install weblogic or FMW software using ansible in multiple targets

 The playbook is going to cover and automate all the tasks of weblogic installation.

before that let us create below response file and copy at software location.

vi wls_install.rsp 

[ENGINE]

Response File Version=1.0.0.0.0

[GENERIC]

ORACLE_HOME=/u01/fmw/oracle/middleware

INSTALL_TYPE=Fusion Middleware Infrastructure

MYORACLESUPPORT_USERNAME=

MYORACLESUPPORT_PASSWORD=

DECLINE_SECURITY_UPDATES=true

SECURITY_UPDATES_VIA_MYORACLESUPPORT=false

PROXY_HOST=

PROXY_PORT=

PROXY_USER=

PROXY_PWD=

COLLECTOR_SUPPORTHUB_URL=

You can see the work flow of FMW installation.

cat wls_install.yml

---

#Install Weblogic

- hosts: all

  remote_user: oracle

  vars:

   java_dir: /u01/fmw/java/jdk1.8.0_291

   hibernate_dir: /u01/fmw/hibernate-4.1.0

   mw_dir: /tmp

   mw_installer: fmw_12.2.1.3.0_infrastructure.jar

   oracle_home: /u01/fmw/oracle/middleware

   mw_oraInv: /scratch/oracle/oraInventory

  tasks:

   - name: Install Weblogic

     command: "{{ java_dir }}/bin/java -jar {{ mw_dir }}/{{ mw_installer }} -silent -responseFile {{ mw_dir }}/wls_install.rsp -invPtrLoc {{ mw_oraInv }}/oraInst.loc"

     register: command_result

   - debug: msg={{ command_result.stdout.split('\n')[:-1]}}

   - name: Wait for installation complete

     pause:

      minutes: 3

Syntax check:

# ansible-playbook wls_install.yml --syntax-check

playbook: wls_install.yml

Call ansible play book :

# ansible-playbook wls_install.yml

PLAY [all] *************************************************************************************

TASK [Gathering Facts] *************************************************************************************

ok: [ 192.168.100.2]

ok: [ 192.168.100.1]

TASK [Install Weblogic] *************************************************************************************

changed: [ 192.168.100.2]

changed: [ 192.168.100.1]

TASK [debug] *************************************************************************************

ok: [ 192.168.100.1] => {

    "msg": [

        "Launcher log file is /tmp/OraInstall2021-11-16_03-37-14PM/launcher2021-11-16_03-37-14PM.log.",

        "Extracting the installer . . . . . . . . . . . Done",

        "Checking if CPU speed is above 300 MHz.   Actual 1995.312 MHz    Passed",

        "Checking swap space: must be greater than 512 MB.   Actual 16191 MB    Passed",

        "Checking if this platform requires a 64-bit JVM.   Actual 64    Passed (64-bit not required)",

        "Checking temp space: must be greater than 300 MB.   Actual 21984 MB    Passed",

        "Preparing to launch the Oracle Universal Installer from /tmp/OraInstall2021-11-16_03-37-14PM",

        "Log: /tmp/OraInstall2021-11-16_03-37-14PM/install2021-11-16_03-37-14PM.log",

        "Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.",

        "Reading response file..",

        "Skipping Software Updates",

        "Starting check : CertifiedVersions",

        "Expected result: One of oracle-6, oracle-7, redhat-7, redhat-6, SuSE-11, SuSE-12",

        "Actual Result: oracle-7.8",

        "Check complete. The overall result of this check is: Passed",

        "CertifiedVersions Check: Success.",

        "",

        "",

        "Starting check : CheckJDKVersion",

        "Expected result: 1.8.0_131",

        "Actual Result: 1.8.0_291",

        "Check complete. The overall result of this check is: Passed",

        "CheckJDKVersion Check: Success.",

        "",

        "",

        "Validations are enabled for this session.",

        "Verifying data",

        "Copying Files",

        "Percent Complete : 10",

        "Percent Complete : 20",

        "Percent Complete : 30",

        "Percent Complete : 40",

        "Percent Complete : 50",

        "Percent Complete : 60",

        "Percent Complete : 70",

        "Percent Complete : 80",

        "Percent Complete : 90",

        "Percent Complete : 100",

        "",

        "The installation of Oracle Fusion Middleware 12c Infrastructure 12.2.1.3.0 completed successfully."

