#247 – Cloud Manager Kit


This week on the podcast, Dan talks about a contextual Nav Bar idea and then he and Kyle discuss the idea of using the Cloud Manager libraries for general automation.

Show Notes

Environment Template Security in Cloud Manager

Now that Cloud Manager is here, we have self-service ability to create PeopleSoft environments in OCI. Cue Uncle Ben… “With great power comes great responsibility.” Having a self-service portal that allows for the creation of these environments is fantastic, but how do we put some controls around this awesome power? This is where Environment Template security comes in to play.

To create an Environment in Cloud Manager, you first need an Environment Template. This template is created using some General Details, a Topology, and finally Security. It is this security detail that will help us control who can use these templates to create environments in the future. When you are creating a template, you will see the following section 3 – Define Security in the wizard. Let’s break down what our options are.

Assign Template to Zone(s)

Templates can be assigned to a single or multiple Zones. As of Image 11, there are currently three zones to choose from:

  • Development
  • Test
  • Production

A Zone is just “a logical grouping of environments,” according to Oracle’s Cloud Manager FAQ. At this time, it doesn’t serve any other purpose outside of helping you organize your environments. I could see a level of security being added to Zones in the future. If not by Oracle, maybe a custom bolt-on?

Assign Template to Role(s)

Templates can also be assigned to PeopleSoft security Roles. Any user that has a Role specified in this section will have the ability to create an Environment based on this template. Cloud Manager delivers three roles intended to be used with templates:

  • Cloud Administrator (PACL_CAD)
  • Cloud PeopleSoft Administrator (PACL_PAD)
  • Self-Service User (PACL_SSC)

As you would expect with PeopleSoft security, you are free to create and use your custom roles here. I think the delivered roles make it clear how Oracle sees the breakdown of potential users. Users who admin OCI resources, users who admin PeopleSoft, and users of PeopleSoft who might want ad-hoc environments(thinking developers or maybe even business staff looking for demos). I could see the OCI and PS admin roles combined often. Also, the self-service user might be split out into a technical and functional role or disabled altogether. Each organization will have to review this for themselves and come up with a good policy. Just keep in mind, you can add multiple roles to each template.

Creating Environments

Once the security and other details are added to a template, it will be available to use when creating an Environment.

Only the templates the user has access to will be in the Template Name dropdown. The Zone dropdown will also be populated with available zones from the selected template. If a single zone were added, this would be auto-selected and read-only.

Overall, I feel that Environment Template security offers a lot of control. It gives us enough control to provide a level of self-service environment deployments if desired. I do look forward to seeing actual functionality added to Zones. It might be easier to manage this security if we could somehow control access by zone versus strictly individual template security.

#246 – OCI Instance Pools


This week on the podcast, Dan shares some writing tips for on remote teams, Kyle talks about using OCI instance pools with PeopleSoft, and they discuss the changes they are excited for in Cloud Manager 11.

Show Notes

#243 – Leaky Roofs


This week on the podcast, Dan shares a lesson learned when applying PRPs and using Puppet with OCI resources. The Kyle and Dan discuss upcoming Cloud Manager features and the Leaky Roof analogy.

Show Notes

#233 – Cloud Manager Self Update


This week on the podcast, Dan and Kyle are excited that PeopleTools 8.58 is available for on prem. We discuss the VisualCOBOL support timeline change, and Dan discusses his experience with the Cloud Manager Self Update feature.

Show Notes

Cloud Manager Configuration

Notes

If you haven’t installed Cloud Manager yet, watch this video first to learn how to install Cloud Manager.

  1. Install Chocolatey

    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
    
  2. Install Firefox

    choco install firefox -y
    

#222 – Cloud Manager 10 Review


This week on the podcast, Graham Smith joins Dan to talk about passwords and Cloud Manager 10. We discuss the new installation process, the use of Terraform and the File Storage System, and improvements to building environments.

> Watch our video on installing Cloud Manager using the OCI Resource Manager <

Show Notes

  • Password Complexity @ 1:30
  • Cloud Manager 10 Review
    • Cloud Manager Audiences @ 9:30
    • Installation via Resource Manager @ 16:00
    • Terraform as a first class citizen @ 20:00
    • OCI File Storage System @ 26:00
    • Self-Updating @ 27:30
    • Cloning Environments @ 31:30
    • Managing Nodes @ 35:30
    • Windows Support @ 39:00
    • Importing Environments @ 42:45
    • CM Wishlist @ 44:30

Cloud Manager Installation

Sign up for an Oracle Cloud Trial Account

Create SSH key

ssh-keygen -f ~/.ssh/cmtrial
cat ~/.ssh/cmtrial.pub

Create OCI API Key

openssl genrsa -out ~/.oci/cmtrial.pem -aes128 2048
openssl rsa -pubout -in ~/.oci/cmtrial.pem -out ~/.oci/cmtrial.pub
openssl rsa -pubout -outform DER -in ~/.oci/cmtrial.pem | openssl md5 -c
cat ~/.oci/cmtrial.pub
base64 ~/.oci/cmtrial.pem | tr -d "\r\n"

More information on building OCI API Keys

Allow Public Access to CM

  1. Menu > Networking > VCN > cm Subnet > Security Lists > cm_sec
  2. Add a new rule: 0.0.0.0/0 8000
  3. Add a hosts entry to access CM
echo "IPADDRESS psftcm.cm.psftcm.oraclevcn.com" | sudo tee -a /etc/hosts

Logs to view while waiting for Cloud Manager to finish.

ssh -i ~/.ssh/cmtrial opc@IPADDRESS
tail -f bootstrap/CloudManagerStatus.log
tail -f bootstrap/psft_oci_setup.log

#217 – PeopleTools 8.58 is Here!


This week on the podcast we talk about PeopleTools 8.58 and some of the new features we are most excited about. Dan also shares his experience with using Cloud Manager to auto-upgrade an environment to 8.58.

Show Notes

  • PeopleTools 8.58 is Out @ 1:30
  • Automatic PeopleTools Upgrade @ 4:30
  • New User Interface @ 6:45
  • Config/Customization Improvements @ 12:30
  • Reporting and Kibana! @ 18:45
  • Health Center and Logstash @ 22:00
  • Machine Learning Framework @ 30:00

#216 – Cloud Manager Installation


This week on the podcast, Dan and Kyle talk about better password policies, the value of having real-time system information, and how easy it is to install Cloud Manager 10.

Show Notes