├── .gitignore ├── LICENSE ├── README.md ├── _docs ├── multiple_availability_domain_ha_topology.png └── single_availability_domain_ha_topology.png ├── datasources.tf ├── env-vars ├── main.tf ├── modules ├── bastion │ ├── bastion.outputs.tf │ ├── bastion.tf │ └── bastion.vars.tf ├── compute │ ├── compute.blockvolume.tf │ ├── compute.data.tf │ ├── compute.outputs.tf │ ├── compute.rsync-remote-exec.tf │ ├── compute.tf │ ├── compute.variables.tf │ ├── fss.tf │ └── userdata │ │ ├── bootstrap.tpl │ │ └── rsync.sh ├── dbsystem │ ├── db.datasources.tf │ ├── db.dbsystem.tf │ └── db.variables.tf ├── loadbalancer │ ├── lb.tf │ └── lb.variables.tf └── network │ ├── subnets │ ├── subnets.outputs.tf │ ├── subnets.tf │ └── subnets.variables.tf │ └── vcn │ ├── vcn.data.tf │ ├── vcn.outputs.tf │ ├── vcn.tf │ └── vcn.vars.tf ├── outputs.tf ├── pack.sh ├── provider.tf ├── schema.yaml ├── terraform.tfvars.template └── variables.tf /.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2018-2020 Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0 4 | 5 | Subject to the condition set forth below, permission is hereby granted to any 6 | person obtaining a copy of this software, associated documentation and/or data 7 | (collectively the "Software"), free of charge and under any and all copyright 8 | rights in the Software, and any and all patent rights owned or freely 9 | licensable by each licensor hereunder covering either (i) the unmodified 10 | Software as contributed to or provided by such licensor, or (ii) the Larger 11 | Works (as defined below), to deal in both 12 | 13 | (a) the Software, and 14 | (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if 15 | one is included with the Software (each a "Larger Work" to which the Software 16 | is contributed by such licensors), 17 | 18 | without restriction, including without limitation the rights to copy, create 19 | derivative works of, display, perform, and distribute the Software and make, 20 | use, sell, offer for sale, import, export, have made, and have sold the 21 | Software and the Larger Work(s), and to sublicense the foregoing rights on 22 | either these or other terms. 23 | 24 | This license is subject to the following condition: 25 | The above copyright notice and either this complete permission notice or at 26 | a minimum a reference to the UPL must be included in all copies or 27 | substantial portions of the Software. 28 | 29 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 30 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 31 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 32 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 33 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 34 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 35 | SOFTWARE. 36 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # **Terraform modules for Oracle E-Business Suite on Oracle Cloud Infrastructure** 2 | [![Deploy to Oracle Cloud][magic_button]][magic_ebs_stack] 3 | 4 | The Terraform modules for Oracle E-Business Suite allow you to provision infrastructure for Oracle E-Business Suite on Oracle Cloud Infrastructure using OCI Resource Manager and Terraform. Oracle E-Business suite can be deployed on Oracle Cloud Infrastructure in single availability domain or multi availability domain architecture.The modules can be used to create infrastructure for Oracle E-Business Suite in single Availability Domain as well as multiple Availability Domains. 5 | 6 | ### **Architecture for Deploying Oracle E-Business Suite in a Single Availability domain** 7 | ![Architecture for Deploying Oracle E-Business Suite in a Single Availability domain](./_docs/single_availability_domain_ha_topology.png) 8 | 9 | ### **Architecture for Deploying Oracle E-Business Suite in multiple Availability domains** 10 | ![Architecture for Deploying Oracle E-Business Suite in Multiple Availability domains](./_docs/multiple_availability_domain_ha_topology.png) 11 | 12 | For more information on Oracle E-Business Suite deployment architecture on Oracle Cloud Infrastructure, see 13 | - [Architecture for Deploying Oracle E-Business Suite in a Single Availability domain](https://docs.oracle.com/en/solutions/deploy-ebusiness-suite-oci/index.html#GUID-1F8ACA7B-C147-446F-A4A4-AD70E4ECCA66) 14 | - [Architecture for Deploying Oracle E-Business Suite in Multiple Availability domains](https://docs.oracle.com/en/solutions/deploy-ebusiness-suite-oci/index.html#GUID-43B8797E-A2BD-4CA2-A4A9-0E19DB15DA3B) 15 | ## **How to use this module** 16 | 17 | ### **Using OCI Resource Manager** 18 | 1. Click [![Deploy to Oracle Cloud][magic_button]][magic_ebs_stack] 19 | 20 | If you aren't already signed in, when prompted, enter the tenancy and user credentials. 21 | 22 | 2. Review and accept the terms and conditions. 23 | 24 | 3. Select the region where you want to deploy the stack. 25 | 26 | 4. Follow the on-screen prompts and instructions to create the stack. 27 | 28 | 5. After creating the stack, click Terraform Actions, and select Plan. 29 | 30 | 6. Wait for the job to be completed, and review the plan. 31 | 32 | To make any changes, return to the Stack Details page, click Edit Stack, and make the required changes. Then, run the Plan action again. 33 | 34 | 7. If no further changes are necessary, return to the Stack Details page, click Terraform Actions, and select Apply. 35 | 36 | ### **Using Terraform CLI** 37 | First off you'll need to do some pre deploy setup. That's all detailed [here](https://github.com/oracle-quickstart/oci-prerequisites). 38 | A terraform version of 0.13.x is required. 39 | 40 | 1.Clone the repo 41 | ``` 42 | $ git clone https://github.com/oracle-quickstart/oci-ebs.git 43 | $ cd oci-ebs 44 | ``` 45 | 2.Update **env-vars** with the required information. The file contains definitions of environment variables for your Oracle Cloud Infrastructure tenancy. 46 | 47 | 3.Rename **terraform.tfvars.template** to **terraform.tfvars**.Update **terraform.tfvars** with the inputs for the architecture that you want to build. A running sample terraform.tfvars file for multiple availability domain architecture is available below. The contents of sample file can be copied to create a running terraform.tfvars input file. Update db_admin_password with actual password in terraform.tfvars file. 48 | 49 | 4.Initialize Terraform. This will also download the latest terraform oci provider. 50 | 51 | ``` 52 | $ terraform init 53 | ``` 54 | 5.Set environment variables by running source **env-vars**. 55 | 56 | ``` 57 | $ source env-vars 58 | ``` 59 | 60 | 6.Run terraform plan. 61 | 62 | ``` 63 | $ terraform plan 64 | ``` 65 | 66 | 7.Run terraform apply to create the infrastructure. 67 | 68 | ``` 69 | $ terraform apply 70 | ``` 71 | 72 | When you’re prompted to confirm the action, enter **yes**. 73 | 74 | When all components have been created, Terraform displays a completion message. For example: Apply complete! Resources: 47 added, 0 changed, 0 destroyed. 75 | 76 | 77 | 8.f you want to delete the infrastructure, run: 78 | 79 | ``` 80 | $ terraform destroy 81 | ``` 82 | 83 | When you’re prompted to confirm the action, enter **yes**. 84 | 85 | ## **Oracle E-Business Suite Terraform modules structure** 86 | 87 | Terraform modules for Oracle E-Business Suite has the following structure: 88 | 89 | ``` 90 | . 91 | ├── datasources.tf 92 | ├── _docs 93 | │   ├── multiple_availability_domain_ha_topology.png 94 | │   └── single_availability_domain_ha_topology.png 95 | ├── env-vars 96 | ├── LICENSE.txt 97 | ├── main.tf 98 | ├── modules 99 | │   ├── bastion 100 | │   │   ├── bastion.outputs.tf 101 | │   │   ├── bastion.tf 102 | │   │   └── bastion.vars.tf 103 | │   ├── compute 104 | │   │   ├── compute.blockvolume.tf 105 | │   │   ├── compute.data.tf 106 | │   │   ├── compute.outputs.tf 107 | │   │   ├── compute.rsync-remote-exec.tf 108 | │   │   ├── compute.tf 109 | │   │   ├── compute.variables.tf 110 | │   │   ├── fss.tf 111 | │   │   └── userdata 112 | │   │   ├── bootstrap.tpl 113 | │   │   └── rsync.sh 114 | │   ├── dbsystem 115 | │   │   ├── db.datasources.tf 116 | │   │   ├── db.dbsystem.tf 117 | │   │   └── db.variables.tf 118 | │   ├── loadbalancer 119 | │   │   ├── lb.tf 120 | │   │   └── lb.variables.tf 121 | │   └── network 122 | │   ├── subnets 123 | │   │   ├── subnets.outputs.tf 124 | │   │   ├── subnets.tf 125 | │   │   └── subnets.variables.tf 126 | │   └── vcn 127 | │   ├── vcn.data.tf 128 | │   ├── vcn.outputs.tf 129 | │   ├── vcn.tf 130 | │   └── vcn.vars.tf 131 | ├── outputs.tf 132 | ├── pack.sh 133 | ├── provider.tf 134 | ├── README.md 135 | ├── schema.yaml 136 | ├── terraform.tfvars.template 137 | └── variables.tf 138 | 139 | 10 directories, 37 files 140 | 141 | ``` 142 | 143 | - [**root**]: 144 | - [env-vars]: This is an environment file to set terraform environment variables on UNIX systems. 145 | - [datasources.tf]: This is terraform data source file to fetch data for Oracle Cloud Infrastructure resources. 146 | - [main.tf]: At root level, main.tf calls different modules to create Oracle Cloud Infrastructure resources. 147 | - [outputs.tf]: This is the terraform outputs file. 148 | - [provider.tf]: This is the terraform provider file that defines the provider (Oracle Cloud Infrastructure) and authentication information. 149 | - [variables.tf]: This is the terraform variables file to declare variables. 150 | - [terraform.tfvars.template]: This is a sample input file to pass values to declared variables. 151 | 152 | - [**modules**]: The modules directory contain all the modules required for creating Oracle Cloud Infrastructure resources. 153 | - [bastion]: This module is used to create bastion hosts. 154 | - [compute]: This module is used to create unix and windows compute instances. 155 | - [dbsystem]: This module is used to create Oracle Cloud Infrastructure database system. 156 | - [loadbalancer]: This module is used to create Oracle Cloud Infrastructure load Balancing service. 157 | - [network]: This module is used to create network resources like VCN (Virtual Cloud Network),subnets, internet gateway, service gateway, dynamic routing gateway and NAT (network Address Translation) gateway. 158 | - [vcn]: This sub module creates the VCN, internet gateway, service gateway, dynamic routing gateway and NAT gateway. 159 | - [subnets]: This sub module creates the subnets within a VCN. 160 | 161 | - [**pack.sh**]: Create zip package for Resource Manager Stack. 162 | 163 | ## **Inputs required in the terraform.tfvars file** 164 | 165 | The following inputs are required for terraform modules: 166 | 167 | | Argument | Description | 168 | | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | 169 | | AD | Availability Domain for Oracle E-Business Suite Deployment. This variable drives the Oracle E-Business Suite architecture to be deployed. Setting AD = ["1"] deploys infrastructure in single availability domain (Availabilty domain 1 of the tenancy) and AD = ["1","2"] deploys infrastructure in multiple ADs (Availability domains 1 and 2 of the tenancy). | 170 | | vcn_cidr | CIDR block of the VCN (Virtual Cloud Network) to be created. | 171 | | vcn_dns_label | DNS Label of the VCN (Virtual Cloud Network) to be created. | 172 | | linux_os_version | Operating system version of Oracle Linux for compute instances. The terraform module for compute instances always pick up the latest image available for the chosen Oracle Linux version in the region. | 173 | | timezone | Timezone of compute instances and database systems. | 174 | | freeform_tags | Freeform tag for resource. | 175 | | ebs_env_prefix | Environment prefix to define names of Oracle Cloud infrastructure resources. | 176 | ebs_app_instance_count | Number of Oracle E-Business suite application instances to be created. For single availability domain architecture, the application instances will be provisioned in round robin fashion across multiple fault domains. For multiple availability domain architecture, application instances will be provisioned in round robin fashion across fault domains and availability domains| 177 | | ebs_app_instance_shape | Shape of application instance. For more information on available shapes, see [VM Shapes](https://docs.cloud.oracle.com/iaas/Content/Compute/References/computeshapes.htm?TocPath=Services#vmshapes) | 178 | | ebs_app_boot_volume_size_in_gb | Size of boot volume in gb for application compute instance.| 179 | | ebs_app_block_volume_size_in_gb | Size of block volume in gb for application compute instance.| 180 | | ebs_app_block_volume_vpus_per_gb | Block volume VPUs per GB. | 181 | | ebs_app_block_volume_mount_path | Mount path for Oracle E-Business Suite application non shared filesystem. For example /u02.| 182 | | ebs_app_instance_listen_port | Port on which Oracle E-Business Suite application instance will listen and receive requests from Oracle Cloud Infrastructure Load Balancing Service.| 183 | | ebs_shared_filesystem_mount_path | Mount path for Oracle E-Business Suite application shared filesystem. For example /u01/install/APPS.