├── .DS_Store
├── .gitattributes
├── .github
└── CODEOWNERS
├── CODE_OF_CONDUCT.md
├── LICENSE
├── Oracle on Azure IaaS Recommended Practices for Success.pdf
├── README.md
├── SECURITY.md
├── SUPPORT.md
├── az-oracle-sizing
├── AWR Analysis template spreadsheet 20230620.xltx
├── AWR Sizing Instructions.pdf
├── README.md
├── awr_capture.sh
├── busiest_awr.sql
├── busiest_statspack.sql
└── dbspace.sql
├── azbackup
├── README.md
└── azbackup_verify.sh
├── levelup-oracle-database-at-azure
├── Module-1
│ └── Module-1-Final-for-Part-1.pptx
├── Module-2
│ └── Module-2-BCDR.pptx
└── Module-4
│ ├── .gitattributes
│ └── Application Monitoring and Oracle Database@Azure LevelUp Series.pptx
├── levelup-oracle-database-at-azure~b05c532c13db3562078fa1eaba4dbbf0a7e80f73
├── levelup-oracle-on-iaas
├── lab1
│ ├── Lab1-Capacity Planning.pptx
│ ├── awr
│ │ ├── AWR_DBS.html
│ │ ├── AWR_DBT.html
│ │ ├── AWR_DBU.html
│ │ ├── AWR_DBV.html
│ │ ├── AWR_DBW.html
│ │ ├── AWR_DBX.html
│ │ ├── AWR_DBY.html
│ │ ├── AWR_DBZ.html
│ │ ├── Lab1-SampleReport.xlsm
│ │ ├── dbspace_DBS.lst
│ │ ├── dbspace_DBT.lst
│ │ ├── dbspace_DBU.lst
│ │ ├── dbspace_DBV.lst
│ │ ├── dbspace_DBW.lst
│ │ ├── dbspace_DBX.lst
│ │ ├── dbspace_DBY.lst
│ │ └── dbspace_DBZ.lst
│ ├── media
│ │ ├── omat_awr_details.png
│ │ ├── omat_recommendation_filters.png
│ │ ├── omat_recommended_nas_1.png
│ │ ├── omat_recommended_nas_2.png
│ │ ├── omat_recommended_nas_3.png
│ │ ├── omat_recommended_vms_1.png
│ │ ├── omat_recommended_vms_2.png
│ │ ├── omat_recommended_vms_2_managed_disks.png
│ │ ├── omat_recommended_vms_3.png
│ │ ├── omat_recommended_vms_3_managed_disks.png
│ │ ├── omat_settings_1.png
│ │ ├── omat_settings_3.png
│ │ ├── omat_summary_by_azurevm_1.png
│ │ ├── omat_summary_by_azurevm_2.png
│ │ ├── omat_summary_by_azurevm_3.png
│ │ ├── omat_summary_by_db_1.png
│ │ ├── omat_summary_by_db_2.png
│ │ ├── omat_summary_by_dbinstance.png
│ │ └── omat_summary_by_host.png
│ └── readme.md
├── lab2
│ ├── CODE_OF_CONDUCT.md
│ ├── LICENSE
│ ├── README.md
│ ├── SECURITY.md
│ ├── SUPPORT.md
│ ├── ansible
│ │ └── bootstrap
│ │ │ └── single_instance
│ │ │ ├── README.md
│ │ │ ├── ansible.cfg
│ │ │ ├── group_vars
│ │ │ └── all
│ │ │ │ └── vars.yml
│ │ │ ├── playbook.yml
│ │ │ └── roles
│ │ │ ├── common
│ │ │ ├── defaults
│ │ │ │ └── main.yaml
│ │ │ └── tasks
│ │ │ │ └── main.yaml
│ │ │ ├── dbca
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── tasks
│ │ │ │ └── main.yml
│ │ │ └── templates
│ │ │ │ ├── dbca.rsp.j2
│ │ │ │ └── dbora.j2
│ │ │ ├── grid
│ │ │ ├── defaults
│ │ │ │ └── main.yaml
│ │ │ ├── tasks
│ │ │ │ └── main.yaml
│ │ │ ├── templates
│ │ │ │ ├── bash_rc
│ │ │ │ └── gridsetup.rsp.j2
│ │ │ └── vars
│ │ │ │ └── main.yml
│ │ │ └── oracle19c
│ │ │ ├── defaults
│ │ │ └── main.yml
│ │ │ ├── tasks
│ │ │ └── main.yml
│ │ │ ├── templates
│ │ │ └── db_install.rsp.j2
│ │ │ └── vars
│ │ │ └── main.yml
│ ├── docs
│ │ ├── media
│ │ │ ├── complete.jpg
│ │ │ ├── fixtures.jpg
│ │ │ ├── inventory.jpg
│ │ │ ├── port2222.png
│ │ │ ├── provisioned.jpg
│ │ │ ├── publicip.jpg
│ │ │ ├── run_command1.png
│ │ │ ├── run_command2.png
│ │ │ ├── single-instance-overview.png
│ │ │ ├── single_vm.png
│ │ │ ├── ssh-for-cloud-shell.jpg
│ │ │ ├── sshport.jpg
│ │ │ ├── test.jpg
│ │ │ └── warnings.jpg
│ │ └── wiki
│ │ │ ├── ANSIBLE.md
│ │ │ ├── CLONE.md
│ │ │ ├── Contributing.md
│ │ │ ├── FAQ.md
│ │ │ ├── Home.md
│ │ │ ├── KnownIssues.md
│ │ │ ├── REVIEW_INFRA.md
│ │ │ ├── TERRAFORM.md
│ │ │ ├── TEST.md
│ │ │ ├── Versioning.md
│ │ │ └── WhatsNew.md
│ ├── terraform
│ │ └── bootstrap
│ │ │ └── single_instance
│ │ │ ├── README.md
│ │ │ ├── backend.tf
│ │ │ ├── images
│ │ │ └── single_vm.png
│ │ │ ├── module.tf
│ │ │ ├── outputs.tf
│ │ │ ├── providers.tf
│ │ │ ├── transform.tf
│ │ │ ├── variables.md
│ │ │ ├── variables_global.tf
│ │ │ └── variables_local.tf
│ └── terraform_units
│ │ └── modules
│ │ ├── common_infrastructure
│ │ ├── infrastructure.tf
│ │ ├── outputs.tf
│ │ ├── providers.tf
│ │ ├── resource_lock.tf
│ │ ├── role_assignments.tf
│ │ ├── variables_global.tf
│ │ └── variables_local.tf
│ │ ├── compute
│ │ ├── azure_extension_diagnostics_linux_syslogevents.json
│ │ ├── diagnostic_settings.tf
│ │ ├── outputs.tf
│ │ ├── providers.tf
│ │ ├── resource_lock.tf
│ │ ├── role_assignments.tf
│ │ ├── variable_global.tf
│ │ ├── variable_local.tf
│ │ ├── vm.tf
│ │ └── vm_role_assignment.tf
│ │ ├── network
│ │ ├── diagnostic_settings.tf
│ │ ├── nic.tf
│ │ ├── nsg.tf
│ │ ├── outputs.tf
│ │ ├── providers.tf
│ │ ├── resource_lock.tf
│ │ ├── role_assignments.tf
│ │ ├── subnet.tf
│ │ ├── variables_global.tf
│ │ ├── variables_local.tf
│ │ └── vnet.tf
│ │ └── storage
│ │ ├── data_disk.tf
│ │ ├── outputs.tf
│ │ ├── providers.tf
│ │ ├── resource_lock.tf
│ │ ├── role_assignments.tf
│ │ ├── variables_global.tf
│ │ └── variables_local.tf
├── lab3
│ ├── CODE_OF_CONDUCT.md
│ ├── LICENSE
│ ├── SECURITY.md
│ ├── SUPPORT.md
│ ├── lab-images
│ │ └── media
│ │ │ ├── image1.png
│ │ │ ├── image2.png
│ │ │ ├── image3.png
│ │ │ ├── image4.png
│ │ │ ├── image5.png
│ │ │ ├── image6.png
│ │ │ ├── image7.png
│ │ │ └── image8.png
│ └── readme.md
├── lab4
│ ├── customscript.bicep
│ ├── dep.sh
│ ├── main.bicep
│ ├── main.bicepparam
│ ├── observer.sh
│ ├── oravm.bicep
│ ├── primary.sh
│ ├── readme.md
│ ├── scenarios.md
│ ├── secondary.sh
│ └── variables.txt
└── readme.md
├── omat
├── README.md
├── media
│ ├── data-awr-details.png
│ ├── data-summary-by-db.png
│ ├── recommendations-filters.png
│ ├── recommendations-storage.png
│ ├── recommendations-vms.png
│ └── settings.png
├── omat.ps1
├── readme
├── setup.ps1
└── template.xlsm
├── oradg
├── README.md
├── cr_oradg.sh
└── cr_oradg_output.txt
├── orapcs
├── README.md
├── cr_orapcs.sh
└── orapcs_output.txt
└── oravm
├── README.md
├── cr_oravm.sh
└── oravm_output.txt
/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/.DS_Store
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | *.mp4 filter=lfs diff=lfs merge=lfs -text
2 |
--------------------------------------------------------------------------------
/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 | * @Azure/lza-oracle-codeowners
--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
1 | # Microsoft Open Source Code of Conduct
2 |
3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
4 |
5 | Resources:
6 |
7 | - [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
8 | - [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
9 | - Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
10 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) Microsoft Corporation.
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE
22 |
--------------------------------------------------------------------------------
/Oracle on Azure IaaS Recommended Practices for Success.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/Oracle on Azure IaaS Recommended Practices for Success.pdf
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Support for Oracle Database workloads within Azure Infrastructure-as-a-Service (IaaS)
2 |
3 | This repository contains sub-folders representing multiple separate projects...
4 |
5 | ### 1. az-oracle-sizing
6 | This project documents the method of sizing on-prem Oracle Database workloads for initial migration into Azure. Too often, people capture the number of CPUs, amount of RAM, and quantity of storage configured to the on-prem infrastructure, and then they configure Azure resources based on those metrics. Unfortunately, they don't know if the database was using all or just some of those allocated resources. We focus on capturing actual observed information for:
7 | 1) observed CPU utilization
8 | 2) observed memory utilization
9 | 3) observed I/O utilization
10 |
11 | ...from standard Oracle AWR (automatic workload repository) reports, preferably generated during peak workload periods. This project consists of documentation in PDF form, a sample MS-Excel spreadsheet for capturing the metrics needed from Oracle AWR reports. The spreadsheet has two worksheets, the first to capture AWR information, and the second to generate estimates for choosing compute and storage resources from Azure. This repository also holds an Oracle SQL\*Plus script named "dbspace.sql" which can be used to capture information not included in AWR reports, such as database size, table compression, volume of full and incremental RMAN backups, and daily volume of archived redo logs.
12 |
13 | ### 2. azbackup
14 | This project relates to app-consistent Oracle database backups using Azure Backup. Present is a bash-shell script for troubleshooting and training videos for configuring and restoring VMs supporting one or more Oracle database workloads.
15 |
16 | ### 3. oravm
17 | This project contains an "accelerator" script for automating the creation of a single VM with a running Oracle database with integration to Azure Backup configured. The bash-shell script "cr_oravm.sh" requires a subscription and a resource group as prerequisites, and within the resource group it builds a virtual net, a subnet, a network security group, as well as a VM with a NIC, public IP address, and storage using either premium SSD or Azure NetApp Files. All is built automatically in about 30-35 minutes. For more detailed information, please refer to the README within the folder.
18 |
19 | ### 4. oradg
20 | This project contains an "accelerator" script for automating the creation of an Oracle DataGuard primary and standby database, each on separate VMs in separate availability zones, as well as a third VM with the Oracle DataGuard Broker observer. The bash-shell script "cr_oradg.sh" requires a subscription and a resource group as prerequisites, and within the resource group it builds a virtual net, a subnet, a network security group, as well as three VMs with NICs, public IP addresses, and storage using premium SSD. Everything is built automatically in about 40 minutes. For more detailed information, please refer to the README within the folder.
21 |
22 | ### 5. orapcs
23 | This project contains an "accelerator" script for automating the creation of Linux Pacemaker/Corosync (PCS) HA cluster for an Oracle database, with a database on shared storage maintained by two VMs within the same availability set and proximity placement group in a single availability zone, as well as a third VM intended as an observer. The bash-shell script "cr_orapcs.sh" requires a subscription and a resource group as prerequisites, and within the resource group it builds a virtual net, a subnet, a network security group, as well as three VMs with NICs, public IP addresses, and storage using premium SSD. Everything is built automatically in about 40 minutes. For more detailed information, please refer to the README within the folder.
24 |
25 | ## Contributing
26 |
27 | This project welcomes contributions and suggestions. Most contributions require you to agree to a
28 | Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
29 | the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
30 |
31 | When you submit a pull request, a CLA bot will automatically determine whether you need to provide
32 | a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
33 | provided by the bot. You will only need to do this once across all repos using our CLA.
34 |
35 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
36 | For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
37 | contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
38 |
39 | ## Trademarks
40 |
41 | This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft
42 | trademarks or logos is subject to and must follow
43 | [Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general).
44 | Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.
45 | Any use of third-party trademarks or logos are subject to those third-party's policies.
46 |
--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
1 |
2 |
3 | ## Security
4 |
5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
6 |
7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below.
8 |
9 | ## Reporting Security Issues
10 |
11 | **Please do not report security vulnerabilities through public GitHub issues.**
12 |
13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
14 |
15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
16 |
17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
18 |
19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
20 |
21 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
22 | * Full paths of source file(s) related to the manifestation of the issue
23 | * The location of the affected source code (tag/branch/commit or direct URL)
24 | * Any special configuration required to reproduce the issue
25 | * Step-by-step instructions to reproduce the issue
26 | * Proof-of-concept or exploit code (if possible)
27 | * Impact of the issue, including how an attacker might exploit the issue
28 |
29 | This information will help us triage your report more quickly.
30 |
31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs.
32 |
33 | ## Preferred Languages
34 |
35 | We prefer all communications to be in English.
36 |
37 | ## Policy
38 |
39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
40 |
41 |
--------------------------------------------------------------------------------
/SUPPORT.md:
--------------------------------------------------------------------------------
1 | # TODO: The maintainer of this repo has not yet edited this file
2 |
3 | **REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project?
4 |
5 | - **No CSS support:** Fill out this template with information about how to file issues and get help.
6 | - **Yes CSS support:** Fill out an intake form at [aka.ms/spot](https://aka.ms/spot). CSS will work with/help you to determine next steps. More details also available at [aka.ms/onboardsupport](https://aka.ms/onboardsupport).
7 | - **Not sure?** Fill out a SPOT intake as though the answer were "Yes". CSS will help you decide.
8 |
9 | *Then remove this first heading from this SUPPORT.MD file before publishing your repo.*
10 |
11 | # Support
12 |
13 | ## How to file issues and get help
14 |
15 | This project uses GitHub Issues to track bugs and feature requests. Please search the existing
16 | issues before filing new issues to avoid duplicates. For new issues, file your bug or
17 | feature request as a new Issue.
18 |
19 | For help and questions about using this project, please **REPO MAINTAINER: INSERT INSTRUCTIONS HERE
20 | FOR HOW TO ENGAGE REPO OWNERS OR COMMUNITY FOR HELP. COULD BE A STACK OVERFLOW TAG OR OTHER
21 | CHANNEL. WHERE WILL YOU HELP PEOPLE?**.
22 |
23 | ## Microsoft Support Policy
24 |
25 | Support for this **PROJECT or PRODUCT** is limited to the resources listed above.
26 |
--------------------------------------------------------------------------------
/az-oracle-sizing/AWR Analysis template spreadsheet 20230620.xltx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/az-oracle-sizing/AWR Analysis template spreadsheet 20230620.xltx
--------------------------------------------------------------------------------
/az-oracle-sizing/AWR Sizing Instructions.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/az-oracle-sizing/AWR Sizing Instructions.pdf
--------------------------------------------------------------------------------
/az-oracle-sizing/awr_capture.sh:
--------------------------------------------------------------------------------
1 | Removing the "awr_capture.sh" from public distribution because the number of variations of HTML formats are too many for parsing using bash shell.
2 |
3 | This script was informally shared as a convenience for colleagues, but some have misinterpreted this script as supported software.
4 |
--------------------------------------------------------------------------------
/az-oracle-sizing/busiest_awr.sql:
--------------------------------------------------------------------------------
1 | REM ================================================================================
2 | REM Name: busiest_awr.sql
3 | REM Type: Oracle SQL script
4 | REM Date: 27-April 2020
5 | REM From: Americas Customer Engineering team (CET) - Microsoft
6 | REM
7 | REM Copyright and license:
8 | REM
9 | REM Licensed under the Apache License, Version 2.0 (the "License"); you may
10 | REM not use this file except in compliance with the License.
11 | REM
12 | REM You may obtain a copy of the License at
13 | REM
14 | REM http://www.apache.org/licenses/LICENSE-2.0
15 | REM
16 | REM Unless required by applicable law or agreed to in writing, software
17 | REM distributed under the License is distributed on an "AS IS" basis,
18 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 | REM
20 | REM See the License for the specific language governing permissions and
21 | REM limitations under the License.
22 | REM
23 | REM Copyright (c) 2020 by Microsoft. All rights reserved.
24 | REM
25 | REM Ownership and responsibility:
26 | REM
27 | REM This script is offered without warranty by Microsoft Customer Engineering.
28 | REM Anyone using this script accepts full responsibility for use, effect,
29 | REM and maintenance. Please do not contact Microsoft or Oracle support unless
30 | REM there is a problem with a supported SQL or SQL*Plus command.
31 | REM
32 | REM Description:
33 | REM
34 | REM SQL*Plus script to find the top 5 busiest AWR snapshots within the horizon
35 | REM of all information stored within the Oracle AWR repository, based on the
36 | REM AWR metrics "CPU Usage Per Sec" and "I/O Megabytes per Second" found in the
37 | REM view DBA_HIST_SYSMETRIC_HISTORY.
38 | REM
39 | REM Modifications:
40 | REM TGorman 27apr20 v0.1 written
41 | REM TGorman 04may20 v0.2 removed NTILE, using only ROW_NUMBER now...
42 | REM NBhandare 14May21 v0.3 added reference to innermost subqueries as fix for
43 | REM instance restart...
44 | REM TGorman 01jun21 v0.4 cleaned up some mistakes, parameterized
45 | REM TGorman 09dec22 v0.5 changed query from using stats from DBA_HIST_SYSSTAT
46 | REM to using metrics from DBA_HIST_SYSMETRIC_HISTORY
47 | REM TGorman 12dec22 v0.6 cleaned up snap IDs and times
48 | REM ================================================================================
49 | set pages 100 lines 180 verify off echo off feedback 6 timing off recsep off
50 | col instance_number format 90 heading 'I#'
51 | col snap_id heading 'Beginning|Snap ID'
52 | col begin_tm format a20 heading 'Beginning|Snap Time' word_wrap
53 | col avg_value heading 'Average|IO and CPU|per second' format 999,999,990.0000
54 | define V_CPU_WEIGHT=1 /* multiplicative factor to favor/disfavor CPU metrics */
55 | define V_IO_WEIGHT=2 /* multiplicative factor to favor/disfavor I/O metrics */
56 | spool b
57 | select x.instance_number,
58 | x.snap_id snap_id,
59 | to_char(s.end_interval_time, 'DD-MON-YYYY HH24:MI:SS') begin_tm,
60 | x.avg_value
61 | from (select instance_number, snap_id, avg(value) avg_value, avg(sort_value) sort_value,
62 | row_number() over (partition by instance_number order by avg(sort_value) desc) rn
63 | from (select instance_number, snap_id, value, (value*&&V_CPU_WEIGHT) sort_value
64 | from dba_hist_sysmetric_history
65 | where metric_name = 'CPU Usage Per Sec'
66 | and dbid = (select dbid from v$database)
67 | union all
68 | select instance_number, snap_id, value, (value*&&V_IO_WEIGHT) sort_value
69 | from dba_hist_sysmetric_history
70 | where metric_name = 'I/O Megabytes per Second'
71 | and dbid = (select dbid from v$database))
72 | group by instance_number, snap_id) x,
73 | dba_hist_snapshot s
74 | where s.snap_id = x.snap_id
75 | and s.instance_number = x.instance_number
76 | and rn <= 5
77 | order by instance_number, rn;
78 | spool off
79 |
--------------------------------------------------------------------------------
/az-oracle-sizing/busiest_statspack.sql:
--------------------------------------------------------------------------------
1 | REM ================================================================================
2 | REM Name: busiest_statspack.sql
3 | REM Type: Oracle SQL script
4 | REM Date: 27-April 2020
5 | REM From: Americas Customer Success team (CSU) - Microsoft
6 | REM
7 | REM Copyright and license:
8 | REM
9 | REM Licensed under the Apache License, Version 2.0 (the "License"); you may
10 | REM not use this file except in compliance with the License.
11 | REM
12 | REM You may obtain a copy of the License at
13 | REM
14 | REM http://www.apache.org/licenses/LICENSE-2.0
15 | REM
16 | REM Unless required by applicable law or agreed to in writing, software
17 | REM distributed under the License is distributed on an "AS IS" basis,
18 | REM WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 | REM
20 | REM See the License for the specific language governing permissions and
21 | REM limitations under the License.
22 | REM
23 | REM Copyright (c) 2020 by Microsoft. All rights reserved.
24 | REM
25 | REM Ownership and responsibility:
26 | REM
27 | REM This script is offered without warranty by Microsoft Customer Engineering.
28 | REM Anyone using this script accepts full responsibility for use, effect,
29 | REM and maintenance. Please do not contact Microsoft or Oracle support unless
30 | REM there is a problem with a supported SQL or SQL*Plus command.
31 | REM
32 | REM Description:
33 | REM
34 | REM SQL*Plus script to find the top 5 busiest STATSPACK snapshots within the horizon
35 | REM of all information stored within the Oracle STATSPACK repository, based on the
36 | REM STATSPACK statistic "CPU used by this session" and the two I/O statistics
37 | REM "physical reads" and "physical writes", all residing within the STATSPACK
38 | REM table named STATS$SYSSTAT, populated from the view V$SYSSTAT.
39 | REM
40 | REM Modifications:
41 | REM TGorman 09jan23 v0.6 copied from script "busiest_awr.sql" v0.6
42 | REM TGorman 13feb23 v0.7 bug fix, change DBA_HIST_SNAPSHOT to STATS$SNAPSHOT
43 | REM ================================================================================
44 | set pages 100 lines 180 verify off echo off feedback 6 timing off recsep off
45 | col instance_number format 90 heading 'I#'
46 | col snap_id heading 'Beginning|Snap ID'
47 | col begin_tm format a20 heading 'Beginning|Snap Time' word_wrap
48 | col avg_value heading 'Average|IO and CPU|per second' format 999,999,990.0000
49 | define V_CPU_WEIGHT=1 /* multiplicative factor to favor/disfavor CPU metrics */
50 | define V_IO_WEIGHT=2 /* multiplicative factor to favor/disfavor I/O metrics */
51 | spool b
52 | select x.instance_number,
53 | x.snap_id snap_id,
54 | to_char(s.snap_time, 'DD-MON-YYYY HH24:MI:SS') begin_tm,
55 | x.avg_value
56 | from (select instance_number, snap_id, avg_value,
57 | row_number() over (partition by instance_number order by avg_sort_value desc) rn
58 | from (select instance_number, snap_id, avg(value) avg_value, avg(sort_value) avg_sort_value
59 | from (select instance_number, snap_id, sum(value)-sum(lag_value) value, ((sum(value)-sum(lag_value))*&&V_CPU_WEIGHT) sort_value
60 | from (select instance_number, snap_id, value, lag(value) over (partition by instance_number order by snap_id) lag_value
61 | from stats$sysstat
62 | where name in ('CPU used by this session')
63 | and dbid = (select dbid from v$database))
64 | where lag_value is not null
65 | group by instance_number, snap_id
66 | union all
67 | select instance_number, snap_id, sum(value)-sum(lag_value) value, ((sum(value)-sum(lag_value))*&&V_IO_WEIGHT) sort_value
68 | from (select instance_number, snap_id, value, lag(value) over (partition by instance_number, name order by snap_id) lag_value
69 | from stats$sysstat
70 | where name in ('physical reads','physical writes')
71 | and dbid = (select dbid from v$database))
72 | where lag_value is not null
73 | group by instance_number, snap_id)
74 | group by instance_number, snap_id)) x,
75 | Stats$snapshot s
76 | where s.snap_id = x.snap_id
77 | and s.instance_number = x.instance_number
78 | and s.dbid = (select dbid from v$database)
79 | and x.rn <= 5
80 | order by instance_number, rn;
81 | spool off
82 |
--------------------------------------------------------------------------------
/azbackup/README.md:
--------------------------------------------------------------------------------
1 | # azbackup
2 | Useful scripts for diagnosing issues with Azure VM Backup for app-consistent Oracle database backups
3 |
4 | # bash script "azbackup_verify.sh"
5 |
6 | This script is intended for use in validating and troubleshooting the configuration of an Azure Linux VM for app-consistent backups of Oracle databases using Azure VM Backup.
