Skip to content

Latest commit

 

History

History
94 lines (58 loc) · 5.26 KB

Deploy-SI-with-Bicep-Azure-CLI.md

File metadata and controls

94 lines (58 loc) · 5.26 KB

Introduction

The code is intended as an example for deployment of a single instance virtual machine with Oracle Database Enterprise Edition 19c. The code is intended to be used as a starting point for your own deployment. The Bicep module for this deployment is the bicep/bootstrap/main.bicep file.

Single VM

Preparations

SSH Key

Before using this module, you have to create your own ssh key to deploy and connect the virtual machine you will create. To do this follow these steps on your compute source:

ssh-keygen -f ~/.ssh/lza-oracle-single-instance

Verify that the key has been created:

ls -lha ~/.ssh/

The above command should result in output similar to the following:

-rw-------   1 yourname  staff   2.6K  8 17  2023 lza-oracle-single-instance
-rw-r--r--   1 yourname  staff   589B  8 17  2023 lza-oracle-single-instance.pub

Run the following command to get the public key:

cat .ssh/lza-oracle-single-instance.pub

Copy the output to the clipboard and paste into the bicep/bootstrap/single_instance/default/single_instance.bicepparam file in the sshPublicKey parameter.

Oracle binaries download

To allow for Oracle software binaries download you will need to update information on the following parameters as well:

  • Resource Id of the user assigned managed identity you have created as described here, should be gathered and added to the bicep/bootstrap/single_instance/default/single_instance.bicepparam file, replacing <userAssignedId> in the file. To get the resource id , run the following command, replacing the values for $umi and $rg with the name of the user managed identity and the resource group it is in respectively:
umi="<User managed identity name>"
rg="<Resource group where user managed identity is placed>"
az identity show --name $umi --resource-group $rg --query id --output tsv

To further ensure that the Ansible workflow will run successfully, open the file ansible/bootstrap/oracle/group_vars/all/vars.yml and update the following parameters:

  • The value for storage_account should be updated with the name of the storage account where the Oracle binaries are stored.
  • The value for storage_container should be updated with the name of the container on the storage account where the Oracle binaries are stored.

Miscellaneous parameters

Update the following parameters in bicep/bootstrap/single_instance/default/single_instance.bicepparam as well:

  • <rgName> should be replaced with the resource group name you will be deploying the Oracle VM and associated resources to. The resource group will be created if it does not exist by the Bicep deployment.
  • <location> should be replaced with the Azure region where you want to deploy the Oracle VM and associated resources.

Additonal parameters you may wish to modify such as virtual machine name, vnet name, ip range etc. can also be modified in the bicep/bootstrap/single_instance/default/single_instance.bicepparam file. Be mindful that the Oracle installation through Ansible does require a disk setup similar to the one specified, i.e. three disks, so changes to this may cause the Ansible playbook to fail.

Deployment steps

  • Log on to Azure with an account that has the appropriate permissions to create resources in the subscription you wish to deploy to.
  • From the root of the directory run the following command:
az deployment sub create --name OracleSI --location <Region you wish to deploy to> --template-file main.bicep --parameters single_instance/default/single_instance.bicepparam

Enable Just-In-Time VM Access

After deploying and before connecting to the VM, you need to enable Just-In-Time VM Access. To do this, follow these steps:

  • To enable JIT VM Access, follow the guidance described here. Note that you only need to include port 22, not 3389 in the policy.
  • To request access to the VM, follow the guidance described here.

Connect to the virtual machine (optional)

Finally, you can connect to the virtual machine with ssh private key. While deploying resources, a public ip address is generated and attached to the virtual machine, so that you can connect to the virtual machine with this IP address. The default username is oracle, as specified in bicep/bootstrap/single_instance/default/single_instance.bicepparam file in the adminUsername parameter.

Once the VM is accessible and JIT configured, you can connect to it with the following command:

ssh -i ~/.ssh/lza-oracle-single-instance  oracle@<PUBLIC_IP_ADDRESS>

Next step is to proceed with Ansible configuration to get the Oracle database operational. See the Ansible single instance documentation for more details.

Optional Settings

There are a number of optional settings which the module enables. These are described below. Overall if you wish to modify one or more variables in the module, you can do so by modifying the bicep/bootstrap/single_instance/default/single_instance.bicepparam.