delphix / ansible-target-host Goto Github PK
View Code? Open in Web Editor NEWAnsible role for configuring target hosts for use by the Delphix platform
Home Page: https://galaxy.ansible.com/delphix/target-host
License: Apache License 2.0
Ansible role for configuring target hosts for use by the Delphix platform
Home Page: https://galaxy.ansible.com/delphix/target-host
License: Apache License 2.0
The role currently configures fairly permissive sudo permissions, with full access to any of the command set. For example, the Oracle documentation gives the following example:
Defaults:delphix_os !requiretty
delphix_os ALL=(root) NOPASSWD: \
/bin/mount * /oracle/*, \
/bin/umount * /oracle/*, \
/bin/umount /oracle/*, \
/bin/umount -lf /oracle/*, \
/bin/ps
We could use these more restrictive permissions to only allow mounts within the delphix mount point, for example.
We should configure a Travis CI build to at least sanity test the role on the supported Travis platforms.
Each database type has a slightly different set of sudo privileges required. Today, we configure the target host for use by any DB type by specifying the superset of all privileges. We could create variables, such as delphix_type_oracle
, that would control including just those privileges. We'd likely want a default delphix_type_all
for ease of use.
Is your feature request related to a problem? Please describe.
It's surprisingly difficult to parse inventory.xml with Ansible.
The "xml" module has a requirement on the remote host for lxml, which could be difficult to get in customer situations.
Slurping and using "xml" module as a local task ("delegate 127.0.0.1") ran into OSX issues: a change to sudoers was needed and even after "pip install xml" I encoutered issues like cmprescott/ansible-xml#51
A solution would look something like this:
- name: Slurp inventory
slurp:
src: "{{ oraInst.stdout }}/ContentsXML/inventory.xml"
register: existing_dbhome
- debug:
msg: "{{ existing_dbhome['content'] | b64decode }}"
verbosity: 2
- name: Parse inventory
xml:
# path: /u01/app/oraInventory/ContentsXML/inventory.xml
xmlstring: "{{ existing_dbhome['content'] | b64decode }}"
xpath: /INVENTORY/HOME_LIST/HOME
content: attribute
delegate_to: 127.0.0.1 #Avoid issues where the remote host doesn't have lxml module and it's difficult to modify the server in that way
register: existing_dbhome
- debug: var=existing_dbhome.matches
To workaround these issues, the current code uses a complex shell command. This feels fragile:
- name: Parse inventory
shell: cat "{{ oraInst.stdout }}/ContentsXML/inventory.xml" |grep "HOME NAME" | grep -vi "CRS=" | grep -vi "REMOVED=" | awk '{print $3}' | awk -F"=" '{print $2}' | tr -d '"'
register: existing_dbhome
Describe the solution you'd like
For the common scenario of Delphix Targets used for Oracle VDBs, delphix_os needs the primary and secondary groups to match Oracle. Automatically handle this requirement for oracle installs.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.