diff --git a/README.md b/README.md index 55ca84a22..d413df34e 100644 --- a/README.md +++ b/README.md @@ -82,7 +82,7 @@ See [Installing collections](https://docs.ansible.com/ansible/latest/collections More deployment scenarios are available in [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) repository. ### Ansible Roles -All included roles can be execute separately or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. +All included roles can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. | Name | Summary | | :--- | :--- | @@ -136,6 +136,9 @@ You can find the release notes of this collection in [Changelog file](https://gi ### Variable Precedence Rules Please follow [Ansible Precedence guidelines](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable) on how to pass variables when using this collection. +### Getting Started +More information on how to execute Ansible playbooks is in [Getting started guide](https://github.com/sap-linuxlab/community.sap_install/blob/main/docs/getting_started/README.md). + ## License [Apache 2.0](https://github.com/sap-linuxlab/community.sap_install/blob/main/LICENSE) diff --git a/docs/getting_started/README.md b/docs/getting_started/README.md index 7788e3c4d..c5b79b2c1 100644 --- a/docs/getting_started/README.md +++ b/docs/getting_started/README.md @@ -6,6 +6,7 @@ In this folder you will find sample files, a few additional tips for using the p - [Inventory and variable parameters](#inventory-and-variable-parameters) - [Security parameters](#security-parameters) - [Other useful options](#other-useful-options) + - [Improve readability of playbook output in terminal](#improve-readability-of-playbook-output-in-terminal) ## How to run playbooks @@ -95,3 +96,34 @@ These are not all available options, but ones that may help getting familiar wit Be careful to choose a task which covers pre-requisites, i.e. tasks that discover information which is used in subsequent tasks have to be run to fulfill conditionals. - `-C` attempts a dry-run of the playbook without applying actual changes. This is limited to simple tasks that do not require other changes already been done in previous tasks. - `--step` this executes the playbook but will prompt for every task to be run or skipped. At the prompt it can also be told to continue and not ask again, however. Useful to slow down execution and review each tasks result before proceeding with the next task. + +### Improve readability of playbook output in terminal +Note: For terminals with dark background, replace the color code `30m` by `37m`. +In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: +```yaml +printf "\033[37mreadable font\n" +``` +In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: +```yaml +printf "\033[30mreadable font\n" +``` + +Execution of `sap_general_preconfigure` playbook with a nice compact and colored output, this time for two hosts: +```console +ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | +awk '{sub (" \"msg\": ", "")} + /TASK/{task_line=$0} + /fatal:/{fatal_line=$0; nfatal[host]++} + /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} + /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} + /SAP note/{print "\033[30m[" host"] "$0} + /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} + /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} + /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} + /INFO:/{print "\033[34m[" host"] "$0} + /changed/&&/unreachable/{print "\033[30m[" host"] "$0} + END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { + printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line + } + else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' +``` diff --git a/roles/sap_anydb_install_oracle/README.md b/roles/sap_anydb_install_oracle/README.md index 7e55d2424..027615e3c 100644 --- a/roles/sap_anydb_install_oracle/README.md +++ b/roles/sap_anydb_install_oracle/README.md @@ -7,16 +7,22 @@ Ansible role `sap_anydb_install_oracle` is used to install Oracle Database 19.x for SAP system. -## Prerequisites + + + +## Prerequisites Managed nodes: -1. Installation media present and `sap_anydb_install_oracle_extract_path` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. +- Directory with installation media is present and `sap_anydb_install_oracle_extract_path` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. ## Execution + + + ### Execution Flow 1. Prepare OS: Install packages, create users, create folders and copy installation media. diff --git a/roles/sap_general_preconfigure/INPUT_PARAMETERS.md b/roles/sap_general_preconfigure/INPUT_PARAMETERS.md new file mode 100644 index 000000000..364683233 --- /dev/null +++ b/roles/sap_general_preconfigure/INPUT_PARAMETERS.md @@ -0,0 +1,311 @@ +## Input Parameters for sap_general_preconfigure Ansible Role + +#### Minimum required parameters: + +This role does not require any parameter to be set in the playbook or inventory. + + +### sap_general_preconfigure_config_all +- _Type:_ `bool` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_general_preconfigure_installation +- _Type:_ `bool` + +If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_general_preconfigure_configuration +- _Type:_ `bool` + +If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
+ +Example: + +```yaml +sap_general_preconfigure_config_all: false +sap_general_preconfigure_configuration: true +sap_general_preconfigure_2002167_02: true +sap_general_preconfigure_1391070: true +``` + +### sap_general_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_general_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_general_preconfigure_system_roles_collection +- _Type:_ `str` +- _Default:_ `'fedora.linux_system_roles'` +- _Possible Values:_
+ - `fedora.linux_system_roles` + - `redhat.rhel_system_roles` + +Set which Ansible Collection to use for the Linux System Roles.
+For community/upstream, use 'fedora.linux_system_roles'
+For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
+ +### sap_general_preconfigure_enable_repos +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want the role to enable the repos as configured by the following repo related parameters.
+The default is `false`, meaning that the role will not enable repos.
+ +### sap_general_preconfigure_use_netweaver_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the SAP NetWeaver repo(s).
+The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_use_hana_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the SAP HANA repo(s).
+The default is `true`, meaning that the role will enable the SAP HANA repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_use_ha_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the high availability repo(s).
+The default is `true`, meaning that the role will enable the high availability repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_disable_all_other_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above.
+The default is `true`, meaning that the role will disable all repos before enabling the desired ones.
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_req_repos +- _Type:_ `list` with elements of type `str` + +If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly.
+Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically
+(e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4).
+ +Example: + +```yaml +sap_general_preconfigure_req_repos: +- rhel-8-for-x86_64-baseos-eus-rpms +- rhel-8-for-x86_64-appstream-eus-rpms +- rhel-8-for-x86_64-sap-solutions-eus-rpms +- rhel-8-for-x86_64-sap-netweaver-eus-rpms +- rhel-8-for-x86_64-highavailability-eus-rpms +``` + +### sap_general_preconfigure_set_minor_release +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`.
+If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos.
+ +### sap_general_preconfigure_packagegroups +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +The name of the software package group to install.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +'@minimal-environment' +``` + +### sap_general_preconfigure_envgroups +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +The name of the software environment group to check.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +'@minimal-environment' +``` + +### sap_general_preconfigure_packages +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +The list of packages to install.
+The default for this variable is set in the vars file which corresponds to the detected OS version.
+ +### sap_general_preconfigure_min_package_check +- _Type:_ `bool` +- _Default:_ `true` + +The default is to install or check if the minimum package versions are installed as defined in the vars files.
+Set to `false` if you do not install or check these minimum package versions.
+ +### sap_general_preconfigure_install_ibm_power_tools +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
+See also SAP note 2679703.
+ +### sap_general_preconfigure_add_ibm_power_repo +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
+are already available on the local network). The IBM Power Systems service and productivity tools will only
+be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
+ +### sap_general_preconfigure_ibm_power_repo_url +- _Type:_ `str` +- _Default:_ `'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm'` + +URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools
+ +### sap_general_preconfigure_update +- _Type:_ `bool` +- _Default:_ `false` + +By default, the role will not update the system, for avoiding an unintentional minor OS release update.
+Set this parameter to `true` if you want to update your system to the latest package versions.
+When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of
+those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`.
+ +### sap_general_preconfigure_reboot_ok +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want to perform a reboot at the end of the role, if necessary.
+ +### sap_general_preconfigure_fail_if_reboot_required +- _Type:_ `bool` +- _Default:_ `true` + +If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
+remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
+Can be useful if you want to implement your own reboot handling.
+ +### sap_general_preconfigure_selinux_state +- _Type:_ `str` +- _Default:_ `'permissive'` +- _Possible Values:_
+ - `enforcing` + - `permissive` + - `disabled` + +One of the SELinux states to be set on the system.
+ +### sap_general_preconfigure_create_directories +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the SAP directories to be created by the role.
+The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels`
+(see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set.
+ +### sap_general_preconfigure_sap_directories +- _Type:_ `list` with elements of type `str` +- _Default:_ + - /usr/sap + +List of SAP directories to be created.
+ +### sap_general_preconfigure_modify_selinux_labels +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want to modify the SELinux labels for the SAP directories set
+in variable `sap_general_preconfigure_sap_directories`.
+ +### sap_general_preconfigure_size_of_tmpfs_gb +- _Type:_ `str` +- _Default:_ `"{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}"` + +The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735.
+ +### sap_general_preconfigure_modify_etc_hosts +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the role to modify the `/etc/hosts` file.
+ +### sap_general_preconfigure_etc_sysctl_sap_conf +- _Type:_ `str` +- _Default:_ `'/etc/sysctl.d/sap.conf'` + +The file name of the sysctl config file to be used
+ +### sap_general_preconfigure_kernel_parameters +- _Type:_ `list` with elements of type `dict` +- _Default:_ (set by platform/environment specific variables) + +The Linux kernel parameters to use. By default, these are taken from the vars file.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +sap_general_preconfigure_kernel_parameters: +- name: vm.max_map_count + value: '2147483647' +- name: fs.aio-max-nr + value: '18446744073709551615' +``` + +### sap_general_preconfigure_max_hostname_length +- _Type:_ `str` +- _Default:_ `'13'` + +The maximum length of the hostname. See SAP note 611361.
+ +### sap_hostname +- _Type:_ `str` +- _Default:_ `"{{ ansible_hostname }}"` + +The hostname to be used for updating or checking `/etc/hosts` entries.
+ +### sap_domain +- _Type:_ `str` +- _Default:_ `"{{ ansible_domain }}"` + +The DNS domain name to be used for updating or checking `/etc/hosts` entries.
+ +### sap_ip +- _Type:_ `str` +- _Default:_ `"{{ ansible_default_ipv4.address }}"` + +The IPV4 address to be used for updating or checking `/etc/hosts` entries.
+ +### sap_general_preconfigure_db_group_name +- _Type:_ `str` + +Use this variable to specify the name of the RHEL group which is used for the database processes.
+If defined, it will be used to configure process limits as per step
+Configuring Process Resource Limits
+ +Example: + +```yaml +sap_general_preconfigure_db_group_name: dba +``` + \ No newline at end of file diff --git a/roles/sap_general_preconfigure/README.md b/roles/sap_general_preconfigure/README.md index 65875d070..d2e05c7be 100644 --- a/roles/sap_general_preconfigure/README.md +++ b/roles/sap_general_preconfigure/README.md @@ -1,341 +1,74 @@ + # sap_general_preconfigure Ansible Role + +![Ansible Lint for sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml/badge.svg) -This role installs required packages and performs configuration steps which are required for installing and running SAP NetWeaver or SAP HANA. Specific installation and configuration steps on top of these basic steps are performed with roles sap-netweaver-preconfigure and sap-hana-preconfigure. Future implementations may reduce the scope of this role, for example if certain installation or configuration steps are done in the more specific roles. +## Description + +Ansible Role `sap_general_preconfigure` is used to ensure that Managed nodes are configured to host SAP systems according to SAP Notes. -For SLES systems, this role may not be necessary. The majority of SAP preparation and tuning is covered by `saptune` which is configured in the `sap_hana_preconfigure` and `sap_netweaver_preconfigure` roles. +This role performs installation of required packages for running SAP systems and configuration of Operating system parameters. -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -To use this role, your system needs to be installed according to: -- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section "Installing Red Hat Enterprise Linux 7" -- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 8". -- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 9". - -Note ----- -Do not run this role against an SAP or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. - - -## Role Input Parameters - -#### Minimum required parameters: - -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_general_preconfigure_config_all -- _Type:_ `bool` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_general_preconfigure_installation -- _Type:_ `bool` - -If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_general_preconfigure_configuration -- _Type:_ `bool` - -If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
- -Example: - -```yaml -sap_general_preconfigure_config_all: false -sap_general_preconfigure_configuration: true -sap_general_preconfigure_2002167_02: true -sap_general_preconfigure_1391070: true -``` - -### sap_general_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_general_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_general_preconfigure_system_roles_collection -- _Type:_ `str` -- _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` - -Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
- -### sap_general_preconfigure_enable_repos -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want the role to enable the repos as configured by the following repo related parameters.
-The default is `false`, meaning that the role will not enable repos.
- -### sap_general_preconfigure_use_netweaver_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the SAP NetWeaver repo(s).
-The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_use_hana_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the SAP HANA repo(s).
-The default is `true`, meaning that the role will enable the SAP HANA repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_use_ha_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the high availability repo(s).
-The default is `true`, meaning that the role will enable the high availability repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_disable_all_other_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above.
-The default is `true`, meaning that the role will disable all repos before enabling the desired ones.
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_req_repos -- _Type:_ `list` with elements of type `str` - -If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly.
-Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically
-(e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4).
- -Example: - -```yaml -sap_general_preconfigure_req_repos: -- rhel-8-for-x86_64-baseos-eus-rpms -- rhel-8-for-x86_64-appstream-eus-rpms -- rhel-8-for-x86_64-sap-solutions-eus-rpms -- rhel-8-for-x86_64-sap-netweaver-eus-rpms -- rhel-8-for-x86_64-highavailability-eus-rpms -``` - -### sap_general_preconfigure_set_minor_release -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`.
-If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos.
- -### sap_general_preconfigure_packagegroups -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -The name of the software package group to install.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -'@minimal-environment' -``` - -### sap_general_preconfigure_envgroups -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -The name of the software environment group to check.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -'@minimal-environment' -``` - -### sap_general_preconfigure_packages -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -The list of packages to install.
-The default for this variable is set in the vars file which corresponds to the detected OS version.
- -### sap_general_preconfigure_min_package_check -- _Type:_ `bool` -- _Default:_ `true` - -The default is to install or check if the minimum package versions are installed as defined in the vars files.
-Set to `false` if you do not install or check these minimum package versions.
- -### sap_general_preconfigure_install_ibm_power_tools -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
-See also SAP note 2679703.
- -### sap_general_preconfigure_add_ibm_power_repo -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
-are already available on the local network). The IBM Power Systems service and productivity tools will only
-be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
- -### sap_general_preconfigure_ibm_power_repo_url -- _Type:_ `str` -- _Default:_ `'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm'` - -URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools
- -### sap_general_preconfigure_update -- _Type:_ `bool` -- _Default:_ `false` - -By default, the role will not update the system, for avoiding an unintentional minor OS release update.
-Set this parameter to `true` if you want to update your system to the latest package versions.
-When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of
-those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`.
- -### sap_general_preconfigure_reboot_ok -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want to perform a reboot at the end of the role, if necessary.
- -### sap_general_preconfigure_fail_if_reboot_required -- _Type:_ `bool` -- _Default:_ `true` - -If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
-remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
-Can be useful if you want to implement your own reboot handling.
- -### sap_general_preconfigure_selinux_state -- _Type:_ `str` -- _Default:_ `'permissive'` -- _Possible Values:_
- - `enforcing` - - `permissive` - - `disabled` - -One of the SELinux states to be set on the system.
