SlideShare una empresa de Scribd logo

Using Terraform to Manage Oracle Cloud Infrastructure

Maris Elsins
Maris Elsins

Managing the Oracle Cloud Infrastructure by using just the Cloud Console can get out of hand very quickly due to the vast amount of resources and their interdependencies that need to be controlled. It leads to weakened security, reduced availability or human mistakes in infrastructure management. Terraform – an open-source infrastructure as code software – allows solving many of these issues. This presentation will explain the basics of working with Terraform and will provide hints and examples for using it with OCI.

Tecnología
1 de 29
Descargar para leer sin conexión
1© Pythian Services Inc., 2020 by Māris Elsiņš TO MANAGE ORACLE CLOUD INFRASTRUCTURE USING TERRAFORM
2© Pythian Services Inc., 2020 Māris Elsiņš Lead Database Consultant ✓ Oracle Databases ✓ Oracle e-Business Suite ✓ OCI ✓ AWS ✓ GCP @MarisDBA elsins@pythian.com
3© Pythian Services Inc., 2020 WHAT’S DIFFERENT IN THIS TERRAFORM TALK?
4© Pythian Services Inc., 2020 • Basics in 3 minutes + demo • Terraform and OCI + demo • A Few suggestions before you dive in!
5© Pythian Services Inc., 2020 BASICS IN 3 MINUTES
6© Pythian Services Inc., 2020 WHAT IS • A tool for building, changing, and versioning infrastructure • HashiCorp • Open Source • A Simple binary executable • Manages Infrastructure as Code • The cool stuff it provides
7© Pythian Services Inc., 2020 WHAT IS • A tool for building, changing, and versioning infrastructure • Manages Infrastructure as Code • Configuration files describe the infrastructure • Terraform language syntax (Declarative Language) • Version controlled repeatable infrastructure • The cool stuff it provides
8© Pythian Services Inc., 2020 WHAT IS • A tool for building, changing, and versioning infrastructure • Manages Infrastructure as Code • The cool stuff it provides • Resource Graph - determine dependencies and parallelize execution • Execution Plans - verify the change before implementing it • Change Automation - adjust the configuration files, and terraform will figure out how to implement it • DevOpsification
9© Pythian Services Inc., 2020 WHAT IS TERRAFORM IMPORTANT CONCEPTS • Providers - https://www.terraform.io/docs/providers/index.html • Variables – provide parameters of the configuration • Outputs – externalize the information • Resources – describe what needs to be created • Data Sources – Extract environment properties that are not maintained by Terraform • State files – The local metadata of the existing infrastructure • Interpolation Syntax – refencing attributes from another resource • Modules – reusability of existing code d1 d2
10© Pythian Services Inc., 2020 TERRAFORM + OCI
11© Pythian Services Inc., 2020 STARTING WITH TERRAFORM + OCI GETTING CONNECTED TO OCI • Where to start? • Getting Started with the Terraform Provider https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/terraformgetstarted.htm • Required Keys and OCIDs https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm • Separation of impact areas in OCI provider "oci" { tenancy_ocid = "${var.tenancy_ocid}" user_ocid = "${var.user_ocid}" fingerprint = "${var.fingerprint}" private_key_path = "${var.private_key_path}" region = "${var.region}" }
12© Pythian Services Inc., 2020 STARTING WITH TERRAFORM + OCI GETTING CONNECTED TO OCI • Where to start? • Separation of impact areas in OCI • Dedicated compartment(s) for all infra managed by Terraform Policy: allow group OCITerra-Admins to manage all-resources in compartment OCITerra • The rest is manually managed • Object Storage bucket for terraform state? • Administrative users, policies, etc…. provider "oci" { tenancy_ocid = "${var.tenancy_ocid}" user_ocid = "${var.user_ocid}" fingerprint = "${var.fingerprint}" private_key_path = "${var.private_key_path}" region = "${var.region}" }
13© Pythian Services Inc., 2020 BUILDING SOMETHING USEFUL LET’S CREATE SOMETHING REAL • What we’re building? • Compartment • VCN • Security List • Routing Table • Internet Gateway • Subnet • Instance running nginx • Requirements • Used features
14© Pythian Services Inc., 2020 BUILDING SOMETHING USEFUL LET’S CREATE SOMETHING REAL • What we’re building? • Requirements • Repeatable infrastructure • Use the same code • Different configurations • NW • Resource naming • PROD protection • Used features
15© Pythian Services Inc., 2020 BUILDING SOMETHING USEFUL LET’S CREATE SOMETHING REAL d3 • What we’re building? • Requirements • Used features • Terraform Workspaces • A wrapper script
16© Pythian Services Inc., 2020 IMPORTING RESOURCES
17© Pythian Services Inc., 2020 IMPORTING RESOURCES ADDING A MANUALLY CREATED RESOURCE • Retrieve the OCID from OCI • Create the placeholder resource in terraform configuration • Import the resource metadata into the state file terraform import placeholder_resource.name {ocid} • Show the contents of the state file terraform state show placeholder_resource.name • Adjust the placeholder resource to add required attributes • use the interpolation syntax to retrieve the attributes from other resources • Check the terraform plan terraform plan d4
