martinberger.com

Latest Posts

Oracle Database Appliance X6-L Memory Expansion – Overwritten HugePage Settings after Reboot

Author: Martin Berger 15. May 2019

A Customer has extended his Oracle Database Appliance X6-L with Oracle Database Appliance Memory Expansion Kit from 192GB to 384GB. After the first startup, the odacli tool has recognized the additional available memory and gave us the suggested value for the new HugePage settings.

The ODA has the newest available patchset applied, OS is Oracle Enterprise Linux 6.10.

Update the OS Configuration

Oracle suggested the new values for the HugePage settings to 135350MB.

[root@srv20 ~]# odacli list-osconfigurations 

Parameter User ConfiguredValue SuggestedValue 
--------------- --------------- ------------------------------ --------------- 
Memlock grid 386716274KB 386716168KB 
Memlock oracle 386716274KB 386716168KB 
HugePage default 67815MB 135350MB

[root@srv20 ~]# odacli list-osconfigurations

Parameter User ConfiguredValue SuggestedValue

--------------- --------------- ------------------------------ ---------------

Memlock grid 386716274KB 386716168KB

Memlock oracle 386716274KB 386716168KB

HugePage default 67815MB 135350MB

According the Oracle documentation Oracle® Database Appliance X6-2S/X6-2M/X6-2L Deployment and User’s Guide – Section 13.14 – we updated the OS configuration by odacli. The job was finished after some seconds.

odacli update-osconfigurations (page 13-70)
Use the command odacli update-osconfigurations to update the HugePage and memlock values.

[root@srv20]# odacli update-osconfigurations

1	[root@srv20]# odacli update-osconfigurations

Verfication

The HugePage Settings were updated now.

[root@srv20 ~]# odacli list-osconfigurations 

Parameter User ConfiguredValue SuggestedValue 
--------------- --------------- ------------------------------ --------------- 
Memlock grid 386716168KB 386716168KB 
Memlock oracle 386716168KB 386716168KB 
HugePage default 135350MB 135350MB

[root@srv20 ~]# odacli list-osconfigurations

Parameter User ConfiguredValue SuggestedValue

--------------- --------------- ------------------------------ ---------------

Memlock grid 386716168KB 386716168KB

Memlock oracle 386716168KB 386716168KB

HugePage default 135350MB 135350MB

Time for a hardware restart.

Old HugePage Values after ODA Restart

But, after the machine has started, the old HugePage values were back again. But who has overwritten the settings?

[root@srv20 ~]# odacli list-osconfigurations 

Parameter User ConfiguredValue SuggestedValue 
--------------- --------------- ------------------------------ --------------- 
Memlock grid 386716274KB 386716168KB 
Memlock oracle 386716274KB 386716168KB 
HugePage default 67815MB 135350MB

[root@srv20 ~]# odacli list-osconfigurations

Parameter User ConfiguredValue SuggestedValue

--------------- --------------- ------------------------------ ---------------

Memlock grid 386716274KB 386716168KB

Memlock oracle 386716274KB 386716168KB

HugePage default 67815MB 135350MB

An SR has solved the problem, the are two files in the OS which are responsible for that behavior:

/etc/sysctl.d/99-initial-sysctl.conf
/etc/sysctl.d/99-oracle-rdbms-server-12cR1-preinstall-sysctl.conf

We take a look at the values:

[root@srv20 ~]# cat /etc/sysctl.d/99-initial-sysctl.conf | grep huge
vm.nr_hugepages=67815

[root@srv20 ~]# cat /etc/sysctl.d/99-oracle-rdbms-server-12cR1-preinstall-sysctl.conf | grep huge
vm.nr_hugepages=67815

[root@srv20 ~]# cat /etc/sysctl.d/99-initial-sysctl.conf | grep huge

vm.nr_hugepages=67815

[root@srv20 ~]# cat /etc/sysctl.d/99-oracle-rdbms-server-12cR1-preinstall-sysctl.conf | grep huge

vm.nr_hugepages=67815

Solution: Remove these two Files

First, we updated the OS Configuration again.

[root@srv20 ~]# odacli update-osconfigurations

1	[root@srv20 ~]# odacli update-osconfigurations

Second, we removed the files.

[root@srv20 ~]# rm /etc/sysctl.d/99-initial-sysctl.conf
[root@srv20 ~]# rm /etc/sysctl.d/99-oracle-rdbms-server-12cR1-preinstall-sysctl.conf

1 2	[root@srv20 ~]# rm /etc/sysctl.d/99-initial-sysctl.conf [root@srv20 ~]# rm /etc/sysctl.d/99-oracle-rdbms-server-12cR1-preinstall-sysctl.conf

Third, we restarted the Oracle Database Appliance.

Finally

HugePage settings are persistent now. By the way, there is an My Oracle Support note for the OS Level 6.10 which describes such a case too:

Changes in sysctl.conf File are not Persistent after Reboot (Doc ID 2477376.1)

Oracle Engineered Systems, TrivadisContent

How to build OCI Infrastructure Environments with Ansible

Author: Martin Berger 12. March 2019

The Oracle provided Ansible module gives us the opportunity to provision and configure Oracle Cloud Infrastructure resources on an automated base. The Ansible basic setup is very easy and the Oracle provided example playbooks in Git are a good base to start with your infrastructure automation project. Oracle provides Ansible example playbooks for

Block Volumes
Compute
Database
File Storage
IAM
Load Balancer
Private Subnets with VPN
Delete Objects
etc.

In this blog post, I will show you how easy it is to bring Ansible and the Oracle Cloud Infrastructure together.

Requirements

A local machine to install Ansible and the required software and modules, in my case it’s an Oracle Linux 7 virtual machine with Internet access.
An Oracle Cloud Infrastructure Account with permissons to create new resources.

