From 9d1fd8845d5294880bdfbe45a155924e074c96cf Mon Sep 17 00:00:00 2001 From: Travis CI User Date: Fri, 29 Sep 2023 14:05:20 +0000 Subject: [PATCH] v1.4.0 release --- README.md | 360 ++-- {cli/ansible => ansible}/ansible.cfg | 0 .../roles/s4appinst/defaults/main.yml | 0 .../roles/s4appinst/tasks/install_kit.yml | 0 .../roles/s4appinst/tasks/main.yml | 0 .../roles/s4appinst/templates/sapinst.cfg | 0 .../roles/s4appreq/defaults/main.yml | 0 .../roles/s4appreq/files/sap.conf | 0 .../s4appreq/tasks/configurations/SELinux.yml | 0 .../s4appreq/tasks/configurations/abrtd.yml | 0 .../tasks/configurations/compatlibs.yml | 0 .../tasks/configurations/filesystems.yml | 0 .../tasks/configurations/firewalld.yml | 0 .../tasks/configurations/hostname.yml | 0 .../configurations/hostname_fix_RedHat.yml | 0 .../s4appreq/tasks/configurations/kdump.yml | 0 .../tasks/configurations/kernel_RedHat8.yml | 0 .../s4appreq/tasks/configurations/limits.yml | 0 .../s4appreq/tasks/configurations/reboot.yml | 0 .../configurations/repository_RedHat.yml | 0 .../tasks/configurations/repository_SLES.yml | 0 .../s4appreq/tasks/configurations/reqpkg.yml | 0 .../configurations/reqpkggroups_RedHat.yml | 0 .../s4appreq/tasks/configurations/saptune.yml | 0 .../tasks/configurations/tmpfiles.yml | 0 .../tasks/configurations/umask_RHEL.yml | 0 .../tasks/configurations/umask_SLES.yml | 0 .../tasks/configurations/update_RedHat8.yml | 0 .../tasks/configurations/update_SLES_SAP.yml | 0 .../s4appreq/tasks/configurations/uuidd.yml | 0 .../roles/s4appreq/tasks/main.yml | 0 .../roles/s4appreq/vars/RedHat8.yml | 0 .../roles/s4appreq/vars/SLES_SAP15.yml | 0 .../roles/saphanainst/defaults/main.yml | 0 .../roles/saphanainst/tasks/install_kit.yml | 0 .../roles/saphanainst/tasks/main.yml | 0 .../saphanainst/templates/hanaconfig.cfg | 0 .../roles/saphanareq/defaults/main.yml | 0 .../roles/saphanareq/files/sap.conf | 0 .../filter_plugins/filesystemdata.py | 0 .../saphanareq/filter_plugins/lvmdata.py | 0 .../filter_plugins/partitionlist.py | 0 .../filter_plugins/storagedetails.py | 0 .../tasks/configurations/SELinux.yml | 0 .../saphanareq/tasks/configurations/abrtd.yml | 0 .../tasks/configurations/filesystems.yml | 0 .../tasks/configurations/firewalld.yml | 0 .../tasks/configurations/hostname.yml | 0 .../configurations/hostname_fix_RedHat.yml | 0 .../saphanareq/tasks/configurations/kdump.yml | 0 .../tasks/configurations/kernel_RedHat8.yml | 0 .../configurations/kernel_SLES_SAP15.yml | 0 .../tasks/configurations/limits.yml | 0 .../tasks/configurations/reboot.yml | 0 .../configurations/repository_RedHat.yml | 0 .../tasks/configurations/repository_SLES.yml | 0 .../tasks/configurations/reqpkg.yml | 0 .../configurations/reqpkggroups_RedHat.yml | 0 .../tasks/configurations/saptune.yml | 0 .../tasks/configurations/symlinks.yml | 0 .../tasks/configurations/tmpfiles.yml | 0 .../saphanareq/tasks/configurations/tmpfs.yml | 0 .../saphanareq/tasks/configurations/tuned.yml | 0 .../tasks/configurations/umask_RHEL.yml | 0 .../tasks/configurations/umask_SLES.yml | 0 .../tasks/configurations/update_RedHat8.yml | 0 .../tasks/configurations/update_SLES_SAP.yml | 0 .../saphanareq/tasks/configurations/uuidd.yml | 0 .../roles/saphanareq/tasks/main.yml | 0 .../roles/saphanareq/vars/RedHat8.yml | 0 .../roles/saphanareq/vars/SLES_SAP15.yml | 0 ansible/sap-s-hana.yml | 7 + {schematics/ansible => ansible}/saphana.yml | 2 +- {cli/ansible => ansible}/saps4app.yml | 2 +- cli/README.md | 279 ---- cli/ansible/saphana.yml | 10 - cli/integration-app.tf | 37 - cli/integration-db.tf | 29 - cli/main.tf | 58 - cli/modules/ansible-exec/ansible-exec.tf | 5 - cli/modules/ansible-exec/variables.tf | 9 - cli/modules/app-vsi/variables.tf | 54 - cli/modules/db-vsi/variables.tf | 63 - cli/modules/sec-exec/sec-exec.tf | 12 - cli/modules/sec-exec/variables.tf | 16 - cli/output.tf | 19 - cli/provider.tf | 13 - cli/variables.tf | 269 --- {cli/files => files}/hana_volume_layout.json | 0 generate-sap-paths.tf | 16 + cli/input.auto.tfvars => input.auto.tfvars | 95 +- integration.tf | 84 + main.tf | 94 ++ .../ansible-exec/check.ansible.sh | 0 modules/ansible-exec/cli/ansible-exec.tf | 15 + modules/ansible-exec/cli/variables.tf | 20 + .../ansible-exec/cli}/versions.tf | 0 modules/ansible-exec/error.sh | 8 + modules/ansible-exec/remote-exec.tf | 181 ++ modules/ansible-exec/timeout.ansible.sh | 19 + .../ansible-exec/variables.tf | 10 +- .../ansible-exec}/versions.tf | 0 .../modules => modules}/ansible-exec/while.sh | 6 +- {cli/modules => modules}/app-vsi/output.tf | 0 .../modules => modules}/app-vsi/variables.tf | 0 .../db-vsi => modules/app-vsi}/versions.tf | 0 {cli/modules => modules}/app-vsi/volume.tf | 0 {cli/modules => modules}/app-vsi/vsi.tf | 0 {cli/modules => modules}/db-vsi/output.tf | 0 .../modules => modules}/db-vsi/variables.tf | 0 .../sec-exec => modules/db-vsi}/versions.tf | 0 {cli/modules => modules}/db-vsi/volume.tf | 0 {cli/modules => modules}/db-vsi/vsi.tf | 0 modules/pre-init/cli/check_folders.tf | 18 + modules/pre-init/cli/check_id_rsa.tf | 16 + modules/pre-init/cli/variables.tf | 77 + .../pre-init/found.ip.tmpl | 0 .../pre-init/get-server-ip.tf | 0 .../pre-init/get.sch.ip.sh | 0 .../pre-init}/key-generation.tf | 4 +- modules/pre-init/variables.tf | 9 + .../subnet => modules/pre-init}/versions.tf | 0 .../precheck-ssh-exec/check_file.sh | 0 .../precheck-ssh-exec/error.sh | 0 .../precheck-ssh-exec/precheck-remote-exec.tf | 2 +- .../precheck-ssh-exec/sg-sch-ssh-rule.tf | 0 .../precheck-ssh-exec/variables.tf | 7 +- .../precheck-ssh-exec}/versions.tf | 0 {cli/modules => modules}/vpc/subnet/subnet.tf | 0 .../vpc/subnet/variables.tf | 0 .../vpc/subnet}/versions.tf | 0 schematics/output.tf => output.tf | 10 +- provider.tf | 13 + sch.auto.tfvars | 4 + schematics/README.md | 182 -- schematics/ansible/ansible.cfg | 3 - .../ansible/roles/s4appinst/defaults/main.yml | 28 - .../roles/s4appinst/tasks/install_kit.yml | 75 - .../ansible/roles/s4appinst/tasks/main.yml | 25 - .../roles/s4appinst/templates/sapinst.cfg | 334 ---- .../ansible/roles/s4appreq/defaults/main.yml | 73 - .../ansible/roles/s4appreq/files/sap.conf | 9 - .../s4appreq/tasks/configurations/SELinux.yml | 5 - .../s4appreq/tasks/configurations/abrtd.yml | 11 - .../tasks/configurations/compatlibs.yml | 14 - .../tasks/configurations/filesystems.yml | 167 -- .../tasks/configurations/firewalld.yml | 11 - .../tasks/configurations/hostname.yml | 31 - .../configurations/hostname_fix_RedHat.yml | 19 - .../s4appreq/tasks/configurations/kdump.yml | 11 - .../tasks/configurations/kernel_RedHat8.yml | 16 - .../s4appreq/tasks/configurations/limits.yml | 37 - .../s4appreq/tasks/configurations/reboot.yml | 6 - .../configurations/repository_RedHat.yml | 9 - .../tasks/configurations/repository_SLES.yml | 5 - .../s4appreq/tasks/configurations/reqpkg.yml | 6 - .../configurations/reqpkggroups_RedHat.yml | 6 - .../s4appreq/tasks/configurations/saptune.yml | 17 - .../tasks/configurations/tmpfiles.yml | 9 - .../tasks/configurations/umask_RHEL.yml | 12 - .../tasks/configurations/umask_SLES.yml | 7 - .../tasks/configurations/update_RedHat8.yml | 6 - .../tasks/configurations/update_SLES_SAP.yml | 6 - .../s4appreq/tasks/configurations/uuidd.yml | 7 - .../ansible/roles/s4appreq/tasks/main.yml | 8 - .../ansible/roles/s4appreq/vars/RedHat8.yml | 53 - .../roles/s4appreq/vars/SLES_SAP15.yml | 19 - .../roles/saphanainst/defaults/main.yml | 4 - .../roles/saphanainst/tasks/install_kit.yml | 62 - .../ansible/roles/saphanainst/tasks/main.yml | 23 - .../saphanainst/templates/hanaconfig.cfg | 306 ---- .../roles/saphanareq/defaults/main.yml | 1 - .../ansible/roles/saphanareq/files/sap.conf | 9 - .../filter_plugins/filesystemdata.py | 64 - .../saphanareq/filter_plugins/lvmdata.py | 45 - .../filter_plugins/partitionlist.py | 17 - .../filter_plugins/storagedetails.py | 100 -- .../tasks/configurations/SELinux.yml | 5 - .../saphanareq/tasks/configurations/abrtd.yml | 11 - .../tasks/configurations/filesystems.yml | 116 -- .../tasks/configurations/firewalld.yml | 11 - .../tasks/configurations/hostname.yml | 31 - .../configurations/hostname_fix_RedHat.yml | 19 - .../saphanareq/tasks/configurations/kdump.yml | 11 - .../tasks/configurations/kernel_RedHat8.yml | 19 - .../configurations/kernel_SLES_SAP15.yml | 16 - .../tasks/configurations/limits.yml | 37 - .../tasks/configurations/reboot.yml | 6 - .../configurations/repository_RedHat.yml | 9 - .../tasks/configurations/repository_SLES.yml | 5 - .../tasks/configurations/reqpkg.yml | 6 - .../configurations/reqpkggroups_RedHat.yml | 6 - .../tasks/configurations/saptune.yml | 17 - .../tasks/configurations/symlinks.yml | 13 - .../tasks/configurations/tmpfiles.yml | 9 - .../saphanareq/tasks/configurations/tmpfs.yml | 49 - .../saphanareq/tasks/configurations/tuned.yml | 21 - .../tasks/configurations/umask_RHEL.yml | 12 - .../tasks/configurations/umask_SLES.yml | 7 - .../tasks/configurations/update_RedHat8.yml | 6 - .../tasks/configurations/update_SLES_SAP.yml | 6 - .../saphanareq/tasks/configurations/uuidd.yml | 7 - .../ansible/roles/saphanareq/tasks/main.yml | 8 - .../ansible/roles/saphanareq/vars/RedHat8.yml | 57 - .../roles/saphanareq/vars/SLES_SAP15.yml | 20 - schematics/ansible/saps4app.yml | 10 - schematics/files/hana_volume_layout.json | 1477 ----------------- schematics/generate-sap-paths.tf | 16 - schematics/integration-app.tf | 37 - schematics/integration-db.tf | 29 - schematics/main.tf | 69 - schematics/modules/ansible-exec/error.sh | 7 - .../modules/ansible-exec/remote-exec.tf | 114 -- schematics/modules/app-vsi/output.tf | 7 - schematics/modules/app-vsi/volume.tf | 9 - schematics/modules/app-vsi/vsi.tf | 35 - schematics/modules/db-vsi/output.tf | 11 - schematics/modules/db-vsi/versions.tf | 10 - schematics/modules/db-vsi/volume.tf | 8 - schematics/modules/db-vsi/vsi.tf | 43 - schematics/modules/pre-init/versions.tf | 10 - .../modules/precheck-ssh-exec/versions.tf | 10 - schematics/modules/vpc/subnet/subnet.tf | 11 - schematics/modules/vpc/subnet/variables.tf | 19 - schematics/modules/vpc/subnet/versions.tf | 10 - schematics/provider.tf | 13 - schematics/variables.tf | 283 ---- schematics/versions.tf | 10 - variables.tf | 311 ++++ .../app-vsi/versions.tf => versions.tf | 0 230 files changed, 1122 insertions(+), 5787 deletions(-) rename {cli/ansible => ansible}/ansible.cfg (100%) rename {cli/ansible => ansible}/roles/s4appinst/defaults/main.yml (100%) rename {cli/ansible => ansible}/roles/s4appinst/tasks/install_kit.yml (100%) rename {cli/ansible => ansible}/roles/s4appinst/tasks/main.yml (100%) rename {cli/ansible => ansible}/roles/s4appinst/templates/sapinst.cfg (100%) rename {cli/ansible => ansible}/roles/s4appreq/defaults/main.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/files/sap.conf (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/SELinux.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/abrtd.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/compatlibs.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/filesystems.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/firewalld.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/hostname.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/kdump.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/limits.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/reboot.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/repository_RedHat.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/repository_SLES.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/reqpkg.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/saptune.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/tmpfiles.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/umask_RHEL.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/umask_SLES.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/update_RedHat8.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/configurations/uuidd.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/tasks/main.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/vars/RedHat8.yml (100%) rename {cli/ansible => ansible}/roles/s4appreq/vars/SLES_SAP15.yml (100%) rename {cli/ansible => ansible}/roles/saphanainst/defaults/main.yml (100%) rename {cli/ansible => ansible}/roles/saphanainst/tasks/install_kit.yml (100%) rename {cli/ansible => ansible}/roles/saphanainst/tasks/main.yml (100%) rename {cli/ansible => ansible}/roles/saphanainst/templates/hanaconfig.cfg (100%) rename {cli/ansible => ansible}/roles/saphanareq/defaults/main.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/files/sap.conf (100%) rename {cli/ansible => ansible}/roles/saphanareq/filter_plugins/filesystemdata.py (100%) rename {cli/ansible => ansible}/roles/saphanareq/filter_plugins/lvmdata.py (100%) rename {cli/ansible => ansible}/roles/saphanareq/filter_plugins/partitionlist.py (100%) rename {cli/ansible => ansible}/roles/saphanareq/filter_plugins/storagedetails.py (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/SELinux.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/abrtd.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/filesystems.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/firewalld.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/hostname.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/kdump.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/limits.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/reboot.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/repository_RedHat.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/repository_SLES.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/reqpkg.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/saptune.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/symlinks.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/tmpfiles.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/tmpfs.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/tuned.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/umask_RHEL.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/umask_SLES.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/update_RedHat8.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/configurations/uuidd.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/tasks/main.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/vars/RedHat8.yml (100%) rename {cli/ansible => ansible}/roles/saphanareq/vars/SLES_SAP15.yml (100%) create mode 100644 ansible/sap-s-hana.yml rename {schematics/ansible => ansible}/saphana.yml (90%) rename {cli/ansible => ansible}/saps4app.yml (89%) delete mode 100644 cli/README.md delete mode 100644 cli/ansible/saphana.yml delete mode 100644 cli/integration-app.tf delete mode 100644 cli/integration-db.tf delete mode 100644 cli/main.tf delete mode 100644 cli/modules/ansible-exec/ansible-exec.tf delete mode 100644 cli/modules/ansible-exec/variables.tf delete mode 100644 cli/modules/app-vsi/variables.tf delete mode 100644 cli/modules/db-vsi/variables.tf delete mode 100644 cli/modules/sec-exec/sec-exec.tf delete mode 100644 cli/modules/sec-exec/variables.tf delete mode 100644 cli/output.tf delete mode 100644 cli/provider.tf delete mode 100644 cli/variables.tf rename {cli/files => files}/hana_volume_layout.json (100%) create mode 100644 generate-sap-paths.tf rename cli/input.auto.tfvars => input.auto.tfvars (71%) create mode 100644 integration.tf create mode 100644 main.tf rename {schematics/modules => modules}/ansible-exec/check.ansible.sh (100%) create mode 100644 modules/ansible-exec/cli/ansible-exec.tf create mode 100644 modules/ansible-exec/cli/variables.tf rename {cli/modules/ansible-exec => modules/ansible-exec/cli}/versions.tf (100%) create mode 100644 modules/ansible-exec/error.sh create mode 100644 modules/ansible-exec/remote-exec.tf create mode 100644 modules/ansible-exec/timeout.ansible.sh rename {schematics/modules => modules}/ansible-exec/variables.tf (51%) rename {cli/modules/app-vsi => modules/ansible-exec}/versions.tf (100%) rename {schematics/modules => modules}/ansible-exec/while.sh (52%) rename {cli/modules => modules}/app-vsi/output.tf (100%) rename {schematics/modules => modules}/app-vsi/variables.tf (100%) rename {cli/modules/db-vsi => modules/app-vsi}/versions.tf (100%) rename {cli/modules => modules}/app-vsi/volume.tf (100%) rename {cli/modules => modules}/app-vsi/vsi.tf (100%) rename {cli/modules => modules}/db-vsi/output.tf (100%) rename {schematics/modules => modules}/db-vsi/variables.tf (100%) rename {cli/modules/sec-exec => modules/db-vsi}/versions.tf (100%) rename {cli/modules => modules}/db-vsi/volume.tf (100%) rename {cli/modules => modules}/db-vsi/vsi.tf (100%) create mode 100644 modules/pre-init/cli/check_folders.tf create mode 100644 modules/pre-init/cli/check_id_rsa.tf create mode 100644 modules/pre-init/cli/variables.tf rename {schematics/modules => modules}/pre-init/found.ip.tmpl (100%) rename {schematics/modules => modules}/pre-init/get-server-ip.tf (100%) rename {schematics/modules => modules}/pre-init/get.sch.ip.sh (100%) rename {schematics/modules/precheck-ssh-exec => modules/pre-init}/key-generation.tf (70%) create mode 100644 modules/pre-init/variables.tf rename {cli/modules/vpc/subnet => modules/pre-init}/versions.tf (100%) rename {schematics/modules => modules}/precheck-ssh-exec/check_file.sh (100%) rename {schematics/modules => modules}/precheck-ssh-exec/error.sh (100%) rename {schematics/modules => modules}/precheck-ssh-exec/precheck-remote-exec.tf (97%) rename {schematics/modules => modules}/precheck-ssh-exec/sg-sch-ssh-rule.tf (100%) rename {schematics/modules => modules}/precheck-ssh-exec/variables.tf (67%) rename {cli => modules/precheck-ssh-exec}/versions.tf (100%) rename {cli/modules => modules}/vpc/subnet/subnet.tf (100%) rename {cli/modules => modules}/vpc/subnet/variables.tf (100%) rename {schematics/modules/ansible-exec => modules/vpc/subnet}/versions.tf (100%) rename schematics/output.tf => output.tf (64%) create mode 100644 provider.tf create mode 100644 sch.auto.tfvars delete mode 100644 schematics/README.md delete mode 100644 schematics/ansible/ansible.cfg delete mode 100644 schematics/ansible/roles/s4appinst/defaults/main.yml delete mode 100644 schematics/ansible/roles/s4appinst/tasks/install_kit.yml delete mode 100644 schematics/ansible/roles/s4appinst/tasks/main.yml delete mode 100644 schematics/ansible/roles/s4appinst/templates/sapinst.cfg delete mode 100644 schematics/ansible/roles/s4appreq/defaults/main.yml delete mode 100644 schematics/ansible/roles/s4appreq/files/sap.conf delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/SELinux.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/abrtd.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/compatlibs.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/filesystems.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/firewalld.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/hostname.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/kdump.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/limits.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/reboot.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/reqpkg.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/saptune.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/tmpfiles.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/configurations/uuidd.yml delete mode 100644 schematics/ansible/roles/s4appreq/tasks/main.yml delete mode 100644 schematics/ansible/roles/s4appreq/vars/RedHat8.yml delete mode 100644 schematics/ansible/roles/s4appreq/vars/SLES_SAP15.yml delete mode 100644 schematics/ansible/roles/saphanainst/defaults/main.yml delete mode 100644 schematics/ansible/roles/saphanainst/tasks/install_kit.yml delete mode 100644 schematics/ansible/roles/saphanainst/tasks/main.yml delete mode 100644 schematics/ansible/roles/saphanainst/templates/hanaconfig.cfg delete mode 100644 schematics/ansible/roles/saphanareq/defaults/main.yml delete mode 100644 schematics/ansible/roles/saphanareq/files/sap.conf delete mode 100644 schematics/ansible/roles/saphanareq/filter_plugins/filesystemdata.py delete mode 100644 schematics/ansible/roles/saphanareq/filter_plugins/lvmdata.py delete mode 100644 schematics/ansible/roles/saphanareq/filter_plugins/partitionlist.py delete mode 100644 schematics/ansible/roles/saphanareq/filter_plugins/storagedetails.py delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/SELinux.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/abrtd.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/filesystems.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/firewalld.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/hostname.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/kdump.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/limits.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/reboot.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/reqpkg.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/saptune.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/symlinks.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/tmpfiles.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/tmpfs.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/tuned.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/configurations/uuidd.yml delete mode 100644 schematics/ansible/roles/saphanareq/tasks/main.yml delete mode 100644 schematics/ansible/roles/saphanareq/vars/RedHat8.yml delete mode 100644 schematics/ansible/roles/saphanareq/vars/SLES_SAP15.yml delete mode 100644 schematics/ansible/saps4app.yml delete mode 100644 schematics/files/hana_volume_layout.json delete mode 100644 schematics/generate-sap-paths.tf delete mode 100644 schematics/integration-app.tf delete mode 100644 schematics/integration-db.tf delete mode 100644 schematics/main.tf delete mode 100644 schematics/modules/ansible-exec/error.sh delete mode 100644 schematics/modules/ansible-exec/remote-exec.tf delete mode 100644 schematics/modules/app-vsi/output.tf delete mode 100644 schematics/modules/app-vsi/volume.tf delete mode 100644 schematics/modules/app-vsi/vsi.tf delete mode 100644 schematics/modules/db-vsi/output.tf delete mode 100644 schematics/modules/db-vsi/versions.tf delete mode 100644 schematics/modules/db-vsi/volume.tf delete mode 100644 schematics/modules/db-vsi/vsi.tf delete mode 100644 schematics/modules/pre-init/versions.tf delete mode 100644 schematics/modules/precheck-ssh-exec/versions.tf delete mode 100644 schematics/modules/vpc/subnet/subnet.tf delete mode 100644 schematics/modules/vpc/subnet/variables.tf delete mode 100644 schematics/modules/vpc/subnet/versions.tf delete mode 100644 schematics/provider.tf delete mode 100644 schematics/variables.tf delete mode 100644 schematics/versions.tf create mode 100644 variables.tf rename schematics/modules/app-vsi/versions.tf => versions.tf (100%) diff --git a/README.md b/README.md index 107a83c..f5bedb2 100644 --- a/README.md +++ b/README.md @@ -1,21 +1,31 @@ -# Three Tier SAP S/4HANA Stack Deployment - +# Three Tier SAP S/4HANA Stack Deployment using Terraform and Ansible integration ## Description -This automation solution is designed for the deployment of **Three Tier SAP S/4HANA Stack**. The SAP solution will be deployed on top of one of the following Operating Systems: **SUSE Linux Enterprise Server 15 SP 3 for SAP**, **SUSE Linux Enterprise Server 15 SP 4 for SAP**, **Red Hat Enterprise Linux 8.4 for SAP**, **Red Hat Enterprise Linux 8.6 for SAP** in an existing IBM Cloud Gen2 VPC, using an existing bastion host with secure remote SSH access. +This automation solution is designed for the deployment of **Three Tier SAP S/4HANA Stack** using IBM Cloud Schematics or CLI. The SAP solution will be deployed on top of one of the following Operating Systems: **SUSE Linux Enterprise Server 15 SP 4 for SAP, SUSE Linux Enterprise Server 15 SP 3 for SAP, Red Hat Enterprise Linux 8.6 for SAP, Red Hat Enterprise Linux 8.4** for SAP in an existing IBM Cloud Gen2 VPC, using an existing [bastion host with secure remote SSH access](https://github.com/IBM-Cloud/sap-bastion-setup). + +## Contents: + +- [1.1 Installation media](#11-installation-media) +- [1.2 VSI Configuration](#12-vsi-configuration) +- [1.3 VPC Configuration](#13-vpc-configuration) +- [1.4 Files description and structure](#14-files-description-and-structure) +- [1.5 General input variabiles](#15-general-input-variables) +- [2.1 Executing the deployment of **Three Tiers SAP S4HANA Stack** in GUI (Schematics)](#21-executing-the-deployment-of-three-tiers-sap-s4hana-stack-in-gui-schematics) +- [2.2 Executing the deployment of **Three Tiers SAP S4HANA Stack** in CLI](#22-executing-the-deployment-of-three-tiers-sap-s4hana-stack-in-cli) +- [3.1 Related links](#31-related-links) -## Installation media +## 1.1 Installation media SAP HANA installation media used for this deployment is the default one for **SAP HANA, platform edition 2.0 SPS05** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file. -SAP S/4HANA installation media used for this deployment is the default one for **SAP S/4HANA 2020** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file. +SAP S/4HANA installation media used for this deployment is the default one for **SAP S/4HANA 2.0** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file. -## VSI Configuration -The VSIs are deployed with one of the following Operating Systems for DB server: Suse Linux Enterprise Server 15 SP 3 for SAP HANA (amd64), Suse Linux Enterprise Server 15 SP 4 for SAP HANA (amd64), Red Hat Enterprise Linux 8.4 for SAP HANA (amd64) or Red Hat Enterprise Linux 8.6 for SAP HANA (amd64) and with one of the following Operating Systems for APP server: Suse Enterprise Linux 15 SP3 for SAP Applications (amd64), Suse Enterprise Linux 15 SP4 for SAP Applications (amd64), Red Hat Red Hat Enterprise Linux 8.4 for SAP Applications (amd64), Red Hat Enterprise Linux 8.6 for SAP Applications (amd64). The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning: +## 1.2 VSI Configuration +The VSIs are deployed with one of the following Operating Systems for DB server: **Suse Linux Enterprise Server 15 SP 4 for SAP HANA (amd64), Suse Linux Enterprise Server 15 SP 3 for SAP HANA (amd6), Red Hat Enterprise Linux 8.6 for SAP HANA (amd64), Red Hat Enterprise Linux 8.4 for SAP HANA (amd64)** and with one of the following Operating Systems for APP server: **Suse Enterprise Linux 15 SP4 for SAP Applications (amd64), Suse Enterprise Linux 15 SP3 for SAP Applications (amd64), Red Hat Enterprise Linux 8.6 for SAP Applications (amd64), Red Hat Enterprise Linux 8.4 for SAP Applications (amd64)**. The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning: HANA DB VSI Disks: -- the disk sizes depend on the selected profile, according to [Intel Virtual Server certified profiles on VPC infrastructure for SAP HANA](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc) - Last updated 2022-01-28 +- the disk sizes depend on the selected profile, according to [Intel Virtual Server certified profiles on VPC infrastructure for SAP HANA](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc) - Updated on 2023-03-08 -Note: LVM will be used for **`/hana/data`**, **`hana/log`**, **`/hana/shared`** and **`/usr/sap`**, for all storage profiles, excepting **`vx2d-44x616`** and **`vx2d-88x1232`** profiles, where **`/hana/data`** and **`/hana/shared`** won't be manged by LVM, according to [Intel Virtual Server certified profiles on VPC infrastructure for SAP HANA](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc#vx2d-16x224) - Last updated 2022-01-28 and to [Storage design considerations](https://cloud.ibm.com/docs/sap?topic=sap-storage-design-considerations#hana-iaas-mx2-16x128-32x256-configure) - Last updated 2022-05-19 +Note: LVM will be used for **`/hana/data`**, **`hana/log`**, **`/hana/shared`** and **`/usr/sap`**, for all storage profiles, excepting **`vx2d-44x616`** and **`vx2d-88x1232`** profiles, where **`/hana/data`** and **`/hana/shared`** won't be manged by LVM, according to [Intel Virtual Server certified profiles on VPC infrastructure for SAP HANA](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc#vx2d-16x224) - Updated on 2023-03-08 and to [Storage design considerations](https://cloud.ibm.com/docs/sap?topic=sap-storage-design-considerations#hana-iaas-mx2-16x128-32x256-configure) - Updated on 2022-05-19 For example, in case of deploying a HANA VM, using the default value for VSI profile `mx2-16x128`, the automation will execute the following storage setup: - 3 volumes x 500 GB each for `_hana_vg` volume group @@ -32,28 +42,37 @@ SAP APPs VSI Disks: In order to perform the deployment you can use either the CLI component or the GUI component (Schematics) of the automation solution. -## 1.1 Executing the deployment of **Three Tier SAP S/4HANA Stack** in GUI (Schematics) +## 1.3 VPC Configuration + +The Security Rules inherited from BASTION deployment are the following: +- Allow all traffic in the Security group for private networks. +- Allow outbound traffic (ALL for port 53, TCP for ports 80, 443, 8443) +- Allow inbound SSH traffic (TCP for port 22) from IBM Schematics Servers. + +## 1.4 Files description and structure The solution is based on Terraform remote-exec and Ansible playbooks executed by Schematics and it is implementing a 'reasonable' set of best practices for SAP VSI host configuration. -**It contains:** -- Terraform scripts for the deployment of two VSIs, in an EXISTING VPC, with Subnet and Security Group. The VSIs are intended to be used: one for the data base instance and the other for the application instance. -- Bash scripts used for the checking of the prerequisites required by SAP VSIs deployment and for the integration into a single step in IBM Schematics GUI of the VSI provisioning and the **Three Tier SAP S/4HANA Stack** installation. -- Ansible scripts to configure Three Tier SAP S/4HANA primary application server and a HANA 2.0 node. + - `modules` - directory containing the terraform modules. + - `ansible` - directory containing the SAP ansible playbooks. + - `main.tf` - contains the configuration of the VSI for the deployment of the current SAP solution. + - `output.tf` - contains the code for the information to be displayed after the VSI is created (VPC, Hostname, Private IP). + - `integration*.tf & generate*.tf` files - contain the integration code that makes the SAP variabiles from Terraform available to Ansible. + - `provider.tf` - contains the IBM Cloud Provider data in order to run `terraform init` command. + - `variables.tf` - contains variables for the VPC and VSI. + - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider. + - `sch.auto.tfvars` - contains programatic variables. -## IBM Cloud API Key -The IBM Cloud API Key should be provided as input value of type sensitive for "ibmcloud_api_key" variable, in `IBM Schematics -> Workspaces -> -> Settings` menu. -The IBM Cloud API Key can be created [here](https://cloud.ibm.com/iam/apikeys). +## 1.5 General Input variables -## Input parameters The following parameters can be set in the Schematics workspace: VPC, Subnet, Security group, Resource group, Hostname, Profile, Image, SSH Keys and your SAP system configuration variables, as below: **VSI input parameters:** Parameter | Description ----------|------------ -ibmcloud_api_key | IBM Cloud API key (Sensitive* value). -private_ssh_key | id_rsa private key content (Sensitive* value). +IBMCLOUD_API_KEY | IBM Cloud API key (Sensitive* value). +PRIVATE_SSH_KEY | id_rsa private key content (Sensitive* value). SSH_KEYS | List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available [here](https://cloud.ibm.com/vpc-ext/compute/sshKeys).
Sample input (use your own SSH UUIDs from IBM Cloud):
[ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ] BASTION_FLOATING_IP | The FLOATING IP from the Bastion Server. RESOURCE_GROUP | The name of an EXISTING Resource Group for VSIs and Volumes resources.
Default value: "Default". The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups). @@ -62,37 +81,37 @@ ZONE | The cloud zone where to deploy the solution.
Sample value: eu-de-2 VPC | The name of an EXISTING VPC. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs) SUBNET | The name of an EXISTING Subnet. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). SECURITY_GROUP | The name of an EXISTING Security group. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups). -DB-HOSTNAME | The Hostname for the HANA VSI. The hostname should be up to 13 characters as required by SAP. For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361) -DB-PROFILE | The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs is available [here](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc).
Details about all x86 instance profiles are available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "mx2-16x128" -DB-IMAGE | The OS image used for HANA VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images)
Default value: ibm-redhat-8-6-amd64-sap-hana-2 -APP-HOSTNAME | The Hostname for the SAP Application VSI. The hostname must have up to 13 characters as required by SAP. For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361) -APP-PROFILE | The instance profile used for SAP Application VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles)
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "bx2-4x16" -APP-IMAGE | The OS image used for SAP Application VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).
Default value: ibm-redhat-8-6-amd64-sap-applications-2 +DB_HOSTNAME | The Hostname for the HANA VSI. The hostname should be up to 13 characters as required by SAP. For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361) +DB_PROFILE | The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs is available [here](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc).
Details about all x86 instance profiles are available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "mx2-16x128" +DB_IMAGE | The OS image used for HANA VSI (See Obs*). A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).
Default value: ibm-redhat-8-6-amd64-sap-hana-2 +APP_HOSTNAME | The Hostname for the SAP Application VSI. The hostname should be up to 13 characters as required by SAP. For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361) +APP_PROFILE | The instance profile used for SAP Application VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles)
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "bx2-4x16" +APP_IMAGE | The OS image used for SAP Application VSI (See Obs*). A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).
Default value: ibm-redhat-8-6-amd64-sap-applications-2 **SAP input parameters:** Parameter | Description | Requirements ----------|-------------|------------- -hana_sid | The SAP system ID identifies the SAP HANA system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
| -hana_sysno | Specifies the instance number of the SAP HANA system|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-hana_main_password | Common password for all users that are created during the installation |
  • It must be 8 to 14 characters long
  • It must consist of at least one digit (0-9), one lowercase letter (a-z), and one uppercase letter (A-Z).
  • It can only contain the following characters: a-z, A-Z, 0-9, !, @, #, $, _
  • It must not start with a digit or an underscore ( _ )

(Sensitive* value) -hana_system_usage | System Usage | Default: custom
Valid values: production, test, development, custom -hana_components | SAP HANA Components | Default: server
Valid values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp -kit_saphana_file | Path to SAP HANA ZIP file | As downloaded from SAP Support Portal -sap_sid | The SAP system ID identifies the entire SAP system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
-sap_ascs_instance_number | Technical identifier for internal processes of ASCS|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-sap_ci_instance_number | Technical identifier for internal processes of CI|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-sap_main_password | Common password for all users that are created during the installation |
  • It must be 10 to 14 characters long
  • It must contain at least one digit (0-9)
  • It can only contain the following characters: a-z, A-Z, 0-9, @, #, $, _
  • It must not start with a digit or an underscore ( _ )

(Sensitive* value) -hdb_concurrent_jobs | Number of concurrent jobs used to load and/or extract archives to HANA Host | Default: 23 -kit_sapcar_file | Path to sapcar binary | As downloaded from SAP Support Portal -kit_swpm_file | Path to SWPM archive (SAR) | As downloaded from SAP Support Portal -kit_sapexe_file | Path to SAP Kernel OS archive (SAR) | As downloaded from SAP Support Portal -kit_sapexedb_file | Path to SAP Kernel DB archive (SAR) | As downloaded from SAP Support Portal -kit_igsexe_file | Path to IGS archive (SAR) | As downloaded from SAP Support Portal -kit_igshelper_file | Path to IGS Helper archive (SAR) | As downloaded from SAP Support Portal -kit_saphostagent_file | Path to SAP Host Agent archive (SAR) | As downloaded from SAP Support Portal -kit_hdbclient_file | Path to HANA DB client archive (SAR) | As downloaded from SAP Support Portal -kit_s4hana_export | Path to S/4HANA Installation Export dir | The archives downloaded from SAP Support Portal should be present in this path +HANA_SID | The SAP system ID identifies the SAP HANA system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
| +HANA_SYSNO | Specifies the instance number of the SAP HANA system|
  • Two-digit number from 00 to 97
  • Must be unique on a host
+HANA_MAIN_PASSWORD | Common password for all users that are created during the installation (See Obs*). |
  • It must be 8 to 14 characters long
  • It must consist of at least one digit (0-9), one lowercase letter (a-z), and one uppercase letter (A-Z).