18© Pythian Services Inc., 2020 USING TERRAFORM IRL
19© Pythian Services Inc., 2020 USING TERRAFORM IRL HOW TO START USING TERRAFORM IN YOUR PROJECTS? • Start small • Use an iterative approach • Expand gradually • Terraform-ing is a team effort • Don’t Hardcode values in configuration files • One large configuration defining DEV, UAT and PROD != OK
20© Pythian Services Inc., 2020 USING TERRAFORM IRL HOW TO START USING TERRAFORM IN YOUR PROJECTS? • Start small • Terraform-ing is a team effort • Manual adjustments cause state issues • Everyone needs to be familiar with the workflow, otherwise it will cause manual actions (trouble) • Don’t Hardcode values in configuration files • One large configuration defining DEV, UAT and PROD is NOT OK
21© Pythian Services Inc., 2020 USING TERRAFORM IRL HOW TO START USING TERRAFORM IN YOUR PROJECTS? • Start small • Terraform-ing is a team effort • Don’t Hardcode values in configuration files • Utilize variables to make it possible to change aspects of the environment • Variables simplify conversion into modules, thus improves reusability • One large configuration defining DEV, UAT and PROD is NOT OK
22© Pythian Services Inc., 2020 USING TERRAFORM IRL A FEW SUGGESTIONS BEFORE YOU DIVE IN • Start small • Terraform-ing is a team effort • Don’t Hardcode values in configuration files • One large configuration defining DEV, UAT and PROD is NOT OK • Reduced separation • Inability to test the changes • Decreased reliability and manageability of the configuration • Break down the system in logical segments that are managed in separate TF configurations! • i.e. Core network, shared services • References between different TF states are possible
23© Pythian Services Inc., 2020 USING TERRAFORM IRL WHERE TO RUN THE TERRAFORM FROM? • Running it from your workstation • Possible, but error-prone in a team configuration… • State needs to be shared (limitations of remote state with OCI) • Does everyone have the right configuration files (did you forget to git pull?) • A Deployment server
24© Pythian Services Inc., 2020 USING TERRAFORM IRL WHERE TO RUN THE TERRAFORM FROM? • Running it from your workstation? • A Deployment server • A single shared server, where terraform is executed from • Additional infrastructure / backups, management • More control over the configuration of terraform runs • The “local” state supports locking and workspaces natively • Editing should not be allowed on the deployment server (to avoid conflicts) • Easier to integrate with other tools (Jenkins, Ansible, etc)
25© Pythian Services Inc., 2020 USING TERRAFORM IRL PROTECT YOUR CRITICAL STUFF! • Protecting the state files • Corrupt/missing state can have severe impact • State files can store sensitive information • OCI’s support for remote state is weak at the moment • Can use a file in an Object Storage Bucket • Does not support several important features (workspaces, prefixes, limited locking) • Alternative state storage options? • Store state files on another cloud (AWS S3 Bucket)? • Use a “deployment instance”and a “local” protected / encrypted / backed up state on Block Storage or File Storage services. • Plan code promotions carefully • Protecting the PROD
26© Pythian Services Inc., 2020 USING TERRAFORM IRL PROTECT YOUR CRITICAL STUFF! • Protecting the state files • Plan code promotions carefully • Different versions of the same TF configuration code in different environments • Modules vs. wrapper scripts that pulls the correct version • Different architectures, but utilize the same terraform modules (different versions) • Isolate the environments (ability to run destroy without affecting others) to reduce the potential impact • terraform workspaces • Completely separated terraform configuration files (+use of modules) • Protecting the PROD
27© Pythian Services Inc., 2020 USING TERRAFORM IRL PROTECT YOUR CRITICAL STUFF! • Protecting the state files • Plan code promotions carefully • Protecting the PROD • accidents happen • ‘terraform apply’ in the wrong environment can be very costly • Build fail-safes (i.e. a wrapper *.sh to implement extra checks for PROD executions) • Additional benefits possible, i.e. checking out the correct code version from the repository, posting tags back to git, etc.
28© Pythian Services Inc., 2020 SUMMARY • You will require an IaC solution when moving to Cloud • Terraform is one good option • Especially on OCI • Planning is critical • Protecting and sharing the state • Critical resources • All team effort • All in or Fail • It’s fun! • At least for dinosaur DBAs like me
29© Pythian Services Inc., 2020 ? @MarisDBA elsins@pythian.com