| 184 | | ebs_shared_filesystem_size_limit_in_gb | Soft upper limit for Oracle E-Business Suite application filesystem. This value is defined just to set an upper soft size limit visible to Oracle E-Business Installation tools. It does not restrict storage size of File Storage Service. | 185 | | ebs_database_required | Whether to create database. The value can be “true” or “false”| 186 | | db_edition | Edition of database. 187 | | db_license_model | Licensing model for database.| 188 | | db_version | Version of database. | 189 | | db_node_count | Number of database nodes. For single instance database, this parameter should be 1 and for Real Application Cluster Database, this parameter should be set to 2. | 190 | | db_instance_shape | Shape of Database nodes. For RAC, the minimum required shape is VMStandard2.1. | 191 | | db_name | Name of Database Container. | 192 | | db_size_in_gb | Size of database in gb. For more information, see [Oracle Cloud Infrastructure Images](https://docs.cloud.oracle.com/iaas/images/) | 193 | | db_admin_password | Database administration password (sys password). | 194 | | db_characterset | Characterset of database. | 195 | | db_nls_characterset | National Characterset of database. | 196 | | db_pdb_name | Starter Pluggable database name. 197 | | load_balancer_private | Whether public or private load balancer. | 198 | | load_balancer_hostname | Hostname of the load balancer.| 199 | | load_balancer_shape | Shape of the load balancer. | 200 | | load_balancer_listen_port | Listen port of the load balancer. | 201 | 202 | ##### **Sample terraform.tfvars file to create Oracle E-Business Suite infrastructure in multiple availability domain architecture** 203 | 204 | ```hcl 205 | # AD (Availability Domain to use for creating EBS infrastructure) 206 | # For single AD regions (ap-seoul-1, ap-tokyo-1, ca-toronto-1), use AD = ["1"] 207 | AD = ["1","2"] 208 | 209 | # CIDR block of VCN to be created 210 | vcn_cidr = "172.16.0.0/16" 211 | 212 | # DNS label of VCN to be created 213 | vcn_dns_label = "ebsvcn" 214 | 215 | # Operating system version to be used for application instances. e.g 6.10 or 7.6 216 | linux_os_version = "7.8" 217 | 218 | # Timezone of compute instance 219 | timezone = "America/New_York" 220 | 221 | # Environment prefix to define name of resources 222 | ebs_env_prefix = "prd" 223 | 224 | # Freeform tags 225 | freeform_tags = { environment = "prod", costcenter = "10240" } 226 | 227 | # Number of application instances to be created 228 | ebs_app_instance_count = "2" 229 | 230 | # Shape of app instance 231 | ebs_app_instance_shape = "VM.Standard2.1" 232 | 233 | # Boot volume size 234 | ebs_app_boot_volume_size_in_gb = "100" 235 | 236 | # Block volume size 237 | ebs_app_block_volume_size_in_gb = "100" 238 | 239 | # Block volume performance 240 | ebs_app_block_volume_vpus_per_gb = "0" 241 | 242 | # Mount path for local application filesystem 243 | ebs_app_block_volume_mount_path = "/u02" 244 | 245 | # Listen port of the application instance 246 | ebs_app_instance_listen_port = "8000" 247 | 248 | # Mount path for shared application filesystem 249 | ebs_shared_filesystem_mount_path = "/u01/install/APPS" 250 | 251 | # Shared application filesystem size limit 252 | ebs_shared_filesystem_size_limit_in_gb = "500" 253 | 254 | # Whether database is required to be created 255 | ebs_database_required = true 256 | 257 | # Datbase Edition 258 | db_edition = "ENTERPRISE_EDITION_EXTREME_PERFORMANCE" 259 | 260 | # Licensing model for database 261 | db_license_model = "LICENSE_INCLUDED" 262 | 263 | # Database version 264 | db_version = "12.1.0.2" 265 | 266 | # Number of database nodes 267 | db_node_count = "2" 268 | 269 | # Shape of Database nodes 270 | db_instance_shape = "VM.Standard2.2" 271 | 272 | # Database name 273 | db_name = "EBSCDB" 274 | 275 | # Size of Database 276 | db_size_in_gb = "256" 277 | 278 | # Database administration (sys) password 279 | db_admin_password = "" 280 | 281 | # Characterset of database 282 | db_characterset = "AL32UTF8" 283 | 284 | # National Characterset of database 285 | db_nls_characterset = "AL16UTF16" 286 | 287 | # Pluggable database name 288 | db_pdb_name = "DUMMYPDB" 289 | 290 | # Whether private Load Balancer 291 | load_balancer_private = true 292 | 293 | # Hostname of Load Balancer 294 | load_balancer_hostname = "ebs.example.com" 295 | 296 | # Shape of Load Balancer 297 | load_balancer_shape = "100Mbps" 298 | 299 | # Listen port of load balancer 300 | load_balancer_listen_port = "80" 301 | ``` 302 | 303 | If you want to deploy Oracle E-Business Suite on Oracle Cloud Infrastructure in single availability domain architecture, set AD variable to one of the availability domain i.e. 1, 2 or 3. 304 | 305 | ```hcl 306 | AD = ["1"] 307 | ``` 308 | 309 | ## **Information about Oracle Cloud Infrastructure resources built by Terraform modules for Oracle E-Business Suite** 310 | 311 | * The terraform modules creates vcn with regional subnets for each tier. The subnet for bastion host is a public subnet, the subnet for database and application tier is a private subnet. The subnet for load balancer tier is either private or public depending on whether "load_balancer_private" input variable is True or False. When set to True, the subnet for Load balancer is private and when set to False, the subnet for Load balancer is public. 312 | 313 | * It is recommended to use shared filesystem for Oracle E-Business Suite multi tier configuration. The Terraform modules create File Storage service filesystem for single as well as multiple availability domain architecture. For a single availability domain architecture, a single filesystem is created. For multiple availability domain architecture, two such file systems are created, one in each availabilty domain. In addition to shared FSS filesystem, the terraform code also creates a block volume on each application compute node for any non shared application files. 314 | 315 | * The shared FSS filesystems can be synchronized by an rsync script in cron. The rsync snchronization script is placed in cron of root user and is commented by default. The script can be enabled to synchornize fileystems after implemenation of Oracle E-Business Suite. 316 | 317 | ``` 318 | # Credits to lucas.gomes@oracle.com 319 | # crontab -l 320 | */30 * * * * /usr/bin/flock -n /var/run/fss-sync-up-file-system.lck rsync -aHAXxv --numeric-ids --delete /u01/install/APPS/ /u01/install/APPSDR/ 321 | 322 | # cat /etc/cron.d/fss-sync-up-file-system 323 | */30 * * * * /usr/bin/flock -n /var/run/fss-sync-up-file-system.lck rsync -aHAXxv --numeric-ids --delete /u01/install/APPS /u01/install/APPSDR 324 | ``` 325 | 326 | * The Terraform modules provide option to create private as well as public load balancer using "load_balancer_private" input parameter. When set to True, a private load balancer is created and when set to False, a public load balancer is created.The backend set of each load balancer has application servers added to it. 327 | 328 | * Separate pairs of SSH keys can be used for bastion host and rest of the compute infrastructure resources. It is also possible to use the same key. In that case, same key is required as input to instance and bastion instance variables in env-vars. 329 | 330 | For example, 331 | ``` 332 | ### Public key used on the instance 333 | export TF_VAR_ssh_public_key=/home/oracle/tf/ 334 | 335 | ### Public key used on the bastion instance 336 | export TF_VAR_bastion_ssh_public_key=/home/oracle/tf/ 337 | ``` 338 | For terraform installations on Unix systems, the private half of SSH key pairs should be in OpenSSH format. The instances in private subnet can be reached via SSH on port 22 by allowing agent forwarding in Putty and using Putty authentication tool like Pageant. Note that this does not require copying private SSH key for instances to bastion host. 339 | 340 | * The terraform modules ensure that application instances are deployed across different Fault Domains (in round-robin fashion) within an availability domain. Fault Domains protect against unexpected hardware failures and against planned outages due to compute hardware maintenance. For Real application clusters database also, each node of cluster is deployed in a separate Fault domain. 341 | 342 | * The terraform modules expose timezone variable which can be used to set timezone of provisioned compute instances and database systems. 343 | 344 | * The Terraform modules always use latest Oracle Linux image for the chosen operating system for provisioning compute instances. There are chances that minor version of operating system gets upgraded and a new image gets published in Oracle Cloud Infrastructure console. In that case, always check the available version of image from oracle Cloud Infrastructure compute console to input this value. For example, if Oracle Linux version is changed from version 7.5 to 7.6, change the value of input variable "linux_os_version" from 7.5 to 7.6. 345 | 346 | * For multi availability domain architecture, the standby database is built using OCI native dataguard association. The standby database is built in second availability configured in input parameter "AD" 347 | 348 | * The terraform version has been locked to >=0.12 and Oracle Cloud Infrastructure provider version has been locked to 3.93.0 in provider.tf file. To use a version higher than these versions, change the values in the provider.tf file. The terraform modules may require changes for a successful run with a new terraform and Oracle Cloud Infrastructure provider version. 349 | 350 | 351 | ## **Cloud-init template for application servers** 352 | 353 | Following is the cloud-init template used to install Oracle E-Business Suite prerequisite RPMs and mount shared file systems on application servers: 354 | 355 | ```yaml 356 | #cloud-config 357 | timezone: "${timezone}" 358 | 359 | packages: 360 | - rsync 361 | - nfs-utils 362 | - ntp 363 | - oracle-ebs-server-R12-preinstall 364 | - fss-parallel-tools.x86_64 365 | 366 | runcmd: 367 | - sudo mkdir -p ${src_mount_path} 368 | - sudo mount ${src_mount_target_private_ip}:${src_export_path} ${src_mount_path} 369 | - sudo chown oracle:oinstall ${src_mount_path} 370 | - echo ${src_mount_target_private_ip}:${src_export_path} ${src_mount_path} nfs tcp,vers=3 >> /etc/fstab 371 | # Run firewall command to enable to open ports 372 | - firewall-offline-cmd --port=${app_instance_listen_port}:tcp 373 | - firewall-offline-cmd --port=7001:tcp 374 | - firewall-offline-cmd --port=7002:tcp 375 | - firewall-offline-cmd --port=7201:tcp 376 | - firewall-offline-cmd --port=7202:tcp 377 | - firewall-offline-cmd --port=7401:tcp 378 | - firewall-offline-cmd --port=7402:tcp 379 | - firewall-offline-cmd --port=7601:tcp 380 | - firewall-offline-cmd --port=7602:tcp 381 | - /bin/systemctl restart firewalld 382 | ``` 383 | 384 | ## **Unix bash commands to configure rsync on application servers** 385 | 386 | These are the unix commands run to enable rsync across Oracle E-Business Suite application servers. 387 | 388 | ``` 389 | #Copyright © 2020, Oracle and/or its affiliates. 390 | 391 | #The Universal Permissive License (UPL), Version 1.0 392 | 393 | 394 | #/bin/bash 395 | sudo mkdir -p ${dst_mount_path} 396 | sudo mount ${dst_mount_target_private_ip}:${dst_export_path} ${dst_mount_path} 397 | sudo chown oracle:oinstall ${dst_mount_path} 398 | sudo crontab /etc/cron.d/fss-sync-up-file-system 399 | echo '${dst_mount_target_private_ip}:${dst_export_path} ${dst_mount_path} nfs tcp,vers=3' | sudo tee -a /etc/fstab 400 | echo '#${fss_sync_frequency} /usr/bin/flock -n /var/run/fss-sync-up-file-system.lck rsync -aHAXxv --numeric-ids --delete ${src_mount_path} ${dst_mount_path}' | sudo tee -a /etc/cron.d/fss-sync-up-file-system 401 | touch /tmp/rsync.done 402 | ``` 403 | [magic_button]: https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg 404 | [magic_ebs_stack]: https://console.us-ashburn-1.oraclecloud.com/resourcemanager/stacks/create?region=home&zipUrl=https://github.com/oracle-quickstart/oci-ebs/archive/master.zip 405 | -------------------------------------------------------------------------------- /_docs/multiple_availability_domain_ha_topology.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle-quickstart/oci-ebs/02703507dc9b8ce760340e2bcc68a2b28f253f2b/_docs/multiple_availability_domain_ha_topology.png -------------------------------------------------------------------------------- /_docs/single_availability_domain_ha_topology.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle-quickstart/oci-ebs/02703507dc9b8ce760340e2bcc68a2b28f253f2b/_docs/single_availability_domain_ha_topology.png -------------------------------------------------------------------------------- /datasources.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # Get list of Availability Domains 6 | data "oci_identity_availability_domains" "ADs" { 7 | compartment_id = var.tenancy_ocid 8 | } 9 | 10 | # Get name of Availability Domains 11 | data "template_file" "deployment_ad" { 12 | count = length(var.AD) 13 | template = data.oci_identity_availability_domains.ADs.availability_domains[var.AD[count.index] - 1]["name"] 14 | } 15 | 16 | # Get list of Fault Domains 17 | data "oci_identity_fault_domains" "fds" { 18 | count = length(var.AD) 19 | availability_domain = element(data.template_file.deployment_ad.*.rendered, count.index) 20 | compartment_id = var.compartment_ocid 21 | } 22 | 23 | locals { 24 | fds = flatten(concat(data.oci_identity_fault_domains.fds.