  • It can only contain the following characters: a-z, A-Z, 0-9, !, @, #, $, _
  • It must not start with a digit or an underscore ( _ )

(Sensitive* value) +HANA_SYSTEM_USAGE | System Usage | Default: custom
Valid values: production, test, development, custom +HANA_COMPONENTS | SAP HANA Components | Default: server
Valid values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp +KIT_SAPHANA_FILE | Path to SAP HANA ZIP file (See Obs*). | As downloaded from SAP Support Portal +SAP_SID | The SAP system ID identifies the entire SAP system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
+SAP_ASCS_INSTANCE_NUMBER | Technical identifier for internal processes of ASCS|
  • Two-digit number from 00 to 97
  • Must be unique on a host
+SAP_CI_INSTANCE_NUMBER | Technical identifier for internal processes of CI|
  • Two-digit number from 00 to 97
  • Must be unique on a host
+SAP_MAIN_PASSWORD | Common password for all users that are created during the installation |
  • It must be 10 to 14 characters long
  • It must contain at least one digit (0-9)
  • It can only contain the following characters: a-z, A-Z, 0-9, @, #, $, _
  • It must not start with a digit or an underscore ( _ )

(Sensitive* value) +HDB_CONCURRENT_JOBS | Number of concurrent jobs used to load and/or extract archives to HANA Host | Default: 23 +KIT_SAPCAR_FILE | Path to sapcar binary | As downloaded from SAP Support Portal +KIT_SWPM_FILE | Path to SWPM archive (SAR) | As downloaded from SAP Support Portal +KIT_SAPEXE_FILE | Path to SAP Kernel OS archive (SAR) | As downloaded from SAP Support Portal +KIT_SAPEXEDB_FILE | Path to SAP Kernel DB archive (SAR) | As downloaded from SAP Support Portal +KIT_IGSEXE_FILE | Path to IGS archive (SAR) | As downloaded from SAP Support Portal +KIT_IGSHELPER_FILE | Path to IGS Helper archive (SAR) | As downloaded from SAP Support Portal +KIT_SAPHOSTAGENT_FILE | Path to SAP Host Agent archive (SAR) | As downloaded from SAP Support Portal +KIT_HDBCLIENT_FILE | Path to HANA DB client archive (SAR) | As downloaded from SAP Support Portal +KIT_S4HANA_EXPORT | Path to S/4HANA Installation Export dir | The archives downloaded from SAP Support Portal should be present in this path **Obs***:
- **SAP Main Password.** @@ -100,42 +119,46 @@ The password for the SAP system will be hidden during the schematics apply step Parameter | Description | Requirements ----------|-------------|------------- -sap_main_password | Common password for all users that are created during the installation |
  • It must be 8 to 14 characters long
  • It must contain at least one digit (0-9)
  • It must not contain \ (backslash) and " (double quote)
+SAP_MAIN_PASSWORD | Common password for all users that are created during the installation |
  • It must be 8 to 14 characters long
  • It must contain at least one digit (0-9)
  • It must not contain \ (backslash) and " (double quote)
- **Sensitive** - The variable value is not displayed in your Schematics logs and it is hidden in the input field.
- The following parameters should have the same values as the ones set for the BASTION server: REGION, ZONE, VPC, SUBNET, SECURITYGROUP. - For any manual change in the terraform code, you have to make sure that you use a certified image based on the SAP NOTE: 2927211. -- OS **image** for **DB VSI.** Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-sles-15-4-amd64-sap-hana-3, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-8-6-amd64-sap-hana-3. +- OS **image** for **DB VSI.** Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-sles-15-4-amd64-sap-hana-3, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-8-6-amd64-sap-hana-2. - The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images - - Make sure the OS image is appropriate for the selected [VSI profil](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc#hana-iaas-intel-vs-vpc-) and SAP HANA Processing Type - - Default value: DB-IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" -- OS **image** for **SAP APP VSI**. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-sles-15-4-amd64-sap-applications-4, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-8-6-amd64-sap-applications-3. + - Default variable: DB_IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" +- OS **image** for **SAP APP VSI**. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-sles-15-4-amd64-sap-applications-4, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-8-6-amd64-sap-applications-2. - The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images - - Default value: APP-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" + - Default variable: APP_IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" - SAP **HANA Installation path kit** - - Supported SAP HANA versions on RHEL 8 and SLES 15: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP - - Example for RHEL 8 or SLES 15: kit_saphana_file = "/storage/HANADB/51055299.ZIP" - - Default value: kit_saphana_file = "/storage/HANADB/51055299.ZIP" + - Supported SAP HANA versions on RHEL8.4, RHEL8.6, SLES15.3 and SLES15.4: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP + - Example for Red Hat 8 or Suse 15: KIT_SAPHANA_FILE = "/storage/HANADB/51055299.ZIP" + - Default variable: KIT_SAPHANA_FILE = "/storage/HANADB/51055299.ZIP" -## VPC Configuration +## 2.1 Executing the deployment of **Three Tiers SAP S4HANA Stack** in GUI (Schematics) -The Security Rules inherited from BASTION deployment are the following: -- Allow all traffic in the Security group for private networks. -- Allow outbound traffic (ALL for port 53, TCP for ports 80, 443, 8443) -- Allow inbound SSH traffic (TCP for port 22) from IBM Schematics Servers. +### IBM Cloud API Key +The IBM Cloud API Key should be provided as input value of type sensitive for "IBMCLOUD_API_KEY" variable, in `IBM Schematics -> Workspaces -> -> Settings` menu. +The IBM Cloud API Key can be created [here](https://cloud.ibm.com/iam/apikeys). - ## Files description and structure: +### Input parameters - - `modules` - directory containing the terraform modules - - `main.tf` - contains the configuration of the VSI for the deployment of the current SAP solution. - - `output.tf` - contains the code for the information to be displayed after the VSI is created (Hostname, Private IP) - - `integration*.tf` - contains the integration code that makes the SAP variabiles from Terraform available to Ansible. - - `provider.tf` - contains the IBM Cloud Provider data in order to run `terraform init` command. - - `terraform.tfvars` - contains the IBM Cloud API key referenced in `provider.tf` (dynamically generated) - - `variables.tf` - contains variables for the VPC and VSI - - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider. +The following parameters can be set in the Schematics workspace: VPC, Subnet, Security group, Resource group, Hostname, Profile, Image, SSH Keys and your SAP system configuration variables. These are described in [General input variables Section](#15-general-input-variables) section. -## Steps to follow: +Beside [General input variables Section](#15-general-input-variables), the below ones, in IBM Schematics have specific description and GUI input options: + +**VSI input parameters:** + +Parameter | Description +----------|------------ +IBMCLOUD_API_KEY | IBM Cloud API key (Sensitive* value). +PRIVATE_SSH_KEY | Input your id_rsa private key pair content in OpenSSH format (Sensitive* value). This private key should be used only during the terraform provisioning and it is recommended to be changed after the SAP deployment. +ID_RSA_FILE_PATH | The file path for PRIVATE_SSH_KEY will be automatically generated by default. If it is changed, it must contain the relative path from git repo folders.
Default value: "ansible/id_rsa". +BASTION_FLOATING_IP | The FLOATING IP from the Bastion Server. + +**SAP input parameters:** + +### Steps to follow: 1. Make sure that you have the [required IBM Cloud IAM permissions](https://cloud.ibm.com/docs/vpc?topic=vpc-managing-user-permissions-for-vpc-resources) to @@ -153,8 +176,8 @@ The Security Rules inherited from BASTION deployment are the following: 3. Create the Schematics workspace: 1. From the IBM Cloud menu select [Schematics](https://cloud.ibm.com/schematics/overview). - - Click Create a workspace. - - Enter a name for your workspace. + - Click Create a workspace. + - Enter a name for your workspace. - Click Create to create your workspace. 2. On the workspace **Settings** page, enter the URL of this solution in the Schematics examples Github repository. - Select the latest Terraform version. @@ -170,33 +193,20 @@ The Security Rules inherited from BASTION deployment are the following: provisioning, modification, or deletion process. The output of the Schematics Apply Plan will list the public/private IP addresses -of the VSI host, the hostname and the VPC. +of the VSI host, the hostname and the VPC. +## 2.2 Executing the deployment of **Three Tiers SAP S4HANA Stack** in CLI -### Related links: - -- [How to create a BASTION/STORAGE VSI for SAP in IBM Schematics](https://github.com/IBM-Cloud/sap-bastion-setup) -- [Securely Access Remote Instances with a Bastion Host](https://www.ibm.com/cloud/blog/tutorial-securely-access-remote-instances-with-a-bastion-host) -- [VPNs for VPC overview: Site-to-site gateways and Client-to-site servers.](https://cloud.ibm.com/docs/vpc?topic=vpc-vpn-overview) -- [IBM Cloud Schematics](https://www.ibm.com/cloud/schematics) - - -## 1.2 Executing the deployment of **Three Tier SAP S/4HANA Stack** in CLI - -The solution is based on Terraform scripts and Ansible playbooks executed in CLI and it is implementing a 'reasonable' set of best practices for SAP VSI host configuration. - -**It contains:** -- Terraform scripts for the deployment of two VSIs, in an EXISTING VPC, with Subnet and Security Group. The VSIs are intended to be used: one for the data base instance and the other for the application instance. -- Ansible scripts to configure Three Tier SAP S/4HANA primary application server and a HANA 2.0 node. -Please note that Ansible is started by Terraform and must be available on the same host. - -## IBM Cloud API Key +### IBM Cloud API Key For the script configuration add your IBM Cloud API Key in terraform planning phase command 'terraform plan --out plan1'. You can create an API Key [here](https://cloud.ibm.com/iam/apikeys). - -## Input parameter file + +### Input parameter file The solution is configured by editing your variables in the file `input.auto.tfvars` -Edit your VPC, Subnet, Security group, Hostname, Profile, Image, SSH Keys like so: +Edit your VPC, Subnet, Security group, Hostnames, Profile, Image, SSH Keys and starting with minimal recommended disk sizes like so: + +**VSI input parameters** + ```shell ########################################################## # General VPC variables: @@ -206,9 +216,9 @@ REGION = "eu-de" # Region for the VSI. Supported regions: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc # Example: REGION = "eu-de" -ZONE = "eu-de-2" +ZONE = "eu-de-1" # Availability zone for VSI. Supported zones: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc -# Example: ZONE = "eu-de-2" +# Example: ZONE = "eu-de-1" VPC = "ic4sap" # EXISTING VPC, previously created by the user in the same region as the VSI. The list of available VPCs: https://cloud.ibm.com/vpc-ext/network/vpcs @@ -226,7 +236,7 @@ SUBNET = "ic4sap-subnet" # EXISTING Subnet in the same region and zone as the VSI, previously created by the user. The list of available Subnets: https://cloud.ibm.com/vpc-ext/network/subnets # Example: SUBNET = "ic4sap-subnet" -SSH_KEYS = ["r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-e372fc6f-4aef-4bdf-ade6-c4b7c1ad61ca", "r010-09325e15-15be-474e-9b3b-21827b260717", "r010-5cfdb578-fc66-4bf7-967e-f5b4a8d03b89" , "r010-7b85d127-7493-4911-bdb7-61bf40d3c7d4", "r010-771e15dd-8081-4cca-8844-445a40e6a3b3", "r010-d941534b-1d30-474e-9494-c26a88d4cda3"] +SSH_KEYS = ["r010-8f72b994-c17f-4500-af8f-d05680374t3c", "r011-8f72v884-c17f-4500-af8f-d05900374t3c"] # List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. The SSH Keys should be created for the same region as the VSI. The list of available SSH Keys UUIDs: https://cloud.ibm.com/vpc-ext/compute/sshKeys # Example: SSH_KEYS = ["r010-8f72b994-c17f-4500-af8f-d05680374t3c", "r011-8f72v884-c17f-4500-af8f-d05900374t3c"] @@ -234,55 +244,38 @@ SSH_KEYS = ["r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-e372fc6f-4aef-4bd # DB VSI variables: ########################################################## -DB-HOSTNAME = "saps4hnmar1" +DB_HOSTNAME = "ic4sapdb" # The Hostname for the DB VSI. The hostname should be up to 13 characters, as required by SAP -# Example: HOSTNAME = "ic4sap" +# Example: DB_HOSTNAME = "ic4sapdb" -DB-PROFILE = "mx2-16x128" +DB_PROFILE = "mx2-16x128" # The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs: https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc # Details about all x86 instance profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles). # For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211) # Default value: "mx2-16x128" -DB-IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" +DB_IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" # OS image for DB VSI. Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-sles-15-4-amd64-sap-hana-3, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-8-6-amd64-sap-hana-2. # The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images -# Example: DB-IMAGE = "ibm-sles-15-4-amd64-sap-hana-3" +# Example: DB_IMAGE = "ibm-sles-15-4-amd64-sap-hana-3" ########################################################## # SAP APP VSI variables: ########################################################## -APP-HOSTNAME = "saps4apmar1" +APP_HOSTNAME = "ic4sapapp" # The Hostname for the SAP APP VSI. The hostname should be up to 13 characters, as required by SAP -# Example: HOSTNAME = "ic4sap" +# Example: APP_HOSTNAME = "ic4sapapp" -APP-PROFILE = "bx2-4x16" +APP_PROFILE = "bx2-4x16" # The APP VSI profile. Supported profiles: bx2-4x16. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui -APP-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" +APP_IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" # OS image for SAP APP VSI. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-sles-15-4-amd64-sap-applications-4, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-8-6-amd64-sap-applications-2. # The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images -# Example: APP-IMAGE = "ibm-sles-15-4-amd64-sap-applications-4" -...... +# Example: APP_IMAGE = "ibm-sles-15-4-amd64-sap-applications-4" ``` -Parameter | Description -----------|------------ -ibmcloud_api_key | IBM Cloud API key (Sensitive* value). -SSH_KEYS | List of SSH Keys IDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available [here](https://cloud.ibm.com/vpc-ext/compute/sshKeys).
Sample input (use your own SSH IDS from IBM Cloud):
[ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ] -REGION | The cloud region where to deploy the solution.
The regions and zones for VPC are listed [here](https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc).
Sample value: eu-de. -ZONE | The cloud zone where to deploy the solution.
Sample value: eu-de-2. -VPC | The name of an EXISTING VPC. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs) -SUBNET | The name of an EXISTING Subnet. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). -SECURITY_GROUP | The name of an EXISTING Security group. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups). -RESOURCE_GROUP | The name of an EXISTING Resource Group for VSIs and Volumes resources. The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups). -[DB/APP]-HOSTNAME | The Hostname for the HANA/APP VSI. The hostname should be up to 13 characters as required by SAP.
For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361) -DB-PROFILE | The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs is available [here](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc).
Details about all x86 instance profiles are available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "mx2-16x128" -DB-IMAGE | The OS image used for HANA VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images)
Default value: ibm-redhat-8-6-amd64-sap-hana-2 -APP-PROFILE | The instance profile used for SAP Application VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles)
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "bx2-4x16" -APP-IMAGE | The OS image used for SAP Application VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).
Default value: ibm-redhat-8-6-amd64-sap-applications-2 - Edit your SAP system configuration variables that will be passed to the ansible automated deployment: ```shell @@ -290,110 +283,61 @@ Edit your SAP system configuration variables that will be passed to the ansible # SAP HANA configuration ########################################################## -hana_sid = "HDB" +HANA_SID = "HDB" # SAP HANA system ID. Should follow the SAP rules for SID naming. -# Example: hana_sid = "HDB" +# Example: HANA_SID = "HDB" -hana_sysno = "00" +HANA_SYSNO = "00" # SAP HANA instance number. Should follow the SAP rules for instance number naming. -# Example: hana_sysno = "01" +# Example: HANA_SYSNO = "01" -hana_system_usage = "custom" +HANA_SYSTEM_USAGE = "custom" # System usage. Default: custom. Suported values: production, test, development, custom -# Example: hana_system_usage = "custom" +# Example: HANA_SYSTEM_USAGE = "custom" -hana_components = "server" +HANA_COMPONENTS = "server" # SAP HANA Components. Default: server. Supported values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp -# Example: hana_components = "server" +# Example: HANA_COMPONENTS = "server" -kit_saphana_file = "/storage/HANADB/51055299.ZIP" +KIT_SAPHANA_FILE = "/storage/HANADB/51055299.ZIP" # SAP HANA Installation kit path -# Supported SAP HANA versions on RHEL 8 and SLES 15.3: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP -# Example for RHEL 8 or SLES 15: kit_saphana_file = "/storage/HANADB/51055299.ZIP" +# Supported SAP HANA versions on RHEL8.4, RHEL8.6, SLES15.3 and SLES15.4: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP +# Example for Red Hat 8 or Suse 15: KIT_SAPHANA_FILE = "/storage/HANADB/51055299.ZIP" ########################################################## # SAP system configuration ########################################################## -sap_sid = "S4A" +SAP_SID = "S4A" # SAP System ID -sap_ascs_instance_number = "01" +SAP_ASCS_INSTANCE_NUMBER = "01" # The central ABAP service instance number. Should follow the SAP rules for instance number naming. -# Example: sap_ascs_instance_number = "01" +# Example: SAP_ASCS_INSTANCE_NUMBER = "01" -sap_ci_instance_number = "00" +SAP_CI_INSTANCE_NUMBER = "06" # The SAP central instance number. Should follow the SAP rules for instance number naming. -# Example: sap_ci_instance_number = "06" +# Example: SAP_CI_INSTANCE_NUMBER = "06" -hdb_concurrent_jobs = "23" +HDB_CONCURRENT_JOBS = "23" # Number of concurrent jobs used to load and/or extract archives to HANA Host ########################################################## # SAP S/4HANA APP Kit Paths ########################################################## -kit_sapcar_file = "/storage/S4HANA/SAPCAR_1010-70006178.EXE" -kit_swpm_file = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR" -kit_sapexe_file = "/storage/S4HANA/SAPEXE_100-70005283.SAR" -kit_sapexedb_file = "/storage/S4HANA/SAPEXEDB_100-70005282.SAR" -kit_igsexe_file = "/storage/S4HANA/igsexe_1-70005417.sar" -kit_igshelper_file = "/storage/S4HANA/igshelper_17-10010245.sar" -kit_saphotagent_file = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR" -kit_hdbclient_file = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR" -kit_s4hana_export = "/storage/S4HANA/export" +KIT_SAPCAR_FILE = "/storage/S4HANA/SAPCAR_1010-70006178.EXE" +KIT_SWPM_FILE = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR" +KIT_SAPEXE_FILE = "/storage/S4HANA/SAPEXE_400-80004393.SAR" +KIT_SAPEXEDB_FILE = "/storage/S4HANA/SAPEXEDB_400-80004392.SAR" +KIT_IGSEXE_FILE = "/storage/S4HANA/igsexe_13-80003187.sar" +KIT_IGSHELPER_FILE = "/storage/S4HANA/igshelper_17-10010245.sar" +KIT_SAPHOSTAGENT_FILE = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR" +KIT_HDBCLIENT_FILE = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR" +KIT_S4HANA_EXPORT = "/storage/S4HANA/export" ``` -**SAP input parameters:** - -Parameter | Description | Requirements -----------|-------------|------------- -hana_sid | The SAP system ID identifies the SAP HANA system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
| -hana_sysno | Specifies the instance number of the SAP HANA system|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-hana_main_password | Common password for all users that are created during the installation |
  • It must be 8 to 14 characters long
  • It must consist of at least one digit (0-9), one lowercase letter (a-z), and one uppercase letter (A-Z).
  • It can only contain the following characters: a-z, A-Z, 0-9, !, @, #, $, _
  • It must not start with a digit or an underscore ( _ )
-hana_system_usage | System Usage | Default: custom
Valid values: production, test, development, custom -hana_components | SAP HANA Components | Default: server
Valid values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp -kit_saphana_file | Path to SAP HANA ZIP file | As downloaded from SAP Support Portal -sap_sid | The SAP system ID identifies the entire SAP system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
-sap_ascs_instance_number | Technical identifier for internal processes of ASCS|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-sap_ci_instance_number | Technical identifier for internal processes of CI|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-sap_main_password | Common password for all users that are created during the installation |
  • It must be 10 to 14 characters long
  • It must contain at least one digit (0-9)
  • It can only contain the following characters: a-z, A-Z, 0-9, @, #, $, _
  • It must not start with a digit or an underscore ( _ )
-hdb_concurrent_jobs | Number of concurrent jobs used to load and/or extract archives to HANA Host | Default: 23 -kit_sapcar_file | Path to sapcar binary | As downloaded from SAP Support Portal -kit_swpm_file | Path to SWPM archive (SAR) | As downloaded from SAP Support Portal -kit_sapexe_file | Path to SAP Kernel OS archive (SAR) | As downloaded from SAP Support Portal -kit_sapexedb_file | Path to SAP Kernel DB archive (SAR) | As downloaded from SAP Support Portal -kit_igsexe_file | Path to IGS archive (SAR) | As downloaded from SAP Support Portal -kit_igshelper_file | Path to IGS Helper archive (SAR) | As downloaded from SAP Support Portal -kit_saphostagent_file | Path to SAP Host Agent archive (SAR) | As downloaded from SAP Support Portal -kit_hdbclient_file | Path to HANA DB client archive (SAR) | As downloaded from SAP Support Portal -kit_s4hana_export | Path to S/4HANA Installation Export dir | The archives downloaded from SAP Support Portal should be present in this path - -**Obs***:
-- Sensitive - The variable value is not displayed in your tf files details after terrafrorm plan&apply commands.
-- The following variables should be the same like the bastion ones: REGION, ZONE, VPC, SUBNET, SECURITY_GROUP. - -## VPC Configuration - -The Security Rules are the following: -- Allow all traffic in the Security group -- Allow all outbound traffic -- Allow inbound DNS traffic (UDP port 53) -- Allow inbound SSH traffic (TCP port 22) -- Option to Allow inbound TCP traffic with a custom port or a range of ports. - - -## Files description and structure: - - `modules` - directory containing the terraform modules - - `input.auto.tfvars` - contains the variables that will need to be edited by the user to customize the solution - - `integration-*.tf` - contains the integration code that brings the SAP variabiles from Terraform to Ansible. - - `main.tf` - contains the configuration of the VSI for SAP single tier deployment. - - `provider.tf` - contains the IBM Cloud Provider data in order to run `terraform init` command. - - `variables.tf` - contains variables for the VPC and VSI - - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider. - - `output.tf` - contains the code for the information to be displayed after the VSI is created (Hostname, Private IP, Public IP) - -## Steps to follow: +## Steps to reproduce: For initializing terraform: @@ -405,9 +349,11 @@ For planning phase: ```shell terraform plan --out plan1 -# you will be asked for the following sensitive variables: 'ibmcloud_api_key', 'sap_main_password' and 'hana_main_password'. +# you will be asked for the following sensitive variables: +'IBMCLOUD_API_KEY', 'SAP_MAIN_PASSWORD' and 'HANA_MAIN_PASSWORD'. ``` + For apply phase: ```shell @@ -418,15 +364,13 @@ For destroy: ```shell terraform destroy -# you will be asked for the following sensitive variables as a destroy confirmation phase: 'ibmcloud_api_key', 'sap_main_password' and 'hana_main_password'. +# you will be asked for the following sensitive variables as a destroy confirmation phase: +'IBMCLOUD_API_KEY', 'SAP_MAIN_PASSWORD' and 'HANA_MAIN_PASSWORD'. ``` +### 3.1 Related links: -The Terraform version used for deployment should be >= 1.3.6. -Note: The deployment was tested with Terraform 1.3.6 - -### Related links: - -- [See how to create a BASTION/STORAGE VSI for SAP in IBM Schematics](https://github.com/IBM-Cloud/sap-bastion-setup) +- [How to create a BASTION/STORAGE VSI for SAP in IBM Schematics](https://github.com/IBM-Cloud/sap-bastion-setup) - [Securely Access Remote Instances with a Bastion Host](https://www.ibm.com/cloud/blog/tutorial-securely-access-remote-instances-with-a-bastion-host) - [VPNs for VPC overview: Site-to-site gateways and Client-to-site servers.](https://cloud.ibm.com/docs/vpc?topic=vpc-vpn-overview) +- [IBM Cloud Schematics](https://www.ibm.com/cloud/schematics) diff --git a/cli/ansible/ansible.cfg b/ansible/ansible.cfg similarity index 100% rename from cli/ansible/ansible.cfg rename to ansible/ansible.cfg diff --git a/cli/ansible/roles/s4appinst/defaults/main.yml b/ansible/roles/s4appinst/defaults/main.yml similarity index 100% rename from cli/ansible/roles/s4appinst/defaults/main.yml rename to ansible/roles/s4appinst/defaults/main.yml diff --git a/cli/ansible/roles/s4appinst/tasks/install_kit.yml b/ansible/roles/s4appinst/tasks/install_kit.yml similarity index 100% rename from cli/ansible/roles/s4appinst/tasks/install_kit.yml rename to ansible/roles/s4appinst/tasks/install_kit.yml diff --git a/cli/ansible/roles/s4appinst/tasks/main.yml b/ansible/roles/s4appinst/tasks/main.yml similarity index 100% rename from cli/ansible/roles/s4appinst/tasks/main.yml rename to ansible/roles/s4appinst/tasks/main.yml diff --git a/cli/ansible/roles/s4appinst/templates/sapinst.cfg b/ansible/roles/s4appinst/templates/sapinst.cfg similarity index 100% rename from cli/ansible/roles/s4appinst/templates/sapinst.cfg rename to ansible/roles/s4appinst/templates/sapinst.cfg diff --git a/cli/ansible/roles/s4appreq/defaults/main.yml b/ansible/roles/s4appreq/defaults/main.yml similarity index 100% rename from cli/ansible/roles/s4appreq/defaults/main.yml rename to ansible/roles/s4appreq/defaults/main.yml diff --git a/cli/ansible/roles/s4appreq/files/sap.conf b/ansible/roles/s4appreq/files/sap.conf similarity index 100% rename from cli/ansible/roles/s4appreq/files/sap.conf rename to ansible/roles/s4appreq/files/sap.conf diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/SELinux.yml b/ansible/roles/s4appreq/tasks/configurations/SELinux.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/SELinux.yml rename to ansible/roles/s4appreq/tasks/configurations/SELinux.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/abrtd.yml b/ansible/roles/s4appreq/tasks/configurations/abrtd.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/abrtd.yml rename to ansible/roles/s4appreq/tasks/configurations/abrtd.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/compatlibs.yml b/ansible/roles/s4appreq/tasks/configurations/compatlibs.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/compatlibs.yml rename to ansible/roles/s4appreq/tasks/configurations/compatlibs.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/filesystems.yml b/ansible/roles/s4appreq/tasks/configurations/filesystems.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/filesystems.yml rename to ansible/roles/s4appreq/tasks/configurations/filesystems.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/firewalld.yml b/ansible/roles/s4appreq/tasks/configurations/firewalld.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/firewalld.yml rename to ansible/roles/s4appreq/tasks/configurations/firewalld.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/hostname.yml b/ansible/roles/s4appreq/tasks/configurations/hostname.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/hostname.yml rename to ansible/roles/s4appreq/tasks/configurations/hostname.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml b/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml rename to ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/kdump.yml b/ansible/roles/s4appreq/tasks/configurations/kdump.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/kdump.yml rename to ansible/roles/s4appreq/tasks/configurations/kdump.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml b/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml rename to ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/limits.yml b/ansible/roles/s4appreq/tasks/configurations/limits.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/limits.yml rename to ansible/roles/s4appreq/tasks/configurations/limits.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/reboot.yml b/ansible/roles/s4appreq/tasks/configurations/reboot.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/reboot.yml rename to ansible/roles/s4appreq/tasks/configurations/reboot.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml b/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml rename to ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml b/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml rename to ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/reqpkg.yml b/ansible/roles/s4appreq/tasks/configurations/reqpkg.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/reqpkg.yml rename to ansible/roles/s4appreq/tasks/configurations/reqpkg.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml b/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml rename to ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/saptune.yml b/ansible/roles/s4appreq/tasks/configurations/saptune.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/saptune.yml rename to ansible/roles/s4appreq/tasks/configurations/saptune.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/tmpfiles.yml b/ansible/roles/s4appreq/tasks/configurations/tmpfiles.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/tmpfiles.yml rename to ansible/roles/s4appreq/tasks/configurations/tmpfiles.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml b/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml rename to ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml b/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml rename to ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml b/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml rename to ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml b/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml rename to ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/uuidd.yml b/ansible/roles/s4appreq/tasks/configurations/uuidd.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/configurations/uuidd.yml rename to ansible/roles/s4appreq/tasks/configurations/uuidd.yml diff --git a/cli/ansible/roles/s4appreq/tasks/main.yml b/ansible/roles/s4appreq/tasks/main.yml similarity index 100% rename from cli/ansible/roles/s4appreq/tasks/main.yml rename to ansible/roles/s4appreq/tasks/main.yml diff --git a/cli/ansible/roles/s4appreq/vars/RedHat8.yml b/ansible/roles/s4appreq/vars/RedHat8.yml similarity index 100% rename from cli/ansible/roles/s4appreq/vars/RedHat8.yml rename to ansible/roles/s4appreq/vars/RedHat8.yml diff --git a/cli/ansible/roles/s4appreq/vars/SLES_SAP15.yml b/ansible/roles/s4appreq/vars/SLES_SAP15.yml similarity index 100% rename from cli/ansible/roles/s4appreq/vars/SLES_SAP15.yml rename to ansible/roles/s4appreq/vars/SLES_SAP15.yml diff --git a/cli/ansible/roles/saphanainst/defaults/main.yml b/ansible/roles/saphanainst/defaults/main.yml similarity index 100% rename from cli/ansible/roles/saphanainst/defaults/main.yml rename to ansible/roles/saphanainst/defaults/main.yml diff --git a/cli/ansible/roles/saphanainst/tasks/install_kit.yml b/ansible/roles/saphanainst/tasks/install_kit.yml similarity index 100% rename from cli/ansible/roles/saphanainst/tasks/install_kit.yml rename to ansible/roles/saphanainst/tasks/install_kit.yml diff --git a/cli/ansible/roles/saphanainst/tasks/main.yml b/ansible/roles/saphanainst/tasks/main.yml similarity index 100% rename from cli/ansible/roles/saphanainst/tasks/main.yml rename to ansible/roles/saphanainst/tasks/main.yml diff --git a/cli/ansible/roles/saphanainst/templates/hanaconfig.cfg b/ansible/roles/saphanainst/templates/hanaconfig.cfg similarity index 100% rename from cli/ansible/roles/saphanainst/templates/hanaconfig.cfg rename to ansible/roles/saphanainst/templates/hanaconfig.cfg diff --git a/cli/ansible/roles/saphanareq/defaults/main.yml b/ansible/roles/saphanareq/defaults/main.yml similarity index 100% rename from cli/ansible/roles/saphanareq/defaults/main.yml rename to ansible/roles/saphanareq/defaults/main.yml diff --git a/cli/ansible/roles/saphanareq/files/sap.conf b/ansible/roles/saphanareq/files/sap.conf similarity index 100% rename from cli/ansible/roles/saphanareq/files/sap.conf rename to ansible/roles/saphanareq/files/sap.conf diff --git a/cli/ansible/roles/saphanareq/filter_plugins/filesystemdata.py b/ansible/roles/saphanareq/filter_plugins/filesystemdata.py similarity index 100% rename from cli/ansible/roles/saphanareq/filter_plugins/filesystemdata.py rename to ansible/roles/saphanareq/filter_plugins/filesystemdata.py diff --git a/cli/ansible/roles/saphanareq/filter_plugins/lvmdata.py b/ansible/roles/saphanareq/filter_plugins/lvmdata.py similarity index 100% rename from cli/ansible/roles/saphanareq/filter_plugins/lvmdata.py rename to ansible/roles/saphanareq/filter_plugins/lvmdata.py diff --git a/cli/ansible/roles/saphanareq/filter_plugins/partitionlist.py b/ansible/roles/saphanareq/filter_plugins/partitionlist.py similarity index 100% rename from cli/ansible/roles/saphanareq/filter_plugins/partitionlist.py rename to ansible/roles/saphanareq/filter_plugins/partitionlist.py diff --git a/cli/ansible/roles/saphanareq/filter_plugins/storagedetails.py b/ansible/roles/saphanareq/filter_plugins/storagedetails.py similarity index 100% rename from cli/ansible/roles/saphanareq/filter_plugins/storagedetails.py rename to ansible/roles/saphanareq/filter_plugins/storagedetails.py diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/SELinux.yml b/ansible/roles/saphanareq/tasks/configurations/SELinux.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/SELinux.yml rename to ansible/roles/saphanareq/tasks/configurations/SELinux.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/abrtd.yml b/ansible/roles/saphanareq/tasks/configurations/abrtd.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/abrtd.yml rename to ansible/roles/saphanareq/tasks/configurations/abrtd.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/filesystems.yml b/ansible/roles/saphanareq/tasks/configurations/filesystems.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/filesystems.yml rename to ansible/roles/saphanareq/tasks/configurations/filesystems.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/firewalld.yml b/ansible/roles/saphanareq/tasks/configurations/firewalld.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/firewalld.yml rename to ansible/roles/saphanareq/tasks/configurations/firewalld.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/hostname.yml b/ansible/roles/saphanareq/tasks/configurations/hostname.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/hostname.yml rename to ansible/roles/saphanareq/tasks/configurations/hostname.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml b/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml rename to ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/kdump.yml b/ansible/roles/saphanareq/tasks/configurations/kdump.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/kdump.yml rename to ansible/roles/saphanareq/tasks/configurations/kdump.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml b/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml rename to ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml b/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml rename to ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/limits.yml b/ansible/roles/saphanareq/tasks/configurations/limits.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/limits.yml rename to ansible/roles/saphanareq/tasks/configurations/limits.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/reboot.yml b/ansible/roles/saphanareq/tasks/configurations/reboot.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/reboot.yml rename to ansible/roles/saphanareq/tasks/configurations/reboot.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml b/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml rename to ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml b/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml rename to ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/reqpkg.yml b/ansible/roles/saphanareq/tasks/configurations/reqpkg.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/reqpkg.yml rename to ansible/roles/saphanareq/tasks/configurations/reqpkg.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml b/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml rename to ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/saptune.yml b/ansible/roles/saphanareq/tasks/configurations/saptune.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/saptune.yml rename to ansible/roles/saphanareq/tasks/configurations/saptune.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/symlinks.yml b/ansible/roles/saphanareq/tasks/configurations/symlinks.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/symlinks.yml rename to ansible/roles/saphanareq/tasks/configurations/symlinks.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/tmpfiles.yml b/ansible/roles/saphanareq/tasks/configurations/tmpfiles.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/tmpfiles.yml rename to ansible/roles/saphanareq/tasks/configurations/tmpfiles.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/tmpfs.yml b/ansible/roles/saphanareq/tasks/configurations/tmpfs.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/tmpfs.yml rename to ansible/roles/saphanareq/tasks/configurations/tmpfs.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/tuned.yml b/ansible/roles/saphanareq/tasks/configurations/tuned.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/tuned.yml rename to ansible/roles/saphanareq/tasks/configurations/tuned.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml b/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml rename to ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml b/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml rename to ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml b/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml rename to ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml b/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml rename to ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/uuidd.yml b/ansible/roles/saphanareq/tasks/configurations/uuidd.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/configurations/uuidd.yml rename to ansible/roles/saphanareq/tasks/configurations/uuidd.yml diff --git a/cli/ansible/roles/saphanareq/tasks/main.yml b/ansible/roles/saphanareq/tasks/main.yml similarity index 100% rename from cli/ansible/roles/saphanareq/tasks/main.yml rename to ansible/roles/saphanareq/tasks/main.yml diff --git a/cli/ansible/roles/saphanareq/vars/RedHat8.yml b/ansible/roles/saphanareq/vars/RedHat8.yml similarity index 100% rename from cli/ansible/roles/saphanareq/vars/RedHat8.yml rename to ansible/roles/saphanareq/vars/RedHat8.yml diff --git a/cli/ansible/roles/saphanareq/vars/SLES_SAP15.yml b/ansible/roles/saphanareq/vars/SLES_SAP15.yml similarity index 100% rename from cli/ansible/roles/saphanareq/vars/SLES_SAP15.yml rename to ansible/roles/saphanareq/vars/SLES_SAP15.yml diff --git a/ansible/sap-s-hana.yml b/ansible/sap-s-hana.yml new file mode 100644 index 0000000..ba867c5 --- /dev/null +++ b/ansible/sap-s-hana.yml @@ -0,0 +1,7 @@ +--- +- name: saphana.yml + ansible.builtin.import_playbook: saphana.yml +- name: saps4app.yml + ansible.builtin.import_playbook: saps4app.yml +... + diff --git a/schematics/ansible/saphana.yml b/ansible/saphana.yml similarity index 90% rename from schematics/ansible/saphana.yml rename to ansible/saphana.yml index 1d243ff..843601a 100644 --- a/schematics/ansible/saphana.yml +++ b/ansible/saphana.yml @@ -1,5 +1,5 @@ --- -- hosts: all +- hosts: db_host gather_facts: yes pre_tasks: - name: Import playbook variables diff --git a/cli/ansible/saps4app.yml b/ansible/saps4app.yml similarity index 89% rename from cli/ansible/saps4app.yml rename to ansible/saps4app.yml index 1e0f732..651075d 100644 --- a/cli/ansible/saps4app.yml +++ b/ansible/saps4app.yml @@ -1,5 +1,5 @@ --- -- hosts: all +- hosts: app_host gather_facts: yes pre_tasks: - name: Import playbook variables diff --git a/cli/README.md b/cli/README.md deleted file mode 100644 index f15735c..0000000 --- a/cli/README.md +++ /dev/null @@ -1,279 +0,0 @@ -# Three Tier SAP S/4HANA Stack Deployment - - -## Description -This automation solution is designed for the deployment of **Three Tier SAP S/4HANA Stack** using CLI. The SAP solution will be deployed on top of one of the following Operating Systems: **SUSE Linux Enterprise Server 15 SP 3 for SAP**, **SUSE Linux Enterprise Server 15 SP 4 for SAP**, **Red Hat Enterprise Linux 8.4 for SAP**, **Red Hat Enterprise Linux 8.6 for SAP** in an existing IBM Cloud Gen2 VPC, using an existing bastion host with secure remote SSH access. - -The solution is based on Terraform scripts and Ansible playbooks executed in CLI and it is implementing a 'reasonable' set of best practices for SAP VSI host configuration. - -**It contains:** -- Terraform scripts for the deployment of two VSIs, in an EXISTING VPC, with Subnet and Security Group. The VSIs are intended to be used: one for the data base instance and the other for the application instance. -- Ansible scripts to configure Three Tier SAP S/4HANA primary application server and a HANA 2.0 node. -Please note that Ansible is started by Terraform and must be available on the same host. - -## Installation media -SAP HANA installation media used for this deployment is the default one for **SAP HANA, platform edition 2.0 SPS05** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file. - -SAP S/4HANA installation media used for this deployment is the default one for **SAP S/4HANA 2020** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file. - -## VSI Configuration -The VSIs are deployed with one of the following Operating Systems for DB server: Suse Linux Enterprise Server 15 SP 3 for SAP HANA (amd64), Suse Linux Enterprise Server 15 SP 4 for SAP HANA (amd64), Red Hat Enterprise Linux 8.4 for SAP HANA (amd64) or Red Hat Enterprise Linux 8.6 for SAP HANA (amd64) and with one of the following Operating Systems for APP server: Suse Enterprise Linux 15 SP3 for SAP Applications (amd64), Suse Enterprise Linux 15 SP4 for SAP Applications (amd64), Red Hat Enterprise Linux 8.4 for SAP Applications (amd64), Red Hat Enterprise Linux 8.6 for SAP Applications (amd64). The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning: - -HANA DB VSI Disks: -- the disk sizes depend on the selected profile, according to [Intel Virtual Server certified profiles on VPC infrastructure for SAP HANA](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc) - Last updated 2022-01-28 - -Note: LVM will be used for **`/hana/data`**, **`hana/log`**, **`/hana/shared`** and **`/usr/sap`**, for all storage profiles, excepting **`vx2d-44x616`** and **`vx2d-88x1232`** profiles, where **`/hana/data`** and **`/hana/shared`** won't be manged by LVM, according to [Intel Virtual Server certified profiles on VPC infrastructure for SAP HANA](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc#vx2d-16x224) - Last updated 2022-01-28 and to [Storage design considerations](https://cloud.ibm.com/docs/sap?topic=sap-storage-design-considerations#hana-iaas-mx2-16x128-32x256-configure) - Last updated 2022-05-19 - -For example, in case of deploying a HANA VM, using the default value for VSI profile `mx2-16x128`, the automation will execute the following storage setup: -- 3 volumes x 500 GB each for `_hana_vg` volume group - - the volume group will contain the following logical volumes (created with three stripes): - - `_hana_data_lv` - size 988 GB - - `_hana_log_lv` - size 256 GB - - `_hana_shared` - size 256 GB -- 1 volume x 50 GB for `/usr/sap` (volume group: `_usr_sap_vg`, logical volume: `_usr_sap_lv`) -- 1 volume x 10 GB for a 2 GB SWAP logical volume (volume group: `_swap_vg`, logical volume: `_swap_lv`) - -SAP APPs VSI Disks: -- 1x 40 GB disk with 10 IOPS / GB - SWAP -- 1 x 128 GB disk with 10 IOPS / GB - DATA - -## IBM Cloud API Key -For the script configuration add your IBM Cloud API Key in terraform planning phase command 'terraform plan --out plan1'. -You can create an API Key [here](https://cloud.ibm.com/iam/apikeys). - -## Input parameter file -The solution is configured by editing your variables in the file `input.auto.tfvars` -Edit your VPC, Subnet, Security group, Hostname, Profile, Image, SSH Keys like so: -```shell -########################################################## -# General VPC variables: -###################################################### - -REGION = "eu-de" -# Region for the VSI. Supported regions: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc -# Example: REGION = "eu-de" - -ZONE = "eu-de-2" -# Availability zone for VSI. Supported zones: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc -# Example: ZONE = "eu-de-2" - -VPC = "ic4sap" -# EXISTING VPC, previously created by the user in the same region as the VSI. The list of available VPCs: https://cloud.ibm.com/vpc-ext/network/vpcs -# Example: VPC = "ic4sap" - -SECURITY_GROUP = "ic4sap-securitygroup" -# EXISTING Security group, previously created by the user in the same VPC. The list of available Security Groups: https://cloud.ibm.com/vpc-ext/network/securityGroups -# Example: SECURITY_GROUP = "ic4sap-securitygroup" - -RESOURCE_GROUP = "wes-automation" -# EXISTING Resource group, previously created by the user. The list of available Resource Groups: https://cloud.ibm.com/account/resource-groups -# Example: RESOURCE_GROUP = "wes-automation" - -SUBNET = "ic4sap-subnet" -# EXISTING Subnet in the same region and zone as the VSI, previously created by the user. The list of available Subnets: https://cloud.ibm.com/vpc-ext/network/subnets -# Example: SUBNET = "ic4sap-subnet" - -SSH_KEYS = ["r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-e372fc6f-4aef-4bdf-ade6-c4b7c1ad61ca", "r010-09325e15-15be-474e-9b3b-21827b260717", "r010-5cfdb578-fc66-4bf7-967e-f5b4a8d03b89" , "r010-7b85d127-7493-4911-bdb7-61bf40d3c7d4", "r010-771e15dd-8081-4cca-8844-445a40e6a3b3", "r010-d941534b-1d30-474e-9494-c26a88d4cda3"] -# List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. The SSH Keys should be created for the same region as the VSI. The list of available SSH Keys UUIDs: https://cloud.ibm.com/vpc-ext/compute/sshKeys -# Example: SSH_KEYS = ["r010-8f72b994-c17f-4500-af8f-d05680374t3c", "r011-8f72v884-c17f-4500-af8f-d05900374t3c"] - -########################################################## -# DB VSI variables: -########################################################## - -DB-HOSTNAME = "saps4hnmar1" -# The Hostname for the DB VSI. The hostname should be up to 13 characters, as required by SAP -# Example: HOSTNAME = "ic4sap" - -DB-PROFILE = "mx2-16x128" -# The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs: https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc -# Details about all x86 instance profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles). -# For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211) -# Default value: "mx2-16x128" - -DB-IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" -# OS image for DB VSI. Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-sles-15-4-amd64-sap-hana-3, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-8-6-amd64-sap-hana-2. -# The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images -# Example: DB-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" - -########################################################## -# SAP APP VSI variables: -########################################################## - -APP-HOSTNAME = "saps4apmar1" -# The Hostname for the SAP APP VSI. The hostname should be up to 13 characters, as required by SAP -# Example: HOSTNAME = "ic4sap" - -APP-PROFILE = "bx2-4x16" -# The APP VSI profile. Supported profiles: bx2-4x16. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui - -APP-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" -# OS image for SAP APP VSI. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-sles-15-4-amd64-sap-applications-4, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-8-6-amd64-sap-applications-2. -# The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images -# Example: APP-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" -...... -``` - -Parameter | Description -----------|------------ -ibmcloud_api_key | IBM Cloud API key (Sensitive* value). -SSH_KEYS | List of SSH Keys IDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available [here](https://cloud.ibm.com/vpc-ext/compute/sshKeys).
