Infra as Code : using OCI APIs to manage your autonomous database lifecycle
Hello
Most of my customers want to create an 'as a service' solution and integrate it with an Enterprise workflow.
This means that the workflow should be able to interact with the cloud resources directly, without human intervention.
This shows how to achieve this using OCI (Oracle Cloud Infrastructure) APIs.
A complete list of API can be found here
https://docs.cloud.oracle.com/iaas/api/
In this article, I will focus on autonomous databases but all services (compute, network, ... ) have their API.
Also I will use the Zurich location.
Some pre requisites :
- A tenant on OCI
- An ssh key pair (PEM format)
- The oci-curl shell to emulate the web service call
https://docs.cloud.oracle.com/iaas/Content/Resources/Assets/signing_sample_bash.txt
- Add the PEM key to the user (in the Identity / Users menu) and get the fingerprint
- Collect all required OCIDs from the console and update the oci-curl.sh file
You'll need your Tenancy ID, User ID and API Key fingerprint and the the path to the private key.
Also note your compartment OCID
3. First I'll create an autonomous transaction processing database named ATP1 using the cloud console
4. Using the following script (listATP.sh), I can check the status (and other informations) for the ATP1 service
#!/bin/bash
. ./oci-curl.sh
COMPID=<your compartment ocid>
oci-curl database.eu-zurich-1.oraclecloud.com GET "/20160918/autonomousDatabases?compartmentId=$COMPID&displayName=$1"
Result (I'm using jq to format the result in json format
5. The following script (manageATPbyname.sh) can start or stop the ATP service. I'm giving the service name as input and I get the service OCID needed to stop using my previous script. The empty2.json file is just an empty file.
#!/bin/bash
. ./oci-curl.sh
ATPID=`./listATP.sh $1 | jq -r '.[].id'`
echo $ATPID
oci-curl database.eu-zurich-1.oraclecloud.com POST ./empty2.json /20160918/autonomousDatabases/$ATPID/actions/$2
Result for stop and start
./manageATPbyname.sh ATP1 stop
./manageATPbyname.sh ATP1 start
6. Obviously, you can provision a new service using a json template and following script (createATP.sh)
#!/bin/bash
. ./oci-curl.sh
oci-curl database.eu-zurich-1.oraclecloud.com POST ./requestATP.json "/20160918/autonomousDatabases"
The requestATP.json file (this one is very simple, there are more options)
{
"compartmentId" : "<your compartment OCI>",
"dbName" : "orcl",
"displayName" : "REST-ATP",
"adminPassword" : "<your admin password>",
"cpuCoreCount" : 1,
"dataStorageSizeInTBs" : 1,
"licenseModel" : "LICENSE_INCLUDED"
}
Result
7. The last step is to generate the wallet file that contains all necessary connectivity data
#!/bin/bash
. ./oci-curl.sh
ATPID=`./listATP.sh $1 | jq -r '.[].id'`
echo $ATPID
oci-curl database.eu-zurich-1.oraclecloud.com POST ./wallet.json "/20160918/autonomousDatabases/$ATPID/actions/generateWallet" > /tmp/wallet_$1.zip
This generated a zip file with all credentials (same as using the OCI console)
As written, if you need APIs examples for other IaaS or PaaS services, please reach out to me.
Christophe