*.fault_domains)) 25 | faultdomains_per_ad = 3 26 | } 27 | 28 | # Get name of Fault Domains 29 | data "template_file" "deployment_fd" { 30 | template = "$${name}" 31 | count = length(var.AD) * local.faultdomains_per_ad 32 | vars = { 33 | name = local.fds[count.index]["name"] 34 | } 35 | } 36 | 37 | # Get latest Oracle Linux image 38 | data "oci_core_images" "InstanceImageOCID" { 39 | compartment_id = var.tenancy_ocid 40 | operating_system = var.InstanceOS 41 | operating_system_version = var.linux_os_version 42 | sort_by = "TIMECREATED" 43 | sort_order = "DESC" 44 | state = "AVAILABLE" 45 | filter { 46 | name = "display_name" 47 | values = ["^.*Oracle[^G]*$"] 48 | regex = true 49 | } 50 | } 51 | 52 | # Get swift object storage name for Service Gateway 53 | data "oci_core_services" "svcgtw_services" { 54 | filter { 55 | name = "name" 56 | values = [".*Oracle.*Services*"] 57 | regex = true 58 | } 59 | } 60 | 61 | -------------------------------------------------------------------------------- /env-vars: -------------------------------------------------------------------------------- 1 | # Copyright © 2020, Oracle and/or its affiliates. 2 | # The Universal Permissive License (UPL), Version 1.0 3 | 4 | ### Authentication details 5 | export TF_VAR_tenancy_ocid="" 6 | export TF_VAR_user_ocid="" 7 | export TF_VAR_fingerprint="" 8 | export TF_VAR_private_key_path="" 9 | # 10 | #### Region 11 | export TF_VAR_region="" 12 | # 13 | #### Compartment 14 | export TF_VAR_compartment_ocid="" 15 | # 16 | #### Public key used on the bastion host 17 | export TF_VAR_ssh_public_key=$(cat ) 18 | 19 | # 20 | #### Public key used on the compute and database instance 21 | export TF_VAR_ssh_public_key=$(cat ) -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | locals { 6 | // VCN is /16 7 | vcn_subnet_cidr_offset = 8 8 | bastion_subnet_prefix = cidrsubnet(var.vcn_cidr, local.vcn_subnet_cidr_offset, 0) 9 | lb_subnet_prefix = cidrsubnet(var.vcn_cidr, local.vcn_subnet_cidr_offset, 1) 10 | app_subnet_prefix = cidrsubnet(var.vcn_cidr, local.vcn_subnet_cidr_offset, 2) 11 | db_subnet_prefix = cidrsubnet(var.vcn_cidr, local.vcn_subnet_cidr_offset, 3) 12 | } 13 | 14 | resource "tls_private_key" "key" { 15 | algorithm = "RSA" 16 | rsa_bits = 4096 17 | } 18 | 19 | # Create Virtual Cloud Network (VCN) 20 | module "create_vcn" { 21 | source = "./modules/network/vcn" 22 | 23 | compartment_ocid = var.compartment_ocid 24 | vcn_cidr = var.vcn_cidr 25 | vcn_dns_label = var.vcn_dns_label 26 | ebs_app_instance_listen_port = var.ebs_app_instance_listen_port 27 | load_balancer_listen_port = var.load_balancer_listen_port 28 | freeform_tags = var.freeform_tags 29 | } 30 | 31 | # Create bastion host subnet 32 | module "bastion_subnet" { 33 | source = "./modules/network/subnets" 34 | 35 | compartment_ocid = var.compartment_ocid 36 | vcn_id = module.create_vcn.vcnid 37 | vcn_subnet_cidr = local.bastion_subnet_prefix 38 | dns_label = "bassubnet" 39 | dhcp_options_id = module.create_vcn.default_dhcp_id 40 | route_table_id = module.create_vcn.publicrt_id 41 | security_list_ids = [module.create_vcn.bastionseclist_id] 42 | private_subnet = false 43 | freeform_tags = var.freeform_tags 44 | } 45 | 46 | # Create Load balancer subnet 47 | module "lb_subnet" { 48 | source = "./modules/network/subnets" 49 | 50 | compartment_ocid = var.compartment_ocid 51 | vcn_id = module.create_vcn.vcnid 52 | vcn_subnet_cidr = local.lb_subnet_prefix 53 | dns_label = "lbsubnet" 54 | dhcp_options_id = module.create_vcn.default_dhcp_id 55 | route_table_id = module.create_vcn.privatert_id 56 | security_list_ids = [module.create_vcn.lbseclist_id] 57 | private_subnet = var.load_balancer_private 58 | freeform_tags = var.freeform_tags 59 | } 60 | 61 | # Create Application subnet 62 | module "app_subnet" { 63 | source = "./modules/network/subnets" 64 | 65 | compartment_ocid = var.compartment_ocid 66 | vcn_id = module.create_vcn.vcnid 67 | vcn_subnet_cidr = local.app_subnet_prefix 68 | dns_label = "appsubnet" 69 | dhcp_options_id = module.create_vcn.default_dhcp_id 70 | route_table_id = module.create_vcn.privatert_id 71 | security_list_ids = [module.create_vcn.appseclist_id] 72 | private_subnet = true 73 | freeform_tags = var.freeform_tags 74 | } 75 | 76 | # Create Database system subnet 77 | module "db_subnet" { 78 | source = "./modules/network/subnets" 79 | 80 | compartment_ocid = var.compartment_ocid 81 | vcn_id = module.create_vcn.vcnid 82 | vcn_subnet_cidr = local.db_subnet_prefix 83 | dns_label = "dbsubnet" 84 | dhcp_options_id = module.create_vcn.default_dhcp_id 85 | route_table_id = module.create_vcn.privatert_id 86 | security_list_ids = [module.create_vcn.dbseclist_id] 87 | private_subnet = true 88 | freeform_tags = var.freeform_tags 89 | } 90 | 91 | # Create bastion host 92 | module "create_bastion" { 93 | source = "./modules/bastion" 94 | 95 | compartment_ocid = var.compartment_ocid 96 | availability_domain = data.template_file.deployment_ad.*.rendered 97 | fault_domain = sort(data.template_file.deployment_fd.*.rendered) 98 | bastion_hostname_prefix = "${var.ebs_env_prefix}bas${substr(var.region, 3, 3)}" 99 | bastion_image = data.oci_core_images.InstanceImageOCID.images[0].id 100 | bastion_instance_shape = var.bastion_instance_shape 101 | bastion_subnet = module.bastion_subnet.subnetid 102 | bastion_ssh_public_key = var.bastion_ssh_public_key != "" ? "${var.bastion_ssh_public_key}\n${tls_private_key.key.public_key_openssh}" : "${var.ssh_public_key}\n${tls_private_key.key.public_key_openssh}" 103 | freeform_tags = var.freeform_tags 104 | } 105 | 106 | # Create Application server 107 | module "create_app" { 108 | source = "./modules/compute" 109 | 110 | compartment_ocid = var.compartment_ocid 111 | availability_domain = data.template_file.deployment_ad.*.rendered 112 | fault_domain = sort(data.template_file.deployment_fd.*.rendered) 113 | compute_instance_count = var.ebs_app_instance_count 114 | compute_hostname_prefix = "${var.ebs_env_prefix}app${substr(var.region, 3, 3)}" 115 | compute_image = data.oci_core_images.InstanceImageOCID.images[0].id 116 | compute_instance_shape = var.ebs_app_instance_shape 117 | compute_subnet = module.app_subnet.subnetid 118 | compute_ssh_public_key = "${var.ssh_public_key}\n${tls_private_key.key.public_key_openssh}" 119 | compute_ssh_private_key = tls_private_key.key.private_key_pem 120 | bastion_ssh_private_key = tls_private_key.key.private_key_pem 121 | bastion_public_ip = module.create_bastion.Bastion_Public_IPs[0] 122 | compute_instance_listen_port = var.ebs_app_instance_listen_port 123 | fss_instance_prefix = "${var.ebs_env_prefix}fss${substr(var.region, 3, 3)}" 124 | fss_subnet = module.app_subnet.subnetid 125 | fss_primary_mount_path = var.ebs_shared_filesystem_mount_path 126 | fss_limit_size_in_gb = var.ebs_shared_filesystem_size_limit_in_gb 127 | app_bv_mount_path = var.ebs_app_block_volume_mount_path 128 | compute_instance_user = var.compute_instance_user 129 | bastion_user = var.bastion_user 130 | compute_boot_volume_size_in_gb = var.ebs_app_boot_volume_size_in_gb 131 | compute_block_volume_size_in_gb = var.ebs_app_block_volume_size_in_gb 132 | compute_block_volume_vpus_per_gb = var.ebs_app_block_volume_vpus_per_gb 133 | timezone = var.timezone 134 | freeform_tags = var.freeform_tags 135 | } 136 | 137 | # Create Database system 138 | module "create_db" { 139 | source = "./modules/dbsystem" 140 | 141 | compartment_ocid = var.compartment_ocid 142 | availability_domain = data.template_file.deployment_ad.*.rendered 143 | fault_domain = distinct(sort(data.template_file.deployment_fd.*.rendered)) 144 | db_edition = var.db_edition 145 | db_instance_count = var.ebs_database_required == true ? 1 : 0 146 | db_instance_shape = var.db_instance_shape 147 | db_node_count = var.db_node_count 148 | db_hostname_prefix = "${var.ebs_env_prefix}db${substr(var.region, 3, 3)}" 149 | db_size_in_gb = var.db_size_in_gb 150 | db_autobackup_enabled = var.database_autobackup_enabled 151 | db_autobackup_recovery_window = var.database_autobackup_recovery_window 152 | db_license_model = var.db_license_model 153 | db_subnet = module.db_subnet.subnetid 154 | db_ssh_public_key = var.ssh_public_key 155 | db_admin_password = var.db_admin_password 156 | db_name = var.db_name 157 | db_characterset = var.db_characterset 158 | db_nls_characterset = var.db_nls_characterset 159 | db_version = var.db_version 160 | db_pdb_name = var.db_pdb_name 161 | timezone = var.timezone 162 | freeform_tags = var.freeform_tags 163 | } 164 | 165 | # Create Load Balancer 166 | module "create_lb" { 167 | source = "./modules/loadbalancer" 168 | 169 | compartment_ocid = var.compartment_ocid 170 | availability_domain = data.template_file.deployment_ad.*.rendered 171 | load_balancer_shape = var.load_balancer_shape 172 | load_balancer_subnet = module.lb_subnet.subnetid 173 | load_balancer_name = "${var.ebs_env_prefix}lb${substr(var.region, 3, 3)}" 174 | load_balancer_hostname = var.load_balancer_hostname 175 | load_balancer_listen_port = var.load_balancer_listen_port 176 | load_balancer_private = var.load_balancer_private 177 | compute_instance_listen_port = var.ebs_app_instance_listen_port 178 | compute_instance_count = var.ebs_app_instance_count 179 | be_ip_addresses = module.create_app.AppsPrvIPs 180 | freeform_tags = var.freeform_tags 181 | } 182 | 183 | -------------------------------------------------------------------------------- /modules/bastion/bastion.outputs.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | output "Bastion_Public_IPs" { 6 | value = oci_core_instance.bastion[*].public_ip 7 | } 8 | 9 | -------------------------------------------------------------------------------- /modules/bastion/bastion.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | resource "oci_core_instance" "bastion" { 6 | compartment_id = var.compartment_ocid 7 | count = length(var.availability_domain) 8 | availability_domain = element(var.availability_domain, count.index) 9 | display_name = "${var.bastion_hostname_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}${count.index + 1}" 10 | 11 | fault_domain = var.fault_domain[count.index] 12 | shape = var.bastion_instance_shape 13 | freeform_tags = var.freeform_tags 14 | 15 | create_vnic_details { 16 | subnet_id = var.bastion_subnet 17 | display_name = "${var.bastion_hostname_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}${count.index + 1}" 18 | assign_public_ip = true 19 | hostname_label = "${var.bastion_hostname_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}${count.index + 1}" 20 | freeform_tags = var.freeform_tags 21 | } 22 | 23 | source_details { 24 | source_type = "image" 25 | source_id = var.bastion_image 26 | boot_volume_size_in_gbs = "60" 27 | } 28 | 29 | metadata = { 30 | # ssh_authorized_keys = "${trimspace(file("${var.bastion_ssh_public_key}"))}" 31 | ssh_authorized_keys = var.bastion_ssh_public_key 32 | } 33 | 34 | lifecycle { 35 | ignore_changes = [availability_domain, fault_domain] 36 | } 37 | } 38 | 39 | -------------------------------------------------------------------------------- /modules/bastion/bastion.vars.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | variable "compartment_ocid" { 6 | description = "Compartment name" 7 | } 8 | 9 | variable "availability_domain" { 10 | description = "Availability domain" 11 | type = list(string) 12 | } 13 | 14 | variable "fault_domain" { 15 | description = "Fault Domain" 16 | type = list(string) 17 | } 18 | /* 19 | variable "AD" { 20 | description = "Availability domain" 21 | type = list(string) 22 | }*/ 23 | 24 | # Bastion host variables 25 | variable "bastion_hostname_prefix" { 26 | description = "Prefix for bastion hostname" 27 | } 28 | 29 | variable "bastion_instance_shape" { 30 | description = "Instance shape of bastion host" 31 | } 32 | 33 | variable "bastion_subnet" { 34 | description = "Subnet for Bastion host" 35 | } 36 | 37 | variable "bastion_image" { 38 | description = "Bation Operating System Image" 39 | } 40 | 41 | variable "bastion_ssh_public_key" { 42 | description = "Bastion Host SSH public key" 43 | } 44 | 45 | variable "freeform_tags" { 46 | type = map(any) 47 | default = { 48 | environment = "dev" 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /modules/compute/compute.blockvolume.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | resource "oci_core_volume" "blockvolume" { 6 | count = var.compute_instance_count 7 | availability_domain = element(var.availability_domain, count.index) 8 | compartment_id = var.compartment_ocid 9 | display_name = "${var.compute_hostname_prefix}vol${count.index + 1}" 10 | size_in_gbs = var.compute_block_volume_size_in_gb 11 | vpus_per_gb = var.compute_block_volume_vpus_per_gb 12 | freeform_tags = var.freeform_tags 13 | } 14 | 15 | resource "oci_core_volume_attachment" "blockvolume_attach" { 16 | attachment_type = "iscsi" 17 | count = var.compute_instance_count 18 | 19 | # compartment_id = "${var.compartment_ocid}" 20 | instance_id = element(oci_core_instance.compute.*.id, count.index) 21 | volume_id = element(oci_core_volume.blockvolume.*.id, count.index) 22 | 23 | 24 | provisioner "remote-exec" { 25 | connection { 26 | agent = false 27 | timeout = "30m" 28 | host = element(oci_core_instance.compute.