Steps to configure Ansible and OCI

Install and configure the Oracle Cloud Infrastructure Python SDK
Install and configure Ansible
Download and configure the OCI modules for Ansible
OCI Test Run

Install and configure the Oracle Cloud Infrastructure Python SDK

In this step, the OCI Python SDK will be installed an configured. The new created SSH public key has to be added in the OCI console for further actions. As OS user root we create a new operating system user called oci for Oracle Cllud Infrastrcuture actions and give him sudo privileges.

Create a User and SSH Keys

# groupadd oci
# useradd oci -g oci
# passwd oci

# groupadd oci

# useradd oci -g oci

# passwd oci

Add this line in /etc/sudoers.

oci ALL=(ALL) ALL

1	oci ALL=(ALL) ALL

$ mkdir ~/.oci
$ openssl genrsa -out ~/.oci/oci_api_key.pem 2048
$ chmod go-rwx ~/.oci/oci_api_key.pem
$ openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem
$ chmod go-rwx ~/.oci/oci_api_key_public.pem
$ chmod go-rwx ~/.oci/oci_api_key.pem

$ mkdir ~/.oci

$ openssl genrsa -out ~/.oci/oci_api_key.pem 2048

$ chmod go-rwx ~/.oci/oci_api_key.pem

$ openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem

$ chmod go-rwx ~/.oci/oci_api_key_public.pem

$ chmod go-rwx ~/.oci/oci_api_key.pem

Show the public key and add it in the OCI console to your cloud account user.

The OCI Configuration File

As user oci, create the Oracle Cloud Infrastructure configuration file

$ vi  ~/.oci/config

1	$ vi ~/.oci/config

Content of the file – for example in region Frankfurt and with the created SSH key file from above.

[DEFAULT]
user=[OCID of your OCI User]
fingerprint=[API Key Fingerprint of added SSH public key]
tenancy=[Your tenancy id]
region=eu-frankfurt-1
key_file=~/.oci/oci_api_key.pem

[DEFAULT]

user=[OCID of your OCI User]

fingerprint=[API Key Fingerprint of added SSH public key]

tenancy=[Your tenancy id]

region=eu-frankfurt-1

key_file=~/.oci/oci_api_key.pem

Change the file permissions.

$ chmod 600 /home/oci/.oci/config

1	$ chmod 600 /home/oci/.oci/config

Install the Oracle Cloud Infrastructure Python SDK

$ sudo yum-config-manager --enable ol7_developer ol7_developer_epel
$ sudo yum -y install python-oci-sdk python-oci-cli

1 2	$ sudo yum-config-manager --enable ol7_developer ol7_developer_epel $ sudo yum -y install python-oci-sdk python-oci-cli

Test

Command to list all instances in the selected compartment.

$ oci compute instance list --compartment-id [OCID of your OCI Compartment]| grep display-name
     "display-name": "Instance-AS-Test-1"

1 2	$ oci compute instance list --compartment-id [OCID of your OCI Compartment]\| grep display-name "display-name": "Instance-AS-Test-1"

Install and configure Ansible

As user oci, download and install Ansible and Git.

$ sudo yum -y install git ansible
$ sudo mkdir -p /usr/share/ansible/modules

1 2	$ sudo yum -y install git ansible $ sudo mkdir -p /usr/share/ansible/modules

Set up the module directory.

$ sudo vi /etc/ansible/ansible.cfg
library=/usr/share/ansible/modules

1 2	$ sudo vi /etc/ansible/ansible.cfg library=/usr/share/ansible/modules

Install additional packages.

$ sudo yum install python-pip
$ sudo pip install --upgrade Jinja2

1 2	$ sudo yum install python-pip $ sudo pip install --upgrade Jinja2

This upgrade step is required, otherwise the public key creation in the OCI Ansible module fails (for example when you want to launch a new Compute instance).

Download and configure the OCI modules for Ansible

As user oci, download the Ansible modules from Git.

$ cd /usr/share/ansible/modules
$ sudo git clone https://github.com/oracle/oci-ansible-modules.git

1 2	$ cd /usr/share/ansible/modules $ sudo git clone https://github.com/oracle/oci-ansible-modules.git

Show the content.

$ ls -la
total 4
drwxr-xr-x. 3 root root 33 Mar 11 13:58 .
drwxr-xr-x. 3 root root 21 Mar 11 13:56 ..
drwxr-xr-x. 12 root root 4096 Mar 11 13:58 oci-ansible-modules

$ ls -la

total 4

drwxr-xr-x. 3 root root 33 Mar 11 13:58 .

drwxr-xr-x. 3 root root 21 Mar 11 13:56 ..

drwxr-xr-x. 12 root root 4096 Mar 11 13:58 oci-ansible-modules

Change into the new created directory and execute the configuration script install.py.

$ cd oci-ansible-modules

1	$ cd oci-ansible-modules

$ sudo ./install.py
Copying documentation fragments from /usr/share/ansible/modules/oci-ansible-modules/module_docs_fragments to /usr/lib/python2.7/site-packages/ansible/utils/module_docs_fragments
Copying oracle utility files from /usr/share/ansible/modules/oci-ansible-modules/module_utils/oracle to /usr/lib/python2.7/site-packages/ansible/module_utils/oracle
Creating directory /usr/lib/python2.7/site-packages/ansible/modules/cloud/oracle
Copying OCI Ansible modules from /usr/share/ansible/modules/oci-ansible-modules/library to /usr/lib/python2.7/site-packages/ansible/modules/cloud/oracle
OCI Ansible modules installed successfully.

$ sudo ./install.py

Copying documentation fragments from /usr/share/ansible/modules/oci-ansible-modules/module_docs_fragments to /usr/lib/python2.7/site-packages/ansible/utils/module_docs_fragments

Copying oracle utility files from /usr/share/ansible/modules/oci-ansible-modules/module_utils/oracle to /usr/lib/python2.7/site-packages/ansible/module_utils/oracle

Creating directory /usr/lib/python2.7/site-packages/ansible/modules/cloud/oracle

Copying OCI Ansible modules from /usr/share/ansible/modules/oci-ansible-modules/library to /usr/lib/python2.7/site-packages/ansible/modules/cloud/oracle

OCI Ansible modules installed successfully.

