](https://aka.ms/onboardsupport). 7 | - **Not sure?** Fill out a SPOT intake as though the answer were "Yes". CSS will help you decide. 8 | 9 | *Then remove this first heading from this SUPPORT.MD file before publishing your repo.* 10 | 11 | # Support 12 | 13 | ## How to file issues and get help 14 | 15 | This project uses GitHub Issues to track bugs and feature requests. Please search the existing 16 | issues before filing new issues to avoid duplicates. For new issues, file your bug or 17 | feature request as a new Issue. 18 | 19 | For help and questions about using this project, please **REPO MAINTAINER: INSERT INSTRUCTIONS HERE 20 | FOR HOW TO ENGAGE REPO OWNERS OR COMMUNITY FOR HELP. COULD BE A STACK OVERFLOW TAG OR OTHER 21 | CHANNEL. WHERE WILL YOU HELP PEOPLE?**. 22 | 23 | ## Microsoft Support Policy 24 | 25 | Support for this **PROJECT or PRODUCT** is limited to the resources listed above. 26 | -------------------------------------------------------------------------------- /az-oracle-sizing/AWR Analysis template spreadsheet 20230620.xltx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/az-oracle-sizing/AWR Analysis template spreadsheet 20230620.xltx -------------------------------------------------------------------------------- /az-oracle-sizing/AWR Sizing Instructions.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/az-oracle-sizing/AWR Sizing Instructions.pdf -------------------------------------------------------------------------------- /az-oracle-sizing/awr_capture.sh: -------------------------------------------------------------------------------- 1 | Removing the "awr_capture.sh" from public distribution because the number of variations of HTML formats are too many for parsing using bash shell. 2 | 3 | This script was informally shared as a convenience for colleagues, but some have misinterpreted this script as supported software. 4 | -------------------------------------------------------------------------------- /az-oracle-sizing/busiest_awr.sql: -------------------------------------------------------------------------------- 1 | REM ================================================================================ 2 | REM Name: busiest_awr.sql 3 | REM Type: Oracle SQL script 4 | REM Date: 27-April 2020 5 | REM From: Americas Customer Engineering team (CET) - Microsoft 6 | REM 7 | REM Copyright and license: 8 | REM 9 | REM Licensed under the Apache License, Version 2.0 (the "License"); you may 10 | REM not use this file except in compliance with the License. 11 | REM 12 | REM You may obtain a copy of the License at 13 | REM 14 | REM http://www.apache.org/licenses/LICENSE-2.0 15 | REM 16 | REM Unless required by applicable law or agreed to in writing, software 17 | REM distributed under the License is distributed on an "AS IS" basis, 18 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 | REM 20 | REM See the License for the specific language governing permissions and 21 | REM limitations under the License. 22 | REM 23 | REM Copyright (c) 2020 by Microsoft. All rights reserved. 24 | REM 25 | REM Ownership and responsibility: 26 | REM 27 | REM This script is offered without warranty by Microsoft Customer Engineering. 28 | REM Anyone using this script accepts full responsibility for use, effect, 29 | REM and maintenance. Please do not contact Microsoft or Oracle support unless 30 | REM there is a problem with a supported SQL or SQL*Plus command. 31 | REM 32 | REM Description: 33 | REM 34 | REM SQL*Plus script to find the top 5 busiest AWR snapshots within the horizon 35 | REM of all information stored within the Oracle AWR repository, based on the 36 | REM AWR metrics "CPU Usage Per Sec" and "I/O Megabytes per Second" found in the 37 | REM view DBA_HIST_SYSMETRIC_HISTORY. 38 | REM 39 | REM Modifications: 40 | REM TGorman 27apr20 v0.1 written 41 | REM TGorman 04may20 v0.2 removed NTILE, using only ROW_NUMBER now... 42 | REM NBhandare 14May21 v0.3 added reference to innermost subqueries as fix for 43 | REM instance restart... 44 | REM TGorman 01jun21 v0.4 cleaned up some mistakes, parameterized 45 | REM TGorman 09dec22 v0.5 changed query from using stats from DBA_HIST_SYSSTAT 46 | REM to using metrics from DBA_HIST_SYSMETRIC_HISTORY 47 | REM TGorman 12dec22 v0.6 cleaned up snap IDs and times 48 | REM ================================================================================ 49 | set pages 100 lines 180 verify off echo off feedback 6 timing off recsep off 50 | col instance_number format 90 heading 'I#' 51 | col snap_id heading 'Beginning|Snap ID' 52 | col begin_tm format a20 heading 'Beginning|Snap Time' word_wrap 53 | col avg_value heading 'Average|IO and CPU|per second' format 999,999,990.0000 54 | define V_CPU_WEIGHT=1 /* multiplicative factor to favor/disfavor CPU metrics */ 55 | define V_IO_WEIGHT=2 /* multiplicative factor to favor/disfavor I/O metrics */ 56 | spool b 57 | select x.instance_number, 58 | x.snap_id snap_id, 59 | to_char(s.end_interval_time, 'DD-MON-YYYY HH24:MI:SS') begin_tm, 60 | x.avg_value 61 | from (select instance_number, snap_id, avg(value) avg_value, avg(sort_value) sort_value, 62 | row_number() over (partition by instance_number order by avg(sort_value) desc) rn 63 | from (select instance_number, snap_id, value, (value*&&V_CPU_WEIGHT) sort_value 64 | from dba_hist_sysmetric_history 65 | where metric_name = 'CPU Usage Per Sec' 66 | and dbid = (select dbid from v$database) 67 | union all 68 | select instance_number, snap_id, value, (value*&&V_IO_WEIGHT) sort_value 69 | from dba_hist_sysmetric_history 70 | where metric_name = 'I/O Megabytes per Second' 71 | and dbid = (select dbid from v$database)) 72 | group by instance_number, snap_id) x, 73 | dba_hist_snapshot s 74 | where s.snap_id = x.snap_id 75 | and s.instance_number = x.instance_number 76 | and rn <= 5 77 | order by instance_number, rn; 78 | spool off 79 | -------------------------------------------------------------------------------- /az-oracle-sizing/busiest_statspack.sql: -------------------------------------------------------------------------------- 1 | REM ================================================================================ 2 | REM Name: busiest_statspack.sql 3 | REM Type: Oracle SQL script 4 | REM Date: 27-April 2020 5 | REM From: Americas Customer Success team (CSU) - Microsoft 6 | REM 7 | REM Copyright and license: 8 | REM 9 | REM Licensed under the Apache License, Version 2.0 (the "License"); you may 10 | REM not use this file except in compliance with the License. 11 | REM 12 | REM You may obtain a copy of the License at 13 | REM 14 | REM http://www.apache.org/licenses/LICENSE-2.0 15 | REM 16 | REM Unless required by applicable law or agreed to in writing, software 17 | REM distributed under the License is distributed on an "AS IS" basis, 18 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 | REM 20 | REM See the License for the specific language governing permissions and 21 | REM limitations under the License. 22 | REM 23 | REM Copyright (c) 2020 by Microsoft. All rights reserved. 24 | REM 25 | REM Ownership and responsibility: 26 | REM 27 | REM This script is offered without warranty by Microsoft Customer Engineering. 28 | REM Anyone using this script accepts full responsibility for use, effect, 29 | REM and maintenance. Please do not contact Microsoft or Oracle support unless 30 | REM there is a problem with a supported SQL or SQL*Plus command. 31 | REM 32 | REM Description: 33 | REM 34 | REM SQL*Plus script to find the top 5 busiest STATSPACK snapshots within the horizon 35 | REM of all information stored within the Oracle STATSPACK repository, based on the 36 | REM STATSPACK statistic "CPU used by this session" and the two I/O statistics 37 | REM "physical reads" and "physical writes", all residing within the STATSPACK 38 | REM table named STATS$SYSSTAT, populated from the view V$SYSSTAT. 39 | REM 40 | REM Modifications: 41 | REM TGorman 09jan23 v0.6 copied from script "busiest_awr.sql" v0.6 42 | REM TGorman 13feb23 v0.7 bug fix, change DBA_HIST_SNAPSHOT to STATS$SNAPSHOT 43 | REM ================================================================================ 44 | set pages 100 lines 180 verify off echo off feedback 6 timing off recsep off 45 | col instance_number format 90 heading 'I#' 46 | col snap_id heading 'Beginning|Snap ID' 47 | col begin_tm format a20 heading 'Beginning|Snap Time' word_wrap 48 | col avg_value heading 'Average|IO and CPU|per second' format 999,999,990.0000 49 | define V_CPU_WEIGHT=1 /* multiplicative factor to favor/disfavor CPU metrics */ 50 | define V_IO_WEIGHT=2 /* multiplicative factor to favor/disfavor I/O metrics */ 51 | spool b 52 | select x.instance_number, 53 | x.snap_id snap_id, 54 | to_char(s.snap_time, 'DD-MON-YYYY HH24:MI:SS') begin_tm, 55 | x.avg_value 56 | from (select instance_number, snap_id, avg_value, 57 | row_number() over (partition by instance_number order by avg_sort_value desc) rn 58 | from (select instance_number, snap_id, avg(value) avg_value, avg(sort_value) avg_sort_value 59 | from (select instance_number, snap_id, sum(value)-sum(lag_value) value, ((sum(value)-sum(lag_value))*&&V_CPU_WEIGHT) sort_value 60 | from (select instance_number, snap_id, value, lag(value) over (partition by instance_number order by snap_id) lag_value 61 | from stats$sysstat 62 | where name in ('CPU used by this session') 63 | and dbid = (select dbid from v$database)) 64 | where lag_value is not null 65 | group by instance_number, snap_id 66 | union all 67 | select instance_number, snap_id, sum(value)-sum(lag_value) value, ((sum(value)-sum(lag_value))*&&V_IO_WEIGHT) sort_value 68 | from (select instance_number, snap_id, value, lag(value) over (partition by instance_number, name order by snap_id) lag_value 69 | from stats$sysstat 70 | where name in ('physical reads','physical writes') 71 | and dbid = (select dbid from v$database)) 72 | where lag_value is not null 73 | group by instance_number, snap_id) 74 | group by instance_number, snap_id)) x, 75 | Stats$snapshot s 76 | where s.snap_id = x.snap_id 77 | and s.instance_number = x.instance_number 78 | and s.dbid = (select dbid from v$database) 79 | and x.rn <= 5 80 | order by instance_number, rn; 81 | spool off 82 | -------------------------------------------------------------------------------- /azbackup/README.md: -------------------------------------------------------------------------------- 1 | # azbackup 2 | Useful scripts for diagnosing issues with Azure VM Backup for app-consistent Oracle database backups 3 | 4 | # bash script "azbackup_verify.sh" 5 | 6 | This script is intended for use in validating and troubleshooting the configuration of an Azure Linux VM for app-consistent backups of Oracle databases using Azure VM Backup. 7 | 8 | ### Prerequisites 9 | 10 | Full "sudo" permissions are *required* by this script. 11 | 12 | This script uses the "sudo" privilege escalation command, and so it should be run under the administrative Linux OS account for this Azure VM (which is granted full "sudo" permissions at VM creation), or else run under the Linux root OS account. 13 | 14 | ### Validations performed 15 | 16 | 1. existence and contents of the "/etc/azure/workload.conf" config file 17 | a. validate "workload_type" specified in config file is "oracle" 18 | b. validate "configuration_path" specified is a file with entries in correct format 19 | c. validate "timeout" specified in config file between 0 and 3600 seconds 20 | d. validate Linux OS account specified as "linux_user" in config file 21 | e. validate Linux OS group assigned to "linux_user" is Oracle SYSBACKUP group 22 | 2. existence of Oracle "pre-script" and "post-script" 23 | a. within root-protected "/var/lib/waagent" subdirectory 24 | 3. For each Oracle database instance listed in the file referenced by "configuration_path"... 25 | a. validate existence of "$ORACLE_HOME" directory and specific subdirectories 26 | b. validate existence of "config.c" source file 27 | c. validate that the defined Linux OS group for OS authentication of the SYSBACKUP role is the primary OS group of the Linux OS account (i.e. "linux_user" attribute) 28 | d. validate that it is possible to connect to Oracle SQL*Plus under the Linux OS account for Azure VM Backup with the SYSBACKUP role 29 | e. validate that the AZMESSAGE stored procedure exists and is VALID 30 | 31 | Please note that the validations within the database (i.e. existence and validity of AZMESSAGE procedure, etc) are performed using the OS account specified in the "linux_user" attribute of the configuration file, using Oracle external OS authentication through the SYSBACKUP role. 32 | 33 | In other words, successful validation with this script includes database connections using the same authentication methods used by Azure VM Backup through the Azure Linux agent (waagent). 34 | 35 | ### Command-line Parameters 36 | Any command-line parameter will place the script into "verbose" mode. Silent mode is the default if no command-line parameters are specified. 37 | 38 | ### Return status 39 | 0 - success 40 | 1 - failure, please refer to error messages emitted by the script 41 | 42 | ## Examples 43 | 44 | An example of running the script in the default "verbose" mode, no command-line parameters, and then checking the return status... 45 | 46 | 47 | [adminuser@ora-bkp-vm01 tmp]$ ./azbackup_verify.sh 48 | Sat Jul 31 18:06:27 UTC 2021 - INFO: verbose mode enabled, script version 1.2 49 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify existence of directory "/etc/azure" 50 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify existence of file "/etc/azure/workload.conf" 51 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify header of file "/etc/azure/workload.conf" 52 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify "workload_name" attribute in file "/etc/azure/workload.conf" 53 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify "configuration_path" attribute in file "/etc/azure/workload.conf" 54 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify "timeout" attribute in file "/etc/azure/workload.conf" 55 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify "linux_user" attribute in file "/etc/azure/workload.conf" 56 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Azure Linux agent: verify existence of pre-script within directory "/var/lib/waagent" 57 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Azure Linux agent: verify existence of post-script within directory "/var/lib/waagent" 58 | Sat Jul 31 18:06:27 UTC 2021 - INFO: DB instance "oradb01": validate ORACLE_HOME directory "/u01/app/oracle/product/19.0.0/dbhome_1" 59 | Sat Jul 31 18:06:27 UTC 2021 - INFO: DB instance "oradb01": verify SYSBACKUP group in "/u01/app/oracle/product/19.0.0/dbhome_1/rdbms/lib/config.c" 60 | Sat Jul 31 18:06:27 UTC 2021 - INFO: DB instance "oradb01": connect externally through "azbackup" OS account as "SYSBACKUP" 61 | Sat Jul 31 18:06:29 UTC 2021 - INFO: validated successfully 62 | [adminuser@ora-bkp-vm01 ]$ echo $? 63 | 0 64 | [adminuser@ora-bkp-vm01 ]$ 65 | 66 | 67 | Now, running the script in the silent "terse" mode and again checking the return status... 68 | 69 | 70 | [adminuser@ora-bkp-vm01 ]$ ./azbackup_verify.sh terse 71 | [adminuser@ora-bkp-vm01 ]$ echo $? 72 | 0 73 | [adminuser@ora-bkp-vm01 ]$ 74 | 75 | 76 | Any detected failure conditions will include the word "FAIL" in place of the word "INFO" after the timestamp. 77 | -------------------------------------------------------------------------------- /levelup-oracle-database-at-azure/Module-1/Module-1-Final-for-Part-1.pptx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-database-at-azure/Module-1/Module-1-Final-for-Part-1.pptx -------------------------------------------------------------------------------- /levelup-oracle-database-at-azure/Module-2/Module-2-BCDR.pptx: -------------------------------------------------------------------------------- 1 | version https://git-lfs.github.com/spec/v1 2 | oid sha256:3ab6cde7530dbc4dae676748fdcba373ca032d278ef5bb311042a28c42a0f38c 3 | size 134198272 4 | -------------------------------------------------------------------------------- /levelup-oracle-database-at-azure/Module-4/.gitattributes: -------------------------------------------------------------------------------- 1 | Application[[:space:]]Monitoring[[:space:]]and[[:space:]]Oracle[[:space:]]Database@Azure[[:space:]]LevelUp[[:space:]]Series.pptx filter=lfs diff=lfs merge=lfs -text 2 | Manage[[:space:]]and[[:space:]]Monitor[[:space:]]Oracle[[:space:]]Database@Azure[[:space:]]Level[[:space:]]Up[[:space:]]Series.pptx filter=lfs diff=lfs merge=lfs -text 3 | -------------------------------------------------------------------------------- /levelup-oracle-database-at-azure/Module-4/Application Monitoring and Oracle Database@Azure LevelUp Series.pptx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-database-at-azure/Module-4/Application Monitoring and Oracle Database@Azure LevelUp Series.pptx -------------------------------------------------------------------------------- /levelup-oracle-database-at-azure~b05c532c13db3562078fa1eaba4dbbf0a7e80f73: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/Lab1-Capacity Planning.pptx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/Lab1-Capacity Planning.pptx -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/awr/Lab1-SampleReport.xlsm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/awr/Lab1-SampleReport.xlsm -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/awr/dbspace_DBS.lst: -------------------------------------------------------------------------------- 1 | 2 | BCTfile 0.00 3 | Ctlfile 37.44 4 | Datafile 408,178.97 5 | OnlineRedo 3,072.00 6 | Tempfile 86,359.97 7 | --------------- 8 | sum 497,648.38 9 | 10 | 5 rows selected. 11 | 12 | 13 | TABLE DISABLED 8,337.81 1,697 14 | TABLE PARTITION DISABLED 95.44 287 15 | TABLE SUBPARTITION DISABLED 6,237.00 54 16 | ENABLED BASIC 1,381.44 32 17 | ****************** ******** ************ ********* --------------- --------------- -------- 18 | sum 16,051.69 2,070 19 | 20 | 4 rows selected. 21 | 22 | 23 | 1 1 1 512.00 24 | 2 1 512.00 25 | 3 1 512.00 26 | 2 4 1 512.00 27 | 5 1 512.00 28 | 6 1 512.00 29 | ********** ********** ********** ---------------- 30 | sum 3,072.00 31 | 32 | 6 rows selected. 33 | 34 | 35 | ******************** ------------------- ------------------- ------------------- 36 | 37 | 38 | no rows selected 39 | 40 | 41 | ******************** --------------- 42 | 43 | 44 | no rows selected 45 | 46 | 47 | no rows selected 48 | 49 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/awr/dbspace_DBV.lst: -------------------------------------------------------------------------------- 1 | 2 | BCTfile 0.00 3 | Ctlfile 36.31 4 | Datafile 641,069.00 5 | OnlineRedo 3,072.00 6 | Tempfile 32,767.98 7 | --------------- 8 | sum 676,945.30 9 | 10 | 5 rows selected. 11 | 12 | 13 | TABLE DISABLED 320,378.38 1,656 14 | TABLE PARTITION DISABLED 111.00 287 15 | TABLE SUBPARTITION DISABLED 594.00 66 16 | ENABLED BASIC 448.00 56 17 | ****************** ******** ************ ********* --------------- --------------- -------- 18 | sum 321,531.38 2,065 19 | 20 | 4 rows selected. 21 | 22 | 23 | 1 1 1 512.00 24 | 2 1 512.00 25 | 3 1 512.00 26 | 2 4 1 512.00 27 | 5 1 512.00 28 | 6 1 512.00 29 | ********** ********** ********** ---------------- 30 | sum 3,072.00 31 | 32 | 6 rows selected. 33 | 34 | 35 | ******************** ------------------- ------------------- ------------------- 36 | 37 | 38 | no rows selected 39 | 40 | 41 | ******************** --------------- 42 | 43 | 44 | no rows selected 45 | 46 | 47 | no rows selected 48 | 49 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/awr/dbspace_DBX.lst: -------------------------------------------------------------------------------- 1 | 2 | BCTfile 11.06 3 | Ctlfile 42.50 4 | Datafile 130,136.00 5 | OnlineRedo 3,072.00 6 | Tempfile 8,576.00 7 | --------------- 8 | sum 141,837.56 9 | 10 | 5 rows selected. 11 | 12 | 13 | TABLE DISABLED 82,655.94 4,920 14 | TABLE PARTITION DISABLED 195.25 328 15 | TABLE SUBPARTITION DISABLED 2.00 32 16 | ****************** ******** ************ ********* --------------- --------------- -------- 17 | sum 82,853.19 5,280 18 | 19 | 3 rows selected. 20 | 21 | 22 | 1 1 1 512.00 23 | 2 1 512.00 24 | 2 3 1 512.00 25 | 4 1 512.00 26 | 3 5 1 512.00 27 | 6 1 512.00 28 | ********** ********** ********** ---------------- 29 | sum 3,072.00 30 | 31 | 6 rows selected. 32 | 33 | 34 | ******************** ------------------- ------------------- ------------------- 35 | 36 | 37 | no rows selected 38 | 39 | 40 | 14-SEP-2020 0.00 41 | ******************** --------------- 42 | 0.00 43 | 44 | 1 row selected. 45 | 46 | 47 | no rows selected 48 | 49 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/awr/dbspace_DBY.lst: -------------------------------------------------------------------------------- 1 | 2 | BCTfile 0.00 3 | Ctlfile 107.31 4 | Datafile 307,375.00 5 | OnlineRedo 4,096.00 6 | Tempfile 32,767.00 7 | --------------- 8 | sum 344,345.31 9 | 10 | 5 rows selected. 11 | 12 | 13 | TABLE DISABLED 1,242.00 1,040 14 | TABLE PARTITION DISABLED 27,195.31 1,035 15 | ENABLED ARCHIVE HIGH 83,132.00 415,660.00 7,875 16 | TABLE SUBPARTITION DISABLED 2.00 32 17 | ****************** ******** ************ ********* --------------- --------------- -------- 18 | sum 111,571.31 415,660.00 9,982 19 | 20 | 4 rows selected. 21 | 22 | 23 | 1 1 2 256.00 24 | 2 2 256.00 25 | 3 2 256.00 26 | 7 2 256.00 27 | 2 4 2 256.00 28 | 5 2 256.00 29 | 6 2 256.00 30 | 8 2 256.00 31 | ********** ********** ********** ---------------- 32 | sum 2,048.00 33 | 34 | 8 rows selected. 35 | 36 | 37 | 14-FEVR.-2022 D 107.31 107.31 107.31 38 | **************************** ------------------- ------------------- ------------------- 39 | 107.31 107.31 107.31 40 | 41 | 1 row selected. 42 | 43 | 44 | 23-MAI -2019 25.91 45 | 03-OCT. -2021 24.25 46 | 04-OCT. -2021 283.73 47 | 05-OCT. -2021 354.56 48 | 06-OCT. -2021 348.60 49 | 07-OCT. -2021 188.96 50 | **************************** --------------- 51 | 1,226.00 52 | 53 | 6 rows selected. 