    ]

}

ok: [ 192.168.100.2] => {

    "msg": [

        "Launcher log file is /tmp/OraInstall2021-11-16_03-37-14PM/launcher2021-11-16_03-37-14PM.log.",

        "Extracting the installer . . . . . . . . Done",

        "Checking if CPU speed is above 300 MHz.   Actual 1995.312 MHz    Passed",

        "Checking swap space: must be greater than 512 MB.   Actual 16191 MB    Passed",

        "Checking if this platform requires a 64-bit JVM.   Actual 64    Passed (64-bit not required)",

        "Checking temp space: must be greater than 300 MB.   Actual 22337 MB    Passed",

        "Preparing to launch the Oracle Universal Installer from /tmp/OraInstall2021-11-16_03-37-14PM",

        "Log: /tmp/OraInstall2021-11-16_03-37-14PM/install2021-11-16_03-37-14PM.log",

        "Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.",

        "Reading response file..",

        "Skipping Software Updates",

        "Starting check : CertifiedVersions",

        "Expected result: One of oracle-6, oracle-7, redhat-7, redhat-6, SuSE-11, SuSE-12",

        "Actual Result: oracle-7.8",

        "Check complete. The overall result of this check is: Passed",

        "CertifiedVersions Check: Success.",

        "",

        "",

        "Starting check : CheckJDKVersion",

        "Expected result: 1.8.0_131",

        "Actual Result: 1.8.0_291",

        "Check complete. The overall result of this check is: Passed",

        "CheckJDKVersion Check: Success.",

        "",

        "",

        "Validations are enabled for this session.",

        "Verifying data",

        "Copying Files",

        "Percent Complete : 10",

        "Percent Complete : 20",

        "Percent Complete : 30",

        "Percent Complete : 40",

        "Percent Complete : 50",

        "Percent Complete : 60",

        "Percent Complete : 70",

        "Percent Complete : 80",

        "Percent Complete : 90",

        "Percent Complete : 100",

        "",

        "The installation of Oracle Fusion Middleware 12c Infrastructure 12.2.1.3.0 completed successfully."

    ]

}

TASK [Wait for installation complete] *************************************************************************************

Pausing for 180 seconds

(ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort)

ok: [ 192.168.100.1]

PLAY RECAP **************************************************************************************************************************************************

 192.168.100.1             : ok=4    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

 192.168.100.2             : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

#

Ansible command lines

 Ansible command line helps you to meet your requirement without creating & running playbook.

The purpose of Ansible command is basically:

--> run a single task

--> helpful to run some ad-hoc commands e.g., server uptime, date, filesystem usage report etc.

syntax:  ansible <host-pattern> [options]

-u REMOTE_USER

-m MODULE_NAME

-a module arguments

-i specify inventory host path or comma separated host

-s run operations with sudo

Examples:

1) Get uptime of remote servers:

# ansible all -m command -a uptime

192.168.100.2 | CHANGED | rc=0 >>

 06:04:05 up 3 days, 18:03,  1 user,  load average: 1.49, 1.12, 1.03

192.168.100.1 | CHANGED | rc=0 >>

 06:04:05 up 3 days, 18:02,  1 user,  load average: 1.01, 1.06, 1.08

2) Show hostnames of remote server:

# ansible all -m command -a /usr/bin/hostname

192.168.100.1 | CHANGED | rc=0 >>

example01

192.168.100.2 | CHANGED | rc=0 >>

example02

3) See remote server OS version:

# ansible all -m command -a "cat /etc/redhat-release"

192.168.100.2 | CHANGED | rc=0 >>

Red Hat Enterprise Linux Server release 7.8 (Maipo)

192.168.100.1 | CHANGED | rc=0 >>

Red Hat Enterprise Linux Server release 7.8 (Maipo)

4) See file system usage:

# ansible all -m command -a "df -h /u01"

192.168.100.2 | CHANGED | rc=0 >>

Filesystem      Size  Used Avail Use% Mounted on

/dev/sdb1       300G  183G  118G  61% /u01

192.168.100.1 | CHANGED | rc=0 >>

Filesystem      Size  Used Avail Use% Mounted on

/dev/sdb1       300G  192G  109G  64% /u01

5) See remote server dates:

# ansible all -m command -a "date"

192.168.100.2 | CHANGED | rc=0 >>

Thu Nov 18 06:08:13 GMT 2021

192.168.100.1 | CHANGED | rc=0 >>

Thu Nov 18 06:08:13 GMT 2021

Ansible Vault - Security in Ansible

 When you are using Ansible, you may be required to key in some confidential or secret information in playbooks. This includes SSH private and public keys, passwords, and SSL certificates to mention just a few. As we already know, its bad practice to save this sensitive information in plain text for obvious reasons. This information requires to be kept under lock and key because we can only imagine what would happen if hackers or unauthorized users got a hold of it.

Ansible provides us with a handy feature known as Ansible Vault. As the name suggests, the Ansible Vault helps secure vital secret information as we have discussed earlier. Ansible Vault can encrypt variables, or even entire files and YAML playbooks as we shall later demonstrate. It’s a very handy and user-friendly tool that requires the same password when encrypting and decrypting files.

Here are few examples:

Encrypt a file/ playbook:

# ansible-vault encrypt demo.yml

New Vault password:

Confirm New Vault password:

Encryption successful

# cat demo.yml

$ANSIBLE_VAULT;1.1;AES256

63643961663965663630373861323966383565346165663231336562666338393363346162386238

3132343739396130643463333337386435663133316132640a313638373838616437663933633834

35626337373262383236646136616536616334346364393466616131306333353065386133666136

3532653438336364660a646262633233653364313965613562326136356366393564356364643536

62623034633565326535633365366362646339303766326536303431363031303235346137393233

33386334623163363032653237636363616161376635616666303136623461343134613034316365

62383464396461383937373332633462363838663764363337653265623738613035393735346634

32396265623932313530303332663937353931343036346532343266303364666566303739626534

34663839666665393363646139343931343930333430663039633934626330313830356432383861

3566343934366633353836383330303662306132623133663465

#

Decrypt the encrypted ansible file/playbook:

# ansible-vault decrypt demo.yml

Vault password:

Decryption successful

Edit an Encrypted File in Ansible:

#  ansible-vault edit demo.yml

Change Ansible Vault Password:

Reset key on Encrypted File in Ansible:

#  ansible-vault rekey demo.yml

Vault password:

New Vault password:

Confirm New Vault password:

Rekey successful

Decrypt a playbook file during Runtime:

# ansible-playbook demo.yml --ask-vault-pass

Vault password:

PLAY [all] ***********************************************************************************

TASK [Gathering Facts] ***********************************************************************************

ok: [192.168.100.2]

ok: [192.168.100.1]

TASK [Date and Time example] ***********************************************************************************

ok: [192.168.100.1] => {

    "ansible_date_time.date": "2021-11-18"

}

ok: [192.168.100.2] => {

    "ansible_date_time.date": "2021-11-18"

}

PLAY RECAP ***********************************************************************************

192.168.100.1             : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

192.168.100.2             : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Ansible automation to install Java in Linux machines

We can install Java in multiple targets / linux hosts using ansible. Here I am showing you one demo scenario to do the following tasks using Ansible:

1. Create directory

2. Unzip/Install Java software 

3. Create a symbolic link to uninstalled Java

 Create the playbook with name something like "java_install.yml".

Step#1: Create the play book

[root@demosys01 ~]#  cat java_install.yml

---

- hosts: all

  remote_user: oracle

  tasks:

   - name: Create Folder

     file:

      path: /u01/fmw/java

      mode: 0755

      state: directory

   - name: Unpack archive

     unarchive:

      src: /software/jdk-8u291-linux-x64.tar.gz

      dest: /u01/fmw/java

      remote_src: yes

   - name: Create symbolic link

     file:

      src: "jdk1.8.0_291"

      dest: "/u01/fmw/java/jdk"

      state: link

[root@demosys01 ~]#

Step#2:  Verify the playbook to check syntax errors:

# ansible-playbook java_install.yml --syntax-check

playbook: java_install.yml

#

Here, no errors found. Now go-ahed to run the play book.

