Ansible community modules for Oracle DB & ASM

Besides the almost thousand modules shipped with Ansible, there are many more community modules out there developed independently. A remarkable example is a set of modules to manage Oracle DBs.

The Ansible module system is a great way to improve data center automation: automation tasks do not have to be programmed “manually” in shell code, but can be simply executed by calling the appropriate module with the necessary parameters. Besides the fact that an automation user does not have to remember the shell code the modules are usually also idempotent, thus a module can be called multiple times and only changes something when it is needed.

This only works when a module for the given task exists. The list of Ansible modules is huge, but does not cover all tasks out there. For example quite some middleware products are not covered by Ansible modules (yet?). But there are also community modules out there, not part of the Ansible package, but nevertheless of high quality and developed actively.

A good example of such 3rd party modules are the Oracle DB & ASM modules developed by oravirt aka Mikael Sandström, in a community fashion. Oracle DBs are quite common in the daily enterprise IT business. And since automation is not about configuring single servers, but about integrating all parts of a business process, Oracle DBs should also be part of the automation. Here the extensive set of Ansible modules comes in handy. According to the README (shortened):

• oracle_user
  • Creates & drops a user.
  • Grants privileges only
• oracle_tablespace
  • Manages normal(permanent), temp & undo tablespaces (create, drop, make read only/read write, offline/online)
  • Tablespaces can be created as bigfile, autoextended
• oracle_grants
  • Manages privileges for a user
  • Grants/revokes privileges
  • Handles roles/sys privileges properly.
  • The grants can be added as a string (dba,’select any dictionary’,’create any table’), or in a list (ie.g for use with with_items)
• oracle_role
  • Manages roles in the database
• oracle_parameter
  • Manages init parameters in the database (i.e alter system set parameter…)
  • Also handles underscore parameters. That will require using mode=sysdba, to be able to read the X$ tables needed to verify the existence of the parameter.
• oracle_services
  • Manages services in an Oracle database (RAC/Single instance)
• oracle_pdb
  • Manages pluggable databases in an Oracle container database
  • Creates/deletes/opens/closes the pdb
  • saves the state if you want it to. Default is yes
  • Can place the datafiles in a separate location
• oracle_sql
  • 2 modes: sql or script
  • Executes arbitrary sql or runs a script
• oracle_asmdg
  • Manages ASM diskgroup state. (absent/present)
  • Takes a list of disks and makes sure those disks are part of the DG. If the disk is removed from the disk it will be removed from the DG.
• oracle_asmvol
  • Manages ASM volumes. (absent/present)
• oracle_ldapuser
  • Syncronises users/role grants from LDAP/Active Directory to the database
• oracle_privs
  • Manages system and object level grants
  • Object level grant support wildcards, so now it is possible to grant access to all tables in a schema and maintain it automatically!

I have not yet had the change to test the modules, but I think they are worth a look. The amount of quality code, the existing documentation and also the ongoing development shows an active and healthy project, development important and certainly relevant modules. Please note: these modules are not part of the Ansible community, nor part of any offering from Oracle or anyone else. So use them at your own risk, they probably will eat your data. And kittens!

So, if you are dealing with Oracle DBs these modules might be worth to take a look. And I hope they will be pushed upstream soon.