54 | 55 | 56 | no rows selected 57 | 58 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/awr/dbspace_DBZ.lst: -------------------------------------------------------------------------------- 1 | 2 | BCTfile 81.06 3 | Ctlfile 209.94 4 | Datafile 3,992,644.07 5 | OnlineRedo 12,288.00 6 | Tempfile 131,071.94 7 | --------------- 8 | sum 4,136,295.01 9 | 10 | 5 rows selected. 11 | 12 | 13 | TABLE DISABLED 1,107,936.06 3,489 14 | ENABLED BASIC 4,547.00 1 15 | TABLE PARTITION DISABLED 28,117.38 521 16 | TABLE SUBPARTITION DISABLED 3,477.19 2,540 17 | ****************** ******** ************ ********* --------------- --------------- -------- 18 | sum 1,144,077.63 6,551 19 | 20 | 4 rows selected. 21 | 22 | 23 | 1 10 1 1,024.00 24 | 11 1 1,024.00 25 | 12 1 1,024.00 26 | 13 1 1,024.00 27 | 2 20 1 1,024.00 28 | 21 1 1,024.00 29 | 22 1 1,024.00 30 | 23 1 1,024.00 31 | 3 30 1 1,024.00 32 | 31 1 1,024.00 33 | 32 1 1,024.00 34 | 33 1 1,024.00 35 | ********** ********** ********** ---------------- 36 | sum 12,288.00 37 | 38 | 12 rows selected. 39 | 40 | 41 | ******************** ------------------- ------------------- ------------------- 42 | 43 | 44 | no rows selected 45 | 46 | 47 | 16-MAY-2023 4,227.63 48 | 17-MAY-2023 13,452.35 49 | ******************** --------------- 50 | 17,679.98 51 | 52 | 2 rows selected. 53 | 54 | 55 | no rows selected 56 | 57 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_awr_details.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_awr_details.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommendation_filters.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommendation_filters.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_1.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_2.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_3.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_1.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_2.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_2_managed_disks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_2_managed_disks.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_3.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_3_managed_disks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_3_managed_disks.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_settings_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_settings_1.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_settings_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_settings_3.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_1.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_2.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_3.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_summary_by_db_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_db_1.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_summary_by_db_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_db_2.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_summary_by_dbinstance.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_dbinstance.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab1/media/omat_summary_by_host.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_host.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Microsoft Open Source Code of Conduct 2 | 3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). 4 | 5 | Resources: 6 | 7 | - [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/) 8 | - [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) 9 | - Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns 10 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/README.md: -------------------------------------------------------------------------------- 1 | # Lab 2: Deploying Oracle Landing Zone 2 | 3 | 4 | ## Overview 5 | 6 | This repository describes how to create and install Oracle DB on an Azure VM in an automated fashion, through the use of "terraform" and "ansible". 7 | 8 | A single Azure VM will be deployed in a VNET in your Azure subscription. 9 | 10 | 11 | 12 | ## Pre-requisities 13 | 14 | 1. An Azure subscription. If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/en-us/free/?ref=microsoft.com&utm_source=microsoft.com&utm_medium=docs&utm_campaign=visualstudio) before you begin. 15 | 2. A compute source running Ubuntu. This can either be a local computer, [Azure Cloud Shell](https://shell.azure.com) or [an Azure VM](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-portal?tabs=ubuntu). 16 | 17 | **FOR THIS LAB => We strongly encourage the use of [Azure Cloud Shell](https://shell.azure.com) since all the required software such as Terraform, Ansible and Azure CLI are already installed.** 18 | 19 | 3. Terraform installed on the compute source. Otherwise, follow the installations instructions [here](https://developer.hashicorp.com/terraform/downloads). It is already installed on the Azure Cloud Shell. 20 | 4. Ansible installed on the compute source. Otherwise, follow the installations instructions [here](https://docs.ansible.com/ansible/latest/installation_guide/installation_distros.html). It is already installed on the Azure Cloud Shell. 21 | 5. Azure CLI installed on the compute source. Otherwise, follow the installations instructions [here](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=apt). It is already installed on the Azure Cloud Shell. 22 | 23 | 24 | ## Step-by-step Instructions 25 | 26 | 1. [Clone this repo](docs/wiki/CLONE.md) onto the compute resource. 27 | 2. [Provision infrastructure on Azure](docs/wiki/TERRAFORM.md) via terraform. 28 | 3. [Review the infrastructure](docs/wiki/REVIEW_INFRA.md) provisioned on Azure. 29 | 4. [Install and configure Oracle DB](docs/wiki/ANSIBLE.md) via ansible. 30 | 5. [Test the final configuration](docs/wiki/TEST.md). 31 | 32 | 33 | ## Disclaimer 34 | 35 | Please note that the policies in this GitHub repository are currently in development and may be subject to frequent changes and updates. This means that the functionality and features of the polices may change without notice. As such, you are advised to ensure that the policies are tested thoroughly in a test environment before considering moving to production. 36 | 37 | Additionally you are advised to reach out to the authors of this repository to discuss the policies and their suitability for your environment, before deploying them in production. To do so create an issue [here](https://github.com/alz-oracle/issues), and we will get back to you as soon as possible. 38 | 39 | By accessing or using the code in this repository, you agree to assume all risks associated with its use and to use it at your own discretion and risk. Microsoft shall not be liable for any damages or losses resulting from the use of this code. For support details, please see the [Support section](./SUPPORT.md). 40 | 41 | 42 | ## Wiki 43 | 44 | Please see the content in the [wiki](docs/wiki/Home.md) for more detailed information about the repo and various other pieces of documentation. 45 | 46 | ## Known Issues 47 | 48 | Please see the [Known Issues](docs/wiki/KnownIssues.md) in the wiki. 49 | 50 | ## Frequently Asked Questions 51 | 52 | Please see the [Frequently Asked Questions](docs/wiki/FAQ.md) in the wiki. 53 | 54 | ## Contributing 55 | 56 | 57 | Please see the [Contributing](docs/wiki/Contributing.md) in the wiki. 58 | 59 | 60 | ## Trademarks 61 | 62 | This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft 63 | trademarks or logos is subject to and must follow 64 | [Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general). 65 | Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. 66 | Any use of third-party trademarks or logos are subject to those third-party's policies. 67 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/SECURITY.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ## Security 4 | 5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet) and [Xamarin](https://github.com/xamarin). 6 | 7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below. 8 | 9 | ## Reporting Security Issues 10 | 11 | **Please do not report security vulnerabilities through public GitHub issues.** 12 | 13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/security.md/msrc/create-report). 14 | 15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/security.md/msrc/pgp). 16 | 17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 18 | 19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: 20 | 21 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) 22 | * Full paths of source file(s) related to the manifestation of the issue 23 | * The location of the affected source code (tag/branch/commit or direct URL) 24 | * Any special configuration required to reproduce the issue 25 | * Step-by-step instructions to reproduce the issue 26 | * Proof-of-concept or exploit code (if possible) 27 | * Impact of the issue, including how an attacker might exploit the issue 28 | 29 | This information will help us triage your report more quickly. 30 | 31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/security.md/msrc/bounty) page for more details about our active programs. 32 | 33 | ## Preferred Languages 34 | 35 | We prefer all communications to be in English. 36 | 37 | ## Policy 38 | 39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd). 40 | 41 | 42 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/SUPPORT.md: -------------------------------------------------------------------------------- 1 | # Support 2 | 3 | ## How to file issues and get help 4 | 5 | This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates. For new issues, file your bug or feature request as a new Issue. 6 | 7 | Issues can be created and searched through for existing issues here: [https://github.com/Azure/alz-monitor/issues](https://github.com/Azure/alz-monitor/issues) 8 | 9 | Please provide as much information as possible when filing an issue. Include screenshots or correlation IDs if possible (please redact any sensitive information). 10 | 11 | For instructions on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id). 12 | 13 | We may ask you to create an Azure support request once we have triaged the issue following the process documented [here](https://docs.microsoft.com/azure/azure-portal/supportability/how-to-create-azure-support-request) 14 | 15 | ## Microsoft Support Policy 16 | 17 | If issues are encountered when deploying the policies contained in this repo users will be able to engage Microsoft support via their usual channels. Please provide correlation IDs where possible when contacting support to be able to investigate the issue effectively and in a timely fashion. For instructions on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id). 18 | 19 | Following list of issues are within the scope of Microsoft support: 20 | 21 | - Underlying Resource or Resource Provider issues when deploying policies for any deployment failures. 22 | 23 | Any issues that are deemed outside of the above list by Microsoft support and/or requires bugfix in the module or code in the repo, Microsoft support will redirect user to file the issue on GitHub. 24 | 25 | Project maintainers and community aim to get issues resolved in timely fashion as per community support policy of this repo. 26 | 27 | ## Community Support Policy 28 | 29 | Project maintainers will aim to respond within 3 business days to get a meaningful response for any new issues, however, whilst in preview this may sometimes be a little longer. 30 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/README.md: -------------------------------------------------------------------------------- 1 | # Install Oracle Database 19c with Ansible 2 | 3 | These roles configure Oracle Database prerequisites and install it for CentOS 7. 4 | 5 | ## Requirements 6 | 7 | - CentOS 7.7 or later 8 | - Ansible 2.9 9 | - Installation media file distributed by oracle.com 10 | 11 | ## Install the Oracle Database software to a target host 12 | 13 | Place the installation media file into roles/oracle19c/files/, configure your inventory and run ansible-playbook. 14 | 15 | ``` 16 | $ cp /foo/bar/LINUX.X64_193000_db_home.zip roles/oracle19c/files/ 17 | $ ansible-playbook -i inventory.yml playbook.yml oracle -k -K 18 | ``` 19 | 20 | # After installation 21 | 22 | You can use the database with SID `orcl19c`. 23 | The default password for SYS and SYSTEM is `oracle123`. 24 | 25 | ``` 26 | $ export ORACLE_SID=orcl19c 27 | $ sqlplus system/oracle123 28 | SQL> quit 29 | ``` 30 | 31 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_whitelist=profile_tasks 3 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/group_vars/all/vars.yml: -------------------------------------------------------------------------------- 1 | # primary oracle group 2 | oracle_group: oinstall 3 | 4 | # DBA group 5 | oracle_dba_group: dba 6 | oracle_backupdba_group: backupdba 7 | oracle_oper_group: oper 8 | oracle_dgdba_group: dgdba 9 | oracle_kmdba_group: kmdba 10 | oracle_racdba_group: racdba 11 | 12 | oracle_groups: wheel,dba,backupdba,oper,dgdba,kmdba,racdba 13 | 14 | oracle_user: oracle 15 | oracle_pass: $1$salt$6hY7SFGTovD5BRJ.4zYAd1 16 | 17 | swapsize: 16384 18 | 19 | #storage type, FS|ASM 20 | storage_type: FS 21 | 22 | 23 | data_device: /dev/disk/azure/scsi1/lun20 24 | data_disk_mount: /u01 -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | gather_facts: true 4 | become: true 5 | roles: 6 | - common 7 | #- grid 8 | - oracle19c #oracle software installatio 9 | - dbca # database creation 10 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/common/defaults/main.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/common/defaults/main.yaml -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/common/tasks/main.yaml: -------------------------------------------------------------------------------- 1 | 2 | - name: install x86_64 oracle dependencies 3 | yum: 4 | name: "{{ packages }}" 5 | update_cache: yes 6 | vars: 7 | packages: 8 | - oracle-database-preinstall-19c 9 | - unzip 10 | - name: selinux dependencies 11 | yum: 12 | name: "{{ packages }}" 13 | vars: 14 | packages: 15 | - libselinux-python 16 | 17 | - name: set up the oracle hostnames 18 | lineinfile: 19 | dest: /etc/hosts 20 | state: present 21 | line: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} {{ inventory_hostname }}" 22 | 23 | - name: oracle-recommended sysctl 24 | sysctl: 25 | name: "{{ item.name }}" 26 | value: "{{ item.value }}" 27 | state: present 28 | ignoreerrors: yes # Ignore errors about unknown keys 29 | with_items: 30 | - { name: "kernel.shmall", value: "1073741824" } 31 | - { name: "kernel.shmmax", value: "4398046511104" } 32 | - { name: "kernel.shmmni", value: "4096" } 33 | - { name: "kernel.sem", value: "250 32000 100 128" } 34 | - { name: "fs.file-max", value: "6815744" } 35 | - { name: "fs.aio-max-nr", value: "1048576" } 36 | - { name: "net.ipv4.ip_local_port_range", value: "9000 65500" } 37 | - { name: "net.core.rmem_default", value: "262144" } 38 | - { name: "net.core.rmem_max", value: "4194304" } 39 | - { name: "net.core.wmem_default", value: "262144" } 40 | - { name: "net.core.wmem_max", value: "1048576" } 41 | - { name: "kernel.panic_on_oops", value: "1" } 42 | 43 | - name: save sysctl config 44 | command: sysctl -p 45 | ignore_errors: yes 46 | 47 | 48 | - name: Change Linux Swap Size 49 | replace: 50 | path: /etc/waagent.conf 51 | regexp: "ResourceDisk.SwapSizeMB=0" 52 | replace: "ResourceDisk.SwapSizeMB={{ swapsize }}" 53 | 54 | - name: Enable Swap 55 | replace: 56 | path: /etc/waagent.conf 57 | regexp: "ResourceDisk.EnableSwap=n" 58 | replace: "ResourceDisk.EnableSwap=y" 59 | 60 | - name: Enable Swap Disk 61 | replace: 62 | path: /etc/waagent.conf 63 | regexp: "ResourceDisk.Format=n" 64 | replace: "ResourceDisk.Format=y" 65 | - name: Restart Waagent 66 | ansible.builtin.service: 67 | name: waagent 68 | state: restarted 69 | 70 | - name: oracle-recommended PAM config 71 | lineinfile: 72 | dest: /etc/pam.d/login 73 | state: present 74 | line: "session required pam_limits.so" 75 | 76 | - name: oracle-recommended security limits 77 | lineinfile: 78 | dest: /etc/security/limits.conf 79 | state: present 80 | line: "{{ item }}" 81 | with_items: 82 | - "oracle soft nofile 1024" 83 | - "oracle hard nofile 65536" 84 | - "oracle soft nproc 2047" 85 | - "oracle hard nproc 16384" 86 | - "oracle soft stack 10240" 87 | - "oracle hard stack 32768" 88 | - "oracle soft memlock 3145728" 89 | - "oracle hard memlock 3145728" 90 | 91 | - name: create initial groups for the oracle user 92 | group: name={{ item }} state=present 93 | with_items: 94 | - "{{ oracle_group }}" 95 | - "{{ oracle_dba_group }}" 96 | - "{{ oracle_backupdba_group }}" 97 | - "{{ oracle_oper_group }}" 98 | - "{{ oracle_dgdba_group }}" 99 | - "{{ oracle_kmdba_group }}" 100 | - "{{ oracle_racdba_group }}" 101 | 102 | - name: create oracle user 103 | user: 104 | name: "{{ oracle_user }}" 105 | group: "{{ oracle_group }}" 106 | groups: "{{ oracle_groups }}" 107 | home: /home/{{ oracle_user }} 108 | shell: /bin/bash 109 | password: "{{ oracle_pass }}" 110 | append: yes 111 | 112 | 113 | - name: Create partition on data disk 114 | parted: 115 | device: "{{data_device}}" 116 | number: 1 117 | state: present 118 | when: storage_type == "FS" 119 | 120 | - name: Create a ext4 fs on data disk 121 | filesystem: 122 | fstype: ext4 123 | dev: "{{data_device}}-part1" 124 | when: storage_type == "FS" 125 | 126 | - name: Get UUID for partition 127 | command: blkid -s UUID -o value "{{ data_device }}-part1" 128 | register: disk_blkid 129 | when: storage_type == "FS" 130 | 131 | - name: Mount data disk 132 | mount: 133 | path: "{{data_disk_mount}}" 134 | src: "UUID={{disk_blkid.stdout}}" 135 | fstype: ext4 136 | state: mounted 137 | when: storage_type == "FS" -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/dbca/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | oracle_db_home: /u01/app/oracle/product/19.3.0/dbhome_1 3 | oracle_user: oracle 4 | createAsContainerDatabase: "FALSE" 5 | gdbName: orcl 6 | sid: orcl 7 | databaseConfigType: 8 | RACOneNodeServiceName: 9 | policyManaged: 10 | createServerPool: 11 | serverPoolName: 12 | cardinality: 13 | force: 14 | pqPoolName: 15 | pqCardinality: 16 | numberOfPDBs: 17 | pdbName: 18 | useLocalUndoForPDBs: 19 | pdbAdminPassword: 20 | nodelist: 21 | templateName: General_Purpose.dbc 22 | sysPassword: Oracle123.? 23 | systemPassword: Oracle123.? 24 | oracleHomeUserPassword: 25 | emConfiguration: DBEXPRESS 26 | emExpressPort: 5500 27 | runCVUChecks: 28 | dbsnmpPassword: Oracle123.? 29 | omsHost: 30 | omsPort: 31 | emUser: 32 | emPassword: 33 | dvConfiguration: 34 | dvUserName: 35 | dvUserPassword: 36 | dvAccountManagerName: 37 | dvAccountManagerPassword: 38 | olsConfiguration: 39 | datafileJarLocation: 40 | datafileDestination: 41 | recoveryAreaDestination: 42 | storageType: FS 43 | diskGroupName: #DATA 44 | asmsnmpPassword: 45 | recoveryGroupName: #ASM #RECO degistir 46 | characterSet: AL32UTF8 47 | nationalCharacterSet: UTF8 48 | registerWithDirService: 49 | dirServiceUserName: 50 | dirServicePassword: 51 | walletPassword: 52 | listeners: 53 | variablesFile: 54 | initParams: 55 | sampleSchema: "TRUE" 56 | memoryPercentage: 57 | databaseType: MULTIPURPOSE 58 | automaticMemoryManagement: "FALSE" 59 | totalMemory: 60 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/dbca/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # 3 | # create database 4 | # 5 | - block: 6 | - name: copy response file for silent install 7 | template: src=dbca.rsp.j2 dest=/home/{{ oracle_user }}/dbca.rsp 8 | 9 | - name: dbca 10 | command: bin/dbca -silent -createDatabase -responseFile /home/{{ oracle_user }}/dbca.rsp -ignorePreReqs 11 | ignore_errors: yes 12 | args: 13 | chdir: "{{ oracle_db_home }}" 14 | 15 | - name: Configure Oratab 16 | shell: sed -i 's/:N/:Y/' /etc/oratab 17 | become: true 18 | become_user: root 19 | 20 | 21 | - name: copy response file for silent install 22 | template: src=dbora.j2 dest=/etc/init.d/dbora 23 | become: true 24 | become_user: root 25 | 26 | - name: Chnage ownership of dbora 27 | file: 28 | path: /etc/init.d/dbora 29 | group: dba 30 | mode: 0750 31 | become: true 32 | become_user: root 33 | 34 | - name: link files 35 | command: ln -s /etc/init.d/dbora {{ item }} 36 | loop: 37 | - /etc/rc.d/rc0.d/K01dbora 38 | - /etc/rc.d/rc3.d/S99dbora 39 | - /etc/rc.d/rc5.d/S99dbora 40 | ignore_errors: yes 41 | become: true 42 | become_user: root 43 | 44 | - name: start listener 45 | command: lsnrctl start 46 | ignore_errors: yes 47 | 48 | - name: reboot 49 | shell: "sleep 5 && reboot" 50 | async: 1 51 | poll: 0 52 | become: true 53 | become_user: root 54 | 55 | become: yes 56 | become_user: "{{ oracle_user }}" 57 | 58 | 59 | 60 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/dbca/templates/dbora.j2: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # chkconfig: 345 99 10 3 | # Description: Oracle auto start-stop script. 4 | # 5 | # Set ORA_HOME to be equivalent to $ORACLE_HOME. 6 | ORA_HOME={{ oracle_db_home }} 7 | ORA_OWNER=oracle 8 | 9 | case "$1" in 10 | 'start') 11 | # Start the Oracle databases: 12 | # The following command assumes that the Oracle sign-in 13 | # will not prompt the user for any values. 14 | # Remove "&" if you don't want startup as a background process. 15 | su - $ORA_OWNER -c "$ORA_HOME/bin/dbstart $ORA_HOME" & 16 | touch /var/lock/subsys/dbora 17 | ;; 18 | 19 | 'stop') 20 | # Stop the Oracle databases: 21 | # The following command assumes that the Oracle sign-in 22 | # will not prompt the user for any values. 23 | su - $ORA_OWNER -c "$ORA_HOME/bin/dbshut $ORA_HOME" & 24 | rm -f /var/lock/subsys/dbora 25 | ;; 26 | esac -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/grid/defaults/main.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/grid/defaults/main.yaml -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/grid/templates/bash_rc: -------------------------------------------------------------------------------- 1 | export ORACLE_HOME=/opt/grid -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/grid/vars/main.yml: -------------------------------------------------------------------------------- 1 | gridurl: https://oraclebinarysa.blob.core.windows.net/oracle/LINUX.X64_193000_grid_home.zip?sp=r&st=2023-09-07T11:37:48Z&se=2025-03-31T19:37:48Z&spr=https&sv=2022-11-02&sr=b&sig=QCeLiPKWqrnJDHRC8LNB6HxQEpNuW9fu%2Fj7jw6wUVtY%3D 2 | gridLatestUpdateUrl: https://oraclebinarysa.blob.core.windows.net/oracle/p35319490_190000_Linux-x86-64.zip?sp=r&st=2023-09-13T00:12:57Z&se=2025-02-06T09:12:57Z&spr=https&sv=2022-11-02&sr=b&sig=AlHJXCspMt2ajivjqiXiSzv40D%2B1SIPuSVyrJA8zjGI%3D 3 | opatchUpdateUrl: https://oraclebinarysa.blob.core.windows.net/oracle/p6880880_190000_LINUX.zip?sp=r&st=2023-10-10T16:47:47Z&se=2024-12-07T01:47:47Z&spr=https&sv=2022-11-02&sr=b&sig=E1Fk8AfQsyjpall%2FsMTWIE4B%2B0bjwVNoYXxbz8D90aw%3D 4 | syspass: Oracle123.? 