generated from ministryofjustice/template-repository
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbackup.yml
173 lines (144 loc) · 7.49 KB
/
backup.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
# - name: Check Backup Target Exists
# import_playbook: check_target_exists.yml
- name: Oracle backup
hosts: '{{ rman_target | default("localhost", true) }}'
gather_facts: yes
become: yes
become_user: oracle
become_method: sudo
tasks:
- name: Show Inputs
debug:
msg: "{{ json_inputs | string }}"
- name: RMAN script
block:
- name: Set database_global_database
set_fact:
database_global_database: "{{ hostvars[groups[ ( rman_target | regex_replace('(^.*)_.*$','\\1') ) + '_primarydb'][0]]['database_global_database'] }}"
when: ((database_global_database is defined) and (database_global_database|length == 0)) or (database_global_database is not defined)
- name: Check variables are defined
fail:
msg: "Variable {{item}} not defined, can not run RMAN script"
when: item is not defined
with_items:
- daily_weekly
- name: debug daily_weekly
debug: var=daily_weekly
- name: Create rman_scripts dir
file:
path: /home/oracle/admin/rman_scripts
owner: oracle
group: oinstall
mode: 0755
state: directory
- name: Install RMAN script
copy:
src: rman_backup.sh
dest: /home/oracle/admin/rman_scripts/rman_backup.sh
owner: oracle
group: oinstall
mode: 0544
- name: Set rman_options when "daily"
set_fact:
rman_options: "-t HOT -i 1 -b Y"
when: daily_weekly == 'daily'
- name: Set rman_options when "weekly"
set_fact:
rman_options: "-t HOT -i 0 -b Y"
when: daily_weekly == 'weekly'
- name: Setup catalog connect identifier in tnsnames if catalog defined
include_tasks: setup-catalog-tnsnames.yml
when: (catalog is defined)
ignore_errors: yes
- name: Set catalog options when variable not null
set_fact:
catalog_options: "-n Y -c {{ catalog }}"
when: (catalog is defined)
- name: Set SSM Parameter used for Runtime details when variable is not null
set_fact:
ssm_parameter_path: '-s "{{ ssm_parameter }}"'
when: (ssm_parameter is defined)
- name: Set backup duration target when variable is not null
set_fact:
duration_options: "-m {{ rman_level_0_backup_duration_target }}"
when: daily_weekly == 'weekly' and (rman_level_0_backup_duration_target is defined)
- name: Calculate backup duration target
set_fact:
hours: "{{ rman_level_0_backup_duration_target | regex_replace('^([0-9]+):[0-9]{2}$','\\1') }}"
mins: "{{ rman_level_0_backup_duration_target | regex_replace('^[0-9]+:([0-9]{2})$','\\1') }}"
when: daily_weekly == 'weekly' and (rman_level_0_backup_duration_target is defined)
- name: Calculate Allowable Backup Duration
set_fact:
# Allow a margin of additional 4 hours margin beyond specified limit
# to allow for archivelog and backup crosscheck after backup completes
allowable_duration: "{{ (hours|int) * 3600 + (mins|int) * 60 + 14400 }}"
when: daily_weekly == 'weekly' and (rman_level_0_backup_duration_target is defined)
- name: Set uncompressed backup when variable is not null
set_fact:
uncompress_options: "-u {{ rman_uncompressed_backup }}"
when: (rman_uncompressed_backup is defined)
- name: Enable Tracing Flag if required
set_fact:
enable_trace_flag: "-e Y"
when: enable_trace | default(false) | bool
# The quotes in the JSON inputs can get messed up by unwanted shell interpretation.
# To avoid this we send the JSON as an encoded string to be decoded by the shell script.
- name: Enable Repository Dispatch Event if supplied
set_fact:
repository_dispatch_flag: "-r {{ repository_dispatch }} -j {{ json_inputs | b64encode }}"
when:
- repository_dispatch is defined
- json_inputs is defined
- block:
- name: Get Current RMAN Retention
script: get_rman_retention.sh {{ database_primary_sid | default(database_standby_sid) }}
register: rman_retention_output
changed_when: false
become_user: oracle
- name: Get Current RMAN Retention Policy
set_fact:
current_rman_retention: "{{ rman_retention_output.stdout_lines | select('match','CONFIGURE RETENTION POLICY TO *') | list | first | regex_replace('CONFIGURE RETENTION POLICY TO (.*);','\\1') }}"
- name: Set RMAN Retention Policy if Incorrect
script: set_rman_retention.sh {{ database_primary_sid | default(database_standby_sid) }} "{{ rman_retention_policy }}"
become_user: oracle
when:
- rman_retention_policy != current_rman_retention
when: rman_retention_policy is defined
# We space the snaphot controlfile on ASM as this prevents cluttering
# of the ORACLE_HOME which complicates de-installation and also is
# incompatible with Read Only ORACLE_HOMEs in 21c onwards. Place this in
# the FLASH disk group.
- name: Define Required Path to Snapshot Controlfile
set_fact:
snapshot_controlfile_name: "+FLASH/snapcf_{{ database_primary_sid | default(database_standby_sid) }}.f"
- name: Get Existing Path to Snapshot Controlfile from RMAN
script: get_snapshot_controlfile_location.sh
register: get_snapshot_controlfile_location
changed_when: false
become_user: oracle
- name: Get Current Path to Snapshot Controlfile
set_fact:
current_snapshot_controlfile_name: "{{ get_snapshot_controlfile_location.stdout_lines | select('match','CONFIGURE SNAPSHOT CONTROLFILE NAME TO *') | list | first | regex_replace('CONFIGURE SNAPSHOT CONTROLFILE NAME TO (.*);','\\1') | replace(\"'\",'') }}"
- name: Set Path to Snapshot Controlfile
script: set_snapshot_controlfile_location.sh "{{ snapshot_controlfile_name }}"
become_user: oracle
when: snapshot_controlfile_name != current_snapshot_controlfile_name
- name: Create RMAN Command
set_fact:
rman_command: "/home/oracle/admin/rman_scripts/rman_backup.sh -d {{ database_primary_sid | default(database_standby_sid) }} -g {{ database_global_database }} {{ rman_options }} {{ ssm_parameter_path | default() }} {{ duration_options|default() }} {{ uncompress_options|default() }} {{ catalog_options|default() }} {{ enable_trace_flag|default() }} {{ repository_dispatch_flag|default() }}"
- name: Show RMAN Command
debug:
msg: "About to run: {{ rman_command }}"
- name: Running RMAN script in Background
shell: "{{ rman_command }}"
async: "{{ allowable_duration|default(28800) }}"
poll: 0
environment:
ASSUME_ROLE_NAME: "{{ secretsmanager_passwords['catalog'].assume_role_name | default() }}"
SECRET_ACCOUNT_ID: "{{ account_ids[secretsmanager_passwords['catalog'].account_name] | default() }}"
SECRET: "{{ secretsmanager_passwords['catalog'].secret | default() }}"
register: backup_cmd_output
rescue:
- name: Block Failure
fail:
msg: "RMAN block has failed."