diff --git a/.yamllint.yml b/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/.yamllint.yml +++ b/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 1bebd970c..5191af6dd 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,82 @@ community.sap_install Release Notes .. contents:: Topics +v1.5.0 +====== + +Release Summary +--------------- +- Release Date: 2024-11-29 + +This is a minor release of the `community.sap_install` collection. + +Major Changes +------------- +- feat: collection: Readme overhaul for all roles in collection (https://github.com/sap-linuxlab/community.sap_install/pull/873) +- feat: sap_ha_pacemaker_cluster: JAVA HA scenarios and complete refactor of role (https://github.com/sap-linuxlab/community.sap_install/pull/882) +- feat: sap_ha_pacemaker_cluster: Stonith SBD enablement (https://github.com/sap-linuxlab/community.sap_install/pull/829) +- feat: sap_swpm: New improved and simplified version (https://github.com/sap-linuxlab/community.sap_install/pull/840) + +Minor Changes +------------- +- feat: collection: Add playbook for direct execution (https://github.com/sap-linuxlab/community.sap_install/pull/842) +- feat: sap_ha_pacemaker_cluster: New azure fence agent package for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/837) +- feat: sap_ha_pacemaker_cluster: Enhance corosync totem handling with new dictionaries (https://github.com/sap-linuxlab/community.sap_install/pull/834) +- feat: sap_ha_pacemaker_cluster: GCP VIP reworked, Health check names updated (https://github.com/sap-linuxlab/community.sap_install/pull/863) +- feat: sap_swpm: Option to enable SWPM observer mode (https://github.com/sap-linuxlab/community.sap_install/pull/749) +- feat: sap_storage_setup: Add support for HANA Scaleout NFS filesystems (https://github.com/sap-linuxlab/community.sap_install/pull/800) +- feat: sap_storage_setup: Add exact size disk check on top of approximate check (https://github.com/sap-linuxlab/community.sap_install/pull/839) +- feat: sap_hana_install: Implement an SAP HANA installation check only feature (https://github.com/sap-linuxlab/community.sap_install/pull/849) +- collection: Add collection dependency for community.general (https://github.com/sap-linuxlab/community.sap_install/pull/808) +- collection: Modify for yamllint requirements (https://github.com/sap-linuxlab/community.sap_install/pull/811) +- sap_ha_pacemaker_cluster: Add override to use Classic SAPHanaSR agents (https://github.com/sap-linuxlab/community.sap_install/pull/806) +- sap_ha_pacemaker_cluster: Packages on AWS for RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/857) +- sap_ha_pacemaker_cluster: GCP haproxy handling and new platform VIP dictionary (https://github.com/sap-linuxlab/community.sap_install/pull/862) +- sap_ha_pacemaker_cluster: vip resources must be first in ASCS/ERS resource groups (https://github.com/sap-linuxlab/community.sap_install/pull/872) +- sap_swpm: Remove the pids module (https://github.com/sap-linuxlab/community.sap_install/pull/786) +- sap_swpm: sap_swpm_db_schema_password must be set explicitly for AAS (https://github.com/sap-linuxlab/community.sap_install/pull/760) +- sap_swpm: hdbuserstore default connection should use sap_swpm_db_schema_abap_password (https://github.com/sap-linuxlab/community.sap_install/pull/748) +- sap_swpm: Add default value for sap_swpm_java_scs_instance_hostname (https://github.com/sap-linuxlab/community.sap_install/pull/801) +- sap_swpm: Reduce the amount of empty lines in inifile.params (https://github.com/sap-linuxlab/community.sap_install/pull/822) +- sap_storage_setup: Defaults and documentation (https://github.com/sap-linuxlab/community.sap_install/pull/825) +- sap_general_preconfigure: Use the package module in most cases (https://github.com/sap-linuxlab/community.sap_install/pull/758) +- sap_general_preconfigure: Use FQCN for import_role (https://github.com/sap-linuxlab/community.sap_install/pull/827) +- sap_hana_preconfigure: Add RHEL 8.10 and 9.4 requirements (https://github.com/sap-linuxlab/community.sap_install/pull/869) +- sap_hana_preconfigure: Zypper lock handler for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/796) +- sap_hana_preconfigure: Enable TSX also for RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/797) +- sap_hana_preconfigure: Sync with SAP note 3024346 v.10 for RHEL/NetApp (https://github.com/sap-linuxlab/community.sap_install/pull/816) +- sap_hana_preconfigure: Refactor remove default saptune version (https://github.com/sap-linuxlab/community.sap_install/pull/818) +- sap_hana_preconfigure: Update azure override readme (https://github.com/sap-linuxlab/community.sap_install/pull/820) +- sap_hana_preconfigure: Set THP to madvise from RHEL 9.2 onwards (https://github.com/sap-linuxlab/community.sap_install/pull/880) +- sap_hana_preconfigure: Allow setting THP to any possible value (https://github.com/sap-linuxlab/community.sap_install/pull/886) +- sap_hana_preconfigure: No longer set net.core.somaxconn in RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/887) +- sap_hana_preconfigure: Add compat-sap-c++-13 (https://github.com/sap-linuxlab/community.sap_install/pull/895) +- sap_netweaver_preconfigure: Rename package libcpupower1 for SLES4SAP 15 SP6 (https://github.com/sap-linuxlab/community.sap_install/pull/876) +- sap_netweaver_preconfigure: Sync with applicable SAP notes for Adobe DS (https://github.com/sap-linuxlab/community.sap_install/pull/888) +- sap_hana_install: Use polling for hdblcm (https://github.com/sap-linuxlab/community.sap_install/pull/805) +- sap_hana_install: Set the install execution mode to 'optimized' (https://github.com/sap-linuxlab/community.sap_install/pull/896) +- sap_install_media_detect: AWS IGW slow impacts gpg key (https://github.com/sap-linuxlab/community.sap_install/pull/772) +- sap_install_media_detect: Search known subdirs on re-run (https://github.com/sap-linuxlab/community.sap_install/pull/773) +- sap_install_media_detect: Append loop labels (https://github.com/sap-linuxlab/community.sap_install/pull/781) +- sap_install_media_detect: Allow disabling RAR handling (https://github.com/sap-linuxlab/community.sap_install/pull/856) +- sap_ha_install_anydb_ibmdb2: Append ibmcloud_vs (https://github.com/sap-linuxlab/community.sap_install/pull/815) + +Bugfixes +-------- +- sap_ha_pacemaker_cluster: Add python3-pip and NFS fix for Azure (https://github.com/sap-linuxlab/community.sap_install/pull/754) +- sap_ha_pacemaker_cluster: Fix pcs resource restart (https://github.com/sap-linuxlab/community.sap_install/pull/769) +- sap_ha_pacemaker_cluster: Fix haproxy and minor lint issues (https://github.com/sap-linuxlab/community.sap_install/pull/898) +- sap_ha_pacemaker_cluster: Fix UUID discovery for IBM Cloud VS (https://github.com/sap-linuxlab/community.sap_install/pull/903) +- sap_swpm: Add error notes to dev doc (https://github.com/sap-linuxlab/community.sap_install/pull/795) +- sap_swpm: Fix error when observer user defined, but empty and observer mode is on (https://github.com/sap-linuxlab/community.sap_install/pull/850) +- sap_swpm: Fix issues with localhost delegation on certain control nodes (https://github.com/sap-linuxlab/community.sap_install/pull/891) +- sap_*_preconfigure: Fixes for testing with molecule (https://github.com/sap-linuxlab/community.sap_install/pull/807) +- sap_*_preconfigure: Edge case handling for SUSE packages +- sap_general_preconfigure: Reboot fix in handler (https://github.com/sap-linuxlab/community.sap_install/pull/892) +- sap_ha_install_hana_hsr: Fixes to work for multiple secondaries (https://github.com/sap-linuxlab/community.sap_install/pull/866) +- sap_ha_install_anydb_ibmdb2: Linting and sles bug fixes (https://github.com/sap-linuxlab/community.sap_install/pull/803) + + v1.4.1 ====== diff --git a/README.md b/README.md index 03a04fd0e..d413df34e 100644 --- a/README.md +++ b/README.md @@ -2,48 +2,143 @@ ![Ansible Lint](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint.yml/badge.svg?branch=main) -This Ansible Collection executes various SAP Software installations and configuration tasks for running various SAP solutions and deployment scenarios on Linux operating systems (RHEL or SLES). +## Description -This includes handlers for SAP HANA database lifecycle manager (HDBLCM) and SAP Software Provisioning Manager (SWPM), and can be combined with other Ansible Collections to provide end-to-end automation _(e.g. provision, download, install, operations)_. +This Ansible Collection executes various SAP Software installations and configuration tasks for various SAP solutions and deployment scenarios on supported Linux operating systems. +Included roles cover range of tasks: +- Preparation of Operating system and SAP installation media before installation +- Installation of SAP Database, either SAP HANA or Oracle Database +- Installation of SAP Products, like SAP S4HANA, SAP BW4HANA, SAP Netweaver, SAP Solution Manager and others. +- Configuration of replication of SAP HANA and High Availability clusters for SAP HANA and SAP Netweaver -**Examples of verified installations include:** +## Requirements + +### Control Nodes +Operating system: +- Any operating system with required Python and Ansible versions. + +Python: 3.11 or higher + +Ansible: 9.9.x + +Ansible-core: 2.16.x + +**NOTE: Ansible 10 and ansible-core 2.17.x are not supported, because of breaking changes requiring higher Python version on managed nodes.** + +### Managed Nodes +Operating system: +- SUSE Linux Enterprise Server for SAP applications 15 SP5+ (SLE4SAP) +- Red Hat Enterprise Linux for SAP Solutions 8.x 9.x (RHEL4SAP) + +**NOTE: Operating system needs to have access to required package repositories either directly or via subscription registration.** + + +Python: 3.6 or higher + + +## Installation Instructions + +### Installation +Install this collection with Ansible Galaxy command: +```console +ansible-galaxy collection install community.sap_install +``` + +Optionally you can include collection in requirements.yml file and include it together with other collections using: `ansible-galaxy collection install -r requirements.yml` +Requirements file need to be maintained in following format: +```yaml +collections: + - name: community.sap_install +``` + +### Upgrade +Installed Ansible Collection will not be upgraded automatically when Ansible package is upgraded. + +To upgrade the collection to the latest available version, run the following command: +```console +ansible-galaxy collection install community.sap_install --upgrade +``` + +You can also install a specific version of the collection, when you encounter issues with latest version. Please report these issues in affected Role repository if that happens. +Example of downgrading collection to version 1.4.0: +``` +ansible-galaxy collection install community.sap_install:==1.4.0 +``` + +See [Installing collections](https://docs.ansible.com/ansible/latest/collections_guide/collections_installing.html) for more details on installation methods. + + +## Use Cases + +### Example Scenarios +- Preparation of Operating system for SAP installation +- Preparation of SAP installation media for SAP installation +- Installation of SAP HANA (including High Availability with replication) or Oracle Database +- Installation of SAP S4HANA or other SAP products +- Configuration of Pacemaker cluster for SAP HANA and SAP Netweaver + +More deployment scenarios are available in [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) repository. + +### Ansible Roles +All included roles can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + +| Name | Summary | +| :--- | :--- | +| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | Install Oracle DB 19.x for SAP | +| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | Configure general OS settings for SAP software | +| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | Configure and enable SAP HANA System Replication | +| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | Configure Pacemaker cluster for SAP HANA and SAP Netweaver | +| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | Install SAP HANA via HDBLCM | +| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | Configure OS settings for SAP HANA database server | +| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | Install SAP Host Agent | +| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | Detect and extract SAP Software installation media | +| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | Maintain the /etc/hosts file of an SAP software host | +| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | Configure OS settings for SAP NetWeaver application server | +| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | Configure storage for SAP system (Folder structure, LVM, XFS, NFS) | +| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | Install SAP Software via SWPM | + + +## Testing +This Ansible Collection was tested across different Operating Systems, SAP products and scenarios. You can find examples of some of them below. + +Operating systems: +- SUSE Linux Enterprise Server for SAP applications 15 SP5+ (SLE4SAP) +- Red Hat Enterprise Linux for SAP Solutions 8.x 9.x (RHEL4SAP) + +Deployment scenarios: +- All scenarios included in [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) repository + +SAP Products: - SAP S/4HANA AnyPremise (1809, 1909, 2020, 2021, 2022, 2023) with setup as Standard, Distributed, High Availability and optional Maintenance Planner or Restore System Copy - SAP Business Suite (ECC) on HANA and SAP Business Suite (ECC) with SAP AnyDB - SAP ASE, SAP MaxDB, IBM Db2, Oracle DB - SAP BW/4HANA (2021, 2023) with setup as Standard or Scale-Out - SAP HANA 2.0 (SPS04+) with setup as Scale-Up, Scale-Out, High Availability - Other SAP installation activities; such as System Rename, System Copy Export, SAP Solution Manager and SAP Web Dispatcher +**NOTE: It is not possible to test every Operating System and SAP Product combination with every release. Testing is regularly done for common scenarios: SAP HANA, SAP HANA HA, SAP S4HANA Distributed HA** -**Please read the [full documentation](/docs#readme) for how-to guidance, requirements, and all other details. Summary documentation is below:** +## Contributing +You can find more information about ways you can contribute at [sap-linuxlab website](https://sap-linuxlab.github.io/initiative_contributions/). -## Contents +## Support +You can report any issues using [Issues](https://github.com/sap-linuxlab/community.sap_install/issues) section. -Within this Ansible Collection, there are various Ansible Roles and no custom Ansible Modules. -### Ansible Roles +## Release Notes and Roadmap +You can find the release notes of this collection in [Changelog file](https://github.com/sap-linuxlab/community.sap_install/blob/main/CHANGELOG.rst) -| Name | Summary | -| :--- | :--- | -| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | install Oracle DB 19.x for SAP | -| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | configure general OS settings for SAP software | -| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | install SAP HANA System Replication | -| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | install and configure pacemaker and SAP resources | -| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | install SAP HANA via HDBLCM | -| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | configure settings for SAP HANA database server | -| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | install SAP Host Agent | -| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | detect and extract SAP Software installation media | -| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | maintain the /etc/hosts file of an SAP software host | -| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | configure settings for SAP NetWeaver application server | -| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | configure storage for SAP HANA, with LVM partitions and XFS filesystem | -| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | install SAP Software via SWPM | -## License +## Further Information -- [Apache 2.0](./LICENSE) +### Variable Precedence Rules +Please follow [Ansible Precedence guidelines](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable) on how to pass variables when using this collection. -## Contributors +### Getting Started +More information on how to execute Ansible playbooks is in [Getting started guide](https://github.com/sap-linuxlab/community.sap_install/blob/main/docs/getting_started/README.md). -Contributors to the Ansible Roles within this Ansible Collection, are shown within [/docs/contributors](./docs/CONTRIBUTORS.md). + +## License +[Apache 2.0](https://github.com/sap-linuxlab/community.sap_install/blob/main/LICENSE) diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 8468089a7..b81cefc31 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -208,3 +208,68 @@ releases: | sap_swpm: optionally skip setting file permissions ' release_date: '2024-06-20' + 1.5.0: + changes: + release_summary: '| Release Date: 2024-11-29 + major_changes: + - feat: collection: Readme overhaul for all roles in collection (https://github.com/sap-linuxlab/community.sap_install/pull/873) + - feat: sap_ha_pacemaker_cluster: JAVA HA scenarios and complete refactor of role (https://github.com/sap-linuxlab/community.sap_install/pull/882) + - feat: sap_ha_pacemaker_cluster: Stonith SBD enablement (https://github.com/sap-linuxlab/community.sap_install/pull/829) + - feat: sap_swpm: New improved and simplified version (https://github.com/sap-linuxlab/community.sap_install/pull/840) + minor_changes: + - feat: collection: Add playbook for direct execution (https://github.com/sap-linuxlab/community.sap_install/pull/842) + - feat: sap_ha_pacemaker_cluster: New azure fence agent package for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/837) + - feat: sap_ha_pacemaker_cluster: Enhance corosync totem handling with new dictionaries (https://github.com/sap-linuxlab/community.sap_install/pull/834) + - feat: sap_ha_pacemaker_cluster: GCP VIP reworked, Health check names updated (https://github.com/sap-linuxlab/community.sap_install/pull/863) + - feat: sap_swpm: Option to enable SWPM observer mode (https://github.com/sap-linuxlab/community.sap_install/pull/749) + - feat: sap_storage_setup: Add support for HANA Scaleout NFS filesystems (https://github.com/sap-linuxlab/community.sap_install/pull/800) + - feat: sap_storage_setup: Add exact size disk check on top of approximate check (https://github.com/sap-linuxlab/community.sap_install/pull/839) + - feat: sap_hana_install: Implement an SAP HANA installation check only feature (https://github.com/sap-linuxlab/community.sap_install/pull/849) + - collection: Add collection dependency for community.general (https://github.com/sap-linuxlab/community.sap_install/pull/808) + - collection: Modify for yamllint requirements (https://github.com/sap-linuxlab/community.sap_install/pull/811) + - sap_ha_pacemaker_cluster: Add override to use Classic SAPHanaSR agents (https://github.com/sap-linuxlab/community.sap_install/pull/806) + - sap_ha_pacemaker_cluster: Packages on AWS for RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/857) + - sap_ha_pacemaker_cluster: GCP haproxy handling and new platform VIP dictionary (https://github.com/sap-linuxlab/community.sap_install/pull/862) + - sap_ha_pacemaker_cluster: vip resources must be first in ASCS/ERS resource groups (https://github.com/sap-linuxlab/community.sap_install/pull/872) + - sap_swpm: Remove the pids module (https://github.com/sap-linuxlab/community.sap_install/pull/786) + - sap_swpm: sap_swpm_db_schema_password must be set explicitly for AAS (https://github.com/sap-linuxlab/community.sap_install/pull/760) + - sap_swpm: hdbuserstore default connection should use sap_swpm_db_schema_abap_password (https://github.com/sap-linuxlab/community.sap_install/pull/748) + - sap_swpm: Add default value for sap_swpm_java_scs_instance_hostname (https://github.com/sap-linuxlab/community.sap_install/pull/801) + - sap_swpm: Reduce the amount of empty lines in inifile.params (https://github.com/sap-linuxlab/community.sap_install/pull/822) + - sap_storage_setup: Defaults and documentation (https://github.com/sap-linuxlab/community.sap_install/pull/825) + - sap_general_preconfigure: Use the package module in most cases (https://github.com/sap-linuxlab/community.sap_install/pull/758) + - sap_general_preconfigure: Use FQCN for import_role (https://github.com/sap-linuxlab/community.sap_install/pull/827) + - sap_hana_preconfigure: Add RHEL 8.10 and 9.4 requirements (https://github.com/sap-linuxlab/community.sap_install/pull/869) + - sap_hana_preconfigure: Zypper lock handler for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/796) + - sap_hana_preconfigure: Enable TSX also for RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/797) + - sap_hana_preconfigure: Sync with SAP note 3024346 v.10 for RHEL/NetApp (https://github.com/sap-linuxlab/community.sap_install/pull/816) + - sap_hana_preconfigure: Refactor remove default saptune version (https://github.com/sap-linuxlab/community.sap_install/pull/818) + - sap_hana_preconfigure: Update azure override readme (https://github.com/sap-linuxlab/community.sap_install/pull/820) + - sap_hana_preconfigure: Set THP to madvise from RHEL 9.2 onwards (https://github.com/sap-linuxlab/community.sap_install/pull/880) + - sap_hana_preconfigure: Allow setting THP to any possible value (https://github.com/sap-linuxlab/community.sap_install/pull/886) + - sap_hana_preconfigure: No longer set net.core.somaxconn in RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/887) + - sap_hana_preconfigure: Add compat-sap-c++-13 (https://github.com/sap-linuxlab/community.sap_install/pull/895) + - sap_netweaver_preconfigure: Rename package libcpupower1 for SLES4SAP 15 SP6 (https://github.com/sap-linuxlab/community.sap_install/pull/876) + - sap_netweaver_preconfigure: Sync with applicable SAP notes for Adobe DS (https://github.com/sap-linuxlab/community.sap_install/pull/888) + - sap_hana_install: Use polling for hdblcm (https://github.com/sap-linuxlab/community.sap_install/pull/805) + - sap_hana_install: Set the install execution mode to "optimized" (https://github.com/sap-linuxlab/community.sap_install/pull/896) + - sap_install_media_detect: AWS IGW slow impacts gpg key (https://github.com/sap-linuxlab/community.sap_install/pull/772) + - sap_install_media_detect: Search known subdirs on re-run (https://github.com/sap-linuxlab/community.sap_install/pull/773) + - sap_install_media_detect: Append loop labels (https://github.com/sap-linuxlab/community.sap_install/pull/781) + - sap_install_media_detect: Allow disabling RAR handling (https://github.com/sap-linuxlab/community.sap_install/pull/856) + - sap_ha_install_anydb_ibmdb2: Append ibmcloud_vs (https://github.com/sap-linuxlab/community.sap_install/pull/815) + bugfixes: + - sap_ha_pacemaker_cluster: Add python3-pip and NFS fix for Azure (https://github.com/sap-linuxlab/community.sap_install/pull/754) + - sap_ha_pacemaker_cluster: Fix pcs resource restart (https://github.com/sap-linuxlab/community.sap_install/pull/769) + - sap_ha_pacemaker_cluster: Fix haproxy and minor lint issues (https://github.com/sap-linuxlab/community.sap_install/pull/898) + - sap_ha_pacemaker_cluster: Fix UUID discovery for IBM Cloud VS (https://github.com/sap-linuxlab/community.sap_install/pull/903) + - sap_swpm: Add error notes to dev doc (https://github.com/sap-linuxlab/community.sap_install/pull/795) + - sap_swpm: Fix error when observer user defined, but empty and observer mode is on (https://github.com/sap-linuxlab/community.sap_install/pull/850) + - sap_swpm: Fix issues with localhost delegation on certain control nodes (https://github.com/sap-linuxlab/community.sap_install/pull/891) + - sap_*_preconfigure: Fixes for testing with molecule (https://github.com/sap-linuxlab/community.sap_install/pull/807) + - sap_*_preconfigure: Edge case handling for SUSE packages + - sap_general_preconfigure: Reboot fix in handler (https://github.com/sap-linuxlab/community.sap_install/pull/892) + - sap_ha_install_hana_hsr: Fixes to work for multiple secondaries (https://github.com/sap-linuxlab/community.sap_install/pull/866) + - sap_ha_install_anydb_ibmdb2: Linting and sles bug fixes (https://github.com/sap-linuxlab/community.sap_install/pull/803) + ' + release_date: '2024-11-29' diff --git a/docs/CONTRIBUTORS.md b/docs/CONTRIBUTORS.md index 7aa38e371..06e92afc0 100644 --- a/docs/CONTRIBUTORS.md +++ b/docs/CONTRIBUTORS.md @@ -12,6 +12,13 @@ - **Bernd Finger** - Developer of sap_*_preconfigure Ansible Roles and project co-owner - **Marcos Entenza** - Primary Developer of Ansible Roles - **Ricardo Garcia** - Primary Developer of Ansible Roles + - **Janine Fuchs** - Developer of Ansible Roles + - **Markus Moster** - Developer of Ansible Roles - **SVA** - **Thomas Bludau** - Origin developer of SAP installation Ansible automation (2019) and project co-owner - **Rainer Leber** - Developer of Ansible Collection (SLES code) +- **SUSE** + - SUSE SAP Emerging Technology Solutions + - **Steven Stringer** - Developer of Ansible Collection + - **Marcel Mamula** - SAP solution architect and developer of Ansible Collection + - **Gabriele Puliti** - Developer of Ansible Collection diff --git a/docs/README.md b/docs/README.md deleted file mode 100644 index 040360fcd..000000000 --- a/docs/README.md +++ /dev/null @@ -1,135 +0,0 @@ -# Documentation of community.sap_install Ansible Collection - -## Introduction - -The `sap_install` Ansible Collection provides a variety of automated tasks for the configuration and installation of SAP Software. - -Each Ansible Role contained within this Ansible Collection, performs a distinct set of tasks and are designed to be run independently or cohesively - depending on the outcome desired by an end-user. - - -## Functionality - -This Ansible Collection executes various SAP Software installations for different SAP solution scenarios. The code structure and logic has been separated to support a flexible execution of different steps for various scenarios. - -Any Ansible Roles labelled "preconfigure" and "prepare" are prerequisites, executed before the corresponding installation Ansible Roles (such as `sap_hana_install` or `sap_swpm`). - -At a high-level, the key installation functionality of this Ansible Collection includes: - -1. **OS Preparation activities for SAP HANA Database Server, SAP AnyDB Database Server or SAP NetWeaver Application Server** - -2. **SAP HANA installations via SAP HANA database lifecycle manager (HDBLCM)** - - Configure Firewall rules and Hosts file for SAP HANA database server instance/s - - Install SAP Host Agent - - Install SAP HANA database server, with any SAP HANA Component (e.g. Live Cache Apps, Application Function Library etc.) - - Apply license to SAP HANA - -3. **SAP HANA High Availability tasks** - - Install SAP HANA System Replication - - Install Linux Pacemaker, configure Pacemaker Fencing Agents for a given Infrastructure Platform - - Configure Linux Pacemaker Resource Agents for SAP HANA - -4. **Every SAP Software installation via SAP Software Provisioning Manager (SWPM)** - - Execute SAP SWPM Unattended installation - - Using on-the-fly generated inifile.params from Ansible Variables - - Using a list of inifile parameters in an Ansible Dictionary - - Re-using an existing inifile.params - -5. **SAP NetWeaver High Availability tasks** - - Install Linux Pacemaker, configure Pacemaker Fencing Agents for a given Infrastructure Platform - - Configure Linux Pacemaker Resource Agents for SAP NetWeaver ASCS/ERS - - -## Execution - -An Ansible Playbook is the file created and executed by an end-user, which imports from Ansible Collections to perform various activities on the target hosts. - -The Ansible Playbook can call either an Ansible Role, or directly call the individual Ansible Modules: - -- **Ansible Roles** (runs multiple Ansible Modules) -- **Ansible Modules** (and adjoining Python/Bash Functions) - -It is strongly recommended to execute these Ansible Roles in accordance to best practice Ansible usage, where an Ansible Playbook is executed from a host and Ansible will login to a target host to perform the activities. - -> If an Ansible Playbook is executed from the target host itself (similar to logging in and running a shell script), this is known as an Ansible Playbook 'localhost execution' and is not recommended as it has limitations on SAP Software installations (particularly installations across multiple hosts). - -At a high-level, complex executions with various interlinked activities are run in parallel or sequentially using the following execution structure: - -``` -Ansible Playbook --> source Ansible Collection --> execute Ansible Task ----> run Ansible Role ------> run Ansible Module (e.g. built-in Ansible Module for Shell) -``` - -### Execution examples - -There are various methods to execute the Ansible Collection, dependent on the use case. - -For more information, see [Getting started](./getting_started#readme) and edit the [sample Ansible Playbooks in `/playbooks`](../playbooks/). - - -## Requirements and Dependencies - -### Target host - Operating System requirements - -Designed for Linux operating systems, e.g. RHEL (7.x, 8.x, 9.x) and SLES (15 SPx). - -This Ansible Collection has not been tested and amended for SAP NetWeaver Application Server instantiations on IBM AIX or Windows Server. - -Assumptions for executing the Ansible Roles from this Ansible Collection include: - -- Registered OS -- OS Package repositories are available (from the relevant content delivery network of the OS vendor) - -N.B. The Ansible Collection works with SLES from version 15 SP3 and upwards, for the following reasons: - -- firewalld is used within the Ansible Collection. In SLES 15 SP3, firewalld became the replacement for nftables. See changelog [SLE-16300](https://www.suse.com/releasenotes/x86_64/SUSE-SLES/15-SP3/index.html#jsc-SLE-16300) -- SELinux is used within the Ansible Collection. While introduced earlier with community support, full support for SELinux was provided as of SLES 15 SP3. See changelog [SLE-17307](https://www.suse.com/releasenotes/x86_64/SUSE-SLES/15-SP3/index.html#jsc-SLE-17307) - -### Execution/Controller host - Operating System requirements - -Execution of Ansible Playbooks using this Ansible Collection have been tested with: -- Python 3.9.7 and above (i.e. CPython distribution) -- Ansible Core 2.12.0 and above _(included with optional installation of Ansible Community Edition 5.0 and above)_ -- OS: macOS with Homebrew, RHEL, SLES, and containers in Task Runners (e.g. Azure DevOps) - -#### Ansible Core version - -This Ansible Collection was designed for maximum backwards compatibility, with full compatibility starting from Ansible Core 2.12.0 and above. - -**Note 1:** Ansible 2.9 was the last release before the Ansible project was split into Ansible Core and Ansible Community Edition, and was before Ansible Collections functionality was introduced. This Ansible Collection should execute when Ansible 2.9 is used, but it is not recommended and errors should be expected (and will not be resolved). - -**Note 2:** Ansible Core versions prior to 2.14.12 , 2.15.8 , and 2.16.1 where `CVE-2023-5764` (templating inside `that` statement of `assert` Ansible Tasks) security fix was addressed, will work after `v1.3.4` of this Ansible Collection. Otherwise an error similar to the following will occur: - -```yaml -fatal: [host01]: FAILED! => - msg: 'The conditional check ''13 <= 128'' failed. The error was: Conditional is marked as unsafe, and cannot be evaluated.' -``` - - -## Testing - -Various SAP Software solutions have been extensively tested. - -Prior to each release, basic scenarios are executed to confirm functionality is working as expected; including SAP S/4HANA installation. - -Important note: it is not possible for the project maintainers to test every SAP Software installation and solution scenario for each OS hosted on each Infrastructure Platform, if an error is identified please raise a [GitHub Issue](/../../issues/). - - -### Ansible Roles Lint Status - -| Role Name | Ansible Lint Status | -| :--- | :--- | -| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | N/A | -| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | [![Ansible Lint for sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml) | -| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | [![Ansible Lint for sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml) | -| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | [![Ansible Lint for sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml) | -| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | [![Ansible Lint for sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml) | -| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | [![Ansible Lint for sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml) | -| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | N/A | -| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | N/A | -| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | [![Ansible Lint for sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_maintain_etc_hosts.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_maintain_etc_hosts.yml) | -| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | [![Ansible Lint for sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_netweaver_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_netweaver_preconfigure.yml) | -| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | N/A | -| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | [![Ansible Lint for sap_swpm](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_swpm.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_swpm.yml) | diff --git a/docs/developer_notes/sap_swmp_dev.md b/docs/developer_notes/sap_swmp_dev.md index 8e562eb29..b85c4d5ae 100644 --- a/docs/developer_notes/sap_swmp_dev.md +++ b/docs/developer_notes/sap_swmp_dev.md @@ -1,10 +1,9 @@ # sap_swpm Ansible Role DEVELOPER NOTES -## Errors with missing signature files for installation media +## Common Errors -After SWPM 1.0 SP22 and SAP SWPM 2.0 SP00, all SAP Software installation media requires a separate signature file (SIGNATURE.SMF). The signature file is missing in older installation media. +### Error - Missing signature files for installation media -For example, IDES for SAP ECC 6.0 EhP8. See the following error message and SAP Note 2622019 - "EXPORT_1 is not signed" error during IDES installation. ```shell INFO DU at '/software_path/51052029_1/EXP1' is not signed. @@ -16,6 +15,236 @@ SOLUTION: Ensure that you use the latest available version of Installation Expor Not accepted ``` +After SWPM 1.0 SP22 and SAP SWPM 2.0 SP00, all SAP Software installation media requires a separate signature file (SIGNATURE.SMF). The signature file is missing in older installation media. + +For example, IDES for SAP ECC 6.0 EhP8. See the following error message and SAP Note 2622019 - "EXPORT_1 is not signed" error during IDES installation. + + +### Error - NIECONN_REFUSED + +```shell +FAIL: NIECONN_REFUSED +``` + +During SAP SWPM execution, it is common to see this **FALSE positive** error message. This is often due to restart of SAP NetWeaver AS in the installation procedures. + +If this error occurs and SAP SWPM does not succeed, execute `sapcontrol -nr -function StartService ` to ensure that sapstartsrv is running and debug the underlying cause of the error; such as Network Port blocked, incorrect /etc/hosts file etc that is causing issues starting SAP NetWeaver AS. + + +### Error - Unprivileged users have permissions + +```shell +Group of installation directory '/xxxxx/' is root, not sapinst. + +Unprivileged users have permissions 'rx' instead of no permissions at all on directory 'xxxxx/' +``` + +During SAP SWPM execution, user group permissions on directories are verified. + +If this error occurs, verify with `getent group` to ensure sapinst has more users than root; such as: `sapinst:x:<>:root,<>adm` + +To resolve, ensure the SWPM Unattended Parameter `nwUsers.sapsysGID` is set but remove any value from it. For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_sapadm_uid: "" +sap_swpm_sapsys_gid: "" +sap_swpm_sidadm_uid: "" +``` + + +### Error - No Profile used + +```shell +sapparam(1c): No Profile used +``` + +During SAP SWPM execution, a target profile directory is created (auto-populated by the `sap_swpm` Ansible Role). + +If this error occurs, it may cause additional errors such as `getProfileDir reported an error: Empty directory name is not allowed`. + +To resolve, ensure the SWPM Unattended Parameter `NW_readProfileDir.profileDir` is set and has been provided a string path with the SAP System ID (e.g. `/sapmnt//profile`). For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_sid: "S01" +sap_swpm_inifile_list: + - nw_config_other + ... + +``` + +Alternatively, use Shell environment variable named `SAPSYSTEMNAME=` when executing `./sapinst`. + + +### Error - Wrong password for SYSTEM user of the SYSTEMDB Tenant for SAP HANA MDC + +```shell +NW_GetSidNoProfiles | NW_getDBInfo | NW_HDB_getDBInfo + +Error code FCO-00011 and MUT-03025 + +The step getDBInfoMultiDbSystemDB reported an error: +The database connection with database user SYSTEM cannot be set up. +Check that the database is online and the password of user SYSTEM is correct. +``` + +During SAP SWPM execution, a connection to the SAP HANA MDC SystemDB Tenant is required. + +To resolve, ensure the SWPM Unattended Parameter `NW_HDB_getDBInfo.systemDbPassword` is set and correct. For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_db_systemdb_password: "Password" +``` + + +### Error - Wrong password for SYSTEM user of the target SAP HANA MDC Tenant + +```shell +NW_GetSidNoProfiles | NW_getDBInfo | NW_HDB_getDBInfo + +Error code FCO-00011 and MUT-03025 + +The step getDBInfo reported an error: +The database connection with database user SYSTEM cannot be set up. +Check that the database is online and the password of user SYSTEM is correct. +``` + +During SAP SWPM execution, a connection to the SAP HANA MDC Tenant target and database schema (e.g. `SAPHANADB` or `SAPABAP1`) is required. + +To resolve, ensure the SWPM Unattended Parameter `storageBasedCopy.hdb.systemPassword` and `NW_HDB_getDBInfo.systemPassword` is set and correct. For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_db_system_password: "Password" +``` + +This may also occur after System Copy Database Backup Restore when the wrong password is given for SYSTEM user of the Database Schema (e.g. `SAPHANADB` or `SAPABAP1`). Such as the error below: + +```Shell +NW_CreateDBandLoad | NW_CreateDB | NW_HDB_DB + +The step RevalidateSystemuserPassword reported an error: +Start SAPinst in interactive mode to solve this problem. +``` + +To resolve, ensure the SWPM Unattended Parameter `HDB_Schema_Check_Dialogs.schemaPassword` is correctly set. For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_db_system_password: "Password" +sap_swpm_db_schema_password: "Password" +``` + + +### Error - Wrong password for SYSTEM user of Database Schema for the SAP HANA Backup file + +```shell +NW_CreateDBandLoad | NW_CreateDB | NW_HDB_DB + +The step RevalidateSchemauserPassword reported an error: +The database connection with database user SYSTEM cannot be set up. +Check that the database is online and the password of user SYSTEM is correct. +``` + +During SAP SWPM execution, when using a Database Backup File the SYSTEM user of the Database Schema within the backup (e.g. `SAPHANADB`, or `SAPABAP1`) is required. + +To resolve, ensure the SWPM Unattended Parameter `NW_HDB_getDBInfo.systemPasswordBackup` value is the correct password. For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_backup_system_password: "Password" +``` + + +### Error - Wrong password for DDIC user of Database Schema for the SAP HANA Backup file + +```shell +NW_CI_Instance | abapReports | NW_DDIC_Password + +ERROR (root/sapinst) id=rfcmod.jsco.wrongPassword +The step checkDDIC000Password was executed with status ERROR +The password you specified for user DDIC is wrong. +

SOLUTION: Enter the correct password.

+``` + +During SAP SWPM execution, when using a Database Backup File the DDIC user of the Database Schema within the backup (e.g. `SAPHANADB`, or `SAPABAP1`) is required after the data load occurs. + +To resolve, ensure the SWPM Unattended Parameter `NW_DDIC_Password.ddic000Password` value is the correct password. For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_ddic_000_password: "Password" +``` + + +### Error - Wrong schema name for database connection set up + +```shell +The database connection with database user SYSTEM cannot be set up. +Check that the database is online and the password of the user SYSTEM is correct +``` + +During SAP SWPM execution, when using a Database Backup File Database Schema name is required after the data load occurs. + +To resolve, ensure the SWPM Unattended Parameter for the Database Schema (e.g. `HDB_Schema_Check_Dialogs.schemaName` for SAP HANA) is set and provided with the correct schema name (e.g. `SAPHANADB` , `SAPABAP1` based upon different SAP Software and versions). For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_db_schema: "SAPABAP1" +``` + + +### Error - Wrong domain name + +```shell +NW_GetSidNoProfiles | NW_getFQDN + +The step askFQDN reported an error: +Cannot resolve host 'xxxxxx' by name +``` + +During SAP SWPM execution, the FQDN is used for connections. + +To resolve, ensure the SWPM Unattended Parameter `NW_getFQDN.FQDN` for the FQDN is correct. For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_set_fqdn: true +sap_swpm_fqdn: "name.internal.corp" +``` + + +### Error - Restricted file permissions for current working directory + +```shell +NW_First_Steps | Preinstall + +The step checkInstDirPermissions was executed with status ERROR +The installation directory /xxxxx is not owned by group sapinst. +

SOLUTION: SAPinst will set the appropriate permission on the directory if you choose Ok.

+``` + +During SAP SWPM execution, the current working directory should be `0755` permission. + +This should be achieved automatically by the `sap_swpm` Ansible Role, whereby the variable `sap_swpm_sapinst_path: /path_here` is set to `0755` prior to execution of `sapinst`. + + +### Error - Incomplete parameters for Database Backup Restore and connection set up + +```shell +NWCreateDBandLoad | hdb_recovery_dialogs + +The step ask_recovery_connect_data_existing_database reported an error +``` + +During SAP SWPM execution, when using a Database Backup File additional variables are required for the data load. + +To resolve, ensure the SWPM Unattended PArameters below are set: +```shell +HDB_Recovery_Dialogs.backupLocation = "" +HDB_Recovery_Dialogs.backupName = "" +HDB_Recovery_Dialogs.sapControlWsdlUrl = "http://HOST:PORT/SAPControl?wsdl" +HDB_Recovery_Dialogs.sidAdmName = "" +HDB_Recovery_Dialogs.sidAdmPassword = "" +``` + +For example, in `sap_swpm` Ansible Role with default mode execution: +```yaml +sap_swpm_backup_location: "" +sap_swpm_backup_prefix: "" +sap_swpm_db_host: "" +sap_swpm_db_instance_nr: "" +sap_swpm_db_sid: "" +sap_swpm_db_sidadm_password: "" +``` + + +--- + ## SAP SWPM for SAP NWAS JAVA installations diff --git a/docs/getting_started/README.md b/docs/getting_started/README.md index 7788e3c4d..c5b79b2c1 100644 --- a/docs/getting_started/README.md +++ b/docs/getting_started/README.md @@ -6,6 +6,7 @@ In this folder you will find sample files, a few additional tips for using the p - [Inventory and variable parameters](#inventory-and-variable-parameters) - [Security parameters](#security-parameters) - [Other useful options](#other-useful-options) + - [Improve readability of playbook output in terminal](#improve-readability-of-playbook-output-in-terminal) ## How to run playbooks @@ -95,3 +96,34 @@ These are not all available options, but ones that may help getting familiar wit Be careful to choose a task which covers pre-requisites, i.e. tasks that discover information which is used in subsequent tasks have to be run to fulfill conditionals. - `-C` attempts a dry-run of the playbook without applying actual changes. This is limited to simple tasks that do not require other changes already been done in previous tasks. - `--step` this executes the playbook but will prompt for every task to be run or skipped. At the prompt it can also be told to continue and not ask again, however. Useful to slow down execution and review each tasks result before proceeding with the next task. + +### Improve readability of playbook output in terminal +Note: For terminals with dark background, replace the color code `30m` by `37m`. +In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: +```yaml +printf "\033[37mreadable font\n" +``` +In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: +```yaml +printf "\033[30mreadable font\n" +``` + +Execution of `sap_general_preconfigure` playbook with a nice compact and colored output, this time for two hosts: +```console +ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | +awk '{sub (" \"msg\": ", "")} + /TASK/{task_line=$0} + /fatal:/{fatal_line=$0; nfatal[host]++} + /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} + /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} + /SAP note/{print "\033[30m[" host"] "$0} + /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} + /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} + /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} + /INFO:/{print "\033[34m[" host"] "$0} + /changed/&&/unreachable/{print "\033[30m[" host"] "$0} + END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { + printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line + } + else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' +``` diff --git a/galaxy.yml b/galaxy.yml index 4a9423b09..bb5e3566f 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ### REQUIRED @@ -10,7 +11,7 @@ namespace: community name: sap_install # The version of the collection. Must be compatible with semantic versioning -version: 1.4.1 +version: 1.5.0 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md diff --git a/playbooks/README.md b/playbooks/README.md index 7362b9535..02987c363 100644 --- a/playbooks/README.md +++ b/playbooks/README.md @@ -1,8 +1,64 @@ -# List of playbooks +# Ansible Collection Playbooks + +The playbooks starting with `sample-` in this directory can be used as examples for your own playbooksi and cannot be called directly from the commandline. +The other playbooks can be called directly with a prepared variable file or imported in your own playbooks or workflows. +The playbooks can run against localhost, all hosts or defined group. + +## Usage of playbooks + +### Prepare System for SAP HANA installation: `sap_hana_prepare_exec.yml` + +This playbook runs against localhost and/or remote hosts. +You need to define the variable `sap_hana_group`to run this playbook against a particular group of hosts which is defined in your inventory. +If you do not define the parameter `sap_hana_group` the playbook will run against all hosts in the inventory unless limited with `-l hostname' or localhost if no inventory is defined. + +To run this playbook you need to prepare a variable file with a minimum viable set of variables. + +#### Example: + +Create a parameter file `my_vars.yml` with similar content: + +```[yaml] + # sap_playbook_parameter_confirm: false # Set to true if you want to list parameters and confirm execution + sap_domain: my.sap.domain + sap_general_preconfigure_modify_etc_hosts: true + sap_general_preconfigure_update: true + sap_general_preconfigure_fail_if_reboot_required: false + sap_hana_preconfigure_update: true + sap_hana_preconfigure_fail_if_reboot_required: false + sap_hana_preconfigure_reboot_ok: true +``` + +Create the file `my_inventory` similar to: + +```[yaml] +[my_hanas] +hana1 +hana2 +``` + +Now you can run the playbook with + +```[bash] +ansible-playbook community.sap_install.sap_hana_preconfigure_exec.yml -i my_inventory -e @my_vars.yml -e sap_hana_group=my_hanas +``` + +When you call this playbook against a remote host make sure the user can connect and assume root without a password or pass the following parameters if necessary + +```[bash] + -u : User that establishes the ssh connection + -k: asks for password or passphrase of the connection user, if required for ssh + -K: asks for the privilege escalation password of the connection user to become root on the target host +``` + +You can also call the playbook inside another playbook with: + +``` +- name: Include HANA preparation from collection for group my_hanas + ansible.builtin.import_playbook: community.sap_install.sap_hana_prepare_exec.yml + vars: + sap_hana_group: my_hanas + # add other vars here, or define somewhere else +``` -- prepare-for-hana -- prepare-for-netweaver -- install-sap-hana -- install-sap-hana-cluster -- install-sap-hana-s4 diff --git a/playbooks/sample-sap-ha-deployment-hana-2-node-cluster.yml b/playbooks/sample-sap-ha-deployment-hana-2-node-cluster.yml index 46d6166a6..119bbd815 100644 --- a/playbooks/sample-sap-ha-deployment-hana-2-node-cluster.yml +++ b/playbooks/sample-sap-ha-deployment-hana-2-node-cluster.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # This playbook will # - prepare and install SAP HANA on 2 target nodes diff --git a/playbooks/sample-sap-hana-install.yml b/playbooks/sample-sap-hana-install.yml index f9489ac62..d0e5c2688 100644 --- a/playbooks/sample-sap-hana-install.yml +++ b/playbooks/sample-sap-hana-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Ansible Play for executing SAP HANA installation to all hosts in Ansible Inventory hosts: all diff --git a/playbooks/sample-sap-hana-preconfigure.yml b/playbooks/sample-sap-hana-preconfigure.yml index fd420d241..46e806ecc 100644 --- a/playbooks/sample-sap-hana-preconfigure.yml +++ b/playbooks/sample-sap-hana-preconfigure.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Ansible Play for executing preconfiguration activities for SAP HANA to all hosts in Ansible Inventory hosts: all diff --git a/playbooks/sample-sap-nwas-ascs-ers-2-node-cluster.yml b/playbooks/sample-sap-nwas-ascs-ers-2-node-cluster.yml index 0a2d80c35..337a96aa8 100644 --- a/playbooks/sample-sap-nwas-ascs-ers-2-node-cluster.yml +++ b/playbooks/sample-sap-nwas-ascs-ers-2-node-cluster.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # This playbook will # - install and configure a basic pacemaker cluster diff --git a/playbooks/sample-sap-storage-prep.yml b/playbooks/sample-sap-storage-prep.yml deleted file mode 100644 index ace34cc91..000000000 --- a/playbooks/sample-sap-storage-prep.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- - -# Experimental Ansible Role, do not suggest using this - -- hosts: all - become: true - pre_tasks: -# - include_vars: ./vars/sample-variables-sap-storage-lvm.yml -# - include_vars: ./vars/sample-variables-sap-storage-lvm-stripes.yml - - tasks: - - - name: SAP storage preparation - vars: - sap_storage_cloud_type: 'generic' - sap_storage_sap_type: 'sap_onehost' - sap_storage_action: 'prepare' - include_role: - name: ../roles/sap_storage_setup diff --git a/playbooks/sample-sap-storage-setup_sap_s4hana_distributed.yml b/playbooks/sample-sap-storage-setup_sap_s4hana_distributed.yml new file mode 100644 index 000000000..4cdcf423a --- /dev/null +++ b/playbooks/sample-sap-storage-setup_sap_s4hana_distributed.yml @@ -0,0 +1,162 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +- name: Complete Infrastructure setup + hosts: hana_primary, nwas_ascs, nwas_pas, nwas_aas + become: true + any_errors_fatal: true + + vars: + + sap_system_sid: "S01" + sap_system_hana_db_sid: "H01" + sap_system_nwas_abap_ascs_instance_nr: "00" + sap_system_nwas_abap_pas_instance_nr: "01" + sap_system_nwas_abap_aas_instance_nr: "11" + + aws_nfs_mount_point: "fs-1234567890.efs.eu-west-2.amazonaws.com:/" + aws_nfs_mount_point_separate_sap_transport_dir: "fs-0987654321.efs.eu-west-2.amazonaws.com:/" + aws_nfs_mount_point_type: nfs4 + aws_nfs_mount_point_opts: nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,acl,noauto # should include noauto to avoid /etc/fstab mount on boot, when Linux Pacemaker should control mount + + aws_host_specifications_dictionary: + + hana-p: + sap_storage_setup_sid: "{{ sap_system_hana_db_sid }}" + sap_storage_setup_host_type: + - hana_primary + sap_storage_setup_definition: + - name: hana_data + mountpoint: /hana/data + disk_size: 384 # size in GB, integer + filesystem_type: xfs # default: xfs + - name: hana_log + mountpoint: /hana/log + disk_size: 128 # size in GB, integer + filesystem_type: xfs # default: xfs + - name: hana_shared + mountpoint: /hana/shared + disk_size: 320 # size in GB, integer + filesystem_type: xfs # default: xfs + - name: swap + swap_path: /swapfile # use swap file on root disk, instead of creating LVM LV for swap + disk_size: 2 + filesystem_type: swap # must be swap filesystem + - name: software + mountpoint: /software + disk_size: 100 # size in GB, integer + filesystem_type: xfs # default: xfs + + + nw-ascs: + sap_storage_setup_sid: "{{ sap_system_sid }}" + sap_storage_setup_nwas_abap_ascs_instance_nr: "{{ sap_system_nwas_abap_ascs_instance_nr }}" + sap_storage_setup_host_type: + - nwas_abap_ascs + sap_storage_setup_definition: + - name: usr_sap + mountpoint: /usr/sap + nfs_path: /usr/sap # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: usr_sap_trans + mountpoint: /usr/sap/trans + nfs_path: /usr/sap/trans # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point_separate_sap_transport_dir | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: sapmnt + mountpoint: /sapmnt + nfs_path: /sapmnt # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: swap + disk_size: 96 + filesystem_type: swap # must be swap filesystem + - name: software + mountpoint: /software + disk_size: 100 # size in GB, integer + filesystem_type: xfs # default: xfs + + + nw-pas: + sap_storage_setup_sid: "{{ sap_system_sid }}" + sap_storage_setup_nwas_abap_pas_instance_nr: "{{ sap_system_nwas_abap_pas_instance_nr }}" + sap_storage_setup_host_type: + - nwas_abap_pas + sap_storage_setup_definition: + - name: usr_sap + mountpoint: /usr/sap + nfs_path: /usr/sap # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: usr_sap_trans + mountpoint: /usr/sap/trans + nfs_path: /usr/sap/trans # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point_separate_sap_transport_dir | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: sapmnt + mountpoint: /sapmnt + nfs_path: /sapmnt # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: swap + disk_size: 96 + filesystem_type: swap # must be swap filesystem + - name: software + mountpoint: /software + disk_size: 100 # size in GB, integer + filesystem_type: xfs # default: xfs + + + nw-aas: + sap_storage_setup_sid: "{{ sap_system_sid }}" + sap_storage_setup_nwas_abap_aas_instance_nr: "{{ sap_system_nwas_abap_aas_instance_nr }}" + sap_storage_setup_host_type: + - nwas_abap_aas + sap_storage_setup_definition: + - name: usr_sap + mountpoint: /usr/sap + nfs_path: /usr/sap # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: usr_sap_trans + mountpoint: /usr/sap/trans + nfs_path: /usr/sap/trans # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point_separate_sap_transport_dir | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: sapmnt + mountpoint: /sapmnt + nfs_path: /sapmnt # subdirectory path on the NFS server + nfs_server: "{{ aws_nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} + nfs_filesystem_type: "{{ aws_nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} + nfs_mount_options: "{{ aws_nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} + - name: swap + disk_size: 96 + filesystem_type: swap # must be swap filesystem + - name: software + mountpoint: /software + disk_size: 100 # size in GB, integer + filesystem_type: xfs # default: xfs + + + tasks: + + - name: Execute Ansible Role sap_storage_setup + ansible.builtin.include_role: + name: community.sap_install.sap_storage_setup + vars: + sap_storage_setup_sid: "{{ aws_host_specifications_dictionary[ansible_hostname].sap_storage_setup_sid | default('') }}" + sap_storage_setup_host_type: "{{ aws_host_specifications_dictionary[ansible_hostname].sap_storage_setup_host_type | list }}" + sap_storage_setup_definition: "{{ aws_host_specifications_dictionary[ansible_hostname].sap_storage_setup_definition | list }}" + sap_storage_setup_nwas_abap_ascs_instance_nr: "{{ aws_host_specifications_dictionary[ansible_hostname].sap_storage_setup_nwas_abap_ascs_instance_nr | default(omit) }}" + sap_storage_setup_nwas_abap_ers_instance_nr: "{{ aws_host_specifications_dictionary[ansible_hostname].sap_storage_setup_nwas_abap_ers_instance_nr | default(omit) }}" + sap_storage_setup_nwas_abap_pas_instance_nr: "{{ aws_host_specifications_dictionary[ansible_hostname].sap_storage_setup_nwas_abap_pas_instance_nr | default(omit) }}" + sap_storage_setup_nwas_abap_aas_instance_nr: "{{ aws_host_specifications_dictionary[ansible_hostname].sap_storage_setup_nwas_abap_aas_instance_nr | default(omit) }}" diff --git a/playbooks/sample-sap-swpm-advanced-mode.yml b/playbooks/sample-sap-swpm-advanced-mode.yml index 819b5ff47..dfe1fc32e 100644 --- a/playbooks/sample-sap-swpm-advanced-mode.yml +++ b/playbooks/sample-sap-swpm-advanced-mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible Playbook for executing sap_swpm Ansible in "Advanced Mode" diff --git a/playbooks/sample-sap-swpm-advanced-templates-mode.yml b/playbooks/sample-sap-swpm-advanced-templates-mode.yml index 508660a64..94a58856f 100644 --- a/playbooks/sample-sap-swpm-advanced-templates-mode.yml +++ b/playbooks/sample-sap-swpm-advanced-templates-mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible Playbook for executing sap_swpm Ansible in "Advanced Templates Mode" diff --git a/playbooks/sample-sap-swpm-all-modes-interactive.yml b/playbooks/sample-sap-swpm-all-modes-interactive.yml index 5b55ef7b0..0e643c90f 100644 --- a/playbooks/sample-sap-swpm-all-modes-interactive.yml +++ b/playbooks/sample-sap-swpm-all-modes-interactive.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible Playbook for executing sap_swpm Ansible Role with interactive selection of mode (Inifile Reuse, Default, Advanced, Default Templates, Advanced Templates) diff --git a/playbooks/sample-sap-swpm-default-mode.yml b/playbooks/sample-sap-swpm-default-mode.yml index 0d8eab07b..08059c3c7 100644 --- a/playbooks/sample-sap-swpm-default-mode.yml +++ b/playbooks/sample-sap-swpm-default-mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible Playbook for executing sap_swpm Ansible in "Default Mode" diff --git a/playbooks/sample-sap-swpm-default-templates-mode.yml b/playbooks/sample-sap-swpm-default-templates-mode.yml index 1ed58153e..0d148e28b 100644 --- a/playbooks/sample-sap-swpm-default-templates-mode.yml +++ b/playbooks/sample-sap-swpm-default-templates-mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible Playbook for executing sap_swpm Ansible in "Default Templates Mode" diff --git a/playbooks/sample-sap-swpm-inifile-reuse-mode.yml b/playbooks/sample-sap-swpm-inifile-reuse-mode.yml index b7ff6938d..babd446c3 100644 --- a/playbooks/sample-sap-swpm-inifile-reuse-mode.yml +++ b/playbooks/sample-sap-swpm-inifile-reuse-mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible Playbook for executing sap_swpm Ansible in "Inifile Reuse Mode" diff --git a/playbooks/sample-storage_sap_s4hana_distributed.yml b/playbooks/sample-storage_sap_s4hana_distributed.yml deleted file mode 100644 index 510d0b1a7..000000000 --- a/playbooks/sample-storage_sap_s4hana_distributed.yml +++ /dev/null @@ -1,205 +0,0 @@ ---- - -- name: Complete Infrastructure setup - hosts: hana_primary, nwas_ascs, nwas_pas, nwas_aas - become: true - any_errors_fatal: true - - vars: - - sap_system_sid: "S01" - sap_system_hana_db_sid: "H01" - sap_system_hana_db_instance_nr: "90" - sap_system_nwas_abap_ascs_instance_nr: "00" - sap_system_nwas_abap_pas_instance_nr: "01" - sap_system_nwas_abap_aas_instance_nr: "11" - - nfs_mount_point: "fs-1234567890.efs.eu-west-2.amazonaws.com:/" - nfs_mount_point_separate_sap_transport_dir: "fs-0987654321.efs.eu-west-2.amazonaws.com:/" - nfs_mount_point_type: nfs4 - nfs_mount_point_opts: nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,acl,noauto # should include noauto to avoid /etc/fstab mount on boot, when Linux Pacemaker should control mount - - host_specifications_dictionary: - - hana-p: # hostname - # hana_primary, hana_secondary, nwas_abap_ascs, nwas_abap_ers, nwas_abap_pas, nwas_abap_aas, nwas_java_scs, nwas_java_ers - sap_storage_setup_host_type: - - hana_primary - - storage_definition: - - # Commented out variables are the same for each filesystem, only shown once below to ease readability - - name: hana_data - mountpoint: /hana/data - disk_size: 384 # size in GB, integer - filesystem_type: xfs # default: xfs - #lvm_lv_name: # default: lv_ - #lvm_lv_stripes: 2 # default: null, number of disks to stripe over - #lvm_lv_stripe_size: 128K # default: 64K, defined by the OS. Akin to Virtualized Block Size - #lvm_vg_name: # default: vg_ - #lvm_vg_options: # default: none, additional LVM VG options as string in LVM options syntax (e.g. "--dataalignment XX ..." to override MiB offset from disk start before first LVM VG Physical Extent) - #lvm_vg_physical_extent_size: # default: 4, uses 4 MiB default and difficult to change once set. Akin to Physical Block Size - #lvm_pv_device: # default: discovered ansible_devices matching the target size - #lvm_pv_options: # default: none, additional LVM PV options as string in LVM options syntax (e.g. "--dataalignment XX ..." to override MiB offset from disk start before first LVM PV Physical Extent) - #nfs_path: # subdirectory path on the NFS server - #nfs_server: # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - #nfs_filesystem_type: # default: {{ sap_storage_setup_nfs_filesystem_type }} - #nfs_mount_options: # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: hana_log - mountpoint: /hana/log - disk_size: 128 # size in GB, integer - filesystem_type: xfs # default: xfs - - - name: hana_shared - mountpoint: /hana/shared - disk_size: 320 # size in GB, integer - filesystem_type: xfs # default: xfs - - - name: swap - swap_path: /swapfile # use swap file on root disk, instead of creating LVM LV for swap - disk_size: 2 - filesystem_type: swap # must be swap filesystem - - - name: software - mountpoint: /software - disk_size: 100 # size in GB, integer - filesystem_type: xfs # default: xfs - - - nw-ascs: # hostname - sap_storage_setup_sid: "{{ sap_system_sid }}" - sap_storage_setup_nwas_abap_ascs_instance_nr: "{{ sap_system_nwas_abap_ascs_instance_nr }}" - - # hana_primary, hana_secondary, nwas_abap_ascs, nwas_abap_ers, nwas_abap_pas, nwas_abap_aas, nwas_java_scs, nwas_java_ers - sap_storage_setup_host_type: - - nwas_abap_ascs - - storage_definition: - - - name: usr_sap - mountpoint: /usr/sap - nfs_path: /usr/sap # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: usr_sap_trans - mountpoint: /usr/sap/trans - nfs_path: /usr/sap/trans # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point_separate_sap_transport_dir | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: sapmnt - mountpoint: /sapmnt - nfs_path: /sapmnt # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: swap - disk_size: 96 - filesystem_type: swap # must be swap filesystem - - - name: software - mountpoint: /software - disk_size: 100 # size in GB, integer - filesystem_type: xfs # default: xfs - - - nw-pas: # hostname - sap_storage_setup_sid: "{{ sap_system_sid }}" - sap_storage_setup_nwas_abap_pas_instance_nr: "{{ sap_system_nwas_abap_pas_instance_nr }}" - - # hana_primary, hana_secondary, nwas_abap_ascs, nwas_abap_ers, nwas_abap_pas, nwas_abap_aas, nwas_java_scs, nwas_java_ers - sap_storage_setup_host_type: - - nwas_abap_pas - - storage_definition: - - - name: usr_sap - mountpoint: /usr/sap - nfs_path: /usr/sap # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: usr_sap_trans - mountpoint: /usr/sap/trans - nfs_path: /usr/sap/trans # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point_separate_sap_transport_dir | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: sapmnt - mountpoint: /sapmnt - nfs_path: /sapmnt # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: swap - disk_size: 96 - filesystem_type: swap # must be swap filesystem - - - name: software - mountpoint: /software - disk_size: 100 # size in GB, integer - filesystem_type: xfs # default: xfs - - - nw-aas: # hostname - sap_storage_setup_sid: "{{ sap_system_sid }}" - sap_storage_setup_nwas_abap_aas_instance_nr: "{{ sap_system_nwas_abap_aas_instance_nr }}" - - # hana_primary, hana_secondary, nwas_abap_ascs, nwas_abap_ers, nwas_abap_pas, nwas_abap_aas, nwas_java_scs, nwas_java_ers - sap_storage_setup_host_type: - - nwas_abap_aas - - storage_definition: - - - name: usr_sap - mountpoint: /usr/sap - nfs_path: /usr/sap # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: usr_sap_trans - mountpoint: /usr/sap/trans - nfs_path: /usr/sap/trans # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point_separate_sap_transport_dir | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: sapmnt - mountpoint: /sapmnt - nfs_path: /sapmnt # subdirectory path on the NFS server - nfs_server: "{{ nfs_mount_point | default('') }}" # NFS server and parent directory (e.g. nfs.com:/share1). default: {{ sap_storage_setup_nfs_server }} - nfs_filesystem_type: "{{ nfs_mount_point_type | default('') }}" # default: {{ sap_storage_setup_nfs_filesystem_type }} - nfs_mount_options: "{{ nfs_mount_point_opts | default('') }}" # default: {{ sap_storage_setup_nfs_mount_options }} - - - name: swap - disk_size: 96 - filesystem_type: swap # must be swap filesystem - - - name: software - mountpoint: /software - disk_size: 100 # size in GB, integer - filesystem_type: xfs # default: xfs - - - tasks: - - - name: Execute Ansible Role sap_storage_setup - ansible.builtin.include_role: - name: { role: community.sap_install.sap_storage_setup } - vars: - sap_storage_setup_sid: "{{ host_specifications_dictionary[ansible_hostname].sap_storage_setup_sid | default('') }}" - sap_storage_setup_nwas_abap_ascs_instance_nr: "{{ host_specifications_dictionary[ansible_hostname].sap_storage_setup_nwas_abap_ascs_instance_nr | default('') }}" - sap_storage_setup_nwas_abap_ers_instance_nr: "{{ host_specifications_dictionary[ansible_hostname].sap_storage_setup_nwas_abap_ers_instance_nr | default('') }}" - sap_storage_setup_nwas_abap_pas_instance_nr: "{{ host_specifications_dictionary[ansible_hostname].sap_storage_setup_nwas_abap_pas_instance_nr | default('') }}" - sap_storage_setup_nwas_abap_aas_instance_nr: "{{ host_specifications_dictionary[ansible_hostname].sap_storage_setup_nwas_abap_aas_instance_nr | default('') }}" - sap_storage_setup_host_type: "{{ host_specifications_dictionary[ansible_hostname].sap_storage_setup_host_type | list }}" - sap_storage_setup_definition: "{{ host_specifications_dictionary[ansible_hostname].storage_definition | list }}" diff --git a/playbooks/sap_hana_preconfigure_exec.yml b/playbooks/sap_hana_preconfigure_exec.yml new file mode 100644 index 000000000..5faa89c5e --- /dev/null +++ b/playbooks/sap_hana_preconfigure_exec.yml @@ -0,0 +1,51 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +## +# Call this playbook only with all variables defined. +# +# The minimum viable set of variables which need to be defined are: +# +# sap_hana_group: name of group in inventory - defaults to localhost if not set +# sap_domain: SAP domain - defaults to ansible_domain if not set, but must not be empty +# +# For sap_general_preconfigure: +# sap_general_preconfigure_modify_etc_hosts: defaults to true +# sap_general_preconfigure_update: defaults to false +# sap_general_preconfigure_fail_if_reboot_required: defaults to true +# +# For sap_hana_preconfigure: +# sap_hana_preconfigure_update: defaults to false +# sap_hana_preconfigure_fail_if_reboot_required: defaults to true +# sap_hana_preconfigure_reboot_ok: defaults to false +# +# Note: If the variable sap_playbook_parameter_confirm is set to true, the playbook +# stops execution and waits for an input. If you want to run the playbook in +# non-interactive mode, leave the variable unset or set to false. + +- name: Prepare system for SAP HANA Installation + hosts: "{{ sap_hana_group | d((groups['all'] == []) | ternary ('localhost', 'all')) }}" + become: true + tasks: + - name: Ansible Role Configuration + ansible.builtin.debug: + msg: |- + The SAP HANA preconfiguration runs with the following configuration: + - 'Hostname : {{ sap_hostname | d(ansible_hostname) }}' + - 'IP Address : {{ sap_ip | d(ansible_default_ipv4.address) }}' + - 'Domain : {{ (sap_domain | d('') | length > 0) | ternary(sap_domain, ansible_domain) }}' + - 'Modify hosts : {{ sap_general_preconfigure_modify_etc_hosts | d('false') }}' + - 'Update OS : {{ sap_hana_preconfigure_update | d('false') }}' + - 'Auto Reboot : {{ sap_hana_preconfigure_reboot_ok | d('false') }}' + - 'Fail if reboot is needed: {{ sap_hana_preconfigure_fail_if_reboot_required | d('true') }}' + + - name: Pause Playbook to verify parameters + when: sap_playbook_parameter_confirm | d(false) + ansible.builtin.pause: + + - name: Perform the general SAP configuration + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Perform the SAP HANA specific configuration + ansible.builtin.include_role: + name: community.sap_install.sap_hana_preconfigure diff --git a/playbooks/vars/sample-variables-sap-hana-install.yml b/playbooks/vars/sample-variables-sap-hana-install.yml index 7a0e73a72..f45c283ab 100644 --- a/playbooks/vars/sample-variables-sap-hana-install.yml +++ b/playbooks/vars/sample-variables-sap-hana-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # ----------------------------- Mandatory parameters ----------------------------- # diff --git a/playbooks/vars/sample-variables-sap-storage-lvm-stripes.yml b/playbooks/vars/sample-variables-sap-storage-lvm-stripes.yml index 8c736a99c..de52063a4 100644 --- a/playbooks/vars/sample-variables-sap-storage-lvm-stripes.yml +++ b/playbooks/vars/sample-variables-sap-storage-lvm-stripes.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- sap_storage_dict: diff --git a/playbooks/vars/sample-variables-sap-storage-lvm.yml b/playbooks/vars/sample-variables-sap-storage-lvm.yml index f92fa8fe5..b32a29c83 100644 --- a/playbooks/vars/sample-variables-sap-storage-lvm.yml +++ b/playbooks/vars/sample-variables-sap-storage-lvm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- sap_storage_dict: diff --git a/playbooks/vars/sample-variables-sap-swpm-advanced-mode-s4hana-onehost-install.yml b/playbooks/vars/sample-variables-sap-swpm-advanced-mode-s4hana-onehost-install.yml index 966068b08..228fbd181 100644 --- a/playbooks/vars/sample-variables-sap-swpm-advanced-mode-s4hana-onehost-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-advanced-mode-s4hana-onehost-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-advanced-templates-mode.yml b/playbooks/vars/sample-variables-sap-swpm-advanced-templates-mode.yml index fab324279..47f736957 100644 --- a/playbooks/vars/sample-variables-sap-swpm-advanced-templates-mode.yml +++ b/playbooks/vars/sample-variables-sap-swpm-advanced-templates-mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-bw4hana-onehost-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-bw4hana-onehost-install.yml index 3a79a2a28..6c17903b3 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-bw4hana-onehost-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-bw4hana-onehost-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-aas-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-aas-install.yml index bceb19ee4..fe94fcdff 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-aas-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-aas-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP NetWeaver software @@ -17,6 +18,7 @@ sap_swpm_product_catalog_id: NW_DI:S4HANA2020.CORE.HDB.PD sap_swpm_inifile_list: - swpm_installation_media - credentials + - credentials_hana - db_connection_nw_hana - nw_config_other - nw_config_additional_application_server_instance @@ -37,6 +39,7 @@ sap_swpm_db_system_password: "NewPass$321" sap_swpm_db_systemdb_password: "NewPass$321" sap_swpm_db_schema_abap: "SAPHANADB" sap_swpm_db_schema_abap_password: "NewPass$321" +sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" sap_swpm_db_sidadm_password: "NewPass$321" # NW Instance Parameters diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-ascs-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-ascs-install.yml index a39c9c1aa..7282fece0 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-ascs-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-ascs-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-dbload-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-dbload-install.yml index 08d27d15f..cf772e476 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-dbload-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-dbload-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-ers-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-ers-install.yml index 3a053ff2a..edf8df111 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-ers-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-ers-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-pas-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-pas-install.yml index 49379bf5e..340e28a2a 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-pas-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-distributed-pas-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-onehost-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-onehost-install.yml index d8e5cdf73..35272908e 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-onehost-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-onehost-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-onehost-restore.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-onehost-restore.yml index 1ec025002..28e77069d 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-onehost-restore.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-s4hana-onehost-restore.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-solman-hana-abap-onehost-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-solman-hana-abap-onehost-install.yml index b2ab307e3..f565cca12 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-solman-hana-abap-onehost-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-solman-hana-abap-onehost-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-solman-hana-java-onehost-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-solman-hana-java-onehost-install.yml index 5447ba3bc..5fa25924c 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-solman-hana-java-onehost-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-solman-hana-java-onehost-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-system-rename.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-system-rename.yml index b9dd62a3b..bf3e17a8e 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-system-rename.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-system-rename.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Product ID for System Rename diff --git a/playbooks/vars/sample-variables-sap-swpm-default-mode-webdisp-standalone-install.yml b/playbooks/vars/sample-variables-sap-swpm-default-mode-webdisp-standalone-install.yml index 346d4aabf..a6d92419b 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-mode-webdisp-standalone-install.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-mode-webdisp-standalone-install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/playbooks/vars/sample-variables-sap-swpm-default-templates-mode.yml b/playbooks/vars/sample-variables-sap-swpm-default-templates-mode.yml index bfeafde97..6d8dbc861 100644 --- a/playbooks/vars/sample-variables-sap-swpm-default-templates-mode.yml +++ b/playbooks/vars/sample-variables-sap-swpm-default-templates-mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect SAP HANA and SAP NetWeaver software diff --git a/requirements-workflow.txt b/requirements-workflow.txt index b3d9256a4..559499b7c 100644 --- a/requirements-workflow.txt +++ b/requirements-workflow.txt @@ -1,4 +1,4 @@ -ansible==9.1.0 -ansible-compat==4.1.10 -ansible-core==2.16.2 -ansible-lint==6.22.1 +ansible==9.5.1 +ansible-compat==24.7.0 +ansible-core==2.16.9 +ansible-lint==24.7.0 diff --git a/requirements.yml b/requirements.yml index 837504c71..f5fb3c623 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,3 +4,6 @@ collections: - name: fedora.linux_system_roles version: '>=1.13.0' type: galaxy + - name: community.general + version: '>=9.0.0' + type: galaxy diff --git a/roles/sap_anydb_install_oracle/.yamllint.yml b/roles/sap_anydb_install_oracle/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_anydb_install_oracle/.yamllint.yml +++ b/roles/sap_anydb_install_oracle/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_anydb_install_oracle/README.md b/roles/sap_anydb_install_oracle/README.md index 9db03c630..c7e0cdd2c 100644 --- a/roles/sap_anydb_install_oracle/README.md +++ b/roles/sap_anydb_install_oracle/README.md @@ -1,54 +1,159 @@ + # sap_anydb_install_oracle Ansible Role + -Ansible role for Oracle DB 19.x installation for SAP +## Description + +The Ansible role `sap_anydb_install_oracle` is used to install Oracle Database 19.x for SAP system. + + + + + ## Prerequisites +Managed Nodes: +- Directory with installation media is present and `sap_anydb_install_oracle_extract_path` updated.
+ Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. + -### Software Installation files +## Execution + + + + + + +### Execution Flow + +1. Prepare OS: Install packages, create users, create folders and copy installation media. +2. Install Oracle Database in desired method +3. Execute post installation tasks +4. Apply Oracle Patches if available + + +### Example + +```yaml +--- +- name: Ansible Play for Oracle Database installation + hosts: oracle_host + become: true + tasks: + - name: Execute Ansible Role sap_anydb_install_oracle + ansible.builtin.include_role: + name: community.sap_install.sap_anydb_install_oracle + vars: + sap_anydb_install_oracle_method: minimal + sap_anydb_install_oracle_sid: "OR1" + sap_anydb_install_oracle_base: "/oracle" + sap_anydb_install_oracle_system_password: "Password1%" + sap_anydb_install_oracle_extract_path: "/software/oracledb_extracted" +``` + -Download installation media from SAP Download Center on host, and set Ansible Variable `sap_anydb_install_oracle_extract_path` to this path. + + -### Default Parameters + + -Please check the default parameters file for more information on other parameters that can be used as an input -- [**sap_anydb_install_oracle** default parameters](defaults/main.yml) +## License + +Apache 2.0 + -## Execution +## Maintainers + +- [Sean Freeman](https://github.com/sean-freeman) + -Sample Ansible Playbook Execution: +## Role Variables + +### sap_anydb_install_oracle_prep_reboot_ok -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-anydb-oracle-install.yml -e "@inputs/oracledb.install"` +- _Type:_ `bool` +- _Default:_ `True` -- Target Host Installation - - `ansible-playbook -i "" sap-anydb-oracle-install.yml -e "@inputs/oracledb.install"` +Allows reboot of Managed node after packages are installed during pre-steps tasks. -## Sample playbook +### sap_anydb_install_oracle_prep_fail_if_reboot_required -```yaml ---- -- hosts: all - become: true +- _Type:_ `bool` +- _Default:_ `False` - collections: - - community.sap_install +Enable to fail execution if packages are installed during pre-steps tasks, but you don't want to proceed with reboot. - vars: - sap_anydb_install_oracle_method: minimal - sap_anydb_install_oracle_sid: "OR1" - sap_anydb_install_oracle_base: "/oracle" - sap_anydb_install_oracle_system_password: "Password1%" - sap_anydb_install_oracle_extract_path: "/software/oracledb_extracted" +### sap_anydb_install_oracle_prep_precheck - - name: Execute Ansible Role sap_anydb_install_oracle - include_role: - name: { role: community.sap_install.sap_anydb_install_oracle } -``` +- _Type:_ `bool` +- _Default:_ `False` -## License +Enable to execute installation in Check mode to verify all inputs. This is extra validation and it does not disable installation. + +### sap_anydb_install_oracle_method + +- _Type:_ `string` +- _Default:_ `minimal` + +Select installation method out of available: `minimal` or `responsefile`. + +### sap_anydb_install_oracle_sid: + +- _Type:_ `string` +- _Default:_ `OR1` + +Enter Oracle Database SID. + +### sap_anydb_install_oracle_base + +- _Type:_ `string` +- _Default:_ `/oracle` + +Enter base folder for Oracle Database installation. + +### sap_anydb_install_oracle_filesystem_storage + +- _Type:_ `string` +- _Default:_ `/oradata` + +Enter path for `oracle.install.db.config.starterdb.fileSystemStorage.dataLocation` + +### sap_anydb_install_oracle_inventory_central + +- _Type:_ `string` +- _Default:_ `/oraInventory` + +Enter path for `INVENTORY_LOCATION` + +### sap_anydb_install_oracle_system_password + +- _Type:_ `string` + +Enter password for Oracle SYSTEM user. + +### sap_anydb_install_oracle_extract_path + +- _Type:_ `string` + +Enter path of Installation media, for example: `/software`. + +### sap_anydb_install_oracle_patch_opatch_zip + +- _Type:_ `string` + +Enter name of Oracle opatch file, for example: `OPATCH19P_2308-70004508.ZIP` + +### sap_anydb_install_oracle_patch_sap_zip + +- _Type:_ `string` + +Enter name of Oracle SAP patch file, for example: `SAP19P_2311-70004508.ZIP` -Apache license 2.0 +### sap_anydb_install_oracle_patch_enable -## Author Information +- _Type:_ `bool` +- _Default:_ `False` -Sean Freeman +Enable to allow post-installation patching. + \ No newline at end of file diff --git a/roles/sap_anydb_install_oracle/defaults/main.yml b/roles/sap_anydb_install_oracle/defaults/main.yml index 5090a8267..ef7a5e71c 100644 --- a/roles/sap_anydb_install_oracle/defaults/main.yml +++ b/roles/sap_anydb_install_oracle/defaults/main.yml @@ -1,10 +1,11 @@ +# SPDX-License-Identifier: Apache-2.0 --- -sap_anydb_install_oracle_prep_reboot_ok: yes +sap_anydb_install_oracle_prep_reboot_ok: true -sap_anydb_install_oracle_prep_fail_if_reboot_required: no +sap_anydb_install_oracle_prep_fail_if_reboot_required: false -sap_anydb_install_oracle_prep_precheck: no +sap_anydb_install_oracle_prep_precheck: false # minimal, responsefile sap_anydb_install_oracle_method: minimal diff --git a/roles/sap_anydb_install_oracle/handlers/main.yml b/roles/sap_anydb_install_oracle/handlers/main.yml index 873560edd..c7bf83b9f 100644 --- a/roles/sap_anydb_install_oracle/handlers/main.yml +++ b/roles/sap_anydb_install_oracle/handlers/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # handlers file for sap_anydb_install_oracle diff --git a/roles/sap_anydb_install_oracle/meta/main.yml b/roles/sap_anydb_install_oracle/meta/main.yml index 447bb830f..65a9563d7 100644 --- a/roles/sap_anydb_install_oracle/meta/main.yml +++ b/roles/sap_anydb_install_oracle/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_anydb_install_oracle/tasks/main.yml b/roles/sap_anydb_install_oracle/tasks/main.yml index d591fb8dc..a1512675c 100644 --- a/roles/sap_anydb_install_oracle/tasks/main.yml +++ b/roles/sap_anydb_install_oracle/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Oracle DB - Pre-installation diff --git a/roles/sap_anydb_install_oracle/tasks/oracledb_install_post_mopatch.yml b/roles/sap_anydb_install_oracle/tasks/oracledb_install_post_mopatch.yml index 089f0c957..29352356b 100644 --- a/roles/sap_anydb_install_oracle/tasks/oracledb_install_post_mopatch.yml +++ b/roles/sap_anydb_install_oracle/tasks/oracledb_install_post_mopatch.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Oracle DB Patch - Copy the SBP diff --git a/roles/sap_anydb_install_oracle/tasks/oracledb_install_pre.yml b/roles/sap_anydb_install_oracle/tasks/oracledb_install_pre.yml index b5cabd5b1..97caa405f 100644 --- a/roles/sap_anydb_install_oracle/tasks/oracledb_install_pre.yml +++ b/roles/sap_anydb_install_oracle/tasks/oracledb_install_pre.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # See further: diff --git a/roles/sap_anydb_install_oracle/tasks/oracledb_installer_minimal.yml b/roles/sap_anydb_install_oracle/tasks/oracledb_installer_minimal.yml index 0b22b773b..36a2fb9a1 100644 --- a/roles/sap_anydb_install_oracle/tasks/oracledb_installer_minimal.yml +++ b/roles/sap_anydb_install_oracle/tasks/oracledb_installer_minimal.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Linux User 'oracle' uses C Shell, use setvar diff --git a/roles/sap_anydb_install_oracle/tasks/oracledb_installer_responsefile.yml b/roles/sap_anydb_install_oracle/tasks/oracledb_installer_responsefile.yml index a43f94514..3cf85e2ce 100644 --- a/roles/sap_anydb_install_oracle/tasks/oracledb_installer_responsefile.yml +++ b/roles/sap_anydb_install_oracle/tasks/oracledb_installer_responsefile.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Oracle DB - Process Oracle Response File jina template and create file {{ sap_anydb_install_oracle_base }}/dvd/19.0.0/generated_db_install.rsp diff --git a/roles/sap_general_preconfigure/.yamllint.yml b/roles/sap_general_preconfigure/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_general_preconfigure/.yamllint.yml +++ b/roles/sap_general_preconfigure/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_general_preconfigure/README.md b/roles/sap_general_preconfigure/README.md index 65875d070..3511e61e9 100644 --- a/roles/sap_general_preconfigure/README.md +++ b/roles/sap_general_preconfigure/README.md @@ -1,32 +1,144 @@ + # sap_general_preconfigure Ansible Role + +![Ansible Lint for sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml/badge.svg) -This role installs required packages and performs configuration steps which are required for installing and running SAP NetWeaver or SAP HANA. Specific installation and configuration steps on top of these basic steps are performed with roles sap-netweaver-preconfigure and sap-hana-preconfigure. Future implementations may reduce the scope of this role, for example if certain installation or configuration steps are done in the more specific roles. +## Description + +The Ansible role `sap_general_preconfigure` installs required packages and performs basic OS configuration steps according to applicable SAP notes for installing and running SAP HANA or SAP ABAP Application Platform (formerly known as SAP NetWeaver). -For SLES systems, this role may not be necessary. The majority of SAP preparation and tuning is covered by `saptune` which is configured in the `sap_hana_preconfigure` and `sap_netweaver_preconfigure` roles. +Specific installation and configuration steps then have to be performed with the roles [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) and [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure). + -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -To use this role, your system needs to be installed according to: -- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section "Installing Red Hat Enterprise Linux 7" -- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 8". -- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 9". - -Note ----- -Do not run this role against an SAP or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` +- `community.sap_install` (This collection) + - Roles: + - `sap_maintain_etc_hosts` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + + +## Prerequisites + +(Red Hat specific) Ensure system is installed according to: +- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 8`. +- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 9`. + + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages and patch system if `sap_general_preconfigure_update:true` +3. Apply configurations based on SAP Notes +4. Reboot Managed nodes if packages were installed or patched and `sap_general_preconfigure_reboot_ok: true` + + +### Example + +```yaml +--- +- name: Ansible Play for SAP HANA HA Scale-up preconfigure + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure +``` +Further referenced as `example.yml` + - -## Role Input Parameters + +### Role Tags +With the following tags, the role can be called to perform certain activities only: +- tag `sap_general_preconfigure_installation`: Perform only the installation tasks +- tag `sap_general_preconfigure_configuration`: Perform only the configuration tasks +- tag `sap_general_preconfigure_3108316`: Perform only the tasks(s) related to this SAP note. +- tag `sap_general_preconfigure_2772999_03`: Perform only the tasks(s) related to step 3 of the SAP note. +- tag `sap_general_preconfigure_etc_hosts`: Perform only the tasks(s) related to this step. This step might be one of multiple + configuration activities of a SAP note. Also this step might be valid for multiple RHEL major releases. -#### Minimum required parameters: +
+ How to run sap_general_preconfigure with tags + + #### Perform only installation tasks: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_installation + ``` + + #### Perform only configuration tasks: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration + ``` + + #### Verify and modify /etc/hosts file: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_etc_hosts + ``` + + #### Perform all configuration steps except verifying and modifying the /etc/hosts file + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_etc_hosts + ``` + + #### (Red Hat) Perform configuration activities related to SAP note 3108316 (RHEL 9) + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316 + ``` + + #### (Red Hat) Perform configuration activities related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9) + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316_02 + ``` + + #### (Red Hat) Perform all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific) + ``` + ansible-playbook sap-general-preconfigure.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_3108316_02 + ``` +
+ + + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -This role does not require any parameter to be set in the playbook or inventory. +## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Variables + +### Controlling execution with input parameters +Extended Check (assert) run, aborting for any error which has been found: +```yaml +ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes}" +``` +Extended Check (assert) run, not aborting even if an error has been found: +```yaml +ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes,sap_general_preconfigure_assert_ignore_errors: no}" +``` ### sap_general_preconfigure_config_all - _Type:_ `bool` @@ -72,13 +184,11 @@ This is useful if the role is used for reporting a system's SAP notes compliance ### sap_general_preconfigure_system_roles_collection - _Type:_ `str` - _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
+Available values: +- `fedora.linux_system_roles` - for community/upstream.
+- `redhat.rhel_system_roles` - for the RHEL System Roles for SAP, or for Red Hat Automation Hub.
### sap_general_preconfigure_enable_repos - _Type:_ `bool` @@ -331,125 +441,4 @@ Example: ```yaml sap_general_preconfigure_db_group_name: dba ``` - - - -## Tags (RHEL systems only) - -With the following tags, the role can be called to perform certain activities only: -- tag `sap_general_preconfigure_installation`: Perform only the installation tasks -- tag `sap_general_preconfigure_configuration`: Perform only the configuration tasks -- tag `sap_general_preconfigure_3108316`: Perform only the tasks(s) related to this SAP note. -- tag `sap_general_preconfigure_2772999_03`: Perform only the tasks(s) related to step 3 of the SAP note. -- tag `sap_general_preconfigure_etc_hosts`: Perform only the tasks(s) related to this step. This step might be one of multiple - configuration activities of a SAP note. Also this step might be valid for multiple RHEL major releases. - -Sample call for only performing all installation and configuration tasks (sample playbook name sap.yml, see the next section for -an example). This is the default behavior. If no tag is specified, all installation and configuration tasks are enabled: -``` -# ansible-playbook sap.yml -``` - -Sample call for only performing all installation tasks: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_installation -``` - -Sample call for only performing all configuration tasks: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration -``` - -Sample call for only verifying and modifying the /etc/hosts file: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_etc_hosts -``` - -Sample call for performing all configuration steps except verifying and modifying the /etc/hosts file: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_etc_hosts -``` - -Sample call for only performing the configuration activities related to SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316 -``` - -Sample call for performing all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -Sample call for only performing the configuration activities related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316_02 -``` - -Sample call for performing all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap-general-preconfigure.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_3108316_02 -``` - -## Dependencies - -This role does not depend on any other role. - -## Example Playbook - -Simple playbook, named sap.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure -``` - -## Example Usage - -Normal run: -```yaml -ansible-playbook sap.yml -l remote_host -``` - -Extended Check (assert) run, aborting for any error which has been found: -```yaml -ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes}" -``` - -Extended Check (assert) run, not aborting even if an error has been found: -```yaml -ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: no}" -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## License - -Apache license 2.0 - -## Author Information - -Red Hat for SAP Community of Practice, Bernd Finger, Markus Koch, Rainer Leber + \ No newline at end of file diff --git a/roles/sap_general_preconfigure/defaults/main.yml b/roles/sap_general_preconfigure/defaults/main.yml index c7f353c3a..5cef8b737 100644 --- a/roles/sap_general_preconfigure/defaults/main.yml +++ b/roles/sap_general_preconfigure/defaults/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # BEGIN: Default Variables for sap_general_preconfigure @@ -145,6 +146,10 @@ sap_general_preconfigure_kernel_parameters: "{{ __sap_general_preconfigure_kerne sap_general_preconfigure_max_hostname_length: '13' # The maximum length of the hostname. See SAP note 611361. +sap_general_preconfigure_ignore_dns_failures: true +# Set to `false` for failing the role if one of the DNS name resolution check fails. The default is to +# report such errors and continue running the role. + # If "global" variables are set, use those. If not, default to the values from gather_facts: sap_general_preconfigure_ip: "{{ sap_ip | d(ansible_default_ipv4.address) }}" # The IPV4 address to be used for updating or checking `/etc/hosts` entries. diff --git a/roles/sap_general_preconfigure/handlers/main.yml b/roles/sap_general_preconfigure/handlers/main.yml index 533d3f49a..e54f6dd56 100644 --- a/roles/sap_general_preconfigure/handlers/main.yml +++ b/roles/sap_general_preconfigure/handlers/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # handlers file for sap_general_preconfigure @@ -8,6 +9,18 @@ when: - sap_general_preconfigure_reboot_ok|d(false) +# Kernel update triggers zypper purge-kernels and lock after reboot. +- name: Wait for Zypper lock to be released + ansible.builtin.command: + cmd: zypper info zypper + retries: 60 + timeout: 5 + listen: __sap_general_preconfigure_reboot_handler + when: + - ansible_os_family == 'Suse' + - sap_general_preconfigure_reboot_ok | d(false) + changed_when: false + - name: Let the role fail if a reboot is required ansible.builtin.fail: msg: Reboot is required! @@ -30,6 +43,7 @@ - name: Remount /dev/shm # noqa command-instead-of-module no-changed-when ansible.builtin.command: mount -o remount /dev/shm listen: __sap_general_preconfigure_mount_tmpfs_handler + tags: molecule-idempotence-notest - name: Check if /dev/shm is available ansible.builtin.command: df -h /dev/shm diff --git a/roles/sap_general_preconfigure/meta/argument_specs.yml b/roles/sap_general_preconfigure/meta/argument_specs.yml index 6ee5fa23d..aaf3cf4a1 100644 --- a/roles/sap_general_preconfigure/meta/argument_specs.yml +++ b/roles/sap_general_preconfigure/meta/argument_specs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requires: ansible 2.11 # Argument specifications in this separate file maintain backwards compatibility. diff --git a/roles/sap_general_preconfigure/meta/collection-requirements.yml b/roles/sap_general_preconfigure/meta/collection-requirements.yml index 0a4e50f46..a1227178d 100644 --- a/roles/sap_general_preconfigure/meta/collection-requirements.yml +++ b/roles/sap_general_preconfigure/meta/collection-requirements.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- collections: diff --git a/roles/sap_general_preconfigure/meta/main.yml b/roles/sap_general_preconfigure/meta/main.yml index d7342621f..f117d3a1e 100644 --- a/roles/sap_general_preconfigure/meta/main.yml +++ b/roles/sap_general_preconfigure/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_general_preconfigure/tasks/RedHat/assert-configuration.yml b/roles/sap_general_preconfigure/tasks/RedHat/assert-configuration.yml index 1116afc6b..ff021f3a7 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/assert-configuration.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/assert-configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - List required SAP Notes diff --git a/roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml b/roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml index a08b3e47a..135c2ccd4 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Check enabled repos diff --git a/roles/sap_general_preconfigure/tasks/RedHat/configuration.yml b/roles/sap_general_preconfigure/tasks/RedHat/configuration.yml index 108af000f..3d5f80448 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/configuration.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - List required SAP Notes diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml index d0815faba..091a538d1 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that the DNS domain is set diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml index 93e602ead..282226b8b 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Display host and domain name, and IP address diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml index 5fc5cbd3d..4b0a0de8d 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Note: firewalld is not contained in ansible_facts.services. diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml index 38e843517..83ff80aa2 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Check if hostname is set diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml index c87db29b0..a5d2fa4b5 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # loop block for sapnote/RedHat/generic/assert-kernel-parameters.yml diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters.yml index a6d2f49b0..72f59f782 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Get info about file {{ sap_general_preconfigure_etc_sysctl_sap_conf }} diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-limits-conf-file.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-limits-conf-file.yml index 612edc4ce..309a66b0a 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-limits-conf-file.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-limits-conf-file.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Get info about file /etc/security/limits.d/99-sap.conf diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml index 6d549b96d..ef40e8843 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Check if the hard limit of nofile for group sapsys is 1048576 diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml index 0a24bcd15..db05b0f1d 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Check if the hard limit of nproc for group sapsys is unlimited diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml index bf9cf759a..36e1c0c7d 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Get info about file '/etc/selinux/config' diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-systemd-tmpfiles.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-systemd-tmpfiles.yml index 4c0b69601..f35531033 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-systemd-tmpfiles.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-systemd-tmpfiles.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Get info about file /etc/tmpfiles.d/sap.conf diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml index 81e5e175c..290c9814c 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Check the size of tmpfs diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml index cd78d9b42..51e462356 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that uuidd.service exists diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/check-dns-name-resolution.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/check-dns-name-resolution.yml index 562f8d16c..8abf1fc55 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/check-dns-name-resolution.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/check-dns-name-resolution.yml @@ -1,17 +1,24 @@ +# SPDX-License-Identifier: Apache-2.0 --- -- name: Check dns forwarding settings +- name: "Verify the correct DNS hostname to IP address resolution (A record)" ansible.builtin.shell: test "$(dig {{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }} +short)" = "{{ sap_general_preconfigure_ip }}" changed_when: false - ignore_errors: true + register: __sap_general_preconfigure_register_dns_test_a + failed_when: __sap_general_preconfigure_register_dns_test_a.rc != 0 + ignore_errors: "{{ sap_general_preconfigure_ignore_dns_failures | d(true) }}" -### BUG: dig does not use search path in resolv.con on PPCle -- name: Check resolv.conf settings +### BUG: dig does not use search path in resolv.conf on PPCle +- name: "Verify the correct DNS hostname to IP address resolution (A record) using hostname and search list" ansible.builtin.shell: test "$(dig {{ sap_general_preconfigure_hostname }} +search +short)" = "{{ sap_general_preconfigure_ip }}" changed_when: false - ignore_errors: true + register: __sap_general_preconfigure_register_dns_test_searchlist + failed_when: __sap_general_preconfigure_register_dns_test_searchlist.rc != 0 + ignore_errors: "{{ sap_general_preconfigure_ignore_dns_failures | d(true) }}" -- name: Check dns reverse settings +- name: "Verify the correct DNS IP address to FQDN resolution (PTR record)" ansible.builtin.shell: test "$(dig -x {{ sap_general_preconfigure_ip }} +short)" = "{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}." changed_when: false - ignore_errors: true + register: __sap_general_preconfigure_register_dns_test_ptr + failed_when: __sap_general_preconfigure_register_dns_test_ptr.rc != 0 + ignore_errors: "{{ sap_general_preconfigure_ignore_dns_failures | d(true) }}" diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml index 1c333e1bd..1b517f915 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Display host and domain name, and IP address before the modification diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml index fc6cda109..643b39689 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Stop and disable service firewalld diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-hostname.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-hostname.yml index 3bb041928..23e68e64d 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-hostname.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-hostname.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # The hostname module fails if it is run from an initrc_t context diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml index 192d90042..f498cdce8 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Set kernel parameters @@ -12,11 +13,25 @@ loop_control: loop_var: line_item +# Note: The sole purpose of the following two tasks is to collect the current value(s) of the kernel parameters +# in sap_general_preconfigure_etc_sysctl_sap_conf so that the "Reload kernel parameters from file ..." task +# can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . +- name: Construct the command for getting all current parameters of file '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" + register: __sap_general_preconfigure_register_sap_conf_sysctl_command + changed_when: false + +# Reason for noqa: The command module tries to run the complete string as a single command +- name: Get all currently active values of the parameters of file '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' # noqa command-instead-of-shell + ansible.builtin.shell: "{{ __sap_general_preconfigure_register_sap_conf_sysctl_command.stdout }}" + register: __sap_general_preconfigure_register_sap_conf_sysctl_p_output_old + changed_when: false + - name: Reload kernel parameters from file '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' ansible.builtin.command: sysctl -p "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" - register: __sap_general_preconfigure_register_sap_conf_sysctl_p_output - changed_when: true + register: __sap_general_preconfigure_register_sap_conf_sysctl_p_output_new + changed_when: __sap_general_preconfigure_register_sap_conf_sysctl_p_output_old.stdout != __sap_general_preconfigure_register_sap_conf_sysctl_p_output_new.stdout - name: Display kernel parameters after setting kernel.pid_max ansible.builtin.debug: - var: __sap_general_preconfigure_register_sap_conf_sysctl_p_output.stdout_lines + var: __sap_general_preconfigure_register_sap_conf_sysctl_p_output_new.stdout_lines diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-selinux.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-selinux.yml index 81592887c..d39c1883e 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-selinux.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Set SELinux state to '{{ sap_general_preconfigure_selinux_state }}' in /etc/selinux/config diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-systemd-tmpfiles.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-systemd-tmpfiles.yml index 3c81e526f..750d1e962 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-systemd-tmpfiles.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-systemd-tmpfiles.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Copy file /etc/tmpfiles.d/sap.conf, RHEL 7 or 8 diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-tmpfs.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-tmpfs.yml index ebda944a4..1f7197b13 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-tmpfs.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-tmpfs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure tmpfs in /etc/fstab diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-uuidd.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-uuidd.yml index 16e3dbc0d..4e3e6cf70 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-uuidd.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-uuidd.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Enable and start service uuidd diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nofile-limits.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nofile-limits.yml index 43788f3e5..350d64056 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nofile-limits.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nofile-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reasons for noqa: 1. Tabs can increase readability; @@ -8,7 +9,7 @@ ansible.builtin.lineinfile: path: /etc/security/limits.d/99-sap.conf create: yes - mode: 0644 + mode: "0644" regexp: '^@sapsys\s+{{ line_item }}\s+nofile\s.*' line: "@sapsys\t{{ line_item }}\tnofile\t1048576" with_items: @@ -25,7 +26,7 @@ ansible.builtin.lineinfile: path: /etc/security/limits.d/99-sap.conf create: yes - mode: 0644 + mode: "0644" regexp: '^@{{ sap_general_preconfigure_db_group_name }}\s+{{ line_item }}\s+nofile\s.*' line: "@{{ sap_general_preconfigure_db_group_name }}\t{{ line_item }}\tnofile\t1048576" with_items: diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nproc-limits.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nproc-limits.yml index 81537d6ce..fa62cd8c7 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nproc-limits.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nproc-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reasons for noqa: 1. Tabs can increase readability; @@ -8,7 +9,7 @@ ansible.builtin.lineinfile: path: /etc/security/limits.d/99-sap.conf create: yes - mode: 0644 + mode: "0644" regexp: '^@sapsys\s+{{ line_item }}\s+nproc\s.*' line: "@sapsys\t{{ line_item }}\tnproc\tunlimited" with_items: @@ -25,7 +26,7 @@ ansible.builtin.lineinfile: path: /etc/security/limits.d/99-sap.conf create: yes - mode: 0644 + mode: "0644" regexp: '^@{{ sap_general_preconfigure_db_group_name }}\s+{{ line_item }}\s+nproc\s.*' line: "@{{ sap_general_preconfigure_db_group_name }}\t{{ line_item }}\tnproc\tunlimited" with_items: diff --git a/roles/sap_general_preconfigure/tasks/RedHat/installation.yml b/roles/sap_general_preconfigure/tasks/RedHat/installation.yml index 79fd9eeec..73bc2f490 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/installation.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Perform steps for enabling required repos @@ -73,6 +74,7 @@ # and then having to compare the output against the list of desired repos - name: Run the subscription-manager command # noqa no-changed-when ansible.builtin.command: "{{ __sap_general_preconfigure_fact_subscription_manager_command }}" + tags: molecule-idempotence-notest # Reason for noqa: We need the output of the yum command - name: Get list of enabled repositories @@ -103,6 +105,7 @@ when: - sap_general_preconfigure_set_minor_release - __sap_general_preconfigure_register_subscription_manager_release.stdout != ansible_distribution_version + tags: molecule-idempotence-notest - name: Ensure that the required package groups are installed, RHEL except 8.1 ansible.builtin.package: @@ -119,6 +122,7 @@ ansible.builtin.command: "yum install {{ sap_general_preconfigure_packagegroups | join(' ') }} --nobest --exclude=kernel* -y" register: __sap_general_preconfigure_register_yum_group_install when: ansible_distribution_version == '8.1' + tags: molecule-idempotence-notest # possible replacement once we no longer need Ansible 2.9 compatibility: #- name: Ensure that the required package groups are installed, RHEL 8 and 9 @@ -279,5 +283,5 @@ - name: Call Reboot handler if necessary ansible.builtin.command: /bin/true notify: __sap_general_preconfigure_reboot_handler - changed_when: false + changed_when: true when: __sap_general_preconfigure_register_needs_restarting is failed diff --git a/roles/sap_general_preconfigure/tasks/SLES/assert-configuration.yml b/roles/sap_general_preconfigure/tasks/SLES/assert-configuration.yml index dc12b02a3..d4e8b9341 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/assert-configuration.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/assert-configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - List required SAP Notes diff --git a/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml b/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml index 4b5e489e2..ecf4468e5 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that all required packages are installed diff --git a/roles/sap_general_preconfigure/tasks/SLES/configuration.yml b/roles/sap_general_preconfigure/tasks/SLES/configuration.yml index 8537434db..cde628b48 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/configuration.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - List required SAP Notes diff --git a/roles/sap_general_preconfigure/tasks/SLES/installation.yml b/roles/sap_general_preconfigure/tasks/SLES/installation.yml index 5f78c2e5d..047d2337c 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Ensure that the required packages are installed @@ -99,5 +100,5 @@ - name: Call Reboot handler if necessary ansible.builtin.command: /bin/true notify: __sap_general_preconfigure_reboot_handler - changed_when: false + changed_when: true when: __sap_general_preconfigure_register_needs_restarting is failed diff --git a/roles/sap_general_preconfigure/tasks/main.yml b/roles/sap_general_preconfigure/tasks/main.yml index d9474cf63..5682a761f 100644 --- a/roles/sap_general_preconfigure/tasks/main.yml +++ b/roles/sap_general_preconfigure/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Display the role path diff --git a/roles/sap_general_preconfigure/tasks/sapnote/0941735.yml b/roles/sap_general_preconfigure/tasks/sapnote/0941735.yml index 94f6cb0e4..07a716c03 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/0941735.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/0941735.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Configure tmpfs diff --git a/roles/sap_general_preconfigure/tasks/sapnote/1391070.yml b/roles/sap_general_preconfigure/tasks/sapnote/1391070.yml index 4d040f23e..6a38bcce2 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/1391070.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/1391070.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Linux-UUID-solutions diff --git a/roles/sap_general_preconfigure/tasks/sapnote/1771258.yml b/roles/sap_general_preconfigure/tasks/sapnote/1771258.yml index d392e9b9a..e09e6d758 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/1771258.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/1771258.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Set nofile diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167.yml index b067cfc15..57688d312 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Display SAP note number 2002167 and its version diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-assert-configuration-changes.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-assert-configuration-changes.yml index 2c75cd689..deadda0ac 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-assert-configuration-changes.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-assert-configuration-changes.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2002167-2a diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-configuration-changes.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-configuration-changes.yml index ce5876fbe..88ac5b2cf 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-configuration-changes.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-configuration-changes.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2002167-2a diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-assert-setting-the-hostname.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-assert-setting-the-hostname.yml index 243080ea0..80ee9a327 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-assert-setting-the-hostname.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-assert-setting-the-hostname.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2002167-3 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-setting-the-hostname.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-setting-the-hostname.yml index 67d3659f8..9e96a2657 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-setting-the-hostname.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-setting-the-hostname.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2002167-3 @@ -15,7 +16,7 @@ - name: Import role sap_maintain_etc_hosts ansible.builtin.import_role: - name: sap_maintain_etc_hosts + name: 'community.sap_install.sap_maintain_etc_hosts' vars: sap_maintain_etc_hosts_list: - node_ip: "{{ sap_general_preconfigure_ip }}" diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-assert-linux-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-assert-linux-kernel-parameters.yml index ce765cb33..409dff69d 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-assert-linux-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-assert-linux-kernel-parameters.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2002167-4 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-linux-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-linux-kernel-parameters.yml index e02ad0179..0993f7cc8 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-linux-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-linux-kernel-parameters.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2002167-4 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-assert-process-resource-limits.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-assert-process-resource-limits.yml index 0771eec83..f0e386856 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-assert-process-resource-limits.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-assert-process-resource-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2002167-5 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-process-resource-limits.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-process-resource-limits.yml index 069b2dac7..f2f6d98e6 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-process-resource-limits.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-process-resource-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2002167-5 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-additional-notes-for-installing-sap-systems.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-additional-notes-for-installing-sap-systems.yml index 514748cfe..91e333368 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-additional-notes-for-installing-sap-systems.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-additional-notes-for-installing-sap-systems.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2002167-6 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-assert-additional-notes-for-installing-sap-systems.yml b/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-assert-additional-notes-for-installing-sap-systems.yml index afb8d04e4..295070eb8 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-assert-additional-notes-for-installing-sap-systems.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-assert-additional-notes-for-installing-sap-systems.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2002167-6 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999.yml index 45f614357..12907e391 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Display SAP note number 2772999 and its version diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-assert-selinux.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-assert-selinux.yml index e0802a6e1..003d1925d 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-assert-selinux.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-assert-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-2 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-configure-selinux.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-configure-selinux.yml index 5cf270376..f268b1465 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-configure-selinux.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-configure-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-2 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-assert-hostname.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-assert-hostname.yml index 723f623b7..e8df9f661 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-assert-hostname.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-assert-hostname.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-3 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-configure-hostname.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-configure-hostname.yml index 111821324..1a22f7c6b 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-configure-hostname.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-configure-hostname.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-3 @@ -15,7 +16,7 @@ - name: Import role sap_maintain_etc_hosts ansible.builtin.import_role: - name: sap_maintain_etc_hosts + name: 'community.sap_install.sap_maintain_etc_hosts' vars: sap_maintain_etc_hosts_list: - node_ip: "{{ sap_general_preconfigure_ip }}" diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-assert-network-time-and-date.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-assert-network-time-and-date.yml index 611771f0a..b23b7ca93 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-assert-network-time-and-date.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-assert-network-time-and-date.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-4 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-configure-network-time-and-date.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-configure-network-time-and-date.yml index f2ed23418..e796f0e47 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-configure-network-time-and-date.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-configure-network-time-and-date.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-4 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-assert-firewall.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-assert-firewall.yml index 9f8caf2ef..bc8bcb2ad 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-assert-firewall.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-assert-firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-5 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-configure-firewall.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-configure-firewall.yml index 0fbc7d4d2..ad87f56e2 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-configure-firewall.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-configure-firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-5 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-assert-uuidd.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-assert-uuidd.yml index 2d7512237..8c0d77080 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-assert-uuidd.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-assert-uuidd.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-6 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-configure-uuidd.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-configure-uuidd.yml index ba37631ed..b0006b96b 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-configure-uuidd.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-configure-uuidd.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-6 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-assert-tmpfs.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-assert-tmpfs.yml index d6159ecaf..591f2ee62 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-assert-tmpfs.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-assert-tmpfs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-7 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-configure-tmpfs.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-configure-tmpfs.yml index b6de1449f..fb1df10fa 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-configure-tmpfs.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-configure-tmpfs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-7 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-assert-linux-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-assert-linux-kernel-parameters.yml index 30384384e..0127891c5 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-assert-linux-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-assert-linux-kernel-parameters.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-8 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-configure-linux-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-configure-linux-kernel-parameters.yml index 5f2c0be03..c7a62607b 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-configure-linux-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-configure-linux-kernel-parameters.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-8 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-assert-process-resource-limits.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-assert-process-resource-limits.yml index c50358cd0..c5c30579f 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-assert-process-resource-limits.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-assert-process-resource-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-9 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-configure-process-resource-limits.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-configure-process-resource-limits.yml index ac4dc7692..6c57c33e2 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-configure-process-resource-limits.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-configure-process-resource-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-9 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-assert-systemd-tmpfiles.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-assert-systemd-tmpfiles.yml index a067c5654..5543e8305 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-assert-systemd-tmpfiles.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-assert-systemd-tmpfiles.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2772999-10 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-configure-systemd-tmpfiles.yml b/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-configure-systemd-tmpfiles.yml index b5fe023fa..a0299bdc4 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-configure-systemd-tmpfiles.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-configure-systemd-tmpfiles.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2772999-10 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316.yml index 18e94b534..54595601f 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Display SAP note number 3108316 and its version diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-assert-selinux.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-assert-selinux.yml index 4bbb28495..7782afee4 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-assert-selinux.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-assert-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-2 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-configure-selinux.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-configure-selinux.yml index da03345e5..8bf1b2342 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-configure-selinux.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-configure-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-2 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-assert-hostname.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-assert-hostname.yml index 21a437d8f..b83b7a146 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-assert-hostname.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-assert-hostname.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-3 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-configure-hostname.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-configure-hostname.yml index 891888978..fab19c6b6 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-configure-hostname.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-configure-hostname.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-3 @@ -15,7 +16,7 @@ - name: Import role sap_maintain_etc_hosts ansible.builtin.import_role: - name: sap_maintain_etc_hosts + name: 'community.sap_install.sap_maintain_etc_hosts' vars: sap_maintain_etc_hosts_list: - node_ip: "{{ sap_general_preconfigure_ip }}" diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-assert-network-time-and-date.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-assert-network-time-and-date.yml index d773c14c2..4113c99ea 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-assert-network-time-and-date.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-assert-network-time-and-date.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-4 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-configure-network-time-and-date.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-configure-network-time-and-date.yml index c175f1573..7bfb16d8b 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-configure-network-time-and-date.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-configure-network-time-and-date.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-4 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-assert-firewall.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-assert-firewall.yml index 097978f1a..74dd36c79 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-assert-firewall.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-assert-firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-5 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-configure-firewall.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-configure-firewall.yml index a97c67a9c..e69ab95d5 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-configure-firewall.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-configure-firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-5 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-assert-uuidd.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-assert-uuidd.yml index e5271b176..e1fb78b88 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-assert-uuidd.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-assert-uuidd.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-6 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-configure-uuidd.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-configure-uuidd.yml index b805561d0..30be6c160 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-configure-uuidd.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-configure-uuidd.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-6 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-assert-tmpfs.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-assert-tmpfs.yml index 4b8fca006..f64c621f6 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-assert-tmpfs.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-assert-tmpfs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-7 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-configure-tmpfs.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-configure-tmpfs.yml index f07c4081c..44f130211 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-configure-tmpfs.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-configure-tmpfs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-7 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-assert-linux-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-assert-linux-kernel-parameters.yml index 46be59030..7160b861e 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-assert-linux-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-assert-linux-kernel-parameters.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-8 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-configure-linux-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-configure-linux-kernel-parameters.yml index 42a4b2415..b07996fc6 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-configure-linux-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-configure-linux-kernel-parameters.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-8 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-assert-process-resource-limits.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-assert-process-resource-limits.yml index 75f60ddb7..2f31d63de 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-assert-process-resource-limits.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-assert-process-resource-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-9 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-configure-process-resource-limits.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-configure-process-resource-limits.yml index 0a57b7009..5512d2ac5 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-configure-process-resource-limits.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-configure-process-resource-limits.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-9 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-assert-systemd-tmpfiles.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-assert-systemd-tmpfiles.yml index 5371d376a..4a56c51e7 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-assert-systemd-tmpfiles.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-assert-systemd-tmpfiles.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108316-10 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-configure-systemd-tmpfiles.yml b/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-configure-systemd-tmpfiles.yml index 3fa4076a3..41de6a789 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-configure-systemd-tmpfiles.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-configure-systemd-tmpfiles.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108316-10 diff --git a/roles/sap_general_preconfigure/tasks/sapnote/assert-0941735.yml b/roles/sap_general_preconfigure/tasks/sapnote/assert-0941735.yml index 895d68a87..8c8a501a9 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/assert-0941735.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/assert-0941735.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Configure tmpfs diff --git a/roles/sap_general_preconfigure/tasks/sapnote/assert-1391070.yml b/roles/sap_general_preconfigure/tasks/sapnote/assert-1391070.yml index f055f862c..217c1dfa1 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/assert-1391070.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/assert-1391070.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Linux-UUID-solutions diff --git a/roles/sap_general_preconfigure/tasks/sapnote/assert-1771258.yml b/roles/sap_general_preconfigure/tasks/sapnote/assert-1771258.yml index 0a6a2be54..f0ed30947 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/assert-1771258.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/assert-1771258.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Configure tmpfs diff --git a/roles/sap_general_preconfigure/tasks/sapnote/assert-2002167.yml b/roles/sap_general_preconfigure/tasks/sapnote/assert-2002167.yml index 12040584c..06db42faa 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/assert-2002167.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/assert-2002167.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Display SAP note number 2002167 and its version diff --git a/roles/sap_general_preconfigure/tasks/sapnote/assert-2772999.yml b/roles/sap_general_preconfigure/tasks/sapnote/assert-2772999.yml index 504404264..9034b2758 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/assert-2772999.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/assert-2772999.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Display SAP note number 2772999 and its version diff --git a/roles/sap_general_preconfigure/tasks/sapnote/assert-3108316.yml b/roles/sap_general_preconfigure/tasks/sapnote/assert-3108316.yml index b80204cd2..951ea6e69 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/assert-3108316.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/assert-3108316.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Display SAP note number 3108316 and its version diff --git a/roles/sap_general_preconfigure/tests/sap_general_preconfigure-default-settings.yml b/roles/sap_general_preconfigure/tests/sap_general_preconfigure-default-settings.yml index a3c320b23..4802f0f19 100644 --- a/roles/sap_general_preconfigure/tests/sap_general_preconfigure-default-settings.yml +++ b/roles/sap_general_preconfigure/tests/sap_general_preconfigure-default-settings.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - hosts: all collections: diff --git a/roles/sap_general_preconfigure/vars/RedHat_7.yml b/roles/sap_general_preconfigure/vars/RedHat_7.yml index 429c2ff39..76f8dc464 100644 --- a/roles/sap_general_preconfigure/vars/RedHat_7.yml +++ b/roles/sap_general_preconfigure/vars/RedHat_7.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_general_preconfigure diff --git a/roles/sap_general_preconfigure/vars/RedHat_8.0.yml b/roles/sap_general_preconfigure/vars/RedHat_8.0.yml index b04e188b8..0f952dcd1 100644 --- a/roles/sap_general_preconfigure/vars/RedHat_8.0.yml +++ b/roles/sap_general_preconfigure/vars/RedHat_8.0.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_general_preconfigure diff --git a/roles/sap_general_preconfigure/vars/RedHat_8.1.yml b/roles/sap_general_preconfigure/vars/RedHat_8.1.yml index a665d8d78..3ffd289a8 100644 --- a/roles/sap_general_preconfigure/vars/RedHat_8.1.yml +++ b/roles/sap_general_preconfigure/vars/RedHat_8.1.