OCI Test Run

We copy the example playbook to launch a Compute cloud instance into the local folder and run the playbook. The Oracle provided playbook needs three variables:

SAMPLE_AD_NAME	Availability Domain, e.g. EUZg:EU-FRANKFURT-1-AD-1
SAMPLE_IMAGE_OCID	OCID of the selected OS – see https://docs.cloud.oracle.com/iaas/images/ to list all available images
SAMPLE_COMPARTMENT_OCID	OCID of your compartment – OCI > Identity > Compartments

Create a working directory and copy the example playbook.

$ sudo mkdir -p ~/ansible/playbooks cd ~/ansible/playbooks
$ cp -r /usr/share/ansible/modules/oci-ansible-modules/samples/compute/launch_compute_instance ~/ansible/playbooks

$ cd ~/ansible/playbooks/launch_compute_instance

$ sudo mkdir -p ~/ansible/playbooks cd ~/ansible/playbooks

$ cp -r /usr/share/ansible/modules/oci-ansible-modules/samples/compute/launch_compute_instance ~/ansible/playbooks

$ cd ~/ansible/playbooks/launch_compute_instance

Set variables.

$ export SAMPLE_AD_NAME=EUZg:EU-FRANKFURT-1-AD-1
$ export SAMPLE_IMAGE_OCID=ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq
$ export SAMPLE_COMPARTMENT_OCID=ocid1.compartment.oc1..aaaaaaaayc4703470347034703470347034703o3hx2exkz5pzi6kt4kunhiq

$ export SAMPLE_AD_NAME=EUZg:EU-FRANKFURT-1-AD-1

$ export SAMPLE_IMAGE_OCID=ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq

$ export SAMPLE_COMPARTMENT_OCID=ocid1.compartment.oc1..aaaaaaaayc4703470347034703470347034703o3hx2exkz5pzi6kt4kunhiq

Run the playbook

Attention: All OCI resources are created and afterwards terminated immediately. If you don’t want to terminate them, comment out this line in file sample.yaml.

- import_tasks: teardown.yaml

1	- import_tasks: teardown.yaml

Execute the Ansible playbook. The infrastructure will be created step by step. Key generation, network configuration, firewall rule setup, instance creation etc. is all automated.

$ ansible-playbook sample.yaml
 [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'


PLAY [Launch a compute instance and connect to it using SSH] *******************************************************************************************************************

TASK [Gathering Facts] *********************************************************************************************************************************************************
ok: [localhost]

TASK [Check pre-requisites] ****************************************************************************************************************************************************
skipping: [localhost] => (item=SAMPLE_COMPARTMENT_OCID)
skipping: [localhost] => (item=SAMPLE_IMAGE_OCID)
skipping: [localhost] => (item=SAMPLE_AD_NAME)

TASK [Create a temporary directory to house a temporary SSH keypair we will later use to connect to instance] ******************************************************************
changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [Generate a Private Key] **************************************************************************************************************************************************
changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [Generate a Public Key] ***************************************************************************************************************************************************
changed: [localhost]

TASK [Create a VCN] ************************************************************************************************************************************************************
changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [Create a new Internet Gateway] *******************************************************************************************************************************************
changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [Create route table to connect internet gateway to the VCN] ***************************************************************************************************************
changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [create ingress rules yaml body] ******************************************************************************************************************************************
ok: [localhost]

TASK [create egress yaml body] *************************************************************************************************************************************************
ok: [localhost]

TASK [load the variables defined in the ingress rules yaml body] ***************************************************************************************************************
ok: [localhost]

TASK [print loaded_ingress] ****************************************************************************************************************************************************
ok: [localhost] => {
    "msg": "loaded ingress is {u'instance_ingress_security_rules': [{u'source': u'0.0.0.0/0', u'protocol': u'6', u'tcp_options': {u'destination_port_range': {u'max': 22, u'min': 22}}}]}"
}

TASK [load the variables defined in the egress rules yaml body] ****************************************************************************************************************
ok: [localhost]

TASK [print loaded_egress] *****************************************************************************************************************************************************
ok: [localhost] => {
    "msg": "loaded egress is {u'instance_egress_security_rules': [{u'tcp_options': {u'destination_port_range': {u'max': 22, u'min': 22}}, u'destination': u'0.0.0.0/0', u'protocol': u'6'}]}"
}

TASK [Create a security list for allowing access to public instance] ***********************************************************************************************************
changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [Create a subnet to host the public instance. Link security_list and route_table.] ****************************************************************************************
changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [Launch an instance] ******************************************************************************************************************************************************
changed: [localhost]