- -### sap_general_preconfigure_create_directories -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the SAP directories to be created by the role.
-The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels`
-(see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set.
- -### sap_general_preconfigure_sap_directories -- _Type:_ `list` with elements of type `str` -- _Default:_ - - /usr/sap - -List of SAP directories to be created.
- -### sap_general_preconfigure_modify_selinux_labels -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want to modify the SELinux labels for the SAP directories set
-in variable `sap_general_preconfigure_sap_directories`.
- -### sap_general_preconfigure_size_of_tmpfs_gb -- _Type:_ `str` -- _Default:_ `"{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}"` - -The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735.
- -### sap_general_preconfigure_modify_etc_hosts -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the role to modify the `/etc/hosts` file.
- -### sap_general_preconfigure_etc_sysctl_sap_conf -- _Type:_ `str` -- _Default:_ `'/etc/sysctl.d/sap.conf'` - -The file name of the sysctl config file to be used
- -### sap_general_preconfigure_kernel_parameters -- _Type:_ `list` with elements of type `dict` -- _Default:_ (set by platform/environment specific variables) - -The Linux kernel parameters to use. By default, these are taken from the vars file.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -sap_general_preconfigure_kernel_parameters: -- name: vm.max_map_count - value: '2147483647' -- name: fs.aio-max-nr - value: '18446744073709551615' -``` - -### sap_general_preconfigure_max_hostname_length -- _Type:_ `str` -- _Default:_ `'13'` - -The maximum length of the hostname. See SAP note 611361.
- -### sap_hostname -- _Type:_ `str` -- _Default:_ `"{{ ansible_hostname }}"` - -The hostname to be used for updating or checking `/etc/hosts` entries.
- -### sap_domain -- _Type:_ `str` -- _Default:_ `"{{ ansible_domain }}"` - -The DNS domain name to be used for updating or checking `/etc/hosts` entries.
- -### sap_ip -- _Type:_ `str` -- _Default:_ `"{{ ansible_default_ipv4.address }}"` - -The IPV4 address to be used for updating or checking `/etc/hosts` entries.
- -### sap_general_preconfigure_db_group_name -- _Type:_ `str` - -Use this variable to specify the name of the RHEL group which is used for the database processes.
-If defined, it will be used to configure process limits as per step
-Configuring Process Resource Limits
- -Example: +This is general preconfigure role that used for both SAP Netweaver and SAP HANA, which have separate follow-up roles [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) and [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure). + + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` +- `community.sap_install` (This collection) + - Roles: + - `sap_maintain_etc_hosts` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + + +## Prerequisites + +(Red Hat specific) Ensure system is installed according to: +- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section `Installing Red Hat Enterprise Linux 7`. +- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 8`. +- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 9`. + + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages and patch system if `sap_general_preconfigure_update:true` +3. Apply configurations based on SAP Notes +4. Reboot Managed nodes if packages were installed or patched and `sap_general_preconfigure_reboot_ok: true` + + +### Example + ```yaml -sap_general_preconfigure_db_group_name: dba -``` - - - -## Tags (RHEL systems only) - +--- +- name: Ansible Play for SAP HANA HA Scale-up preconfigure + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure +``` +Further referenced as `example.yml` + + + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_general_preconfigure_installation`: Perform only the installation tasks - tag `sap_general_preconfigure_configuration`: Perform only the configuration tasks @@ -344,69 +77,64 @@ With the following tags, the role can be called to perform certain activities on - tag `sap_general_preconfigure_etc_hosts`: Perform only the tasks(s) related to this step. This step might be one of multiple configuration activities of a SAP note. Also this step might be valid for multiple RHEL major releases. -Sample call for only performing all installation and configuration tasks (sample playbook name sap.yml, see the next section for -an example). This is the default behavior. If no tag is specified, all installation and configuration tasks are enabled: -``` -# ansible-playbook sap.yml -``` - -Sample call for only performing all installation tasks: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_installation -``` +
+ How to run sap_general_preconfigure with tags -Sample call for only performing all configuration tasks: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration -``` + #### Perform only installation tasks: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_installation + ``` -Sample call for only verifying and modifying the /etc/hosts file: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_etc_hosts -``` + #### Perform only configuration tasks: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration + ``` -Sample call for performing all configuration steps except verifying and modifying the /etc/hosts file: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_etc_hosts -``` + #### Verify and modify /etc/hosts file: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_etc_hosts + ``` -Sample call for only performing the configuration activities related to SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316 -``` + #### Perform all configuration steps except verifying and modifying the /etc/hosts file + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_etc_hosts + ``` -Sample call for performing all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -Sample call for only performing the configuration activities related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316_02 -``` + #### (Red Hat) Perform configuration activities related to SAP note 3108316 (RHEL 9) + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316 + ``` -Sample call for performing all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap-general-preconfigure.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_3108316_02 -``` + #### (Red Hat) Perform configuration activities related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9) + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316_02 + ``` -## Dependencies + #### (Red Hat) Perform all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific) + ``` + ansible-playbook sap-general-preconfigure.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_3108316_02 + ``` +
+ -This role does not depend on any other role. -## Example Playbook + + -Simple playbook, named sap.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure -``` +## License + +Apache 2.0 + -## Example Usage +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -Normal run: -```yaml -ansible-playbook sap.yml -l remote_host -``` +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_general_preconfigure/INPUT_PARAMETERS.md) +### Controlling execution with input parameters Extended Check (assert) run, aborting for any error which has been found: ```yaml ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes}" @@ -414,42 +142,5 @@ ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: ye Extended Check (assert) run, not aborting even if an error has been found: ```yaml -ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: no}" -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' +ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes,sap_general_preconfigure_assert_ignore_errors: no}" ``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## License - -Apache license 2.0 - -## Author Information - -Red Hat for SAP Community of Practice, Bernd Finger, Markus Koch, Rainer Leber diff --git a/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md b/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md new file mode 100644 index 000000000..7bc555e10 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md @@ -0,0 +1,27 @@ +## Input Parameters for sap_ha_install_anydb_ibmdb2 Ansible Role + +### sap_ha_install_anydb_ibmdb2_hostname_primary + +- _Type:_ `string` + +Enter IBM Db2 Primary node hostname + + +### sap_ha_install_anydb_ibmdb2_hostname_secondary + +- _Type:_ `string` + +Enter IBM Db2 Secondary node hostname + +### sap_ha_install_anydb_ibmdb2_sid + +- _Type:_ `string` + +Enter IBM Db2 System ID + +### sap_ha_install_anydb_ibmdb2_software_directory + +- _Type:_ `string` + +Enter IBM Db2 installation media path + \ No newline at end of file diff --git a/roles/sap_ha_install_anydb_ibmdb2/README.md b/roles/sap_ha_install_anydb_ibmdb2/README.md index 808f032ed..a87751e6a 100644 --- a/roles/sap_ha_install_anydb_ibmdb2/README.md +++ b/roles/sap_ha_install_anydb_ibmdb2/README.md @@ -1,82 +1,86 @@ `EXPERIMENTAL` - + # sap_ha_install_anydb_ibmdb2 Ansible Role + +## Description + Ansible Role for instantiation of IBM Db2 'Integrated Linux Pacemaker' HADR cluster Note: IBM Db2 with 'Integrated Linux Pacemaker' can use two deployment models: - Mutual Failover option, **not** covered by this Ansible Role -- High Availability and Disaster Recovery (HADR) option for Idle Standby, initialised by this Ansible Role +- High Availability and Disaster Recovery (HADR) option for Idle Standby, initialized by this Ansible Role + + + + ## Prerequisites +Managed nodes: +- Directory with installation media is present and `sap_ha_install_anydb_ibmdb2_software_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. -### Software Installation files - -Download IBM Db2 installation media from SAP Download Center on host, and set Ansible Variable `sap_ha_install_anydb_ibmdb2_software_directory` to this path. - -### Variables - -- `sap_ha_install_anydb_ibmdb2_hostname_primary` with the IBM Db2 Primary node hostname -- `sap_ha_install_anydb_ibmdb2_hostname_secondary` with the IBM Db2 Secondary node hostname -- `sap_ha_install_anydb_ibmdb2_sid` with the IBM Db2 System ID -- `sap_ha_install_anydb_ibmdb2_software_directory` with the IBM Db2 installation media path - -These are listed in the default variables file, but commented-out to enforce the required variables: -- [**sap_ha_install_anydb_ibmdb2** default parameters](defaults/main.yml) - -## Requirements and Dependencies - -This Ansible Role is applicable to IBM Db2 11.5 certified for SAP. - -It is applicable to 11.5.9 and later, which provides `db2cm` binary compatibility for AWS, GCP and MS Azure. - -### Target host - Infrastructure Platforms - -This Ansible Role contains Infrastructure Platform specific alterations for: -- AWS EC2 Virtual Servers -- Microsoft Azure Virtual Machines -- Google Cloud Compute Engine Virtual Machine -- IBM Cloud Virtual Server - -### Target host - Operating System requirements - -Designed for Linux operating systems, e.g. RHEL (7.x and 8.x) and SLES (15.x). +Software compatibility: +- This Ansible Role is applicable to IBM Db2 11.5 certified for SAP. +- It is applicable to 11.5.9 and later, which provides `db2cm` binary compatibility for AWS, GCP and MS Azure. + ## Execution - -Sample Ansible Playbook Execution: - -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-ha-anydb-ibmdb2-init.yml -e "@inputs/ibmdb2_vars.yml` - -- Target Host Installation - - `ansible-playbook -i "" sap-ha-anydb-ibmdb2-init.yml -e "@inputs/ibmdb2_vars.yml"` - -## Sample Ansible Playbook - + +### Supported Platforms +| Platform | Status | Notes | +| -------- | --------- | --------- | +| AWS EC2 Virtual Servers | :heavy_check_mark: | | +| Google Cloud Compute Engine Virtual Machine | :heavy_check_mark: | | +| Microsoft Azure Virtual Machines | :heavy_check_mark: | | +| IBM Cloud Virtual Server | :heavy_check_mark: | | + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Detect target infrastructure platform. +3. Execute platform specific configuration. +4. Instantiate IBM Db2 'Integrated Linux Pacemaker' HADR cluster. + + +### Example + ```yaml --- -- hosts: all - - collections: - - community.sap_install - - vars: - sap_ha_install_anydb_ibmdb2_sid: SD1 # Sandbox Database for D01 SAP System - sap_ha_install_anydb_ibmdb2_hostname_primary: db2-p - sap_ha_install_anydb_ibmdb2_hostname_secondary: db2-s - sap_ha_install_anydb_ibmdb2_software_directory: /software/ibmdb2_extracted - +- name: Ansible Play for IBM Db2 Database installation + hosts: db2_host + become: true + tasks: - name: Execute Ansible Role sap_ha_install_anydb_ibmdb2 ansible.builtin.include_role: name: community.sap_install.sap_ha_install_anydb_ibmdb2 + vars: + sap_ha_install_anydb_ibmdb2_sid: SD1 # Sandbox Database for D01 SAP System + sap_ha_install_anydb_ibmdb2_hostname_primary: db2-p + sap_ha_install_anydb_ibmdb2_hostname_secondary: db2-s + sap_ha_install_anydb_ibmdb2_software_directory: /software/ibmdb2_extracted ``` + -## License + + -Apache license 2.0 + + + +## License + +Apache 2.0 + -## Author Information +## Maintainers + +- [Sean Freeman](https://github.com/sean-freeman) + -Sean Freeman +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md) diff --git a/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md b/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md new file mode 100644 index 000000000..a9bab4b21 --- /dev/null +++ b/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md @@ -0,0 +1,90 @@ +## Input Parameters for sap_ha_pacemaker_cluster Ansible Role + + +### sap_ha_install_hana_hsr_sid + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_sid }}` + +Enter SID of SAP HANA database. + +### sap_ha_install_hana_hsr_instance_number + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_instance_number }}` + +Enter string value of SAP HANA SID. + +### sap_ha_install_hana_hsr_cluster_nodes + +- _Type:_ `list` +- _Default:_ `{{ sap_hana_cluster_nodes }}` + +List of cluster nodes and associated attributes to describe the target SAP HA environment.
+This is required for the HANA System Replication configuration.