7 |
8 | ### Prerequisites
9 |
10 | Full "sudo" permissions are *required* by this script.
11 |
12 | This script uses the "sudo" privilege escalation command, and so it should be run under the administrative Linux OS account for this Azure VM (which is granted full "sudo" permissions at VM creation), or else run under the Linux root OS account.
13 |
14 | ### Validations performed
15 |
16 | 1. existence and contents of the "/etc/azure/workload.conf" config file
17 | a. validate "workload_type" specified in config file is "oracle"
18 | b. validate "configuration_path" specified is a file with entries in correct format
19 | c. validate "timeout" specified in config file between 0 and 3600 seconds
20 | d. validate Linux OS account specified as "linux_user" in config file
21 | e. validate Linux OS group assigned to "linux_user" is Oracle SYSBACKUP group
22 | 2. existence of Oracle "pre-script" and "post-script"
23 | a. within root-protected "/var/lib/waagent" subdirectory
24 | 3. For each Oracle database instance listed in the file referenced by "configuration_path"...
25 | a. validate existence of "$ORACLE_HOME" directory and specific subdirectories
26 | b. validate existence of "config.c" source file
27 | c. validate that the defined Linux OS group for OS authentication of the SYSBACKUP role is the primary OS group of the Linux OS account (i.e. "linux_user" attribute)
28 | d. validate that it is possible to connect to Oracle SQL*Plus under the Linux OS account for Azure VM Backup with the SYSBACKUP role
29 | e. validate that the AZMESSAGE stored procedure exists and is VALID
30 |
31 | Please note that the validations within the database (i.e. existence and validity of AZMESSAGE procedure, etc) are performed using the OS account specified in the "linux_user" attribute of the configuration file, using Oracle external OS authentication through the SYSBACKUP role.
32 |
33 | In other words, successful validation with this script includes database connections using the same authentication methods used by Azure VM Backup through the Azure Linux agent (waagent).
34 |
35 | ### Command-line Parameters
36 | Any command-line parameter will place the script into "verbose" mode. Silent mode is the default if no command-line parameters are specified.
37 |
38 | ### Return status
39 | 0 - success
40 | 1 - failure, please refer to error messages emitted by the script
41 |
42 | ## Examples
43 |
44 | An example of running the script in the default "verbose" mode, no command-line parameters, and then checking the return status...
45 |
46 |
47 | [adminuser@ora-bkp-vm01 tmp]$ ./azbackup_verify.sh
48 | Sat Jul 31 18:06:27 UTC 2021 - INFO: verbose mode enabled, script version 1.2
49 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify existence of directory "/etc/azure"
50 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify existence of file "/etc/azure/workload.conf"
51 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify header of file "/etc/azure/workload.conf"
52 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify "workload_name" attribute in file "/etc/azure/workload.conf"
53 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify "configuration_path" attribute in file "/etc/azure/workload.conf"
54 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify "timeout" attribute in file "/etc/azure/workload.conf"
55 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Configuration file: verify "linux_user" attribute in file "/etc/azure/workload.conf"
56 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Azure Linux agent: verify existence of pre-script within directory "/var/lib/waagent"
57 | Sat Jul 31 18:06:27 UTC 2021 - INFO: Azure Linux agent: verify existence of post-script within directory "/var/lib/waagent"
58 | Sat Jul 31 18:06:27 UTC 2021 - INFO: DB instance "oradb01": validate ORACLE_HOME directory "/u01/app/oracle/product/19.0.0/dbhome_1"
59 | Sat Jul 31 18:06:27 UTC 2021 - INFO: DB instance "oradb01": verify SYSBACKUP group in "/u01/app/oracle/product/19.0.0/dbhome_1/rdbms/lib/config.c"
60 | Sat Jul 31 18:06:27 UTC 2021 - INFO: DB instance "oradb01": connect externally through "azbackup" OS account as "SYSBACKUP"
61 | Sat Jul 31 18:06:29 UTC 2021 - INFO: validated successfully
62 | [adminuser@ora-bkp-vm01 ]$ echo $?
63 | 0
64 | [adminuser@ora-bkp-vm01 ]$
65 |
66 |
67 | Now, running the script in the silent "terse" mode and again checking the return status...
68 |
69 |
70 | [adminuser@ora-bkp-vm01 ]$ ./azbackup_verify.sh terse
71 | [adminuser@ora-bkp-vm01 ]$ echo $?
72 | 0
73 | [adminuser@ora-bkp-vm01 ]$
74 |
75 |
76 | Any detected failure conditions will include the word "FAIL" in place of the word "INFO" after the timestamp.
77 |
--------------------------------------------------------------------------------
/levelup-oracle-database-at-azure/Module-1/Module-1-Final-for-Part-1.pptx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-database-at-azure/Module-1/Module-1-Final-for-Part-1.pptx
--------------------------------------------------------------------------------
/levelup-oracle-database-at-azure/Module-2/Module-2-BCDR.pptx:
--------------------------------------------------------------------------------
1 | version https://git-lfs.github.com/spec/v1
2 | oid sha256:3ab6cde7530dbc4dae676748fdcba373ca032d278ef5bb311042a28c42a0f38c
3 | size 134198272
4 |
--------------------------------------------------------------------------------
/levelup-oracle-database-at-azure/Module-4/.gitattributes:
--------------------------------------------------------------------------------
1 | Application[[:space:]]Monitoring[[:space:]]and[[:space:]]Oracle[[:space:]]Database@Azure[[:space:]]LevelUp[[:space:]]Series.pptx filter=lfs diff=lfs merge=lfs -text
2 | Manage[[:space:]]and[[:space:]]Monitor[[:space:]]Oracle[[:space:]]Database@Azure[[:space:]]Level[[:space:]]Up[[:space:]]Series.pptx filter=lfs diff=lfs merge=lfs -text
3 |
--------------------------------------------------------------------------------
/levelup-oracle-database-at-azure/Module-4/Application Monitoring and Oracle Database@Azure LevelUp Series.pptx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-database-at-azure/Module-4/Application Monitoring and Oracle Database@Azure LevelUp Series.pptx
--------------------------------------------------------------------------------
/levelup-oracle-database-at-azure~b05c532c13db3562078fa1eaba4dbbf0a7e80f73:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/Lab1-Capacity Planning.pptx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/Lab1-Capacity Planning.pptx
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/awr/Lab1-SampleReport.xlsm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/awr/Lab1-SampleReport.xlsm
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/awr/dbspace_DBS.lst:
--------------------------------------------------------------------------------
1 |
2 | BCTfile 0.00
3 | Ctlfile 37.44
4 | Datafile 408,178.97
5 | OnlineRedo 3,072.00
6 | Tempfile 86,359.97
7 | ---------------
8 | sum 497,648.38
9 |
10 | 5 rows selected.
11 |
12 |
13 | TABLE DISABLED 8,337.81 1,697
14 | TABLE PARTITION DISABLED 95.44 287
15 | TABLE SUBPARTITION DISABLED 6,237.00 54
16 | ENABLED BASIC 1,381.44 32
17 | ****************** ******** ************ ********* --------------- --------------- --------
18 | sum 16,051.69 2,070
19 |
20 | 4 rows selected.
21 |
22 |
23 | 1 1 1 512.00
24 | 2 1 512.00
25 | 3 1 512.00
26 | 2 4 1 512.00
27 | 5 1 512.00
28 | 6 1 512.00
29 | ********** ********** ********** ----------------
30 | sum 3,072.00
31 |
32 | 6 rows selected.
33 |
34 |
35 | ******************** ------------------- ------------------- -------------------
36 |
37 |
38 | no rows selected
39 |
40 |
41 | ******************** ---------------
42 |
43 |
44 | no rows selected
45 |
46 |
47 | no rows selected
48 |
49 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/awr/dbspace_DBV.lst:
--------------------------------------------------------------------------------
1 |
2 | BCTfile 0.00
3 | Ctlfile 36.31
4 | Datafile 641,069.00
5 | OnlineRedo 3,072.00
6 | Tempfile 32,767.98
7 | ---------------
8 | sum 676,945.30
9 |
10 | 5 rows selected.
11 |
12 |
13 | TABLE DISABLED 320,378.38 1,656
14 | TABLE PARTITION DISABLED 111.00 287
15 | TABLE SUBPARTITION DISABLED 594.00 66
16 | ENABLED BASIC 448.00 56
17 | ****************** ******** ************ ********* --------------- --------------- --------
18 | sum 321,531.38 2,065
19 |
20 | 4 rows selected.
21 |
22 |
23 | 1 1 1 512.00
24 | 2 1 512.00
25 | 3 1 512.00
26 | 2 4 1 512.00
27 | 5 1 512.00
28 | 6 1 512.00
29 | ********** ********** ********** ----------------
30 | sum 3,072.00
31 |
32 | 6 rows selected.
33 |
34 |
35 | ******************** ------------------- ------------------- -------------------
36 |
37 |
38 | no rows selected
39 |
40 |
41 | ******************** ---------------
42 |
43 |
44 | no rows selected
45 |
46 |
47 | no rows selected
48 |
49 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/awr/dbspace_DBX.lst:
--------------------------------------------------------------------------------
1 |
2 | BCTfile 11.06
3 | Ctlfile 42.50
4 | Datafile 130,136.00
5 | OnlineRedo 3,072.00
6 | Tempfile 8,576.00
7 | ---------------
8 | sum 141,837.56
9 |
10 | 5 rows selected.
11 |
12 |
13 | TABLE DISABLED 82,655.94 4,920
14 | TABLE PARTITION DISABLED 195.25 328
15 | TABLE SUBPARTITION DISABLED 2.00 32
16 | ****************** ******** ************ ********* --------------- --------------- --------
17 | sum 82,853.19 5,280
18 |
19 | 3 rows selected.
20 |
21 |
22 | 1 1 1 512.00
23 | 2 1 512.00
24 | 2 3 1 512.00
25 | 4 1 512.00
26 | 3 5 1 512.00
27 | 6 1 512.00
28 | ********** ********** ********** ----------------
29 | sum 3,072.00
30 |
31 | 6 rows selected.
32 |
33 |
34 | ******************** ------------------- ------------------- -------------------
35 |
36 |
37 | no rows selected
38 |
39 |
40 | 14-SEP-2020 0.00
41 | ******************** ---------------
42 | 0.00
43 |
44 | 1 row selected.
45 |
46 |
47 | no rows selected
48 |
49 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/awr/dbspace_DBY.lst:
--------------------------------------------------------------------------------
1 |
2 | BCTfile 0.00
3 | Ctlfile 107.31
4 | Datafile 307,375.00
5 | OnlineRedo 4,096.00
6 | Tempfile 32,767.00
7 | ---------------
8 | sum 344,345.31
9 |
10 | 5 rows selected.
11 |
12 |
13 | TABLE DISABLED 1,242.00 1,040
14 | TABLE PARTITION DISABLED 27,195.31 1,035
15 | ENABLED ARCHIVE HIGH 83,132.00 415,660.00 7,875
16 | TABLE SUBPARTITION DISABLED 2.00 32
17 | ****************** ******** ************ ********* --------------- --------------- --------
18 | sum 111,571.31 415,660.00 9,982
19 |
20 | 4 rows selected.
21 |
22 |
23 | 1 1 2 256.00
24 | 2 2 256.00
25 | 3 2 256.00
26 | 7 2 256.00
27 | 2 4 2 256.00
28 | 5 2 256.00
29 | 6 2 256.00
30 | 8 2 256.00
31 | ********** ********** ********** ----------------
32 | sum 2,048.00
33 |
34 | 8 rows selected.
35 |
36 |
37 | 14-FEVR.-2022 D 107.31 107.31 107.31
38 | **************************** ------------------- ------------------- -------------------
39 | 107.31 107.31 107.31
40 |
41 | 1 row selected.
42 |
43 |
44 | 23-MAI -2019 25.91
45 | 03-OCT. -2021 24.25
46 | 04-OCT. -2021 283.73
47 | 05-OCT. -2021 354.56
48 | 06-OCT. -2021 348.60
49 | 07-OCT. -2021 188.96
50 | **************************** ---------------
51 | 1,226.00
52 |
53 | 6 rows selected.
54 |
55 |
56 | no rows selected
57 |
58 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/awr/dbspace_DBZ.lst:
--------------------------------------------------------------------------------
1 |
2 | BCTfile 81.06
3 | Ctlfile 209.94
4 | Datafile 3,992,644.07
5 | OnlineRedo 12,288.00
6 | Tempfile 131,071.94
7 | ---------------
8 | sum 4,136,295.01
9 |
10 | 5 rows selected.
11 |
12 |
13 | TABLE DISABLED 1,107,936.06 3,489
14 | ENABLED BASIC 4,547.00 1
15 | TABLE PARTITION DISABLED 28,117.38 521
16 | TABLE SUBPARTITION DISABLED 3,477.19 2,540
17 | ****************** ******** ************ ********* --------------- --------------- --------
18 | sum 1,144,077.63 6,551
19 |
20 | 4 rows selected.
21 |
22 |
23 | 1 10 1 1,024.00
24 | 11 1 1,024.00
25 | 12 1 1,024.00
26 | 13 1 1,024.00
27 | 2 20 1 1,024.00
28 | 21 1 1,024.00
29 | 22 1 1,024.00
30 | 23 1 1,024.00
31 | 3 30 1 1,024.00
32 | 31 1 1,024.00
33 | 32 1 1,024.00
34 | 33 1 1,024.00
35 | ********** ********** ********** ----------------
36 | sum 12,288.00
37 |
38 | 12 rows selected.
39 |
40 |
41 | ******************** ------------------- ------------------- -------------------
42 |
43 |
44 | no rows selected
45 |
46 |
47 | 16-MAY-2023 4,227.63
48 | 17-MAY-2023 13,452.35
49 | ******************** ---------------
50 | 17,679.98
51 |
52 | 2 rows selected.
53 |
54 |
55 | no rows selected
56 |
57 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_awr_details.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_awr_details.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommendation_filters.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommendation_filters.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_1.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_2.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_nas_3.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_1.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_2.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_2_managed_disks.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_2_managed_disks.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_3.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_3_managed_disks.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_recommended_vms_3_managed_disks.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_settings_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_settings_1.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_settings_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_settings_3.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_1.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_2.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_azurevm_3.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_summary_by_db_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_db_1.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_summary_by_db_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_db_2.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_summary_by_dbinstance.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_dbinstance.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab1/media/omat_summary_by_host.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab1/media/omat_summary_by_host.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
1 | # Microsoft Open Source Code of Conduct
2 |
3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
4 |
5 | Resources:
6 |
7 | - [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
8 | - [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
9 | - Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
10 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/README.md:
--------------------------------------------------------------------------------
1 | # Lab 2: Deploying Oracle Landing Zone
2 |
3 |
4 | ## Overview
5 |
6 | This repository describes how to create and install Oracle DB on an Azure VM in an automated fashion, through the use of "terraform" and "ansible".
7 |
8 | A single Azure VM will be deployed in a VNET in your Azure subscription.
9 |
10 |
11 |
12 | ## Pre-requisities
13 |
14 | 1. An Azure subscription. If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/en-us/free/?ref=microsoft.com&utm_source=microsoft.com&utm_medium=docs&utm_campaign=visualstudio) before you begin.
15 | 2. A compute source running Ubuntu. This can either be a local computer, [Azure Cloud Shell](https://shell.azure.com) or [an Azure VM](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-portal?tabs=ubuntu).
16 |
17 | **FOR THIS LAB => We strongly encourage the use of [Azure Cloud Shell](https://shell.azure.com) since all the required software such as Terraform, Ansible and Azure CLI are already installed.**
18 |
19 | 3. Terraform installed on the compute source. Otherwise, follow the installations instructions [here](https://developer.hashicorp.com/terraform/downloads). It is already installed on the Azure Cloud Shell.
20 | 4. Ansible installed on the compute source. Otherwise, follow the installations instructions [here](https://docs.ansible.com/ansible/latest/installation_guide/installation_distros.html). It is already installed on the Azure Cloud Shell.
21 | 5. Azure CLI installed on the compute source. Otherwise, follow the installations instructions [here](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=apt). It is already installed on the Azure Cloud Shell.
22 |
23 |
24 | ## Step-by-step Instructions
25 |
26 | 1. [Clone this repo](docs/wiki/CLONE.md) onto the compute resource.
27 | 2. [Provision infrastructure on Azure](docs/wiki/TERRAFORM.md) via terraform.
28 | 3. [Review the infrastructure](docs/wiki/REVIEW_INFRA.md) provisioned on Azure.
29 | 4. [Install and configure Oracle DB](docs/wiki/ANSIBLE.md) via ansible.
30 | 5. [Test the final configuration](docs/wiki/TEST.md).
31 |
32 |
33 | ## Disclaimer
34 |
35 | Please note that the policies in this GitHub repository are currently in development and may be subject to frequent changes and updates. This means that the functionality and features of the polices may change without notice. As such, you are advised to ensure that the policies are tested thoroughly in a test environment before considering moving to production.
36 |
37 | Additionally you are advised to reach out to the authors of this repository to discuss the policies and their suitability for your environment, before deploying them in production. To do so create an issue [here](https://github.com/alz-oracle/issues), and we will get back to you as soon as possible.
38 |
39 | By accessing or using the code in this repository, you agree to assume all risks associated with its use and to use it at your own discretion and risk. Microsoft shall not be liable for any damages or losses resulting from the use of this code. For support details, please see the [Support section](./SUPPORT.md).
40 |
41 |
42 | ## Wiki
43 |
44 | Please see the content in the [wiki](docs/wiki/Home.md) for more detailed information about the repo and various other pieces of documentation.
45 |
46 | ## Known Issues
47 |
48 | Please see the [Known Issues](docs/wiki/KnownIssues.md) in the wiki.
49 |
50 | ## Frequently Asked Questions
51 |
52 | Please see the [Frequently Asked Questions](docs/wiki/FAQ.md) in the wiki.
53 |
54 | ## Contributing
55 |
56 |
57 | Please see the [Contributing](docs/wiki/Contributing.md) in the wiki.
58 |
59 |
60 | ## Trademarks
61 |
62 | This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft
63 | trademarks or logos is subject to and must follow
64 | [Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general).
65 | Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.
66 | Any use of third-party trademarks or logos are subject to those third-party's policies.
67 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/SECURITY.md:
--------------------------------------------------------------------------------
1 |
2 |
3 | ## Security
4 |
5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet) and [Xamarin](https://github.com/xamarin).
6 |
7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below.
8 |
9 | ## Reporting Security Issues
10 |
11 | **Please do not report security vulnerabilities through public GitHub issues.**
12 |
13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/security.md/msrc/create-report).
14 |
15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/security.md/msrc/pgp).
16 |
17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
18 |
19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
20 |
21 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
22 | * Full paths of source file(s) related to the manifestation of the issue
23 | * The location of the affected source code (tag/branch/commit or direct URL)
24 | * Any special configuration required to reproduce the issue
25 | * Step-by-step instructions to reproduce the issue
26 | * Proof-of-concept or exploit code (if possible)
27 | * Impact of the issue, including how an attacker might exploit the issue
28 |
29 | This information will help us triage your report more quickly.
30 |
31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/security.md/msrc/bounty) page for more details about our active programs.
32 |
33 | ## Preferred Languages
34 |
35 | We prefer all communications to be in English.
36 |
37 | ## Policy
38 |
39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd).
40 |
41 |
42 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/SUPPORT.md:
--------------------------------------------------------------------------------
1 | # Support
2 |
3 | ## How to file issues and get help
4 |
5 | This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates. For new issues, file your bug or feature request as a new Issue.
6 |
7 | Issues can be created and searched through for existing issues here: [https://github.com/Azure/alz-monitor/issues](https://github.com/Azure/alz-monitor/issues)
8 |
9 | Please provide as much information as possible when filing an issue. Include screenshots or correlation IDs if possible (please redact any sensitive information).
10 |
11 | For instructions on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id).
12 |
13 | We may ask you to create an Azure support request once we have triaged the issue following the process documented [here](https://docs.microsoft.com/azure/azure-portal/supportability/how-to-create-azure-support-request)
14 |
15 | ## Microsoft Support Policy
16 |
17 | If issues are encountered when deploying the policies contained in this repo users will be able to engage Microsoft support via their usual channels. Please provide correlation IDs where possible when contacting support to be able to investigate the issue effectively and in a timely fashion. For instructions on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id).
18 |
19 | Following list of issues are within the scope of Microsoft support:
20 |
21 | - Underlying Resource or Resource Provider issues when deploying policies for any deployment failures.
22 |
23 | Any issues that are deemed outside of the above list by Microsoft support and/or requires bugfix in the module or code in the repo, Microsoft support will redirect user to file the issue on GitHub.
24 |
25 | Project maintainers and community aim to get issues resolved in timely fashion as per community support policy of this repo.
26 |
27 | ## Community Support Policy
28 |
29 | Project maintainers will aim to respond within 3 business days to get a meaningful response for any new issues, however, whilst in preview this may sometimes be a little longer.
30 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/README.md:
--------------------------------------------------------------------------------
1 | # Install Oracle Database 19c with Ansible
2 |
3 | These roles configure Oracle Database prerequisites and install it for CentOS 7.
4 |
5 | ## Requirements
6 |
7 | - CentOS 7.7 or later
8 | - Ansible 2.9
9 | - Installation media file distributed by oracle.com
10 |
11 | ## Install the Oracle Database software to a target host
12 |
13 | Place the installation media file into roles/oracle19c/files/, configure your inventory and run ansible-playbook.
14 |
15 | ```
16 | $ cp /foo/bar/LINUX.X64_193000_db_home.zip roles/oracle19c/files/
17 | $ ansible-playbook -i inventory.yml playbook.yml oracle -k -K
18 | ```
19 |
20 | # After installation
21 |
22 | You can use the database with SID `orcl19c`.
23 | The default password for SYS and SYSTEM is `oracle123`.