TASK [Print instance details] **************************************************************************************************************************************************
ok: [localhost] => {
    "msg": "Launched a new instance {u'added_instances': [{u'lifecycle_state': u'RUNNING', u'availability_domain': u'EUZg:EU-FRANKFURT-1-AD-1', u'display_name': u'my_test_instance', u'time_maintenance_reboot_due': None, u'compartment_id': u'ocid1.compartment.oc1..aaaaaaaayc5kgqshdb5g2mjg4bnt34htnybbho3hx2exkz5pzi6kt4kunhiq', u'defined_tags': {}, u'region': u'eu-frankfurt-1', u'freeform_tags': {}, u'time_created': u'2019-03-11T13:52:34.238000+00:00', u'launch_options': {u'remote_data_volume_type': u'PARAVIRTUALIZED', u'firmware': u'UEFI_64', u'boot_volume_type': u'PARAVIRTUALIZED', u'is_consistent_volume_naming_enabled': True, u'network_type': u'VFIO', u'is_pv_encryption_in_transit_enabled': True}, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq', u'source_details': {u'source_type': u'image', u'kms_key_id': None, u'boot_volume_size_in_gbs': None, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq'}, u'fault_domain': u'FAULT-DOMAIN-3', u'shape': u'VM.Standard1.1', u'launch_mode': u'NATIVE', u'agent_config': {u'is_monitoring_disabled': False}, u'extended_metadata': {}, u'ipxe_script': None, u'id': u'ocid1.instance.oc1.eu-frankfurt-1.abtheljslxpqenvnafkstq2s7hxqizyam7shjd6kihyg33i7w2geeynedotq', u'metadata': {u'ssh_authorized_keys': u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAA4703470347034703470347034703470347034703470347034703470347034703XR6Zcv4sHKdMH/aDfZKFaLpqHtJ2P+JEC0ok2lWrPQSG0zPoSYWTrldllpgSfzOv1kQ1R/Uor+eedRz9x2DXtKl0anSXY6KNW1GVfOvoFk/c8AuaQy6Y7AZnJAculyF1pRJiHQyZEPuBL9E9EsiRqkQR18G9yewBApRZf/QGXZbLydG8vAa9T1DCYrODb3N2u73IIqbMFwr7sgQ8XQb7h9wlYq2mfUKxy+8H4w7S67'}}], u'instances': [{u'lifecycle_state': u'RUNNING', u'availability_domain': u'EUZg:EU-FRANKFURT-1-AD-1', u'display_name': u'my_test_instance', u'time_maintenance_reboot_due': None, u'compartment_id': u'ocid1.compartment.oc1..aaaaaaaayc5kgqshdb5g2mjg4bnt34htnybbho3hx2exkz5pzi6kt4kunhiq', u'defined_tags': {}, u'region': u'eu-frankfurt-1', u'freeform_tags': {}, u'time_created': u'2019-03-11T13:52:34.238000+00:00', u'launch_options': {u'remote_data_volume_type': u'PARAVIRTUALIZED', u'firmware': u'UEFI_64', u'boot_volume_type': u'PARAVIRTUALIZED', u'is_consistent_volume_naming_enabled': True, u'network_type': u'VFIO', u'is_pv_encryption_in_transit_enabled': True}, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq', u'source_details': {u'source_type': u'image', u'kms_key_id': None, u'boot_volume_size_in_gbs': None, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq'}, u'fault_domain': u'FAULT-DOMAIN-3', u'shape': u'VM.Standard1.1', u'launch_mode': u'NATIVE', u'agent_config': {u'is_monitoring_disabled': False}, u'extended_metadata': {}, u'ipxe_script': None, u'id': u'ocid1.instance.oc1.eu-frankfurt-1.abtheljslxpqenvnafkstq2s7hxqizyam7shjd6kihyg33i7w2geeynedotq', u'metadata': {u'ssh_authorized_keys': u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAA4703470347034703470347034703470347034703470347034703470347034703XR6Zcv4sHKdMH/aDfZKFaLpqHtJ2P+JEC0ok2lWrPQSG0zPoSYWTrldllpgSfzOv1kQ1R/Uor+eedRz9x2DXtKl0anSXY6KNW1GVfOvoFk/c8AuaQy6Y7AZnJAculyF1pRJiHQyZEPuBL9E9EsiRqkQR18G9yewBApRZf/QGXZbLydG8vAa9T1DCYrODb3N2u73IIqbMFwr7sgQ8XQb7h9wlYq2mfUKxy+8H4w7S67'}}], u'changed': True, 'failed': False, u'instance': {u'lifecycle_state': u'RUNNING', u'fault_domain': u'FAULT-DOMAIN-3', u'extended_metadata': {}, u'time_maintenance_reboot_due': None, u'compartment_id': u'ocid1.compartment.oc1..aaaaaaaayc5kgqshdb5g2mjg4bnt34htnybbho3hx2exkz5pzi6kt4kunhiq', u'defined_tags': {}, u'region': u'eu-frankfurt-1', u'freeform_tags': {}, u'time_created': u'2019-03-11T13:52:34.238000+00:00', u'source_details': {u'source_type': u'image', u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq', u'kms_key_id': None, u'boot_volume_size_in_gbs': None}, u'agent_config': {u'is_monitoring_disabled': False}, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq', u'shape': u'VM.Standard1.1', u'availability_domain': u'EUZg:EU-FRANKFURT-1-AD-1', u'launch_mode': u'NATIVE', u'ipxe_script': None, u'display_name': u'my_test_instance', u'launch_options': {u'remote_data_volume_type': u'PARAVIRTUALIZED', u'firmware': u'UEFI_64', u'boot_volume_type': u'PARAVIRTUALIZED', u'is_consistent_volume_naming_enabled': True, u'network_type': u'VFIO', u'is_pv_encryption_in_transit_enabled': True}, u'id': u'ocid1.instance.oc1.eu-frankfurt-1.abtheljslxpqenvnafkstq2s7hxqizyam7shjd6kihyg33i7w2geeynedotq', u'metadata': {u'ssh_authorized_keys': u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAA4703470347034703470347034703470347034703470347034703470347034703XR6Zcv4sHKdMH/aDfZKFaLpqHtJ2P+JEC0ok2lWrPQSG0zPoSYWTrldllpgSfzOv1kQ1R/Uor+eedRz9x2DXtKl0anSXY6KNW1GVfOvoFk/c8AuaQy6Y7AZnJAculyF1pRJiHQyZEPuBL9E9EsiRqkQR18G9yewBApRZf/QGXZbLydG8vAa9T1DCYrODb3N2u73IIqbMFwr7sgQ8XQb7h9wlYq2mfUKxy+8H4w7S67'}}}"
}

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [Get the VNIC attachment details of instance] *****************************************************************************************************************************
ok: [localhost]

TASK [Get details of the VNIC] *************************************************************************************************************************************************
ok: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************
ok: [localhost]

TASK [Print the public ip of the newly launched instance] **********************************************************************************************************************
ok: [localhost] => {
    "msg": "Public IP of launched instance 130.61.40.231"
}

TASK [Wait (upto 5 minutes) for port 22 to become open] ************************************************************************************************************************
ok: [localhost]

TASK [Attempt a ssh connection to the newly launced instance] ******************************************************************************************************************
changed: [localhost]