*.private_ip, count.index) 29 | user = var.compute_instance_user 30 | 31 | # private_key = "${file("${var.compute_ssh_private_key}")}" 32 | private_key = var.compute_ssh_private_key 33 | 34 | bastion_host = var.bastion_public_ip 35 | bastion_port = "22" 36 | bastion_user = var.bastion_user 37 | bastion_private_key = var.bastion_ssh_private_key 38 | 39 | } 40 | 41 | inline = [ 42 | "sudo -s bash -c 'iscsiadm -m node -o new -T ${self.iqn} -p ${self.ipv4}:${self.port}'", 43 | "sudo -s bash -c 'iscsiadm -m node -o update -T ${self.iqn} -n node.startup -v automatic '", 44 | "sudo -s bash -c 'iscsiadm -m node -T ${self.iqn} -p ${self.ipv4}:${self.port} -l '", 45 | "sudo -s bash -c 'mkfs.ext4 -F /dev/sdb'", 46 | "sudo -s bash -c 'mkdir -p ${var.app_bv_mount_path}'", 47 | "sudo -s bash -c 'mount -t ext4 /dev/sdb ${var.app_bv_mount_path}'", 48 | "sudo -s bash -c 'echo \"/dev/sdb ${var.app_bv_mount_path} ext4 defaults,noatime,_netdev,nofail 0 2\" >> /etc/fstab'", 49 | ] 50 | } 51 | lifecycle { 52 | ignore_changes = [instance_id] 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /modules/compute/compute.data.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | locals { 6 | ebsfss_private_ips = flatten( 7 | concat(data.oci_core_private_ips.ip_mount_target.*.private_ips), 8 | ) 9 | } 10 | 11 | locals { 12 | ebsfss_exports = [ 13 | oci_file_storage_export.fss_exp.*.path, 14 | ] 15 | ebsfss_fstabs = formatlist( 16 | "%s:%s", 17 | data.template_file.ebsfss_ips.*.rendered, 18 | oci_file_storage_export.fss_exp.*.path, 19 | ) 20 | } 21 | 22 | # Get private IP of File Storage Service 23 | data "oci_core_private_ips" "ip_mount_target" { 24 | count = length(var.availability_domain) 25 | subnet_id = element( 26 | oci_file_storage_mount_target.fss_mt.*.subnet_id, 27 | count.index, 28 | ) 29 | 30 | filter { 31 | name = "id" 32 | # TF-UPGRADE-TODO: In Terraform v0.10 and earlier, it was sometimes necessary to 33 | # force an interpolation expression to be interpreted as a list by wrapping it 34 | # in an extra set of list brackets. That form was supported for compatibility in 35 | # v0.11, but is no longer supported in Terraform v0.12. 36 | # 37 | # If the expression in the following list itself returns a list, remove the 38 | # brackets to avoid interpretation as a list of lists. If the expression 39 | # returns a single list item then leave it as-is and remove this TODO comment. 40 | values = [element( 41 | flatten(oci_file_storage_mount_target.fss_mt.*.private_ip_ids), 42 | count.index, 43 | )] 44 | } 45 | } 46 | 47 | data "template_file" "ebsfss_ips" { 48 | template = "$${ip_address}" 49 | count = length(var.availability_domain) 50 | 51 | vars = { 52 | ip_address = local.ebsfss_private_ips[count.index]["ip_address"] 53 | } 54 | } 55 | 56 | # Get Filesystem details 57 | data "template_file" "bootstrap" { 58 | template = file("${path.module}/userdata/bootstrap.tpl") 59 | 60 | vars = { 61 | src_mount_path = "${var.fss_primary_mount_path}/" 62 | src_mount_target_private_ip = element(data.template_file.ebsfss_ips.*.rendered, 0) 63 | src_export_path = element(oci_file_storage_export.fss_exp.*.path, 0) 64 | app_instance_listen_port = var.compute_instance_listen_port 65 | timezone = var.timezone 66 | } 67 | } 68 | 69 | # Get rsync inputs 70 | data "template_file" "rsync" { 71 | count = local.enable_rsync ? 1 : 0 72 | template = file("${path.module}/userdata/rsync.sh") 73 | vars = { 74 | src_mount_path = "${var.fss_primary_mount_path}/" 75 | dst_export_path = element(oci_file_storage_export.fss_exp.*.path, 1) 76 | dst_mount_target_private_ip = element(data.template_file.ebsfss_ips.*.rendered, 1) 77 | dst_mount_path = "${var.fss_primary_mount_path}DR/" 78 | fss_sync_frequency = "*/30 * * * *" 79 | } 80 | } 81 | 82 | -------------------------------------------------------------------------------- /modules/compute/compute.outputs.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | output "AppsPrvIPs" { 6 | description = "Application private IPs" 7 | value = oci_core_instance.compute[*].private_ip 8 | } 9 | 10 | output "FSSFstabs" { 11 | description = "FSS /etc/fstab Entries" 12 | value = local.ebsfss_fstabs 13 | } 14 | 15 | -------------------------------------------------------------------------------- /modules/compute/compute.rsync-remote-exec.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | resource "random_integer" "rand" { 6 | min = 1000000000 7 | max = 9999999999 8 | } 9 | 10 | locals { 11 | enable_rsync = length(var.availability_domain) >= "2" ? true : false 12 | } 13 | 14 | # Enable rsync 15 | resource "null_resource" "enable_rsync" { 16 | depends_on = [ 17 | oci_core_instance.compute, 18 | oci_file_storage_export.fss_exp, 19 | ] 20 | count = local.enable_rsync ? var.compute_instance_count : 0 21 | 22 | provisioner "file" { 23 | connection { 24 | agent = false 25 | timeout = var.timeout 26 | host = oci_core_instance.compute[count.index % var.compute_instance_count].private_ip 27 | user = var.compute_instance_user 28 | private_key = var.compute_ssh_private_key 29 | 30 | bastion_host = var.bastion_public_ip 31 | bastion_user = var.bastion_user 32 | bastion_private_key = var.bastion_ssh_private_key 33 | 34 | } 35 | 36 | content = data.template_file.rsync[0].rendered 37 | destination = "${var.tmpdir}/rsync_${random_integer.rand.result}.sh" 38 | } 39 | 40 | provisioner "local-exec" { 41 | command = "sleep 120" # Wait for cloud-init to complete 42 | } 43 | 44 | provisioner "remote-exec" { 45 | connection { 46 | agent = false 47 | timeout = var.timeout 48 | host = oci_core_instance.compute[count.index % var.compute_instance_count].private_ip 49 | user = var.compute_instance_user 50 | 51 | # private_key = "${file("${var.compute_ssh_private_key}")}" 52 | private_key = var.compute_ssh_private_key 53 | 54 | bastion_host = var.bastion_public_ip 55 | bastion_user = var.bastion_user 56 | bastion_private_key = var.bastion_ssh_private_key 57 | 58 | } 59 | 60 | inline = [ 61 | "chmod +x ${var.tmpdir}/rsync_${random_integer.rand.result}.sh", 62 | "while [ ! -f ${var.tmpdir}/rsync.done ]; do ${var.tmpdir}/rsync_${random_integer.rand.result}.sh; sleep 10; done", 63 | ] 64 | } 65 | } 66 | 67 | -------------------------------------------------------------------------------- /modules/compute/compute.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | 6 | resource "oci_core_instance" "compute" { 7 | count = var.compute_instance_count 8 | availability_domain = element(var.availability_domain, count.index) 9 | display_name = "${var.compute_hostname_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}${count.index + 1}" 10 | fault_domain = element(var.fault_domain, count.index) 11 | compartment_id = var.compartment_ocid 12 | shape = var.compute_instance_shape 13 | freeform_tags = var.freeform_tags 14 | 15 | create_vnic_details { 16 | subnet_id = var.compute_subnet 17 | display_name = "${var.compute_hostname_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}${count.index + 1}" 18 | assign_public_ip = false 19 | hostname_label = "${var.compute_hostname_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}${count.index + 1}" 20 | freeform_tags = var.freeform_tags 21 | } 22 | 23 | source_details { 24 | source_type = "image" 25 | source_id = var.compute_image 26 | boot_volume_size_in_gbs = var.compute_boot_volume_size_in_gb 27 | } 28 | 29 | metadata = { 30 | #! ssh_authorized_keys = "${trimspace(file("${var.compute_ssh_public_key}"))}" 31 | ssh_authorized_keys = var.compute_ssh_public_key 32 | user_data = base64encode(data.template_file.bootstrap.rendered) 33 | } 34 | 35 | timeouts { 36 | create = var.timeout 37 | } 38 | 39 | lifecycle { 40 | ignore_changes = [availability_domain, fault_domain] 41 | } 42 | } 43 | 44 | -------------------------------------------------------------------------------- /modules/compute/compute.variables.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | variable "compartment_ocid" { 6 | description = "Compartment name" 7 | } 8 | 9 | variable "compute_instance_count" { 10 | description = "Application instance count" 11 | } 12 | 13 | variable "compute_instance_shape" { 14 | description = "Application instance shape" 15 | } 16 | 17 | variable "compute_hostname_prefix" { 18 | description = "Application hostname prefix" 19 | } 20 | 21 | variable "compute_image" { 22 | description = "OS Image" 23 | } 24 | 25 | variable "compute_ssh_private_key" { 26 | description = "SSH private key" 27 | } 28 | 29 | variable "compute_ssh_public_key" { 30 | description = "SSH public key" 31 | } 32 | 33 | variable "compute_instance_listen_port" { 34 | description = "Application instance listen port" 35 | } 36 | 37 | variable "bastion_ssh_private_key" { 38 | description = "SSH key" 39 | } 40 | 41 | variable "compute_subnet" { 42 | description = "subnet" 43 | } 44 | 45 | variable "availability_domain" { 46 | description = "Availability Domainr" 47 | type = list(string) 48 | } 49 | 50 | variable "fault_domain" { 51 | description = "Fault Domain" 52 | type = list(string) 53 | } 54 | /* 55 | variable "AD" { 56 | description = "Availability Domain number" 57 | type = list(string) 58 | }*/ 59 | 60 | variable "bastion_public_ip" { 61 | description = "Public IP of bastion instance" 62 | } 63 | 64 | variable "fss_primary_mount_path" { 65 | description = "Mountpoint for primary application servers" 66 | } 67 | 68 | variable "fss_instance_prefix" { 69 | description = "FSS instance name prefix" 70 | } 71 | 72 | variable "fss_subnet" { 73 | description = "FSS subnet" 74 | } 75 | 76 | variable "fss_limit_size_in_gb" { 77 | } 78 | 79 | variable "timeout" { 80 | description = "Timeout setting for resource creation " 81 | default = "20m" 82 | } 83 | 84 | variable "compute_instance_user" { 85 | description = "Login user for compute instance" 86 | } 87 | 88 | variable "compute_boot_volume_size_in_gb" { 89 | description = "Boot volume size of compute instance" 90 | } 91 | 92 | variable "compute_block_volume_size_in_gb" { 93 | description = "Block volume size of compute instance" 94 | } 95 | 96 | variable "compute_block_volume_vpus_per_gb" { 97 | description = "Block volume size of compute instance" 98 | } 99 | 100 | variable "app_bv_mount_path" { 101 | description = "Block volume size of compute instance" 102 | } 103 | 104 | variable "timezone" { 105 | description = "Set timezone for compute instance" 106 | } 107 | 108 | variable "bastion_user" { 109 | description = "Login user for bastion host" 110 | } 111 | 112 | variable "tmpdir" { 113 | description = "Temporary Directory" 114 | default = "/tmp" 115 | } 116 | 117 | variable "freeform_tags" { 118 | type = map(any) 119 | default = { 120 | environment = "dev" 121 | } 122 | } 123 | 124 | -------------------------------------------------------------------------------- /modules/compute/fss.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # Filesystem 6 | resource "oci_file_storage_file_system" "fss" { 7 | count = length(var.availability_domain) 8 | compartment_id = var.compartment_ocid 9 | availability_domain = element(var.availability_domain, count.index) 10 | display_name = "${var.fss_instance_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}" 11 | 12 | freeform_tags = var.freeform_tags 13 | } 14 | 15 | # Mount Target 16 | resource "oci_file_storage_mount_target" "fss_mt" { 17 | depends_on = [oci_file_storage_file_system.fss] 18 | count = length(var.availability_domain) 19 | compartment_id = var.compartment_ocid 20 | availability_domain = element(var.availability_domain, count.index) 21 | hostname_label = "${var.fss_instance_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}" 22 | 23 | subnet_id = var.fss_subnet 24 | display_name = "${var.fss_instance_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}_mt" 25 | freeform_tags = var.freeform_tags 26 | } 27 | 28 | # Filesystem exportset 29 | resource "oci_file_storage_export_set" "fss_expset" { 30 | depends_on = [ 31 | oci_file_storage_file_system.fss, 32 | oci_file_storage_mount_target.fss_mt, 33 | ] 34 | count = length(var.availability_domain) 35 | mount_target_id = element(oci_file_storage_mount_target.fss_mt.*.id, count.index) 36 | max_fs_stat_bytes = var.fss_limit_size_in_gb * 1024 * 1024 * 1024 37 | } 38 | 39 | # Filesystem export 40 | resource "oci_file_storage_export" "fss_exp" { 41 | depends_on = [ 42 | oci_file_storage_file_system.fss, 43 | oci_file_storage_mount_target.fss_mt, 44 | ] 45 | count = length(var.availability_domain) 46 | export_set_id = element( 47 | oci_file_storage_mount_target.fss_mt.*.export_set_id, 48 | count.index, 49 | ) 50 | file_system_id = element(oci_file_storage_file_system.fss.