+ +- **hana_site**
+ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). +- **node_ip**
+ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ +- **node_name**
+ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ +- **node_role**
+ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ + +Example: + +```yaml +sap_ha_install_hana_hsr_cluster_nodes: + - node_name: node1 + node_ip: 192.168.1.11 + node_role: primary + hana_site: DC01 + + - node_name: node2 + node_ip: 192.168.1.12 + node_role: secondary + hana_site: DC02 +``` + +### sap_ha_install_hana_hsr_hdbuserstore_system_backup_user + +- _Type:_ `string` +- _Default:_ `HDB_SYSTEMDB` + +Enter name of SYSTEM user for backup execution. + +### sap_ha_install_hana_hsr_db_system_password + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_install_master_password }}` + +Enter password of SYSTEM user for backup execution. + +### sap_ha_install_hana_hsr_fqdn + +- _Type:_ `string` +- _Default:_ {{ sap_domain }} + +Enter domain of SAP system, for example `example.com`. + +### sap_ha_install_hana_hsr_rep_mode + +- _Type:_ `string` +- _Default:_ `sync` + +Enter SAP HANA System Replication mode. + +### sap_ha_install_hana_hsr_oper_mode + +- _Type:_ `string` +- _Default:_ `logreplay` + +Enter SAP HANA System Replication operation mode. + +### sap_ha_install_hana_hsr_update_etchosts +- _Type:_ `bool` +- _Default:_ `True` + +Enable to update /etc/hosts file. + \ No newline at end of file diff --git a/roles/sap_ha_install_hana_hsr/README.md b/roles/sap_ha_install_hana_hsr/README.md index f8a5730b3..e16b11b8d 100644 --- a/roles/sap_ha_install_hana_hsr/README.md +++ b/roles/sap_ha_install_hana_hsr/README.md @@ -1,103 +1,93 @@ + # sap_ha_install_hana_hsr Ansible Role + +![Ansible Lint for sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml/badge.svg) -Ansible role for SAP HANA System Replication Setup on 2 nodes. +## Description + +Ansible Role `sap_ha_install_hana_hsr` is used to configure and enable SAP HANA System Replication between 2 nodes. + -## Prerequisites - -- target nodes are on the same OS level -- target nodes are using the same SAP HANA release - -## Overview - -The **sap_ha_install_hana_hsr** role is part of this system role sequence: - -| Sequence | System Role | Description | -| :------: | :----------------------- | :----------------------------------------------------------- | -| 1. | sap_general_preconfigure | System Preparation for SAP | -| 2. | sap_hana_preconfigure | System Preparation for SAP HANA | -| 3. | sap_hana_install | Installation of SAP HANA Database | -| _4._ | _sap_ha_install_hana_hsr_ | _Configuration of SAP HANA System Replication_ | -| 5. | sap_ha_pacemaker_cluster | Linux Pacemaker cluster setup and SAP resources configuration | - -The **sap_ha_install_hana_hsr** roles configures a HANA system replication relationship which is used by the pacemaker cluster to automate SAP HANA System Replication (HSR). Prerequisite is the SAP HANA installation on the nodes. - -## Tasks included - -| Task | Description | -| ---------------------- | ----------------------------------------------------------------------------------- | -| update_etchosts.yml | ensures that all nodes of the cluster are configured in all nodes' /etc/hosts | -| configure_firewall.yml | this will configure the firewall für HANA system replication (disabled) | -| hdbuserstore.yml | create a user in the hdbuserstore | -| log_mode.yml | check/set database logmode | -| pki_files.yml | copy pki file from primary to secondary database | -| run_backup.yml | perform backup on the primary note as pre required step for HANA system replication | -| configure_hsr.yml | enable HANA system replication on primary node and register secondary database node | - -## Common Variables/Parameters Used - -| Name | Description | Value | -| -------------------------------- | ------------------------------- | ---------------------- | -| sap_domain | Domain Name | example: `example.com` | -| sap_hana_sid | SAP ID | example: `RH1` | -| sap_hana_instance_number | Instance Number | example: `"00"` | -| sap_hana_install_master_password | DB System Password | -| sap_hana_cluster_nodes | Parameter list of cluster nodes | -| sap_hana_hacluster_password | Pacemaker hacluster Password | - -## Role specific Variables - -| Name | Description | Value | -| --------------------------------- | ---------------- | -------------------- | -| sap_ha_install_hana_hsr_rep_mode | replication mode | default is sync | -| sap_ha_install_hana_hsr_oper_mode | operation mode | default is logreplay | - -## Example Parameter File + + + +## Prerequisites +Managed nodes: +- Same Operating system version +- SAP HANA is installed with same version on both nodes. + + +## Execution + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order: +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. *`sap_ha_install_hana_hsr`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Verify connection between nodes. +3. Update /etc/hosts, hdbuserstore, Log mode, PKI +4. Execute database backup +5. Configure SAP HANA System Replication + + +### Example + ```yaml -sap_hana_sid: "DB1" -sap_hana_instance_number: "00" -sap_hana_install_master_password: "my_hana-password" - -### Cluster Definition -sap_ha_install_pacemaker_cluster_name: cluster1 -sap_hana_hacluster_password: "my_hacluster-password" - -sap_domain: example.com - -sap_hana_cluster_nodes: - - node_name: node1 - node_ip: 192.168.1.11 - node_role: primary - hana_site: DC01 - - - node_name: node2 - node_ip: 192.168.1.12 - node_role: secondary - hana_site: DC02 -``` - -### Execution Design - -Having the parameters specified as above, it can be executed with one command: - -```text -ansible-playbook example_playbook_with_parameters.ymnl -``` - -If you need to execute the role using an external handled, you can also limit the playbook for specific a **host** adding parameter defined in e **parameter_file**. - -```text -ansible-playbook -l node1 example_playbook.yml -e @parameter_file.yml +--- +- name: Ansible Play for SAP HANA System Replication setup + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_ha_install_hana_hsr + ansible.builtin.include_role: + name: community.sap_install.sap_ha_install_hana_hsr + vars: + sap_ha_install_hana_hsr_cluster_nodes: + - node_name: h01hana0 + node_ip: "10.10.10.10" + node_role: primary + hana_site: DC01 + + - node_name: h01hana1 + node_ip: "10.10.10.11" + node_role: secondary + hana_site: DC02 + + sap_ha_install_hana_hsr_sid: H01 + sap_ha_install_hana_hsr_instance_number: "01" + sap_ha_install_hana_hsr_hdbuserstore_system_backup_user: "HDB_SYSTEMDB" + sap_ha_install_hana_hsr_db_system_password: "Password" + sap_ha_install_hana_hsr_fqdn: example.com ``` + -A good way to start is executing the playbook with the option _--list_tasks_. You can than start a playbook with the option _--start-at-task_ at a specific point. _--list_task_ will not start any task. + + -For more information please check - -```text -ansible-playbook --help -``` + + ## License + +Apache 2.0 + + +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) + -Apache license 2.0 +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md) diff --git a/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md b/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md index 49582b6b3..564cb3cf7 100644 --- a/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md +++ b/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md @@ -6,6 +6,15 @@ Minimum required parameters for all clusters: Additional minimum requirements depend on the type of cluster setup and on the target platform. +### sap_ha_pacemaker_cluster_hacluster_user_password + +- _Type:_ `string` + +**Mandatory Input Parameter.**
+The password of the `hacluster` user which is created during pacemaker installation.
+Inherits the value of `ha_cluster_hacluster_password`, when defined.
+ + ### sap_ha_pacemaker_cluster_aws_access_key_id - _Type:_ `string` @@ -180,13 +189,6 @@ sap_ha_pacemaker_cluster_ha_cluster: node_name: nodeA ``` -### sap_ha_pacemaker_cluster_hacluster_user_password required - -- _Type:_ `string` - -The password of the `hacluster` user which is created during pacemaker installation.
-Inherits the value of `ha_cluster_hacluster_password`, when defined.
- ### sap_ha_pacemaker_cluster_hana_automated_register - _Type:_ `bool` @@ -1015,6 +1017,4 @@ Name of the SAPInstance resource for NetWeaver PAS.
- _Default:_ `rsc_vip__HDB_readonly` Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
- - \ No newline at end of file diff --git a/roles/sap_ha_pacemaker_cluster/README.md b/roles/sap_ha_pacemaker_cluster/README.md index 55e19ad21..2f0d9f3b3 100644 --- a/roles/sap_ha_pacemaker_cluster/README.md +++ b/roles/sap_ha_pacemaker_cluster/README.md @@ -8,19 +8,25 @@ Ansible Role `sap_ha_pacemaker_cluster` is used to install and configure Linux Pacemaker High Availability clusters for SAP HANA and SAP Netweaver systems on various infrastructure platforms. -## Prerequisites + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `ha_cluster` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + +## Prerequisites Infrastructure: - It is required to create them manually or using [sap_vm_provision](https://github.com/sap-linuxlab/community.sap_infrastructure/tree/main/roles/sap_vm_provision) role, because this role does not create any Cloud platform resources that are required by Resource Agents. -Collection dependency: -1. `fedora.linux_system_roles` - Managed nodes: -1. Supported SAP system is installed -2. SAP HANA System Replication is configured for SAP HANA HA cluster -3. Operating system has access to all required packages -4. All required ports are open (details below) +- Supported SAP system is installed. See [Recommended](#recommended) section. +- SAP HANA System Replication is configured for SAP HANA HA cluster. See [Recommended](#recommended) section. +- Operating system has access to all required packages +- All required ports are open (details below) | SAP HANA System Replication process | Port | | --- | --- | @@ -41,10 +47,10 @@ Managed nodes: ## Execution -**:warning: This ansible role will destroy and then recreate Linux Pacemaker cluster in process.** +**:warning: This ansible role will destroy and then recreate Linux Pacemaker cluster in process.**
:warning: Do not execute this Ansible Role against existing Linux Pacemaker clusters unless you know what you are doing and you prepare inputs according to existing cluster. -Role can be execute separately or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ### Supported Platforms | Platform | Status | Notes | @@ -68,13 +74,32 @@ Role can be execute separately or as part of [ansible.playbooks_for_sap](https:/ | SAP NetWeaver (ABAP) ASCS and ERS 2 nodes | Simple Mount | :heavy_check_mark: | + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+#### SAP HANA cluster +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) +6. *`sap_ha_pacemaker_cluster`* + +#### SAP Netweaver cluster +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) +5. *`sap_ha_pacemaker_cluster`* + + ### Execution Flow 1. Assert that required inputs were provided. 2. Detect target infrastructure platform and prepare recommended inputs unless they were provided. -3. Prepare variables with all cluster parameters and resources +3. Prepare variables with all cluster parameters and resources. 4. Execute role `ha_cluster` from Ansible Collection `fedora.linux_system_roles` with prepared inputs. -5. Execute SAP product specific post tasks and verify cluster is running +5. Execute SAP product specific post tasks and verify cluster is running. ### Example @@ -104,14 +129,13 @@ Role can be execute separately or as part of [ansible.playbooks_for_sap](https:/ node_ip: "10.10.10.10" node_role: primary hana_site: DC01 + - node_name: h01hana1 node_ip: "10.10.10.11" node_role: secondary hana_site: DC02 sap_ha_pacemaker_cluster_replication_type: none sap_ha_pacemaker_cluster_vip_resource_group_name: viphdb - - sap_hana_cluster_nodes: ``` diff --git a/roles/sap_hana_install/INPUT_PARAMETERS.md b/roles/sap_hana_install/INPUT_PARAMETERS.md new file mode 100644 index 000000000..93f909fb8 --- /dev/null +++ b/roles/sap_hana_install/INPUT_PARAMETERS.md @@ -0,0 +1,59 @@ +## Input Parameters for sap_ha_pacemaker_cluster Ansible Role + +### sap_hana_install_sid + +- _Type:_ `string` + +Enter SAP HANA System ID (SID). + +### sap_hana_install_number + +- _Type:_ `string` + +Enter SAP HANA Instance number. + +### sap_hana_install_fapolicyd_integrity + +- _Type:_ `string` +- _Default:_ `sha256` + +Select fapolicyd integrity check option out of: `none`, `size`, `sha256`, `ima`. + +### sap_hana_install_check_sidadm_user + +- _Type:_ `bool` +- _Default:_ `True` + +If the variable `sap_hana_install_check_sidadm_user` is set to `False`, the role will install SAP HANA even +if the sidadm user exists. Default is `True`, in which case the installation will not be performed if the +sidadm user exists. + +### sap_hana_install_new_system + +- _Type:_ `bool` +- _Default:_ `True` + +The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation +or if it will add further hosts to an existing SAP HANA system as specified by variable +`sap_hana_install_addhosts`. Default is `True` for a fresh SAP HANA installation. + +### sap_hana_install_update_firewall + +- _Type:_ `bool` +- _Default:_ `False` + +The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set +the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined +in a variable which is compatible with the variable structure used by Linux System Role `firewall`. +The firewall ports for SAP HANA are defined in member `port` of the first field of variable +`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the +member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, +the ports will be disabled, which might be useful for testing. + +Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. +You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. +Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` +(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, +`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. + + \ No newline at end of file diff --git a/roles/sap_hana_install/README.md b/roles/sap_hana_install/README.md index 35d439c27..efd9bc842 100644 --- a/roles/sap_hana_install/README.md +++ b/roles/sap_hana_install/README.md @@ -1,80 +1,79 @@ + # sap_hana_install Ansible Role + +![Ansible Lint for sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml/badge.svg) -Ansible role for SAP HANA Installation +## Description + +Ansible Role `sap_hana_install` is used to install SAP HANA database using HDBLCM. + -## Requirements + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + -`ansible-galaxy install -vv -r meta/collection-requirements.yml` +## Prerequisites + +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community). +- Ensure that servers are configured for SAP HANA. See [Recommended](#recommended) section. +- Ensure that volumes and filesystems are configured correctly. See [Recommended](#recommended) section. -### Configure your system for the installation of SAP HANA - -- Make sure required volumes and filesystems are configured in the host. -You can use the role `sap_storage_setup` to configure this. More info [here](/roles/sap_storage_setup) - -- Run the roles `sap_general_preconfigure` and `sap_hana_preconfigure` for installing required packages and -for configuring system settings. - -### SAP HANA Software Installation .SAR Files +### Prepare SAP HANA installation media Place the following files in directory /software/hana or in any other directory specified by variable `sap_hana_install_software_directory`: - 1. The SAPCAR executable for the correct hardware architecture - 2. The SAP HANA Installation .SAR file - SAP HANA 2.0 Server - `IMDB_SERVER*.SAR` file - 3. Optional - SAP HANA Components .SAR files - Include other optional components such as `IMDB_AFL*.SAR` or `IMDB_LCAPPS*.SAR` - 4. Optional - SAP Host Agent .SAR file - Include other optional components such as `SAPHOSTAGENT*SAR` -#### Sample Directory Contents - with .SAR files - -- Sample directory `sap_hana_install_software_directory` containing SAP HANA software installation files - ```console - [root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR - -rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR - -rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR - -rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE - -rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR - -rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR - -rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR - -rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR - ``` - -If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version -for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with -variable `sap_hana_install_sapcar_filename`. Example: -``` -sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE -``` - -If more than one SAR file for a certain software product is present in the software directory, the automatic -handling of such SAR files will fail after extraction, when moving the newly created product directories -(like `SAP_HOST_AGENT`) to already existing destinations. -For avoiding such situations, use following variable to provide a list of SAR files to extract: - -`sap_hana_install_sarfiles`. - -Example: -``` -sap_hana_install_sarfiles: - - SAPHOSTAGENT54_54-80004822.SAR - - IMDB_SERVER20_060_0-80002031.SAR +Example of `sap_hana_install_software_directory` content for SAP HANA installation: +```console +[root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR +-rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR +-rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR +-rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE +-rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR +-rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR +-rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR +-rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR ``` -If there is a file named `.sha256` in the software download directory -`sap_hana_install_software_directory` which contains the checksum and the file name similar to the output -of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the -processing will continue only if the checksum matches. - -#### Extracted SAP HANA Software Installation Files - +**Considerations:** +- If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version + for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with + variable `sap_hana_install_sapcar_filename`. Example: + ``` + sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE + ``` +- If more than one SAR file for a certain software product is present in the software directory, the automatic + handling of such SAR files will fail after extraction, when moving the newly created product directories + (like `SAP_HOST_AGENT`) to already existing destinations. + For avoiding such situations, use following variable to provide a list of SAR files to extract: `sap_hana_install_sarfiles`. + + Example: + ``` + sap_hana_install_sarfiles: + - SAPHOSTAGENT54_54-80004822.SAR + - IMDB_SERVER20_060_0-80002031.SAR + ``` + +- If there is a file named `.sha256` in the software download directory + `sap_hana_install_software_directory` which contains the checksum and the file name similar to the output + of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the + processing will continue only if the checksum matches. + + +### Extracted SAP HANA Software Installation Files This role will detect if there is a file `hdblcm` already present in the directory specified by variable `sap_hana_install_software_extract_directory` or in any directory below. If If found, it will skip the .SAR extraction phase and proceed with the installation. @@ -94,16 +93,16 @@ software extract directory is required then set `sap_hana_install_cleanup_extrac these cleanup actions are false. -- Sample directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files - ```console - [root@hanahost extracted]# ll -lrt - drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL - drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT - drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS - drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE - drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT - drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 - ``` +- Example of directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files +```console +[root@hanahost extracted]# ll -lrt +drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL +drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT +drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS +drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE +drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT +drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 +``` #### SAP HANA hdblcm Configfile Processing @@ -140,111 +139,24 @@ Note: If there is a file named `configfile.cfg` in the directory specified by ro will be performed. Be aware that when using this file, any modifications to role variables after creation of this file will not be reflected. -## Further Variables and Parameters - -### Input Parameters - -If the variable `sap_hana_install_check_sidadm_user` is set to `no`, the role will install SAP HANA even -if the sidadm user exists. Default is `yes`, in which case the installation will not be performed if the -sidadm user exists. - -The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation -or if it will add further hosts to an existing SAP HANA system as specified by variable -`sap_hana_install_addhosts`. Default is `yes` for a fresh SAP HANA installation. - -The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set -the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined -in a variable which is compatible with the variable structure used by Linux System Role `firewall`. -The firewall ports for SAP HANA are defined in member `port` of the first field of variable -`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the -member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, -the ports will be disabled, which might be useful for testing. - -Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. -You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. -Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` -(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, -`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. - -### Default Parameters - -Please check the default parameters file for more information on other parameters that can be used as an input -- [**sap_hana_install** default parameters](defaults/main.yml) + ## Execution - -Sample Ansible Playbook Execution - -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-hana-install.yml -e "@inputs/HDB.install"` - -- Target Host Installation - - `ansible-playbook -i "" sap-hana-install.yml -e "@inputs/HDB.install"` - -## Sample playbooks - -### Sample playbook for installing a new scale-up (=single node) SAP HANA system - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -### Sample playbook for installing a new scale-out SAP HANA system - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_root_password: 'NewPass$321' - sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -### Sample playbook for adding additional nodes to an existing SAP HANA installation - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_new_system: no - sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_root_password: 'NewPass$321' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -You can find more complex playbooks in directory `playbooks` of the collection `community.sap_install`. - -## Flow - -### New SAP HANA Installation - + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. *`sap_hana_install`* + + +### Execution Flow + #### Perform Initial Checks These checks will be performed by default but can be skipped by setting `sap_hana_install_force` to `true`. @@ -338,9 +250,70 @@ in a temporary directory for use by the hdblcm command in the next step. #### Post-Install - Print a short summary of the result of the installation. + + +### Example + +#### Example playbook for installing a new scale-up (=single node) SAP HANA system +```yaml +--- +- name: Ansible Play for SAP HANA installation - One host + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + +#### Example playbook for installing a new scale-out SAP HANA system +```yaml +--- +- name: Ansible Play for SAP HANA installation - Scale-out + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_root_password: 'NewPass$321' + sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + +#### Example playbook for adding additional nodes to an existing SAP HANA installation +```yaml +--- +- name: Ansible Play for SAP HANA installation - Add host + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_new_system: no + sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_root_password: 'NewPass$321' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + -## Tags + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_hana_install_check_installation`: Perform an installation check, using `hdbcheck` or `hdblcm --action=check_installation`. @@ -373,30 +346,45 @@ With the following tags, the role can be called to perform certain activities on `overwrite`. - tag `sap_hana_install_store_connection_information`: Only run the `hdbuserstore` command -Sample call for only processing the SAPCAR and SAR files and creating the hdblcm configfile: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories -``` +
+ How to run sap_hana_install with tags -Sample call for only processing the SAPCAR files: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar -``` + #### Process SAPCAR and SAR files and create the hdblcm configfile: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories + ``` -Sample call for only processing the SAPCAR and SAR files, without extracting the SAR files: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles -``` + #### Process only SAPCAR files: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar + ``` -Sample call for only displaying the SAP HANA hdblcm command line: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline -``` + #### Process SAPCAR and SAR files without extracting SAR files: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles + ``` -## License + #### Display SAP HANA hdblcm command without using it + ``` + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline + ``` +
-Apache license 2.0 -## Author Information + + + + + +## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -Red Hat for SAP Community of Practice, IBM Lab for SAP Solutions, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hana_install/INPUT_PARAMETERS.md) diff --git a/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md b/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md new file mode 100644 index 000000000..5cd5c87e9 --- /dev/null +++ b/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md @@ -0,0 +1,324 @@ +## Input Parameters for sap_hana_preconfigure Ansible Role + +## Role Input Parameters + +#### Minimum required parameters: + +This role does not require any parameter to be set in the playbook or inventory. + + +### sap_hana_preconfigure_config_all +- _Type:_ `bool` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_hana_preconfigure_installation +- _Type:_ `bool` + +If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_hana_preconfigure_configuration +- _Type:_ `bool` + +If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
+ +Example: + +```yaml +sap_hana_preconfigure_config_all: false +sap_hana_preconfigure_configuration: true +sap_hana_preconfigure_2772999_04: true +sap_hana_preconfigure_2382421: true +``` + +### sap_hana_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_hana_preconfigure_assert_all_config +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will check either tuned or static settings.