24 |
25 | ```
26 | $ export ORACLE_SID=orcl19c
27 | $ sqlplus system/oracle123
28 | SQL> quit
29 | ```
30 |
31 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/ansible.cfg:
--------------------------------------------------------------------------------
1 | [defaults]
2 | callback_whitelist=profile_tasks
3 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/group_vars/all/vars.yml:
--------------------------------------------------------------------------------
1 | # primary oracle group
2 | oracle_group: oinstall
3 |
4 | # DBA group
5 | oracle_dba_group: dba
6 | oracle_backupdba_group: backupdba
7 | oracle_oper_group: oper
8 | oracle_dgdba_group: dgdba
9 | oracle_kmdba_group: kmdba
10 | oracle_racdba_group: racdba
11 |
12 | oracle_groups: wheel,dba,backupdba,oper,dgdba,kmdba,racdba
13 |
14 | oracle_user: oracle
15 | oracle_pass: $1$salt$6hY7SFGTovD5BRJ.4zYAd1
16 |
17 | swapsize: 16384
18 |
19 | #storage type, FS|ASM
20 | storage_type: FS
21 |
22 |
23 | data_device: /dev/disk/azure/scsi1/lun20
24 | data_disk_mount: /u01
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/playbook.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: all
3 | gather_facts: true
4 | become: true
5 | roles:
6 | - common
7 | #- grid
8 | - oracle19c #oracle software installatio
9 | - dbca # database creation
10 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/common/defaults/main.yaml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/common/defaults/main.yaml
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/common/tasks/main.yaml:
--------------------------------------------------------------------------------
1 |
2 | - name: install x86_64 oracle dependencies
3 | yum:
4 | name: "{{ packages }}"
5 | update_cache: yes
6 | vars:
7 | packages:
8 | - oracle-database-preinstall-19c
9 | - unzip
10 | - name: selinux dependencies
11 | yum:
12 | name: "{{ packages }}"
13 | vars:
14 | packages:
15 | - libselinux-python
16 |
17 | - name: set up the oracle hostnames
18 | lineinfile:
19 | dest: /etc/hosts
20 | state: present
21 | line: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} {{ inventory_hostname }}"
22 |
23 | - name: oracle-recommended sysctl
24 | sysctl:
25 | name: "{{ item.name }}"
26 | value: "{{ item.value }}"
27 | state: present
28 | ignoreerrors: yes # Ignore errors about unknown keys
29 | with_items:
30 | - { name: "kernel.shmall", value: "1073741824" }
31 | - { name: "kernel.shmmax", value: "4398046511104" }
32 | - { name: "kernel.shmmni", value: "4096" }
33 | - { name: "kernel.sem", value: "250 32000 100 128" }
34 | - { name: "fs.file-max", value: "6815744" }
35 | - { name: "fs.aio-max-nr", value: "1048576" }
36 | - { name: "net.ipv4.ip_local_port_range", value: "9000 65500" }
37 | - { name: "net.core.rmem_default", value: "262144" }
38 | - { name: "net.core.rmem_max", value: "4194304" }
39 | - { name: "net.core.wmem_default", value: "262144" }
40 | - { name: "net.core.wmem_max", value: "1048576" }
41 | - { name: "kernel.panic_on_oops", value: "1" }
42 |
43 | - name: save sysctl config
44 | command: sysctl -p
45 | ignore_errors: yes
46 |
47 |
48 | - name: Change Linux Swap Size
49 | replace:
50 | path: /etc/waagent.conf
51 | regexp: "ResourceDisk.SwapSizeMB=0"
52 | replace: "ResourceDisk.SwapSizeMB={{ swapsize }}"
53 |
54 | - name: Enable Swap
55 | replace:
56 | path: /etc/waagent.conf
57 | regexp: "ResourceDisk.EnableSwap=n"
58 | replace: "ResourceDisk.EnableSwap=y"
59 |
60 | - name: Enable Swap Disk
61 | replace:
62 | path: /etc/waagent.conf
63 | regexp: "ResourceDisk.Format=n"
64 | replace: "ResourceDisk.Format=y"
65 | - name: Restart Waagent
66 | ansible.builtin.service:
67 | name: waagent
68 | state: restarted
69 |
70 | - name: oracle-recommended PAM config
71 | lineinfile:
72 | dest: /etc/pam.d/login
73 | state: present
74 | line: "session required pam_limits.so"
75 |
76 | - name: oracle-recommended security limits
77 | lineinfile:
78 | dest: /etc/security/limits.conf
79 | state: present
80 | line: "{{ item }}"
81 | with_items:
82 | - "oracle soft nofile 1024"
83 | - "oracle hard nofile 65536"
84 | - "oracle soft nproc 2047"
85 | - "oracle hard nproc 16384"
86 | - "oracle soft stack 10240"
87 | - "oracle hard stack 32768"
88 | - "oracle soft memlock 3145728"
89 | - "oracle hard memlock 3145728"
90 |
91 | - name: create initial groups for the oracle user
92 | group: name={{ item }} state=present
93 | with_items:
94 | - "{{ oracle_group }}"
95 | - "{{ oracle_dba_group }}"
96 | - "{{ oracle_backupdba_group }}"
97 | - "{{ oracle_oper_group }}"
98 | - "{{ oracle_dgdba_group }}"
99 | - "{{ oracle_kmdba_group }}"
100 | - "{{ oracle_racdba_group }}"
101 |
102 | - name: create oracle user
103 | user:
104 | name: "{{ oracle_user }}"
105 | group: "{{ oracle_group }}"
106 | groups: "{{ oracle_groups }}"
107 | home: /home/{{ oracle_user }}
108 | shell: /bin/bash
109 | password: "{{ oracle_pass }}"
110 | append: yes
111 |
112 |
113 | - name: Create partition on data disk
114 | parted:
115 | device: "{{data_device}}"
116 | number: 1
117 | state: present
118 | when: storage_type == "FS"
119 |
120 | - name: Create a ext4 fs on data disk
121 | filesystem:
122 | fstype: ext4
123 | dev: "{{data_device}}-part1"
124 | when: storage_type == "FS"
125 |
126 | - name: Get UUID for partition
127 | command: blkid -s UUID -o value "{{ data_device }}-part1"
128 | register: disk_blkid
129 | when: storage_type == "FS"
130 |
131 | - name: Mount data disk
132 | mount:
133 | path: "{{data_disk_mount}}"
134 | src: "UUID={{disk_blkid.stdout}}"
135 | fstype: ext4
136 | state: mounted
137 | when: storage_type == "FS"
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/dbca/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | oracle_db_home: /u01/app/oracle/product/19.3.0/dbhome_1
3 | oracle_user: oracle
4 | createAsContainerDatabase: "FALSE"
5 | gdbName: orcl
6 | sid: orcl
7 | databaseConfigType:
8 | RACOneNodeServiceName:
9 | policyManaged:
10 | createServerPool:
11 | serverPoolName:
12 | cardinality:
13 | force:
14 | pqPoolName:
15 | pqCardinality:
16 | numberOfPDBs:
17 | pdbName:
18 | useLocalUndoForPDBs:
19 | pdbAdminPassword:
20 | nodelist:
21 | templateName: General_Purpose.dbc
22 | sysPassword: Oracle123.?
23 | systemPassword: Oracle123.?
24 | oracleHomeUserPassword:
25 | emConfiguration: DBEXPRESS
26 | emExpressPort: 5500
27 | runCVUChecks:
28 | dbsnmpPassword: Oracle123.?
29 | omsHost:
30 | omsPort:
31 | emUser:
32 | emPassword:
33 | dvConfiguration:
34 | dvUserName:
35 | dvUserPassword:
36 | dvAccountManagerName:
37 | dvAccountManagerPassword:
38 | olsConfiguration:
39 | datafileJarLocation:
40 | datafileDestination:
41 | recoveryAreaDestination:
42 | storageType: FS
43 | diskGroupName: #DATA
44 | asmsnmpPassword:
45 | recoveryGroupName: #ASM #RECO degistir
46 | characterSet: AL32UTF8
47 | nationalCharacterSet: UTF8
48 | registerWithDirService:
49 | dirServiceUserName:
50 | dirServicePassword:
51 | walletPassword:
52 | listeners:
53 | variablesFile:
54 | initParams:
55 | sampleSchema: "TRUE"
56 | memoryPercentage:
57 | databaseType: MULTIPURPOSE
58 | automaticMemoryManagement: "FALSE"
59 | totalMemory:
60 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/dbca/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | #
3 | # create database
4 | #
5 | - block:
6 | - name: copy response file for silent install
7 | template: src=dbca.rsp.j2 dest=/home/{{ oracle_user }}/dbca.rsp
8 |
9 | - name: dbca
10 | command: bin/dbca -silent -createDatabase -responseFile /home/{{ oracle_user }}/dbca.rsp -ignorePreReqs
11 | ignore_errors: yes
12 | args:
13 | chdir: "{{ oracle_db_home }}"
14 |
15 | - name: Configure Oratab
16 | shell: sed -i 's/:N/:Y/' /etc/oratab
17 | become: true
18 | become_user: root
19 |
20 |
21 | - name: copy response file for silent install
22 | template: src=dbora.j2 dest=/etc/init.d/dbora
23 | become: true
24 | become_user: root
25 |
26 | - name: Chnage ownership of dbora
27 | file:
28 | path: /etc/init.d/dbora
29 | group: dba
30 | mode: 0750
31 | become: true
32 | become_user: root
33 |
34 | - name: link files
35 | command: ln -s /etc/init.d/dbora {{ item }}
36 | loop:
37 | - /etc/rc.d/rc0.d/K01dbora
38 | - /etc/rc.d/rc3.d/S99dbora
39 | - /etc/rc.d/rc5.d/S99dbora
40 | ignore_errors: yes
41 | become: true
42 | become_user: root
43 |
44 | - name: start listener
45 | command: lsnrctl start
46 | ignore_errors: yes
47 |
48 | - name: reboot
49 | shell: "sleep 5 && reboot"
50 | async: 1
51 | poll: 0
52 | become: true
53 | become_user: root
54 |
55 | become: yes
56 | become_user: "{{ oracle_user }}"
57 |
58 |
59 |
60 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/dbca/templates/dbora.j2:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # chkconfig: 345 99 10
3 | # Description: Oracle auto start-stop script.
4 | #
5 | # Set ORA_HOME to be equivalent to $ORACLE_HOME.
6 | ORA_HOME={{ oracle_db_home }}
7 | ORA_OWNER=oracle
8 |
9 | case "$1" in
10 | 'start')
11 | # Start the Oracle databases:
12 | # The following command assumes that the Oracle sign-in
13 | # will not prompt the user for any values.
14 | # Remove "&" if you don't want startup as a background process.
15 | su - $ORA_OWNER -c "$ORA_HOME/bin/dbstart $ORA_HOME" &
16 | touch /var/lock/subsys/dbora
17 | ;;
18 |
19 | 'stop')
20 | # Stop the Oracle databases:
21 | # The following command assumes that the Oracle sign-in
22 | # will not prompt the user for any values.
23 | su - $ORA_OWNER -c "$ORA_HOME/bin/dbshut $ORA_HOME" &
24 | rm -f /var/lock/subsys/dbora
25 | ;;
26 | esac
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/grid/defaults/main.yaml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/grid/defaults/main.yaml
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/grid/templates/bash_rc:
--------------------------------------------------------------------------------
1 | export ORACLE_HOME=/opt/grid
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/grid/vars/main.yml:
--------------------------------------------------------------------------------
1 | gridurl: https://oraclebinarysa.blob.core.windows.net/oracle/LINUX.X64_193000_grid_home.zip?sp=r&st=2023-09-07T11:37:48Z&se=2025-03-31T19:37:48Z&spr=https&sv=2022-11-02&sr=b&sig=QCeLiPKWqrnJDHRC8LNB6HxQEpNuW9fu%2Fj7jw6wUVtY%3D
2 | gridLatestUpdateUrl: https://oraclebinarysa.blob.core.windows.net/oracle/p35319490_190000_Linux-x86-64.zip?sp=r&st=2023-09-13T00:12:57Z&se=2025-02-06T09:12:57Z&spr=https&sv=2022-11-02&sr=b&sig=AlHJXCspMt2ajivjqiXiSzv40D%2B1SIPuSVyrJA8zjGI%3D
3 | opatchUpdateUrl: https://oraclebinarysa.blob.core.windows.net/oracle/p6880880_190000_LINUX.zip?sp=r&st=2023-10-10T16:47:47Z&se=2024-12-07T01:47:47Z&spr=https&sv=2022-11-02&sr=b&sig=E1Fk8AfQsyjpall%2FsMTWIE4B%2B0bjwVNoYXxbz8D90aw%3D
4 | syspass: Oracle123.?
5 | systempass: Oracle123.?
6 | monitorpass: oracle123.?
7 | dbname: tempdb
8 | gridpass: Oracle123.?
9 | oraclepass: Oracle123.?
10 | oracle_patch_number: 35319490
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/oracle19c/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults for oracle installation
3 |
4 | #
5 | # oracle connection settings
6 | #
7 |
8 | # ORACLE_BASE parent, {{ oracle_path }}/oracle
9 | oracle_path: /u01/app
10 |
11 | # ORACLE_SID
12 | oracle_db_name: orcl
13 |
14 | # ORACLE_HOME basename, {{ oracle_path }}/oracle/product/19.3.0/{{ oracle_db_home }}
15 | oracle_db_home: /u01/app/oracle/product/19.3.0/dbhome_1
16 |
17 | #
18 | # oracle system user
19 | #
20 |
21 | # oracle user username
22 | oracle_user: oracle
23 |
24 | # hashed password for the oracle user
25 | # python -c 'import crypt; print crypt.crypt("oracle", "$1$salt$")'
26 | oracle_pass: $1$salt$6hY7SFGTovD5BRJ.4zYAd1
27 | oracle_pass_raw: oracle
28 |
29 | # primary oracle group
30 | oracle_group: oinstall
31 |
32 | # DBA group
33 | oracle_dba_group: dba
34 | oracle_backupdba_group: backupdba
35 | oracle_oper_group: oper
36 | oracle_dgdba_group: dgdba
37 | oracle_kmdba_group: kmdba
38 | oracle_racdba_group: racdba
39 |
40 | oracle_groups: wheel,dba,backupdba,oper,dgdba,kmdba,racdba
41 |
42 | oracle_patch_number: 35319490
43 |
44 |
45 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/oracle19c/tasks/main.yml:
--------------------------------------------------------------------------------
1 | - name: create the oracle installation path
2 | file:
3 | mode: 0755
4 | path: "{{ oracle_path }}"
5 | state: directory
6 | group: "{{ oracle_group }}"
7 | owner: "{{ oracle_user }}"
8 |
9 | - name: set oracle user environment
10 | lineinfile: dest=/home/{{ oracle_user }}/.bashrc state=present line="{{ item }}"
11 | with_items:
12 | - "export ORACLE_BASE={{ ora_user_env.ORACLE_BASE }}"
13 | - "export ORACLE_SID={{ ora_user_env.ORACLE_SID }}"
14 | - "export ORACLE_HOME={{ ora_user_env.ORACLE_HOME }}"
15 | - "export PATH=$PATH:$ORACLE_HOME/bin"
16 | - "export NLS_LANG={{ ora_user_env.NLS_LANG }}"
17 |
18 | - name: disable firewalld
19 | systemd:
20 | name: firewalld
21 | state: stopped
22 | enabled: false
23 |
24 | - name: disable transparent_hugepage
25 | replace:
26 | path: /etc/default/grub
27 | regexp: '^GRUB_CMDLINE_LINUX="(.*)"$'
28 | replace: 'GRUB_CMDLINE_LINUX="\1 transparent_hugepage=never"'
29 |
30 | - name: make grub.cfg
31 | command: grub2-mkconfig -o /boot/grub2/grub.cfg
32 |
33 | - name: reboot
34 | shell: "sleep 5 && reboot"
35 | async: 1
36 | poll: 0
37 |
38 | - name: wait for rebooting
39 | wait_for_connection:
40 | connect_timeout: 5
41 | sleep: 5
42 | delay: 20
43 | timeout: 240
44 |
45 | - name: check transparent_hugepage
46 | shell: "cat /sys/kernel/mm/transparent_hugepage/enabled"
47 | register: result_hugepage
48 |
49 | - name: debug
50 | debug:
51 | var: result_hugepage
52 |
53 | #- name: test transparent_hugepage is disabled
54 | # assert:
55 | # that:
56 | # - "result_hugepage.stdout == '[always] madvise never'"
57 |
58 | #
59 | # install Oracle Database software
60 | #
61 |
62 | - name: create the oracle installation path
63 | file:
64 | mode: 0755
65 | path: "{{ oracle_path }}"
66 | state: directory
67 | group: "{{ oracle_group }}"
68 | owner: "{{ oracle_user }}"
69 |
70 | - name: create $ORACLE_HOME directory
71 | file:
72 | mode: 0755
73 | path: "{{ oracle_db_home }}"
74 | state: directory
75 | group: "{{ oracle_group }}"
76 | owner: "{{ oracle_user }}"
77 |
78 | - name: create $ORACLE_HOME/patch directory
79 | file:
80 | mode: 0755
81 | path: "{{ oracle_db_home }}/patch"
82 | state: directory
83 | group: "{{ oracle_group }}"
84 | owner: "{{ oracle_user }}"
85 |
86 | - block:
87 | - name: copy response file for silent install
88 | template:
89 | src: db_install.rsp.j2
90 | dest: /home/{{ oracle_user }}/db_install.rsp
91 |
92 | #- name: Copy oracle.zip file
93 | # ansible.builtin.copy:
94 | # src: LINUX.X64_193000_db_home.zip
95 | # dest: /home/{{ oracle_user }}/LINUX.X64_193000_db_home.zip
96 | # owner: oracle
97 | # group: oinstall
98 | # mode: '0644'
99 | - name: Download Oracle Linux Zip File
100 | ansible.builtin.get_url:
101 | url: https://oraclebinarysa.blob.core.windows.net/oracle/LINUX.X64_193000_db_home.zip?sp=r&st=2023-09-13T00:14:00Z&se=2025-07-12T08:14:00Z&spr=https&sv=2022-11-02&sr=b&sig=q6BVLxDZWn%2FkQsGTJ6yXjrejJSCZ00t4gO1tc4tIL3o%3D
102 | dest: /home/{{ oracle_user }}/LINUX.X64_193000_db_home.zip
103 |
104 | # - name: Download Oracle Latest Patch
105 | # ansible.builtin.get_url:
106 | # url: https://oraclebinarysa.blob.core.windows.net/oracle/p35319490_190000_Linux-x86-64.zip?sp=r&st=2023-09-13T00:12:57Z&se=2025-02-06T09:12:57Z&spr=https&sv=2022-11-02&sr=b&sig=AlHJXCspMt2ajivjqiXiSzv40D%2B1SIPuSVyrJA8zjGI%3D
107 | # dest: /home/{{ oracle_user }}/LINUX.X64_ltsp.zip
108 |
109 |
110 | #- name: Download Oracle Latest OPatch
111 | # ansible.builtin.get_url:
112 | # url: https://oraclebinarysa.blob.core.windows.net/oracle/p6880880_190000_LINUX.zip?sp=r&st=2023-10-10T16:47:47Z&se=2024-12-07T01:47:47Z&spr=https&sv=2022-11-02&sr=b&sig=E1Fk8AfQsyjpall%2FsMTWIE4B%2B0bjwVNoYXxbz8D90aw%3D
113 | # dest: /home/{{ oracle_user }}/opatch.zip
114 |
115 | - name: extract the installation media to $ORACLE_HOME
116 | unarchive:
117 | src: /home/oracle/LINUX.X64_193000_db_home.zip
118 | dest: "{{ oracle_db_home }}"
119 | remote_src: yes
120 | #- name: extract the oracle patch media to $ORACLE_HOME/patch
121 | # unarchive:
122 | # src: /home/{{ oracle_user }}/LINUX.X64_ltsp.zip
123 | # dest: "{{ oracle_db_home }}/patch"
124 | # remote_src: yes
125 |
126 |
127 | #- name: Delete OPatch
128 | # ansible.builtin.file:
129 | # state: absent
130 | # path: "{{ oracle_db_home }}/OPatch"
131 |
132 | #- name: Create grid OPatch directory
133 | # file:
134 | # path: "{{ oracle_db_home }}/OPatch"
135 | # state: directory
136 | # owner: "{{ oracle_user }}"
137 | # group: oinstall
138 |
139 |
140 | #- name: Extract Grid OPatch to
141 | # ansible.builtin.unarchive:
142 | # src: "/home/{{ oracle_user }}/opatch.zip"
143 | # dest: "{{ oracle_db_home }}"
144 | # remote_src: yes
145 | # owner: "{{ oracle_user }}"
146 | # group: oinstall
147 |
148 | - name: runInstaller
149 | shell: echo "{{ oracle_pass_raw }}" | ./runInstaller -responseFile /home/{{ oracle_user }}/db_install.rsp -silent #-applyRU {{ oracle_db_home }}/patch/{{ oracle_patch_number }}
150 | ignore_errors: yes
151 | args:
152 | chdir: "{{ oracle_db_home }}"
153 |
154 | become: yes
155 | become_user: "{{ oracle_user }}"
156 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance/roles/oracle19c/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | # shell environment for the oracle user
4 | ora_user_env:
5 | ORACLE_BASE: "{{ oracle_path }}/oracle"
6 | ORACLE_SID: "{{ oracle_db_name }}"
7 | ORACLE_HOME: "{{ oracle_path }}/oracle/product/19.3.0/dbhome_1"
8 | NLS_LANG: "american_america.AL32UTF8"
9 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/complete.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/complete.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/fixtures.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/fixtures.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/inventory.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/inventory.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/port2222.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/port2222.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/provisioned.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/provisioned.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/publicip.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/publicip.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/run_command1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/run_command1.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/run_command2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/run_command2.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/single-instance-overview.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/single-instance-overview.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/single_vm.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/single_vm.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/ssh-for-cloud-shell.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/ssh-for-cloud-shell.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/sshport.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/sshport.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/test.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/test.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/media/warnings.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/docs/media/warnings.jpg
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/ANSIBLE.md:
--------------------------------------------------------------------------------
1 | # Using ansible to configure OracleDB & ASM
2 |
3 | Now that the required infrastructure is allocated on Azure, it is time to install & configure the Oracle DB via ansible.
4 |
5 |
6 |
7 | On the compute source running Ubuntu or on Azure Cloud Shell, follow the steps given below:
8 |
9 | 1. Switch to the following subdirectory:
10 | ```
11 | cd ~/projects/Oracle-Workloads-for-Azure/levelup-oracle-on-iaas/lab2/ansible/bootstrap/single_instance
12 | ```
13 |
14 | 2. Create a new file called inventory:
15 | ```
16 | touch inventory
17 | ```
18 |
19 | 3. Edit the file
20 |
21 | ```
22 | nano inventory
23 | ```
24 |
25 |
26 | Make sure that it has the following format:
27 |
28 | ```
29 | [dbservers]
30 |
31 | vm-0 ansible_host= ansible_ssh_private_key_file=~/.ssh/lza-oracle-single-instance ansible_user=oracle
32 | ```
33 |
34 | Below is an example:
35 |
36 |
37 |
38 |
39 | 4. Start the ansible playbook
40 | ```
41 | ansible-playbook playbook.yml -i inventory
42 | ```
43 | (If you are prompted for "are you sure you want to continue connecting?", enter "yes")
44 |
45 | (If using Azure Cloud Shell, remember to activate the Cloud Shell window by pressing Enter as few times, every 15 minutes or so since the shell times out after 20 minutes of inaction.)
46 |
47 |
48 | 5. If you get an error stating "ERROR! Invalid callback for stdout specified: community.general.yaml" then run the following step and then re-run the previous step.
49 | ```
50 | ansible-galaxy collection install community.general
51 | ```
52 |
53 | 6. It is acceptable to see warnings highlighted in red.
54 |
55 |
56 |
57 | Once the installation and configuration completes, you will see a screen similar to the one below.
58 |
59 |
60 |
61 |
62 |
63 | 7. Now you can go back to the main [README.md](../../README.md#step-by-step-instructions) file.
64 |
65 |
66 |
67 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/CLONE.md:
--------------------------------------------------------------------------------
1 | # Cloning the repo
2 |
3 | ## Getting started
4 |
5 |
6 |
7 | Follow the steps given below:
8 |
9 | 1. Login to the local compute resource running Ubuntu. If using Azure Cloud Shell, login to [Azure Cloud Shell](https://shell.azure.com).
10 |
11 | 2. Install "pip". If you are using Azure Cloud Shell, then ignore this step.
12 | ```
13 | sudo apt update
14 | sudo apt install python3-pip
15 | ```
16 |
17 | 3. Create a subdirectory to clone the repo.
18 | ```
19 | mkdir ~/projects
20 | cd projects
21 | ```
22 |
23 | 4. Start cloning the repo.
24 | ```
25 | git clone https://github.com/Azure/Oracle-Workloads-for-Azure.git
26 | ```
27 |
28 | 5. Now you can go back to the main [README.md](../../README.md#step-by-step-instructions) file.
29 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/Contributing.md:
--------------------------------------------------------------------------------
1 |
2 | ## Contributing
3 |
4 | - [Contributing](#contributing)
5 | - [Recommended Learning](#recommended-learning)
6 | - [Git](#git)
7 | - [Tooling](#tooling)
8 | - [Required Tooling](#required-tooling)
9 | - [Recommended Tooling](#recommended-tooling)
10 | - [Formatting Guidelines](#formatting-guidelines)
11 | - [Code Styling](#code-styling)
12 | - [Resource API Versions](#resource-api-versions)
13 | - [Git Information on Contributing](#git-information-on-contributing)
14 |
15 | ---
16 |
17 | Looking to contribute to this project, whether that be code, examples, documentation or GitHub automation, you are in the right place. Please review the rest of this wiki page for important information to help you to start contributing to the project effectively.
18 |
19 | ## Recommended Learning
20 |
21 | Before you start contributing to the repo, it is **highly recommended** that you complete the following Microsoft Learn paths, modules & courses:
22 |
23 | ### Git
24 |
25 | - [Introduction to version control with Git](https://docs.microsoft.com/learn/paths/intro-to-vc-git/)
26 |
27 | ## Tooling
28 |
29 | ### Required Tooling
30 |
31 | To contribute to this project the following tooling is required:
32 |
33 | - [Git](https://git-scm.com/downloads)
34 | - [Visual Studio Code](https://code.visualstudio.com/download)
35 |
36 | ### Recommended Tooling
37 |
38 | The following tooling/extensions are recommended to assist you developing for the project:
39 |
40 | - [ARM Tools extension for Visual Studio Code](https://marketplace.visualstudio.com/items?itemName=msazurermtools.azurerm-vscode-tools)
41 | - [ARM Template Viewer extension for Visual Studio Code](https://marketplace.visualstudio.com/items?itemName=bencoleman.armview)
42 | - [EditorConfig for VS Code](https://marketplace.visualstudio.com/items?itemName=EditorConfig.EditorConfig)
43 | - For visibility of Bracket Pairs:
44 | - Inside Visual Studio Code, add `"editor.bracketPairColorization.enabled": true` to your `settings.json`, to enable bracket pair colorization.
45 |
46 | ## Formatting Guidelines
47 |
48 | The below guidelines should be adhered to whilst contributing to this projects code.
49 |
50 | ## Code Styling
51 |
52 | - Strict `camelCasing` must be used for all elements:
53 | - Symbolic names for:
54 | - Parameters
55 | - Variables
56 | - Resource
57 | - Modules
58 | - Outputs
59 | - All parameters should have a **useful** description
60 | - If relevant parameters should have a default value set.
61 |
62 | ### Resource API Versions
63 |
64 | Each resource must use the latest available, working, API version. If the latest API version cannot be used for any reason, a comment must be placed above the resource in the module file stating why and also called out as part of the PR.
65 |
66 | ## Git Information on Contributing
67 |
68 | To make contributions to this repo you must fork and clone the repo. You can follow the guidance here on how to do this [Fork a repo](https://docs.github.com/get-started/quickstart/fork-a-repo)
69 |
70 | You **will not** be able to create a branch or push directly to this repo. All changes into this repo **must** be made via a Pull Request. This process is documented here: [Contributing to projects](https://docs.github.com/get-started/quickstart/contributing-to-projects)
71 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/FAQ.md:
--------------------------------------------------------------------------------
1 | # Frequently Asked Questions
2 |
3 | ## Will I be charged Azure usage?