*.id, count.index) 51 | #path = "/${var.fss_instance_prefix}${var.AD[count.index]}" 52 | path = "/${var.fss_instance_prefix}${substr(var.availability_domain[count.index], -1, 1)}" 53 | 54 | export_options { 55 | source = "0.0.0.0/0" 56 | access = "READ_WRITE" 57 | identity_squash = "NONE" 58 | require_privileged_source_port = false 59 | } 60 | } 61 | 62 | -------------------------------------------------------------------------------- /modules/compute/userdata/bootstrap.tpl: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | timezone: "${timezone}" 3 | 4 | packages: 5 | - rsync 6 | - nfs-utils 7 | - ntp 8 | - oracle-ebs-server-R12-preinstall 9 | - fss-parallel-tools.x86_64 10 | 11 | runcmd: 12 | - sudo mkdir -p ${src_mount_path} 13 | - sudo mount -t nfs -o rw,bg,hard,timeo=600,nfsvers=3,tcp ${src_mount_target_private_ip}:${src_export_path} ${src_mount_path} 14 | - sudo chown oracle:oinstall ${src_mount_path} 15 | - echo ${src_mount_target_private_ip}:${src_export_path} ${src_mount_path} nfs rw,bg,hard,timeo=600,nfsvers=3 0 0 >> /etc/fstab 16 | # Run firewall command to enable to open ports 17 | - firewall-offline-cmd --port=${app_instance_listen_port}:tcp 18 | - firewall-offline-cmd --port=7001:tcp 19 | - firewall-offline-cmd --port=7002:tcp 20 | - firewall-offline-cmd --port=7201:tcp 21 | - firewall-offline-cmd --port=7202:tcp 22 | - firewall-offline-cmd --port=7401:tcp 23 | - firewall-offline-cmd --port=7402:tcp 24 | - firewall-offline-cmd --port=7601:tcp 25 | - firewall-offline-cmd --port=7602:tcp 26 | - /bin/systemctl restart firewalld -------------------------------------------------------------------------------- /modules/compute/userdata/rsync.sh: -------------------------------------------------------------------------------- 1 | #Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | #The Universal Permissive License (UPL), Version 1.0 4 | 5 | 6 | #/bin/bash 7 | sudo mkdir -p ${dst_mount_path} 8 | sudo mount -t nfs -o rw,bg,hard,timeo=600,nfsvers=3,tcp ${dst_mount_target_private_ip}:${dst_export_path} ${dst_mount_path} 9 | sudo chown oracle:oinstall ${dst_mount_path} 10 | echo '${dst_mount_target_private_ip}:${dst_export_path} ${dst_mount_path} nfs rw,bg,hard,timeo=600,nfsvers=3 0 0' | sudo tee -a /etc/fstab 11 | echo '#${fss_sync_frequency} /usr/bin/flock -n /var/run/fss-sync-up-file-system.lck rsync -aHAXxv --numeric-ids --delete ${src_mount_path} ${dst_mount_path}' | sudo tee -a /etc/cron.d/fss-sync-up-file-system 12 | sudo crontab /etc/cron.d/fss-sync-up-file-system 13 | touch /tmp/rsync.done -------------------------------------------------------------------------------- /modules/dbsystem/db.datasources.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # Get CPU and node and node count for a db shape 6 | /*data "oci_database_db_system_shapes" "db_system_shapes" { 7 | availability_domain = "${element(var.availability_domain, count.index)}" 8 | compartment_id = "${var.compartment_ocid}" 9 | filter { 10 | name = "name" 11 | values = ["${var.db_instance_shape}"] 12 | } 13 | }*/ 14 | 15 | # Get database homes 16 | data "oci_database_db_homes" "dbhomes" { 17 | count = var.db_instance_count 18 | compartment_id = var.compartment_ocid 19 | db_system_id = oci_database_db_system.database[0].id 20 | 21 | filter { 22 | name = "display_name" 23 | values = [var.db_name] 24 | } 25 | } 26 | 27 | # Get databases in database home 28 | data "oci_database_databases" "db" { 29 | count = var.db_instance_count 30 | compartment_id = var.compartment_ocid 31 | db_home_id = data.oci_database_db_homes.dbhomes[0].db_homes[0].db_home_id 32 | } 33 | -------------------------------------------------------------------------------- /modules/dbsystem/db.dbsystem.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | resource "oci_database_db_system" "database" { 6 | count = var.db_instance_count 7 | compartment_id = var.compartment_ocid 8 | availability_domain = element(var.availability_domain, 0) 9 | fault_domains = var.fault_domain 10 | 11 | # cpu_core_count = "${lookup(data.oci_database_db_system_shapes.db_system_shapes.db_system_shapes[0], "minimum_core_count")}" 12 | database_edition = var.db_edition 13 | shape = var.db_instance_shape 14 | node_count = var.db_node_count 15 | data_storage_size_in_gb = var.db_size_in_gb 16 | license_model = var.db_license_model 17 | disk_redundancy = var.db_disk_redundancy 18 | subnet_id = var.db_subnet 19 | ssh_public_keys = [var.db_ssh_public_key] 20 | display_name = var.db_name 21 | hostname = "${var.db_hostname_prefix}${substr(element(var.availability_domain, count.index), -1, 1)}" 22 | time_zone = var.timezone 23 | freeform_tags = var.freeform_tags 24 | 25 | db_home { 26 | database { 27 | admin_password = var.db_admin_password 28 | db_name = var.db_name 29 | character_set = var.db_characterset 30 | ncharacter_set = var.db_nls_characterset 31 | db_workload = var.db_workload 32 | pdb_name = var.db_pdb_name 33 | freeform_tags = var.freeform_tags 34 | 35 | db_backup_config { 36 | auto_backup_enabled = var.db_autobackup_enabled 37 | recovery_window_in_days = var.db_autobackup_recovery_window 38 | } 39 | } 40 | db_version = var.db_version 41 | display_name = var.db_name 42 | } 43 | 44 | lifecycle { 45 | ignore_changes = [fault_domains] 46 | } 47 | 48 | timeouts { 49 | create = var.timeout 50 | } 51 | } 52 | 53 | locals { 54 | enable_dg = length(var.availability_domain) >= "2" && var.db_instance_count == 1 ? true : false 55 | } 56 | 57 | resource "oci_database_data_guard_association" "database_data_guard_association" { 58 | count = local.enable_dg ? 1 : 0 59 | creation_type = "NewDbSystem" 60 | database_admin_password = var.db_admin_password 61 | database_id = data.oci_database_databases.db[0].databases[0].id 62 | protection_mode = "MAXIMUM_PERFORMANCE" 63 | transport_type = "ASYNC" 64 | delete_standby_db_home_on_delete = "true" 65 | 66 | #required for NewDbSystem creation_type 67 | display_name = "${var.db_name}-dg" 68 | shape = var.db_instance_shape 69 | subnet_id = var.db_subnet 70 | availability_domain = element(var.availability_domain, 1) 71 | hostname = "${var.db_hostname_prefix}dr${substr(element(var.availability_domain, count.index), -1, 1)}" 72 | 73 | timeouts { 74 | create = var.timeout 75 | 76 | } 77 | } 78 | 79 | output "dbcon" { 80 | value = oci_database_db_system.database[*].db_home[*].database[*].connection_strings[*]["cdb_ip_default"] 81 | } -------------------------------------------------------------------------------- /modules/dbsystem/db.variables.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | variable "compartment_ocid" { 6 | description = "Compartment name" 7 | } 8 | 9 | variable "availability_domain" { 10 | description = "Availability domain" 11 | type = list(string) 12 | } 13 | /* 14 | variable "AD" { 15 | description = "Availability domain" 16 | type = list(string) 17 | } 18 | */ 19 | variable "fault_domain" { 20 | description = "Fault Domain" 21 | type = list(string) 22 | } 23 | 24 | variable "db_subnet" { 25 | description = "Subnet for Bastion host" 26 | } 27 | 28 | variable "timeout" { 29 | description = "Timeout setting for resource creation " 30 | default = "150m" 31 | } 32 | 33 | # Database System variables 34 | variable "db_edition" { 35 | description = "Database Edition" 36 | } 37 | 38 | variable "db_version" { 39 | description = "Database version" 40 | } 41 | 42 | variable "db_admin_password" { 43 | description = "Database admin password" 44 | } 45 | 46 | /* 47 | variable "db_admin_password_encrypted" { 48 | description = "Database admin password" 49 | } 50 | */ 51 | variable "db_autobackup_enabled" { 52 | description = "Database admin password" 53 | } 54 | 55 | variable "db_autobackup_recovery_window" { 56 | description = "Database admin password" 57 | } 58 | 59 | variable "db_name" { 60 | description = "Database Name" 61 | } 62 | 63 | variable "db_disk_redundancy" { 64 | description = "Database disk redundancy for Bare Metal DB System" 65 | default = "NORMAL" 66 | } 67 | 68 | variable "db_hostname_prefix" { 69 | description = "Database hostname prefix" 70 | } 71 | 72 | variable "db_instance_shape" { 73 | description = "Database system shape" 74 | } 75 | 76 | variable "db_instance_count" { 77 | description = "Database system count" 78 | } 79 | 80 | variable "db_ssh_public_key" { 81 | description = "Database public ssh key" 82 | } 83 | 84 | variable "db_characterset" { 85 | description = "Database characterset" 86 | } 87 | 88 | variable "db_nls_characterset" { 89 | description = "Database National characterset" 90 | } 91 | 92 | variable "db_workload" { 93 | description = "Database Workload" 94 | default = "OLTP" 95 | } 96 | 97 | variable "db_pdb_name" { 98 | } 99 | 100 | variable "db_size_in_gb" { 101 | description = "Database size in gb" 102 | } 103 | 104 | variable "db_license_model" { 105 | description = "Database License Model" 106 | } 107 | 108 | variable "db_node_count" { 109 | description = "Database Node count" 110 | } 111 | 112 | variable "timezone" { 113 | description = "DB Server Timezone" 114 | } 115 | 116 | variable "freeform_tags" { 117 | type = map(any) 118 | default = { 119 | environment = "dev" 120 | } 121 | } -------------------------------------------------------------------------------- /modules/loadbalancer/lb.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # Load Balancer 6 | resource "oci_load_balancer_load_balancer" "lb" { 7 | shape = var.load_balancer_shape 8 | compartment_id = var.compartment_ocid 9 | subnet_ids = [var.load_balancer_subnet] 10 | display_name = var.load_balancer_name 11 | is_private = var.load_balancer_private 12 | freeform_tags = var.freeform_tags 13 | } 14 | 15 | # Load Balancer Backendset 16 | resource "oci_load_balancer_backend_set" "lb-bset" { 17 | depends_on = [oci_load_balancer_load_balancer.lb] 18 | name = "${var.load_balancer_name}-bes" 19 | load_balancer_id = oci_load_balancer_load_balancer.lb.id 20 | policy = "ROUND_ROBIN" 21 | 22 | health_checker { 23 | port = var.compute_instance_listen_port 24 | protocol = "HTTP" 25 | response_body_regex = ".*" 26 | url_path = "/" 27 | } 28 | session_persistence_configuration { 29 | cookie_name = "lb-sessprs" 30 | disable_fallback = true 31 | } 32 | 33 | 34 | } 35 | 36 | # Load Balancer Backend 37 | resource "oci_load_balancer_backend" "lb-bset-be" { 38 | depends_on = [ 39 | oci_load_balancer_load_balancer.lb, 40 | oci_load_balancer_backend_set.lb-bset, 41 | ] 42 | count = var.compute_instance_count 43 | load_balancer_id = oci_load_balancer_load_balancer.lb.id 44 | backendset_name = oci_load_balancer_backend_set.lb-bset.name 45 | ip_address = element(var.be_ip_addresses, count.index) 46 | port = var.compute_instance_listen_port 47 | backup = false 48 | drain = false 49 | offline = false 50 | weight = 1 51 | } 52 | 53 | # Load Balancer Hostname 54 | resource "oci_load_balancer_hostname" "hostname" { 55 | depends_on = [oci_load_balancer_load_balancer.lb] 56 | hostname = var.load_balancer_hostname 57 | load_balancer_id = oci_load_balancer_load_balancer.lb.id 58 | name = "ebs-hostname" 59 | } 60 | 61 | # Load Balancer Listener 62 | resource "oci_load_balancer_listener" "lb-listener" { 63 | depends_on = [ 64 | oci_load_balancer_load_balancer.lb, 65 | oci_load_balancer_backend_set.lb-bset, 66 | oci_load_balancer_hostname.hostname, 67 | ] 68 | load_balancer_id = oci_load_balancer_load_balancer.lb.id 69 | name = "${var.load_balancer_name}-lsnr" 70 | default_backend_set_name = oci_load_balancer_backend_set.lb-bset.name 71 | # TF-UPGRADE-TODO: In Terraform v0.10 and earlier, it was sometimes necessary to 72 | # force an interpolation expression to be interpreted as a list by wrapping it 73 | # in an extra set of list brackets. That form was supported for compatibility in 74 | # v0.11, but is no longer supported in Terraform v0.12. 75 | # 76 | # If the expression in the following list itself returns a list, remove the 77 | # brackets to avoid interpretation as a list of lists. If the expression 78 | # returns a single list item then leave it as-is and remove this TODO comment. 79 | hostname_names = [oci_load_balancer_hostname.hostname.name] 80 | port = var.load_balancer_listen_port 81 | protocol = "HTTP" 82 | connection_configuration { 83 | idle_timeout_in_seconds = "2" 84 | } 85 | } 86 | 87 | output "LoadbalancerIP" { 88 | description = "Load balancer IP" 89 | value = oci_load_balancer_load_balancer.lb.ip_addresses 90 | } -------------------------------------------------------------------------------- /modules/loadbalancer/lb.variables.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # General Variables 6 | variable "compartment_ocid" { 7 | description = "Compartment name" 8 | } 9 | 10 | variable "availability_domain" { 11 | description = "Availability domain" 12 | type = list(string) 13 | } 14 | /* 15 | variable "AD" { 16 | description = "Availability domain" 17 | type = list(string) 18 | } 19 | */ 20 | # Load Balancer variables 21 | variable "load_balancer_subnet" { 22 | description = "Subnet for Load Balancer" 23 | } 24 | 25 | variable "load_balancer_name" { 26 | description = "Name of Load Balancer" 27 | } 28 | 29 | variable "load_balancer_shape" { 30 | description = "Shape of Load Balancer" 31 | } 32 | 33 | variable "load_balancer_private" { 34 | description = "Set private load balacer" 35 | default = "True" 36 | } 37 | 38 | variable "be_ip_addresses" { 39 | description = "Backend IP addresses" 40 | type = list(string) 41 | } 42 | 43 | variable "load_balancer_hostname" { 44 | description = "Hostname for Load Balancer" 45 | } 46 | 47 | variable "compute_instance_listen_port" { 48 | description = "Listen port of compute instance" 49 | } 50 | 51 | variable "load_balancer_listen_port" { 52 | description = "Listen port of Load Balancer" 53 | } 54 | 55 | variable "compute_instance_count" { 56 | description = "Number or compute instances" 57 | } 58 | 59 | variable "freeform_tags" { 60 | type = map(any) 61 | default = { 62 | environment = "dev" 63 | } 64 | } 65 | 66 | -------------------------------------------------------------------------------- /modules/network/subnets/subnets.outputs.