+If this parameter is set to to `true`, the role will check both tuned and static settings.
+ +### sap_hana_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_hana_preconfigure_system_roles_collection +- _Type:_ `str` +- _Default:_ `'fedora.linux_system_roles'` +- _Possible Values:_
+ - `fedora.linux_system_roles` + - `redhat.rhel_system_roles` + +Set which Ansible Collection to use for the Linux System Roles.
+For community/upstream, use 'fedora.linux_system_roles'
+For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
+ +### sap_hana_preconfigure_min_rhel_release_check +- _Type:_ `bool` +- _Default:_ `false` + +Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of
+known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if
+the RHEL release is not part of that list. If set to `true`, the role will fail in such a case.
+ +### sap_hana_preconfigure_supported_rhel_minor_releases +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA supported RHEL minor releases.
+ +### sap_hana_preconfigure_enable_sap_hana_repos +- _Type:_ `bool` +- _Default:_ `false` + +Set to 'true' to enable the SAP HANA required RHEL repos.
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_7_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_7_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_8_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_8_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_9_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_9_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_set_minor_release +- _Type:_ `bool` +- _Default:_ `false` + +Use this parameter to set the RHEL minor release, which is required for SAP HANA.
+The related parameter is `sap_general_preconfigure_set_minor_release`.
+ +### sap_hana_preconfigure_create_directories +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the SAP HANA directories to be created by the role.
+The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels`
+(see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set.
+ +### sap_hana_preconfigure_hana_directories +- _Type:_ `list` with elements of type `str` +- _Default:_ + - /hana + - /lss/shared + +List of SAP HANA directories to be created.
+ +### sap_hana_preconfigure_modify_selinux_labels +- _Type:_ `bool` +- _Default:_ `true` + +For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add
+the `usr_t` label to directories and files in the directories where HANA is installed.
+If relabeling not desired, set this parameter `false`.
+If the variable is set to `true`, the SAP HANA directories will be created no matter
+how the variable `sap_hana_preconfigure_create_directories` (see above) is set.
+ +### sap_hana_preconfigure_packages +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list
+or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`).
+ +### sap_hana_preconfigure_min_package_check +- _Type:_ `bool` +- _Default:_ `true` + +SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
+Set this parameter to `false` if you want to ignore these requirements.
+ +### sap_hana_preconfigure_update +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` to update the system to the latest package levels.
+By setting the parameter `sap_general_preconfigure_set_minor_release` of the
+role `sap_general_preconfigure` to `true`, you can install the most recent package updates
+without updating to a more recent RHEL minor release.
+ +### sap_hana_preconfigure_reboot_ok +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want to perform a reboot at the end of the role, if necessary.
+ +### sap_hana_preconfigure_fail_if_reboot_required +- _Type:_ `bool` +- _Default:_ `true` + +If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
+remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
+Can be useful if you want to implement your own reboot handling.
+ +### sap_hana_preconfigure_kernel_parameters +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Network related linux kernel parameter settings for SAP HANA on all hardware platforms.
+ +### sap_hana_preconfigure_kernel_parameters_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Network related linux kernel parameter settings for platform ppc64le.
+ +### sap_hana_preconfigure_use_netapp_settings_nfs +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to also set NetApp NFS required kernel parameters.
+ +### sap_hana_preconfigure_install_ibm_power_tools +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
+ +### sap_hana_preconfigure_add_ibm_power_repo +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
+are already available on the local network). The IBM Power Systems service and productivity tools will only
+be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
+ +### sap_hana_preconfigure_ibm_power_repo_url +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +URL of the IBM Power tools repository.
+ +### sap_hana_preconfigure_ppcle_mtu9000_if +- _Type:_ `str` +- _Default:_ `''` + +List of interfaces for which the MTU size will be set to `9000`.
+ +### sap_hana_preconfigure_ppcle_tso_if +- _Type:_ `list` with elements of type `str` +- _Default:_ + '{{ ansible_interfaces | difference([''lo'']) }}' + +List of interfaces for which the tso flag will be set.
+ +### sap_hana_preconfigure_use_tuned +- _Type:_ `bool` +- _Default:_ `true` + +Use tuned for configuring most of the kernel settings for SAP HANA
+Set this parameter to `false` to use static kernel settings
+ +### sap_hana_preconfigure_tuned_profile +- _Type:_ `str` +- _Default:_ `'sap-hana'` + +Name of the SAP HANA tuned tuned profile to enable (RHEL).
+ +### sap_hana_preconfigure_modify_grub_cmdline_linux +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` to modify the Grub boot command line.
+ +### sap_hana_preconfigure_run_grub2_mkconfig +- _Type:_ `bool` +- _Default:_ `true` + +By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
+Set this parameter to `false` if this is not desired.
+ +### sap_hana_preconfigure_db_group_name +- _Type:_ `str` + +Use this parameter to specify the name of the RHEL group which is used for the database processes.
+It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999.
+ +Example: + +```yaml +sap_hana_preconfigure_db_group_name: dba +``` + +### sap_hana_preconfigure_saptune_version +- _Type:_ `str` +- _Default:_ `''` + +Version of saptune to install (SLES for SAP Applications).
+This will replace the current installed version if present, even downgrade if necessary.
+ +### sap_hana_preconfigure_saptune_solution +- _Type:_ `str` +- _Default:_ `'HANA'` +- _Possible Values:_
+ - `HANA` + - `NETWEAVER+HANA` + - `S4HANA-APP+DB` + - `S4HANA-DBSERVER` + +The saptune solution to apply (SLES for SAP Applications).
+ +### sap_hana_preconfigure_saptune_azure +- _Type:_ `bool` +- _Default:_ `false` + +On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
+If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
+Set this parameter to `true` on Azure.
+ + \ No newline at end of file diff --git a/roles/sap_hana_preconfigure/README.md b/roles/sap_hana_preconfigure/README.md index bb581b58c..f141faac4 100644 --- a/roles/sap_hana_preconfigure/README.md +++ b/roles/sap_hana_preconfigure/README.md @@ -1,504 +1,146 @@ + # sap_hana_preconfigure Ansible Role + +![Ansible Lint for sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml/badge.svg) -This role installs additional required packages and performs additional configuration steps for installing and running SAP HANA. -If you want to configure a RHEL system for the installation and later usage of SAP HANA, you have to first run role sap_general_preconfigure -and then role sap_hana_preconfigure. However, if we wish to run SLES for HANA, you may run only this role. +## Description + +Ansible Role `sap_hana_preconfigure` is used to ensure that Managed nodes are configured to host SAP HANA systems according to SAP Notes after [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) role was executed. -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). - -It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP HANA, to maintain an identical system time, before or after running role sap_hana_preconfigure. - -Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible (see also example playbook): - -for RHEL 7.x: -- rhel-7-[server|for-power-le]-e4s-rpms -- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms - -for RHEL 8.x: -- rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms -- rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms -- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -for RHEL 9.x: -- rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms -- rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms -- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -for SLES 15.x: -- SLE-Module-SAP-Applications15-[SP number]-Pool -- SLE-Module-SAP-Applications15-[SP number]-Updates -- SLE-Product-SLES_SAP15-[SP number]-Pool -- SLE-Product-SLES_SAP15-[SP number]-Updates - -For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. - -To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in the -- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms, -- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms, or -- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -repository. - -To get this repository you need to have one of the following products: - -- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) -- RHEL for Business Partner NFRs -- [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) - -To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. - -- [Registration Link](http://developers.redhat.com/register) : - Here you can either register a new personal account or link it to an already existing - **personal** Red Hat Network account. -- [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): - Here you can download the Installation DVD for RHEL with your previously registered - account - -*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional - product but only a special bundling. The subscription grants you access to the additional - packages through our content delivery network (CDN) after installation. - -For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). - -Details on configuring SLES repositories can be found on the following articles for [on-premise systems](https://www.suse.com/support/kb/doc/?id=000018564) or [BYOS cloud images](https://www.suse.com/c/byos-instances-and-the-suse-public-cloud-update-infrastructure/) - - -It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. -You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process - -If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. - -Note ----- -For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). - -For SLES, notes are applied using the saptune service. Saptune supports a number of solutions. A solution implements several SAP notes. The default solution for this role is 'HANA'. To see a list of supported solutions and the notes that they implement, you can run `saptune solution list` on the command line. - -Do not run this role against an SAP HANA or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. - -Changes -------- -1) Previous versions of this role used the variable sap_hana_preconfigure_use_tuned_where_possible to switch between either tuned settings -or kernel command line settings (where applicable). -The current version modifies this behavior: -- The variable sap_hana_preconfigure_use_tuned_where_possible has been renamed to sap_hana_preconfigure_use_tuned -- The variable sap_hana_preconfigure_switch_to_tuned_profile_sap_hana has been removed. -- If sap_hana_preconfigure_use_tuned is set to `yes`, which is also the default, the role will configure the system for using tuned and also switch to tuned profile sap-hana. - If sap_hana_preconfigure_use_tuned is set to `no`, the role will perform a static configuration, including the modification of the linux command line in grub. -- The role can use tuned, or configure the kernel command line, or both. - -2) Previous versions of this role used variable sap_hana_preconfigure_selinux_state to set the SELinux state to disabled. -As the role sap_general_preconfigure already allows to specify the desired SELinux state, and as sap_general_preconfigure -is always run before sap_hana_preconfigure, there is no need any more to let sap_hana_preconfigure configure the SELinux state. -The same applies to the assertion of the SELinux state. - -3) SLES systems are now configured using saptune rather than the ansible implementation of the notes. - - -## Role Input Parameters - -#### Minimum required parameters: - -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_hana_preconfigure_config_all -- _Type:_ `bool` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_hana_preconfigure_installation -- _Type:_ `bool` - -If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_hana_preconfigure_configuration -- _Type:_ `bool` - -If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
- -Example: - -```yaml -sap_hana_preconfigure_config_all: false -sap_hana_preconfigure_configuration: true -sap_hana_preconfigure_2772999_04: true -sap_hana_preconfigure_2382421: true -``` - -### sap_hana_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_hana_preconfigure_assert_all_config -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will check either tuned or static settings.
-If this parameter is set to to `true`, the role will check both tuned and static settings.
- -### sap_hana_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_hana_preconfigure_system_roles_collection -- _Type:_ `str` -- _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` - -Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
- -### sap_hana_preconfigure_min_rhel_release_check -- _Type:_ `bool` -- _Default:_ `false` - -Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of
-known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if
-the RHEL release is not part of that list. If set to `true`, the role will fail in such a case.
- -### sap_hana_preconfigure_supported_rhel_minor_releases -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA supported RHEL minor releases.