4 |
5 | *Yes, this solution will create an Azure VM and you will be charged for VM uptime and Azure Storage.*
6 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/Home.md:
--------------------------------------------------------------------------------
1 | # Welcome to the alz-oracle wiki!
2 |
3 | This wiki documents how to automate the deployment of a virtual machine on Azure that runs a single instance Oracle DB. The solution uses terraform and ansible technologies for automation.
4 |
5 |
6 |
7 | ## Navigation
8 |
9 | - [Wiki Home](./Home.md)
10 | - [What's New](./WhatsNew.md)
11 | - [Step by Step Instructions](../../README.md#step-by-step-instructions)
12 | - [Frequently Asked Questions](./FAQ.md)
13 | - [Contributing](./Contributing.md)
14 | - [Known Issues](./KnownIssues.md)
15 | - [Versioning](./Versioning.md)
16 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/KnownIssues.md:
--------------------------------------------------------------------------------
1 | # Known Issues
2 |
3 | TBD
4 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/REVIEW_INFRA.md:
--------------------------------------------------------------------------------
1 | # Review of the infrastrucure provisioned on Azure
2 |
3 |
4 | 1. Once the Azure infrastructure provisioning via terraform is completed, you will see a new Resource Group in your subscription with the following name convention:
5 |
6 | ```
7 | rg-oracle-demo-eastus-001
8 | ``````
9 |
10 |
11 | 2. In the resource group you will find a VM called "vm-0":
12 |
13 |
14 |
15 |
16 |
17 | 3. Check the networking for the Azure VM and ensure that the "ssh" port is allowed:
18 |
19 |
20 |
21 |
22 |
23 |
24 | **If you are using a Microsoft tenancy in Azure, then you MUST do the following:**
25 |
26 |
27 | 3.1- Set the SSH port using the Run Command in the VM Operations -> Run Command with:
28 |
29 | echo "Port 2222" >> /etc/ssh/sshd_config
30 |
31 | systemctl restart sshd
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 | 3.2- Update the Blank NSG firewall rule to use port 2222 instead of 22 for SSH
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 | **However, if you are using Azure Cloud Shell without Microsoft tenancy**, you have two options:
52 |
53 | (option 1) You can create an inbound NSG rule as the following:
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 | (option 2) You can also choose to [enable Just-in-Time access for the VM](https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage) .
62 |
63 |
64 |
65 |
66 |
67 | 4. Finally, copy the public IP address of the VM to use in the future steps. An example is given below.
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 | 5. Now you can go back to the main [README.md](../../README.md#step-by-step-instructions) file.
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/TERRAFORM.md:
--------------------------------------------------------------------------------
1 | # Provisioning of Azure VM via Terraform
2 |
3 |
4 |
5 |
6 | ### How to deploy single VM for Oracle in the VNET
7 |
8 | In this module, you will deploy single virtual machine in the virtual network.
9 |
10 |
11 |
12 |
13 |
14 | Before using this module, you have to create your own ssh key to deploy and connect the virtual machine you will create. To do so, please follow the steps given below.
15 |
16 |
17 |
18 | 1. Do the following on the compute source:
19 |
20 | ```bash
21 | ssh-keygen -f ~/.ssh/lza-oracle-single-instance
22 |
23 | ls -lha ~/.ssh/
24 |
25 | -rw------- 1 yourname staff 2.6K 8 17 2023 lza-oracle-single-instance
26 | -rw-r--r-- 1 yourname staff 589B 8 17 2023 lza-oracle-single-instance.pub
27 | ```
28 |
29 | 2. Next, you go to `terraform/bootstrap/single_instance` directory and create `fixtures.tfvars` file as follows. The contents of the ssh public key that you created in the previous step are copied to the new file.
30 |
31 |
32 | ```bash
33 | cd ~/projects/Oracle-Workloads-for-Azure/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance
34 | cat ~/.ssh/lza-oracle-single-instance.pub > fixtures.tfvars
35 | ```
36 |
37 | 3. Edit the file and modify it so that the format matches the following. Make sure to include the double quotes.
38 |
39 | ```bash
40 | nano ~/projects/Oracle-Workloads-for-Azure/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/fixtures.tfvars
41 | ```
42 |
43 | Here is a sample `fixtures.tfvars` file.
44 |
45 | ```tf:fixtures.tfvars
46 | ssh_key = "ssh-rsa xxxxxxxxxxxxxx="
47 | ```
48 |
49 |
50 |
51 |
52 | 4. Next, execute below Terraform commands. When you deploy resources to Azure, you have to indicate `fixtures.tfvars` as a variable file, which contains the ssh public key.
53 |
54 | ```
55 | pwd
56 |
57 | ~/projects/Oracle-Workloads-for-Azure/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance
58 |
59 | terraform init
60 |
61 | terraform plan -var-file=fixtures.tfvars
62 |
63 | terraform apply -var-file=fixtures.tfvars
64 | ```
65 |
66 | (The "terraform plan" command should only take about 1-2 mins to run. If it takes any longer, interrupt the script and re-run).
67 |
68 |
69 |
70 | (The "terraform apply" command will run for about 8-12 minutes.)
71 |
72 | (When prompted for "Enter a value:" , type in "yes" and press Enter)
73 |
74 | (If using Azure Cloud Shell, remember to activate the Cloud Shell window by pressing Enter as few times, every 15 minutes or so since the shell times out after 20 minutes of inaction.)
75 |
76 |
77 | 5. (OPTIONAL) Finally, you can connect to the virtual machine with ssh private key. While deploying resources, a public ip address is generated and attached to the virtual machine, so that you can connect to the virtual machine with this IP address. The username is `oracle`, which is fixed in `terraform/bootstrap/single_instance/module.tf`.
78 |
79 | ```
80 | ssh -i ~/.ssh/lza-oracle-single-instance oracle@
81 | ```
82 |
83 | 6. Now you can go back to the main [README.md](../../README.md#step-by-step-instructions) file.
84 |
85 |
86 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/TEST.md:
--------------------------------------------------------------------------------
1 | # Testing the final configuration
2 |
3 |
4 | 1. From the compute source (or Azure Cloud Shell), ssh into the Azure VM:
5 | ```
6 | ssh -i ~/.ssh/lza-oracle-single-instance oracle@
7 | ```
8 |
9 |
10 | If you modified SSH port to 2222, do the following instead:
11 | ```
12 | ssh -i ~/.ssh/lza-oracle-single-instance oracle@ -p 2222
13 | ```
14 |
15 |
16 | 2. Check the Oracle related environment variables:
17 | ```
18 | env | grep -i oracle
19 | ```
20 |
21 | 3. Connect to the database:
22 |
23 | ```
24 | sqlplus / as sysdba
25 | SQL> show user
26 | ```
27 |
28 |
29 |
30 |
31 |
32 |
33 | Congratulations!!! Now, you have a functional Oracle DB running on the Azure VM.
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/Versioning.md:
--------------------------------------------------------------------------------
1 | # Versioning for ALZ-Oracle
2 |
3 | The primary deliverable of this repo is a collection of Azure Policy initiatives and associated Azure Policy definitions, and as such is versioned in a manner consistent with the [Azure Policy versioning guidance](https://github.com/Azure/azure-policy/blob/master/built-in-policies/README.md#versioning).
4 |
5 | While this is sufficient for the purposes of individual policies, to further ease adoption of the policies a new release of the repo as a whole will be made available as one or more policies are updated with breaking changes as per the [Azure Policy versioning guidance](https://github.com/Azure/azure-policy/blob/master/built-in-policies/README.md#versioning).
6 |
7 | As new versions are released, update guidance will be provided to allow you to update your existing deployments to the new version.
8 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/docs/wiki/WhatsNew.md:
--------------------------------------------------------------------------------
1 | # What's New
2 |
3 | For information on what's new please refer to the [Releases page](https://github.com/Azure/alz-oracle/releases).
4 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/backend.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | backend "local" {}
3 | }
4 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/images/single_vm.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/images/single_vm.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/module.tf:
--------------------------------------------------------------------------------
1 |
2 |
3 | module "common_infrastructure" {
4 | source = "../../../terraform_units/modules/common_infrastructure"
5 |
6 | infrastructure = local.infrastructure
7 | is_diagnostic_settings_enabled = var.is_diagnostic_settings_enabled
8 | diagnostic_target = var.diagnostic_target
9 | tags = var.resourcegroup_tags
10 | }
11 |
12 | module "vm" {
13 | source = "../../../terraform_units/modules/compute"
14 |
15 | subscription_id = module.common_infrastructure.current_subscription.subscription_id
16 | resource_group = module.common_infrastructure.resource_group
17 | vm_name = "vm"
18 | public_key = var.ssh_key
19 | sid_username = "oracle"
20 | nic_id = module.network.nics_oracledb[0].id
21 | vm_sku = var.vm_sku
22 | vm_source_image_reference = var.vm_source_image_reference
23 |
24 | vm_os_disk = var.vm_os_disk
25 |
26 | aad_system_assigned_identity = false
27 | assign_subscription_permissions = true
28 |
29 | is_diagnostic_settings_enabled = module.common_infrastructure.is_diagnostic_settings_enabled
30 | diagnostic_target = module.common_infrastructure.diagnostic_target
31 | storage_account_id = module.common_infrastructure.target_storage_account_id
32 | storage_account_sas_token = module.common_infrastructure.target_storage_account_sas
33 | log_analytics_workspace_id = module.common_infrastructure.log_analytics_workspace_id
34 | eventhub_authorization_rule_id = module.common_infrastructure.eventhub_authorization_rule_id
35 | partner_solution_id = module.common_infrastructure.partner_solution_id
36 | tags = module.common_infrastructure.tags
37 |
38 | role_assignments = {
39 | role_assignment_1 = {
40 | name = "Virtual Machine Contributor"
41 | skip_service_principal_aad_check = false
42 | }
43 | }
44 | }
45 |
46 | module "network" {
47 | source = "../../../terraform_units/modules/network"
48 |
49 | resource_group = module.common_infrastructure.resource_group
50 | is_diagnostic_settings_enabled = module.common_infrastructure.is_diagnostic_settings_enabled
51 | diagnostic_target = module.common_infrastructure.diagnostic_target
52 | storage_account_id = module.common_infrastructure.target_storage_account_id
53 | log_analytics_workspace_id = module.common_infrastructure.log_analytics_workspace_id
54 | eventhub_authorization_rule_id = module.common_infrastructure.eventhub_authorization_rule_id
55 | partner_solution_id = module.common_infrastructure.partner_solution_id
56 | tags = module.common_infrastructure.tags
57 |
58 | role_assignments_nic = {
59 | role_assignment_1 = {
60 | name = "Contributor"
61 | skip_service_principal_aad_check = false
62 | }
63 | }
64 |
65 | role_assignments_pip = {
66 | role_assignment_1 = {
67 | name = "Contributor"
68 | skip_service_principal_aad_check = false
69 | }
70 | }
71 |
72 | role_assignments_nsg = {
73 | role_assignment_1 = {
74 | name = "Contributor"
75 | skip_service_principal_aad_check = false
76 | }
77 | }
78 |
79 | role_assignments_vnet = {
80 | role_assignment_1 = {
81 | name = "Contributor"
82 | skip_service_principal_aad_check = false
83 | }
84 | }
85 |
86 | role_assignments_subnet = {
87 | role_assignment_1 = {
88 | name = "Contributor"
89 | skip_service_principal_aad_check = false
90 | }
91 | }
92 | }
93 |
94 | module "storage" {
95 | source = "../../../terraform_units/modules/storage"
96 |
97 | resource_group = module.common_infrastructure.resource_group
98 | naming = "oracle"
99 | vm = module.vm.vm[0]
100 | tags = module.common_infrastructure.tags
101 | database_disks_options = {
102 | data_disks = var.database_disks_options.data_disks
103 | asm_disks = var.database_disks_options.asm_disks
104 | redo_disks = var.database_disks_options.redo_disks
105 | }
106 |
107 |
108 | role_assignments = {
109 | role_assignment_1 = {
110 | name = "Contributor"
111 | skip_service_principal_aad_check = false
112 | }
113 | }
114 | }
115 |
116 | #########################################################################################
117 | # #
118 | # JIT Access Policy #
119 | # #
120 | #########################################################################################
121 | resource "azapi_resource" "jit_ssh_policy" {
122 | count = module.vm.database_server_count
123 | name = "JIT-SSH-Policy"
124 | parent_id = "${module.common_infrastructure.resource_group.id}/providers/Microsoft.Security/locations/${module.common_infrastructure.resource_group.location}"
125 | type = "Microsoft.Security/locations/jitNetworkAccessPolicies@2020-01-01"
126 | schema_validation_enabled = false
127 | body = jsonencode({
128 | "kind" : "Basic"
129 | "properties" : {
130 | "virtualMachines" : [{
131 | "id" : "/subscriptions/${module.common_infrastructure.current_subscription.subscription_id}/resourceGroups/${module.common_infrastructure.resource_group.name}/providers/Microsoft.Compute/virtualMachines/${module.vm.vm[0].name}",
132 | "ports" : [
133 | {
134 | "number" : 22,
135 | "protocol" : "TCP",
136 | "allowedSourceAddressPrefix" : "*",
137 | "maxRequestAccessDuration" : "PT3H"
138 | }
139 | ]
140 | }]
141 | }
142 | })
143 |
144 | depends_on = [module.vm]
145 | }
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/outputs.tf:
--------------------------------------------------------------------------------
1 | ###############################################################################
2 | # #
3 | # Resource Group #
4 | # #
5 | ###############################################################################
6 | output "resource_group" {
7 | value = module.common_infrastructure.resource_group
8 | }
9 |
10 | output "created_resource_group_id" {
11 | description = "Created resource group ID"
12 | value = module.common_infrastructure.resource_group.id
13 | }
14 |
15 | output "created_resource_group_name" {
16 | description = "Created resource group name"
17 | value = module.common_infrastructure.resource_group.name
18 | }
19 |
20 | output "created_resource_group_subscription_id" {
21 | description = "Created resource group' subscription ID"
22 | value = module.common_infrastructure.resource_group.id
23 | }
24 |
25 | output "created_resource_group_tags" {
26 | description = "Created resource group tags"
27 | value = module.common_infrastructure.tags
28 | }
29 |
30 | ###############################################################################
31 | # #
32 | # Network #
33 | # #
34 | ###############################################################################
35 | output "network_location" {
36 | value = module.network.network_location
37 | }
38 |
39 | output "db_subnet" {
40 | value = module.network.db_subnet
41 | }
42 |
43 | ###############################################################################
44 | # #
45 | # Storage #
46 | # #
47 | ###############################################################################
48 | output "database_data_disks" {
49 | value = module.storage.data_disks
50 | }
51 |
52 | output "database_asm_disks" {
53 | value = module.storage.asm_disks
54 | }
55 |
56 | output "database_redo_disks" {
57 | value = module.storage.redo_disks
58 | }
59 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/providers.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">=1.2"
3 | required_providers {
4 | azurerm = {
5 | source = "hashicorp/azurerm"
6 | version = ">=3.11.0, <4.0"
7 | }
8 | azapi = {
9 | source = "Azure/azapi"
10 | version = "=1.8.0"
11 | }
12 | }
13 | }
14 |
15 | provider "azurerm" {
16 | skip_provider_registration = true
17 | features {
18 | resource_group {
19 | prevent_deletion_if_contains_resources = true
20 | }
21 | virtual_machine {
22 | delete_os_disk_on_deletion = true
23 | }
24 | }
25 | }
26 |
27 | provider "azapi" {}
28 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/transform.tf:
--------------------------------------------------------------------------------
1 | locals {
2 | infrastructure = {
3 | region = coalesce(var.location, try(var.infrastructure.region, ""))
4 | resource_group = {
5 | name = try(
6 | coalesce(
7 | var.resourcegroup_name,
8 | try(var.infrastructure.resource_group.name, "")
9 | ),
10 | ""
11 | )
12 | }
13 | vnet = {
14 | name = try(
15 | coalesce(
16 | local.vnet_oracle_name,
17 | try(var.infrastructure.vnet.name, "")
18 | ),
19 | ""
20 | )
21 | }
22 | subnet = {
23 | name = try(
24 | coalesce(
25 | local.database_subnet_name,
26 | try(var.infrastructure.subnet.name, "")
27 | ),
28 | ""
29 | )
30 | }
31 | tags = try(
32 | coalesce(
33 | var.resourcegroup_tags,
34 | try(var.infrastructure.tags, {})
35 | ),
36 | {}
37 | )
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/variables.md:
--------------------------------------------------------------------------------
1 |
2 | # Terraform Variable Explanations
3 |
4 |
5 | 1. **[Common Parameters](#common-parameters)**
6 | - [`location`](#location)
7 | - [`resourcegroup_name`](#resourcegroup_name)
8 | - [`resourcegroup_tags`](#resourcegroup_tags)
9 | - [`is_diagnostic_settings_enabled`](#is_diagnostic_settings_enabled)
10 | - [`diagnostic_target`](#diagnostic_target)
11 | - [`infrastructure`](#infrastructure)
12 |
13 | 2. **[Virtual Machine Parameters](#virtual-machine-parameters)**
14 | - [`ssh_key`](#ssh_key)
15 | - [`vm_sku`](#vm_sku)
16 | - [`vm_source_image_reference`](#vm_source_image_reference)
17 | - [`vm_os_disk`](#vm_os_disk)
18 |
19 | 3. **[Database Parameters](#database-parameters)**
20 | - [`database`](#database)
21 | - [`database_disks_options`](#database_disks_options)
22 | - [`database_db_nic_ips`](#database_db_nic_ips)
23 |
24 |
25 | ### `location`
26 |
27 | - **Description:** Defines the Azure location where the resources will be deployed.
28 | - **Type:** String
29 | - **Default Value:** "eastus"
30 |
31 | ### `resourcegroup_name`
32 |
33 | - **Description:** If defined, this variable specifies the name of the resource group into which the resources will be deployed.
34 | - **Default Value:** ""
35 |
36 | ### `resourcegroup_tags`
37 |
38 | - **Description:** Tags to be added to the resource group.
39 | - **Default Value:** {}
40 |
41 | ### `is_diagnostic_settings_enabled`
42 |
43 | - **Description:** Whether diagnostic settings are enabled.
44 | - **Default Value:** false
45 |
46 | ### `diagnostic_target`
47 |
48 | - **Description:** The destination type of the diagnostic settings. Allowed values are "Log_Analytics_Workspace," "Storage_Account," "Event_Hubs," or "Partner_Solutions."
49 | - **Default Value:** "Log_Analytics_Workspace"
50 |
51 | ### `infrastructure`
52 |
53 | - **Description:** Details of the Azure infrastructure to deploy the SAP landscape into.
54 | - **Default Value:** {}
55 |
56 | ## Virtual Machine Parameters
57 |
58 | ### `ssh_key`
59 |
60 | - **Description:** Value of the SSH public key to be used for the virtual machines.
61 |
62 | ### `vm_sku`
63 |
64 | - **Description:** The SKU of the virtual machine.
65 | - **Default Value:** "Standard_D4s_v3"
66 |
67 | ### `vm_source_image_reference`
68 |
69 | - **Description:** The source image reference of the virtual machine.
70 | - **Default Value:**
71 | ```hcl
72 | {
73 | publisher = "Oracle"
74 | offer = "Oracle-Linux"
75 | sku = "79-gen2"
76 | version = "7.9.36"
77 | }
78 | ```
79 |
80 | ### `vm_os_disk`
81 |
82 | - **Description:** Details of the OS disk, including name, caching, storage account type, disk encryption set, and disk size.
83 | - **Default Value:**
84 | ```hcl
85 | {
86 | name = "osdisk"
87 | caching = "ReadWrite"
88 | storage_account_type = "Premium_LRS"
89 | disk_encryption_set_id = null
90 | disk_size_gb = 128
91 | }
92 | ```
93 |
94 | ## Database Parameters
95 |
96 | ### `database`
97 |
98 | - **Description:** Details of the database node, including options such as DHCP, authentication type, and data disks.
99 | - **Default Value:**
100 | ```hcl
101 | {
102 | use_DHCP = true
103 | authentication = {
104 | type = "key"
105 | }
106 | data_disks = [
107 | {
108 | count = 1
109 | caching = "ReadOnly"
110 | create_option = "Empty"
111 | disk_size_gb = 1024
112 | lun = 0
113 | disk_type = "Premium_LRS"
114 | write_accelerator_enabled = false
115 | },
116 | {
117 | count = 1
118 | caching = "None"
119 | create_option = "Empty"
120 | disk_size_gb = 1024
121 | lun = 1
122 | disk_type = "Premium_LRS"
123 | write_accelerator_enabled = false
124 | }
125 | ]
126 | }
127 | ```
128 |
129 | ### `database_disks_options`
130 |
131 | - **Description:** Details of the database node's disk options, including data disks, ASM disks, and redo disks.
132 | - **Default Value:**
133 | ```hcl
134 | {
135 | data_disks = [
136 | {
137 | count = 1
138 | caching = "ReadOnly"
139 | create_option = "Empty"
140 | disk_size_gb = 1024
141 | lun = 20
142 | disk_type = "Premium_LRS"
143 | write_accelerator_enabled = false
144 | }
145 | ],
146 | asm_disks = [
147 | {
148 | count = 1
149 | caching = "ReadOnly"
150 | create_option = "Empty"
151 | disk_size_gb = 1024
152 | lun = 10
153 | disk_type = "Premium_LRS"
154 | write_accelerator_enabled = false
155 | }
156 | ]
157 | redo_disks = [
158 | {
159 | count = 1
160 | caching = "None"
161 | create_option = "Empty"
162 | disk_size_gb = 1024
163 | lun = 60
164 | disk_type = "Premium_LRS"
165 | write_accelerator_enabled = false
166 | }
167 | ]
168 | }
169 | ```
170 |
171 | ### `database_db_nic_ips`
172 |
173 | - **Description:** If provided, the database tier virtual machines will be configured using the specified IPs.