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | output "subnetid" { 6 | value = oci_core_subnet.subnet.id 7 | } 8 | 9 | output "cidr_block" { 10 | value = oci_core_subnet.subnet.cidr_block 11 | } 12 | 13 | -------------------------------------------------------------------------------- /modules/network/subnets/subnets.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # Create subnet 6 | resource "oci_core_subnet" "subnet" { 7 | compartment_id = var.compartment_ocid 8 | vcn_id = var.vcn_id 9 | cidr_block = var.vcn_subnet_cidr 10 | display_name = var.dns_label 11 | dns_label = var.dns_label 12 | dhcp_options_id = var.dhcp_options_id 13 | route_table_id = var.route_table_id 14 | security_list_ids = var.security_list_ids 15 | prohibit_public_ip_on_vnic = var.private_subnet 16 | freeform_tags = var.freeform_tags 17 | } -------------------------------------------------------------------------------- /modules/network/subnets/subnets.variables.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | variable "compartment_ocid" { 6 | description = "Compartment name" 7 | } 8 | 9 | /* 10 | variable "availability_domain" { 11 | description = "Availability domain" 12 | type = "list" 13 | } 14 | */ 15 | # Virtual Cloud Network (VCN) variables 16 | variable "vcn_id" { 17 | description = "VCN OCID" 18 | } 19 | 20 | variable "route_table_id" { 21 | description = "VCN Route Table OCID" 22 | } 23 | 24 | variable "dhcp_options_id" { 25 | description = "VCN DHCP options OCID" 26 | } 27 | 28 | variable "vcn_subnet_cidr" { 29 | description = "CIDR for VCN subnet" 30 | } 31 | 32 | variable "security_list_ids" { 33 | description = "Security List OCID" 34 | type = list(string) 35 | } 36 | 37 | variable "dns_label" { 38 | description = "VCN DNS Label" 39 | } 40 | 41 | variable "private_subnet" { 42 | description = "Whether private or public subnet" 43 | type = bool 44 | } 45 | 46 | variable "freeform_tags" { 47 | type = map(any) 48 | default = { 49 | environment = "dev" 50 | } 51 | } 52 | 53 | -------------------------------------------------------------------------------- /modules/network/vcn/vcn.data.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # Get name of object storage 6 | data "oci_core_services" "svcgtw_services" { 7 | filter { 8 | name = "name" 9 | values = [".*Oracle.*Services*"] 10 | regex = true 11 | } 12 | } 13 | 14 | -------------------------------------------------------------------------------- /modules/network/vcn/vcn.outputs.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | output "vcnid" { 6 | description = "ocid of VCN" 7 | value = oci_core_virtual_network.vcn.id 8 | } 9 | 10 | output "default_dhcp_id" { 11 | description = "ocid of default DHCP options" 12 | value = oci_core_virtual_network.vcn.default_dhcp_options_id 13 | } 14 | 15 | output "igw_id" { 16 | description = "ocid of internet gateway" 17 | value = oci_core_internet_gateway.igw.id 18 | } 19 | 20 | output "natgtw_id" { 21 | description = "ocid of service gateway" 22 | value = oci_core_nat_gateway.natgtw.id 23 | } 24 | 25 | output "svcgtw_id" { 26 | description = "ocid of service gateway" 27 | value = oci_core_service_gateway.svcgtw.id 28 | } 29 | 30 | output "publicrt_id" { 31 | value = oci_core_route_table.PublicRT.id 32 | } 33 | 34 | output "privatert_id" { 35 | value = oci_core_route_table.PrivateRT.id 36 | } 37 | 38 | output "bastionseclist_id" { 39 | value = oci_core_security_list.BastionSecList.id 40 | } 41 | 42 | output "appseclist_id" { 43 | value = oci_core_security_list.AppSecList.id 44 | } 45 | 46 | output "dbseclist_id" { 47 | value = oci_core_security_list.DBSecList.id 48 | } 49 | 50 | output "lbseclist_id" { 51 | value = oci_core_security_list.LBSecList.id 52 | } -------------------------------------------------------------------------------- /modules/network/vcn/vcn.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # Virtual Cloud Network (VCN) 6 | resource "oci_core_virtual_network" "vcn" { 7 | compartment_id = var.compartment_ocid 8 | cidr_block = var.vcn_cidr 9 | dns_label = var.vcn_dns_label 10 | display_name = var.vcn_dns_label 11 | freeform_tags = var.freeform_tags 12 | } 13 | 14 | # Internet Gateway 15 | resource "oci_core_internet_gateway" "igw" { 16 | compartment_id = var.compartment_ocid 17 | vcn_id = oci_core_virtual_network.vcn.id 18 | display_name = "${var.vcn_dns_label}igw" 19 | freeform_tags = var.freeform_tags 20 | } 21 | 22 | # NAT (Network Address Translation) Gateway 23 | resource "oci_core_nat_gateway" "natgtw" { 24 | compartment_id = var.compartment_ocid 25 | vcn_id = oci_core_virtual_network.vcn.id 26 | display_name = "${var.vcn_dns_label}natgtw" 27 | freeform_tags = var.freeform_tags 28 | } 29 | 30 | # Service Gateway 31 | resource "oci_core_service_gateway" "svcgtw" { 32 | compartment_id = var.compartment_ocid 33 | 34 | services { 35 | service_id = data.oci_core_services.svcgtw_services.services[0]["id"] 36 | } 37 | vcn_id = oci_core_virtual_network.vcn.id 38 | display_name = "${var.vcn_dns_label}svcgtw" 39 | freeform_tags = var.freeform_tags 40 | } 41 | /* 42 | # Dynamic Routing Gateway (DRG) 43 | resource "oci_core_drg" "drg" { 44 | compartment_id = var.compartment_ocid 45 | display_name = "${var.vcn_dns_label}drg" 46 | freeform_tags = var.freeform_tags 47 | } 48 | 49 | resource "oci_core_drg_attachment" "drg_attachment" { 50 | drg_id = oci_core_drg.drg.id 51 | vcn_id = oci_core_virtual_network.vcn.id 52 | display_name = "${var.vcn_dns_label}drgattchmt" 53 | }*/ 54 | /* 55 | locals { 56 | anywhere = "0.0.0.0/0" 57 | }*/ 58 | 59 | locals { 60 | tcp_protocol = "6" 61 | udp_protocol = "17" 62 | all_protocols = "all" 63 | anywhere = "0.0.0.0/0" 64 | db_port = "1521" 65 | ssh_port = "22" 66 | app_ports = ["7201", "7202", "7401", "7402", "7601", "7602", "7001", "7002"] 67 | fss_ports = ["2048", "2050", "111"] 68 | ora_svcs_port = "443" 69 | } 70 | # Public Route Table 71 | resource "oci_core_route_table" "PublicRT" { 72 | compartment_id = var.compartment_ocid 73 | vcn_id = oci_core_virtual_network.vcn.id 74 | display_name = "${var.vcn_dns_label}pubrt" 75 | freeform_tags = var.freeform_tags 76 | route_rules { 77 | network_entity_id = oci_core_internet_gateway.igw.id 78 | description = "Route rule for Internet Traffic" 79 | destination_type = "CIDR_BLOCK" 80 | destination = local.anywhere 81 | } 82 | } 83 | 84 | # Private Route Table 85 | resource "oci_core_route_table" "PrivateRT" { 86 | compartment_id = var.compartment_ocid 87 | vcn_id = oci_core_virtual_network.vcn.id 88 | display_name = "${var.vcn_dns_label}pvtrt" 89 | freeform_tags = var.freeform_tags 90 | route_rules { 91 | network_entity_id = oci_core_nat_gateway.natgtw.id 92 | description = "Route rule for Nat gateway" 93 | destination_type = "CIDR_BLOCK" 94 | destination = local.anywhere 95 | } 96 | route_rules { 97 | network_entity_id = oci_core_service_gateway.svcgtw.id 98 | description = "Route rule for Service Gateway" 99 | destination_type = "SERVICE_CIDR_BLOCK" 100 | destination = data.oci_core_services.svcgtw_services.services[0].cidr_block 101 | } 102 | } 103 | 104 | # Bastion Security List 105 | resource "oci_core_security_list" "BastionSecList" { 106 | compartment_id = var.compartment_ocid 107 | display_name = "BastionSecList" 108 | vcn_id = oci_core_virtual_network.vcn.id 109 | 110 | egress_security_rules { 111 | protocol = local.tcp_protocol 112 | destination = local.anywhere 113 | } 114 | 115 | ingress_security_rules { 116 | tcp_options { 117 | min = local.ssh_port 118 | max = local.ssh_port 119 | } 120 | 121 | protocol = local.tcp_protocol 122 | source = local.anywhere 123 | } 124 | } 125 | 126 | # Database System Security List 127 | resource "oci_core_security_list" "DBSecList" { 128 | compartment_id = var.compartment_ocid 129 | display_name = "DBSecList" 130 | vcn_id = oci_core_virtual_network.vcn.id 131 | 132 | egress_security_rules { 133 | protocol = local.tcp_protocol 134 | destination = local.anywhere 135 | } 136 | egress_security_rules { 137 | tcp_options { 138 | min = local.ora_svcs_port 139 | max = local.ora_svcs_port 140 | } 141 | protocol = local.tcp_protocol 142 | destination = data.oci_core_services.svcgtw_services.services[0]["cidr_block"] 143 | destination_type = "SERVICE_CIDR_BLOCK" 144 | } 145 | 146 | ingress_security_rules { 147 | tcp_options { 148 | min = local.ssh_port 149 | max = local.ssh_port 150 | } 151 | 152 | protocol = local.tcp_protocol 153 | source = var.vcn_cidr 154 | } 155 | ingress_security_rules { 156 | tcp_options { 157 | min = local.db_port 158 | max = local.db_port 159 | } 160 | 161 | protocol = local.tcp_protocol 162 | source = var.vcn_cidr 163 | } 164 | } 165 | 166 | # Application Security List 167 | resource "oci_core_security_list" "AppSecList" { 168 | compartment_id = var.compartment_ocid 169 | display_name = "AppSecList" 170 | vcn_id = oci_core_virtual_network.vcn.id 171 | 172 | egress_security_rules { 173 | protocol = local.tcp_protocol 174 | destination = local.anywhere 175 | } 176 | egress_security_rules { 177 | tcp_options { 178 | min = local.ora_svcs_port 179 | max = local.ora_svcs_port 180 | } 181 | protocol = local.tcp_protocol 182 | destination = data.oci_core_services.svcgtw_services.services[0]["cidr_block"] 183 | destination_type = "SERVICE_CIDR_BLOCK" 184 | } 185 | egress_security_rules { 186 | tcp_options { 187 | source_port_range { 188 | #Required 189 | min = local.fss_ports[0] 190 | max = local.fss_ports[1] 191 | } 192 | } 193 | 194 | protocol = local.tcp_protocol 195 | destination = var.vcn_cidr 196 | } 197 | egress_security_rules { 198 | tcp_options { 199 | source_port_range { 200 | #Required 201 | min = local.fss_ports[2] 202 | max = local.fss_ports[2] 203 | } 204 | } 205 | 206 | protocol = local.tcp_protocol 207 | destination = var.vcn_cidr 208 | } 209 | egress_security_rules { 210 | udp_options { 211 | source_port_range { 212 | #Required 213 | min = local.fss_ports[2] 214 | max = local.fss_ports[2] 215 | } 216 | } 217 | 218 | protocol = local.udp_protocol 219 | destination = var.vcn_cidr 220 | } 221 | 222 | ingress_security_rules { 223 | tcp_options { 224 | min = local.ssh_port 225 | max = local.ssh_port 226 | } 227 | 228 | protocol = local.tcp_protocol 229 | source = var.vcn_cidr 230 | } 231 | ingress_security_rules { 232 | tcp_options { 233 | min = var.ebs_app_instance_listen_port 234 | max = var.ebs_app_instance_listen_port 235 | } 236 | 237 | protocol = local.tcp_protocol 238 | source = var.vcn_cidr 239 | } 240 | ingress_security_rules { 241 | tcp_options { 242 | min = local.app_ports[0] 243 | max = local.app_ports[1] 244 | } 245 | 246 | protocol = local.tcp_protocol 247 | source = var.vcn_cidr 248 | } 249 | ingress_security_rules { 250 | tcp_options { 251 | min = local.app_ports[2] 252 | max = local.app_ports[3] 253 | } 254 | 255 | protocol = local.tcp_protocol 256 | source = var.vcn_cidr 257 | } 258 | ingress_security_rules { 259 | tcp_options { 260 | min = local.app_ports[4] 261 | max = local.app_ports[5] 262 | } 263 | 264 | protocol = local.tcp_protocol 265 | source = var.vcn_cidr 266 | } 267 | ingress_security_rules { 268 | tcp_options { 269 | min = local.app_ports[6] 270 | max = local.app_ports[7] 271 | } 272 | 273 | protocol = local.tcp_protocol 274 | source = var.vcn_cidr 275 | } 276 | ingress_security_rules { 277 | tcp_options { 278 | min = local.fss_ports[0] 279 | max = local.fss_ports[1] 280 | } 281 | 282 | protocol = local.tcp_protocol 283 | source = var.vcn_cidr 284 | } 285 | ingress_security_rules { 286 | tcp_options { 287 | min = local.fss_ports[2] 288 | max = local.fss_ports[2] 289 | } 290 | 291 | protocol = local.tcp_protocol 292 | source = var.vcn_cidr 293 | } 294 | ingress_security_rules { 295 | udp_options { 296 | min = local.fss_ports[0] 297 | max = local.fss_ports[0] 298 | } 299 | 300 | protocol = local.udp_protocol 301 | source = var.vcn_cidr 302 | } 303 | ingress_security_rules { 304 | udp_options { 305 | min = local.fss_ports[2] 306 | max = local.fss_ports[2] 307 | } 308 | 309 | protocol = local.udp_protocol 310 | source = var.vcn_cidr 311 | } 312 | } 313 | 314 | # Load Balancer Security List 315 | resource "oci_core_security_list" "LBSecList" { 316 | compartment_id = var.compartment_ocid 317 | display_name = "LBSecList" 318 | vcn_id = oci_core_virtual_network.vcn.id 319 | 320 | egress_security_rules { 321 | protocol = local.tcp_protocol 322 | destination = local.anywhere 323 | } 324 | 325 | ingress_security_rules { 326 | tcp_options { 327 | min = var.load_balancer_listen_port 328 | max = var.load_balancer_listen_port 329 | } 330 | 331 | protocol = local.tcp_protocol 332 | source = local.anywhere 333 | } 334 | } 335 | 336 | 337 | -------------------------------------------------------------------------------- /modules/network/vcn/vcn.vars.