Recomendados

An AWS DMS Replication Journey from Oracle to Aurora MySQL
An AWS DMS Replication Journey from Oracle to Aurora MySQLAn AWS DMS Replication Journey from Oracle to Aurora MySQL
An AWS DMS Replication Journey from Oracle to Aurora MySQLMaris Elsins
 
Oracle Databases on AWS - Getting the Best Out of RDS and EC2
Oracle Databases on AWS - Getting the Best Out of RDS and EC2Oracle Databases on AWS - Getting the Best Out of RDS and EC2
Oracle Databases on AWS - Getting the Best Out of RDS and EC2Maris Elsins
 
Migrating and Running DBs on Amazon RDS for Oracle
Migrating and Running DBs on Amazon RDS for OracleMigrating and Running DBs on Amazon RDS for Oracle
Migrating and Running DBs on Amazon RDS for OracleMaris Elsins
 
Mining AWR V2 - Trend Analysis
Mining AWR V2 - Trend AnalysisMining AWR V2 - Trend Analysis
Mining AWR V2 - Trend AnalysisMaris Elsins
 
DB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerDB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerMaris Elsins
 
C15LV: Ins and Outs of Concurrent Processing Configuration in Oracle e-Busine...
C15LV: Ins and Outs of Concurrent Processing Configuration in Oracle e-Busine...C15LV: Ins and Outs of Concurrent Processing Configuration in Oracle e-Busine...
C15LV: Ins and Outs of Concurrent Processing Configuration in Oracle e-Busine...Maris Elsins
 
Mining the AWR: Alternative Methods for Identification of the Top SQLs (inclu...
Mining the AWR: Alternative Methods for Identification of the Top SQLs (inclu...Mining the AWR: Alternative Methods for Identification of the Top SQLs (inclu...
Mining the AWR: Alternative Methods for Identification of the Top SQLs (inclu...Maris Elsins
 
Database as a Service on the Oracle Database Appliance Platform
Database as a Service on the Oracle Database Appliance PlatformDatabase as a Service on the Oracle Database Appliance Platform
Database as a Service on the Oracle Database Appliance PlatformMaris Elsins
 

Recomendados

An AWS DMS Replication Journey from Oracle to Aurora MySQL
An AWS DMS Replication Journey from Oracle to Aurora MySQLAn AWS DMS Replication Journey from Oracle to Aurora MySQL
An AWS DMS Replication Journey from Oracle to Aurora MySQLMaris Elsins
 
Oracle Databases on AWS - Getting the Best Out of RDS and EC2
Oracle Databases on AWS - Getting the Best Out of RDS and EC2Oracle Databases on AWS - Getting the Best Out of RDS and EC2
Oracle Databases on AWS - Getting the Best Out of RDS and EC2Maris Elsins
 
Migrating and Running DBs on Amazon RDS for Oracle
Migrating and Running DBs on Amazon RDS for OracleMigrating and Running DBs on Amazon RDS for Oracle
Migrating and Running DBs on Amazon RDS for OracleMaris Elsins
 
Mining AWR V2 - Trend Analysis
Mining AWR V2 - Trend AnalysisMining AWR V2 - Trend Analysis
Mining AWR V2 - Trend AnalysisMaris Elsins
 
DB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerDB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerMaris Elsins
 
C15LV: Ins and Outs of Concurrent Processing Configuration in Oracle e-Busine...
C15LV: Ins and Outs of Concurrent Processing Configuration in Oracle e-Busine...C15LV: Ins and Outs of Concurrent Processing Configuration in Oracle e-Busine...
C15LV: Ins and Outs of Concurrent Processing Configuration in Oracle e-Busine...Maris Elsins
 