TASK [Print SSH response from launched instance] *******************************************************************************************************************************
ok: [localhost] => {
    "msg": "SSH response from instance -> [u'Linux mytestinstance 3.10.0-957.5.1.el7.x86_64 #1 SMP Fri Feb 1 14:54:57 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux']"
}

TASK [Terminate the instance] **************************************************************************************************************************************************
changed: [localhost]

TASK [Delete the subnet] *******************************************************************************************************************************************************
changed: [localhost]

TASK [Delete the security list] ************************************************************************************************************************************************
changed: [localhost]

TASK [Delete the route table] **************************************************************************************************************************************************
changed: [localhost]

TASK [Delete the Internet Gateway] *********************************************************************************************************************************************
changed: [localhost]

TASK [Delete the VCN] **********************************************************************************************************************************************************
changed: [localhost]

PLAY RECAP *********************************************************************************************************************************************************************
localhost                  : ok=38   changed=16   unreachable=0    failed=0

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

$ ansible-playbook sample.yaml

[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [Launch a compute instance and connect to it using SSH] *******************************************************************************************************************

TASK [Gathering Facts] *********************************************************************************************************************************************************

ok: [localhost]

TASK [Check pre-requisites] ****************************************************************************************************************************************************

skipping: [localhost] => (item=SAMPLE_COMPARTMENT_OCID)

skipping: [localhost] => (item=SAMPLE_IMAGE_OCID)

skipping: [localhost] => (item=SAMPLE_AD_NAME)

TASK [Create a temporary directory to house a temporary SSH keypair we will later use to connect to instance] ******************************************************************

changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [Generate a Private Key] **************************************************************************************************************************************************

changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [Generate a Public Key] ***************************************************************************************************************************************************

changed: [localhost]

TASK [Create a VCN] ************************************************************************************************************************************************************

changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [Create a new Internet Gateway] *******************************************************************************************************************************************

changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [Create route table to connect internet gateway to the VCN] ***************************************************************************************************************

changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [create ingress rules yaml body] ******************************************************************************************************************************************

ok: [localhost]

TASK [create egress yaml body] *************************************************************************************************************************************************

ok: [localhost]

TASK [load the variables defined in the ingress rules yaml body] ***************************************************************************************************************

ok: [localhost]

TASK [print loaded_ingress] ****************************************************************************************************************************************************

ok: [localhost] => {

"msg": "loaded ingress is {u'instance_ingress_security_rules': [{u'source': u'0.0.0.0/0', u'protocol': u'6', u'tcp_options': {u'destination_port_range': {u'max': 22, u'min': 22}}}]}"

}

TASK [load the variables defined in the egress rules yaml body] ****************************************************************************************************************

ok: [localhost]

TASK [print loaded_egress] *****************************************************************************************************************************************************

ok: [localhost] => {

"msg": "loaded egress is {u'instance_egress_security_rules': [{u'tcp_options': {u'destination_port_range': {u'max': 22, u'min': 22}}, u'destination': u'0.0.0.0/0', u'protocol': u'6'}]}"

}

TASK [Create a security list for allowing access to public instance] ***********************************************************************************************************

changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [Create a subnet to host the public instance. Link security_list and route_table.] ****************************************************************************************

changed: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [Launch an instance] ******************************************************************************************************************************************************

changed: [localhost]

TASK [Print instance details] **************************************************************************************************************************************************