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_general_preconfigure diff --git a/roles/sap_general_preconfigure/vars/RedHat_8.2.yml b/roles/sap_general_preconfigure/vars/RedHat_8.2.yml index 61453a3b8..e47d88065 100644 --- a/roles/sap_general_preconfigure/vars/RedHat_8.2.yml +++ b/roles/sap_general_preconfigure/vars/RedHat_8.2.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_general_preconfigure diff --git a/roles/sap_general_preconfigure/vars/RedHat_8.yml b/roles/sap_general_preconfigure/vars/RedHat_8.yml index 416cef098..aa05e96dd 100644 --- a/roles/sap_general_preconfigure/vars/RedHat_8.yml +++ b/roles/sap_general_preconfigure/vars/RedHat_8.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_general_preconfigure diff --git a/roles/sap_general_preconfigure/vars/RedHat_9.yml b/roles/sap_general_preconfigure/vars/RedHat_9.yml index ca0d473b7..9f22fefe0 100644 --- a/roles/sap_general_preconfigure/vars/RedHat_9.yml +++ b/roles/sap_general_preconfigure/vars/RedHat_9.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_general_preconfigure diff --git a/roles/sap_general_preconfigure/vars/SLES_15.yml b/roles/sap_general_preconfigure/vars/SLES_15.yml index cc3c2793b..b6b7f7bf0 100644 --- a/roles/sap_general_preconfigure/vars/SLES_15.yml +++ b/roles/sap_general_preconfigure/vars/SLES_15.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- __sap_general_preconfigure_sapnotes_versions: - '' diff --git a/roles/sap_general_preconfigure/vars/main.yml b/roles/sap_general_preconfigure/vars/main.yml index f3d4ba772..b0c25a8ec 100644 --- a/roles/sap_general_preconfigure/vars/main.yml +++ b/roles/sap_general_preconfigure/vars/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # dummy entries for passing the arg spec validation: diff --git a/roles/sap_ha_install_anydb_ibmdb2/.ansible-lint b/roles/sap_ha_install_anydb_ibmdb2/.ansible-lint new file mode 100644 index 000000000..63122b8f9 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/.ansible-lint @@ -0,0 +1,7 @@ +--- +enable_list: + - yaml +skip_list: + - ignore-errors # We use ignore_errors for all the assert tasks, which should be acceptable + - schema # We want to allow single digit version numbers in a role's meta/main.yml file. This is allowed as per https://galaxy.ansible.com/docs/contributing/creating_role.html and https://galaxy.ansible.com/api/v1/platforms/?page=6. + - name[template] # Allow templating inside name. During dev and qa, it should be possible to identify cases where it doesn't work diff --git a/roles/sap_ha_install_anydb_ibmdb2/.yamllint.yml b/roles/sap_ha_install_anydb_ibmdb2/.yamllint.yml new file mode 100644 index 000000000..ee4457cfd --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/.yamllint.yml @@ -0,0 +1,27 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# Based on ansible-lint config +extends: default + +rules: + braces: {max-spaces-inside: 1, level: error} + brackets: {max-spaces-inside: 1, level: error} +# colons: {max-spaces-after: -1, level: error} +# commas: {max-spaces-after: -1, level: error} + comments: + require-starting-space: false + min-spaces-from-content: 1 + comments-indentation: disable +# document-start: disable +# empty-lines: {max: 3, level: error} +# hyphens: {level: error} +# indentation: disable +# key-duplicates: enable + line-length: disable +# new-line-at-end-of-file: disable +# new-lines: {type: unix} +# trailing-spaces: disable + truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_ha_install_anydb_ibmdb2/README.md b/roles/sap_ha_install_anydb_ibmdb2/README.md new file mode 100644 index 000000000..92e604b03 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/README.md @@ -0,0 +1,111 @@ +`EXPERIMENTAL` + +# sap_ha_install_anydb_ibmdb2 Ansible Role + + +## Description + +The Ansible Role for instantiation of IBM Db2 'Integrated Linux Pacemaker' HADR cluster. + +**NOTE:** IBM Db2 with 'Integrated Linux Pacemaker' can use two deployment models: +- Mutual Failover option, **not** covered by this Ansible Role +- High Availability and Disaster Recovery (HADR) option for Idle Standby, initialized by this Ansible Role + + + + + + +## Prerequisites +Managed nodes: +- Directory with installation media is present and `sap_ha_install_anydb_ibmdb2_software_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. + +Software compatibility: +- This Ansible Role is applicable to IBM Db2 11.5 certified for SAP. +- It is applicable to 11.5.9 and later, which provides `db2cm` binary compatibility for AWS, GCP and MS Azure. + + +## Execution + +### Supported Platforms +| Platform | Status | Notes | +| -------- | --------- | --------- | +| AWS EC2 Virtual Servers | :heavy_check_mark: | | +| Google Cloud Compute Engine Virtual Machine | :heavy_check_mark: | | +| Microsoft Azure Virtual Machines | :heavy_check_mark: | | +| IBM Cloud Virtual Server | :heavy_check_mark: | | + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Detect target infrastructure platform. +3. Execute platform specific configuration. +4. Instantiate IBM Db2 'Integrated Linux Pacemaker' HADR cluster. + + +### Example + +```yaml +--- +- name: Ansible Play for IBM Db2 Database installation + hosts: db2_host + become: true + tasks: + - name: Execute Ansible Role sap_ha_install_anydb_ibmdb2 + ansible.builtin.include_role: + name: community.sap_install.sap_ha_install_anydb_ibmdb2 + vars: + sap_ha_install_anydb_ibmdb2_sid: SD1 # Sandbox Database for D01 SAP System + sap_ha_install_anydb_ibmdb2_hostname_primary: db2-p + sap_ha_install_anydb_ibmdb2_hostname_secondary: db2-s + sap_ha_install_anydb_ibmdb2_software_directory: /software/ibmdb2_extracted +``` + + + + + + + + +## License + +Apache 2.0 + + +## Maintainers + +- [Sean Freeman](https://github.com/sean-freeman) + + +## Role Variables + +### sap_ha_install_anydb_ibmdb2_hostname_primary + +- _Type:_ `string` + +Enter IBM Db2 Primary node hostname + + +### sap_ha_install_anydb_ibmdb2_hostname_secondary + +- _Type:_ `string` + +Enter IBM Db2 Secondary node hostname + +### sap_ha_install_anydb_ibmdb2_sid + +- _Type:_ `string` + +Enter IBM Db2 System ID + +### sap_ha_install_anydb_ibmdb2_software_directory + +- _Type:_ `string` + +Enter IBM Db2 installation media path + \ No newline at end of file diff --git a/roles/sap_ha_install_anydb_ibmdb2/defaults/main.yml b/roles/sap_ha_install_anydb_ibmdb2/defaults/main.yml new file mode 100644 index 000000000..6ab2da107 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/defaults/main.yml @@ -0,0 +1,29 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +sap_ha_install_anydb_ibmdb2_sid: + +sap_ha_install_anydb_ibmdb2_hostname_primary: +sap_ha_install_anydb_ibmdb2_hostname_secondary: + +sap_ha_install_anydb_ibmdb2_software_directory: + + +sap_ha_install_anydb_ibmdb2_vip_primary_ip_address: + +sap_ha_install_anydb_ibmdb2_aws_access_key_id: +sap_ha_install_anydb_ibmdb2_aws_secret_access_key: +sap_ha_install_anydb_ibmdb2_aws_vip_update_rt: + +sap_ha_install_anydb_ibmdb2_msazure_tenant_id: +sap_ha_install_anydb_ibmdb2_msazure_app_client_id: +sap_ha_install_anydb_ibmdb2_msazure_app_client_secret: +sap_ha_install_anydb_ibmdb2_msazure_lb_health_check_port: 62700 + +sap_ha_install_anydb_ibmdb2_gcp_credentials_json_file: +sap_ha_install_anydb_ibmdb2_gcp_project: +sap_ha_install_anydb_ibmdb2_gcp_lb_health_check_port: 62700 + +sap_ha_install_anydb_ibmdb2_ibmcloud_api_key: +sap_ha_install_anydb_ibmdb2_ibmcloud_region: +sap_ha_install_anydb_ibmdb2_ibmcloud_health_check_port: 62700 diff --git a/roles/sap_ha_install_anydb_ibmdb2/handlers/main.yml b/roles/sap_ha_install_anydb_ibmdb2/handlers/main.yml new file mode 100644 index 000000000..22db7dda0 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/handlers/main.yml @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +- name: "Reload systemd daemon" + ansible.builtin.systemd_service: + daemon_reload: true + listen: "systemd daemon-reload" diff --git a/roles/sap_ha_install_anydb_ibmdb2/meta/main.yml b/roles/sap_ha_install_anydb_ibmdb2/meta/main.yml new file mode 100644 index 000000000..7c4f849fb --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/meta/main.yml @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +galaxy_info: + namespace: community + author: Sean Freeman + description: HA for SAP AnyDB - IBM Db2 + company: Red Hat, Inc. + license: Apache-2.0 + min_ansible_version: 2.9 + platforms: + - name: EL + versions: [ 8, 9 ] + galaxy_tags: [ 'sap', 'anydb', 'ibmdb2', 'ibm', 'db2', 'rhel', 'redhat', 'sles', 'suse' ] +dependencies: [] diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/db2_hadr_enable.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/db2_hadr_enable.yml new file mode 100644 index 000000000..4e1640b64 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/db2_hadr_enable.yml @@ -0,0 +1,122 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# See IBM Db2 documentation 'HADR and network address translation (NAT) support' - https://www.ibm.com/docs/en/db2/11.5?topic=support-hadr-nat +# These are the HADR Ports used for internode communication, and are unrelated to Health Check probe port from a Load Balancer +- name: SAP HA AnyDB - IBM Db2 HADR - Append IBM Db2 HA Ports to /etc/services + ansible.builtin.lineinfile: # noqa no-tabs + path: /etc/services + line: "{{ item }}" + state: present + loop: + - "{{ sap_ha_install_anydb_ibmdb2_sid }}_HADR_1\t55001/tcp\t# DB2 HA Port 1" # DB2 HADR local service (env var db2hadrlocalsvc / HADR_LOCAL_SVC) + - "{{ sap_ha_install_anydb_ibmdb2_sid }}_HADR_2\t55002/tcp\t# DB2 HA Port 2" # DB2 HADR remote service (env var db2hadrremotesvc / HADR_REMOTE_SVC) + when: (sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short) or (sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short) + + +# Use the IBM Db2 Command Line Processor +# See IBM Db2 for SAP HADR reference document referred from sap.com - https://ibm.github.io/db2-hadr-wiki/ +# Reasons for noqa: +# - no-changed-when: Db2 CLP will not error if config exists but when will attempt to skip anyway +- name: SAP HA AnyDB - IBM Db2 HADR - Configure Primary Node Replication # noqa no-changed-when + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + set anydb_primary="{{ sap_ha_install_anydb_ibmdb2_hostname_primary }}" + set anydb_secondary="{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }}" + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_LOCAL_HOST $anydb_primary + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_LOCAL_SVC "$ibmdb2_sid"_HADR_1 + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_REMOTE_HOST $anydb_secondary + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_REMOTE_SVC "$ibmdb2_sid"_HADR_2 + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_REMOTE_INST db2$ibmdb2_sid + db2 UPDATE DB CFG FOR $ibmdb2_sid USING INDEXREC RESTART LOGINDEXBUILD ON + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_TIMEOUT 120 + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_SYNCMODE NEARSYNC + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_SPOOL_LIMIT AUTOMATIC + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_PEER_WINDOW 240 + register: __sap_ha_install_anydb_ibmdb2_enable_primary + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_hadr_initial_status.stdout != "HADR_CONNECT_STATUS=CONNECTED" + failed_when: not __sap_ha_install_anydb_ibmdb2_enable_primary.rc == 0 and (not 'command completed successfully' in __sap_ha_install_anydb_ibmdb2_enable_primary.stdout and not __sap_ha_install_anydb_ibmdb2_enable_primary.stderr == "") + + +# Use the IBM Db2 Command Line Processor +# See IBM Db2 for SAP HADR reference document referred from sap.com - https://ibm.github.io/db2-hadr-wiki/ +# Reasons for noqa: +# - no-changed-when: Db2 CLP will not error if config exists but when will attempt to skip anyway +- name: SAP HA AnyDB - IBM Db2 HADR - Configure Secondary Node # noqa no-changed-when + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + set anydb_primary="{{ sap_ha_install_anydb_ibmdb2_hostname_primary }}" + set anydb_secondary="{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }}" + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_LOCAL_HOST $anydb_secondary + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_LOCAL_SVC "$ibmdb2_sid"_HADR_2 + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_REMOTE_HOST $anydb_primary + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_REMOTE_SVC "$ibmdb2_sid"_HADR_1 + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_REMOTE_INST db2$ibmdb2_sid + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_TIMEOUT 120 + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_SYNCMODE NEARSYNC + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_SPOOL_LIMIT AUTOMATIC + db2 UPDATE DB CFG FOR $ibmdb2_sid USING HADR_PEER_WINDOW 240 + db2 UPDATE DB CFG FOR $ibmdb2_sid USING INDEXREC RESTART LOGINDEXBUILD ON + register: __sap_ha_install_anydb_ibmdb2_enable_secondary + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + when: + - sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_hadr_initial_status.stdout != "HADR_CONNECT_STATUS=CONNECTED" + failed_when: not __sap_ha_install_anydb_ibmdb2_enable_secondary.rc == 0 and (not 'command completed successfully' in __sap_ha_install_anydb_ibmdb2_enable_secondary.stdout and not __sap_ha_install_anydb_ibmdb2_enable_secondary.stderr == "") + +# Use the IBM Db2 Command Line Processor +# Reasons for noqa: +# - no-changed-when: Db2 CLP error if config exists so prevent with attempt to skip +- name: SAP HA AnyDB - IBM Db2 HADR - Rollforward Secondary Node # noqa no-changed-when + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + db2 rollforward database $ibmdb2_sid to end of logs + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + when: + - sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_hadr_initial_status.stdout != "HADR_CONNECT_STATUS=CONNECTED" + +# Use the IBM Db2 Command Line Processor +# Reasons for noqa: +# - no-changed-when: Db2 CLP error if config exists so prevent with attempt to skip +- name: SAP HA AnyDB - IBM Db2 HADR - Start Secondary Standby Node # noqa no-changed-when + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + db2 deactivate db $ibmdb2_sid + db2 start hadr on db $ibmdb2_sid as standby + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + when: + - sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_hadr_initial_status.stdout != "HADR_CONNECT_STATUS=CONNECTED" + + +# Use the IBM Db2 Command Line Processor +# Reasons for noqa: +# - no-changed-when: Db2 CLP error if config exists so prevent with attempt to skip +- name: SAP HA AnyDB - IBM Db2 HADR - Start Primary Node # noqa no-changed-when + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + db2 deactivate db $ibmdb2_sid + db2 start hadr on db $ibmdb2_sid as primary + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_hadr_initial_status.stdout != "HADR_CONNECT_STATUS=CONNECTED" diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/db2_hadr_pcmk_cluster_create.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/db2_hadr_pcmk_cluster_create.yml new file mode 100644 index 000000000..85ae81491 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/db2_hadr_pcmk_cluster_create.yml @@ -0,0 +1,266 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +- name: SAP HA AnyDB - IBM Db2 HADR - Ansible Task Block for IBM Db2 'Integrated Linux Pacemaker' configuration + when: (sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short) or (sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short) + block: + + # IBM Db2 LUW for SAP installation media includes already extracted Db2_*_Pacemaker_*_<><>_<>.tar.gz + # Default install file is /install_media/LINUXX86_64/ESE/disk1/db2/linuxamd64/pcmk/db2installPCMK + # Default RPM directory is /install_media/LINUXX86_64/ESE/disk1/db2/linuxamd64/pcmk/Linux + # Default SRPM (Source) directory is /install_media/LINUXX86_64/ESE/disk1/db2/linuxamd64/pcmk/Linux/SRPMS + - name: SAP HA AnyDB - IBM Db2 HADR - Identify IBM Db2 installation media with 'Integrated Linux Pacemaker' RPMs subdirectory + ansible.builtin.find: + paths: "{{ sap_ha_install_anydb_ibmdb2_software_directory }}" + recurse: true + file_type: file + patterns: db2installPCMK + excludes: bin + register: __sap_ha_install_anydb_ibmdb2_pcmk + + - name: SAP HA AnyDB - IBM Db2 HADR - List all IBM Db2 'Integrated Linux Pacemaker' RPMs in subdirectory + ansible.builtin.find: + paths: "{{ (__sap_ha_install_anydb_ibmdb2_pcmk.files[0].path | dirname) + '/Linux/' + ('rhel' if ansible_os_family == 'RedHat' else 'suse' if ansible_os_family == 'Suse') }}" + recurse: true + file_type: file + patterns: + - "*.rpm" + # Should not be required, but db2installPCMK script will attempt to install all RPMs and fail on GPG Check + # excludes: + # - "*debuginfo*" + # - "*debugsource*" + register: __sap_ha_install_anydb_ibmdb2_pcmk_rpm_files + + - name: SAP HA AnyDB - IBM Db2 HADR - Install all IBM Db2 'Integrated Linux Pacemaker' RPMs for RHEL + ansible.builtin.dnf: + name: "{{ __sap_ha_install_anydb_ibmdb2_pcmk_rpm_files.files | map(attribute='path') | list | sort }}" + state: present + disable_gpg_check: true + when: ansible_os_family == 'RedHat' + + # For SLES 15, various Zypper errors will occur when 'Integrated Linux Pacemaker' RPMs attempt installation, such as: + ### the installed cluster-glue-libs** obsoletes 'libglue2 < **' provided by the to be installed libglue2**.db2pcmk.** + ### the installed pacemaker-libs** obsoletes 'libpacemaker3 < **' provided by the to be installed libpacemaker3**db2pcmk** + ### the to be installed libqb-devel**db2pcmk** requires 'libqb100 = **db2pcmk', but this requirement cannot be provided not installable providers: libqb100**db2pcmk** + ### nothing provides 'cluster-glue = **db2pcmk' needed by the to be installed libglue-devel**db2pcmk** + ### nothing provides 'libqb100 = **db2pcmk' needed by the to be installed libqb-devel**db2pcmk** + # Removing these packages will remove SLES Hawk2 and SLES Package Pattern for HA (patterns-ha-ha_sles) including pacemaker-libs etc + ### cluster-glue (replaced by cluster-glue*.rpm from db2pcmk) + ### crmsh (replaced by crmsh*.rpm from db2pcmk) + # Removing these packages will remove LVM Locking Daemon (lvm2-lockd), Corosync, SLES Hawk2 and SLES Package Pattern for HA (patterns-ha-ha_sles) including pacemaker-libs etc + ### ibcmap4 libcorosync_common4 libcpg4 libsam4 libvotequorum8 (replaced by corosynclib*.rpm from db2pcmk) + ### libqb100 (replaced by libqb100*.rpm from db2pcmk) + - name: SAP HA AnyDB - IBM Db2 HADR - Remove conflict default RPMs with db2pcmk RPMs for SLES + community.general.zypper: + name: + - cluster-glue + - crmsh + - ibcmap4 + - libcorosync_common4 + - libcpg4 + - libsam4 + - libvotequorum8 + - libqb100 + state: absent + disable_gpg_check: true + when: + - ansible_os_family == 'Suse' + - __sap_ha_install_anydb_ibmdb2_hadr_initial_status.stdout != "HADR_CONNECT_STATUS=CONNECTED" # Use to avoid removal of OS Package on re-run + + - name: SAP HA AnyDB - IBM Db2 HADR - Install all IBM Db2 'Integrated Linux Pacemaker' RPMs for SLES + community.general.zypper: + name: "{{ __sap_ha_install_anydb_ibmdb2_pcmk_rpm_files.files | map(attribute='path') | list | sort }}" + state: present + disable_gpg_check: true + when: ansible_os_family == 'Suse' + + # SAP Note 3100287 - DB6: Db2 Support for Pacemaker Cluster Software + # Reasons for noqa: + # - command-instead-of-module: Shell commands to match IBM Db2 documentation + # - no-changed-when: Command is check only and performs no action + - name: SAP HA AnyDB - IBM Db2 HADR - Verify IBM Db2 'Integrated Linux Pacemaker' is installed # noqa command-instead-of-module no-changed-when + ansible.builtin.shell: | + set -o pipefail && rpm -q corosync | grep -I db2pcmk + set -o pipefail && rpm -q pacemaker | grep -I db2pcmk + set -o pipefail && rpm -q crmsh | grep -I db2pcmk + register: __sap_ha_install_anydb_ibmdb2_pcmk_version_check + + - name: SAP HA AnyDB - IBM Db2 HADR - Display IBM Db2 'Integrated Linux Pacemaker' installation details + ansible.builtin.debug: + msg: "{{ __sap_ha_install_anydb_ibmdb2_pcmk_version_check.stdout_lines }}" + + - name: SAP HA AnyDB - IBM Db2 HADR - Identify IBM Db2 cluster manager (db2cm) utility + ansible.builtin.find: + paths: /db2 + recurse: true + file_type: file + patterns: db2cm + register: __sap_ha_install_anydb_ibmdb2_db2cm + failed_when: (__sap_ha_install_anydb_ibmdb2_db2cm.files | length) > 1 + + - name: SAP HA AnyDB - IBM Db2 HADR - Fail if IBM Db2 cluster manager (db2cm) utility is not available + ansible.builtin.fail: + msg: IBM Db2 cluster manager (db2cm) utility is not available, cannot find file db2cm + when: not (__sap_ha_install_anydb_ibmdb2_db2cm.files | length > 0) + + - name: SAP HA AnyDB - IBM Db2 HADR - Ensure directory for db2cm binary + ansible.builtin.file: + path: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/sqllib/bin + mode: "0755" + state: directory + + - name: SAP HA AnyDB - IBM Db2 HADR - Copy db2cm binary to binary path + ansible.builtin.copy: + src: "{{ __sap_ha_install_anydb_ibmdb2_db2cm.files[0].path }}" + remote_src: true + dest: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/sqllib/bin + mode: '0755' + + # - name: SAP HA AnyDB - IBM Db2 HADR - Verify /usr/lib/ocf/resource.d/heartbeat contains Db2agents (db2hadr, db2inst, db2ethmon) + + # Expect return code 0 if success, or return code 99 if no actions taken (i.e. all RPMs installed already) + # Reasons for noqa: + # - no-changed-when: Db2 command will perform no changes unless required but uses not standard rc code so attempt to skip + - name: SAP HA AnyDB - IBM Db2 HADR - Execute db2installPCMK shell script # noqa no-changed-when + ansible.builtin.shell: | + {{ __sap_ha_install_anydb_ibmdb2_pcmk.files[0].path }} -i + register: __sap_ha_install_anydb_ibmdb2_pcmk_binary_db2cppcmk_run + failed_when: + - (__sap_ha_install_anydb_ibmdb2_pcmk_binary_db2cppcmk_run.rc != 99 and __sap_ha_install_anydb_ibmdb2_pcmk_binary_db2cppcmk_run.rc != 0) + - not 'Online Pacemaker service detected' in __sap_ha_install_anydb_ibmdb2_pcmk_binary_db2cppcmk_run.stdout + + - name: SAP HA AnyDB - IBM Db2 HADR - Identify db2cppcmk shell script + ansible.builtin.find: + paths: "/db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + recurse: true + file_type: file + patterns: db2cppcmk + register: __sap_ha_install_anydb_ibmdb2_pcmk_binary_db2cppcmk + + - name: SAP HA AnyDB - IBM Db2 HADR - Fail if IBM Db2 resource agent scripts (db2cppcmk) utility is not available + ansible.builtin.fail: + msg: IBM Db2 resource agent scripts (db2cppcmk) utility is not available, cannot find file db2cppcmk + when: not (__sap_ha_install_anydb_ibmdb2_pcmk_binary_db2cppcmk.files | length > 0) + + # db2cppcmk script must run as root + # Reasons for noqa: + # - no-changed-when: Db2 command will perform no changes unless required + - name: SAP HA AnyDB - IBM Db2 HADR - Execute db2cppcmk shell script # noqa no-changed-when + ansible.builtin.shell: | + {{ __sap_ha_install_anydb_ibmdb2_pcmk_binary_db2cppcmk.files[0].path }} -i + + # db2cm script must run as root + # Reasons for noqa: + # - no-changed-when: Db2 command will error if already exists and not perform changes + - name: SAP HA AnyDB - IBM Db2 HADR - Primary Node - Create Linux Pacemaker cluster using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + export anydb_primary="{{ sap_ha_install_anydb_ibmdb2_hostname_primary }}" + export anydb_secondary="{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }}" + + # Assume 1 OS Network Interface until improvements can be made + export anydb_primary_nic="{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].ansible_default_ipv4.interface }}" + export anydb_secondary_nic="{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].ansible_default_ipv4.interface }}" + + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -cluster -domain db2pcmkcluster -host $anydb_primary -publicEthernet $anydb_primary_nic -host $anydb_secondary -publicEthernet $anydb_secondary_nic -remote_cmd "ssh -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" + register: __sap_ha_install_anydb_ibmdb2_config1 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + failed_when: not __sap_ha_install_anydb_ibmdb2_config1.rc == 0 and not 'make sure there is no cluster on any of the hosts' in __sap_ha_install_anydb_ibmdb2_config1.stdout + + # Corosync setting to be performed on both Primary and Secondary node + - name: SAP HA AnyDB - IBM Db2 HADR - Primary Node - Update corosync totem token timeout after creating cluster + ansible.builtin.lineinfile: + path: /etc/corosync/corosync.conf + regexp: '^.*token: 10000' + line: ' token: 30000' + backup: false + register: __sap_ha_install_anydb_ibmdb2_config2 + + # db2cm script must run as root + # Reasons for noqa: + # - no-changed-when: Db2 command will error if already exists and not perform changes + - name: SAP HA AnyDB - IBM Db2 HADR - Primary Node - Create Primary Node instance config in Linux Pacemaker cluster using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + export anydb_primary="{{ sap_ha_install_anydb_ibmdb2_hostname_primary }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -instance $ibmdb2_instance -host $anydb_primary + register: __sap_ha_install_anydb_ibmdb2_config3 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + failed_when: not __sap_ha_install_anydb_ibmdb2_config3.rc == 0 and not 'already exists in the resource model' in __sap_ha_install_anydb_ibmdb2_config3.stdout + + # db2cm script must run as root + # Reasons for noqa: + # - no-changed-when: Db2 command will error if already exists and not perform changes + - name: SAP HA AnyDB - IBM Db2 HADR - Primary Node - Create Secondary Node instance config in Linux Pacemaker cluster using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + export anydb_secondary="{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -instance $ibmdb2_instance -host $anydb_secondary + register: __sap_ha_install_anydb_ibmdb2_config4 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + failed_when: not __sap_ha_install_anydb_ibmdb2_config4.rc == 0 and not 'already exists in the resource model' in __sap_ha_install_anydb_ibmdb2_config4.stdout + + # Use the IBM Db2 Command Line Processor + # Setting to be performed on both Primary and Secondary node + # Reasons for noqa: + # - no-changed-when: Db2 CLP will not error if config exists but when will attempt to skip anyway + - name: SAP HA AnyDB - IBM Db2 HADR - Primary Node - Update IBM Db2 HADR config with greater timeout allowance using db2cm # noqa no-changed-when + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + db2 UPDATE DB CFG FOR $ibmdb2_sid using HADR_PEER_WINDOW 300 + register: __sap_ha_install_anydb_ibmdb2_config5 + # when: + # - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + failed_when: not __sap_ha_install_anydb_ibmdb2_config5.rc == 0 and not 'command completed successfully' in __sap_ha_install_anydb_ibmdb2_config5.stdout + + # Use the IBM Db2 Command Line Processor + # Address SQL1363W - database must be shutdown and reactivated before the configuration parameter changes become effective + # Reasons for noqa: + # - no-changed-when: Db2 CLP error if config exists so prevent with attempt to skip + - name: SAP HA AnyDB - IBM Db2 HADR - Primary and Secondary Node - Shutdown and Reactivate # noqa no-changed-when + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + db2 deactivate db $ibmdb2_sid + db2 activate db $ibmdb2_sid + register: __sap_ha_install_anydb_ibmdb2_config6 + # when: + # - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + failed_when: not __sap_ha_install_anydb_ibmdb2_config6.rc == 0 and not 'command completed successfully' in __sap_ha_install_anydb_ibmdb2_config6.stdout + + # db2cm script must run as root + # Ensure parameter HADR_PEER_WINDOW is set, otherwise will clustering-supported-cluster-management-software + # "Error: Please configure HADR_PEER_WINDOW for on instance on to a value of at least 60 seconds." + # Reasons for noqa: + # - no-changed-when: Db2 CLP error if config exists so prevent with attempt to skip + - name: SAP HA AnyDB - IBM Db2 HADR - Primary Node - Create IBM Db2 RDBMS instance config in Linux Pacemaker cluster using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -db $ibmdb2_sid -instance $ibmdb2_instance + register: __sap_ha_install_anydb_ibmdb2_config7 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + failed_when: not __sap_ha_install_anydb_ibmdb2_config7.rc == 0 and not 'already exists in the resource model' in __sap_ha_install_anydb_ibmdb2_config7.stdout + + - name: SAP HA AnyDB - IBM Db2 HADR - Configure Linux Pacemaker on target infrastructure platform using db2cm + ansible.builtin.include_tasks: "platform/db2cm_{{ __sap_ha_install_anydb_ibmdb2_platform }}.yml" + when: __sap_ha_install_anydb_ibmdb2_platform is defined + + - name: SAP HA AnyDB - IBM Db2 HADR - Warning if target infrastructure platform not detected + ansible.builtin.debug: + msg: WARNING - IBM Db2 HADR is only partially activated, the Infrastructure Platform could not be detected and additional steps are likely required. + when: __sap_ha_install_anydb_ibmdb2_platform is undefined + +# end of block diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/main.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/main.yml new file mode 100644 index 000000000..9a6795405 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/main.yml @@ -0,0 +1,150 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# IBM Db2 with an Integrated Cluster Manager permits various options, such as the option to use 'Integrated Linux Pacemaker'. +# See IBM Db2 Supported cluster management software - https://www.ibm.com/docs/en/db2/11.5?topic=clustering-supported-cluster-management-software + +# IBM Db2 with 'Integrated Linux Pacemaker' can use two deployment models, either: +# - High Availability and Disaster Recovery (HADR) option for Idle Standby. Used by this Ansible Role. +# - Mutual Failover option + +# Execute IBM Db2 with 'Integrated Linux Pacemaker' using Resource Agents db2ethmon, db2inst (HADR), db2hadr (HADR), db2partition and db2fs +# HA Deployment Model: High Availability and Disaster Recovery (HADR) for Idle Standby +# Configurations performed for: root OS user, IBM Db2 Database Administrator OS user (e.g. db2) +# Configurations executed on: IBM Db2 Primary Node, IBM Db2 Secondary Node + +# See SAP Note 1555903 - DB6: Supported IBM Db2 Database Features +# See SAP Note 3100330 - DB6: Using Db2 HADR with Pacemaker Cluster Software +# See SAP Note 3100287 - DB6: Db2 Support for Pacemaker Cluster Software +# See IBM Db2 for SAP HADR reference document referred from sap.com - https://ibm.github.io/db2-hadr-wiki/ +# See Admin documentation for IBM Db2 with Integrated Cluster Manager (Linux Pacemaker) - https://www.ibm.com/docs/en/db2/11.5?topic=feature-integrated-solution-using-pacemaker +# See Installation documentation for IBM Db2 with Integrated Cluster Manager (Linux Pacemaker) - https://www.ibm.com/docs/en/db2/11.5?topic=manager-installing-pacemaker-cluster + +- name: SAP HA AnyDB - IBM Db2 HADR - Collect required facts + ansible.builtin.setup: + gather_subset: hardware,interfaces + +- name: SAP HA AnyDB - IBM Db2 HADR - Confirm IBM Db2 installation media is available + ansible.builtin.find: + paths: "{{ sap_ha_install_anydb_ibmdb2_software_directory }}" + recurse: true + file_type: file + patterns: db2installPCMK + excludes: bin + register: __sap_ha_install_anydb_ibmdb2_check_install_media + +- name: SAP HA AnyDB - IBM Db2 HADR - Fail if IBM Db2 installation media is not available + ansible.builtin.fail: + msg: IBM Db2 installation media is not available, cannot find file db2installPCMK + when: not (__sap_ha_install_anydb_ibmdb2_check_install_media.files | length > 0) + +# Use the IBM Db2 Performance Diagnostics tool +# Reasons for noqa: +# - no-changed-when: Db2 PD tool is to retrieve information and perform no change +# - risky-shell-pipe: csh cannot use 'set -o pipefail &&' and will error with 'set: Variable name must begin with a letter' +- name: SAP HA AnyDB - IBM Db2 HADR - Confirm if IBM HADR is already activated (i.e. re-run) # noqa no-changed-when risky-shell-pipe + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + db2pd -hadr -db $ibmdb2_sid | grep 'HADR_CONNECT_STATUS =' | tr -d ' ' || echo '' + register: __sap_ha_install_anydb_ibmdb2_hadr_initial_status + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + +- name: SAP HA AnyDB - IBM Db2 HADR - Warning if IBM Db2 HADR is already activated + ansible.builtin.debug: + msg: WARNING - IBM Db2 HADR is already activated, some steps will be skipped and some may fail + when: __sap_ha_install_anydb_ibmdb2_hadr_initial_status.stdout == "HADR_CONNECT_STATUS=CONNECTED" + +# Determine infrastructure platform +- name: SAP HA AnyDB - IBM Db2 HADR - Include tasks for platform detection + ansible.builtin.import_tasks: platform/ascertain_platform_type.yml + +- name: SAP HA AnyDB - IBM Db2 HADR - Include tasks for IBM Db2 HADR functionality + ansible.builtin.import_tasks: db2_hadr_enable.yml + +- name: SAP HA AnyDB - IBM Db2 HADR - Include tasks for Passwordless SSH + ansible.builtin.import_tasks: passwordless_ssh.yml + +- name: SAP HA AnyDB - IBM Db2 HADR - Include tasks for IBM Db2 HADR with 'Integrated Linux Pacemaker' cluster + ansible.builtin.import_tasks: db2_hadr_pcmk_cluster_create.yml + + +# Use the Pacemaker Shell 'crmsh' +# Reasons for noqa: +# - no-changed-when: Use crmsh to retrieve information and perform no change +- name: SAP HA AnyDB - IBM Db2 HADR - Verify crm for IBM Db2 HA Linux Pacemaker initialisation # noqa no-changed-when + ansible.builtin.shell: | + crm --display=plain configure show + echo -e "\n\n" + crm --display=plain status full + register: __sap_ha_install_anydb_ibmdb2_pcmk_check + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Use db2cm script to retrieve information and perform no change +- name: SAP HA AnyDB - IBM Db2 HADR - Verify db2cm for IBM Db2 HA Linux Pacemaker initialisation # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -list + register: __sap_ha_install_anydb_ibmdb2_init_check + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + +# Use the IBM Db2 Command Line Processor +# Reasons for noqa: +# - no-changed-when: Use Db2 CLP to retrieve information and perform no change +# - risky-shell-pipe: csh cannot use 'set -o pipefail &&' and will error with 'set: Variable name must begin with a letter' +- name: SAP HA AnyDB - IBM Db2 HADR - Verify IBM Db2 HADR configuration # noqa no-changed-when risky-shell-pipe + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + db2 get db cfg for $ibmdb2_sid | grep 'Rollforward\|HADR' + register: __sap_ha_install_anydb_ibmdb2_hadr_config + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + +# Use the IBM Db2 Command Line Processor +# Reasons for noqa: +# - no-changed-when: Use Db2 CLP to retrieve information and perform no change +- name: SAP HA AnyDB - IBM Db2 HADR - Verify IBM Db2 HADR status # noqa no-changed-when + ansible.builtin.shell: | + set ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + db2pd -hadr -db $ibmdb2_sid + register: __sap_ha_install_anydb_ibmdb2_hadr_status + become: true + become_user: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + args: + executable: /bin/csh + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + +- name: SAP HA AnyDB - IBM Db2 HADR - Display crm for IBM Db2 HA Linux Pacemaker initialisation + ansible.builtin.debug: + msg: "{{ __sap_ha_install_anydb_ibmdb2_pcmk_check.stdout_lines }}" + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + +- name: SAP HA AnyDB - IBM Db2 HADR - Display db2cm for IBM Db2 HA Linux Pacemaker initialisation + ansible.builtin.debug: + msg: "{{ __sap_ha_install_anydb_ibmdb2_init_check.stdout_lines }}" + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + +- name: SAP HA AnyDB - IBM Db2 HADR - Display IBM Db2 HADR configuration + ansible.builtin.debug: + msg: "{{ __sap_ha_install_anydb_ibmdb2_hadr_config.stdout_lines }}" + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + +- name: SAP HA AnyDB - IBM Db2 HADR - Display IBM Db2 HADR status + ansible.builtin.debug: + msg: "{{ __sap_ha_install_anydb_ibmdb2_hadr_status.stdout_lines }}" + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/passwordless_ssh.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/passwordless_ssh.yml new file mode 100644 index 000000000..97692b2b2 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/passwordless_ssh.yml @@ -0,0 +1,235 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +- name: SAP HA AnyDB - IBM Db2 HADR - Ansible Task Block for passwordless SSH between AnyDB Primary and Secondary + when: (sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short) or (sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short) + block: + + - name: SAP HA AnyDB - IBM Db2 HADR - Create .ssh if missing - root user + ansible.builtin.file: + path: /root/.ssh + mode: "0700" + state: directory + + - name: SAP HA AnyDB - IBM Db2 HADR - Create .ssh if missing - IBM Db2 Database Administrator + ansible.builtin.file: + path: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh + mode: "0700" + state: directory + owner: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + group: db{{ sap_ha_install_anydb_ibmdb2_sid | lower }}adm + + # Reasons for noqa: + # - no-changed-when: Shell if logic to handle SSH Keys between hosts to align with IBM Db2 documentation + - name: SAP HA AnyDB - IBM Db2 HADR - Perform ssh-keygen if required # noqa no-changed-when + ansible.builtin.shell: | + [[ ! -f /root/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }} ]] && \ + [[ ! -f /root/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}.pub ]] && \ + ssh-keygen -t rsa -f /root/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }} -N "" -q + args: + creates: /root/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}.pub + failed_when: false + + # Reasons for noqa: + # - no-changed-when: Shell if logic to handle SSH Keys between hosts to align with IBM Db2 documentation + - name: SAP HA AnyDB - IBM Db2 HADR - Copy key files from root user if does not exist # noqa no-changed-when + ansible.builtin.shell: | + [[ ! -f /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }} ]] || \ + [[ ! -f /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}.pub ]] && \ + cp -f /root/.ssh/anydb_ibmdb2_hadr* /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh + args: + creates: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}.pub + failed_when: false + + - name: SAP HA AnyDB - IBM Db2 HADR - Ensure key file exists - root user + ansible.builtin.file: + path: "{{ item }}" + state: file + loop: + - "/root/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}" + - "/root/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}.pub" + + - name: SAP HA AnyDB - IBM Db2 HADR - Ensure key file exists with correct file permissions - IBM Db2 Database Administrator + ansible.builtin.file: + path: "{{ item }}" + state: file + owner: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + group: db{{ sap_ha_install_anydb_ibmdb2_sid | lower }}adm + loop: + - "/db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}" + - "/db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}.pub" + + # Reasons for noqa: + # - no-changed-when: Shell if logic to handle SSH Keys between hosts to align with IBM Db2 documentation + - name: SAP HA AnyDB - IBM Db2 HADR - Get SSH fingerprint of SAP AnyDB Primary node # noqa no-changed-when + ansible.builtin.shell: | + ssh-keyscan -t rsa {{ sap_ha_install_anydb_ibmdb2_hostname_primary }} + register: __sap_ha_install_anydb_ibmdb2_primary_ssh_fingerprint + when: sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + + # Reasons for noqa: + # - no-changed-when: Shell if logic to handle SSH Keys between hosts to align with IBM Db2 documentation + - name: SAP HA AnyDB - IBM Db2 HADR - Get SSH fingerprint of SAP AnyDB Secondary node # noqa no-changed-when + ansible.builtin.shell: | + ssh-keyscan -t rsa {{ sap_ha_install_anydb_ibmdb2_hostname_secondary }} + register: __sap_ha_install_anydb_ibmdb2_secondary_ssh_fingerprint + when: sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Get contents of SSH Public Key for SAP AnyDB Primary + ansible.builtin.slurp: + src: "/root/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}.pub" + register: __sap_ha_install_anydb_ibmdb2_primary_pubkey + when: sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Get contents of SSH Public Key for SAP AnyDB Secondary node + ansible.builtin.slurp: + src: "/root/.ssh/anydb_ibmdb2_hadr_{{ inventory_hostname_short }}.pub" + register: __sap_ha_install_anydb_ibmdb2_secondary_pubkey + when: sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Inject SAP AnyDB Secondary node SSH Fingerprint to SSH known_hosts file on SAP AnyDB Primary node - root user + ansible.builtin.lineinfile: + backup: true + create: true + mode: "0600" + path: /root/.ssh/known_hosts + owner: root + group: root + line: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].__sap_ha_install_anydb_ibmdb2_secondary_ssh_fingerprint.stdout }}" + when: sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Inject SAP AnyDB Secondary node SSH Fingerprint to SSH known_hosts file on SAP AnyDB Primary node - IBM Db2 Database Administrator + ansible.builtin.lineinfile: + backup: true + create: true + mode: "0600" + path: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/known_hosts + owner: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + group: db{{ sap_ha_install_anydb_ibmdb2_sid | lower }}adm + line: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].__sap_ha_install_anydb_ibmdb2_secondary_ssh_fingerprint.stdout }}" + when: sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Inject SSH Public Key to SSH authorized_keys file on SAP AnyDB Primary node - root user + ansible.builtin.lineinfile: + backup: true + create: true + mode: "0600" + path: /root/.ssh/authorized_keys + owner: root + group: root + line: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].__sap_ha_install_anydb_ibmdb2_secondary_pubkey.content | b64decode }}" + when: sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Inject SSH Public Key to SSH authorized_keys file on SAP AnyDB Primary node - IBM Db2 Database Administrator + ansible.builtin.lineinfile: + backup: true + create: true + mode: "0600" + path: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/authorized_keys + owner: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + group: db{{ sap_ha_install_anydb_ibmdb2_sid | lower }}adm + line: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].__sap_ha_install_anydb_ibmdb2_secondary_pubkey.content | b64decode }}" + when: sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + + # Avoid use of default id_rsa file or SSH Agent (ssh-add) + - name: SAP HA AnyDB - IBM Db2 HADR - Update Passwordless SSH login from SAP AnyDB Primary node to SAP AnyDB Secondary node - root user + ansible.builtin.blockinfile: + backup: true + create: true + mode: "0644" + path: /root/.ssh/config + owner: root + group: root + block: | + Host {{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].ansible_default_ipv4.address }} {{ sap_ha_install_anydb_ibmdb2_hostname_secondary }} + IdentityFile /root/.ssh/anydb_ibmdb2_hadr_{{ sap_ha_install_anydb_ibmdb2_hostname_primary }} + when: sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + + # Avoid use of default id_rsa file or SSH Agent (ssh-add) + - name: SAP HA AnyDB - IBM Db2 HADR - Update Passwordless SSH login from SAP AnyDB Primary node to SAP AnyDB Secondary node - IBM Db2 Database Administrator + ansible.builtin.blockinfile: + backup: true + create: true + mode: "0644" + path: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/config + owner: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + group: db{{ sap_ha_install_anydb_ibmdb2_sid | lower }}adm + block: | + Host {{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].ansible_default_ipv4.address }} {{ sap_ha_install_anydb_ibmdb2_hostname_secondary }} + IdentityFile /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/anydb_ibmdb2_hadr_{{ sap_ha_install_anydb_ibmdb2_hostname_primary }} + when: sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + + + - name: SAP HA AnyDB - IBM Db2 HADR - Inject SAP AnyDB Primary node SSH Fingerprint to SSH known_hosts file on SAP AnyDB Primary node - root user + ansible.builtin.lineinfile: + backup: true + create: true + mode: "0600" + path: /root/.ssh/known_hosts + owner: root + group: root + line: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].__sap_ha_install_anydb_ibmdb2_primary_ssh_fingerprint.stdout }}" + when: sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Inject SAP AnyDB Primary node SSH Fingerprint to SSH known_hosts file on SAP AnyDB Primary node - IBM Db2 Database Administrator + ansible.builtin.lineinfile: + backup: true + create: true + mode: "0600" + path: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/known_hosts + owner: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + group: db{{ sap_ha_install_anydb_ibmdb2_sid | lower }}adm + line: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].__sap_ha_install_anydb_ibmdb2_primary_ssh_fingerprint.stdout }}" + when: sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Inject SSH Public Key to SSH authorized_keys file on SAP AnyDB Secondary node (authentication method publickey) - root user + ansible.builtin.lineinfile: + backup: true + create: true + mode: "0600" + path: /root/.ssh/authorized_keys + owner: root + group: root + line: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].__sap_ha_install_anydb_ibmdb2_primary_pubkey.content | b64decode }}" + when: sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + + - name: SAP HA AnyDB - IBM Db2 HADR - Inject SSH Public Key to SSH authorized_keys file on SAP AnyDB Secondary node (authentication method publickey) - IBM Db2 Database Administrator + ansible.builtin.lineinfile: + backup: true + create: true + mode: "0600" + path: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/authorized_keys + owner: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + group: db{{ sap_ha_install_anydb_ibmdb2_sid | lower }}adm + line: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].__sap_ha_install_anydb_ibmdb2_primary_pubkey.content | b64decode }}" + when: sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + + # Avoid use of default id_rsa file or SSH Agent (ssh-add) + - name: SAP HA AnyDB - IBM Db2 HADR - Update Passwordless SSH login from SAP AnyDB Secondary node to SAP AnyDB Primary node (authentication method publickey) - root user + ansible.builtin.blockinfile: + backup: true + create: true + mode: "0644" + path: /root/.ssh/config + owner: root + group: root + block: | + Host {{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].ansible_default_ipv4.address }} {{ sap_ha_install_anydb_ibmdb2_hostname_primary }} + IdentityFile /root/.ssh/anydb_ibmdb2_hadr_{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }} + when: sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + + # Avoid use of default id_rsa file or SSH Agent (ssh-add) + - name: SAP HA AnyDB - IBM Db2 HADR - Update Passwordless SSH login from SAP AnyDB Secondary node to SAP AnyDB Primary node (authentication method publickey) - IBM Db2 Database Administrator + ansible.builtin.blockinfile: + backup: true + create: true + mode: "0644" + path: /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/config + owner: db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }} + group: db{{ sap_ha_install_anydb_ibmdb2_sid | lower }}adm + block: | + Host {{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].ansible_default_ipv4.address }} {{ sap_ha_install_anydb_ibmdb2_hostname_primary }} + IdentityFile /db2/db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}/.ssh/anydb_ibmdb2_hadr_{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }} + when: sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + +# end of block diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/ascertain_platform_type.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/ascertain_platform_type.yml new file mode 100644 index 000000000..0caee9450 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/ascertain_platform_type.yml @@ -0,0 +1,116 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# Platform detection for cloud and other infrastructure platforms. + +### Facts already available to Ansible +# +### Amazon Web Services EC2 Virtual Server. Not applicable for AWS Classic. +# ansible_chassis_asset_tag: "Amazon EC2" # SMBIOS Chassis Asset Tag +# ansible_board_asset_tag: "i-043d3c1a889ed9016" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform +# ansible_chassis_vendor: "Amazon EC2" +# ansible_product_name: "r5.8xlarge" # IaaS profile name +# ansible_system_vendor: "Amazon EC2" +# +### Google Cloud Compute Engine Virtual Machine. +# ansible_chassis_asset_tag: "NA" # SMBIOS Chassis Asset Tag +# ansible_board_asset_tag: "9EAF3038-7EF5-3F1E-6620-FB3BDA7A3709" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform +# ansible_chassis_vendor: "Google" +# ansible_product_name: "Google Compute Engine" +# ansible_system_vendor: "Google" +# +### IBM Cloud Virtual Server. Not applicable for IBM Cloud Classic Infrastructure. +# ansible_chassis_asset_tag: "ibmcloud" # SMBIOS Chassis Asset Tag +# ansible_board_asset_tag: "0c7d4459-xxxx-yyyy-zzzz-abcdefghijkl" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform +# ansible_chassis_vendor: "IBM:Cloud Compute Server 1.0:mx2-16x128" # IaaS profile name as suffix (after colon) +# ansible_product_name: "Standard PC (i440FX + PIIX, 1996)" +# ansible_system_vendor: "QEMU" +# +### Microsoft Azure Virtual Machine. Not applicable for MS Azure Classic/ASM. +# ansible_chassis_asset_tag: "7783-xxxx-yyyy-zzzz-aaaa-bbbb-cc" # SMBIOS Chassis Asset Tag +# ansible_board_asset_tag: "None" # SMBIOS Baseboard Asset Tag +# ansible_chassis_vendor: "Microsoft Corporation" +# ansible_product_name: "Virtual Machine" +# ansible_system_vendor: "70f4a858-1eea-4c35-b9e1-e179c32fc6b5" # ID of virtual machine on platform +# +### VMware vSphere +# ansible_product_name: "VMware7,1", +# ansible_system_vendor: "VMware, Inc.", +# ansible_virtualization_type: "VMware" +# +### End of comment + + +# TODO: detection based on multiple facts and providing one standard +# name for use as platform type in related include files +# cloud_aliyun_ecs_vm, cloud_aws_ec2_vs, cloud_gcp_ce_vm, cloud_ibmcloud_powervs, cloud_ibmcloud_vs, +# cloud_msazure_vm, hyp_ibmpower_vm, hyp_redhat_ocp_virt_vm, hyp_redhat_rhel_kvm_vm, hyp_vmware_vsphere_vm + + +- name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is Amazon Web Services EC2 Virtual Server + ansible.builtin.set_fact: + __sap_ha_install_anydb_ibmdb2_platform: cloud_aws_ec2_vs + when: + - '"amazon" in ansible_system_vendor | lower + or "amazon" in ansible_product_name | lower' + +- name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is Google Cloud Compute Engine Virtual Machine + ansible.builtin.set_fact: + __sap_ha_install_anydb_ibmdb2_platform: cloud_gcp_ce_vm + when: + - ansible_product_name == 'Google Compute Engine' + +- name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is IBM Cloud Virtual Server + ansible.builtin.set_fact: + __sap_ha_install_anydb_ibmdb2_platform: cloud_ibmcloud_vs + when: + - ansible_chassis_asset_tag == 'ibmcloud' + +- name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is Microsoft Azure Virtual Machine + ansible.builtin.set_fact: + __sap_ha_install_anydb_ibmdb2_platform: cloud_msazure_vm + when: + - ansible_product_name == 'Virtual Machine' + - ansible_chassis_vendor == 'Microsoft Corporation' + +# - name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is IBM Power - RSCT binary check +# ansible.builtin.shell: | +# set -o pipefail && rpm -qa | grep -E -e "rsct.basic" +# register: __sap_ha_install_anydb_ibmdb2_power_rsct_check +# changed_when: false +# when: ansible_architecture == "ppc64le" + +# - name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is IBM Power - RSCT binary check +# ansible.builtin.fail: +# msg: Please install RSCT from IBM Power Systems service and productivity tools repository +# when: +# - ansible_architecture == "ppc64le" +# - __sap_ha_install_anydb_ibmdb2_power_rsct_check.stdout == "" + +# - name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is IBM Power - RSCT binary check +# ansible.builtin.shell: | +# /opt/rsct/bin/ctgethscid +# register: __sap_ha_install_anydb_ibmdb2_power_rsct_hscid +# changed_when: false +# when: +# - ansible_architecture == "ppc64le" +# - __sap_ha_install_anydb_ibmdb2_power_rsct_check.stdout != "" + +# - name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is IBM Power Virtual Server from IBM Cloud +# ansible.builtin.set_fact: +# __sap_ha_install_anydb_ibmdb2_platform: cloud_ibmcloud_powervs +# when: +# - ansible_architecture == "ppc64le" +# - '"ibmcloud" in __sap_ha_install_anydb_ibmdb2_power_rsct_hscid.stdout' + +# - name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is IBM PowerVM +# ansible.builtin.set_fact: +# __sap_ha_install_anydb_ibmdb2_platform: hyp_ibmpower_vm +# when: +# - ansible_architecture == "ppc64le" +# - '"ibmcloud" not in __sap_ha_install_anydb_ibmdb2_power_rsct_hscid.stdout' + +# - name: SAP HA AnyDB - IBM Db2 HADR - Check if platform is VMware vSphere" +# ansible.builtin.set_fact: +# __sap_ha_install_anydb_ibmdb2_platform: hyp_vmware_vsphere_vm +# when: +# - ansible_virtualization_type == 'VMware' diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_aws_ec2_vs.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_aws_ec2_vs.yml new file mode 100644 index 000000000..619f2553c --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_aws_ec2_vs.yml @@ -0,0 +1,113 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +- name: SAP HA AnyDB - IBM Db2 HADR (AWS) - Fence Agent Packages for RHEL + ansible.builtin.package: + name: + - fence-agents-aws + - awscli + state: present + when: ansible_os_family == 'RedHat' + +- name: SAP HA AnyDB - IBM Db2 HADR (AWS) - Fence Agent Packages for SLES + ansible.builtin.package: + name: + - fence-agents + - awscli + state: present + when: ansible_os_family == 'Suse' + +# IBM Db2 HADR on AWS EC2 VS +# www.ibm.com/support/pages/node/6829815 +# www.ibm.com/support/pages/node/6830009 +# Older documentation - www.ibm.com/support/pages/node/6359159 +# Older documentation - www.ibm.com/support/pages/node/6359155 + + +# db2cm script must run as root +# When Virtual IP is already attached to OS Network Interface as Secondary IP +# (in advance by sap_vm_temp_vip or previous db2cm run), will cause +# "Error: ip address is pingable, use another ip address in the subnet that is not pingable." +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (AWS) - Primary Node - Create Virtual IP address for Primary Node using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -primaryVIP "{{ sap_ha_install_anydb_ibmdb2_vip_primary_ip_address }}" -db $ibmdb2_sid -instance $ibmdb2_instance + register: __sap_ha_install_anydb_ibmdb2_config_aws_1 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_aws_ec2_vs" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_aws_1.rc == 0 and not 'already exists in the resource model' in __sap_ha_install_anydb_ibmdb2_config_aws_1.stdout + +# Setting to be performed on both Primary and Secondary node +# Reasons for noqa: +# - no-changed-when: Db2 mandates use of AWS CLI for credentials instead of credential configuration directly via IBM Db2 selected Pacemaker Shell (crmsh) +- name: SAP HA AnyDB - IBM Db2 HADR (AWS) - Primary and Secondary Node - Provide AWS CLI credentials # noqa no-changed-when + ansible.builtin.shell: | + aws configure set aws_access_key_id "{{ sap_ha_install_anydb_ibmdb2_aws_access_key_id }}" + aws configure set aws_secret_access_key "{{ sap_ha_install_anydb_ibmdb2_aws_secret_access_key }}" + register: __sap_ha_install_anydb_ibmdb2_config_aws_credentials + when: + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_aws_ec2_vs" + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (AWS) - Primary Node - Create Linux Pacemaker Fence Agent instantiation using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -aws -fence + register: __sap_ha_install_anydb_ibmdb2_config_aws_2 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_aws_ec2_vs" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_aws_2.rc == 0 and not 'already configured' in __sap_ha_install_anydb_ibmdb2_config_aws_2.stdout + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (AWS) - Primary Node - Create Linux Pacemaker Resource Agent instantiation for aws-vpc-move-ip using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -aws -primaryVIP "{{ sap_ha_install_anydb_ibmdb2_vip_primary_ip_address }}" -rtb "{{ sap_ha_install_anydb_ibmdb2_aws_vip_update_rt }}" -db $ibmdb2_sid -instance $ibmdb2_instance + register: __sap_ha_install_anydb_ibmdb2_config_aws_3 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_aws_ec2_vs" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_aws_3.rc == 0 and not 'already exists' in __sap_ha_install_anydb_ibmdb2_config_aws_3.stdout + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (AWS) - Primary Node - Start Linux Pacemaker cluster and IBM Db2 HADR functionality # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + export anydb_primary="{{ sap_ha_install_anydb_ibmdb2_hostname_primary }}" + export anydb_secondary="{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }}" + + # Assume 1 OS Network Interface until improvements can be made + export anydb_primary_nic="{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].ansible_default_ipv4.interface }}" + export anydb_secondary_nic="{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].ansible_default_ipv4.interface }}" + + /db2/$ibmdb2_instance/sqllib/bin/db2cm -enable -all + /db2/$ibmdb2_instance/sqllib/bin/db2cm -enable -instance $ibmdb2_instance -host $anydb_primary -publicEthernet $anydb_primary_nic -host $anydb_secondary -publicEthernet $anydb_secondary_nic -remote_cmd "ssh -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" + register: __sap_ha_install_anydb_ibmdb2_config_aws_4 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_aws_ec2_vs" + +# Deletion commands: +# export ibmdb2_sid="" +# export ibmdb2_instance="" +# export anydb_primary="" +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -primaryVIP -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -aws -primaryVIP -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -aws -fence +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -instance $ibmdb2_instance -host $anydb_primary +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -cluster -db $ibmdb2_sid -instance $ibmdb2_instance diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_gcp_ce_vm.