Step#3: Run the play book

[root@demosys01 ~]# ansible-playbook java_install.yml

PLAY [all] ***********************************************************************************

TASK [Gathering Facts] ***********************************************************************************

ok: [192.168.100.1]

ok: [192.168.100.2]

TASK [Create Folder] ***********************************************************************************

changed: [192.168.100.1]

changed: [192.168.100.2]

TASK [Unpack archive] ***************************************************************************************************************************************

changed: [192.168.100.1]

changed: [192.168.100.2]

TASK [Create symbolic link] ***********************************************************************************

changed: [192.168.100.1]

changed: [192.168.100.2]

PLAY RECAP ******************************************************************************************************************

192.168.100.1             : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

192.168.100.2             : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

[root@demosys01 ~]#

Step#4: Now Verify in one of the target host:

verify in target host:

[oracle@example01 ]$ hostname -i

192.168.100.2

[oracle@example01 ]$ cd /u01/fmw/java

[oracle@example01 java]$ ls -l

total 4

lrwxrwxrwx 1 oracle dba   12 Nov 10 09:04 jdk -> jdk1.8.0_291

drwxr-xr-x 8 oracle dba 4096 Jun  2 10:05 jdk1.8.0_291

[oracle@example01 java]$

Deploy and execute a shell script in target hosts using Ansible

Let's imagine you have a script to execute in all target hosts. In this case, let's call it setup.sh and for now, it will just be a Shell/ BASH script.

Step#1 : Create the Setup Script

Lets create the script on our Ansible server because it needs to be local

e.g., create in central/ ansible server

# vi setup.sh

touch test.txt

Step#2: create your play book

# cat play_setup.yml

---

#deploy shell script

- name: Transfer and execute a script.

  hosts: all

  remote_user: oracle

  tasks:

   - name: Transfer the script

     copy: src=setup.sh dest=/home/oracle mode=0777

   - name: Execute the script

     command: sh /home/oracle/setup.sh

Step#3: Now execute your play book after syntax check

# ansible-playbook play_setup.yml --syntax-check

playbook: play_setup.yml

# ansible-playbook play_setup.yml

PLAY [Transfer and execute a script.] ***********************************************************************************

TASK [Gathering Facts] ***********************************************************************************

ok: [192.168.100.1]

ok: [192.168.100.2]

TASK [Transfer the script] ***********************************************************************************

ok: [192.168.100.1]

ok: [192.168.100.2]

TASK [Execute the script] ***********************************************************************************

changed: [192.168.100.1]

changed: [192.168.100.2]

PLAY RECAP ***********************************************************************************

192.168.100.2             : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

192.168.100.1             : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Step#4: Verify in one of the target host

connect to 192.168.100.1 and check

$ ls setup.sh

setup.sh

$ ls test.txt

test.txt

We saw here our script deployed and executed successfully.

Deploy shell script using Ansible

How to deploy a shell script on a remote server using Ansible?

see the demo steps:

step#1 : Create or define your shell script in ansible server.

Here the script is demo.sh

Step#2 : Create your play book. example deploy_shell.yml

[root@demosys01 ~]# cat deploy_shell.yml

---

#deploy shell script

- name: Transfer and execute a script.

  hosts: all

  user: oracle

  tasks:

   - name: Transfer the script

     copy: src=demo.sh dest=/home/oracle mode=0777

   - name: Execute the script

     command: sh /home/oracle/demo.sh

[root@demosys01 ~]#

Step#3 : Check the yaml play book is error free or not deploy_shell.yml

[root@demosys01 ~]# ansible-playbook deploy_shell.yml --syntax-check

playbook: deploy_shell.yml

Step#4 : Play the yaml play book  deploy_shell.yml 

[root@demosys01 ~]# ansible-playbook deploy_shell.yml

PLAY [Transfer and execute a script.] *************************************************************************************

TASK [Gathering Facts] *************************************************************************************

[WARNING]: Platform linux on host 192.168.100.1 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python

interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.

ok: [192.168.100.1]

[WARNING]: Platform linux on host 192.168.100.2 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python

interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.

ok: [192.168.100.2]

TASK [Transfer the script] *************************************************************************************

changed: [192.168.100.1]

changed: [192.168.100.2]

TASK [Execute the script] *************************************************************************************

changed: [192.168.100.1]

changed: [192.168.100.2]

