2018-03-24 Ansible Rearrange Variables
2018-03-20 Ansible Playbook for Install GI Software (2)
2018-03-27 Manage Ansible Playbook in GIT

Contents

  1. 1 Overview
  2. 2 References
    1. 2.1 Ansible Documentation
    2. 2.2 Linux Documentation
  3. 3 Procedure
    1. 3.1 Check Readiness for Cluster Installation
    2. 3.2 Update ORACLE_USER Role Variables File
    3. 3.3 Update ORACLE_GI Role Variables File
    4. 3.4 Update GI Response File
    5. 3.5 Update Oracle User Creation Tasks


Overview

Following the successful installation of the Oracle 12.1.0.2 Grid Infrastructure (GI) software on REDFERN1 , I am now ready to configure the REDFERN as a single-node cluster. REDFERN2 will be added later on.

However, the cluster verification failed with SSH connectivity issues. I needed to resolve these first before proceeding.

I took the opportunity to rearrange the variables in the various Ansible files.

References

Ansible Documentation

Linux Documentation

Procedure

Check Readiness for Cluster Installation

Following the procedure in 8.2.1 Installing the Software Binaries , I ran the following command on REDFERN1 : 

sudo -u oracle /opt/share/Software/grid/linuxamd64_12102/grid/runcluvfy.sh stage -pre crsinst -n redfern1

The output was: 

Performing pre-checks for cluster services setup 

Checking node reachability...
Node reachability check passed from node "redfern1"


Checking user equivalence...
PRVG-2019 : Check for equivalence of user "oracle" from node "redfern1" to node "redfern1" failed

PRKC-1044 : Failed to check remote command execution setup for node redfern1 using shells /usr/bin/ssh and /usr/bin/rsh 
File "/usr/bin/rsh" does not exist on node "redfern1"
No ECDSA host key is known for redfern1 and you have requested strict checking.Host key verification failed.

ERROR: 
User equivalence unavailable on all the specified nodes
Verification cannot proceed


Pre-check for cluster services setup was unsuccessful on all the nodes.

Looks like I failed to establish SSH keys and SSH equivalency on REDFERN1 .

Update: 2018-04-03: This is addressed through Issue #6 on GitHub.

Update ORACLE_USER Role Variables File

The ORACLE_USER role variable file, /etc/ansible/roles/oracle_user/vars/main.yml , was changed on AUBURN to: 

---
# vars file for oracle_user
# ------------------------------------------------------------------------------
# Attributes for the ORACLE user on Linux
# ------------------------------------------------------------------------------
"oracle_user":
  # ------------------- Installation Linux Groups
  "install_group":
    "name":             "oinstall"
    "gid":              54321
  # ------------------- ASM Linux Groups
  "asm_groups":
    "OSDBA":
      "name":           "asmdba"
      "gid":            54327
    "OSOPER":
      "name":           "asmoper"
      "gid":            54328
    "OSASM":
      "name":           "asmadmin"
      "gid":            54329
  # ------------------- Database Linux Groups
  "db_groups":
    "DBA_GROUP":
      "name":           "dba"
      "gid":            54322
    "OPER_GROUP":
      "name":           "oper"
      "gid":            54323
...

Here, I divided the Linux groups for the oracle into three (3) dictionaries:

  1. Installation group
  2. ASM groups
  3. Database groups

The last two (2) dictionaries are keyed by the names used the installation response file template ( /etc/ansible/roles/oracle_gi/templates/grid_install.rsp ).

Update ORACLE_GI Role Variables File

The ORACLE_GI role variable file, /etc/ansible/roles/oracle_gi/vars/main.yml , was changed on AUBURN to: 

---
# vars file for oracle_gi
"oracle_gi":
  "inventory_location": "/opt/app/oraInventory"
  "oracle_base":        "/opt/app/grid"
  "oracle_home":        "/opt/app/12.1.0/grid"
...

Here the variables are reduced to those needed for GI installation.

Update GI Response File

The Grid Infrastructure (GI) response file, /etc/ansible/roles/oracle_gi/templates/grid_install.rsp , was updated on AUBURN with the following lines: 

#-------------------------------------------------------------------------------
# The DBA_GROUP is the OS group which is to be granted OSDBA privileges.
#-------------------------------------------------------------------------------
oracle.install.asm.OSDBA={{ oracle_user.asm_groups.OSDBA.name }}

#-------------------------------------------------------------------------------
# The OPER_GROUP is the OS group which is to be granted OSOPER privileges.
# The value to be specified for OSOPER group is optional.
# Value should not be provided if configuring Client Cluster - i.e. storageOption=CLIENT_ASM_STORAGE.
#-------------------------------------------------------------------------------
oracle.install.asm.OSOPER={{ oracle_user.asm_groups.OSOPER.name }}

#-------------------------------------------------------------------------------
# The OSASM_GROUP is the OS group which is to be granted OSASM privileges. This
# must be different than the previous two.
#-------------------------------------------------------------------------------
oracle.install.asm.OSASM={{ oracle_user.asm_groups.OSASM.name }}

The names matched those in /etc/ansible/roles/oracle_user/vars/main.yml which describe the groups attached to the oracle user.

Update Oracle User Creation Tasks

The task file to create the Oracle user, /etc/ansible/roles/oracle_user/tasks/user_groups.yml , was changed on AUBURN to: 

# --------------------- Add Linux Groups

- name:                 "Add Oracle Installation Group"
  group: 
    name:               "{{ oracle_user.install_group.name }}"
    gid:                "{{ oracle_user.install_group.gid }}"
    state:              present
    system:             no

- name:                 "Create ASM Linux Groups"
  group: 
    name:               "{{ item.name }}"
    gid:                "{{ item.gid }}"
    state:              present
    system:             no
  with_dict:            "{{ oracle_user.asm_groups }}"

- name:                 "Create Database Linux Groups"
  group: 
    name:               "{{ item.name }}"
    gid:                "{{ item.gid }}"
    state:              present
    system:             no
  with_dict:            "{{ oracle_user.db_groups }}"

# --------------------- Create Oracle User

- name:                 "Load Oracle User Password"
  include_vars:
    file:               oracle_pw.yml
    name:               oracle_user_pw

- name:                 "Set default group and password for Oracle user"
  user:
    name:               oracle
    append:             yes
    comment:            "Oracle software owner"
    password:           "{{ oracle_user_pw.password }}"
    group:              "{{ oracle_user.install_group.name }}"
    generate_ssh_key:   yes
    groups:             "{{ oracle_user.install_group.name }}"
    
- name:                 "Add ASM Linux Groups to Oracle User"
  user:
    name:               oracle
    append:             yes
    groups:             "{{ item.name }}"
  with_dict:            "{{ oracle_user.asm_groups }}"
    
- name:                 "Add Database Linux Groups to Oracle User"
  user:
    name:               oracle
    append:             yes
    groups:             "{{ item.name }}"
  with_dict:            "{{ oracle_user.db_groups }}"
...
Note:
I tried used a JSON query to construct a list of group names, But the query failed with the following message appears: 
fatal: [redfern1.yaocm.id.au]: FAILED! => {"msg": "You need to install \"jmespath\" prior to running json_query filter"}
Unfortunately, there is an open bug report on this issue: AnsibleError: You need to install \"jmespath\" prior to running json_query filter" #749