ok: [localhost] => {

"msg": "Launched a new instance {u'added_instances': [{u'lifecycle_state': u'RUNNING', u'availability_domain': u'EUZg:EU-FRANKFURT-1-AD-1', u'display_name': u'my_test_instance', u'time_maintenance_reboot_due': None, u'compartment_id': u'ocid1.compartment.oc1..aaaaaaaayc5kgqshdb5g2mjg4bnt34htnybbho3hx2exkz5pzi6kt4kunhiq', u'defined_tags': {}, u'region': u'eu-frankfurt-1', u'freeform_tags': {}, u'time_created': u'2019-03-11T13:52:34.238000+00:00', u'launch_options': {u'remote_data_volume_type': u'PARAVIRTUALIZED', u'firmware': u'UEFI_64', u'boot_volume_type': u'PARAVIRTUALIZED', u'is_consistent_volume_naming_enabled': True, u'network_type': u'VFIO', u'is_pv_encryption_in_transit_enabled': True}, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq', u'source_details': {u'source_type': u'image', u'kms_key_id': None, u'boot_volume_size_in_gbs': None, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq'}, u'fault_domain': u'FAULT-DOMAIN-3', u'shape': u'VM.Standard1.1', u'launch_mode': u'NATIVE', u'agent_config': {u'is_monitoring_disabled': False}, u'extended_metadata': {}, u'ipxe_script': None, u'id': u'ocid1.instance.oc1.eu-frankfurt-1.abtheljslxpqenvnafkstq2s7hxqizyam7shjd6kihyg33i7w2geeynedotq', u'metadata': {u'ssh_authorized_keys': u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAA4703470347034703470347034703470347034703470347034703470347034703XR6Zcv4sHKdMH/aDfZKFaLpqHtJ2P+JEC0ok2lWrPQSG0zPoSYWTrldllpgSfzOv1kQ1R/Uor+eedRz9x2DXtKl0anSXY6KNW1GVfOvoFk/c8AuaQy6Y7AZnJAculyF1pRJiHQyZEPuBL9E9EsiRqkQR18G9yewBApRZf/QGXZbLydG8vAa9T1DCYrODb3N2u73IIqbMFwr7sgQ8XQb7h9wlYq2mfUKxy+8H4w7S67'}}], u'instances': [{u'lifecycle_state': u'RUNNING', u'availability_domain': u'EUZg:EU-FRANKFURT-1-AD-1', u'display_name': u'my_test_instance', u'time_maintenance_reboot_due': None, u'compartment_id': u'ocid1.compartment.oc1..aaaaaaaayc5kgqshdb5g2mjg4bnt34htnybbho3hx2exkz5pzi6kt4kunhiq', u'defined_tags': {}, u'region': u'eu-frankfurt-1', u'freeform_tags': {}, u'time_created': u'2019-03-11T13:52:34.238000+00:00', u'launch_options': {u'remote_data_volume_type': u'PARAVIRTUALIZED', u'firmware': u'UEFI_64', u'boot_volume_type': u'PARAVIRTUALIZED', u'is_consistent_volume_naming_enabled': True, u'network_type': u'VFIO', u'is_pv_encryption_in_transit_enabled': True}, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq', u'source_details': {u'source_type': u'image', u'kms_key_id': None, u'boot_volume_size_in_gbs': None, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq'}, u'fault_domain': u'FAULT-DOMAIN-3', u'shape': u'VM.Standard1.1', u'launch_mode': u'NATIVE', u'agent_config': {u'is_monitoring_disabled': False}, u'extended_metadata': {}, u'ipxe_script': None, u'id': u'ocid1.instance.oc1.eu-frankfurt-1.abtheljslxpqenvnafkstq2s7hxqizyam7shjd6kihyg33i7w2geeynedotq', u'metadata': {u'ssh_authorized_keys': u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAA4703470347034703470347034703470347034703470347034703470347034703XR6Zcv4sHKdMH/aDfZKFaLpqHtJ2P+JEC0ok2lWrPQSG0zPoSYWTrldllpgSfzOv1kQ1R/Uor+eedRz9x2DXtKl0anSXY6KNW1GVfOvoFk/c8AuaQy6Y7AZnJAculyF1pRJiHQyZEPuBL9E9EsiRqkQR18G9yewBApRZf/QGXZbLydG8vAa9T1DCYrODb3N2u73IIqbMFwr7sgQ8XQb7h9wlYq2mfUKxy+8H4w7S67'}}], u'changed': True, 'failed': False, u'instance': {u'lifecycle_state': u'RUNNING', u'fault_domain': u'FAULT-DOMAIN-3', u'extended_metadata': {}, u'time_maintenance_reboot_due': None, u'compartment_id': u'ocid1.compartment.oc1..aaaaaaaayc5kgqshdb5g2mjg4bnt34htnybbho3hx2exkz5pzi6kt4kunhiq', u'defined_tags': {}, u'region': u'eu-frankfurt-1', u'freeform_tags': {}, u'time_created': u'2019-03-11T13:52:34.238000+00:00', u'source_details': {u'source_type': u'image', u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq', u'kms_key_id': None, u'boot_volume_size_in_gbs': None}, u'agent_config': {u'is_monitoring_disabled': False}, u'image_id': u'ocid1.image.oc1.eu-frankfurt-1.aaaaaaaan7ghs3nhu6bbujqnyukj755642xnmzshck5pm5svol6uigkxl2hq', u'shape': u'VM.Standard1.1', u'availability_domain': u'EUZg:EU-FRANKFURT-1-AD-1', u'launch_mode': u'NATIVE', u'ipxe_script': None, u'display_name': u'my_test_instance', u'launch_options': {u'remote_data_volume_type': u'PARAVIRTUALIZED', u'firmware': u'UEFI_64', u'boot_volume_type': u'PARAVIRTUALIZED', u'is_consistent_volume_naming_enabled': True, u'network_type': u'VFIO', u'is_pv_encryption_in_transit_enabled': True}, u'id': u'ocid1.instance.oc1.eu-frankfurt-1.abtheljslxpqenvnafkstq2s7hxqizyam7shjd6kihyg33i7w2geeynedotq', u'metadata': {u'ssh_authorized_keys': u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAA4703470347034703470347034703470347034703470347034703470347034703XR6Zcv4sHKdMH/aDfZKFaLpqHtJ2P+JEC0ok2lWrPQSG0zPoSYWTrldllpgSfzOv1kQ1R/Uor+eedRz9x2DXtKl0anSXY6KNW1GVfOvoFk/c8AuaQy6Y7AZnJAculyF1pRJiHQyZEPuBL9E9EsiRqkQR18G9yewBApRZf/QGXZbLydG8vAa9T1DCYrODb3N2u73IIqbMFwr7sgQ8XQb7h9wlYq2mfUKxy+8H4w7S67'}}}"

}

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [Get the VNIC attachment details of instance] *****************************************************************************************************************************

ok: [localhost]

TASK [Get details of the VNIC] *************************************************************************************************************************************************

ok: [localhost]

TASK [set_fact] ****************************************************************************************************************************************************************

ok: [localhost]

TASK [Print the public ip of the newly launched instance] **********************************************************************************************************************

ok: [localhost] => {

"msg": "Public IP of launched instance 130.61.40.231"

}

TASK [Wait (upto 5 minutes) for port 22 to become open] ************************************************************************************************************************

ok: [localhost]

TASK [Attempt a ssh connection to the newly launced instance] ******************************************************************************************************************

changed: [localhost]

TASK [Print SSH response from launched instance] *******************************************************************************************************************************

ok: [localhost] => {

"msg": "SSH response from instance -> [u'Linux mytestinstance 3.10.0-957.5.1.el7.x86_64 #1 SMP Fri Feb 1 14:54:57 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux']"

}

TASK [Terminate the instance] **************************************************************************************************************************************************

changed: [localhost]

TASK [Delete the subnet] *******************************************************************************************************************************************************

changed: [localhost]

TASK [Delete the security list] ************************************************************************************************************************************************

changed: [localhost]

TASK [Delete the route table] **************************************************************************************************************************************************

changed: [localhost]

TASK [Delete the Internet Gateway] *********************************************************************************************************************************************

changed: [localhost]

TASK [Delete the VCN] **********************************************************************************************************************************************************

changed: [localhost]

PLAY RECAP *********************************************************************************************************************************************************************

localhost : ok=38 changed=16 unreachable=0 failed=0

Ready to Use

After a few minutes, a complete infrastructure for an OCI compute instance is created and the instance is ready to connect.

The required SSH keys for the terminal connection were generated in a subdirectory of /tmp with the prefix ansible. In my example, the private and the public SSH key are located in /tmp/ansible.v6ckX0cert.