Mining the AWR: Alternative Methods for Identification of the Top SQLs (inclu...
Mining the AWR: Alternative Methods for Identification of the Top SQLs (inclu...Mining the AWR: Alternative Methods for Identification of the Top SQLs (inclu...
Mining the AWR: Alternative Methods for Identification of the Top SQLs (inclu...Maris Elsins
 
Database as a Service on the Oracle Database Appliance Platform
Database as a Service on the Oracle Database Appliance PlatformDatabase as a Service on the Oracle Database Appliance Platform
Database as a Service on the Oracle Database Appliance PlatformMaris Elsins
 
LVOUG meetup #2 - Forcing SQL Execution Plan Instability
LVOUG meetup #2 - Forcing SQL Execution Plan InstabilityLVOUG meetup #2 - Forcing SQL Execution Plan Instability
LVOUG meetup #2 - Forcing SQL Execution Plan InstabilityMaris Elsins
 
OUG Harmony 2012 - Using SQL Plan Baselines for Performance Testing
OUG Harmony 2012 - Using SQL Plan Baselines for Performance TestingOUG Harmony 2012 - Using SQL Plan Baselines for Performance Testing
OUG Harmony 2012 - Using SQL Plan Baselines for Performance TestingMaris Elsins
 
LVOUG meetup #4 - Case Study 10g to 11g
LVOUG meetup #4 - Case Study 10g to 11gLVOUG meetup #4 - Case Study 10g to 11g
LVOUG meetup #4 - Case Study 10g to 11gMaris Elsins
 
Surviving the Crisis With the Help of Oracle Database Resource Manager
Surviving the Crisis With the Help of Oracle Database Resource ManagerSurviving the Crisis With the Help of Oracle Database Resource Manager
Surviving the Crisis With the Help of Oracle Database Resource ManagerMaris Elsins
 
Concurrent Processing Performance Analysis for Apps DBAs
Concurrent Processing Performance Analysis for Apps DBAsConcurrent Processing Performance Analysis for Apps DBAs
Concurrent Processing Performance Analysis for Apps DBAsMaris Elsins
 
Simplify Consolidation with Oracle Database 12c
Simplify Consolidation with Oracle Database 12cSimplify Consolidation with Oracle Database 12c
Simplify Consolidation with Oracle Database 12cMaris Elsins
 
10 ways to improve your rman script
10 ways to improve your rman script10 ways to improve your rman script
10 ways to improve your rman scriptMaris Elsins
 
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...Maris Elsins
 
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...Maris Elsins
 
Running E-Business Suite Database on Oracle Database Appliance
Running E-Business Suite Database on Oracle Database ApplianceRunning E-Business Suite Database on Oracle Database Appliance
Running E-Business Suite Database on Oracle Database ApplianceMaris Elsins
 
Internals of concurent managers
Internals of concurent managersInternals of concurent managers
Internals of concurent managersMaris Elsins
 
Using SQL Plan Management for Performance Testing
Using SQL Plan Management for Performance TestingUsing SQL Plan Management for Performance Testing
Using SQL Plan Management for Performance TestingMaris Elsins
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 

Más contenido relacionado

Más de Maris Elsins

LVOUG meetup #2 - Forcing SQL Execution Plan Instability
LVOUG meetup #2 - Forcing SQL Execution Plan InstabilityLVOUG meetup #2 - Forcing SQL Execution Plan Instability
LVOUG meetup #2 - Forcing SQL Execution Plan InstabilityMaris Elsins
 
OUG Harmony 2012 - Using SQL Plan Baselines for Performance Testing
OUG Harmony 2012 - Using SQL Plan Baselines for Performance TestingOUG Harmony 2012 - Using SQL Plan Baselines for Performance Testing
OUG Harmony 2012 - Using SQL Plan Baselines for Performance TestingMaris Elsins
 
LVOUG meetup #4 - Case Study 10g to 11g
LVOUG meetup #4 - Case Study 10g to 11gLVOUG meetup #4 - Case Study 10g to 11g
LVOUG meetup #4 - Case Study 10g to 11gMaris Elsins
 
Surviving the Crisis With the Help of Oracle Database Resource Manager
Surviving the Crisis With the Help of Oracle Database Resource ManagerSurviving the Crisis With the Help of Oracle Database Resource Manager
Surviving the Crisis With the Help of Oracle Database Resource ManagerMaris Elsins
 