5 | systempass: Oracle123.? 6 | monitorpass: oracle123.? 7 | dbname: tempdb 8 | gridpass: Oracle123.? 9 | oraclepass: Oracle123.? 10 | oracle_patch_number: 35319490 -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/oracle19c/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults for oracle installation 3 | 4 | # 5 | # oracle connection settings 6 | # 7 | 8 | # ORACLE_BASE parent, {{ oracle_path }}/oracle 9 | oracle_path: /u01/app 10 | 11 | # ORACLE_SID 12 | oracle_db_name: orcl 13 | 14 | # ORACLE_HOME basename, {{ oracle_path }}/oracle/product/19.3.0/{{ oracle_db_home }} 15 | oracle_db_home: /u01/app/oracle/product/19.3.0/dbhome_1 16 | 17 | # 18 | # oracle system user 19 | # 20 | 21 | # oracle user username 22 | oracle_user: oracle 23 | 24 | # hashed password for the oracle user 25 | # python -c 'import crypt; print crypt.crypt("oracle", "$1$salt$")' 26 | oracle_pass: $1$salt$6hY7SFGTovD5BRJ.4zYAd1 27 | oracle_pass_raw: oracle 28 | 29 | # primary oracle group 30 | oracle_group: oinstall 31 | 32 | # DBA group 33 | oracle_dba_group: dba 34 | oracle_backupdba_group: backupdba 35 | oracle_oper_group: oper 36 | oracle_dgdba_group: dgdba 37 | oracle_kmdba_group: kmdba 38 | oracle_racdba_group: racdba 39 | 40 | oracle_groups: wheel,dba,backupdba,oper,dgdba,kmdba,racdba 41 | 42 | oracle_patch_number: 35319490 43 | 44 | 45 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/oracle19c/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: create the oracle installation path 2 | file: 3 | mode: 0755 4 | path: "{{ oracle_path }}" 5 | state: directory 6 | group: "{{ oracle_group }}" 7 | owner: "{{ oracle_user }}" 8 | 9 | - name: set oracle user environment 10 | lineinfile: dest=/home/{{ oracle_user }}/.bashrc state=present line="{{ item }}" 11 | with_items: 12 | - "export ORACLE_BASE={{ ora_user_env.ORACLE_BASE }}" 13 | - "export ORACLE_SID={{ ora_user_env.ORACLE_SID }}" 14 | - "export ORACLE_HOME={{ ora_user_env.ORACLE_HOME }}" 15 | - "export PATH=$PATH:$ORACLE_HOME/bin" 16 | - "export NLS_LANG={{ ora_user_env.NLS_LANG }}" 17 | 18 | - name: disable firewalld 19 | systemd: 20 | name: firewalld 21 | state: stopped 22 | enabled: false 23 | 24 | - name: disable transparent_hugepage 25 | replace: 26 | path: /etc/default/grub 27 | regexp: '^GRUB_CMDLINE_LINUX="(.*)"$' 28 | replace: 'GRUB_CMDLINE_LINUX="\1 transparent_hugepage=never"' 29 | 30 | - name: make grub.cfg 31 | command: grub2-mkconfig -o /boot/grub2/grub.cfg 32 | 33 | - name: reboot 34 | shell: "sleep 5 && reboot" 35 | async: 1 36 | poll: 0 37 | 38 | - name: wait for rebooting 39 | wait_for_connection: 40 | connect_timeout: 5 41 | sleep: 5 42 | delay: 20 43 | timeout: 240 44 | 45 | - name: check transparent_hugepage 46 | shell: "cat /sys/kernel/mm/transparent_hugepage/enabled" 47 | register: result_hugepage 48 | 49 | - name: debug 50 | debug: 51 | var: result_hugepage 52 | 53 | #- name: test transparent_hugepage is disabled 54 | # assert: 55 | # that: 56 | # - "result_hugepage.stdout == '[always] madvise never'" 57 | 58 | # 59 | # install Oracle Database software 60 | # 61 | 62 | - name: create the oracle installation path 63 | file: 64 | mode: 0755 65 | path: "{{ oracle_path }}" 66 | state: directory 67 | group: "{{ oracle_group }}" 68 | owner: "{{ oracle_user }}" 69 | 70 | - name: create $ORACLE_HOME directory 71 | file: 72 | mode: 0755 73 | path: "{{ oracle_db_home }}" 74 | state: directory 75 | group: "{{ oracle_group }}" 76 | owner: "{{ oracle_user }}" 77 | 78 | - name: create $ORACLE_HOME/patch directory 79 | file: 80 | mode: 0755 81 | path: "{{ oracle_db_home }}/patch" 82 | state: directory 83 | group: "{{ oracle_group }}" 84 | owner: "{{ oracle_user }}" 85 | 86 | - block: 87 | - name: copy response file for silent install 88 | template: 89 | src: db_install.rsp.j2 90 | dest: /home/{{ oracle_user }}/db_install.rsp 91 | 92 | #- name: Copy oracle.zip file 93 | # ansible.builtin.copy: 94 | # src: LINUX.X64_193000_db_home.zip 95 | # dest: /home/{{ oracle_user }}/LINUX.X64_193000_db_home.zip 96 | # owner: oracle 97 | # group: oinstall 98 | # mode: '0644' 99 | - name: Download Oracle Linux Zip File 100 | ansible.builtin.get_url: 101 | url: https://oraclebinarysa.blob.core.windows.net/oracle/LINUX.X64_193000_db_home.zip?sp=r&st=2023-09-13T00:14:00Z&se=2025-07-12T08:14:00Z&spr=https&sv=2022-11-02&sr=b&sig=q6BVLxDZWn%2FkQsGTJ6yXjrejJSCZ00t4gO1tc4tIL3o%3D 102 | dest: /home/{{ oracle_user }}/LINUX.X64_193000_db_home.zip 103 | 104 | # - name: Download Oracle Latest Patch 105 | # ansible.builtin.get_url: 106 | # url: https://oraclebinarysa.blob.core.windows.net/oracle/p35319490_190000_Linux-x86-64.zip?sp=r&st=2023-09-13T00:12:57Z&se=2025-02-06T09:12:57Z&spr=https&sv=2022-11-02&sr=b&sig=AlHJXCspMt2ajivjqiXiSzv40D%2B1SIPuSVyrJA8zjGI%3D 107 | # dest: /home/{{ oracle_user }}/LINUX.X64_ltsp.zip 108 | 109 | 110 | #- name: Download Oracle Latest OPatch 111 | # ansible.builtin.get_url: 112 | # url: https://oraclebinarysa.blob.core.windows.net/oracle/p6880880_190000_LINUX.zip?sp=r&st=2023-10-10T16:47:47Z&se=2024-12-07T01:47:47Z&spr=https&sv=2022-11-02&sr=b&sig=E1Fk8AfQsyjpall%2FsMTWIE4B%2B0bjwVNoYXxbz8D90aw%3D 113 | # dest: /home/{{ oracle_user }}/opatch.zip 114 | 115 | - name: extract the installation media to $ORACLE_HOME 116 | unarchive: 117 | src: /home/oracle/LINUX.X64_193000_db_home.zip 118 | dest: "{{ oracle_db_home }}" 119 | remote_src: yes 120 | #- name: extract the oracle patch media to $ORACLE_HOME/patch 121 | # unarchive: 122 | # src: /home/{{ oracle_user }}/LINUX.X64_ltsp.zip 123 | # dest: "{{ oracle_db_home }}/patch" 124 | # remote_src: yes 125 | 126 | 127 | #- name: Delete OPatch 128 | # ansible.builtin.file: 129 | # state: absent 130 | # path: "{{ oracle_db_home }}/OPatch" 131 | 132 | #- name: Create grid OPatch directory 133 | # file: 134 | # path: "{{ oracle_db_home }}/OPatch" 135 | # state: directory 136 | # owner: "{{ oracle_user }}" 137 | # group: oinstall 138 | 139 | 140 | #- name: Extract Grid OPatch to 141 | # ansible.builtin.unarchive: 142 | # src: "/home/{{ oracle_user }}/opatch.zip" 143 | # dest: "{{ oracle_db_home }}" 144 | # remote_src: yes 145 | # owner: "{{ oracle_user }}" 146 | # group: oinstall 147 | 148 | - name: runInstaller 149 | shell: echo "{{ oracle_pass_raw }}" | ./runInstaller -responseFile /home/{{ oracle_user }}/db_install.rsp -silent #-applyRU {{ oracle_db_home }}/patch/{{ oracle_patch_number }} 150 | ignore_errors: yes 151 | args: 152 | chdir: "{{ oracle_db_home }}" 153 | 154 | become: yes 155 | become_user: "{{ oracle_user }}" 156 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/oracle19c/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # shell environment for the oracle user 4 | ora_user_env: 5 | ORACLE_BASE: "{{ oracle_path }}/oracle" 6 | ORACLE_SID: "{{ oracle_db_name }}" 7 | ORACLE_HOME: "{{ oracle_path }}/oracle/product/19.3.0/dbhome_1" 8 | NLS_LANG: "american_america.AL32UTF8" 9 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/complete.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/complete.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/fixtures.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/fixtures.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/inventory.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/inventory.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/port2222.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/port2222.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/provisioned.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/provisioned.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/publicip.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/publicip.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/run_command1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/run_command1.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/run_command2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/run_command2.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/single-instance-overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/single-instance-overview.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/single_vm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/single_vm.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/ssh-for-cloud-shell.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/ssh-for-cloud-shell.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/sshport.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/sshport.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/test.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/test.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/media/warnings.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/warnings.jpg -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/ANSIBLE.md: -------------------------------------------------------------------------------- 1 | # Using ansible to configure OracleDB & ASM 2 | 3 | Now that the required infrastructure is allocated on Azure, it is time to install & configure the Oracle DB via ansible. 4 | 5 | 6 | 7 | On the compute source running Ubuntu or on Azure Cloud Shell, follow the steps given below: 8 | 9 | 1. Switch to the following subdirectory: 10 | ``` 11 | cd ~/projects/Oracle-Workloads-for-Azure/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance 12 | ``` 13 | 14 | 2. Create a new file called inventory: 15 | ``` 16 | touch inventory 17 | ``` 18 | 19 | 3. Edit the file 20 | 21 | ``` 22 | nano inventory 23 | ``` 24 | 25 | 26 | Make sure that it has the following format: 27 | 28 | ``` 29 | [dbservers] 30 | 31 | vm-0 ansible_host= ansible_ssh_private_key_file=~/.ssh/lza-oracle-single-instance ansible_user=oracle 32 | ``` 33 | 34 | Below is an example: 35 | 36 | 37 | 38 | 39 | 4. Start the ansible playbook 40 | ``` 41 | ansible-playbook playbook.yml -i inventory 42 | ``` 43 | (If you are prompted for "are you sure you want to continue connecting?", enter "yes") 44 | 45 | (If using Azure Cloud Shell, remember to activate the Cloud Shell window by pressing Enter as few times, every 15 minutes or so since the shell times out after 20 minutes of inaction.) 46 | 47 | 48 | 5. If you get an error stating "ERROR! Invalid callback for stdout specified: community.general.yaml" then run the following step and then re-run the previous step. 49 | ``` 50 | ansible-galaxy collection install community.general 51 | ``` 52 | 53 | 6. It is acceptable to see warnings highlighted in red. 54 | 55 | 56 | 57 | Once the installation and configuration completes, you will see a screen similar to the one below. 58 | 59 | 60 | 61 | 62 | 63 | 7. Now you can go back to the main [README.md](../../README.md#step-by-step-instructions) file. 64 | 65 | 66 | 67 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/CLONE.md: -------------------------------------------------------------------------------- 1 | # Cloning the repo 2 | 3 | ## Getting started 4 | 5 | 6 | 7 | Follow the steps given below: 8 | 9 | 1. Login to the local compute resource running Ubuntu. If using Azure Cloud Shell, login to [Azure Cloud Shell](https://shell.azure.com). 10 | 11 | 2. Install "pip". If you are using Azure Cloud Shell, then ignore this step. 12 | ``` 13 | sudo apt update 14 | sudo apt install python3-pip 15 | ``` 16 | 17 | 3. Create a subdirectory to clone the repo. 18 | ``` 19 | mkdir ~/projects 20 | cd projects 21 | ``` 22 | 23 | 4. Start cloning the repo. 24 | ``` 25 | git clone https://github.com/Azure/Oracle-Workloads-for-Azure.git 26 | ``` 27 | 28 | 5. Now you can go back to the main [README.md](../../README.md#step-by-step-instructions) file. 29 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/Contributing.md: -------------------------------------------------------------------------------- 1 | 2 | ## Contributing 3 | 4 | - [Contributing](#contributing) 5 | - [Recommended Learning](#recommended-learning) 6 | - [Git](#git) 7 | - [Tooling](#tooling) 8 | - [Required Tooling](#required-tooling) 9 | - [Recommended Tooling](#recommended-tooling) 10 | - [Formatting Guidelines](#formatting-guidelines) 11 | - [Code Styling](#code-styling) 12 | - [Resource API Versions](#resource-api-versions) 13 | - [Git Information on Contributing](#git-information-on-contributing) 14 | 15 | --- 16 | 17 | Looking to contribute to this project, whether that be code, examples, documentation or GitHub automation, you are in the right place. Please review the rest of this wiki page for important information to help you to start contributing to the project effectively. 18 | 19 | ## Recommended Learning 20 | 21 | Before you start contributing to the repo, it is **highly recommended** that you complete the following Microsoft Learn paths, modules & courses: 22 | 23 | ### Git 24 | 25 | - [Introduction to version control with Git](https://docs.microsoft.com/learn/paths/intro-to-vc-git/) 26 | 27 | ## Tooling 28 | 29 | ### Required Tooling 30 | 31 | To contribute to this project the following tooling is required: 32 | 33 | - [Git](https://git-scm.com/downloads) 34 | - [Visual Studio Code](https://code.visualstudio.com/download) 35 | 36 | ### Recommended Tooling 37 | 38 | The following tooling/extensions are recommended to assist you developing for the project: 39 | 40 | - [ARM Tools extension for Visual Studio Code](https://marketplace.visualstudio.com/items?itemName=msazurermtools.azurerm-vscode-tools) 41 | - [ARM Template Viewer extension for Visual Studio Code](https://marketplace.visualstudio.com/items?itemName=bencoleman.armview) 42 | - [EditorConfig for VS Code](https://marketplace.visualstudio.com/items?itemName=EditorConfig.EditorConfig) 43 | - For visibility of Bracket Pairs: 44 | - Inside Visual Studio Code, add `"editor.bracketPairColorization.enabled": true` to your `settings.json`, to enable bracket pair colorization. 45 | 46 | ## Formatting Guidelines 47 | 48 | The below guidelines should be adhered to whilst contributing to this projects code. 49 | 50 | ## Code Styling 51 | 52 | - Strict `camelCasing` must be used for all elements: 53 | - Symbolic names for: 54 | - Parameters 55 | - Variables 56 | - Resource 57 | - Modules 58 | - Outputs 59 | - All parameters should have a **useful** description 60 | - If relevant parameters should have a default value set. 61 | 62 | ### Resource API Versions 63 | 64 | Each resource must use the latest available, working, API version. If the latest API version cannot be used for any reason, a comment must be placed above the resource in the module file stating why and also called out as part of the PR. 65 | 66 | ## Git Information on Contributing 67 | 68 | To make contributions to this repo you must fork and clone the repo. You can follow the guidance here on how to do this [Fork a repo](https://docs.github.com/get-started/quickstart/fork-a-repo) 69 | 70 | You **will not** be able to create a branch or push directly to this repo. All changes into this repo **must** be made via a Pull Request. This process is documented here: [Contributing to projects](https://docs.github.com/get-started/quickstart/contributing-to-projects) 71 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/FAQ.md: -------------------------------------------------------------------------------- 1 | # Frequently Asked Questions 2 | 3 | ## Will I be charged Azure usage? 4 | 5 | *Yes, this solution will create an Azure VM and you will be charged for VM uptime and Azure Storage.* 6 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/Home.md: -------------------------------------------------------------------------------- 1 | # Welcome to the alz-oracle wiki! 2 | 3 | This wiki documents how to automate the deployment of a virtual machine on Azure that runs a single instance Oracle DB. The solution uses terraform and ansible technologies for automation. 4 | 5 | 6 | 7 | ## Navigation 8 | 9 | - [Wiki Home](./Home.md) 10 | - [What's New](./WhatsNew.md) 11 | - [Step by Step Instructions](../../README.md#step-by-step-instructions) 12 | - [Frequently Asked Questions](./FAQ.md) 13 | - [Contributing](./Contributing.md) 14 | - [Known Issues](./KnownIssues.md) 15 | - [Versioning](./Versioning.md) 16 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/KnownIssues.md: -------------------------------------------------------------------------------- 1 | # Known Issues 2 | 3 | TBD 4 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/REVIEW_INFRA.md: -------------------------------------------------------------------------------- 1 | # Review of the infrastrucure provisioned on Azure 2 | 3 | 4 | 1. Once the Azure infrastructure provisioning via terraform is completed, you will see a new Resource Group in your subscription with the following name convention: 5 | 6 | ``` 7 | rg-oracle-demo-eastus-001 8 | `````` 9 |
10 | 11 | 2. In the resource group you will find a VM called "vm-0": 12 | 13 | 14 | 15 |
16 | 17 | 3. Check the networking for the Azure VM and ensure that the "ssh" port is allowed: 18 | 19 | 20 | 21 |
22 |
23 | 24 | **If you are using a Microsoft tenancy in Azure, then you MUST do the following:** 25 | 26 | 27 | 3.1- Set the SSH port using the Run Command in the VM Operations -> Run Command with: 28 | 29 | echo "Port 2222" >> /etc/ssh/sshd_config 30 |
31 | systemctl restart sshd 32 | 33 |
34 | 35 | 36 |
37 | 38 | 39 |
40 | 41 | 3.2- Update the Blank NSG firewall rule to use port 2222 instead of 22 for SSH 42 | 43 |
44 | 45 |
46 |
47 |
48 | 49 | 50 | 51 | **However, if you are using Azure Cloud Shell without Microsoft tenancy**, you have two options: 52 | 53 | (option 1) You can create an inbound NSG rule as the following: 54 | 55 | 56 | 57 |
58 |
59 | 60 | 61 | (option 2) You can also choose to [enable Just-in-Time access for the VM](https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage) . 62 | 63 |
64 |
65 | 66 | 67 | 4. Finally, copy the public IP address of the VM to use in the future steps. An example is given below. 68 | 69 | 70 | 71 |
72 |
73 |
74 | 75 | 5. Now you can go back to the main [README.md](../../README.md#step-by-step-instructions) file. -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/TERRAFORM.md: -------------------------------------------------------------------------------- 1 | # Provisioning of Azure VM via Terraform 2 | 3 | 4 | 5 | 6 | ### How to deploy single VM for Oracle in the VNET 7 | 8 | In this module, you will deploy single virtual machine in the virtual network. 9 | 10 | 11 | 12 | 13 | 14 | Before using this module, you have to create your own ssh key to deploy and connect the virtual machine you will create. To do so, please follow the steps given below. 15 | 16 | 17 | 18 | 1. Do the following on the compute source: 19 | 20 | ```bash 21 | ssh-keygen -f ~/.ssh/lza-oracle-single-instance 22 | 23 | ls -lha ~/.ssh/ 24 | 25 | -rw------- 1 yourname staff 2.6K 8 17 2023 lza-oracle-single-instance 26 | -rw-r--r-- 1 yourname staff 589B 8 17 2023 lza-oracle-single-instance.pub 27 | ``` 28 | 29 | 2. Next, you go to `terraform/bootstrap/single_instance` directory and create `fixtures.tfvars` file as follows. The contents of the ssh public key that you created in the previous step are copied to the new file. 30 | 31 | 32 | ```bash 33 | cd ~/projects/Oracle-Workloads-for-Azure/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance 34 | cat ~/.ssh/lza-oracle-single-instance.pub > fixtures.tfvars 35 | ``` 36 | 37 | 3. Edit the file and modify it so that the format matches the following. Make sure to include the double quotes. 38 | 39 | ```bash 40 | nano ~/projects/Oracle-Workloads-for-Azure/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/fixtures.tfvars 41 | ``` 42 | 43 | Here is a sample `fixtures.tfvars` file. 44 | 45 | ```tf:fixtures.tfvars 46 | ssh_key = "ssh-rsa xxxxxxxxxxxxxx=" 47 | ``` 48 | 49 | 50 | 51 | 52 | 4. Next, execute below Terraform commands. When you deploy resources to Azure, you have to indicate `fixtures.tfvars` as a variable file, which contains the ssh public key. 53 | 54 | ``` 55 | pwd 56 | 57 | ~/projects/Oracle-Workloads-for-Azure/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance 58 | 59 | terraform init 60 | 61 | terraform plan -var-file=fixtures.tfvars 62 | 63 | terraform apply -var-file=fixtures.tfvars 64 | ``` 65 | 66 | (The "terraform plan" command should only take about 1-2 mins to run. If it takes any longer, interrupt the script and re-run). 67 | 68 | 69 | 70 | (The "terraform apply" command will run for about 8-12 minutes.) 71 | 72 | (When prompted for "Enter a value:" , type in "yes" and press Enter) 73 | 74 | (If using Azure Cloud Shell, remember to activate the Cloud Shell window by pressing Enter as few times, every 15 minutes or so since the shell times out after 20 minutes of inaction.) 75 | 76 | 77 | 5. (OPTIONAL) Finally, you can connect to the virtual machine with ssh private key. While deploying resources, a public ip address is generated and attached to the virtual machine, so that you can connect to the virtual machine with this IP address. The username is `oracle`, which is fixed in `terraform/bootstrap/single_instance/module.tf`. 78 | 79 | ``` 80 | ssh -i ~/.ssh/lza-oracle-single-instance oracle@ 81 | ``` 82 | 83 | 6. Now you can go back to the main [README.md](../../README.md#step-by-step-instructions) file. 84 | 85 | 86 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/TEST.md: -------------------------------------------------------------------------------- 1 | # Testing the final configuration 2 | 3 | 4 | 1. From the compute source (or Azure Cloud Shell), ssh into the Azure VM: 5 | ``` 6 | ssh -i ~/.ssh/lza-oracle-single-instance oracle@ 7 | ``` 8 |
9 | 10 | If you modified SSH port to 2222, do the following instead: 11 | ``` 12 | ssh -i ~/.ssh/lza-oracle-single-instance oracle@ -p 2222 13 | ``` 14 |
15 | 16 | 2. Check the Oracle related environment variables: 17 | ``` 18 | env | grep -i oracle 19 | ``` 20 |
21 | 3. Connect to the database: 22 | 23 | ``` 24 | sqlplus / as sysdba 25 | SQL> show user 26 | ``` 27 |
