OCI CLI・Ansible OCI modulesを入れてみる

Oracle Cloud always free Advent Calendar 2019の8日目です。

 

昨日はAnsibleをインストールしましたが、本日はそれに続き、OCI CLIとOCI Ansibleモジュールをインストールします。
(昨日インストールしたansible環境が前提です)

 

#OCI CLIのインストール
[opc@docker ~]$ sudo yum -y install python-oci-cli

 

#USER OCID,Tenancy OCID,Compartment OCIDの確認(Oracle Cloudの管理コンソール)
USER OCID ・・・・ アイデンティティ->ユーザー で確認したいユーザのOCIDの「表示」をクリックします。
Tenancy OCID・・・ 管理->テナンシ詳細 で確認したいテナンシのOCIDの「表示」をクリックします。
Compartment OCID・ アイデンティティ->コンパートメントで確認したいユーザのコンパートメントの「表示」をクリックします。

 

#configファイルおよび公開鍵の作成
[opc@docker ~]$ oci setup config
This command provides a walkthrough of creating a valid CLI config file.

The following links explain where to find the information required by this
script:

User OCID and Tenancy OCID:

https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm#Other

Region:

https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm

General config documentation:

https://docs.cloud.oracle.com/Content/API/Concepts/sdkconfig.htm


Enter a location for your config [/home/opc/.oci/config]:
Enter a user OCID: ocid1.user.oc1..aaaaaaaariv62l6vabhcskbpj6ytb5i4ymm2s5p3hvnvedvhv27bs623opmq
Enter a tenancy OCID: ocid1.tenancy.oc1..aaaaaaaab2snt4bpmiq72kxirfn6sdcsappqa3fk3sljtbfjtkxsc3pmnfca
Enter a region (e.g. ap-mumbai-1, ap-seoul-1, ap-sydney-1, ap-tokyo-1, ca-toronto-1, eu-frankfurt-1, eu-zurich-1, sa-saopaulo-1, uk-london-1, us-ashburn-1, us-gov-ashburn-1, us-gov-chicago-1, us-gov-phoenix-1, us-langley-1, us-luke-1, us-phoenix-1): ap-tokyo-1
Do you want to generate a new RSA key pair? (If you decline you will be asked to supply the path to an existing key.) [Y/n]: Y
Enter a directory for your keys to be created [/home/opc/.oci]:
Enter a name for your key [oci_api_key]:
Public key written to: /home/opc/.oci/oci_api_key_public.pem
Enter a passphrase for your private key (empty for no passphrase):
Private key written to: /home/opc/.oci/oci_api_key.pem
Fingerprint: ee:1a:98:69:8a:be:34:28:31:c4:7b:1e:1a:19:d9:f6
Config written to /home/opc/.oci/config


If you haven't already uploaded your public key through the console,
follow the instructions on the page linked below in the section 'How to
upload the public key':

https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm#How2

 


#公開鍵の確認
[opc@docker ~]$ cat ~/.oci/oci_api_key_public.pem
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFb2vXNqzlrsZSWbaBOY
jFsUMsuIf1OcWJ9o+xP2CEm43wIO5R/5aO52SgQwxY6ZQvaNdpWHU2dYB70sWPny
wRMgB6WBon4AhYVqzXbA+2MMAdUMrYnG0rs0ypqrwmudUIfFiVpOhkRErmqdwk8P
・・・・・・・
-----END PUBLIC KEY-----


#公開鍵の登録
Oracle Cloudの管理コンソールから
アイデンティティ->ユーザー
公開鍵を登録したいユーザのユーザー詳細をクリックします。
APIキー->公開鍵の追加をクリックし、先ほど確認した公開鍵の「-----BEGIN PUBLIC KEY-----」から「-----END PUBLIC KEY-----」までを入力します。

 

#デフォルトコンパートメント値の設定
[opc@docker ~]$ oci setup oci-cli-rc
Predefined queries written under section OCI_CLI_CANNED_QUERIES
Command aliases written under section OCI_CLI_COMMAND_ALIASES
Parameter aliases written under section OCI_CLI_PARAM_ALIASES

 

#oci_cli_rcファイルにデフォルトコンパートメントIDの登録
[opc@docker ~]$ vi ~/.oci/oci_cli_rc
[DEFAULT]
compartment-id = ocid1.tenancy.oc1..aaaaaaaab2snt4bpmiq72kxirfn6sdcsappqa3fk3sljtbfjtkxsc3pmnfca