Concurrent Processing Performance Analysis for Apps DBAs
Concurrent Processing Performance Analysis for Apps DBAsConcurrent Processing Performance Analysis for Apps DBAs
Concurrent Processing Performance Analysis for Apps DBAsMaris Elsins
 
Simplify Consolidation with Oracle Database 12c
Simplify Consolidation with Oracle Database 12cSimplify Consolidation with Oracle Database 12c
Simplify Consolidation with Oracle Database 12cMaris Elsins
 
10 ways to improve your rman script
10 ways to improve your rman script10 ways to improve your rman script
10 ways to improve your rman scriptMaris Elsins
 
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...Maris Elsins
 
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...Maris Elsins
 
Running E-Business Suite Database on Oracle Database Appliance
Running E-Business Suite Database on Oracle Database ApplianceRunning E-Business Suite Database on Oracle Database Appliance
Running E-Business Suite Database on Oracle Database ApplianceMaris Elsins
 
Internals of concurent managers
Internals of concurent managersInternals of concurent managers
Internals of concurent managersMaris Elsins
 
Using SQL Plan Management for Performance Testing
Using SQL Plan Management for Performance TestingUsing SQL Plan Management for Performance Testing
Using SQL Plan Management for Performance TestingMaris Elsins
 

Más de Maris Elsins (12)

LVOUG meetup #2 - Forcing SQL Execution Plan Instability
LVOUG meetup #2 - Forcing SQL Execution Plan InstabilityLVOUG meetup #2 - Forcing SQL Execution Plan Instability
LVOUG meetup #2 - Forcing SQL Execution Plan Instability
 
OUG Harmony 2012 - Using SQL Plan Baselines for Performance Testing
OUG Harmony 2012 - Using SQL Plan Baselines for Performance TestingOUG Harmony 2012 - Using SQL Plan Baselines for Performance Testing
OUG Harmony 2012 - Using SQL Plan Baselines for Performance Testing
 
LVOUG meetup #4 - Case Study 10g to 11g
LVOUG meetup #4 - Case Study 10g to 11gLVOUG meetup #4 - Case Study 10g to 11g
LVOUG meetup #4 - Case Study 10g to 11g
 
Surviving the Crisis With the Help of Oracle Database Resource Manager
Surviving the Crisis With the Help of Oracle Database Resource ManagerSurviving the Crisis With the Help of Oracle Database Resource Manager
Surviving the Crisis With the Help of Oracle Database Resource Manager
 
Concurrent Processing Performance Analysis for Apps DBAs
Concurrent Processing Performance Analysis for Apps DBAsConcurrent Processing Performance Analysis for Apps DBAs
Concurrent Processing Performance Analysis for Apps DBAs
 
Simplify Consolidation with Oracle Database 12c
Simplify Consolidation with Oracle Database 12cSimplify Consolidation with Oracle Database 12c
Simplify Consolidation with Oracle Database 12c
 
10 ways to improve your rman script
10 ways to improve your rman script10 ways to improve your rman script
10 ways to improve your rman script
 
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
Wildcard13 - warmup slides for the "Roundtable discussion with Oracle Profess...
 
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...
Whitepaper: Running Oracle e-Business Suite Database on Oracle Database Appli...
 
Running E-Business Suite Database on Oracle Database Appliance
Running E-Business Suite Database on Oracle Database ApplianceRunning E-Business Suite Database on Oracle Database Appliance
Running E-Business Suite Database on Oracle Database Appliance
 
Internals of concurent managers
Internals of concurent managersInternals of concurent managers
Internals of concurent managers
 
Using SQL Plan Management for Performance Testing
Using SQL Plan Management for Performance TestingUsing SQL Plan Management for Performance Testing
Using SQL Plan Management for Performance Testing
 