28 | 29 | 30 | 31 |
32 | 33 | Congratulations!!! Now, you have a functional Oracle DB running on the Azure VM. -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/Versioning.md: -------------------------------------------------------------------------------- 1 | # Versioning for ALZ-Oracle 2 | 3 | The primary deliverable of this repo is a collection of Azure Policy initiatives and associated Azure Policy definitions, and as such is versioned in a manner consistent with the [Azure Policy versioning guidance](https://github.com/Azure/azure-policy/blob/master/built-in-policies/README.md#versioning). 4 | 5 | While this is sufficient for the purposes of individual policies, to further ease adoption of the policies a new release of the repo as a whole will be made available as one or more policies are updated with breaking changes as per the [Azure Policy versioning guidance](https://github.com/Azure/azure-policy/blob/master/built-in-policies/README.md#versioning). 6 | 7 | As new versions are released, update guidance will be provided to allow you to update your existing deployments to the new version. 8 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/docs/wiki/WhatsNew.md: -------------------------------------------------------------------------------- 1 | # What's New 2 | 3 | For information on what's new please refer to the [Releases page](https://github.com/Azure/alz-oracle/releases). 4 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/backend.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | backend "local" {} 3 | } 4 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/images/single_vm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/images/single_vm.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/module.tf: -------------------------------------------------------------------------------- 1 | 2 | 3 | module "common_infrastructure" { 4 | source = "../../../terraform_units/modules/common_infrastructure" 5 | 6 | infrastructure = local.infrastructure 7 | is_diagnostic_settings_enabled = var.is_diagnostic_settings_enabled 8 | diagnostic_target = var.diagnostic_target 9 | tags = var.resourcegroup_tags 10 | } 11 | 12 | module "vm" { 13 | source = "../../../terraform_units/modules/compute" 14 | 15 | subscription_id = module.common_infrastructure.current_subscription.subscription_id 16 | resource_group = module.common_infrastructure.resource_group 17 | vm_name = "vm" 18 | public_key = var.ssh_key 19 | sid_username = "oracle" 20 | nic_id = module.network.nics_oracledb[0].id 21 | vm_sku = var.vm_sku 22 | vm_source_image_reference = var.vm_source_image_reference 23 | 24 | vm_os_disk = var.vm_os_disk 25 | 26 | aad_system_assigned_identity = false 27 | assign_subscription_permissions = true 28 | 29 | is_diagnostic_settings_enabled = module.common_infrastructure.is_diagnostic_settings_enabled 30 | diagnostic_target = module.common_infrastructure.diagnostic_target 31 | storage_account_id = module.common_infrastructure.target_storage_account_id 32 | storage_account_sas_token = module.common_infrastructure.target_storage_account_sas 33 | log_analytics_workspace_id = module.common_infrastructure.log_analytics_workspace_id 34 | eventhub_authorization_rule_id = module.common_infrastructure.eventhub_authorization_rule_id 35 | partner_solution_id = module.common_infrastructure.partner_solution_id 36 | tags = module.common_infrastructure.tags 37 | 38 | role_assignments = { 39 | role_assignment_1 = { 40 | name = "Virtual Machine Contributor" 41 | skip_service_principal_aad_check = false 42 | } 43 | } 44 | } 45 | 46 | module "network" { 47 | source = "../../../terraform_units/modules/network" 48 | 49 | resource_group = module.common_infrastructure.resource_group 50 | is_diagnostic_settings_enabled = module.common_infrastructure.is_diagnostic_settings_enabled 51 | diagnostic_target = module.common_infrastructure.diagnostic_target 52 | storage_account_id = module.common_infrastructure.target_storage_account_id 53 | log_analytics_workspace_id = module.common_infrastructure.log_analytics_workspace_id 54 | eventhub_authorization_rule_id = module.common_infrastructure.eventhub_authorization_rule_id 55 | partner_solution_id = module.common_infrastructure.partner_solution_id 56 | tags = module.common_infrastructure.tags 57 | 58 | role_assignments_nic = { 59 | role_assignment_1 = { 60 | name = "Contributor" 61 | skip_service_principal_aad_check = false 62 | } 63 | } 64 | 65 | role_assignments_pip = { 66 | role_assignment_1 = { 67 | name = "Contributor" 68 | skip_service_principal_aad_check = false 69 | } 70 | } 71 | 72 | role_assignments_nsg = { 73 | role_assignment_1 = { 74 | name = "Contributor" 75 | skip_service_principal_aad_check = false 76 | } 77 | } 78 | 79 | role_assignments_vnet = { 80 | role_assignment_1 = { 81 | name = "Contributor" 82 | skip_service_principal_aad_check = false 83 | } 84 | } 85 | 86 | role_assignments_subnet = { 87 | role_assignment_1 = { 88 | name = "Contributor" 89 | skip_service_principal_aad_check = false 90 | } 91 | } 92 | } 93 | 94 | module "storage" { 95 | source = "../../../terraform_units/modules/storage" 96 | 97 | resource_group = module.common_infrastructure.resource_group 98 | naming = "oracle" 99 | vm = module.vm.vm[0] 100 | tags = module.common_infrastructure.tags 101 | database_disks_options = { 102 | data_disks = var.database_disks_options.data_disks 103 | asm_disks = var.database_disks_options.asm_disks 104 | redo_disks = var.database_disks_options.redo_disks 105 | } 106 | 107 | 108 | role_assignments = { 109 | role_assignment_1 = { 110 | name = "Contributor" 111 | skip_service_principal_aad_check = false 112 | } 113 | } 114 | } 115 | 116 | ######################################################################################### 117 | # # 118 | # JIT Access Policy # 119 | # # 120 | ######################################################################################### 121 | resource "azapi_resource" "jit_ssh_policy" { 122 | count = module.vm.database_server_count 123 | name = "JIT-SSH-Policy" 124 | parent_id = "${module.common_infrastructure.resource_group.id}/providers/Microsoft.Security/locations/${module.common_infrastructure.resource_group.location}" 125 | type = "Microsoft.Security/locations/jitNetworkAccessPolicies@2020-01-01" 126 | schema_validation_enabled = false 127 | body = jsonencode({ 128 | "kind" : "Basic" 129 | "properties" : { 130 | "virtualMachines" : [{ 131 | "id" : "/subscriptions/${module.common_infrastructure.current_subscription.subscription_id}/resourceGroups/${module.common_infrastructure.resource_group.name}/providers/Microsoft.Compute/virtualMachines/${module.vm.vm[0].name}", 132 | "ports" : [ 133 | { 134 | "number" : 22, 135 | "protocol" : "TCP", 136 | "allowedSourceAddressPrefix" : "*", 137 | "maxRequestAccessDuration" : "PT3H" 138 | } 139 | ] 140 | }] 141 | } 142 | }) 143 | 144 | depends_on = [module.vm] 145 | } -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/outputs.tf: -------------------------------------------------------------------------------- 1 | ############################################################################### 2 | # # 3 | # Resource Group # 4 | # # 5 | ############################################################################### 6 | output "resource_group" { 7 | value = module.common_infrastructure.resource_group 8 | } 9 | 10 | output "created_resource_group_id" { 11 | description = "Created resource group ID" 12 | value = module.common_infrastructure.resource_group.id 13 | } 14 | 15 | output "created_resource_group_name" { 16 | description = "Created resource group name" 17 | value = module.common_infrastructure.resource_group.name 18 | } 19 | 20 | output "created_resource_group_subscription_id" { 21 | description = "Created resource group' subscription ID" 22 | value = module.common_infrastructure.resource_group.id 23 | } 24 | 25 | output "created_resource_group_tags" { 26 | description = "Created resource group tags" 27 | value = module.common_infrastructure.tags 28 | } 29 | 30 | ############################################################################### 31 | # # 32 | # Network # 33 | # # 34 | ############################################################################### 35 | output "network_location" { 36 | value = module.network.network_location 37 | } 38 | 39 | output "db_subnet" { 40 | value = module.network.db_subnet 41 | } 42 | 43 | ############################################################################### 44 | # # 45 | # Storage # 46 | # # 47 | ############################################################################### 48 | output "database_data_disks" { 49 | value = module.storage.data_disks 50 | } 51 | 52 | output "database_asm_disks" { 53 | value = module.storage.asm_disks 54 | } 55 | 56 | output "database_redo_disks" { 57 | value = module.storage.redo_disks 58 | } 59 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">=1.2" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = ">=3.11.0, <4.0" 7 | } 8 | azapi = { 9 | source = "Azure/azapi" 10 | version = "=1.8.0" 11 | } 12 | } 13 | } 14 | 15 | provider "azurerm" { 16 | skip_provider_registration = true 17 | features { 18 | resource_group { 19 | prevent_deletion_if_contains_resources = true 20 | } 21 | virtual_machine { 22 | delete_os_disk_on_deletion = true 23 | } 24 | } 25 | } 26 | 27 | provider "azapi" {} 28 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/transform.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | infrastructure = { 3 | region = coalesce(var.location, try(var.infrastructure.region, "")) 4 | resource_group = { 5 | name = try( 6 | coalesce( 7 | var.resourcegroup_name, 8 | try(var.infrastructure.resource_group.name, "") 9 | ), 10 | "" 11 | ) 12 | } 13 | vnet = { 14 | name = try( 15 | coalesce( 16 | local.vnet_oracle_name, 17 | try(var.infrastructure.vnet.name, "") 18 | ), 19 | "" 20 | ) 21 | } 22 | subnet = { 23 | name = try( 24 | coalesce( 25 | local.database_subnet_name, 26 | try(var.infrastructure.subnet.name, "") 27 | ), 28 | "" 29 | ) 30 | } 31 | tags = try( 32 | coalesce( 33 | var.resourcegroup_tags, 34 | try(var.infrastructure.tags, {}) 35 | ), 36 | {} 37 | ) 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/variables.md: -------------------------------------------------------------------------------- 1 | 2 | # Terraform Variable Explanations 3 | 4 | 5 | 1. **[Common Parameters](#common-parameters)** 6 | - [`location`](#location) 7 | - [`resourcegroup_name`](#resourcegroup_name) 8 | - [`resourcegroup_tags`](#resourcegroup_tags) 9 | - [`is_diagnostic_settings_enabled`](#is_diagnostic_settings_enabled) 10 | - [`diagnostic_target`](#diagnostic_target) 11 | - [`infrastructure`](#infrastructure) 12 | 13 | 2. **[Virtual Machine Parameters](#virtual-machine-parameters)** 14 | - [`ssh_key`](#ssh_key) 15 | - [`vm_sku`](#vm_sku) 16 | - [`vm_source_image_reference`](#vm_source_image_reference) 17 | - [`vm_os_disk`](#vm_os_disk) 18 | 19 | 3. **[Database Parameters](#database-parameters)** 20 | - [`database`](#database) 21 | - [`database_disks_options`](#database_disks_options) 22 | - [`database_db_nic_ips`](#database_db_nic_ips) 23 | 24 | 25 | ### `location` 26 | 27 | - **Description:** Defines the Azure location where the resources will be deployed. 28 | - **Type:** String 29 | - **Default Value:** "eastus" 30 | 31 | ### `resourcegroup_name` 32 | 33 | - **Description:** If defined, this variable specifies the name of the resource group into which the resources will be deployed. 34 | - **Default Value:** "" 35 | 36 | ### `resourcegroup_tags` 37 | 38 | - **Description:** Tags to be added to the resource group. 39 | - **Default Value:** {} 40 | 41 | ### `is_diagnostic_settings_enabled` 42 | 43 | - **Description:** Whether diagnostic settings are enabled. 44 | - **Default Value:** false 45 | 46 | ### `diagnostic_target` 47 | 48 | - **Description:** The destination type of the diagnostic settings. Allowed values are "Log_Analytics_Workspace," "Storage_Account," "Event_Hubs," or "Partner_Solutions." 49 | - **Default Value:** "Log_Analytics_Workspace" 50 | 51 | ### `infrastructure` 52 | 53 | - **Description:** Details of the Azure infrastructure to deploy the SAP landscape into. 54 | - **Default Value:** {} 55 | 56 | ## Virtual Machine Parameters 57 | 58 | ### `ssh_key` 59 | 60 | - **Description:** Value of the SSH public key to be used for the virtual machines. 61 | 62 | ### `vm_sku` 63 | 64 | - **Description:** The SKU of the virtual machine. 65 | - **Default Value:** "Standard_D4s_v3" 66 | 67 | ### `vm_source_image_reference` 68 | 69 | - **Description:** The source image reference of the virtual machine. 70 | - **Default Value:** 71 | ```hcl 72 | { 73 | publisher = "Oracle" 74 | offer = "Oracle-Linux" 75 | sku = "79-gen2" 76 | version = "7.9.36" 77 | } 78 | ``` 79 | 80 | ### `vm_os_disk` 81 | 82 | - **Description:** Details of the OS disk, including name, caching, storage account type, disk encryption set, and disk size. 83 | - **Default Value:** 84 | ```hcl 85 | { 86 | name = "osdisk" 87 | caching = "ReadWrite" 88 | storage_account_type = "Premium_LRS" 89 | disk_encryption_set_id = null 90 | disk_size_gb = 128 91 | } 92 | ``` 93 | 94 | ## Database Parameters 95 | 96 | ### `database` 97 | 98 | - **Description:** Details of the database node, including options such as DHCP, authentication type, and data disks. 99 | - **Default Value:** 100 | ```hcl 101 | { 102 | use_DHCP = true 103 | authentication = { 104 | type = "key" 105 | } 106 | data_disks = [ 107 | { 108 | count = 1 109 | caching = "ReadOnly" 110 | create_option = "Empty" 111 | disk_size_gb = 1024 112 | lun = 0 113 | disk_type = "Premium_LRS" 114 | write_accelerator_enabled = false 115 | }, 116 | { 117 | count = 1 118 | caching = "None" 119 | create_option = "Empty" 120 | disk_size_gb = 1024 121 | lun = 1 122 | disk_type = "Premium_LRS" 123 | write_accelerator_enabled = false 124 | } 125 | ] 126 | } 127 | ``` 128 | 129 | ### `database_disks_options` 130 | 131 | - **Description:** Details of the database node's disk options, including data disks, ASM disks, and redo disks. 132 | - **Default Value:** 133 | ```hcl 134 | { 135 | data_disks = [ 136 | { 137 | count = 1 138 | caching = "ReadOnly" 139 | create_option = "Empty" 140 | disk_size_gb = 1024 141 | lun = 20 142 | disk_type = "Premium_LRS" 143 | write_accelerator_enabled = false 144 | } 145 | ], 146 | asm_disks = [ 147 | { 148 | count = 1 149 | caching = "ReadOnly" 150 | create_option = "Empty" 151 | disk_size_gb = 1024 152 | lun = 10 153 | disk_type = "Premium_LRS" 154 | write_accelerator_enabled = false 155 | } 156 | ] 157 | redo_disks = [ 158 | { 159 | count = 1 160 | caching = "None" 161 | create_option = "Empty" 162 | disk_size_gb = 1024 163 | lun = 60 164 | disk_type = "Premium_LRS" 165 | write_accelerator_enabled = false 166 | } 167 | ] 168 | } 169 | ``` 170 | 171 | ### `database_db_nic_ips` 172 | 173 | - **Description:** If provided, the database tier virtual machines will be configured using the specified IPs. 174 | - **Default Value:** [""] -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/variables_global.tf: -------------------------------------------------------------------------------- 1 | ######################################################################################### 2 | # Common parameters # 3 | ######################################################################################### 4 | variable "location" { 5 | description = "Defines the Azure location where the resources will be deployed" 6 | type = string 7 | default = "eastus" 8 | } 9 | 10 | variable "resourcegroup_name" { 11 | description = "If defined, the name of the resource group into which the resources will be deployed" 12 | default = "" 13 | } 14 | 15 | variable "resourcegroup_tags" { 16 | description = "tags to be added to the resource group" 17 | default = {} 18 | } 19 | 20 | variable "is_diagnostic_settings_enabled" { 21 | description = "Whether diagnostic settings are enabled" 22 | default = false 23 | } 24 | 25 | variable "diagnostic_target" { 26 | description = "The destination type of the diagnostic settings" 27 | default = "Log_Analytics_Workspace" 28 | validation { 29 | condition = contains(["Log_Analytics_Workspace", "Storage_Account", "Event_Hubs", "Partner_Solutions"], var.diagnostic_target) 30 | error_message = "Allowed values are Log_Analytics_Workspace, Storage_Account, Event_Hubs, Partner_Solutions" 31 | } 32 | } 33 | 34 | variable "infrastructure" { 35 | description = "Details of the Azure infrastructure to deploy the SAP landscape into" 36 | default = {} 37 | } 38 | 39 | ######################################################################################### 40 | # Virtual Machine parameters # 41 | ######################################################################################### 42 | variable "ssh_key" { 43 | description = "value of the ssh public key to be used for the virtual machines" 44 | } 45 | 46 | variable "vm_sku" { 47 | description = "The SKU of the virtual machine" 48 | default = "Standard_D4s_v3" 49 | } 50 | 51 | variable "vm_source_image_reference" { 52 | description = "The source image reference of the virtual machine" 53 | default = { 54 | publisher = "Oracle" 55 | offer = "Oracle-Linux" 56 | sku = "79-gen2" 57 | version = "7.9.36" 58 | } 59 | } 60 | 61 | variable "vm_os_disk" { 62 | description = "Details of the OS disk" 63 | default = { 64 | name = "osdisk" 65 | caching = "ReadWrite" 66 | storage_account_type = "Premium_LRS" 67 | disk_encryption_set_id = null 68 | disk_size_gb = 128 69 | } 70 | } 71 | 72 | ######################################################################################### 73 | # Database parameters # 74 | ######################################################################################### 75 | variable "database" { 76 | description = "Details of the database node" 77 | default = { 78 | use_DHCP = true 79 | authentication = { 80 | type = "key" 81 | } 82 | data_disks = [ 83 | { 84 | count = 1 85 | caching = "ReadOnly" 86 | create_option = "Empty" 87 | disk_size_gb = 1024 88 | lun = 0 89 | disk_type = "Premium_LRS" 90 | write_accelerator_enabled = false 91 | }, 92 | { 93 | count = 1 94 | caching = "None" 95 | create_option = "Empty" 96 | disk_size_gb = 1024 97 | lun = 1 98 | disk_type = "Premium_LRS" 99 | write_accelerator_enabled = false 100 | } 101 | ] 102 | } 103 | } 104 | 105 | variable "database_disks_options" { 106 | description = "Details of the database node" 107 | default = { 108 | data_disks = [ 109 | { 110 | count = 1 111 | caching = "ReadOnly" 112 | create_option = "Empty" 113 | disk_size_gb = 1024 114 | lun = 20 115 | disk_type = "Premium_LRS" 116 | write_accelerator_enabled = false 117 | } 118 | ], 119 | asm_disks = [ 120 | { 121 | count = 1 122 | caching = "ReadOnly" 123 | create_option = "Empty" 124 | disk_size_gb = 1024 125 | lun = 10 126 | disk_type = "Premium_LRS" 127 | write_accelerator_enabled = false 128 | } 129 | ] 130 | redo_disks = [ 131 | { 132 | count = 1 133 | caching = "None" 134 | create_option = "Empty" 135 | disk_size_gb = 1024 136 | lun = 60 137 | disk_type = "Premium_LRS" 138 | write_accelerator_enabled = false 139 | } 140 | ] 141 | } 142 | } 143 | 144 | variable "database_db_nic_ips" { 145 | description = "If provided, the database tier virtual machines will be configured using the specified IPs" 146 | default = [""] 147 | } 148 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/variables_local.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | vnet_oracle_name = "vnet1" 3 | database_subnet_name = "subnet1" 4 | } 5 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/outputs.tf: -------------------------------------------------------------------------------- 1 | ############################################################################### 2 | # # 3 | # Subscription # 4 | # # 5 | ############################################################################### 6 | output "current_subscription" { 7 | value = data.azurerm_subscription.current 8 | } 9 | 10 | ############################################################################### 11 | # # 12 | # Resource Group # 13 | # # 14 | ############################################################################### 15 | output "resource_group" { 16 | value = data.azurerm_resource_group.rg 17 | } 18 | 19 | output "created_resource_group_id" { 20 | description = "Created resource group ID" 21 | value = data.azurerm_resource_group.rg.id 22 | } 23 | 24 | output "created_resource_group_name" { 25 | description = "Created resource group name" 26 | value = data.azurerm_resource_group.rg.name 27 | } 28 | 29 | output "created_resource_group_subscription_id" { 30 | description = "Created resource group' subscription ID" 31 | value = data.azurerm_resource_group.rg.id 32 | } 33 | 34 | output "is_diagnostic_settings_enabled" { 35 | description = "Whether diagnostic settings are enabled" 36 | value = var.is_diagnostic_settings_enabled 37 | } 38 | 39 | output "target_storage_account_id" { 40 | description = "Storage account ID used for diagnostics" 41 | value = var.is_diagnostic_settings_enabled ? data.azurerm_storage_account.diagnostic[0].id : "" 42 | } 43 | 44 | output "target_storage_account_sas" { 45 | description = "Storage account SAS used for diagnostics" 46 | value = var.is_diagnostic_settings_enabled ? data.azurerm_storage_account_sas.diagnostic[0].sas : "" 47 | } 48 | 49 | output "log_analytics_workspace_id" { 50 | description = "Log Analytics workspace ID" 51 | value = var.is_diagnostic_settings_enabled && var.diagnostic_target == "Log_Analytics_Workspace" ? data.azurerm_log_analytics_workspace.diagnostic[0].id : null 52 | } 53 | 54 | output "eventhub_authorization_rule_id" { 55 | description = "ID of an Event Hub authorization rule" 56 | value = var.is_diagnostic_settings_enabled && var.diagnostic_target == "Event_Hubs" ? azurerm_eventhub_namespace_authorization_rule.diagnostic[0].id : null 57 | } 58 | 59 | output "partner_solution_id" { 60 | description = "Partner solution ID" 61 | value = var.is_diagnostic_settings_enabled && var.diagnostic_target == "Partner_Solutions" ? azurerm_new_relic_monitor.diagnostic[0].id : null 62 | } 63 | 64 | output "diagnostic_target" { 65 | description = "The destination type of the diagnostic settings" 66 | value = var.diagnostic_target 67 | } 68 | 69 | output "tags" { 70 | description = "Tags applied to the resources" 71 | value = var.tags 72 | } -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">=1.2" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = ">=3.11.0, <4.0" 7 | } 8 | azapi = { 9 | source = "Azure/azapi" 10 | version = "=1.8.0" 11 | } 12 | } 13 | } 14 | 15 | provider "azurerm" { 16 | features { 17 | resource_group { 18 | prevent_deletion_if_contains_resources = true 19 | } 20 | virtual_machine { 21 | delete_os_disk_on_deletion = true 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/resource_lock.