Sample input (use your own SSH IDS from IBM Cloud):
[ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ] -REGION | The cloud region where to deploy the solution.
The regions and zones for VPC are listed [here](https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc).
Sample value: eu-de. -ZONE | The cloud zone where to deploy the solution.
Sample value: eu-de-2. -VPC | The name of an EXISTING VPC. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs) -SUBNET | The name of an EXISTING Subnet. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). -SECURITY_GROUP | The name of an EXISTING Security group. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups). -RESOURCE_GROUP | The name of an EXISTING Resource Group for VSIs and Volumes resources. The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups). -[DB/APP]-HOSTNAME | The Hostname for the HANA/APP VSI. The hostname should be up to 13 characters as required by SAP.
For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361) -DB-PROFILE | The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs is available [here](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc).
Details about all x86 instance profiles are available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "mx2-16x128" -DB-IMAGE | The OS image used for HANA VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images)
Default value: ibm-redhat-8-6-amd64-sap-hana-2 -APP-PROFILE | The instance profile used for SAP Application VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles)
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "bx2-4x16" -APP-IMAGE | The OS image used for SAP Application VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).
Default value: ibm-redhat-8-6-amd64-sap-applications-2 - -Edit your SAP system configuration variables that will be passed to the ansible automated deployment: - -```shell -########################################################## -# SAP HANA configuration -########################################################## - -hana_sid = "HDB" -# SAP HANA system ID. Should follow the SAP rules for SID naming. -# Example: hana_sid = "HDB" - -hana_sysno = "00" -# SAP HANA instance number. Should follow the SAP rules for instance number naming. -# Example: hana_sysno = "01" - -hana_system_usage = "custom" -# System usage. Default: custom. Suported values: production, test, development, custom -# Example: hana_system_usage = "custom" - -hana_components = "server" -# SAP HANA Components. Default: server. Supported values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp -# Example: hana_components = "server" - -kit_saphana_file = "/storage/HANADB/51055299.ZIP" -# SAP HANA Installation kit path -# Supported SAP HANA versions on RHEL 8 and SLES 15: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP -# Example for RHEL 8 or SLES 15: kit_saphana_file = "/storage/HANADB/51055299.ZIP" - -########################################################## -# SAP system configuration -########################################################## - -sap_sid = "S4A" -# SAP System ID - -sap_ascs_instance_number = "01" -# The central ABAP service instance number. Should follow the SAP rules for instance number naming. -# Example: sap_ascs_instance_number = "01" - -sap_ci_instance_number = "00" -# The SAP central instance number. Should follow the SAP rules for instance number naming. -# Example: sap_ci_instance_number = "06" - -hdb_concurrent_jobs = "23" -# Number of concurrent jobs used to load and/or extract archives to HANA Host - -########################################################## -# SAP S4HANA APP Kit Paths -########################################################## - -kit_sapcar_file = "/storage/S4HANA/SAPCAR_1010-70006178.EXE" -kit_swpm_file = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR" -kit_sapexe_file = "/storage/S4HANA/SAPEXE_100-70005283.SAR" -kit_sapexedb_file = "/storage/S4HANA/SAPEXEDB_100-70005282.SAR" -kit_igsexe_file = "/storage/S4HANA/igsexe_1-70005417.sar" -kit_igshelper_file = "/storage/S4HANA/igshelper_17-10010245.sar" -kit_saphotagent_file = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR" -kit_hdbclient_file = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR" -kit_s4hana_export = "/storage/S4HANA/export" -``` -**SAP input parameters:** - -Parameter | Description | Requirements -----------|-------------|------------- -hana_sid | The SAP system ID identifies the SAP HANA system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
| -hana_sysno | Specifies the instance number of the SAP HANA system|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-hana_main_password | Common password for all users that are created during the installation |
  • It must be 8 to 14 characters long
  • It must consist of at least one digit (0-9), one lowercase letter (a-z), and one uppercase letter (A-Z).
  • It can only contain the following characters: a-z, A-Z, 0-9, !, @, #, $, _
  • It must not start with a digit or an underscore ( _ )
-hana_system_usage | System Usage | Default: custom
Valid values: production, test, development, custom -hana_components | SAP HANA Components | Default: server
Valid values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp -kit_saphana_file | Path to SAP HANA ZIP file | As downloaded from SAP Support Portal -sap_sid | The SAP system ID identifies the entire SAP system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
-sap_ascs_instance_number | Technical identifier for internal processes of ASCS|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-sap_ci_instance_number | Technical identifier for internal processes of CI|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-sap_main_password | Common password for all users that are created during the installation |
  • It must be 10 to 14 characters long
  • It must contain at least one digit (0-9)
  • It can only contain the following characters: a-z, A-Z, 0-9, @, #, $, _
  • It must not start with a digit or an underscore ( _ )
-hdb_concurrent_jobs | Number of concurrent jobs used to load and/or extract archives to HANA Host | Default: 23 -kit_sapcar_file | Path to sapcar binary | As downloaded from SAP Support Portal -kit_swpm_file | Path to SWPM archive (SAR) | As downloaded from SAP Support Portal -kit_sapexe_file | Path to SAP Kernel OS archive (SAR) | As downloaded from SAP Support Portal -kit_sapexedb_file | Path to SAP Kernel DB archive (SAR) | As downloaded from SAP Support Portal -kit_igsexe_file | Path to IGS archive (SAR) | As downloaded from SAP Support Portal -kit_igshelper_file | Path to IGS Helper archive (SAR) | As downloaded from SAP Support Portal -kit_saphostagent_file | Path to SAP Host Agent archive (SAR) | As downloaded from SAP Support Portal -kit_hdbclient_file | Path to HANA DB client archive (SAR) | As downloaded from SAP Support Portal -kit_s4hana_export | Path to S/4HANA Installation Export dir | The archives downloaded from SAP Support Portal should be present in this path - -**Obs***:
-- Sensitive - The variable value is not displayed in your tf files details after terrafrorm plan&apply commands.
-- The following variables should be the same like the bastion ones: REGION, ZONE, VPC, SUBNET, SECURITY_GROUP. - -## VPC Configuration - -The Security Rules are the following: -- Allow all traffic in the Security group -- Allow all outbound traffic -- Allow inbound DNS traffic (UDP port 53) -- Allow inbound SSH traffic (TCP port 22) -- Option to Allow inbound TCP traffic with a custom port or a range of ports. - - -## Files description and structure: - - `modules` - directory containing the terraform modules - - `input.auto.tfvars` - contains the variables that will need to be edited by the user to customize the solution - - `integration-*.tf` - contains the integration code that brings the SAP variabiles from Terraform to Ansible. - - `main.tf` - contains the configuration of the VSI for SAP single tier deployment. - - `provider.tf` - contains the IBM Cloud Provider data in order to run `terraform init` command. - - `variables.tf` - contains variables for the VPC and VSI - - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider. - - `output.tf` - contains the code for the information to be displayed after the VSI is created (Hostname, Private IP, Public IP) - - -## Steps to follow: - -For initializing terraform: - -```shell -terraform init -``` - -For planning phase: - -```shell -terraform plan --out plan1 -# you will be asked for the following sensitive variables: 'ibmcloud_api_key', 'sap_main_password' and 'hana_main_password'. -``` - -For apply phase: - -```shell -terraform apply "plan1" -``` - -For destroy: - -```shell -terraform destroy -# you will be asked for the following sensitive variables as a destroy confirmation phase: 'ibmcloud_api_key', 'sap_main_password' and 'hana_main_password'. -``` - - -The Terraform version used for deployment should be >= 1.3.6. -Note: The deployment was tested with Terraform 1.3.6 - -### Related links: - -- [See how to create a BASTION/STORAGE VSI for SAP in IBM Schematics](https://github.com/IBM-Cloud/sap-bastion-setup) -- [Securely Access Remote Instances with a Bastion Host](https://www.ibm.com/cloud/blog/tutorial-securely-access-remote-instances-with-a-bastion-host) -- [VPNs for VPC overview: Site-to-site gateways and Client-to-site servers.](https://cloud.ibm.com/docs/vpc?topic=vpc-vpn-overview) diff --git a/cli/ansible/saphana.yml b/cli/ansible/saphana.yml deleted file mode 100644 index 1d243ff..0000000 --- a/cli/ansible/saphana.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- hosts: all - gather_facts: yes - pre_tasks: - - name: Import playbook variables - include_vars: "saphana-vars.yml" - roles: - - saphanareq - - saphanainst -... diff --git a/cli/integration-app.tf b/cli/integration-app.tf deleted file mode 100644 index 9e8d0bd..0000000 --- a/cli/integration-app.tf +++ /dev/null @@ -1,37 +0,0 @@ -# Export Terraform variable values to an Ansible var_file -resource "local_file" "app_ansible_saps4app-vars" { - depends_on = [ module.db-vsi ] - content = <<-DOC ---- -#Ansible vars_file containing variable values passed from Terraform. -#Generated by "terraform plan&apply" command. - -#SAP system configuration -sap_sid: "${var.sap_sid}" -sap_ascs_instance_number: "${var.sap_ascs_instance_number}" -sap_ci_instance_number: "${var.sap_ci_instance_number}" -sap_main_password: "${var.sap_main_password}" - -#HANA config -hdb_host: "${module.db-vsi.PRIVATE-IP}" -hdb_sid: "${var.hana_sid}" -app_profile: "${var.APP-PROFILE}" -hdb_instance_number: "${var.hana_sysno}" -hdb_main_password: "${var.hana_main_password}" -# Number of concurrent jobs used to load and/or extract archives to HANA Host -hdb_concurrent_jobs: "${var.hdb_concurrent_jobs}" - -#SAP S/4HANA APP Installation kit path -kit_sapcar_file: "${var.kit_sapcar_file}" -kit_swpm_file: "${var.kit_swpm_file}" -kit_sapexe_file: "${var.kit_sapexe_file}" -kit_sapexedb_file: "${var.kit_sapexedb_file}" -kit_igsexe_file: "${var.kit_igsexe_file}" -kit_igshelper_file: "${var.kit_igshelper_file}" -kit_saphotagent_file: "${var.kit_saphotagent_file}" -kit_hdbclient_file: "${var.kit_hdbclient_file}" -kit_s4hana_export: "${var.kit_s4hana_export}" -... - DOC - filename = "ansible/saps4app-vars.yml" -} diff --git a/cli/integration-db.tf b/cli/integration-db.tf deleted file mode 100644 index 4e04bea..0000000 --- a/cli/integration-db.tf +++ /dev/null @@ -1,29 +0,0 @@ -# Export Terraform variable values to an Ansible var_file -resource "local_file" "db_ansible_saphana-vars" { - depends_on = [ module.db-vsi ] - content = <<-DOC ---- -# Ansible vars_file containing variable values passed from Terraform. -# Generated by "terraform plan&apply" command. -hana_profile: "${var.DB-PROFILE}" - -# HANA DB configuration -hana_sid: "${var.hana_sid}" -hana_sysno: "${var.hana_sysno}" -hana_main_password: "${var.hana_main_password}" -hana_system_usage: "${var.hana_system_usage}" -hana_components: "${var.hana_components}" - -# SAP HANA Installation kit path -kit_saphana_file: "${var.kit_saphana_file}" -... - DOC - filename = "ansible/saphana-vars.yml" -} - -# Export Terraform variable values to an Ansible var_file -resource "local_file" "tf_ansible_hana_storage_generated_file" { - depends_on = [ module.db-vsi ] - source = "files/hana_volume_layout.json" - filename = "ansible/hana_volume_layout.json" -} diff --git a/cli/main.tf b/cli/main.tf deleted file mode 100644 index 65352e2..0000000 --- a/cli/main.tf +++ /dev/null @@ -1,58 +0,0 @@ -module "vpc-subnet" { - source = "./modules/vpc/subnet" - ZONE = var.ZONE - VPC = var.VPC - SECURITY_GROUP = var.SECURITY_GROUP - SUBNET = var.SUBNET -} - -module "db-vsi" { - source = "./modules/db-vsi" - ZONE = var.ZONE - VPC = var.VPC - SECURITY_GROUP = var.SECURITY_GROUP - SUBNET = var.SUBNET - RESOURCE_GROUP = var.RESOURCE_GROUP - HOSTNAME = var.DB-HOSTNAME - PROFILE = var.DB-PROFILE - IMAGE = var.DB-IMAGE - SSH_KEYS = var.SSH_KEYS -} - -module "app-vsi" { - source = "./modules/app-vsi" - depends_on = [ module.db-vsi ] - ZONE = var.ZONE - VPC = var.VPC - SECURITY_GROUP = var.SECURITY_GROUP - SUBNET = var.SUBNET - RESOURCE_GROUP = var.RESOURCE_GROUP - HOSTNAME = var.APP-HOSTNAME - PROFILE = var.APP-PROFILE - IMAGE = var.APP-IMAGE - SSH_KEYS = var.SSH_KEYS - VOLUME_SIZES = [ "40" , "128" ] - VOL_PROFILE = "10iops-tier" -} - -module "db-ansible-exec" { - source = "./modules/ansible-exec" - depends_on = [ module.db-vsi , local_file.db_ansible_saphana-vars, local_file.tf_ansible_hana_storage_generated_file ] - IP = module.db-vsi.PRIVATE-IP - PLAYBOOK_PATH = "ansible/saphana.yml" -} - -module "app-ansible-exec" { - source = "./modules/ansible-exec" - depends_on = [ module.db-ansible-exec , module.app-vsi , local_file.app_ansible_saps4app-vars ] - IP = module.app-vsi.PRIVATE-IP - PLAYBOOK_PATH = "ansible/saps4app.yml" -} - -module "sec-exec" { - source = "./modules/sec-exec" - depends_on = [ module.app-ansible-exec ] - IP = module.app-vsi.PRIVATE-IP - sap_main_password = var.sap_main_password - hana_main_password = var.hana_main_password -} diff --git a/cli/modules/ansible-exec/ansible-exec.tf b/cli/modules/ansible-exec/ansible-exec.tf deleted file mode 100644 index 79c5ae5..0000000 --- a/cli/modules/ansible-exec/ansible-exec.tf +++ /dev/null @@ -1,5 +0,0 @@ -resource "null_resource" "ansible-exec" { - provisioner "local-exec" { - command = "ansible-playbook -i ${var.IP}, ${var.PLAYBOOK_PATH}" - } -} diff --git a/cli/modules/ansible-exec/variables.tf b/cli/modules/ansible-exec/variables.tf deleted file mode 100644 index bf851da..0000000 --- a/cli/modules/ansible-exec/variables.tf +++ /dev/null @@ -1,9 +0,0 @@ -variable "IP" { - type = string - description = "IP used to execute ansible" -} - -variable "PLAYBOOK_PATH" { - type = string - description = "Path to the Ansible Playbook" -} diff --git a/cli/modules/app-vsi/variables.tf b/cli/modules/app-vsi/variables.tf deleted file mode 100644 index 5153b0a..0000000 --- a/cli/modules/app-vsi/variables.tf +++ /dev/null @@ -1,54 +0,0 @@ -variable "ZONE" { - type = string - description = "Cloud Zone" -} - -variable "VPC" { - type = string - description = "VPC name" -} - -variable "SUBNET" { - type = string - description = "Subnet name" -} - -variable "SECURITY_GROUP" { - type = string - description = "Security group name" -} - -variable "RESOURCE_GROUP" { - type = string - description = "Resource Group" -} - -variable "HOSTNAME" { - type = string - description = "VSI Hostname" -} - -variable "PROFILE" { - type = string - description = "VSI Profile" -} - -variable "IMAGE" { - type = string - description = "VSI OS Image" -} - -variable "SSH_KEYS" { - type = list(string) - description = "List of SSH Keys to access the VSI" -} - -variable "VOLUME_SIZES" { - type = list(string) - description = "List of volume sizes in GB to be created" -} - -variable "VOL_PROFILE" { - type = string - description = "Volume profile" -} diff --git a/cli/modules/db-vsi/variables.tf b/cli/modules/db-vsi/variables.tf deleted file mode 100644 index 201b44b..0000000 --- a/cli/modules/db-vsi/variables.tf +++ /dev/null @@ -1,63 +0,0 @@ -variable "ZONE" { - type = string - description = "Cloud Zone" -} - -variable "VPC" { - type = string - description = "VPC name" -} - -variable "SUBNET" { - type = string - description = "Subnet name" -} - -variable "SECURITY_GROUP" { - type = string - description = "Security group name" -} - -variable "RESOURCE_GROUP" { - type = string - description = "Resource Group" -} - -variable "HOSTNAME" { - type = string - description = "VSI Hostname" -} - -variable "PROFILE" { - type = string - description = "DB VSI Profile." - default = "mx2-16x128" -} - -variable "IMAGE" { - type = string - description = "VSI OS Image" -} - -variable "SSH_KEYS" { - type = list(string) - description = "List of SSH Keys to access the VSI" -} - -locals { - HANA_PROCESSING_TYPE = "All" - # HANA_PROCESSING_TYPE with accepted values: "All", "OLAP", "OLTP" "SAP Business One"- if needed for future development - ALL_HANA_CERTIFIED_STORAGE = jsondecode(file("${path.root}/files/hana_volume_layout.json")) - HANA_PROCESSING_TYPE_JSON = replace(trimspace(lower(local.HANA_PROCESSING_TYPE)), " ", "_") - PROCESSING_TYPE_FOUND = local.HANA_PROCESSING_TYPE_JSON == "all" ? true : contains(keys(local.ALL_HANA_CERTIFIED_STORAGE["profiles"]["${var.PROFILE}"]["processing_type"]), local.HANA_PROCESSING_TYPE_JSON) - OS_FROM_IMAGE = replace(replace(trimspace(lower(var.IMAGE)), "ibm-", ""), "/-amd64-sap-hana-.*/", "") - ALL_OS_TYPES = [] - OS_FOR_ALL_PROCESSING_TYPES = local.PROCESSING_TYPE_FOUND == true ? flatten([ for k in keys(local.ALL_HANA_CERTIFIED_STORAGE["profiles"]["${var.PROFILE}"]["processing_type"]) : concat(local.ALL_OS_TYPES, local.ALL_HANA_CERTIFIED_STORAGE["profiles"]["${var.PROFILE}"]["processing_type"]["${k}"])]) : [] - OS_TYPE_FOUND = local.PROCESSING_TYPE_FOUND == true ? (local.HANA_PROCESSING_TYPE_JSON == "all" ? contains(local.OS_FOR_ALL_PROCESSING_TYPES, "${lower(local.OS_FROM_IMAGE)}") : contains(local.ALL_HANA_CERTIFIED_STORAGE["profiles"]["${var.PROFILE}"]["processing_type"]["${local.HANA_PROCESSING_TYPE_JSON}"], "${lower(local.OS_FROM_IMAGE)}")) : false - CURRENT_STORAGE_CERTIFIED = local.PROCESSING_TYPE_FOUND == true && local.OS_TYPE_FOUND == true ? local.ALL_HANA_CERTIFIED_STORAGE.profiles["${var.PROFILE}"]["storage"]: null - # Define VOLUMES_STRUCTURE tuple for preserving the order of the elements in hash (to make sure the order for the elements in VOLUME_SIZES and VOL_PROFILE is the same) - VOLUMES_STRUCTURE = local.PROCESSING_TYPE_FOUND == true && local.OS_TYPE_FOUND == true ? flatten([ for k, v in local.CURRENT_STORAGE_CERTIFIED : v ]) : null - VOLUME_SIZES = local.PROCESSING_TYPE_FOUND == true && local.OS_TYPE_FOUND == true ? flatten([ for k in range(length(local.VOLUMES_STRUCTURE)) : [ [for _ in range(local.VOLUMES_STRUCTURE[k]["disk_count"]) : local.VOLUMES_STRUCTURE[k]["disk_size"]]]]) : [] - VOL_PROFILE = local.PROCESSING_TYPE_FOUND == true && local.OS_TYPE_FOUND == true ? flatten([ for k in range(length(local.VOLUMES_STRUCTURE)) : [ [for _ in range(local.VOLUMES_STRUCTURE[k]["disk_count"]) : local.VOLUMES_STRUCTURE[k]["iops"]]]]) : [] - DISPLAY_CRT_STORAGE = local.PROCESSING_TYPE_FOUND == true && local.OS_TYPE_FOUND == true ? { for k, v in local.CURRENT_STORAGE_CERTIFIED : k => { for j, m in v : j => m if j != "lvm" && j != "fs_type" && j != "mount_point" }} : null -} diff --git a/cli/modules/sec-exec/sec-exec.tf b/cli/modules/sec-exec/sec-exec.tf deleted file mode 100644 index fc22563..0000000 --- a/cli/modules/sec-exec/sec-exec.tf +++ /dev/null @@ -1,12 +0,0 @@ -resource "null_resource" "sec-exec" { - - provisioner "local-exec" { - command = "sed -i 's/${var.sap_main_password}/xxxxxxxx/' terraform.tfstate" - } - provisioner "local-exec" { - command = "sed -i 's/${var.hana_main_password}/xxxxxxxx/' terraform.tfstate" - } - provisioner "local-exec" { - command = "sleep 20; rm -rf ansible/*-vars.yml; rm -f ansible/hana_volume_layout.json" - } -} diff --git a/cli/modules/sec-exec/variables.tf b/cli/modules/sec-exec/variables.tf deleted file mode 100644 index 880fd7e..0000000 --- a/cli/modules/sec-exec/variables.tf +++ /dev/null @@ -1,16 +0,0 @@ -variable "IP" { - type = string - description = "IP used to execute ansible" -} - -variable "sap_main_password" { - type = string - sensitive = true - description = "sap_main_password" -} - -variable "hana_main_password" { - type = string - sensitive = true - description = "hana_main_password" -} diff --git a/cli/output.tf b/cli/output.tf deleted file mode 100644 index 9e4318a..0000000 --- a/cli/output.tf +++ /dev/null @@ -1,19 +0,0 @@ -output "DB-HOSTNAME" { - value = module.db-vsi.HOSTNAME -} - -output "DB-PRIVATE-IP" { - value = module.db-vsi.PRIVATE-IP -} - -output "DB-STORAGE-LAYOUT" { - value = module.db-vsi.STORAGE-LAYOUT -} - -output "APP-HOSTNAME" { - value = module.app-vsi.HOSTNAME -} - -output "APP-PRIVATE-IP" { - value = module.app-vsi.PRIVATE-IP -} diff --git a/cli/provider.tf b/cli/provider.tf deleted file mode 100644 index 44e93a6..0000000 --- a/cli/provider.tf +++ /dev/null @@ -1,13 +0,0 @@ -variable "ibmcloud_api_key" { - description = "IBM Cloud API key" - sensitive = true - validation { - condition = length(var.ibmcloud_api_key) > 43 #&& substr(var.ibmcloud_api_key, 14, 15) == "-" - error_message = "The ibmcloud_api_key value must be a valid IBM Cloud API key." - } -} - -provider "ibm" { - ibmcloud_api_key = var.ibmcloud_api_key - region = var.REGION -} diff --git a/cli/variables.tf b/cli/variables.tf deleted file mode 100644 index fae9e7f..0000000 --- a/cli/variables.tf +++ /dev/null @@ -1,269 +0,0 @@ -variable "REGION" { - type = string - description = "Cloud Region" - validation { - condition = contains(["au-syd", "jp-osa", "jp-tok", "eu-de", "eu-gb", "ca-tor", "us-south", "us-east", "br-sao"], var.REGION ) - error_message = "The REGION must be one of: au-syd, jp-osa, jp-tok, eu-de, eu-gb, ca-tor, us-south, us-east, br-sao." - } -} - -variable "ZONE" { - type = string - description = "Cloud Zone" - validation { - condition = length(regexall("^(au-syd|jp-osa|jp-tok|eu-de|eu-gb|ca-tor|us-south|us-east|br-sao)-(1|2|3)$", var.ZONE)) > 0 - error_message = "The ZONE is not valid." - } -} - -variable "VPC" { - type = string - description = "EXISTING VPC name" - validation { - condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.VPC)) > 0 - error_message = "The VPC name is not valid." - } -} - -variable "SUBNET" { - type = string - description = "EXISTING Subnet name" - validation { - condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.SUBNET)) > 0 - error_message = "The SUBNET name is not valid." - } -} - -variable "SECURITY_GROUP" { - type = string - description = "EXISTING Security group name" - validation { - condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.SECURITY_GROUP)) > 0 - error_message = "The SECURITY_GROUP name is not valid." - } -} - -variable "RESOURCE_GROUP" { - type = string - description = "EXISTING Resource Group for VSIs and Volumes" - default = "Default" -} - -variable "SSH_KEYS" { - type = list(string) - description = "SSH Keys ID list to access the VSI" - validation { - condition = var.SSH_KEYS == [] ? false : true && var.SSH_KEYS == [""] ? false : true - error_message = "At least one SSH KEY is needed to be able to access the VSI." - } -} - -variable "DB-HOSTNAME" { - type = string - description = "DB VSI Hostname" - validation { - condition = length(var.DB-HOSTNAME) <= 13 && length(regexall("^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$", var.DB-HOSTNAME)) > 0 - error_message = "The DB-HOSTNAME is not valid." - } -} - -variable "DB-PROFILE" { - type = string - description = "DB VSI Profile. The certified profiles for SAP HANA in IBM VPC: https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc" - default = "mx2-16x128" - validation { - condition = contains(keys(jsondecode(file("files/hana_volume_layout.json")).profiles), "${var.DB-PROFILE}") - error_message = "The chosen storage PROFILE for HANA VSI \"${var.DB-PROFILE}\" is not a certified storage profile. Please, chose the appropriate certified storage PROFILE for the HANA VSI from https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc . Make sure the selected PROFILE is certified for the selected OS type and for the proceesing type (SAP Business One, OLTP, OLAP)" - } -} - -variable "DB-IMAGE" { - type = string - description = "DB VSI OS Image" - default = "ibm-redhat-8-6-amd64-sap-hana-2" - validation { - condition = length(regexall("^(ibm-redhat-8-(4|6)-amd64-sap-hana|ibm-sles-15-(3|4)-amd64-sap-hana)-[0-9][0-9]*", var.DB-IMAGE)) > 0 - error_message = "The OS SAP DB-IMAGE must be one of \"ibm-sles-15-3-amd64-sap-hana-x\", \"ibm-sles-15-4-amd64-sap-hana-x\", \"ibm-redhat-8-4-amd64-sap-hana-2\" or \"ibm-redhat-8-6-amd64-sap-hana-x\"." - } -} - -variable "APP-HOSTNAME" { - type = string - description = "APP VSI Hostname" - validation { - condition = length(var.APP-HOSTNAME) <= 13 && length(regexall("^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$", var.APP-HOSTNAME)) > 0 - error_message = "The APP-HOSTNAME is not valid." - } -} - -variable "APP-PROFILE" { - type = string - description = "VSI Profile" - default = "bx2-4x16" -} - -variable "APP-IMAGE" { - type = string - description = "VSI OS Image" - default = "ibm-redhat-8-6-amd64-sap-applications-2" -} - -variable "hana_sid" { - type = string - description = "hana_sid" - default = "HDB" - validation { - condition = length(regexall("^[a-zA-Z][a-zA-Z0-9][a-zA-Z0-9]$", var.hana_sid)) > 0 - error_message = "The hana_sid is not valid." - } -} - -variable "hana_sysno" { - type = string - description = "hana_sysno" - default = "00" - validation { - condition = var.hana_sysno >= 0 && var.hana_sysno <=97 - error_message = "The hana_sysno is not valid." - } -} - -variable "hana_main_password" { - type = string - sensitive = true - description = "hana_main_password" - validation { - condition = length(regexall("^(.{0,7}|.{15,}|[^0-9a-zA-Z]*)$", var.hana_main_password)) == 0 && length(regexall("^[^0-9_][0-9a-zA-Z!@#$_]+$", var.hana_main_password)) > 0 - error_message = "The hana_main_password is not valid." - } -} - -variable "hana_system_usage" { - type = string - description = "hana_system_usage" - default = "custom" - validation { - condition = contains(["production", "test", "development", "custom" ], var.hana_system_usage ) - error_message = "The hana_system_usage must be one of: production, test, development, custom." - } -} - -variable "hana_components" { - type = string - description = "hana_components" - default = "server" - validation { - condition = contains(["all", "client", "es", "ets", "lcapps", "server", "smartda", "streaming", "rdsync", "xs", "studio", "afl", "sca", "sop", "eml", "rme", "rtl", "trp" ], var.hana_components ) - error_message = "The hana_components must be one of: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp." - } -} - -variable "kit_saphana_file" { - type = string - description = "kit_saphana_file" - default = "51055299.ZIP" -} - -variable "sap_sid" { - type = string - description = "sap_sid" - default = "S4A" - validation { - condition = length(regexall("^[a-zA-Z][a-zA-Z0-9][a-zA-Z0-9]$", var.sap_sid)) > 0 - error_message = "The sap_sid is not valid." - } -} - -variable "sap_ascs_instance_number" { - type = string - description = "sap_ascs_instance_number" - default = "01" - validation { - condition = var.sap_ascs_instance_number >= 0 && var.sap_ascs_instance_number <=97 - error_message = "The sap_ascs_instance_number is not valid." - } -} - -variable "sap_ci_instance_number" { - type = string - description = "sap_ci_instance_number" - default = "00" - validation { - condition = var.sap_ci_instance_number >= 0 && var.sap_ci_instance_number <=97 - error_message = "The sap_ci_instance_number is not valid." - } -} - -variable "sap_main_password" { - type = string - sensitive = true - description = "sap_main_password" - validation { - condition = length(regexall("^(.{0,9}|.{15,}|[^0-9]*)$", var.sap_main_password)) == 0 && length(regexall("^[^0-9_][0-9a-zA-Z@#$_]+$", var.sap_main_password)) > 0 - error_message = "The sap_main_password is not valid." - } -} - -variable "hdb_concurrent_jobs" { - type = string - description = "hdb_concurrent_jobs" - default = "23" - validation { - condition = var.hdb_concurrent_jobs >= 1 && var.hdb_concurrent_jobs <=25 - error_message = "The hdb_concurrent_jobs is not valid." - } -} - -variable "kit_sapcar_file" { - type = string - description = "kit_sapcar_file" - default = "SAPCAR_1010-70006178.EXE" -} - -variable "kit_swpm_file" { - type = string - description = "kit_swpm_file" - default = "SWPM20SP09_4-80003424.SAR" -} - -variable "kit_sapexe_file" { - type = string - description = "kit_sapexe_file" - default = "SAPEXE_100-70005283.SAR" -} - -variable "kit_sapexedb_file" { - type = string - description = "kit_sapexedb_file" - default = "SAPEXEDB_100-70005282.SAR" -} - -variable "kit_igsexe_file" { - type = string - description = "kit_igsexe_file" - default = "igsexe_1-70005417.sar" -} - -variable "kit_igshelper_file" { - type = string - description = "kit_igshelper_file" - default = "igshelper_17-10010245.sar" -} - -variable "kit_saphotagent_file" { - type = string - description = "kit_saphotagent_file" - default = "SAPHOSTAGENT51_51-20009394.SAR" -} - -variable "kit_hdbclient_file" { - type = string - description = "kit_hdbclient_file" - default = "IMDB_CLIENT20_009_28-80002082.SAR" -} - -variable "kit_s4hana_export" { - type = string - description = "kit_s4hana_export" - default = "/S4HANA/export" -} diff --git a/cli/files/hana_volume_layout.json b/files/hana_volume_layout.json similarity index 100% rename from cli/files/hana_volume_layout.json rename to files/hana_volume_layout.json diff --git a/generate-sap-paths.tf b/generate-sap-paths.tf new file mode 100644 index 0000000..0a8b062 --- /dev/null +++ b/generate-sap-paths.tf @@ -0,0 +1,16 @@ +# List SAP PATHS +resource "local_file" "KIT_SAP_PATHS" { + content = <<-DOC +${var.KIT_SAPHANA_FILE} +${var.KIT_SAPCAR_FILE} +${var.KIT_SWPM_FILE} +${var.KIT_SAPEXE_FILE} +${var.KIT_SAPEXEDB_FILE} +${var.KIT_IGSEXE_FILE} +${var.KIT_IGSHELPER_FILE} +${var.KIT_SAPHOSTAGENT_FILE} +${var.KIT_HDBCLIENT_FILE} +${var.KIT_S4HANA_EXPORT}/* + DOC + filename = "modules/precheck-ssh-exec/sap-paths-${var.DB_HOSTNAME}" +} diff --git a/cli/input.auto.tfvars b/input.auto.tfvars similarity index 71% rename from cli/input.auto.tfvars rename to input.auto.tfvars index 935197a..2e83c3d 100644 --- a/cli/input.auto.tfvars +++ b/input.auto.tfvars @@ -2,65 +2,74 @@ # General VPC variables: ###################################################### -REGION = "eu-de" +REGION = "" # Region for the VSI. Supported regions: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc +# Edit the variable value with your deployment Region. # Example: REGION = "eu-de" -ZONE = "eu-de-2" +ZONE = "" # Availability zone for VSI. Supported zones: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc -# Example: ZONE = "eu-de-2" +# Edit the variable value with your deployment Zone. +# Example: ZONE = "eu-de-1" -VPC = "ic4sap" +VPC = "" # EXISTING VPC, previously created by the user in the same region as the VSI. The list of available VPCs: https://cloud.ibm.com/vpc-ext/network/vpcs # Example: VPC = "ic4sap" -SECURITY_GROUP = "ic4sap-securitygroup" +SECURITY_GROUP = "" # EXISTING Security group, previously created by the user in the same VPC. The list of available Security Groups: https://cloud.ibm.com/vpc-ext/network/securityGroups # Example: SECURITY_GROUP = "ic4sap-securitygroup" -RESOURCE_GROUP = "wes-automation" +RESOURCE_GROUP = "" # EXISTING Resource group, previously created by the user. The list of available Resource Groups: https://cloud.ibm.com/account/resource-groups # Example: RESOURCE_GROUP = "wes-automation" -SUBNET = "ic4sap-ed2-subnet" +SUBNET = "" # EXISTING Subnet in the same region and zone as the VSI, previously created by the user. The list of available Subnets: https://cloud.ibm.com/vpc-ext/network/subnets # Example: SUBNET = "ic4sap-subnet" -SSH_KEYS = ["r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-e372fc6f-4aef-4bdf-ade6-c4b7c1ad61ca", "r010-09325e15-15be-474e-9b3b-21827b260717", "r010-5cfdb578-fc66-4bf7-967e-f5b4a8d03b89" , "r010-7b85d127-7493-4911-bdb7-61bf40d3c7d4", "r010-771e15dd-8081-4cca-8844-445a40e6a3b3", "r010-d941534b-1d30-474e-9494-c26a88d4cda3"] +SSH_KEYS = [""] # List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. The SSH Keys should be created for the same region as the VSI. The list of available SSH Keys UUIDs: https://cloud.ibm.com/vpc-ext/compute/sshKeys # Example: SSH_KEYS = ["r010-8f72b994-c17f-4500-af8f-d05680374t3c", "r011-8f72v884-c17f-4500-af8f-d05900374t3c"] +ID_RSA_FILE_PATH = "ansible/id_rsa" +# Input your existing id_rsa private key file path in OpenSSH format with 0600 permissions. +# This private key it is used only during the terraform provisioning and it is recommended to be changed after the SAP deployment. +# It must contain the relative or absoute path from your Bastion. +# Examples: "ansible/id_rsa_s4hana" , "~/.ssh/id_rsa_s4hana" , "/root/.ssh/id_rsa". + + ########################################################## # DB VSI variables: ########################################################## -DB-HOSTNAME = "saps4hnmar1" +DB_HOSTNAME = "" # The Hostname for the DB VSI. The hostname should be up to 13 characters, as required by SAP -# Example: HOSTNAME = "ic4sap" +# Example: DB_HOSTNAME = "icp4sapdb" -DB-PROFILE = "mx2-16x128" +DB_PROFILE = "mx2-16x128" # The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs: https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc # Details about all x86 instance profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles). # For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211) # Default value: "mx2-16x128" -DB-IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" +DB_IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" # OS image for DB VSI. Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-sles-15-4-amd64-sap-hana-3, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-8-6-amd64-sap-hana-2. # The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images -# Example: DB-IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" +# Example: DB_IMAGE = "ibm-sles-15-4-amd64-sap-hana-3" ########################################################## # SAP APP VSI variables: ########################################################## -APP-HOSTNAME = "saps4apmar1" +APP_HOSTNAME = "" # The Hostname for the SAP APP VSI. The hostname should be up to 13 characters, as required by SAP -# Example: HOSTNAME = "ic4sap" +# Example: APP_HOSTNAME = "icp4sapapp" -APP-PROFILE = "bx2-4x16" +APP_PROFILE = "bx2-4x16" # The APP VSI profile. Supported profiles: bx2-4x16. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui -APP-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" +APP_IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" # OS image for SAP APP VSI. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-sles-15-4-amd64-sap-applications-4, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-8-6-amd64-sap-applications-3. # The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images # Example: APP-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" @@ -69,57 +78,55 @@ APP-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" # SAP HANA configuration ########################################################## -hana_sid = "HDB" +HANA_SID = "HDB" # SAP HANA system ID. Should follow the SAP rules for SID naming. -# Example: hana_sid = "HDB" +# Example: HANA_SID = "HDB" -hana_sysno = "00" +HANA_SYSNO = "00" # SAP HANA instance number. Should follow the SAP rules for instance number naming. -# Example: hana_sysno = "01" +# Example: HANA_SYSNO = "01" -hana_system_usage = "custom" +HANA_SYSTEM_USAGE = "custom" # System usage. Default: custom. Suported values: production, test, development, custom -# Example: hana_system_usage = "custom" +# Example: HANA_SYSTEM_USAGE = "custom" -hana_components = "server" +HANA_COMPONENTS = "server" # SAP HANA Components. Default: server. Supported values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp -# Example: hana_components = "server" +# Example: HANA_COMPONENTS = "server" -kit_saphana_file = "/storage/HANADB/51055299.ZIP" +KIT_SAPHANA_FILE = "/storage/HANADB/51055299.ZIP" # SAP HANA Installation kit path # Supported SAP HANA versions on Red Hat 8.4 and Suse 15.3: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP -# Supported SAP HANA versions on Red Hat 7.6: HANA 2.0 SP 5 Rev 52, kit file: 51054623.ZIP -# Example for Red Hat 7: kit_saphana_file = "/storage/HANADB/51054623.ZIP" -# Example for Red Hat 8 or Suse 15: kit_saphana_file = "/storage/HANADB/51055299.ZIP" +# Example for Red Hat 8 or Suse 15: KIT_SAPHANA_FILE = "/storage/HANADB/51055299.ZIP" ########################################################## # SAP system configuration ########################################################## -sap_sid = "S4A" +SAP_SID = "S4A" # SAP System ID -sap_ascs_instance_number = "01" +SAP_ASCS_INSTANCE_NUMBER = "01" # The central ABAP service instance number. Should follow the SAP rules for instance number naming. -# Example: sap_ascs_instance_number = "01" +# Example: SAP_ASCS_INSTANCE_NUMBER = "01" -sap_ci_instance_number = "00" +SAP_CI_INSTANCE_NUMBER = "00" # The SAP central instance number. Should follow the SAP rules for instance number naming. -# Example: sap_ci_instance_number = "06" +# Example: SAP_CI_INSTANCE_NUMBER = "06" -hdb_concurrent_jobs = "23" +HDB_CONCURRENT_JOBS = "23" # Number of concurrent jobs used to load and/or extract archives to HANA Host ########################################################## # SAP S/4HANA APP Kit Paths ########################################################## -kit_sapcar_file = "/storage/S4HANA/SAPCAR_1010-70006178.EXE" -kit_swpm_file = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR" -kit_sapexe_file = "/storage/S4HANA/SAPEXE_100-70005283.SAR" -kit_sapexedb_file = "/storage/S4HANA/SAPEXEDB_100-70005282.SAR" -kit_igsexe_file = "/storage/S4HANA/igsexe_1-70005417.sar" -kit_igshelper_file = "/storage/S4HANA/igshelper_17-10010245.sar" -kit_saphotagent_file = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR" -kit_hdbclient_file = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR" -kit_s4hana_export = "/storage/S4HANA/export" +KIT_SAPCAR_FILE = "/storage/S4HANA/SAPCAR_1010-70006178.EXE" +KIT_SWPM_FILE = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR" +KIT_SAPEXE_FILE = "/storage/S4HANA/SAPEXE_100-70005283.SAR" +KIT_SAPEXEDB_FILE = "/storage/S4HANA/SAPEXEDB_100-70005282.SAR" +KIT_IGSEXE_FILE = "/storage/S4HANA/igsexe_1-70005417.sar" +KIT_IGSHELPER_FILE = "/storage/S4HANA/igshelper_17-10010245.sar" +KIT_SAPHOSTAGENT_FILE = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR" +KIT_HDBCLIENT_FILE = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR" +KIT_S4HANA_EXPORT = "/storage/S4HANA/export" diff --git a/integration.tf b/integration.tf new file mode 100644 index 0000000..91aecdf --- /dev/null +++ b/integration.tf @@ -0,0 +1,84 @@ +#### Ansible inventory. +resource "local_file" "ansible_inventory" { + depends_on = [ module.app-vsi ] + content = <<-DOC +all: + hosts: + db_host: + ansible_host: "${data.ibm_is_instance.db-vsi.primary_network_interface[0].primary_ip[0].address}" + app_host: + ansible_host: "${data.ibm_is_instance.app-vsi.primary_network_interface[0].primary_ip[0].address}" + DOC + filename = "ansible/inventory.yml" +} + + +# Export Terraform variable values to an Ansible var_file +resource "local_file" "app_ansible_saps4app-vars" { + depends_on = [ module.db-vsi ] + content = <<-DOC +--- +#Ansible vars_file containing variable values passed from Terraform. +#Generated by "terraform plan&apply" command. + +#SAP system configuration +sap_sid: "${var.SAP_SID}" +app_profile: "${var.APP_PROFILE}" +sap_ascs_instance_number: "${var.SAP_ASCS_INSTANCE_NUMBER}" +sap_ci_instance_number: "${var.SAP_CI_INSTANCE_NUMBER}" +sap_main_password: "${var.SAP_MAIN_PASSWORD}" +#db_host: "${module.db-vsi.PRIVATE-IP}" +#db_hostname: "${var.DB_HOSTNAME}" + +#HANA config +hdb_host: "${module.db-vsi.PRIVATE-IP}" +hdb_sid: "${var.HANA_SID}" +hdb_instance_number: "${var.HANA_SYSNO}" +hdb_main_password: "${var.HANA_MAIN_PASSWORD}" +# Number of concurrent jobs used to load and/or extract archives to HANA Host +hdb_concurrent_jobs: "${var.HDB_CONCURRENT_JOBS}" + + +#SAP S4HANA APP Installation kit path +kit_sapcar_file: "${var.KIT_SAPCAR_FILE}" +kit_swpm_file: "${var.KIT_SWPM_FILE}" +kit_sapexe_file: "${var.KIT_SAPEXE_FILE}" +kit_sapexedb_file: "${var.KIT_SAPEXEDB_FILE}" +kit_igsexe_file: "${var.KIT_IGSEXE_FILE}" +kit_igshelper_file: "${var.KIT_IGSHELPER_FILE}" +kit_saphotagent_file: "${var.KIT_SAPHOSTAGENT_FILE}" +kit_hdbclient_file: "${var.KIT_HDBCLIENT_FILE}" +kit_s4hana_export: "${var.KIT_S4HANA_EXPORT}" +... + DOC + filename = "ansible/saps4app-vars.yml" +} +# Export Terraform variable values to an Ansible var_file +resource "local_file" "db_ansible_saphana-vars" { + depends_on = [ module.db-vsi ] + content = <<-DOC +--- +# Ansible vars_file containing variable values passed from Terraform. +# Generated by "terraform plan&apply" command. +hana_profile: "${var.DB_PROFILE}" + +#HANA DB configuration +hana_sid: "${var.HANA_SID}" +hana_sysno: "${var.HANA_SYSNO}" +hana_main_password: "${var.HANA_MAIN_PASSWORD}" +hana_system_usage: "${var.HANA_SYSTEM_USAGE}" +hana_components: "${var.HANA_COMPONENTS}" + +# SAP HANA Installation kit path +kit_saphana_file: "${var.KIT_SAPHANA_FILE}" +... + DOC + filename = "ansible/saphana-vars.yml" +} + +# Export Terraform variable values to an Ansible var_file +resource "local_file" "tf_ansible_hana_storage_generated_file" { + depends_on = [ module.db-vsi ] + source = "files/hana_volume_layout.json" + filename = "ansible/hana_volume_layout.json" +} diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..e42a502 --- /dev/null +++ b/main.tf @@ -0,0 +1,94 @@ +module "pre-init-schematics" { + source = "./modules/pre-init" + count = (var.PRIVATE_SSH_KEY == "n.a" && var.BASTION_FLOATING_IP == "localhost" ? 0 : 1) + ID_RSA_FILE_PATH = var.ID_RSA_FILE_PATH + PRIVATE_SSH_KEY = var.PRIVATE_SSH_KEY +} + +module "pre-init-cli" { + source = "./modules/pre-init/cli" + count = (var.PRIVATE_SSH_KEY == "n.a" && var.BASTION_FLOATING_IP == "localhost" ? 1 : 0) + ID_RSA_FILE_PATH = var.ID_RSA_FILE_PATH + KIT_SAPCAR_FILE = var.KIT_SAPCAR_FILE + KIT_SWPM_FILE = var.KIT_SWPM_FILE + KIT_SAPEXE_FILE = var.KIT_SAPEXE_FILE + KIT_SAPEXEDB_FILE = var.KIT_SAPEXEDB_FILE + KIT_IGSEXE_FILE = var.KIT_IGSEXE_FILE + KIT_IGSHELPER_FILE = var.KIT_IGSHELPER_FILE + KIT_SAPHOSTAGENT_FILE = var.KIT_SAPHOSTAGENT_FILE + KIT_HDBCLIENT_FILE = var.KIT_HDBCLIENT_FILE + KIT_S4HANA_EXPORT = var.KIT_S4HANA_EXPORT +} + +module "precheck-ssh-exec" { + source = "./modules/precheck-ssh-exec" + count = (var.PRIVATE_SSH_KEY == "n.a" && var.BASTION_FLOATING_IP == "localhost" ? 0 : 1) + depends_on = [ module.pre-init-schematics ] + BASTION_FLOATING_IP = var.BASTION_FLOATING_IP + ID_RSA_FILE_PATH = var.ID_RSA_FILE_PATH + PRIVATE_SSH_KEY = var.PRIVATE_SSH_KEY + HOSTNAME = var.DB_HOSTNAME + SECURITY_GROUP = var.SECURITY_GROUP +} + +module "vpc-subnet" { + source = "./modules/vpc/subnet" + depends_on = [ module.precheck-ssh-exec ] + ZONE = var.ZONE + VPC = var.VPC + SECURITY_GROUP = var.SECURITY_GROUP + SUBNET = var.SUBNET +} + +module "db-vsi" { + source = "./modules/db-vsi" + depends_on = [ module.precheck-ssh-exec ] + ZONE = var.ZONE + VPC = var.VPC + SECURITY_GROUP = var.SECURITY_GROUP + SUBNET = var.SUBNET + HOSTNAME = var.DB_HOSTNAME + PROFILE = var.DB_PROFILE + IMAGE = var.DB_IMAGE + RESOURCE_GROUP = var.RESOURCE_GROUP + SSH_KEYS = var.SSH_KEYS +} + +module "app-vsi" { + source = "./modules/app-vsi" + depends_on = [ module.db-vsi ] + ZONE = var.ZONE + VPC = var.VPC + SECURITY_GROUP = var.SECURITY_GROUP + SUBNET = var.SUBNET + HOSTNAME = var.APP_HOSTNAME + PROFILE = var.APP_PROFILE + IMAGE = var.APP_IMAGE + RESOURCE_GROUP = var.RESOURCE_GROUP + SSH_KEYS = var.SSH_KEYS + VOLUME_SIZES = [ "40" , "128" ] + VOL_PROFILE = "10iops-tier" +} + +module "app-ansible-exec-schematics" { + source = "./modules/ansible-exec" + depends_on = [ module.app-vsi, local_file.ansible_inventory, local_file.db_ansible_saphana-vars, local_file.app_ansible_saps4app-vars, local_file.tf_ansible_hana_storage_generated_file ] + count = (var.PRIVATE_SSH_KEY == "n.a" && var.BASTION_FLOATING_IP == "localhost" ? 0 : 1) + IP = data.ibm_is_instance.db-vsi.primary_network_interface[0].primary_ip[0].address + PLAYBOOK = "sap-s-hana.yml" + BASTION_FLOATING_IP = var.BASTION_FLOATING_IP + ID_RSA_FILE_PATH = var.ID_RSA_FILE_PATH + PRIVATE_SSH_KEY = var.PRIVATE_SSH_KEY + +} + +module "ansible-exec-cli" { + source = "./modules/ansible-exec/cli" + depends_on = [ module.app-vsi, local_file.ansible_inventory, local_file.db_ansible_saphana-vars, local_file.app_ansible_saps4app-vars, local_file.tf_ansible_hana_storage_generated_file ] + count = (var.PRIVATE_SSH_KEY == "n.a" && var.BASTION_FLOATING_IP == "localhost" ? 1 : 0) + IP = data.ibm_is_instance.db-vsi.primary_network_interface[0].primary_ip[0].address + ID_RSA_FILE_PATH = var.ID_RSA_FILE_PATH + SAP_MAIN_PASSWORD = var.SAP_MAIN_PASSWORD + PLAYBOOK = "sap-s-hana.yml" +} + diff --git a/schematics/modules/ansible-exec/check.ansible.sh b/modules/ansible-exec/check.ansible.sh similarity index 100% rename from schematics/modules/ansible-exec/check.ansible.sh rename to modules/ansible-exec/check.ansible.sh diff --git a/modules/ansible-exec/cli/ansible-exec.tf b/modules/ansible-exec/cli/ansible-exec.tf new file mode 100644 index 0000000..f2b2afc --- /dev/null +++ b/modules/ansible-exec/cli/ansible-exec.tf @@ -0,0 +1,15 @@ +resource "null_resource" "ansible-exec" { + + provisioner "local-exec" { + command = "ansible-playbook --private-key ${var.ID_RSA_FILE_PATH} -i ansible/inventory.yml ansible/${var.PLAYBOOK} " + } + + provisioner "local-exec" { + command = "sed -i 's/${var.SAP_MAIN_PASSWORD}/xxxxxxxx/' terraform.tfstate" + } + + provisioner "local-exec" { + command = "sleep 20; rm -rf ansible/*-vars.yml" + } +} + diff --git a/modules/ansible-exec/cli/variables.tf b/modules/ansible-exec/cli/variables.tf new file mode 100644 index 0000000..303c878 --- /dev/null +++ b/modules/ansible-exec/cli/variables.tf @@ -0,0 +1,20 @@ +variable "PLAYBOOK" { + type = string + description = "Path to the Ansible Playbook" +} + +variable "IP" { + type = string + description = "IP used by ansible" +} + +variable "SAP_MAIN_PASSWORD" { + type = string + description = "SAP_MAIN_PASSWORD" +} + +variable "ID_RSA_FILE_PATH" { + nullable = false + description = "Input your id_rsa private key file path in OpenSSH format." +} + diff --git a/cli/modules/ansible-exec/versions.tf b/modules/ansible-exec/cli/versions.tf similarity index 100% rename from cli/modules/ansible-exec/versions.tf rename to modules/ansible-exec/cli/versions.tf diff --git a/modules/ansible-exec/error.sh b/modules/ansible-exec/error.sh new file mode 100644 index 0000000..1c0b3b9 --- /dev/null +++ b/modules/ansible-exec/error.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +while [ `cat /tmp/ansible.$SAP_DEPLOYMENT-$IP.log | egrep -i "failed\=[^0]|unreachable\=[^0]|UNREACHABLE\!|ERROR\!" | wc -l` -ge 1 ] +do + echo -e "Ansible deployment ERROR: \n `cat /tmp/ansible.$SAP_DEPLOYMENT-$IP.log | egrep -i "failed\=[^0]|unreachable\=[^0]|UNREACHABLE\!|ERROR\!"`";sleep 10 + +done + diff --git a/modules/ansible-exec/remote-exec.tf b/modules/ansible-exec/remote-exec.tf new file mode 100644 index 0000000..b783879 --- /dev/null +++ b/modules/ansible-exec/remote-exec.tf @@ -0,0 +1,181 @@ +resource "null_resource" "ansible-exec" { + + connection { + type = "ssh" + user = "root" + host = var.BASTION_FLOATING_IP + private_key = var.PRIVATE_SSH_KEY + timeout = "2m" + } + + + provisioner "file" { + source = "ansible" + destination = "/tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}" + } + + provisioner "file" { + source = "${var.ID_RSA_FILE_PATH}" + destination = "/tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/id_rsa" + } + + provisioner "remote-exec" { + inline = [ + "chmod 600 /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/id_rsa", + ] + } + + provisioner "file" { + source = "modules/ansible-exec/check.ansible.sh" + destination = "/tmp/${var.IP}.check.ansible.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x /tmp/${var.IP}.check.ansible.sh", + ] + } + + provisioner "file" { + source = "modules/ansible-exec/timeout.ansible.sh" + destination = "/tmp/${var.IP}.timeout.ansible.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x /tmp/${var.IP}.timeout.ansible.sh", + ] + } + + provisioner "file" { + source = "modules/ansible-exec/while.sh" + destination = "/tmp/${var.IP}.while.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x /tmp/${var.IP}.while.sh", + ] + } + + provisioner "file" { + source = "modules/ansible-exec/error.sh" + destination = "/tmp/${var.IP}.error.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x /tmp/${var.IP}.error.sh", + ] + } + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export ANSIBLE_CONFIG=/tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/ansible.cfg; nohup ansible-playbook --private-key /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/id_rsa -i /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/inventory.yml /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/${var.PLAYBOOK} > /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}.log 2>&1 &'" + } + +} + +resource "null_resource" "check-ansible" { + + depends_on = [ null_resource.ansible-exec ] + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout 10m /tmp/${var.IP}.check.ansible.sh'" + on_failure = continue + } + +} + +resource "null_resource" "ansible-logs" { + + depends_on = [ null_resource.check-ansible ] + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout ${local.SCHEMATICS_TIMEOUT}m /tmp/${var.IP}.while.sh'" + on_failure = continue + } + +} + +resource "null_resource" "ansible-logs1" { + + depends_on = [ null_resource.ansible-logs ] + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout ${local.SCHEMATICS_TIMEOUT}m /tmp/${var.IP}.while.sh'" + on_failure = continue + } + +} + +resource "null_resource" "ansible-logs2" { + + depends_on = [ null_resource.ansible-logs1 ] + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout ${local.SCHEMATICS_TIMEOUT}m /tmp/${var.IP}.while.sh'" + on_failure = continue + } + +} + +resource "null_resource" "ansible-logs3" { + + depends_on = [ null_resource.ansible-logs2 ] + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout ${local.SCHEMATICS_TIMEOUT}m /tmp/${var.IP}.while.sh'" + on_failure = continue + } + +} + +resource "null_resource" "ansible-logs4" { + + depends_on = [ null_resource.ansible-logs3 ] + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout ${local.SCHEMATICS_TIMEOUT}m /tmp/${var.IP}.while.sh'" + on_failure = continue + } + +} + +resource "null_resource" "ansible-delete-sensitive-data" { + + depends_on = [ null_resource.ansible-logs4 ] + + connection { + type = "ssh" + user = "root" + host = var.BASTION_FLOATING_IP + private_key = var.PRIVATE_SSH_KEY + timeout = "1m" + } + + provisioner "remote-exec" { + inline = [ "rm -rf /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}" ] + } +} + +resource "null_resource" "ansible-errors" { + + depends_on = [ null_resource.ansible-delete-sensitive-data ] + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; tail -50 /tmp/ansible.$SAP_DEPLOYMENT-$IP.log; timeout 10s /tmp/${var.IP}.error.sh'" + on_failure = fail + } + +} + +resource "null_resource" "ansible-timeout-checking" { + + depends_on = [ null_resource.ansible-errors ] + + provisioner "local-exec" { + command = "ssh -o 'StrictHostKeyChecking no' -i ${var.ID_RSA_FILE_PATH} root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; export ANSIBLE_TIMEOUT=${local.SCHEMATICS_TIMEOUT}; timeout 10s /tmp/${var.IP}.timeout.ansible.sh'" + on_failure = fail + } + +} diff --git a/modules/ansible-exec/timeout.ansible.sh b/modules/ansible-exec/timeout.ansible.sh new file mode 100644 index 0000000..9d4daab --- /dev/null +++ b/modules/ansible-exec/timeout.ansible.sh @@ -0,0 +1,19 @@ +#!/bin/bash +TIMEOUT=$(( $ANSIBLE_TIMEOUT * 60 - 1)) +SCHEMATICS_TIMEOUT=$(($ANSIBLE_TIMEOUT *5)) +PID=$(ps -ef | grep $SAP_DEPLOYMENT | grep $IP |awk '{print $2}' | head -n 1) + +if [ -z "$PID" ] + then + echo "No TIMEOUT detected!" + else + TIME=$(ps -eo pid,cmd,etimes | grep $PID | head -n 1 | awk '{print $3}') + # echo -e "Ansible deployment time: $(($TIME / 60)) Minutes" + echo -e "Total SAP Schematics Timeout: $SCHEMATICS_TIMEOUT Minutes" + echo "Ansible PID: $PID" + while (( $TIME >= $TIMEOUT )) + do + echo -e "Ansible deployment TIMEOUT ERROR!! \n Check your input variables and /tmp/ansible.$SAP_DEPLOYMENT-$IP.log";sleep 10 + + done +fi diff --git a/schematics/modules/ansible-exec/variables.tf b/modules/ansible-exec/variables.tf similarity index 51% rename from schematics/modules/ansible-exec/variables.tf rename to modules/ansible-exec/variables.tf index d1e5c16..ec3a088 100644 --- a/schematics/modules/ansible-exec/variables.tf +++ b/modules/ansible-exec/variables.tf @@ -13,13 +13,19 @@ variable "IP" { description = "IP used by ansible" } -variable "private_ssh_key" { +variable "PRIVATE_SSH_KEY" { type = string description = "Private ssh key" } +variable "ID_RSA_FILE_PATH" { + nullable = false + description = "Input your id_rsa private key file path in OpenSSH format." +} + locals { -SAP_DEPLOYMENT = "sap-s4hana" +SAP_DEPLOYMENT = "sap-s-hana" +SCHEMATICS_TIMEOUT = 35 #(Max 55 Minutes). It is multiplied by 5 on Schematics deployments and it is relying on the ansible-logs number. } diff --git a/cli/modules/app-vsi/versions.tf b/modules/ansible-exec/versions.tf similarity index 100% rename from cli/modules/app-vsi/versions.tf rename to modules/ansible-exec/versions.tf diff --git a/schematics/modules/ansible-exec/while.sh b/modules/ansible-exec/while.sh similarity index 52% rename from schematics/modules/ansible-exec/while.sh rename to modules/ansible-exec/while.sh index 4116a40..b553ae7 100644 --- a/schematics/modules/ansible-exec/while.sh +++ b/modules/ansible-exec/while.sh @@ -1,12 +1,12 @@ -#!/bin/sh +#!/bin/bash while [ `ps -ef | grep $SAP_DEPLOYMENT-$IP | wc -l` -gt 1 ] do - tail /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log; sleep 10 + tail /tmp/ansible.$SAP_DEPLOYMENT-$IP.log; sleep 10 if [ `ps -ef | grep $SAP_DEPLOYMENT-$IP | wc -l` -eq 1 ] then break else - tail /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log; sleep 10 + tail /tmp/ansible.$SAP_DEPLOYMENT-$IP.log; sleep 10 fi done diff --git a/cli/modules/app-vsi/output.tf b/modules/app-vsi/output.tf similarity index 100% rename from cli/modules/app-vsi/output.tf rename to modules/app-vsi/output.tf diff --git a/schematics/modules/app-vsi/variables.tf b/modules/app-vsi/variables.tf similarity index 100% rename from schematics/modules/app-vsi/variables.tf rename to modules/app-vsi/variables.tf diff --git a/cli/modules/db-vsi/versions.tf b/modules/app-vsi/versions.tf similarity index 100% rename from cli/modules/db-vsi/versions.tf rename to modules/app-vsi/versions.tf diff --git a/cli/modules/app-vsi/volume.tf b/modules/app-vsi/volume.tf similarity index 100% rename from cli/modules/app-vsi/volume.tf rename to modules/app-vsi/volume.tf diff --git a/cli/modules/app-vsi/vsi.tf b/modules/app-vsi/vsi.tf similarity index 100% rename from cli/modules/app-vsi/vsi.tf rename to modules/app-vsi/vsi.tf diff --git a/cli/modules/db-vsi/output.tf b/modules/db-vsi/output.tf similarity index 100% rename from cli/modules/db-vsi/output.tf rename to modules/db-vsi/output.tf diff --git a/schematics/modules/db-vsi/variables.tf b/modules/db-vsi/variables.tf similarity index 100% rename from schematics/modules/db-vsi/variables.tf rename to modules/db-vsi/variables.tf diff --git a/cli/modules/sec-exec/versions.tf b/modules/db-vsi/versions.tf similarity index 100% rename from cli/modules/sec-exec/versions.tf rename to modules/db-vsi/versions.tf diff --git a/cli/modules/db-vsi/volume.tf b/modules/db-vsi/volume.tf similarity index 100% rename from cli/modules/db-vsi/volume.tf rename to modules/db-vsi/volume.tf diff --git a/cli/modules/db-vsi/vsi.tf b/modules/db-vsi/vsi.tf similarity index 100% rename from cli/modules/db-vsi/vsi.tf rename to modules/db-vsi/vsi.tf diff --git a/modules/pre-init/cli/check_folders.tf b/modules/pre-init/cli/check_folders.tf new file mode 100644 index 0000000..7d1196a --- /dev/null +++ b/modules/pre-init/cli/check_folders.tf @@ -0,0 +1,18 @@ +locals { + folder_list = [ + "${var.KIT_S4HANA_EXPORT}" + ] +} + +resource "null_resource" "fail_if_no_folder" { + count = length(local.folder_list) + + triggers = { + folder_path = local.folder_list[count.index] + } + + provisioner "local-exec" { + command = "if [ ! -d ${local.folder_list[count.index]} ] || [ -z \"$(ls -A ${local.folder_list[count.index]})\" ]; then exit 1; fi" + on_failure = fail + } +} diff --git a/modules/pre-init/cli/check_id_rsa.tf b/modules/pre-init/cli/check_id_rsa.tf new file mode 100644 index 0000000..7b13243 --- /dev/null +++ b/modules/pre-init/cli/check_id_rsa.tf @@ -0,0 +1,16 @@ +variable "ID_RSA_FILE_PATH" { + nullable = false + description = "Input your id_rsa private key file path in OpenSSH format with 0600 permissions." + validation { + condition = fileexists("${var.ID_RSA_FILE_PATH}") == true + error_message = "The id_rsa file does not exist." + } +} + +resource "null_resource" "id_rsa_validation" { + provisioner "local-exec" { + command = "ssh-keygen -l -f ${var.ID_RSA_FILE_PATH}" + on_failure = fail + } +} + diff --git a/modules/pre-init/cli/variables.tf b/modules/pre-init/cli/variables.tf new file mode 100644 index 0000000..5f44b69 --- /dev/null +++ b/modules/pre-init/cli/variables.tf @@ -0,0 +1,77 @@ +variable "KIT_SAPCAR_FILE" { + type = string + description = "kit_sapcar_file" + validation { + condition = fileexists("${var.KIT_SAPCAR_FILE}") == true + error_message = "The PATH does not exist." + } +} + +variable "KIT_SWPM_FILE" { + type = string + description = "kit_swpm_file" + validation { + condition = fileexists("${var.KIT_SWPM_FILE}") == true + error_message = "The PATH does not exist." + } +} + +variable "KIT_SAPHOSTAGENT_FILE" { + type = string + description = "kit_saphostagent_file" + validation { + condition = fileexists("${var.KIT_SAPHOSTAGENT_FILE}") == true + error_message = "The PATH does not exist." + } +} + +variable "KIT_SAPEXE_FILE" { + type = string + description = "kit_sapexe_file" + validation { + condition = fileexists("${var.KIT_SAPEXE_FILE}") == true + error_message = "The PATH does not exist." + } +} + +variable "KIT_SAPEXEDB_FILE" { + type = string + description = "kit_sapexedb_file" + validation { + condition = fileexists("${var.KIT_SAPEXEDB_FILE}") == true + error_message = "The PATH does not exist." + } +} + +variable "KIT_IGSEXE_FILE" { + type = string + description = "kit_igsexe_file" + validation { + condition = fileexists("${var.KIT_IGSEXE_FILE}") == true + error_message = "The PATH does not exist." + } +} + +variable "KIT_IGSHELPER_FILE" { + type = string + description = "kit_igshelper_file" + validation { + condition = fileexists("${var.KIT_IGSHELPER_FILE}") == true + error_message = "The PATH does not exist." + } +} + +variable "KIT_HDBCLIENT_FILE" { + type = string + description = "kit_hdbclient_file" + validation { + condition = fileexists("${var.KIT_HDBCLIENT_FILE}") == true + error_message = "The PATH does not exist." + } +} + +variable "KIT_S4HANA_EXPORT" { + type = string + description = "kit_s4hana_export" +} + diff --git a/schematics/modules/pre-init/found.ip.tmpl b/modules/pre-init/found.ip.tmpl similarity index 100% rename from schematics/modules/pre-init/found.ip.tmpl rename to modules/pre-init/found.ip.tmpl diff --git a/schematics/modules/pre-init/get-server-ip.tf b/modules/pre-init/get-server-ip.tf similarity index 100% rename from schematics/modules/pre-init/get-server-ip.tf rename to modules/pre-init/get-server-ip.tf diff --git a/schematics/modules/pre-init/get.sch.ip.sh b/modules/pre-init/get.sch.ip.sh similarity index 100% rename from schematics/modules/pre-init/get.sch.ip.sh rename to modules/pre-init/get.sch.ip.sh diff --git a/schematics/modules/precheck-ssh-exec/key-generation.tf b/modules/pre-init/key-generation.tf similarity index 70% rename from schematics/modules/precheck-ssh-exec/key-generation.tf rename to modules/pre-init/key-generation.tf index 6b9fe80..99214a3 100644 --- a/schematics/modules/precheck-ssh-exec/key-generation.tf +++ b/modules/pre-init/key-generation.tf @@ -1,8 +1,8 @@ # Export Terraform variable values to a temp id_rsa file resource "local_file" "tf_id_rsa" { content = <<-DOC -${var.private_ssh_key} +${var.PRIVATE_SSH_KEY} DOC - filename = "ansible/id_rsa" + filename = "${var.ID_RSA_FILE_PATH}" file_permission = "0600" } diff --git a/modules/pre-init/variables.tf b/modules/pre-init/variables.tf new file mode 100644 index 0000000..c29fa11 --- /dev/null +++ b/modules/pre-init/variables.tf @@ -0,0 +1,9 @@ +variable "ID_RSA_FILE_PATH" { + nullable = false + description = "Input your id_rsa private key file path in OpenSSH format." +} + +variable "PRIVATE_SSH_KEY" { + type = string + description = "Private ssh key" +} diff --git a/cli/modules/vpc/subnet/versions.tf b/modules/pre-init/versions.tf similarity index 100% rename from cli/modules/vpc/subnet/versions.tf rename to modules/pre-init/versions.tf diff --git a/schematics/modules/precheck-ssh-exec/check_file.sh b/modules/precheck-ssh-exec/check_file.sh similarity index 100% rename from schematics/modules/precheck-ssh-exec/check_file.sh rename to modules/precheck-ssh-exec/check_file.sh diff --git a/schematics/modules/precheck-ssh-exec/error.sh b/modules/precheck-ssh-exec/error.sh similarity index 100% rename from schematics/modules/precheck-ssh-exec/error.sh rename to modules/precheck-ssh-exec/error.sh diff --git a/schematics/modules/precheck-ssh-exec/precheck-remote-exec.tf b/modules/precheck-ssh-exec/precheck-remote-exec.tf similarity index 97% rename from schematics/modules/precheck-ssh-exec/precheck-remote-exec.tf rename to modules/precheck-ssh-exec/precheck-remote-exec.tf index ff371a4..b915f1b 100644 --- a/schematics/modules/precheck-ssh-exec/precheck-remote-exec.tf +++ b/modules/precheck-ssh-exec/precheck-remote-exec.tf @@ -6,7 +6,7 @@ resource "null_resource" "check-bastion-resources" { type = "ssh" user = "root" host = var.BASTION_FLOATING_IP - private_key = var.private_ssh_key + private_key = var.PRIVATE_SSH_KEY timeout = "1m" } diff --git a/schematics/modules/precheck-ssh-exec/sg-sch-ssh-rule.tf b/modules/precheck-ssh-exec/sg-sch-ssh-rule.tf similarity index 100% rename from schematics/modules/precheck-ssh-exec/sg-sch-ssh-rule.tf rename to modules/precheck-ssh-exec/sg-sch-ssh-rule.tf diff --git a/schematics/modules/precheck-ssh-exec/variables.tf b/modules/precheck-ssh-exec/variables.tf similarity index 67% rename from schematics/modules/precheck-ssh-exec/variables.tf rename to modules/precheck-ssh-exec/variables.tf index 604d654..b45d3fa 100644 --- a/schematics/modules/precheck-ssh-exec/variables.tf +++ b/modules/precheck-ssh-exec/variables.tf @@ -8,7 +8,12 @@ variable "HOSTNAME" { description = "VSI Hostname" } -variable "private_ssh_key" { +variable "ID_RSA_FILE_PATH" { + nullable = false + description = "Input your id_rsa private key file path in OpenSSH format." +} + +variable "PRIVATE_SSH_KEY" { type = string description = "Private ssh key" } diff --git a/cli/versions.tf b/modules/precheck-ssh-exec/versions.tf similarity index 100% rename from cli/versions.tf rename to modules/precheck-ssh-exec/versions.tf diff --git a/cli/modules/vpc/subnet/subnet.tf b/modules/vpc/subnet/subnet.tf similarity index 100% rename from cli/modules/vpc/subnet/subnet.tf rename to modules/vpc/subnet/subnet.tf diff --git a/cli/modules/vpc/subnet/variables.tf b/modules/vpc/subnet/variables.tf similarity index 100% rename from cli/modules/vpc/subnet/variables.tf rename to modules/vpc/subnet/variables.tf diff --git a/schematics/modules/ansible-exec/versions.tf b/modules/vpc/subnet/versions.tf similarity index 100% rename from schematics/modules/ansible-exec/versions.tf rename to modules/vpc/subnet/versions.tf diff --git a/schematics/output.tf b/output.tf similarity index 64% rename from schematics/output.tf rename to output.tf index d36b670..5f1a93b 100644 --- a/schematics/output.tf +++ b/output.tf @@ -1,20 +1,20 @@ -output "DB-HOSTNAME" { +output "DB_HOSTNAME" { value = module.db-vsi.HOSTNAME } -output "DB-PRIVATE-IP" { +output "DB_PRIVATE_IP" { value = module.db-vsi.PRIVATE-IP } -output "DB-STORAGE-LAYOUT" { +output "DB_STORAGE_LAYOUT" { value = module.db-vsi.STORAGE-LAYOUT } -output "APP-HOSTNAME" { +output "APP_HOSTNAME" { value = module.app-vsi.HOSTNAME } -output "APP-PRIVATE-IP" { +output "APP_PRIVATE_IP" { value = module.app-vsi.PRIVATE-IP } diff --git a/provider.tf b/provider.tf new file mode 100644 index 0000000..77dfc34 --- /dev/null +++ b/provider.tf @@ -0,0 +1,13 @@ +variable "IBMCLOUD_API_KEY" { + description = "IBM Cloud API key" + sensitive = true + validation { + condition = length(var.IBMCLOUD_API_KEY) > 43 #&& substr(var.IBMCLOUD_API_KEY, 14, 15) == "-" + error_message = "The IBMCLOUD_API_KEY value must be a valid IBM Cloud API key." + } +} + +provider "ibm" { + ibmcloud_api_key = var.IBMCLOUD_API_KEY + region = var.REGION +} diff --git a/sch.auto.tfvars b/sch.auto.tfvars new file mode 100644 index 0000000..0c4187a --- /dev/null +++ b/sch.auto.tfvars @@ -0,0 +1,4 @@ +# Do not edit these variables. These are programatic values for schematics&cli deployments. +PRIVATE_SSH_KEY = "n.a" +BASTION_FLOATING_IP = "localhost" + diff --git a/schematics/README.md b/schematics/README.md deleted file mode 100644 index ad3765c..0000000 --- a/schematics/README.md +++ /dev/null @@ -1,182 +0,0 @@ -# Three Tier SAP S/4HANA Stack Deployment using IBM Schematics - -## Description -This automation solution is designed for the deployment of **Three Tier SAP S/4HANA Stack** using IBM Cloud Schematics. The SAP solution will be deployed on top of one of the following Operating Systems: **SUSE Linux Enterprise Server 15 SP 3 for SAP**, **SUSE Linux Enterprise Server 15 SP 4 for SAP**, **Red Hat Enterprise Linux 8.4 for SAP**, **Red Hat Enterprise Linux 8.6 for SAP** in an existing IBM Cloud Gen2 VPC, using an existing bastion host with secure remote SSH access. - -The solution is based on Terraform remote-exec and Ansible playbooks executed by Schematics and it is implementing a 'reasonable' set of best practices for SAP VSI host configuration. - -**It contains:** -- Terraform scripts for the deployment of two VSIs, in an EXISTING VPC, with Subnet and Security Group. The VSIs are intended to be used: one for the data base instance and the other for the application instance. -- Bash scripts used for the checking of the prerequisites required by SAP VSIs deployment and for the integration into a single step in IBM Schematics GUI of the VSI provisioning and the **Three Tier SAP S/4HANA Stack** installation. -- Ansible scripts to configure Three Tier SAP S/4HANA primary application server and a HANA 2.0 node. - -## Installation media -SAP HANA installation media used for this deployment is the default one for **SAP HANA, platform edition 2.0 SPS05** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided as input data. - -SAP S/4HANA installation media used for this deployment is the default one for **SAP S/4HANA 2020** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided as input data. - -## VSI Configuration -The VSIs are deployed with one of the following Operating Systems for DB server: Suse Linux Enterprise Server 15 SP 3 for SAP HANA (amd64), Suse Linux Enterprise Server 15 SP 4 for SAP HANA (amd64), Red Hat Enterprise Linux 8.4 for SAP HANA (amd64) or Red Hat Enterprise Linux 8.6 for SAP HANA (amd64) and with one of the following Operating Systems for APP server: Suse Enterprise Linux 15 SP3 for SAP Applications (amd64), Suse Enterprise Linux 15 SP4 for SAP Applications (amd64), Red Hat Enterprise Linux 8.4 for SAP Applications (amd64), Red Hat Enterprise Linux 8.6 for SAP Applications (amd64). The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning: - -HANA DB VSI Disks: -- the disk sizes depend on the selected profile, according to [Intel Virtual Server certified profiles on VPC infrastructure for SAP HANA](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc) - Last updated 2022-01-28 - -Note: LVM will be used for **`/hana/data`**, **`hana/log`**, **`/hana/shared`** and **`/usr/sap`**, for all storage profiles, excepting **`vx2d-44x616`** and **`vx2d-88x1232`** profiles, where **`/hana/data`** and **`/hana/shared`** won't be manged by LVM, according to [Intel Virtual Server certified profiles on VPC infrastructure for SAP HANA](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc#vx2d-16x224) - Last updated 2022-01-28 and to [Storage design considerations](https://cloud.ibm.com/docs/sap?topic=sap-storage-design-considerations#hana-iaas-mx2-16x128-32x256-configure) - Last updated 2022-05-19 - -For example, in case of deploying a HANA VM, using the default value for VSI profile `mx2-16x128`, the automation will execute the following storage setup: -- 3 volumes x 500 GB each for `_hana_vg` volume group - - the volume group will contain the following logical volumes (created with three stripes): - - `_hana_data_lv` - size 988 GB - - `_hana_log_lv` - size 256 GB - - `_hana_shared` - size 256 GB -- 1 volume x 50 GB for `/usr/sap` (volume group: `_usr_sap_vg`, logical volume: `_usr_sap_lv`) -- 1 volume x 10 GB for a 2 GB SWAP logical volume (volume group: `_swap_vg`, logical volume: `_swap_lv`) - -SAP APPs VSI Disks: -- 1x 40 GB disk with 10 IOPS / GB - SWAP -- 1 x 128 GB disk with 10 IOPS / GB - DATA - -## IBM Cloud API Key -The IBM Cloud API Key should be provided as input value of type sensitive for "ibmcloud_api_key" variable, in `IBM Schematics -> Workspaces -> -> Settings` menu. -The IBM Cloud API Key can be created [here](https://cloud.ibm.com/iam/apikeys). - -## Input parameters -The following parameters can be set in the Schematics workspace: VPC, Subnet, Security group, Resource group, Hostname, Profile, Image, SSH Keys and your SAP system configuration variables, as below: - -**VSI input parameters:** - -Parameter | Description -----------|------------ -ibmcloud_api_key | IBM Cloud API key (Sensitive* value). -private_ssh_key | id_rsa private key content (Sensitive* value). -SSH_KEYS | List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available [here](https://cloud.ibm.com/vpc-ext/compute/sshKeys).