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_gcp_ce_vm.yml new file mode 100644 index 000000000..ef50fcfb5 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_gcp_ce_vm.yml @@ -0,0 +1,162 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# - name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - Fence Agent Packages for RHEL +# ansible.builtin.package: +# name: +# - fence-agents-gce +# - resource-agents-gcp +# state: present +# when: ansible_os_family == 'RedHat' + +# - name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - Fence Agent Packages for SLES +# ansible.builtin.package: +# name: +# - fence-agents +# - resource-agents-gcp +# state: present +# when: ansible_os_family == 'Suse' + +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - GCloud Repo Key + ansible.builtin.rpm_key: + state: present + key: https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg + +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - GCloud Repo Add for RHEL + ansible.builtin.yum_repository: + name: Google Cloud CLI + baseurl: https://packages.cloud.google.com/yum/repos/cloud-sdk-el9-x86_64 + enabled: true + gpgcheck: true + repo_gpgcheck: false + gpgkey: + - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg + when: + - ansible_os_family == "RedHat" + +# Reasons for noqa: +# - no-changed-when: SUSEConnect command will not perform changes if already exists +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - GCloud Repo Add for SLES # noqa no-changed-when + ansible.builtin.shell: | + SUSEConnect --product sle-module-public-cloud/{{ ansible_distribution_version }}/x86_64 + when: ansible_os_family == 'Suse' + +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - GCloud CLI Package for RHEL + ansible.builtin.package: + name: google-cloud-cli + state: present + when: ansible_os_family == 'RedHat' + +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - GCloud CLI Package for SLES + ansible.builtin.package: + name: + - google-guest-agent + - google-guest-configs + - google-guest-oslogin + state: present + when: ansible_os_family == 'Suse' + + +# IBM Db2 HADR on GCP CE VMs +# https://www.ibm.com/support/pages/node/7071284 + +# db2cm script must run as root +# When Virtual IP is already attached to OS Network Interface as Secondary IP +# (in advance by sap_vm_temp_vip or previous db2cm run), will cause +# "Error: ip address is pingable, use another ip address in the subnet that is not pingable." +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - Primary Node - Create Virtual IP address for Primary Node using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -primaryVIP "{{ sap_ha_install_anydb_ibmdb2_vip_primary_ip_address }}" -db $ibmdb2_sid -instance $ibmdb2_instance + register: __sap_ha_install_anydb_ibmdb2_config_gcp_1 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_gcp_ce_vm" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_gcp_1.rc == 0 and not 'ip address is pingable' in __sap_ha_install_anydb_ibmdb2_config_gcp_1.stdout + +# Setting to be performed on both Primary and Secondary node +# Reasons for noqa: +# - no-changed-when: Db2 mandates use of Google Cloud CLI for credentials instead of credential configuration directly via IBM Db2 selected Pacemaker Shell (crmsh) +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - Primary and Secondary Node - Provide GCloud CLI credentials # noqa no-changed-when + ansible.builtin.shell: | + gcloud auth activate-service-account --key-file="{{ sap_ha_install_anydb_ibmdb2_gcp_credentials_json_file }}" --project="{{ sap_ha_install_anydb_ibmdb2_gcp_project }}" + gcloud debug targets list --quiet + register: __sap_ha_install_anydb_ibmdb2_config_gcp_credentials + when: + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_gcp_ce_vm" + +# # VERIFY - Missing fence_gce ? +# # db2cm script must run as root +# - name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - Primary Node - Create Linux Pacemaker Fence Agent instantiation using db2cm +# ansible.builtin.shell: | +# export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" +# export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -gcp -fence +# register: __sap_ha_install_anydb_ibmdb2_config_gcp_2 +# when: +# - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short +# - __sap_ha_install_anydb_ibmdb2_platform == "cloud_gcp_ce_vm" +# failed_when: not __sap_ha_install_anydb_ibmdb2_config_gcp_2.rc == 0 and not 'already configured' in __sap_ha_install_anydb_ibmdb2_config_gcp_2.stdout + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - Primary Node - Create Linux Pacemaker Resource Agent instantiation for gcp-ilb using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -gcp -primarylbl "{{ sap_ha_install_anydb_ibmdb2_gcp_lb_health_check_port }}" -db $ibmdb2_sid -instance $ibmdb2_instance + register: __sap_ha_install_anydb_ibmdb2_config_gcp_3 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_gcp_ce_vm" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_gcp_3.rc == 0 and not 'already exists' in __sap_ha_install_anydb_ibmdb2_config_gcp_3.stdout + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - Primary Node - Create Linux Pacemaker Resource Agent instantiation for Virtual IP via IPAddr2 using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -gcp -primaryVIP "{{ sap_ha_install_anydb_ibmdb2_vip_primary_ip_address }}" -db $ibmdb2_sid -instance $ibmdb2_instance + register: __sap_ha_install_anydb_ibmdb2_config_gcp_4 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_gcp_ce_vm" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_gcp_4.rc == 0 and not 'already exists' in __sap_ha_install_anydb_ibmdb2_config_gcp_4.stdout + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (Google Cloud) - Primary Node - Start Linux Pacemaker cluster and IBM Db2 HADR functionality # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + export anydb_primary="{{ sap_ha_install_anydb_ibmdb2_hostname_primary }}" + export anydb_secondary="{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }}" + + # Assume 1 OS Network Interface until improvements can be made + export anydb_primary_nic="{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].ansible_default_ipv4.interface }}" + export anydb_secondary_nic="{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].ansible_default_ipv4.interface }}" + + /db2/$ibmdb2_instance/sqllib/bin/db2cm -enable -all + /db2/$ibmdb2_instance/sqllib/bin/db2cm -enable -instance $ibmdb2_instance -host $anydb_primary -publicEthernet $anydb_primary_nic -host $anydb_secondary -publicEthernet $anydb_secondary_nic -remote_cmd "ssh -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" + register: __sap_ha_install_anydb_ibmdb2_config_gcp_5 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_gcp_ce_vm" + +# Deletion commands: +# export ibmdb2_sid="" +# export ibmdb2_instance="" +# export anydb_primary="" +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -primaryVIP -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -gcp -primaryVIP -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -gcp -primarylbl -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -instance $ibmdb2_instance -host $anydb_primary +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -cluster -db $ibmdb2_sid -instance $ibmdb2_instance diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_ibmcloud_vs.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_ibmcloud_vs.yml new file mode 100644 index 000000000..d22047a10 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_ibmcloud_vs.yml @@ -0,0 +1,248 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Set Facts + ansible.builtin.set_fact: + __sap_ha_install_anydb_ibmdb2_ibmcloud_resource_name: res_fence_ibm_vpc + __sap_ha_install_anydb_ibmdb2_ibmcloud_agent_name: stonith:fence_ibm_vpc + __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb: service:haproxy + __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb_primary_resource_name: "{{ sap_ha_install_anydb_ibmdb2_sid }}prim" + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Fence Agent Packages for RHEL + ansible.builtin.package: + name: + - fence-agents-ibm-vpc + - haproxy + state: present + when: ansible_os_family == 'RedHat' + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Fence Agent Packages for SLES + ansible.builtin.package: + name: + - fence-agents + - haproxy + state: present + when: ansible_os_family == 'Suse' + + +# Reasons for noqa: +# - no-changed-when: There is no ansible fact with the fully qualified VM Instance ID. We get this information from the SMBIOS/DMI +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Primary Node - Register Instance ID # noqa no-changed-when + ansible.builtin.shell: | + dmidecode -s system-family + register: __sap_ha_install_anydb_ibmdb2_ibmcloud_fence_primary_instance_id_shell + changed_when: false + check_mode: false + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + +# Reasons for noqa: +# - no-changed-when: There is no ansible fact with the fully qualified VM Instance ID. We get this information from the SMBIOS/DMI +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Secondary Node - Register Instance ID # noqa no-changed-when + ansible.builtin.shell: | + dmidecode -s system-family + register: __sap_ha_install_anydb_ibmdb2_ibmcloud_fence_secondary_instance_id_shell + changed_when: false + check_mode: false + when: + - sap_ha_install_anydb_ibmdb2_hostname_secondary == inventory_hostname_short + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Set Facts + ansible.builtin.set_fact: + __sap_ha_install_anydb_ibmdb2_ibmcloud_fence_primary_instance_id: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].__sap_ha_install_anydb_ibmdb2_ibmcloud_fence_primary_instance_id_shell.stdout }}" + __sap_ha_install_anydb_ibmdb2_ibmcloud_fence_secondary_instance_id: "{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].__sap_ha_install_anydb_ibmdb2_ibmcloud_fence_secondary_instance_id_shell.stdout }}" + + +# - name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Create haproxy log directory for rsyslog +# ansible.builtin.file: +# path: /var/log/haproxy +# state: directory +# mode: '0755' +# +# - name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Create haproxy config for rsyslog +# ansible.builtin.copy: +# dest: /etc/rsyslog.d/haproxy.conf +# mode: '0644' +# content: | +# # Additional socket in haproxy's chroot +# # to allow logging via /dev/log to chroot'ed HAProxy processes +# $AddUnixListenSocket /var/lib/haproxy/dev/log +# +# # Send HAProxy messages to a dedicated logfile +# :programname,startswith,"haproxy" /var/log/haproxy/haproxy.log +# +# - name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - rsyslog service restart +# ansible.builtin.service: +# name: rsyslog +# state: restarted +# enabled: true + + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Check if haproxy service template exists + ansible.builtin.stat: + path: /etc/systemd/system/haproxy@.service + register: __sap_ha_install_anydb_ibmdb2_register_haproxy_template + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Create haproxy service template + ansible.builtin.copy: + dest: /etc/systemd/system/haproxy@.service + remote_src: true + src: /usr/lib/systemd/system/haproxy.service + mode: '0644' + when: + - not __sap_ha_install_anydb_ibmdb2_register_haproxy_template.stat.exists + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Update haproxy service template description + ansible.builtin.lineinfile: + backup: true + path: /etc/systemd/system/haproxy@.service + regexp: '^Description=' + line: 'Description=HAProxy Load Balancer %i' + state: present + insertafter: '^[Unit]$' + notify: "systemd daemon-reload" + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Update haproxy service template environment + ansible.builtin.lineinfile: + backup: true + path: /etc/systemd/system/haproxy@.service + regexp: '^Environment=' + line: 'Environment="CONFIG=/etc/haproxy/haproxy-%i.cfg" "PIDFILE=/run/haproxy-%i.pid"' + state: present + insertafter: '^[Service]$' + notify: "systemd daemon-reload" + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Create haproxy config + ansible.builtin.blockinfile: + backup: false + create: true + path: "/etc/haproxy/haproxy-{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb_primary_resource_name }}.cfg" + mode: "0644" + owner: root + group: root + marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" + block: | + global + chroot /var/lib/haproxy + pidfile /var/run/haproxy-%i.pid + user haproxy + group haproxy + daemon + + defaults + mode tcp + log global + option dontlognull + option redispatch + retries 3 + timeout queue 1m + timeout connect 10s + timeout client 1m + timeout server 1m + timeout check 10s + maxconn 3000 + + # Listener for SAP healthcheck + listen healthcheck + bind *:{{ sap_ha_install_anydb_ibmdb2_ibmcloud_health_check_port }} + +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - haproxy service start (without enable on boot) + ansible.builtin.service: + name: haproxy + state: started + enabled: false # Do not start on boot + + +# Reasons for noqa: +# - no-changed-when: crmsh command equivalent to db2cm +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Primary Node - Create Resource (STONITH) with Fence Agent # noqa no-changed-when + ansible.builtin.shell: | + crm configure primitive \ + "{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_resource_name }}" \ + "{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_agent_name }}" \ + params \ + region="{{ sap_ha_install_anydb_ibmdb2_ibmcloud_region }}" \ + apikey="{{ sap_ha_install_anydb_ibmdb2_ibmcloud_api_key }}" \ + pcmk_monitor_timeout="600" \ + pcmk_host_map="{{ sap_ha_install_anydb_ibmdb2_hostname_primary }}:{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_fence_primary_instance_id }};{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }}:{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_fence_secondary_instance_id }}" \ + op monitor interval=60s \ + op start interval=0s timeout=20s \ + op stop interval=0s timeout=20s \ + meta \ + is-managed=true \ + migration-threshold=5000 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_ibmcloud_vs" + + +# Reasons for noqa: +# - no-changed-when: crmsh command equivalent to db2cm +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Primary Node - Enable STONITH using CIB Bootstrap Options # noqa no-changed-when + ansible.builtin.shell: | + crm configure property cib-bootstrap-options: stonith-enabled=true + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_ibmcloud_vs" + + +# Reasons for noqa: +# - no-changed-when: crmsh command equivalent to db2cm +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Primary Node - Create Resource HAProxy Listener for Load Balancer Health Check Probe # noqa no-changed-when + ansible.builtin.shell: | + crm configure primitive \ + "hc_rsc_vip_{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb_primary_resource_name }}" \ + {{ __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb }}@{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb_primary_resource_name }} \ + op monitor interval=10s timeout=20s \ + op start interval=0s timeout=100s \ + op stop interval=0s timeout=100s \ + meta \ + is-managed=true \ + migration-threshold=5000 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_ibmcloud_vs" + + +# Reasons for noqa: +# - no-changed-when: crmsh command equivalent to db2cm +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Primary Node - Identify target IBM Db2 resource clone name # noqa no-changed-when + ansible.builtin.shell: | + set -o pipefail && crm config show type:primitive | tr '\n' ' ' | sed 's| primitive |\n|g' | grep dbname | sed 's| db2hadr.*||' + register: __sap_ha_install_anydb_ibmdb2_discover_pcmk_resource_name + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_ibmcloud_vs" + + +# Constraint - Colocation +# Ensure HAProxy Listener is started only on the PCMK Primary node +# Change score 'INFINITY:' or 'inf:' used by Health Check Listeners for Azure and GCP, instead use score '2000:' +# Reasons for noqa: +# - no-changed-when: crmsh command equivalent to db2cm +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Primary Node - Create Constraint Colocation of HAProxy Listener for Load Balancer Health Check Probe # noqa no-changed-when + ansible.builtin.shell: | + crm configure colocation \ + "colocation-hc_rsc_vip_{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb_primary_resource_name }}" \ + 2000: \ + "hc_rsc_vip_{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb_primary_resource_name }}:Started" \ + {{ __sap_ha_install_anydb_ibmdb2_discover_pcmk_resource_name.stdout }}-clone:Master + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_ibmcloud_vs" + + +# Constraint - Order +# On failover, when Db2 is promoted to PCMK Secondary node then ensure HAProxy Listener is moved at same time +# Reasons for noqa: +# - no-changed-when: crmsh command equivalent to db2cm +- name: SAP HA AnyDB - IBM Db2 HADR (IBM Cloud) - Primary Node - Create Constraint Order of HAProxy Listener for Load Balancer Health Check Probe # noqa no-changed-when + ansible.builtin.shell: | + crm configure order \ + "order-{{ __sap_ha_install_anydb_ibmdb2_discover_pcmk_resource_name.stdout }}-then-hc_rsc_vip_{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb_primary_resource_name }}" \ + Mandatory: \ + "{{ __sap_ha_install_anydb_ibmdb2_discover_pcmk_resource_name.stdout }}-clone:promote" \ + "hc_rsc_vip_{{ __sap_ha_install_anydb_ibmdb2_ibmcloud_vip_method_alb_primary_resource_name }}:start" + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_ibmcloud_vs" diff --git a/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_msazure_vm.yml b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_msazure_vm.yml new file mode 100644 index 000000000..454ef6c03 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/tasks/platform/db2cm_cloud_msazure_vm.yml @@ -0,0 +1,150 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Fence Agent Packages for RHEL + ansible.builtin.package: + name: + - fence-agents-azure-arm + - socat + state: present + when: ansible_os_family == 'RedHat' + +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Fence Agent Packages for SLES + ansible.builtin.package: + name: + - fence-agents + - socat + state: present + when: ansible_os_family == 'Suse' + +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Azure CLI Repo Key + ansible.builtin.rpm_key: + state: present + key: https://packages.microsoft.com/keys/microsoft.asc + +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Azure CLI Repo Package for RHEL 9 + ansible.builtin.package: + name: https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm + state: present + when: + - ansible_os_family == "RedHat" + - ansible_distribution_major_version == "9" + +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Azure CLI Repo Package for RHEL 8 + ansible.builtin.package: + name: https://packages.microsoft.com/config/rhel/8/packages-microsoft-prod.rpm + state: present + when: + - ansible_os_family == "RedHat" + - ansible_distribution_major_version == "8" + +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Azure CLI Repo for SLES + community.general.zypper_repository: + name: Azure CLI + repo: https://packages.microsoft.com/yumrepos/azure-cli + state: present + auto_import_keys: true + when: ansible_os_family == 'Suse' + +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Azure CLI Package + ansible.builtin.package: + name: azure-cli + state: present + + +# IBM Db2 HADR on MS Azure VMs +# www.ibm.com/support/pages/node/6830479 +# Older documentation - www.ibm.com/support/pages/node/6829813 +# Legacy documentation - www.ibm.com/support/pages/node/6465977 + + +# db2cm script must run as root +# When Virtual IP is already attached to OS Network Interface as Secondary IP +# (in advance by sap_vm_temp_vip or previous db2cm run), will cause +# "Error: ip address is pingable, use another ip address in the subnet that is not pingable." +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Primary Node - Create Virtual IP address for Primary Node using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -primaryVIP "{{ sap_ha_install_anydb_ibmdb2_vip_primary_ip_address }}" -db $ibmdb2_sid -instance $ibmdb2_instance + register: __sap_ha_install_anydb_ibmdb2_config_msazure_1 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_msazure_vm" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_msazure_1.rc == 0 and not 'ip address is pingable' in __sap_ha_install_anydb_ibmdb2_config_msazure_1.stdout + +# Setting to be performed on both Primary and Secondary node +# Reasons for noqa: +# - no-changed-when: Db2 mandates use of AWS CLI for credentials instead of credential configuration directly via IBM Db2 selected Pacemaker Shell (crmsh) +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Primary and Secondary Node - Provide MS Azure CLI credentials # noqa no-changed-when + ansible.builtin.shell: | + az login --service-principal -u "{{ sap_ha_install_anydb_ibmdb2_msazure_app_client_id }}" -p "{{ sap_ha_install_anydb_ibmdb2_msazure_app_client_secret }}" --tenant "{{ sap_ha_install_anydb_ibmdb2_msazure_tenant_id }}" + register: __sap_ha_install_anydb_ibmdb2_config_msazure_credentials + when: + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_msazure_vm" + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Primary Node - Create Linux Pacemaker Fence Agent instantiation using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + export DB2_AZURE_SP_LOGIN="{{ sap_ha_install_anydb_ibmdb2_msazure_app_client_id }}" + export DB2_AZURE_SP_PASSWD="{{ sap_ha_install_anydb_ibmdb2_msazure_app_client_secret }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -azure -fence + register: __sap_ha_install_anydb_ibmdb2_config_msazure_2 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_msazure_vm" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_msazure_2.rc == 0 and not 'already configured' in __sap_ha_install_anydb_ibmdb2_config_msazure_2.stdout + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Primary Node - Create Linux Pacemaker Resource Agent instantiation for azure-lb using db2cm # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + export DB2_AZURE_SP_LOGIN="{{ sap_ha_install_anydb_ibmdb2_msazure_app_client_id }}" + export DB2_AZURE_SP_PASSWD="{{ sap_ha_install_anydb_ibmdb2_msazure_app_client_secret }}" + /db2/$ibmdb2_instance/sqllib/bin/db2cm -create -azure -primarylbl "{{ sap_ha_install_anydb_ibmdb2_msazure_lb_health_check_port }}" -db $ibmdb2_sid -instance $ibmdb2_instance + register: __sap_ha_install_anydb_ibmdb2_config_msazure_3 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_msazure_vm" + failed_when: not __sap_ha_install_anydb_ibmdb2_config_msazure_3.rc == 0 and not 'already exists' in __sap_ha_install_anydb_ibmdb2_config_msazure_3.stdout + +# db2cm script must run as root +# Reasons for noqa: +# - no-changed-when: Db2 command will error if already exists and not perform changes +- name: SAP HA AnyDB - IBM Db2 HADR (MS Azure) - Primary Node - Start Linux Pacemaker cluster and IBM Db2 HADR functionality # noqa no-changed-when + ansible.builtin.shell: | + export ibmdb2_sid="{{ sap_ha_install_anydb_ibmdb2_sid }}" + export ibmdb2_instance="db2{{ sap_ha_install_anydb_ibmdb2_sid | lower }}" + export anydb_primary="{{ sap_ha_install_anydb_ibmdb2_hostname_primary }}" + export anydb_secondary="{{ sap_ha_install_anydb_ibmdb2_hostname_secondary }}" + + # Assume 1 OS Network Interface until improvements can be made + export anydb_primary_nic="{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_primary].ansible_default_ipv4.interface }}" + export anydb_secondary_nic="{{ hostvars[sap_ha_install_anydb_ibmdb2_hostname_secondary].ansible_default_ipv4.interface }}" + + /db2/$ibmdb2_instance/sqllib/bin/db2cm -enable -all + /db2/$ibmdb2_instance/sqllib/bin/db2cm -enable -instance $ibmdb2_instance -host $anydb_primary -publicEthernet $anydb_primary_nic -host $anydb_secondary -publicEthernet $anydb_secondary_nic -remote_cmd "ssh -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" + register: __sap_ha_install_anydb_ibmdb2_config_msazure_4 + when: + - sap_ha_install_anydb_ibmdb2_hostname_primary == inventory_hostname_short + - __sap_ha_install_anydb_ibmdb2_platform == "cloud_msazure_vm" + +# Deletion commands: +# export ibmdb2_sid="" +# export ibmdb2_instance="" +# export anydb_primary="" +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -primaryVIP -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -azure -primarylbl -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -azure -fence +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -instance $ibmdb2_instance -host $anydb_primary +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -db $ibmdb2_sid -instance $ibmdb2_instance +# /db2/$ibmdb2_instance/sqllib/bin/db2cm -delete -cluster -db $ibmdb2_sid -instance $ibmdb2_instance diff --git a/roles/sap_ha_install_hana_hsr/.yamllint.yml b/roles/sap_ha_install_hana_hsr/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_ha_install_hana_hsr/.yamllint.yml +++ b/roles/sap_ha_install_hana_hsr/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_ha_install_hana_hsr/README.md b/roles/sap_ha_install_hana_hsr/README.md index f8a5730b3..9d2a1ae21 100644 --- a/roles/sap_ha_install_hana_hsr/README.md +++ b/roles/sap_ha_install_hana_hsr/README.md @@ -1,70 +1,132 @@ + # sap_ha_install_hana_hsr Ansible Role + +![Ansible Lint for sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml/badge.svg) -Ansible role for SAP HANA System Replication Setup on 2 nodes. +## Description + +The Ansible Role `sap_ha_install_hana_hsr` is used to configure and enable SAP HANA System Replication between 2 nodes. + + + + + ## Prerequisites +Managed nodes: +- Same Operating system version +- SAP HANA is installed with same version on both nodes. + + +## Execution + + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order: +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. *`sap_ha_install_hana_hsr`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Verify connection between nodes. +3. Update /etc/hosts, hdbuserstore, Log mode, PKI +4. Execute database backup +5. Configure SAP HANA System Replication + + +### Example + +```yaml +--- +- name: Ansible Play for SAP HANA System Replication setup + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_ha_install_hana_hsr + ansible.builtin.include_role: + name: community.sap_install.sap_ha_install_hana_hsr + vars: + sap_ha_install_hana_hsr_cluster_nodes: + - node_name: h01hana0 + node_ip: "10.10.10.10" + node_role: primary + hana_site: DC01 + + - node_name: h01hana1 + node_ip: "10.10.10.11" + node_role: secondary + hana_site: DC02 + + sap_ha_install_hana_hsr_sid: H01 + sap_ha_install_hana_hsr_instance_number: "01" + sap_ha_install_hana_hsr_hdbuserstore_system_backup_user: "HDB_SYSTEMDB" + sap_ha_install_hana_hsr_db_system_password: "Password" + sap_ha_install_hana_hsr_fqdn: example.com +``` + -- target nodes are on the same OS level -- target nodes are using the same SAP HANA release + + -## Overview + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -The **sap_ha_install_hana_hsr** role is part of this system role sequence: +## License + +Apache 2.0 + -| Sequence | System Role | Description | -| :------: | :----------------------- | :----------------------------------------------------------- | -| 1. | sap_general_preconfigure | System Preparation for SAP | -| 2. | sap_hana_preconfigure | System Preparation for SAP HANA | -| 3. | sap_hana_install | Installation of SAP HANA Database | -| _4._ | _sap_ha_install_hana_hsr_ | _Configuration of SAP HANA System Replication_ | -| 5. | sap_ha_pacemaker_cluster | Linux Pacemaker cluster setup and SAP resources configuration | +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) + -The **sap_ha_install_hana_hsr** roles configures a HANA system replication relationship which is used by the pacemaker cluster to automate SAP HANA System Replication (HSR). Prerequisite is the SAP HANA installation on the nodes. +## Role Variables + +### sap_ha_install_hana_hsr_sid -## Tasks included +- _Type:_ `string` +- _Default:_ `{{ sap_hana_sid }}` -| Task | Description | -| ---------------------- | ----------------------------------------------------------------------------------- | -| update_etchosts.yml | ensures that all nodes of the cluster are configured in all nodes' /etc/hosts | -| configure_firewall.yml | this will configure the firewall für HANA system replication (disabled) | -| hdbuserstore.yml | create a user in the hdbuserstore | -| log_mode.yml | check/set database logmode | -| pki_files.yml | copy pki file from primary to secondary database | -| run_backup.yml | perform backup on the primary note as pre required step for HANA system replication | -| configure_hsr.yml | enable HANA system replication on primary node and register secondary database node | +Enter SID of SAP HANA database. -## Common Variables/Parameters Used +### sap_ha_install_hana_hsr_instance_number -| Name | Description | Value | -| -------------------------------- | ------------------------------- | ---------------------- | -| sap_domain | Domain Name | example: `example.com` | -| sap_hana_sid | SAP ID | example: `RH1` | -| sap_hana_instance_number | Instance Number | example: `"00"` | -| sap_hana_install_master_password | DB System Password | -| sap_hana_cluster_nodes | Parameter list of cluster nodes | -| sap_hana_hacluster_password | Pacemaker hacluster Password | +- _Type:_ `string` +- _Default:_ `{{ sap_hana_instance_number }}` -## Role specific Variables +Enter string value of SAP HANA SID. -| Name | Description | Value | -| --------------------------------- | ---------------- | -------------------- | -| sap_ha_install_hana_hsr_rep_mode | replication mode | default is sync | -| sap_ha_install_hana_hsr_oper_mode | operation mode | default is logreplay | +### sap_ha_install_hana_hsr_cluster_nodes -## Example Parameter File +- _Type:_ `list` +- _Default:_ `{{ sap_hana_cluster_nodes }}` -```yaml -sap_hana_sid: "DB1" -sap_hana_instance_number: "00" -sap_hana_install_master_password: "my_hana-password" +List of cluster nodes and associated attributes to describe the target SAP HA environment.
+This is required for the HANA System Replication configuration.
-### Cluster Definition -sap_ha_install_pacemaker_cluster_name: cluster1 -sap_hana_hacluster_password: "my_hacluster-password" +- **hana_site**
+ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). +- **node_ip**
+ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ +- **node_name**
+ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ +- **node_role**
+ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ -sap_domain: example.com +Example: -sap_hana_cluster_nodes: +```yaml +sap_ha_install_hana_hsr_cluster_nodes: - node_name: node1 node_ip: 192.168.1.11 node_role: primary @@ -76,28 +138,44 @@ sap_hana_cluster_nodes: hana_site: DC02 ``` -### Execution Design +### sap_ha_install_hana_hsr_hdbuserstore_system_backup_user -Having the parameters specified as above, it can be executed with one command: +- _Type:_ `string` +- _Default:_ `HDB_SYSTEMDB` -```text -ansible-playbook example_playbook_with_parameters.ymnl -``` +Enter name of SYSTEM user for backup execution. -If you need to execute the role using an external handled, you can also limit the playbook for specific a **host** adding parameter defined in e **parameter_file**. +### sap_ha_install_hana_hsr_db_system_password -```text -ansible-playbook -l node1 example_playbook.yml -e @parameter_file.yml -``` +- _Type:_ `string` +- _Default:_ `{{ sap_hana_install_master_password }}` -A good way to start is executing the playbook with the option _--list_tasks_. You can than start a playbook with the option _--start-at-task_ at a specific point. _--list_task_ will not start any task. +Enter password of SYSTEM user for backup execution. -For more information please check +### sap_ha_install_hana_hsr_fqdn -```text -ansible-playbook --help -``` +- _Type:_ `string` +- _Default:_ {{ sap_domain }} -## License +Enter domain of SAP system, for example `example.com`. + +### sap_ha_install_hana_hsr_rep_mode + +- _Type:_ `string` +- _Default:_ `sync` + +Enter SAP HANA System Replication mode. + +### sap_ha_install_hana_hsr_oper_mode + +- _Type:_ `string` +- _Default:_ `logreplay` + +Enter SAP HANA System Replication operation mode. + +### sap_ha_install_hana_hsr_update_etchosts +- _Type:_ `bool` +- _Default:_ `True` -Apache license 2.0 +Enable to update /etc/hosts file. + \ No newline at end of file diff --git a/roles/sap_ha_install_hana_hsr/defaults/main.yml b/roles/sap_ha_install_hana_hsr/defaults/main.yml index 5aed4c99f..b3ec79c56 100644 --- a/roles/sap_ha_install_hana_hsr/defaults/main.yml +++ b/roles/sap_ha_install_hana_hsr/defaults/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- sap_ha_install_hana_hsr_sid: "{{ sap_hana_sid }}" sap_ha_install_hana_hsr_instance_number: "{{ sap_hana_instance_number }}" diff --git a/roles/sap_ha_install_hana_hsr/meta/main.yml b/roles/sap_ha_install_hana_hsr/meta/main.yml index 9a9a62cd8..673ea0a02 100644 --- a/roles/sap_ha_install_hana_hsr/meta/main.yml +++ b/roles/sap_ha_install_hana_hsr/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_ha_install_hana_hsr/tasks/configure_hsr.yml b/roles/sap_ha_install_hana_hsr/tasks/configure_hsr.yml index 04c108471..1411ec505 100644 --- a/roles/sap_ha_install_hana_hsr/tasks/configure_hsr.yml +++ b/roles/sap_ha_install_hana_hsr/tasks/configure_hsr.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "SAP HSR - Check System Replication Status" ansible.builtin.shell: | @@ -31,6 +32,7 @@ # looping through cluster definition to run on secondary node # and apply the respective 'site' value +# - 'throttle' to avoid simultaneous run for multiple secondaries as this confuses the primary - name: "SAP HSR - Register secondary node to HANA System Replication" ansible.builtin.shell: | source /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/home/.sapenv.sh && \ @@ -50,6 +52,7 @@ loop_control: label: "{{ item.node_name }}" changed_when: true + throttle: 1 - name: "SAP HSR - Start HANA instance on secondary" ansible.builtin.shell: | diff --git a/roles/sap_ha_install_hana_hsr/tasks/hdbuserstore.yml b/roles/sap_ha_install_hana_hsr/tasks/hdbuserstore.yml index 290a8689c..8e004df44 100644 --- a/roles/sap_ha_install_hana_hsr/tasks/hdbuserstore.yml +++ b/roles/sap_ha_install_hana_hsr/tasks/hdbuserstore.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # ansible-lint: # become_user string is deduced from a variable + suffix with no spaces diff --git a/roles/sap_ha_install_hana_hsr/tasks/log_mode.yml b/roles/sap_ha_install_hana_hsr/tasks/log_mode.yml index 952abfa69..e05b8c034 100644 --- a/roles/sap_ha_install_hana_hsr/tasks/log_mode.yml +++ b/roles/sap_ha_install_hana_hsr/tasks/log_mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "SAP HSR - check log_mode" tags: hsr_logmode diff --git a/roles/sap_ha_install_hana_hsr/tasks/main.yml b/roles/sap_ha_install_hana_hsr/tasks/main.yml index 8af8c44ea..dbfb48614 100644 --- a/roles/sap_ha_install_hana_hsr/tasks/main.yml +++ b/roles/sap_ha_install_hana_hsr/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # CHECK: we need to define variables, when the Hana Replication interface != ansible_hostname @@ -19,13 +20,20 @@ node_ip: "{{ item.node_ip }}" node_role: "{{ item.node_role | default('secondary') }}" hana_site: "{{ item.hana_site }}" - loop: "{{ sap_ha_install_hana_hsr_cluster_nodes }}" + loop: "{{ sap_ha_install_hana_hsr_cluster_nodes | selectattr('node_name', 'contains', ansible_hostname) }}" loop_control: label: "{{ item.node_name }}" when: - item.node_ip in ansible_all_ipv4_addresses tags: always +- name: SAP HSR - Verify provided node roles + ansible.builtin.assert: + that: + - sap_ha_install_hana_hsr_cluster_nodes | selectattr('node_role', '==', 'primary') | length == 1 + - sap_ha_install_hana_hsr_cluster_nodes | selectattr('node_role', '==', 'secondary') | length >= 1 + fail_msg: "Node roles not valid. There must be 1 primary and at least 1 node defined with the secondary role." + - name: SAP HSR - Check that hsr interface is configured on host ansible.builtin.assert: that: @@ -37,16 +45,10 @@ - name: "SAP HSR - Pick up primary node name from definition" ansible.builtin.set_fact: - __sap_ha_install_hana_hsr_primary_node: "{{ item.node_name }}" - __sap_ha_install_hana_hsr_primary_node_name: "{{ item.node_name.split('.')[0] }}" - __sap_ha_install_hana_hsr_primary_node_domain: "{{ item.node_name.split('.')[1:] | join('.') }}" - __sap_ha_install_hana_hsr_primary_node_ip: "{{ item.node_ip }}" - when: - - item.node_role is defined - - item.node_role == 'primary' - loop: "{{ sap_ha_install_hana_hsr_cluster_nodes }}" - loop_control: - label: "{{ item.node_name }}" + __sap_ha_install_hana_hsr_primary_node: "{{ (sap_ha_install_hana_hsr_cluster_nodes | selectattr('node_role', '==', 'primary'))[0].node_name }}" + __sap_ha_install_hana_hsr_primary_node_name: "{{ (sap_ha_install_hana_hsr_cluster_nodes | selectattr('node_role', '==', 'primary'))[0].node_name.split('.')[0] }}" + __sap_ha_install_hana_hsr_primary_node_domain: "{{ (sap_ha_install_hana_hsr_cluster_nodes | selectattr('node_role', '==', 'primary'))[0].node_name.split('.')[1:] | join('.') }}" + __sap_ha_install_hana_hsr_primary_node_ip: "{{ (sap_ha_install_hana_hsr_cluster_nodes | selectattr('node_role', '==', 'primary'))[0].node_ip }}" tags: always - name: "SAP HSR - Verify that Ansible can connect to the defined primary node by name" diff --git a/roles/sap_ha_install_hana_hsr/tasks/pki_files.yml b/roles/sap_ha_install_hana_hsr/tasks/pki_files.yml index f93be1c3c..d3cb9ef80 100644 --- a/roles/sap_ha_install_hana_hsr/tasks/pki_files.yml +++ b/roles/sap_ha_install_hana_hsr/tasks/pki_files.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Secondary nodes fetch PKI files from the primary node. # Setting up temporary direct connection if not yet present @@ -22,10 +23,8 @@ cat ~/.ssh/hsr_temp.pub || \ (ssh-keygen -t rsa -f ~/.ssh/hsr_temp -N "" -q && \ cat ~/.ssh/hsr_temp.pub) - args: - creates: ~/.ssh/hsr_temp.pub register: __sap_ha_install_hana_hsr_pubkey - failed_when: false + changed_when: true - name: "SAP HSR - Create .ssh on primary node if missing" ansible.builtin.file: @@ -34,6 +33,7 @@ mode: "0700" register: __sap_ha_install_hana_hsr_create_ssh_prim delegate_to: "{{ __sap_ha_install_hana_hsr_primary_node }}" + run_once: true - name: "SAP HSR - Authorize pub key on primary node" ansible.builtin.lineinfile: @@ -44,6 +44,7 @@ path: ~/.ssh/authorized_keys register: __sap_ha_install_hana_hsr_addauth delegate_to: "{{ __sap_ha_install_hana_hsr_primary_node }}" + throttle: 1 # ansible-lint: # The synchronize module is not part of ansible-core collections. @@ -105,6 +106,7 @@ when: - __sap_ha_install_hana_hsr_addauth.backup is defined - __sap_ha_install_hana_hsr_addauth.backup|length == 0 + throttle: 1 - name: "SAP HSR - Primary: Restore authorized_keys from backup" ansible.builtin.copy: @@ -116,6 +118,7 @@ when: - __sap_ha_install_hana_hsr_addauth.backup is defined - __sap_ha_install_hana_hsr_addauth.backup|length > 0 + run_once: true - name: "SAP HSR - Primary: Remove .ssh if it was created" ansible.builtin.file: @@ -125,3 +128,4 @@ - __sap_ha_install_hana_hsr_create_ssh_prim.changed is defined - __sap_ha_install_hana_hsr_create_ssh_prim.changed delegate_to: "{{ __sap_ha_install_hana_hsr_primary_node }}" + run_once: true diff --git a/roles/sap_ha_install_hana_hsr/tasks/run_backup.yml b/roles/sap_ha_install_hana_hsr/tasks/run_backup.yml index 049c40d80..425608716 100644 --- a/roles/sap_ha_install_hana_hsr/tasks/run_backup.yml +++ b/roles/sap_ha_install_hana_hsr/tasks/run_backup.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "SAP HSR - Run backup for SYSTEMDB" ansible.builtin.shell: | diff --git a/roles/sap_ha_install_hana_hsr/tasks/update_etchosts.yml b/roles/sap_ha_install_hana_hsr/tasks/update_etchosts.yml index bad7b39da..d20e44dd7 100644 --- a/roles/sap_ha_install_hana_hsr/tasks/update_etchosts.yml +++ b/roles/sap_ha_install_hana_hsr/tasks/update_etchosts.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "SAP HSR - Check /etc/hosts for conflicting entries" ansible.builtin.shell: | diff --git a/roles/sap_ha_pacemaker_cluster/.yamllint.yml b/roles/sap_ha_pacemaker_cluster/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_ha_pacemaker_cluster/.yamllint.yml +++ b/roles/sap_ha_pacemaker_cluster/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_ha_pacemaker_cluster/DEPRECATED_VARIABLES.md b/roles/sap_ha_pacemaker_cluster/DEPRECATED_VARIABLES.md new file mode 100644 index 000000000..25aa5e396 --- /dev/null +++ b/roles/sap_ha_pacemaker_cluster/DEPRECATED_VARIABLES.md @@ -0,0 +1,54 @@ +# sap_ha_pacemaker_cluster Deprecated input variables + +This deprecation of input variables is part of an ongoing effort to improve the codebase by removing unnecessary elements and streamlining the overall design. + +These variables fall into a few categories: +- **Obsolete or unused** + - These variables are no longer used and are being removed to reduce technical debt and potential confusion. +- **Renamed** + - These variables are being renamed to better reflect their current purpose and improve code readability. + - This is especially important when the variable's functionality has evolved over time. + +## Backwards compatibility +All deprecated variables offer time limited backwards compatibility that will be removed in future. + +## List of deprecated input variables +| ~~Old variable~~
New variable | Backwards compatible | Reason | +| --------- | --------- | --------- | +| ~~sap_ha_pacemaker_cluster_nwas_abap_sid~~
sap_ha_pacemaker_cluster_nwas_sid | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr~~
sap_ha_pacemaker_cluster_nwas_ascs_instance_nr | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr~~
sap_ha_pacemaker_cluster_nwas_ers_instance_nr | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name~~
sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name~~
sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string~~
sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string~~
sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name~~
sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name~~
sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name~~
sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name~~
sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name~~
sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name~~
sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool~~
sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness~~
sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold~~
sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_migration_threshold | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout~~
sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_failure_timeout | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness~~
sap_ha_pacemaker_cluster_nwas_cs_group_stickiness | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1~~
sap_ha_pacemaker_cluster_nwas_cs_ensa1 | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount~~
sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address~~
sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name~~
sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address~~
sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name~~
sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name~~
sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name~~
sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name~~
sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name~~
sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id~~
sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id~~
sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id | :heavy_check_mark: | Removal of `_abap_` | +| ~~sap_ha_pacemaker_cluster_storage_nfs_filesytem_type~~
sap_ha_pacemaker_cluster_storage_nfs_filesystem_type | :heavy_check_mark: | Typo | + + +## Status explanation: +- Strikethrough - Name of deprecated variable +- :heavy_check_mark: - Variable is removed from defaults and readme, but still supported. +- :x: - Variable is completely removed and not supported diff --git a/roles/sap_ha_pacemaker_cluster/README.md b/roles/sap_ha_pacemaker_cluster/README.md index 3ddbb5f72..a74280e49 100644 --- a/roles/sap_ha_pacemaker_cluster/README.md +++ b/roles/sap_ha_pacemaker_cluster/README.md @@ -1,140 +1,169 @@ - + # sap_ha_pacemaker_cluster Ansible Role - + ![Ansible Lint for sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml/badge.svg) -Ansible Role for installation and configuration of Linux Pacemaker for High Availability of SAP Systems run on various Infrastructure Platforms. - -## Scope - -This Ansible Role provides: -- installation of Linux Pacemaker packages and dependencies -- configuration of Linux Pacemaker cluster with all relevant fencing agent and resource agent for an Infrastructure Platform and SAP Software (SAP HANA or SAP NetWeaver) -- setup and instantiation of Linux Pacemaker cluster (using `ha_cluster` Linux System Role) - -This Ansible Role has been tested for the following SAP Software Solution scenario deployments: -- SAP HANA Scale-up High Availability -- `Beta:` SAP NetWeaver (ABAP) AS ASCS and ERS High Availability -- `Experimental:` SAP NetWeaver (ABAP) AS PAS and AAS High Availability -- `Experimental:` SAP NetWeaver (JAVA) AS SCS and ERS High Availability - -This Ansible Role contains Infrastructure Platform specific alterations for: -- AWS EC2 Virtual Servers -- `Beta:` Microsoft Azure Virtual Machines -- `Experimental:` Google Cloud Compute Engine Virtual Machine -- `Experimental:` IBM Cloud Virtual Server -- `Experimental:` IBM Power Virtual Server from IBM Cloud -- `Experimental:` IBM PowerVC hypervisor Virtual Machine - -Please note, this Ansible Role `sap_ha_pacemaker_cluster` is acting as a wrapper and generates the parameter definitions for a given SAP System, Infrastructure Platform specific variables and other additional steps to complete the SAP High Availability setup using Linux Pacemaker clusters. - -### Warnings :warning: - -- :warning: Do **not** execute this Ansible Role against already configured Linux Pacemaker cluster nodes; unless you know what you are doing and have prepared the input variables for the Ansible Role according to / matching to the existing Linux Pacemaker setup! -- :warning: Infrastructure Platforms not explicitly listed as available/tested are very unlikely to work. - -## Functionality - -_All of the following functionality is provided as **Technology Preview**._ - -### SAP HANA scale-up (performance-optimized) with SAP HANA System Replication, High Availability using Linux Pacemaker 2-node cluster - -| Platform | Usability | -| -------- | --------- | -| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | -| :heavy_check_mark: OVirt VM | tested and working | -| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | - -### SAP NetWeaver (ABAP) ASCS and ERS, High Availability using Linux Pacemaker 2-node cluster - -| Platform | Usability | -| -------- | --------- | -| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | -| :heavy_check_mark: OVirt VM | tested and working | -| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | - -## Requirements - -The Ansible Role requires the SAP HANA Database Server or SAP NetWeaver Application Server software installation to already exist on the target host/s. +## Description + +The Ansible Role `sap_ha_pacemaker_cluster` is used to install and configure Linux Pacemaker High Availability clusters for SAP HANA and SAP Netweaver systems on various infrastructure platforms. + -The target host must be either: -- Red Hat - - OS version: Registered RHEL4SAP (HA and US) 8.4+ - - OS package repositories enabled: SAP and High Availability -- SUSE - - OS version: Registered SLES for SAP 15+ (SLES4SAP 15+) - - OS package repositories enabled: HA Extension is part of registered SLES4SAP + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `ha_cluster` +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + - -The Ansible Control System (where Ansible is executed from) must have: -- Ansible Core 2.9+ -- Access to dependency Ansible Collections and Ansible Roles: - - **Upstream**: - - Ansible Collection [`community.sap_install` from Ansible Galaxy](https://galaxy.ansible.com/community/sap_install) version `1.3.0` or later - - Ansible Collection [`fedora.linux_system_roles` from Ansible Galaxy](https://galaxy.ansible.com/fedora/linux_system_roles) version `1.20.0` or later - - **Supported (Downstream)** via Red Hat Ansible Automation Platform (AAP) license: - - Ansible Collection [`redhat.sap_install` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/sap_install) version `1.3.0` or later - - Ansible Collection [`redhat.rhel_system_roles` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles) version `1.20.0` or later - - **Supported (Downstream)** via RHEL4SAP license: - - RHEL System Roles for SAP RPM Package `rhel-system-roles-sap-3.6.0` or later - - RHEL System Roles RPM Package `rhel-system-roles-1.20.0` or later - + ## Prerequisites +Infrastructure: +- It is required to create them manually or using [sap_vm_provision](https://github.com/sap-linuxlab/community.sap_infrastructure/tree/main/roles/sap_vm_provision) role, because this role does not create any Cloud platform resources that are required by Resource Agents. -All SAP Software must be installed, and all remote/file storage mounts must be available with correct permissions defined by SAP documentation. For SAP HANA High Availability, SAP HANA System Replication must already be installed. +Managed nodes: +- Supported SAP system is installed. See [Recommended](#recommended) section. +- SAP HANA System Replication is configured for SAP HANA HA cluster. See [Recommended](#recommended) section. +- Operating system has access to all required packages +- All required ports are open (details below) -In addition, the following network ports must be available: - -| **SAP Technical Application and Component** | **Port** | +| SAP HANA System Replication process | Port | +| --- | --- | +| hdbnameserver
used for log and data shipping from a primary site to a secondary site.
System DB port number plus 10,000 | 4``01 | +| hdbnameserver
unencrypted metadata communication between sites.
System DB port number plus 10,000 | 4``02 | +| hdbnameserver
used for encrypted metadata communication between sites.
System DB port number plus 10,000 | 4``06 | +| hdbindexserver
used for first MDC Tenant database schema | 4``03 | +| hdbxsengine
used for SAP HANA XSC/XSA | 4``07| +| hdbscriptserver
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | +| hdbxsengine
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | + +| Linux Pacemaker process | Port | | --- | --- | -| **_SAP HANA System Replication_** | | -| hdbnameserver
used for log and data shipping from a primary site to a secondary site.
System DB port number plus 10,000 | 4``01 | -| hdbnameserver
unencrypted metadata communication between sites.
System DB port number plus 10,000 | 4``02 | -| hdbnameserver
used for encrypted metadata communication between sites.
System DB port number plus 10,000 | 4``06 | -| hdbindexserver
used for first MDC Tenant database schema | 4``03 | -| hdbxsengine
used for SAP HANA XSC/XSA | 4``07| -| hdbscriptserver
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | -| hdbxsengine
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | -| **_Linux Pacemaker_** | | | pcsd
cluster nodes requirement for node-to-node communication | 2224 (TCP)| | pacemaker
cluster nodes requirement for Pacemaker Remote service daemon | 3121 (TCP) | | corosync
cluster nodes requirement for node-to-node communication | 5404-5412 (UDP) | + + +## Execution + +**:warning: This ansible role will destroy and then recreate Linux Pacemaker cluster in process.**
+:warning: Do not execute this Ansible Role against existing Linux Pacemaker clusters unless you know what you are doing and you prepare inputs according to existing cluster. + +### Supported Platforms +| Platform | Status | Notes | +| -------- | --------- | --------- | +| Physical server | :heavy_check_mark: | Need to specify valid fence agent | +| AWS EC2 Virtual Servers | :heavy_check_mark: | | +| Google Cloud Compute Engine Virtual Machine | :heavy_check_mark: | | +| Microsoft Azure Virtual Machines | :heavy_check_mark: | | +| IBM Cloud Virtual Server | :heavy_check_mark: | | +| IBM Power Virtual Server from IBM Cloud | :heavy_check_mark: | | +| IBM PowerVC hypervisor Virtual Machine | :heavy_check_mark: | | +| OVirt VM | :heavy_check_mark: | | + +### Supported scenarios + +| Platform | Variant | Status | +| -------- | --------- | --------- | +| SAP HANA scale-up (performance-optimized) 2 nodes | SAPHanaSR Classic | :heavy_check_mark: | +| SAP HANA scale-up (performance-optimized) 2 nodes | SAPHanaSR-angi | :heavy_check_mark: | +| SAP NetWeaver (ABAP) ASCS and ERS 2 nodes | Classic | :heavy_check_mark: | +| SAP NetWeaver (ABAP) ASCS and ERS 2 nodes | Simple Mount | :heavy_check_mark: | +| SAP NetWeaver (JAVA) SCS and ERS 2 nodes | Classic | :heavy_check_mark: | +| SAP NetWeaver (JAVA) SCS and ERS 2 nodes | Simple Mount | :heavy_check_mark: | + +**NOTE: SAP Netweaver ASCS/ERS and SCS/ERS are ENSA2 by default, but ENSA1 is also supported.** + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+#### SAP HANA cluster +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) +6. *`sap_ha_pacemaker_cluster`* + +#### SAP Netweaver cluster +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) +5. *`sap_ha_pacemaker_cluster`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Detect target infrastructure platform and prepare recommended inputs unless they were provided. +3. Prepare variables with all cluster parameters and resources. +4. Execute role `ha_cluster` from Ansible Collection `fedora.linux_system_roles` with prepared inputs. +5. Execute SAP product specific post tasks and verify cluster is running. + + +### Example + +```yaml +--- +- name: Ansible Play for SAP HANA HA Scale-up cluster setup + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_ha_pacemaker_cluster + ansible.builtin.include_role: + name: community.sap_install.sap_ha_pacemaker_cluster + vars: + sap_ha_pacemaker_cluster_cluster_name: clusterhdb + sap_ha_pacemaker_cluster_hacluster_user_password: 'clusterpass' + + sap_ha_pacemaker_cluster_sap_type: saphana_scaleup + sap_ha_pacemaker_cluster_host_type: + - hana_scaleup_perf + + sap_ha_pacemaker_cluster_hana_sid: "H01" + sap_ha_pacemaker_cluster_hana_instance_nr: "01" + + sap_ha_pacemaker_cluster_cluster_nodes: + - node_name: h01hana0 + node_ip: "10.10.10.10" + node_role: primary + hana_site: DC01 + + - node_name: h01hana1 + node_ip: "10.10.10.11" + node_role: secondary + hana_site: DC02 + sap_ha_pacemaker_cluster_replication_type: none + sap_ha_pacemaker_cluster_vip_resource_group_name: viphdb +``` + -## Execution Flow - -The Ansible Role is sequential: -- Validate input Ansible Variables -- Identify host's Infrastructure Platform -- Generate Linux Pacemaker definition for given Infrastructure Platform and SAP Software -- Execute `ha_cluster` Ansible Role with Linux Pacemaker definition -- Instantiate Linux Pacemaker cluster - -## Tips - -Check out the [role variables of the `ha_cluster` Linux System Role](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md) for additional possible settings that can be applied when using the `sap_ha_pacemaker_cluster` role. - -For example:
-Adding `ha_cluster_start_on_boot: false` to disable the automatic start of cluster services on boot. + + -## Sample + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. -Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. +Cluster can be further customized with inputs available from underlying role [ha_cluster](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md), which will take precedence over `sap_ha_pacemaker_cluster` inputs. + ## License - + Apache 2.0 + -## Author Information - -Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions - - - ---- - -## Role Input Parameters +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) +- [Marcel Mamula](https://github.com/marcelmamula) + +## Role Variables + Minimum required parameters for all clusters: - [sap_ha_pacemaker_cluster_hacluster_user_password](#sap_ha_pacemaker_cluster_hacluster_user_password) @@ -142,45 +171,51 @@ Minimum required parameters for all clusters: Additional minimum requirements depend on the type of cluster setup and on the target platform. ### sap_ha_pacemaker_cluster_aws_access_key_id - -- _Type:_ `string` +- _Type:_ `string`
AWS access key to allow control of instances (for example for fencing operations).
-Mandatory for the cluster nodes setup on AWS EC2 instances.
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
+2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
-### sap_ha_pacemaker_cluster_aws_region +### sap_ha_pacemaker_cluster_aws_credentials_setup +- _Type:_ `string`
+ +Set this parameter to 'true' to store AWS credentials into /root/.aws/credentials.
+Requires: `sap_ha_pacemaker_cluster_aws_access_key_id` and `sap_ha_pacemaker_cluster_aws_secret_access_key`
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
-- _Type:_ `string` +### sap_ha_pacemaker_cluster_aws_region +- _Type:_ `string`
The AWS region in which the instances to be used for the cluster setup are located.
Mandatory for cluster nodes setup on AWS EC2 instances.
### sap_ha_pacemaker_cluster_aws_secret_access_key - -- _Type:_ `string` +- _Type:_ `string`
AWS secret key, paired with the access key for instance control.
-Mandatory for the cluster setup on AWS EC2 instances.
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
+2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
### sap_ha_pacemaker_cluster_aws_vip_update_rt - -- _Type:_ `string` +- _Type:_ `string`
List one more routing table IDs for managing Virtual IP failover through routing table changes.
Multiple routing tables must be defined as a comma-separated string (no spaces).
Mandatory for the VIP resource configuration in AWS EC2 environments.
### sap_ha_pacemaker_cluster_cluster_name - -- _Type:_ `string` +- _Type:_ `string`
The name of the pacemaker cluster.
Inherits the `ha_cluster` LSR native parameter `ha_cluster_cluster_name` if not defined.
If not defined, the `ha_cluster` Linux System Role default will be used.
### sap_ha_pacemaker_cluster_cluster_nodes - -- _Type:_ `list` +- _Type:_ `list`
List of cluster nodes and associated attributes to describe the target SAP HA environment.
This is required for the HANA System Replication configuration.
@@ -188,16 +223,16 @@ Synonym for this parameter is `sap_hana_cluster_nodes`.
Mandatory to be defined for HANA clusters.
- **hana_site**
- Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). +Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). - **node_ip**
- IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ +IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ - **node_name**
- Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ +Hostname of the cluster node.
_Optional. Currently not needed/used in cluster configuration._ - **node_role**
- Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ +_Choices:_ `primary, secondary`
+Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ Example: - ```yaml sap_ha_pacemaker_cluster_cluster_nodes: - hana_site: DC01 @@ -206,28 +241,23 @@ sap_ha_pacemaker_cluster_cluster_nodes: node_role: primary - hana_site: DC02 ``` - ### sap_ha_pacemaker_cluster_cluster_properties - -- _Type:_ `dict` -- _Default:_ `{'concurrent-fencing': True, 'stonith-enabled': True, 'stonith-timeout': 900}` +- _Type:_ `dict`
+- _Default:_ `{'concurrent-fencing': True, 'stonith-enabled': True, 'stonith-timeout': 900}`
Standard pacemaker cluster properties are configured with recommended settings for cluster node fencing.