174 | - **Default Value:** [""]
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/variables_global.tf:
--------------------------------------------------------------------------------
1 | #########################################################################################
2 | # Common parameters #
3 | #########################################################################################
4 | variable "location" {
5 | description = "Defines the Azure location where the resources will be deployed"
6 | type = string
7 | default = "eastus"
8 | }
9 |
10 | variable "resourcegroup_name" {
11 | description = "If defined, the name of the resource group into which the resources will be deployed"
12 | default = ""
13 | }
14 |
15 | variable "resourcegroup_tags" {
16 | description = "tags to be added to the resource group"
17 | default = {}
18 | }
19 |
20 | variable "is_diagnostic_settings_enabled" {
21 | description = "Whether diagnostic settings are enabled"
22 | default = false
23 | }
24 |
25 | variable "diagnostic_target" {
26 | description = "The destination type of the diagnostic settings"
27 | default = "Log_Analytics_Workspace"
28 | validation {
29 | condition = contains(["Log_Analytics_Workspace", "Storage_Account", "Event_Hubs", "Partner_Solutions"], var.diagnostic_target)
30 | error_message = "Allowed values are Log_Analytics_Workspace, Storage_Account, Event_Hubs, Partner_Solutions"
31 | }
32 | }
33 |
34 | variable "infrastructure" {
35 | description = "Details of the Azure infrastructure to deploy the SAP landscape into"
36 | default = {}
37 | }
38 |
39 | #########################################################################################
40 | # Virtual Machine parameters #
41 | #########################################################################################
42 | variable "ssh_key" {
43 | description = "value of the ssh public key to be used for the virtual machines"
44 | }
45 |
46 | variable "vm_sku" {
47 | description = "The SKU of the virtual machine"
48 | default = "Standard_D4s_v3"
49 | }
50 |
51 | variable "vm_source_image_reference" {
52 | description = "The source image reference of the virtual machine"
53 | default = {
54 | publisher = "Oracle"
55 | offer = "Oracle-Linux"
56 | sku = "79-gen2"
57 | version = "7.9.36"
58 | }
59 | }
60 |
61 | variable "vm_os_disk" {
62 | description = "Details of the OS disk"
63 | default = {
64 | name = "osdisk"
65 | caching = "ReadWrite"
66 | storage_account_type = "Premium_LRS"
67 | disk_encryption_set_id = null
68 | disk_size_gb = 128
69 | }
70 | }
71 |
72 | #########################################################################################
73 | # Database parameters #
74 | #########################################################################################
75 | variable "database" {
76 | description = "Details of the database node"
77 | default = {
78 | use_DHCP = true
79 | authentication = {
80 | type = "key"
81 | }
82 | data_disks = [
83 | {
84 | count = 1
85 | caching = "ReadOnly"
86 | create_option = "Empty"
87 | disk_size_gb = 1024
88 | lun = 0
89 | disk_type = "Premium_LRS"
90 | write_accelerator_enabled = false
91 | },
92 | {
93 | count = 1
94 | caching = "None"
95 | create_option = "Empty"
96 | disk_size_gb = 1024
97 | lun = 1
98 | disk_type = "Premium_LRS"
99 | write_accelerator_enabled = false
100 | }
101 | ]
102 | }
103 | }
104 |
105 | variable "database_disks_options" {
106 | description = "Details of the database node"
107 | default = {
108 | data_disks = [
109 | {
110 | count = 1
111 | caching = "ReadOnly"
112 | create_option = "Empty"
113 | disk_size_gb = 1024
114 | lun = 20
115 | disk_type = "Premium_LRS"
116 | write_accelerator_enabled = false
117 | }
118 | ],
119 | asm_disks = [
120 | {
121 | count = 1
122 | caching = "ReadOnly"
123 | create_option = "Empty"
124 | disk_size_gb = 1024
125 | lun = 10
126 | disk_type = "Premium_LRS"
127 | write_accelerator_enabled = false
128 | }
129 | ]
130 | redo_disks = [
131 | {
132 | count = 1
133 | caching = "None"
134 | create_option = "Empty"
135 | disk_size_gb = 1024
136 | lun = 60
137 | disk_type = "Premium_LRS"
138 | write_accelerator_enabled = false
139 | }
140 | ]
141 | }
142 | }
143 |
144 | variable "database_db_nic_ips" {
145 | description = "If provided, the database tier virtual machines will be configured using the specified IPs"
146 | default = [""]
147 | }
148 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform/bootstrap/single_instance/variables_local.tf:
--------------------------------------------------------------------------------
1 | locals {
2 | vnet_oracle_name = "vnet1"
3 | database_subnet_name = "subnet1"
4 | }
5 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/outputs.tf:
--------------------------------------------------------------------------------
1 | ###############################################################################
2 | # #
3 | # Subscription #
4 | # #
5 | ###############################################################################
6 | output "current_subscription" {
7 | value = data.azurerm_subscription.current
8 | }
9 |
10 | ###############################################################################
11 | # #
12 | # Resource Group #
13 | # #
14 | ###############################################################################
15 | output "resource_group" {
16 | value = data.azurerm_resource_group.rg
17 | }
18 |
19 | output "created_resource_group_id" {
20 | description = "Created resource group ID"
21 | value = data.azurerm_resource_group.rg.id
22 | }
23 |
24 | output "created_resource_group_name" {
25 | description = "Created resource group name"
26 | value = data.azurerm_resource_group.rg.name
27 | }
28 |
29 | output "created_resource_group_subscription_id" {
30 | description = "Created resource group' subscription ID"
31 | value = data.azurerm_resource_group.rg.id
32 | }
33 |
34 | output "is_diagnostic_settings_enabled" {
35 | description = "Whether diagnostic settings are enabled"
36 | value = var.is_diagnostic_settings_enabled
37 | }
38 |
39 | output "target_storage_account_id" {
40 | description = "Storage account ID used for diagnostics"
41 | value = var.is_diagnostic_settings_enabled ? data.azurerm_storage_account.diagnostic[0].id : ""
42 | }
43 |
44 | output "target_storage_account_sas" {
45 | description = "Storage account SAS used for diagnostics"
46 | value = var.is_diagnostic_settings_enabled ? data.azurerm_storage_account_sas.diagnostic[0].sas : ""
47 | }
48 |
49 | output "log_analytics_workspace_id" {
50 | description = "Log Analytics workspace ID"
51 | value = var.is_diagnostic_settings_enabled && var.diagnostic_target == "Log_Analytics_Workspace" ? data.azurerm_log_analytics_workspace.diagnostic[0].id : null
52 | }
53 |
54 | output "eventhub_authorization_rule_id" {
55 | description = "ID of an Event Hub authorization rule"
56 | value = var.is_diagnostic_settings_enabled && var.diagnostic_target == "Event_Hubs" ? azurerm_eventhub_namespace_authorization_rule.diagnostic[0].id : null
57 | }
58 |
59 | output "partner_solution_id" {
60 | description = "Partner solution ID"
61 | value = var.is_diagnostic_settings_enabled && var.diagnostic_target == "Partner_Solutions" ? azurerm_new_relic_monitor.diagnostic[0].id : null
62 | }
63 |
64 | output "diagnostic_target" {
65 | description = "The destination type of the diagnostic settings"
66 | value = var.diagnostic_target
67 | }
68 |
69 | output "tags" {
70 | description = "Tags applied to the resources"
71 | value = var.tags
72 | }
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/providers.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">=1.2"
3 | required_providers {
4 | azurerm = {
5 | source = "hashicorp/azurerm"
6 | version = ">=3.11.0, <4.0"
7 | }
8 | azapi = {
9 | source = "Azure/azapi"
10 | version = "=1.8.0"
11 | }
12 | }
13 | }
14 |
15 | provider "azurerm" {
16 | features {
17 | resource_group {
18 | prevent_deletion_if_contains_resources = true
19 | }
20 | virtual_machine {
21 | delete_os_disk_on_deletion = true
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/resource_lock.tf:
--------------------------------------------------------------------------------
1 | resource "azurerm_management_lock" "subscription" {
2 | count = length(var.subscription_locks) > 1 && length(try(var.subscription_locks.name, "")) > 0 ? 1 : 0
3 | name = var.subscription_locks.name
4 | scope = data.azurerm_subscription.current.id
5 | lock_level = var.subscription_locks.type
6 | }
7 |
8 | resource "azurerm_management_lock" "resource_group" {
9 | count = length(var.resource_group_locks) > 1 && length(try(var.resource_group_locks.name, "")) > 0 ? 1 : 0
10 | name = var.resource_group_locks.name
11 | scope = data.azurerm_resource_group.rg.id
12 | lock_level = var.resource_group_locks.type
13 |
14 | depends_on = [azurerm_resource_group.rg]
15 | }
16 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/role_assignments.tf:
--------------------------------------------------------------------------------
1 | data "azurerm_client_config" "current" {}
2 |
3 | data "azurerm_role_definition" "builtin" {
4 | for_each = var.role_assignments
5 | name = each.value.name
6 | }
7 |
8 | resource "azurerm_role_assignment" "assignment" {
9 | for_each = var.role_assignments
10 | role_definition_name = data.azurerm_role_definition.builtin[each.key].name
11 | principal_id = data.azurerm_client_config.current.object_id
12 | scope = try(each.value.scope, data.azurerm_subscription.current.id)
13 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, null)
14 | description = try(each.value.description, null)
15 | condition = try(each.value.condition, null)
16 | condition_version = try(each.value.condition_version, null)
17 | }
18 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/variables_global.tf:
--------------------------------------------------------------------------------
1 | variable "infrastructure" {}
2 |
3 | variable "is_diagnostic_settings_enabled" {
4 | description = "Whether diagnostic settings are enabled"
5 | default = false
6 | }
7 |
8 | variable "diagnostic_target" {
9 | description = "The destination type of the diagnostic settings"
10 | default = "Log_Analytics_Workspace"
11 | validation {
12 | condition = contains(["Log_Analytics_Workspace", "Storage_Account", "Event_Hubs", "Partner_Solutions"], var.diagnostic_target)
13 | error_message = "Allowed values are Log_Analytics_Workspace, Storage_Account, Event_Hubs, Partner_Solutions"
14 | }
15 | }
16 |
17 | variable "eventhub_permission" {
18 | description = "Authorization rule permissions for Event Hub"
19 | default = {
20 | listen = true
21 | send = true
22 | manage = true
23 | }
24 | }
25 |
26 | variable "logz_user" {
27 | description = "Logz.io"
28 | default = {
29 | email = "user@example.com"
30 | first_name = "Example"
31 | last_name = "User"
32 | phone_number = "+12313803556"
33 | }
34 | }
35 |
36 | variable "role_assignments" {
37 | description = "Role assignments"
38 | default = {}
39 | }
40 |
41 | variable "subscription_locks" {
42 | type = object({
43 | name = optional(string, "")
44 | type = optional(string, "CanNotDelete")
45 | })
46 | default = {}
47 | validation {
48 | condition = contains(["CanNotDelete", "ReadOnly"], var.subscription_locks.type)
49 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly."
50 | }
51 | }
52 |
53 | variable "resource_group_locks" {
54 | type = object({
55 | name = optional(string, "")
56 | type = optional(string, "CanNotDelete")
57 | })
58 | default = {}
59 | validation {
60 | condition = contains(["CanNotDelete", "ReadOnly"], var.resource_group_locks.type)
61 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly."
62 | }
63 | }
64 | variable "tags" {
65 | description = "Tags to be added to the resources"
66 | default = {}
67 | }
68 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/common_infrastructure/variables_local.tf:
--------------------------------------------------------------------------------
1 | locals {
2 | resource_group_exists = length(try(var.infrastructure.resource_group.arm_id, "")) > 0
3 | // If resource ID is specified extract the resourcegroup name from it otherwise read it either from input of create using the naming convention
4 | rg_name = local.resource_group_exists ? (
5 | try(split("/", var.infrastructure.resource_group.arm_id))[4]) : (
6 | length(var.infrastructure.resource_group.name) > 0 ? (
7 | var.infrastructure.resource_group.name) : (
8 | format("%s-%s-%s-%s-%s",
9 | "rg",
10 | local.prefix,
11 | "demo",
12 | var.infrastructure.region,
13 | "001"
14 | )
15 | )
16 | )
17 |
18 | // Resource group
19 | prefix = "oracle"
20 |
21 | tags = {}
22 | }
23 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/azure_extension_diagnostics_linux_syslogevents.json:
--------------------------------------------------------------------------------
1 | {
2 | "syslogEventConfiguration": {
3 | "LOG_AUTH": "LOG_DEBUG",
4 | "LOG_AUTHPRIV": "LOG_DEBUG",
5 | "LOG_CRON": "LOG_DEBUG",
6 | "LOG_DAEMON": "LOG_DEBUG",
7 | "LOG_FTP": "LOG_DEBUG",
8 | "LOG_KERN": "LOG_DEBUG",
9 | "LOG_LOCAL0": "LOG_DEBUG",
10 | "LOG_LOCAL1": "LOG_DEBUG",
11 | "LOG_LOCAL2": "LOG_DEBUG",
12 | "LOG_LOCAL3": "LOG_DEBUG",
13 | "LOG_LOCAL4": "LOG_DEBUG",
14 | "LOG_LOCAL5": "LOG_DEBUG",
15 | "LOG_LOCAL6": "LOG_DEBUG",
16 | "LOG_LOCAL7": "LOG_DEBUG",
17 | "LOG_LPR": "LOG_DEBUG",
18 | "LOG_MAIL": "LOG_DEBUG",
19 | "LOG_NEWS": "LOG_DEBUG",
20 | "LOG_SYSLOG": "LOG_DEBUG",
21 | "LOG_USER": "LOG_DEBUG",
22 | "LOG_UUCP": "LOG_DEBUG"
23 | }
24 | }
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/outputs.tf:
--------------------------------------------------------------------------------
1 | output "vm" {
2 | value = azurerm_linux_virtual_machine.oracle_vm
3 | }
4 |
5 | output "database_server_count"{
6 | value = var.database_server_count
7 | }
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/providers.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">=1.2"
3 | required_providers {
4 | azurerm = {
5 | source = "hashicorp/azurerm"
6 | version = ">=3.11.0, <4.0"
7 | }
8 | azapi = {
9 | source = "Azure/azapi"
10 | version = "=1.8.0"
11 | }
12 | }
13 | }
14 |
15 | provider "azurerm" {
16 | features {
17 | resource_group {
18 | prevent_deletion_if_contains_resources = true
19 | }
20 | virtual_machine {
21 | delete_os_disk_on_deletion = true
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/resource_lock.tf:
--------------------------------------------------------------------------------
1 | resource "azurerm_management_lock" "vm" {
2 | count = length(var.vm_locks) > 1 && length(try(var.vm_locks.name, "")) > 1 ? 1 : 0
3 | name = var.vm_locks.name
4 | scope = data.azurerm_virtual_machine.oracle_vm[0].id
5 | lock_level = var.vm_locks.type
6 |
7 | depends_on = [azurerm_linux_virtual_machine.oracle_vm]
8 | }
9 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/role_assignments.tf:
--------------------------------------------------------------------------------
1 | data "azurerm_client_config" "current" {}
2 |
3 | data "azurerm_role_definition" "builtin" {
4 | for_each = var.role_assignments
5 | name = each.value.name
6 | }
7 |
8 | resource "azurerm_role_assignment" "assignment" {
9 | for_each = var.role_assignments
10 | role_definition_name = data.azurerm_role_definition.builtin[each.key].name
11 | principal_id = data.azurerm_client_config.current.object_id
12 | scope = try(each.value.scope, data.azurerm_virtual_machine.oracle_vm[0].id)
13 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false)
14 | description = try(each.value.description, null)
15 | condition = try(each.value.condition, null)
16 | condition_version = try(each.value.condition_version, null)
17 | }
18 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/variable_global.tf:
--------------------------------------------------------------------------------
1 | variable "database_server_count" {
2 | description = "The number of database servers"
3 | default = 1
4 | }
5 |
6 | variable "vm_name" {
7 | description = "The name of the Oracle VM"
8 | }
9 |
10 | variable "resource_group" {
11 | description = "Details of the resource group"
12 | default = {}
13 | }
14 |
15 | variable "sid_username" {
16 | description = "SDU username"
17 | }
18 |
19 | variable "public_key" {
20 | description = "Public key used for authentication in ssh-rsa format"
21 | }
22 |
23 | # variable "deployer" {
24 | # description = "Details of deployer"
25 | # default = {
26 | # "disk_type" : "Premium_LRS"
27 | # }
28 | # }
29 |
30 | # variable "options" {
31 | # description = "Options for the Oracle deployment"
32 | # default = {}
33 | # }
34 |
35 | variable "database" {
36 | description = "Details of the database node"
37 | default = {
38 | authentication = {
39 | type = "key"
40 | }
41 | }
42 | }
43 |
44 | variable "nic_id" {
45 | description = "value of the nic id"
46 | }
47 |
48 | variable "subscription_id" {
49 | description = "Subscription ID"
50 | }
51 |
52 | variable "assign_subscription_permissions" {
53 | description = "Assign permissions on the subscription"
54 | type = bool
55 | }
56 |
57 | variable "aad_system_assigned_identity" {
58 | description = "AAD system assigned identity"
59 | type = bool
60 | }
61 |
62 | variable "skip_service_principal_aad_check" {
63 | description = "If the principal_id is a newly provisioned `Service Principal` set this value to true to skip the Azure Active Directory check which may fail due to replication lag."
64 | default = true
65 | }
66 |
67 | variable "storage_account_id" {
68 | description = "Storage account ID used for diagnostics"
69 | type = string
70 | default = null
71 | }
72 |
73 | variable "storage_account_sas_token" {
74 | description = "Storage account SAS token used for diagnostics"
75 | type = string
76 | default = null
77 | }
78 |
79 | variable "log_analytics_workspace_id" {
80 | description = "Log Analytics workspace ID"
81 | type = string
82 | default = null
83 | }
84 |
85 | variable "eventhub_authorization_rule_id" {
86 | description = "ID of an Event Hub authorization rule"
87 | type = string
88 | default = null
89 | }
90 |
91 | variable "partner_solution_id" {
92 | description = "Value of the partner solution ID"
93 | default = null
94 | }
95 |
96 | variable "is_diagnostic_settings_enabled" {
97 | description = "Whether diagnostic settings are enabled"
98 | default = false
99 | }
100 |
101 | variable "diagnostic_target" {
102 | description = "The destination type of the diagnostic settings"
103 | default = "Log_Analytics_Workspace"
104 | validation {
105 | condition = contains(["Log_Analytics_Workspace", "Storage_Account", "Event_Hubs", "Partner_Solutions"], var.diagnostic_target)
106 | error_message = "Allowed values are Log_Analytics_Workspace, Storage_Account, Event_Hubs, Partner_Solutions"
107 | }
108 | }
109 |
110 | variable "role_assignments" {
111 | description = "Role assignments"
112 | default = {}
113 | }
114 |
115 | variable "vm_locks" {
116 | type = object({
117 | name = optional(string, "")
118 | type = optional(string, "CanNotDelete")
119 | })
120 | default = {}
121 | validation {
122 | condition = contains(["CanNotDelete", "ReadOnly"], var.vm_locks.type)
123 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly."
124 | }
125 | }
126 | variable "tags" {
127 | description = "Tags to be added to the resources"
128 | default = {}
129 | }
130 |
131 | variable "vm_sku"{
132 | description = "The SKU of the virtual machine"
133 | default = "Standard_D4s_v3"
134 | }
135 |
136 | variable "vm_source_image_reference"{
137 | description = "The source image reference of the virtual machine"
138 | default = {
139 | publisher = "Oracle"
140 | offer = "Oracle-Linux"
141 | sku = "79-gen2"
142 | version = "7.9.36"
143 | }
144 | }
145 |
146 | variable "vm_os_disk" {
147 | description = "Details of the OS disk"
148 | default = {
149 | name = "osdisk"
150 | caching = "ReadWrite"
151 | storage_account_type = "Premium_LRS"
152 | disk_encryption_set_id = null
153 | disk_size_gb = 128
154 | }
155 | }
156 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/variable_local.tf:
--------------------------------------------------------------------------------
1 | locals {
2 | sid_auth_type = try(var.database.authentication.type, "key")
3 | enable_auth_password = local.sid_auth_type == "password"
4 | enable_auth_key = local.sid_auth_type == "key"
5 |
6 | enable_ultradisk = false
7 | tags = {}
8 | }
9 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/vm.tf:
--------------------------------------------------------------------------------
1 | #########################################################################################
2 | # #
3 | # Virtual Machine #
4 | # #
5 | #########################################################################################
6 | resource "azurerm_linux_virtual_machine" "oracle_vm" {
7 | count = var.database_server_count
8 | name = "${var.vm_name}-${count.index}"
9 | location = var.resource_group.location
10 | resource_group_name = var.resource_group.name
11 |
12 | admin_username = var.sid_username
13 | disable_password_authentication = !local.enable_auth_password
14 |
15 | admin_ssh_key {
16 | username = var.sid_username
17 | public_key = var.public_key
18 | }
19 |
20 | source_image_reference {
21 | publisher = var.vm_source_image_reference.publisher
22 | offer = var.vm_source_image_reference.offer
23 | sku = var.vm_source_image_reference.sku
24 | version = var.vm_source_image_reference.version
25 | }
26 | size = var.vm_sku
27 |
28 | os_disk {
29 | name = var.vm_os_disk.name
30 | caching = var.vm_os_disk.caching
31 | storage_account_type = var.vm_os_disk.storage_account_type
32 | disk_encryption_set_id = try(var.vm_os_disk.disk_encryption_set_id, null)
33 | disk_size_gb = var.vm_os_disk.disk_size_gb
34 | }
35 |
36 | network_interface_ids = [var.nic_id]
37 |
38 |
39 | additional_capabilities {
40 | ultra_ssd_enabled = local.enable_ultradisk
41 | }
42 |
43 | identity {
44 | type = var.aad_system_assigned_identity ? "SystemAssigned, UserAssigned" : "UserAssigned"
45 | identity_ids = [azurerm_user_assigned_identity.deployer.id]
46 | }
47 |
48 | tags = merge(local.tags, var.tags)
49 |
50 | lifecycle {
51 | ignore_changes = [
52 | // Ignore changes to computername
53 | tags,
54 | computer_name
55 | ]
56 | }
57 | }
58 |
59 | data "azurerm_virtual_machine" "oracle_vm" {
60 | count = var.database_server_count
61 | name = "${var.vm_name}-${count.index}"
62 | resource_group_name = var.resource_group.name
63 |
64 | depends_on = [azurerm_linux_virtual_machine.oracle_vm]
65 | }
66 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/compute/vm_role_assignment.tf:
--------------------------------------------------------------------------------
1 | #########################################################################################
2 | # #
3 | # Role Assignments #
4 | # #
5 | #########################################################################################
6 | // User defined identity for all Deployers, assign contributor to the current subscription
7 | resource "azurerm_user_assigned_identity" "deployer" {
8 | resource_group_name = var.resource_group.name
9 | location = var.resource_group.location
10 | name = "deployer"
11 | }
12 |
13 | resource "azurerm_role_assignment" "sub_contributor" {
14 | count = var.assign_subscription_permissions && var.aad_system_assigned_identity ? var.database_server_count : 0
15 | scope = "/subscriptions/${var.subscription_id}"
16 | role_definition_name = "Contributor"
17 | principal_id = azurerm_linux_virtual_machine.oracle_vm[count.index].identity[0].principal_id
18 | skip_service_principal_aad_check = var.skip_service_principal_aad_check
19 | }
20 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/diagnostic_settings.tf:
--------------------------------------------------------------------------------
1 | resource "azurerm_monitor_diagnostic_setting" "nic" {
2 | count = var.is_diagnostic_settings_enabled ? 1 : 0
3 | name = "nic-${count.index}-diag"
4 | target_resource_id = azurerm_network_interface.oracle_db[count.index].id
5 | storage_account_id = var.diagnostic_target == "Storage_Account" ? var.storage_account_id : null
6 | log_analytics_workspace_id = var.diagnostic_target == "Log_Analytics_Workspace" ? var.log_analytics_workspace_id : null
7 | eventhub_authorization_rule_id = var.diagnostic_target == "Event_Hubs" ? var.eventhub_authorization_rule_id : null
8 | partner_solution_id = var.diagnostic_target == "Partner_Solutions" ? var.partner_solution_id : null
9 |
10 | metric {
11 | category = "AllMetrics"
12 | retention_policy {
13 | enabled = false
14 | }
15 | }
16 | }
17 |
18 | resource "azurerm_monitor_diagnostic_setting" "nsg" {
19 | count = var.is_diagnostic_settings_enabled ? 1 : 0
20 | name = "nsg"
21 | target_resource_id = azurerm_network_security_group.blank.id
22 | storage_account_id = var.diagnostic_target == "Storage_Account" ? var.storage_account_id : null
23 | log_analytics_workspace_id = var.diagnostic_target == "Log_Analytics_Workspace" ? var.log_analytics_workspace_id : null
24 | eventhub_authorization_rule_id = var.diagnostic_target == "Event_Hubs" ? var.eventhub_authorization_rule_id : null
25 | partner_solution_id = var.diagnostic_target == "Partner_Solutions" ? var.partner_solution_id : null
26 |
27 | dynamic "enabled_log" {
28 | for_each = toset(data.azurerm_monitor_diagnostic_categories.nsg[count.index].log_category_types)
29 | content {
30 | category = enabled_log.value
31 | retention_policy {
32 | enabled = false
33 | }
34 | }
35 | }
36 | }
37 |
38 | resource "azurerm_monitor_diagnostic_setting" "pip" {
39 | count = var.is_diagnostic_settings_enabled ? 1 : 0
40 | name = "pip"
41 | target_resource_id = azurerm_public_ip.vm_pip.id
42 | storage_account_id = var.diagnostic_target == "Storage_Account" ? var.storage_account_id : null
43 | log_analytics_workspace_id = var.diagnostic_target == "Log_Analytics_Workspace" ? var.log_analytics_workspace_id : null
44 | eventhub_authorization_rule_id = var.diagnostic_target == "Event_Hubs" ? var.eventhub_authorization_rule_id : null
45 | partner_solution_id = var.diagnostic_target == "Partner_Solutions" ? var.partner_solution_id : null
46 |
47 | dynamic "enabled_log" {
48 | for_each = toset(data.azurerm_monitor_diagnostic_categories.pip[count.index].log_category_types)
49 | content {
50 | category = enabled_log.value
51 | retention_policy {
52 | enabled = false
53 | }
54 | }
55 | }
56 |
57 | metric {
58 | category = "AllMetrics"
59 | retention_policy {
60 | enabled = false
61 | }
62 | }
63 | }
64 |
65 | resource "azurerm_monitor_diagnostic_setting" "vnet" {
66 | count = var.is_diagnostic_settings_enabled ? 1 : 0
67 | name = "vnet"
68 | target_resource_id = azurerm_virtual_network.vnet_oracle[count.index].id
69 | storage_account_id = var.diagnostic_target == "Storage_Account" ? var.storage_account_id : null
70 | log_analytics_workspace_id = var.diagnostic_target == "Log_Analytics_Workspace" ? var.log_analytics_workspace_id : null
71 | eventhub_authorization_rule_id = var.diagnostic_target == "Event_Hubs" ? var.eventhub_authorization_rule_id : null
72 | partner_solution_id = var.diagnostic_target == "Partner_Solutions" ? var.partner_solution_id : null