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_management_lock" "subscription" { 2 | count = length(var.subscription_locks) > 1 && length(try(var.subscription_locks.name, "")) > 0 ? 1 : 0 3 | name = var.subscription_locks.name 4 | scope = data.azurerm_subscription.current.id 5 | lock_level = var.subscription_locks.type 6 | } 7 | 8 | resource "azurerm_management_lock" "resource_group" { 9 | count = length(var.resource_group_locks) > 1 && length(try(var.resource_group_locks.name, "")) > 0 ? 1 : 0 10 | name = var.resource_group_locks.name 11 | scope = data.azurerm_resource_group.rg.id 12 | lock_level = var.resource_group_locks.type 13 | 14 | depends_on = [azurerm_resource_group.rg] 15 | } 16 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/role_assignments.tf: -------------------------------------------------------------------------------- 1 | data "azurerm_client_config" "current" {} 2 | 3 | data "azurerm_role_definition" "builtin" { 4 | for_each = var.role_assignments 5 | name = each.value.name 6 | } 7 | 8 | resource "azurerm_role_assignment" "assignment" { 9 | for_each = var.role_assignments 10 | role_definition_name = data.azurerm_role_definition.builtin[each.key].name 11 | principal_id = data.azurerm_client_config.current.object_id 12 | scope = try(each.value.scope, data.azurerm_subscription.current.id) 13 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, null) 14 | description = try(each.value.description, null) 15 | condition = try(each.value.condition, null) 16 | condition_version = try(each.value.condition_version, null) 17 | } 18 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/variables_global.tf: -------------------------------------------------------------------------------- 1 | variable "infrastructure" {} 2 | 3 | variable "is_diagnostic_settings_enabled" { 4 | description = "Whether diagnostic settings are enabled" 5 | default = false 6 | } 7 | 8 | variable "diagnostic_target" { 9 | description = "The destination type of the diagnostic settings" 10 | default = "Log_Analytics_Workspace" 11 | validation { 12 | condition = contains(["Log_Analytics_Workspace", "Storage_Account", "Event_Hubs", "Partner_Solutions"], var.diagnostic_target) 13 | error_message = "Allowed values are Log_Analytics_Workspace, Storage_Account, Event_Hubs, Partner_Solutions" 14 | } 15 | } 16 | 17 | variable "eventhub_permission" { 18 | description = "Authorization rule permissions for Event Hub" 19 | default = { 20 | listen = true 21 | send = true 22 | manage = true 23 | } 24 | } 25 | 26 | variable "logz_user" { 27 | description = "Logz.io" 28 | default = { 29 | email = "user@example.com" 30 | first_name = "Example" 31 | last_name = "User" 32 | phone_number = "+12313803556" 33 | } 34 | } 35 | 36 | variable "role_assignments" { 37 | description = "Role assignments" 38 | default = {} 39 | } 40 | 41 | variable "subscription_locks" { 42 | type = object({ 43 | name = optional(string, "") 44 | type = optional(string, "CanNotDelete") 45 | }) 46 | default = {} 47 | validation { 48 | condition = contains(["CanNotDelete", "ReadOnly"], var.subscription_locks.type) 49 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly." 50 | } 51 | } 52 | 53 | variable "resource_group_locks" { 54 | type = object({ 55 | name = optional(string, "") 56 | type = optional(string, "CanNotDelete") 57 | }) 58 | default = {} 59 | validation { 60 | condition = contains(["CanNotDelete", "ReadOnly"], var.resource_group_locks.type) 61 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly." 62 | } 63 | } 64 | variable "tags" { 65 | description = "Tags to be added to the resources" 66 | default = {} 67 | } 68 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/variables_local.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | resource_group_exists = length(try(var.infrastructure.resource_group.arm_id, "")) > 0 3 | // If resource ID is specified extract the resourcegroup name from it otherwise read it either from input of create using the naming convention 4 | rg_name = local.resource_group_exists ? ( 5 | try(split("/", var.infrastructure.resource_group.arm_id))[4]) : ( 6 | length(var.infrastructure.resource_group.name) > 0 ? ( 7 | var.infrastructure.resource_group.name) : ( 8 | format("%s-%s-%s-%s-%s", 9 | "rg", 10 | local.prefix, 11 | "demo", 12 | var.infrastructure.region, 13 | "001" 14 | ) 15 | ) 16 | ) 17 | 18 | // Resource group 19 | prefix = "oracle" 20 | 21 | tags = {} 22 | } 23 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/azure_extension_diagnostics_linux_syslogevents.json: -------------------------------------------------------------------------------- 1 | { 2 | "syslogEventConfiguration": { 3 | "LOG_AUTH": "LOG_DEBUG", 4 | "LOG_AUTHPRIV": "LOG_DEBUG", 5 | "LOG_CRON": "LOG_DEBUG", 6 | "LOG_DAEMON": "LOG_DEBUG", 7 | "LOG_FTP": "LOG_DEBUG", 8 | "LOG_KERN": "LOG_DEBUG", 9 | "LOG_LOCAL0": "LOG_DEBUG", 10 | "LOG_LOCAL1": "LOG_DEBUG", 11 | "LOG_LOCAL2": "LOG_DEBUG", 12 | "LOG_LOCAL3": "LOG_DEBUG", 13 | "LOG_LOCAL4": "LOG_DEBUG", 14 | "LOG_LOCAL5": "LOG_DEBUG", 15 | "LOG_LOCAL6": "LOG_DEBUG", 16 | "LOG_LOCAL7": "LOG_DEBUG", 17 | "LOG_LPR": "LOG_DEBUG", 18 | "LOG_MAIL": "LOG_DEBUG", 19 | "LOG_NEWS": "LOG_DEBUG", 20 | "LOG_SYSLOG": "LOG_DEBUG", 21 | "LOG_USER": "LOG_DEBUG", 22 | "LOG_UUCP": "LOG_DEBUG" 23 | } 24 | } -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/outputs.tf: -------------------------------------------------------------------------------- 1 | output "vm" { 2 | value = azurerm_linux_virtual_machine.oracle_vm 3 | } 4 | 5 | output "database_server_count"{ 6 | value = var.database_server_count 7 | } -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">=1.2" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = ">=3.11.0, <4.0" 7 | } 8 | azapi = { 9 | source = "Azure/azapi" 10 | version = "=1.8.0" 11 | } 12 | } 13 | } 14 | 15 | provider "azurerm" { 16 | features { 17 | resource_group { 18 | prevent_deletion_if_contains_resources = true 19 | } 20 | virtual_machine { 21 | delete_os_disk_on_deletion = true 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/resource_lock.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_management_lock" "vm" { 2 | count = length(var.vm_locks) > 1 && length(try(var.vm_locks.name, "")) > 1 ? 1 : 0 3 | name = var.vm_locks.name 4 | scope = data.azurerm_virtual_machine.oracle_vm[0].id 5 | lock_level = var.vm_locks.type 6 | 7 | depends_on = [azurerm_linux_virtual_machine.oracle_vm] 8 | } 9 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/role_assignments.tf: -------------------------------------------------------------------------------- 1 | data "azurerm_client_config" "current" {} 2 | 3 | data "azurerm_role_definition" "builtin" { 4 | for_each = var.role_assignments 5 | name = each.value.name 6 | } 7 | 8 | resource "azurerm_role_assignment" "assignment" { 9 | for_each = var.role_assignments 10 | role_definition_name = data.azurerm_role_definition.builtin[each.key].name 11 | principal_id = data.azurerm_client_config.current.object_id 12 | scope = try(each.value.scope, data.azurerm_virtual_machine.oracle_vm[0].id) 13 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false) 14 | description = try(each.value.description, null) 15 | condition = try(each.value.condition, null) 16 | condition_version = try(each.value.condition_version, null) 17 | } 18 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/variable_global.tf: -------------------------------------------------------------------------------- 1 | variable "database_server_count" { 2 | description = "The number of database servers" 3 | default = 1 4 | } 5 | 6 | variable "vm_name" { 7 | description = "The name of the Oracle VM" 8 | } 9 | 10 | variable "resource_group" { 11 | description = "Details of the resource group" 12 | default = {} 13 | } 14 | 15 | variable "sid_username" { 16 | description = "SDU username" 17 | } 18 | 19 | variable "public_key" { 20 | description = "Public key used for authentication in ssh-rsa format" 21 | } 22 | 23 | # variable "deployer" { 24 | # description = "Details of deployer" 25 | # default = { 26 | # "disk_type" : "Premium_LRS" 27 | # } 28 | # } 29 | 30 | # variable "options" { 31 | # description = "Options for the Oracle deployment" 32 | # default = {} 33 | # } 34 | 35 | variable "database" { 36 | description = "Details of the database node" 37 | default = { 38 | authentication = { 39 | type = "key" 40 | } 41 | } 42 | } 43 | 44 | variable "nic_id" { 45 | description = "value of the nic id" 46 | } 47 | 48 | variable "subscription_id" { 49 | description = "Subscription ID" 50 | } 51 | 52 | variable "assign_subscription_permissions" { 53 | description = "Assign permissions on the subscription" 54 | type = bool 55 | } 56 | 57 | variable "aad_system_assigned_identity" { 58 | description = "AAD system assigned identity" 59 | type = bool 60 | } 61 | 62 | variable "skip_service_principal_aad_check" { 63 | description = "If the principal_id is a newly provisioned `Service Principal` set this value to true to skip the Azure Active Directory check which may fail due to replication lag." 64 | default = true 65 | } 66 | 67 | variable "storage_account_id" { 68 | description = "Storage account ID used for diagnostics" 69 | type = string 70 | default = null 71 | } 72 | 73 | variable "storage_account_sas_token" { 74 | description = "Storage account SAS token used for diagnostics" 75 | type = string 76 | default = null 77 | } 78 | 79 | variable "log_analytics_workspace_id" { 80 | description = "Log Analytics workspace ID" 81 | type = string 82 | default = null 83 | } 84 | 85 | variable "eventhub_authorization_rule_id" { 86 | description = "ID of an Event Hub authorization rule" 87 | type = string 88 | default = null 89 | } 90 | 91 | variable "partner_solution_id" { 92 | description = "Value of the partner solution ID" 93 | default = null 94 | } 95 | 96 | variable "is_diagnostic_settings_enabled" { 97 | description = "Whether diagnostic settings are enabled" 98 | default = false 99 | } 100 | 101 | variable "diagnostic_target" { 102 | description = "The destination type of the diagnostic settings" 103 | default = "Log_Analytics_Workspace" 104 | validation { 105 | condition = contains(["Log_Analytics_Workspace", "Storage_Account", "Event_Hubs", "Partner_Solutions"], var.diagnostic_target) 106 | error_message = "Allowed values are Log_Analytics_Workspace, Storage_Account, Event_Hubs, Partner_Solutions" 107 | } 108 | } 109 | 110 | variable "role_assignments" { 111 | description = "Role assignments" 112 | default = {} 113 | } 114 | 115 | variable "vm_locks" { 116 | type = object({ 117 | name = optional(string, "") 118 | type = optional(string, "CanNotDelete") 119 | }) 120 | default = {} 121 | validation { 122 | condition = contains(["CanNotDelete", "ReadOnly"], var.vm_locks.type) 123 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly." 124 | } 125 | } 126 | variable "tags" { 127 | description = "Tags to be added to the resources" 128 | default = {} 129 | } 130 | 131 | variable "vm_sku"{ 132 | description = "The SKU of the virtual machine" 133 | default = "Standard_D4s_v3" 134 | } 135 | 136 | variable "vm_source_image_reference"{ 137 | description = "The source image reference of the virtual machine" 138 | default = { 139 | publisher = "Oracle" 140 | offer = "Oracle-Linux" 141 | sku = "79-gen2" 142 | version = "7.9.36" 143 | } 144 | } 145 | 146 | variable "vm_os_disk" { 147 | description = "Details of the OS disk" 148 | default = { 149 | name = "osdisk" 150 | caching = "ReadWrite" 151 | storage_account_type = "Premium_LRS" 152 | disk_encryption_set_id = null 153 | disk_size_gb = 128 154 | } 155 | } 156 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/variable_local.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | sid_auth_type = try(var.database.authentication.type, "key") 3 | enable_auth_password = local.sid_auth_type == "password" 4 | enable_auth_key = local.sid_auth_type == "key" 5 | 6 | enable_ultradisk = false 7 | tags = {} 8 | } 9 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/vm.tf: -------------------------------------------------------------------------------- 1 | ######################################################################################### 2 | # # 3 | # Virtual Machine # 4 | # # 5 | ######################################################################################### 6 | resource "azurerm_linux_virtual_machine" "oracle_vm" { 7 | count = var.database_server_count 8 | name = "${var.vm_name}-${count.index}" 9 | location = var.resource_group.location 10 | resource_group_name = var.resource_group.name 11 | 12 | admin_username = var.sid_username 13 | disable_password_authentication = !local.enable_auth_password 14 | 15 | admin_ssh_key { 16 | username = var.sid_username 17 | public_key = var.public_key 18 | } 19 | 20 | source_image_reference { 21 | publisher = var.vm_source_image_reference.publisher 22 | offer = var.vm_source_image_reference.offer 23 | sku = var.vm_source_image_reference.sku 24 | version = var.vm_source_image_reference.version 25 | } 26 | size = var.vm_sku 27 | 28 | os_disk { 29 | name = var.vm_os_disk.name 30 | caching = var.vm_os_disk.caching 31 | storage_account_type = var.vm_os_disk.storage_account_type 32 | disk_encryption_set_id = try(var.vm_os_disk.disk_encryption_set_id, null) 33 | disk_size_gb = var.vm_os_disk.disk_size_gb 34 | } 35 | 36 | network_interface_ids = [var.nic_id] 37 | 38 | 39 | additional_capabilities { 40 | ultra_ssd_enabled = local.enable_ultradisk 41 | } 42 | 43 | identity { 44 | type = var.aad_system_assigned_identity ? "SystemAssigned, UserAssigned" : "UserAssigned" 45 | identity_ids = [azurerm_user_assigned_identity.deployer.id] 46 | } 47 | 48 | tags = merge(local.tags, var.tags) 49 | 50 | lifecycle { 51 | ignore_changes = [ 52 | // Ignore changes to computername 53 | tags, 54 | computer_name 55 | ] 56 | } 57 | } 58 | 59 | data "azurerm_virtual_machine" "oracle_vm" { 60 | count = var.database_server_count 61 | name = "${var.vm_name}-${count.index}" 62 | resource_group_name = var.resource_group.name 63 | 64 | depends_on = [azurerm_linux_virtual_machine.oracle_vm] 65 | } 66 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/vm_role_assignment.tf: -------------------------------------------------------------------------------- 1 | ######################################################################################### 2 | # # 3 | # Role Assignments # 4 | # # 5 | ######################################################################################### 6 | // User defined identity for all Deployers, assign contributor to the current subscription 7 | resource "azurerm_user_assigned_identity" "deployer" { 8 | resource_group_name = var.resource_group.name 9 | location = var.resource_group.location 10 | name = "deployer" 11 | } 12 | 13 | resource "azurerm_role_assignment" "sub_contributor" { 14 | count = var.assign_subscription_permissions && var.aad_system_assigned_identity ? var.database_server_count : 0 15 | scope = "/subscriptions/${var.subscription_id}" 16 | role_definition_name = "Contributor" 17 | principal_id = azurerm_linux_virtual_machine.oracle_vm[count.index].identity[0].principal_id 18 | skip_service_principal_aad_check = var.skip_service_principal_aad_check 19 | } 20 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/diagnostic_settings.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_monitor_diagnostic_setting" "nic" { 2 | count = var.is_diagnostic_settings_enabled ? 1 : 0 3 | name = "nic-${count.index}-diag" 4 | target_resource_id = azurerm_network_interface.oracle_db[count.index].id 5 | storage_account_id = var.diagnostic_target == "Storage_Account" ? var.storage_account_id : null 6 | log_analytics_workspace_id = var.diagnostic_target == "Log_Analytics_Workspace" ? var.log_analytics_workspace_id : null 7 | eventhub_authorization_rule_id = var.diagnostic_target == "Event_Hubs" ? var.eventhub_authorization_rule_id : null 8 | partner_solution_id = var.diagnostic_target == "Partner_Solutions" ? var.partner_solution_id : null 9 | 10 | metric { 11 | category = "AllMetrics" 12 | retention_policy { 13 | enabled = false 14 | } 15 | } 16 | } 17 | 18 | resource "azurerm_monitor_diagnostic_setting" "nsg" { 19 | count = var.is_diagnostic_settings_enabled ? 1 : 0 20 | name = "nsg" 21 | target_resource_id = azurerm_network_security_group.blank.id 22 | storage_account_id = var.diagnostic_target == "Storage_Account" ? var.storage_account_id : null 23 | log_analytics_workspace_id = var.diagnostic_target == "Log_Analytics_Workspace" ? var.log_analytics_workspace_id : null 24 | eventhub_authorization_rule_id = var.diagnostic_target == "Event_Hubs" ? var.eventhub_authorization_rule_id : null 25 | partner_solution_id = var.diagnostic_target == "Partner_Solutions" ? var.partner_solution_id : null 26 | 27 | dynamic "enabled_log" { 28 | for_each = toset(data.azurerm_monitor_diagnostic_categories.nsg[count.index].log_category_types) 29 | content { 30 | category = enabled_log.value 31 | retention_policy { 32 | enabled = false 33 | } 34 | } 35 | } 36 | } 37 | 38 | resource "azurerm_monitor_diagnostic_setting" "pip" { 39 | count = var.is_diagnostic_settings_enabled ? 1 : 0 40 | name = "pip" 41 | target_resource_id = azurerm_public_ip.vm_pip.id 42 | storage_account_id = var.diagnostic_target == "Storage_Account" ? var.storage_account_id : null 43 | log_analytics_workspace_id = var.diagnostic_target == "Log_Analytics_Workspace" ? var.log_analytics_workspace_id : null 44 | eventhub_authorization_rule_id = var.diagnostic_target == "Event_Hubs" ? var.eventhub_authorization_rule_id : null 45 | partner_solution_id = var.diagnostic_target == "Partner_Solutions" ? var.partner_solution_id : null 46 | 47 | dynamic "enabled_log" { 48 | for_each = toset(data.azurerm_monitor_diagnostic_categories.pip[count.index].log_category_types) 49 | content { 50 | category = enabled_log.value 51 | retention_policy { 52 | enabled = false 53 | } 54 | } 55 | } 56 | 57 | metric { 58 | category = "AllMetrics" 59 | retention_policy { 60 | enabled = false 61 | } 62 | } 63 | } 64 | 65 | resource "azurerm_monitor_diagnostic_setting" "vnet" { 66 | count = var.is_diagnostic_settings_enabled ? 1 : 0 67 | name = "vnet" 68 | target_resource_id = azurerm_virtual_network.vnet_oracle[count.index].id 69 | storage_account_id = var.diagnostic_target == "Storage_Account" ? var.storage_account_id : null 70 | log_analytics_workspace_id = var.diagnostic_target == "Log_Analytics_Workspace" ? var.log_analytics_workspace_id : null 71 | eventhub_authorization_rule_id = var.diagnostic_target == "Event_Hubs" ? var.eventhub_authorization_rule_id : null 72 | partner_solution_id = var.diagnostic_target == "Partner_Solutions" ? var.partner_solution_id : null 73 | 74 | dynamic "enabled_log" { 75 | for_each = toset(data.azurerm_monitor_diagnostic_categories.vnet[count.index].log_category_types) 76 | content { 77 | category = enabled_log.value 78 | retention_policy { 79 | enabled = false 80 | } 81 | } 82 | } 83 | 84 | metric { 85 | category = "AllMetrics" 86 | retention_policy { 87 | enabled = false 88 | } 89 | } 90 | } 91 | 92 | data "azurerm_monitor_diagnostic_categories" "nic" { 93 | count = var.is_diagnostic_settings_enabled ? 1 : 0 94 | resource_id = data.azurerm_network_interface.nic[count.index].id 95 | } 96 | 97 | data "azurerm_monitor_diagnostic_categories" "nsg" { 98 | count = var.is_diagnostic_settings_enabled ? 1 : 0 99 | resource_id = data.azurerm_network_security_group.nsg[count.index].id 100 | } 101 | 102 | data "azurerm_monitor_diagnostic_categories" "pip" { 103 | count = var.is_diagnostic_settings_enabled ? 1 : 0 104 | resource_id = data.azurerm_public_ip.pip[count.index].id 105 | } 106 | 107 | data "azurerm_monitor_diagnostic_categories" "vnet" { 108 | count = var.is_diagnostic_settings_enabled ? 