- -### sap_hana_preconfigure_enable_sap_hana_repos -- _Type:_ `bool` -- _Default:_ `false` - -Set to 'true' to enable the SAP HANA required RHEL repos.
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_7_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_7_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_8_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_8_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_9_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_9_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_set_minor_release -- _Type:_ `bool` -- _Default:_ `false` - -Use this parameter to set the RHEL minor release, which is required for SAP HANA.
-The related parameter is `sap_general_preconfigure_set_minor_release`.
- -### sap_hana_preconfigure_create_directories -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the SAP HANA directories to be created by the role.
-The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels`
-(see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set.
- -### sap_hana_preconfigure_hana_directories -- _Type:_ `list` with elements of type `str` -- _Default:_ - - /hana - - /lss/shared - -List of SAP HANA directories to be created.
- -### sap_hana_preconfigure_modify_selinux_labels -- _Type:_ `bool` -- _Default:_ `true` - -For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add
-the `usr_t` label to directories and files in the directories where HANA is installed.
-If relabeling not desired, set this parameter `false`.
-If the variable is set to `true`, the SAP HANA directories will be created no matter
-how the variable `sap_hana_preconfigure_create_directories` (see above) is set.
- -### sap_hana_preconfigure_packages -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list
-or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`).
- -### sap_hana_preconfigure_min_package_check -- _Type:_ `bool` -- _Default:_ `true` - -SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
-Set this parameter to `false` if you want to ignore these requirements.
- -### sap_hana_preconfigure_update -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` to update the system to the latest package levels.
-By setting the parameter `sap_general_preconfigure_set_minor_release` of the
-role `sap_general_preconfigure` to `true`, you can install the most recent package updates
-without updating to a more recent RHEL minor release.
- -### sap_hana_preconfigure_reboot_ok -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want to perform a reboot at the end of the role, if necessary.
- -### sap_hana_preconfigure_fail_if_reboot_required -- _Type:_ `bool` -- _Default:_ `true` - -If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
-remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
-Can be useful if you want to implement your own reboot handling.
- -### sap_hana_preconfigure_kernel_parameters -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Network related linux kernel parameter settings for SAP HANA on all hardware platforms.
- -### sap_hana_preconfigure_kernel_parameters_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Network related linux kernel parameter settings for platform ppc64le.
- -### sap_hana_preconfigure_use_netapp_settings_nfs -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` to also set NetApp NFS required kernel parameters.
- -### sap_hana_preconfigure_install_ibm_power_tools -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
- -### sap_hana_preconfigure_add_ibm_power_repo -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
-are already available on the local network). The IBM Power Systems service and productivity tools will only
-be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
- -### sap_hana_preconfigure_ibm_power_repo_url -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -URL of the IBM Power tools repository.
- -### sap_hana_preconfigure_ppcle_mtu9000_if -- _Type:_ `str` -- _Default:_ `''` - -List of interfaces for which the MTU size will be set to `9000`.
- -### sap_hana_preconfigure_ppcle_tso_if -- _Type:_ `list` with elements of type `str` -- _Default:_ - '{{ ansible_interfaces | difference([''lo'']) }}' - -List of interfaces for which the tso flag will be set.
- -### sap_hana_preconfigure_use_tuned -- _Type:_ `bool` -- _Default:_ `true` - -Use tuned for configuring most of the kernel settings for SAP HANA
-Set this parameter to `false` to use static kernel settings
- -### sap_hana_preconfigure_tuned_profile -- _Type:_ `str` -- _Default:_ `'sap-hana'` - -Name of the SAP HANA tuned tuned profile to enable (RHEL).
- -### sap_hana_preconfigure_modify_grub_cmdline_linux -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` to modify the Grub boot command line.
- -### sap_hana_preconfigure_run_grub2_mkconfig -- _Type:_ `bool` -- _Default:_ `true` - -By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
-Set this parameter to `false` if this is not desired.
- -### sap_hana_preconfigure_db_group_name -- _Type:_ `str` - -Use this parameter to specify the name of the RHEL group which is used for the database processes.
-It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999.
- -Example: - -```yaml -sap_hana_preconfigure_db_group_name: dba -``` - -### sap_hana_preconfigure_saptune_version -- _Type:_ `str` -- _Default:_ `''` - -Version of saptune to install (SLES for SAP Applications).
-This will replace the current installed version if present, even downgrade if necessary.
- -### sap_hana_preconfigure_saptune_solution -- _Type:_ `str` -- _Default:_ `'HANA'` -- _Possible Values:_
- - `HANA` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-DBSERVER` - -The saptune solution to apply (SLES for SAP Applications).
- -### sap_hana_preconfigure_saptune_azure -- _Type:_ `bool` -- _Default:_ `false` - -On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
-If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
-Set this parameter to `true` on Azure.
- - - -## Example Playbook - -Simple playbook, named sap+hana.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure - - role: sap_hana_preconfigure -``` - -Simple playbook for an extended check (assert) run, named sap+hana-assert.yml: +This role performs installation of required packages for running SAP HANA systems and configuration of Operating system parameters. + + + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + + +## Prerequisites +Managed nodes: +- Ensure that general operating system configuration for SAP is performed by [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure). See [Recommended](#recommended) section. + +
+ (Red Hat) Ensure required repositories are available + + Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible: + + for RHEL 7.x: + - rhel-7-[server|for-power-le]-e4s-rpms + - rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms + + for RHEL 8.x: + - rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + for RHEL 9.x: + - rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. + + To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in one of following repositories + - rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + To get this repository you need to have one of the following products: + - [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) + - RHEL for Business Partner NFRs + - [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) + + To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. + + - [Registration Link](http://developers.redhat.com/register) : + Here you can either register a new personal account or link it to an already existing + **personal** Red Hat Network account. + - [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): + Here you can download the Installation DVD for RHEL with your previously registered + account + + *NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional + product but only a special bundling. The subscription grants you access to the additional + packages through our content delivery network (CDN) after installation. + + For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). + + It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. + You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process + + If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. + + Note + ---- + For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). +
+ + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +**NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_hana_preconfigure`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages and patch system if `sap_hana_preconfigure_update:true` +3. Apply configurations + - Execute configuration tasks based on SAP Notes + - (SUSE) Execute saptune with solution `sap_hana_preconfigure_saptune_solution` (Default: `HANA`) +4. Reboot Managed nodes if packages were installed or patched and `sap_hana_preconfigure_reboot_ok: true` + + +### Example + +Example of execution together with prerequisite role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) ```yaml --- -- hosts: all - vars: - sap_general_preconfigure_assert: yes - sap_general_preconfigure_assert_ignore_errors: yes - sap_hana_preconfigure_assert: yes - sap_hana_preconfigure_assert_ignore_errors: yes - roles: - - role: sap_general_preconfigure - - role: sap_hana_preconfigure -``` - -## Example Usage - -Normal run, for configuring server host_1 for SAP HANA: -```yaml -ansible-playbook sap+hana.yml -l host_1 -``` - -Extended Check (assert) run, not aborting if an error has been found: -```yaml -ansible-playbook sap+hana-assert.yml -l host_1 +- name: Ansible Play for SAP HANA HA Scale-up preconfigure + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Execute Ansible Role sap_hana_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_hana_preconfigure ``` + -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap+hana-assert.yml -l host_1,host_2 | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## Contribution + + -Please read the [developer guidelines](./README.DEV.md) if you want to contribute + + ## License + +Apache 2.0 + -Apache license 2.0 +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -## Author Information - -Red Hat for SAP Community of Practice, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md) diff --git a/roles/sap_hostagent/INPUT_PARAMETERS.md b/roles/sap_hostagent/INPUT_PARAMETERS.md new file mode 100644 index 000000000..1b10434b8 --- /dev/null +++ b/roles/sap_hostagent/INPUT_PARAMETERS.md @@ -0,0 +1,130 @@ +## Input Parameters for sap_hostagent Ansible Role + + +### sap_hostagent_installation_type + +- _Type:_ `string` +- _Default:_ `rpm` + +Select type of installation source for SAPHOSTAGENT.
+Available options: `sar`, `sar-remote`, `bundle`, `rpm` + + +## Input Parameters for SAR +Following input parameters are used by both Local SAR and Remote SAR. + +### sap_hostagent_sar_file_name + +- _Type:_ `string` + +Name of SAR file containing SAPHOSTAGENT. + +### sap_hostagent_sapcar_file_name + +- _Type:_ `string` + +Name of SAR file containing SAPCAR. + +## Input Parameters for Local SAR + +### sap_hostagent_sar_local_path + +- _Type:_ `string` + +Local directory path where SAR file is located. Do not use together with `sap_hostagent_sar_remote_path`. + +### sap_hostagent_sapcar_local_path + +- _Type:_ `string` + +Local directory path where SAPCAR file is located. Do not use together with `sap_hostagent_sapcar_remote_path`. + +## Input Parameters for Remote SAR + +### sap_hostagent_sar_remote_path + +- _Type:_ `string` + +Remote directory path where SAR file is located. Do not use together with `sap_hostagent_sar_local_path`. + +### sap_hostagent_sapcar_remote_path + +- _Type:_ `string` + +Local directory path where SAPCAR file is located. Do not use together with `sap_hostagent_sapcar_local_path`. + + +## Input Parameters for RPM + +### sap_hostagent_rpm_local_path + +- _Type:_ `string` + +Local directory path where RPM file is located. Do not use together with `sap_hostagent_rpm_remote_path`. + +### sap_hostagent_rpm_remote_path + +- _Type:_ `string` + +Remote directory path where RPM file is located. Do not use together with `sap_hostagent_rpm_local_path`. + +### sap_hostagent_rpm_file_name + +- _Type:_ `string` + +Name of RPM package containing SAPHOSTAGENT. + + +## Input Parameters for SAP Bundle + +### sap_hostagent_bundle_path + +- _Type:_ `string` + +Remote directory path where SAP Bundle file is located after being extracted. + + +## Input Parameters for SSL setup + +### sap_hostagent_config_ssl + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to configure PSE and create CSR.
+Adding signed certificates from a valid CA is not supported yet. + +### sap_hostagent_ssl_passwd + +- _Type:_ `string` + +Enter password for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +### sap_hostagent_ssl_org + +- _Type:_ `string` + +Enter Organization information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +### sap_hostagent_ssl_country + +- _Type:_ `string` + +Enter Country information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + + +### sap_hostagent_agent_tmp_directory + +- _Type:_ `string` +- _Default:_ `/tmp/hostagent` + +Temporary directory for processing of source file. + +### sap_hostagent_clean_tmp_directory + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to remove temporary directory after installation. + + \ No newline at end of file diff --git a/roles/sap_hostagent/README.md b/roles/sap_hostagent/README.md index 13aa84fa4..400395153 100644 --- a/roles/sap_hostagent/README.md +++ b/roles/sap_hostagent/README.md @@ -1,150 +1,134 @@ + # sap_hostagent Ansible Role + -SAP Host Agent is an agent that can accomplish several life-cycle management tasks, such as operating system monitoring, database monitoring, system instance control and provisioning. - -It is recommended to install SAP Host Agent upfront in any HA environment. - -You can find the latest Documentation in [SAP NOTE 1907566](https://launchpad.support.sap.com/#/notes/1907566) - -This role installs or updates the SAP Host Agent on a RHEL 7.x or 8.x system. It is provided as RPM package, tarball or as part of an SAP softwarebundle. -While Red Hat recommends RPM for easier upgrade, this role take care of all formats. - -## Requirements - -This role is intended to use on a RHEL system that gets SAP software. -So your system needs to be installed with at least the RHEL core packages, properly registered and prepared for HANA or Netweaver installation. - -It needs access to the software repositories required to install SAP HANA (see also: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)) - -You can use the [redhat_sap.sap_rhsm](https://galaxy.ansible.com/redhat_sap/sap_rhsm) Galaxy Role to automate this process - -To install SAP software on Red Hat Enterprise Linux you need some additional packages which come in a special repository. To get this repository you need to have one -of the following products: - -- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard, developer Edition) -- [RHEL for Business Partner NFRs](https://partnercenter.redhat.com/NFRPageLayout) - -[Click here](https://developers.redhat.com/products/sap/download/) to achieve a personal developer edition of RHEL for SAP Solutions. Please register as a developer and download the developer edition. - -- [Registration Link](http://developers.redhat.com/register) : - Here you can either register a new personal account or link it to an already existing **personal** Red Hat Network account. -- [Download Link](https://access.redhat.com/downloads/): - Here you can download the Installation DVD for RHEL with your previously registered account - -*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional - product but only a special bundling. The subscription grants you access to the additional - packages through our content delivery network(CDN) after installation. - -It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-82c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. - -## Role Variables - -### RPM based installations - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes, with `rpm` value| -|sap_hostagent_rpm_local_path|Local directory path where RPM file is located|yes, unless `sap_hostagent_rpm_remote_path` is used| -|sap_hostagent_rpm_remote_path|Local directory path where RPM file is located|yes, unless `sap_hostagent_rpm_local_path` is used| -|sap_hostagent_rpm_file_name|Local RPM file name|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| - -### SAR based installations (content on ansible control node) - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `sar` value| -|sap_hostagent_sar_local_path|Local directory path where SAR file is located|yes| -|sap_hostagent_sar_file_name|Local SAR file name|yes| -|sap_hostagent_sapcar_local_path|Local directory path where SAPCAR tool file is located|yes| -|sap_hostagent_sapcar_file_name|Local SAPCAR tool file name|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| - -### SAR based installations (with content existing on target node) - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `sar-remote` value| -|sap_hostagent_sar_remote_path|Remote directory path where SAR tool file is located|yes| -|sap_hostagent_sar_file_name|SAR tool file name|yes| -|sap_hostagent_sapcar_remote_path|Remote directory path of SAR archive|yes| -|sap_hostagent_sapcar_file_name|Remote file name of SAR archive|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +## Description + +Ansible Role `sap_hostagent` is used install SAP Host Agent. +SAP Host Agent is an agent that can accomplish several life-cycle management tasks, such as operating system monitoring, database monitoring, system instance control and provisioning. -### SAP Bundle based installations - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `bundle` value| -|sap_hostagent_bundle_path|Target host directory path where SAP Installation Bundle has been unarchived| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| - -### SSL Configuration - -Right now the role will configure the PSE and create a CSR. Adding signed certificates from a valid CA is not supported yet - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_config_ssl|This boolean variable will configure Agent for SSL communication|no (defaulted in the role)| -|sap_hostagent_ssl_passwd|Password to be used for the CSR|yes when `sap_hostagent_config_ssl` True| -|sap_hostagent_ssl_org|Organization information for the CSR|yes when `sap_hostagent_config_ssl` True| -|sap_hostagent_ssl_country|Country information for the CSR|yes when `sap_hostagent_config_ssl` True| - -## Dependencies - -Before using this role ensure your system has been configured properly to run SAP applications. - -You can use the supported role `sap_general_preconfigure` coming with RHEL 7 and 8 with RHEL for SAP Solutions Subscription - -The upstream version of this role can be found [here](https://github.com/linux-system-roles/sap_general_preconfigure) - -## Example Playbook - +This role installs SAP Host Agent with following source methods: +- SAP SAR file +- SAP Bundle +- RPM package (Red Hat only) + + + + + + +## Prerequisites +Managed nodes: +- Ensure that servers are configured for SAP Systems. See [Recommended](#recommended) section. + + +## Execution + + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_hostagent`* + + +### Execution Flow + +1. Create temporary directory. +2. Execute deployment based on chosen method. +3. Configure SSL if `sap_hostagent_config_ssl` was set. +4. Cleanup temporary directory + + +### Example + +#### Example playbook for installing using SAR file located on control node ```yaml - - hosts: servers - roles: - - role: sap_hostagent +--- +- name: Ansible Play for SAP Host Agent installation - Local SAR + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "sar" + sap_hostagent_sar_local_path: "/software/SAPHOSTAGENT" + sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" + sap_hostagent_sapcar_local_path: "/software/SAPHOSTAGENT" + sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" + sap_hostagent_clean_tmp_directory: true ``` - -## Example Inventory - -When using RPM: - +#### Example playbook for installing using SAR file located on managed node ```yaml -sap_hostagent_installation_type: "rpm" -sap_hostagent_rpm_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm" -sap_hostagent_clean_tmp_directory: true +--- +- name: Ansible Play for SAP Host Agent installation - Remote SAR + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "sar" + sap_hostagent_sar_remote_path: "/software/SAPHOSTAGENT" + sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" + sap_hostagent_sapcar_remote_path: "/software/SAPHOSTAGENT" + sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" + sap_hostagent_clean_tmp_directory: true ``` - -When using SAR: - +#### Example playbook for installing using SAP Bundle ```yaml -sap_hostagent_installation_type: "sar" -sap_hostagent_sar_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" -sap_hostagent_sapcar_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" -sap_hostagent_clean_tmp_directory: true +--- +- name: Ansible Play for SAP Host Agent installation - SAP bundle + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "bundle" + sap_hostagent_bundle_path: "/usr/local/src/HANA-BUNDLE/51053381" + sap_hostagent_clean_tmp_directory: true ``` - -When using SAP Bundle: - +#### Example playbook for installing using RPM on Red Hat ```yaml -sap_hostagent_installation_type: "bundle" -sap_hostagent_bundle_path: "/usr/local/src/HANA-BUNDLE/51053381" -sap_hostagent_clean_tmp_directory: true +--- +- name: Ansible Play for SAP Host Agent installation - SAP bundle + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "rpm" + sap_hostagent_rpm_local_path: "/mylocaldir/SAPHOSTAGENT" + sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm" + sap_hostagent_clean_tmp_directory: true ``` + -## License + + -Apache license 2.0 + + -## Author Information - -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice +## License + +Apache 2.0 + + +## Maintainers + +- [Markus Koch](https://github.com/rhmk) +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hostagent/INPUT_PARAMETERS.md) diff --git a/roles/sap_install_media_detect/INPUT_PARAMETERS.md b/roles/sap_install_media_detect/INPUT_PARAMETERS.md new file mode 100644 index 000000000..67beaf028 --- /dev/null +++ b/roles/sap_install_media_detect/INPUT_PARAMETERS.md @@ -0,0 +1,181 @@ +## Input Parameters for sap_install_media_detect Ansible Role + +### sap_install_media_detect_rar_handling + +- _Type:_ `bool` +- _Default:_ `True` + +Set this parameter to `false` for skipping the handling of RAR files. In this case, also no `unar` or other RAR handling software will be installed. + + +### sap_install_media_detect_rar_package + +- _Type:_ `str` +- _Default:_ `EPEL` + +Set this parameter to use either the `unar` package from `EPEL` or another software package for handling RAR files.