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | variable "compartment_ocid" { 6 | description = "Compartment OCID" 7 | } 8 | 9 | # VCN Variables 10 | variable "vcn_cidr" { 11 | description = "VCN CIDR" 12 | } 13 | 14 | variable "vcn_dns_label" { 15 | description = "VCN DNS Label" 16 | } 17 | 18 | variable "freeform_tags" { 19 | type = map(any) 20 | default = { 21 | environment = "dev" 22 | } 23 | } 24 | 25 | variable "ebs_app_instance_listen_port" {} 26 | 27 | variable "load_balancer_listen_port" {} -------------------------------------------------------------------------------- /outputs.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | output "BastionPublicIPs" { 6 | value = module.create_bastion.Bastion_Public_IPs 7 | description = "Public IPs of Bastion Host" 8 | } 9 | 10 | output "ApplicationPrivateIPs" { 11 | value = module.create_app.AppsPrvIPs 12 | description = "Private IPs of EBS Application Server(s)" 13 | } 14 | 15 | output "LoadBalancerIP" { 16 | value = module.create_lb.LoadbalancerIP 17 | description = "IP of Load Balancer" 18 | } 19 | output "FSSDetails" { 20 | value = module.create_app.FSSFstabs 21 | description = "Shared File system Details" 22 | } 23 | 24 | output "DatabaseSystemConnectionString" { 25 | value = module.create_db.dbcon 26 | description = "Database Connection String" 27 | } 28 | 29 | -------------------------------------------------------------------------------- /pack.sh: -------------------------------------------------------------------------------- 1 | #Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | #The Universal Permissive License (UPL), Version 1.0 4 | 5 | 6 | #/bin/bash 7 | 8 | zipfile="ebusinesssuite.zip" 9 | 10 | if [ -f $zipfile ]; then 11 | rm -f $zipfile 12 | fi 13 | zip -r ebusinessuite.zip . -x pack.sh .gitignore terraform* .terraform\* _docs\* orm\* .git\* .idea\* env-vars ebusinesssuite.zip *.zip README.md 14 | -------------------------------------------------------------------------------- /provider.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | # Terraform version 6 | 7 | terraform { 8 | required_version = ">=0.13" 9 | required_providers { 10 | oci = { 11 | source = "hashicorp/oci" 12 | version = "=3.93.0" 13 | } 14 | } 15 | } 16 | 17 | # Oracle Cloud Infrastructure (OCI) Provider 18 | provider "oci" { 19 | tenancy_ocid = var.tenancy_ocid 20 | # user_ocid = var.user_ocid 21 | # private_key_path = var.private_key_path 22 | # fingerprint = var.fingerprint 23 | region = var.region 24 | } 25 | -------------------------------------------------------------------------------- /schema.yaml: -------------------------------------------------------------------------------- 1 | title: Oracle E Business Suite 2 | description: Provisions infrastructure to install Oracle E Business Suite 3 | informationalText: "The Resource Manager Stack just creates the infrastructure components (compute, database, load balancer etc). E Business Suite software is required to be installed manually." 4 | schemaVersion: 1.1.0 5 | version: "20200822" 6 | locale: "en" 7 | 8 | variableGroups: 9 | - title: "Availability Domain(s)" 10 | visible: true 11 | variables: 12 | - AD 13 | - title: "Network Configuration" 14 | visible: true 15 | variables: 16 | - vcn_compartment_ocid 17 | - vcn_cidr 18 | - vcn_dns_label 19 | 20 | - title: "SSH Keys and Server Timezone" 21 | visible: true 22 | variables: 23 | - bastion_ssh_public_key 24 | - ssh_public_key 25 | - timezone 26 | 27 | - title: "Application Configuration" 28 | visible: true 29 | variables: 30 | - compartment_ocid 31 | - ebs_env_prefix 32 | - ebs_app_instance_count 33 | - linux_os_version 34 | - ebs_app_instance_shape 35 | - ebs_app_boot_volume_size_in_gb 36 | - ebs_app_block_volume_size_in_gb 37 | - ebs_app_block_volume_mount_path 38 | - ebs_app_block_volume_vpus_per_gb 39 | - ebs_shared_filesystem 40 | - ebs_shared_filesystem_mount_path 41 | - ebs_shared_filesystem_size_limit_in_gb 42 | - ebs_app_instance_listen_port 43 | 44 | - title: "Database Configuration" 45 | visible: true 46 | variables: 47 | - ebs_database_required 48 | - db_name 49 | - db_pdb_name 50 | - db_admin_password 51 | - db_version 52 | - db_edition 53 | - db_license_model 54 | - db_node_count 55 | - db_instance_shape 56 | - db_size_in_gb 57 | - db_characterset 58 | - db_nls_characterset 59 | 60 | - title: "Load Balancer Configuration" 61 | visible: true 62 | variables: 63 | - load_balancer_private 64 | - load_balancer_hostname 65 | - load_balancer_shape 66 | - load_balancer_listen_port 67 | 68 | - title: "Tags" 69 | visible: true 70 | variables: 71 | - freeform_tags 72 | 73 | variables: 74 | # Hidden variables 75 | tenancy_ocid: 76 | title: Tenancy ID 77 | description: The Oracle Cloud Identifier (OCID) for your tenancy 78 | type: string 79 | required: true 80 | visible: false 81 | 82 | region: 83 | title: Region 84 | description: The region in which to create all resources 85 | type: oci:identity:region:name 86 | required: true 87 | visible: false 88 | 89 | user_ocid: 90 | title: User ID 91 | description: The Oracle Cloud Identifier (OCID) for the user 92 | type: string 93 | visible: false 94 | 95 | fingerprint: 96 | title: Private Key Fingerprint 97 | type: string 98 | visible: false 99 | 100 | private_key_path: 101 | title: Private Key Path 102 | type: string 103 | visible: false 104 | 105 | AD: 106 | title: Availability Domain(s) 107 | description: Availability Domain for Oracle EBS Infrastructure Provisioning.Setting AD = ["1"] provisions infrastructure in single availability domain (Availabilty domain 1 of the tenancy) and setting AD = ["1","2"] provisions infrastructure in multiple availability domains (Availability domains 1 and 2 of the tenancy). 108 | type: array 109 | visible: true 110 | required: true 111 | 112 | vcn_compartment_ocid: 113 | title: Virtual Cloud Network Compartment 114 | description: The target compartment to create network. 115 | type: oci:identity:compartment:id 116 | required: true 117 | visible: true 118 | 119 | vcn_cidr: 120 | title: Virtual Cloud Network CIDR 121 | visible: true 122 | type: enum 123 | enum: 124 | - 172.16.0.0/16 125 | - 10.0.0.0/16 126 | - 192.168.0.0/16 127 | default: 172.16.0.0/16 128 | required: true 129 | 130 | vcn_dns_label: 131 | title: Virtual Cloud Network DNS Label 132 | type: string 133 | required: true 134 | default: ebsvcn 135 | visible: true 136 | 137 | timezone: 138 | type: string 139 | title: Timezone of Compute and Database System(s) 140 | description: The timezone of compute and database system nodes 141 | visible: true 142 | required: true 143 | 144 | # General Configuration 145 | ebs_env_prefix: 146 | title: Resource Display Name Prefix 147 | description: Prefix to generate hostname for compute, network and database resources. 148 | type: string 149 | maxLength: 3 150 | pattern: "^([a-z][a-z0-9]{0,2})$" 151 | default: "ebs" 152 | required: true 153 | 154 | compartment_ocid: 155 | title: Target Compartment 156 | description: The target compartment to provision application compute instances. 157 | type: oci:identity:compartment:id 158 | required: true 159 | visible: true 160 | 161 | ebs_app_instance_count: 162 | title: Number of application Node(s) 163 | description: Minimum required is 1 164 | type: integer 165 | minimum: 1 166 | maximum: 4 167 | default: 1 168 | required: true 169 | visible: true 170 | 171 | ebs_app_instance_shape: 172 | title: Application Instance Shape 173 | description: The shape for the Application compute instance. 174 | type: enum 175 | visible: true 176 | default: "VM.Standard2.1" 177 | enum: 178 | - "VM.Standard2.1" 179 | - "VM.Standard2.2" 180 | - "VM.Standard2.4" 181 | - "VM.Standard2.8" 182 | - "VM.Standard2.16" 183 | - "VM.Standard2.24" 184 | required: true 185 | 186 | ebs_app_boot_volume_size_in_gb: 187 | type: integer 188 | title: Boot Volume size (in GB) 189 | description: The size of the boot volume. Minimum required is 50 GB 190 | minimum: 50 191 | maximum: 32768 192 | multipleof: 1 193 | visible: true 194 | default: 100 195 | required: true 196 | 197 | ebs_app_block_volume_size_in_gb: 198 | type: integer 199 | title: Block Volume size (in GB) 200 | description: The size of the block volume. Minimum required is 50 GB 201 | minimum: 50 202 | maximum: 32768 203 | multipleof: 1 204 | visible: true 205 | default: 100 206 | required: true 207 | 208 | ebs_app_block_volume_vpus_per_gb: 209 | title: Block Volume Performance 210 | description: 0 is Lower Cost, 10 is Balanced and 20 is Higher Performance option 211 | visible: true 212 | type: enum 213 | enum: 214 | - 0 215 | - 10 216 | - 20 217 | default: 0 218 | required: true 219 | 220 | ebs_app_block_volume_mount_path: 221 | title: Block Volume Filesystem mount path 222 | description: EBS Block Volume Filesystem mount path 223 | type: string 224 | default: /u02 225 | visible: true 226 | required: true 227 | 228 | ebs_app_instance_listen_port: 229 | title: Listen port for application Instance 230 | description: Listen port for application Instance 231 | type: string 232 | maxLength: 4 233 | pattern: "^([0-9][0-9]{0,3})$" 234 | default: 8000 235 | visible: true 236 | required: true 237 | 238 | ebs_shared_filesystem_mount_path: 239 | title: Shared Filesystem path 240 | description: EBS Shared Filesystem path 241 | type: string 242 | default: /u01/install/APPS 243 | visible: true 244 | 245 | ebs_shared_filesystem_size_limit_in_gb: 246 | title: Shared Filesystem Size Limit 247 | description: EBS Shared Filesystem Size Limit in GB 248 | type: string 249 | default: 500 250 | visible: false 251 | 252 | ebs_database_required: 253 | title: Create EBS database 254 | description: Create EBS database system 255 | type: boolean 256 | default: false 257 | visible: true 258 | 259 | db_edition: 260 | title: Database Edition 261 | visible: ebs_database_required 262 | type: enum 263 | enum: 264 | - ENTERPRISE_EDITION 265 | - ENTERPRISE_EDITION_HIGH_PERFORMANCE 266 | - ENTERPRISE_EDITION_EXTREME_PERFORMANCE 267 | default: ENTERPRISE_EDITION_EXTREME_PERFORMANCE 268 | required: true 269 | 270 | db_license_model: 271 | title: Database License 272 | visible: ebs_database_required 273 | type: enum 274 | enum: 275 | - LICENSE_INCLUDED 276 | - BRING_YOUR_OWN_LICENSE 277 | default: LICENSE_INCLUDED 278 | required: true 279 | 280 | db_version: 281 | title: Database Version 282 | visible: ebs_database_required 283 | type: enum 284 | enum: 285 | - 12.1.0.2 286 | - 11.2.0.4 287 | default: 12.1.0.2 288 | required: true 289 | 290 | db_node_count: 291 | title: Number of Database Nodes 292 | description: Select 2 for High Availability 293 | visible: ebs_database_required 294 | type: enum 295 | enum: 296 | - 1 297 | - 2 298 | default: 2 299 | required: true 300 | 301 | db_instance_shape: 302 | title: Database Instance Shape 303 | description: The shape for the DB instance. 304 | type: oci:core:instanceshape:name 305 | visible: ebs_database_required 306 | default: VM.Standard2.2 307 | required: true 308 | dependsOn: 309 | compartmentId: compartment_ocid 310 | 311 | db_name: 312 | title: Database Container Name 313 | description: The name of the CDB. 314 | type: string 315 | maxlength: 8 316 | pattern: "(^[a-zA-Z][a-zA-Z0-9_]{0,7})$" 317 | visible: ebs_database_required 318 | default: EBSCDB 319 | required: true 320 | 321 | db_size_in_gb: 322 | title: Database Size in GB 323 | description: Database size in GB 324 | visible: ebs_database_required 325 | type: enum 326 | enum: 327 | - 256 328 | - 512 329 | - 1024 330 | - 2048 331 | - 4096 332 | - 8192 333 | - 10240 334 | - 12288 335 | - 14336 336 | - 16384 337 | - 18432 338 | - 20480 339 | - 22528 340 | - 24576 341 | - 26624 342 | - 28672 343 | - 30720 344 | - 32768 345 | - 34816 346 | - 36864 347 | - 38912 348 | - 40960 349 | default: 256 350 | required: true 351 | 352 | db_admin_password: 353 | title: Database Admin User Password 354 | description: "The password for the database. Password must be 9 to 30 characters and contain at least 2 uppercase, 2 lowercase, 2 special, and 2 numeric characters. The special characters must be _, #, or -. For example, XYh1z0#_d" 355 | type: password 356 | pattern: "^(?=.*[a-z].*[a-z])(?=.*[A-Z].*[A-Z])(?=.*\\d.*\\d)(?=.*[-_#].*[-_#])[a-zA-Z0-9\\S]{9,32}$" 357 | required: true 358 | visible: ebs_database_required 359 | 360 | db_characterset: 361 | type: string 362 | visible: ebs_database_required 363 | default: AL32UTF8 364 | required: true 365 | 366 | db_nls_characterset: 367 | type: string 368 | visible: ebs_database_required 369 | default: AL16UTF16 370 | required: true 371 | 372 | db_pdb_name: 373 | title: Database PDB Name 374 | description: The name of the PDB. 375 | type: string 376 | maxlength: 8 377 | pattern: "(^[a-zA-Z][a-zA-Z0-9_]{0,7})$" 378 | visible: ebs_database_required 379 | default: EBSDB 380 | required: true 381 | 382 | load_balancer_private: 383 | title: Private Load Balancer 384 | description: Create a private load balancer for internal application endpoints 385 | type: boolean 386 | default: false 387 | visible: true 388 | 389 | load_balancer_hostname: 390 | title: Load Balancer Hostname 391 | description: Hostname of Load Balancer 392 | type: string 393 | default: ebs.mycompany.com 394 | visible: true 395 | required: true 396 | 397 | load_balancer_shape: 398 | title: Load Balancer Shape 399 | description: Select load balancer shape. 