1 : 0 109 | resource_id = data.azurerm_virtual_network.vnet[count.index].id 110 | } 111 | 112 | data "azurerm_network_interface" "nic" { 113 | count = 1 114 | name = "oraclevmnic1" 115 | resource_group_name = var.resource_group.name 116 | 117 | depends_on = [azurerm_network_interface.oracle_db] 118 | } 119 | 120 | data "azurerm_network_security_group" "nsg" { 121 | count = 1 122 | name = "blank" 123 | resource_group_name = var.resource_group.name 124 | 125 | depends_on = [azurerm_network_security_group.blank] 126 | } 127 | 128 | data "azurerm_public_ip" "pip" { 129 | count = 1 130 | name = "vmpip" 131 | resource_group_name = var.resource_group.name 132 | 133 | depends_on = [azurerm_public_ip.vm_pip] 134 | } 135 | 136 | data "azurerm_virtual_network" "vnet" { 137 | count = 1 138 | name = local.vnet_oracle_name 139 | resource_group_name = var.resource_group.name 140 | 141 | depends_on = [azurerm_virtual_network.vnet_oracle] 142 | } 143 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/nic.tf: -------------------------------------------------------------------------------- 1 | ######################################################################################### 2 | # # 3 | # NIC # 4 | # # 5 | ######################################################################################### 6 | resource "azurerm_network_interface" "oracle_db" { 7 | count = 1 8 | name = "oraclevmnic1" 9 | 10 | location = var.resource_group.location 11 | resource_group_name = var.resource_group.name 12 | enable_accelerated_networking = true 13 | 14 | dynamic "ip_configuration" { 15 | iterator = pub 16 | for_each = local.database_ips 17 | content { 18 | name = pub.value.name 19 | subnet_id = pub.value.subnet_id 20 | private_ip_address = try(pub.value.nic_ips[count.index], 21 | var.database.use_DHCP ? ( 22 | null) : ( 23 | cidrhost( 24 | data.azurerm_subnet.subnet_oracle[0].address_prefixes[0], 25 | tonumber(count.index) + local.oracle_ip_offsets.oracle_db_vm + pub.value.offset 26 | ) 27 | ) 28 | ) 29 | private_ip_address_allocation = length(try(pub.value.nic_ips[count.index], "")) > 0 ? ( 30 | "Static") : ( 31 | pub.value.private_ip_address_allocation 32 | ) 33 | 34 | public_ip_address_id = azurerm_public_ip.vm_pip.id 35 | 36 | primary = pub.value.primary 37 | } 38 | } 39 | 40 | tags = merge(local.tags, var.tags) 41 | } 42 | 43 | data "azurerm_network_interface" "oracle_db" { 44 | count = 1 45 | name = "oraclevmnic1" 46 | resource_group_name = var.resource_group.name 47 | 48 | depends_on = [azurerm_network_interface.oracle_db] 49 | } 50 | 51 | resource "azurerm_public_ip" "vm_pip" { 52 | name = "vmpip" 53 | location = var.resource_group.location 54 | resource_group_name = var.resource_group.name 55 | allocation_method = "Dynamic" 56 | 57 | tags = merge(local.tags, var.tags) 58 | } 59 | 60 | data "azurerm_public_ip" "vm_pip" { 61 | name = "vmpip" 62 | resource_group_name = var.resource_group.name 63 | 64 | depends_on = [azurerm_public_ip.vm_pip] 65 | } 66 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/nsg.tf: -------------------------------------------------------------------------------- 1 | ######################################################################################### 2 | # # 3 | # Network Security Group # 4 | # # 5 | ######################################################################################### 6 | resource "azurerm_network_security_group" "blank" { 7 | name = "blank" 8 | location = var.resource_group.location 9 | resource_group_name = var.resource_group.name 10 | 11 | tags = merge(local.tags, var.tags) 12 | } 13 | 14 | resource "azurerm_subnet_network_security_group_association" "ssh" { 15 | subnet_id = azurerm_subnet.subnet_oracle[0].id 16 | network_security_group_id = azurerm_network_security_group.blank.id 17 | } 18 | 19 | data "azurerm_network_security_group" "blank" { 20 | name = "blank" 21 | resource_group_name = var.resource_group.name 22 | 23 | depends_on = [azurerm_network_security_group.blank] 24 | } 25 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/outputs.tf: -------------------------------------------------------------------------------- 1 | ############################################################################### 2 | # # 3 | # Network # 4 | # # 5 | ############################################################################### 6 | output "network_location" { 7 | value = data.azurerm_virtual_network.vnet_oracle[0].location 8 | } 9 | 10 | output "db_subnet" { 11 | value = data.azurerm_subnet.subnet_oracle[0] 12 | } 13 | 14 | output "nics_oracledb" { 15 | value = azurerm_network_interface.oracle_db 16 | } 17 | 18 | output "db_server_ips" { 19 | value = azurerm_network_interface.oracle_db[*].private_ip_addresses[0] 20 | } 21 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">=1.2" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = ">=3.11.0, <4.0" 7 | } 8 | azapi = { 9 | source = "Azure/azapi" 10 | version = "=1.8.0" 11 | } 12 | } 13 | } 14 | 15 | provider "azurerm" { 16 | features { 17 | resource_group { 18 | prevent_deletion_if_contains_resources = true 19 | } 20 | virtual_machine { 21 | delete_os_disk_on_deletion = true 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/resource_lock.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_management_lock" "nic" { 2 | count = length(var.nic_locks) > 1 && length(try(var.nic_locks.name, "")) > 0 ? 1 : 0 3 | name = var.nic_locks.name 4 | scope = data.azurerm_network_interface.oracle_db[0].id 5 | lock_level = var.nic_locks.type 6 | 7 | depends_on = [azurerm_network_interface.oracle_db] 8 | } 9 | 10 | resource "azurerm_management_lock" "nsg" { 11 | count = length(var.nsg_locks) > 1 && length(try(var.nsg_locks.name, "")) > 0 ? 1 : 0 12 | name = var.nsg_locks.name 13 | scope = data.azurerm_network_security_group.blank.id 14 | lock_level = var.nsg_locks.type 15 | 16 | depends_on = [azurerm_network_security_group.blank] 17 | } 18 | 19 | resource "azurerm_management_lock" "vnet" { 20 | count = length(var.vnet_locks) > 1 && length(try(var.vnet_locks.name, "")) > 0 ? 1 : 0 21 | name = var.vnet_locks.name 22 | scope = data.azurerm_virtual_network.vnet_oracle[0].id 23 | lock_level = var.vnet_locks.type 24 | 25 | depends_on = [azurerm_virtual_network.vnet_oracle] 26 | } 27 | 28 | resource "azurerm_management_lock" "subnet" { 29 | count = length(var.subnet_locks) > 1 && length(try(var.subnet_locks.name, "")) > 0 ? 1 : 0 30 | name = var.subnet_locks.name 31 | scope = data.azurerm_subnet.subnet_oracle[0].id 32 | lock_level = var.subnet_locks.type 33 | 34 | depends_on = [azurerm_subnet.subnet_oracle] 35 | } 36 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/role_assignments.tf: -------------------------------------------------------------------------------- 1 | data "azurerm_client_config" "current" {} 2 | 3 | data "azurerm_role_definition" "nic" { 4 | for_each = var.role_assignments_nic 5 | name = each.value.name 6 | } 7 | 8 | data "azurerm_role_definition" "pip" { 9 | for_each = var.role_assignments_pip 10 | name = each.value.name 11 | } 12 | 13 | data "azurerm_role_definition" "nsg" { 14 | for_each = var.role_assignments_nsg 15 | name = each.value.name 16 | } 17 | 18 | data "azurerm_role_definition" "vnet" { 19 | for_each = var.role_assignments_vnet 20 | name = each.value.name 21 | } 22 | 23 | data "azurerm_role_definition" "subnet" { 24 | for_each = var.role_assignments_subnet 25 | name = each.value.name 26 | } 27 | 28 | 29 | resource "azurerm_role_assignment" "nic" { 30 | for_each = var.role_assignments_nic 31 | role_definition_name = data.azurerm_role_definition.nic[each.key].name 32 | principal_id = data.azurerm_client_config.current.object_id 33 | scope = try(each.value.scope, data.azurerm_network_interface.oracle_db[0].id) 34 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false) 35 | description = try(each.value.description, null) 36 | condition = try(each.value.condition, null) 37 | condition_version = try(each.value.condition_version, null) 38 | } 39 | 40 | resource "azurerm_role_assignment" "pip" { 41 | for_each = var.role_assignments_pip 42 | role_definition_name = data.azurerm_role_definition.pip[each.key].name 43 | principal_id = data.azurerm_client_config.current.object_id 44 | scope = try(each.value.scope, data.azurerm_public_ip.vm_pip.id) 45 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false) 46 | description = try(each.value.description, null) 47 | condition = try(each.value.condition, null) 48 | condition_version = try(each.value.condition_version, null) 49 | } 50 | 51 | resource "azurerm_role_assignment" "nsg" { 52 | for_each = var.role_assignments_nsg 53 | role_definition_name = data.azurerm_role_definition.nsg[each.key].name 54 | principal_id = data.azurerm_client_config.current.object_id 55 | scope = try(each.value.scope, data.azurerm_network_security_group.blank.id) 56 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false) 57 | description = try(each.value.description, null) 58 | condition = try(each.value.condition, null) 59 | condition_version = try(each.value.condition_version, null) 60 | } 61 | 62 | resource "azurerm_role_assignment" "vnet" { 63 | for_each = var.role_assignments_vnet 64 | role_definition_name = data.azurerm_role_definition.vnet[each.key].name 65 | principal_id = data.azurerm_client_config.current.object_id 66 | scope = try(each.value.scope, data.azurerm_virtual_network.vnet_oracle[0].id) 67 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false) 68 | description = try(each.value.description, null) 69 | condition = try(each.value.condition, null) 70 | condition_version = try(each.value.condition_version, null) 71 | } 72 | 73 | resource "azurerm_role_assignment" "subnet" { 74 | for_each = var.role_assignments_subnet 75 | role_definition_name = data.azurerm_role_definition.subnet[each.key].name 76 | principal_id = data.azurerm_client_config.current.object_id 77 | scope = try(each.value.scope, data.azurerm_subnet.subnet_oracle[0].id) 78 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false) 79 | description = try(each.value.description, null) 80 | condition = try(each.value.condition, null) 81 | condition_version = try(each.value.condition_version, null) 82 | } 83 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/subnet.tf: -------------------------------------------------------------------------------- 1 | ######################################################################################### 2 | # # 3 | # Subnet # 4 | # # 5 | ######################################################################################### 6 | resource "azurerm_subnet" "subnet_oracle" { 7 | count = local.subnet_oracle_exists ? 0 : 1 8 | name = local.database_subnet_name 9 | resource_group_name = var.resource_group.name 10 | virtual_network_name = data.azurerm_virtual_network.vnet_oracle[count.index].name 11 | address_prefixes = [local.database_subnet_prefix] 12 | } 13 | 14 | data "azurerm_subnet" "subnet_oracle" { 15 | count = local.subnet_oracle_exists ? 0 : 1 16 | name = local.database_subnet_name 17 | resource_group_name = var.resource_group.name 18 | virtual_network_name = data.azurerm_virtual_network.vnet_oracle[count.index].name 19 | 20 | depends_on = [azurerm_subnet.subnet_oracle] 21 | } 22 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/variables_global.tf: -------------------------------------------------------------------------------- 1 | variable "resource_group" { 2 | description = "Details of the resource group" 3 | default = {} 4 | } 5 | 6 | variable "database_nic_ips" { 7 | description = "If provided, the database tier virtual machines will be configured using the specified IPs" 8 | default = [""] 9 | } 10 | 11 | variable "database" { 12 | description = "Details of the database node" 13 | default = { 14 | use_DHCP = true 15 | authentication = { 16 | type = "key" 17 | } 18 | } 19 | } 20 | 21 | variable "database_nic_secondary_ips" { 22 | description = "If provided, the database tier virtual machines will be configured using the specified IPs as secondary IPs" 23 | default = [""] 24 | } 25 | 26 | variable "database_server_count" { 27 | description = "The number of database servers" 28 | default = 1 29 | } 30 | 31 | variable "use_secondary_ips" { 32 | description = "Defines if secondary IPs are used for the SAP Systems virtual machines" 33 | default = false 34 | } 35 | 36 | variable "diagnostic_target" { 37 | description = "The destination type of the diagnostic settings" 38 | default = "Log_Analytics_Workspace" 39 | validation { 40 | condition = contains(["Log_Analytics_Workspace", "Storage_Account", "Event_Hubs", "Partner_Solutions"], var.diagnostic_target) 41 | error_message = "Allowed values are Log_Analytics_Workspace, Storage_Account, Event_Hubs, Partner_Solutions" 42 | } 43 | } 44 | 45 | variable "storage_account_id" { 46 | description = "Storage account ID used for diagnostics" 47 | type = string 48 | default = null 49 | } 50 | 51 | variable "log_analytics_workspace_id" { 52 | description = "Log Analytics workspace ID" 53 | type = string 54 | default = null 55 | } 56 | 57 | variable "eventhub_authorization_rule_id" { 58 | description = "ID of an Event Hub authorization rule" 59 | type = string 60 | default = null 61 | } 62 | 63 | variable "partner_solution_id" { 64 | description = "Value of the partner solution ID" 65 | default = null 66 | } 67 | 68 | variable "is_diagnostic_settings_enabled" { 69 | description = "Whether diagnostic settings are enabled" 70 | default = false 71 | } 72 | 73 | variable "role_assignments_nic" { 74 | description = "Role assignments scoped to the network interface" 75 | default = {} 76 | } 77 | 78 | variable "role_assignments_pip" { 79 | description = "Role assignments scoped to the public IP address" 80 | default = {} 81 | } 82 | 83 | variable "role_assignments_nsg" { 84 | description = "Role assignments scoped to the network security group" 85 | default = {} 86 | } 87 | 88 | variable "role_assignments_vnet" { 89 | description = "Role assignments scoped to the virtual network" 90 | default = {} 91 | } 92 | 93 | variable "role_assignments_subnet" { 94 | description = "Role assignments scoped to the subnet" 95 | default = {} 96 | } 97 | 98 | variable "nic_locks" { 99 | type = object({ 100 | name = optional(string, "") 101 | type = optional(string, "CanNotDelete") 102 | }) 103 | default = {} 104 | validation { 105 | condition = contains(["CanNotDelete", "ReadOnly"], var.nic_locks.type) 106 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly." 107 | } 108 | } 109 | 110 | variable "nsg_locks" { 111 | type = object({ 112 | name = optional(string, "") 113 | type = optional(string, "CanNotDelete") 114 | }) 115 | default = {} 116 | validation { 117 | condition = contains(["CanNotDelete", "ReadOnly"], var.nsg_locks.type) 118 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly." 119 | } 120 | } 121 | 122 | variable "vnet_locks" { 123 | type = object({ 124 | name = optional(string, "") 125 | type = optional(string, "CanNotDelete") 126 | }) 127 | default = {} 128 | validation { 129 | condition = contains(["CanNotDelete", "ReadOnly"], var.vnet_locks.type) 130 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly." 131 | } 132 | } 133 | 134 | variable "subnet_locks" { 135 | type = object({ 136 | name = optional(string, "") 137 | type = optional(string, "CanNotDelete") 138 | }) 139 | default = {} 140 | validation { 141 | condition = contains(["CanNotDelete", "ReadOnly"], var.subnet_locks.type) 142 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly." 143 | } 144 | } 145 | variable "tags" { 146 | description = "Tags to be added to the resources" 147 | default = {} 148 | } 149 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/variables_local.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | vnet_oracle_name = "vnet1" 3 | database_subnet_name = "subnet1" 4 | vnet_oracle_addr = "10.0.0.0/16" 5 | database_subnet_prefix = "10.0.0.0/24" 6 | 7 | vnet_oracle_arm_id = try(local.vnet_oracle_name.arm_id, "") 8 | vnet_oracle_exists = length(local.vnet_oracle_arm_id) > 0 9 | subnet_oracle_arm_id = try(local.database_subnet_name.arm_id, "") 10 | subnet_oracle_exists = length(local.subnet_oracle_arm_id) > 0 11 | 12 | database_ips = (var.use_secondary_ips) ? ( 13 | flatten(concat(local.database_primary_ips, local.database_secondary_ips))) : ( 14 | local.database_primary_ips 15 | ) 16 | 17 | // Subnet IP Offsets 18 | // Note: First 4 IP addresses in a subnet are reserved by Azure 19 | oracle_ip_offsets = { 20 | oracle_vm = 5 + 1 21 | } 22 | 23 | database_primary_ips = [ 24 | { 25 | name = "IPConfig1" 26 | subnet_id = data.azurerm_subnet.subnet_oracle[0].id 27 | nic_ips = var.database_nic_ips 28 | private_ip_address_allocation = var.database.use_DHCP ? "Dynamic" : "Static" 29 | offset = 0 30 | primary = true 31 | } 32 | ] 33 | 34 | database_secondary_ips = [ 35 | { 36 | name = "IPConfig2" 37 | subnet_id = data.azurerm_subnet.subnet_oracle[0].id 38 | nic_ips = var.database_nic_secondary_ips 39 | private_ip_address_allocation = var.database.use_DHCP ? "Dynamic" : "Static" 40 | offset = var.database_server_count 41 | primary = false 42 | } 43 | ] 44 | 45 | tags = {} 46 | } 47 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/network/vnet.tf: -------------------------------------------------------------------------------- 1 | ######################################################################################### 2 | # # 3 | # Virtual Network # 4 | # # 5 | ######################################################################################### 6 | resource "azurerm_virtual_network" "vnet_oracle" { 7 | count = local.vnet_oracle_exists ? 0 : 1 8 | name = local.vnet_oracle_name 9 | resource_group_name = var.resource_group.name 10 | location = var.resource_group.location 11 | address_space = [local.vnet_oracle_addr] 12 | 13 | tags = merge(local.tags, var.tags) 14 | } 15 | 16 | data "azurerm_virtual_network" "vnet_oracle" { 17 | count = local.vnet_oracle_exists ? 0 : 1 18 | name = local.vnet_oracle_name 19 | resource_group_name = var.resource_group.name 20 | 21 | depends_on = [azurerm_virtual_network.vnet_oracle] 22 | } 23 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/data_disk.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_managed_disk" "data_disk" { 2 | count = length(local.data_disks) 3 | name = "${var.naming}-data-${count.index}" 4 | location = var.resource_group.location 5 | resource_group_name = var.resource_group.name 6 | storage_account_type = var.disk_type 7 | create_option = local.data_disks[count.index].create_option 8 | disk_size_gb = local.data_disks[count.index].disk_size_gb 9 | 10 | tags = merge(local.tags, var.tags) 11 | } 12 | 13 | resource "azurerm_managed_disk" "asm_disk" { 14 | count = length(local.asm_disks) 15 | name = "${var.naming}-asm-${count.index}" 16 | location = var.resource_group.location 17 | resource_group_name = var.resource_group.name 18 | storage_account_type = var.disk_type 19 | create_option = local.asm_disks[count.index].create_option 20 | disk_size_gb = local.asm_disks[count.index].disk_size_gb 21 | 22 | tags = merge(local.tags, var.tags) 23 | } 24 | 25 | resource "azurerm_managed_disk" "redo_disk" { 26 | count = length(local.redo_disks) 27 | name = "${var.naming}-redo-${count.index}" 28 | location = var.resource_group.location 29 | resource_group_name = var.resource_group.name 30 | storage_account_type = var.disk_type 31 | create_option = local.redo_disks[count.index].create_option 32 | disk_size_gb = local.redo_disks[count.index].disk_size_gb 33 | 34 | tags = merge(local.tags, var.tags) 35 | } 36 | 37 | resource "azurerm_virtual_machine_data_disk_attachment" "data_disk_attachment" { 38 | count = length(local.data_disks) 39 | managed_disk_id = azurerm_managed_disk.data_disk[count.index].id 40 | virtual_machine_id = var.vm.id 41 | caching = local.data_disks[count.index].caching 42 | write_accelerator_enabled = local.data_disks[count.index].write_accelerator_enabled 43 | lun = local.data_disks[count.index].lun 44 | } 45 | 46 | resource "azurerm_virtual_machine_data_disk_attachment" "asm_disk_attachment" { 47 | count = length(local.asm_disks) 48 | managed_disk_id = azurerm_managed_disk.asm_disk[count.index].id 49 | virtual_machine_id = var.vm.id 50 | caching = local.asm_disks[count.index].caching 51 | write_accelerator_enabled = local.asm_disks[count.index].write_accelerator_enabled 52 | lun = local.asm_disks[count.index].lun 53 | } 54 | 55 | resource "azurerm_virtual_machine_data_disk_attachment" "redo_disk_attachment" { 56 | count = length(local.redo_disks) 57 | managed_disk_id = azurerm_managed_disk.redo_disk[count.index].id 58 | virtual_machine_id = var.vm.id 59 | caching = local.redo_disks[count.index].caching 60 | write_accelerator_enabled = local.redo_disks[count.index].write_accelerator_enabled 61 | lun = local.redo_disks[count.index].lun 62 | } 63 | 64 | data "azurerm_managed_disk" "data_disk" { 65 | count = length(local.data_disks) 66 | name = azurerm_managed_disk.data_disk[count.index].name 67 | resource_group_name = var.resource_group.name 68 | } 69 | 70 | data "azurerm_managed_disk" "asm_disk" { 71 | count = length(local.asm_disks) 72 | name = azurerm_managed_disk.asm_disk[count.index].name 73 | resource_group_name = var.resource_group.name 74 | } 75 | 76 | data "azurerm_managed_disk" "redo_disk" { 77 | count = length(local.redo_disks) 78 | name = azurerm_managed_disk.redo_disk[count.index].name 79 | resource_group_name = var.resource_group.name 80 | } 81 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/outputs.tf: -------------------------------------------------------------------------------- 1 | output "data_disks" { 2 | value = local.data_disks 3 | } 4 | 5 | output "asm_disks" { 6 | value = local.asm_disks 7 | } 8 | 9 | output "redo_disks" { 10 | value = local.redo_disks 11 | } -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">=1.2" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = ">=3.11.0, <4.0" 7 | } 8 | azapi = { 9 | source = "Azure/azapi" 10 | version = "=1.8.0" 11 | } 12 | } 13 | } 14 | 15 | provider "azurerm" { 16 | features { 17 | resource_group { 18 | prevent_deletion_if_contains_resources = true 19 | } 20 | virtual_machine { 21 | delete_os_disk_on_deletion = true 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/resource_lock.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_management_lock" "data_disk" { 2 | count = length(var.data_disk_locks) > 1 && length(try(var.data_disk_locks.name, "")) > 1 ? 1 : 0 3 | name = var.data_disk_locks.name 4 | scope = data.azurerm_managed_disk.data_disk[0].id 5 | lock_level = var.data_disk_locks.type 6 | 7 | depends_on = [azurerm_managed_disk.data_disk] 8 | } 9 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/role_assignments.tf: -------------------------------------------------------------------------------- 1 | data "azurerm_client_config" "current" {} 2 | 3 | data "azurerm_role_definition" "builtin" { 4 | for_each = var.role_assignments 5 | name = each.value.name 6 | } 7 | 8 | resource "azurerm_role_assignment" "assignment" { 9 | for_each = var.role_assignments 10 | role_definition_name = data.azurerm_role_definition.builtin[each.key].name 11 | principal_id = data.azurerm_client_config.current.object_id 12 | scope = try(each.value.scope, data.azurerm_managed_disk.data_disk[0].id) 13 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false) 14 | description = try(each.value.description, null) 15 | condition = try(each.value.condition, null) 16 | condition_version = try(each.value.condition_version, null) 17 | } 18 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/variables_global.tf: -------------------------------------------------------------------------------- 1 | variable "naming" { 2 | description = "Defines the names for the resources" 3 | } 4 | 5 | variable "vm" { 6 | description = "Virtual machine name" 7 | } 8 | 9 | variable "resource_group" { 10 | description = "Details of the resource group" 11 | default = {} 12 | } 13 | 14 | variable "disk_type" { 15 | description = "The type of the storage account" 16 | default = "Premium_LRS" 17 | validation { 18 | condition = contains(["Standard_LRS", "StandardSSD_ZRS", "Premium_LRS", "PremiumV2_LRS", "Premium_ZRS", "StandardSSD_LRS", "UltraSSD_LRS"], var.disk_type) 19 | error_message = "Allowed values are Standard_LRS, StandardSSD_ZRS, Premium_LRS, PremiumV2_LRS, Premium_ZRS, StandardSSD_LRS, UltraSSD_LRS" 20 | } 21 | } 22 | 23 | variable "database_disks_options" { 24 | description = "Details of the database node" 25 | default = { 26 | data_disks = [ 27 | { 28 | count = 1 29 | caching = "ReadOnly" 30 | create_option = "Empty" 31 | disk_size_gb = 1024 32 | lun = 20 33 | disk_type = "Premium_LRS" 34 | write_accelerator_enabled = false 35 | } 36 | ], 37 | asm_disks = [ 38 | { 39 | count = 1 40 | caching = "ReadOnly" 41 | create_option = "Empty" 42 | disk_size_gb = 1024 43 | lun = 10 44 | disk_type = "Premium_LRS" 45 | write_accelerator_enabled = false 46 | } 47 | ] 48 | redo_disks = [ 49 | { 50 | count = 1 51 | caching = "None" 52 | create_option = "Empty" 53 | disk_size_gb = 1024 54 | lun = 60 55 | disk_type = "Premium_LRS" 56 | write_accelerator_enabled = false 57 | } 58 | ] 59 | } 60 | } 61 | 62 | variable "role_assignments" { 63 | description = "Role assignments" 64 | default = {} 65 | } 66 | 67 | variable "data_disk_locks" { 68 | type = object({ 69 | name = optional(string, "") 70 | type = optional(string, "CanNotDelete") 71 | }) 72 | default = {} 73 | validation { 74 | condition = contains(["CanNotDelete", "ReadOnly"], var.data_disk_locks.type) 75 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly." 76 | } 77 | } 78 | variable "tags" { 79 | description = "Tags to be added to the resources" 80 | default = {} 81 | } 82 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/variables_local.