Sample input (use your own SSH UUIDs from IBM Cloud):
[ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ] -BASTION_FLOATING_IP | The FLOATING IP from the Bastion Server. -RESOURCE_GROUP | The name of an EXISTING Resource Group for VSIs and Volumes resources.
Default value: "Default". The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups). -REGION | The cloud region where to deploy the solution.
The regions and zones for VPC are listed [here](https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc).
Review supported locations in IBM Cloud Schematics [here](https://cloud.ibm.com/docs/schematics?topic=schematics-locations).
Sample value: eu-de. -ZONE | The cloud zone where to deploy the solution.
Sample value: eu-de-2. -VPC | The name of an EXISTING VPC. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs) -SUBNET | The name of an EXISTING Subnet. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). -SECURITY_GROUP | The name of an EXISTING Security group. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups). -DB-HOSTNAME | The Hostname for the HANA VSI. The hostname should be up to 13 characters as required by SAP. For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361) -DB-PROFILE | The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs is available [here](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc).
Details about all x86 instance profiles are available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "mx2-16x128" -DB-IMAGE | The OS image used for HANA VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images)
Default value: ibm-redhat-8-6-amd64-sap-hana-2 -APP-HOSTNAME | The Hostname for the SAP Application VSI. The hostname must have up to 13 characters as required by SAP. For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361) -APP-PROFILE | The instance profile used for SAP Application VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles)
For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
Default value: "bx2-4x16" -APP-IMAGE | The OS image used for SAP Application VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).
Default value: ibm-redhat-8-6-amd64-sap-applications-2 - - -**SAP input parameters:** - -Parameter | Description | Requirements -----------|-------------|------------- -hana_sid | The SAP system ID identifies the SAP HANA system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
| -hana_sysno | Specifies the instance number of the SAP HANA system|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-hana_main_password | Common password for all users that are created during the installation |
  • It must be 8 to 14 characters long
  • It must consist of at least one digit (0-9), one lowercase letter (a-z), and one uppercase letter (A-Z).
  • It can only contain the following characters: a-z, A-Z, 0-9, !, @, #, $, _
  • It must not start with a digit or an underscore ( _ )

(Sensitive* value) -hana_system_usage | System Usage | Default: custom
Valid values: production, test, development, custom -hana_components | SAP HANA Components | Default: server
Valid values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp -kit_saphana_file | Path to SAP HANA ZIP file | As downloaded from SAP Support Portal -sap_sid | The SAP system ID identifies the entire SAP system |
  • Consists of exactly three alphanumeric characters
  • Has a letter for the first character
  • Does not include any of the reserved IDs listed in SAP Note 1979280
-sap_ascs_instance_number | Technical identifier for internal processes of ASCS|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-sap_ci_instance_number | Technical identifier for internal processes of CI|
  • Two-digit number from 00 to 97
  • Must be unique on a host
-sap_main_password | Common password for all users that are created during the installation |
  • It must be 10 to 14 characters long
  • It must contain at least one digit (0-9)
  • It can only contain the following characters: a-z, A-Z, 0-9, @, #, $, _
  • It must not start with a digit or an underscore ( _ )

(Sensitive* value) -hdb_concurrent_jobs | Number of concurrent jobs used to load and/or extract archives to HANA Host | Default: 23 -kit_sapcar_file | Path to sapcar binary | As downloaded from SAP Support Portal -kit_swpm_file | Path to SWPM archive (SAR) | As downloaded from SAP Support Portal -kit_sapexe_file | Path to SAP Kernel OS archive (SAR) | As downloaded from SAP Support Portal -kit_sapexedb_file | Path to SAP Kernel DB archive (SAR) | As downloaded from SAP Support Portal -kit_igsexe_file | Path to IGS archive (SAR) | As downloaded from SAP Support Portal -kit_igshelper_file | Path to IGS Helper archive (SAR) | As downloaded from SAP Support Portal -kit_saphostagent_file | Path to SAP Host Agent archive (SAR) | As downloaded from SAP Support Portal -kit_hdbclient_file | Path to HANA DB client archive (SAR) | As downloaded from SAP Support Portal -kit_s4hana_export | Path to S/4HANA Installation Export dir | The archives downloaded from SAP Support Portal should be present in this path - -**Obs***:
- - **SAP Main Password.** -The password for the SAP system will be hidden during the schematics apply step and will not be available after the deployment. - -Parameter | Description | Requirements -----------|-------------|------------- -sap_main_password | Common password for all users that are created during the installation |
  • It must be 8 to 14 characters long
  • It must contain at least one digit (0-9)
  • It must not contain \ (backslash) and " (double quote)
- -- **Sensitive** - The variable value is not displayed in your Schematics logs and it is hidden in the input field.
-- The following parameters should have the same values as the ones set for the BASTION server: REGION, ZONE, VPC, SUBNET, SECURITYGROUP. -- For any manual change in the terraform code, you have to make sure that you use a certified image based on the SAP NOTE: 2927211. -- OS **image** for **DB VSI.** Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-sles-15-4-amd64-sap-hana-3, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-8-6-amd64-sap-hana-2. - - The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images - - Default variable: DB-IMAGE = "ibm-redhat-8-6-amd64-sap-hana-2" -- OS **image** for **SAP APP VSI**. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-sles-15-4-amd64-sap-applications-4, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-8-6-amd64-sap-applications-2. - - The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images - - Default variable: APP-IMAGE = "ibm-redhat-8-6-amd64-sap-applications-2" -- SAP **HANA Installation path kit** - - Supported SAP HANA versions on RHEL 8 and SLES 15: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP - - Example for RHEL 8 or SLES 15: kit_saphana_file = "/storage/HANADB/51055299.ZIP" - - Default variable: kit_saphana_file = "/storage/HANADB/51055299.ZIP" - - -## VPC Configuration - -The Security Rules inherited from BASTION deployment are the following: -- Allow all traffic in the Security group for private networks. -- Allow outbound traffic (ALL for port 53, TCP for ports 80, 443, 8443) -- Allow inbound SSH traffic (TCP for port 22) from IBM Schematics Servers. - - - ## Files description and structure: - - - `modules` - directory containing the terraform modules - - `main.tf` - contains the configuration of the VSI for the deployment of the current SAP solution. - - `output.tf` - contains the code for the information to be displayed after the VSI is created (Hostname, Private IP) - - `integration*.tf` - contains the integration code that makes the SAP variabiles from Terraform available to Ansible. - - `provider.tf` - contains the IBM Cloud Provider data in order to run `terraform init` command. - - `terraform.tfvars` - contains the IBM Cloud API key referenced in `provider.tf` (dynamically generated) - - `variables.tf` - contains variables for the VPC and VSI - - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider. - - -## Steps to follow: - -1. Make sure that you have the [required IBM Cloud IAM - permissions](https://cloud.ibm.com/docs/vpc?topic=vpc-managing-user-permissions-for-vpc-resources) to - create and work with VPC infrastructure and you are [assigned the - correct - permissions](https://cloud.ibm.com/docs/schematics?topic=schematics-access) to - create the workspace in Schematics and deploy resources. -2. [Generate an SSH - key](https://cloud.ibm.com/docs/vpc?topic=vpc-ssh-keys). - The SSH key is required to access the provisioned VPC virtual server - instances via the bastion host. After you have created your SSH key, - make sure to [upload this SSH key to your IBM Cloud - account](https://cloud.ibm.com/docs/vpc-on-classic-vsi?topic=vpc-on-classic-vsi-managing-ssh-keys#managing-ssh-keys-with-ibm-cloud-console) in - the VPC region and resource group where you want to deploy the SAP solution -3. Create the Schematics workspace: - 1. From the IBM Cloud menu - select [Schematics](https://cloud.ibm.com/schematics/overview). - - Click Create a workspace. - - Enter a name for your workspace. - - Click Create to create your workspace. - 2. On the workspace **Settings** page, enter the URL of this solution in the Schematics examples Github repository. - - Select the latest Terraform version. - - Click **Save template information**. - - In the **Input variables** section, review the default input variables and provide alternatives if desired. - - Click **Save changes**. - -4. From the workspace **Settings** page, click **Generate plan**  -5. Click **View log** to review the log files of your Terraform - execution plan. -6. Apply your Terraform template by clicking **Apply plan**. -7. Review the log file to ensure that no errors occurred during the - provisioning, modification, or deletion process. - -The output of the Schematics Apply Plan will list the public/private IP addresses -of the VSI host, the hostname and the VPC. - - -The Terraform version used for deployment should be >= 1.3.6. -Note: The deployment was tested with Terraform 1.3.6 - -### Related links: - -- [How to create a BASTION/STORAGE VSI for SAP in IBM Schematics](https://github.com/IBM-Cloud/sap-bastion-setup) -- [Securely Access Remote Instances with a Bastion Host](https://www.ibm.com/cloud/blog/tutorial-securely-access-remote-instances-with-a-bastion-host) -- [VPNs for VPC overview: Site-to-site gateways and Client-to-site servers.](https://cloud.ibm.com/docs/vpc?topic=vpc-vpn-overview) -- [IBM Cloud Schematics](https://www.ibm.com/cloud/schematics) diff --git a/schematics/ansible/ansible.cfg b/schematics/ansible/ansible.cfg deleted file mode 100644 index 0dff108..0000000 --- a/schematics/ansible/ansible.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[defaults] -remote_user = root -host_key_checking = False diff --git a/schematics/ansible/roles/s4appinst/defaults/main.yml b/schematics/ansible/roles/s4appinst/defaults/main.yml deleted file mode 100644 index f66cbda..0000000 --- a/schematics/ansible/roles/s4appinst/defaults/main.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -#Sapinst product-id -sap_product_id: "NW_ABAP_OneHost:S4HANA2020.CORE.HDB.ABAP" - -#Target files location -s4app_kit: "/usr/sap/trans/kit" - -# Source and destination for the kit files -s4apps_kit: - - s4apps_src: "{{ kit_sapcar_file }}" - s4apps_dest: "{{ s4app_kit }}/sapcar" - - s4apps_src: "{{ kit_swpm_file }}" - s4apps_dest: "{{ s4app_kit }}/swpm.sar" - - s4apps_src: "{{ kit_sapexe_file }}" - s4apps_dest: "{{ s4app_kit }}/sapexe.sar" - - s4apps_src: "{{ kit_sapexedb_file }}" - s4apps_dest: "{{ s4app_kit }}/sapexedb.sar" - - s4apps_src: "{{ kit_igsexe_file }}" - s4apps_dest: "{{ s4app_kit }}/igsexe.sar" - - s4apps_src: "{{ kit_igshelper_file }}" - s4apps_dest: "{{ s4app_kit }}/igshelper.sar" - - s4apps_src: "{{ kit_saphotagent_file }}" - s4apps_dest: "{{ s4app_kit }}/saphotagent.sar" - - s4apps_src: "{{ kit_hdbclient_file }}" - s4apps_dest: "{{ s4app_kit }}/hdbclient.sar" - - s4apps_src: "{{ kit_s4hana_export }}/" - s4apps_dest: "{{ s4app_kit }}" -... diff --git a/schematics/ansible/roles/s4appinst/tasks/install_kit.yml b/schematics/ansible/roles/s4appinst/tasks/install_kit.yml deleted file mode 100644 index 14685fd..0000000 --- a/schematics/ansible/roles/s4appinst/tasks/install_kit.yml +++ /dev/null @@ -1,75 +0,0 @@ ---- -- name: Create directories for SAP kit on target - file: - path: "{{ item }}" - state: directory - mode: 0777 - loop: - - "{{ s4app_kit }}" - - "{{ s4app_kit }}/swpm" - - "{{ s4app_kit }}/export" - -- name: Gather the package facts for Ansible controller - package_facts: - manager: auto - delegate_to: localhost - -- name: Check if rsync package is available on Ansible controller - set_fact: - rsync_found_controller: true - when: "'rsync' in ansible_facts.packages" - delegate_to: localhost - -- name: Gather the package facts for Red Hat target - package_facts: - manager: auto - when: ansible_facts['os_family'] == "RedHat" - -- name: Gather the packages for Suse target - shell: zypper search -i --match-exact rsync - args: - warn: false - register: rsync_search_result - when: ansible_facts['os_family'] == "Suse" - -- name: Check if rsync package is available - set_fact: - rsync_found_target: true - when: ansible_facts['os_family'] == "RedHat" and "'rsync' in ansible_facts.packages" or ansible_facts['os_family'] == "Suse" and rsync_search_result.rc == 0 - -- name: Copy S/4HANA kit to target using rsync - synchronize: - src: "{{ item.s4apps_src }}" - dest: "{{ item.s4apps_dest }}" - checksum: yes - loop: "{{ s4apps_kit }}" - when: rsync_found_controller is defined and rsync_found_target is defined - -- name: Copy S/4HANA kit to target when rsync is not available - copy: - src: "{{ item.s4apps_src }}" - dest: "{{ item.s4apps_dest }}" - owner: root - group: root - mode: 0777 - loop: "{{ s4apps_kit }}" - when: rsync_found_controller is not defined or rsync_found_target is not defined - -- name: Recursively change the ownership and permissions on the SAP kit directory - file: - path: "{{ s4app_kit }}" - state: directory - mode: 0777 - recurse: yes - owner: root - group: root - -- name: Check if SWPM archive content was already extracted - stat: - path: "{{ s4app_kit }}/swpm/sapinst" - register: file_status - -- name: Extract SWPM archive - command: "{{ s4app_kit }}/sapcar -xf {{ s4app_kit }}/swpm.sar -R {{ s4app_kit }}/swpm" - when: not file_status.stat.exists -... diff --git a/schematics/ansible/roles/s4appinst/tasks/main.yml b/schematics/ansible/roles/s4appinst/tasks/main.yml deleted file mode 100644 index 17958ce..0000000 --- a/schematics/ansible/roles/s4appinst/tasks/main.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- name: Import install kit - include_tasks: "install_kit.yml" - -- name: Generate parameter file for sapinst - template: - src: sapinst.cfg - dest: "{{ s4app_kit }}/inifile.params" - -- name: Check if S/4HANA Application Server was already installed - stat: - path: "/sapmnt/{{ sap_sid|upper }}/exe/uc/linuxx86_64/SAPCAR" - register: install_status - -- name: Start SAP S/4HANA Application Server installation - shell: >- - {{ s4app_kit }}/swpm/sapinst SAPINST_INPUT_PARAMETERS_URL={{ s4app_kit }}/inifile.params - SAPINST_EXECUTE_PRODUCT_ID={{ sap_product_id }} SAPINST_SKIP_DIALOGS=true SAPINST_START_GUISERVER=false - when: not install_status.stat.exists - -- name: Cleanup - file: - path: "{{ s4app_kit }}" - state: absent -... diff --git a/schematics/ansible/roles/s4appinst/templates/sapinst.cfg b/schematics/ansible/roles/s4appinst/templates/sapinst.cfg deleted file mode 100644 index f546f9b..0000000 --- a/schematics/ansible/roles/s4appinst/templates/sapinst.cfg +++ /dev/null @@ -1,334 +0,0 @@ -# Password for the Diagnostics Agent specific adm user. Provided value may be encoded. -# DiagnosticsAgent.dasidAdmPassword = - -# Windows domain in which the Diagnostics Agent users must be created. This is an optional property (Windows only). -# DiagnosticsAgent.domain = - -# Windows only: Password for the Diagnostics Agent specific 'SAPService' user. -# DiagnosticsAgent.sapServiceDASIDPassword = - -# The password of the database schema. -HDB_Schema_Check_Dialogs.schemaPassword = {{ sap_main_password }} - -# Specify whether Software Provisioning Manager is to validate the schema name. The schema name must only contain numbers and capital letters. It must not start with '_' . It cannot be 'SYS' or 'SYSTEM'. -# HDB_Schema_Check_Dialogs.validateSchemaName = true - -# Use SAP HANA Media on CD, do not ask for SAR archives -# HDB_Software_Dialogs.useMediaCD = false - -# Name for container (folder) for the HANA Userstore files. -# HDB_Userstore.HDB_USE_IDENT = - -# Database hostnames that will be set directly in hdbuserstore without resolving them in HANA. Comma separated. Example (host1,host2) -# HDB_Userstore.doNotResolveHostnames = - -# Alternative port for SystemDB to be used in hdbuserstore -# HDB_Userstore.systemDBPort = - -# Use ABAP secure store instead of HANA userstore. Default: false for HANA user store. -# HDB_Userstore.useABAPSSFS = false - -# If set to 'true', an 'ms_acl_info' file is created. It manages the hosts from which the Message Server accepts connections. -# MessageServer.configureAclInfo = false - -# Location of the input file for the 'ABAP SecureStore' key. The input file must have two lines: 'key = ', 'key-id = '. You can generate a key using 'rsecssfx'. Leave empty if you want to use the default key. -# NW_ABAP_SSFS_CustomKey.ssfsKeyInputFile = - -# Standard system only: Add gateway process to ASCS instance -# NW_CI_Instance.ascsInstallGateway = false - -# Standard system only: Add web dispatcher process to ASCS instance -# NW_CI_Instance.ascsInstallWebDispatcher = false - -# Standard system with AS ABAP only: ASCS instance number. Leave empty for default. -NW_CI_Instance.ascsInstanceNumber = {{ sap_ascs_instance_number }} - -# Standard system with AS ABAP only: Virtual host name for the ASCS instance. Leave empty for default. -NW_CI_Instance.ascsVirtualHostname = {{ ansible_hostname }} - -# Instance number of the primary application server instance. Leave empty for default. -NW_CI_Instance.ciInstanceNumber = {{ sap_ci_instance_number }} - -# The ABAP message server port. Leave empty for default. -# NW_CI_Instance.ciMSPort = - -# The internal ABAP message server port. Leave empty for default. -# NW_CI_Instance.ciMSPortInternal = - -# Virtual host name of the primary application server instance . Leave empty for default. -NW_CI_Instance.ciVirtualHostname = {{ ansible_hostname }} - -# Create file 'prxyinfo(.DAT)' in the global directory, if it does not already exist and set 'gw/prxy_info' in the default profile accordingly. Default is 'false'. -# NW_CI_Instance.createGlobalProxyInfoFile = false - -# Create file 'reginfo(.DAT)' in the global directory. Default is 'false'. -# NW_CI_Instance.createGlobalRegInfoFile = false - -# User-defined number of Java server nodes. Depends on NW_CI_Instance.nodesNumber. -# NW_CI_Instance.nodesNum = - -# Number of Java server nodes. Possible values: 'defNodes' - default number; 'srcNodes' - copy from source; 'userNodes' - user-defined number. Default is 'defNodes' -# NW_CI_Instance.nodesNumber = defNodes - -# Standard system with AS Java only: Virtual host name for the SCS instance. Leave empty for default. -NW_CI_Instance.scsVirtualHostname = {{ ansible_hostname }} - -# Activate ICF node '/SAP/BC/REST/SLPROTOCOL' -# NW_CI_Instance_ABAP_Reports.enableActivateICFService = false - -# SAP INTERNAL USE ONLY -# NW_CI_Instance_ABAP_Reports.enableSPAMUpdateWithoutStackXml = false - -# SAP INTERNAL USE ONLY -# NW_CI_Instance_ABAP_Reports.enableTMSConfigWithoutStackXml = false - -# SAP INTERNAL USE ONLY -# NW_CI_Instance_ABAP_Reports.enableTransportsWithoutStackXml = false - -# System copy AS Java with product instance Process Integration and/or Development Infrastructure: Specify whether the target system should replace the source system. Possible values are 'true' or 'false'. -# NW_CreateDBandLoad.movePVCforUsagePiAndDi = - -# Password of the DDIC user in client 000 -# NW_DDIC_Password.ddic000Password = - -# Password of the DDIC user in client 001 -# NW_DDIC_Password.ddic001Password = - -# Are the passwords for the DDIC users different from the default value? Possible values are 'true' or 'false'. Leave empty for default. -NW_DDIC_Password.needDDICPasswords = false - -# Specify whether the all operating system users are to be removed from group 'sapinst' after the execution of Software Provisioning Manager has completed. -NW_Delete_Sapinst_Users.removeUsers = true - -# Master password -NW_GetMasterPassword.masterPwd = {{ sap_main_password }} - -# Human readable form of the default login language to be preselected in SAPGUI. This Parameter is potentialy prompted in addition in the screen that also asks for the . It is only prompted in systems that have an ABAP stack. It is prompted for installation but not for system copy. It is asked in those installations, that perform the ABAP load. That could be the database load installation in case of a distributed system szenario, or in case of a standard system installation with all instances on one host. This Parameter is saved in the 'DEFAULT' profile. It is has no influence on language settings in a Java stack. Valid names are stored in a table of subcomponent 'NW_languagesInLoadChecks'. The available languages must be declaired in the 'LANGUAGES_IN_LOAD' parameter of the 'product.xml' file . In this file, the one-character representation of the languages is used. Check the same table in subcomponent 'NW_languagesInLoadChecks'. -# NW_GetSidNoProfiles.SAP_GUI_DEFAULT_LANGUAGE = - -# Unix only: The SAP mount directory path. Default value is '/sapmnt'. -# NW_GetSidNoProfiles.sapmnt = /sapmnt - -# The SAP system ID of the system to be installed -NW_GetSidNoProfiles.sid = {{ sap_sid|upper }} - -# Only use this parameter if recommended by SAP. -# NW_GetSidNoProfiles.strictSidCheck = true - -# ABAP schema name -NW_HDB_DB.abapSchemaName = SAPHANADB - -# Password of the ABAP schema user -NW_HDB_DB.abapSchemaPassword = {{ sap_main_password }} - -# JAVA schema name -# NW_HDB_DB.javaSchemaName = - -# Password of the JAVA schema user -# NW_HDB_DB.javaSchemaPassword = - -# Skip checking if creating a HANA user store is needed. Default value is 'true'. If set to 'false', a valid HANA userstore must exists. -# NW_HDB_DBClient.checkCreateUserstore = true - -# Install the SAP HANA database client in a central or local directory. Possible values are: 'SAPCPE', 'LOCAL' -# NW_HDB_DBClient.clientPathStrategy = LOCAL - -# Data has already been loaded. -# NW_HDB_getDBInfo.dataAlreadyLoaded = false - -# The DB admin user for SAP HANA tenant database. Default value: SYSTEM -# NW_HDB_getDBInfo.dbadmin = SYSTEM - -# Database host -NW_HDB_getDBInfo.dbhost = {{ hdb_host }} - -# Database system ID -NW_HDB_getDBInfo.dbsid = {{ hdb_sid|upper }} - -# The instance number of the SAP HANA database server -NW_HDB_getDBInfo.instanceNumber = {{ hdb_instance_number }} - -# Password of user 'SYSTEM' within the 'SystemDB' tenant in an SAP HANA MultiDB server -NW_HDB_getDBInfo.systemDbPassword = {{ hdb_main_password }} - -# Password of SAP HANA administration database user.' -NW_HDB_getDBInfo.systemPassword = {{ hdb_main_password }} - -# Password of user 'SYSTEM' inside the SAP HANA database server from a backup -# NW_HDB_getDBInfo.systemPasswordBackup = - -# SAP HANA system ID -NW_HDB_getDBInfo.systemid = {{ hdb_sid|upper }} - -# A dedicated OS group for the tenant database, required for SAP HANA multitenant database containers with high isolation level. -# NW_HDB_getDBInfo.tenantOsGroup = - -# A dedicated OS user for the tenant database, required for SAP HANA multitenant database containers with high isolation level. -# NW_HDB_getDBInfo.tenantOsUser = - -# The SQL port for SAP HANA tenant database -# NW_HDB_getDBInfo.tenantPort = - -# Connect using SSL/TLS. Default value: false. -# NW_HDB_getDBInfo.usingSSL = false - -# Location for HANA backup files on the HANA database host (as delivered by SAP). -# NW_Recovery_Install_HDB.backupLocationHANA = - -# Location for HANA backup files on the SAP Application Server host. -# NW_Recovery_Install_HDB.backupLocationSAP = - -# NW_Recovery_Install_HDB.checkIntegrity = false - -# Location for HANA backup files on the HANA database host (Target location for ABAP export archives). Default value: /usr/sap//HDB/backup/data/ -NW_Recovery_Install_HDB.extractLocation = /usr/sap/{{ hdb_sid|upper }}/HDB{{ hdb_instance_number }}/backup/data/DB_{{ hdb_sid|upper }} - -# Number of concurrent jobs used to load and/or extract archives to HANA Host -NW_Recovery_Install_HDB.extractParallelJobs = {{ hdb_concurrent_jobs }} - -# Archives or backup files are to be loaded by SWPM or are already available(mounted) on the HANA host. Possible values are: load (default) or mount. -# NW_Recovery_Install_HDB.loadOrMount = load - -# The OS user of the HANA 'adm' user -NW_Recovery_Install_HDB.sidAdmName = {{ hdb_sid|lower }}adm - -# The password of the OS HANA 'adm' user -NW_Recovery_Install_HDB.sidAdmPassword = {{ hdb_main_password }} - -# DEPRECATED, DO NOT USE! -NW_SAPCrypto.SAPCryptoFile = {{ s4app_kit }}/sapexe.sar - -# Enable the instance agent (sapstartsrv) data supplier to send operating system information to the System Landscape Directory (SLD). Default is 'false'. -# NW_SLD_Configuration.configureSld = false - -# Host of the System Landscape Directory (SLD) -# NW_SLD_Configuration.sldHost = - -# Port used to connect to the System Landscape Directory (SLD) -# NW_SLD_Configuration.sldPort = - -# Use HTTPS. Default is 'false'. -# NW_SLD_Configuration.sldUseHttps = false - -# The user that is to authenticate towards the System Landscape Directory (SLD) -# NW_SLD_Configuration.sldUser = - -# User password to authenticate towards the System Landscape Directory (SLD). Note: The connection is not checked by Software Provisioning Manager. -# NW_SLD_Configuration.sldUserPassword = - -# SAP INTERNAL USE ONLY -# NW_System.installSAPHostAgent = true - -# DEPRECATED, DO NOT USE! -# NW_Unpack.dbaToolsSar = - -# DEPRECATED, DO NOT USE! -NW_Unpack.igsExeSar = {{ s4app_kit }}/igsexe.sar - -# DEPRECATED, DO NOT USE! -NW_Unpack.igsHelperSar = {{ s4app_kit }}/igshelper.sar - -# DEPRECATED, DO NOT USE! -NW_Unpack.sapExeDbSar = {{ s4app_kit }}/sapexedb.sar - -# DEPRECATED, DO NOT USE! -NW_Unpack.sapExeSar = {{ s4app_kit }}/sapexe.sar - -# DEPRECATED, DO NOT USE! -# NW_Unpack.sapJvmSar = - -# DEPRECATED, DO NOT USE! -# NW_Unpack.xs2Sar = - -# Number of Batch Work Processes. Leave empty for default. -# NW_WPConfiguration.ciBtcWPNumber = 6 - -# Number of Dialog Work Processes. Leave empty for default. -# NW_WPConfiguration.ciDialogWPNumber = 10 - -# SAP offers the option to skip setting of security profile parameters (NOT recommended) only for compatibility reasons. Set to true and the file with recommended security settings will not be taken into consideration. See SAP Note 2714839 for security recommendations. -# NW_adaptProfile.skipSecurityProfileSettings = false - -# SAP INTERNAL USE ONLY -# NW_adaptProfile.templateFiles = - -# The FQDN of the system -# NW_getFQDN.FQDN = - -# SAP INTERNAL USE ONLY -# NW_getFQDN.resolve = true - -# Specify whether you want to set FQDN for the system. -NW_getFQDN.setFQDN = false - -# Manual configuration and execution of Migration Monitor or manual native database copy method. -# NW_getLoadType.importManuallyExecuted = false - -# The load type chosen by the user. Valid values are: 'SAP', 'STD', 'OBR', 'HCP', 'MDA', 'HBR', 'SBR' -NW_getLoadType.loadType = SAP - -# Password of the database manager operator user 'control' for liveCache -# NW_liveCache.controlUserPwd = - -# Host name for liveCache -# NW_liveCache.liveCacheHost = - -# Database ID for liveCache -# NW_liveCache.liveCacheID = - -# Database schema for liveCache -# NW_liveCache.liveCacheUser = - -# Password of database schema for liveCache -# NW_liveCache.liveCacheUserPwd = - -# Specify whether you want to use liveCache. Default value is 'true'. -# NW_liveCache.useLiveCache = false - -# The ASP device name where the SAP system will be in installed. The property is IBM i only. -# Values from 1 to 256 can be specified. The default is 1, the System ASP. -# OS4.DestinationASP = - -# The folder containing all archives that have been downloaded from http://support.sap.com/swdc and are supposed to be used in this procedure -archives.downloadBasket = {{ s4app_kit }} - -# DBACOCKPIT user is to be created. Default value is 'false'. -# hdb.create.dbacockpit.user = false - -# Windows only: The domain of the SAP Host Agent user -# hostAgent.domain = - -# Password for the 'sapadm' user of the SAP Host Agent -# hostAgent.sapAdmPassword = - -# installation_export.archivesFolder = - -# Windows only: The domain of all users of this SAP system. Leave empty for default. -# nwUsers.sapDomain = - -# Windows only: The password of the 'SAPServiceSID' user -# nwUsers.sapServiceSIDPassword = - -# UNIX only: The user ID of the 'sapadm' user, leave empty for default. The ID is ignored if the user already exists. -# nwUsers.sapadmUID = - -# UNIX only: The group id of the 'sapsys' group, leave empty for default. The ID is ignored if the group already exists. -# nwUsers.sapsysGID = - -# UNIX only: The user id of the adm user, leave empty for default. The ID is ignored if the user already exists. -# nwUsers.sidAdmUID = - -# The password of the 'adm' user -nwUsers.sidadmPassword = {{ sap_main_password }} - -# ABAP schema password -# storageBasedCopy.abapSchemaPassword = - -# Instance number of the SAP HANA Database server -storageBasedCopy.hdb.instanceNumber = {{ hdb_instance_number }} - -# Password of user 'SYSTEM' inside the SAP HANA Database Server -# storageBasedCopy.hdb.systemPassword = - -# Sets the SAPDB schema password using a parameter file. -# storageBasedCopy.javaSchemaPassword = diff --git a/schematics/ansible/roles/s4appreq/defaults/main.yml b/schematics/ansible/roles/s4appreq/defaults/main.yml deleted file mode 100644 index 753139a..0000000 --- a/schematics/ansible/roles/s4appreq/defaults/main.yml +++ /dev/null @@ -1,73 +0,0 @@ ---- -#Disk size config -sap_disk_size: "128.00 GB" -swap_disk_size: "40.00 GB" - -#Logical volume size config -# swap_lv_size: "30g" -usrsap_lv_size: "5g" -sap_lv_size: "20g" -sapmnt_lv_size: "20g" -saptrans_lv_size: "50g" - -# SWAP size GB -# SAP note 1597355 -# Commented until terraform code update -# swap_lv: -# - size: 64 -# ram_min: 32 -# ram_max: 63 -# - size: 96 -# ram_min: 64 -# ram_max: 127 -# - size: 128 -# ram_min: 128 -# ram_max: 255 -# - size: 160 -# ram_min: 256 -# ram_max: 511 -# - size: 192 -# ram_min: 512 -# ram_max: 1023 -# - size: 224 -# ram_min: 1024 -# ram_max: 2047 -# - size: 256 -# ram_min: 2048 -# ram_max: 4095 -# - size: 288 -# ram_min: 4096 -# ram_max: 8191 -# - size: 320 -# ram_min: 8192 -# ram_max: 20000 - -swap_lv: - - size: 38 - ram_min: 32 - ram_max: 63 - - size: 38 - ram_min: 64 - ram_max: 127 - - size: 38 - ram_min: 128 - ram_max: 255 - - size: 38 - ram_min: 256 - ram_max: 511 - - size: 38 - ram_min: 512 - ram_max: 1023 - - size: 224 - ram_min: 1024 - ram_max: 2047 - - size: 38 - ram_min: 2048 - ram_max: 4095 - - size: 288 - ram_min: 4096 - ram_max: 8191 - - size: 38 - ram_min: 8192 - ram_max: 20000 -... diff --git a/schematics/ansible/roles/s4appreq/files/sap.conf b/schematics/ansible/roles/s4appreq/files/sap.conf deleted file mode 100644 index d26c32d..0000000 --- a/schematics/ansible/roles/s4appreq/files/sap.conf +++ /dev/null @@ -1,9 +0,0 @@ -# systemd tmpfiles exclude file for SAP -# SAP software stores some important files -# in /tmp which should not be deleted -# Exclude SAP socket and lock files -x /tmp/.sap* -# Exclude HANA lock file -x /tmp/.hdb*lock -# Exclude TREX lock file -x /tmp/.trex*lock \ No newline at end of file diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/SELinux.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/SELinux.yml deleted file mode 100644 index 967003c..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/SELinux.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Disable SELinux - selinux: - state: disabled -... \ No newline at end of file diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/abrtd.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/abrtd.yml deleted file mode 100644 index a77e224..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/abrtd.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Get the list of services - service_facts: - -- name: Stop and disable abrtd - systemd: - name: abrtd - state: stopped - enabled: no - when: "'abrtd.service' in services" -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/compatlibs.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/compatlibs.yml deleted file mode 100644 index 75db0b5..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/compatlibs.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -#2560024 - /lib64/libstdc++.so.6: version `GLIBCXX_3.4.22' not found -- name: Create /usr/sap/lib directory - file: - path: /usr/sap/lib - state: directory - mode: 0755 - -- name: Create link to compat-sap-c++-6 lib - file: - src: /opt/rh/SAP/lib64/compat-sap-c++-6.so - dest: /usr/sap/lib/libstdc++.so.6 - state: link -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/filesystems.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/filesystems.yml deleted file mode 100644 index 72401e3..