+Based on this setting, the commands for listing and extracting RAR files are being set in tasks/prepare/enable_rar_handling.yml + +### sap_install_media_detect_epel_gpg_key_url + +- _Type:_ `str` +- _Default:_ `https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}` + +URL for the EPEL GPG key + +### sap_install_media_detect_use_rpm_key_module_for_removing_the_key + +- _Type:_ `bool` +- _Default:_ `True` + +The `EPEL` GPG key can be removed with the rpm_key module and the URL for the key, or by using the `rpm -e` command.
+For using the rpm -e command, set this variable to 'false'. + +### sap_install_media_detect_file_server_only + +- _Type:_ `bool` +- _Default:_ `False` + +If this role is running on a file server on which the SAP software is not to be installed, set the following to true.
+If this role is running on a system on which the SAP software is to be installed, set the following to false. + +### sap_install_media_detect_rar_list + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar lb` + +Fully qualified path to the program for listing RAR files, including the argument for listing files.
+If not specified, the `lsar` program (or a link with the name `lsar`, pointing to the actual `lsar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar x` + +Fully qualified path to the program for extracting RAR files, including the argument for extracting files.
+If not specified, the `unar` program (or a link with the name `unar`, pointing to the actual `unar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract_directory_argument + +- _Type:_ `str` + +Fully qualified path to an additional argument to the program for extracting RAR files, for specifying the directory into which the archive is to be extracted. Needs to be empty or start with a space character.
+If sap_install_media_detect_rar_package is set to 'EPEL', this variable is not used. + +### sap_install_media_detect_source_directory + +- _Type:_ `str` +- _Default:_ `/software` + +Directory where the SAP software is located + +### sap_install_media_detect_target_directory + +- _Type:_ `str` + +Directory where the SAP software is located after the role is run, if different from `sap_install_media_detect_source_directory` + +### sap_install_media_detect_create_target_directory + +- _Type:_ `bool` +- _Default:_ `True` + +Create target directory if it does not yet exist. If set to false, perform a check only + +### sap_install_media_detect_rename_target_file_exists + +- _Type:_ `str` +- _Default:_ `skip` + +If there are two files of the same RAR or ZIP type, one with and one without suffix, the following parameter will determine what the role will do for such a file: `skip` the file renaming, `fail`, or `overwrite` the file with the suffix by the file without suffix + +### sap_install_media_detect_extract_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not extract archives which have the extract flag set, set the following parameter to `false`. + +### sap_install_media_detect_move_or_copy_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not move or copy archive files to the `target_dir` subdirectories, set the following parameter to `false`. + +### sap_install_media_detect_assert_after_sapfile + +- _Type:_ `bool` +- _Default:_ `True` + +By default, the presence of at least one file for each file type according to the configured role parameters is asserted. Set the following parameter to 'false' to skip this step. + +### sap_install_media_detect_db + +- _Type:_ `str` + +Select which database type to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_db_client + +- _Type:_ `str` + +Select which database client to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_swpm + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SWPM. + +### sap_install_media_detect_hostagent + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Hostagent. + +### sap_install_media_detect_igs + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP IGS. + +### sap_install_media_detect_kernel + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Kernel files. + +### sap_install_media_detect_kernel_db + +- _Type:_ `str` + +Select which database kernel to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2`
\ No newline at end of file diff --git a/roles/sap_install_media_detect/README.md b/roles/sap_install_media_detect/README.md index 23dfaa60c..45e739bd6 100644 --- a/roles/sap_install_media_detect/README.md +++ b/roles/sap_install_media_detect/README.md @@ -1,48 +1,104 @@ + # sap_install_media_detect Ansible Role - -Ansible Role for detection and extraction of SAP Software installation media - -This role is used to prepare for installation of SAP Software, by searching a given directory for SAP installation media (e.g. SAR files), -moving files to subdirectories (i.e. `/sap_hana` and `/sap_swpm`) with the directory/file ownership permissions, then extracting the detected files. - -Detection of installation media is available for SAP HANA and the various key installation files when using SAP SWPM to install -SAP Business Applications based upon SAP NetWeaver (e.g. SAP S/4HANA, SAP BW/4HANA, SAP ECC, SAP BW, SAP WebDispatcher etc). -As an example, SAP HANA Client would be detected and the SAP Kernel Part I/II would be detected. - -Once detection (e.g. using `zipinfo -1` and `unrar lb`) and extraction are completed, the file paths are shown and stored as variables for subsequent use by other Ansible Tasks. - -RAR files can be either handled by the unar package from EPEL or by another package which can list the contents of, and extract files from, -RAR files. See the comments and examples for the RAR file handling in `defaults/main.yml`. If the EPEL repo had been enabled at the time -when the role was run, it will remain enabled. If the EPEL repo was not present, the associated GPG key will be removed and the EPEL repo -will be disabled as the last task. - -## Execution Flow - -- At the beginning of the execution of the role, a new tool `sapfile` is pushed to a temporary directory on the managed node. -- Also a package which contains a command for extracting and listing content of files of type `RAR` is installed. -- The next step is to check if source and/or target directories exist. If role parameter `sap_install_media_detect_target_directory` is defined, files will later be copied from `sap_install_media_detect_source_directory`. This is the `remote_dir` case. -- If the system on which the `sap_install_media_detect_source_directory` is not writable, the role would normally fail because one or both of the following conditions are not met: - - The SAPCAR EXE file is not executable. - - There are one or more `ZIP` or `RAR` files without extension. -- In this `remote_dir` case, to make sure the role does not fail, it needs to be run first on the node on which `sap_install_media_detect_source_directory` is writable, with role parameter `sap_install_media_detect_file_server_only` set to `true` so the role will not perform and further file detection activities. -- After the SAPCAR EXE file is executable and there are no more `ZIP` or `RAR` files without extension, the role can be called on a managed node where `sap_install_media_detect_source_directory` is not writable. -- A new list of all files with the correct final file names will then be created, and for each of the files, the SAP file types are determined using the `sapfile` tool, either using the file names or - if this information is not sufficient - from information inside the file. -- We then assert that there is at least (or exactly, depending on the file type) one file available for each of the `sap_install_media_detect_*` parameters. For example, if `sap_install_media_detect_kernel_db` is set to `saphana`, then there must be one SAP Kernel DB dependent file for SAP HANA. -- In case of `remote_dir`, the next step is to copy all files from `sap_install_media_detect_source_directory` to `sap_install_media_detect_target_directory`. -- Then we extract files which are configured in `sapfile` to be extracted, and copy or move files which are configured in `sapfile` to be copied or moved. Certain files like `SAPCAR*.EXE` and the SAP Host Agent will be copied to two different directories. -- Once all necessary files have been extracted and all files are copied or moved to where we want them to be, we are using the Ansible find module to identify the different file types by using file or directory name patterns. -- The last step is to fill all required `sap_swpm` parameters from the result of the previous find step, and display all the variables. - -## Variables and Parameters - -See the file `defaults/main.yml`. - -## Dependencies - -This role does not depend on any other Ansible Role. - -## Tags - + +![Ansible Lint for sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_install_media_detect.yml/badge.svg) + +## Description + +Ansible Role `sap_install_media_detect` is used to detect and extract SAP installation media. + +This role searches provided source directory, sorts files based on type and extracts them to target directory. Extraction can be further adjusted to create individual folders based on defined inputs. + +Detection of supported installation media is available for SAP HANA and wide range of SAP Applications (example: SAP S/4HANA, SAP BW/4HANA, SAP ECC, SAP BW, SAP WebDispatcher, SAP Business Applications based upon SAP NetWeaver, etc). + + + + + + +## Prerequisites +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. + + +## Execution + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+#### SAP HANA +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. *`sap_install_media_detect`* +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) - High Availability specific +6. [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) - High Availability specific + +#### SAP Netweaver +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) +3. *`sap_install_media_detect`* +4. [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) +5. [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) - High Availability specific + + +### Execution Flow + +1. At the beginning of the execution of the role, a new tool `sapfile` is pushed to a temporary directory on the managed node. +2. Also a package which contains a command for extracting and listing content of files of type `RAR` is installed. +3. The next step is to check if source and/or target directories exist. If role parameter `sap_install_media_detect_target_directory` is defined, files will later be copied from `sap_install_media_detect_source_directory`. This is the `remote_dir` case. +4. If the system on which the `sap_install_media_detect_source_directory` is not writable, the role would normally fail because one or both of the following conditions are not met: + - The SAPCAR EXE file is not executable. + - There are one or more `ZIP` or `RAR` files without extension. +5. In this `remote_dir` case, to make sure the role does not fail, it needs to be run first on the node on which `sap_install_media_detect_source_directory` is writable, with role parameter `sap_install_media_detect_file_server_only` set to `true` so the role will not perform and further file detection activities. +6. After the SAPCAR EXE file is executable and there are no more `ZIP` or `RAR` files without extension, the role can be called on a managed node where `sap_install_media_detect_source_directory` is not writable. +7. A new list of all files with the correct final file names will then be created, and for each of the files, the SAP file types are determined using the `sapfile` tool, either using the file names or - if this information is not sufficient - from information inside the file. +8. We then assert that there is at least (or exactly, depending on the file type) one file available for each of the `sap_install_media_detect_*` parameters. For example, if `sap_install_media_detect_kernel_db` is set to `saphana`, then there must be one SAP Kernel DB dependent file for SAP HANA. +9. In case of `remote_dir`, the next step is to copy all files from `sap_install_media_detect_source_directory` to `sap_install_media_detect_target_directory`. +10. Then we extract files which are configured in `sapfile` to be extracted, and copy or move files which are configured in `sapfile` to be copied or moved. Certain files like `SAPCAR*.EXE` and the SAP Host Agent will be copied to two different directories. +11. Once all necessary files have been extracted and all files are copied or moved to where we want them to be, we are using the Ansible find module to identify the different file types by using file or directory name patterns. +12. The last step is to fill all required `sap_swpm` parameters from the result of the previous find step, and display all the variables. + - Once detection (e.g. using `zipinfo -1` and `unrar lb`) and extraction are completed, the file paths are shown and stored as variables for subsequent use by other Ansible Tasks. + +
+ (Red Hat) Additional steps for RAR files + + RAR files can be either handled by the unar package from EPEL or by another package which can list the contents of, and extract files from, RAR files. See the comments and examples for the RAR file handling in `defaults/main.yml`. + + - If the EPEL repo had been enabled at the time when the role was run, it will remain enabled. + - If the EPEL repo was not present, the associated GPG key will be removed and the EPEL repo will be disabled as the last task. +
+ + +### Example + +Example playbook to extract SAP Installation media for SAP ASCS Netweaver. +```yaml +--- +- name: Ansible Play for SAP NetWeaver ASCS - Extract SAP Installation media + hosts: nwas_ascs + become: true + any_errors_fatal: true + max_fail_percentage: 0 + tasks: + + - name: Execute Ansible Role sap_install_media_detect + ansible.builtin.include_role: + name: community.sap_install.sap_install_media_detect + vars: + sap_install_media_detect_swpm: true + sap_install_media_detect_hostagent: true + sap_install_media_detect_igs: true + sap_install_media_detect_kernel: true + sap_install_media_detect_webdisp: false +``` + + + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_install_media_detect_zip_handling`: Only perform the task for enabling the listing and extracting of files of type `ZIP`. - tag `sap_install_media_detect_rar_handling`: Only perform the tasks for enabling the listing and extracting of files of type `RAR`. This @@ -59,11 +115,20 @@ With the following tags, the role can be called to perform certain activities on Note: After running the role with the following four tags, the SAP archive files will be in the same place as before running the role the first time. The directories with pattern `*_extracted` will remain in place. `sap_install_media_detect_provide_sapfile_utility,sap_install_media_detect_check_directories,sap_install_media_detect_create_file_list_phase_1,sap_install_media_detect_move_files_to_main_directory` + -## License + + -Apache license 2.0 +## License + +Apache 2.0 + -## Author Information +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Bernd Finger +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_install_media_detect/INPUT_PARAMETERS.md) diff --git a/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md b/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md new file mode 100644 index 000000000..959447a1f --- /dev/null +++ b/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md @@ -0,0 +1,78 @@ +## Input Parameters for sap_maintain_etc_hosts Ansible Role + + +This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the `/etc/hosts` file. + +The default value is the definition of the cluster nodes like in the role [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster). If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined, then the role creates a default value from `ansible_facts`. + +**NOTE: If you want to use this role to remove entries from /etc/hosts it is a good practice to do this before adding entries. The adding/removal is done in the order the entries are listed.** + +### sap_maintain_etc_hosts_list + +- _Type:_ `list` with elements of type `dict` + +Mandatory list of nodes in form of dictionaries to be added or removed in `/etc/hosts` file. + +Following dictionary keys can be defined: +- **node_ip**
+ IP address of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, where `node_name` and `node_domain` can be used instead. + + - _Type:_ `string` + +- **node_name**
+ Hostname of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_ip` is not used. + + - _Type:_ `string` + +- **node_domain**
+ Domain name of the managed node. Defaults to `sap_domain` if set or `ansible_domain`.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_name` is used. + + - _Type:_ `string` + - _Default:_ `sap_domain` + +- **aliases**
+ List of aliases for the managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `list` with elements of type `string` + +- **alias_mode**
+ Select method of updating `/etc/hosts` file:
+ - `merge` : merges the list of aliases with the exiting aliases of the node.