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | data_disks = flatten( 3 | [ 4 | for disk in var.database_disks_options.data_disks : [ 5 | for i in range(0, disk.count) : { 6 | name = "${var.vm.name}-datadisk${i}" 7 | caching = disk.caching 8 | create_option = disk.create_option 9 | disk_size_gb = disk.disk_size_gb 10 | lun = disk.lun + i 11 | managed_disk_type = disk.disk_type 12 | storage_account_type = disk.disk_type 13 | write_accelerator_enabled = disk.write_accelerator_enabled 14 | } 15 | ] 16 | ] 17 | ) 18 | asm_disks = flatten( 19 | [ 20 | for disk in var.database_disks_options.asm_disks : [ 21 | for i in range(0, disk.count) : { 22 | name = "${var.vm.name}-asmdisk${i}" 23 | caching = disk.caching 24 | create_option = disk.create_option 25 | disk_size_gb = disk.disk_size_gb 26 | lun = disk.lun + i 27 | managed_disk_type = disk.disk_type 28 | storage_account_type = disk.disk_type 29 | write_accelerator_enabled = disk.write_accelerator_enabled 30 | } 31 | ] 32 | ] 33 | ) 34 | redo_disks = flatten( 35 | [ 36 | for disk in var.database_disks_options.redo_disks : [ 37 | for i in range(0, disk.count) : { 38 | name = "${var.vm.name}-redodisk${i}" 39 | caching = disk.caching 40 | create_option = disk.create_option 41 | disk_size_gb = disk.disk_size_gb 42 | lun = disk.lun + i 43 | managed_disk_type = disk.disk_type 44 | storage_account_type = disk.disk_type 45 | write_accelerator_enabled = disk.write_accelerator_enabled 46 | } 47 | ] 48 | ] 49 | ) 50 | tags = {} 51 | } 52 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Microsoft Open Source Code of Conduct 2 | 3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). 4 | 5 | Resources: 6 | 7 | - [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/) 8 | - [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) 9 | - Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns 10 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/SECURITY.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ## Security 4 | 5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet) and [Xamarin](https://github.com/xamarin). 6 | 7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below. 8 | 9 | ## Reporting Security Issues 10 | 11 | **Please do not report security vulnerabilities through public GitHub issues.** 12 | 13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/security.md/msrc/create-report). 14 | 15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/security.md/msrc/pgp). 16 | 17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 18 | 19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: 20 | 21 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) 22 | * Full paths of source file(s) related to the manifestation of the issue 23 | * The location of the affected source code (tag/branch/commit or direct URL) 24 | * Any special configuration required to reproduce the issue 25 | * Step-by-step instructions to reproduce the issue 26 | * Proof-of-concept or exploit code (if possible) 27 | * Impact of the issue, including how an attacker might exploit the issue 28 | 29 | This information will help us triage your report more quickly. 30 | 31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/security.md/msrc/bounty) page for more details about our active programs. 32 | 33 | ## Preferred Languages 34 | 35 | We prefer all communications to be in English. 36 | 37 | ## Policy 38 | 39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd). 40 | 41 | 42 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/SUPPORT.md: -------------------------------------------------------------------------------- 1 | # Support 2 | 3 | ## How to file issues and get help 4 | 5 | This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates. For new issues, file your bug or feature request as a new Issue. 6 | 7 | Issues can be created and searched through for existing issues here: [https://github.com/Azure/alz-monitor/issues](https://github.com/Azure/alz-monitor/issues) 8 | 9 | Please provide as much information as possible when filing an issue. Include screenshots or correlation IDs if possible (please redact any sensitive information). 10 | 11 | For instructions on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id). 12 | 13 | We may ask you to create an Azure support request once we have triaged the issue following the process documented [here](https://docs.microsoft.com/azure/azure-portal/supportability/how-to-create-azure-support-request) 14 | 15 | ## Microsoft Support Policy 16 | 17 | If issues are encountered when deploying the policies contained in this repo users will be able to engage Microsoft support via their usual channels. Please provide correlation IDs where possible when contacting support to be able to investigate the issue effectively and in a timely fashion. For instructions on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id). 18 | 19 | Following list of issues are within the scope of Microsoft support: 20 | 21 | - Underlying Resource or Resource Provider issues when deploying policies for any deployment failures. 22 | 23 | Any issues that are deemed outside of the above list by Microsoft support and/or requires bugfix in the module or code in the repo, Microsoft support will redirect user to file the issue on GitHub. 24 | 25 | Project maintainers and community aim to get issues resolved in timely fashion as per community support policy of this repo. 26 | 27 | ## Community Support Policy 28 | 29 | Project maintainers will aim to respond within 3 business days to get a meaningful response for any new issues, however, whilst in preview this may sometimes be a little longer. 30 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/lab-images/media/image1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image1.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/lab-images/media/image2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image2.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/lab-images/media/image3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image3.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/lab-images/media/image4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image4.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/lab-images/media/image5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image5.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/lab-images/media/image6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image6.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/lab-images/media/image7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image7.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab3/lab-images/media/image8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image8.png -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/customscript.bicep: -------------------------------------------------------------------------------- 1 | @description('VM Name') 2 | param vmName string 3 | 4 | @description('Script Name') 5 | param scriptName string 6 | 7 | @description('Script Content') 8 | param scriptContent string 9 | 10 | @description('The Azure location .') 11 | param location string = resourceGroup().location 12 | 13 | // Run the supplied custom script 14 | resource runCustomScript 'Microsoft.Compute/virtualMachines/extensions@2023-07-01' = { 15 | name: '${vmName}/${scriptName}' 16 | // dependsOn: [deleteExistingExtension] 17 | location: location 18 | properties: { 19 | publisher: 'Microsoft.Azure.Extensions' 20 | type: 'CustomScript' 21 | 22 | typeHandlerVersion: '2.1' 23 | protectedSettings:{ 24 | script: scriptContent 25 | } 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/dep.sh: -------------------------------------------------------------------------------- 1 | az group delete --name oragroup --yes 2 | az group create --resource-group oragroup --location centralindia 3 | az deployment group create --resource-group oragroup --template-file main.bicep --parameters main.bicepparam -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/main.bicep: -------------------------------------------------------------------------------- 1 | @description('Username for the Virtual Machine.') 2 | param adminUsername string 3 | 4 | @description('SSH key for the Virtual Machine.') 5 | param sshKey string 6 | 7 | @description('Location for all resources.') 8 | param location string = resourceGroup().location 9 | 10 | @description('The size of the VM') 11 | param vmSize string = 'Standard_D4ds_v5' 12 | 13 | @description('The size of the Observer VM') 14 | param observerVMSize string = 'Standard_D2ds_v5' 15 | 16 | @description('Name of the VNET') 17 | param virtualNetworkName string = 'vNet' 18 | 19 | @description('Name of the subnet in the virtual network') 20 | param dbSubnetName string = 'Subnet' 21 | 22 | @description('Name of the Network Security Group') 23 | param networkSecurityGroupName string = 'SecGroupNet' 24 | 25 | @description('Primary Oracle SID') 26 | param primaryOracleSid string = 'oradb01' 27 | 28 | @description('Secondary Oracle SID') 29 | param secondaryOracleSid string = 'oradb02' 30 | 31 | @description('Primary VM name') 32 | param primaryVMName string = 'primary' 33 | 34 | @description('Secondary VM name') 35 | param secondaryVMName string = 'secondary' 36 | 37 | @description('Observer VM name') 38 | param observerVMName string = 'observer' 39 | 40 | @description('Oracle SYS password') 41 | @secure() 42 | param oracleSysPassword string 43 | 44 | @description('Oracle Mount directory') 45 | param oracleMountDirectory string = '/u02' 46 | 47 | var subnetAddressPrefix = '10.1.0.0/24' 48 | var addressPrefix = '10.1.0.0/16' 49 | 50 | var primaryvmscript = loadTextContent('primary.sh') 51 | var secondaryvmscript = loadTextContent('secondary.sh') 52 | var observervmscript = loadTextContent('observer.sh') 53 | 54 | 55 | resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-01' = { 56 | name: networkSecurityGroupName 57 | location: location 58 | properties: { 59 | securityRules: [ 60 | { 61 | name: 'SSH' 62 | properties: { 63 | priority: 1000 64 | protocol: 'Tcp' 65 | access: 'Allow' 66 | direction: 'Inbound' 67 | sourceAddressPrefix: '*' 68 | sourcePortRange: '*' 69 | destinationAddressPrefix: '*' 70 | destinationPortRange: '22' 71 | } 72 | } 73 | ] 74 | } 75 | } 76 | 77 | resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = { 78 | name: virtualNetworkName 79 | location: location 80 | properties: { 81 | addressSpace: { 82 | addressPrefixes: [ 83 | addressPrefix 84 | ] 85 | } 86 | } 87 | } 88 | 89 | resource subnet 'Microsoft.Network/virtualNetworks/subnets@2023-04-01' = { 90 | parent: virtualNetwork 91 | name: dbSubnetName 92 | properties: { 93 | addressPrefix: subnetAddressPrefix 94 | privateEndpointNetworkPolicies: 'Enabled' 95 | privateLinkServiceNetworkPolicies: 'Enabled' 96 | } 97 | } 98 | module primary './oravm.bicep' = { 99 | name: 'primary' 100 | params: { 101 | vmName: primaryVMName 102 | location: location 103 | adminUsername: adminUsername 104 | sshKey: sshKey 105 | subnetid: subnet.id 106 | networksecuritygroupid: networkSecurityGroup.id 107 | avZone: '1' 108 | vmSize: vmSize 109 | } 110 | } 111 | 112 | 113 | module secondary './oravm.bicep' = { 114 | name: 'secondary' 115 | params: { 116 | vmName: secondaryVMName 117 | location: location 118 | adminUsername: adminUsername 119 | sshKey: sshKey 120 | subnetid: subnet.id 121 | networksecuritygroupid: networkSecurityGroup.id 122 | avZone: '2' 123 | vmSize: vmSize 124 | } 125 | } 126 | 127 | module observer './oravm.bicep' = { 128 | name: 'observer' 129 | params: { 130 | vmName: observerVMName 131 | location: location 132 | adminUsername: adminUsername 133 | sshKey: sshKey 134 | subnetid: subnet.id 135 | networksecuritygroupid: networkSecurityGroup.id 136 | avZone: '2' 137 | vmSize: observerVMSize 138 | } 139 | } 140 | 141 | // Setup parameters to be passed to script 142 | var varFile = loadTextContent('variables.txt') 143 | var scriptVariables = replace(replace(replace(replace(replace(replace(replace(varFile,'',primaryOracleSid), '', secondaryOracleSid),'', primaryVMName),'',secondaryVMName),'',observerVMName),'',oracleSysPassword),'',oracleMountDirectory) 144 | 145 | 146 | //Configure Primary database VM, after all components are provisioned 147 | module vmonescript 'customscript.bicep' = { 148 | name: 'vmonescript' 149 | dependsOn: [primary,secondary,observer] 150 | params: { 151 | scriptName: 'primary1' 152 | vmName: primary.name 153 | location: location 154 | scriptContent: base64(replace(primaryvmscript,'#',scriptVariables)) 155 | } 156 | } 157 | 158 | //Configure secondary database VM, after primary VM is configured successfully 159 | module vmtwoscript 'customscript.bicep' = { 160 | name: 'vmtwoscript' 161 | dependsOn: [vmonescript] 162 | params: { 163 | scriptName: 'secondary1' 164 | vmName: secondary.name 165 | location: location 166 | scriptContent: base64(replace(secondaryvmscript,'#',scriptVariables)) 167 | } 168 | } 169 | 170 | //Configure observer VM, after primary and secondary VM are configured successfully 171 | module vmthreescript 'customscript.bicep' = { 172 | name: 'vmthreescript' 173 | dependsOn: [vmtwoscript] 174 | params: { 175 | scriptName: 'observer1' 176 | vmName: observer.name 177 | location: location 178 | scriptContent: base64(replace(observervmscript,'#',scriptVariables)) 179 | } 180 | } 181 | 182 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/main.bicepparam: -------------------------------------------------------------------------------- 1 | using 'main.bicep' 2 | param adminUsername='bala' 3 | param sshKey='ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeCq3pYt6uTuIKv8nreycCgwsvLQFEJ0q7WPswOckhaG87kxopxXfXbGiMbbgcgVDg+0UIWZB6ZTspFHR5pS/U6CeJzPFQ8C6iI3Evip4jqyaQ1uY87mjMZGWKa+OAgK7gmzWCZmXNcQ1Mmd/hJrQCQGHah3HiPWl1j96s6nxoI4dW6MKggdC2WFWVxIAGLYqWMndMOGVRfiYPv3c2jliTnvZK/KJgJV4vu8+BbpvsIbqhJDx4ONk+9KfYLb/pA9QlJFVBki5VUlYDo565JNclS5Y5Qu0/tbwIOj06Gr4kUy/CgrFFnReykT7+OXbjyPD7O6s+2yzK+H5UZFtHuzlRfJGwqfG9jk/5EPhnyW5eb/tO07icSjVnfdCncTspjZMnwEbHwF4ksYQKM45ArHLHKAXB+uExpoqBysHS5hXLCwG2NclwlC6Lsm+BOacdFwFWMCTGEsGf36c6eMQexnr2U0WnH7qxrJBjxyqwCLeWWQslw297kU/2IvuTWpDoMqM= bala@stormbringer' 4 | param oracleSysPassword='oracleA1' 5 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/observer.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Script to configure observer database VM 3 | echo '---------------------------------------------------------------------' 4 | echo 'Configure Data guard replication settings, start the observer ' 5 | echo '---------------------------------------------------------------------' 6 | echo 7 | echo 8 | sudo -E su - oracle <<"SUEOF" 9 | #!/bin/bash 10 | 11 | # 12 | 13 | export ORACLE_SID=${_primaryOraSid} 14 | export ORACLE_HOME=${_oraHome} 15 | export PATH=${_oraHome}/bin:${PATH} 16 | export TNS_ADMIN=${_oraHome}/network/admin 17 | 18 | 19 | echo Modify tnsnames.ora 20 | cat >> ${TNS_ADMIN}/tnsnames.ora << TNSHERE 21 | 22 | ${_primaryOraSid}= 23 | (DESCRIPTION = (FAILOVER = ON)(LOAD_BALANCE = OFF) 24 | (ADDRESS_LIST = 25 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521)) 26 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521)) 27 | ) 28 | (CONNECT_DATA = 29 | (SERVICE_NAME = PRIMARY) 30 | (SERVER = DEDICATED) 31 | ) 32 | ) 33 | 34 | ${_primaryOraSid}_dgmgrl = 35 | (DESCRIPTION = 36 | (ADDRESS_LIST = 37 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521)) 38 | ) 39 | (CONNECT_DATA = 40 | (SERVER = DEDICATED) 41 | (SERVICE_NAME = ${_primaryOraSid}_dgmgrl) 42 | ) 43 | ) 44 | 45 | ${_stdbyOraSid}_dgmgrl = 46 | (DESCRIPTION = 47 | (ADDRESS_LIST = 48 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521)) 49 | ) 50 | (CONNECT_DATA = 51 | (SERVER = DEDICATED) 52 | (SERVICE_NAME = ${_stdbyOraSid}_dgmgrl) 53 | ) 54 | ) 55 | 56 | ${_primaryOraSid}_taf = 57 | (DESCRIPTION = 58 | (FAILOVER = ON) 59 | (LOAD_BALANCE = OFF) 60 | (ADDRESS_LIST = 61 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521)) 62 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521)) 63 | ) 64 | (CONNECT_DATA = 65 | (SERVICE_NAME = PRIMARY) 66 | (FAILOVER_MODE = 67 | (TYPE = SELECT) 68 | (METHOD = BASIC) 69 | (RETRIES = 300) 70 | (DELAY = 1) 71 | ) 72 | ) 73 | ) 74 | 75 | TNSHERE 76 | 77 | echo Starting Data guard configuration 78 | export ORACLE_SID=${_primaryOraSid} 79 | dgmgrl sys/${_oraSysPwd}@${_primaryOraSid}_dgmgrl << __EOF__ 80 | 81 | create configuration 'FSF' as primary database is ${_primaryOraSid} connect identifier is ${_primaryOraSid}_dgmgrl; 82 | add database ${_stdbyOraSid} as connect identifier is ${_stdbyOraSid}_dgmgrl maintained as physical; 83 | 84 | edit database ${_primaryOraSid} set property LogXptMode='SYNC'; 85 | edit database ${_primaryOraSid} set property NetTimeout=10; 86 | edit database ${_stdbyOraSid} set property LogXptMode='SYNC'; 87 | edit database ${_stdbyOraSid} set property NetTimeout=10; 88 | 89 | enable configuration; 90 | host sleep 10 91 | show configuration 92 | enable fast_start failover; 93 | host sleep 10 94 | 95 | __EOF__ 96 | 97 | echo Create a script to launch the observer 98 | cat >> /home/oracle/observer_start.sh << _CAT_ 99 | #!/bin/bash 100 | # This script is used to start the Observer in the background. 101 | 102 | export ORACLE_SID=${_primaryOraSid} 103 | dgmgrl << STEOF 104 | connect sys/${_oraSysPwd}@${_primaryOraSid}_dgmgrl 105 | show configuration 106 | show fast_start failover 107 | start observer 108 | STEOF 109 | 110 | _CAT_ 111 | 112 | echo Run the observer script in background 113 | chmod +x /home/oracle/observer_start.sh 114 | nohup /home/oracle/observer_start.sh > /home/oracle/observer.log 2>/home/oracle/observer.err & 115 | 116 | echo "Observer has been started." 117 | 118 | SUEOF 119 | 120 | echo '---------------------------------------------------------------------' 121 | echo 'All complete. ' 122 | echo '---------------------------------------------------------------------' 123 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/oravm.bicep: -------------------------------------------------------------------------------- 1 | @description('The name of you Virtual Machine.') 2 | param vmName string = 'oravm' 3 | 4 | @description('Username for the Virtual Machine.') 5 | param adminUsername string 6 | 7 | @description('SSH key for the Virtual Machine.') 8 | param sshKey string 9 | 10 | @description('The size of the VM') 11 | param vmSize string = 'Standard_D2ds_v5' 12 | 13 | @description('Availability zone') 14 | param avZone string = '1' 15 | 16 | @description('Location for all resources.') 17 | param location string = resourceGroup().location 18 | 19 | @description('Unique DNS Name for the Public IP used to access the Virtual Machine.') 20 | param dnsLabelPrefix string = toLower('${vmName}-${uniqueString(resourceGroup().id)}') 21 | 22 | @description('Resource ID of the subnet in the virtual network') 23 | param subnetid string = 'Subnet' 24 | 25 | @description('Name of the Network Security Group') 26 | param networksecuritygroupid string = 'SecGroupNet' 27 | 28 | 29 | var publicIPAddressName = '${vmName}PublicIP' 30 | var networkInterfaceName = '${vmName}NetInt' 31 | var oracleImageReference = { 32 | publisher: 'oracle' 33 | offer: 'oracle-database-19-3' 34 | sku: 'oracle-database-19-0904' 35 | version: 'latest' 36 | } 37 | 38 | var sshConfiguration = { 39 | disablePasswordAuthentication: true 40 | ssh: { 41 | publicKeys: [ 42 | { 43 | path: '/home/${adminUsername}/.ssh/authorized_keys' 44 | keyData: sshKey 45 | } 46 | ] 47 | } 48 | } 49 | 50 | 51 | resource networkInterface 'Microsoft.Network/networkInterfaces@2023-04-01' = { 52 | name: networkInterfaceName 53 | location: location 54 | 55 | properties: { 56 | enableAcceleratedNetworking: true 57 | ipConfigurations: [ 58 | { 59 | name: 'ipconfig1' 60 | properties: { 61 | subnet: { 62 | id: subnetid 63 | } 64 | privateIPAllocationMethod: 'Dynamic' 65 | publicIPAddress: { 66 | id: publicIPAddress.id 67 | } 68 | } 69 | } 70 | ] 71 | networkSecurityGroup: { 72 | id: networksecuritygroupid 73 | } 74 | } 75 | } 76 | 77 | resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2023-04-01' = { 78 | name: publicIPAddressName 79 | location: location 80 | sku: { 81 | name: 'Standard' 82 | } 83 | zones:[avZone] 84 | properties: { 85 | publicIPAllocationMethod: 'Static' 86 | publicIPAddressVersion: 'IPv4' 87 | dnsSettings: { 88 | domainNameLabel: dnsLabelPrefix 89 | } 90 | idleTimeoutInMinutes: 4 91 | } 92 | } 93 | 94 | resource vm 'Microsoft.Compute/virtualMachines@2023-03-01' = { 95 | name: vmName 96 | location: location 97 | zones: [avZone] 98 | identity: { 99 | type: 'SystemAssigned' 100 | } 101 | properties: { 102 | 103 | hardwareProfile: { 104 | vmSize: vmSize 105 | } 106 | storageProfile: { 107 | dataDisks: [ 108 | { 109 | caching: 'None' 110 | createOption: 'Empty' 111 | deleteOption: 'Delete' 112 | diskSizeGB: 128 113 | lun: 1 114 | managedDisk: { 115 | storageAccountType: 'Premium_LRS' 116 | } 117 | } 118 | ] 119 | osDisk: { 120 | createOption: 'FromImage' 121 | managedDisk: { 122 | storageAccountType: 'Premium_LRS' 123 | } 124 | } 125 | imageReference: oracleImageReference 126 | } 127 | networkProfile: { 128 | networkInterfaces: [ 129 | { 130 | id: networkInterface.id 131 | } 132 | ] 133 | } 134 | osProfile: { 135 | computerName: vmName 136 | adminUsername: adminUsername 137 | linuxConfiguration: sshConfiguration 138 | } 139 | 140 | } 141 | } 142 | 143 | output vmManagedidentity string = vm.identity.principalId 144 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/readme.md: -------------------------------------------------------------------------------- 1 | # Lab 4: Implement High Availability for Oracle on Azure Using DataGuard 2 | 3 | This is a (partial) adaptation of the Oracle Data guard implementation avavilable here, converted into Bicep/Azure Resource Manager templates: 4 | https://github.com/Azure/Oracle-Workloads-for-Azure/tree/main/oradg 5 | 6 | This template deploys the following resources: 7 | 8 | - Primary Oracle Database VM with a data disk 9 | - Secondary Oracle Database VM with a data disk 10 | - Observer VM 11 | 12 | ## Bicep Modules: 13 | 14 | - Main.bicep : this is the driver script for deploying resources 15 | - Oravm.bicep : this module includes the resources for creating the VM such as Public-IP , Data disk etc, and also creates the VM resource based on Oracle Marketplace image. 