When no STONITH resource is defined, STONITH will be disabled and a warning displayed.
Example: - ```yaml sap_ha_pacemaker_cluster_cluster_properties: concurrent-fencing: true stonith-enabled: true stonith-timeout: 900 ``` - ### sap_ha_pacemaker_cluster_create_config_dest - -- _Type:_ `string` -- _Default:_ `review_resource_config.yml` +- _Type:_ `string`
+- _Default:_ `review_resource_config.yml`
The pacemaker cluster resource configuration optionally created by this role will be saved in a Yaml file in the current working directory.
Requires `sap_ha_pacemaker_cluster_create_config_varfile` to be enabled for generating the output file.
@@ -235,9 +265,8 @@ Specify a path/filename to save the file in a custom location.
The file can be used as input vars file for an Ansible playbook running the 'ha_cluster' Linux System Role.
### sap_ha_pacemaker_cluster_create_config_varfile - -- _Type:_ `bool` -- _Default:_ `False` +- _Type:_ `bool`
+- _Default:_ `False`
When enabled, all cluster configuration parameters this role constructs for executing the 'ha_cluster' Linux System role will be written into a file in Yaml format.
This allows using the output file later as input file for additional custom steps using the 'ha_cluster' role and covering the resource configuration in a cluster that was set up using this 'sap_ha_pacemaker_cluster' role.
@@ -245,51 +274,40 @@ When enabled this parameters file is also created when the playbook is run in ch WARNING! This report may include sensitive details like secrets required for certain cluster resources!
### sap_ha_pacemaker_cluster_enable_cluster_connector - -- _Type:_ `bool` -- _Default:_ `True` +- _Type:_ `bool`
+- _Default:_ `True`
Enables/Disables the SAP HA Interface for SAP ABAP application server instances, also known as `sap_cluster_connector`.
Set this parameter to 'false' if the SAP HA interface should not be installed and configured.
### sap_ha_pacemaker_cluster_extra_packages - -- _Type:_ `list` +- _Type:_ `list`
Additional extra packages to be installed, for instance specific resource packages.
For SAP clusters configured by this role, the relevant standard packages for the target scenario are automatically included.
-### sap_ha_pacemaker_cluster_fence_agent_minimal_packages - -- _Type:_ `list` -- _Default:_ `['fence-agents-all']` - -The minimal set of fence agent packages that will be installed.
- ### sap_ha_pacemaker_cluster_fence_agent_packages - -- _Type:_ `list` +- _Type:_ `list`
Additional fence agent packages to be installed.
-This is automatically combined with `sap_ha_pacemaker_cluster_fence_agent_minimal_packages`.
+This is automatically combined with default packages in:
+`__sap_ha_pacemaker_cluster_fence_agent_packages_minimal`
+`__sap_ha_pacemaker_cluster_fence_agent_packages_platform`
### sap_ha_pacemaker_cluster_gcp_project - -- _Type:_ `string` +- _Type:_ `string`
Google Cloud project name in which the target instances are installed.
Mandatory for the cluster setup on GCP instances.
### sap_ha_pacemaker_cluster_gcp_region_zone - -- _Type:_ `string` +- _Type:_ `string`
Google Cloud Platform region zone ID.
Mandatory for the cluster setup on GCP instances.
### sap_ha_pacemaker_cluster_ha_cluster - -- _Type:_ `dict` +- _Type:_ `dict`
The `ha_cluster` LSR native parameter `ha_cluster` can be used as a synonym.
Optional _**host_vars**_ parameter - if defined it must be set for each node.
@@ -298,7 +316,6 @@ Supported options can be reviewed in the `ha_cluster` Linux System Role [https:/ If not defined, the `ha_cluster` Linux System Role default will be used.
Example: - ```yaml sap_ha_pacemaker_cluster_ha_cluster: corosync_addresses: @@ -306,40 +323,35 @@ sap_ha_pacemaker_cluster_ha_cluster: - 192.168.2.10 node_name: nodeA ``` - ### sap_ha_pacemaker_cluster_hacluster_user_password required - -- _Type:_ `string` +- **Required**
+- _Type:_ `string`
The password of the `hacluster` user which is created during pacemaker installation.
Inherits the value of `ha_cluster_hacluster_password`, when defined.
### sap_ha_pacemaker_cluster_hana_automated_register - -- _Type:_ `bool` -- _Default:_ `True` +- _Type:_ `bool`
+- _Default:_ `True`
Parameter for the 'SAPHana' cluster resource.
Define if a former primary should be re-registered automatically as secondary.
### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name - -- _Type:_ `string` -- _Default:_ `col_saphana_vip__HDB_primary` +- _Type:_ `string`
+- _Default:_ `col_saphana_vip__HDB_primary`
Customize the cluster constraint name for VIP and SAPHana primary clone colocation.
### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name - -- _Type:_ `string` -- _Default:_ `col_saphana_vip__HDB_readonly` +- _Type:_ `string`
+- _Default:_ `col_saphana_vip__HDB_readonly`
Customize the cluster constraint name for VIP and SAPHana secondary clone colocation.
### sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout - -- _Type:_ `int` -- _Default:_ `7200` +- _Type:_ `int`
+- _Default:_ `7200`
Parameter for the 'SAPHana' cluster resource.
Time difference needed between to primary time stamps, if a dual-primary situation occurs.
@@ -347,46 +359,40 @@ If the time difference is less than the time gap, then the cluster holds one or This is to give an admin a chance to react on a failover. A failed former primary will be registered after the time difference is passed.
### sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaFil__HDB` +- _Type:_ `string`
+- _Default:_ `cln_SAPHanaFil__HDB`
Customize the cluster resource name of the SAP HANA Filesystem clone.
### sap_ha_pacemaker_cluster_hana_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaFil__HDB` +- _Type:_ `string`
+- _Default:_ `rsc_SAPHanaFil__HDB`
Customize the cluster resource name of the SAP HANA Filesystem.
### sap_ha_pacemaker_cluster_hana_global_ini_path - -- _Type:_ `string` -- _Default:_ `/usr/sap//SYS/global/hdb/custom/config/global.ini` +- _Type:_ `string`
+- _Default:_ `/usr/sap//SYS/global/hdb/custom/config/global.ini`
Path with location of global.ini for srHook update
### sap_ha_pacemaker_cluster_hana_hook_chksrv - -- _Type:_ `bool` -- _Default:_ `False` +- _Type:_ `bool`
+- _Default:_ `False`
Controls if ChkSrv srHook is enabled during srHook creation.
It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
### sap_ha_pacemaker_cluster_hana_hook_tkover - -- _Type:_ `bool` -- _Default:_ `False` +- _Type:_ `bool`
+- _Default:_ `False`
Controls if TkOver srHook is enabled during srHook creation.
It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
### sap_ha_pacemaker_cluster_hana_hooks - -- _Type:_ `list` -- _Default:_ `[]` +- _Type:_ `list`
+- _Default:_ `[]`
Customize required list of SAP HANA Hooks
Mandatory to include SAPHanaSR srHook in list.
@@ -394,646 +400,771 @@ Mandatory attributes are provider and path.
Example below shows mandatory SAPHanaSR, TkOver and ChkSrv hooks.
Example: - ```yaml sap_ha_pacemaker_cluster_hana_hooks: -- options: - - name: execution_order - value: 1 - path: /usr/share/SAPHanaSR/ - provider: SAPHanaSR -- options: - - name: execution_order - value: 2 - path: /usr/share/SAPHanaSR/ - provider: susTkOver -- options: - - name: execution_order - value: 3 - - name: action_on_lost - value: stop - path: /usr/share/SAPHanaSR/ - provider: susChkSrv + - options: + - name: execution_order + value: 1 + path: /usr/share/SAPHanaSR/ + provider: SAPHanaSR + - options: + - name: execution_order + value: 2 + path: /usr/share/SAPHanaSR/ + provider: susTkOver + - options: + - name: execution_order + value: 3 + - name: action_on_lost + value: stop + path: /usr/share/SAPHanaSR/ + provider: susChkSrv ``` - ### sap_ha_pacemaker_cluster_hana_instance_nr - -- _Type:_ `string` +- _Type:_ `string`
The instance number of the SAP HANA database which this role will configure in the cluster.
Inherits the value of `sap_hana_instance_number`, when defined.
-Mandatory for SAP HANA cluster setups.
+Mandatory for SAP HANA cluster scenarios.
### sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_vip__HDB_primary` +- _Type:_ `string`
+- _Default:_ `ord_saphana_vip__HDB_primary`
Customize the cluster constraint name for VIP and SAPHana primary clone order.
### sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_vip__HDB_readonly` +- _Type:_ `string`
+- _Default:_ `ord_saphana_vip__HDB_readonly`
Customize the cluster constraint name for VIP and SAPHana secondary clone order.
### sap_ha_pacemaker_cluster_hana_order_topology_hana_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_saphanatop__HDB` +- _Type:_ `string`
+- _Default:_ `ord_saphana_saphanatop__HDB`
Customize the cluster constraint name for SAPHana and Topology order.
### sap_ha_pacemaker_cluster_hana_prefer_site_takeover - -- _Type:_ `bool` -- _Default:_ `True` +- _Type:_ `bool`
+- _Default:_ `True`
Parameter for the 'SAPHana' cluster resource.
Set to "false" if the cluster should first attempt to restart the instance on the same node.
When set to "true" (default) a failover to secondary will be initiated on resource failure.
### sap_ha_pacemaker_cluster_hana_resource_clone_msl_name - -- _Type:_ `string` -- _Default:_ `msl_SAPHana__HDB` +- _Type:_ `string`
+- _Default:_ `msl_SAPHana__HDB`
Customize the cluster resource name of the SAP HANA DB resource master slave clone.
-Master Slave clone is specific to SAPHana resource on SUSE.
+Master Slave clone is specific to Classic SAPHana resource on SUSE (non-angi).
### sap_ha_pacemaker_cluster_hana_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHana__HDB` +- _Type:_ `string`
+- _Default:_ `cln_SAPHana__HDB`
Customize the cluster resource name of the SAP HANA DB resource clone.
### sap_ha_pacemaker_cluster_hana_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHana__HDB` +- _Type:_ `string`
+- _Default:_ `rsc_SAPHana__HDB`
Customize the cluster resource name of the SAP HANA DB resource.
### sap_ha_pacemaker_cluster_hana_sid +- _Type:_ `string`
-- _Type:_ `string` - -The SAP HANA SID of the instance that will be configured in the cluster.
+The SAP HANA System ID (SID) of the instance that will be configured in the cluster.
The SID must follow SAP specifications - see SAP Note 1979280.
Inherits the value of `sap_hana_sid`, when defined.
-Mandatory for SAP HANA cluster setups.
+Mandatory for SAP HANA cluster scenarios.
### sap_ha_pacemaker_cluster_hana_topology_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaTop__HDB` +- _Type:_ `string`
+- _Default:_ `cln_SAPHanaTop__HDB`
Customize the cluster resource name of the SAP HANA Topology resource clone.
### sap_ha_pacemaker_cluster_hana_topology_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaTop__HDB` +- _Type:_ `string`
+- _Default:_ `rsc_SAPHanaTop__HDB`
Customize the cluster resource name of the SAP HANA Topology resource.
### sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaCon__HDB` +- _Type:_ `string`
+- _Default:_ `cln_SAPHanaCon__HDB`
Customize the cluster resource name of the SAP HANA Controller clone.
### sap_ha_pacemaker_cluster_hanacontroller_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaCon__HDB` +- _Type:_ `string`
+- _Default:_ `rsc_SAPHanaCon__HDB`
Customize the cluster resource name of the SAP HANA Controller.
-### sap_ha_pacemaker_cluster_host_type +### sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip_health_check__HDB_primary`
+ +Name of the Virtual IP Health Check resource for primary HANA instance.
+ +### sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip_health_check__HDB_readonly`
+ +Name of the Virtual IP Health Check resource for read-only HANA instance.
+ +### sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip_health_check__AAS`
+ +Name of the Virtual IP Health Check resource for NetWeaver AAS.
+ +### sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip_health_check__PAS`
+ +Name of the Virtual IP Health Check resource for NetWeaver PAS.
-- _Type:_ `list` -- _Default:_ `hana_scaleup_perf` +### sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip_health_check__ASCS`
+ +Name of the Virtual IP Health Check resource for NetWeaver ABAP Central Services (ASCS).
+ +### sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip_health_check__ERS`
+ +Name of the Virtual IP Health Check resource for NetWeaver Enqueue Replication Service (ERS).
+ +### sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip_health_check__SCS`
+ +Name of the Virtual IP Health Check resource for NetWeaver Central Services (SCS).
+ +### sap_ha_pacemaker_cluster_host_type +- _Type:_ `list`
+- _Default:_ `hana_scaleup_perf`
+- _Choices:_ `hana_scaleup_perf, nwas_abap_ascs_ers, nwas_java_scs_ers`
The SAP landscape to for which the cluster is to be configured.
The default is a 2-node SAP HANA scale-up cluster.
### sap_ha_pacemaker_cluster_ibmcloud_api_key - -- _Type:_ `string` +- _Type:_ `string`
The API key which is required to allow the control of instances (for example for fencing operations).
Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
### sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type - -- _Type:_ `string` +- _Type:_ `string`
IBM Power Virtual Server API Endpoint type (public or private) dependent on network interface attachments for the target instances.
Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
### sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url - -- _Type:_ `string` +- _Type:_ `string`
IBM Power Virtual Server forward proxy url when IBM Power Virtual Server API Endpoint type is set to private.
When public network interface, can be ignored.
When private network interface, mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
### sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn - -- _Type:_ `string` +- _Type:_ `string`
IBM Power Virtual Server Workspace service cloud resource name (CRN) identifier which contains the target instances
Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
### sap_ha_pacemaker_cluster_ibmcloud_region - -- _Type:_ `string` +- _Type:_ `string`
The IBM Cloud VS region name in which the instances are running.
Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
### sap_ha_pacemaker_cluster_msazure_resource_group - -- _Type:_ `string` +- _Type:_ `string`
Resource group name/ID in which the target instances are defined.
Mandatory for the cluster setup on MS Azure instances.
### sap_ha_pacemaker_cluster_msazure_subscription_id - -- _Type:_ `string` +- _Type:_ `string`
Subscription ID of the MS Azure environment containing the target instances.
Mandatory for the cluster setup on MS Azure instances.
### sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr - -- _Type:_ `string` +- _Type:_ `string`
Instance number of the NetWeaver ABAP AAS instance.
Mandatory for NetWeaver AAS cluster configuration.
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 - -- _Type:_ `bool` -- _Default:_ `False` - -The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2.
-Set this parameter to 'true' to configure it as ENSA1.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount - -- _Type:_ `bool` -- _Default:_ `True` - -Enables preferred method for ASCS ERS ENSA2 clusters - Simple Mount
-Set this parameter to 'true' to configure ENSA2 Simple Mount.
+### sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr +- _Type:_ `string`
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name +Instance number of the NetWeaver ABAP PAS instance.
+Mandatory for NetWeaver PAS cluster configuration.
-- _Type:_ `string` -- _Default:_ `rsc_fs__ASCS` +### sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_fs__ASCS`
Name of the filesystem resource for the ASCS instance.
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness - -- _Type:_ `string` -- _Default:_ `3000` - -NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node it was started on.
+### sap_ha_pacemaker_cluster_nwas_ascs_instance_nr +- _Type:_ `string`
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP ASCS instance.
+Instance number of the NetWeaver ABAP Central Services (ASCS) instance.
Mandatory for NetWeaver ASCS/ERS cluster configuration.
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool - -- _Type:_ `bool` -- _Default:_ `False` +### sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name +- _Type:_ `string`
-NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER".
+The name of the ASCS instance, typically the profile name.
+Mandatory for the NetWeaver ASCS/ERS cluster setup
+Recommended format _ASCS_
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout +### sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_SAPInstance__ASCS`
-- _Type:_ `string` -- _Default:_ `60` +Name of the ASCS instance resource.
-NetWeaver ASCS instance failure-timeout attribute.
-Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
+### sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string +- _Type:_ `string`
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold +The full path and name of the ASCS instance profile.
+Mandatory for the NetWeaver ASCS/ERS cluster setup.
-- _Type:_ `string` -- _Default:_ `1` +### sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_SAPStartSrv__ASCS`
-NetWeaver ASCS instance migration-threshold setting attribute.
-Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
+Name of the ASCS SAPStartSrv resource for simple mount.
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name +### sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name +- _Type:_ `string`
+- _Default:_ `col_ascs_separate_`
-- _Type:_ `string` +Customize the cluster constraint name for ASCS and ERS separation colocation.
-The name of the ASCS instance, typically the profile name.
-Mandatory for the NetWeaver ASCS/ERS cluster setup
-Recommended format _ASCS_.
+### sap_ha_pacemaker_cluster_nwas_colocation_scs_no_ers_name +- _Type:_ `string`
+- _Default:_ `col_ascs_separate_`
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name +Customize the cluster constraint name for SCS and ERS separation colocation.
-- _Type:_ `string` -- _Default:_ `rsc_SAPInstance__ASCS` +### sap_ha_pacemaker_cluster_nwas_cs_ensa1 +- _Type:_ `bool`
+- _Default:_ `False`
-Name of the ASCS instance resource.
+The standard NetWeaver Central Services cluster will be set up as ENSA2.
+Set this parameter to 'true' to configure it as ENSA1.
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness +### sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount +- _Type:_ `bool`
+- _Default:_ `True`
-- _Type:_ `string` -- _Default:_ `5000` +Enables preferred method for Central Services (ASCS or SCS) ENSA2 clusters - Simple Mount.
+Set this parameter to 'true' to configure ENSA2 Simple Mount.
-NetWeaver ASCS instance resource stickiness attribute.
+### sap_ha_pacemaker_cluster_nwas_cs_group_stickiness +- _Type:_ `string`
+- _Default:_ `3000`
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string +NetWeaver Central Services (ASCS and SCS) resource group stickiness.
+Defines how sticky is Central Services group to the node it was started on.
-- _Type:_ `string` +### sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool +- _Type:_ `bool`
+- _Default:_ `False`
-The full path and name of the ASCS instance profile.
-Mandatory for the NetWeaver ASCS/ERS cluster setup.
+NetWeaver Central Services (ASCS and SCS) instance resource option "AUTOMATIC_RECOVER".
-### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name +### sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_failure_timeout +- _Type:_ `string`
+- _Default:_ `60`
-- _Type:_ `string` -- _Default:_ `rsc_SAPStartSrv__ASCS` +NetWeaver Central Services (ASCS and SCS) instance failure-timeout attribute.
+Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_cs_ensa1`). Default setup is ENSA2.
-Name of the ASCS SAPStartSrv resource for simple mount.
+### sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_migration_threshold +- _Type:_ `string`
+- _Default:_ `1`
-### sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name +NetWeaver Central Services (ASCS and SCS) instance migration-threshold setting attribute.
+Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_cs_ensa1`). Default setup is ENSA2.
-- _Type:_ `string` -- _Default:_ `rsc_fs__ERS` +### sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness +- _Type:_ `string`
+- _Default:_ `5000`
-Name of the filesystem resource for the ERS instance.
+NetWeaver Central Services (ASCS and SCS) instance resource stickiness attribute.
-### sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr +### sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_fs__ERS`
-- _Type:_ `string` +Name of the filesystem resource for the ERS instance.
-Instance number of the NetWeaver ABAP ERS instance.
-Mandatory for NetWeaver ASCS/ERS cluster configuration.
+### sap_ha_pacemaker_cluster_nwas_ers_instance_nr +- _Type:_ `string`
-### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool +Instance number of the NetWeaver Enqueue Replication Service (ERS) instance.
+Mandatory for NetWeaver ASCS/ERS and SCS/ERS cluster configuration.
-- _Type:_ `bool` -- _Default:_ `False` +### sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool +- _Type:_ `bool`
+- _Default:_ `False`
NetWeaver ERS instance resource option "AUTOMATIC_RECOVER".
-### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name - -- _Type:_ `string` +### sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name +- _Type:_ `string`
The name of the ERS instance, typically the profile name.
-Mandatory for the NetWeaver ASCS/ERS cluster setup.
+Mandatory for the NetWeaver ASCS/ERS and SCS/ERS clusters.
Recommended format _ERS_.
-### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPInstance__ERS` +### sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_SAPInstance__ERS`
Name of the ERS instance resource.
-### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string - -- _Type:_ `string` +### sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string +- _Type:_ `string`
The full path and name of the ERS instance profile.
-Mandatory for the NetWeaver ASCS/ERS cluster.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name +Mandatory for the NetWeaver ASCS/ERS and SCS/ERS clusters.
-- _Type:_ `string` -- _Default:_ `rsc_SAPStartSrv__ERS` +### sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_SAPStartSrv__ERS`
Name of the ERS SAPstartSrv resource for simple mount.
-### sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr +### sap_ha_pacemaker_cluster_nwas_order_ascs_first_name +- _Type:_ `string`
+- _Default:_ `ord_ascs_first_`
-- _Type:_ `string` +Customize the cluster constraint name for ASCS starting before ERS order.
-Instance number of the NetWeaver ABAP PAS instance.
-Mandatory for NetWeaver PAS cluster configuration.
+### sap_ha_pacemaker_cluster_nwas_order_scs_first_name +- _Type:_ `string`
+- _Default:_ `ord_ascs_first_`
-### sap_ha_pacemaker_cluster_nwas_abap_sid +Customize the cluster constraint name for SCS starting before ERS order.
-- _Type:_ `string` +### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name +- _Type:_ `string`
+- _Default:_ `cln_fs__sapmnt`
-SID of the NetWeaver instances.
-Mandatory for NetWeaver cluster configuration.
-Uses `sap_swpm_sid` if defined.
-Mandatory for NetWeaver cluster setups.
+Filesystem resource clone name for the shared filesystem /sapmnt.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
-### sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name +### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_fs__sapmnt`
-- _Type:_ `string` -- _Default:_ `col_ascs_separate_` +Filesystem resource name for the shared filesystem /sapmnt.
+Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
-Customize the cluster constraint name for ASCS and ERS separation colocation.
+### sap_ha_pacemaker_cluster_nwas_scs_filesystem_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_fs__SCS`
-### sap_ha_pacemaker_cluster_nwas_order_ascs_first_name +Name of the filesystem resource for the SCS instance.
-- _Type:_ `string` -- _Default:_ `ord_ascs_first_` +### sap_ha_pacemaker_cluster_nwas_scs_instance_nr +- _Type:_ `string`
-Customize the cluster constraint name for ASCS starting before ERS order.
+Instance number of the NetWeaver Central Services (SCS) instance.
+Mandatory for NetWeaver SCS/ERS cluster configuration.
-### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name +### sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name +- _Type:_ `string`
-- _Type:_ `string` -- _Default:_ `cln_fs__sapmnt` +The name of the SCS instance, typically the profile name.
+Mandatory for the NetWeaver SCS/ERS cluster setup
+Recommended format _SCS_
-Filesystem resource clone name for the shared filesystem /sapmnt.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+### sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_SAPInstance__SCS`
-### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name +Name of the SCS instance resource.
-- _Type:_ `string` -- _Default:_ `rsc_fs__sapmnt` +### sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string +- _Type:_ `string`
-Filesystem resource name for the shared filesystem /sapmnt.
-Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+The full path and name of the SCS instance profile.
+Mandatory for the NetWeaver SCS/ERS cluster setup.
-### sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed +### sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_SAPStartSrv__SCS`
-- _Type:_ `bool` -- _Default:_ `False` +Name of the SCS SAPStartSrv resource for simple mount.
+ +### sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed +- _Type:_ `bool`
+- _Default:_ `False`
Change this parameter to 'true' if the 3 shared filesystems `/usr/sap/trans`, `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources.
-### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name +### sap_ha_pacemaker_cluster_nwas_sid +- _Type:_ `string`
+ +System ID (SID) of the NetWeaver instances in Capital letters.
+Defaults to `sap_swpm_sid` if defined.
+Mandatory for NetWeaver cluster scenarios.
-- _Type:_ `string` -- _Default:_ `cln_fs__sys` +### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name +- _Type:_ `string`
+- _Default:_ `cln_fs__sys`
Filesystem resource clone name for the shared filesystem /usr/sap//SYS.
Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__sys` +- _Type:_ `string`
+- _Default:_ `rsc_fs__sys`
Filesystem resource name for the transports filesystem /usr/sap//SYS.
Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_fs__trans` +- _Type:_ `string`
+- _Default:_ `cln_fs__trans`
Filesystem resource clone name for the shared filesystem /usr/sap/trans.
Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__trans` +- _Type:_ `string`
+- _Default:_ `rsc_fs__trans`
Filesystem resource name for the transports filesystem /usr/sap/trans.
Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
### sap_ha_pacemaker_cluster_operation_defaults - -- _Type:_ `dict` -- _Default:_ `{'record-pending': True, 'timeout': 600}` +- _Type:_ `dict`
+- _Default:_ `{'record-pending': True, 'timeout': 600}`
Set default operation parameters that will be valid for all pacemaker resources.
Example: - ```yaml sap_ha_pacemaker_cluster_operation_defaults: record-pending: true timeout: 600 ``` - ### sap_ha_pacemaker_cluster_resource_defaults - -- _Type:_ `dict` -- _Default:_ `{'migration-threshold': 5000, 'resource-stickiness': 3000}` +- _Type:_ `dict`
+- _Default:_ `{'migration-threshold': 5000, 'resource-stickiness': 3000}`
Set default parameters that will be valid for all pacemaker resources.
Example: - ```yaml sap_ha_pacemaker_cluster_resource_defaults: migration-threshold: 5000 resource-stickiness: 1000 ``` +### sap_ha_pacemaker_cluster_saphanasr_angi_detection +- _Type:_ `string`
+- _Default:_ `True`
-### sap_ha_pacemaker_cluster_stonith_custom +Disabling this variable enables to use Classic SAPHanaSR agents even on server, with SAPHanaSR-angi is available.
+ +### sap_ha_pacemaker_cluster_sbd_devices +- _Type:_ `list`
+ +Required if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of block devices for Stonith SBD agent
+ +Example: +```yaml +sap_ha_pacemaker_cluster_sbd_devices: + - /dev/disk/by-id/scsi-3600 +``` +### sap_ha_pacemaker_cluster_sbd_enabled +- _Type:_ `bool`
+ +Set this parameter to 'true' to enable workflow to add Stonith SBD resource.
+Stonith SBD resource has to be provided as part of `sap_ha_pacemaker_cluster_stonith_custom`.
+Default SBD agents are: stonith:external/sbd for SLES and stonith:fence_sbd for RHEL
+ +Example: +```yaml +sap_ha_pacemaker_cluster_sbd_devices: + - /dev/disk/by-id/scsi-3600 +sap_ha_pacemaker_cluster_sbd_enabled: true +sap_ha_pacemaker_cluster_stonith_custom: + - agent: stonith:external/sbd + id: stonith_sbd + instance_attrs: + - attrs: + - name: pcmk_delay_max + value: 15 +``` +### sap_ha_pacemaker_cluster_sbd_options +- _Type:_ `list`
+ +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of SBD specific options that are added into SBD configuration file.
+ +Example: +```yaml +sap_ha_pacemaker_cluster_sbd_options: + - name: startmode + value: clean +``` +### sap_ha_pacemaker_cluster_sbd_watchdog +- _Type:_ `str`
+- _Default:_ `/dev/watchdog`
+ +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide watchdog name to override default /dev/watchdog
-- _Type:_ `list` +### sap_ha_pacemaker_cluster_sbd_watchdog_modules +- _Type:_ `list`
+ +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of watchdog kernel modules to be loaded (creates /dev/watchdog* devices).
+ +Example: +```yaml +sap_ha_pacemaker_cluster_sbd_watchdog_modules: + - softdog +``` +### sap_ha_pacemaker_cluster_stonith_custom +- _Type:_ `list`
Custom list of STONITH resource(s) to be configured in the cluster.
This definition override any defaults the role would apply otherwise.
+Definition follows structure of ha_cluster_resource_primitives in linux-system-roles/ha_cluster
- **agent**
- Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. +**Required**
+_Type:_ `str`
+Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. +- **id**
+_Type:_ `str`
+Parameter `id` is required.
Name that will be used as the resource ID (name). +- **instance_attrs**
+_Type:_ `list`
+Defines resource agent params as list of name/value pairs.
Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail.
Example: stonith:fence_sbd agent requires devices option with list of SBD disks.
Example: stonith:external/sbd agent does not require devices option, but `sap_ha_pacemaker_cluster_sbd_devices`. +- **meta_attrs**
+_Type:_ `list`
+Defines meta attributes as list of name/value pairs. - **name**
- Name that will be used as the resource ID (name). +_Type:_ `str`
+WARNING! This option will be removed in future release. +- **operations**
+_Type:_ `list`
+Defines list of resource agent operations. - **options**
- The resource options listed in dictionary format, one option per line.
Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail. +_Type:_ `dict`
+WARNING! This option will be removed in future release. Example: - ```yaml sap_ha_pacemaker_cluster_stonith_custom: -- agent: stonith:fence_rhevm - name: my-fence-resource - options: - ip: rhevm-server - password: login-user-password - pcmk_host_list: node1,node2 - power_wait: 3 - username: login-user + - agent: stonith:fence_rhevm + id: my-fence-resource + instance_attrs: + - attrs: + - name: ip + value: rhevm-server + - name: username + value: login-user + - name: password + value: login-user-password + - name: pcmk_host_list + value: node1,node2 + - name: power_wait + value: 3 + meta_attrs: + - attrs: + - name: target-role + value: Started + operations: + - action: start + attrs: + - name: interval + value: 0 + - name: timeout + value: 180 ``` - ### sap_ha_pacemaker_cluster_storage_definition - -- _Type:_ `list` +- _Type:_ `list`
List of filesystem definitions used for filesystem cluster resources.
Options relevant, see example.
-Mandatory for SAP NetWeaver HA cluster configurations.
+Mandatory for SAP NetWeaver cluster without Simple Mount.
Reuse `sap_storage_setup_definition` if defined.
Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'.
Reuse `sap_storage_setup_definition` all options are documented under Ansible Role `sap_storage_setup`.
Note! For this variable, the argument specification does not list options, to avoid errors during reuse of `sap_storage_setup_definition` if defined.
Example: - ```yaml sap_ha_pacemaker_cluster_storage_definition: -- mountpoint: /usr/sap - name: usr_sap - nfs_path: /usr/sap - nfs_server: nfs-server.example.com:/ -- mountpoint: /usr/sap/trans - name: usr_sap_trans - nfs_path: /usr/sap/trans - nfs_server: nfs-server.example.com:/ -- mountpoint: /sapmnt - name: sapmnt - nfs_filesystem_type: nfs - nfs_mount_options: defaults - nfs_path: /sapmnt - nfs_server: nfs-server.example.com:/ + - mountpoint: /usr/sap + name: usr_sap + nfs_path: /usr/sap + nfs_server: nfs-server.example.com:/ + - mountpoint: /usr/sap/trans + name: usr_sap_trans + nfs_path: /usr/sap/trans + nfs_server: nfs-server.example.com:/ + - mountpoint: /sapmnt + name: sapmnt + nfs_filesystem_type: nfs + nfs_mount_options: defaults + nfs_path: /sapmnt + nfs_server: nfs-server.example.com:/ ``` - -### sap_ha_pacemaker_cluster_storage_nfs_filesytem_type - -- _Type:_ `string` -- _Default:_ `nfs` +### sap_ha_pacemaker_cluster_storage_nfs_filesystem_type +- _Type:_ `string`
+- _Default:_ `nfs`
Filesystem type of the NFS filesystems that are part of the cluster configuration.
### sap_ha_pacemaker_cluster_storage_nfs_mount_options - -- _Type:_ `string` -- _Default:_ `defaults` +- _Type:_ `string`
+- _Default:_ `defaults`
Mount options of the NFS filesystems that are part of the cluster configuration.
### sap_ha_pacemaker_cluster_storage_nfs_server - -- _Type:_ `string` +- _Type:_ `string`
Default address of the NFS server, if not defined individually by filesystem.
### sap_ha_pacemaker_cluster_system_roles_collection - -- _Type:_ `string` -- _Default:_ `fedora.linux_system_roles` +- _Type:_ `string`
+- _Default:_ `fedora.linux_system_roles`
Reference to the Ansible Collection used for the Linux System Roles.
For community/upstream, use 'fedora.linux_system_roles'.
For RHEL System Roles for SAP, or Red Hat Automation Hub, use 'redhat.rhel_system_roles'.
### sap_ha_pacemaker_cluster_vip_client_interface - -- _Type:_ `string` +- _Type:_ `string`
OS device name of the network interface to use for the Virtual IP configuration.
When there is only one interface on the system, its name will be used by default.
### sap_ha_pacemaker_cluster_vip_hana_primary_ip_address - -- _Type:_ `string` +- _Type:_ `string`
The virtual IP of the primary HANA instance.
Mandatory parameter for HANA clusters.
### sap_ha_pacemaker_cluster_vip_hana_primary_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip__HDB_primary`
-- _Type:_ `string` -- _Default:_ `rsc_vip__HDB_primary` - -Customize the name of the resource managing the Virtual IP of the primary HANA instance.
+Name of the Virtual IP resource for primary HANA instance.
### sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address - -- _Type:_ `string` +- _Type:_ `string`
The virtual IP for read-only access to the secondary HANA instance.
Optional parameter in HANA clusters.
-### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address +### sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip__HDB_readonly`
+ +Name of the Virtual IP resource for read-only HANA instance.
-- _Type:_ `string` +### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address +- _Type:_ `string`
Virtual IP of the NetWeaver AAS instance.
Mandatory for NetWeaver AAS cluster setup.
### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip__AAS`
-- _Type:_ `string` -- _Default:_ `rsc_vip__AAS` - -Name of the SAPInstance resource for NetWeaver AAS.
+Name of the Virtual IP resource for NetWeaver AAS.
-### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address - -- _Type:_ `string` +### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address +- _Type:_ `string`
-Virtual IP of the NetWeaver ASCS instance.
-Mandatory for NetWeaver ASCS/ERS cluster setup.
+Virtual IP of the NetWeaver PAS instance.
+Mandatory for NetWeaver PAS cluster setup.
-### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name +### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip__PAS`
-- _Type:_ `string` -- _Default:_ `grp__ASCS` +Name of the Virtual IP resource for NetWeaver PAS.
-Name of the NetWeaver ASCS resource group.
+### sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address +- _Type:_ `string`
-### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name +Virtual IP of the NetWeaver ABAP Central Services (ASCS) instance.
+Mandatory for NetWeaver ASCS/ERS cluster setup.
-- _Type:_ `string` -- _Default:_ `rsc_vip__ASCS` +### sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name +- _Type:_ `string`
+- _Default:_ `grp__ASCS`
-Name of the SAPInstance resource for NetWeaver ASCS.
+Name of the NetWeaver ASCS resource group.
-### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address +### sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip__ASCS`
-- _Type:_ `string` +Name of the Virtual IP resource for NetWeaver ABAP Central Services (ASCS).
-Virtual IP of the NetWeaver ERS instance.
-Mandatory for NetWeaver ASCS/ERS cluster setup.
+### sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address +- _Type:_ `string`
-### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name +Virtual IP of the NetWeaver Enqueue Replication Service (ERS) instance.
+Mandatory for NetWeaver ASCS/ERS and SCS/ERS cluster setup.
-- _Type:_ `string` -- _Default:_ `grp__ERS` +### sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name +- _Type:_ `string`
+- _Default:_ `grp__ERS`
Name of the NetWeaver ERS resource group.
-### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__ERS` +### sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip__ERS`
-Name of the SAPInstance resource for NetWeaver ERS.
+Name of the Virtual IP resource for NetWeaver Enqueue Replication Service (ERS).
-### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver PAS instance.
-Mandatory for NetWeaver PAS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name +### sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address +- _Type:_ `string`
-- _Type:_ `string` -- _Default:_ `rsc_vip__PAS` +Virtual IP of the NetWeaver Central Services (SCS) instance.
+Mandatory for NetWeaver SCS/ERS cluster setup.
-Name of the SAPInstance resource for NetWeaver PAS.
+### sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name +- _Type:_ `string`
+- _Default:_ `grp__SCS`
-### sap_ha_pacemaker_cluster_vip_secondary_resource_name +Name of the NetWeaver SCS resource group.
-- _Type:_ `string` -- _Default:_ `rsc_vip__HDB_readonly` +### sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name +- _Type:_ `string`
+- _Default:_ `rsc_vip__SCS`
-Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
+Name of the Virtual IP resource for NetWeaver Central Services (SCS).
- + diff --git a/roles/sap_ha_pacemaker_cluster/defaults/main.yml b/roles/sap_ha_pacemaker_cluster/defaults/main.yml index a6ddb9cc9..7947b0afe 100644 --- a/roles/sap_ha_pacemaker_cluster/defaults/main.yml +++ b/roles/sap_ha_pacemaker_cluster/defaults/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ################################################################################ # Role generic parameters @@ -28,7 +29,7 @@ sap_ha_pacemaker_cluster_create_config_dest: "review_resource_config.yml" # This variable is currently only required for HANA nodes to define # - hana_site: # Other options are needed in the separate HSR setup role. -sap_ha_pacemaker_cluster_cluster_nodes: "{{ sap_hana_cluster_nodes | default([]) }}" +sap_ha_pacemaker_cluster_cluster_nodes: "{{ sap_hana_cluster_nodes | d([]) }}" # Resource defaults are defined differently by cluster type in different tasks, if not custom defined. sap_ha_pacemaker_cluster_resource_defaults: {} @@ -43,12 +44,11 @@ sap_ha_pacemaker_cluster_operation_defaults: {} # hana_scaleout (not yet) # nwas_abap_ascs_ers (available) # nwas_abap_pas_aas (not yet) -# nwas_java_scs_ers (maybe) +# nwas_java_scs_ers (available) # 'sap_ha_pacemaker_cluster_host_type' is converted from string to list type in # 'tasks/ascertain_sap_landscape.yml'. -# TODO: review with testers, updated arg specs now require it to be a list from the start -sap_ha_pacemaker_cluster_host_type: "{{ sap_host_type | default(['hana_scaleup_perf']) }}" +sap_ha_pacemaker_cluster_host_type: "{{ sap_host_type | d(['hana_scaleup_perf']) }}" ### VIP resource default patterns sap_ha_pacemaker_cluster_vip_client_interface: '' @@ -97,11 +97,8 @@ sap_ha_pacemaker_cluster_hacluster_user_password: "{{ ha_cluster_hacluster_passw # HANA ################################################################################ -sap_ha_pacemaker_cluster_hana_sid: "{{ sap_hana_sid | default('') }}" -# Keeping 'sap_ha_pacemaker_cluster_hana_instance_number' for the time being for backwards compatibility. -sap_ha_pacemaker_cluster_hana_instance_nr: >- - {{ sap_ha_pacemaker_cluster_hana_instance_number - | default(sap_hana_instance_number) | default('') }} +sap_ha_pacemaker_cluster_hana_sid: '' # Mandatory System ID in capital letters +sap_ha_pacemaker_cluster_hana_instance_nr: '' # Mandatory instance number in string format # Optional parameters to customize SAPHana resources # AUTOMATED_REGISTER @@ -112,60 +109,37 @@ sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout: 7200 sap_ha_pacemaker_cluster_hana_prefer_site_takeover: true # SAP HANA - Resource IDs (names) as convenience parameters. -sap_ha_pacemaker_cluster_hana_resource_name: >- - rsc_SAPHana_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} -sap_ha_pacemaker_cluster_hana_resource_clone_name: >- - cln_SAPHana_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} -# Master slave clone for SAPHanaSR on SLES <15.6 -sap_ha_pacemaker_cluster_hana_resource_clone_msl_name: >- - msl_SAPHana_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} -# SAPHanaController resource in SAPHanaSR-angi -sap_ha_pacemaker_cluster_hanacontroller_resource_name: >- - rsc_SAPHanaCon_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} -sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name: >- - mst_SAPHanaCon_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} - -sap_ha_pacemaker_cluster_hana_topology_resource_name: >- - rsc_SAPHanaTop_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} -sap_ha_pacemaker_cluster_hana_topology_resource_clone_name: >- - cln_SAPHanaTop_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} - -sap_ha_pacemaker_cluster_hana_filesystem_resource_name: >- - rsc_SAPHanaFil_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} -sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name: >- - cln_SAPHanaFil_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} +sap_ha_pacemaker_cluster_hana_resource_name: '' # Default: rsc_SAPHana__HDB +sap_ha_pacemaker_cluster_hana_resource_clone_name: '' # Default: cln_SAPHana__HDB +sap_ha_pacemaker_cluster_hana_resource_clone_msl_name: '' # Default: msl_SAPHana__HDB +sap_ha_pacemaker_cluster_hanacontroller_resource_name: '' # Default: rsc_SAPHanaCon__HDB +sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name: '' # Default: cln_SAPHanaCon__HDB +sap_ha_pacemaker_cluster_hana_topology_resource_name: '' # Default: rsc_SAPHanaTop__HDB +sap_ha_pacemaker_cluster_hana_topology_resource_clone_name: '' # Default: cln_SAPHanaTop__HDB +sap_ha_pacemaker_cluster_hana_filesystem_resource_name: '' # Default: rsc_SAPHanaFil__HDB +sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name: '' # Default: cln_SAPHanaFil__HDB # SAP HANA - Constraint names -sap_ha_pacemaker_cluster_hana_order_topology_hana_name: >- - ord_saphana_saphanatop_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }} - -sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name: >- - col_saphana_vip_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }}_primary -sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name: >- - col_saphana_vip_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }}_readonly - -sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name: >- - ord_saphana_vip_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }}_primary -sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name: >- - ord_saphana_vip_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }}_readonly +sap_ha_pacemaker_cluster_hana_order_topology_hana_name: '' # Default: ord_saphana_saphanatop__HDB +sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name: '' # Default: col_saphana_vip__HDB_primary +sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name: '' # Default: col_saphana_vip__HDB_readonly +sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name: '' # Default: ord_saphana_vip__HDB_primary +sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name: '' # Default: ord_saphana_vip__HDB_readonly # Multiple VIP parameters can be defined and will be combined. # See tasks/include_construct_vip_resources.yml # # Mandatory: primary VIP address definition in HANA scale-up clusters sap_ha_pacemaker_cluster_vip_hana_primary_ip_address: '' -sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: >- - rsc_vip_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }}_primary +sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: '' # Default: rsc_vip__HDB_primary +sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name: '' # Default: rsc_vip_health_check__HDB_primary + sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address: '' -sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name: >- - rsc_vip_{{ sap_ha_pacemaker_cluster_hana_sid }}_HDB{{ sap_ha_pacemaker_cluster_hana_instance_nr }}_readonly +sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name: '' # Default: rsc_vip__HDB_readonly +sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name: '' # Default: rsc_vip_health_check__HDB_readonly -sap_ha_pacemaker_cluster_healthcheck_hana_primary_id: "{{ sap_ha_pacemaker_cluster_hana_sid + 'prim' }}" -sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id: "{{ sap_ha_pacemaker_cluster_hana_sid + 'ro' }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid + 'ascs' }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid + 'ers' }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid + 'pas' }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid + 'aas' }}" +sap_ha_pacemaker_cluster_healthcheck_hana_primary_id: '' # Default: prim +sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id: '' # Default: ro # Optional dictionary with custom list of HANA Hooks for replication sap_ha_pacemaker_cluster_hana_hooks: [] @@ -175,8 +149,10 @@ sap_ha_pacemaker_cluster_hana_hook_tkover: false sap_ha_pacemaker_cluster_hana_hook_chksrv: false # SAP Hana global.ini path calculated from SID -sap_ha_pacemaker_cluster_hana_global_ini_path: "/usr/sap/{{ - sap_ha_pacemaker_cluster_hana_sid | upper }}/SYS/global/hdb/custom/config/global.ini" +sap_ha_pacemaker_cluster_hana_global_ini_path: '' # Default: /usr/sap//SYS/global/hdb/custom/config/global.ini + +# Disable auto-detection of SAPHanaSR-angi package and use Classic +sap_ha_pacemaker_cluster_saphanasr_angi_detection: true ################################################################################ # NetWeaver generic definitions @@ -184,30 +160,30 @@ sap_ha_pacemaker_cluster_hana_global_ini_path: "/usr/sap/{{ # Default will be ENSA2. To configure HA resources for ENSA1, # set this parameter to 'true'. -sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1: false +sap_ha_pacemaker_cluster_nwas_cs_ensa1: false # Enable ENSA2 simple mount configuration -sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount: true +sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount: true # Enable/Disable sap_cluster_connector. # Ref.: https://access.redhat.com/solutions/3606101 sap_ha_pacemaker_cluster_enable_cluster_connector: true -# Inherit common synonym NetWeaver parameters when defined. -sap_ha_pacemaker_cluster_nwas_abap_sid: "{{ sap_swpm_sid | default('') }}" -sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr: "{{ sap_swpm_ascs_instance_nr | default('') }}" -sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr: "{{ sap_swpm_ers_instance_nr | default('') }}" -sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr: "{{ sap_swpm_pas_instance_nr | default('') }}" -sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr: "{{ sap_swpm_aas_instance_nr | default('') }}" -# Prepare in case JAVA SCS/ERS will be included later. -# sap_ha_pacemaker_cluster_nwas_java_scs_instance_nr: "{{ sap_swpm_java_scs_instance_nr | default('') }}" -# sap_ha_pacemaker_cluster_nwas_java_ers_instance_nr: "{{ sap_swpm_java_ers_instance_nr | default('') }}" +# SAP Netweaver instance details +sap_ha_pacemaker_cluster_nwas_sid: '' # Mandatory System ID in capital letters for Netweaver scenarios +sap_ha_pacemaker_cluster_nwas_ascs_instance_nr: '' # Mandatory instance number for ASCS/ERS +sap_ha_pacemaker_cluster_nwas_scs_instance_nr: '' # Mandatory instance number for SCS/ERS +sap_ha_pacemaker_cluster_nwas_ers_instance_nr: '' # Mandatory instance number for ASCS/ERS and SCS/ERS +# TODO: Differentiate between ABAP and JAVA (Dxx vs Jxx) once supported +sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr: '' # Mandatory instance number for PAS/AAS +sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr: '' # Mandatory instance number for PAS/AAS + # Definitions for filesystems resources. Currently limited to NFS filesystems. -sap_ha_pacemaker_cluster_storage_definition: "{{ sap_storage_setup_definition | default([]) }}" -sap_ha_pacemaker_cluster_storage_nfs_filesytem_type: nfs +sap_ha_pacemaker_cluster_storage_definition: "{{ sap_storage_setup_definition | d([]) }}" +sap_ha_pacemaker_cluster_storage_nfs_filesystem_type: nfs sap_ha_pacemaker_cluster_storage_nfs_mount_options: 'defaults' -sap_ha_pacemaker_cluster_storage_nfs_server: "{{ sap_storage_nfs_server | default('') }}" +sap_ha_pacemaker_cluster_storage_nfs_server: "{{ sap_storage_nfs_server | d('') }}" # NFS filesystem resource requirement # Not adding to argument_specs because this should not be changed anyway. @@ -217,137 +193,124 @@ sap_ha_pacemaker_cluster_resource_filesystem_force_unmount: safe # Multiple VIP parameters can be defined and will be combined. # See tasks/include_construct_vip_resources.yml -sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address: '' -sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name: >- - rsc_vip_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address: '' -sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name: >- - rsc_vip_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} +sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address: '' +sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name: '' # Default rsc_vip__ASCS +sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name: '' # Default: rsc_vip_health_check__ASCS + +sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address: '' +sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name: '' # Default: rsc_vip__SCS +sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name: '' # Default: rsc_vip_health_check__SCS + +sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address: '' +sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name: '' # Default: rsc_vip__ERS +sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name: '' # Default: rsc_vip_health_check__ERS + sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address: '' -sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: >- - rsc_vip_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_PAS{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }} +sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: '' # Default: rsc_vip__PAS +sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name: '' # Default: rsc_vip_health_check__PAS + sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address: '' -sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: >- - rsc_vip_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_AAS{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }} +sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: '' # Default: rsc_vip__AAS +sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name: '' # Default: rsc_vip_health_check__AAS +sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id: '' +sap_ha_pacemaker_cluster_healthcheck_nwas_scs_id: '' +sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id: '' +sap_ha_pacemaker_cluster_healthcheck_nwas_pas_id: '' +sap_ha_pacemaker_cluster_healthcheck_nwas_aas_id: '' # SAP NetWeaver common - Resource IDs (names) as convenience parameters # for the following filesystems: # - /sapmnt # - /usr/sap/trans # - /usr/sap/<>/SYS -sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name: >- - rsc_fs_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_sapmnt -sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name: >- - cln_fs_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_sapmnt +sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name: '' # Default: rsc_fs__sapmnt +sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name: '' # Default: cln_fs__sapmnt -sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name: >- - rsc_fs_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_trans -sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name: >- - cln_fs_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_trans +sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name: '' # Default: rsc_fs__trans +sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name: '' # Default: cln_fs__trans -sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name: >- - rsc_fs_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_sys -sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name: >- - cln_fs_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_sys +sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name: '' # Default: rsc_fs__sys +sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name: '' # Default: cln_fs__sys # The shared filesystems are not required to be configured in the cluster. # By default it is assumed that they are mounted by the system and available on all cluster nodes. # Set this parameter to "true" to configure the 3 shared filesystems as part of the cluster. sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed: false + ################################################################################ -# ASCS resource defaults +# ASCS and SCS shared resource defaults ################################################################################ -# Name of the instance profile - mandatory to be user-defined -sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name: '' -# Full path with instance profile name - mandatory to be user-defined -sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string: '' +# TODO: Remove backwards compatibility to nwas_abap_ascs +sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool | d(false) }}" +sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness | d(5000) }}" +sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_migration_threshold: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold | d(1) }}" +sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_failure_timeout: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout | d(60) }}" +sap_ha_pacemaker_cluster_nwas_cs_group_stickiness: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness | d(3000) }}" -# SAP NetWeaver ABAP ASCS/ERS - Resource IDs (names) as convenience parameters. -# - /usr/sap/<>/ASCS<> -# - /usr/sap/<>/ERS<> -sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name: >- - rsc_fs_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name: >- - rsc_SAPInstance_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name: >- - rsc_SAPStartSrv_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} +################################################################################ +# ASCS resource defaults +################################################################################ -sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name: >- - grp_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} +sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name: '' # Mandatory name of instance profile +sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string: '' # Full path of instance profile -sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name: >- - col_ascs_separate_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }} +sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name: '' # Default: rsc_fs__ASCS +sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name: '' # Default: rsc_SAPInstance__ASCS +sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name: '' # Default: rsc_SAPStartSrv__ASCS -sap_ha_pacemaker_cluster_nwas_order_ascs_first_name: >- - ord_ascs_first_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }} +sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name: '' # Default: grp__ASCS -sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool: false -sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness: 5000 -sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold: 1 -sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout: 60 +sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name: '' # Default: col_ascs_separate_ +sap_ha_pacemaker_cluster_nwas_order_ascs_first_name: '' # Default: ord_ascs_first_ -# Stickiness of the ASCS group -sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness: 3000 ################################################################################ -# ERS resource defaults +# SCS resource defaults ################################################################################ -# Name of the instance profile - mandatory to be user-defined -sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name: '' +sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name: '' # Mandatory name of instance profile +sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string: '' # Full path of instance profile -# Full path with instance profile name - mandatory to be user-defined -sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string: '' +sap_ha_pacemaker_cluster_nwas_scs_filesystem_resource_name: '' # Default: rsc_fs__SCS +sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name: '' # Default: rsc_SAPInstance__SCS +sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name: '' # Default: rsc_SAPStartSrv__SCS -# SAP NetWeaver ABAP ERS - Resource IDs (names) as convenience parameters. -sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name: >- - rsc_fs_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name: >- - rsc_SAPInstance_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name: >- - rsc_SAPStartSrv_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool: false +sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name: '' # Default: grp__SCS -sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name: >- - grp_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} +sap_ha_pacemaker_cluster_nwas_colocation_scs_no_ers_name: '' # Default: col_ascs_separate_ +sap_ha_pacemaker_cluster_nwas_order_scs_first_name: '' # Default: ord_ascs_first_ ################################################################################ -# PAS/AAS resource defaults +# ERS resource defaults ################################################################################ -# SAP NetWeaver ABAP PAS/AAS - Resource IDs (names) as convenience parameters. -# - /usr/sap/<>/D<> -# sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_resource_name: > -# "Filesystem_NWAS_ABAP_PAS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" -# sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_resource_name: > -# "SAPInstance_NWAS_ABAP_PAS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" -# sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_resource_name: > -# "Filesystem_NWAS_ABAP_AAS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" -# sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_resource_name: > -# "SAPInstance_NWAS_ABAP_AAS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" + +sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name: '' # Mandatory name of instance profile +sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string: '' # Full path of instance profile + +sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name: '' # Default: rsc_fs__ERS +sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name: '' # Default: rsc_SAPInstance__ERS +sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name: '' # Default: rsc_SAPStartSrv__ERS +sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name: '' # Default: grp__ERS + +sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool: false ################################################################################ -# JAVA SCS/ERS resource defaults +# PAS/AAS resource defaults ################################################################################ -# SAP NetWeaver JAVA SCS/ERS - Resource IDs (names) as convenience parameters. -# - /usr/sap/<>/SCS<> -# - /usr/sap/<>/ERS<> -# sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_resource_name: > -# "Filesytem_NWAS_JAVA_SCS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_java_scs_instance_nr }}" -# sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_name: > -# "SAPInstance_NWAS_JAVA_SCS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_java_scs_instance_nr }}" -# sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_clone_name: > -# "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}-clone" -# sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_resource_name: > -# "Filesytem_NWAS_JAVA_ERS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_java_ers_instance_nr }}" -# sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_name: > -# "SAPInstance_NWAS_JAVA_ERS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_java_ers_instance_nr }}" -# sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_clone_name: > -# "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name }}-clone" +# sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_resource_name: '' +# sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_resource_name: '' +# sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_resource_name: '' +# sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_resource_name: '' ################################################################################ @@ -361,6 +324,7 @@ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name: >- # sap_ha_pacemaker_cluster_aws_access_key_id # sap_ha_pacemaker_cluster_aws_secret_access_key # sap_ha_pacemaker_cluster_aws_region +# sap_ha_pacemaker_cluster_aws_credentials_setup: false ## Google Cloud platform, Compute Engine Virtual Machines # sap_ha_pacemaker_cluster_gcp_project diff --git a/roles/sap_ha_pacemaker_cluster/handlers/main.yml b/roles/sap_ha_pacemaker_cluster/handlers/main.yml index 7abbf7fc0..22db7dda0 100644 --- a/roles/sap_ha_pacemaker_cluster/handlers/main.yml +++ b/roles/sap_ha_pacemaker_cluster/handlers/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "Reload systemd daemon" ansible.builtin.systemd_service: diff --git a/roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml b/roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml index 88883f8a1..0c55ad7b3 100644 --- a/roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml +++ b/roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requires: ansible 2.11 # Argument specifications in this separate file maintain backwards compatibility. @@ -78,7 +79,7 @@ argument_specs: - _Optional. Currently not needed/used in cluster configuration._ node_name: description: - - Name of the cluster node, should match the remote systems' hostnames. + - Hostname of the cluster node. - _Optional. Currently not needed/used in cluster configuration._ node_role: choices: @@ -101,12 +102,6 @@ argument_specs: node_ip: 192.168.5.1 - hana_site: DC02 - sap_ha_pacemaker_cluster_fence_agent_minimal_packages: - type: list - default: ['fence-agents-all'] - description: - - The minimal set of fence agent packages that will be installed. - sap_ha_pacemaker_cluster_resource_defaults: type: dict default: @@ -140,7 +135,7 @@ argument_specs: # - hana_scaleout - nwas_abap_ascs_ers # - nwas_abap_pas_aas -# - nwas_java_scs_ers + - nwas_java_scs_ers default: hana_scaleup_perf description: - The SAP landscape to for which the cluster is to be configured. @@ -165,33 +160,138 @@ argument_specs: description: - Custom list of STONITH resource(s) to be configured in the cluster. - This definition override any defaults the role would apply otherwise. + - Definition follows structure of ha_cluster_resource_primitives in linux-system-roles/ha_cluster elements: dict options: - name: + id: + type: str description: + - Parameter `id` is required. - Name that will be used as the resource ID (name). - required: true + # TODO: Enable to remove Tech debt after name and options are removed! + # required: true agent: + type: str description: - Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. required: true - options: + instance_attrs: + type: list description: - - The resource options listed in dictionary format, one option per line. + - Defines resource agent params as list of name/value pairs. - Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail. - required: true + - "Example: stonith:fence_sbd agent requires devices option with list of SBD disks." + - "Example: stonith:external/sbd agent does not require devices option, but `sap_ha_pacemaker_cluster_sbd_devices`." + operations: + type: list + description: + - Defines list of resource agent operations. + action: + description: + - Name of resource agent operation. + attrs: + description: + - Defines operation parameters as list of name/value pairs. + meta_attrs: + type: list + description: + - Defines meta attributes as list of name/value pairs. + # TODO: Tech Debt: Remove name and options in next release + name: + type: str + description: + - WARNING! This option will be removed in future release. + # TODO: Tech Debt: Remove name and options in next release + options: + type: dict + description: + - WARNING! This option will be removed in future release. example: sap_ha_pacemaker_cluster_stonith_custom: - - name: "my-fence-resource" + - id: "my-fence-resource" agent: "stonith:fence_rhevm" - options: - ip: rhevm-server - username: login-user - password: login-user-password - pcmk_host_list: node1,node2 - power_wait: 3 + instance_attrs: + - attrs: + - name: ip + value: rhevm-server + - name: username + value: login-user + - name: password + value: login-user-password + - name: pcmk_host_list + value: node1,node2 + - name: power_wait + value: 3 + meta_attrs: + - attrs: + - name: target-role + value: Started + operations: + - action: start + attrs: + - name: interval + value: 0 + - name: timeout + value: 180 + + sap_ha_pacemaker_cluster_sbd_enabled: + type: bool + description: + - Set this parameter to 'true' to enable workflow to add Stonith SBD resource. + - Stonith SBD resource has to be provided as part of `sap_ha_pacemaker_cluster_stonith_custom`. + - "Default SBD agents are: stonith:external/sbd for SLES and stonith:fence_sbd for RHEL" + + example: + sap_ha_pacemaker_cluster_sbd_enabled: true + sap_ha_pacemaker_cluster_stonith_custom: + - id: stonith_sbd + agent: stonith:external/sbd + instance_attrs: + - attrs: + - name: pcmk_delay_max + value: 15 + sap_ha_pacemaker_cluster_sbd_devices: + - /dev/disk/by-id/scsi-3600 + + sap_ha_pacemaker_cluster_sbd_devices: + type: list + description: + - Required if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled. + - Provide list of block devices for Stonith SBD agent + + example: + sap_ha_pacemaker_cluster_sbd_devices: + - /dev/disk/by-id/scsi-3600 + + sap_ha_pacemaker_cluster_sbd_options: + type: list + description: + - Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled. + - Provide list of SBD specific options that are added into SBD configuration file. + + example: + sap_ha_pacemaker_cluster_sbd_options: + - name: startmode + value: clean + + sap_ha_pacemaker_cluster_sbd_watchdog: + type: str + default: /dev/watchdog + description: + - Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled. + - Provide watchdog name to override default /dev/watchdog + + sap_ha_pacemaker_cluster_sbd_watchdog_modules: + type: list + description: + - Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled. + - Provide list of watchdog kernel modules to be loaded (creates /dev/watchdog* devices). + + example: + sap_ha_pacemaker_cluster_sbd_watchdog_modules: + - softdog sap_ha_pacemaker_cluster_cluster_properties: type: dict @@ -250,7 +350,9 @@ argument_specs: type: list description: - Additional fence agent packages to be installed. - - This is automatically combined with `sap_ha_pacemaker_cluster_fence_agent_minimal_packages`. + - "This is automatically combined with default packages in:" + - "`__sap_ha_pacemaker_cluster_fence_agent_packages_minimal`" + - "`__sap_ha_pacemaker_cluster_fence_agent_packages_platform`" sap_ha_pacemaker_cluster_hacluster_user_password: description: @@ -266,16 +368,16 @@ argument_specs: sap_ha_pacemaker_cluster_hana_sid: description: - - The SAP HANA SID of the instance that will be configured in the cluster. + - The SAP HANA System ID (SID) of the instance that will be configured in the cluster. - The SID must follow SAP specifications - see SAP Note 1979280. - Inherits the value of `sap_hana_sid`, when defined. - - Mandatory for SAP HANA cluster setups. + - Mandatory for SAP HANA cluster scenarios. sap_ha_pacemaker_cluster_hana_instance_nr: description: - The instance number of the SAP HANA database which this role will configure in the cluster. - Inherits the value of `sap_hana_instance_number`, when defined. - - Mandatory for SAP HANA cluster setups. + - Mandatory for SAP HANA cluster scenarios. sap_ha_pacemaker_cluster_hana_automated_register: type: bool @@ -297,9 +399,6 @@ argument_specs: sap_ha_pacemaker_cluster_hana_prefer_site_takeover: type: bool - choices: - - true - - false default: true description: - Parameter for the 'SAPHana' cluster resource. @@ -320,7 +419,7 @@ argument_specs: default: "msl_SAPHana__HDB" description: - Customize the cluster resource name of the SAP HANA DB resource master slave clone. - - Master Slave clone is specific to SAPHana resource on SUSE. + - Master Slave clone is specific to Classic SAPHana resource on SUSE (non-angi). sap_ha_pacemaker_cluster_hanacontroller_resource_name: default: "rsc_SAPHanaCon__HDB" @@ -365,18 +464,27 @@ argument_specs: sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: default: "rsc_vip__HDB_primary" description: - - Customize the name of the resource managing the Virtual IP of the primary HANA instance. + - Name of the Virtual IP resource for primary HANA instance. + + sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name: + default: "rsc_vip_health_check__HDB_primary" + description: + - Name of the Virtual IP Health Check resource for primary HANA instance. sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address: description: - The virtual IP for read-only access to the secondary HANA instance. - Optional parameter in HANA clusters. - sap_ha_pacemaker_cluster_vip_secondary_resource_name: + sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name: default: "rsc_vip__HDB_readonly" description: - - Customize the name of the resource managing the Virtual IP of read-only access to the - secondary