73 |
74 | dynamic "enabled_log" {
75 | for_each = toset(data.azurerm_monitor_diagnostic_categories.vnet[count.index].log_category_types)
76 | content {
77 | category = enabled_log.value
78 | retention_policy {
79 | enabled = false
80 | }
81 | }
82 | }
83 |
84 | metric {
85 | category = "AllMetrics"
86 | retention_policy {
87 | enabled = false
88 | }
89 | }
90 | }
91 |
92 | data "azurerm_monitor_diagnostic_categories" "nic" {
93 | count = var.is_diagnostic_settings_enabled ? 1 : 0
94 | resource_id = data.azurerm_network_interface.nic[count.index].id
95 | }
96 |
97 | data "azurerm_monitor_diagnostic_categories" "nsg" {
98 | count = var.is_diagnostic_settings_enabled ? 1 : 0
99 | resource_id = data.azurerm_network_security_group.nsg[count.index].id
100 | }
101 |
102 | data "azurerm_monitor_diagnostic_categories" "pip" {
103 | count = var.is_diagnostic_settings_enabled ? 1 : 0
104 | resource_id = data.azurerm_public_ip.pip[count.index].id
105 | }
106 |
107 | data "azurerm_monitor_diagnostic_categories" "vnet" {
108 | count = var.is_diagnostic_settings_enabled ? 1 : 0
109 | resource_id = data.azurerm_virtual_network.vnet[count.index].id
110 | }
111 |
112 | data "azurerm_network_interface" "nic" {
113 | count = 1
114 | name = "oraclevmnic1"
115 | resource_group_name = var.resource_group.name
116 |
117 | depends_on = [azurerm_network_interface.oracle_db]
118 | }
119 |
120 | data "azurerm_network_security_group" "nsg" {
121 | count = 1
122 | name = "blank"
123 | resource_group_name = var.resource_group.name
124 |
125 | depends_on = [azurerm_network_security_group.blank]
126 | }
127 |
128 | data "azurerm_public_ip" "pip" {
129 | count = 1
130 | name = "vmpip"
131 | resource_group_name = var.resource_group.name
132 |
133 | depends_on = [azurerm_public_ip.vm_pip]
134 | }
135 |
136 | data "azurerm_virtual_network" "vnet" {
137 | count = 1
138 | name = local.vnet_oracle_name
139 | resource_group_name = var.resource_group.name
140 |
141 | depends_on = [azurerm_virtual_network.vnet_oracle]
142 | }
143 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/nic.tf:
--------------------------------------------------------------------------------
1 | #########################################################################################
2 | # #
3 | # NIC #
4 | # #
5 | #########################################################################################
6 | resource "azurerm_network_interface" "oracle_db" {
7 | count = 1
8 | name = "oraclevmnic1"
9 |
10 | location = var.resource_group.location
11 | resource_group_name = var.resource_group.name
12 | enable_accelerated_networking = true
13 |
14 | dynamic "ip_configuration" {
15 | iterator = pub
16 | for_each = local.database_ips
17 | content {
18 | name = pub.value.name
19 | subnet_id = pub.value.subnet_id
20 | private_ip_address = try(pub.value.nic_ips[count.index],
21 | var.database.use_DHCP ? (
22 | null) : (
23 | cidrhost(
24 | data.azurerm_subnet.subnet_oracle[0].address_prefixes[0],
25 | tonumber(count.index) + local.oracle_ip_offsets.oracle_db_vm + pub.value.offset
26 | )
27 | )
28 | )
29 | private_ip_address_allocation = length(try(pub.value.nic_ips[count.index], "")) > 0 ? (
30 | "Static") : (
31 | pub.value.private_ip_address_allocation
32 | )
33 |
34 | public_ip_address_id = azurerm_public_ip.vm_pip.id
35 |
36 | primary = pub.value.primary
37 | }
38 | }
39 |
40 | tags = merge(local.tags, var.tags)
41 | }
42 |
43 | data "azurerm_network_interface" "oracle_db" {
44 | count = 1
45 | name = "oraclevmnic1"
46 | resource_group_name = var.resource_group.name
47 |
48 | depends_on = [azurerm_network_interface.oracle_db]
49 | }
50 |
51 | resource "azurerm_public_ip" "vm_pip" {
52 | name = "vmpip"
53 | location = var.resource_group.location
54 | resource_group_name = var.resource_group.name
55 | allocation_method = "Dynamic"
56 |
57 | tags = merge(local.tags, var.tags)
58 | }
59 |
60 | data "azurerm_public_ip" "vm_pip" {
61 | name = "vmpip"
62 | resource_group_name = var.resource_group.name
63 |
64 | depends_on = [azurerm_public_ip.vm_pip]
65 | }
66 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/nsg.tf:
--------------------------------------------------------------------------------
1 | #########################################################################################
2 | # #
3 | # Network Security Group #
4 | # #
5 | #########################################################################################
6 | resource "azurerm_network_security_group" "blank" {
7 | name = "blank"
8 | location = var.resource_group.location
9 | resource_group_name = var.resource_group.name
10 |
11 | tags = merge(local.tags, var.tags)
12 | }
13 |
14 | resource "azurerm_subnet_network_security_group_association" "ssh" {
15 | subnet_id = azurerm_subnet.subnet_oracle[0].id
16 | network_security_group_id = azurerm_network_security_group.blank.id
17 | }
18 |
19 | data "azurerm_network_security_group" "blank" {
20 | name = "blank"
21 | resource_group_name = var.resource_group.name
22 |
23 | depends_on = [azurerm_network_security_group.blank]
24 | }
25 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/outputs.tf:
--------------------------------------------------------------------------------
1 | ###############################################################################
2 | # #
3 | # Network #
4 | # #
5 | ###############################################################################
6 | output "network_location" {
7 | value = data.azurerm_virtual_network.vnet_oracle[0].location
8 | }
9 |
10 | output "db_subnet" {
11 | value = data.azurerm_subnet.subnet_oracle[0]
12 | }
13 |
14 | output "nics_oracledb" {
15 | value = azurerm_network_interface.oracle_db
16 | }
17 |
18 | output "db_server_ips" {
19 | value = azurerm_network_interface.oracle_db[*].private_ip_addresses[0]
20 | }
21 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/providers.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">=1.2"
3 | required_providers {
4 | azurerm = {
5 | source = "hashicorp/azurerm"
6 | version = ">=3.11.0, <4.0"
7 | }
8 | azapi = {
9 | source = "Azure/azapi"
10 | version = "=1.8.0"
11 | }
12 | }
13 | }
14 |
15 | provider "azurerm" {
16 | features {
17 | resource_group {
18 | prevent_deletion_if_contains_resources = true
19 | }
20 | virtual_machine {
21 | delete_os_disk_on_deletion = true
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/resource_lock.tf:
--------------------------------------------------------------------------------
1 | resource "azurerm_management_lock" "nic" {
2 | count = length(var.nic_locks) > 1 && length(try(var.nic_locks.name, "")) > 0 ? 1 : 0
3 | name = var.nic_locks.name
4 | scope = data.azurerm_network_interface.oracle_db[0].id
5 | lock_level = var.nic_locks.type
6 |
7 | depends_on = [azurerm_network_interface.oracle_db]
8 | }
9 |
10 | resource "azurerm_management_lock" "nsg" {
11 | count = length(var.nsg_locks) > 1 && length(try(var.nsg_locks.name, "")) > 0 ? 1 : 0
12 | name = var.nsg_locks.name
13 | scope = data.azurerm_network_security_group.blank.id
14 | lock_level = var.nsg_locks.type
15 |
16 | depends_on = [azurerm_network_security_group.blank]
17 | }
18 |
19 | resource "azurerm_management_lock" "vnet" {
20 | count = length(var.vnet_locks) > 1 && length(try(var.vnet_locks.name, "")) > 0 ? 1 : 0
21 | name = var.vnet_locks.name
22 | scope = data.azurerm_virtual_network.vnet_oracle[0].id
23 | lock_level = var.vnet_locks.type
24 |
25 | depends_on = [azurerm_virtual_network.vnet_oracle]
26 | }
27 |
28 | resource "azurerm_management_lock" "subnet" {
29 | count = length(var.subnet_locks) > 1 && length(try(var.subnet_locks.name, "")) > 0 ? 1 : 0
30 | name = var.subnet_locks.name
31 | scope = data.azurerm_subnet.subnet_oracle[0].id
32 | lock_level = var.subnet_locks.type
33 |
34 | depends_on = [azurerm_subnet.subnet_oracle]
35 | }
36 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/role_assignments.tf:
--------------------------------------------------------------------------------
1 | data "azurerm_client_config" "current" {}
2 |
3 | data "azurerm_role_definition" "nic" {
4 | for_each = var.role_assignments_nic
5 | name = each.value.name
6 | }
7 |
8 | data "azurerm_role_definition" "pip" {
9 | for_each = var.role_assignments_pip
10 | name = each.value.name
11 | }
12 |
13 | data "azurerm_role_definition" "nsg" {
14 | for_each = var.role_assignments_nsg
15 | name = each.value.name
16 | }
17 |
18 | data "azurerm_role_definition" "vnet" {
19 | for_each = var.role_assignments_vnet
20 | name = each.value.name
21 | }
22 |
23 | data "azurerm_role_definition" "subnet" {
24 | for_each = var.role_assignments_subnet
25 | name = each.value.name
26 | }
27 |
28 |
29 | resource "azurerm_role_assignment" "nic" {
30 | for_each = var.role_assignments_nic
31 | role_definition_name = data.azurerm_role_definition.nic[each.key].name
32 | principal_id = data.azurerm_client_config.current.object_id
33 | scope = try(each.value.scope, data.azurerm_network_interface.oracle_db[0].id)
34 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false)
35 | description = try(each.value.description, null)
36 | condition = try(each.value.condition, null)
37 | condition_version = try(each.value.condition_version, null)
38 | }
39 |
40 | resource "azurerm_role_assignment" "pip" {
41 | for_each = var.role_assignments_pip
42 | role_definition_name = data.azurerm_role_definition.pip[each.key].name
43 | principal_id = data.azurerm_client_config.current.object_id
44 | scope = try(each.value.scope, data.azurerm_public_ip.vm_pip.id)
45 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false)
46 | description = try(each.value.description, null)
47 | condition = try(each.value.condition, null)
48 | condition_version = try(each.value.condition_version, null)
49 | }
50 |
51 | resource "azurerm_role_assignment" "nsg" {
52 | for_each = var.role_assignments_nsg
53 | role_definition_name = data.azurerm_role_definition.nsg[each.key].name
54 | principal_id = data.azurerm_client_config.current.object_id
55 | scope = try(each.value.scope, data.azurerm_network_security_group.blank.id)
56 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false)
57 | description = try(each.value.description, null)
58 | condition = try(each.value.condition, null)
59 | condition_version = try(each.value.condition_version, null)
60 | }
61 |
62 | resource "azurerm_role_assignment" "vnet" {
63 | for_each = var.role_assignments_vnet
64 | role_definition_name = data.azurerm_role_definition.vnet[each.key].name
65 | principal_id = data.azurerm_client_config.current.object_id
66 | scope = try(each.value.scope, data.azurerm_virtual_network.vnet_oracle[0].id)
67 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false)
68 | description = try(each.value.description, null)
69 | condition = try(each.value.condition, null)
70 | condition_version = try(each.value.condition_version, null)
71 | }
72 |
73 | resource "azurerm_role_assignment" "subnet" {
74 | for_each = var.role_assignments_subnet
75 | role_definition_name = data.azurerm_role_definition.subnet[each.key].name
76 | principal_id = data.azurerm_client_config.current.object_id
77 | scope = try(each.value.scope, data.azurerm_subnet.subnet_oracle[0].id)
78 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false)
79 | description = try(each.value.description, null)
80 | condition = try(each.value.condition, null)
81 | condition_version = try(each.value.condition_version, null)
82 | }
83 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/subnet.tf:
--------------------------------------------------------------------------------
1 | #########################################################################################
2 | # #
3 | # Subnet #
4 | # #
5 | #########################################################################################
6 | resource "azurerm_subnet" "subnet_oracle" {
7 | count = local.subnet_oracle_exists ? 0 : 1
8 | name = local.database_subnet_name
9 | resource_group_name = var.resource_group.name
10 | virtual_network_name = data.azurerm_virtual_network.vnet_oracle[count.index].name
11 | address_prefixes = [local.database_subnet_prefix]
12 | }
13 |
14 | data "azurerm_subnet" "subnet_oracle" {
15 | count = local.subnet_oracle_exists ? 0 : 1
16 | name = local.database_subnet_name
17 | resource_group_name = var.resource_group.name
18 | virtual_network_name = data.azurerm_virtual_network.vnet_oracle[count.index].name
19 |
20 | depends_on = [azurerm_subnet.subnet_oracle]
21 | }
22 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/variables_global.tf:
--------------------------------------------------------------------------------
1 | variable "resource_group" {
2 | description = "Details of the resource group"
3 | default = {}
4 | }
5 |
6 | variable "database_nic_ips" {
7 | description = "If provided, the database tier virtual machines will be configured using the specified IPs"
8 | default = [""]
9 | }
10 |
11 | variable "database" {
12 | description = "Details of the database node"
13 | default = {
14 | use_DHCP = true
15 | authentication = {
16 | type = "key"
17 | }
18 | }
19 | }
20 |
21 | variable "database_nic_secondary_ips" {
22 | description = "If provided, the database tier virtual machines will be configured using the specified IPs as secondary IPs"
23 | default = [""]
24 | }
25 |
26 | variable "database_server_count" {
27 | description = "The number of database servers"
28 | default = 1
29 | }
30 |
31 | variable "use_secondary_ips" {
32 | description = "Defines if secondary IPs are used for the SAP Systems virtual machines"
33 | default = false
34 | }
35 |
36 | variable "diagnostic_target" {
37 | description = "The destination type of the diagnostic settings"
38 | default = "Log_Analytics_Workspace"
39 | validation {
40 | condition = contains(["Log_Analytics_Workspace", "Storage_Account", "Event_Hubs", "Partner_Solutions"], var.diagnostic_target)
41 | error_message = "Allowed values are Log_Analytics_Workspace, Storage_Account, Event_Hubs, Partner_Solutions"
42 | }
43 | }
44 |
45 | variable "storage_account_id" {
46 | description = "Storage account ID used for diagnostics"
47 | type = string
48 | default = null
49 | }
50 |
51 | variable "log_analytics_workspace_id" {
52 | description = "Log Analytics workspace ID"
53 | type = string
54 | default = null
55 | }
56 |
57 | variable "eventhub_authorization_rule_id" {
58 | description = "ID of an Event Hub authorization rule"
59 | type = string
60 | default = null
61 | }
62 |
63 | variable "partner_solution_id" {
64 | description = "Value of the partner solution ID"
65 | default = null
66 | }
67 |
68 | variable "is_diagnostic_settings_enabled" {
69 | description = "Whether diagnostic settings are enabled"
70 | default = false
71 | }
72 |
73 | variable "role_assignments_nic" {
74 | description = "Role assignments scoped to the network interface"
75 | default = {}
76 | }
77 |
78 | variable "role_assignments_pip" {
79 | description = "Role assignments scoped to the public IP address"
80 | default = {}
81 | }
82 |
83 | variable "role_assignments_nsg" {
84 | description = "Role assignments scoped to the network security group"
85 | default = {}
86 | }
87 |
88 | variable "role_assignments_vnet" {
89 | description = "Role assignments scoped to the virtual network"
90 | default = {}
91 | }
92 |
93 | variable "role_assignments_subnet" {
94 | description = "Role assignments scoped to the subnet"
95 | default = {}
96 | }
97 |
98 | variable "nic_locks" {
99 | type = object({
100 | name = optional(string, "")
101 | type = optional(string, "CanNotDelete")
102 | })
103 | default = {}
104 | validation {
105 | condition = contains(["CanNotDelete", "ReadOnly"], var.nic_locks.type)
106 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly."
107 | }
108 | }
109 |
110 | variable "nsg_locks" {
111 | type = object({
112 | name = optional(string, "")
113 | type = optional(string, "CanNotDelete")
114 | })
115 | default = {}
116 | validation {
117 | condition = contains(["CanNotDelete", "ReadOnly"], var.nsg_locks.type)
118 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly."
119 | }
120 | }
121 |
122 | variable "vnet_locks" {
123 | type = object({
124 | name = optional(string, "")
125 | type = optional(string, "CanNotDelete")
126 | })
127 | default = {}
128 | validation {
129 | condition = contains(["CanNotDelete", "ReadOnly"], var.vnet_locks.type)
130 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly."
131 | }
132 | }
133 |
134 | variable "subnet_locks" {
135 | type = object({
136 | name = optional(string, "")
137 | type = optional(string, "CanNotDelete")
138 | })
139 | default = {}
140 | validation {
141 | condition = contains(["CanNotDelete", "ReadOnly"], var.subnet_locks.type)
142 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly."
143 | }
144 | }
145 | variable "tags" {
146 | description = "Tags to be added to the resources"
147 | default = {}
148 | }
149 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/variables_local.tf:
--------------------------------------------------------------------------------
1 | locals {
2 | vnet_oracle_name = "vnet1"
3 | database_subnet_name = "subnet1"
4 | vnet_oracle_addr = "10.0.0.0/16"
5 | database_subnet_prefix = "10.0.0.0/24"
6 |
7 | vnet_oracle_arm_id = try(local.vnet_oracle_name.arm_id, "")
8 | vnet_oracle_exists = length(local.vnet_oracle_arm_id) > 0
9 | subnet_oracle_arm_id = try(local.database_subnet_name.arm_id, "")
10 | subnet_oracle_exists = length(local.subnet_oracle_arm_id) > 0
11 |
12 | database_ips = (var.use_secondary_ips) ? (
13 | flatten(concat(local.database_primary_ips, local.database_secondary_ips))) : (
14 | local.database_primary_ips
15 | )
16 |
17 | // Subnet IP Offsets
18 | // Note: First 4 IP addresses in a subnet are reserved by Azure
19 | oracle_ip_offsets = {
20 | oracle_vm = 5 + 1
21 | }
22 |
23 | database_primary_ips = [
24 | {
25 | name = "IPConfig1"
26 | subnet_id = data.azurerm_subnet.subnet_oracle[0].id
27 | nic_ips = var.database_nic_ips
28 | private_ip_address_allocation = var.database.use_DHCP ? "Dynamic" : "Static"
29 | offset = 0
30 | primary = true
31 | }
32 | ]
33 |
34 | database_secondary_ips = [
35 | {
36 | name = "IPConfig2"
37 | subnet_id = data.azurerm_subnet.subnet_oracle[0].id
38 | nic_ips = var.database_nic_secondary_ips
39 | private_ip_address_allocation = var.database.use_DHCP ? "Dynamic" : "Static"
40 | offset = var.database_server_count
41 | primary = false
42 | }
43 | ]
44 |
45 | tags = {}
46 | }
47 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/network/vnet.tf:
--------------------------------------------------------------------------------
1 | #########################################################################################
2 | # #
3 | # Virtual Network #
4 | # #
5 | #########################################################################################
6 | resource "azurerm_virtual_network" "vnet_oracle" {
7 | count = local.vnet_oracle_exists ? 0 : 1
8 | name = local.vnet_oracle_name
9 | resource_group_name = var.resource_group.name
10 | location = var.resource_group.location
11 | address_space = [local.vnet_oracle_addr]
12 |
13 | tags = merge(local.tags, var.tags)
14 | }
15 |
16 | data "azurerm_virtual_network" "vnet_oracle" {
17 | count = local.vnet_oracle_exists ? 0 : 1
18 | name = local.vnet_oracle_name
19 | resource_group_name = var.resource_group.name
20 |
21 | depends_on = [azurerm_virtual_network.vnet_oracle]
22 | }
23 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/data_disk.tf:
--------------------------------------------------------------------------------
1 | resource "azurerm_managed_disk" "data_disk" {
2 | count = length(local.data_disks)
3 | name = "${var.naming}-data-${count.index}"
4 | location = var.resource_group.location
5 | resource_group_name = var.resource_group.name
6 | storage_account_type = var.disk_type
7 | create_option = local.data_disks[count.index].create_option
8 | disk_size_gb = local.data_disks[count.index].disk_size_gb
9 |
10 | tags = merge(local.tags, var.tags)
11 | }
12 |
13 | resource "azurerm_managed_disk" "asm_disk" {
14 | count = length(local.asm_disks)
15 | name = "${var.naming}-asm-${count.index}"
16 | location = var.resource_group.location
17 | resource_group_name = var.resource_group.name
18 | storage_account_type = var.disk_type
19 | create_option = local.asm_disks[count.index].create_option
20 | disk_size_gb = local.asm_disks[count.index].disk_size_gb
21 |
22 | tags = merge(local.tags, var.tags)
23 | }
24 |
25 | resource "azurerm_managed_disk" "redo_disk" {
26 | count = length(local.redo_disks)
27 | name = "${var.naming}-redo-${count.index}"
28 | location = var.resource_group.location
29 | resource_group_name = var.resource_group.name
30 | storage_account_type = var.disk_type
31 | create_option = local.redo_disks[count.index].create_option
32 | disk_size_gb = local.redo_disks[count.index].disk_size_gb
33 |
34 | tags = merge(local.tags, var.tags)
35 | }
36 |
37 | resource "azurerm_virtual_machine_data_disk_attachment" "data_disk_attachment" {
38 | count = length(local.data_disks)
39 | managed_disk_id = azurerm_managed_disk.data_disk[count.index].id
40 | virtual_machine_id = var.vm.id
41 | caching = local.data_disks[count.index].caching
42 | write_accelerator_enabled = local.data_disks[count.index].write_accelerator_enabled
43 | lun = local.data_disks[count.index].lun
44 | }
45 |
46 | resource "azurerm_virtual_machine_data_disk_attachment" "asm_disk_attachment" {
47 | count = length(local.asm_disks)
48 | managed_disk_id = azurerm_managed_disk.asm_disk[count.index].id
49 | virtual_machine_id = var.vm.id
50 | caching = local.asm_disks[count.index].caching
51 | write_accelerator_enabled = local.asm_disks[count.index].write_accelerator_enabled
52 | lun = local.asm_disks[count.index].lun
53 | }
54 |
55 | resource "azurerm_virtual_machine_data_disk_attachment" "redo_disk_attachment" {
56 | count = length(local.redo_disks)
57 | managed_disk_id = azurerm_managed_disk.redo_disk[count.index].id
58 | virtual_machine_id = var.vm.id
59 | caching = local.redo_disks[count.index].caching
60 | write_accelerator_enabled = local.redo_disks[count.index].write_accelerator_enabled
61 | lun = local.redo_disks[count.index].lun
62 | }
63 |
64 | data "azurerm_managed_disk" "data_disk" {
65 | count = length(local.data_disks)
66 | name = azurerm_managed_disk.data_disk[count.index].name
67 | resource_group_name = var.resource_group.name
68 | }
69 |
70 | data "azurerm_managed_disk" "asm_disk" {
71 | count = length(local.asm_disks)
72 | name = azurerm_managed_disk.asm_disk[count.index].name
73 | resource_group_name = var.resource_group.name
74 | }
75 |
76 | data "azurerm_managed_disk" "redo_disk" {
77 | count = length(local.redo_disks)
78 | name = azurerm_managed_disk.redo_disk[count.index].name
79 | resource_group_name = var.resource_group.name
80 | }
81 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/outputs.tf:
--------------------------------------------------------------------------------
1 | output "data_disks" {
2 | value = local.data_disks
3 | }
4 |
5 | output "asm_disks" {
6 | value = local.asm_disks
7 | }
8 |
9 | output "redo_disks" {
10 | value = local.redo_disks
11 | }
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/providers.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">=1.2"
3 | required_providers {
4 | azurerm = {
5 | source = "hashicorp/azurerm"
6 | version = ">=3.11.0, <4.0"
7 | }
8 | azapi = {
9 | source = "Azure/azapi"
10 | version = "=1.8.0"
11 | }
12 | }
13 | }
14 |
15 | provider "azurerm" {
16 | features {
17 | resource_group {
18 | prevent_deletion_if_contains_resources = true
19 | }
20 | virtual_machine {
21 | delete_os_disk_on_deletion = true
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/resource_lock.tf:
--------------------------------------------------------------------------------
1 | resource "azurerm_management_lock" "data_disk" {
2 | count = length(var.data_disk_locks) > 1 && length(try(var.data_disk_locks.name, "")) > 1 ? 1 : 0
3 | name = var.data_disk_locks.name
4 | scope = data.azurerm_managed_disk.data_disk[0].id
5 | lock_level = var.data_disk_locks.type
6 |
7 | depends_on = [azurerm_managed_disk.data_disk]
8 | }
9 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/role_assignments.tf:
--------------------------------------------------------------------------------
1 | data "azurerm_client_config" "current" {}
2 |
3 | data "azurerm_role_definition" "builtin" {
4 | for_each = var.role_assignments
5 | name = each.value.name
6 | }
7 |
8 | resource "azurerm_role_assignment" "assignment" {
9 | for_each = var.role_assignments
10 | role_definition_name = data.azurerm_role_definition.builtin[each.key].name
11 | principal_id = data.azurerm_client_config.current.object_id
12 | scope = try(each.value.scope, data.azurerm_managed_disk.data_disk[0].id)
13 | skip_service_principal_aad_check = try(each.value.skip_service_principal_aad_check, false)
14 | description = try(each.value.description, null)
15 | condition = try(each.value.condition, null)
16 | condition_version = try(each.value.condition_version, null)
17 | }
18 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/variables_global.tf:
--------------------------------------------------------------------------------
1 | variable "naming" {
2 | description = "Defines the names for the resources"
3 | }
4 |
5 | variable "vm" {
6 | description = "Virtual machine name"
7 | }
8 |
9 | variable "resource_group" {
10 | description = "Details of the resource group"
11 | default = {}
12 | }
13 |
14 | variable "disk_type" {
15 | description = "The type of the storage account"
16 | default = "Premium_LRS"
17 | validation {
18 | condition = contains(["Standard_LRS", "StandardSSD_ZRS", "Premium_LRS", "PremiumV2_LRS", "Premium_ZRS", "StandardSSD_LRS", "UltraSSD_LRS"], var.disk_type)
19 | error_message = "Allowed values are Standard_LRS, StandardSSD_ZRS, Premium_LRS, PremiumV2_LRS, Premium_ZRS, StandardSSD_LRS, UltraSSD_LRS"
20 | }
21 | }
22 |
23 | variable "database_disks_options" {
24 | description = "Details of the database node"
25 | default = {
26 | data_disks = [
27 | {
28 | count = 1
29 | caching = "ReadOnly"
30 | create_option = "Empty"
31 | disk_size_gb = 1024
32 | lun = 20
33 | disk_type = "Premium_LRS"
34 | write_accelerator_enabled = false
35 | }
36 | ],
37 | asm_disks = [
38 | {
39 | count = 1
40 | caching = "ReadOnly"
41 | create_option = "Empty"
42 | disk_size_gb = 1024
43 | lun = 10
44 | disk_type = "Premium_LRS"
45 | write_accelerator_enabled = false
46 | }
47 | ]
48 | redo_disks = [
49 | {
50 | count = 1
51 | caching = "None"
52 | create_option = "Empty"
53 | disk_size_gb = 1024
54 | lun = 60
55 | disk_type = "Premium_LRS"
56 | write_accelerator_enabled = false
57 | }
58 | ]
59 | }
60 | }
61 |
62 | variable "role_assignments" {
63 | description = "Role assignments"
64 | default = {}
65 | }
66 |
67 | variable "data_disk_locks" {
68 | type = object({
69 | name = optional(string, "")
70 | type = optional(string, "CanNotDelete")
71 | })
72 | default = {}
73 | validation {
74 | condition = contains(["CanNotDelete", "ReadOnly"], var.data_disk_locks.type)
75 | error_message = "Lock type must be one of: CanNotDelete, ReadOnly."