16 | - Customscript.bicep : this module wrips custom script execution on the respective VM 17 | 18 | ## Sequence of operations: 19 | 20 | - Provisioning of VMs 21 | - Primary DB VM configuration (primary.sh) 22 | - File system creation 23 | - Oracle DB creation and configuration 24 | - Modifying Oracle config files incouding tnsnames.ora and listener.ora 25 | - Disable VM firewall (such that replication can happen between primary and secondary) 26 | - Secondary DB VM configuration (secondary.sh) 27 | - File system creation 28 | - Create Oracle duplicate DB through DBCA 29 | - Modifying Oracle config files including tnsnames.ora and listener.ora 30 | - Observer VM configuration (observer.sh) 31 | - Data Guard configuration 32 | - Fast Start failover configuration 33 | - Start of Observer component 34 | 35 | ## Prerequisites 36 | 37 | - A valid Azure subscription with at least contributor privileges 38 | - Quota available for atleast 10 vCPUs (4 each for Primary and secondary, 2 for Observer) in the selected azure region. The default VM SKU is Standard_D4ds_v5 for Primary/Secondary, and Standard_D2ds_v5 for observer. Any other General purpose series of similar configuration can be substituted - such as Ddsv4, Dasv4 or Dasv5 39 | - Latest Azure CLI installed 40 | - Bicep CLI 0.14.85 or later (upgrade with "az bicep upgrade") 41 | - A valid ssh key pair. https://learn.microsoft.com/en-us/azure/virtual-machines/linux/mac-create-ssh-keys 42 | 43 | ## How to deploy the template 44 | 45 | - Clone this repo 46 | 47 | ```powershell 48 | git clone https://github.com/Azure/Oracle-Workloads-for-Azure.git 49 | ``` 50 | 51 | - Modify the main.bicepparam file and update adminusername for the Oracle VM, and the ssh public key. The public key should be in ~/.ssh/id_rsa.pub by default. 52 | 53 | - If the VM size needs to be customized, add a parameter for VMsize in main.bicepparam. example: 54 | 55 | ```powershell 56 | param vmSize = 'Standard_D4ds_v4' 57 | ``` 58 | 59 | - Login to Azure CLI (if not in Cloud shell) 60 | 61 | - Deploy a resource group in your preferred region, where quota is available 62 | 63 | ```powershell 64 | az group create --resource-group oragroup --location centralindia 65 | ``` 66 | 67 | - Deploy the template using the following command 68 | 69 | ```powershell 70 | az deployment group create --resource-group oragroup --template-file main.bicep --parameters main.bicepparam 71 | ``` 72 | 73 | - Deployment progress can be viewed in Azure Portal. (Portal -> Resource group -> Deployments). Custom script logs are written in each VM by default to the directory: /var/lib/waagent/custom-script/download/0/ . The complete deployment should take about ~20 mins. 74 | 75 | ## How to verify the deployment 76 | 77 | - Verify if template deployment is fully successful, without any errors. 78 | - Login to the Observer node, using ssh. Please note that if JIT policy is enabled on your VM automatically, you have to Request access before running ssh. 79 | 80 | ```powershell 81 | ssh @ 82 | ``` 83 | 84 | - Sudo into the Oracle account 85 | 86 | ```powershell 87 | sudo su - oracle 88 | ``` 89 | 90 | - Run Data guard command line utility. Messages similar to following will be displayed 91 | 92 | ```powershell 93 | [oracle@observer ~]$ dgmgrl sys/oracleA1@oradb01_dgmgrl 94 | DGMGRL for Linux: Release 19.0.0.0.0 - Production on Sun Oct 15 16:03:04 2023 95 | Version 19.3.0.0.0 96 | 97 | Copyright (c) 1982, 2019, Oracle and/or its affiliates. All rights reserved. 98 | 99 | Welcome to DGMGRL, type "help" for information. 100 | Connected to "oradb01" 101 | Connected as SYSDBA. 102 | ``` 103 | 104 | - Run 'show configuration' command in DG command line utility 105 | 106 | ```powershell 107 | DGMGRL> show configuration; 108 | 109 | Configuration - FSF 110 | 111 | Protection Mode: MaxAvailability 112 | Members: 113 | oradb01 - Primary database 114 | oradb02 - (*) Physical standby database 115 | 116 | Fast-Start Failover: Enabled in Zero Data Loss Mode 117 | 118 | Configuration Status: 119 | SUCCESS (status updated 43 seconds ago) 120 | 121 | DGMGRL> 122 | ``` 123 | 124 | Output similar to above should be displayed. This means that Data guard has been deployed, with Fast-start Failover enabled and set to Maximum availability. 125 | 126 | ## Scenarios 127 | 128 | Following are instructions for testing switchover, failover capabilities 129 | 130 | [Scenarios](scenarios.md) 131 | 132 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/secondary.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Script to configure secondary database VM 3 | 4 | echo '---------------------------------------------------------------------' 5 | echo 'Create the replica database, configure the DB, modify TNS entries ' 6 | echo '---------------------------------------------------------------------' 7 | echo 8 | echo 9 | echo 'Creating file systems ...' 10 | export datadisk=`lsscsi | grep "^\[[0-9]:[0-9]:[0-9]:1.*" | awk -F' ' '{print $NF}'` 11 | export datadiskdevice=`echo "${datadisk}1"` 12 | export datadiskpattern=`echo ${datadisk} | cut -d'/' -f3` 13 | /usr/sbin/parted ${datadisk} mklabel gpt 14 | /usr/sbin/parted -a opt ${datadisk} mkpart primary xfs 0% 100% 15 | mkdir /u02 16 | /usr/sbin/mkfs.xfs ${datadiskdevice} 17 | mount ${datadiskdevice} /u02 18 | mkdir /u02/oradata /u02/orarecv 19 | chown oracle:oinstall /u02 -R 20 | diskuuid=`ls -l /dev/disk/by-uuid | grep ${datadiskpattern} | awk '{i=NF-2;print $i}'` 21 | mntopts=`sudo mount | grep u02 | awk '{print $NF}' | sed 's/(//' | sed 's/)//'` 22 | echo UUID=$diskuuid /u02 xfs $mntopts 0 0 >> /etc/fstab 23 | echo 'Finished creating file systems' 24 | echo 'disable firewall' 25 | systemctl stop firewalld 26 | systemctl disable firewalld 27 | 28 | 29 | sudo -E su - oracle <<"SUEOF" 30 | #!/bin/bash 31 | 32 | # 33 | 34 | export ORACLE_SID=${_primaryOraSid} 35 | export ORACLE_HOME=${_oraHome} 36 | export PATH=${_oraHome}/bin:${PATH} 37 | export TNS_ADMIN=${_oraHome}/network/admin 38 | 39 | 40 | echo Modify tnsnames.ora 41 | cat >> ${TNS_ADMIN}/tnsnames.ora << TNSHERE 42 | 43 | ${_primaryOraSid}= 44 | (DESCRIPTION = (FAILOVER = ON)(LOAD_BALANCE = OFF) 45 | (ADDRESS_LIST = 46 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521)) 47 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521)) 48 | ) 49 | (CONNECT_DATA = 50 | (SERVICE_NAME = PRIMARY) 51 | (SERVER = DEDICATED) 52 | ) 53 | ) 54 | 55 | ${_primaryOraSid}_${_vmNbr1}= 56 | (DESCRIPTION = 57 | (ADDRESS_LIST = 58 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521)) 59 | ) 60 | (CONNECT_DATA = 61 | (SERVICE_NAME = ${_primaryOraSid}_${_vmNbr1}) 62 | (SERVER = DEDICATED) 63 | ) 64 | ) 65 | 66 | ${_stdbyOraSid}_${_vmNbr2}= 67 | (DESCRIPTION = 68 | (ADDRESS_LIST = 69 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521)) 70 | ) 71 | (CONNECT_DATA = 72 | (SERVICE_NAME = ${_stdbyOraSid}_${_vmNbr2}) 73 | (SERVER = DEDICATED) 74 | ) 75 | ) 76 | 77 | ${_primaryOraSid}_dgmgrl = 78 | (DESCRIPTION = 79 | (ADDRESS_LIST = 80 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521)) 81 | ) 82 | (CONNECT_DATA = 83 | (SERVER = DEDICATED) 84 | (SERVICE_NAME = ${_primaryOraSid}_dgmgrl) 85 | ) 86 | ) 87 | 88 | ${_stdbyOraSid}_dgmgrl = 89 | (DESCRIPTION = 90 | (ADDRESS_LIST = 91 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521)) 92 | ) 93 | (CONNECT_DATA = 94 | (SERVER = DEDICATED) 95 | (SERVICE_NAME = ${_stdbyOraSid}_dgmgrl) 96 | ) 97 | ) 98 | 99 | ${_primaryOraSid}_taf = 100 | (DESCRIPTION = 101 | (FAILOVER = ON) 102 | (LOAD_BALANCE = OFF) 103 | (ADDRESS_LIST = 104 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521)) 105 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521)) 106 | ) 107 | (CONNECT_DATA = 108 | (SERVICE_NAME = PRIMARY) 109 | (FAILOVER_MODE = 110 | (TYPE = SELECT) 111 | (METHOD = BASIC) 112 | (RETRIES = 300) 113 | (DELAY = 1) 114 | ) 115 | ) 116 | ) 117 | 118 | TNSHERE 119 | 120 | echo create standby database 121 | dbca -silent -createDuplicateDB \ 122 | -gdbName ${_primaryOraSid} \ 123 | -sysPassword ${_oraSysPwd} \ 124 | -sid ${_stdbyOraSid} \ 125 | -createAsStandby \ 126 | -dbUniqueName ${_stdbyOraSid} \ 127 | -primaryDBConnectionString ${_vmName1}.${_vmDomain}:${_oraLsnrPort}/${_primaryOraSid} 128 | 129 | echo create the Listener.ora config in Secondary 130 | cat >> ${_oraHome}/network/admin/listener.ora << EOF 131 | SID_LIST_${_oraLsnr}= 132 | (SID_LIST = 133 | (SID_DESC = 134 | (GLOBAL_DBNAME = ${_stdbyOraSid}_dgmgrl) 135 | (ORACLE_HOME = ${_oraHome}) 136 | (SID_NAME = ${_stdbyOraSid}) 137 | ) 138 | ) 139 | EOF 140 | lsnrctl reload ${_oraLsnr} 141 | 142 | export ORACLE_SID=${_stdbyOraSid} 143 | sqlplus -S / as sysdba << __EOF__ 144 | 145 | ALTER SYSTEM SET SERVICE_NAMES='${_stdbyOraSid}','${_stdbyOraSid}_dgmgrl' SCOPE=BOTH; 146 | ALTER SYSTEM SET LOG_ARCHIVE_CONFIG='DG_CONFIG=${_primaryOraSid}' SCOPE=BOTH; 147 | ALTER DATABASE SET STANDBY DATABASE TO MAXIMIZE AVAILABILITY; 148 | ALTER DATABASE FLASHBACK ON; 149 | 150 | __EOF__ 151 | 152 | SUEOF 153 | 154 | echo '---------------------------------------------------------------------' 155 | echo 'All complete. ' 156 | echo '---------------------------------------------------------------------' 157 | -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/lab4/variables.txt: -------------------------------------------------------------------------------- 1 | export _primaryOraSid="" 2 | export _stdbyOraSid="" 3 | export _oraHome="/u01/app/oracle/product/19.0.0/dbhome_1" 4 | export _oraInvDir="/u01/app/oraInventory" 5 | export _oraOsAcct="oracle" 6 | export _oraOsGroup="oinstall" 7 | export _oraCharSet="WE8ISO8859P15" 8 | export _oraMntDir="" 9 | export _oraDataDir="${_oraMntDir}/oradata" 10 | export _oraFRADir="${_oraMntDir}/orarecv" 11 | export _oraSysPwd="" 12 | export _oraRedoSizeMB=500 13 | export _oraLsnr="LISTENER" 14 | export _oraLsnrPort=1521 15 | export _vmName1="" 16 | export _vmName2="" 17 | export _vmName3="" 18 | export _vmNbr1="vm01" 19 | export _vmNbr2="vm02" 20 | export _vmNbr3="vm03" 21 | export _vmDomain="internal.cloudapp.net" -------------------------------------------------------------------------------- /levelup-oracle-on-iaas/readme.md: -------------------------------------------------------------------------------- 1 | # LevelUp: Oracle on IaaS 2 | 3 | Lab Instructions 4 | 5 | - [Lab 1: Capacity Planning](./lab1/readme.md) 6 | - [Lab 2: Deploying Oracle Landing Zone](./lab2/README.md) 7 | - [Lab 3: Integrate Oracle Backups with Azure Backup](./lab3/readme.md) 8 | - [Lab 4: Implement High Availability for Oracle on Azure Using DataGuard](./lab4/readme.md) 9 | -------------------------------------------------------------------------------- /omat/media/data-awr-details.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/data-awr-details.png -------------------------------------------------------------------------------- /omat/media/data-summary-by-db.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/data-summary-by-db.png -------------------------------------------------------------------------------- /omat/media/recommendations-filters.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/recommendations-filters.png -------------------------------------------------------------------------------- /omat/media/recommendations-storage.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/recommendations-storage.png -------------------------------------------------------------------------------- /omat/media/recommendations-vms.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/recommendations-vms.png -------------------------------------------------------------------------------- /omat/media/settings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/settings.png -------------------------------------------------------------------------------- /omat/readme: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /omat/setup.ps1: -------------------------------------------------------------------------------- 1 | #New-Item -ItemType Directory -Force -Path C:\OMAT | Out-Null;Set-Location C:\OMAT;Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser;Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/master/omat/setup.ps1 -OutFile .\setup.ps1;Unblock-File -Path .\setup.ps1;.\setup.ps1 2 | #New-Item -ItemType Directory -Force -Path C:\OMAT | Out-Null;Set-Location C:\OMAT;Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser;Invoke-WebRequest -Uri https://raw.githubusercontent.com/onderyildirim/Oracle-Workloads-for-Azure/onderyildirim-omat-tool-update/omat/setup.ps1 -OutFile .\setup.ps1;Unblock-File -Path .\setup.ps1;.\setup.ps1 3 | 4 | 5 | Write-Host "Downloading omat.ps1" 6 | Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/master/omat/omat.ps1 -OutFile .\omat.ps1 7 | Write-Host "Unblocking omat.ps1" 8 | Unblock-File -Path .\omat.ps1 9 | Write-Host "Downloading template.xlsm" 10 | Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/master/omat/template.xlsm -OutFile .\template.xlsm 11 | Write-Host "Unblocking template.xlsm" 12 | Unblock-File -Path .\template.xlsm 13 | 14 | $azCmd=Get-Command -Name 'az' -ErrorAction SilentlyContinue 15 | 16 | if($null -eq $azCmd) { 17 | Write-Host "Azure CLI is not found." 18 | Write-Host "Downloading Azure CLI." 19 | Invoke-WebRequest -Uri https://aka.ms/installazurecliwindows -OutFile .\AzureCLI.msi 20 | Write-Host "Installing Azure CLI." 21 | Start-Process msiexec.exe -Wait -ArgumentList '/I AzureCLI.msi /quiet' 22 | Write-Host "Cleanup Azure CLI install files." 23 | Remove-Item .\AzureCLI.msi 24 | } 25 | else 26 | { 27 | Write-Host "Azure CLI found." 28 | Write-Host (az --version 2>$null)[0] 29 | } 30 | 31 | -------------------------------------------------------------------------------- /omat/template.xlsm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/template.xlsm -------------------------------------------------------------------------------- /oravm/oravm_output.txt: -------------------------------------------------------------------------------- 1 | Thu Apr 13 04:05:05 AM UTC 2023 - INFO: cr_oravm.sh version 2.0... 2 | Thu Apr 13 04:05:05 AM UTC 2023 - INFO: az account set... 3 | Thu Apr 13 04:05:05 AM UTC 2023 - INFO: az group exists -n tim-oravm-rg... 4 | Thu Apr 13 04:05:06 AM UTC 2023 - INFO: az configure --defaults group location... 5 | Thu Apr 13 04:05:06 AM UTC 2023 - INFO: az network vnet create tim-oravm-vnet... 6 | Thu Apr 13 04:05:12 AM UTC 2023 - INFO: az network nsg create tim-oravm-nsg... 7 | Thu Apr 13 04:05:17 AM UTC 2023 - INFO: az network nsg rule create ssh-cloud-shell... 8 | Thu Apr 13 04:05:29 AM UTC 2023 - INFO: az network nsg rule create smb-cloud-shell... 9 | Thu Apr 13 04:05:41 AM UTC 2023 - INFO: az network public-ip create tim-oravm-public-ip01... 10 | Thu Apr 13 04:05:44 AM UTC 2023 - INFO: az network nic create tim-oravm-nic01... 11 | Thu Apr 13 04:06:16 AM UTC 2023 - INFO: az vm create tim-oravm-vm01... 12 | Thu Apr 13 04:07:21 AM UTC 2023 - INFO: az storage account create timoravmsa01... 13 | Thu Apr 13 04:07:43 AM UTC 2023 - INFO: az storage share create tim-oravm-share01... 14 | Thu Apr 13 04:07:44 AM UTC 2023 - INFO: az storage account show timoravmsa01... 15 | Thu Apr 13 04:07:45 AM UTC 2023 - INFO: az storage account timoravmsa01 is "https://timoravmsa01.file.core.windows.net/"... 16 | Thu Apr 13 04:07:46 AM UTC 2023 - INFO: az storage account keys list timoravmsa01... 17 | Thu Apr 13 04:07:46 AM UTC 2023 - DBUG: az storage account keys list is "xxxxx" 18 | Thu Apr 13 04:07:46 AM UTC 2023 - INFO: az backup vault create tim-oravm-vault01... 19 | Thu Apr 13 04:08:50 AM UTC 2023 - INFO: az backup policy create tim-oravm-policy01... 20 | Thu Apr 13 04:08:51 AM UTC 2023 - INFO: az network public-ip show tim-oravm-public-ip01... 21 | Thu Apr 13 04:08:53 AM UTC 2023 - INFO: public IP 20.163.86.57 for tim-oravm-vm01... 22 | Thu Apr 13 04:08:53 AM UTC 2023 - INFO: az network nic show tim-oravm-nic01... 23 | Thu Apr 13 04:08:54 AM UTC 2023 - INFO: private IP 10.0.0.4 for tim-oravm-vm01... 24 | Thu Apr 13 04:08:54 AM UTC 2023 - INFO: mkdir /u02 on tim-oravm-vm01... 25 | Thu Apr 13 04:08:54 AM UTC 2023 - INFO: yum install -y lvm2 xfsprogs xfsdump on tim-oravm-vm01... 26 | Thu Apr 13 04:09:24 AM UTC 2023 - INFO: az vm disk attach (tim-oravm-vm01-datadisk01)... 27 | Thu Apr 13 04:09:57 AM UTC 2023 - INFO: parted /dev/sdc mklabel on tim-oravm-vm01... 28 | Thu Apr 13 04:09:57 AM UTC 2023 - INFO: parted /dev/sdc mkpart primary on tim-oravm-vm01... 29 | Thu Apr 13 04:09:58 AM UTC 2023 - INFO: pvcreate /dev/sdc1 on tim-oravm-vm01... 30 | Thu Apr 13 04:09:58 AM UTC 2023 - INFO: vgcreate vg_ora01 /dev/sdc1 on tim-oravm-vm01... 31 | Thu Apr 13 04:09:59 AM UTC 2023 - INFO: vgdisplay vg_ora01 on tim-oravm-vm01... 32 | Thu Apr 13 04:10:00 AM UTC 2023 - INFO: lvcreate vg_ora01 on tim-oravm-vm01... 33 | Thu Apr 13 04:10:00 AM UTC 2023 - INFO: mkfs -t xfs /dev/vg_ora01/lv_ora01 on tim-oravm-vm01... 34 | Thu Apr 13 04:10:22 AM UTC 2023 - INFO: mount /dev/vg_ora01/lv_ora01 /u02 on tim-oravm-vm01... 35 | Thu Apr 13 04:10:24 AM UTC 2023 - INFO: configure waagent to manage resource disk on tim-oravm-vm01... 36 | Thu Apr 13 04:10:24 AM UTC 2023 - INFO: retrieve resource disk mount point from /etc/waagent.conf on tim-oravm-vm01... 37 | Thu Apr 13 04:10:25 AM UTC 2023 - INFO: free -m to find physical RAM on tim-oravm-vm01... 38 | Thu Apr 13 04:10:26 AM UTC 2023 - INFO: configure waagent for 23658M swap on tim-oravm-vm01... 39 | Thu Apr 13 04:10:26 AM UTC 2023 - INFO: mkdir /u02/oradata /u02/orarecv /backup on tim-oravm-vm01... 40 | Thu Apr 13 04:10:26 AM UTC 2023 - INFO: chown oracle:oinstall /u02/oradata /u02/orarecv /backup on tim-oravm-vm01... 41 | Thu Apr 13 04:10:27 AM UTC 2023 - INFO: copy oraInst.loc file on tim-oravm-vm01 42 | Thu Apr 13 04:10:28 AM UTC 2023 - INFO: yum update on tim-oravm-vm01 (1: be prepared - long wait)... 43 | Thu Apr 13 04:18:17 AM UTC 2023 - INFO: 2nd yum update on tim-oravm-vm01... 44 | Thu Apr 13 04:20:58 AM UTC 2023 - INFO: yum install cifs-utils on tim-oravm-vm01... 45 | Thu Apr 13 04:21:07 AM UTC 2023 - INFO: set contents of /etc/smbcredentials/timoravmsa01.cred on tim-oravm-vm01... 46 | Thu Apr 13 04:21:10 AM UTC 2023 - INFO: mount -t cifs //timoravmsa01.file.core.windows.net/tim-oravm-share01 /backup on tim-oravm-vm01... 47 | Thu Apr 13 04:21:10 AM UTC 2023 - INFO: set CIFS/SMB info into /etc/fstab on tim-oravm-vm01... 48 | Thu Apr 13 04:21:11 AM UTC 2023 - INFO: dbca -createDatabase oradb01 on tim-oravm-vm01 (be prepared - long wait)... 49 | Thu Apr 13 04:30:56 AM UTC 2023 - INFO: create "/root/orareboot.sh" on tim-oravm-vm01 50 | Thu Apr 13 04:30:57 AM UTC 2023 - INFO: run "/root/orareboot.sh" on tim-oravm-vm01 51 | Thu Apr 13 04:30:58 AM UTC 2023 - INFO: move TEMP tablespace to temporary disk on tim-oravm-vm01... 52 | Thu Apr 13 04:31:38 AM UTC 2023 - INFO: configure FLASH CACHE to temporary disk on tim-oravm-vm01... 53 | Thu Apr 13 04:32:52 AM UTC 2023 - INFO: create "/etc/systemd/system/orareboot.service" on tim-oravm-vm01 54 | Thu Apr 13 04:32:53 AM UTC 2023 - INFO: "sudo systemctl daemon-reload" on tim-oravm-vm01 55 | Thu Apr 13 04:32:54 AM UTC 2023 - INFO: "sudo systemctl enable orareboot.service" on tim-oravm-vm01 56 | Thu Apr 13 04:32:54 AM UTC 2023 - INFO: "sudo systemctl enable waagent" on tim-oravm-vm01 57 | Thu Apr 13 04:32:55 AM UTC 2023 - INFO: "sudo systemctl start waagent" on tim-oravm-vm01 58 | Thu Apr 13 04:32:55 AM UTC 2023 - INFO: az backup protection enable-for-vm tim-oravm-vm01... 59 | Thu Apr 13 04:33:36 AM UTC 2023 - INFO: useradd -g backupdba azbackup on tim-oravm-vm01... 60 | Thu Apr 13 04:33:36 AM UTC 2023 - INFO: setup Azure VM Backup within Oracle database on tim-oravm-vm01... 61 | Thu Apr 13 04:33:38 AM UTC 2023 - INFO: copy new workload.conf file to tim-oravm-vm01... 62 | Thu Apr 13 04:33:40 AM UTC 2023 - INFO: pausing for 60 seconds before initiating first backup on tim-oravm-vm01... 63 | Thu Apr 13 04:34:40 AM UTC 2023 - INFO: az backup protection backup-now tim-oravm-vm01... 64 | Thu Apr 13 04:34:47 AM UTC 2023 - INFO: reset LVM2 info in /etc/default/grub configuration file... 65 | Thu Apr 13 04:34:49 AM UTC 2023 - INFO: using dracut to regenerate initramfs... 66 | Thu Apr 13 04:35:10 AM UTC 2023 - INFO: recreate grub2 configuration file... 67 | Thu Apr 13 04:35:13 AM UTC 2023 - INFO: stop Oracle listener and database... 68 | Thu Apr 13 04:35:39 AM UTC 2023 - INFO: reboot... 69 | Thu Apr 13 04:36:21 AM UTC 2023 - INFO: pause for 30 seconds... 70 | Thu Apr 13 04:36:51 AM UTC 2023 - INFO: restart Oracle listener and database... 71 | Thu Apr 13 04:38:27 AM UTC 2023 - INFO: completed successfully! 72 | --------------------------------------------------------------------------------