400 | type: enum 401 | enum: 402 | - 10Mbps 403 | - 100Mbps 404 | - 400Mbps 405 | - 8000Mbps 406 | default: 100Mbps 407 | visible: true 408 | required: true 409 | 410 | load_balancer_listen_port: 411 | title: Load Balancer Listen port 412 | description: The listener port for load balanacer 413 | type: string 414 | maxLength: 4 415 | pattern: "^([0-9][0-9]{0,3})$" 416 | default: 80 417 | visible: true 418 | required: true 419 | 420 | db_backup_recovery_window: 421 | title: DB Backup Recovery Window in Days 422 | visible: false 423 | type: enum 424 | enum: 425 | - 7 426 | - 15 427 | - 30 428 | - 45 429 | - 60 430 | default: 30 431 | required: false 432 | 433 | bastion_instance_shape: 434 | title: Bastion instance shape 435 | type: string 436 | visible: false 437 | default: "VM.Standard2.1" 438 | 439 | ssh_public_key: 440 | type: oci:core:ssh:publickey 441 | title: "Public Key for Compute and Database System(s)" 442 | description: "Public SSH key to be included in the ~/.ssh/authorized_keys file for the opc user on the instance" 443 | additionalProps: 444 | allowMultiple: false 445 | pattern: "((^(ssh-rsa AAAAB3NzaC1yc2|ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNT|ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzOD|ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj|ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-dss AAAAB3NzaC1kc3)[0-9A-Za-z+\/]+[=]{0,3})( [^,]*)?)(,((ssh-rsa AAAAB3NzaC1yc2|ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNT|ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzOD|ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj|ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-dss AAAAB3NzaC1kc3)[0-9A-Za-z+\/]+[=]{0,3})( [^,]*)?)*$" 446 | required: true 447 | visible: true 448 | 449 | bastion_ssh_public_key: 450 | type: oci:core:ssh:publickey 451 | title: "SSH public key for Bastion Host" 452 | description: The deployment creates application and database instances in private subnets. To access these instances, a bastion host is created using VMStandard2.1 shape. 453 | additionalProps: 454 | allowMultiple: false 455 | pattern: "((^(ssh-rsa AAAAB3NzaC1yc2|ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNT|ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzOD|ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj|ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-dss AAAAB3NzaC1kc3)[0-9A-Za-z+\/]+[=]{0,3})( [^,]*)?)(,((ssh-rsa AAAAB3NzaC1yc2|ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNT|ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzOD|ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj|ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-dss AAAAB3NzaC1kc3)[0-9A-Za-z+\/]+[=]{0,3})( [^,]*)?)*$" 456 | required: true 457 | visible: false 458 | 459 | bastion_user: 460 | title: Bastion user 461 | description: bastion user 462 | type: string 463 | default: opc 464 | visible: false 465 | 466 | compute_instance_user: 467 | title: Compute Instance user 468 | description: The deployment creates application and database instances in private subnets. To access these instances, a bastion host is created using VMStandard2.1 shape. Bastion host VM can be deleted if infrastructure needs to accessed from on-premise using VPN/Fastconnect 469 | type: string 470 | default: opc 471 | visible: false 472 | 473 | InstanceOS: 474 | title: Instance os 475 | description: Operating system of bastion host 476 | type: string 477 | visible: false 478 | 479 | linux_os_version: 480 | title: Operation system version 481 | description: Operating system (Oracle Linux) version for application instance(s). 482 | visible: true 483 | type: enum 484 | enum: 485 | - "6.10" 486 | - "7.8" 487 | default: "7.8" 488 | required: true 489 | 490 | database_autobackup_enabled: 491 | type: string 492 | visible: false 493 | 494 | database_autobackup_recovery_window: 495 | type: string 496 | visible: false 497 | 498 | timeout: 499 | type: string 500 | visible: false 501 | 502 | image_id: 503 | type: map 504 | visible: false 505 | 506 | freeform_tags: 507 | type: string 508 | visible: true 509 | 510 | outputGroups: 511 | - title: Outputs 512 | outputs: 513 | - BastionPublicIPs 514 | - ApplicationPrivateIPs 515 | - FSSDetails 516 | - DatabaseSystemConnectionString 517 | - LoadBalancerIP 518 | 519 | outputs: 520 | BastionPublicIPs: 521 | title: "Bastion Host Details" 522 | type: string 523 | visible: true 524 | 525 | ApplicationPrivateIPs: 526 | title: "Application Server Details" 527 | type: string 528 | visible: true 529 | 530 | FSSDetails: 531 | title: "Shared Filesystem(FSS) Details" 532 | type: string 533 | visible: true 534 | 535 | DatabaseSystemConnectionString: 536 | title: "Database Connection String" 537 | type: string 538 | visible: true 539 | 540 | LoadBalancerIP: 541 | title: "Load Balancer Details" 542 | type: string 543 | visible: true 544 | -------------------------------------------------------------------------------- /terraform.tfvars.template: -------------------------------------------------------------------------------- 1 | # Copyright © 2020, Oracle and/or its affiliates. 2 | # The Universal Permissive License (UPL), Version 1.0 3 | 4 | # AD (Availability Domain to use for creating EBS infrastructure) 5 | # For single AD regions (ap-seoul-1, ap-tokyo-1, ca-toronto-1), use AD = ["1"] 6 | AD = "[]" 7 | 8 | # CIDR block of VCN to be created 9 | vcn_cidr = "" 10 | 11 | # DNS label of VCN to be created 12 | vcn_dns_label = "" 13 | 14 | # Operating system version to be used for application instances. e.g 6.10 or 7.7 15 | linux_os_version = "" 16 | 17 | # Timezone of compute instance 18 | timezone = "" 19 | 20 | #Environment prefix to define name of resources 21 | ebs_env_prefix = "" 22 | 23 | # Freeform tags 24 | freeform_tags = 25 | 26 | # Number of application instances to be created 27 | ebs_app_instance_count = "" 28 | 29 | # Shape of app instance 30 | ebs_app_instance_shape = "" 31 | 32 | # Boot volume size 33 | ebs_app_boot_volume_size_in_gb = "" 34 | 35 | # Block volume size 36 | ebs_app_block_volume_size_in_gb = "" 37 | 38 | # Block volume performance 39 | ebs_app_block_volume_vpus_per_gb = "" 40 | 41 | # Mount path for local application filesystem 42 | ebs_app_block_volume_mount_path = "" 43 | 44 | # Listen port of the application instance 45 | ebs_app_instance_listen_port = "" 46 | 47 | # Mount path for shared application filesystem 48 | ebs_shared_filesystem_mount_path = "" 49 | 50 | # Shared application filesystem size limit 51 | ebs_shared_filesystem_limit_size_in_gb = "" 52 | 53 | # Whether database is required to be created 54 | ebs_database_required = "" 55 | 56 | # Database Edition 57 | db_edition = "" 58 | 59 | # Licensing model for database 60 | db_license_model = "" 61 | 62 | # Database version 63 | db_version = "" 64 | 65 | # Number of database nodes 66 | db_node_count = "" 67 | 68 | # Shape of Database nodes 69 | db_instance_shape = "" 70 | 71 | # Database name 72 | db_name = "" 73 | 74 | # Size of Database 75 | db_size_in_gb = "" 76 | 77 | # Database administration (sys) password 78 | db_admin_password = "" 79 | 80 | # Characterset of database 81 | db_characterset = "" 82 | 83 | # National Characterset of database 84 | db_nls_characterset = "" 85 | 86 | # Pluggable database name 87 | db_pdb_name = "" 88 | 89 | # Whether private Load Balancer 90 | load_balancer_private = "" 91 | 92 | # Hostname of Load Balancer 93 | load_balancer_hostname = "" 94 | 95 | # Shape of Load Balancer 96 | load_balancer_shape = "" 97 | 98 | # Listen port of load balancer 99 | load_balancer_listen_port = "" -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- 1 | /*Copyright © 2020, Oracle and/or its affiliates. 2 | 3 | The Universal Permissive License (UPL), Version 1.0*/ 4 | 5 | variable "tenancy_ocid" { 6 | } 7 | 8 | variable "region" { 9 | } 10 | 11 | #variable "user_ocid" {} 12 | 13 | #variable "fingerprint" {} 14 | 15 | #variable "private_key_path" {} 16 | 17 | variable "compartment_ocid" { 18 | } 19 | 20 | variable "AD" { 21 | description = "Availability domain number" 22 | type = list(string) 23 | default = ["1"] 24 | } 25 | 26 | variable "ssh_public_key" { 27 | description = "SSH public key for instances" 28 | } 29 | /* 30 | variable "ssh_private_key" { 31 | description = "SSH private key for instances" 32 | } 33 | */ 34 | variable "bastion_ssh_public_key" { 35 | description = "SSH public key for bastion instance" 36 | default = "" 37 | } 38 | /* 39 | variable "bastion_ssh_private_key" { 40 | description = "SSH private key for bastion_instance" 41 | } 42 | */ 43 | 44 | variable "InstanceOS" { 45 | description = "Operating system for compute instances" 46 | default = "Oracle Linux" 47 | } 48 | 49 | variable "linux_os_version" { 50 | description = "Operating system version for compute instances except NAT" 51 | type = string 52 | default = "7.8" 53 | } 54 | 55 | # VCN variables 56 | variable "vcn_cidr" { 57 | description = "CIDR for Virtual Cloud Network (VCN)" 58 | } 59 | 60 | variable "vcn_dns_label" { 61 | description = "DNS label for Virtual Cloud Network (VCN)" 62 | } 63 | 64 | # Bastion host variables 65 | variable "bastion_instance_shape" { 66 | description = "Instance shape of bastion host" 67 | default = "VM.Standard2.1" 68 | } 69 | 70 | # Application Server variables 71 | variable "ebs_env_prefix" { 72 | description = "Environment prefix" 73 | } 74 | 75 | variable "ebs_app_instance_count" { 76 | description = "Application Server count" 77 | } 78 | 79 | variable "ebs_app_instance_shape" { 80 | description = "Application Instance shape" 81 | } 82 | 83 | variable "ebs_app_instance_listen_port" { 84 | description = "Application instance listen port" 85 | } 86 | 87 | variable "ebs_shared_filesystem_mount_path" { 88 | description = "Mountpoint for primary application servers" 89 | } 90 | 91 | variable "ebs_shared_filesystem_size_limit_in_gb" { 92 | description = "Mountpoint for primary application servers" 93 | default = "500" 94 | } 95 | 96 | variable "ebs_app_boot_volume_size_in_gb" { 97 | description = "Boot volume size of application servers" 98 | } 99 | 100 | variable "ebs_app_block_volume_size_in_gb" { 101 | description = "Block volume size of application servers" 102 | } 103 | 104 | variable "ebs_app_block_volume_vpus_per_gb" { 105 | description = "Block volume VPUs" 106 | } 107 | 108 | variable "ebs_app_block_volume_mount_path" { 109 | description = "Block Volume Mountpoint for primary application servers" 110 | } 111 | 112 | variable "timezone" { 113 | description = "Set timezone for servers" 114 | default = "America/New_York" 115 | } 116 | 117 | # Database variables 118 | 119 | variable "ebs_database_required" { 120 | description = "DB Edition" 121 | type = bool 122 | default = true 123 | } 124 | 125 | variable "db_edition" { 126 | description = "DB Edition" 127 | default = "ENTERPRISE_EDITION_EXTREME_PERFORMANCE" 128 | } 129 | 130 | variable "db_instance_shape" { 131 | description = "DB Instance shape" 132 | default = "VM.Standard2.2" 133 | } 134 | 135 | variable "db_node_count" { 136 | description = "Number of DB Nodes" 137 | default = "2" 138 | } 139 | 140 | variable "db_size_in_gb" { 141 | description = "Size of database in GB" 142 | default = "256" 143 | } 144 | 145 | variable "db_license_model" { 146 | description = "Database License model" 147 | default = "LICENSE_INCLUDED" 148 | } 149 | 150 | variable "db_admin_password" { 151 | description = "Database Admin password" 152 | default = "" 153 | } 154 | 155 | variable "db_name" { 156 | description = "Database Name" 157 | default = "EBSCDB" 158 | } 159 | 160 | variable "db_characterset" { 161 | description = "Database Characterset" 162 | default = "AL32UTF8" 163 | } 164 | 165 | variable "db_nls_characterset" { 166 | description = "Database National Characterset" 167 | default = "AL16UTF16" 168 | } 169 | 170 | variable "db_version" { 171 | description = "Database version" 172 | default = "12.1.0.2" 173 | } 174 | 175 | variable "db_pdb_name" { 176 | description = "Pluggable database Name" 177 | default = "EBSDB" 178 | } 179 | 180 | variable "database_autobackup_recovery_window" { 181 | description = "Database License model" 182 | default = "30" 183 | } 184 | 185 | variable "database_autobackup_enabled" { 186 | description = "Enable database Autobackup" 187 | default = true 188 | } 189 | 190 | variable "load_balancer_shape" { 191 | description = "Load Balancer shape" 192 | } 193 | 194 | variable "load_balancer_private" { 195 | description = "Whether private Load balancer" 196 | default = true 197 | type = bool 198 | } 199 | 200 | variable "load_balancer_hostname" { 201 | description = "Load Balancer hostname" 202 | } 203 | 204 | variable "load_balancer_listen_port" { 205 | type = string 206 | description = "Load balancer listen port" 207 | } 208 | 209 | variable "timeout" { 210 | type = string 211 | description = "Timeout setting for resource creation" 212 | default = "10m" 213 | } 214 | 215 | variable "compute_instance_user" { 216 | type = string 217 | description = "Login user for application instance" 218 | default = "opc" 219 | } 220 | 221 | variable "bastion_user" { 222 | type = string 223 | description = "Login user for bastion host" 224 | default = "opc" 225 | } 226 | 227 | variable "freeform_tags" { 228 | type = map(any) 229 | default = { 230 | environment = "dev" 231 | } 232 | } 233 | --------------------------------------------------------------------------------