$ pwd
/tmp/ansible.v6ckX0cert

$ ll
total 8
-rw-------. 1 oci oci 1708 Mar 11 14:03 private_key.pem
-rw-rw-r--. 1 oci oci  380 Mar 11 14:03 public_key.pem

$ pwd

/tmp/ansible.v6ckX0cert

$ ll

total 8

-rw-------. 1 oci oci 1708 Mar 11 14:03 private_key.pem

-rw-rw-r--. 1 oci oci 380 Mar 11 14:03 public_key.pem

Summary

The Oracle provided Ansible playbooks are a good entry point to start with OCI automation. I am already working at the next tasks to make my work easier with more variables and simplified playbooks. And finally I want to integrate it in Ansible AWX. Well done Oracle!

Ansible, Oracle Cloud Infrastructure, Oracle RDBMS, TrivadisContent

Monitor your Oracle Cloud Infrastructure with Grafana on Oracle Linux 7

Author: Martin Berger 6. March 2019

Since the end of February there is a new Grafana plugin for Oracle Cloud Infrastructure available. With this plugin we can access and monitor OCI metrics and data. Grafana is an open-source platform for data visualization and monitoring. This blog post shows you how to install and configure the Grafana plugin based on the Oracle blog entry https://blogs.oracle.com/cloudnative/data-source-grafana on an Oracle Enterprise Linux 7 server.

The OCI Grafana Plugin is a nice solution for companies who don’t have a full stack infrastructure monitoring environment up and running like the Enterprise Manager EM13c. But who want to know how their machines in the Oracle Cloud Infrastructure are performing.

Steps to configure the OCI Grafana Plugin

Install and configure the Oracle Cloud Infrastructure CLI – by download or by YUM install
Configure Group, User and Policy in Oracle Cloud Infrastructure Console
Install Grafana and the OCI Plugin
Create a new Dashboard based on OCI Metrics

Machine Requirements

The server needs access to the internet.

Install and configure the Oracle Cloud Infrastructure CLI

Method 1 – Download

In this step, the software will be installed an configured. The new created SSH public key has to be added in the OCI console for further actions.

As OS user root we create a new user for OCI actions.

# groupadd oci
# useradd oci -g oci
# passwd oci

# groupadd oci

# useradd oci -g oci

# passwd oci

Login as user oci, execute the CLI download and installation script. Answer questions with Y / Enter to get the default installation.

$ bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)"

1	$ bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)"

Default values:

installation directory	/home/oci/lib/oracle-cli
executable directory	/home/oci/bin
OCI scripts	/home/oci/bin/oci-cli-scripts
shell/tab completion	Y
path to rc file	/home/oci/.bashrc

After the successful CLI installation, you have to configure it.

$ /home/oci/bin/oci setup config

1	$ /home/oci/bin/oci setup config

Based on your OCI account, these information are required – let the config and key location on default values.

config location	/home/oci/.oci/config
user OCID	OCI > Identity > Users > [YOUR_USER] > OCID
tenancy OCID	OCI > Administration > Tenancy Details > [YOUR_TENANCY] > OCID
region	choose your region, e.g. eu-frankfurt-1
generate a new key pair	Y
key directory	/home/oci/.oci
key name	oci_api_key

Test the CLI configuration – example to list all compartments in your tenant.

/home/oci/bin/oci iam compartment list --all | grep name
"name": "Compartment_Trivadis_BDS_MBg",
"name": "ManagedCompartmentForPaaS"

/home/oci/bin/oci iam compartment list --all | grep name

"name": "Compartment_Trivadis_BDS_MBg",

"name": "ManagedCompartmentForPaaS"

Show the content of the public key to add it in the OCI console to your user which you want to work with. Attention: Three different API keys are the limit!

# cat /home/oci/.oci/oci_api_key_public.pem
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrh7gsSJDdcKKmYs+EAL
4444444444444444444444444444444444444444444444444444444444444444
7777777777777777777777777777777777777777777777777777777777777777
0000000000000000000000000000000000000000000000000000000000000000
3333333333333333333333333333333333333333333333333333333333333333
+d2Kyn/xNUA1zBBM6LUYZGTZsAxJFxubY/98RTF4GmY/7g26WPmFz+7gqM0+j+3r
YQIDAQAB
-----END PUBLIC KEY-----

# cat /home/oci/.oci/oci_api_key_public.pem

-----BEGIN PUBLIC KEY-----

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrh7gsSJDdcKKmYs+EAL

4444444444444444444444444444444444444444444444444444444444444444

7777777777777777777777777777777777777777777777777777777777777777

0000000000000000000000000000000000000000000000000000000000000000

3333333333333333333333333333333333333333333333333333333333333333

+d2Kyn/xNUA1zBBM6LUYZGTZsAxJFxubY/98RTF4GmY/7g26WPmFz+7gqM0+j+3r

YQIDAQAB

-----END PUBLIC KEY-----

Attention: Be sure that you add the public key to the user which you have used for the CLI configuration!

Method 2 – YUM Repository

Thanks to Sergio Leunissen from Oracle for his input, the Python SDK and oci utilities are is available in the YUM repository too and ready to install. Take a look at his blog post to see how to work with the Python SDK and OCI metadata:

https://blogs.oracle.com/linux/easy-compute-instance-metadata-access-with-oci-utils

Enable the repository

# yum-config-manager --enable ol7_developer

1	# yum-config-manager --enable ol7_developer

Show the OCI package information

# yum info python-oci-cli
Loaded plugins: langpacks, ulninfo
Available Packages
Name        : python-oci-cli
Arch        : noarch
Version     : 2.5.3
Release     : 1.el7
Size        : 670 k
Repo        : ol7_developer/x86_64
Summary     : Oracle Bare Metal Cloud Services CLI client
URL         : http://pypi.python.org/pypi/oci-cli
License     : Apache2.0
Description : Python SDK for Oracle Bare Metal Cloud Services command line client utilities.