HANA instance. + - Name of the Virtual IP resource for read-only HANA instance. + + sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name: + default: "rsc_vip_health_check__HDB_readonly" + description: + - Name of the Virtual IP Health Check resource for read-only HANA instance. sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name: default: "ord_saphana_vip__HDB_primary" @@ -446,22 +554,28 @@ argument_specs: description: - Path with location of global.ini for srHook update + sap_ha_pacemaker_cluster_saphanasr_angi_detection: + default: true + description: + - Disabling this variable enables to use Classic SAPHanaSR agents even on server, + with SAPHanaSR-angi is available. + ########################################################################## # NetWeaver specific parameters ########################################################################## - sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount: + sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount: type: bool default: true description: - - Enables preferred method for ASCS ERS ENSA2 clusters - Simple Mount + - Enables preferred method for Central Services (ASCS or SCS) ENSA2 clusters - Simple Mount. - Set this parameter to 'true' to configure ENSA2 Simple Mount. - sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1: + sap_ha_pacemaker_cluster_nwas_cs_ensa1: type: bool default: false description: - - The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2. + - The standard NetWeaver Central Services cluster will be set up as ENSA2. - Set this parameter to 'true' to configure it as ENSA1. sap_ha_pacemaker_cluster_enable_cluster_connector: @@ -472,22 +586,26 @@ argument_specs: known as `sap_cluster_connector`. - Set this parameter to 'false' if the SAP HA interface should not be installed and configured. - sap_ha_pacemaker_cluster_nwas_abap_sid: + sap_ha_pacemaker_cluster_nwas_sid: description: - - SID of the NetWeaver instances. - - Mandatory for NetWeaver cluster configuration. - - Uses `sap_swpm_sid` if defined. - - Mandatory for NetWeaver cluster setups. + - System ID (SID) of the NetWeaver instances in Capital letters. + - Defaults to `sap_swpm_sid` if defined. + - Mandatory for NetWeaver cluster scenarios. - sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr: + sap_ha_pacemaker_cluster_nwas_ascs_instance_nr: description: - - Instance number of the NetWeaver ABAP ASCS instance. + - Instance number of the NetWeaver ABAP Central Services (ASCS) instance. - Mandatory for NetWeaver ASCS/ERS cluster configuration. - sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr: + sap_ha_pacemaker_cluster_nwas_scs_instance_nr: description: - - Instance number of the NetWeaver ABAP ERS instance. - - Mandatory for NetWeaver ASCS/ERS cluster configuration. + - Instance number of the NetWeaver Central Services (SCS) instance. + - Mandatory for NetWeaver SCS/ERS cluster configuration. + + sap_ha_pacemaker_cluster_nwas_ers_instance_nr: + description: + - Instance number of the NetWeaver Enqueue Replication Service (ERS) instance. + - Mandatory for NetWeaver ASCS/ERS and SCS/ERS cluster configuration. sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr: description: @@ -504,7 +622,7 @@ argument_specs: description: - List of filesystem definitions used for filesystem cluster resources. - Options relevant, see example. - - Mandatory for SAP NetWeaver HA cluster configurations. + - Mandatory for SAP NetWeaver cluster without Simple Mount. - Reuse `sap_storage_setup_definition` if defined. - Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'. @@ -532,7 +650,7 @@ argument_specs: nfs_server: "nfs-server.example.com:/" - sap_ha_pacemaker_cluster_storage_nfs_filesytem_type: + sap_ha_pacemaker_cluster_storage_nfs_filesystem_type: default: nfs description: - Filesystem type of the NFS filesystems that are part of the cluster configuration. @@ -546,25 +664,50 @@ argument_specs: description: - Default address of the NFS server, if not defined individually by filesystem. - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address: + sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address: description: - - Virtual IP of the NetWeaver ASCS instance. + - Virtual IP of the NetWeaver ABAP Central Services (ASCS) instance. - Mandatory for NetWeaver ASCS/ERS cluster setup. - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name: + sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name: default: rsc_vip__ASCS description: - - Name of the SAPInstance resource for NetWeaver ASCS. + - Name of the Virtual IP resource for NetWeaver ABAP Central Services (ASCS). - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address: + sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name: + default: rsc_vip_health_check__ASCS description: - - Virtual IP of the NetWeaver ERS instance. - - Mandatory for NetWeaver ASCS/ERS cluster setup. + - Name of the Virtual IP Health Check resource for NetWeaver ABAP Central Services (ASCS). + + sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address: + description: + - Virtual IP of the NetWeaver Central Services (SCS) instance. + - Mandatory for NetWeaver SCS/ERS cluster setup. + + sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name: + default: rsc_vip__SCS + description: + - Name of the Virtual IP resource for NetWeaver Central Services (SCS). + + sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name: + default: rsc_vip_health_check__SCS + description: + - Name of the Virtual IP Health Check resource for NetWeaver Central Services (SCS). + + sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address: + description: + - Virtual IP of the NetWeaver Enqueue Replication Service (ERS) instance. + - Mandatory for NetWeaver ASCS/ERS and SCS/ERS cluster setup. - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name: + sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name: default: rsc_vip__ERS description: - - Name of the SAPInstance resource for NetWeaver ERS. + - Name of the Virtual IP resource for NetWeaver Enqueue Replication Service (ERS). + + sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name: + default: rsc_vip_health_check__ERS + description: + - Name of the Virtual IP Health Check resource for NetWeaver Enqueue Replication Service (ERS). sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address: description: @@ -574,7 +717,12 @@ argument_specs: sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: default: rsc_vip__PAS description: - - Name of the SAPInstance resource for NetWeaver PAS. + - Name of the Virtual IP resource for NetWeaver PAS. + + sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name: + default: rsc_vip_health_check__PAS + description: + - Name of the Virtual IP Health Check resource for NetWeaver PAS. sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address: description: @@ -584,7 +732,12 @@ argument_specs: sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: default: rsc_vip__AAS description: - - Name of the SAPInstance resource for NetWeaver AAS. + - Name of the Virtual IP resource for NetWeaver AAS. + + sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name: + default: rsc_vip_health_check__AAS + description: + - Name of the Virtual IP Health Check resource for NetWeaver AAS. sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name: default: rsc_fs__sapmnt @@ -636,36 +789,36 @@ argument_specs: `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources. ########################################################################## - # NetWeaver ASCS specific parameters + # NetWeaver ABAP Central Services (ASCS) specific parameters ########################################################################## - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name: + sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name: description: - The name of the ASCS instance, typically the profile name. - Mandatory for the NetWeaver ASCS/ERS cluster setup - - Recommended format _ASCS_. + - Recommended format _ASCS_ - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string: + sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string: description: - The full path and name of the ASCS instance profile. - Mandatory for the NetWeaver ASCS/ERS cluster setup. - sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name: + sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name: default: rsc_fs__ASCS description: - Name of the filesystem resource for the ASCS instance. - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name: + sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name: default: rsc_SAPInstance__ASCS description: - Name of the ASCS instance resource. - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name: + sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name: default: rsc_SAPStartSrv__ASCS description: - Name of the ASCS SAPStartSrv resource for simple mount. - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name: + sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name: default: grp__ASCS description: - Name of the NetWeaver ASCS resource group. @@ -680,75 +833,124 @@ argument_specs: description: - Customize the cluster constraint name for ASCS starting before ERS order. - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool: + ########################################################################## + # NetWeaver Central Services (SCS) specific parameters + ########################################################################## + + sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name: + description: + - The name of the SCS instance, typically the profile name. + - Mandatory for the NetWeaver SCS/ERS cluster setup + - Recommended format _SCS_ + + sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string: + description: + - The full path and name of the SCS instance profile. + - Mandatory for the NetWeaver SCS/ERS cluster setup. + + sap_ha_pacemaker_cluster_nwas_scs_filesystem_resource_name: + default: rsc_fs__SCS + description: + - Name of the filesystem resource for the SCS instance. + + sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name: + default: rsc_SAPInstance__SCS + description: + - Name of the SCS instance resource. + + sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name: + default: rsc_SAPStartSrv__SCS + description: + - Name of the SCS SAPStartSrv resource for simple mount. + + sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name: + default: grp__SCS + description: + - Name of the NetWeaver SCS resource group. + + sap_ha_pacemaker_cluster_nwas_colocation_scs_no_ers_name: + default: "col_ascs_separate_" + description: + - Customize the cluster constraint name for SCS and ERS separation colocation. + + sap_ha_pacemaker_cluster_nwas_order_scs_first_name: + default: "ord_ascs_first_" + description: + - Customize the cluster constraint name for SCS starting before ERS order. + + ########################################################################## + # NetWeaver Central Services (ASCS and SCS) shared parameters + ########################################################################## + + sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool: type: bool default: false description: - - NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER". + - NetWeaver Central Services (ASCS and SCS) instance resource option "AUTOMATIC_RECOVER". - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness: + sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness: default: 5000 description: - - NetWeaver ASCS instance resource stickiness attribute. + - NetWeaver Central Services (ASCS and SCS) instance resource stickiness attribute. - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold: + sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_migration_threshold: default: 1 description: - - NetWeaver ASCS instance migration-threshold setting attribute. - - Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). + - NetWeaver Central Services (ASCS and SCS) instance migration-threshold setting attribute. + - Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_cs_ensa1`). Default setup is ENSA2. - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout: + sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_failure_timeout: default: 60 description: - - NetWeaver ASCS instance failure-timeout attribute. - - Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). + - NetWeaver Central Services (ASCS and SCS) instance failure-timeout attribute. + - Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_cs_ensa1`). Default setup is ENSA2. - sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness: + sap_ha_pacemaker_cluster_nwas_cs_group_stickiness: default: 3000 description: - - NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node - it was started on. + - NetWeaver Central Services (ASCS and SCS) resource group stickiness. + - Defines how sticky is Central Services group to the node it was started on. ########################################################################## # NetWeaver ERS specific parameters ########################################################################## - sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name: + sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name: description: - The name of the ERS instance, typically the profile name. - - Mandatory for the NetWeaver ASCS/ERS cluster setup. + - Mandatory for the NetWeaver ASCS/ERS and SCS/ERS clusters. - Recommended format _ERS_. - sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string: + sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string: description: - The full path and name of the ERS instance profile. - - Mandatory for the NetWeaver ASCS/ERS cluster. + - Mandatory for the NetWeaver ASCS/ERS and SCS/ERS clusters. - sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool: + sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool: type: bool default: false description: - NetWeaver ERS instance resource option "AUTOMATIC_RECOVER". - sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name: + sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name: default: rsc_fs__ERS description: - Name of the filesystem resource for the ERS instance. - sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name: + sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name: default: rsc_SAPInstance__ERS description: - Name of the ERS instance resource. - sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name: + sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name: default: rsc_SAPStartSrv__ERS description: - Name of the ERS SAPstartSrv resource for simple mount. - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name: + sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name: default: grp__ERS description: - Name of the NetWeaver ERS resource group. @@ -784,13 +986,23 @@ argument_specs: sap_ha_pacemaker_cluster_aws_access_key_id: description: - AWS access key to allow control of instances (for example for fencing operations). - - Mandatory for the cluster nodes setup on AWS EC2 instances. + - "Mandatory for the cluster nodes setup on AWS EC2 instances, when:" + - "1. IAM Role or Instance profile is not attached to EC2 instance." + - "2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`" sap_ha_pacemaker_cluster_aws_secret_access_key: description: - AWS secret key, paired with the access key for instance control. - - Mandatory for the cluster setup on AWS EC2 instances. + - "Mandatory for the cluster nodes setup on AWS EC2 instances, when:" + - "1. IAM Role or Instance profile is not attached to EC2 instance." + - "2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`" + sap_ha_pacemaker_cluster_aws_credentials_setup: + description: + - Set this parameter to 'true' to store AWS credentials into /root/.aws/credentials. + - "Requires: `sap_ha_pacemaker_cluster_aws_access_key_id` and `sap_ha_pacemaker_cluster_aws_secret_access_key`" + - "Mandatory for the cluster nodes setup on AWS EC2 instances, when:" + - "1. IAM Role or Instance profile is not attached to EC2 instance." ########################################################################## # Platforms: GCP specific parameters diff --git a/roles/sap_ha_pacemaker_cluster/meta/collection-requirements.yml b/roles/sap_ha_pacemaker_cluster/meta/collection-requirements.yml index 0a4e50f46..a1227178d 100644 --- a/roles/sap_ha_pacemaker_cluster/meta/collection-requirements.yml +++ b/roles/sap_ha_pacemaker_cluster/meta/collection-requirements.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- collections: diff --git a/roles/sap_ha_pacemaker_cluster/meta/main.yml b/roles/sap_ha_pacemaker_cluster/meta/main.yml index 4ee8090fa..153be12f9 100644 --- a/roles/sap_ha_pacemaker_cluster/meta/main.yml +++ b/roles/sap_ha_pacemaker_cluster/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/post_steps_hana_scaleup.yml b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/post_steps_hana_scaleup.yml index fc15cb42b..9ed648b2e 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/post_steps_hana_scaleup.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/post_steps_hana_scaleup.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Starting SAPHana clone immediately after cluster configuration can lead to # HANA shutdown. Following steps will leave enough time for resource agents @@ -8,16 +9,16 @@ - name: "SAP HA Install Pacemaker - SAPHana pcs resource cleanup" ansible.builtin.command: - cmd: pcs resource cleanup {{ sap_ha_pacemaker_cluster_hana_resource_name + cmd: pcs resource cleanup {{ __sap_ha_pacemaker_cluster_hana_resource_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available - else sap_ha_pacemaker_cluster_hanacontroller_resource_name }} + else __sap_ha_pacemaker_cluster_hanacontroller_resource_name }} changed_when: true - name: "SAP HA Install Pacemaker - SAPHana clone pcs resource refresh" ansible.builtin.command: - cmd: pcs resource refresh {{ sap_ha_pacemaker_cluster_hana_resource_clone_name + cmd: pcs resource refresh {{ __sap_ha_pacemaker_cluster_hana_resource_clone_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available - else sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} + else __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} changed_when: true # Sleep 30 is added to leave enough time for agents to load data from HANA. @@ -29,7 +30,7 @@ - name: "SAP HA Install Pacemaker - SAPHana clone pcs resource meta maintenance=false" ansible.builtin.command: - cmd: pcs resource meta {{ sap_ha_pacemaker_cluster_hana_resource_clone_name + cmd: pcs resource meta {{ __sap_ha_pacemaker_cluster_hana_resource_clone_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available - else sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} maintenance=false + else __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} maintenance=false changed_when: true diff --git a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml index c912295a5..f4b0dd297 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Identify if SAPHanaSR-angi package is available for installation. # SAPHanaSR-angi replaces SAPHanaSR and SAPHanaSR-ScaleOut. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_hana_scaleup.yml b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_hana_scaleup.yml index 9b04b12ec..9d9dbf162 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_hana_scaleup.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_hana_scaleup.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Starting SAPHana clone immediately after cluster configuration can lead to HANA shutdown. # Following steps will leave enough time for resource agents to load HANA configuration @@ -7,16 +8,16 @@ - name: "SAP HA Install Pacemaker - SAPHana crm resource cleanup" ansible.builtin.command: - cmd: crm resource cleanup {{ sap_ha_pacemaker_cluster_hana_resource_name + cmd: crm resource cleanup {{ __sap_ha_pacemaker_cluster_hana_resource_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available - else sap_ha_pacemaker_cluster_hanacontroller_resource_name }} + else __sap_ha_pacemaker_cluster_hanacontroller_resource_name }} changed_when: true - name: "SAP HA Install Pacemaker - SAPHana clone crm resource refresh" ansible.builtin.command: - cmd: crm resource refresh {{ sap_ha_pacemaker_cluster_hana_resource_clone_name + cmd: crm resource refresh {{ __sap_ha_pacemaker_cluster_hana_resource_clone_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available - else sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} + else __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} changed_when: true - name: "SAP HA Install Pacemaker - Wait for SAP HANA to become idle" @@ -26,7 +27,7 @@ - name: "SAP HA Install Pacemaker - SAPHana crm resource maintenance off" ansible.builtin.command: - cmd: crm resource maintenance {{ sap_ha_pacemaker_cluster_hana_resource_clone_name + cmd: crm resource maintenance {{ __sap_ha_pacemaker_cluster_hana_resource_clone_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available - else sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} off + else __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} off changed_when: true diff --git a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml index 1ef42ec61..2d5c7d733 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Recent crmsh changes have added default behavior, where all default metadata # op parameters are added and it cannot be controlled. Not adding them during @@ -50,16 +51,6 @@ changed_when: false run_once: true # noqa: run_once[task] - # # Workaround situation when ASCS and ERS mounts are not present on both nodes. - # - name: "SAP HA Install Pacemaker - SAPStartSrv crm resource cleanup" - # ansible.builtin.command: - # cmd: crm resource cleanup {{ item }} - # loop: - # - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name }}" - # - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name }}" - # when: sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount - # changed_when: true - - name: "SAP HA Install Pacemaker - Fetch CIB configuration" ansible.builtin.command: cmd: cibadmin --query @@ -82,7 +73,7 @@ - name: "SAP HA Install Pacemaker - Remove operations for SAPStartSrv" ansible.builtin.command: cmd: cibadmin -d --force --xpath "//primitive[@type='SAPStartSrv']//operations" - when: sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount + when: __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount changed_when: true # SAPInstance - Remove default operations: promote, demote, start, stop diff --git a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml new file mode 100644 index 000000000..2d5c7d733 --- /dev/null +++ b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml @@ -0,0 +1,97 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# Recent crmsh changes have added default behavior, where all default metadata +# op parameters are added and it cannot be controlled. Not adding them during +# creation, will forcefully add them regardless. + +# Following steps are similar to crmsh code in ha_cluster role, but they are +# too SAP specific, so they are added here instead of there. + +# Python3-pip and pexpect are required for ansible.builtin.expect +# Python installation was removed from sap_swpm role in PR#720 +- name: "SAP HA Install Pacemaker - Install required python3-pip" + ansible.builtin.package: + name: + - python3-pip + state: present + +- name: "SAP HA Install Pacemaker - Install required pip pexpect" + ansible.builtin.pip: + name: + - pexpect + +- name: Block to ensure that changes are executed only once + run_once: true # noqa: run_once[task] + block: + + - name: "SAP HA Install Pacemaker - Create file for CIB backup" + ansible.builtin.tempfile: + state: file + suffix: _sap_ha_pacemaker_cluster_cib_xml_backup + register: __sap_ha_pacemaker_cluster_cib_xml_backup + + - name: "SAP HA Install Pacemaker - Put cluster in maintenance mode" + ansible.builtin.expect: + command: crm configure property maintenance-mode=true + responses: + ".*is-managed.*": "n" + ".*already.*": "n" + check_mode: false + changed_when: true + + - name: "SAP HA Install Pacemaker - Verify that maintenance-mode is true" + ansible.builtin.command: + cmd: crm status + register: __sap_ha_pacemaker_cluster_crm_status_maint + retries: 10 + delay: 5 + until: + '"Resource management is DISABLED" in __sap_ha_pacemaker_cluster_crm_status_maint.stdout' + check_mode: false + changed_when: false + run_once: true # noqa: run_once[task] + + - name: "SAP HA Install Pacemaker - Fetch CIB configuration" + ansible.builtin.command: + cmd: cibadmin --query + register: __sap_ha_pacemaker_cluster_cib_query + check_mode: false + changed_when: false + + - name: "SAP HA Install Pacemaker - Save CIB configuration" + ansible.builtin.copy: + content: "{{ __sap_ha_pacemaker_cluster_cib_query.stdout }}" + dest: "{{ __sap_ha_pacemaker_cluster_cib_xml_backup.path }}" + owner: root + group: root + mode: '0600' + check_mode: false + + # SAPStartSrv - Remove monitor, start, stop operations from SAPStartSrv + # These operations are not supported and not recommended. + # TODO: Limit deletion in future, when more supported is added in Resource Agent + - name: "SAP HA Install Pacemaker - Remove operations for SAPStartSrv" + ansible.builtin.command: + cmd: cibadmin -d --force --xpath "//primitive[@type='SAPStartSrv']//operations" + when: __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + changed_when: true + + # SAPInstance - Remove default operations: promote, demote, start, stop + - name: "SAP HA Install Pacemaker - Remove operations for SAPInstance" + ansible.builtin.command: + cmd: cibadmin -d --force --xpath "//primitive[@type='SAPInstance']//op[{{ item }}]" + loop: + - "@name='promote' and @interval='0s'" + - "@name='demote' and @interval='0s'" + - "@name='start' and @interval='0s'" + - "@name='stop' and @interval='0s'" + changed_when: true + + - name: "SAP HA Install Pacemaker - Disable maintenance mode" + ansible.builtin.expect: + command: crm configure property maintenance-mode=false + responses: + ".*is-managed.*": "n" + ".*already.*": "n" + check_mode: false + changed_when: true diff --git a/roles/sap_ha_pacemaker_cluster/tasks/Suse/pre_steps_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/Suse/pre_steps_hana.yml index 4a1697668..6f6d031e2 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/Suse/pre_steps_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/Suse/pre_steps_hana.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Identify if SAPHanaSR-angi package is available for installation. # SAPHanaSR-angi replaces SAPHanaSR and SAPHanaSR-ScaleOut. @@ -5,40 +6,43 @@ # This is destructive step if executed on running cluster # without proper migration from SAPHanaSR to SAPHanaSR-angi! -# Requirement for package_facts Ansible Module -- name: For SLES ensure OS Package for Python Lib of rpm bindings is enabled for System Python - ansible.builtin.package: - name: python3-rpm - state: present - when: ansible_os_family == "Suse" +- name: "SAP HA Prepare Pacemaker - Block for detection of SAPHanaSR-angi" + when: (sap_ha_pacemaker_cluster_saphanasr_angi_detection | bool) + block: + # Requirement for package_facts Ansible Module + # SLES: Ensure OS Package for Python Lib of rpm bindings is enabled for System Python + - name: "SAP HA Prepare Pacemaker - Ensure python3-rpm package is present" + ansible.builtin.package: + name: python3-rpm + state: present -- name: "SAP HA Prepare Pacemaker - Gather installed packages facts" - ansible.builtin.package_facts: - manager: auto + - name: "SAP HA Prepare Pacemaker - Gather installed packages facts" + ansible.builtin.package_facts: + manager: auto -- name: "SAP HA Prepare Pacemaker - Search for SAPHanaSR-angi" - ansible.builtin.command: - cmd: zypper se SAPHanaSR-angi - changed_when: false - register: __sap_ha_pacemaker_cluster_zypper_angi_check - failed_when: false + - name: "SAP HA Prepare Pacemaker - Search for SAPHanaSR-angi" + ansible.builtin.command: + cmd: zypper se SAPHanaSR-angi + changed_when: false + register: __sap_ha_pacemaker_cluster_zypper_angi_check + failed_when: false -# package can be replaced with "rpm -e --nodeps {{ item }}" -- name: "SAP HA Prepare Pacemaker - Remove SAPHanaSR and SAPHanaSR-doc" - ansible.builtin.package: - name: "{{ item }}" - state: absent - loop: - - SAPHanaSR - - SAPHanaSR-doc - when: - - __sap_ha_pacemaker_cluster_zypper_angi_check is defined - - __sap_ha_pacemaker_cluster_zypper_angi_check.rc == 0 - - "'SAPHanaSR' in ansible_facts.packages" + # package can be replaced with "rpm -e --nodeps {{ item }}" + - name: "SAP HA Prepare Pacemaker - Remove SAPHanaSR and SAPHanaSR-doc" + ansible.builtin.package: + name: "{{ item }}" + state: absent + loop: + - SAPHanaSR + - SAPHanaSR-doc + when: + - __sap_ha_pacemaker_cluster_zypper_angi_check is defined + - __sap_ha_pacemaker_cluster_zypper_angi_check.rc == 0 + - "'SAPHanaSR' in ansible_facts.packages" -- name: "SAP HA Prepare Pacemaker - Set fact angi_available" - ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_saphanasr_angi_available: true - when: - - __sap_ha_pacemaker_cluster_zypper_angi_check is defined - - __sap_ha_pacemaker_cluster_zypper_angi_check.rc == 0 + - name: "SAP HA Prepare Pacemaker - Set fact angi_available" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_saphanasr_angi_available: true + when: + - __sap_ha_pacemaker_cluster_zypper_angi_check is defined + - __sap_ha_pacemaker_cluster_zypper_angi_check.rc == 0 diff --git a/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml b/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml index b6bdaaa58..26cdb2be4 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # The following tasks will check which SAP landscape can be configured with # the provided parameters. @@ -35,7 +36,7 @@ ansible.builtin.include_tasks: file: include_vars_hana.yml when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 + - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 - name: "SAP HA Prepare Pacemaker - Include NETWEAVER specific variables" ansible.builtin.include_tasks: diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_ascs_ers_postinstallation.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml similarity index 75% rename from roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_ascs_ers_postinstallation.yml rename to roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index de55f3943..e4c9158ed 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_ascs_ers_postinstallation.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # After NetWeaver ASCS/ERS instances were configured in the cluster, # they must be disabled from automatically (re)starting outside of @@ -5,7 +6,7 @@ - name: "SAP HA Pacemaker - (ASCS profile) Prevent automatic restart of enqueue server" ansible.builtin.replace: - path: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string }}" + path: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }}" backup: true regexp: 'Restart_Program_01' replace: 'Start_Program_01' @@ -16,7 +17,7 @@ - name: "SAP HA Pacemaker - (ERS profile) Prevent automatic restart" ansible.builtin.replace: - path: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" + path: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" backup: true regexp: 'Restart_Program_00' replace: 'Start_Program_00' @@ -35,20 +36,20 @@ regexp: '^([^#\n].+{{ sapserv_item }}.+)$' replace: '# \1' loop: - - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name }}" - - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" loop_control: loop_var: sapserv_item - name: "SAP HA Pacemaker - (systemd) Check for ASCS/ERS services" ansible.builtin.stat: - path: "/etc/systemd/system/SAP{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ systemd_item }}.service" + path: "/etc/systemd/system/SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" loop: - - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" - - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" loop_control: loop_var: systemd_item - label: "SAP{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ systemd_item }}.service" + label: "SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" register: __sap_ha_pacemaker_cluster_register_instance_service - name: "SAP HA Pacemaker - (systemd) Save found ASCS/ERS services" @@ -116,10 +117,10 @@ - sap_ha_pacemaker_cluster_enable_cluster_connector block: - - name: "SAP HA Pacemaker - (SAP HA Interface) Add {{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm + - name: "SAP HA Pacemaker - (SAP HA Interface) Add {{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm user to 'haclient' group" # noqa name[template] ansible.builtin.user: - name: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + name: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" groups: haclient append: true state: present @@ -130,7 +131,7 @@ backup: true path: "{{ nwas_profile_item.0 }}" line: "{{ nwas_profile_item.1 }}" - loop: "{{ __sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_profile_paths + loop: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_ers_profile_paths | product(__sap_ha_pacemaker_cluster_connector_config_lines) }}" loop_control: @@ -144,19 +145,19 @@ # Sleep added to resolve issue with WaitforStarted finishing before resources are available. - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ASCS to be up and running" become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_where_ascs ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function WaitforStarted 600 30 + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_where_ers ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function WaitforStarted 600 30 + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false @@ -166,20 +167,20 @@ when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_ascs ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function RestartService + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function RestartService changed_when: __sap_ha_pacemaker_cluster_register_restart_ascs.rc == 0 - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_ers ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function RestartService + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function RestartService changed_when: __sap_ha_pacemaker_cluster_register_restart_ers.rc == 0 @@ -187,21 +188,21 @@ when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config ansible.builtin.shell: | sleep 10 - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function HAGetFailoverConfig + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function HAGetFailoverConfig changed_when: false - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_failover_config ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function HAGetFailoverConfig + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig changed_when: false - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results" @@ -217,10 +218,10 @@ when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ascs_ha_check_config ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function HACheckConfig + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function HACheckConfig changed_when: false failed_when: false @@ -243,17 +244,17 @@ and 'FALSE' in __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout) or (__sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout is defined and 'ERROR' in __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout)" + vars: + __rsc_ascs: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name + if __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + else __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name }}" + __rsc_ers: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name + if __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + else __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" block: - name: "SAP HA Pacemaker - (SAP HA Interface) Restart ASCS ERS resources" ansible.builtin.shell: | {{ __sap_ha_pacemaker_cluster_command.resource_restart }} {{ restart_item }} - vars: - __rsc_ascs: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name - if sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount - else sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}" - __rsc_ers: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name - if sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount - else sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name }}" loop: - "{{ __rsc_ascs }}" - "{{ __rsc_ers }}" @@ -265,32 +266,38 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ASCS to be up and running" become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_where_ascs_restart ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function WaitforStarted 600 30 + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_where_ers_restart ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function WaitforStarted 600 30 + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false + # Ensure there are no errors after resources were restarted + - name: "SAP HA Install Pacemaker - Cluster resource cleanup after restart" + ansible.builtin.shell: | + {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} + changed_when: true + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ASCS" when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ascs_ha_check_config ansible.builtin.shell: | sleep 30 - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function HACheckConfig + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function HACheckConfig changed_when: false failed_when: - "'ERROR' in __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout" @@ -299,10 +306,10 @@ when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_check_config ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function HACheckConfig + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HACheckConfig changed_when: false failed_when: - "'ERROR' in __sap_ha_pacemaker_cluster_register_ers_ha_check_config.stdout" @@ -312,10 +319,10 @@ when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function HAGetFailoverConfig + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function HAGetFailoverConfig changed_when: false # failed_when: # - __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout is defined @@ -325,10 +332,10 @@ when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true - become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_failover_config ansible.builtin.shell: | - /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function HAGetFailoverConfig + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig changed_when: false # failed_when: # - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml new file mode 100644 index 000000000..ea36f162d --- /dev/null +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml @@ -0,0 +1,375 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# After NetWeaver SCS/ERS instances were configured in the cluster, +# they must be disabled from automatically (re)starting outside of +# cluster control. + +- name: "SAP HA Pacemaker - (SCS profile) Prevent automatic restart of enqueue server" + ansible.builtin.replace: + path: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string }}" + backup: true + regexp: 'Restart_Program_01' + replace: 'Start_Program_01' + # Throttle and retry loop was added to combat NFS write lockups on Azure NFS + throttle: 1 + retries: 30 + delay: 10 + +- name: "SAP HA Pacemaker - (ERS profile) Prevent automatic restart" + ansible.builtin.replace: + path: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" + backup: true + regexp: 'Restart_Program_00' + replace: 'Start_Program_00' + # Throttle and retry loop was added to combat NFS write lockups on Azure NFS + throttle: 1 + retries: 30 + delay: 10 + +# Comment out lines in /usr/sap/sapservices, which +# - contain the target instance profile names +# - are not commented out yet +- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" + ansible.builtin.replace: + path: /usr/sap/sapservices + backup: true + regexp: '^([^#\n].+{{ sapserv_item }}.+)$' + replace: '# \1' + loop: + - "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + loop_control: + loop_var: sapserv_item + +- name: "SAP HA Pacemaker - (systemd) Check for SCS/ERS services" + ansible.builtin.stat: + path: "/etc/systemd/system/SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" + loop: + - "{{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" + loop_control: + loop_var: systemd_item + label: "SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" + register: __sap_ha_pacemaker_cluster_register_instance_service + +- name: "SAP HA Pacemaker - (systemd) Save found SCS/ERS services" + ansible.builtin.set_fact: + sap_ha_pacemaker_cluster_instance_services_fact: "{{ + __sap_ha_pacemaker_cluster_register_instance_service.results + | selectattr('stat.exists') + | map(attribute='stat.path') + | regex_replace('/etc/systemd/system/', '') + }}" + +# BLOCK: +# When the systemd based SAP startup framework is used, make sure that the +# instance services do not auto-start. +- name: "SAP HA Pacemaker - Block to disable systemd auto-start of instances" + when: + - sap_ha_pacemaker_cluster_instance_services_fact is defined + - sap_ha_pacemaker_cluster_instance_services_fact | length > 0 + block: + + - name: "SAP HA Pacemaker - (systemd) Disable SCS/ERS instance service" + ansible.builtin.service: + name: "{{ instance_srv_item }}" + enabled: false + loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop_control: + loop_var: instance_srv_item + + # Creates a config file for the services. + # Parent directories will be created when missing. + - name: "SAP HA Pacemaker - (systemd) Create SCS/ERS instance unit config file" + ansible.builtin.lineinfile: + create: true + path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" + line: "[Service]" + owner: root + group: root + mode: '0644' + loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop_control: + loop_var: dropfile_item + + - name: "SAP HA Pacemaker - (systemd) Disable SCS/ERS instance unit auto-restart" + ansible.builtin.lineinfile: + path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" + regex: '^Restart\s*=\s*no' + insertafter: '^[Service]$' + line: "Restart=no" + owner: root + group: root + mode: '0644' + loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop_control: + loop_var: dropfile_item + +### END of BLOCK for systemd setup. + + +# Block for configuring the SAP HA Interface (sap_cluster_connector). +# +# The 'sap-cluster-connector' package is already optionally added to +# '__sap_ha_pacemaker_cluster_sap_extra_packages'. +- name: "SAP HA Pacemaker - (SAP HA Interface) Configure SAP HA Interface" + when: + - sap_ha_pacemaker_cluster_enable_cluster_connector + block: + + - name: "SAP HA Pacemaker - (SAP HA Interface) Add {{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm + user to 'haclient' group" # noqa name[template] + ansible.builtin.user: + name: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + groups: haclient + append: true + state: present + + # Using 'lineinfile' with a nested loop to avoid duplicate entries for existing configuration. + - name: "SAP HA Pacemaker - (SAP HA Interface) Add connector to start profiles" + ansible.builtin.lineinfile: + backup: true + path: "{{ nwas_profile_item.0 }}" + line: "{{ nwas_profile_item.1 }}" + loop: "{{ __sap_ha_pacemaker_cluster_nwas_scs_ers_profile_paths + | product(__sap_ha_pacemaker_cluster_connector_config_lines) + }}" + loop_control: + loop_var: nwas_profile_item + label: "{{ nwas_profile_item.0 }} -> {{ nwas_profile_item.1 }}" + # Throttle and retry loop was added to combat NFS write lockups on Azure NFS + throttle: 1 + retries: 30 + delay: 10 + + # Sleep added to resolve issue with WaitforStarted finishing before resources are available. + - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for SCS to be up and running" + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_where_scs + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function WaitforStarted 600 30 + changed_when: false + failed_when: false + + - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_where_ers + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function WaitforStarted 600 30 + changed_when: false + failed_when: false + + # NOTE: RestartService can cause fencing lockup and hang forever, + # it might be good to remove them in future and leave reload to "SCS ERS restart" block. + - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the SCS service" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_restart_scs + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function RestartService + changed_when: __sap_ha_pacemaker_cluster_register_restart_scs.rc == 0 + + - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" + when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_restart_ers + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function RestartService + changed_when: __sap_ha_pacemaker_cluster_register_restart_ers.rc == 0 + + + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for SCS" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_scs_ha_failover_config + ansible.builtin.shell: | + sleep 10 + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function HAGetFailoverConfig + changed_when: false + + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" + when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_ers_ha_failover_config + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig + changed_when: false + + - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + - __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines is defined + ansible.builtin.debug: + msg: | + {{ __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines }} + + + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for SCS" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_scs_ha_check_config + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function HACheckConfig + changed_when: false + failed_when: false + + - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + - __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines is defined + ansible.builtin.debug: + msg: | + {{ __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines }} + + + # Block to restart cluster resources if RestartService is not enough. + # This is required for SUSE, where SAP needs full restart to load HAlib. + - name: "SAP HA Pacemaker - (SAP HA Interface) Block for SCS ERS restart" + when: + - "(__sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout is defined + and 'FALSE' in __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout) + or (__sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined + and 'FALSE' in __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout) + or (__sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout is defined + and 'ERROR' in __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout)" + vars: + __rsc_scs: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name + if __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + else __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name }}" + __rsc_ers: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name + if __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + else __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" + block: + - name: "SAP HA Pacemaker - (SAP HA Interface) Restart SCS ERS resources" + ansible.builtin.shell: | + {{ __sap_ha_pacemaker_cluster_command.resource_restart }} {{ restart_item }} + loop: + - "{{ __rsc_scs }}" + - "{{ __rsc_ers }}" + loop_control: + loop_var: restart_item + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + changed_when: true + + - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for SCS to be up and running" + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_where_scs_restart + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function WaitforStarted 600 30 + changed_when: false + failed_when: false + + - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_where_ers_restart + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function WaitforStarted 600 30 + changed_when: false + failed_when: false + + # Ensure there are no errors after resources were restarted + - name: "SAP HA Install Pacemaker - Cluster resource cleanup after restart" + ansible.builtin.shell: | + {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} + changed_when: true + + + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for SCS" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_scs_ha_check_config + ansible.builtin.shell: | + sleep 30 + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function HACheckConfig + changed_when: false + failed_when: + - "'ERROR' in __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout" + + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ERS" + when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_ers_ha_check_config + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HACheckConfig + changed_when: false + failed_when: + - "'ERROR' in __sap_ha_pacemaker_cluster_register_ers_ha_check_config.stdout" + + + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for SCS" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_scs_ha_failover_config + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function HAGetFailoverConfig + changed_when: false + # failed_when: + # - __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout is defined + # and 'FALSE' in __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout + + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" + when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + become: true + become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" + register: __sap_ha_pacemaker_cluster_register_ers_ha_failover_config + ansible.builtin.shell: | + /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig + changed_when: false + # failed_when: + # - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined + # and 'FALSE' in __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout + + + # HAGetFailoverConfig is not consistent and it can show FALSE on one of nodes + - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results on SCS" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + - __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines is defined + ansible.builtin.debug: + msg: | + {{ __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines }} + + # HAGetFailoverConfig is not consistent and it can show FALSE on one of nodes + - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results on ERS" + when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines is defined + ansible.builtin.debug: + msg: | + {{ __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines }} + + # HACheckConfig shows same statues on both nodes, therefore only SCS is shown + - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" + when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + - __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines is defined + ansible.builtin.debug: + msg: | + {{ __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines }} + + + # TODO: verification checks that the instances are running and HA Interface is enabled + +### END of BLOCK for sap_cluster_connector. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml index fdc4610b3..aac210639 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml @@ -1,13 +1,14 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "SAP HA Pacemaker srHook - Check presence of global.ini" ansible.builtin.stat: - path: "{{ sap_ha_pacemaker_cluster_hana_global_ini_path }}" + path: "{{ __sap_ha_pacemaker_cluster_hana_global_ini_path }}" register: __sap_ha_pacemaker_cluster_global_ini failed_when: not __sap_ha_pacemaker_cluster_global_ini.stat.exists - name: "SAP HA Pacemaker srHook - Get contents of global.ini" ansible.builtin.command: - cmd: cat "{{ sap_ha_pacemaker_cluster_hana_global_ini_path }}" + cmd: cat "{{ __sap_ha_pacemaker_cluster_hana_global_ini_path }}" register: __sap_ha_pacemaker_cluster_global_ini_contents changed_when: false @@ -41,7 +42,7 @@ - name: "SAP HA Pacemaker srHook - Update srHook providers in global.ini" ansible.builtin.blockinfile: - path: "{{ sap_ha_pacemaker_cluster_hana_global_ini_path }}" + path: "{{ __sap_ha_pacemaker_cluster_hana_global_ini_path }}" marker: "" block: | [ha_dr_provider_{{ srhook_item.provider }}] @@ -60,7 +61,7 @@ # Separate task to create [trace] block so hooks can be appended to it - name: "SAP HA Pacemaker srHook - Add [trace] block in global.ini" ansible.builtin.blockinfile: - path: "{{ sap_ha_pacemaker_cluster_hana_global_ini_path }}" + path: "{{ __sap_ha_pacemaker_cluster_hana_global_ini_path }}" marker: "" block: | [trace] @@ -70,7 +71,7 @@ # Append hooks to [trace] block if they are not present already - name: "SAP HA Pacemaker srHook - Update srHooks trace in global.ini" ansible.builtin.lineinfile: - path: "{{ sap_ha_pacemaker_cluster_hana_global_ini_path }}" + path: "{{ __sap_ha_pacemaker_cluster_hana_global_ini_path }}" insertafter: "^\\[trace\\]" line: "ha_dr_{{ srhook_item.provider }} = info" loop: "{{ __sap_ha_pacemaker_cluster_hana_hooks }}" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_final_hacluster_vars.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_final_hacluster_vars.yml index 2fc57e61e..9c9af77f4 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_final_hacluster_vars.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_final_hacluster_vars.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # After all of the previous construction flows, the final parameters must # be translated to 'ha_cluster' Linux System Role syntax. @@ -28,6 +29,18 @@ # __sap_ha_pacemaker_cluster_resource_primitives ha_cluster_resource_primitives # __sap_ha_pacemaker_cluster_corosync_totem ha_cluster_totem +# Combines SBD stonith options with ha_cluster if it was not imported as extra var. +- name: "SAP HA Prepare Pacemaker - (ha_cluster) Include SBD config into 'ha_cluster'" # noqa jinja[spacing] + when: + - __sap_ha_pacemaker_cluster_ha_cluster_stonith is defined and __sap_ha_pacemaker_cluster_ha_cluster_stonith | length > 0 + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_ha_cluster: >- + {%- if __sap_ha_pacemaker_cluster_ha_cluster is defined and __sap_ha_pacemaker_cluster_ha_cluster | length > 0 -%} + {{ __sap_ha_pacemaker_cluster_ha_cluster | combine(__sap_ha_pacemaker_cluster_ha_cluster_stonith) }} + {%- else -%} + {{ __sap_ha_pacemaker_cluster_ha_cluster_stonith }} + {%- endif -%} + - name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster'" when: __sap_ha_pacemaker_cluster_ha_cluster is defined ansible.builtin.set_fact: @@ -109,3 +122,13 @@ when: __sap_ha_pacemaker_cluster_corosync_totem is defined ansible.builtin.set_fact: ha_cluster_totem: "{{ __sap_ha_pacemaker_cluster_corosync_totem }}" + +- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_sbd_options'" + when: __sap_ha_pacemaker_cluster_sbd_options is defined + ansible.builtin.set_fact: + ha_cluster_sbd_options: "{{ __sap_ha_pacemaker_cluster_sbd_options }}" + +- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_sbd_enabled'" + when: __sap_ha_pacemaker_cluster_sbd_enabled is defined + ansible.builtin.set_fact: + ha_cluster_sbd_enabled: "{{ __sap_ha_pacemaker_cluster_sbd_enabled }}" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml index 0361368ec..33dbe95d3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Combine input parameters with inherited vars from the 'ha_cluster' role. # The inherited values take precedence. Some parameters are not required to be set. @@ -21,7 +22,25 @@ __sap_ha_pacemaker_cluster_hacluster_user_password: "{{ sap_ha_pacemaker_cluster_hacluster_user_password }}" no_log: true # secure the credential +# sap_ha_pacemaker_cluster_ha_cluster -> user-defined or default inherited from {{ ha_cluster }} +- name: "SAP HA Prepare Pacemaker - Register sap_ha_pacemaker_cluster_ha_cluster" + when: + - __sap_ha_pacemaker_cluster_ha_cluster is not defined + - sap_ha_pacemaker_cluster_ha_cluster is defined + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_ha_cluster: "{{ sap_ha_pacemaker_cluster_ha_cluster }}" +- name: "SAP HA Prepare Pacemaker - Generate default sap_ha_pacemaker_cluster_ha_cluster" + when: + - not __sap_ha_pacemaker_cluster_ha_cluster is defined + - not sap_ha_pacemaker_cluster_ha_cluster is defined + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_ha_cluster: + node_name: "{{ ansible_hostname }}" + pcs_address: "{{ ansible_default_ipv4.address }}" + + +# Combine following extra packages together: # sap_ha_pacemaker_cluster_extra_packages -> user-defined, empty by global default # __sap_ha_pacemaker_cluster_sap_extra_packages -> included from vars/* # __sap_ha_pacemaker_cluster_platform_extra_packages -> included from vars/platform* @@ -35,30 +54,65 @@ | unique | select() }}" # remove duplicates and empty elements -# sap_ha_pacemaker_cluster_fence_agent_minimal_packages -> global default -# sap_ha_pacemaker_cluster_fence_agent_packages -> global default -# __sap_ha_pacemaker_cluster_fence_agent_packages -> internal default (vars/main.yml) +# Combine following fence packages together: +# __sap_ha_pacemaker_cluster_fence_agent_packages_minimal -> os default +# __sap_ha_pacemaker_cluster_fence_agent_packages_platform -> platform defaults from dict +# sap_ha_pacemaker_cluster_fence_agent_packages -> user input or default [] + +# __sap_ha_pacemaker_cluster_fence_agent_packages loaded from ha_cluster is not included, +# because it would still not be used due to precedence. +# TODO: Remove Tech debt conditionals in future for deprecated var 'sap_ha_pacemaker_cluster_fence_agent_minimal_packages' - name: "SAP HA Prepare Pacemaker - Combine fence agent packages lists" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_fence_agent_packages: "{{ - (sap_ha_pacemaker_cluster_fence_agent_minimal_packages - + sap_ha_pacemaker_cluster_fence_agent_packages - + __sap_ha_pacemaker_cluster_fence_agent_packages) + (__sap_ha_pacemaker_cluster_fence_agent_packages_minimal_combined + + __sap_ha_pacemaker_cluster_fence_agent_packages_platform + + sap_ha_pacemaker_cluster_fence_agent_packages) | unique }}" + vars: + # Tech debt for sap_ha_pacemaker_cluster_fence_agent_minimal_packages + __sap_ha_pacemaker_cluster_fence_agent_packages_minimal_combined: + "{{ __sap_ha_pacemaker_cluster_fence_agent_packages_minimal + + sap_ha_pacemaker_cluster_fence_agent_minimal_packages + if (sap_ha_pacemaker_cluster_fence_agent_minimal_packages is defined + and sap_ha_pacemaker_cluster_fence_agent_minimal_packages | length > 0 + and sap_ha_pacemaker_cluster_fence_agent_minimal_packages is iterable) + else __sap_ha_pacemaker_cluster_fence_agent_packages_minimal }}" -- name: "SAP HA Prepare Pacemaker - Add default corosync totem settings" - when: - - sap_ha_pacemaker_cluster_corosync_totem is defined - - sap_ha_pacemaker_cluster_corosync_totem.options is defined - - sap_ha_pacemaker_cluster_corosync_totem.options | length > 0 + +# Prepare corosync totem variable with either: +# - User provided sap_ha_pacemaker_cluster_corosync_totem if present +# - Combine corosync totem from OS variables and Platform variables if present +# - Use default corosync totem from OS variables if Platform variable is not present +- name: "SAP HA Prepare Pacemaker - Prepare corosync totem settings" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_corosync_totem: - options: "{{ __sap_ha_pacemaker_cluster_corosync_totem.options | default([]) + __totem_settings }}" + options: "{{ __sap_ha_pacemaker_cluster_corosync_totem.options | d([]) + __totem_settings }}" vars: + # Identify if provided sap_ha_pacemaker_cluster_corosync_totem is defined + __user_totem_is_present: + "{{ true if (sap_ha_pacemaker_cluster_corosync_totem is defined + and sap_ha_pacemaker_cluster_corosync_totem.options is defined + and sap_ha_pacemaker_cluster_corosync_totem | length > 0) else false }}" + + # Identify if __sap_ha_pacemaker_cluster_corosync_totem_platform is defined + __platform_totem_is_present: + "{{ true if (__sap_ha_pacemaker_cluster_corosync_totem_platform is defined + and __sap_ha_pacemaker_cluster_corosync_totem_platform.options is defined + and __sap_ha_pacemaker_cluster_corosync_totem_platform | length > 0) else false }}" + __totem_settings: |- + {% if __user_totem_is_present %} + {% set corosync_totem = sap_ha_pacemaker_cluster_corosync_totem %} + {% elif __platform_totem_is_present %} + {% set corosync_totem = __sap_ha_pacemaker_cluster_corosync_totem_default + | combine(__sap_ha_pacemaker_cluster_corosync_totem_platform, recursive=True) %} + {% else %} + {% set corosync_totem = __sap_ha_pacemaker_cluster_corosync_totem_default %} + {% endif %} {% set new_opts = [] %} - {% for option in sap_ha_pacemaker_cluster_corosync_totem.options | dict2items -%} + {% for option in corosync_totem.options | dict2items -%} {%- set add_opts = new_opts.extend([ { 'name': option.key, @@ -66,3 +120,5 @@ }]) -%} {%- endfor %} {{ new_opts }} + +# TODO: Add support for ha_cluster_quorum diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_common.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_common.yml index f83af514a..41893dbc6 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_common.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_common.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables containing variables must be constructed with values # to be fed into the included ha_cluster role diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleout.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleout.yml index 03df61fb8..f72bcae17 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleout.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleout.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables containing variables must be constructed with values # to be fed into an included role diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup.yml index 3a004d36b..46e15c6eb 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup.yml @@ -1,17 +1,18 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "SAP HA Prepare Pacemaker - Add resource: SAP HANA Topology" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_hana_topology] }}" vars: __resource_hana_topology: - id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_topology_resource_name }}" agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.saphanatopology }}" instance_attrs: - attrs: - name: SID - value: "{{ sap_ha_pacemaker_cluster_hana_sid }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_sid }}" - name: InstanceNumber - value: "{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_instance_nr }}" operations: - action: start attrs: @@ -36,14 +37,14 @@ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_hana] }}" vars: __resource_hana: - id: "{{ sap_ha_pacemaker_cluster_hana_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_name }}" agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.saphana }}" instance_attrs: - attrs: - name: SID - value: "{{ sap_ha_pacemaker_cluster_hana_sid }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_sid }}" - name: InstanceNumber - value: "{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_instance_nr }}" - name: AUTOMATED_REGISTER value: "{{ sap_ha_pacemaker_cluster_hana_automated_register | string }}" - name: DUPLICATE_PRIMARY_TIMEOUT @@ -97,8 +98,8 @@ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_hana_topology] }}" vars: __clone_hana_topology: - id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" - resource_id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" + resource_id: "{{ __sap_ha_pacemaker_cluster_hana_topology_resource_name }}" meta_attrs: - attrs: - name: clone-max @@ -110,6 +111,13 @@ when: - __clone_hana_topology.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) +# (SUSE Specific) Change SAP HANA Clone name to MSL +- name: "SAP HA Prepare Pacemaker - Define SAP HANA MSL Clone name" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_hana_resource_clone_name: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_msl_name }}" + when: + - ansible_os_family == 'Suse' + - name: "SAP HA Prepare Pacemaker - Add resource clone: SAP HANA DB" ansible.builtin.set_fact: @@ -117,8 +125,8 @@ "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_hana] }}" vars: __clone_hana: - id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" - resource_id: "{{ sap_ha_pacemaker_cluster_hana_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + resource_id: "{{ __sap_ha_pacemaker_cluster_hana_resource_name }}" meta_attrs: - attrs: - name: clone-max @@ -142,8 +150,8 @@ "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_hana] }}" vars: __clone_hana: - id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_msl_name }}" - resource_id: "{{ sap_ha_pacemaker_cluster_hana_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + resource_id: "{{ __sap_ha_pacemaker_cluster_hana_resource_name }}" meta_attrs: - attrs: - name: clone-max @@ -168,14 +176,13 @@ "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_hana_topology] }}" vars: __constraint_order_hana_topology: - id: "{{ sap_ha_pacemaker_cluster_hana_order_topology_hana_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_order_topology_hana_name }}" resource_first: - id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" action: start resource_then: # SUSE SAPHanaSR is using Master Slave clone using Master/Slave roles - id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name - if ansible_os_family != 'Suse' else sap_ha_pacemaker_cluster_hana_resource_clone_msl_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" action: start options: - name: symmetrical diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup_angi.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup_angi.yml index c3dd1c54d..109535268 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup_angi.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup_angi.yml @@ -1,17 +1,18 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "SAP HA Prepare Pacemaker - Add resource: SAP HANA Topology" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_hana_topology] }}" vars: __resource_hana_topology: - id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_topology_resource_name }}" agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.saphanatopology }}" instance_attrs: - attrs: - name: SID - value: "{{ sap_ha_pacemaker_cluster_hana_sid }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_sid }}" - name: InstanceNumber - value: "{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_instance_nr }}" operations: - action: start attrs: @@ -36,14 +37,14 @@ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_hana] }}" vars: __resource_hana: - id: "{{ sap_ha_pacemaker_cluster_hanacontroller_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hanacontroller_resource_name }}" agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.saphanacontroller }}" instance_attrs: - attrs: - name: SID - value: "{{ sap_ha_pacemaker_cluster_hana_sid }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_sid }}" - name: InstanceNumber - value: "{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_instance_nr }}" - name: AUTOMATED_REGISTER value: "{{ sap_ha_pacemaker_cluster_hana_automated_register | string }}" - name: DUPLICATE_PRIMARY_TIMEOUT @@ -96,14 +97,14 @@ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_hana_filesystem] }}" vars: __resource_hana_filesystem: - id: "{{ sap_ha_pacemaker_cluster_hana_filesystem_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_filesystem_resource_name }}" agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.saphanafilesystem }}" instance_attrs: - attrs: - name: SID - value: "{{ sap_ha_pacemaker_cluster_hana_sid }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_sid }}" - name: InstanceNumber - value: "{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" + value: "{{ __sap_ha_pacemaker_cluster_hana_instance_nr }}" - name: ON_FAIL_ACTION value: fence operations: @@ -134,8 +135,8 @@ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_hana_topology] }}" vars: __clone_hana_topology: - id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" - resource_id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" + resource_id: "{{ __sap_ha_pacemaker_cluster_hana_topology_resource_name }}" meta_attrs: - attrs: - name: clone-max @@ -154,8 +155,8 @@ "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_hana] }}" vars: __clone_hana: - id: "{{ sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }}" - resource_id: "{{ sap_ha_pacemaker_cluster_hanacontroller_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }}" + resource_id: "{{ __sap_ha_pacemaker_cluster_hanacontroller_resource_name }}" meta_attrs: - attrs: - name: clone-max @@ -176,8 +177,8 @@ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_hana_filesystem] }}" vars: __clone_hana_filesystem: - id: "{{ sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name }}" - resource_id: "{{ sap_ha_pacemaker_cluster_hana_filesystem_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name }}" + resource_id: "{{ __sap_ha_pacemaker_cluster_hana_filesystem_resource_name }}" meta_attrs: - attrs: - name: clone-node-max @@ -194,12 +195,12 @@ "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_hana_topology] }}" vars: __constraint_order_hana_topology: - id: "{{ sap_ha_pacemaker_cluster_hana_order_topology_hana_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_order_topology_hana_name }}" resource_first: - id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" action: start resource_then: - id: "{{ sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }}" action: start options: - name: symmetrical diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_haproxy_constraints_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_haproxy_constraints_hana.yml index a1fb86bf1..ac93121a1 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_haproxy_constraints_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_haproxy_constraints_hana.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reminder: This file is included in a loop over a dictionary. @@ -8,7 +9,7 @@ vars: __constraint_order_haproxy: resource_first: - id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" action: promote resource_then: id: "{{ vip_list_item.key }}" @@ -23,10 +24,10 @@ vars: __constraint_colo_haproxy: resource_leader: - id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" role: promoted resource_follower: - id: "{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" options: - name: score value: "{{ sap_ha_pacemaker_cluster_constraint_colo_base_score }}" @@ -40,14 +41,14 @@ vars: __constraint_colo_haproxy: resource_leader: - id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" role: unpromoted resource_follower: - id: "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" options: - name: score value: "{{ sap_ha_pacemaker_cluster_constraint_colo_base_score }}" when: - __constraint_colo_haproxy.