PLAY RECAP *************************************************************************************

192.168.100.2             : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

192.168.100.1             : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

[root@demosys01 ~]#

Step#5 : Now verify whether script is deployed in the target machines or not

-- on target machine1

[oracle@example1 ~]$ hostname -i

192.168.100.1

[oracle@example1 ~]$ ls demo.sh

demo.sh

[oracle@example1 ~]$ pwd

/home/oracle

-- On target machine2

[oracle@example2 ~]$ hostname -i

192.168.100.2

[oracle@example2 ~]$ ls demo.sh

demo.sh

[oracle@example1 ~]$ pwd

/home/oracle

Yes, script successfully deployed in the target server.

Ansible ERROR! Using a SSH password instead of a key is not possible

Let us see very simple solution for below ansible error when running playbook.

FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.  Please add this host's fingerprint to your known_hosts file to manage this host."}

Issue:

Ansible verifying host key.

Solution:

create "ansible.cfg" file and below message:

vi ansible.cfg

[defaults]

host_key_checking = false

Note: Ansible version 2.6.2 and solution with host_key_checking = false doesn't work

This error can also be solved by simply export ANSIBLE_HOST_KEY_CHECKING variable.

export ANSIBLE_HOST_KEY_CHECKING=False

Demo:

when ansible.cfg not there or "host_key_checking = false" is commented in ansible.cfg file.

# cat test01.yml

---

- hosts: all

  vars:

   fail: false

  tasks:

   - fail: msg="Congrats, you asked for this playbook to fail ... and it has"

     when: fail

 

-- Check the syntax for the newly created yml

"

# ansible-playbook test01.yml --syntax-check

playbook: test01.yml

-- play your play book

# ansible-playbook test01.yml

PLAY [all] **************************************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************************************

fatal: [192.168.100.1]: FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.  Please add this host's fingerprint to your known_hosts file to manage this host."}

fatal: [192.168.100.2]: FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.  Please add this host's fingerprint to your known_hosts file to manage this host."}

PLAY RECAP **************************************************************************************************************************************************

192.168.100.1             : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

192.168.100.2             : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

playbook: test01.yml

#

after adding "ansible.cfg" file and below message:

vi ansible.cfg

[defaults]

host_key_checking = false

# ansible-playbook test01.yml --syntax-check

playbook: test01.yml

# ansible-playbook test01.yml

PLAY [all] **************************************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************************************

[WARNING]: Platform linux on host 192.168.100.2 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python

interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.

ok: [192.168.100.2]

[WARNING]: Platform linux on host 192.168.100.3 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python

interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.

ok: [192.168.100.3]

TASK [fail] *************************************************************************************************************************************************

skipping: [192.168.100.3]

skipping: [192.168.100.2]

PLAY RECAP **************************************************************************************************************************************************

192.168.100.2             : ok=1    changed=0    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0

192.168.100.3             : ok=1    changed=0    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0

#

Here, check the warnings and fix accordingly. There are no issues.

storeUserConfig - create User Config and Key files in weblogic

 Creating configuration file to connect WebLogic domain using WLST :

Collect the following:

1. Domain Name and Home

2. WebLogic console User, Password and URL

Step#1 : Go to domain Home:

For my POC system, domain name is 

/u01/fmw/user_projects/domains/ebsapp

See the value from nodemanager.properties:

Home : /u01/fmw/user_projects/domains/ebsapp/nodemanager

Port : ListenPort=5556

 

Step#2 : Create UserKey and UserConfig file:

Go to wlst location: /u01/fmw/oracle_common/common/bin

$ wlst.sh

wls:/offline> connect('weblogic','PassW00rd','t3://100.10.10.10:7100')

wls:/ebsapp/serverConfig/> storeUserConfig('/home/oracle/userconfigNM.secure', '/home/oracle/userkeyNM.secure')

Creating the key file can reduce the security of your system if it is not kept in a secured location after it is created. Creating new key...

The username and password that were used for this WebLogic Server connection are stored in /home/oracle/userconfigNM.secure and /home/oracle/userkeyNM.secure.

wls:/ebsapp/serverConfig/> exit()

$

Step#3 : Verify

$ pwd

/home/oracle

$ ls -lrt

...