76 | }
77 | }
78 | variable "tags" {
79 | description = "Tags to be added to the resources"
80 | default = {}
81 | }
82 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab2/terraform_units/modules/storage/variables_local.tf:
--------------------------------------------------------------------------------
1 | locals {
2 | data_disks = flatten(
3 | [
4 | for disk in var.database_disks_options.data_disks : [
5 | for i in range(0, disk.count) : {
6 | name = "${var.vm.name}-datadisk${i}"
7 | caching = disk.caching
8 | create_option = disk.create_option
9 | disk_size_gb = disk.disk_size_gb
10 | lun = disk.lun + i
11 | managed_disk_type = disk.disk_type
12 | storage_account_type = disk.disk_type
13 | write_accelerator_enabled = disk.write_accelerator_enabled
14 | }
15 | ]
16 | ]
17 | )
18 | asm_disks = flatten(
19 | [
20 | for disk in var.database_disks_options.asm_disks : [
21 | for i in range(0, disk.count) : {
22 | name = "${var.vm.name}-asmdisk${i}"
23 | caching = disk.caching
24 | create_option = disk.create_option
25 | disk_size_gb = disk.disk_size_gb
26 | lun = disk.lun + i
27 | managed_disk_type = disk.disk_type
28 | storage_account_type = disk.disk_type
29 | write_accelerator_enabled = disk.write_accelerator_enabled
30 | }
31 | ]
32 | ]
33 | )
34 | redo_disks = flatten(
35 | [
36 | for disk in var.database_disks_options.redo_disks : [
37 | for i in range(0, disk.count) : {
38 | name = "${var.vm.name}-redodisk${i}"
39 | caching = disk.caching
40 | create_option = disk.create_option
41 | disk_size_gb = disk.disk_size_gb
42 | lun = disk.lun + i
43 | managed_disk_type = disk.disk_type
44 | storage_account_type = disk.disk_type
45 | write_accelerator_enabled = disk.write_accelerator_enabled
46 | }
47 | ]
48 | ]
49 | )
50 | tags = {}
51 | }
52 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
1 | # Microsoft Open Source Code of Conduct
2 |
3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
4 |
5 | Resources:
6 |
7 | - [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
8 | - [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
9 | - Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
10 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/SECURITY.md:
--------------------------------------------------------------------------------
1 |
2 |
3 | ## Security
4 |
5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet) and [Xamarin](https://github.com/xamarin).
6 |
7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below.
8 |
9 | ## Reporting Security Issues
10 |
11 | **Please do not report security vulnerabilities through public GitHub issues.**
12 |
13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/security.md/msrc/create-report).
14 |
15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/security.md/msrc/pgp).
16 |
17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
18 |
19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
20 |
21 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
22 | * Full paths of source file(s) related to the manifestation of the issue
23 | * The location of the affected source code (tag/branch/commit or direct URL)
24 | * Any special configuration required to reproduce the issue
25 | * Step-by-step instructions to reproduce the issue
26 | * Proof-of-concept or exploit code (if possible)
27 | * Impact of the issue, including how an attacker might exploit the issue
28 |
29 | This information will help us triage your report more quickly.
30 |
31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/security.md/msrc/bounty) page for more details about our active programs.
32 |
33 | ## Preferred Languages
34 |
35 | We prefer all communications to be in English.
36 |
37 | ## Policy
38 |
39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd).
40 |
41 |
42 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/SUPPORT.md:
--------------------------------------------------------------------------------
1 | # Support
2 |
3 | ## How to file issues and get help
4 |
5 | This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates. For new issues, file your bug or feature request as a new Issue.
6 |
7 | Issues can be created and searched through for existing issues here: [https://github.com/Azure/alz-monitor/issues](https://github.com/Azure/alz-monitor/issues)
8 |
9 | Please provide as much information as possible when filing an issue. Include screenshots or correlation IDs if possible (please redact any sensitive information).
10 |
11 | For instructions on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id).
12 |
13 | We may ask you to create an Azure support request once we have triaged the issue following the process documented [here](https://docs.microsoft.com/azure/azure-portal/supportability/how-to-create-azure-support-request)
14 |
15 | ## Microsoft Support Policy
16 |
17 | If issues are encountered when deploying the policies contained in this repo users will be able to engage Microsoft support via their usual channels. Please provide correlation IDs where possible when contacting support to be able to investigate the issue effectively and in a timely fashion. For instructions on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id).
18 |
19 | Following list of issues are within the scope of Microsoft support:
20 |
21 | - Underlying Resource or Resource Provider issues when deploying policies for any deployment failures.
22 |
23 | Any issues that are deemed outside of the above list by Microsoft support and/or requires bugfix in the module or code in the repo, Microsoft support will redirect user to file the issue on GitHub.
24 |
25 | Project maintainers and community aim to get issues resolved in timely fashion as per community support policy of this repo.
26 |
27 | ## Community Support Policy
28 |
29 | Project maintainers will aim to respond within 3 business days to get a meaningful response for any new issues, however, whilst in preview this may sometimes be a little longer.
30 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/lab-images/media/image1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image1.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/lab-images/media/image2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image2.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/lab-images/media/image3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image3.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/lab-images/media/image4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image4.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/lab-images/media/image5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image5.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/lab-images/media/image6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image6.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/lab-images/media/image7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image7.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab3/lab-images/media/image8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/levelup-oracle-on-iaas/lab3/lab-images/media/image8.png
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/customscript.bicep:
--------------------------------------------------------------------------------
1 | @description('VM Name')
2 | param vmName string
3 |
4 | @description('Script Name')
5 | param scriptName string
6 |
7 | @description('Script Content')
8 | param scriptContent string
9 |
10 | @description('The Azure location .')
11 | param location string = resourceGroup().location
12 |
13 | // Run the supplied custom script
14 | resource runCustomScript 'Microsoft.Compute/virtualMachines/extensions@2023-07-01' = {
15 | name: '${vmName}/${scriptName}'
16 | // dependsOn: [deleteExistingExtension]
17 | location: location
18 | properties: {
19 | publisher: 'Microsoft.Azure.Extensions'
20 | type: 'CustomScript'
21 |
22 | typeHandlerVersion: '2.1'
23 | protectedSettings:{
24 | script: scriptContent
25 | }
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/dep.sh:
--------------------------------------------------------------------------------
1 | az group delete --name oragroup --yes
2 | az group create --resource-group oragroup --location centralindia
3 | az deployment group create --resource-group oragroup --template-file main.bicep --parameters main.bicepparam
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/main.bicep:
--------------------------------------------------------------------------------
1 | @description('Username for the Virtual Machine.')
2 | param adminUsername string
3 |
4 | @description('SSH key for the Virtual Machine.')
5 | param sshKey string
6 |
7 | @description('Location for all resources.')
8 | param location string = resourceGroup().location
9 |
10 | @description('The size of the VM')
11 | param vmSize string = 'Standard_D4ds_v5'
12 |
13 | @description('The size of the Observer VM')
14 | param observerVMSize string = 'Standard_D2ds_v5'
15 |
16 | @description('Name of the VNET')
17 | param virtualNetworkName string = 'vNet'
18 |
19 | @description('Name of the subnet in the virtual network')
20 | param dbSubnetName string = 'Subnet'
21 |
22 | @description('Name of the Network Security Group')
23 | param networkSecurityGroupName string = 'SecGroupNet'
24 |
25 | @description('Primary Oracle SID')
26 | param primaryOracleSid string = 'oradb01'
27 |
28 | @description('Secondary Oracle SID')
29 | param secondaryOracleSid string = 'oradb02'
30 |
31 | @description('Primary VM name')
32 | param primaryVMName string = 'primary'
33 |
34 | @description('Secondary VM name')
35 | param secondaryVMName string = 'secondary'
36 |
37 | @description('Observer VM name')
38 | param observerVMName string = 'observer'
39 |
40 | @description('Oracle SYS password')
41 | @secure()
42 | param oracleSysPassword string
43 |
44 | @description('Oracle Mount directory')
45 | param oracleMountDirectory string = '/u02'
46 |
47 | var subnetAddressPrefix = '10.1.0.0/24'
48 | var addressPrefix = '10.1.0.0/16'
49 |
50 | var primaryvmscript = loadTextContent('primary.sh')
51 | var secondaryvmscript = loadTextContent('secondary.sh')
52 | var observervmscript = loadTextContent('observer.sh')
53 |
54 |
55 | resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-04-01' = {
56 | name: networkSecurityGroupName
57 | location: location
58 | properties: {
59 | securityRules: [
60 | {
61 | name: 'SSH'
62 | properties: {
63 | priority: 1000
64 | protocol: 'Tcp'
65 | access: 'Allow'
66 | direction: 'Inbound'
67 | sourceAddressPrefix: '*'
68 | sourcePortRange: '*'
69 | destinationAddressPrefix: '*'
70 | destinationPortRange: '22'
71 | }
72 | }
73 | ]
74 | }
75 | }
76 |
77 | resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-04-01' = {
78 | name: virtualNetworkName
79 | location: location
80 | properties: {
81 | addressSpace: {
82 | addressPrefixes: [
83 | addressPrefix
84 | ]
85 | }
86 | }
87 | }
88 |
89 | resource subnet 'Microsoft.Network/virtualNetworks/subnets@2023-04-01' = {
90 | parent: virtualNetwork
91 | name: dbSubnetName
92 | properties: {
93 | addressPrefix: subnetAddressPrefix
94 | privateEndpointNetworkPolicies: 'Enabled'
95 | privateLinkServiceNetworkPolicies: 'Enabled'
96 | }
97 | }
98 | module primary './oravm.bicep' = {
99 | name: 'primary'
100 | params: {
101 | vmName: primaryVMName
102 | location: location
103 | adminUsername: adminUsername
104 | sshKey: sshKey
105 | subnetid: subnet.id
106 | networksecuritygroupid: networkSecurityGroup.id
107 | avZone: '1'
108 | vmSize: vmSize
109 | }
110 | }
111 |
112 |
113 | module secondary './oravm.bicep' = {
114 | name: 'secondary'
115 | params: {
116 | vmName: secondaryVMName
117 | location: location
118 | adminUsername: adminUsername
119 | sshKey: sshKey
120 | subnetid: subnet.id
121 | networksecuritygroupid: networkSecurityGroup.id
122 | avZone: '2'
123 | vmSize: vmSize
124 | }
125 | }
126 |
127 | module observer './oravm.bicep' = {
128 | name: 'observer'
129 | params: {
130 | vmName: observerVMName
131 | location: location
132 | adminUsername: adminUsername
133 | sshKey: sshKey
134 | subnetid: subnet.id
135 | networksecuritygroupid: networkSecurityGroup.id
136 | avZone: '2'
137 | vmSize: observerVMSize
138 | }
139 | }
140 |
141 | // Setup parameters to be passed to script
142 | var varFile = loadTextContent('variables.txt')
143 | var scriptVariables = replace(replace(replace(replace(replace(replace(replace(varFile,'',primaryOracleSid), '', secondaryOracleSid),'', primaryVMName),'',secondaryVMName),'',observerVMName),'',oracleSysPassword),'',oracleMountDirectory)
144 |
145 |
146 | //Configure Primary database VM, after all components are provisioned
147 | module vmonescript 'customscript.bicep' = {
148 | name: 'vmonescript'
149 | dependsOn: [primary,secondary,observer]
150 | params: {
151 | scriptName: 'primary1'
152 | vmName: primary.name
153 | location: location
154 | scriptContent: base64(replace(primaryvmscript,'#',scriptVariables))
155 | }
156 | }
157 |
158 | //Configure secondary database VM, after primary VM is configured successfully
159 | module vmtwoscript 'customscript.bicep' = {
160 | name: 'vmtwoscript'
161 | dependsOn: [vmonescript]
162 | params: {
163 | scriptName: 'secondary1'
164 | vmName: secondary.name
165 | location: location
166 | scriptContent: base64(replace(secondaryvmscript,'#',scriptVariables))
167 | }
168 | }
169 |
170 | //Configure observer VM, after primary and secondary VM are configured successfully
171 | module vmthreescript 'customscript.bicep' = {
172 | name: 'vmthreescript'
173 | dependsOn: [vmtwoscript]
174 | params: {
175 | scriptName: 'observer1'
176 | vmName: observer.name
177 | location: location
178 | scriptContent: base64(replace(observervmscript,'#',scriptVariables))
179 | }
180 | }
181 |
182 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/main.bicepparam:
--------------------------------------------------------------------------------
1 | using 'main.bicep'
2 | param adminUsername='bala'
3 | param sshKey='ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeCq3pYt6uTuIKv8nreycCgwsvLQFEJ0q7WPswOckhaG87kxopxXfXbGiMbbgcgVDg+0UIWZB6ZTspFHR5pS/U6CeJzPFQ8C6iI3Evip4jqyaQ1uY87mjMZGWKa+OAgK7gmzWCZmXNcQ1Mmd/hJrQCQGHah3HiPWl1j96s6nxoI4dW6MKggdC2WFWVxIAGLYqWMndMOGVRfiYPv3c2jliTnvZK/KJgJV4vu8+BbpvsIbqhJDx4ONk+9KfYLb/pA9QlJFVBki5VUlYDo565JNclS5Y5Qu0/tbwIOj06Gr4kUy/CgrFFnReykT7+OXbjyPD7O6s+2yzK+H5UZFtHuzlRfJGwqfG9jk/5EPhnyW5eb/tO07icSjVnfdCncTspjZMnwEbHwF4ksYQKM45ArHLHKAXB+uExpoqBysHS5hXLCwG2NclwlC6Lsm+BOacdFwFWMCTGEsGf36c6eMQexnr2U0WnH7qxrJBjxyqwCLeWWQslw297kU/2IvuTWpDoMqM= bala@stormbringer'
4 | param oracleSysPassword='oracleA1'
5 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/observer.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Script to configure observer database VM
3 | echo '---------------------------------------------------------------------'
4 | echo 'Configure Data guard replication settings, start the observer '
5 | echo '---------------------------------------------------------------------'
6 | echo
7 | echo
8 | sudo -E su - oracle <<"SUEOF"
9 | #!/bin/bash
10 |
11 | #
12 |
13 | export ORACLE_SID=${_primaryOraSid}
14 | export ORACLE_HOME=${_oraHome}
15 | export PATH=${_oraHome}/bin:${PATH}
16 | export TNS_ADMIN=${_oraHome}/network/admin
17 |
18 |
19 | echo Modify tnsnames.ora
20 | cat >> ${TNS_ADMIN}/tnsnames.ora << TNSHERE
21 |
22 | ${_primaryOraSid}=
23 | (DESCRIPTION = (FAILOVER = ON)(LOAD_BALANCE = OFF)
24 | (ADDRESS_LIST =
25 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521))
26 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521))
27 | )
28 | (CONNECT_DATA =
29 | (SERVICE_NAME = PRIMARY)
30 | (SERVER = DEDICATED)
31 | )
32 | )
33 |
34 | ${_primaryOraSid}_dgmgrl =
35 | (DESCRIPTION =
36 | (ADDRESS_LIST =
37 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521))
38 | )
39 | (CONNECT_DATA =
40 | (SERVER = DEDICATED)
41 | (SERVICE_NAME = ${_primaryOraSid}_dgmgrl)
42 | )
43 | )
44 |
45 | ${_stdbyOraSid}_dgmgrl =
46 | (DESCRIPTION =
47 | (ADDRESS_LIST =
48 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521))
49 | )
50 | (CONNECT_DATA =
51 | (SERVER = DEDICATED)
52 | (SERVICE_NAME = ${_stdbyOraSid}_dgmgrl)
53 | )
54 | )
55 |
56 | ${_primaryOraSid}_taf =
57 | (DESCRIPTION =
58 | (FAILOVER = ON)
59 | (LOAD_BALANCE = OFF)
60 | (ADDRESS_LIST =
61 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521))
62 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521))
63 | )
64 | (CONNECT_DATA =
65 | (SERVICE_NAME = PRIMARY)
66 | (FAILOVER_MODE =
67 | (TYPE = SELECT)
68 | (METHOD = BASIC)
69 | (RETRIES = 300)
70 | (DELAY = 1)
71 | )
72 | )
73 | )
74 |
75 | TNSHERE
76 |
77 | echo Starting Data guard configuration
78 | export ORACLE_SID=${_primaryOraSid}
79 | dgmgrl sys/${_oraSysPwd}@${_primaryOraSid}_dgmgrl << __EOF__
80 |
81 | create configuration 'FSF' as primary database is ${_primaryOraSid} connect identifier is ${_primaryOraSid}_dgmgrl;
82 | add database ${_stdbyOraSid} as connect identifier is ${_stdbyOraSid}_dgmgrl maintained as physical;
83 |
84 | edit database ${_primaryOraSid} set property LogXptMode='SYNC';
85 | edit database ${_primaryOraSid} set property NetTimeout=10;
86 | edit database ${_stdbyOraSid} set property LogXptMode='SYNC';
87 | edit database ${_stdbyOraSid} set property NetTimeout=10;
88 |
89 | enable configuration;
90 | host sleep 10
91 | show configuration
92 | enable fast_start failover;
93 | host sleep 10
94 |
95 | __EOF__
96 |
97 | echo Create a script to launch the observer
98 | cat >> /home/oracle/observer_start.sh << _CAT_
99 | #!/bin/bash
100 | # This script is used to start the Observer in the background.
101 |
102 | export ORACLE_SID=${_primaryOraSid}
103 | dgmgrl << STEOF
104 | connect sys/${_oraSysPwd}@${_primaryOraSid}_dgmgrl
105 | show configuration
106 | show fast_start failover
107 | start observer
108 | STEOF
109 |
110 | _CAT_
111 |
112 | echo Run the observer script in background
113 | chmod +x /home/oracle/observer_start.sh
114 | nohup /home/oracle/observer_start.sh > /home/oracle/observer.log 2>/home/oracle/observer.err &
115 |
116 | echo "Observer has been started."
117 |
118 | SUEOF
119 |
120 | echo '---------------------------------------------------------------------'
121 | echo 'All complete. '
122 | echo '---------------------------------------------------------------------'
123 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/oravm.bicep:
--------------------------------------------------------------------------------
1 | @description('The name of you Virtual Machine.')
2 | param vmName string = 'oravm'
3 |
4 | @description('Username for the Virtual Machine.')
5 | param adminUsername string
6 |
7 | @description('SSH key for the Virtual Machine.')
8 | param sshKey string
9 |
10 | @description('The size of the VM')
11 | param vmSize string = 'Standard_D2ds_v5'
12 |
13 | @description('Availability zone')
14 | param avZone string = '1'
15 |
16 | @description('Location for all resources.')
17 | param location string = resourceGroup().location
18 |
19 | @description('Unique DNS Name for the Public IP used to access the Virtual Machine.')
20 | param dnsLabelPrefix string = toLower('${vmName}-${uniqueString(resourceGroup().id)}')
21 |
22 | @description('Resource ID of the subnet in the virtual network')
23 | param subnetid string = 'Subnet'
24 |
25 | @description('Name of the Network Security Group')
26 | param networksecuritygroupid string = 'SecGroupNet'
27 |
28 |
29 | var publicIPAddressName = '${vmName}PublicIP'
30 | var networkInterfaceName = '${vmName}NetInt'
31 | var oracleImageReference = {
32 | publisher: 'oracle'
33 | offer: 'oracle-database-19-3'
34 | sku: 'oracle-database-19-0904'
35 | version: 'latest'
36 | }
37 |
38 | var sshConfiguration = {
39 | disablePasswordAuthentication: true
40 | ssh: {
41 | publicKeys: [
42 | {
43 | path: '/home/${adminUsername}/.ssh/authorized_keys'
44 | keyData: sshKey
45 | }
46 | ]
47 | }
48 | }
49 |
50 |
51 | resource networkInterface 'Microsoft.Network/networkInterfaces@2023-04-01' = {
52 | name: networkInterfaceName
53 | location: location
54 |
55 | properties: {
56 | enableAcceleratedNetworking: true
57 | ipConfigurations: [
58 | {
59 | name: 'ipconfig1'
60 | properties: {
61 | subnet: {
62 | id: subnetid
63 | }
64 | privateIPAllocationMethod: 'Dynamic'
65 | publicIPAddress: {
66 | id: publicIPAddress.id
67 | }
68 | }
69 | }
70 | ]
71 | networkSecurityGroup: {
72 | id: networksecuritygroupid
73 | }
74 | }
75 | }
76 |
77 | resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2023-04-01' = {
78 | name: publicIPAddressName
79 | location: location
80 | sku: {
81 | name: 'Standard'
82 | }
83 | zones:[avZone]
84 | properties: {
85 | publicIPAllocationMethod: 'Static'
86 | publicIPAddressVersion: 'IPv4'
87 | dnsSettings: {
88 | domainNameLabel: dnsLabelPrefix
89 | }
90 | idleTimeoutInMinutes: 4
91 | }
92 | }
93 |
94 | resource vm 'Microsoft.Compute/virtualMachines@2023-03-01' = {
95 | name: vmName
96 | location: location
97 | zones: [avZone]
98 | identity: {
99 | type: 'SystemAssigned'
100 | }
101 | properties: {
102 |
103 | hardwareProfile: {
104 | vmSize: vmSize
105 | }
106 | storageProfile: {
107 | dataDisks: [
108 | {
109 | caching: 'None'
110 | createOption: 'Empty'
111 | deleteOption: 'Delete'
112 | diskSizeGB: 128
113 | lun: 1
114 | managedDisk: {
115 | storageAccountType: 'Premium_LRS'
116 | }
117 | }
118 | ]
119 | osDisk: {
120 | createOption: 'FromImage'
121 | managedDisk: {
122 | storageAccountType: 'Premium_LRS'
123 | }
124 | }
125 | imageReference: oracleImageReference
126 | }
127 | networkProfile: {
128 | networkInterfaces: [
129 | {
130 | id: networkInterface.id
131 | }
132 | ]
133 | }
134 | osProfile: {
135 | computerName: vmName
136 | adminUsername: adminUsername
137 | linuxConfiguration: sshConfiguration
138 | }
139 |
140 | }
141 | }
142 |
143 | output vmManagedidentity string = vm.identity.principalId
144 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/readme.md:
--------------------------------------------------------------------------------
1 | # Lab 4: Implement High Availability for Oracle on Azure Using DataGuard
2 |
3 | This is a (partial) adaptation of the Oracle Data guard implementation avavilable here, converted into Bicep/Azure Resource Manager templates:
4 | https://github.com/Azure/Oracle-Workloads-for-Azure/tree/main/oradg
5 |
6 | This template deploys the following resources:
7 |
8 | - Primary Oracle Database VM with a data disk
9 | - Secondary Oracle Database VM with a data disk
10 | - Observer VM
11 |
12 | ## Bicep Modules:
13 |
14 | - Main.bicep : this is the driver script for deploying resources
15 | - Oravm.bicep : this module includes the resources for creating the VM such as Public-IP , Data disk etc, and also creates the VM resource based on Oracle Marketplace image.