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) - - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address is defined - - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address != '' + - __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address is defined + - __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address != '' diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml index 6e3bc2803..8a77aa38b 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml @@ -1,78 +1,57 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# Variables containing variables must be constructed with values -# to be fed into the included ha_cluster role - -# TODO: add conditionals to verify that the same resource agent is not already -# defined in user input variables. Conflicting user input should take precedence. - -# Several parameters are pre-defined from potentially inherited ha_cluster LSR definitions. -# They are necessary to be used for combining all cluster setup definitions. -# -# See tasks/ascertain_ha_cluster_in_inventory.yml: -# -# __sap_ha_pacemaker_cluster_cluster_properties: "{{ ha_cluster_cluster_properties }}" -# __sap_ha_pacemaker_cluster_constraints_colocation: "{{ ha_cluster_constraints_colocation }}" -# __sap_ha_pacemaker_cluster_constraints_location: "{{ ha_cluster_constraints_location }}" -# __sap_ha_pacemaker_cluster_constraints_order: "{{ ha_cluster_constraints_order }}" -# __sap_ha_pacemaker_cluster_fence_agent_packages: "{{ ha_cluster_fence_agent_packages }}" -# __sap_ha_pacemaker_cluster_repos: "{{ ha_cluster_repos }}" -# __sap_ha_pacemaker_cluster_resource_clones: "{{ ha_cluster_resource_clones }}" -# __sap_ha_pacemaker_cluster_resource_groups: "{{ ha_cluster_resource_groups }}" -# __sap_ha_pacemaker_cluster_resource_primitives: "{{ ha_cluster_resource_primitives }}" - - ### Different SAPInstance resource attributes for ENSA1 and ENSA2 - name: "SAP HA Prepare Pacemaker - Define default ASCS/ERS instance attributes (ENSA2)" - when: not sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 + when: not __sap_ha_pacemaker_cluster_nwas_cs_ensa1 ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_meta_attrs: - name: resource-stickiness - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness }}" __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs: - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" - name: START_PROFILE - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" - name: AUTOMATIC_RECOVER - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool | string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool | string }}" - name: IS_ERS value: true - name: "SAP HA Prepare Pacemaker - Define ASCS/ERS instance attributes (ENSA1)" - when: sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 + when: __sap_ha_pacemaker_cluster_nwas_cs_ensa1 ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_meta_attrs: - name: resource-stickiness - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness }}" - name: migration-threshold - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold }}" + value: "{{ sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_migration_threshold }}" - name: failure-timeout - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout }}" + value: "{{ sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_failure_timeout }}" __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs: - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" - name: START_PROFILE - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" - name: AUTOMATIC_RECOVER - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool | string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool | string }}" - name: IS_ERS value: true ### Resources -# ASCS/ERS instance filesystems -- name: "SAP HA Prepare Pacemaker - Add filesystem resources for ASCS/ERS to resource definition" +# ASCS/ERS Filesystems +- name: "SAP HA Prepare Pacemaker - Add filesystem resources to resource definition (ASCS/ERS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" vars: __resource_filesystem: id: |- {%- if '/ASCS' in __mountpoint -%} - {% set idname = sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name %} + {% set idname = __sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name %} {%- elif '/ERS' in __mountpoint -%} - {% set idname = sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name %} + {% set idname = __sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name %} {%- endif -%} {{ idname }} agent: "ocf:heartbeat:Filesystem" @@ -121,7 +100,7 @@ {% if def.nfs_filesystem_type is defined -%} {{ def.nfs_filesystem_type }} {%- else -%} - {{ sap_ha_pacemaker_cluster_storage_nfs_filesytem_type }} + {{ __sap_ha_pacemaker_cluster_storage_nfs_filesystem_type }} {%- endif %} {%- endif %} {%- endfor %} @@ -153,32 +132,30 @@ {%- endfor %} __mountpoint: "{{ fsres_item }}" - loop: "{{ __sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_filesystems }}" + loop: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_ers_filesystems }}" loop_control: loop_var: fsres_item label: "{{ fsres_item }}" when: - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) -# End of filesystem resource task - # ASCS instance resource definition -- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Central Service (ABAP ASCS)" +- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for ABAP SAP Central Service (ASCS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance] }}" vars: __resource_sapinstance: - id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name }}" agent: "ocf:heartbeat:SAPInstance" instance_attrs: - attrs: - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name }}" - name: START_PROFILE - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }}" - name: AUTOMATIC_RECOVER - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool | string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool | string }}" meta_attrs: - attrs: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_meta_attrs }}" operations: @@ -207,12 +184,12 @@ # ERS instance resource definition -- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (ABAP ERS)" +- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (ERS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance_ers] }}" vars: __resource_sapinstance_ers: - id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" agent: "ocf:heartbeat:SAPInstance" instance_attrs: - attrs: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs }}" @@ -251,14 +228,14 @@ __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__ascs_group] }}" vars: __ascs_group: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" resource_ids: | {% set resource_ids_list = [] %} {%- for resource in - sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name, - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name, - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name, - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name %} + __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name, + __sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name, + __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name, + __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name %} {%- if resource | length > 0 and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} {%- set ids = resource_ids_list.append(resource) %} @@ -268,7 +245,7 @@ meta_attrs: - attrs: - name: resource-stickiness - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness }}" + value: "{{ sap_ha_pacemaker_cluster_nwas_cs_group_stickiness }}" when: - __ascs_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) @@ -283,14 +260,14 @@ __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__ers_group] }}" vars: __ers_group: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" resource_ids: | {% set resource_ids_list = [] %} {%- for resource in - sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name, - sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name, - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name, - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name %} + __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name, + __sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name, + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name, + __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name %} {%- if resource | length > 0 and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} {%- set ids = resource_ids_list.append(resource) %} @@ -315,12 +292,12 @@ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_ers] }}" vars: __constraint_colo_ers: - id: "{{ sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name }}" resource_leader: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" role: started resource_follower: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" options: - name: score value: -5000 @@ -333,12 +310,12 @@ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_ascs_ers] }}" vars: __constraint_order_ascs_ers: - id: "{{ sap_ha_pacemaker_cluster_nwas_order_ascs_first_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_order_ascs_first_name }}" resource_first: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" role: started resource_then: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" options: - name: symmetrical value: "false" @@ -354,13 +331,13 @@ vars: __constraint_location_ascs_ers: resource: - id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}" - rule: "runs_ers_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }} eq 1" + id: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name }}" + rule: "runs_ers_{{ __sap_ha_pacemaker_cluster_nwas_sid }} eq 1" options: - name: score value: 2000 when: - - sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 + - __sap_ha_pacemaker_cluster_nwas_cs_ensa1 # When /sapmnt is managed by the cluster, @@ -371,10 +348,10 @@ vars: __constraint_order_sapmnt: resource_first: - id: "{{ sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }}" role: started resource_then: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" when: - sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed @@ -384,9 +361,9 @@ vars: __constraint_order_sapmnt: resource_first: - id: "{{ sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }}" role: started resource_then: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" when: - sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml index 6a8441df6..22b0878e2 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml @@ -1,66 +1,61 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# Variables containing variables must be constructed with values -# to be fed into the included ha_cluster role - -# TODO: add conditionals to verify that the same resource agent is not already -# defined in user input variables. Conflicting user input should take precedence. -# # ASCS ERS simple mount cluster is ENSA2. ### Resources # ASCS SAPStartSrv resource definition -- name: "SAP HA Prepare Pacemaker - Add resource: SAPStartSrv for Central Service (ABAP ASCS)" +- name: "SAP HA Prepare Pacemaker - Add resource: SAPStartSrv for ABAP SAP Central Service (ASCS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapstartsrv] }}" vars: __resource_sapstartsrv: - id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name }}" agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.sapstartsrv }}" instance_attrs: - attrs: - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name }}" when: - __resource_sapstartsrv.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) # ERS SAPStartSrv resource definition -- name: "SAP HA Prepare Pacemaker - Add resource: SAPStartSrv for Central Service (ABAP ERS)" +- name: "SAP HA Prepare Pacemaker - Add resource: SAPStartSrv for Enqueue Replication Service (ERS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapstartsrv] }}" vars: __resource_sapstartsrv: - id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name }}" agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.sapstartsrv }}" instance_attrs: - attrs: - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" when: - __resource_sapstartsrv.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) # ASCS instance resource definition -- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Central Service (ABAP ASCS)" +- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for ABAP SAP Central Service (ASCS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance] }}" vars: __resource_sapinstance: - id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name }}" agent: "ocf:heartbeat:SAPInstance" instance_attrs: - attrs: - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name }}" - name: START_PROFILE - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }}" - name: AUTOMATIC_RECOVER - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool | string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool | string }}" - name: MINIMAL_PROBE value: true meta_attrs: - attrs: - name: resource-stickiness - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness }}" operations: # TODO: Add values for start and stop when they are published. - action: monitor @@ -76,21 +71,21 @@ # ERS instance resource definition -- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (ABAP ERS)" +- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (ERS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance_ers] }}" vars: __resource_sapinstance_ers: - id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" agent: "ocf:heartbeat:SAPInstance" instance_attrs: - attrs: - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" - name: START_PROFILE - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" - name: AUTOMATIC_RECOVER - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool | string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool | string }}" - name: IS_ERS value: true - name: MINIMAL_PROBE @@ -119,14 +114,14 @@ __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__ascs_group] }}" vars: __ascs_group: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" resource_ids: | {% set resource_ids_list = [] %} {%- for resource in - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name, - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name, - sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name, - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name %} + __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name, + __sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name, + __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name, + __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name %} {%- if resource | length > 0 and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} {%- set ids = resource_ids_list.append(resource) %} @@ -136,7 +131,7 @@ meta_attrs: - attrs: - name: resource-stickiness - value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness }}" + value: "{{ sap_ha_pacemaker_cluster_nwas_cs_group_stickiness }}" when: - __ascs_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) @@ -150,14 +145,14 @@ __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__ers_group] }}" vars: __ers_group: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" resource_ids: | {% set resource_ids_list = [] %} {%- for resource in - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name, - sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name, - sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name, - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name %} + __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name, + __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name, + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name, + __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name %} {%- if resource | length > 0 and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} {%- set ids = resource_ids_list.append(resource) %} @@ -182,12 +177,12 @@ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_ers] }}" vars: __constraint_colo_ers: - id: "{{ sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name }}" resource_leader: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" role: started resource_follower: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" options: - name: score value: -5000 @@ -200,12 +195,12 @@ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_ascs_ers] }}" vars: __constraint_order_ascs_ers: - id: "{{ sap_ha_pacemaker_cluster_nwas_order_ascs_first_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_order_ascs_first_name }}" resource_first: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" role: started resource_then: - id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name }}" + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" options: - name: symmetrical value: "false" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_pas_aas.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_pas_aas.yml index 17be8c306..45284a055 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_pas_aas.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_pas_aas.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables containing variables must be constructed with values # to be fed into the included ha_cluster role diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_common.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_common.yml index 5d624d549..55bdbf427 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_common.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_common.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables containing variables must be constructed with values # to be fed into the included ha_cluster role @@ -77,11 +78,11 @@ __resource_filesystem: id: |- {%- if '/sapmnt' in __mountpoint -%} - {% set idname = sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name %} + {% set idname = __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name %} {% elif '/usr/sap/trans' in __mountpoint -%} - {% set idname = sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name %} - {% elif '/usr/sap/' + sap_ha_pacemaker_cluster_nwas_abap_sid + '/SYS' in __mountpoint -%} - {% set idname = sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name %} + {% set idname = __sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name %} + {% elif '/usr/sap/' + __sap_ha_pacemaker_cluster_nwas_sid + '/SYS' in __mountpoint -%} + {% set idname = __sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name %} {% endif %} {{ idname }} @@ -119,18 +120,18 @@ value: 40 # Format input variables to make above construction code more readable. - __fstype: "{{ commonfs_item.nfs_filesystem_type | default(sap_ha_pacemaker_cluster_storage_nfs_filesytem_type) }}" - __mount_opts: "{{ commonfs_item.nfs_mount_options | default(sap_ha_pacemaker_cluster_storage_nfs_mount_options) }}" - __nfs_server: "{{ commonfs_item.nfs_server | default(sap_ha_pacemaker_cluster_storage_nfs_server) | regex_replace('/$', '') }}" + __fstype: "{{ commonfs_item.nfs_filesystem_type | d(__sap_ha_pacemaker_cluster_storage_nfs_filesystem_type) }}" + __mount_opts: "{{ commonfs_item.nfs_mount_options | d(sap_ha_pacemaker_cluster_storage_nfs_mount_options) }}" + __nfs_server: "{{ commonfs_item.nfs_server | d(sap_ha_pacemaker_cluster_storage_nfs_server) | regex_replace('/$', '') }}" __nfs_path: |- {%- if '/usr/sap' in commonfs_item.nfs_path and '/usr/sap/trans' not in commonfs_item.nfs_path -%} - {{ commonfs_item.nfs_path | regex_replace('^/', '') | regex_replace('/$', '') }}/{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/SYS + {{ commonfs_item.nfs_path | regex_replace('^/', '') | regex_replace('/$', '') }}/{{ __sap_ha_pacemaker_cluster_nwas_sid }}/SYS {%- else -%} {{ commonfs_item.nfs_path | regex_replace('^/', '') | regex_replace('/$', '') }} {%- endif %} __mountpoint: |- {%- if commonfs_item.mountpoint | regex_replace('/$', '') == '/usr/sap' -%} - {{ commonfs_item.mountpoint | regex_replace('/$', '') }}/{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/SYS + {{ commonfs_item.mountpoint | regex_replace('/$', '') }}/{{ __sap_ha_pacemaker_cluster_nwas_sid }}/SYS {%- else -%} {{ commonfs_item.mountpoint | regex_replace('/$', '') }} {%- endif %} @@ -158,19 +159,19 @@ __clone_common_filesystem: id: |- {%- if '/sapmnt' in __mountpoint -%} - {{ sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }} + {{ __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }} {%- elif '/usr/sap/trans' in __mountpoint -%} - {{ sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name }} - {%- elif '/usr/sap/' + sap_ha_pacemaker_cluster_nwas_abap_sid + '/SYS' in __mountpoint -%} - {{ sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name }} + {{ __sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name }} + {%- elif '/usr/sap/' + __sap_ha_pacemaker_cluster_nwas_sid + '/SYS' in __mountpoint -%} + {{ __sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name }} {%- endif %} resource_id: |- {%- if '/sapmnt' in __mountpoint -%} - {{ sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name }} + {{ __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name }} {%- elif '/usr/sap/trans' in __mountpoint -%} - {{ sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name }} - {%- elif '/usr/sap/' + sap_ha_pacemaker_cluster_nwas_abap_sid + '/SYS' in __mountpoint -%} - {{ sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name }} + {{ __sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name }} + {%- elif '/usr/sap/' + __sap_ha_pacemaker_cluster_nwas_sid + '/SYS' in __mountpoint -%} + {{ __sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name }} {%- endif %} meta_attrs: - attrs: @@ -179,7 +180,7 @@ __mountpoint: |- {%- if commonfsclone_item.mountpoint | regex_replace('/$', '') == '/usr/sap' -%} - {{ commonfsclone_item.mountpoint | regex_replace('/$', '') }}/{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/SYS + {{ commonfsclone_item.mountpoint | regex_replace('/$', '') }}/{{ __sap_ha_pacemaker_cluster_nwas_sid }}/SYS {%- else -%} {{ commonfsclone_item.mountpoint | regex_replace('/$', '') }} {%- endif %} diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers.yml index 42867c02c..0756a6a1d 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers.yml @@ -1,75 +1,73 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# Variables containing variables must be constructed with values -# to be fed into the included ha_cluster role +### Different SAPInstance resource attributes for ENSA1 and ENSA2 +- name: "SAP HA Prepare Pacemaker - Define default SCS/ERS instance attributes (ENSA2)" + when: not __sap_ha_pacemaker_cluster_nwas_cs_ensa1 + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_meta_attrs: + - name: resource-stickiness + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness }}" -# - put here all scale-up and scale-out common resources -# - certain differences like ra agent names are provided through -# type specific variables + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs: + - name: InstanceName + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + - name: START_PROFILE + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" + - name: AUTOMATIC_RECOVER + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool | string }}" + - name: IS_ERS + value: true -# TODO: add conditionals to verify that the same resource agent is not already -# defined in user input variables. Conflicting user input should take precedence. +- name: "SAP HA Prepare Pacemaker - Define SCS/ERS instance attributes (ENSA1)" + when: __sap_ha_pacemaker_cluster_nwas_cs_ensa1 + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_meta_attrs: + - name: resource-stickiness + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness }}" + - name: migration-threshold + value: "{{ sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_migration_threshold }}" + - name: failure-timeout + value: "{{ sap_ha_pacemaker_cluster_nwas_cs_sapinstance_ensa1_failure_timeout }}" + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs: + - name: InstanceName + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + - name: START_PROFILE + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" + - name: AUTOMATIC_RECOVER + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool | string }}" + - name: IS_ERS + value: true -- name: "SAP HA Prepare Pacemaker - Add resource: Filesystem /usr/sap/<>/SCS<>" - ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" - vars: - __resource_filesystem: - id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_resource_name }}" - agent: "ocf:heartbeat:Filesystem" - instance_attrs: - - attrs: - - name: device - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_host_mount_path }}" - - name: directory - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_local_mount_path }}" - - name: fstype - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_fstype }}" - - name: options - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_options_string }}" - - name: force_unmount - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_force_unmount }}" - operations: - - action: start - attrs: - - name: interval - value: 0 - - name: timeout - value: 60 - - action: stop - attrs: - - name: interval - value: 0 - - name: timeout - value: 120 - - action: monitor - attrs: - - name: interval - value: 200 - - name: timeout - value: 40 - when: - - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) -- name: "SAP HA Prepare Pacemaker - Add resource: Filesystem /usr/sap/<>/ERS<>" +### Resources +# SCS/ERS Filesystems + +- name: "SAP HA Prepare Pacemaker - Add filesystem resources to resource definition (SCS/ERS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" vars: __resource_filesystem: - id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_resource_name }}" + id: |- + {%- if '/SCS' in __mountpoint -%} + {% set idname = __sap_ha_pacemaker_cluster_nwas_scs_filesystem_resource_name %} + {%- elif '/ERS' in __mountpoint -%} + {% set idname = __sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name %} + {%- endif -%} + {{ idname }} agent: "ocf:heartbeat:Filesystem" instance_attrs: - attrs: - name: device - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_host_mount_path }}" + value: "{{ __nfs_server }}/{{ __nfs_path }}/{{ __mountpoint }}" - name: directory - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_local_mount_path }}" + value: "/usr/sap/{{ __mountpoint }}" - name: fstype - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_fstype }}" + value: "{{ __fstype }}" - name: options - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_options_string }}" + value: "{{ __mount_opts }}" - name: force_unmount - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_force_unmount }}" + value: "{{ sap_ha_pacemaker_cluster_resource_filesystem_force_unmount }}" operations: - action: start attrs: @@ -89,33 +87,78 @@ value: 200 - name: timeout value: 40 + + # Format input variables to make above construction code more readable. + # Method: + # - parse sap_ha_pacemaker_cluster_storage_definition + # - check if a mounpoint is defined (filters out swap) + # - if the needed parameter is defined, take it + # - otherwise, take the value from a default parameter + + __fstype: |- + {% for def in sap_ha_pacemaker_cluster_storage_definition -%} + {% if def.mountpoint is defined and '/usr/sap' == def.mountpoint | regex_replace('/$', '') -%} + {% if def.nfs_filesystem_type is defined -%} + {{ def.nfs_filesystem_type }} + {%- else -%} + {{ __sap_ha_pacemaker_cluster_storage_nfs_filesystem_type }} + {%- endif %} + {%- endif %} + {%- endfor %} + __mount_opts: |- + {% for def in sap_ha_pacemaker_cluster_storage_definition -%} + {% if def.mountpoint is defined and '/usr/sap' == def.mountpoint | regex_replace('/$', '') -%} + {% if def.nfs_mount_options is defined -%} + {{ def.nfs_mount_options }} + {%- else -%} + {{ sap_ha_pacemaker_cluster_storage_nfs_mount_options }} + {%- endif %} + {%- endif %} + {%- endfor %} + __nfs_path: |- + {% for def in sap_ha_pacemaker_cluster_storage_definition -%} + {% if def.mountpoint is defined and '/usr/sap' == def.mountpoint | regex_replace('/$', '') -%} + {{ def.nfs_path | regex_replace('^/', '') | regex_replace('/$', '') }} + {%- endif %} + {%- endfor %} + __nfs_server: |- + {% for def in sap_ha_pacemaker_cluster_storage_definition -%} + {% if def.mountpoint is defined and '/usr/sap' == def.mountpoint | regex_replace('/$', '') -%} + {% if def.nfs_server is defined -%} + {{ def.nfs_server | regex_replace('/$', '') }} + {%- else -%} + {{ sap_ha_pacemaker_cluster_storage_nfs_server | regex_replace('/$', '') }} + {%- endif %} + {%- endif %} + {%- endfor %} + __mountpoint: "{{ fsres_item }}" + + loop: "{{ __sap_ha_pacemaker_cluster_nwas_scs_ers_filesystems }}" + loop_control: + loop_var: fsres_item + label: "{{ fsres_item }}" when: - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) -- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Central Service (JAVA SCS)" +# SCS instance resource definition +- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for SAP Central Service (SCS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance] }}" vars: __resource_sapinstance: - id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name }}" agent: "ocf:heartbeat:SAPInstance" instance_attrs: - attrs: - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_instance_name }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name }}" - name: START_PROFILE - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_start_profile_string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string }}" - name: AUTOMATIC_RECOVER - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_automatic_recover_bool | string }}" + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool | string }}" meta_attrs: - - attrs: - - name: resource-stickiness - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_stickiness }}" - - name: migration-threshold - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_migration_threshold }}" - - name: failure-timeout - value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_failure_timeout }}" + - attrs: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_meta_attrs }}" operations: - action: start attrs: @@ -140,29 +183,17 @@ when: - __resource_sapinstance.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) -- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (JAVA ERS)" + +# ERS instance resource definition +- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (ERS)" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance_ers] }}" vars: __resource_sapinstance_ers: - id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_name }}" + id: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" agent: "ocf:heartbeat:SAPInstance" instance_attrs: - - attrs: - - name: InstanceName - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_instance_name }}" - - name: START_PROFILE - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_start_profile_string }}" - - name: AUTOMATIC_RECOVER - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_automatic_recover_bool | string }}" - meta_attrs: - - attrs: - - name: resource-stickiness - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_stickiness }}" - - name: migration-threshold - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_migration_threshold }}" - - name: failure-timeout - value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_failure_timeout }}" + - attrs: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs }}" operations: - action: start attrs: @@ -188,95 +219,153 @@ - __resource_sapinstance_ers.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) -- name: "SAP HA Prepare Pacemaker - Add resource clone: Filesystem /usr/sap/<>/SCS<>" - ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_filesystem] }}" - vars: - __clone_filesystem: - resource_id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_resource_name }}" - promotable: "no" - meta_attrs: - - attrs: - - name: clone-max - value: 2 - - name: clone-node-max - value: 1 - - name: interleave - value: "true" - when: - - __clone_filesystem.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) +### Groups +# SCS group consists of resources in this order: +# - SCS filesystem +# - SCS instance +# - SCS VIP -- name: "SAP HA Prepare Pacemaker - Add resource clone: Filesystem /usr/sap/<>/ERS<>" +- name: "SAP HA Prepare Pacemaker - Add resource group for SCS resources" ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_filesystem] }}" + __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__scs_group] }}" vars: - __clone_filesystem: - resource_id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_resource_name }}" - promotable: "no" + __scs_group: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name }}" + resource_ids: | + {% set resource_ids_list = [] %} + {%- for resource in + __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name, + __sap_ha_pacemaker_cluster_nwas_scs_filesystem_resource_name, + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name, + __sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name %} + {%- if resource | length > 0 + and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} + {%- set ids = resource_ids_list.append(resource) %} + {%- endif %} + {%- endfor %} + {{ resource_ids_list }} meta_attrs: - attrs: - - name: clone-max - value: 2 - - name: clone-node-max - value: 1 - - name: interleave - value: "true" + - name: resource-stickiness + value: "{{ sap_ha_pacemaker_cluster_nwas_cs_group_stickiness }}" when: - - __clone_filesystem.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) + - __scs_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) + +# ERS group consists of resources in this order: +# - ERS filesystem +# - ERS instance +# - ERS VIP -- name: "SAP HA Prepare Pacemaker - Add resource clone: SAPInstance for Central Service (JAVA SCS)" +- name: "SAP HA Prepare Pacemaker - Add resource group for ERS resources" ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_sapinstance] }}" + __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__ers_group] }}" vars: - __clone_sapinstance: - resource_id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_name }}" - promotable: "yes" - meta_attrs: - - attrs: - - name: clone-max - value: 2 - - name: clone-node-max - value: 1 - - name: interleave - value: "true" + __ers_group: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" + resource_ids: | + {% set resource_ids_list = [] %} + {%- for resource in + __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name, + __sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name, + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name, + __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name %} + {%- if resource | length > 0 + and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} + {%- set ids = resource_ids_list.append(resource) %} + {%- endif %} + {%- endfor %} + {{ resource_ids_list }} when: - - __clone_sapinstance.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) + - __ers_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) + +- name: "SAP HA Prepare Pacemaker - Display VIP resource group definition if any were built" + ansible.builtin.debug: + var: __sap_ha_pacemaker_cluster_resource_groups + when: + - __sap_ha_pacemaker_cluster_resource_groups is defined + - __sap_ha_pacemaker_cluster_resource_groups | length > 0 + -- name: "SAP HA Prepare Pacemaker - Add resource clone: SAPInstance for Enqueue Replication Service (JAVA ERS)" +### Constraints +# ERS and SCS resource groups should try to avoid running on the same node +- name: "SAP HA Prepare Pacemaker - Add colocation constraint: ERS avoids to run on the SCS node" ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_sapinstance_ers] }}" + __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_ers] }}" vars: - __clone_sapinstance_ers: - resource_id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_name }}" - promotable: "yes" - meta_attrs: - - attrs: - - name: clone-max - value: 2 - - name: clone-node-max - value: 1 - - name: interleave - value: "true" + __constraint_colo_ers: + id: "{{ __sap_ha_pacemaker_cluster_nwas_colocation_scs_no_ers_name }}" + resource_leader: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name }}" + role: started + resource_follower: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" + options: + - name: score + value: -5000 when: - - __clone_sapinstance_ers.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) + - __constraint_colo_ers.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) -# First start SAPInstance for Central Service, then SAPInstance for Enqueue Replication Service (automatically stops in reverse order) -- name: "SAP HA Prepare Pacemaker - Add order constraint: Central Service starts before Enqueue Replication Service" +# Optional: SCS should be started before ERS +- name: "SAP HA Prepare Pacemaker - Add order constraint: first start SCS group, then ERS group" ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_sapinstance] }}" + __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_scs_ers] }}" vars: - __constraint_order_sapinstance: + __constraint_order_scs_ers: + id: "{{ __sap_ha_pacemaker_cluster_nwas_order_scs_first_name }}" resource_first: - id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_clone_name }}" - action: start + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name }}" + role: started resource_then: - id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_clone_name }}" - action: start + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" options: - name: symmetrical value: "false" - name: kind - value: "Optional" + value: Optional +# when: +# - __constraint_order_scs_ers.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) + +# ENSA1 only: location rule for SCS to follow ERS +- name: "SAP HA Prepare Pacemaker - Add location constraint: SCS follows ERS in ENSA1 setup" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_constraints_location: "{{ __sap_ha_pacemaker_cluster_constraints_location + [__constraint_location_scs_ers] }}" + vars: + __constraint_location_scs_ers: + resource: + id: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name }}" + rule: "runs_ers_{{ __sap_ha_pacemaker_cluster_nwas_sid }} eq 1" + options: + - name: score + value: 2000 + when: + - __sap_ha_pacemaker_cluster_nwas_cs_ensa1 + + +# When /sapmnt is managed by the cluster, +# start instance groups only after the SAPMNT resource is running. +- name: "SAP HA Prepare Pacemaker - Add order constraint: first start /sapmnt, then start SCS group" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_sapmnt] }}" + vars: + __constraint_order_sapmnt: + resource_first: + id: "{{ __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }}" + role: started + resource_then: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name }}" + when: + - sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed + +- name: "SAP HA Prepare Pacemaker - Add order constraint: first start /sapmnt, then start ERS group" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_sapmnt] }}" + vars: + __constraint_order_sapmnt: + resource_first: + id: "{{ __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }}" + role: started + resource_then: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" when: - - __constraint_order_sapinstance.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) + - sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers_simple_mount.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers_simple_mount.yml new file mode 100644 index 000000000..7b95d59f0 --- /dev/null +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers_simple_mount.yml @@ -0,0 +1,210 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# SCS ERS simple mount cluster is ENSA2. + +### Resources +# SCS SAPStartSrv resource definition +- name: "SAP HA Prepare Pacemaker - Add resource: SAPStartSrv for ABAP SAP Central Service (SCS)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapstartsrv] }}" + vars: + __resource_sapstartsrv: + id: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name }}" + agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.sapstartsrv }}" + instance_attrs: + - attrs: + - name: InstanceName + value: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name }}" + when: + - __resource_sapstartsrv.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) + +# ERS SAPStartSrv resource definition +- name: "SAP HA Prepare Pacemaker - Add resource: SAPStartSrv for Enqueue Replication Service (ERS)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapstartsrv] }}" + vars: + __resource_sapstartsrv: + id: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name }}" + agent: "{{ __sap_ha_pacemaker_cluster_resource_agents.sapstartsrv }}" + instance_attrs: + - attrs: + - name: InstanceName + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + when: + - __resource_sapstartsrv.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) + + +# SCS instance resource definition +- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for ABAP SAP Central Service (SCS)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance] }}" + vars: + __resource_sapinstance: + id: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name }}" + agent: "ocf:heartbeat:SAPInstance" + instance_attrs: + - attrs: + - name: InstanceName + value: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name }}" + - name: START_PROFILE + value: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string }}" + - name: AUTOMATIC_RECOVER + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool | string }}" + - name: MINIMAL_PROBE + value: true + meta_attrs: + - attrs: + - name: resource-stickiness + value: "{{ __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness }}" + operations: + # TODO: Add values for start and stop when they are published. + - action: monitor + attrs: + - name: interval + value: 11 + - name: on-fail + value: restart + - name: timeout + value: 60 + when: + - __resource_sapinstance.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) + + +# ERS instance resource definition +- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (ERS)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance_ers] }}" + vars: + __resource_sapinstance_ers: + id: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" + agent: "ocf:heartbeat:SAPInstance" + instance_attrs: + - attrs: + - name: InstanceName + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + - name: START_PROFILE + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" + - name: AUTOMATIC_RECOVER + value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool | string }}" + - name: IS_ERS + value: true + - name: MINIMAL_PROBE + value: true + operations: + # TODO: Add values for start and stop when they are published. + - action: monitor + attrs: + - name: interval + value: 11 + - name: on-fail + value: restart + - name: timeout + value: 60 + when: + - __resource_sapinstance_ers.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) + + +### Groups +# SCS group consists of resources in this order: +# - SCS VIP +# - SCS SAPStartSrv +# - SCS SAPInstance +- name: "SAP HA Prepare Pacemaker - Add resource group for SCS resources" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__scs_group] }}" + vars: + __scs_group: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name }}" + resource_ids: | + {% set resource_ids_list = [] %} + {%- for resource in + __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name, + __sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name, + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name, + __sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name %} + {%- if resource | length > 0 + and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} + {%- set ids = resource_ids_list.append(resource) %} + {%- endif %} + {%- endfor %} + {{ resource_ids_list }} + meta_attrs: + - attrs: + - name: resource-stickiness + value: "{{ sap_ha_pacemaker_cluster_nwas_cs_group_stickiness }}" + when: + - __scs_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) + + +# ERS group consists of resources in this order: +# - ERS VIP +# - ERS SAPStartSrv +# - ERS SAPInstance +- name: "SAP HA Prepare Pacemaker - Add resource group for ERS resources" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__ers_group] }}" + vars: + __ers_group: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" + resource_ids: | + {% set resource_ids_list = [] %} + {%- for resource in + __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name, + __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name, + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name, + __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name %} + {%- if resource | length > 0 + and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} + {%- set ids = resource_ids_list.append(resource) %} + {%- endif %} + {%- endfor %} + {{ resource_ids_list }} + when: + - __ers_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) + +- name: "SAP HA Prepare Pacemaker - Display VIP resource group definition if any were built" + ansible.builtin.debug: + var: __sap_ha_pacemaker_cluster_resource_groups + when: + - __sap_ha_pacemaker_cluster_resource_groups is defined + - __sap_ha_pacemaker_cluster_resource_groups | length > 0 + + +### Constraints +# ERS and SCS resource groups should try to avoid running on the same node +- name: "SAP HA Prepare Pacemaker - Add colocation constraint: ERS avoids to run on the SCS node" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_ers] }}" + vars: + __constraint_colo_ers: + id: "{{ __sap_ha_pacemaker_cluster_nwas_colocation_scs_no_ers_name }}" + resource_leader: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name }}" + role: started + resource_follower: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" + options: + - name: score + value: -5000 + when: + - __constraint_colo_ers.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) + +# Optional: SCS should be started before ERS +- name: "SAP HA Prepare Pacemaker - Add order constraint: first start SCS group, then ERS group" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_scs_ers] }}" + vars: + __constraint_order_scs_ers: + id: "{{ __sap_ha_pacemaker_cluster_nwas_order_scs_first_name }}" + resource_first: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name }}" + role: started + resource_then: + id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" + options: + - name: symmetrical + value: "false" + - name: kind + value: Optional + when: + - __constraint_order_scs_ers.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml index e3311324d..ba47aae02 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # The following variables are constructed here in order to be provided as # input for the included 'ha_cluster' system role. @@ -20,17 +21,17 @@ or ( sap_ha_pacemaker_cluster_stonith_custom is not defined - and sap_ha_pacemaker_cluster_stonith_default is defined + and __sap_ha_pacemaker_cluster_stonith_default is defined and ( - sap_ha_pacemaker_cluster_stonith_default == '' - or sap_ha_pacemaker_cluster_stonith_default | length == 0 + __sap_ha_pacemaker_cluster_stonith_default == '' + or __sap_ha_pacemaker_cluster_stonith_default | length == 0 ) ) or ( sap_ha_pacemaker_cluster_stonith_custom is not defined - and sap_ha_pacemaker_cluster_stonith_default is not defined + and __sap_ha_pacemaker_cluster_stonith_default is not defined ) block: @@ -58,9 +59,9 @@ ansible.builtin.set_fact: sap_ha_pacemaker_cluster_cluster_properties: "{{ sap_ha_pacemaker_cluster_cluster_properties | combine({'priority-fencing-delay': - sap_ha_pacemaker_cluster_stonith_default.options.pcmk_delay_max | int * 2}) - if sap_ha_pacemaker_cluster_stonith_default.options.pcmk_delay_max is defined - and sap_ha_pacemaker_cluster_stonith_default.options.pcmk_delay_max | int != 0 + __sap_ha_pacemaker_cluster_stonith_default.options.pcmk_delay_max | int * 2}) + if __sap_ha_pacemaker_cluster_stonith_default.options.pcmk_delay_max is defined + and __sap_ha_pacemaker_cluster_stonith_default.options.pcmk_delay_max | int != 0 else sap_ha_pacemaker_cluster_cluster_properties }}" - name: "SAP HA Prepare Pacemaker - (STONITH) Define cluster properties" @@ -69,7 +70,7 @@ - sap_ha_pacemaker_cluster_cluster_properties is iterable - sap_ha_pacemaker_cluster_cluster_properties | length > 0 ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_cluster_properties: "{{ __sap_ha_pacemaker_cluster_cluster_properties | default([]) + __stonith_properties }}" + __sap_ha_pacemaker_cluster_cluster_properties: "{{ __sap_ha_pacemaker_cluster_cluster_properties | d([]) + __stonith_properties }}" vars: __stonith_properties: - attrs: |- @@ -87,82 +88,148 @@ {%- endfor %} {{ attrs }} -# Combine the default stonith resource config from -# - assembled pcmk_host_map -# (see platform tasks: __sap_ha_pacemaker_cluster_pcmk_host_map) -# - fence agent specific required options -# (see platform vars: sap_ha_pacemaker_cluster_stonith_default) -# - generic pacemaker fence resource options -# (see defaults: sap_ha_pacemaker_cluster_fence_options) -# Note: the 'ha_cluster' LSR only calls the stonith creation for ONE host -# -> the definition must contain the resources for all hosts, if multiple +# Prepare default stonith method based on __sap_ha_pacemaker_cluster_stonith_default loaded +# from platform __sap_ha_pacemaker_cluster_stonith_default_dict dictionary. - name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resource definition from platform default" when: - - sap_ha_pacemaker_cluster_stonith_default is defined - - sap_ha_pacemaker_cluster_stonith_default | length > 0 + - __sap_ha_pacemaker_cluster_stonith_default is defined + - __sap_ha_pacemaker_cluster_stonith_default | length > 0 - sap_ha_pacemaker_cluster_stonith_custom is not defined - - __stonith_resource_element.id not in (__sap_ha_pacemaker_cluster_stonith_resource | default([])| map(attribute='id')) + or sap_ha_pacemaker_cluster_stonith_custom | length == 0 + - (hostvars[stonith_host_item].__sap_ha_pacemaker_cluster_stonith_default).id + not in (__sap_ha_pacemaker_cluster_stonith_resource | d([])| map(attribute='id')) ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_stonith_resource: "{{ __sap_ha_pacemaker_cluster_stonith_resource | default([]) + [__stonith_resource_element] }}" - vars: - __stonith_resource_element: - id: "{{ sap_ha_pacemaker_cluster_stonith_default.id + __plug_suffix }}" - agent: "{{ sap_ha_pacemaker_cluster_stonith_default.agent }}" - instance_attrs: - - attrs: >- - {% set attrs = [] -%} - {% if __sap_ha_pacemaker_cluster_pcmk_host_map | length > 0 -%} - {% set map = attrs.extend([ - { - 'name': 'pcmk_host_map', - 'value': __sap_ha_pacemaker_cluster_pcmk_host_map - }]) -%} - {%- else -%} - {% set map = attrs.extend([ - { - 'name': 'plug', - 'value': stonith_host_item - }]) -%} - {%- endif %} - {%- if sap_ha_pacemaker_cluster_stonith_default.options is defined - and sap_ha_pacemaker_cluster_stonith_default.options | length > 0 -%} - {%- for agent_opt in (sap_ha_pacemaker_cluster_stonith_default.options | default({}) | dict2items) -%} - {% set aopts = attrs.extend([ - { - 'name': agent_opt.key, - 'value': agent_opt.value - }]) -%} - {%- endfor %} - {%- endif -%} - {{ attrs }} - - __plug_suffix: >- - {%- if __sap_ha_pacemaker_cluster_pcmk_host_map | length == 0 -%} - _{{ stonith_host_item }} - {%- else %}{% endif -%} - + __sap_ha_pacemaker_cluster_stonith_resource: + "{{ __sap_ha_pacemaker_cluster_stonith_resource | d([]) + + [hostvars[stonith_host_item].__sap_ha_pacemaker_cluster_stonith_default] }}" loop: "{{ ansible_play_hosts_all }}" loop_control: loop_var: stonith_host_item label: "{{ stonith_host_item }}" +# Requirements to run SBD block: +# sap_ha_pacemaker_cluster_sbd_enabled is true +# sap_ha_pacemaker_cluster_sbd_devices is defined, list and not empty +# sap_ha_pacemaker_cluster_stonith_custom is defined, list and not empty +# __sap_ha_pacemaker_cluster_sbd_enabled is not defined +- name: "SAP HA Prepare Pacemaker - (STONITH SBD) Prepare SBD configuration" + when: + - sap_ha_pacemaker_cluster_sbd_enabled is defined + and sap_ha_pacemaker_cluster_sbd_enabled + - sap_ha_pacemaker_cluster_sbd_devices is defined + and sap_ha_pacemaker_cluster_sbd_devices | length > 0 + and sap_ha_pacemaker_cluster_sbd_devices is iterable + and sap_ha_pacemaker_cluster_sbd_devices is not string + - sap_ha_pacemaker_cluster_stonith_custom is defined + and sap_ha_pacemaker_cluster_stonith_custom | length > 0 + and sap_ha_pacemaker_cluster_stonith_custom is iterable + and sap_ha_pacemaker_cluster_stonith_custom is not string + - __sap_ha_pacemaker_cluster_sbd_enabled is not defined + block: + # Create sbd_options for ha_cluster_sbd_options when + # ha_cluster_sbd_options is not defined or it is empty or not List + # ha_cluster_sbd_options is defined but it does not contain required startmode + - name: "SAP HA Prepare Pacemaker - (STONITH SBD) Create sbd_options" + when: + - not sap_ha_pacemaker_cluster_sbd_options is defined + or sap_ha_pacemaker_cluster_sbd_options | length == 0 + or not sap_ha_pacemaker_cluster_sbd_options is iterable + or (sap_ha_pacemaker_cluster_sbd_options is defined + and sap_ha_pacemaker_cluster_sbd_options | selectattr('name', 'equalto', 'startmode') | list | length == 0) + # Skip if startmode is already present + - not (sap_ha_pacemaker_cluster_sbd_options is defined + and sap_ha_pacemaker_cluster_sbd_options | selectattr('name', 'equalto', 'startmode') | list | length > 0) + # Skip if ha_cluster_sbd_options are provided + - __sap_ha_pacemaker_cluster_sbd_options is not defined + or __sap_ha_pacemaker_cluster_sbd_options | length == 0 + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_sbd_options: >- + {%- if sap_ha_pacemaker_cluster_sbd_options is defined + and (sap_ha_pacemaker_cluster_sbd_options | selectattr('name', 'equalto', 'startmode') | list | length == 0) -%} + {{ sap_ha_pacemaker_cluster_sbd_options + [{'name': 'startmode', 'value': __sbd_startmode}]}} + {%- else -%} + {{ [{'name': 'startmode', 'value': __sbd_startmode}] }} + {%- endif -%} + vars: + __sbd_startmode: "{{ 'clean' if sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 else 'always' }}" + -- name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resources from custom definition" + # Create dictionary with SBD specific parameters for ha_cluster + # Omit parameters if they are already present in provided dictionary sap_ha_pacemaker_cluster_ha_cluster + - name: "SAP HA Prepare Pacemaker - (STONITH SBD) Create ha_cluster parameters for SBD" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_ha_cluster_stonith: >- + {{ + dict( + sbd_devices=(sap_ha_pacemaker_cluster_sbd_devices if sap_ha_pacemaker_cluster_sbd_devices is defined + and sap_ha_pacemaker_cluster_sbd_devices | length > 0 and not __sap_ha_pacemaker_cluster_ha_cluster_sbd_devices_exists + else omit), + sbd_watchdog=(sap_ha_pacemaker_cluster_sbd_watchdog if sap_ha_pacemaker_cluster_sbd_watchdog is defined + and sap_ha_pacemaker_cluster_sbd_watchdog | length > 0 and not __sap_ha_pacemaker_cluster_ha_cluster_sbd_watchdog_exists + else omit), + sbd_watchdog_modules=(sap_ha_pacemaker_cluster_sbd_watchdog_modules + if sap_ha_pacemaker_cluster_sbd_watchdog_modules is defined + and sap_ha_pacemaker_cluster_sbd_watchdog_modules | length > 0 + and not __sap_ha_pacemaker_cluster_ha_cluster_sbd_watchdog_modules_exists + else omit) + ) + }} + vars: + # Detect if parameters were already provided in sap_ha_pacemaker_cluster_ha_cluster + __sap_ha_pacemaker_cluster_ha_cluster_sbd_devices_exists: + "{{ true if __sap_ha_pacemaker_cluster_ha_cluster is defined + and __sap_ha_pacemaker_cluster_ha_cluster.sbd_devices is defined + and __sap_ha_pacemaker_cluster_ha_cluster.sbd_devices | length > 0 + and __sap_ha_pacemaker_cluster_ha_cluster.sbd_devices is iterable else false }}" + __sap_ha_pacemaker_cluster_ha_cluster_sbd_watchdog_exists: + "{{ true if __sap_ha_pacemaker_cluster_ha_cluster is defined + and __sap_ha_pacemaker_cluster_ha_cluster.sbd_watchdog is defined + and __sap_ha_pacemaker_cluster_ha_cluster.sbd_watchdog | length > 0 else false }}" + __sap_ha_pacemaker_cluster_ha_cluster_sbd_watchdog_modules_exists: + "{{ true if __sap_ha_pacemaker_cluster_ha_cluster is defined + and __sap_ha_pacemaker_cluster_ha_cluster.sbd_watchdog_modules is defined + and __sap_ha_pacemaker_cluster_ha_cluster.sbd_watchdog_modules | length > 0 + and __sap_ha_pacemaker_cluster_ha_cluster.sbd_watchdog_modules is iterable else false }}" + + + - name: "SAP HA Prepare Pacemaker - (STONITH SBD) Include sbd fence agent" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_fence_agent_packages: + "{{ __sap_ha_pacemaker_cluster_fence_agent_packages + ['sbd'] }}" + + - name: "SAP HA Prepare Pacemaker - (STONITH SBD) Set __sap_ha_pacemaker_cluster_sbd_enabled" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_sbd_enabled: true + + +# sap_ha_pacemaker_cluster_stonith_custom input was redesigned to use ha_cluster structure. +# Following task will remain until next release to ensure compatibility with previous structure. + +# TODO: Remove Tech debt task in future release, once options and name are no longer supported. +- name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resources from custom definition - Legacy" when: - sap_ha_pacemaker_cluster_stonith_custom is defined - - __stonith_resource_element.id not in (__sap_ha_pacemaker_cluster_stonith_resource | default([]) | map(attribute='id')) + and sap_ha_pacemaker_cluster_stonith_custom | length > 0 + and sap_ha_pacemaker_cluster_stonith_custom is iterable + and sap_ha_pacemaker_cluster_stonith_custom is not string + # Tech Debt: Execute only if name and options are provided, previously required parameters. + - stonith_item.name is defined and stonith_item.name | length > 0 + and stonith_item.options is defined and stonith_item.options | length > 0 + # Keep following conditional after removing Tech Debt + - __stonith_resource_element.id not in (__sap_ha_pacemaker_cluster_stonith_resource | d([]) | map(attribute='id')) ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_stonith_resource: "{{ __sap_ha_pacemaker_cluster_stonith_resource | default([]) + [__stonith_resource_element] }}" + __sap_ha_pacemaker_cluster_stonith_resource: "{{ __sap_ha_pacemaker_cluster_stonith_resource | d([]) + [__stonith_resource_element] }}" vars: __stonith_resource_element: - id: "res_{{ item.name }}" - agent: "{{ item.agent }}" + # Ensure that resource name conforms with naming convention rsc_ + id: "{{ stonith_item.name if stonith_item.name.startswith('rsc_') else 'rsc_' ~ stonith_item.name }}" # "rsc_{{ stonith_item.name }}" + agent: "{{ stonith_item.agent }}" instance_attrs: - attrs: |- {% set attrs = [] -%} - {%- for option in (item.options | dict2items) -%} + {%- for option in (stonith_item.options | dict2items) -%} {% set aopts = attrs.extend([ { 'name': option.key, @@ -173,7 +240,25 @@ {{ attrs }} loop: "{{ sap_ha_pacemaker_cluster_stonith_custom }}" loop_control: - label: "{{ item.name }}" + label: "{{ stonith_item.name if stonith_item.name is defined else stonith_item.id }}" + loop_var: stonith_item + + +- name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resources from custom definition" + when: + - sap_ha_pacemaker_cluster_stonith_custom is defined + and sap_ha_pacemaker_cluster_stonith_custom | length > 0 + and sap_ha_pacemaker_cluster_stonith_custom is iterable + and sap_ha_pacemaker_cluster_stonith_custom is not string + - stonith_item.id is defined and stonith_item.id | length > 0 + - stonith_item.id not in (__sap_ha_pacemaker_cluster_stonith_resource | d([]) | map(attribute='id')) + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_stonith_resource: + "{{ __sap_ha_pacemaker_cluster_stonith_resource | d([]) + [stonith_item] }}" + loop: "{{ sap_ha_pacemaker_cluster_stonith_custom }}" + loop_control: + label: "{{ stonith_item.name if stonith_item.name is defined else stonith_item.id }}" + loop_var: stonith_item # The STONITH resource is an element in the cluster_resource_primitives list @@ -187,4 +272,4 @@ + (__sap_ha_pacemaker_cluster_stonith_resource | from_yaml) }} - no_log: true # stonith resources usually contain secrets + no_log: true # stonith resources can contain secrets diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml index 2e1b18977..5c1681fad 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Included in: tasks/main.yml @@ -6,9 +7,9 @@ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_vip] }}" vars: __constraint_order_vip: - id: "{{ sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name }}" resource_first: - id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" action: promote resource_then: id: "{{ __res_or_grp }}" @@ -22,14 +23,14 @@ __res_or_grp: |- {% if sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 and __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} + | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} + {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} + | select('match', __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} + {{ __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }} + | select('match', __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name) -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }} {%- else -%} none_found {%- endif -%} @@ -45,9 +46,9 @@ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_vip] }}" vars: __constraint_order_vip: - id: "{{ sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name }}" resource_first: - id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" action: start resource_then: id: "{{ __res_or_grp }}" @@ -61,14 +62,14 @@ __res_or_grp: |- {% if sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 and __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} + | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} + {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} + | select('match', __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} + {{ __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }} + | select('match', __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name) -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }} {%- else -%} none_found {%- endif -%} @@ -85,11 +86,12 @@ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_vip] }}" vars: __constraint_colo_vip: - id: "{{ sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name }}" resource_leader: # SAPHana is replaced by SAP HANA Controller for SAPHanaSR-angi - id: "{{ sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name if __sap_ha_pacemaker_cluster_saphanasr_angi_available - else sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name + if __sap_ha_pacemaker_cluster_saphanasr_angi_available + else __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" # SUSE SAPHanaSR is using Master Slave clone using Master/Slave roles role: "{{ 'master' if ansible_os_family == 'Suse' and not __sap_ha_pacemaker_cluster_saphanasr_angi_available else 'promoted' }}" @@ -109,14 +111,14 @@ __res_or_grp: |- {% if sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 and __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} + | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} + {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} + | select('match', __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} + {{ __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }} + | select('match', __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name) -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }} {%- else -%} none_found {%- endif -%} @@ -126,7 +128,7 @@ {% if __sap_ha_pacemaker_cluster_resource_groups | length > 0 -%} {% for group in __sap_ha_pacemaker_cluster_resource_groups -%} {% if group.id == (sap_ha_pacemaker_cluster_vip_group_prefix - + sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} + + __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} {{ (group.resource_ids | length * 1000) + sap_ha_pacemaker_cluster_constraint_colo_base_score }} {%- endif %} {%- endfor %} @@ -145,11 +147,12 @@ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_vip] }}" vars: __constraint_colo_vip: - id: "{{ sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name }}" resource_leader: # SAPHana is replaced by SAP HANA Controller for SAPHanaSR-angi - id: "{{ sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name if __sap_ha_pacemaker_cluster_saphanasr_angi_available - else sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + id: "{{ __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name + if __sap_ha_pacemaker_cluster_saphanasr_angi_available + else __sap_ha_pacemaker_cluster_hana_resource_clone_name }}" # SUSE SAPHanaSR is using Master Slave clone using Master/Slave roles role: "{{ 'slave' if ansible_os_family == 'Suse' and not __sap_ha_pacemaker_cluster_saphanasr_angi_available else 'unpromoted' }}" @@ -168,14 +171,14 @@ __res_or_grp: |- {% if sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 and __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} + | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} + {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} + | select('match', __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} + {{ __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') - | select('match', sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name) -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }} + | select('match', __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name) -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }} {%- else -%} none_found {%- endif -%} @@ -185,7 +188,7 @@ {% if __sap_ha_pacemaker_cluster_resource_groups | length > 0 -%} {% for group in __sap_ha_pacemaker_cluster_resource_groups -%} {% if group.id == (sap_ha_pacemaker_cluster_vip_group_prefix - + sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} + + __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} {{ (group.resource_ids | length * 1000) + sap_ha_pacemaker_cluster_constraint_colo_base_score }} {%- endif %} {%- endfor %} @@ -195,6 +198,6 @@ when: - __constraint_colo_vip.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) - - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address is defined - - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address != '' + - __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address is defined + - __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address != '' - __res_or_grp != 'none_found' # fallback skip if there was neither a group nor any VIP/HC resources found diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_groups.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_groups.yml index 18c634f19..3d7600d79 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_groups.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_groups.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Currently this is only used for HANA scenarios. - name: "SAP HA Prepare Pacemaker - Group the related VIP and healthcheck resources together" @@ -9,30 +10,30 @@ resource_ids: "{{ group_item.vip_hc_resources }}" __instance: - - name: "{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" + - name: "{{ __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" vip_hc_resources: - - "{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }}" - - name: "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" + - "{{ __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" + - "{{ __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }}" + - name: "{{ __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" vip_hc_resources: - - "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }}" - - name: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" - vip_hc_resources: - - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name }}" - - name: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" - vip_hc_resources: - - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name }}" - - name: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" - vip_hc_resources: - - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name }}" - - name: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" - vip_hc_resources: - - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name }}" + - "{{ __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" + - "{{ __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }}" + # - name: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name }}" + # vip_hc_resources: + # - "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name }}" + # - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name }}" + # - name: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name }}" + # vip_hc_resources: + # - "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name }}" + # - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name }}" + # - name: "{{ __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" + # vip_hc_resources: + # - "{{ __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" + # - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name }}" + # - name: "{{ __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" + # vip_hc_resources: + # - "{{ __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" + # - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name }}" loop: "{{ __instance }}" loop_control: loop_var: group_item diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_resources_default.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_resources_default.yml index b274fbda9..eb3867790 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_resources_default.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_resources_default.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reminder: This file is included in a loop over a dictionary. # Included in: tasks/include_construct_vip_resources.yml diff --git a/roles/sap_ha_pacemaker_cluster/tasks/import_hacluster_vars_from_inventory.yml b/roles/sap_ha_pacemaker_cluster/tasks/import_hacluster_vars_from_inventory.yml index ad449ce7b..c2fa67448 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/import_hacluster_vars_from_inventory.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/import_hacluster_vars_from_inventory.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # If there are "ha_cluster" Linux System Role parameters already defined in the # inventory, we will include these custom specifications and they take precedence. @@ -100,3 +101,18 @@ when: ha_cluster_totem is defined ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_corosync_totem: "{{ ha_cluster_totem }}" + +# ha_cluster_sbd_options +- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_sbd_options'" + when: + - ha_cluster_sbd_options is defined + and ha_cluster_sbd_options | length > 0 + and ha_cluster_sbd_options is iterable + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_sbd_options: "{{ ha_cluster_sbd_options }}" + +# ha_cluster_sbd_enabled +- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_sbd_enabled'" + when: ha_cluster_sbd_enabled is defined and ha_cluster_sbd_enabled | bool + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_sbd_enabled: "{{ ha_cluster_sbd_enabled }}" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/include_construct_vip_resources.yml b/roles/sap_ha_pacemaker_cluster/tasks/include_construct_vip_resources.yml index 617429931..6a5517cb4 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/include_construct_vip_resources.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/include_construct_vip_resources.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # For the sake of readability and maintainability, suppress cosmetical ansible-lint warnings. - name: "SAP HA Prepare Pacemaker - Make a list of potential VIP definitions" @@ -5,37 +6,51 @@ __sap_ha_pacemaker_cluster_all_vip_fact: # noqa jinja[spacing] hana_scaleup_perf: "{{ { - sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: - sap_ha_pacemaker_cluster_vip_hana_primary_ip_address | regex_replace('/.