Último

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 

Último (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 

Using Terraform to Manage Oracle Cloud Infrastructure

  • 1. 1© Pythian Services Inc., 2020 by Māris Elsiņš TO MANAGE ORACLE CLOUD INFRASTRUCTURE USING TERRAFORM
  • 2. 2© Pythian Services Inc., 2020 Māris Elsiņš Lead Database Consultant ✓ Oracle Databases ✓ Oracle e-Business Suite ✓ OCI ✓ AWS ✓ GCP @MarisDBA elsins@pythian.com
  • 3. 3© Pythian Services Inc., 2020 WHAT’S DIFFERENT IN THIS TERRAFORM TALK?
  • 4. 4© Pythian Services Inc., 2020 • Basics in 3 minutes + demo • Terraform and OCI + demo • A Few suggestions before you dive in!
  • 5. 5© Pythian Services Inc., 2020 BASICS IN 3 MINUTES
  • 6. 6© Pythian Services Inc., 2020 WHAT IS • A tool for building, changing, and versioning infrastructure • HashiCorp • Open Source • A Simple binary executable • Manages Infrastructure as Code • The cool stuff it provides
  • 7. 7© Pythian Services Inc., 2020 WHAT IS • A tool for building, changing, and versioning infrastructure • Manages Infrastructure as Code • Configuration files describe the infrastructure • Terraform language syntax (Declarative Language) • Version controlled repeatable infrastructure • The cool stuff it provides
  • 8. 8© Pythian Services Inc., 2020 WHAT IS • A tool for building, changing, and versioning infrastructure • Manages Infrastructure as Code • The cool stuff it provides • Resource Graph - determine dependencies and parallelize execution • Execution Plans - verify the change before implementing it • Change Automation - adjust the configuration files, and terraform will figure out how to implement it • DevOpsification
  • 9. 9© Pythian Services Inc., 2020 WHAT IS TERRAFORM IMPORTANT CONCEPTS • Providers - https://www.terraform.io/docs/providers/index.html • Variables – provide parameters of the configuration • Outputs – externalize the information • Resources – describe what needs to be created • Data Sources – Extract environment properties that are not maintained by Terraform • State files – The local metadata of the existing infrastructure • Interpolation Syntax – refencing attributes from another resource • Modules – reusability of existing code d1 d2
  • 10. 10© Pythian Services Inc., 2020 TERRAFORM + OCI
  • 11. 11© Pythian Services Inc., 2020 STARTING WITH TERRAFORM + OCI GETTING CONNECTED TO OCI • Where to start? • Getting Started with the Terraform Provider https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/terraformgetstarted.htm • Required Keys and OCIDs https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm • Separation of impact areas in OCI provider "oci" { tenancy_ocid = "${var.tenancy_ocid}" user_ocid = "${var.user_ocid}" fingerprint = "${var.fingerprint}" private_key_path = "${var.private_key_path}" region = "${var.region}" }
  • 12. 12© Pythian Services Inc., 2020 STARTING WITH TERRAFORM + OCI GETTING CONNECTED TO OCI • Where to start? • Separation of impact areas in OCI • Dedicated compartment(s) for all infra managed by Terraform Policy: allow group OCITerra-Admins to manage all-resources in compartment OCITerra • The rest is manually managed • Object Storage bucket for terraform state? • Administrative users, policies, etc…. provider "oci" { tenancy_ocid = "${var.tenancy_ocid}" user_ocid = "${var.user_ocid}" fingerprint = "${var.fingerprint}" private_key_path = "${var.private_key_path}" region = "${var.region}" }
  • 13. 13© Pythian Services Inc., 2020 BUILDING SOMETHING USEFUL LET’S CREATE SOMETHING REAL • What we’re building? • Compartment • VCN • Security List • Routing Table • Internet Gateway • Subnet • Instance running nginx • Requirements • Used features
  • 14. 14© Pythian Services Inc., 2020 BUILDING SOMETHING USEFUL LET’S CREATE SOMETHING REAL • What we’re building? • Requirements • Repeatable infrastructure • Use the same code • Different configurations • NW • Resource naming • PROD protection • Used features
  • 15. 15© Pythian Services Inc., 2020 BUILDING SOMETHING USEFUL LET’S CREATE SOMETHING REAL d3 • What we’re building? • Requirements • Used features • Terraform Workspaces • A wrapper script
  • 16. 16© Pythian Services Inc., 2020 IMPORTING RESOURCES
  • 17. 17© Pythian Services Inc., 2020 IMPORTING RESOURCES ADDING A MANUALLY CREATED RESOURCE • Retrieve the OCID from OCI • Create the placeholder resource in terraform configuration • Import the resource metadata into the state file terraform import placeholder_resource.name {ocid} • Show the contents of the state file terraform state show placeholder_resource.name • Adjust the placeholder resource to add required attributes • use the interpolation syntax to retrieve the attributes from other resources • Check the terraform plan terraform plan d4