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/filesystems.yml +++ /dev/null @@ -1,167 +0,0 @@ ---- -- name: Get available storage devices for swap - set_fact: - swap_disk: "{{ swap_disk|default([]) + [device.key] }}" - when: - - not device.value.partitions - - not device.value.holders - - device.key is search('vd') - - device.value.size == swap_disk_size - loop: "{{ ansible_devices | dict2items }}" - loop_control: - loop_var: device - -- name: Check if the required storage device for swap is found - fail: - msg: "Could not find a free {{ swap_disk_size }} storage device for swap" - when: swap_disk is not defined - -- name: Create a volume group for swap - lvg: - vg: "{{ sap_sid|lower }}_swap_vg" - pvs: "/dev/{{ swap_disk[0] }}" - pesize: "32" - -- name: Get available storage devices for SAP instance - set_fact: - sap_disk: "{{ sap_disk|default([]) + [device.key] }}" - when: - - not device.value.partitions - - not device.value.holders - - device.key is search('vd') - - device.value.size == sap_disk_size - loop: "{{ ansible_devices | dict2items }}" - loop_control: - loop_var: device - -- name: Check if the required storage device for SAP instance is found - fail: - msg: "Could not find a free {{ sap_disk_size }} storage device for SAP instance" - when: sap_disk is not defined - -- name: Create a volume group for SAP instance - lvg: - vg: "{{ sap_sid|lower }}_app_vg" - pvs: "/dev/{{ sap_disk[0] }}" - pesize: "32" - -- name: Get the RAM size - set_fact: - app_ram: "{{ app_profile.split('-')[1].split('x')[1] }}" - -- name: Get the swap logical volume size for RAM lower than 32 GB - set_fact: - swap_lv_size: "{{ app_ram | int * 2 }}g" - when: app_ram | int < 32 - -- name: Get the swap logical volume size for RAM higher than 32 GB and lower than 8192 - set_fact: - swap_lv_size: "{{ data_swap.size }}g" - loop: "{{ swap_lv }}" - loop_control: - loop_var: data_swap - when: (app_ram | int >= 32) and (app_ram | int < 8192) and (app_ram | int >= data_swap.ram_min) and (app_ram | int <= data_swap.ram_max) - -- name: Get the swap logical volume size for RAM higher than 8192 - set_fact: - # swap_lv_size: "320g" - swap_lv_size: "32g" - when: app_ram | int >= 8192 - -- name: Create a logical volume for swap - lvol: - vg: "{{ sap_sid|lower }}_swap_vg" - lv: "{{ sap_sid|lower }}_swap_lv" - size: "{{ swap_lv_size }}" - -- name: Create a logical volume for /usr/sap - lvol: - vg: "{{ sap_sid|lower }}_app_vg" - lv: "{{ sap_sid|lower }}_usrsap_lv" - size: "{{ usrsap_lv_size }}" - -- name: Create a logical volume for /usr/sap/{{ sap_sid|upper }} - lvol: - vg: "{{ sap_sid|lower }}_app_vg" - lv: "{{ sap_sid|lower }}_sap_lv" - size: "{{ sap_lv_size }}" - -- name: Create a logical volume for /sapmnt/{{ sap_sid|upper }} - lvol: - vg: "{{ sap_sid|lower }}_app_vg" - lv: "{{ sap_sid|lower }}_sapmnt_lv" - size: "{{ sapmnt_lv_size }}" - -- name: Create a logical volume for /usr/sap/trans - lvol: - vg: "{{ sap_sid|lower }}_app_vg" - lv: "{{ sap_sid|lower }}_saptrans_lv" - size: "{{ saptrans_lv_size }}" - -- name: Create a swap filesystem - filesystem: - fstype: swap - dev: "/dev/{{ sap_sid|lower }}_swap_vg/{{ sap_sid|lower }}_swap_lv" - -- name: Create filesystem for /usr/sap - filesystem: - fstype: ext4 - dev: "/dev/{{ sap_sid|lower }}_app_vg/{{ sap_sid|lower }}_usrsap_lv" - -- name: Create filesystem for /usr/sap/{{ sap_sid|upper }} - filesystem: - fstype: ext4 - dev: "/dev/{{ sap_sid|lower }}_app_vg/{{ sap_sid|lower }}_sap_lv" - -- name: Create filesystem for /sapmnt/{{ sap_sid|upper }} - filesystem: - fstype: ext4 - dev: "/dev/{{ sap_sid|lower }}_app_vg/{{ sap_sid|lower }}_sapmnt_lv" - -- name: Create filesystem for /usr/sap/trans - filesystem: - fstype: ext4 - dev: "/dev/{{ sap_sid|lower }}_app_vg/{{ sap_sid|lower }}_saptrans_lv" - -- name: Add swap device to /etc/fstab - lineinfile: - path: /etc/fstab - regexp: "^/dev/{{ sap_sid|lower }}_swap_vg/{{ sap_sid|lower }}_swap_lv" - line: "/dev/{{ sap_sid|lower }}_swap_vg/{{ sap_sid|lower }}_swap_lv swap swap defaults 0 0" - -- name: Check the current swap size - set_fact: - sap_vm_swap: "{{ ansible_swaptotal_mb }}" - -- name: Mount swap volume - command: swapon -a - when: sap_vm_swap == 0 - -- name: Mount /usr/sap and add it to /etc/fstab - mount: - path: "/usr/sap" - src: "/dev/{{ sap_sid|lower }}_app_vg/{{ sap_sid|lower }}_usrsap_lv" - fstype: ext4 - state: mounted - -- name: Mount /usr/sap/{{ sap_sid|upper }} and add it to /etc/fstab - mount: - path: "/usr/sap/{{ sap_sid|upper }}" - src: "/dev/{{ sap_sid|lower }}_app_vg/{{ sap_sid|lower }}_sap_lv" - fstype: ext4 - state: mounted - -- name: Mount /sapmnt/{{ sap_sid|upper }} and add it to /etc/fstab - mount: - path: "/sapmnt/{{ sap_sid|upper }}" - src: "/dev/{{ sap_sid|lower }}_app_vg/{{ sap_sid|lower }}_sapmnt_lv" - fstype: ext4 - state: mounted - -- name: Mount /usr/sap/trans and add it to /etc/fstab - mount: - path: "/usr/sap/trans" - src: "/dev/{{ sap_sid|lower }}_app_vg/{{ sap_sid|lower }}_saptrans_lv" - fstype: ext4 - state: mounted -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/firewalld.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/firewalld.yml deleted file mode 100644 index c627f7c..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/firewalld.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Get the list of services - service_facts: - -- name: Stop and disable firewalld - systemd: - name: firewalld - state: stopped - enabled: no - when: "'firewalld.service' in services" -... \ No newline at end of file diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/hostname.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/hostname.yml deleted file mode 100644 index 4d7c3f5..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/hostname.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -#2718300 - Physical and Virtual hostname length limitations -- name: Get short hostname - command: hostname -s - register: sap_short_hostname - changed_when: False - -- name: Get FQDN - set_fact: - sap_host_fqdn: "{{ ansible_fqdn }}" - -- name: Check if hostname has 13 or less characters as per SAP requirement - fail: - msg: "Hostname {{ sap_short_hostname.stdout }} has more than 13 characters" - when: sap_short_hostname.stdout|length > 13 - -- name: Line to be added in /etc/hosts if FQDN is set - set_fact: - line_to_add: "{{ ansible_default_ipv4.address }} {{ sap_host_fqdn }} {{ sap_short_hostname.stdout }}" - when: sap_short_hostname.stdout != sap_host_fqdn - -- name: Line to be added in /etc/hosts if FQDN is not set - set_fact: - line_to_add: "{{ ansible_default_ipv4.address }} {{ sap_short_hostname.stdout }}" - when: sap_short_hostname.stdout == sap_host_fqdn - -- name: Enable hostname resolve to internal IP - lineinfile: - path: /etc/hosts - line: "{{ line_to_add }}" -... \ No newline at end of file diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml deleted file mode 100644 index 6e3dd62..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg - replace: - path: /etc/cloud/cloud.cfg - regexp: '(.*manage_etc_hosts.*)' - replace: '#\1' - -- name: Get short hostname - command: hostname -s - register: sap_short_hostname - changed_when: False - -#1054467 - Local host name refers to loopback address -- name: Disable default hostname resolve to loopback address - replace: - path: /etc/hosts - regexp: "^(?!{{ ansible_default_ipv4.address }}.*{{ sap_short_hostname.stdout }})(.*)({{ sap_short_hostname.stdout }}.*)" - replace: '\1' -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/kdump.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/kdump.yml deleted file mode 100644 index e8a8be5..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/kdump.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Get the list of services - service_facts: - -- name: Stop and disable kdump - systemd: - name: kdump - state: stopped - enabled: no - when: "'kdump.service' in services" -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml deleted file mode 100644 index a262bc2..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Set recommended kernel parameters for SAP NW on RedHat 8 - sysctl: - sysctl_file: /etc/sysctl.d/sap.conf - name: "{{ kernel_param.name }}" - value: "{{ kernel_param.value }}" - sysctl_set: yes - state: present - reload: yes - loop: - - { name: vm.max_map_count, value: 2147483647 } - - { name: kernel.pid_max, value: 4194304 } - - { name: kernel.sem, value: "32000 1024000000 500 32000" } - loop_control: - loop_var: kernel_param -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/limits.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/limits.yml deleted file mode 100644 index e0b72f0..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/limits.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: Set nofile limit for sapsys group - pam_limits: - dest: /etc/security/limits.d/99-sap.conf - domain: "@sapsys" - limit_item: nofile - limit_type: "{{ ltype }}" - value: "65536" - loop: - - soft - - hard - loop_control: - loop_var: ltype - -- name: Set nproc limit for sapsys group - pam_limits: - dest: /etc/security/limits.d/99-sap.conf - domain: "@sapsys" - limit_item: nproc - limit_type: "{{ ltype }}" - value: unlimited - loop: - - soft - - hard - loop_control: - loop_var: ltype - -- name: Set core limits - lineinfile: - path: /etc/security/limits.conf - line: "{{ corelimit }}" - loop: - - "* soft core 0" - - "* hard core 0" - loop_control: - loop_var: corelimit -... \ No newline at end of file diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/reboot.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/reboot.yml deleted file mode 100644 index 7287953..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/reboot.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Reboot target host - reboot: - connect_timeout: 5 - post_reboot_delay: 10 -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml deleted file mode 100644 index aacebff..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Wait for cloud init to finish - cloud_init_data_facts: - filter: status - register: res - until: "res.cloud_init_data_facts.status.v1.stage is defined and not res.cloud_init_data_facts.status.v1.stage" - retries: 60 - delay: 10 -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml deleted file mode 100644 index bb3ef8d..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Wait for SLES repo configurations - wait_for: - path: /etc/SUSEConnect -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkg.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkg.yml deleted file mode 100644 index 8f1e2b7..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkg.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Import required packages - package: - state: present - name: "{{ s4app_required_packages }}" -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml deleted file mode 100644 index ba551d6..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Import requierd package groups - dnf: - state: present - name: "{{ s4app_required_package_groups }}" -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/saptune.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/saptune.yml deleted file mode 100644 index b10231f..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/saptune.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Start and enable saptune service - service: - name: saptune - state: started - enabled: yes - -- name: Check if NETWEAVER profile was already set - command: saptune status - register: netweaver_profile - changed_when: False - failed_when: netweaver_profile.rc != 0 and netweaver_profile.rc != 3 - -- name: Select NETWEAVER profile for saptune - command: /usr/sbin/saptune solution apply NETWEAVER - when: "'NETWEAVER' not in netweaver_profile.stdout" -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/tmpfiles.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/tmpfiles.yml deleted file mode 100644 index 9fbd5f2..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/tmpfiles.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Configure tmpfiles exceptions - copy: - src: sap.conf - dest: /etc/tmpfiles.d/sap.conf - owner: root - group: root - mode: 0644 -... \ No newline at end of file diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml deleted file mode 100644 index e38746c..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Configure default umask - replace: - path: "{{ file }}" - regexp: '(.*umask 077.*)' - replace: 'umask 022' - loop: - - /etc/profile - - /etc/bashrc - loop_control: - loop_var: file -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml deleted file mode 100644 index 438a784..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Configure default umask - replace: - path: /etc/login.defs - regexp: '(.*UMASK 027.*)' - replace: 'UMASK 022' -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml deleted file mode 100644 index 8b238d5..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Update all packages - yum: - name: '*' - state: latest -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml deleted file mode 100644 index a71f4c5..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Update all packages - zypper: - name: '*' - state: latest -... diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/uuidd.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/uuidd.yml deleted file mode 100644 index 4178e50..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/configurations/uuidd.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Configuring uuidd - systemd: - name: uuidd - state: started - enabled: yes -... diff --git a/schematics/ansible/roles/s4appreq/tasks/main.yml b/schematics/ansible/roles/s4appreq/tasks/main.yml deleted file mode 100644 index bc0c392..0000000 --- a/schematics/ansible/roles/s4appreq/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Import OS distribution variables - include_vars: "{{ ansible_distribution }}{{ ansible_distribution_major_version }}.yml" - -- name: Make specific OS configurations as recommended by SAP for S/4HANA APP - include_tasks: "configurations/{{ item }}.yml" - loop: "{{ s4app_required_configurations }}" -... diff --git a/schematics/ansible/roles/s4appreq/vars/RedHat8.yml b/schematics/ansible/roles/s4appreq/vars/RedHat8.yml deleted file mode 100644 index ceb0eb4..0000000 --- a/schematics/ansible/roles/s4appreq/vars/RedHat8.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -s4app_required_packages: - - cairo - - graphviz - - iptraf-ng - - lm_sensors - - net-tools - - uuidd - - libnsl - - tcsh - - psmisc - - nfs-utils - - bind-utils - - expect - - gtk2 - - krb5-workstation - - krb5-libs - - libaio - - libcanberra-gtk2 - - libibverbs - - libicu - - libtool-ltdl - - numactl - - openssl - - PackageKit-gtk3-module - - rsyslog - - sudo - - xfsprogs - - xorg-x11-xauth - - libatomic - - chrony - - lvm2 - - unzip - -s4app_required_configurations: - - "repository_RedHat" - - "update_RedHat8" - - "reqpkg" - - "hostname_fix_RedHat" - - "hostname" - - "kernel_RedHat8" - - "umask_RHEL" - - "reboot" - - "filesystems" - - "SELinux" - - "firewalld" - - "uuidd" - - "abrtd" - - "kdump" - - "limits" - - "tmpfiles" - - "reboot" -... diff --git a/schematics/ansible/roles/s4appreq/vars/SLES_SAP15.yml b/schematics/ansible/roles/s4appreq/vars/SLES_SAP15.yml deleted file mode 100644 index 7b061f2..0000000 --- a/schematics/ansible/roles/s4appreq/vars/SLES_SAP15.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -s4app_required_packages: - - lvm2 - - uuidd - -s4app_required_configurations: - - "repository_SLES" - - "update_SLES_SAP" - - "reqpkg" - - "umask_SLES" - - "hostname" - - "reboot" - - "filesystems" - - "limits" - - "tmpfiles" - - "uuidd" - - "saptune" - - "reboot" -... diff --git a/schematics/ansible/roles/saphanainst/defaults/main.yml b/schematics/ansible/roles/saphanainst/defaults/main.yml deleted file mode 100644 index 2af3585..0000000 --- a/schematics/ansible/roles/saphanainst/defaults/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -#Target files location -hana_kit: "/usr/sap/kit" -... diff --git a/schematics/ansible/roles/saphanainst/tasks/install_kit.yml b/schematics/ansible/roles/saphanainst/tasks/install_kit.yml deleted file mode 100644 index b3a44d8..0000000 --- a/schematics/ansible/roles/saphanainst/tasks/install_kit.yml +++ /dev/null @@ -1,62 +0,0 @@ ---- -- name: Create /usr/sap/kit directory - file: - path: "{{ hana_kit }}" - state: directory - mode: 0777 - -- name: Gather the package facts for Ansible controller - package_facts: - manager: auto - delegate_to: localhost - -- name: Check if rsync package is available on Ansible controller - set_fact: - rsync_found_controller: true - when: "'rsync' in ansible_facts.packages" - delegate_to: localhost - -- name: Gather the package facts for Red Hat target - package_facts: - manager: auto - when: ansible_facts['os_family'] == "RedHat" - -- name: Gather the packages for Suse target - shell: zypper search -i --match-exact rsync - args: - warn: false - register: rsync_search_result - when: ansible_facts['os_family'] == "Suse" - -- name: Check if rsync package is available on target - set_fact: - rsync_found_target: true - when: ansible_facts['os_family'] == "RedHat" and "'rsync' in ansible_facts.packages" or ansible_facts['os_family'] == "Suse" and rsync_search_result.rc == 0 - -- name: Copy "{{ kit_saphana_file }}" kit to target using rsync - synchronize: - src: "{{ kit_saphana_file }}" - dest: "{{ hana_kit }}" - checksum: yes - when: rsync_found_controller is defined and rsync_found_target is defined - -- name: Copy "{{ kit_saphana_file }}" kit to target - copy: - src: "{{ kit_saphana_file }}" - dest: "{{ hana_kit }}" - owner: root - group: root - mode: 0777 - when: rsync_found_controller is not defined or rsync_found_target is not defined - -- name: Extract "{{ hana_kit }}/{{ kit_saphana_file.split('/')[-1] }}" to target - unarchive: - src: "{{ hana_kit }}/{{ kit_saphana_file.split('/')[-1] }}" - dest: "{{ hana_kit }}" - remote_src: yes - -- name: Cleanup - file: - path: "{{ hana_kit }}/{{ kit_saphana_file.split('/')[-1] }}" - state: absent -... diff --git a/schematics/ansible/roles/saphanainst/tasks/main.yml b/schematics/ansible/roles/saphanainst/tasks/main.yml deleted file mode 100644 index b85e6ed..0000000 --- a/schematics/ansible/roles/saphanainst/tasks/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Import install kit - include_tasks: "install_kit.yml" - -- name: Generate parameter file for hdblcm - template: - src: hanaconfig.cfg - dest: "{{ hana_kit }}/hanaconfig.cfg" - -- name: Check if HANA DB was already installed - stat: - path: "/hana/shared/{{ hana_sid|upper }}/exe/linuxx86_64/hdb" - register: hdb_install_status - -- name: Start SAP HANA DB installation - shell: "{{ hana_kit }}/DATA_UNITS/HDB_SERVER_LINUX_X86_64/hdblcm --configfile={{ hana_kit }}/hanaconfig.cfg -b" - when: not hdb_install_status.stat.exists - -- name: Cleanup - file: - path: "{{ hana_kit }}" - state: absent -... diff --git a/schematics/ansible/roles/saphanainst/templates/hanaconfig.cfg b/schematics/ansible/roles/saphanainst/templates/hanaconfig.cfg deleted file mode 100644 index 291aea4..0000000 --- a/schematics/ansible/roles/saphanainst/templates/hanaconfig.cfg +++ /dev/null @@ -1,306 +0,0 @@ - -[General] - -# Location of Installation Medium -component_medium= - -# Comma separated list of component directories -component_dirs= - -# Use single master password for all users, created during installation ( Default: n ) -use_master_password=y - -# Directory root to search for components -component_root= - -# Skip all SAP Host Agent calls ( Default: n ) -skip_hostagent_calls=n - -# Remote Execution ( Default: ssh; Valid values: ssh | saphostagent ) -remote_execution=ssh - -# Verify the authenticity of SAP HANA components ( Default: n ) -verify_signature=n - -# Components ( Valid values: all | client | es | ets | lcapps | server | smartda | streaming | rdsync | xs | studio | afl | sca | sop | eml | rme | rtl | trp ) -components={{ hana_components }} - -# Install Execution Mode ( Default: standard; Valid values: standard | optimized ) -install_execution_mode=standard - -# Ignore failing prerequisite checks -ignore= - -# Do not Modify '/etc/sudoers' File ( Default: n ) -skip_modify_sudoers=n - -[Server] - -# Enable usage of persistent memory ( Default: n ) -use_pmem=n - -# Enable the installation or upgrade of the SAP Host Agent ( Default: y ) -install_hostagent=y - -# Database Isolation ( Default: low; Valid values: low | high ) -db_isolation=low - -# Create initial tenant database ( Default: y ) -create_initial_tenant=y - -# Non-standard Shared File System -checkmnt= - -# Installation Path ( Default: /hana/shared ) -sapmnt=/hana/shared - -# Local Host Name ( Default: saphanasingle ) -hostname={{ ansible_hostname }} - -# Install SSH Key ( Default: y ) -install_ssh_key=y - -# Root User Name For Remote Hosts ( Default: root ) -root_user=root - -# Root User Password For Remote Hosts -root_password= - -# SAP Host Agent User (sapadm) Password -sapadm_password= - -# Directory containing a storage configuration -storage_cfg= - -# Listen Interface ( Valid values: global | internal | local ) -listen_interface= - -# Internal Network Address -internal_network= - -# SAP HANA System ID -sid={{ hana_sid }} - -# Instance Number -number={{ hana_sysno }} - -# Local Host Worker Group ( Default: default ) -workergroup=default - -# System Usage ( Default: custom; Valid values: production | test | development | custom ) -system_usage={{ hana_system_usage }} - -# Instruct the Local Secure Store (LSS) to trust an unsigned SAP HANA Database ( Default: n ) -lss_trust_unsigned_server=n - -# Do you want to enable data and log volume encryption? ( Default: n ) -volume_encryption=n - -# Location of Data Volumes ( Default: /hana/data/${sid} ) -datapath=/hana/data/${sid} - -# Location of Log Volumes ( Default: /hana/log/${sid} ) -logpath=/hana/log/${sid} - -# Location of Persistent Memory Volumes ( Default: /hana/pmem/${sid} ) -pmempath=/hana/pmem/${sid} - -# Directory containing custom configurations -custom_cfg= - -# SAP HANA Database secure store ( Default: ssfs; Valid values: ssfs | localsecurestore ) -secure_store=ssfs - -# Restrict maximum memory allocation? -restrict_max_mem= - -# Maximum Memory Allocation in MB -max_mem= - -# Certificate Host Names -certificates_hostmap= - -# Master Password -master_password={{ hana_main_password }} - -# System Administrator Password -password= - -# System Administrator Home Directory ( Default: /usr/sap/${sid}/home ) -home=/usr/sap/${sid}/home - -# System Administrator Login Shell ( Default: /bin/sh ) -shell=/bin/sh - -# System Administrator User ID -userid= - -# ID of User Group (sapsys) -groupid= - -# Database User (SYSTEM) Password -system_user_password= - -# Restart system after machine reboot? ( Default: n ) -autostart=n - -# Enable HANA repository ( Default: y ) -repository=y - -# Inter Service Communication Mode ( Valid values: standard | ssl ) -isc_mode= - -[Action] - -# Action ( Default: exit; Valid values: install | update | extract_components ) -action=install - -[AddHosts] - -# Auto Initialize Services ( Default: y ) -auto_initialize_services=y - -# Additional Hosts -addhosts= - -# Additional Local Host Roles ( Valid values: extended_storage_worker | extended_storage_standby | ets_worker | ets_standby | streaming | xs_worker | xs_standby ) -add_local_roles= - -# Automatically assign XS Advanced Runtime roles to the hosts with database roles (y/n) ( Default: y ) -autoadd_xs_roles=y - -# Import initial content of XS Advanced Runtime ( Default: y ) -import_xs_content=y - -[Client] - -# SAP HANA Database Client Installation Path ( Default: ${sapmnt}/${sid}/hdbclient ) -client_path=/hana/shared/${sid}/hdbclient - -[Studio] - -# SAP HANA Studio Installation Path ( Default: ${sapmnt}/${sid}/hdbstudio ) -studio_path=/hana/shared/${sid}/hdbstudio - -# Enables copying of SAP HANA Studio repository ( Default: y ) -studio_repository=n - -# Target path to which SAP HANA Studio repository should be copied -copy_repository= - -# Java Runtime ( Default: ) -vm= - -[Reference_Data] - -# Installation Path for Address Directories and Reference Data -reference_data_path= - -[XS_Advanced] - -# Install XS Advanced in the default tenant database? (y/n) ( Default: n ) -xs_use_default_tenant=n - -# XS Advanced App Working Path -xs_app_working_path= - -# Organization Name For Space "SAP" ( Default: orgname ) -org_name=orgname - -# XS Advanced Admin User ( Default: XSA_ADMIN ) -org_manager_user=XSA_ADMIN - -# XS Advanced Admin User Password -org_manager_password= - -# Customer Space Name ( Default: PROD ) -prod_space_name=PROD - -# Routing Mode ( Default: ports; Valid values: ports | hostnames ) -xs_routing_mode=ports - -# XS Advanced Domain Name (see SAP Note 2245631) -xs_domain_name= - -# Run Applications in SAP Space with Separate OS User (y/n) ( Default: y ) -xs_sap_space_isolation=y - -# Run Applications in Customer Space with Separate OS User (y/n) ( Default: y ) -xs_customer_space_isolation=y - -# XS Advanced SAP Space OS User ID -xs_sap_space_user_id= - -# XS Advanced Customer Space OS User ID -xs_customer_space_user_id= - -# XS Advanced Components -xs_components= - -# Do not start the selected XS Advanced components after installation ( Default: none ) -xs_components_nostart=none - -# XS Advanced Components Configurations -xs_components_cfg= - -# XS Advanced Certificate -xs_cert_pem= - -# XS Advanced Certificate Key -xs_cert_key= - -# XS Advanced Trust Certificate -xs_trust_pem= - -[lss] - -# Installation Path for Local Secure Store ( Default: /lss/shared ) -lss_inst_path=/lss/shared - -# Local Secure Store User Password -lss_user_password= - -# Local Secure Store User ID -lss_userid= - -# Local Secure Store User Group ID -lss_groupid= - -# Local Secure Store User Home Directory ( Default: /usr/sap/${sid}/lss/home ) -lss_user_home=/usr/sap/${sid}/lss/home - -# Local Secure Store User Login Shell ( Default: /bin/sh ) -lss_user_shell=/bin/sh - -# Local Secure Store Auto Backup Password -lss_backup_password= - -[streaming] - -# Streaming Cluster Manager Password -streaming_cluster_manager_password= - -# Location of Streaming logstores and runtime information ( Default: /hana/data_streaming/${sid} ) -basepath_streaming=/hana/data_streaming/${sid} - -[es] - -# Location of Dynamic Tiering Data Volumes ( Default: /hana/data_es/${sid} ) -es_datapath=/hana/data_es/${sid} - -# Location of Dynamic Tiering Log Volumes ( Default: /hana/log_es/${sid} ) -es_logpath=/hana/log_es/${sid} - -[ets] - -# Location of Data Volumes of the Accelerator for SAP ASE ( Default: /hana/data_ase/${sid} ) -ase_datapath=/hana/data_ase/${sid} - -# Location of Log Volumes of the Accelerator for SAP ASE ( Default: /hana/log_ase/${sid} ) -ase_logpath=/hana/log_ase/${sid} - -# SAP ASE Administrator User ( Default: sa ) -ase_user=sa - -# SAP ASE Administrator Password -ase_user_password= diff --git a/schematics/ansible/roles/saphanareq/defaults/main.yml b/schematics/ansible/roles/saphanareq/defaults/main.yml deleted file mode 100644 index 8b13789..0000000 --- a/schematics/ansible/roles/saphanareq/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ - diff --git a/schematics/ansible/roles/saphanareq/files/sap.conf b/schematics/ansible/roles/saphanareq/files/sap.conf deleted file mode 100644 index a8e66f1..0000000 --- a/schematics/ansible/roles/saphanareq/files/sap.conf +++ /dev/null @@ -1,9 +0,0 @@ -# systemd tmpfiles exclude file for SAP -# SAP software stores some important files -# in /tmp which should not be deleted -# Exclude SAP socket and lock files -x /tmp/.sap* -# Exclude HANA lock file -x /tmp/.hdb*lock -# Exclude TREX lock file -x /tmp/.trex*lock diff --git a/schematics/ansible/roles/saphanareq/filter_plugins/filesystemdata.py b/schematics/ansible/roles/saphanareq/filter_plugins/filesystemdata.py deleted file mode 100644 index 8e1d443..0000000 --- a/schematics/ansible/roles/saphanareq/filter_plugins/filesystemdata.py +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/python - -class FilterModule(object): - '''Data related to filesystems for HANA VM''' - - def filters(self): - return { - 'filesystemdata': self.filesystemdata - } - - def filesystemdata(self, data_list): - final_list = [] - data_map = data_list[0] - sid = data_list[1] - for k, v in data_map.items(): - key_to_check = 'lvm' - if key_to_check in v: - for m in v['lvm']['lv']: - temp_list = [] - fs_device = "/dev/" + sid + "_" + v['lvm']['vg']['vg_name'] + "/" + sid + "_" + m['lv_name'] - mp = None - fs_options = "" - label = "" - mount_source = fs_device - if m['lv_name'] == 'hana_data_lv': - label = "HANA_DATA" - elif m['lv_name'] == 'hana_log_lv': - label = "HANA_LOG" - elif m['lv_name'] == 'hana_shared_lv': - label = "HANA_SHARED" - else: - label = "" - if label != "": - fs_options = "-L " + label - mount_source = "LABEL=" + label - if "mount_point" in m.keys(): - mp = m['mount_point'] - fs_info = { "fs_device": fs_device, "fs_type": m['fs_type'], "mp": mp, "fs_options": fs_options, "mount_source": mount_source } - temp_list.append(fs_info) - final_list.append(temp_list) - else: - temp_list = [] - fs_device = v['device'][0] + "1" - fs_options = "" - label = "" - mount_source = fs_device - mp = None - if "mount_point" in v.keys(): - mp = v['mount_point'] - if mp == "/hana/data": - label = "HANA_DATA" - elif mp == "/hana/log": - label = "HANA_LOG" - elif mp == "/hana/shared": - label = "HANA_SHARED" - else: - label = "" - if label != "": - fs_options = "-L " + label - mount_source = "LABEL=" + label - fs_info = { "fs_device": fs_device, "fs_type": v['fs_type'], "mp": mp, "fs_options": fs_options, "mount_source": mount_source } - temp_list.append(fs_info) - final_list.append(temp_list) - return final_list diff --git a/schematics/ansible/roles/saphanareq/filter_plugins/lvmdata.py b/schematics/ansible/roles/saphanareq/filter_plugins/lvmdata.py deleted file mode 100644 index bedf950..0000000 --- a/schematics/ansible/roles/saphanareq/filter_plugins/lvmdata.py +++ /dev/null @@ -1,45 +0,0 @@ -#!/usr/bin/python - -class FilterModule(object): - '''Data related to LVM for HANA VM''' - - def filters(self): - return { - 'lvmdata': self.lvmdata - } - - def lvmdata(self, data_map): - final_list = [] - for k, v in data_map.items(): - key_to_check = 'lvm' - if key_to_check in v: - # In case the sum of the sizes of all LVs from the VG is lower than VG size - # and we don't want 'hana_data_lv' to be created as '100%FREE' - lv100free = True - total_lv_size = 0 - vgsize = 0 - for t in v['disk_size']: - vgsize += int(t) - lvminfo = v['lvm']['lv'] - for n in lvminfo: - total_lv_size += int(n['lv_size']) - if vgsize > total_lv_size: - lv100free = False - for m in v['lvm']['lv']: - temp_list = [] - lv_size = "" - # For HANA VMs, SWAP size is always 2 GB - # The volume group 'hana_vg' will always contain logical volume 'hana_data_lv' - if k == 'swap' or (k == 'hana_vg' and m['lv_name'] != 'hana_data_lv') or (lv100free == False and k == 'hana_vg' and m['lv_name'] == 'hana_data_lv'): - lv_size = m['lv_size'] + "G" - else: - lv_size = '100%FREE' - lvm_info = { "vg_name": v['lvm']['vg']['vg_name'], "lv_name": m['lv_name'], "lv_size": lv_size, "lv_stripes": m['lv_stripes'], "lv_stripe_size": m['lv_stripe_size'] } - temp_list.append(lvm_info) - final_list.append(temp_list) - for i in range(len(final_list)): - # LVM data 'hana_data_lv' should be last in array (in case it will be created in 'hana_vg') as we want 100%FREE as size - if final_list[i][0]['vg_name'] == 'hana_vg' and final_list[i][0]['lv_name'] == 'hana_data_lv': - final_list.append(final_list.pop(i)) - break - return final_list diff --git a/schematics/ansible/roles/saphanareq/filter_plugins/partitionlist.py b/schematics/ansible/roles/saphanareq/filter_plugins/partitionlist.py deleted file mode 100644 index dd8f7e1..0000000 --- a/schematics/ansible/roles/saphanareq/filter_plugins/partitionlist.py +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/python - -class FilterModule(object): - '''List of devices for partitions on HANA VM''' - - def filters(self): - return { - 'partitionlist': self.partitionlist - } - - def partitionlist(self, data_map): - final_list = [] - for k, v in data_map.items(): - key_to_check = 'lvm' - if key_to_check not in v: - final_list.append(v['device']) - return final_list diff --git a/schematics/ansible/roles/saphanareq/filter_plugins/storagedetails.py b/schematics/ansible/roles/saphanareq/filter_plugins/storagedetails.py deleted file mode 100644 index 4471592..0000000 --- a/schematics/ansible/roles/saphanareq/filter_plugins/storagedetails.py +++ /dev/null @@ -1,100 +0,0 @@ -#!/usr/bin/python - -import decimal -import re - -class FilterModule(object): - '''Storage details from profile containing also the devices for HANA VM''' - - def filters(self): - return { - 'storagedetails': self.storagedetails - } - - def storagedetails(self, data_list): - # data_list[0] - json file data - # data_list[1] - ansible_devices data - # data_list[2] - selected storage profile - json_file_data = data_list[0] - ansible_devices_data = data_list[1] - hana_profile = data_list[2] - - storage_profile_info = json_file_data['profiles'][hana_profile]['storage'] - - # Create a sorted list with all disks device keys available on the VM - pattern = 'dm-' - all_disk_device_keys = sorted([item for item in ansible_devices_data if re.match(pattern, item) == None]) - - # Get the number of the disks to be configured - necessary_disks_number = "" - count_disks = 0 - for k, v in storage_profile_info.items(): - count_disks += int(v['disk_count']) - necessary_disks_number = str(count_disks) - - # Get a list with the device keys for disks to be configured - N = int(necessary_disks_number) - disk_device_keys = all_disk_device_keys[-N:] - - # Get a list with the provisioned disk sizes corresponding to the device keys for disks to be configured - size_provisioned_disks = [] - for m, n in ansible_devices_data.items(): - if m in disk_device_keys and 'KB' not in n['size']: - size_provisioned_disks.append(n['size']) - - # Sort the list with provisioned disk sizes - size_provisioned_disks_sorted = sorted(size_provisioned_disks) - - # Get a list of disk sizes corresponding to the selected profile - size_profile_disks = [] - for k, v in storage_profile_info.items(): - display_size = "" - if int(v['disk_size']) >= 1024: - rounded_val = round(decimal.Decimal(int(v['disk_size']) / 1024), 2) - no_decimal_places = abs(rounded_val.as_tuple().exponent) - if no_decimal_places == 0: - display_size = str(rounded_val) + ".00 TB" - elif no_decimal_places == 1: - display_size = str(rounded_val) + "0 TB" - elif no_decimal_places == 2: - display_size = str(rounded_val) + " TB" - else: - display_size = v['disk_size'] + ".00 GB" - for t in range(int(v['disk_count'])): - size_profile_disks.append(display_size) - - # Sort the list with disk sizes from profile - size_profile_disks_sorted = sorted(size_profile_disks) - - # Get the missing disks - if (len(list(set(size_profile_disks_sorted) - set(size_provisioned_disks_sorted))) > 0) or (len(size_profile_disks_sorted) != len(size_provisioned_disks_sorted)): - msg = "The disks required for profile '" + hana_profile + "' are missing. The following disks sizes are required: " + str(size_profile_disks_sorted)[1:-1] + ". The following disk sizes were deployed: " + str(size_provisioned_disks_sorted)[1:-1] - return msg - else: - temp_list = [] - for k, v in storage_profile_info.items(): - new_list1 = [] - new_list2 = [] - display_size = "" - if int(v['disk_size']) >= 1024: - rounded_val = round(decimal.Decimal(int(v['disk_size']) / 1024), 2) - no_decimal_places = abs(rounded_val.as_tuple().exponent) - if no_decimal_places == 0: - display_size = str(rounded_val) + ".00 TB" - elif no_decimal_places == 1: - display_size = str(rounded_val) + "0 TB" - elif no_decimal_places == 2: - display_size = str(rounded_val) + " TB" - else: - display_size = v['disk_size'] + ".00 GB" - for t in range(int(v['disk_count'])): - new_list1.append(v['disk_size']) - for m, n in ansible_devices_data.items(): - if (n['size'] == display_size) and (m in disk_device_keys) and (m not in temp_list): - new_list2.append("/dev/" + m) - temp_list.append(m) - break - storage_profile_info[k]['disk_size'] = new_list1 - storage_profile_info[k]['device'] = new_list2 - final_storage = storage_profile_info - return final_storage diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/SELinux.