+ - `overwrite` : overwrites the aliases of the node. + _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + - _Default:_ `merge` + +- **node_comment**
+ Node comment is appended at end of line of managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + - _Default:_ `managed by ansible sap_maintain_etc_hosts role` + +- **hana_site**
+ Used by [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) and it is appended to `node_comment`
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + +- **node_role**
+ Not used, but mentioned for compatibility reasons for [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role.
+ + - _Type:_ `string` + +- **state**
+ Select `present` for adding new entries, `absent` for removing them.
+ **Required** for removing entries, otherwise default `present` is used. + + - _Type:_ `string` + - _Default:_ `present` + \ No newline at end of file diff --git a/roles/sap_maintain_etc_hosts/README.md b/roles/sap_maintain_etc_hosts/README.md index 98fab9adf..e822ae55e 100644 --- a/roles/sap_maintain_etc_hosts/README.md +++ b/roles/sap_maintain_etc_hosts/README.md @@ -1,142 +1,92 @@ -# Role Name: sap_maintain_etc_hosts - -This role can be used to reliably update the /etc/hosts file. - - - -## Role Input Parameters - -This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the hostfile. The default value is the definition of the cluster nodes like in the role `sap_ha_pacemaker_cluster`. If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined the role creates a default value from `ansible_facts`. - -Caution: If you want to use this role to remove entries from /etc/hosts it is a good practise to do this before adding entries. The adding/removal is done in the order the entries are listed. - -### sap_maintain_etc_hosts_list - -- _Type:_ `list` - - List of nodes to be added or removed in /etc/hosts - possible list options: - -#### node_ip - -- _Type:_ `string` - - IP address of the node. - It is required for adding a node. - When deleting a node use only when node_name and node_domain are not defined - -#### node_name - -- _Type:_ `string` - - Hostname of the node - It is required for adding a node. - When deleting a node use only when node_ip is not defined - -#### node_domain - -- _Type:_ `string` - - Domainname of the node - Defaults to sap_domain, if set, otherwise ansible_domain is the default - When deleting a node use only when node_name is defined - -#### aliases - -- _Type:_ `list` - - List of aliases for the node - Not used when state is absent - -#### alias_mode - -- _Type:_ `string` - - Options: - - - `merge` : merges the list of aliases with the exiting aliases of the node. (default) - - `overwrite` : overwrites the aliases of the node. - - Not used when state is absent - -#### node_comment - -- _Type:_ `string` - - default: managed by ansible sap_maintain_etc_hosts role` - String which is appended to line in hosts after comment string - Not used when state is absent - -#### hana_site - -- _Type:_ `string` - - if set (e.g. for configuring cluster) it is appended to the comment - Not used when state is absent - -#### node_role - - Not used. For compatibility reason only. - -#### state - -- _Type:_ `string` - - Options: - - - `present` : creates a host entry (default)` - - `absent` : removes a host entry by ip or hostname - - - -Example Playbook ----------------- - -If you want to setup/add entries your etc hosts you can use this snippet - -```[yaml] -- name: Ensure /etc/hosts is updated - include_role: sap_sap_maintain_etc_hosts - var: + +# sap_maintain_etc_hosts Ansible Role + + +## Description + +Ansible Role `sap_maintain_etc_hosts` is used to maintain `/etc/hosts` file. + + + + + + + + +## Execution + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Verify duplicate entries and conflicts; +3. Update `/etc/hosts` file. + + +### Example + +Example playbook will update `/etc/hosts`: +- Remove node with IP `10.10.10.10`. +- Remove node with name `host2`. +- Add node with IP `10.10.10.11`, name `host1`, aliases `alias1, alias2` and comment `host1 comment`. +```yaml +- name: Ansible Play for add entry in /etc/hosts + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_sap_maintain_etc_hosts + ansible.builtin.include_role: + name: community.sap_install.sap_sap_maintain_etc_hosts + vars: sap_maintain_etc_hosts_list: - - node_ip: 1.2.3.5 - state: absent - - node_name: host2 - state: absent - - node_ip: 1.2.3.4 - node_name: host1 - aliases: - - alias1 - - anotheralias2 - node_comment: "Here comes text after hashsign" (defaults to hana_site) - state: present + - node_ip: 10.10.10.10 + state: absent + - node_name: host2 + state: absent + - node_ip: 10.10.10.11 + node_name: host1 + aliases: + - alias1 + - alias2 + node_comment: "host1 comment" # Comment is created after hash sign (defaults to hana_site) + state: present ``` -If you have defined a cluster and the variable `sap_ha_pacemaker_cluster_cluster_nodes` or `sap_hana_cluster_nodes` is set, you can use the following play: - -```[yaml] -- name: ensure all cluster nodes are in /etc/hosts - include_role: sap_maintain_etc_hosts - var: - sap_maintain_etc_hosts_list: "{{ sap_hana_cluster_nodes }}" +Example playbook when executed together with [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role which uses either `sap_ha_pacemaker_cluster_cluster_nodes` or `sap_hana_cluster_nodes`. +```yaml +- name: Ansible Play for add entry in /etc/hosts + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_sap_maintain_etc_hosts + ansible.builtin.include_role: + name: community.sap_install.sap_sap_maintain_etc_hosts + vars: + sap_maintain_etc_hosts_list: "{{ sap_ha_pacemaker_cluster_cluster_nodes }}" ``` + -License -------- + + -Apache-2.0 + + -Author Information ------------------- +## License + +Apache 2.0 + -@rhmk 10/10/23 +## Maintainers + +- [Markus Koch](https://github.com/rhmk) +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_sap_maintain_etc_hosts/INPUT_PARAMETERS.md) diff --git a/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md b/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md new file mode 100644 index 000000000..bdaf4cdf6 --- /dev/null +++ b/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md @@ -0,0 +1,92 @@ +## Input Parameters for sap_netweaver_preconfigure Ansible Role + +## Role Input Parameters + +Minimum required parameters: +This role does not require any parameter to be set in the playbook or inventory. + + +### sap_netweaver_preconfigure_config_all +- _Type:_ `bool` +- _Default:_ `true` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_netweaver_preconfigure_installation +- _Type:_ `bool` +- _Default:_ `false` + +If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_netweaver_preconfigure_configuration +- _Type:_ `bool` +- _Default:_ `false` + +If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes.
+ +### sap_netweaver_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_netweaver_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_netweaver_preconfigure_min_swap_space_mb +- _Type:_ `str` +- _Default:_ `20480` + +Specifies the minimum amount of swap space on the system required by SAP NetWeaver.
+If this requirement is not met, the role will abort.
+Set your own value to override the default of `20480`.
+ +### sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured +- _Type:_ `bool` +- _Default:_ `true` + +If the system does not have the minimum amount of swap space configured as defined
+in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort.
+By setting this parameter to `false`, the role will not abort in such cases.
+ +### sap_netweaver_preconfigure_rpath +- _Type:_ `str` +- _Default:_ `/usr/sap/lib` + +Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role
+is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`,
+so that newer SAP kernels which are built with GCC10 can find the required symbols.
+ +### sap_netweaver_preconfigure_use_adobe_doc_services +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed.
+ +### sap_netweaver_preconfigure_saptune_version +- _Type:_ `str` +- _Default:_ `3.0.2` + +On SLES systems, specifies the saptune version
+ +### sap_netweaver_preconfigure_saptune_solution +- _Type:_ `str` +- _Default:_ `NETWEAVER` +- _Possible Values:_
+ - `NETWEAVER` + - `NETWEAVER+HANA` + - `S4HANA-APP+DB` + - `S4HANA-APPSERVER` + - `S4HANA-DBSERVER` + +On SLES systems, specifies the saptune solution to apply.
+ + \ No newline at end of file diff --git a/roles/sap_netweaver_preconfigure/README.md b/roles/sap_netweaver_preconfigure/README.md index ae666ccd8..4375bfeca 100644 --- a/roles/sap_netweaver_preconfigure/README.md +++ b/roles/sap_netweaver_preconfigure/README.md @@ -1,191 +1,84 @@ + # sap_netweaver_preconfigure Ansible Role - -This role installs additional required packages and performs additional configuration steps for installing and running SAP NetWeaver. -If you want to configure a RHEL system for the installation and later usage of SAP NetWeaver, you have to first run role `sap_general_preconfigure` and then role sap_netweaver_preconfigure. -For SLES, running the `sap_general_preconfigure` role is not necessary. - -## Requirements - -To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by -running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). -It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP NetWeaver, to maintain an identical -system time, before or after running role sap_netweaver_preconfigure. - -Note ----- -On RHEL, as per SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile -(e.g. virtual-guest) had been active before or not. - -On SLES, this role will switch the saptune solution to the one specified by the configuration and will override any previously set solution. -The default solution is `NETWEAVER`. - -The role can check if enough swap space - as per the prerequisite checker in sapinst - has been configured on the managed node. -Please check the SAP NetWeaver installation guide for swap space requirements. - -Do not run this role against an SAP NetWeaver or other production system. The role will enforce a certain configuration on the managed -node(s), which might not be intended. - - -## Role Input Parameters - -Minimum required parameters: -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_netweaver_preconfigure_config_all -- _Type:_ `bool` -- _Default:_ `true` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_netweaver_preconfigure_installation -- _Type:_ `bool` -- _Default:_ `false` - -If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_netweaver_preconfigure_configuration -- _Type:_ `bool` -- _Default:_ `false` - -If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes.
- -### sap_netweaver_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_netweaver_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_netweaver_preconfigure_min_swap_space_mb -- _Type:_ `str` -- _Default:_ `20480` - -Specifies the minimum amount of swap space on the system required by SAP NetWeaver.
-If this requirement is not met, the role will abort.
-Set your own value to override the default of `20480`.
- -### sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured -- _Type:_ `bool` -- _Default:_ `true` - -If the system does not have the minimum amount of swap space configured as defined
-in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort.
-By setting this parameter to `false`, the role will not abort in such cases.
- -### sap_netweaver_preconfigure_rpath -- _Type:_ `str` -- _Default:_ `/usr/sap/lib` - -Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role
-is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`,
-so that newer SAP kernels which are built with GCC10 can find the required symbols.
- -### sap_netweaver_preconfigure_use_adobe_doc_services -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed.
- -### sap_netweaver_preconfigure_saptune_version -- _Type:_ `str` -- _Default:_ `3.0.2` - -On SLES systems, specifies the saptune version
- -### sap_netweaver_preconfigure_saptune_solution -- _Type:_ `str` -- _Default:_ `NETWEAVER` -- _Possible Values:_
- - `NETWEAVER` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-APPSERVER` - - `S4HANA-DBSERVER` - -On SLES systems, specifies the saptune solution to apply.
- - - -## Example Playbook - -Simple playbook, named sap+netweaver.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure - - role: sap_netweaver_preconfigure -``` - -Simple playbook for an extended check (assert) run, named sap+netweaver-assert.yml: + + +## Description + +Ansible Role `sap_netweaver_preconfigure` is used to ensure that Managed nodes are configured to host SAP Netweaver systems according to SAP Notes after [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) role was executed. + +This role performs installation of required packages for running SAP Netweaver systems and configuration of Operating system parameters. + + + + + + +## Prerequisites +Managed nodes: +- Ensure that general operating system configuration for SAP is performed by [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure). See [Recommended](#recommended) section. + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +**NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_netweaver_preconfigure`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages +3. Apply configurations + - Execute configuration tasks based on SAP Notes + - (SUSE) Execute saptune with solution `sap_netweaver_preconfigure_saptune_solution` (Default: `NETWEAVER`) + +**Note: (Red Hat) Due to SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile (e.g. virtual-guest) had been active before or not.** + + +### Example + +Example of execution together with prerequisite role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) ```yaml --- -- hosts: all - vars: - sap_preconfigure_assert: yes - sap_preconfigure_assert_ignore_errors: yes - sap_netweaver_preconfigure_assert: yes - sap_netweaver_preconfigure_assert_ignore_errors: yes - roles: - - role: sap_general_preconfigure - - role: sap_netweaver_preconfigure +- name: Ansible Play for SAP Netweaver preconfigure + hosts: nwas_ascs, nwas_ers + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Execute Ansible Role sap_netweaver_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_netweaver_preconfigure ``` + -## Example Usage -Normal run, for configuring server host_1 for SAP NetWeaver: -```yaml -ansible-playbook sap+netweaver.yml -l host_1 -``` + + -Extended Check (assert) run, not aborting if an error has been found: -```yaml -ansible-playbook sap+netweaver-assert.yml -l host_1 -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap+netweaver-assert.yml -l host_1,host_2 | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` + + ## License + +Apache 2.0 + -Apache license 2.0 - -## Author Information +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -Red Hat for SAP Community of Practice, Bernd Finger, Rainer Leber +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md) diff --git a/roles/sap_storage_setup/INPUT_PARAMETERS.md b/roles/sap_storage_setup/INPUT_PARAMETERS.md new file mode 100644 index 000000000..f4de99ad2 --- /dev/null +++ b/roles/sap_storage_setup/INPUT_PARAMETERS.md @@ -0,0 +1,140 @@ + +## Input Parameters for sap_netweaver_preconfigure Ansible Role + + +Minimum required parameters: + +- [sap_storage_setup_definition](#sap_storage_setup_definition-required) +- [sap_storage_setup_host_type](#sap_storage_setup_host_type-required) +- [sap_storage_setup_sid](#sap_storage_setup_sid-required) + + +### sap_storage_setup_definition required + +- _Type:_ `list` + +Describes list of the filesystems to be configured.