-rw-r----- 1 oracle dba   64 Oct  4 06:10 userkeyNM.secure

-rw-r----- 1 oracle dba  227 Oct  4 06:10 userconfigNM.secure

Install Ansible - troubleshoot Error: Nothing to do

 While I am installation ansible once of OCI linux system, then got below error:

# yum install ansible

Loaded plugins: langpacks, ulninfo

No package ansible available.

Error: Nothing to do

Verification:

Verify the repository using "sudo yum repolist"

e.g.,

# sudo yum repolist

Loaded plugins: langpacks, ulninfo

repo id                                                               repo name                                                                       status

ol7_latest/x86_64                                                     OracleLinux OL7 latest x86_64                                                   23,277

ol7_pdit_tools/x86_64                                                 PDIT OL7 x86_64                                                                    132

ol7_u8_base/x86_64                                                    OracleLinux OL7 8 base x86_64                                                    7,447

ol7_u8_patch/x86_64                                                   OracleLinux OL7 8 patch x86_64                                                   1,071

repolist: 31,927

Solution:

Here it seems, you need to enable ol7_developer_EPEL.

Now enable it using "sudo yum-config-manager --enable ol7_developer_EPEL" command.

e.g.,

# sudo yum-config-manager --enable ol7_developer_EPEL

Loaded plugins: langpacks

================================================================= repo: ol7_developer_epel =================================================================

[ol7_developer_epel]

async = True

bandwidth = 0

base_persistdir = /var/lib/yum/repos/x86_64/7Server

baseurl = http://pd-yum-bom-01.oci.oraclecorp.com/pditrepos/OracleLinux/OL7/developer/EPEL/x86_64

cache = 0

cachedir = /var/cache/yum/x86_64/7Server/ol7_developer_epel

check_config_file_age = True

compare_providers_priority = 80

cost = 1000

deltarpm_metadata_percentage = 100

deltarpm_percentage =

enabled = 1

enablegroups = True

exclude =

failovermethod = priority

ftp_disable_epsv = False

gpgcadir = /var/lib/yum/repos/x86_64/7Server/ol7_developer_epel/gpgcadir

gpgcakey =

gpgcheck = True

gpgdir = /var/lib/yum/repos/x86_64/7Server/ol7_developer_epel/gpgdir

gpgkey = http://pd-yum-bom-01.oci.oraclecorp.com/pditrepos/gpgkeys/RPM-GPG-KEY-ol7

hdrdir = /var/cache/yum/x86_64/7Server/ol7_developer_epel/headers

http_caching = all

includepkgs =

ip_resolve =

keepalive = True

keepcache = False

mddownloadpolicy = sqlite

mdpolicy = group:small

mediaid =

metadata_expire = 21600

metadata_expire_filter = read-only:present

metalink =

minrate = 0

mirrorlist =

mirrorlist_expire = 86400

name = OracleLinux OL7 developer EPEL x86_64

old_base_cache_dir =

password =

persistdir = /var/lib/yum/repos/x86_64/7Server/ol7_developer_epel

pkgdir = /var/cache/yum/x86_64/7Server/ol7_developer_epel/packages

proxy = _none_

proxy_dict = {'ftp': '', 'http': '', 'https': ''}

proxy_password =

proxy_username =

repo_gpgcheck = False

retries = 10

skip_if_unavailable = False

ssl_check_cert_permissions = True

sslcacert =

sslclientcert =

sslclientkey =

sslverify = True

throttle = 0

timeout = 30.0

ui_id = ol7_developer_epel/x86_64

ui_repoid_vars = releasever,

   basearch

username =

#

Install Ansible:

Now install ansible again using "sudo yum install ansible"

e.g.,

# sudo yum install ansible

Loaded plugins: langpacks, ulninfo

ol7_developer_epel                                                                                                                   | 3.6 kB  00:00:00

ol7_latest                                                                                                                           | 3.6 kB  00:00:00

ol7_pdit_tools                                                                                                                       | 2.5 kB  00:00:00

ol7_u8_base                                                                                                                          | 2.7 kB  00:00:00

Not using downloaded ol7_u8_base/repomd.xml because it is older than what we have:

  Current   : Tue Feb  9 00:00:04 2021

  Downloaded: Wed Apr  8 15:45:38 2020

ol7_u8_patch                                                                                                                         | 2.5 kB  00:00:00