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/SELinux.yml deleted file mode 100644 index 967003c..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/SELinux.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Disable SELinux - selinux: - state: disabled -... \ No newline at end of file diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/abrtd.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/abrtd.yml deleted file mode 100644 index a77e224..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/abrtd.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Get the list of services - service_facts: - -- name: Stop and disable abrtd - systemd: - name: abrtd - state: stopped - enabled: no - when: "'abrtd.service' in services" -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/filesystems.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/filesystems.yml deleted file mode 100644 index 2cf0a0a..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/filesystems.yml +++ /dev/null @@ -1,116 +0,0 @@ ---- -# Storage sizing -# https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc (Last updated 2022-01-28) -# https://cloud.ibm.com/docs/sap?topic=sap-storage-design-considerations#hana-iaas-mx2-16x128-32x256-configure (Last updated 2022-05-19) -# https://cloud.ibm.com/docs/sap?topic=sap-storage-design-considerations#hana-iaas-mx2-48x384-configure (Last updated 2022-05-19) -# SAP Notes: -# - 2779331 - HANA services use large SWAP memory (v5) - -- name: Check if the JSON file for SAP HANA storage configuration is available on Ansible controller - stat: - path: "{{ playbook_dir }}/hana_volume_layout.json" - register: json_storage_file_status - delegate_to: localhost - -- name: Fail if the JSON file is missing - fail: - msg: "The file {{ playbook_dir }}/hana_volume_layout.json is missing." - when: not json_storage_file_status.stat.exists - -- name: Get the JSON file content - shell: "cat {{ playbook_dir }}/hana_volume_layout.json" - register: result - changed_when: false - when: json_storage_file_status.stat.exists - delegate_to: localhost - -- name: Save the JSON data to a variable as a fact - set_fact: - jsondata: "{{ result.stdout | from_json }}" - -- name: Check if the chosen profile is certified for HANA VSIs - fail: - msg: "The chosen profile {{ hana_profile }} is not certified for HANA VSIs." - when: hana_profile not in jsondata.profiles.keys() - -- name: Detect the appropriate disks to be configured - set_fact: - final_storage: "{{ [jsondata, ansible_devices, hana_profile] | list | storagedetails }}" - -- name: Get the missing disks - fail: - msg: "{{ final_storage }}" - when: final_storage is not mapping - -- name: Create the volume groups - lvg: - vg: "{{ hana_sid | lower }}_{{ stg_details.value.lvm.vg.vg_name }}" - pvs: "{{ stg_details.value.device | join(',') }}" - pesize: "{{ stg_details.value.lvm.vg.pe_size_MB }}" - loop: "{{ final_storage | dict2items }}" - loop_control: - loop_var: stg_details - when: '"lvm" in stg_details.value.keys()' - -- name: Create the logical volumes - lvol: - vg: "{{ hana_sid|lower }}_{{ lvm_data[0]['vg_name'] }}" - lv: "{{ hana_sid|lower }}_{{ lvm_data[0]['lv_name'] }}" - size: "{{ lvm_data[0]['lv_size'] }}" - opts: "-i{{ lvm_data[0]['lv_stripes'] }} -I{{ lvm_data[0]['lv_stripe_size'] }}" - shrink: false - loop: "{{ final_storage | lvmdata }}" - loop_control: - loop_var: lvm_data - -- name: Create the partitions - parted: - device: "{{ part[0] }}" - number: 1 - label: gpt - state: present - loop: "{{ final_storage | partitionlist }}" - loop_control: - loop_var: part - -- name: Create the filesystems - filesystem: - fstype: "{{ fs_data[0]['fs_type'] }}" - dev: "{{ fs_data[0]['fs_device'] }}" - opts: "{{ fs_data[0]['fs_options'] }}" - loop: "{{ [final_storage, hana_sid | lower] | filesystemdata }}" - loop_control: - loop_var: fs_data - -- name: Mount the filesystems - mount: - path: "{{ mp_data[0]['mp'] }}" - src: "{{ mp_data[0]['mount_source'] }}" - fstype: "{{ mp_data[0]['fs_type'] }}" - state: mounted - loop: "{{ [final_storage, hana_sid | lower] | filesystemdata }}" - loop_control: - loop_var: mp_data - when: mp_data[0]['mp'] != None - -- name: Get SWAP LV name - set_fact: - swap_lv: "{{ swap_data[0]['fs_device'] }}" - loop: "{{ [final_storage, hana_sid | lower] | filesystemdata }}" - loop_control: - loop_var: swap_data - -- name: Check the current SWAP size - set_fact: - hana_vm_swap: "{{ ansible_swaptotal_mb }}" - -- name: Mount SWAP volume - command: "swapon -av {{ swap_lv }}" - when: hana_vm_swap == 0 - -- name: Add SWAP device to /etc/fstab - lineinfile: - path: /etc/fstab - regexp: "^{{ swap_lv }}" - line: "{{ swap_lv }} swap swap defaults 0 0" -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/firewalld.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/firewalld.yml deleted file mode 100644 index c627f7c..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/firewalld.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Get the list of services - service_facts: - -- name: Stop and disable firewalld - systemd: - name: firewalld - state: stopped - enabled: no - when: "'firewalld.service' in services" -... \ No newline at end of file diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/hostname.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/hostname.yml deleted file mode 100644 index 6dae370..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/hostname.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -#2718300 - Physical and Virtual hostname length limitations -- name: Get short hostname - command: hostname -s - register: hana_short_hostname - changed_when: False - -- name: Get FQDN - set_fact: - hana_host_fqdn: "{{ ansible_fqdn }}" - -- name: Check if hostname has 13 or less characters as per SAP requirement - fail: - msg: "Hostname {{ hana_short_hostname.stdout }} has more than 13 characters" - when: hana_short_hostname.stdout|length > 13 - -- name: Line to be added in /etc/hosts if FQDN is set - set_fact: - line_to_add: "{{ ansible_default_ipv4.address }} {{ hana_host_fqdn }} {{ hana_short_hostname.stdout }}" - when: hana_short_hostname.stdout != hana_host_fqdn - -- name: Line to be added in /etc/hosts if FQDN is not set - set_fact: - line_to_add: "{{ ansible_default_ipv4.address }} {{ hana_short_hostname.stdout }}" - when: hana_short_hostname.stdout == hana_host_fqdn - -- name: Enable hostname resolve to internal IP - lineinfile: - path: /etc/hosts - line: "{{ line_to_add }}" -... \ No newline at end of file diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml deleted file mode 100644 index 6e3dd62..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg - replace: - path: /etc/cloud/cloud.cfg - regexp: '(.*manage_etc_hosts.*)' - replace: '#\1' - -- name: Get short hostname - command: hostname -s - register: sap_short_hostname - changed_when: False - -#1054467 - Local host name refers to loopback address -- name: Disable default hostname resolve to loopback address - replace: - path: /etc/hosts - regexp: "^(?!{{ ansible_default_ipv4.address }}.*{{ sap_short_hostname.stdout }})(.*)({{ sap_short_hostname.stdout }}.*)" - replace: '\1' -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/kdump.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/kdump.yml deleted file mode 100644 index 3c55657..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/kdump.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Get the list of services - service_facts: - -- name: Stop and disable kdump - systemd: - name: kdump - state: stopped - enabled: no - when: "'kdump.service' in services" -... \ No newline at end of file diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml deleted file mode 100644 index f853794..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Set recommended kernel parameters for SAP HANA DB on RedHat 8 - sysctl: - sysctl_file: /etc/sysctl.d/sap.conf - name: "{{ kernel_param.name }}" - value: "{{ kernel_param.value }}" - sysctl_set: yes - state: present - reload: yes - loop: - - { name: vm.max_map_count, value: 2147483647 } - - { name: kernel.pid_max, value: 4194304 } - - { name: net.core.somaxconn, value: 4096 } - - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 } - - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 } - - { name: net.ipv4.tcp_syn_retries, value: 8 } - loop_control: - loop_var: kernel_param -... \ No newline at end of file diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml deleted file mode 100644 index 0789814..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Set recommended kernel parameters for SAP HANA DB on SLES 15 - sysctl: - sysctl_file: /etc/sysctl.d/sap.conf - name: "{{ kernel_param.name }}" - value: "{{ kernel_param.value }}" - sysctl_set: yes - state: present - reload: yes - loop: - - { name: net.core.somaxconn, value: 4096 } - - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 } - - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 } - loop_control: - loop_var: kernel_param -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/limits.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/limits.yml deleted file mode 100644 index 6dd0745..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/limits.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: Set nofile limit for sapsys group - pam_limits: - dest: /etc/security/limits.d/99-sap.conf - domain: "@sapsys" - limit_item: nofile - limit_type: "{{ ltype }}" - value: "1048576" - loop: - - soft - - hard - loop_control: - loop_var: ltype - -- name: Set nproc limit for sapsys group - pam_limits: - dest: /etc/security/limits.d/99-sap.conf - domain: "@sapsys" - limit_item: nproc - limit_type: "{{ ltype }}" - value: unlimited - loop: - - soft - - hard - loop_control: - loop_var: ltype - -- name: Set core limits - lineinfile: - path: /etc/security/limits.conf - line: "{{ corelimit }}" - loop: - - "* soft core 0" - - "* hard core 0" - loop_control: - loop_var: corelimit -... \ No newline at end of file diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/reboot.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/reboot.yml deleted file mode 100644 index 7287953..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/reboot.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Reboot target host - reboot: - connect_timeout: 5 - post_reboot_delay: 10 -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml deleted file mode 100644 index aacebff..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Wait for cloud init to finish - cloud_init_data_facts: - filter: status - register: res - until: "res.cloud_init_data_facts.status.v1.stage is defined and not res.cloud_init_data_facts.status.v1.stage" - retries: 60 - delay: 10 -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml deleted file mode 100644 index bb3ef8d..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Wait for SLES repo configurations - wait_for: - path: /etc/SUSEConnect -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkg.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkg.yml deleted file mode 100644 index 70cb42c..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkg.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Import required packages - package: - state: present - name: "{{ saphana_required_packages }}" -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml deleted file mode 100644 index 4a603e9..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Import requierd package groups - dnf: - state: present - name: "{{ saphana_required_package_groups }}" -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/saptune.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/saptune.yml deleted file mode 100644 index 6209cc9..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/saptune.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Start and enable saptune service - service: - name: saptune - state: started - enabled: yes - -- name: Check if HANA profile was already set - command: "saptune status" - register: hana_profile - changed_when: False - failed_when: hana_profile.rc != 0 and hana_profile.rc != 3 - -- name: Select HANA profile for saptune - command: /usr/sbin/saptune solution apply HANA - when: "'HANA' not in hana_profile.stdout" -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/symlinks.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/symlinks.yml deleted file mode 100644 index c7ed6e4..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/symlinks.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Create link to ssl lib - file: - src: /usr/lib64/libssl.so.10 - dest: /usr/lib64/libssl.so.1.0.1 - state: link - -- name: Create link to crypto lib - file: - src: /usr/lib64/libcrypto.so.10 - dest: /usr/lib64/libcrypto.so.1.0.1 - state: link -... \ No newline at end of file diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/tmpfiles.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/tmpfiles.yml deleted file mode 100644 index fa91c36..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/tmpfiles.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Configure tmpfiles exceptions - copy: - src: sap.conf - dest: /etc/tmpfiles.d/sap.conf - owner: root - group: root - mode: 0644 -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/tmpfs.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/tmpfs.yml deleted file mode 100644 index ef306ad..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/tmpfs.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -# TMPFS sizing -# SAP Notes: -# - 2772999 - Red Hat Enterprise Linux 8.x: Installation and Configuration (v22) -# - 941735 - SAP memory management system for 64-bit Linux systems (v11) - -- name: Get the RAM size - set_fact: - hana_ram_g: "{{ hana_profile.split('-')[1].split('x')[1] }}" - -- name: Set swap logical volume size for RAM higher than 8192 - set_fact: - swap_lv_size_g: "2" - -- name: Get the current tmpfs mount data - shell: set -o pipefail && df -h |grep tmpfs|grep shm| awk '{print $2}' - args: - executable: /bin/bash - register: tmpfs_crt_data - changed_when: false - when: swap_lv_size_g is defined - -- name: Compute tmpfs size - set_fact: - tmpfs_size_g: "{{ ((hana_ram_g | float + swap_lv_size_g | float) * 0.75) | round | int }}" - -- name: Current tmpfs size - set_fact: - crt_tmpfs_size_g: "{{ tmpfs_crt_data.stdout | regex_search('^[0-9]+') | float | round | int }}" - -- name: Difference between current size and expected one - set_fact: - difference_size: "{{ (crt_tmpfs_size_g | float - tmpfs_size_g | float) | abs }}" - -- name: Remount tmpfs - mount: - path: /dev/shm - src: tmpfs - fstype: tmpfs - opts: "size={{ tmpfs_size_g }}G,rw,nosuid,nodev 0 0" - state: remounted - when: difference_size | int > 1 - -- name: Add tmpfs device to /etc/fstab - lineinfile: - path: /etc/fstab - regexp: "^/dev/shm (.*)$" - line: "tmpfs /dev/shm tmpfs size={{ tmpfs_size_g }}G,rw,nosuid,nodev 0 0" -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/tuned.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/tuned.yml deleted file mode 100644 index 1c0ae8b..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/tuned.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Import tuned-profiles-sap-hana package - package: - state: present - name: tuned-profiles-sap-hana - -- name: Start and enable tuned service - service: - name: tuned - state: started - enabled: yes - -- name: Check if sap-hana profile was already activated - command: "tuned-adm active" - register: tuned_active - changed_when: False - -- name: Select sap-hana profile for tuned - command: /usr/sbin/tuned-adm profile sap-hana - when: "'sap_hana' not in tuned_active.stdout" -... \ No newline at end of file diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml deleted file mode 100644 index e38746c..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Configure default umask - replace: - path: "{{ file }}" - regexp: '(.*umask 077.*)' - replace: 'umask 022' - loop: - - /etc/profile - - /etc/bashrc - loop_control: - loop_var: file -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml deleted file mode 100644 index 438a784..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Configure default umask - replace: - path: /etc/login.defs - regexp: '(.*UMASK 027.*)' - replace: 'UMASK 022' -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml deleted file mode 100644 index 8b238d5..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Update all packages - yum: - name: '*' - state: latest -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml deleted file mode 100644 index a71f4c5..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Update all packages - zypper: - name: '*' - state: latest -... diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/uuidd.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/uuidd.yml deleted file mode 100644 index 4178e50..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/configurations/uuidd.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Configuring uuidd - systemd: - name: uuidd - state: started - enabled: yes -... diff --git a/schematics/ansible/roles/saphanareq/tasks/main.yml b/schematics/ansible/roles/saphanareq/tasks/main.yml deleted file mode 100644 index e521d44..0000000 --- a/schematics/ansible/roles/saphanareq/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Import OS distribution variables - include_vars: "{{ ansible_distribution }}{{ ansible_distribution_major_version }}.yml" - -- name: Make specific OS configurations as recommended by SAP for HANA DB - include_tasks: "configurations/{{ item }}.yml" - loop: "{{ saphana_required_configurations }}" -... diff --git a/schematics/ansible/roles/saphanareq/vars/RedHat8.yml b/schematics/ansible/roles/saphanareq/vars/RedHat8.yml deleted file mode 100644 index 1e4d31b..0000000 --- a/schematics/ansible/roles/saphanareq/vars/RedHat8.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -saphana_required_packages: - - cairo - - graphviz - - iptraf-ng - - lm_sensors - - net-tools - - uuidd - - libnsl - - tcsh - - psmisc - - nfs-utils - - bind-utils - - expect - - gtk2 - - krb5-workstation - - krb5-libs - - libaio - - libcanberra-gtk2 - - libibverbs - - libicu - - libssh2 - - libtool-ltdl - - numactl - - openssl - - PackageKit-gtk3-module - - rsyslog - - sudo - - xfsprogs - - xorg-x11-xauth - - compat-sap-c++-9 - - libatomic - - chrony - - lvm2 - - unzip - -saphana_required_configurations: - - "repository_RedHat" - - "update_RedHat8" - - "reqpkg" - - "hostname_fix_RedHat" - - "hostname" - - "umask_RHEL" - - "kernel_RedHat8" - - "reboot" - - "filesystems" - - "tmpfs" - - "tuned" - - "SELinux" - - "firewalld" - - "uuidd" - - "abrtd" - - "kdump" - - "limits" - - "tmpfiles" - - "reboot" -... diff --git a/schematics/ansible/roles/saphanareq/vars/SLES_SAP15.yml b/schematics/ansible/roles/saphanareq/vars/SLES_SAP15.yml deleted file mode 100644 index f6b78e2..0000000 --- a/schematics/ansible/roles/saphanareq/vars/SLES_SAP15.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -saphana_required_packages: - - lvm2 - - uuidd - -saphana_required_configurations: - - "repository_SLES" - - "update_SLES_SAP" - - "reqpkg" - - "umask_SLES" - - "hostname" - - "kernel_SLES_SAP15" - - "reboot" - - "filesystems" - - "limits" - - "tmpfiles" - - "uuidd" - - "saptune" - - "reboot" -... diff --git a/schematics/ansible/saps4app.yml b/schematics/ansible/saps4app.yml deleted file mode 100644 index 1e0f732..0000000 --- a/schematics/ansible/saps4app.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- hosts: all - gather_facts: yes - pre_tasks: - - name: Import playbook variables - include_vars: "saps4app-vars.yml" - roles: - - s4appreq - - s4appinst -... diff --git a/schematics/files/hana_volume_layout.json b/schematics/files/hana_volume_layout.json deleted file mode 100644 index 49f5612..0000000 --- a/schematics/files/hana_volume_layout.json +++ /dev/null @@ -1,1477 +0,0 @@ -{ - "profiles": { - "mx2-16x128": { - "storage": { - "hana_vg": { - "disk_size": "500", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "988", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - }, - { - "lv_name": "hana_log_lv", - "lv_size": "256", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - }, - { - "lv_name": "hana_shared_lv", - "lv_size": "256", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"], - "sap_business_one": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4"] - } - }, - "mx2-32x256": { - "storage": { - "hana_vg": { - "disk_size": "500", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "988", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - }, - { - "lv_name": "hana_log_lv", - "lv_size": "256", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - }, - { - "lv_name": "hana_shared_lv", - "lv_size": "256", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"], - "sap_business_one": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4"] - } - }, - "mx2-48x384": { - "storage": { - "hana_vg": { - "disk_size": "500", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "616", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - }, - { - "lv_name": "hana_shared_lv", - "lv_size": "384", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "log": { - "disk_size": "100", - "disk_count": "4", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "400", - "lv_stripes": "4", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"], - "sap_business_one": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4"] - } - }, - "vx2d-16x224": { - "storage": { - "hana_vg": { - "disk_size": "1120", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "672", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - }, - { - "lv_name": "hana_log_lv", - "lv_size": "224", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - }, - { - "lv_name": "hana_shared_lv", - "lv_size": "224", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "vx2d-44x616": { - "storage": { - "data": { - "disk_size": "1848", - "disk_count": "1", - "iops": "10iops-tier", - "fs_type": "xfs", - "mount_point": "/hana/data" - }, - "shared": { - "disk_size": "616", - "disk_count": "1", - "iops": "5iops-tier", - "fs_type": "xfs", - "mount_point": "/hana/shared" - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"], - "olap": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "vx2d-88x1232": { - "storage": { - "data": { - "disk_size": "3696", - "disk_count": "1", - "iops": "10iops-tier", - "fs_type": "xfs", - "mount_point": "/hana/data" - }, - "shared": { - "disk_size": "1232", - "disk_count": "1", - "iops": "5iops-tier", - "fs_type": "xfs", - "mount_point": "/hana/shared" - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"], - "olap": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "vx2d-144x2016": { - "storage": { - "data": { - "disk_size": "1024", - "disk_count": "4", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_data_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "4096", - "lv_stripes": "4", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - } - ] - } - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "shared": { - "disk_size": "2016", - "disk_count": "1", - "iops": "5iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_shared_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_shared_lv", - "lv_size": "2016", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"], - "olap": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "vx2d-176x2464": { - "storage": { - "data": { - "disk_size": "1280", - "disk_count": "4", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_data_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "5120", - "lv_stripes": "4", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - } - ] - } - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "shared": { - "disk_size": "2464", - "disk_count": "1", - "iops": "5iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_shared_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_shared_lv", - "lv_size": "2464", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"], - "olap": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "ux2d-8x224": { - "storage": { - "hana_vg": { - "disk_size": "1120", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "672", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - }, - { - "lv_name": "hana_log_lv", - "lv_size": "224", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - }, - { - "lv_name": "hana_shared_lv", - "lv_size": "224", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "ux2d-16x448": { - "storage": { - "hana_vg": { - "disk_size": "2240", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "1344", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - }, - { - "lv_name": "hana_log_lv", - "lv_size": "448", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - }, - { - "lv_name": "hana_shared_lv", - "lv_size": "448", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "ux2d-36x1008": { - "storage": { - "data": { - "disk_size": "1008", - "disk_count": "2", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_data_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "2016", - "lv_stripes": "2", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - } - ] - } - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "shared": { - "disk_size": "1008", - "disk_count": "1", - "iops": "5iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_shared_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_shared_lv", - "lv_size": "1008", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "ux2d-48x1344": { - "storage": { - "data": { - "disk_size": "1350", - "disk_count": "2", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_data_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "2700", - "lv_stripes": "2", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - } - ] - } - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "shared": { - "disk_size": "1344", - "disk_count": "1", - "iops": "5iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_shared_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_shared_lv", - "lv_size": "1344", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "ux2d-72x2016": { - "storage": { - "data": { - "disk_size": "1024", - "disk_count": "4", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_data_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "4096", - "lv_stripes": "4", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - } - ] - } - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "shared": { - "disk_size": "2016", - "disk_count": "1", - "iops": "5iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_shared_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_shared_lv", - "lv_size": "2016", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "ux2d-100x2800": { - "storage": { - "data": { - "disk_size": "2100", - "disk_count": "4", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_data_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "8400", - "lv_stripes": "4", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - } - ] - } - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "shared": { - "disk_size": "2800", - "disk_count": "1", - "iops": "5iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_shared_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_shared_lv", - "lv_size": "2800", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - }, - "ux2d-200x5600": { - "storage": { - "data": { - "disk_size": "4200", - "disk_count": "4", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_data_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_data_lv", - "lv_size": "16800", - "lv_stripes": "4", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/data" - } - ] - } - }, - "log": { - "disk_size": "192", - "disk_count": "3", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_log_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_log_lv", - "lv_size": "576", - "lv_stripes": "3", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/log" - } - ] - } - }, - "shared": { - "disk_size": "5600", - "disk_count": "1", - "iops": "5iops-tier", - "lvm": { - "vg": { - "vg_name": "hana_shared_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "hana_shared_lv", - "lv_size": "5600", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/hana/shared" - } - ] - } - }, - "usr_sap": { - "disk_size": "50", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "usr_sap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "usr_sap_lv", - "lv_size": "50", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "xfs", - "mount_point": "/usr/sap" - } - ] - } - }, - "swap": { - "disk_size": "10", - "disk_count": "1", - "iops": "10iops-tier", - "lvm": { - "vg": { - "vg_name": "swap_vg", - "pe_size_MB": "32" - }, - "lv": [ - { - "lv_name": "swap_lv", - "lv_size": "2", - "lv_stripes": "1", - "lv_stripe_size": "64", - "fs_type": "swap" - } - ] - } - } - }, - "processing_type": { - "oltp": ["sles-12-4", "sles-12-5", "sles-15-1", "sles-15-2", "sles-15-3", "sles-15-4", "redhat-7-6", "redhat-7-9", "redhat-8-1", "redhat-8-2", "redhat-8-4", "redhat-8-6"] - } - } - } - } \ No newline at end of file diff --git a/schematics/generate-sap-paths.tf b/schematics/generate-sap-paths.tf deleted file mode 100644 index a2aa6e0..0000000 --- a/schematics/generate-sap-paths.tf +++ /dev/null @@ -1,16 +0,0 @@ -# List SAP PATHS -resource "local_file" "KIT_SAP_PATHS" { - content = <<-DOC -${var.kit_saphana_file} -${var.kit_sapcar_file} -${var.kit_swpm_file} -${var.kit_sapexe_file} -${var.kit_sapexedb_file} -${var.kit_igsexe_file} -${var.kit_igshelper_file} -${var.kit_saphotagent_file} -${var.kit_hdbclient_file} -${var.kit_s4hana_export}/* - DOC - filename = "modules/precheck-ssh-exec/sap-paths-${var.DB-HOSTNAME}" -} diff --git a/schematics/integration-app.tf b/schematics/integration-app.tf deleted file mode 100644 index b5e05ce..0000000 --- a/schematics/integration-app.tf +++ /dev/null @@ -1,37 +0,0 @@ -# Export Terraform variable values to an Ansible var_file -resource "local_file" "app_ansible_saps4app-vars" { - depends_on = [ module.db-vsi ] - content = <<-DOC ---- -#Ansible vars_file containing variable values passed from Terraform. -#Generated by "terraform plan&apply" command. - -#SAP system configuration -sap_sid: "${var.sap_sid}" -app_profile: "${var.APP-PROFILE}" -sap_ascs_instance_number: "${var.sap_ascs_instance_number}" -sap_ci_instance_number: "${var.sap_ci_instance_number}" -sap_main_password: "${var.sap_main_password}" - -#HANA config -hdb_host: "${module.db-vsi.PRIVATE-IP}" -hdb_sid: "${var.hana_sid}" -hdb_instance_number: "${var.hana_sysno}" -hdb_main_password: "${var.hana_main_password}" -# Number of concurrent jobs used to load and/or extract archives to HANA Host -hdb_concurrent_jobs: "${var.hdb_concurrent_jobs}" - -#SAP S4HANA APP Installation kit path -kit_sapcar_file: "${var.kit_sapcar_file}" -kit_swpm_file: "${var.kit_swpm_file}" -kit_sapexe_file: "${var.kit_sapexe_file}" -kit_sapexedb_file: "${var.kit_sapexedb_file}" -kit_igsexe_file: "${var.kit_igsexe_file}" -kit_igshelper_file: "${var.kit_igshelper_file}" -kit_saphotagent_file: "${var.kit_saphotagent_file}" -kit_hdbclient_file: "${var.kit_hdbclient_file}" -kit_s4hana_export: "${var.kit_s4hana_export}" -... - DOC - filename = "ansible/saps4app-vars.yml" -} diff --git a/schematics/integration-db.tf b/schematics/integration-db.tf deleted file mode 100644 index 4e04bea..0000000 --- a/schematics/integration-db.tf +++ /dev/null @@ -1,29 +0,0 @@ -# Export Terraform variable values to an Ansible var_file -resource "local_file" "db_ansible_saphana-vars" { - depends_on = [ module.db-vsi ] - content = <<-DOC ---- -# Ansible vars_file containing variable values passed from Terraform. -# Generated by "terraform plan&apply" command. -hana_profile: "${var.DB-PROFILE}" - -# HANA DB configuration -hana_sid: "${var.hana_sid}" -hana_sysno: "${var.hana_sysno}" -hana_main_password: "${var.hana_main_password}" -hana_system_usage: "${var.hana_system_usage}" -hana_components: "${var.hana_components}" - -# SAP HANA Installation kit path -kit_saphana_file: "${var.kit_saphana_file}" -... - DOC - filename = "ansible/saphana-vars.yml" -} - -# Export Terraform variable values to an Ansible var_file -resource "local_file" "tf_ansible_hana_storage_generated_file" { - depends_on = [ module.db-vsi ] - source = "files/hana_volume_layout.json" - filename = "ansible/hana_volume_layout.json" -} diff --git a/schematics/main.tf b/schematics/main.tf deleted file mode 100644 index d9c5fe2..0000000 --- a/schematics/main.tf +++ /dev/null @@ -1,69 +0,0 @@ -module "pre-init" { - source = "./modules/pre-init" -} - -module "precheck-ssh-exec" { - source = "./modules/precheck-ssh-exec" - depends_on = [ module.pre-init ] - BASTION_FLOATING_IP = var.BASTION_FLOATING_IP - private_ssh_key = var.private_ssh_key - HOSTNAME = var.DB-HOSTNAME - SECURITY_GROUP = var.SECURITY_GROUP -} - -module "vpc-subnet" { - source = "./modules/vpc/subnet" - depends_on = [ module.precheck-ssh-exec ] - ZONE = var.ZONE - VPC = var.VPC - SECURITY_GROUP = var.SECURITY_GROUP - SUBNET = var.SUBNET -} - -module "db-vsi" { - source = "./modules/db-vsi" - depends_on = [ module.precheck-ssh-exec ] - ZONE = var.ZONE - VPC = var.VPC - SECURITY_GROUP = var.SECURITY_GROUP - SUBNET = var.SUBNET - HOSTNAME = var.DB-HOSTNAME - PROFILE = var.DB-PROFILE - IMAGE = var.DB-IMAGE - RESOURCE_GROUP = var.RESOURCE_GROUP - SSH_KEYS = var.SSH_KEYS -} - -module "app-vsi" { - source = "./modules/app-vsi" - depends_on = [ module.db-vsi ] - ZONE = var.ZONE - VPC = var.VPC - SECURITY_GROUP = var.SECURITY_GROUP - SUBNET = var.SUBNET - HOSTNAME = var.APP-HOSTNAME - PROFILE = var.APP-PROFILE - IMAGE = var.APP-IMAGE - RESOURCE_GROUP = var.RESOURCE_GROUP - SSH_KEYS = var.SSH_KEYS - VOLUME_SIZES = [ "40" , "128" ] - VOL_PROFILE = "10iops-tier" -} - -module "db-ansible-exec" { - source = "./modules/ansible-exec" - depends_on = [ module.db-vsi , local_file.db_ansible_saphana-vars, local_file.tf_ansible_hana_storage_generated_file ] - IP = module.db-vsi.PRIVATE-IP - PLAYBOOK = "saphana.yml" - BASTION_FLOATING_IP = var.BASTION_FLOATING_IP - private_ssh_key = var.private_ssh_key -} - -module "app-ansible-exec" { - source = "./modules/ansible-exec" - depends_on = [ module.db-ansible-exec , module.app-vsi , local_file.app_ansible_saps4app-vars ] - IP = module.app-vsi.PRIVATE-IP - PLAYBOOK = "saps4app.yml" - BASTION_FLOATING_IP = var.BASTION_FLOATING_IP - private_ssh_key = var.private_ssh_key -} diff --git a/schematics/modules/ansible-exec/error.sh b/schematics/modules/ansible-exec/error.sh deleted file mode 100644 index 77d6dc1..0000000 --- a/schematics/modules/ansible-exec/error.