Automating DRG peering with Ansible

Syed Saad Ali November 25, 2021 ORACLE Leave a comment 52 Views

Automating DRG peering with Ansible

Automation reduces the chances of human errors when deploying and managing cloud infrastructure. In this blog, we show you how to easily deploy automation by peering two dynamic routing gateways (DRGs) in Oracle Cloud Infrastructure (OCI) and creating the required remote peering connections (RPCs), route rules, and security rules. We provide the sample Ansible code. To use it, you simply need to add a few variables.

The following diagram has a peering connection between two DRGs in different regions and their corresponding route rules.

A diagram depicting a peering connection between two DRGs in different regions with VCN route rules.

Prerequisites

You can download the code from GitHub. The following resources exist in OCI:

  • Compartment
  • Two VCNs in different or the same region
  • Two DRGs in different or the same region

You also need to install the following items:

  • oci_cli
  • OCI Ansible modules: ansible-galaxy collection install oracle.oci

The root directory of the downloaded code has the following files:

  • peering.ini: Inventory file containing all the prerequisites variables
  • peering_create.yaml: Creates the DRG connection, route rules, and security lists
  • peering_delete.yaml: Deletes the DRG connection, route rules, and security lists

Populating the inventory file

To prepare the inventory file (peering.ini), we need to first understand the arguments we need and what they do.

  • first_drg: The ID of the DRG from the first region
  • compartment_first: The ID of the compartment from the first region
  • first_vcn_id: The ID of the VCN from the first region
  • second_drg: The ID of the DRG from the second region
  • compartment_second: The ID of the compartment from the second region
  • second_vcn_id: The ID of the VCN from the second region
  • second_region: The region name of the second region. The first region is available in the oci-cli config.

Now that we know what values we provide in the inventory file, let’s populate it according to their description. The completed file looks like the following example:

[all:vars]
first_drg=ocid1...
compartment_first=ocid1...
first_vcn_id=ocid1...

second_drg=ocid1...
compartment_second=ocid1...
second_vcn_id=ocid1...
second_region=us-phoenix-1

Running the code

To create the connection between the DRGs and the necessary route rules, go to the root directory and run the following command:

ansible-playbook -i peering.ini peering_create.yaml

In less than 10 minutes, the connection is successfully established, and the route rules and security list rules are created.

If you want to delete the connection after creation and remove the route rules, run the following code:

ansible-playbook -i peering.ini peering_delete.yaml

Again, in less than 10 minutes, the connection, route rules, and security rules are removed.

Achieving transit routing

If you want to add a third DRG to the equation, you don’t need to create a full mesh or peer with your other DRGs. You can create and use the following architecture:

A graphic depicting the architecture for peering a DRG to two different DRGs in other regions.

The latest release of the DRG permits transit routing. If you connect DRG1 to DRG2 and DRG3, you can have connectivity from DRG2 to DRG3 as shown in the architecture. Create a folder for the automation and replay the previous steps to connect DRG1 to DRG3. DRG1 acts like a hub and your connections from the second to third DRG transits through.

Automating connectivity to Azure

Oracle and Microsoft established an enhanced cloud collaboration to create the best option to run enterprise solutions for their joint customers. To take advantage of this partnership, you need connectivity between the two clouds, which involves peering with a DRG on the OCI side. If you want to learn more, see the Learn about interconnecting Oracle Cloud with Microsoft Azure Solution Playbook. If you’re interested in automation that takes care of this process for you, read this blog post.

Conclusion

Using Ansible and the provided code example, automating infrastructure configurations in OCI is simple and easy. To learn more about Ansible Modules on OCI, see the OCI Ansible Collection module index. For more information on how you can achieve VCN Peering in Oracle Cloud Infrastructure, see the documentation.

Reference  https: //blogs.oracle.com/cloud-infrastructure/post/automating-drg-peering-with-ansible

About Syed Saad Ali

I am a technically-sophisticated professional with extensive experience in updating server security, executing routine back-ups, and designing and implementing tests of the system to address issues with accessing data. I am adept at leading the planning, designing, developing, testing, and deploying efficient solutions within the Oracle system, in order to satisfy the strategic, financial, and operations needs of the organization. Skilled in planning and managing projects, mitigating risks, controlling costs, and directing project teams. Instrumental in monitoring routine maintenance of system, implementing the ERP systems, and approving the budget. Proven success in analyzing business processes/process re-engineering and recommending solutions. Deft at establishing IT service continuity management strategies, disaster recovery plans, and associated test procedures of each critical functional area of the organization. My key skills include Installation/Configuration, Server Administration, Workflow Management, Database Design, Performance Evaluation, Business Analysis, Capacity Planning, Data Recovery Plan, Database Backups, Oracle Database Migration, ERP Management, and Troubleshooting Issues My professional background and great industrial exposure coupled with an excellent track record make me an ideal candidate for executive roles. As such I would welcome a discussion regarding opportunities with your organization that fit my background.

Check Also

Zero Downtime Migration prerequisites

Zero Downtime Migration prerequisites in a nutshell

Leave a Reply

Your email address will not be published. Required fields are marked *

© Copyright 2025, All Rights Reserved