Not using downloaded ol7_u8_patch/repomd.xml because it is older than what we have:

  Current   : Mon Feb  8 23:58:12 2021

  Downloaded: Tue Sep 29 18:32:22 2020

(1/3): ol7_developer_epel/x86_64/group_gz                                                                                            |  88 kB  00:00:00

(2/3): ol7_developer_epel/x86_64/updateinfo                                                                                          | 523 kB  00:00:00

(3/3): ol7_developer_epel/x86_64/primary_db                                                                                          |  14 MB  00:00:00

Resolving Dependencies

There are unfinished transactions remaining. You might consider running yum-complete-transaction, or "yum-complete-transaction --cleanup-only" and "yum history redo last", first to finish them. If those don't work you'll have to try removing/installing packages by hand (maybe package-cleanup can help).

--> Running transaction check

---> Package ansible.noarch 0:2.9.25-1.el7 will be installed

--> Processing Dependency: python-httplib2 for package: ansible-2.9.25-1.el7.noarch

--> Processing Dependency: python-paramiko for package: ansible-2.9.25-1.el7.noarch

--> Processing Dependency: python2-jmespath for package: ansible-2.9.25-1.el7.noarch

--> Processing Dependency: sshpass for package: ansible-2.9.25-1.el7.noarch

--> Running transaction check

---> Package python-paramiko.noarch 0:2.1.1-9.el7 will be installed

---> Package python2-httplib2.noarch 0:0.18.1-3.el7 will be installed

---> Package python2-jmespath.noarch 0:0.9.4-2.el7 will be installed

---> Package sshpass.x86_64 0:1.06-1.el7 will be installed

--> Finished Dependency Resolution

--> Finding unneeded leftover dependencies

Found and removing 0 unneeded dependencies

Dependencies Resolved

============================================================================================================================================================

 Package                                 Arch                          Version                              Repository                                 Size

============================================================================================================================================================

Installing:

 ansible                                 noarch                        2.9.25-1.el7                         ol7_developer_epel                         17 M

Installing for dependencies:

 python-paramiko                         noarch                        2.1.1-9.el7                          ol7_latest                                268 k

 python2-httplib2                        noarch                        0.18.1-3.el7                         ol7_developer_epel                        124 k

 python2-jmespath                        noarch                        0.9.4-2.el7                          ol7_developer_epel                         41 k

 sshpass                                 x86_64                        1.06-1.el7                           ol7_developer_epel                         21 k

Transaction Summary

============================================================================================================================================================

Install  1 Package (+4 Dependent packages)

Total download size: 17 M

Installed size: 105 M

Is this ok [y/d/N]: y

Downloading packages:

(1/5): python-paramiko-2.1.1-9.el7.noarch.rpm                                                                                        | 268 kB  00:00:00

(2/5): python2-httplib2-0.18.1-3.el7.noarch.rpm                                                                                      | 124 kB  00:00:00

(3/5): python2-jmespath-0.9.4-2.el7.noarch.rpm                                                                                       |  41 kB  00:00:00

(4/5): sshpass-1.06-1.el7.x86_64.rpm                                                                                                 |  21 kB  00:00:00

(5/5): ansible-2.9.25-1.el7.noarch.rpm                                                                                               |  17 MB  00:00:00

------------------------------------------------------------------------------------------------------------------------------------------------------------

Total                                                                                                                        34 MB/s |  17 MB  00:00:00

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

Warning: RPMDB altered outside of yum.

** Found 11 pre-existing rpmdb problem(s), 'yum check' output follows:

oracle-cloud-agent-1.8.2-3843.el7.x86_64 is a duplicate with oracle-cloud-agent-1.7.0-3586.el7.x86_64

oracle-cloud-agent-1.9.0-4425.el7.x86_64 is a duplicate with oracle-cloud-agent-1.8.2-3843.el7.x86_64

oracle-cloud-agent-1.10.0-4792.el7.x86_64 is a duplicate with oracle-cloud-agent-1.9.0-4425.el7.x86_64

oracle-cloud-agent-1.11.1-5104.el7.x86_64 is a duplicate with oracle-cloud-agent-1.10.0-4792.el7.x86_64