  • 18. 18© Pythian Services Inc., 2020 USING TERRAFORM IRL
  • 19. 19© Pythian Services Inc., 2020 USING TERRAFORM IRL HOW TO START USING TERRAFORM IN YOUR PROJECTS? • Start small • Use an iterative approach • Expand gradually • Terraform-ing is a team effort • Don’t Hardcode values in configuration files • One large configuration defining DEV, UAT and PROD != OK
  • 20. 20© Pythian Services Inc., 2020 USING TERRAFORM IRL HOW TO START USING TERRAFORM IN YOUR PROJECTS? • Start small • Terraform-ing is a team effort • Manual adjustments cause state issues • Everyone needs to be familiar with the workflow, otherwise it will cause manual actions (trouble) • Don’t Hardcode values in configuration files • One large configuration defining DEV, UAT and PROD is NOT OK
  • 21. 21© Pythian Services Inc., 2020 USING TERRAFORM IRL HOW TO START USING TERRAFORM IN YOUR PROJECTS? • Start small • Terraform-ing is a team effort • Don’t Hardcode values in configuration files • Utilize variables to make it possible to change aspects of the environment • Variables simplify conversion into modules, thus improves reusability • One large configuration defining DEV, UAT and PROD is NOT OK
  • 22. 22© Pythian Services Inc., 2020 USING TERRAFORM IRL A FEW SUGGESTIONS BEFORE YOU DIVE IN • Start small • Terraform-ing is a team effort • Don’t Hardcode values in configuration files • One large configuration defining DEV, UAT and PROD is NOT OK • Reduced separation • Inability to test the changes • Decreased reliability and manageability of the configuration • Break down the system in logical segments that are managed in separate TF configurations! • i.e. Core network, shared services • References between different TF states are possible
  • 23. 23© Pythian Services Inc., 2020 USING TERRAFORM IRL WHERE TO RUN THE TERRAFORM FROM? • Running it from your workstation • Possible, but error-prone in a team configuration… • State needs to be shared (limitations of remote state with OCI) • Does everyone have the right configuration files (did you forget to git pull?) • A Deployment server
  • 24. 24© Pythian Services Inc., 2020 USING TERRAFORM IRL WHERE TO RUN THE TERRAFORM FROM? • Running it from your workstation? • A Deployment server • A single shared server, where terraform is executed from • Additional infrastructure / backups, management • More control over the configuration of terraform runs • The “local” state supports locking and workspaces natively • Editing should not be allowed on the deployment server (to avoid conflicts) • Easier to integrate with other tools (Jenkins, Ansible, etc)
  • 25. 25© Pythian Services Inc., 2020 USING TERRAFORM IRL PROTECT YOUR CRITICAL STUFF! • Protecting the state files • Corrupt/missing state can have severe impact • State files can store sensitive information • OCI’s support for remote state is weak at the moment • Can use a file in an Object Storage Bucket • Does not support several important features (workspaces, prefixes, limited locking) • Alternative state storage options? • Store state files on another cloud (AWS S3 Bucket)? • Use a “deployment instance”and a “local” protected / encrypted / backed up state on Block Storage or File Storage services. • Plan code promotions carefully • Protecting the PROD
  • 26. 26© Pythian Services Inc., 2020 USING TERRAFORM IRL PROTECT YOUR CRITICAL STUFF! • Protecting the state files • Plan code promotions carefully • Different versions of the same TF configuration code in different environments • Modules vs. wrapper scripts that pulls the correct version • Different architectures, but utilize the same terraform modules (different versions) • Isolate the environments (ability to run destroy without affecting others) to reduce the potential impact • terraform workspaces • Completely separated terraform configuration files (+use of modules) • Protecting the PROD
  • 27. 27© Pythian Services Inc., 2020 USING TERRAFORM IRL PROTECT YOUR CRITICAL STUFF! • Protecting the state files • Plan code promotions carefully • Protecting the PROD • accidents happen • ‘terraform apply’ in the wrong environment can be very costly • Build fail-safes (i.e. a wrapper *.sh to implement extra checks for PROD executions) • Additional benefits possible, i.e. checking out the correct code version from the repository, posting tags back to git, etc.
  • 28. 28© Pythian Services Inc., 2020 SUMMARY • You will require an IaC solution when moving to Cloud • Terraform is one good option • Especially on OCI • Planning is critical • Protecting and sharing the state • Critical resources • All team effort • All in or Fail • It’s fun! • At least for dinosaur DBAs like me
  • 29. 29© Pythian Services Inc., 2020 ? @MarisDBA elsins@pythian.com