kingappi66
January 10, 2024, 8:27am
1
I am using oracle_pdb and oracle_user modules to set up Oracle Databases and users via ansible. This works fine until we use only Standalone databases.
- name: create deploy user DPLUS_%
connection: local
no_log: true
oracle_user:
hostname: "{{ db_hostname }}"
service_name: "{{ rcs_pdb_service }}"
user: "{{ db_connect_user }}"
password: "{{ db_connect_password }}"
mode: "{{ db_connect_mode }}"
schema: "{{ item.username }}"
schema_password: "{{ item.password_vault }}"
default_tablespace: "{{ rcs_db_deploy_default_tablespace }}"
default_temp_tablespace: "{{ rcs_db_deploy_temporary_tablespace }}"
with_items:
- "{{ rcs_db_deploy_users }}"
loop_control:
label: "{{ item.username }}"
Vault entry:
- username: DPLUS_APPL
password_hash: S:ABDED382253DB7932BCBCC93C6D3B6E742B664C5D9F1E737D5AB373714D8;T:89F040CEB67D2AD5B57DC0C8B62B60C308F9A10BEA45E0081FB6C70D664D6AFE584E67022A501C679CE8A78968A5F7F63359690728B27C92C33AEE77D0FCCCFAEA0E6DF37A46AEDC3B41BB04393BC755
password_vault: !vault |
$ANSIBLE_VAULT;1.1;AES256
663265616166353031353066383331366435323635333762346339323038333162306531643532343765373433633836643631343035643539313838303063630a376465393635356663393338626632613061353033636230386565623539393564653963313734663231316334343738326663633234366534613839373966300a6138386137316164656339313231643434643162646132333665626536626631
---
- name: Setup Oracle PDB and Users
hosts: db_server
become: yes # Run as root if needed
become_user: oracle # Switch to oracle user
vars_files:
- vault.yml # Load encrypted passwords
environment:
"{{ oracle_env }}"
tasks:
# Verify Oracle environment
- name: Check Oracle Home
ansible.builtin.shell: echo $ORACLE_HOME
register: oracle_home_check
- name: Debug Oracle Home
ansible.builtin.debug:
msg: "ORACLE_HOME is {{ oracle_home_check.stdout }}"
# Create PDB (assuming CDB exists)
- name: Create PDB if not exists
community.general.oracle_pdb:
hostname: "{{ db_hostname }}"
service_name: "{{ rcs_pdb_service }}"
username: "{{ db_connect_user }}"
password: "{{ db_connect_password }}"
mode: "{{ db_connect_mode }}"
pdb_name: "pdb1"
state: present
default_tablespace: "{{ rcs_db_deploy_default_tablespace }}"
default_temp_tablespace: "{{ rcs_db_deploy_temporary_tablespace }}"
register: pdb_result
- name: Debug PDB Creation
ansible.builtin.debug:
var: pdb_result
# Open PDB (ensure it's accessible)
- name: Open PDB
ansible.builtin.shell: |
{{ oracle_home }}/bin/sqlplus -s / as sysdba <<EOF
ALTER PLUGGABLE DATABASE {{ rcs_pdb_service | split('.') | first }} OPEN;
EXIT
EOF
register: pdb_open_result
changed_when: "'Pluggable database altered' in pdb_open_result.stdout"
# Create deploy users in PDB
- name: Create deploy user DPLUS_%
connection: local # Run locally if module requires it
no_log: true # Hide sensitive data
community.general.oracle_user:
hostname: "{{ db_hostname }}"
service_name: "{{ rcs_pdb_service }}"
user: "{{ db_connect_user }}"
password: "{{ db_connect_password }}"
mode: "{{ db_connect_mode }}"
schema: "{{ item.username }}"
schema_password: "{{ item.password_vault }}"
default_tablespace: "{{ rcs_db_deploy_default_tablespace }}"
default_temp_tablespace: "{{ rcs_db_deploy_temporary_tablespace }}"
state: present
with_items: "{{ rcs_db_deploy_users }}"
loop_control:
label: "{{ item.username }}"
register: user_result
# Verify user creation and password
- name: Verify user login
ansible.builtin.shell: |
{{ oracle_home }}/bin/sqlplus -s {{ item.username }}/{{ item.password_vault }}@{{ rcs_pdb_service }} <<EOF
SELECT 'Login successful for ' || USER FROM DUAL;
EXIT
EOF
with_items: "{{ rcs_db_deploy_users }}"
register: login_result
failed_when: "'ORA-01017' in login_result.stdout"
- name: Debug login result
ansible.builtin.debug:
msg: "{{ item.stdout_lines }}"
with_items: "{{ login_result.results }}"