# yum info python-oci-cli

Loaded plugins: langpacks, ulninfo

Available Packages

Name : python-oci-cli

Arch : noarch

Version : 2.5.3

Release : 1.el7

Size : 670 k

Repo : ol7_developer/x86_64

Summary : Oracle Bare Metal Cloud Services CLI client

URL : http://pypi.python.org/pypi/oci-cli

License : Apache2.0

Description : Python SDK for Oracle Bare Metal Cloud Services command line client utilities.

Configure Group, modify User and add a Policy in Oracle Cloud Infrastructure Web Interface

A new group is created for a better access control.

Group

Create a new OCI group called Grafana. OCI > Identity > Groups.

Modify User

Add the selected user to the group – for example this is my user.

Add a Policy

Create a new policy called GrafanaPolicy. OCI > Identity > Policies with these two statements.

allow group grafana to read metrics in tenancy
allow group grafana to read compartments in tenancy

Install Grafana and the OCI Plugin

# wget https://dl.grafana.com/oss/release/grafana-6.0.0-1.x86_64.rpm 
# yum localinstall grafana-6.0.0-1.x86_64.rpm

1 2	# wget https://dl.grafana.com/oss/release/grafana-6.0.0-1.x86_64.rpm # yum localinstall grafana-6.0.0-1.x86_64.rpm

Enable auto start and start the Grafana server manually.

# systemctl enable grafana-server.service
# systemctl daemon-reload
# systemctl start grafana-server

# systemctl enable grafana-server.service

# systemctl daemon-reload

# systemctl start grafana-server

Enable port 3000 (Grafana default port in firewall – the port can be changed in /etc/grafana/grafana.ini) to provide web access to Grafana.

# firewall-cmd --permanent --zone=public --add-port=3000/tcp
# firewall-cmd --reload
# firewall-cmd --permanent --zone=public --list-ports
3000/tcp

# firewall-cmd --permanent --zone=public --add-port=3000/tcp

# firewall-cmd --reload

# firewall-cmd --permanent --zone=public --list-ports

3000/tcp

Install the oci-datasource plugin.

# grafana-cli plugins install oci-datasource
# service grafana-server restart

1 2	# grafana-cli plugins install oci-datasource # service grafana-server restart

The Grafana plugin directorya with the installed plugin.

# ls -la /var/lib/grafana/plugins
total 0
drwxr-xr-x. 3 grafana grafana 28 Mar 4 12:26 .
drwxr-xr-x. 4 grafana grafana 50 Mar 4 12:39 ..
drwxr-xr-x. 3 root root 18 Mar 4 12:26 oci-datasource

# ls -la /var/lib/grafana/plugins

total 0

drwxr-xr-x. 3 grafana grafana 28 Mar 4 12:26 .

drwxr-xr-x. 4 grafana grafana 50 Mar 4 12:39 ..

drwxr-xr-x. 3 root root 18 Mar 4 12:26 oci-datasource

Grafana needs the configuration file and the SSH Key from the user oci. As user root, copy the files and modify the permissions.

# cp -r /home/oci/.oci /usr/share/grafana
# chown -R grafana:grafana cd

1 2	# cp -r /home/oci/.oci /usr/share/grafana # chown -R grafana:grafana cd

Change the path to the key file in /usr/share/grafana/.oci/config.

# vi /usr/share/grafana/.oci/config

From:

key_file=/home/oci/.oci/oci_api_key.pem

1	key_file=/home/oci/.oci/oci_api_key.pem

To:

key_file=/usr/share/grafana/.oci/oci_api_key.pem

1	key_file=/usr/share/grafana/.oci/oci_api_key.pem

Create a new Dashboard based on OCI Metrics

Login into Grafana with [SERVERNAME]:3000. Username and password are admin/admin. Please change your password after first login.

Add data source

Select Oracle Cloud Infrastructure

Configure the Data Source

Fill in your tenancy OCI, region and set Environment = Local. Test the connection. For troubleshooting see Grafana logfile in /var/log/grafana.

Create a new Dashboard and Add Query

Create a Query to visualize Data

In this dashboard example I used the region FRA, my compartment, the namespace oci_blockstorage and the metric VolumeWriteOps.

Available Metrics

For instance monitoring like CPU or Memory you have to enable the metric collection first and install the OCI Cloud Agent that the value is available in the namespace. Example, there are eight metrics are available for my compute instance. Learn more about metrics and monitoring in the OCI documentation here:

Summary

The OCI Grafana plugin is a nice solution to visualize cloud environments based on Open Source software. Take care that Grafana needs access to the OCI CLI SSH information for the Oracle Cloud Infrastructure connection.

Oracle Cloud Infrastructure, Oracle Linux, TrivadisContent

Latest Posts

Oracle Database Appliance X6-L Memory Expansion – Overwritten HugePage Settings after Reboot

Update the OS Configuration

Verfication

Old HugePage Values after ODA Restart

Solution: Remove these two Files

Finally

How to build OCI Infrastructure Environments with Ansible

Requirements

Steps to configure Ansible and OCI

Install and configure the Oracle Cloud Infrastructure Python SDK

Create a User and SSH Keys

The OCI Configuration File

Install the Oracle Cloud Infrastructure Python SDK

Test

Install and configure Ansible

Download and configure the OCI modules for Ansible

OCI Test Run

Run the playbook

Ready to Use

Links

Summary

Monitor your Oracle Cloud Infrastructure with Grafana on Oracle Linux 7

Steps to configure the OCI Grafana Plugin

Machine Requirements

Install and configure the Oracle Cloud Infrastructure CLI

Method 1 – Download

Method 2 – YUM Repository

Configure Group, modify User and add a Policy in Oracle Cloud Infrastructure Web Interface

Group

Modify User

Add a Policy

Install Grafana and the OCI Plugin

# vi /usr/share/grafana/.oci/config

Create a new Dashboard based on OCI Metrics

Add data source

Select Oracle Cloud Infrastructure

Configure the Data Source

Create a new Dashboard and Add Query

Create a Query to visualize Data

Available Metrics

Summary