16 | - Customscript.bicep : this module wrips custom script execution on the respective VM
17 |
18 | ## Sequence of operations:
19 |
20 | - Provisioning of VMs
21 | - Primary DB VM configuration (primary.sh)
22 | - File system creation
23 | - Oracle DB creation and configuration
24 | - Modifying Oracle config files incouding tnsnames.ora and listener.ora
25 | - Disable VM firewall (such that replication can happen between primary and secondary)
26 | - Secondary DB VM configuration (secondary.sh)
27 | - File system creation
28 | - Create Oracle duplicate DB through DBCA
29 | - Modifying Oracle config files including tnsnames.ora and listener.ora
30 | - Observer VM configuration (observer.sh)
31 | - Data Guard configuration
32 | - Fast Start failover configuration
33 | - Start of Observer component
34 |
35 | ## Prerequisites
36 |
37 | - A valid Azure subscription with at least contributor privileges
38 | - Quota available for atleast 10 vCPUs (4 each for Primary and secondary, 2 for Observer) in the selected azure region. The default VM SKU is Standard_D4ds_v5 for Primary/Secondary, and Standard_D2ds_v5 for observer. Any other General purpose series of similar configuration can be substituted - such as Ddsv4, Dasv4 or Dasv5
39 | - Latest Azure CLI installed
40 | - Bicep CLI 0.14.85 or later (upgrade with "az bicep upgrade")
41 | - A valid ssh key pair. https://learn.microsoft.com/en-us/azure/virtual-machines/linux/mac-create-ssh-keys
42 |
43 | ## How to deploy the template
44 |
45 | - Clone this repo
46 |
47 | ```powershell
48 | git clone https://github.com/Azure/Oracle-Workloads-for-Azure.git
49 | ```
50 |
51 | - Modify the main.bicepparam file and update adminusername for the Oracle VM, and the ssh public key. The public key should be in ~/.ssh/id_rsa.pub by default.
52 |
53 | - If the VM size needs to be customized, add a parameter for VMsize in main.bicepparam. example:
54 |
55 | ```powershell
56 | param vmSize = 'Standard_D4ds_v4'
57 | ```
58 |
59 | - Login to Azure CLI (if not in Cloud shell)
60 |
61 | - Deploy a resource group in your preferred region, where quota is available
62 |
63 | ```powershell
64 | az group create --resource-group oragroup --location centralindia
65 | ```
66 |
67 | - Deploy the template using the following command
68 |
69 | ```powershell
70 | az deployment group create --resource-group oragroup --template-file main.bicep --parameters main.bicepparam
71 | ```
72 |
73 | - Deployment progress can be viewed in Azure Portal. (Portal -> Resource group -> Deployments). Custom script logs are written in each VM by default to the directory: /var/lib/waagent/custom-script/download/0/ . The complete deployment should take about ~20 mins.
74 |
75 | ## How to verify the deployment
76 |
77 | - Verify if template deployment is fully successful, without any errors.
78 | - Login to the Observer node, using ssh. Please note that if JIT policy is enabled on your VM automatically, you have to Request access before running ssh.
79 |
80 | ```powershell
81 | ssh @
82 | ```
83 |
84 | - Sudo into the Oracle account
85 |
86 | ```powershell
87 | sudo su - oracle
88 | ```
89 |
90 | - Run Data guard command line utility. Messages similar to following will be displayed
91 |
92 | ```powershell
93 | [oracle@observer ~]$ dgmgrl sys/oracleA1@oradb01_dgmgrl
94 | DGMGRL for Linux: Release 19.0.0.0.0 - Production on Sun Oct 15 16:03:04 2023
95 | Version 19.3.0.0.0
96 |
97 | Copyright (c) 1982, 2019, Oracle and/or its affiliates. All rights reserved.
98 |
99 | Welcome to DGMGRL, type "help" for information.
100 | Connected to "oradb01"
101 | Connected as SYSDBA.
102 | ```
103 |
104 | - Run 'show configuration' command in DG command line utility
105 |
106 | ```powershell
107 | DGMGRL> show configuration;
108 |
109 | Configuration - FSF
110 |
111 | Protection Mode: MaxAvailability
112 | Members:
113 | oradb01 - Primary database
114 | oradb02 - (*) Physical standby database
115 |
116 | Fast-Start Failover: Enabled in Zero Data Loss Mode
117 |
118 | Configuration Status:
119 | SUCCESS (status updated 43 seconds ago)
120 |
121 | DGMGRL>
122 | ```
123 |
124 | Output similar to above should be displayed. This means that Data guard has been deployed, with Fast-start Failover enabled and set to Maximum availability.
125 |
126 | ## Scenarios
127 |
128 | Following are instructions for testing switchover, failover capabilities
129 |
130 | [Scenarios](scenarios.md)
131 |
132 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/secondary.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Script to configure secondary database VM
3 |
4 | echo '---------------------------------------------------------------------'
5 | echo 'Create the replica database, configure the DB, modify TNS entries '
6 | echo '---------------------------------------------------------------------'
7 | echo
8 | echo
9 | echo 'Creating file systems ...'
10 | export datadisk=`lsscsi | grep "^\[[0-9]:[0-9]:[0-9]:1.*" | awk -F' ' '{print $NF}'`
11 | export datadiskdevice=`echo "${datadisk}1"`
12 | export datadiskpattern=`echo ${datadisk} | cut -d'/' -f3`
13 | /usr/sbin/parted ${datadisk} mklabel gpt
14 | /usr/sbin/parted -a opt ${datadisk} mkpart primary xfs 0% 100%
15 | mkdir /u02
16 | /usr/sbin/mkfs.xfs ${datadiskdevice}
17 | mount ${datadiskdevice} /u02
18 | mkdir /u02/oradata /u02/orarecv
19 | chown oracle:oinstall /u02 -R
20 | diskuuid=`ls -l /dev/disk/by-uuid | grep ${datadiskpattern} | awk '{i=NF-2;print $i}'`
21 | mntopts=`sudo mount | grep u02 | awk '{print $NF}' | sed 's/(//' | sed 's/)//'`
22 | echo UUID=$diskuuid /u02 xfs $mntopts 0 0 >> /etc/fstab
23 | echo 'Finished creating file systems'
24 | echo 'disable firewall'
25 | systemctl stop firewalld
26 | systemctl disable firewalld
27 |
28 |
29 | sudo -E su - oracle <<"SUEOF"
30 | #!/bin/bash
31 |
32 | #
33 |
34 | export ORACLE_SID=${_primaryOraSid}
35 | export ORACLE_HOME=${_oraHome}
36 | export PATH=${_oraHome}/bin:${PATH}
37 | export TNS_ADMIN=${_oraHome}/network/admin
38 |
39 |
40 | echo Modify tnsnames.ora
41 | cat >> ${TNS_ADMIN}/tnsnames.ora << TNSHERE
42 |
43 | ${_primaryOraSid}=
44 | (DESCRIPTION = (FAILOVER = ON)(LOAD_BALANCE = OFF)
45 | (ADDRESS_LIST =
46 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521))
47 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521))
48 | )
49 | (CONNECT_DATA =
50 | (SERVICE_NAME = PRIMARY)
51 | (SERVER = DEDICATED)
52 | )
53 | )
54 |
55 | ${_primaryOraSid}_${_vmNbr1}=
56 | (DESCRIPTION =
57 | (ADDRESS_LIST =
58 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521))
59 | )
60 | (CONNECT_DATA =
61 | (SERVICE_NAME = ${_primaryOraSid}_${_vmNbr1})
62 | (SERVER = DEDICATED)
63 | )
64 | )
65 |
66 | ${_stdbyOraSid}_${_vmNbr2}=
67 | (DESCRIPTION =
68 | (ADDRESS_LIST =
69 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521))
70 | )
71 | (CONNECT_DATA =
72 | (SERVICE_NAME = ${_stdbyOraSid}_${_vmNbr2})
73 | (SERVER = DEDICATED)
74 | )
75 | )
76 |
77 | ${_primaryOraSid}_dgmgrl =
78 | (DESCRIPTION =
79 | (ADDRESS_LIST =
80 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521))
81 | )
82 | (CONNECT_DATA =
83 | (SERVER = DEDICATED)
84 | (SERVICE_NAME = ${_primaryOraSid}_dgmgrl)
85 | )
86 | )
87 |
88 | ${_stdbyOraSid}_dgmgrl =
89 | (DESCRIPTION =
90 | (ADDRESS_LIST =
91 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521))
92 | )
93 | (CONNECT_DATA =
94 | (SERVER = DEDICATED)
95 | (SERVICE_NAME = ${_stdbyOraSid}_dgmgrl)
96 | )
97 | )
98 |
99 | ${_primaryOraSid}_taf =
100 | (DESCRIPTION =
101 | (FAILOVER = ON)
102 | (LOAD_BALANCE = OFF)
103 | (ADDRESS_LIST =
104 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName1}.${_vmDomain})(PORT = 1521))
105 | (ADDRESS = (PROTOCOL = TCP)(HOST = ${_vmName2}.${_vmDomain})(PORT = 1521))
106 | )
107 | (CONNECT_DATA =
108 | (SERVICE_NAME = PRIMARY)
109 | (FAILOVER_MODE =
110 | (TYPE = SELECT)
111 | (METHOD = BASIC)
112 | (RETRIES = 300)
113 | (DELAY = 1)
114 | )
115 | )
116 | )
117 |
118 | TNSHERE
119 |
120 | echo create standby database
121 | dbca -silent -createDuplicateDB \
122 | -gdbName ${_primaryOraSid} \
123 | -sysPassword ${_oraSysPwd} \
124 | -sid ${_stdbyOraSid} \
125 | -createAsStandby \
126 | -dbUniqueName ${_stdbyOraSid} \
127 | -primaryDBConnectionString ${_vmName1}.${_vmDomain}:${_oraLsnrPort}/${_primaryOraSid}
128 |
129 | echo create the Listener.ora config in Secondary
130 | cat >> ${_oraHome}/network/admin/listener.ora << EOF
131 | SID_LIST_${_oraLsnr}=
132 | (SID_LIST =
133 | (SID_DESC =
134 | (GLOBAL_DBNAME = ${_stdbyOraSid}_dgmgrl)
135 | (ORACLE_HOME = ${_oraHome})
136 | (SID_NAME = ${_stdbyOraSid})
137 | )
138 | )
139 | EOF
140 | lsnrctl reload ${_oraLsnr}
141 |
142 | export ORACLE_SID=${_stdbyOraSid}
143 | sqlplus -S / as sysdba << __EOF__
144 |
145 | ALTER SYSTEM SET SERVICE_NAMES='${_stdbyOraSid}','${_stdbyOraSid}_dgmgrl' SCOPE=BOTH;
146 | ALTER SYSTEM SET LOG_ARCHIVE_CONFIG='DG_CONFIG=${_primaryOraSid}' SCOPE=BOTH;
147 | ALTER DATABASE SET STANDBY DATABASE TO MAXIMIZE AVAILABILITY;
148 | ALTER DATABASE FLASHBACK ON;
149 |
150 | __EOF__
151 |
152 | SUEOF
153 |
154 | echo '---------------------------------------------------------------------'
155 | echo 'All complete. '
156 | echo '---------------------------------------------------------------------'
157 |
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/lab4/variables.txt:
--------------------------------------------------------------------------------
1 | export _primaryOraSid=""
2 | export _stdbyOraSid=""
3 | export _oraHome="/u01/app/oracle/product/19.0.0/dbhome_1"
4 | export _oraInvDir="/u01/app/oraInventory"
5 | export _oraOsAcct="oracle"
6 | export _oraOsGroup="oinstall"
7 | export _oraCharSet="WE8ISO8859P15"
8 | export _oraMntDir=""
9 | export _oraDataDir="${_oraMntDir}/oradata"
10 | export _oraFRADir="${_oraMntDir}/orarecv"
11 | export _oraSysPwd=""
12 | export _oraRedoSizeMB=500
13 | export _oraLsnr="LISTENER"
14 | export _oraLsnrPort=1521
15 | export _vmName1=""
16 | export _vmName2=""
17 | export _vmName3=""
18 | export _vmNbr1="vm01"
19 | export _vmNbr2="vm02"
20 | export _vmNbr3="vm03"
21 | export _vmDomain="internal.cloudapp.net"
--------------------------------------------------------------------------------
/levelup-oracle-on-iaas/readme.md:
--------------------------------------------------------------------------------
1 | # LevelUp: Oracle on IaaS
2 |
3 | Lab Instructions
4 |
5 | - [Lab 1: Capacity Planning](./lab1/readme.md)
6 | - [Lab 2: Deploying Oracle Landing Zone](./lab2/README.md)
7 | - [Lab 3: Integrate Oracle Backups with Azure Backup](./lab3/readme.md)
8 | - [Lab 4: Implement High Availability for Oracle on Azure Using DataGuard](./lab4/readme.md)
9 |
--------------------------------------------------------------------------------
/omat/media/data-awr-details.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/data-awr-details.png
--------------------------------------------------------------------------------
/omat/media/data-summary-by-db.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/data-summary-by-db.png
--------------------------------------------------------------------------------
/omat/media/recommendations-filters.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/recommendations-filters.png
--------------------------------------------------------------------------------
/omat/media/recommendations-storage.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/recommendations-storage.png
--------------------------------------------------------------------------------
/omat/media/recommendations-vms.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/recommendations-vms.png
--------------------------------------------------------------------------------
/omat/media/settings.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/media/settings.png
--------------------------------------------------------------------------------
/omat/readme:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/omat/setup.ps1:
--------------------------------------------------------------------------------
1 | #New-Item -ItemType Directory -Force -Path C:\OMAT | Out-Null;Set-Location C:\OMAT;Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser;Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/master/omat/setup.ps1 -OutFile .\setup.ps1;Unblock-File -Path .\setup.ps1;.\setup.ps1
2 | #New-Item -ItemType Directory -Force -Path C:\OMAT | Out-Null;Set-Location C:\OMAT;Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser;Invoke-WebRequest -Uri https://raw.githubusercontent.com/onderyildirim/Oracle-Workloads-for-Azure/onderyildirim-omat-tool-update/omat/setup.ps1 -OutFile .\setup.ps1;Unblock-File -Path .\setup.ps1;.\setup.ps1
3 |
4 |
5 | Write-Host "Downloading omat.ps1"
6 | Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/master/omat/omat.ps1 -OutFile .\omat.ps1
7 | Write-Host "Unblocking omat.ps1"
8 | Unblock-File -Path .\omat.ps1
9 | Write-Host "Downloading template.xlsm"
10 | Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/master/omat/template.xlsm -OutFile .\template.xlsm
11 | Write-Host "Unblocking template.xlsm"
12 | Unblock-File -Path .\template.xlsm
13 |
14 | $azCmd=Get-Command -Name 'az' -ErrorAction SilentlyContinue
15 |
16 | if($null -eq $azCmd) {
17 | Write-Host "Azure CLI is not found."
18 | Write-Host "Downloading Azure CLI."
19 | Invoke-WebRequest -Uri https://aka.ms/installazurecliwindows -OutFile .\AzureCLI.msi
20 | Write-Host "Installing Azure CLI."
21 | Start-Process msiexec.exe -Wait -ArgumentList '/I AzureCLI.msi /quiet'
22 | Write-Host "Cleanup Azure CLI install files."
23 | Remove-Item .\AzureCLI.msi
24 | }
25 | else
26 | {
27 | Write-Host "Azure CLI found."
28 | Write-Host (az --version 2>$null)[0]
29 | }
30 |
31 |
--------------------------------------------------------------------------------
/omat/template.xlsm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure/Oracle-Workloads-for-Azure/ac486a53cea065ef3ffe09d7242013ea3f7dff3a/omat/template.xlsm
--------------------------------------------------------------------------------
/oravm/oravm_output.txt:
--------------------------------------------------------------------------------
1 | Thu Apr 13 04:05:05 AM UTC 2023 - INFO: cr_oravm.sh version 2.0...
2 | Thu Apr 13 04:05:05 AM UTC 2023 - INFO: az account set...
3 | Thu Apr 13 04:05:05 AM UTC 2023 - INFO: az group exists -n tim-oravm-rg...
4 | Thu Apr 13 04:05:06 AM UTC 2023 - INFO: az configure --defaults group location...
5 | Thu Apr 13 04:05:06 AM UTC 2023 - INFO: az network vnet create tim-oravm-vnet...
6 | Thu Apr 13 04:05:12 AM UTC 2023 - INFO: az network nsg create tim-oravm-nsg...
7 | Thu Apr 13 04:05:17 AM UTC 2023 - INFO: az network nsg rule create ssh-cloud-shell...
8 | Thu Apr 13 04:05:29 AM UTC 2023 - INFO: az network nsg rule create smb-cloud-shell...
9 | Thu Apr 13 04:05:41 AM UTC 2023 - INFO: az network public-ip create tim-oravm-public-ip01...
10 | Thu Apr 13 04:05:44 AM UTC 2023 - INFO: az network nic create tim-oravm-nic01...
11 | Thu Apr 13 04:06:16 AM UTC 2023 - INFO: az vm create tim-oravm-vm01...
12 | Thu Apr 13 04:07:21 AM UTC 2023 - INFO: az storage account create timoravmsa01...
13 | Thu Apr 13 04:07:43 AM UTC 2023 - INFO: az storage share create tim-oravm-share01...
14 | Thu Apr 13 04:07:44 AM UTC 2023 - INFO: az storage account show timoravmsa01...
15 | Thu Apr 13 04:07:45 AM UTC 2023 - INFO: az storage account timoravmsa01 is "https://timoravmsa01.file.core.windows.net/"...
16 | Thu Apr 13 04:07:46 AM UTC 2023 - INFO: az storage account keys list timoravmsa01...
17 | Thu Apr 13 04:07:46 AM UTC 2023 - DBUG: az storage account keys list is "xxxxx"
18 | Thu Apr 13 04:07:46 AM UTC 2023 - INFO: az backup vault create tim-oravm-vault01...
19 | Thu Apr 13 04:08:50 AM UTC 2023 - INFO: az backup policy create tim-oravm-policy01...
20 | Thu Apr 13 04:08:51 AM UTC 2023 - INFO: az network public-ip show tim-oravm-public-ip01...
21 | Thu Apr 13 04:08:53 AM UTC 2023 - INFO: public IP 20.163.86.57 for tim-oravm-vm01...
22 | Thu Apr 13 04:08:53 AM UTC 2023 - INFO: az network nic show tim-oravm-nic01...
23 | Thu Apr 13 04:08:54 AM UTC 2023 - INFO: private IP 10.0.0.4 for tim-oravm-vm01...
24 | Thu Apr 13 04:08:54 AM UTC 2023 - INFO: mkdir /u02 on tim-oravm-vm01...
25 | Thu Apr 13 04:08:54 AM UTC 2023 - INFO: yum install -y lvm2 xfsprogs xfsdump on tim-oravm-vm01...
26 | Thu Apr 13 04:09:24 AM UTC 2023 - INFO: az vm disk attach (tim-oravm-vm01-datadisk01)...
27 | Thu Apr 13 04:09:57 AM UTC 2023 - INFO: parted /dev/sdc mklabel on tim-oravm-vm01...
28 | Thu Apr 13 04:09:57 AM UTC 2023 - INFO: parted /dev/sdc mkpart primary on tim-oravm-vm01...
29 | Thu Apr 13 04:09:58 AM UTC 2023 - INFO: pvcreate /dev/sdc1 on tim-oravm-vm01...
30 | Thu Apr 13 04:09:58 AM UTC 2023 - INFO: vgcreate vg_ora01 /dev/sdc1 on tim-oravm-vm01...
31 | Thu Apr 13 04:09:59 AM UTC 2023 - INFO: vgdisplay vg_ora01 on tim-oravm-vm01...
32 | Thu Apr 13 04:10:00 AM UTC 2023 - INFO: lvcreate vg_ora01 on tim-oravm-vm01...
33 | Thu Apr 13 04:10:00 AM UTC 2023 - INFO: mkfs -t xfs /dev/vg_ora01/lv_ora01 on tim-oravm-vm01...
34 | Thu Apr 13 04:10:22 AM UTC 2023 - INFO: mount /dev/vg_ora01/lv_ora01 /u02 on tim-oravm-vm01...
35 | Thu Apr 13 04:10:24 AM UTC 2023 - INFO: configure waagent to manage resource disk on tim-oravm-vm01...
36 | Thu Apr 13 04:10:24 AM UTC 2023 - INFO: retrieve resource disk mount point from /etc/waagent.conf on tim-oravm-vm01...
37 | Thu Apr 13 04:10:25 AM UTC 2023 - INFO: free -m to find physical RAM on tim-oravm-vm01...
38 | Thu Apr 13 04:10:26 AM UTC 2023 - INFO: configure waagent for 23658M swap on tim-oravm-vm01...
39 | Thu Apr 13 04:10:26 AM UTC 2023 - INFO: mkdir /u02/oradata /u02/orarecv /backup on tim-oravm-vm01...
40 | Thu Apr 13 04:10:26 AM UTC 2023 - INFO: chown oracle:oinstall /u02/oradata /u02/orarecv /backup on tim-oravm-vm01...
41 | Thu Apr 13 04:10:27 AM UTC 2023 - INFO: copy oraInst.loc file on tim-oravm-vm01
42 | Thu Apr 13 04:10:28 AM UTC 2023 - INFO: yum update on tim-oravm-vm01 (1: be prepared - long wait)...
43 | Thu Apr 13 04:18:17 AM UTC 2023 - INFO: 2nd yum update on tim-oravm-vm01...
44 | Thu Apr 13 04:20:58 AM UTC 2023 - INFO: yum install cifs-utils on tim-oravm-vm01...
45 | Thu Apr 13 04:21:07 AM UTC 2023 - INFO: set contents of /etc/smbcredentials/timoravmsa01.cred on tim-oravm-vm01...
46 | Thu Apr 13 04:21:10 AM UTC 2023 - INFO: mount -t cifs //timoravmsa01.file.core.windows.net/tim-oravm-share01 /backup on tim-oravm-vm01...
47 | Thu Apr 13 04:21:10 AM UTC 2023 - INFO: set CIFS/SMB info into /etc/fstab on tim-oravm-vm01...
48 | Thu Apr 13 04:21:11 AM UTC 2023 - INFO: dbca -createDatabase oradb01 on tim-oravm-vm01 (be prepared - long wait)...
49 | Thu Apr 13 04:30:56 AM UTC 2023 - INFO: create "/root/orareboot.sh" on tim-oravm-vm01
50 | Thu Apr 13 04:30:57 AM UTC 2023 - INFO: run "/root/orareboot.sh" on tim-oravm-vm01
51 | Thu Apr 13 04:30:58 AM UTC 2023 - INFO: move TEMP tablespace to temporary disk on tim-oravm-vm01...
52 | Thu Apr 13 04:31:38 AM UTC 2023 - INFO: configure FLASH CACHE to temporary disk on tim-oravm-vm01...
53 | Thu Apr 13 04:32:52 AM UTC 2023 - INFO: create "/etc/systemd/system/orareboot.service" on tim-oravm-vm01
54 | Thu Apr 13 04:32:53 AM UTC 2023 - INFO: "sudo systemctl daemon-reload" on tim-oravm-vm01
55 | Thu Apr 13 04:32:54 AM UTC 2023 - INFO: "sudo systemctl enable orareboot.service" on tim-oravm-vm01
56 | Thu Apr 13 04:32:54 AM UTC 2023 - INFO: "sudo systemctl enable waagent" on tim-oravm-vm01
57 | Thu Apr 13 04:32:55 AM UTC 2023 - INFO: "sudo systemctl start waagent" on tim-oravm-vm01
58 | Thu Apr 13 04:32:55 AM UTC 2023 - INFO: az backup protection enable-for-vm tim-oravm-vm01...
59 | Thu Apr 13 04:33:36 AM UTC 2023 - INFO: useradd -g backupdba azbackup on tim-oravm-vm01...
60 | Thu Apr 13 04:33:36 AM UTC 2023 - INFO: setup Azure VM Backup within Oracle database on tim-oravm-vm01...
61 | Thu Apr 13 04:33:38 AM UTC 2023 - INFO: copy new workload.conf file to tim-oravm-vm01...
62 | Thu Apr 13 04:33:40 AM UTC 2023 - INFO: pausing for 60 seconds before initiating first backup on tim-oravm-vm01...
63 | Thu Apr 13 04:34:40 AM UTC 2023 - INFO: az backup protection backup-now tim-oravm-vm01...
64 | Thu Apr 13 04:34:47 AM UTC 2023 - INFO: reset LVM2 info in /etc/default/grub configuration file...
65 | Thu Apr 13 04:34:49 AM UTC 2023 - INFO: using dracut to regenerate initramfs...
66 | Thu Apr 13 04:35:10 AM UTC 2023 - INFO: recreate grub2 configuration file...
67 | Thu Apr 13 04:35:13 AM UTC 2023 - INFO: stop Oracle listener and database...
68 | Thu Apr 13 04:35:39 AM UTC 2023 - INFO: reboot...
69 | Thu Apr 13 04:36:21 AM UTC 2023 - INFO: pause for 30 seconds...
70 | Thu Apr 13 04:36:51 AM UTC 2023 - INFO: restart Oracle listener and database...
71 | Thu Apr 13 04:38:27 AM UTC 2023 - INFO: completed successfully!
72 |
--------------------------------------------------------------------------------