+ +- **disk_size**
+ Size of the disk device that is used for the filesystem.
For filesystems with no LVM logical volume striping, this is the total size of the filesystem.
For filesystems with LVM LV striping defined (`lvm_lv_stripes`), this is the size of each disk. The resulting filesystem size will be `disk_size` multiplied by `lvm_lv_stripes` (=disks). + + - _Type:_ `int` + +- **filesystem_type**
+ The type of filesystem that will be created on the logical volume. + + - _Type:_ `str` + - _Default:_ `xfs` + +- **lvm_lv_name**
+ The name of the LVM volume.
The default name is derived from the name value of the filesystem definition entry, for example 'lv_hanalog'. + + - _Type:_ `str` + +- **lvm_lv_stripe_size**
+ When setting up a striped volume, the stripe size can be defined.
Example format - "128K". + + - _Type:_ `str` + +- **lvm_lv_stripes**
+ Number of disks that will be configured in a striped volume.
This requires the availability of the same amount of unused disks, which must be of the size defined in `disk_size`. + + - _Type:_ `int` + _Default:_ `1` + +- **lvm_vg_name**
+ The name of the LVM volume group.
The default name is derived from the name value of the filesystem definition entry, for example 'vg_hanalog'. + + - _Type:_ `str` + +- **lvm_vg_physical_extent_size**
+ Adjustable size of the physical extents of the volume group in LVM. + + - _Type:_ `int` + - _Default:_ `4` + +- **mountpoint**
+ The path to where the filesystem will be mounted.
This can be left out for the definition of a swap volume. + + - _Type:_ `str` + +- **name**
+ A name of the filesystem definition entry.
This name is used to generate volume group name and logical volume name. + + - _Type:_ `str` + +- **nfs_filesystem_type**
+ The type of the NFS filesystem, for example `nfs`, `nfs4`. + + - _Type:_ `str` + - _Default:_ `nfs4` + +- **nfs_mount_options**
+ Mount options to use for the NFS mount.
Generic default is `hard,acl`.
Defaults depend on the specific platform detected by the role or defined explicitly. + + - _Type:_ `str` + - _Default:_ `hard,acl` + +- **nfs_path**
+ When defining an NFS filesystem, this is the directory path of the filesystem to be mounted. + + - _Type:_ `str` + +- **nfs_server**
+ When defining an NFS filesystem, this is the address of the NFS server.
The address must contain the root path, in which the mount directories exist or will be created.
For example, `192.168.1.100:/`. + + - _Type:_ `str` + +- **swap_path**
+ The path to the swap file.
When this option is defined for a swap filesystem definition, it will create a swap file on an existing filesystem. + + - _Type:_ `str` + +Example: + +```yaml +sap_storage_setup_definition: + + # Block Storage volume + - name: hana_data # required: string, filesystem name used to generate lvm_lv_name and lvm_vg_name + mountpoint: /hana/data # required: string, directory path where the filesystem is mounted + disk_size: 100 # required: integer, size in GB + filesystem_type: xfs # optional: string, value 'xfs'. Use 'swap' to create swap filesystem + + # File Storage volume + - name: hana_shared # required: string, reference name + mountpoint: /hana/shared # required: string, directory path where the filesystem is mounted + nfs_server: nfs.corp:/ # required: string, server and parent directory of the NFS Server; value default from var sap_storage_setup_nfs_server + + # Swap as file instead of Block Storage volume + # See SAP Note 1597355 - Swap-space recommendation for Linux + - name: swap # required: string, reference name + swap_path: /swapfile # required: string, directory path where swap file is created + disk_size: 4 # required: integer, size in GB of swap file + filesystem_type: swap # required: string, must be value 'swap' +``` + +### sap_storage_setup_host_type required + +- _Type:_ `list` + +The type of service the target system is going to be configured for.
+This can be a list of multiple types which apply to a single host.
+If not defined, the default will be inherited from the global parameter `sap_host_type`. One of these parameters must be defined.
+Available values: `hana_primary`, `hana_secondary`, `nwas_abap_ascs`, `nwas_abap_ers`, `nwas_abap_pas`, `nwas_abap_aas`, `nwas_java_scs`, `nwas_java_ers` + +### sap_storage_setup_multipath_enable_and_detect + +- _Type:_ `bool` +- _Default:_ `False` + +Define if multipathing should be enabled and dynamic multipath devices detected and used for the filesystem setup.
+ +### sap_storage_setup_sid required + +- _Type:_ `str` + +SID of the SAP service.
+If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
+ + \ No newline at end of file diff --git a/roles/sap_storage_setup/README.md b/roles/sap_storage_setup/README.md index d5e5ff23c..55231f601 100644 --- a/roles/sap_storage_setup/README.md +++ b/roles/sap_storage_setup/README.md @@ -1,161 +1,126 @@ + # sap_storage_setup Ansible Role + +![Ansible Lint for sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_storage_setup.yml/badge.svg) -Ansible Role for preparing a host with the storage requirements of an SAP System (prior to software installation) +## Description + +Ansible Role `sap_storage_setup` is used to prepare a host with the storage requirements of an SAP System (prior to software installation). -## Scope - -This Ansible Role provides: -- local/block storage volumes setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path -- remote/file storage mount (and subdirectories as required) -- swap file or swap partition - -This Ansible Role has been tested for the following SAP software deployment types: -- SAP HANA Scale-up, Scale-out and Scale-up High Availability -- SAP NetWeaver AS in Sandbox (Two-Tier/OneHost), Standard (Three-Tier/DualHost), Distributed (Multi-Tier) and Distributed High Availability +This role can prepare host with: +- Local block storage volume setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path +- Remote file storage mount (and subdirectories as required) +- SWAP file or SWAP partition This Ansible Role is agnostic, and will run on any Infrastructure Platform. Only LVM is used for local/block storage, to allow for further expansion if the SAP System requires further storage space in the future. - -Please note, while this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. - -In addition, this Ansible Role: - -- Does not permit static definition for mountpoint to use a specific device (e.g. `/dev/sdk`). The definition will define the disk size to use for the mountpoint, and match accordingly. -- Enforces 1 mountpoint will use 1 LVM Logical Volume (LV) that consumes 100% of an LVM Volume Group (VG), with the LVM Volume Group (VG) consuming 100% of 1..n LVM Physical Volumes (PV). - - For granular control of LVM setup, the suggestion is to instead use Ansible Role `storage` from the `fedora.linux_system_roles` Ansible Collection or the Ansible Roles `lvg/lvol/filesystem` from `community.general` Ansible Collection - - -## Requirements - -The Ansible Role requires the `community.general` Ansible Collection (uses the `lvg`, `lvol` and `filesystem` Ansible Modules). - -Before using this Ansible Role, please make sure that the required collections are installed; for example, by using the command `ansible-galaxy install community.general` - + + + +## Dependencies +- `community.general` + - Modules: + - `lvg` + - `lvol` + - `filesystem` +Install required collection by `ansible-galaxy install community.general`. + + + ## Prerequisites +Managed nodes: +- All local/block storage volumes must be attached to the host +- All remote/file storage mounts must be available with host accessibility (e.g. port 2049). + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.**
+:warning: While this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + +**Considerations** +- This role does not permit static definition for mountpoint to use a specific device (e.g. `/dev/sdk`). The definition will define the disk size to use for the mountpoint, and match accordingly. +- This role enforces that 1 mountpoint will use 1 LVM Logical Volume (LV) that consumes 100% of an LVM Volume Group (VG), with the LVM Volume Group (VG) consuming 100% of 1..n LVM Physical Volumes (PV). + - Following roles and modules offer alternative for more granular control of LVM setup: + - Role `storage` from [fedora.linux_system_roles](https://github.com/linux-system-roles/storage) + - Modules `filesystem`, `lvg`, `lvol` from [community.general](https://galaxy.ansible.com/ui/repo/published/community/general/) + + + + + +### Execution Flow + +1. Gather facts about hosts. +2. Create list of unused disk devices +3. Match/Map unused disk devices to the `sap_storage_setup_definition` +4. Create LVM Logical Volumes (and prerequisite LVM Volume Groups and LVM Physical Volumes) +5. Create swap file or swap partition +6. Mount NFS temporarily, create required subdirectories, unmount and mount subdirectory on the NFS share + + + +Example playbook to configure SAP HANA OneHost node on AWS that includes: +- 3 disks for `/hana/data`, `/hana/log` and ` /hana/shared` +- Remote filesystem for `/software` +- SWAP +```yaml +--- +- name: Ansible Play for SAP HANA HA storage setup + hosts: hana_primary + become: true + tasks: + - name: Execute Ansible Role sap_storage_setup + ansible.builtin.include_role: + name: community.sap_install.sap_storage_setup + vars: + sap_storage_setup_sid: "H01" + sap_storage_setup_host_type: "hana_primary" + sap_storage_setup_definition: + - name: hana_data + mountpoint: /hana/data + disk_size: 150 + filesystem_type: xfs + + - name: hana_log + mountpoint: /hana/log + disk_size: 100 + filesystem_type: xfs + + - name: hana_shared + mountpoint: /hana/shared + disk_size: 200 + filesystem_type: xfs + + - name: software + mountpoint: /software + nfs_path: /software + nfs_server: "fs-00000000000000000.efs.eu-central-1.amazonaws.com:/software" + nfs_filesystem_type: "nfs4" + nfs_mount_options: "vers=4.1,hard,timeo=600,retrans=2,acl" + + - name: swap + disk_size: 96 + filesystem_type: swap +``` + -All local/block storage volumes must be attached to the host, and all remote/file storage mounts must be available with host accessibility (e.g. port 2049). - -## Variables and Parameters - -The 3 critical variables are: -- `sap_storage_setup_definition` - a list with a dictionary for each mountpoint (e.g. /hana/data) for the host -- `sap_storage_setup_host_type` - a list which defines SAP Software on the host (e.g. list containing both hana_primary and nwas_abap_ascs values if creating a Sandbox Two-Tier/OneHost) -- `sap_storage_setup_sid` - a string with the SAP System ID of the logical system (e.g. D01) - -## Execution Flow - -The Ansible Role is sequential: -- Get host facts -- Create list of unused disk devices -- Match/Map unused disk devices to the `sap_storage_setup_definition` -- Create LVM Logical Volumes (and prerequisite LVM Volume Groups and LVM Physical Volumes) -- Create swap file or swap partition -- Mount NFS temporarily, create required subdirectories, unmount and mount subdictory on the NFS share - -## Sample + + -Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. + + ## License - + Apache 2.0 + -## Author Information - -Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) + ---- - ## Role Input Parameters - -Minimum required parameters: - -- [sap_storage_setup_definition](#sap_storage_setup_definition-required) -- [sap_storage_setup_host_type](#sap_storage_setup_host_type-required) -- [sap_storage_setup_sid](#sap_storage_setup_sid-required) - - -### sap_storage_setup_definition required - -- _Type:_ `list` - -Describes the filesystems to be configured.
- -- **disk_size**
- Size of the disk device that is used for the filesystem.
For filesystems with no LVM logical volume striping, this is the total size of the filesystem.
For filesystems with LVM LV striping defined (`lvm_lv_stripes`), this is the size of each disk. The resulting filesystem size will be `disk_size` multiplied by `lvm_lv_stripes` (=disks). -- **filesystem_type**
- _Default:_ `xfs`
- The type of filesystem that will be created on the logical volume. -- **lvm_lv_name**
- The name of the LVM volume.
The default name is derived from the name value of the filesystem definition entry, for example 'lv_hanalog'. -- **lvm_lv_stripe_size**
- When setting up a striped volume, the stripe size can be defined.
Example format - "128K". -- **lvm_lv_stripes**
- _Default:_ `1`
- Number of disks that will be configured in a striped volume.
This requires the availability of the same amount of unused disks, which must be of the size defined in `disk_size`. -- **lvm_vg_name**
- The name of the LVM volume group.
The default name is derived from the name value of the filesystem definition entry, for example 'vg_hanalog'. -- **lvm_vg_physical_extent_size**
- _Default:_ `4`
- Adjustable size of the physical extents of the volume group in LVM. -- **mountpoint**
- The path to where the filesystem will be mounted.
This can be left out for the definition of a swap volume. -- **name**
- A name of the filesystem definition entry.
This name is used to generate volume group name and logical volume name. -- **nfs_filesystem_type**
- _Default:_ `nfs4`
- The type of the NFS filesystem, for example `nfs`, `nfs4`. -- **nfs_mount_options**
- Mount options to use for the NFS mount.
Generic default is `hard,acl`.
Defaults depend on the specific platform detected by the role or defined explicitly. -- **nfs_path**
- When defining an NFS filesystem, this is the directory path of the filesystem to be mounted. -- **nfs_server**
- When defining an NFS filesystem, this is the address of the NFS server.
The address must contain the root path, in which the mount directories exist or will be created.
For example, `192.168.1.100:/`. -- **swap_path**
- The path to the swap file.
When this option is defined for a swap filesystem definition, it will create a swap file on an existing filesystem. - -Example: - -```yaml -sap_storage_setup_definition: - - # Block Storage volume - - name: hana_data # required: string, filesystem name used to generate lvm_lv_name and lvm_vg_name - mountpoint: /hana/data # required: string, directory path where the filesystem is mounted - disk_size: 100 # required: integer, size in GB - filesystem_type: xfs # optional: string, value 'xfs'. Use 'swap' to create swap filesystem - - # File Storage volume - - name: hana_shared # required: string, reference name - mountpoint: /hana/shared # required: string, directory path where the filesystem is mounted - nfs_server: nfs.corp:/ # required: string, server and parent directory of the NFS Server; value default from var sap_storage_setup_nfs_server - - # Swap as file instead of Block Storage volume - # See SAP Note 1597355 - Swap-space recommendation for Linux - - name: swap # required: string, reference name - swap_path: /swapfile # required: string, directory path where swap file is created - disk_size: 4 # required: integer, size in GB of swap file - filesystem_type: swap # required: string, must be value 'swap' -``` - -### sap_storage_setup_host_type required - - -The type of service the target system is going to be configured for.
-This can be a list of multiple types which apply to a single host.
-If not defined, the default will be inherited from the global parameter `sap_host_type`. One of these parameters must be defined.
- -### sap_storage_setup_multipath_enable_and_detect - -- _Type:_ `bool` -- _Default:_ `False` - -Define if multipathing should be enabled and dynamic multipath devices detected and used for the filesystem setup.
- -### sap_storage_setup_sid required - -- _Type:_ `str` - -SID of the SAP service.
-If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
- - +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_storage_setup/INPUT_PARAMETERS.md)