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -while [ `cat /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log | egrep -i "failed\=[^0]|unreachable\=[^0]" | wc -l` -ge 1 ] -do - echo -e "Ansible deployment ERROR: \n `cat /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log | egrep -i "failed\=[^0]|unreachable\=[^0]"` \n `tail -3 /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log`";sleep 5 - -done diff --git a/schematics/modules/ansible-exec/remote-exec.tf b/schematics/modules/ansible-exec/remote-exec.tf deleted file mode 100644 index ac02e61..0000000 --- a/schematics/modules/ansible-exec/remote-exec.tf +++ /dev/null @@ -1,114 +0,0 @@ -resource "null_resource" "ansible-exec" { - - connection { - type = "ssh" - user = "root" - host = var.BASTION_FLOATING_IP - private_key = var.private_ssh_key - timeout = "2m" - } - - provisioner "file" { - source = "ansible" - destination = "/tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}" - } - - provisioner "file" { - source = "modules/ansible-exec/check.ansible.sh" - destination = "/tmp/${var.IP}.check.ansible.sh" - } - - provisioner "remote-exec" { - inline = [ - "chmod +x /tmp/${var.IP}.check.ansible.sh", - ] - } - - provisioner "file" { - source = "modules/ansible-exec/while.sh" - destination = "/tmp/${var.IP}.while.sh" - } - - provisioner "remote-exec" { - inline = [ - "chmod +x /tmp/${var.IP}.while.sh", - ] - } - - provisioner "file" { - source = "modules/ansible-exec/error.sh" - destination = "/tmp/${var.IP}.error.sh" - } - - provisioner "remote-exec" { - inline = [ - "chmod +x /tmp/${var.IP}.error.sh", - ] - } - - provisioner "local-exec" { - command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'nohup ansible-playbook --private-key /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/id_rsa -i ${var.IP}, /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/${var.PLAYBOOK} > /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/ansible.${var.IP}.log 2>&1 &'" - } - -} - -resource "null_resource" "check-ansible" { - - depends_on = [ null_resource.ansible-exec ] - - provisioner "local-exec" { - command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout 10m /tmp/${var.IP}.check.ansible.sh'" - on_failure = continue - } - -} - -resource "null_resource" "ansible-logs" { - - depends_on = [ null_resource.check-ansible ] - - provisioner "local-exec" { - command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout 55m /tmp/${var.IP}.while.sh'" - on_failure = continue - } - -} - -resource "null_resource" "ansible-logs1" { - - depends_on = [ null_resource.ansible-logs ] - - provisioner "local-exec" { - command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout 55m /tmp/${var.IP}.while.sh'" - on_failure = continue - } - -} - -resource "null_resource" "ansible-errors" { - - depends_on = [ null_resource.ansible-logs1 ] - - provisioner "local-exec" { - command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout 5s /tmp/${var.IP}.error.sh'" - on_failure = fail - } - -} - -resource "null_resource" "ansible-delete-sensitive-data" { - - depends_on = [ null_resource.ansible-logs1 ] - - connection { - type = "ssh" - user = "root" - host = var.BASTION_FLOATING_IP - private_key = var.private_ssh_key - timeout = "1m" - } - - provisioner "remote-exec" { - inline = [ "rm -rf /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}" ] - } -} diff --git a/schematics/modules/app-vsi/output.tf b/schematics/modules/app-vsi/output.tf deleted file mode 100644 index e7c172e..0000000 --- a/schematics/modules/app-vsi/output.tf +++ /dev/null @@ -1,7 +0,0 @@ -output "HOSTNAME" { - value = ibm_is_instance.vsi.name -} - -output "PRIVATE-IP" { - value = ibm_is_instance.vsi.primary_network_interface.0.primary_ip.0.address -} diff --git a/schematics/modules/app-vsi/volume.tf b/schematics/modules/app-vsi/volume.tf deleted file mode 100644 index 07cf897..0000000 --- a/schematics/modules/app-vsi/volume.tf +++ /dev/null @@ -1,9 +0,0 @@ -resource "ibm_is_volume" "vol" { - -count = length( var.VOLUME_SIZES ) - name = "${var.HOSTNAME}-vol${count.index}" - zone = var.ZONE - resource_group = data.ibm_resource_group.group.id - capacity = var.VOLUME_SIZES[count.index] - profile = var.VOL_PROFILE -} diff --git a/schematics/modules/app-vsi/vsi.tf b/schematics/modules/app-vsi/vsi.tf deleted file mode 100644 index d9f3ce8..0000000 --- a/schematics/modules/app-vsi/vsi.tf +++ /dev/null @@ -1,35 +0,0 @@ -data "ibm_is_vpc" "vpc" { - name = var.VPC -} - -data "ibm_is_security_group" "securitygroup" { - name = var.SECURITY_GROUP -} - -data "ibm_is_subnet" "subnet" { - name = var.SUBNET -} - -data "ibm_is_image" "image" { - name = var.IMAGE -} - -data "ibm_resource_group" "group" { - name = var.RESOURCE_GROUP -} - -resource "ibm_is_instance" "vsi" { - vpc = data.ibm_is_vpc.vpc.id - zone = var.ZONE - resource_group = data.ibm_resource_group.group.id - keys = var.SSH_KEYS - name = var.HOSTNAME - profile = var.PROFILE - image = data.ibm_is_image.image.id - - primary_network_interface { - subnet = data.ibm_is_subnet.subnet.id - security_groups = [data.ibm_is_security_group.securitygroup.id] - } - volumes = ibm_is_volume.vol[*].id -} diff --git a/schematics/modules/db-vsi/output.tf b/schematics/modules/db-vsi/output.tf deleted file mode 100644 index 35b7dec..0000000 --- a/schematics/modules/db-vsi/output.tf +++ /dev/null @@ -1,11 +0,0 @@ -output "HOSTNAME" { - value = ibm_is_instance.vsi.name -} - -output "PRIVATE-IP" { - value = ibm_is_instance.vsi.primary_network_interface.0.primary_ip.0.address -} - -output "STORAGE-LAYOUT" { - value = local.DISPLAY_CRT_STORAGE -} diff --git a/schematics/modules/db-vsi/versions.tf b/schematics/modules/db-vsi/versions.tf deleted file mode 100644 index 50e1183..0000000 --- a/schematics/modules/db-vsi/versions.tf +++ /dev/null @@ -1,10 +0,0 @@ -terraform { - required_providers { - ibm = { - source = "IBM-Cloud/ibm" - version = ">= 1.41.1" - } - } - required_version = ">= 1.3.6" -} - diff --git a/schematics/modules/db-vsi/volume.tf b/schematics/modules/db-vsi/volume.tf deleted file mode 100644 index d2d0d55..0000000 --- a/schematics/modules/db-vsi/volume.tf +++ /dev/null @@ -1,8 +0,0 @@ -resource "ibm_is_volume" "vol" { - count = length( local.VOLUME_SIZES ) > 0 && length( local.VOLUME_SIZES ) == length( local.VOL_PROFILE ) ? length( local.VOLUME_SIZES ) : 0 - name = "${var.HOSTNAME}-vol${count.index}" - zone = var.ZONE - resource_group = data.ibm_resource_group.group.id - capacity = local.VOLUME_SIZES[count.index] - profile = local.VOL_PROFILE[count.index] -} diff --git a/schematics/modules/db-vsi/vsi.tf b/schematics/modules/db-vsi/vsi.tf deleted file mode 100644 index e568c75..0000000 --- a/schematics/modules/db-vsi/vsi.tf +++ /dev/null @@ -1,43 +0,0 @@ -data "ibm_is_vpc" "vpc" { - name = var.VPC -} - -data "ibm_is_security_group" "securitygroup" { - name = var.SECURITY_GROUP -} - -data "ibm_is_subnet" "subnet" { - name = var.SUBNET -} - -data "ibm_is_image" "image" { - name = var.IMAGE -} - -data "ibm_resource_group" "group" { - name = var.RESOURCE_GROUP -} - -resource "ibm_is_instance" "vsi" { - vpc = data.ibm_is_vpc.vpc.id - zone = var.ZONE - resource_group = data.ibm_resource_group.group.id - keys = var.SSH_KEYS - name = var.HOSTNAME - profile = var.PROFILE - image = data.ibm_is_image.image.id - - primary_network_interface { - subnet = data.ibm_is_subnet.subnet.id - security_groups = [data.ibm_is_security_group.securitygroup.id] - } - volumes = ibm_is_volume.vol[*].id - - lifecycle { - precondition { - condition = local.PROCESSING_TYPE_FOUND == true && local.OS_TYPE_FOUND == true - error_message = "The chosen storage PROFILE for HANA VSI \"${var.PROFILE}\" is not a certified storage profile for the selected OS IMAGE: \"${var.IMAGE}\". Please, chose the appropriate certified storage PROFILE for the HANA VSI from https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc . Make sure the selected PROFILE is certified for the selected OS type and for the proceesing type (SAP Business One, OLTP, OLAP)" - # error_message = "The chosen storage PROFILE for HANA VSI \"${var.PROFILE}\" is not a certified storage profile for processing type: \"${upper(local.HANA_PROCESSING_TYPE)}\" or for the selected OS IMAGE: \"${var.IMAGE}\". Please, chose the appropriate certified storage PROFILE for the HANA VSI from https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc . Make sure the selected PROFILE is certified for the selected OS type and for the proceesing type (SAP Business One, OLTP, OLAP)" - } - } -} diff --git a/schematics/modules/pre-init/versions.tf b/schematics/modules/pre-init/versions.tf deleted file mode 100644 index 50e1183..0000000 --- a/schematics/modules/pre-init/versions.tf +++ /dev/null @@ -1,10 +0,0 @@ -terraform { - required_providers { - ibm = { - source = "IBM-Cloud/ibm" - version = ">= 1.41.1" - } - } - required_version = ">= 1.3.6" -} - diff --git a/schematics/modules/precheck-ssh-exec/versions.tf b/schematics/modules/precheck-ssh-exec/versions.tf deleted file mode 100644 index 50e1183..0000000 --- a/schematics/modules/precheck-ssh-exec/versions.tf +++ /dev/null @@ -1,10 +0,0 @@ -terraform { - required_providers { - ibm = { - source = "IBM-Cloud/ibm" - version = ">= 1.41.1" - } - } - required_version = ">= 1.3.6" -} - diff --git a/schematics/modules/vpc/subnet/subnet.tf b/schematics/modules/vpc/subnet/subnet.tf deleted file mode 100644 index c63efad..0000000 --- a/schematics/modules/vpc/subnet/subnet.tf +++ /dev/null @@ -1,11 +0,0 @@ -data "ibm_is_vpc" "vpc" { - name = var.VPC -} - -data "ibm_is_subnet" "subnet" { - name = var.SUBNET -} - -data "ibm_is_security_group" "securitygroup" { - name = var.SECURITY_GROUP -} diff --git a/schematics/modules/vpc/subnet/variables.tf b/schematics/modules/vpc/subnet/variables.tf deleted file mode 100644 index 9cdb92b..0000000 --- a/schematics/modules/vpc/subnet/variables.tf +++ /dev/null @@ -1,19 +0,0 @@ -variable "ZONE" { - type = string - description = "Cloud Zone" -} - -variable "VPC" { - type = string - description = "VPC name" -} - -variable "SUBNET" { - type = string - description = "Subnet name" -} - -variable "SECURITY_GROUP" { - type = string - description = "Security group name" -} diff --git a/schematics/modules/vpc/subnet/versions.tf b/schematics/modules/vpc/subnet/versions.tf deleted file mode 100644 index 50e1183..0000000 --- a/schematics/modules/vpc/subnet/versions.tf +++ /dev/null @@ -1,10 +0,0 @@ -terraform { - required_providers { - ibm = { - source = "IBM-Cloud/ibm" - version = ">= 1.41.1" - } - } - required_version = ">= 1.3.6" -} - diff --git a/schematics/provider.tf b/schematics/provider.tf deleted file mode 100644 index 44e93a6..0000000 --- a/schematics/provider.tf +++ /dev/null @@ -1,13 +0,0 @@ -variable "ibmcloud_api_key" { - description = "IBM Cloud API key" - sensitive = true - validation { - condition = length(var.ibmcloud_api_key) > 43 #&& substr(var.ibmcloud_api_key, 14, 15) == "-" - error_message = "The ibmcloud_api_key value must be a valid IBM Cloud API key." - } -} - -provider "ibm" { - ibmcloud_api_key = var.ibmcloud_api_key - region = var.REGION -} diff --git a/schematics/variables.tf b/schematics/variables.tf deleted file mode 100644 index 8bdaf18..0000000 --- a/schematics/variables.tf +++ /dev/null @@ -1,283 +0,0 @@ -variable "private_ssh_key" { - type = string - description = "Input id_rsa private key content" -} - -variable "SSH_KEYS" { - type = list(string) - description = "SSH Keys ID list to access the VSI" - validation { - condition = var.SSH_KEYS == [] ? false : true && var.SSH_KEYS == [""] ? false : true - error_message = "At least one SSH KEY is needed to be able to access the VSI." - } -} - -variable "BASTION_FLOATING_IP" { - type = string - description = "Input the FLOATING IP from the Bastion Server" -} - -variable "RESOURCE_GROUP" { - type = string - description = "EXISTING Resource Group for VSIs and Volumes" - default = "Default" -} - -variable "REGION" { - type = string - description = "Cloud Region" - validation { - condition = contains(["eu-de", "eu-gb", "us-south", "us-east"], var.REGION ) - error_message = "The REGION must be one of: eu-de, eu-gb, us-south, us-east." - } -} - -variable "ZONE" { - type = string - description = "Cloud Zone" - validation { - condition = length(regexall("^(eu-de|eu-gb|us-south|us-east)-(1|2|3)$", var.ZONE)) > 0 - error_message = "The ZONE is not valid." - } -} - -variable "VPC" { - type = string - description = "EXISTING VPC name" - validation { - condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.VPC)) > 0 - error_message = "The VPC name is not valid." - } -} - -variable "SUBNET" { - type = string - description = "EXISTING Subnet name" - validation { - condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.SUBNET)) > 0 - error_message = "The SUBNET name is not valid." - } -} - -variable "SECURITY_GROUP" { - type = string - description = "EXISTING Security group name" - validation { - condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.SECURITY_GROUP)) > 0 - error_message = "The SECURITY_GROUP name is not valid." - } -} - -variable "DB-HOSTNAME" { - type = string - description = "DB VSI Hostname" - validation { - condition = length(var.DB-HOSTNAME) <= 13 && length(regexall("^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$", var.DB-HOSTNAME)) > 0 - error_message = "The DB-HOSTNAME is not valid." - } -} - -variable "DB-PROFILE" { - type = string - description = "DB VSI Profile. The certified profiles for SAP HANA in IBM VPC: https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc" - default = "mx2-16x128" - validation { - condition = contains(keys(jsondecode(file("files/hana_volume_layout.json")).profiles), "${var.DB-PROFILE}") - error_message = "The chosen storage PROFILE for HANA VSI \"${var.DB-PROFILE}\" is not a certified storage profile. Please, chose the appropriate certified storage PROFILE for the HANA VSI from https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc . Make sure the selected PROFILE is certified for the selected OS type and for the proceesing type (SAP Business One, OLTP, OLAP)" - } -} - -variable "DB-IMAGE" { - type = string - description = "DB VSI OS Image" - default = "ibm-redhat-8-6-amd64-sap-hana-2" - validation { - condition = length(regexall("^(ibm-redhat-8-(4|6)-amd64-sap-hana|ibm-sles-15-(3|4)-amd64-sap-hana)-[0-9][0-9]*", var.DB-IMAGE)) > 0 - error_message = "The OS SAP DB-IMAGE must be one of \"ibm-sles-15-3-amd64-sap-hana-x\", \"ibm-sles-15-4-amd64-sap-hana-x\", \"ibm-redhat-8-4-amd64-sap-hana-2\" or \"ibm-redhat-8-6-amd64-sap-hana-x\"." - } -} - -variable "APP-HOSTNAME" { - type = string - description = "APP VSI Hostname" - validation { - condition = length(var.APP-HOSTNAME) <= 13 && length(regexall("^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$", var.APP-HOSTNAME)) > 0 - error_message = "The APP-HOSTNAME is not valid." - } -} - -variable "APP-PROFILE" { - type = string - description = "VSI Profile" - default = "bx2-4x16" -} - -variable "APP-IMAGE" { - type = string - description = "VSI OS Image" - default = "ibm-redhat-8-6-amd64-sap-applications-2" - validation { - condition = length(regexall("^(ibm-redhat-8-(4|6)-amd64-sap-applications|ibm-sles-15-(3|4)-amd64-sap-applications)-[0-9][0-9]*", var.APP-IMAGE)) > 0 - error_message = "The OS SAP DB-IMAGE must be one of \"ibm-sles-15-3-amd64-sap-applications-x\", \"ibm-sles-15-4-amd64-sap-applications-x\", \"ibm-redhat-8-4-amd64-sap-applications-2\" or \"ibm-redhat-8-6-amd64-sap-applications-x\"." - } -} - -variable "hana_sid" { - type = string - description = "hana_sid" - default = "HDB" - validation { - condition = length(regexall("^[a-zA-Z][a-zA-Z0-9][a-zA-Z0-9]$", var.hana_sid)) > 0 - error_message = "The hana_sid is not valid." - } -} - -variable "hana_sysno" { - type = string - description = "hana_sysno" - default = "00" - validation { - condition = var.hana_sysno >= 0 && var.hana_sysno <=97 - error_message = "The hana_sysno is not valid." - } -} - -variable "hana_main_password" { - type = string - sensitive = true - description = "hana_main_password" - validation { - condition = length(regexall("^(.{0,7}|.{15,}|[^0-9a-zA-Z]*)$", var.hana_main_password)) == 0 && length(regexall("^[^0-9_][0-9a-zA-Z!@#$_]+$", var.hana_main_password)) > 0 - error_message = "The hana_main_password is not valid." - } -} - -variable "hana_system_usage" { - type = string - description = "hana_system_usage" - default = "custom" - validation { - condition = contains(["production", "test", "development", "custom" ], var.hana_system_usage ) - error_message = "The hana_system_usage must be one of: production, test, development, custom." - } -} - -variable "hana_components" { - type = string - description = "hana_components" - default = "server" - validation { - condition = contains(["all", "client", "es", "ets", "lcapps", "server", "smartda", "streaming", "rdsync", "xs", "studio", "afl", "sca", "sop", "eml", "rme", "rtl", "trp" ], var.hana_components ) - error_message = "The hana_components must be one of: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp." - } -} - -variable "kit_saphana_file" { - type = string - description = "kit_saphana_file" - default = "/storage/HANADB/51055299.ZIP" -} - -variable "sap_sid" { - type = string - description = "sap_sid" - default = "S4A" - validation { - condition = length(regexall("^[a-zA-Z][a-zA-Z0-9][a-zA-Z0-9]$", var.sap_sid)) > 0 - error_message = "The sap_sid is not valid." - } -} - -variable "sap_ascs_instance_number" { - type = string - description = "sap_ascs_instance_number" - default = "01" - validation { - condition = var.sap_ascs_instance_number >= 0 && var.sap_ascs_instance_number <=97 - error_message = "The sap_ascs_instance_number is not valid." - } -} - -variable "sap_ci_instance_number" { - type = string - description = "sap_ci_instance_number" - default = "00" - validation { - condition = var.sap_ci_instance_number >= 0 && var.sap_ci_instance_number <=97 - error_message = "The sap_ci_instance_number is not valid." - } -} - -variable "sap_main_password" { - type = string - sensitive = true - description = "sap_main_password" - validation { - condition = length(regexall("^(.{0,9}|.{15,}|[^0-9]*)$", var.sap_main_password)) == 0 && length(regexall("^[^0-9_][0-9a-zA-Z@#$_]+$", var.sap_main_password)) > 0 - error_message = "The sap_main_password is not valid." - } -} - -variable "hdb_concurrent_jobs" { - type = string - description = "hdb_concurrent_jobs" - default = "23" - validation { - condition = var.hdb_concurrent_jobs >= 1 && var.hdb_concurrent_jobs <=25 - error_message = "The hdb_concurrent_jobs is not valid." - } -} - -variable "kit_sapcar_file" { - type = string - description = "kit_sapcar_file" - default = "/storage/S4HANA/SAPCAR_1010-70006178.EXE" -} - -variable "kit_swpm_file" { - type = string - description = "kit_swpm_file" - default = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR" -} - -variable "kit_sapexe_file" { - type = string - description = "kit_sapexe_file" - default = "/storage/S4HANA/SAPEXE_100-70005283.SAR" -} - -variable "kit_sapexedb_file" { - type = string - description = "kit_sapexedb_file" - default = "/storage/S4HANA/SAPEXEDB_100-70005282.SAR" -} - -variable "kit_igsexe_file" { - type = string - description = "kit_igsexe_file" - default = "/storage/S4HANA/igsexe_1-70005417.sar" -} - -variable "kit_igshelper_file" { - type = string - description = "kit_igshelper_file" - default = "/storage/S4HANA/igshelper_17-10010245.sar" -} - -variable "kit_saphotagent_file" { - type = string - description = "kit_saphotagent_file" - default = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR" -} - -variable "kit_hdbclient_file" { - type = string - description = "kit_hdbclient_file" - default = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR" -} - -variable "kit_s4hana_export" { - type = string - description = "kit_s4hana_export" - default = "/storage/S4HANA/export" -} diff --git a/schematics/versions.tf b/schematics/versions.tf deleted file mode 100644 index 50e1183..0000000 --- a/schematics/versions.tf +++ /dev/null @@ -1,10 +0,0 @@ -terraform { - required_providers { - ibm = { - source = "IBM-Cloud/ibm" - version = ">= 1.41.1" - } - } - required_version = ">= 1.3.6" -} - diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..787a80c --- /dev/null +++ b/variables.tf @@ -0,0 +1,311 @@ +variable "PRIVATE_SSH_KEY" { + type = string + description = "Input id_rsa private key content (Sensitive* value)." + nullable = false + validation { + condition = length(var.PRIVATE_SSH_KEY) >= 64 && var.PRIVATE_SSH_KEY != null && length(var.PRIVATE_SSH_KEY) != 0 || contains(["n.a"], var.PRIVATE_SSH_KEY ) + error_message = "The content for private_ssh_key variable must be completed in OpenSSH format." + } +} + +variable "ID_RSA_FILE_PATH" { + default = "ansible/id_rsa" + nullable = false + description = "The file path for private_ssh_key will be automatically generated by default. If it is changed, it must contain the relative path from git repo folders. Examples: ansible/id_rsa_s4hana, ~/.ssh/id_rsa_s4hana , /root/.ssh/id_rsa" +} + + +variable "SSH_KEYS" { + type = list(string) + description = "List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available here: https://cloud.ibm.com/vpc-ext/compute/sshKeys." + validation { + condition = var.SSH_KEYS == [] ? false : true && var.SSH_KEYS == [""] ? false : true + error_message = "At least one SSH KEY is needed to be able to access the VSI." + } +} + +variable "BASTION_FLOATING_IP" { + type = string + description = "Input the FLOATING IP from the Bastion Server." + nullable = false + validation { + condition = can(regex("^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$",var.BASTION_FLOATING_IP)) || contains(["localhost"], var.BASTION_FLOATING_IP ) && var.BASTION_FLOATING_IP!= null + error_message = "Incorrect format for variable: BASTION_FLOATING_IP." + } +} + +variable "RESOURCE_GROUP" { + type = string + description = "The name of an EXISTING Resource Group for VSIs and Volumes resources. Default value: \"Default\". The list of Resource Groups is available here: https://cloud.ibm.com/account/resource-groups." + default = "Default" +} + +variable "REGION" { + type = string + description = "The cloud region where to deploy the solution. The regions and zones for VPC are listed here:https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc. Review supported locations in IBM Cloud Schematics here: https://cloud.ibm.com/docs/schematics?topic=schematics-locations." + validation { + condition = contains(["au-syd", "jp-osa", "jp-tok", "eu-de", "eu-gb", "ca-tor", "us-south", "us-east", "br-sao"], var.REGION ) + error_message = "For CLI deployments, the REGION must be one of: au-syd, jp-osa, jp-tok, eu-de, eu-gb, ca-tor, us-south, us-east, br-sao. \n For Schematics, the REGION must be one of: eu-de, eu-gb, us-south, us-east." + } +} + +variable "ZONE" { + type = string + description = "The cloud zone where to deploy the solution." + validation { + condition = length(regexall("^(au-syd|jp-osa|jp-tok|eu-de|eu-gb|ca-tor|us-south|us-east|br-sao)-(1|2|3)$", var.ZONE)) > 0 + error_message = "The ZONE is not valid." + } +} + +variable "VPC" { + type = string + description = "The name of an EXISTING VPC. The list of VPCs is available here: https://cloud.ibm.com/vpc-ext/network/vpcs." + validation { + condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.VPC)) > 0 + error_message = "The VPC name is not valid." + } +} + +variable "SUBNET" { + type = string + description = "The name of an EXISTING Subnet. The list of Subnets is available here: https://cloud.ibm.com/vpc-ext/network/subnets." + validation { + condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.SUBNET)) > 0 + error_message = "The SUBNET name is not valid." + } +} + +variable "SECURITY_GROUP" { + type = string + description = "The name of an EXISTING Security group. The list of Security Groups is available here: https://cloud.ibm.com/vpc-ext/network/securityGroups." + validation { + condition = length(regexall("^([a-z]|[a-z][-a-z0-9]*[a-z0-9]|[0-9][-a-z0-9]*([a-z]|[-a-z][-a-z0-9]*[a-z0-9]))$", var.SECURITY_GROUP)) > 0 + error_message = "The SECURITY_GROUP name is not valid." + } +} + +variable "DB_HOSTNAME" { + type = string + description = "The Hostname for the HANA VSI. The hostname should be up to 13 characters as required by SAP. For more information on rules regarding hostnames for SAP systems, check SAP Note 611361: \"Hostnames of SAP ABAP Platform servers\"." + validation { + condition = length(var.DB_HOSTNAME) <= 13 && length(regexall("^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$", var.DB_HOSTNAME)) > 0 + error_message = "The DB_HOSTNAME is not valid." + } +} + +variable "DB_PROFILE" { + type = string + description = "The instance profile used for the HANA VSI. The list of certified profiles for HANA VSIs is available here: https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc. Details about all x86 instance profiles are available here: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles. For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check SAP Note 2927211: \"SAP Applications on IBM Virtual Private Cloud\"." + default = "mx2-16x128" + validation { + condition = contains(keys(jsondecode(file("files/hana_volume_layout.json")).profiles), "${var.DB_PROFILE}") + error_message = "The chosen storage PROFILE for HANA VSI \"${var.DB_PROFILE}\" is not a certified storage profile. Please, chose the appropriate certified storage PROFILE for the HANA VSI from https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-intel-vs-vpc . Make sure the selected PROFILE is certified for the selected OS type and for the proceesing type (SAP Business One, OLTP, OLAP)" + } +} + +variable "DB_IMAGE" { + type = string + description = "The OS image used for HANA VSI (See Obs*). A list of images is available here: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images." + default = "ibm-redhat-8-6-amd64-sap-hana-2" + validation { + condition = length(regexall("^(ibm-redhat-8-(4|6)-amd64-sap-hana|ibm-sles-15-(3|4)-amd64-sap-hana)-[0-9][0-9]*", var.DB_IMAGE)) > 0 + error_message = "The OS SAP DB_IMAGE must be one of \"ibm-sles-15-3-amd64-sap-hana-x\", \"ibm-sles-15-4-amd64-sap-hana-x\", \"ibm-redhat-8-4-amd64-sap-hana-x\" or \"ibm-redhat-8-6-amd64-sap-hana-x\"." + } +} + +variable "APP_HOSTNAME" { + type = string + description = "The Hostname for the SAP Application VSI. The hostname should be up to 13 characters as required by SAP. For more information on rules regarding hostnames for SAP systems, check SAP Note 611361: \"Hostnames of SAP ABAP Platform servers\"." + validation { + condition = length(var.APP_HOSTNAME) <= 13 && length(regexall("^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$", var.APP_HOSTNAME)) > 0 + error_message = "The APP_HOSTNAME is not valid." + } +} + +variable "APP_PROFILE" { + type = string + description = "The instance profile used for SAP Application VSI. A list of profiles is available here: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles. For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check SAP Note 2927211: \"SAP Applications on IBM Virtual Private Cloud\"." + default = "bx2-4x16" +} + +variable "APP_IMAGE" { + type = string + description = "The OS image used for SAP Application VSI (See Obs*). A list of images is available here: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images." + default = "ibm-redhat-8-6-amd64-sap-applications-2" + validation { + condition = length(regexall("^(ibm-redhat-8-(4|6)-amd64-sap-applications|ibm-sles-15-(3|4)-amd64-sap-applications)-[0-9][0-9]*", var.APP_IMAGE)) > 0 + error_message = "The OS SAP APP_IMAGE must be one of \"ibm-sles-15-3-amd64-sap-applications-x\", \"ibm-sles-15-4-amd64-sap-applications-x\", \"ibm-redhat-8-4-amd64-sap-applications-x\" or \"ibm-redhat-8-6-amd64-sap-applications-x\"." + } +} + +data "ibm_is_instance" "db-vsi" { + depends_on = [module.db-vsi] + name = var.DB_HOSTNAME +} + +data "ibm_is_instance" "app-vsi" { + depends_on = [module.app-vsi] + name = var.APP_HOSTNAME +} + + +variable "HANA_SID" { + type = string + description = "The SAP system ID identifies the SAP HANA system." + default = "HDB" + validation { + condition = length(regexall("^[a-zA-Z][a-zA-Z0-9][a-zA-Z0-9]$", var.HANA_SID)) > 0 && !contains(["ADD", "ALL", "AMD", "AND", "ANY", "ARE", "ASC", "AUX", "AVG", "BIT", "CDC", "COM", "CON", "DBA", "END", "EPS", "FOR", "GET", "GID", "IBM", "INT", "KEY", "LOG", "LPT", "MAP", "MAX", "MIN", "MON", "NIX", "NOT", "NUL", "OFF", "OLD", "OMS", "OUT", "PAD", "PRN", "RAW", "REF", "ROW", "SAP", "SET", "SGA", "SHG", "SID", "SQL", "SUM", "SYS", "TMP", "TOP", "UID", "USE", "USR", "VAR"], var.HANA_SID) + error_message = "The HANA_SID is not valid." + } +} + +variable "HANA_SYSNO" { + type = string + description = "Specifies the instance number of the SAP HANA system." + default = "00" + validation { + condition = var.HANA_SYSNO >= 0 && var.HANA_SYSNO <=97 + error_message = "The HANA_SYSNO is not valid." + } +} + +variable "HANA_MAIN_PASSWORD" { + type = string + sensitive = true + description = "Common password for all users that are created during the installation." + validation { + condition = length(regexall("^(.{0,7}|.{15,}|[^0-9a-zA-Z]*)$", var.HANA_MAIN_PASSWORD)) == 0 && length(regexall("^[^0-9_][0-9a-zA-Z!@#$_]+$", var.HANA_MAIN_PASSWORD)) > 0 + error_message = "The HANA_MAIN_PASSWORD is not valid." + } +} + +variable "HANA_SYSTEM_USAGE" { + type = string + description = "System Usage. Default: \"custom\". Valid values: \"production\", \"test\", \"development\", \"custom\"." + default = "custom" + validation { + condition = contains(["production", "test", "development", "custom" ], var.HANA_SYSTEM_USAGE ) + error_message = "The HANA_SYSTEM_USAGE must be one of: production, test, development, custom." + } +} + +variable "HANA_COMPONENTS" { + type = string + description = "SAP HANA Components. Default: \"server\". Valid values: \"all\", \"client\", \"es\", \"ets\", \"lcapps\", \"server\", \"smartda\", \"streaming\", \"rdsync\", \"xs\", \"studio\", \"afl\", \"sca\", \"sop\", \"eml\", \"rme\", \"rtl\", \"trp\"." + default = "server" + validation { + condition = contains(["all", "client", "es", "ets", "lcapps", "server", "smartda", "streaming", "rdsync", "xs", "studio", "afl", "sca", "sop", "eml", "rme", "rtl", "trp" ], var.HANA_COMPONENTS ) + error_message = "The HANA_COMPONENTS must be one of: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp." + } +} + +variable "KIT_SAPHANA_FILE" { + type = string + description = "Path to SAP HANA ZIP file (See Obs*). As downloaded from SAP Support Portal." + default = "/storage/HANADB/51055299.ZIP" +} + +variable "SAP_SID" { + type = string + description = "The SAP system ID identifies the entire SAP system." + default = "NWD" + validation { + condition = length(regexall("^[a-zA-Z][a-zA-Z0-9][a-zA-Z0-9]$", var.SAP_SID)) > 0 && !contains(["ADD", "ALL", "AMD", "AND", "ANY", "ARE", "ASC", "AUX", "AVG", "BIT", "CDC", "COM", "CON", "DBA", "END", "EPS", "FOR", "GET", "GID", "IBM", "INT", "KEY", "LOG", "LPT", "MAP", "MAX", "MIN", "MON", "NIX", "NOT", "NUL", "OFF", "OLD", "OMS", "OUT", "PAD", "PRN", "RAW", "REF", "ROW", "SAP", "SET", "SGA", "SHG", "SID", "SQL", "SUM", "SYS", "TMP", "TOP", "UID", "USE", "USR", "VAR"], var.SAP_SID) + error_message = "The sap_sid is not valid." + } +} + +variable "SAP_ASCS_INSTANCE_NUMBER" { + type = string + description = "Technical identifier for internal processes of ASCS." + default = "01" + validation { + condition = var.SAP_ASCS_INSTANCE_NUMBER >= 0 && var.SAP_ASCS_INSTANCE_NUMBER <=97 + error_message = "The SAP_ASCS_INSTANCE_NUMBER is not valid." + } +} + +variable "SAP_CI_INSTANCE_NUMBER" { + type = string + description = "Technical identifier for internal processes of CI." + default = "00" + validation { + condition = var.SAP_CI_INSTANCE_NUMBER >= 0 && var.SAP_CI_INSTANCE_NUMBER <=97 + error_message = "The SAP_CI_INSTANCE_NUMBER is not valid." + } +} + +variable "SAP_MAIN_PASSWORD" { + type = string + sensitive = true + description = "Common password for all users that are created during the installation. It must be 8 to 14 characters long, it must contain at least one digit (0-9) and one uppercase letter, it must not contain backslash and double quote." + validation { + condition = length(regexall("^(.{0,9}|.{15,}|[^0-9]*)$", var.SAP_MAIN_PASSWORD)) == 0 && length(regexall("^[^0-9_][0-9a-zA-Z@#$_]+$", var.SAP_MAIN_PASSWORD)) > 0 && length(regexall("[A-Z]", var.SAP_MAIN_PASSWORD)) > 0 + error_message = "The SAP_MAIN_PASSWORD is not valid." + } +} + +variable "HDB_CONCURRENT_JOBS" { + type = string + description = "Number of concurrent jobs used to load and/or extract archives to HANA Host." + default = "23" + validation { + condition = var.HDB_CONCURRENT_JOBS >= 1 && var.HDB_CONCURRENT_JOBS <=25 + error_message = "The HDB_CONCURRENT_JOBS is not valid." + } +} + +variable "KIT_SAPCAR_FILE" { + type = string + description = "Path to sapcar binary. As downloaded from SAP Support Portal." + default = "/storage/S4HANA/SAPCAR_1010-70006178.EXE" +} + +variable "KIT_SWPM_FILE" { + type = string + description = "Path to SWPM archive (SAR). As downloaded from SAP Support Portal." + default = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR" +} + +variable "KIT_SAPEXE_FILE" { + type = string + description = "Path to SAP Kernel OS archive (SAR). As downloaded from SAP Support Portal." + default = "/storage/S4HANA/SAPEXE_100-70005283.SAR" +} + +variable "KIT_SAPEXEDB_FILE" { + type = string + description = "Path to SAP Kernel DB archive (SAR). As downloaded from SAP Support Portal." + default = "/storage/S4HANA/SAPEXEDB_100-70005282.SAR" +} + +variable "KIT_IGSEXE_FILE" { + type = string + description = "Path to IGS archive (SAR). As downloaded from SAP Support Portal." + default = "/storage/S4HANA/igsexe_1-70005417.sar" +} + +variable "KIT_IGSHELPER_FILE" { + type = string + description = "Path to IGS Helper archive (SAR). As downloaded from SAP Support Portal." + default = "/storage/S4HANA/igshelper_17-10010245.sar" +} + +variable "KIT_SAPHOSTAGENT_FILE" { + type = string + description = "Path to SAP Host Agent archive (SAR). As downloaded from SAP Support Portal." + default = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR" +} + +variable "KIT_HDBCLIENT_FILE" { + type = string + description = "Path to HANA DB client archive (SAR). As downloaded from SAP Support Portal." + default = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR" +} + +variable "KIT_S4HANA_EXPORT" { + type = string + description = "Path to S/4HANA Installation Export dir. The archives downloaded from SAP Support Portal should be present in this path." + default = "/storage/S4HANA/export" +} diff --git a/schematics/modules/app-vsi/versions.tf b/versions.tf similarity index 100% rename from schematics/modules/app-vsi/versions.tf rename to versions.tf