 

 

#設定の確認
[opc@docker ~]$oci compute image list
{
"data": [
{
"agent-features": null,
"base-image-id": null,
"compartment-id": null,
"create-image-allowed": true,
"defined-tags": {},
"display-name": "Windows-Server-2016-Standard-Edition-VM-Gen2-2019.10.09-0",
"freeform-tags": {},
"id": "ocid1.image.oc1.ap-tokyo-1.aaaaaaaavlzb37igtmrnftw4ulolbdh5ysjyxqq3d4nv72slraedsrjkwyjq",
"launch-mode": "NATIVE",
"launch-options": {
"boot-volume-type": "PARAVIRTUALIZED",
"firmware": "UEFI_64",
"is-consistent-volume-naming-enabled": false,
"is-pv-encryption-in-transit-enabled": true,
"network-type": "PARAVIRTUALIZED",
"remote-data-volume-type": "PARAVIRTUALIZED"
},
"lifecycle-state": "AVAILABLE",
"operating-system": "Windows",
"operating-system-version": "Server 2016 Standard",
"size-in-mbs": 262144,
"time-created": "2019-10-10T04:03:14.266000+00:00"
},・・・・

 


#Ansible OCI modulesのインストール
[opc@docker ~]sudo yum -y install oci-ansible-modules

 

 

#gitのインストール
[opc@docker ~]sudo yum -y install git

#oci-ansible-moduleのサンプルをダウンロード
[opc@docker ~]git clone https://github.com/oracle/oci-ansible-modules.git

 

 

#sample playbookを使って、インスタンスの起動/削除
[opc@docker ~]cd ~/oci-ansible-modules/samples/compute/launch_compute_instance

#今回、always free(VM.Standard.E2.1.Micro)を使い切っているので、VM.Standard.E2.1で試します。
#export SAMPLE_INSTANCE_SHAPE=VM.Standard.E2.1.Micro
[opc@docker launch_compute_instance]export SAMPLE_INSTANCE_SHAPE=VM.Standard.E2.1
[opc@docker launch_compute_instance]export SAMPLE_IMAGE_OCID=ocid1.image.oc1.ap-tokyo-1.aaaaaaaavafdy6turyejyoteynggaogbvmdcy2zwl5ukgy3mww6ohbmrgs7q
[opc@docker launch_compute_instance]export SAMPLE_COMPARTMENT_OCID=ocid1.tenancy.oc1..aaaaaaaab2snt4bpmiq72kxirfn6sdcsappqa3fk3sljtbfjXXXXXXXXXXXXX
[opc@docker launch_compute_instance]export SAMPLE_AD_NAME=FJrI:AP-TOKYO-1-AD-1

 

 

 

#ansible-playbookの実行
#最後までエラーなく実行できればOK
[opc@docker launch_compute_instance]$ ansible-playbook sample.yaml
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'


PLAY [Launch a compute instance and connect to it using SSH] *********************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [localhost]

TASK [Check pre-requisites] ******************************************************************************************************************************
skipping: [localhost] => (item=SAMPLE_COMPARTMENT_OCID)
skipping: [localhost] => (item=SAMPLE_IMAGE_OCID)
skipping: [localhost] => (item=SAMPLE_AD_NAME)
・・・・・

TASK [Print SSH response from launched instance] *********************************************************************************************************
ok: [localhost] => {
"msg": "SSH response from instance -> [u'Please login as the user \"ubuntu\" rather than the user \"opc\".']"
}

TASK [Terminate the instance] ****************************************************************************************************************************
changed: [localhost]

TASK [Delete the subnet] *********************************************************************************************************************************
changed: [localhost]

TASK [Delete the security list] **************************************************************************************************************************
changed: [localhost]

TASK [Delete the route table] ****************************************************************************************************************************
changed: [localhost]

TASK [Delete the Internet Gateway] ***********************************************************************************************************************
changed: [localhost]

TASK [Delete the VCN] ************************************************************************************************************************************
changed: [localhost]

PLAY RECAP ***********************************************************************************************************************************************
localhost : ok=38 changed=11 unreachable=0 failed=0

 

<参考>

qiita.com

 

community.oracle.com