oracle-cloud-agent-1.11.4-5207.el7.x86_64 is a duplicate with oracle-cloud-agent-1.11.1-5104.el7.x86_64

oracle-cloud-agent-1.12.0-5313.el7.x86_64 is a duplicate with oracle-cloud-agent-1.11.4-5207.el7.x86_64

oracle-cloud-agent-1.13.0-5437.el7.x86_64 is a duplicate with oracle-cloud-agent-1.12.0-5313.el7.x86_64

oracle-cloud-agent-1.14.0-5731.el7.x86_64 is a duplicate with oracle-cloud-agent-1.13.0-5437.el7.x86_64

oracle-cloud-agent-1.14.2-5846.el7.x86_64 is a duplicate with oracle-cloud-agent-1.14.0-5731.el7.x86_64

oracle-cloud-agent-1.15.0-5915.el7.x86_64 is a duplicate with oracle-cloud-agent-1.14.2-5846.el7.x86_64

oracle-cloud-agent-1.16.0-6051.el7.x86_64 is a duplicate with oracle-cloud-agent-1.15.0-5915.el7.x86_64

  Installing : python2-jmespath-0.9.4-2.el7.noarch                                                                                                      1/5

  Installing : python-paramiko-2.1.1-9.el7.noarch                                                                                                       2/5

  Installing : python2-httplib2-0.18.1-3.el7.noarch                                                                                                     3/5

  Installing : sshpass-1.06-1.el7.x86_64                                                                                                                4/5

  Installing : ansible-2.9.25-1.el7.noarch                                                                                                              5/5

  Verifying  : sshpass-1.06-1.el7.x86_64                                                                                                                1/5

  Verifying  : ansible-2.9.25-1.el7.noarch                                                                                                              2/5

  Verifying  : python2-httplib2-0.18.1-3.el7.noarch                                                                                                     3/5

  Verifying  : python-paramiko-2.1.1-9.el7.noarch                                                                                                       4/5

  Verifying  : python2-jmespath-0.9.4-2.el7.noarch                                                                                                      5/5

Installed:

  ansible.noarch 0:2.9.25-1.el7

Dependency Installed:

  python-paramiko.noarch 0:2.1.1-9.el7    python2-httplib2.noarch 0:0.18.1-3.el7    python2-jmespath.noarch 0:0.9.4-2.el7    sshpass.x86_64 0:1.06-1.el7

Complete!

Now Check the installed Ansible version.

# ansible --version

ansible 2.9.25

  config file = /etc/ansible/ansible.cfg

  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']

  ansible python module location = /usr/lib/python2.7/site-packages/ansible

  executable location = /bin/ansible

  python version = 2.7.5 (default, Mar 12 2021, 14:55:44) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44.0.3)]

#

ORA-47400: Command Rule violation

 If you are facing below error while creating user or Profile in Oracle database even after connecting SYS / SYSTEM user, then you don't have grants / privileges to do so in Data Vault enabled environment.

                   ORA-47400: Command Rule violation

e.g,

SQL> connect sys as sysdba

SQL> CREATE PROFILE C##TEST LIMIT PASSWORD_LIFE_TIME UNLIMITED PASSWORD_VERIFY_FUNCTION verify_function;

CREATE PROFILE C##TEST LIMIT PASSWORD_LIFE_TIME UNLIMITED PASSWORD_VERIFY_FUNCTION verify_function

*

ERROR at line 1:

ORA-47400: Command Rule violation for CREATE PROFILE on C##TEST

How to fix:

DV_ACCTMGR or DV_ADMIN grant will not help. Use DV_PATCH_ADMIN  grant to sys account from DV user. In DV enabled environment sys / system both are not super users.

e.g.,

SQL> conn C##DVADMIN
Enter password:
Connected.
SQL> ALTER SESSION SET CONTAINER=CDB$ROOT;Session altered.SQL> grant DV_PATCH_ADMIN to sys;Grant succeeded.

Now tested:

SQL> connect sys as sysdba

SQL>  ALTER SESSION SET CONTAINER=CDB$ROOT;Session altered.SQL> CREATE PROFILE C##TEST LIMIT PASSWORD_LIFE_TIME UNLIMITED PASSWORD_VERIFY_FUNCTION verify_function;Profile created.