*', ''), - sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name: - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | regex_replace('/.*', ''), - sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name: + __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: + __sap_ha_pacemaker_cluster_vip_hana_primary_ip_address | regex_replace('/.*', ''), + __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name: + __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | regex_replace('/.*', ''), + __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name: sap_ha_pacemaker_cluster_healthcheck_hana_primary_port, - sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name: + __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name: sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port - } }}" + } if sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup_perf') | length > 0 else omit }}" + nwas_abap_ascs_ers: "{{ { - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name: - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address | regex_replace('/.*', ''), - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name: - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address | regex_replace('/.*', ''), - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name: - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port, - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name: - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port - } }}" + __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name: + __sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address | regex_replace('/.*', ''), + __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name: + __sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address | regex_replace('/.*', ''), + __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name: + sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_port, + __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name: + sap_ha_pacemaker_cluster_healthcheck_nwas_ers_port + } if sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 else omit }}" + + nwas_java_scs_ers: "{{ + { + __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name: + __sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address | regex_replace('/.*', ''), + __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name: + __sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address | regex_replace('/.*', ''), + __sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name: + sap_ha_pacemaker_cluster_healthcheck_nwas_scs_port, + __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name: + sap_ha_pacemaker_cluster_healthcheck_nwas_ers_port + } if sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 else omit }}" + nwas_abap_pas_aas: "{{ { - sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: - sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address | regex_replace('/.*', ''), - sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: - sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address | regex_replace('/.*', ''), - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name: + __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: + __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address | regex_replace('/.*', ''), + __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: + __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address | regex_replace('/.*', ''), + __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name: sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port, - sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name: + __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name: sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port - } }}" + } if sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_pas_aas') | length > 0 else omit }}" ### Maintenance note # @@ -62,7 +77,7 @@ - name: "SAP HA Prepare Pacemaker - Combine VIP parameters" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_vip_resource_definition: - "{{ __sap_ha_pacemaker_cluster_vip_resource_definition | default({}) + "{{ __sap_ha_pacemaker_cluster_vip_resource_definition | d({}) | combine(__sap_ha_pacemaker_cluster_all_vip_fact[vip_item]) | dict2items | rejectattr('value', 'equalto', '') | list | items2dict }}" loop: "{{ sap_ha_pacemaker_cluster_host_type }}" @@ -86,6 +101,27 @@ # The VIP resource construction files are included in a loop to allow # for multiple IPs to be configured in cluster resources +# Create list of VIP resource names to distinguish between VIP and HC resources +- name: "SAP HA Prepare Pacemaker - Prepare list of VIP resource names" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_vip_resource_list: + - "{{ __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name | d('') }}" + + __sap_ha_pacemaker_cluster_healthcheck_resource_list: + - "{{ __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name | d('') }}" + - "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name | d('') }}" + # Repeat the VIP resource definition in a loop over the above combined possible parameters. # Applies to systems with no particular platform detected. # VIP resources creation only. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/include_vars_common.yml b/roles/sap_ha_pacemaker_cluster/tasks/include_vars_common.yml index f132a6738..38b7e3aea 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/include_vars_common.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/include_vars_common.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Gather specific subsets of facts if the required facts are not yet available. - name: "SAP HA Prepare Pacemaker - Collect required facts" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/include_vars_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/include_vars_hana.yml index 6c7f8c906..cf7d537da 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/include_vars_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/include_vars_hana.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Detect presence of SAPHanaSR-angi package before loading HANA variables # Detection of package availability was chosen instead of OS version check. @@ -32,3 +33,151 @@ else sap_ha_pacemaker_cluster_cluster_properties }}" when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 + + +# Private variables are assigned following logic: +# 1. Use backwards compatible var if new var is empty +# 2. Use user input if new var is not empty +# 3. Use default (results in failed assert in validation tasks if default is empty string) + + +# Calculate private variables +- name: "SAP HA Prepare Pacemaker - Set primary variables (HANA)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_hana_sid: + "{{ sap_hana_sid | d('') | upper + if sap_ha_pacemaker_cluster_hana_sid | string | length == 0 + else sap_ha_pacemaker_cluster_hana_sid | upper }}" + + # TODO: Remove backwards compatibility sap_ha_pacemaker_cluster_hana_instance_number + __sap_ha_pacemaker_cluster_hana_instance_nr: + "{{ sap_ha_pacemaker_cluster_hana_instance_number | d(sap_hana_instance_number) | d('') + if sap_ha_pacemaker_cluster_hana_instance_nr | string | length == 0 + else sap_ha_pacemaker_cluster_hana_instance_nr }}" + + +- name: "SAP HA Prepare Pacemaker - Set cluster resource variables: Primitives (HANA)" + ansible.builtin.set_fact: + # SAP Hana + __sap_ha_pacemaker_cluster_hana_resource_name: + "{{ 'rsc_SAPHana_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hana_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_resource_name }}" + + __sap_ha_pacemaker_cluster_hana_resource_clone_name: + "{{ 'cln_SAPHana_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hana_resource_clone_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_resource_clone_name }}" + + __sap_ha_pacemaker_cluster_hana_resource_clone_msl_name: + "{{ 'msl_SAPHana_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hana_resource_clone_msl_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_resource_clone_msl_name }}" + + # SAP Hana Controller + __sap_ha_pacemaker_cluster_hanacontroller_resource_name: + "{{ 'rsc_SAPHanaCon_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hanacontroller_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_hanacontroller_resource_name }}" + + __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name: + "{{ 'mst_SAPHanaCon_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name | string | length == 0 + else sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }}" + + # SAP Hana Topology + __sap_ha_pacemaker_cluster_hana_topology_resource_name: + "{{ 'rsc_SAPHanaTop_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hana_topology_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_topology_resource_name }}" + + __sap_ha_pacemaker_cluster_hana_topology_resource_clone_name: + "{{ 'cln_SAPHanaTop_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hana_topology_resource_clone_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" + + # SAP Hana Filesystem + __sap_ha_pacemaker_cluster_hana_filesystem_resource_name: + "{{ 'rsc_SAPHanaFil_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hana_filesystem_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_filesystem_resource_name }}" + + __sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name: + "{{ 'cln_SAPHanaFil_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name }}" + + +- name: "SAP HA Prepare Pacemaker - Set cluster resource variables: Constraints (HANA)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_hana_order_topology_hana_name: + "{{ 'ord_saphana_saphanatop_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr + if sap_ha_pacemaker_cluster_hana_order_topology_hana_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_order_topology_hana_name }}" + + __sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name: + "{{ 'col_saphana_vip_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr ~ '_primary' + if sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name }}" + + __sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name: + "{{ 'col_saphana_vip_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr ~ '_readonly' + if sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name }}" + + __sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name: + "{{ 'ord_saphana_vip_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr ~ '_primary' + if sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name }}" + + __sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name: + "{{ 'ord_saphana_vip_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr ~ '_readonly' + if sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name | string | length == 0 + else sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name }}" + + +- name: "SAP HA Prepare Pacemaker - Set cluster resource variables: VIP (HANA)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_vip_hana_primary_ip_address: + "{{ sap_ha_pacemaker_cluster_vip_hana_primary_ip_address | d('') }}" + + __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: + "{{ 'rsc_vip_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr ~ '_primary' + if sap_ha_pacemaker_cluster_vip_hana_primary_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" + + __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name: + "{{ 'rsc_vip_health_check_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr ~ '_primary' + if sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }}" + + __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address: + "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | d('') }}" + + __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name: + "{{ 'rsc_vip_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr ~ '_readonly' + if sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" + + __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name: + "{{ 'rsc_vip_health_check_' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '_HDB' ~ __sap_ha_pacemaker_cluster_hana_instance_nr ~ '_readonly' + if sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }}" + + __sap_ha_pacemaker_cluster_healthcheck_hana_primary_id: + "{{ __sap_ha_pacemaker_cluster_hana_sid ~ 'prim' + if sap_ha_pacemaker_cluster_healthcheck_hana_primary_id | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }}" + + __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id: + "{{ __sap_ha_pacemaker_cluster_hana_sid ~ 'ro' + if sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }}" + + +- name: "SAP HA Prepare Pacemaker - Set variables: Other (HANA)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_hana_global_ini_path: + "{{ '/usr/sap/' ~ __sap_ha_pacemaker_cluster_hana_sid ~ '/SYS/global/hdb/custom/config/global.ini' + if sap_ha_pacemaker_cluster_hana_global_ini_path | string | length == 0 + else sap_ha_pacemaker_cluster_hana_global_ini_path }}" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml b/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml index 7ffa92e8b..ffbef8df0 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HA Prepare Pacemaker - Include NETWEAVER landscape specific variables ansible.builtin.include_vars: "{{ role_path }}/vars/{{ include_item }}.yml" @@ -11,3 +12,382 @@ - "{{ sap_ha_pacemaker_cluster_host_type }}" when: - "(role_path + '/vars/' + include_item + '.yml') is file" + + +# Private variables are assigned following logic: +# 1. Use backwards compatible var if new var is empty +# 2. Use user input if new var is not empty +# 3. Use default (results in failed assert in validation tasks if default is empty string) + + +# Calculate private variables +- name: "SAP HA Prepare Pacemaker - Set primary variables (Netweaver)" + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to nwas_abap_ascs + __sap_ha_pacemaker_cluster_nwas_sid: + "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | d(sap_swpm_sid) | d('') | upper + if sap_ha_pacemaker_cluster_nwas_sid | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_sid | upper }}" + + __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr | d(sap_swpm_ascs_instance_nr) | d('') + if sap_ha_pacemaker_cluster_nwas_ascs_instance_nr | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }}" + + __sap_ha_pacemaker_cluster_nwas_scs_instance_nr: + "{{ sap_swpm_ascs_instance_nr | d('') + if sap_ha_pacemaker_cluster_nwas_scs_instance_nr | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_scs_instance_nr }}" + + # Assign from sap_swpm variables based on host type + __sap_ha_pacemaker_cluster_nwas_ers_instance_nr: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr | d(sap_swpm_ers_instance_nr) | d('') + if sap_ha_pacemaker_cluster_nwas_ers_instance_nr | string | length == 0 + and sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + else (sap_swpm_ers_instance_nr | d('') + if sap_ha_pacemaker_cluster_nwas_ers_instance_nr | string | length == 0 + and sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 + else sap_ha_pacemaker_cluster_nwas_ers_instance_nr) }}" + + __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr: + "{{ sap_swpm_pas_instance_nr | d('') + if sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" + + __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr: + "{{ sap_swpm_aas_instance_nr | d('') + if sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" + + +- name: "SAP HA Prepare Pacemaker - Set cluster resource variable: VIP (Netweaver)" + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to nwas_abap_ascs + # ASCS + __sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address: + "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address | d('') + if sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address }}" + + __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name: + "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name + | d('rsc_vip_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ASCS' ~ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr) + if sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_name }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name: + "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name + | d('rsc_vip_health_check_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ASCS' ~ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr) + if sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name }}" + + # SCS + __sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address: + "{{ sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address | d('') }}" + + __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name: + "{{ 'rsc_vip_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_SCS' ~ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + if sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_scs_resource_name }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name: + "{{ 'rsc_vip_health_check_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_SCS' ~ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + if sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_scs_resource_name }}" + + # ERS + __sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address: + "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address | d('') + if sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address }}" + + __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name: + "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name + | d('rsc_vip_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ERS' ~ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr) + if sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_ers_resource_name }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name: + "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name + | d('rsc_vip_health_check_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ERS' ~ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr) + if sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name }}" + + # PAS + __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address: + "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address | d('') }}" + + __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: + "{{ 'rsc_vip_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_PAS' ~ __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr + if sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name: + "{{ 'rsc_vip_health_check_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_PAS' ~ __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr + if sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name }}" + + # AAS + __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address: + "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address | d('') }}" + + __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: + "{{ 'rsc_vip_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_AAS' ~ __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr + if sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name: + "{{ 'rsc_vip_health_check_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_AAS' ~ __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr + if sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name }}" + + +- name: "SAP HA Prepare Pacemaker - Set cluster resource variable: VIP Health Checks (Netweaver)" + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to nwas_abap_ascs + __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id: + "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id | d(__sap_ha_pacemaker_cluster_nwas_sid ~ 'ascs') + if sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_scs_id: + "{{ __sap_ha_pacemaker_cluster_nwas_sid ~ 'scs' + if sap_ha_pacemaker_cluster_healthcheck_nwas_scs_id | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_scs_id }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id: + "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id | d(__sap_ha_pacemaker_cluster_nwas_sid ~ 'ers') + if sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id | string | length == 0 + and sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + else (__sap_ha_pacemaker_cluster_nwas_sid ~ 'ers' + if sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id | string | length == 0 + and sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id) }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_pas_id: + "{{ __sap_ha_pacemaker_cluster_nwas_sid ~ 'pas' + if sap_ha_pacemaker_cluster_healthcheck_nwas_pas_id | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_pas_id }}" + + __sap_ha_pacemaker_cluster_healthcheck_nwas_aas_id: + "{{ __sap_ha_pacemaker_cluster_nwas_sid ~ 'aas' + if sap_ha_pacemaker_cluster_healthcheck_nwas_aas_id | string | length == 0 + else sap_ha_pacemaker_cluster_healthcheck_nwas_aas_id }}" + + +- name: "SAP HA Prepare Pacemaker - Set cluster resource variable: Filesystem (Netweaver)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name: + "{{ 'rsc_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_sapmnt' + if sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name: + "{{ 'cln_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_sapmnt' + if sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name }}" + + __sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name: + "{{ 'rsc_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_trans' + if sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name: + "{{ 'cln_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_trans' + if sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name }}" + + __sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name: + "{{ 'rsc_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_sys' + if sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name: + "{{ 'cln_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_sys' + if sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name }}" + + +- name: "SAP HA Prepare Pacemaker - Set variable: Instance names (Netweaver)" + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to nwas_abap_ascs + __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name | d('') + if sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name | d('') }}" + + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name: + "{{ sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name | d('') }}" + + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name | d('') + if sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name | d('') }}" + + +- name: "SAP HA Prepare Pacemaker - Set variable: Instance profile paths (Netweaver)" + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to nwas_abap_ascs + __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string + | d('/sapmnt/' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '/profile/' ~ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name) + if sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }}" + + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string: + "{{ '/sapmnt/' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '/profile/' ~ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name + if sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string }}" + + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string + | d('/sapmnt/' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '/profile/' ~ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name) + if sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" + + +- name: "SAP HA Prepare Pacemaker - Set variables for ASCS resources (Netweaver)" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to nwas_abap_ascs + __sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name + | d('rsc_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ASCS' ~ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr) + if sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ascs_filesystem_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name + | d('rsc_SAPInstance_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ASCS' ~ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr) + if sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name + | d('rsc_SAPStartSrv_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ASCS' ~ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr) + if sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name }}" + + __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name: + "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name + | d('grp_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ASCS' ~ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr) + if sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" + + __sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name: + "{{ 'col_ascs_separate_' ~ __sap_ha_pacemaker_cluster_nwas_sid + if sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name }}" + + __sap_ha_pacemaker_cluster_nwas_order_ascs_first_name: + "{{ 'ord_ascs_first_' ~ __sap_ha_pacemaker_cluster_nwas_sid + if sap_ha_pacemaker_cluster_nwas_order_ascs_first_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_order_ascs_first_name }}" + + +- name: "SAP HA Prepare Pacemaker - Set variables for SCS resources (Netweaver)" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java') | length > 0 + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_nwas_scs_filesystem_resource_name: + "{{ 'rsc_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_SCS' ~ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + if sap_ha_pacemaker_cluster_nwas_scs_filesystem_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_scs_filesystem_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name: + "{{ 'rsc_SAPInstance_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_SCS' ~ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + if sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name: + "{{ 'rsc_SAPStartSrv_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_SCS' ~ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + if sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name }}" + + __sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name: + "{{ 'grp_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_SCS' ~ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + if sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_scs_resource_group_name }}" + + __sap_ha_pacemaker_cluster_nwas_colocation_scs_no_ers_name: + "{{ 'col_scs_separate_' ~ __sap_ha_pacemaker_cluster_nwas_sid + if sap_ha_pacemaker_cluster_nwas_colocation_scs_no_ers_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_colocation_scs_no_ers_name }}" + + __sap_ha_pacemaker_cluster_nwas_order_scs_first_name: + "{{ 'ord_scs_first_' ~ __sap_ha_pacemaker_cluster_nwas_sid + if sap_ha_pacemaker_cluster_nwas_order_scs_first_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_order_scs_first_name }}" + + +- name: "SAP HA Prepare Pacemaker - Set variables for ERS resources (Netweaver)" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 + or sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java') | length > 0 + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to nwas_abap_ascs + __sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name + | d('rsc_fs_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ERS' ~ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr) + if sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ers_filesystem_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name + | d('rsc_SAPInstance_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ERS' ~ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr) + if sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" + + __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name + | d('rsc_SAPStartSrv_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ERS' ~ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr) + if sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name | string | length == 0 + else sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name }}" + + __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name: + "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name + | d('grp_' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_ERS' ~ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr) + if sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name | string | length == 0 + else sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" + + __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool: + "{{ sap_ha_pacemaker_cluster_nwas_ers_sapinstance_automatic_recover_bool | d(false) }}" + + +- name: "SAP HA Prepare Pacemaker - Set variables for Central Services parameters (Netweaver)" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + or sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to nwas_abap_ascs + __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool: + "{{ sap_ha_pacemaker_cluster_nwas_cs_sapinstance_automatic_recover_bool | d(false) }}" + + __sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness: + "{{ sap_ha_pacemaker_cluster_nwas_cs_sapinstance_resource_stickiness | d(5000) }}" + + __sap_ha_pacemaker_cluster_nwas_cs_ensa1: + "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 + if sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 is defined and sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 + else sap_ha_pacemaker_cluster_nwas_cs_ensa1 | d(false) }}" + + __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount: + "{{ sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount | bool | d(true) }}" + +# TODO: Add PAS and AAS variables +# sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_resource_name: > +# "Filesystem_NWAS_ABAP_PAS_{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" +# sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_resource_name: > +# "SAPInstance_NWAS_ABAP_PAS_{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" +# sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_resource_name: > +# "Filesystem_NWAS_ABAP_AAS_{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" +# sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_resource_name: > +# "SAPInstance_NWAS_ABAP_AAS_{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" + + +- name: "SAP HA Prepare Pacemaker - Set variables for NFS Filesystems (Netweaver)" + ansible.builtin.set_fact: + # TODO: Remove backwards compatibility to typo + __sap_ha_pacemaker_cluster_storage_nfs_filesystem_type: + "{{ sap_ha_pacemaker_cluster_storage_nfs_filesytem_type | d(sap_ha_pacemaker_cluster_storage_nfs_filesystem_type) }}" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/roles/sap_ha_pacemaker_cluster/tasks/main.yml index 4b2119e92..95c43eac3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/main.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # 1. Role arguments are validated through meta/arguments_spec.yml (ansible >= 2.11) # 2. Detect SAP solution to be configured (scale-up, scale-out, etc.) @@ -15,9 +16,6 @@ # TODO: Build all resource/constraint configuration variables based on # simpler user input (think: drop-down options in a UI) -- name: "SAP HA Prepare Pacemaker - Include parameter validation tasks" - ansible.builtin.import_tasks: validate_input_parameters.yml - # Make sure that all parameters already set for 'ha_cluster' are also inherited. # Add to this file a task for EACH parameter which this SAP cluster role # supports. @@ -31,6 +29,10 @@ - name: "SAP HA Prepare Pacemaker - Include tasks for SAP landscape calculation" ansible.builtin.import_tasks: ascertain_sap_landscape.yml +# Validate input variables after processing in include_vars_ tasks. +- name: "SAP HA Prepare Pacemaker - Include parameter validation tasks" + ansible.builtin.import_tasks: validate_input_parameters.yml + # Determine if we are on a cloud platform. - name: "SAP HA Prepare Pacemaker - Include tasks for platform detection" ansible.builtin.import_tasks: platform/ascertain_platform_type.yml @@ -47,8 +49,8 @@ - name: "SAP HA Prepare Pacemaker - Include variable construction for VIP resources" ansible.builtin.import_tasks: include_construct_vip_resources.yml -# Include construction task files for different scenarios. +# SAP HANA Scenarios - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP HANA common" ansible.builtin.include_tasks: file: construct_vars_hana_common.yml @@ -69,57 +71,77 @@ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 - __sap_ha_pacemaker_cluster_saphanasr_angi_available + +# Common variables for Netweaver scenarios - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver common" ansible.builtin.include_tasks: file: construct_vars_nwas_common.yml when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 + or sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java') | length > 0 + -- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ABAP ASCS/ERS" +# SAP ASCS/ERS Scenarios +- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ASCS/ERS" ansible.builtin.include_tasks: file: construct_vars_nwas_abap_ascs_ers.yml loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - - "'nwas_abap_ascs' in nwas_build_item" - - not sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount + - "'nwas_abap_ascs_ers' in nwas_build_item" + - not __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount -- name: SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ABAP ASCS/ERS - Simple Mount # noqa name[template] +- name: SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ASCS/ERS Simple Mount ansible.builtin.include_tasks: file: construct_vars_nwas_abap_ascs_ers_simple_mount.yml loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - - "'nwas_abap_ascs' in nwas_build_item" - - sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount - # TODO: Remove rule when SAPStartSrv resource agents are available on Red Hat - - ansible_os_family == 'Suse' + - "'nwas_abap_ascs_ers' in nwas_build_item" + - __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount -- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ABAP PAS/AAS" + +# SAP SCS/ERS Scenarios +- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver SCS/ERS" ansible.builtin.include_tasks: - file: construct_vars_nwas_abap_pas_aas.yml + file: construct_vars_nwas_java_scs_ers.yml loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - - "'nwas_abap_pas' in nwas_build_item" + - "'nwas_java_scs_ers' in nwas_build_item" + - not __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount -- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver Java SCS/ERS" +- name: SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver SCS/ERS Simple Mount ansible.builtin.include_tasks: - file: construct_vars_nwas_java_scs_ers.yml + file: construct_vars_nwas_java_scs_ers_simple_mount.yml loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - - "'nwas_java' in nwas_build_item" + - "'nwas_java_scs_ers' in nwas_build_item" + - __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + + +# SAP PAS/AAS Scenarios +- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ABAP PAS/AAS" + ansible.builtin.include_tasks: + file: construct_vars_nwas_abap_pas_aas.yml + loop: "{{ sap_ha_pacemaker_cluster_host_type }}" + loop_control: + loop_var: nwas_build_item + when: + - "'nwas_abap_pas' in nwas_build_item" + # Include constraints construction after the related resources were constructed. - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP Hana VIP constraints" ansible.builtin.include_tasks: file: construct_vars_vip_constraints_hana.yml + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 # All of the SAP HA role constructed parameters must be translated to # 'ha_cluster' Linux System Role parameters. @@ -182,6 +204,7 @@ owner: root mode: "0600" + # Cluster installation and configuration through the dedicated # linux system role 'ha_cluster' - name: "SAP HA Install Pacemaker - Include System Role 'ha_cluster'" @@ -189,32 +212,6 @@ name: "{{ sap_ha_pacemaker_cluster_system_roles_collection }}.ha_cluster" no_log: "{{ __sap_ha_pacemaker_cluster_no_log }}" # some parameters contain secrets - # # Resource defaults settings were added to "ha_cluster" in Apr 2023 (GH version 1.9.0) - # # https://github.com/linux-system-roles/ha_cluster#ha_cluster_resource_defaults - # # Keeping separate for compatibility with older versions of the ha_cluster role. - # # TODO: Change resource defaults update to "ha_cluster" native syntax. - # - name: "SAP HA Install Pacemaker - Check resource defaults" - # ansible.builtin.command: - # cmd: | - # {{ __sap_ha_pacemaker_cluster_command.resource_defaults_show }} - # register: __sap_ha_pacemaker_cluster_check_resource_defaults - # run_once: true - # changed_when: false - # check_mode: false - - # - name: "SAP HA Install Pacemaker - Update resource default attributes" - # when: - # - item.key ~ '=' ~ item.value not in __sap_ha_pacemaker_cluster_check_resource_defaults.stdout - # - __sap_ha_pacemaker_cluster_resource_defaults is defined - # - __sap_ha_pacemaker_cluster_resource_defaults | length > 0 - # ansible.builtin.command: - # cmd: | - # {{ __sap_ha_pacemaker_cluster_command.resource_defaults_update }} {{ item.key }}={{ item.value }} - # loop: "{{ __sap_ha_pacemaker_cluster_resource_defaults | dict2items }}" - # loop_control: - # label: "{{ item.key }}={{ item.value }}" - # run_once: true - # changed_when: true # Corosync post-inst - name: "SAP HA Install Pacemaker - Make sure corosync systemd directory exists" @@ -257,23 +254,43 @@ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 run_once: true - # Post steps for ACS ERS crmsh cluster to remove unsupported operations + + # Post steps for ASCS/ERS crmsh cluster to remove unsupported operations - name: "SAP HA Install Pacemaker - Include NetWeaver ASCS/ERS post steps OS specific" ansible.builtin.include_tasks: file: "{{ ansible_facts['os_family'] }}/post_steps_nwas_abap_ascs_ers.yml" when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + - ansible_os_family == 'Suse' + run_once: true + + # Post steps for SCS/ERS crmsh cluster to remove unsupported operations + - name: "SAP HA Install Pacemaker - Include NetWeaver SCS/ERS post steps OS specific" + ansible.builtin.include_tasks: + file: "{{ ansible_facts['os_family'] }}/post_steps_nwas_java_scs_ers.yml" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 - ansible_os_family == 'Suse' run_once: true + - name: "SAP HA Install Pacemaker - Include NetWeaver ASCS/ERS post steps" ansible.builtin.include_tasks: - file: configure_nwas_ascs_ers_postinstallation.yml + file: configure_nwas_abap_ascs_ers_post_install.yml + apply: + tags: nwas_postinst + tags: nwas_postinst + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + + - name: "SAP HA Install Pacemaker - Include NetWeaver SCS/ERS post steps" + ansible.builtin.include_tasks: + file: configure_nwas_java_scs_ers_post_install.yml apply: tags: nwas_postinst tags: nwas_postinst when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 ### END OF BLOCK: prerequisite changes and cluster setup diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml index 95196df6f..4ebd242bd 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Platform detection for cloud and other infrastructure platforms. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_aws_ec2_vs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_aws_ec2_vs.yml index 25cf812c5..fb2c5e918 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_aws_ec2_vs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_aws_ec2_vs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reminder: This file is included in a loop over a dictionary. # Included in: tasks/include_construct_vip_resources.yml diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_gcp_ce_vm.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_gcp_ce_vm.yml index 0e5cb6a16..50979c707 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_gcp_ce_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_gcp_ce_vm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reminder: This file is included in a loop over a dictionary. # Included in: tasks/include_construct_vip_resources.yml @@ -14,7 +15,7 @@ vars: __resource_vip: id: "{{ vip_list_item.key }}" - agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].agent }}" + agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents['ipaddr'].agent | d('ocf:heartbeat:IPaddr2') }}" instance_attrs: - attrs: - name: ip @@ -52,19 +53,19 @@ value: 20 __haproxy_id: >- - {% if vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name + {% if vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name and sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port | length > 4 -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_id }} + {{ __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_nwas_pas_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_nwas_aas_id }} {%- else -%} {%- endif %} @@ -73,3 +74,30 @@ - sap_ha_pacemaker_cluster_vip_method == 'gcp_nlb_reserved_ip_haproxy' - vip_list_item.key in __sap_ha_pacemaker_cluster_healthcheck_resource_list - __haproxy_id | length > 0 + + +- name: "SAP HA Prepare Pacemaker - GCP CE - Add resource: Socat resource for Health Checks (socat)" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__health_check] }}" + vars: + __health_check: + id: "{{ vip_list_item.key }}" + agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].agent }}" + instance_attrs: + - attrs: + - name: binfile + value: "/usr/bin/socat" + - name: cmdline_options + value: "-U TCP-LISTEN:{{ vip_list_item.value }},backlog=10,fork,reuseaddr /dev/null" + operations: + - action: monitor + attrs: + - name: interval + value: 10 + - name: timeout + value: 20 + + when: + - vip_list_item.key not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) + - sap_ha_pacemaker_cluster_vip_method == 'gcp_anything_socat' + - vip_list_item.key in __sap_ha_pacemaker_cluster_healthcheck_resource_list diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_powervs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_powervs.yml index b8a2abac2..6a76ad02b 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_powervs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_powervs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reminder: This file is included in a loop over a dictionary. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_vs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_vs.yml index 57137edbc..713635e35 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_vs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_vs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reminder: This file is included in a loop over a dictionary. # Included in: tasks/include_construct_vip_resources.yml @@ -29,19 +30,19 @@ value: 20 __haproxy_id: >- - {% if vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name + {% if vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name and sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port | length > 4 -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_id }} - {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name -%} - {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_id }} + {{ __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_nwas_pas_id }} + {%- elif vip_list_item.key == __sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name -%} + {{ __sap_ha_pacemaker_cluster_healthcheck_nwas_aas_id }} {%- else -%} {%- endif %} diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_msazure_vm.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_msazure_vm.yml index 255a2b420..e29e04ef3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_msazure_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_msazure_vm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reminder: This file is included in a loop over a dictionary. # Included in: tasks/include_construct_vip_resources.yml diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_hyp_ibmpower_vm.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_hyp_ibmpower_vm.yml index b2ebfb1a7..ab5c57ab8 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_hyp_ibmpower_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_hyp_ibmpower_vm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reminder: This file is included in a loop over a dictionary. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/include_vars_platform.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/include_vars_platform.yml index 0a7199bc3..79f1e5592 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/include_vars_platform.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/include_vars_platform.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Include vars files based on the environment. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_aws_ec2_vs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_aws_ec2_vs.yml index 87c181d5d..1165a0a0f 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_aws_ec2_vs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_aws_ec2_vs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requirement to enable the fencing resource to function. @@ -19,7 +20,16 @@ owner: root path: /root/.aws/config +# New variable to disable default saving of AWS credentials file. +# Reason: It overrides attached IAM Role or IAM Instance Profile. - name: "SAP HA Prepare Pacemaker - AWS EC2 VS - Store awscli credentials" + when: + - sap_ha_pacemaker_cluster_aws_credentials_setup is defined + and sap_ha_pacemaker_cluster_aws_credentials_setup + - sap_ha_pacemaker_cluster_aws_access_key_id is defined + and sap_ha_pacemaker_cluster_aws_access_key_id | length > 0 + - sap_ha_pacemaker_cluster_aws_secret_access_key is defined + and sap_ha_pacemaker_cluster_aws_secret_access_key | length > 0 ansible.builtin.blockinfile: backup: true block: | @@ -31,3 +41,20 @@ owner: root path: /root/.aws/credentials no_log: true + +# Notification about dependency on IAM Attachment if +# sap_ha_pacemaker_cluster_aws_credentials_setup is not set to true +- name: "SAP HA Prepare Pacemaker - AWS EC2 VS - awscli credentials warning" + when: + - sap_ha_pacemaker_cluster_aws_credentials_setup is not defined + or (sap_ha_pacemaker_cluster_aws_credentials_setup is defined + and not sap_ha_pacemaker_cluster_aws_credentials_setup) + ansible.builtin.debug: + msg: "{{ __awscli_message.splitlines() }}" + vars: + __awscli_message: | + Notification: AWS CLI credentials were not stored because the variable + sap_ha_pacemaker_cluster_aws_credentials_setup is not defined or it is not true. + + Please ensure that your instances have IAM Role or Instance Profile attached, per AWS documentation + You can ignore this message if provisioning was completed using community.sap_infrastructure. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml index 76e4dfc12..e961fdca3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml @@ -1,154 +1,170 @@ +# SPDX-License-Identifier: Apache-2.0 --- - -- name: "SAP HA Install Pacemaker - GCP CE VM - Install haproxy" - ansible.builtin.package: - name: haproxy - state: present - -- name: "SAP HA Install Pacemaker - GCP CE VM - Check if haproxy service template exists" - ansible.builtin.stat: - path: /etc/systemd/system/haproxy@.service - register: __sap_ha_pacemaker_cluster_register_haproxy_template - -- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy service template" - ansible.builtin.copy: - dest: /etc/systemd/system/haproxy@.service - remote_src: true - src: /usr/lib/systemd/system/haproxy.service - mode: '0644' - when: - - not __sap_ha_pacemaker_cluster_register_haproxy_template.stat.exists - -- name: "SAP HA Install Pacemaker - GCP CE VM - Update haproxy service template description" - ansible.builtin.lineinfile: - backup: true - path: /etc/systemd/system/haproxy@.service - regexp: '^Description=' - line: 'Description=HAProxy Load Balancer %i' - state: present - insertafter: '^[Unit]$' - notify: "systemd daemon-reload" - -- name: "SAP HA Install Pacemaker - GCP CE VM - Update haproxy service template environment" - ansible.builtin.lineinfile: - backup: true - path: /etc/systemd/system/haproxy@.service - regexp: '^Environment=' - line: 'Environment="CONFIG=/etc/haproxy/haproxy-%i.cfg" "PIDFILE=/run/haproxy-%i.pid"' - state: present - insertafter: '^[Service]$' - notify: "systemd daemon-reload" - -- name: "SAP HA Install Pacemaker - GCP CE VM - Define healthcheck details for HANA" - ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_healthcheck_list_hana: - - name: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }}" - port: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_port }}" - # If no custom port is defined, calculate the port for the secondary - # by adding 10, to avoid a conflict with the port for the primary hc port. - - name: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }}" - port: >- - {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} - {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port }} - {%- else %}0{%- endif %} - when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 - -- name: "SAP HA Install Pacemaker - GCP CE VM - Define healthcheck details for NW ASCS/ERS" - ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_healthcheck_list_ascs: - - name: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id }}" - port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port }}" - - name: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id }}" - port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port }}" - when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 - - -- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for HANA instances" - ansible.builtin.blockinfile: - backup: false - create: true - path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" - mode: "0644" - owner: root - group: root - marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" - block: | - global - chroot /var/lib/haproxy - pidfile /var/run/haproxy-%i.pid - user haproxy - group haproxy - daemon - - defaults - mode tcp - log global - option dontlognull - option redispatch - retries 3 - timeout queue 1m - timeout connect 10s - timeout client 1m - timeout server 1m - timeout check 10s - maxconn 3000 - - # Listener for SAP healthcheck - listen healthcheck - bind *:{{ haproxy_item.port }} - loop: "{{ __sap_ha_pacemaker_cluster_healthcheck_list_hana }}" - loop_control: - loop_var: haproxy_item - label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" - when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 - - haproxy_item.port | length > 4 - - -- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for NWAS ASCS/ERS instances" - ansible.builtin.blockinfile: - create: true - path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" - mode: "0644" - owner: root - group: root - marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" - block: | - global - chroot /var/lib/haproxy - pidfile /var/run/haproxy-%i.pid - user haproxy - group haproxy - daemon - - defaults - mode tcp - log global - option dontlognull - option redispatch - retries 3 - timeout queue 1m - timeout connect 10s - timeout client 1m - timeout server 1m - timeout check 10s - maxconn 3000 - - # Listener for SAP healthcheck - listen healthcheck - bind *:{{ haproxy_item.port }} - loop: "{{ __sap_ha_pacemaker_cluster_healthcheck_list_ascs }}" - loop_control: - loop_var: haproxy_item - label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" - when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 - - -- name: "SAP HA Install Pacemaker - GCP CE VM - Ensure that haproxy service is running" - ansible.builtin.service: - name: haproxy - enabled: false - state: started +- name: "SAP HA Install Pacemaker - GCP CE VM - haproxy block" + when: sap_ha_pacemaker_cluster_vip_method == 'gcp_nlb_reserved_ip_haproxy' + block: + + - name: "SAP HA Install Pacemaker - GCP CE VM - Install haproxy" + ansible.builtin.package: + name: haproxy + state: present + + - name: "SAP HA Install Pacemaker - GCP CE VM - Check if haproxy service template exists" + ansible.builtin.stat: + path: /etc/systemd/system/haproxy@.service + register: __sap_ha_pacemaker_cluster_register_haproxy_template + + - name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy service template" + ansible.builtin.copy: + dest: /etc/systemd/system/haproxy@.service + remote_src: true + src: /usr/lib/systemd/system/haproxy.service + mode: '0644' + when: + - not __sap_ha_pacemaker_cluster_register_haproxy_template.stat.exists + + - name: "SAP HA Install Pacemaker - GCP CE VM - Update haproxy service template description" + ansible.builtin.lineinfile: + backup: true + path: /etc/systemd/system/haproxy@.service + regexp: '^Description=' + line: 'Description=HAProxy Load Balancer %i' + state: present + insertafter: '^[Unit]$' + notify: "systemd daemon-reload" + + - name: "SAP HA Install Pacemaker - GCP CE VM - Update haproxy service template" + ansible.builtin.replace: + backup: false + path: /etc/systemd/system/haproxy@.service + regexp: '{{ replace_item.orig }}' + replace: '{{ replace_item.new | d() }}' + loop: + - orig: '^(.+)haproxy.cfg(.*)$' + new: '\1haproxy-%i.cfg\2' + label: 'Replace haproxy.cfg with haproxy-%i.cfg' + - orig: '^(.+)haproxy.pid(.*)$' + new: '\1haproxy-%i.pid\2' + label: 'Replace haproxy.pid with haproxy-%i.pid' + - orig: '\"CFGDIR=(\/\w*)*\.d\"' + label: 'Delete definition of CFGDIR' + - orig: '\ -f \$CFGDIR' + label: 'Remove "-f $CFGDIR"' + loop_control: + loop_var: replace_item + label: "{{ replace_item.label }}" + notify: "systemd daemon-reload" + + - name: "SAP HA Install Pacemaker - GCP CE VM - Define healthcheck details for HANA" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_healthcheck_list_hana: + - name: "{{ __sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }}" + port: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_port }}" + # If no custom port is defined, calculate the port for the secondary + # by adding 10, to avoid a conflict with the port for the primary hc port. + - name: "{{ __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }}" + port: >- + {% if __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} + {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port }} + {%- else %}0{%- endif %} + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 + + - name: "SAP HA Install Pacemaker - GCP CE VM - Define healthcheck details for NW ASCS/ERS" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_healthcheck_list_ascs: + - name: "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id }}" + port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_port }}" + - name: "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id }}" + port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_ers_port }}" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + + + - name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for HANA instances" + ansible.builtin.blockinfile: + backup: false + create: true + path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" + mode: "0644" + owner: root + group: root + marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" + block: | + global + chroot /var/lib/haproxy + pidfile /var/run/haproxy-%i.pid + user haproxy + group haproxy + daemon + + defaults + mode tcp + log global + option dontlognull + option redispatch + retries 3 + timeout queue 1m + timeout connect 10s + timeout client 1m + timeout server 1m + timeout check 10s + maxconn 3000 + + # Listener for SAP healthcheck + listen healthcheck + bind *:{{ haproxy_item.port }} + loop: "{{ __sap_ha_pacemaker_cluster_healthcheck_list_hana }}" + loop_control: + loop_var: haproxy_item + label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 + - haproxy_item.port | length > 4 + + + - name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for NWAS ASCS/ERS instances" + ansible.builtin.blockinfile: + create: true + path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" + mode: "0644" + owner: root + group: root + marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" + block: | + global + chroot /var/lib/haproxy + pidfile /var/run/haproxy-%i.pid + user haproxy + group haproxy + daemon + + defaults + mode tcp + log global + option dontlognull + option redispatch + retries 3 + timeout queue 1m + timeout connect 10s + timeout client 1m + timeout server 1m + timeout check 10s + maxconn 3000 + + # Listener for SAP healthcheck + listen healthcheck + bind *:{{ haproxy_item.port }} + loop: "{{ __sap_ha_pacemaker_cluster_healthcheck_list_ascs }}" + loop_control: + loop_var: haproxy_item + label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + + + - name: "SAP HA Install Pacemaker - GCP CE VM - Ensure that haproxy service is running" + ansible.builtin.service: + name: haproxy + enabled: false + state: started diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_powervs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_powervs.yml index 33c4f2d5a..96bf786f6 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_powervs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_powervs.yml @@ -1,2 +1,3 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requirement to enable the fencing resource to function. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml index 2547a28e9..55e467aa3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requirement to enable the fencing resource to function. @@ -54,36 +55,38 @@ insertafter: '^[Unit]$' notify: "systemd daemon-reload" -- name: "SAP HA Install Pacemaker - IBM Cloud VS - Update haproxy service template environment" - ansible.builtin.lineinfile: - backup: true - path: /etc/systemd/system/haproxy@.service - regexp: '^Environment=' - line: 'Environment="CONFIG=/etc/haproxy/haproxy-%i.cfg" "PIDFILE=/run/haproxy-%i.pid"' - state: present - insertafter: '^[Service]$' - notify: "systemd daemon-reload" - -- name: "SAP HA Install Pacemaker - IBM Cloud VS - Update haproxy service template environment" - ansible.builtin.lineinfile: - backup: true +- name: "SAP HA Install Pacemaker - IBM Cloud VS - Update haproxy service template" + ansible.builtin.replace: + backup: false path: /etc/systemd/system/haproxy@.service - regexp: '^Environment=' - line: 'Environment="CONFIG=/etc/haproxy/haproxy-%i.cfg" "PIDFILE=/run/haproxy-%i.pid"' - state: present - insertafter: '^[Service]$' + regexp: '{{ replace_item.orig }}' + replace: '{{ replace_item.new | d() }}' + loop: + - orig: '^(.+)haproxy.cfg(.*)$' + new: '\1haproxy-%i.cfg\2' + label: 'Replace haproxy.cfg with haproxy-%i.cfg' + - orig: '^(.+)haproxy.pid(.*)$' + new: '\1haproxy-%i.pid\2' + label: 'Replace haproxy.pid with haproxy-%i.pid' + - orig: '\"CFGDIR=(\/\w*)*\.d\"' + label: 'Delete definition of CFGDIR' + - orig: '\ -f \$CFGDIR' + label: 'Remove "-f $CFGDIR"' + loop_control: + loop_var: replace_item + label: "{{ replace_item.label }}" notify: "systemd daemon-reload" - name: "SAP HA Install Pacemaker - IBM Cloud VS - Define healthcheck details for HANA" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_healthcheck_list_hana: - - name: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }}" + - name: "{{ __sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }}" port: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_port }}" # If no custom port is defined, calculate the port for the secondary # by adding 10, to avoid a conflict with the port for the primary hc port. - - name: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }}" + - name: "{{ __sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }}" port: >- - {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} + {% if __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port }} {%- else %}0{%- endif %} when: @@ -92,14 +95,14 @@ - name: "SAP HA Install Pacemaker - IBM Cloud VS - Define healthcheck details for NW ASCS/ERS" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_healthcheck_list_ascs: - - name: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id }}" - port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port }}" - - name: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id }}" - port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port }}" + - name: "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_id }}" + port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_port }}" + - name: "{{ __sap_ha_pacemaker_cluster_healthcheck_nwas_ers_id }}" + port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_ers_port }}" when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 -- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for HANA instances" +- name: "SAP HA Install Pacemaker - IBM Cloud VS - Create haproxy config for HANA instances" ansible.builtin.blockinfile: backup: false create: true @@ -140,7 +143,7 @@ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 - haproxy_item.port | length > 4 -- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for NWAS ASCS/ERS instances" +- name: "SAP HA Install Pacemaker - IBM Cloud VS - Create haproxy config for NWAS ASCS/ERS instances" ansible.builtin.blockinfile: create: true path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" @@ -177,7 +180,7 @@ loop_var: haproxy_item label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 # - name: "SAP HA Prepare Pacemaker - IBM Cloud VS - haproxy listener configuration" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_msazure_vm.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_msazure_vm.yml index 94d09abb3..e13eee0a3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_msazure_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_msazure_vm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requirement to enable the fencing resource to function. # diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_powervs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_powervs.yml index 2445e4c2d..478ae9278 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_powervs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_powervs.yml @@ -1,14 +1,14 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible facts rely on SMBIOS/DMI, which does not exist on ppc64le CPU Architecture. # Discovered input used for plug (via pcmk_host_map) -# The Instance ID in the IBM Power Virtual Server Workspace, is identical string to the UUID reported in the host -# alt command using IBM Power RSCT binary: /opt/rsct/bin/ctgethscid | grep PartitionUUID | cut -d \" -f2 -# alt command using cloud-init data: cat /run/cloud-init/instance-data.json | grep uuid | cut -d \" -f4 -# alt command using cloud-init data: cat /run/cloud-init/instance-data.json | grep instance_id | cut -d \" -f4 +# Reference - https://ibm.com/support/pages/node/7075598 +# The Instance ID in the IBM Power Virtual Server Workspace, must be identical string to the UUID reported in the host +# Use cloud-init data as definitive lookup on IBM Power VS, as IBM Power RSCT Binary /opt/rsct/bin/ctgethscid or Kernel data structure such as /proc/device-tree/ibm,partition-uuid - name: "SAP HA Prepare Pacemaker - IBM Cloud Power VS - IBM Power Virtual Server UUID" ansible.builtin.shell: | - set -o pipefail && echo $(tr -d '\0' < /proc/device-tree/ibm,partition-uuid) + set -o pipefail && echo $(cat /run/cloud-init/instance-data.json | grep instance_id | cut -d \" -f4) register: __sap_ha_pacemaker_cluster_register_ibmcloud_powervs_host changed_when: false check_mode: false diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_vs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_vs.yml index 298804b72..1828d7e55 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_vs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_vs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # There is no ansible fact with the fully qualified VM instance ID. # We get this information from the SMBIOS/DMI. diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_hyp_ibmpower_vm.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_hyp_ibmpower_vm.yml index f703571ec..eac6a8ad7 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_hyp_ibmpower_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_hyp_ibmpower_vm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible facts rely on SMBIOS/DMI, which does not exist on ppc64le CPU Architecture. # Use Open Firmware (OF) device tree values diff --git a/roles/sap_ha_pacemaker_cluster/tasks/validate_input_parameters.yml b/roles/sap_ha_pacemaker_cluster/tasks/validate_input_parameters.yml index 43702c91d..dc233b063 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/validate_input_parameters.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/validate_input_parameters.yml @@ -1,78 +1,137 @@ +# SPDX-License-Identifier: Apache-2.0 --- # The SAP ID must follow a strict format and not use reserved special values - name: "SAP HA Prepare Pacemaker - (SAP HANA) Validate SAP System ID" ansible.builtin.assert: that: - - sap_ha_pacemaker_cluster_hana_sid | length == 3 - - sap_ha_pacemaker_cluster_hana_sid not in __sap_ha_pacemaker_cluster_sid_prohibited + - __sap_ha_pacemaker_cluster_hana_sid | length == 3 + - __sap_ha_pacemaker_cluster_hana_sid not in __sap_ha_pacemaker_cluster_sid_prohibited fail_msg: | Host type = {{ sap_ha_pacemaker_cluster_host_type }} - Requires 'sap_ha_pacemaker_cluster_hana_sid' to be defined! + Requires: 'sap_ha_pacemaker_cluster_hana_sid' to be defined as 3 capital letters! when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 - name: "SAP HA Prepare Pacemaker - (SAP HANA) Validate SAP Instance Number" ansible.builtin.assert: that: - - ( - sap_ha_pacemaker_cluster_hana_instance_nr | type_debug != 'int' - and sap_ha_pacemaker_cluster_hana_instance_nr | length == 2 - ) - or - ( - sap_ha_pacemaker_cluster_hana_instance_nr | type_debug == 'int' - and sap_ha_pacemaker_cluster_hana_instance_nr is regex("^[0-9][0-9]$") - ) + - (__sap_ha_pacemaker_cluster_hana_instance_nr | string) | length == 2 + - (__sap_ha_pacemaker_cluster_hana_instance_nr | string) is match('^[0-9]{2}$') fail_msg: | - Host type = {{ sap_ha_pacemaker_cluster_host_type }} - Requires 'sap_ha_pacemaker_cluster_hana_instance_nr' to be defined. + Requires: 'sap_ha_pacemaker_cluster_hana_instance_nr' to be defined. The instance number must be exactly 2 digits. Add quotes if the number starts with a 0! when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 + - name: "SAP HA Prepare Pacemaker - (SAP NetWeaver) Validate SAP System ID" ansible.builtin.assert: that: - - sap_ha_pacemaker_cluster_nwas_abap_sid | length == 3 - - sap_ha_pacemaker_cluster_nwas_abap_sid not in __sap_ha_pacemaker_cluster_sid_prohibited + - __sap_ha_pacemaker_cluster_nwas_sid | length == 3 + - __sap_ha_pacemaker_cluster_nwas_sid not in __sap_ha_pacemaker_cluster_sid_prohibited fail_msg: | Host type = {{ sap_ha_pacemaker_cluster_host_type }} - Requires 'sap_ha_pacemaker_cluster_nwas_abap_sid' to be defined! + Current value: {{ __sap_ha_pacemaker_cluster_nwas_sid }} + Requires: 'sap_ha_pacemaker_cluster_nwas_sid' to be defined as 3 capital letters! when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas') | length > 0 + +# Validate SAP Instance Number - name: "SAP HA Prepare Pacemaker - (SAP NetWeaver) Validate SAP Instance Number" when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas') | length > 0 + - __instance_nr | length > 0 ansible.builtin.assert: that: - - ( - ascs_ers_nr_item | type_debug != 'int' - and ascs_ers_nr_item | length == 2 - ) - or - ( - ascs_ers_nr_item | type_debug == 'int' - and ascs_ers_nr_item is regex("^[0-9][0-9]$") - ) + - (__instance_nr | string) | length == 2 + - (__instance_nr | string) is match('^[0-9]{2}$') fail_msg: | - Host type = {{ sap_ha_pacemaker_cluster_host_type }} - Requires the ASCS/ERS instance numbers to be defined: - - sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr - - sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr - The instance number must be exactly 2 digits. Add quotes if the number starts with a 0! + Required: + {% if sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 %} + - sap_ha_pacemaker_cluster_nwas_ascs_instance_nr + - sap_ha_pacemaker_cluster_nwas_ers_instance_nr + + {% elif sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 %} + - sap_ha_pacemaker_cluster_nwas_scs_instance_nr + - sap_ha_pacemaker_cluster_nwas_ers_instance_nr + + {% elif sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_pas_aas') | length > 0 %} + - sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr + - sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr + + {% else %} + Invalid sap_ha_pacemaker_cluster_host_type provided. + {% endif %} + loop: - - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" - - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" + - __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr + - __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + - __sap_ha_pacemaker_cluster_nwas_ers_instance_nr + # - __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr + # - __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr loop_control: - loop_var: ascs_ers_nr_item + loop_var: item + vars: + __instance_nr: "{{ lookup('ansible.builtin.vars', item) }}" + + +# Ensure that storage definition is provided for Filesystem based scenarios +- name: "SAP HA Prepare Pacemaker - (SAP NetWeaver) Validate storage definition" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas') | length > 0 + - not __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + ansible.builtin.assert: + that: + - sap_ha_pacemaker_cluster_storage_definition is defined + - sap_ha_pacemaker_cluster_storage_definition | length > 0 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + Classic cluster without Simple Mount requires: + - sap_ha_pacemaker_cluster_storage_definition + + +# Ensure that SAP profile names are defined +- name: "SAP HA Prepare Pacemaker - (SAP NetWeaver ASCS) Validate SAP instance name" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + ansible.builtin.assert: + that: + - __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name is defined + - __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name | length > 0 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + ASCS Instance Name is mandatory: sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name + +- name: "SAP HA Prepare Pacemaker - (SAP NetWeaver SCS) Validate SAP instance name" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 + ansible.builtin.assert: + that: + - __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name is defined + - __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name | length > 0 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + SCS Instance Name is mandatory: sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name + +- name: "SAP HA Prepare Pacemaker - (SAP NetWeaver ERS) Validate SAP instance name" + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + or sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 + ansible.builtin.assert: + that: + - __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name is defined + - __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name | length > 0 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + ERS Instance Name is mandatory: sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name # NIC definition validation @@ -81,7 +140,7 @@ that: - sap_ha_pacemaker_cluster_vip_client_interface is defined - sap_ha_pacemaker_cluster_vip_client_interface | length > 0 - fail_msg: + fail_msg: | Multiple interfaces are found on the system. {{ ansible_interfaces | to_nice_yaml }} @@ -102,35 +161,53 @@ - name: "SAP HA Prepare Pacemaker - (HANA primary) Verify that the VIP is defined" ansible.builtin.assert: that: - - sap_ha_pacemaker_cluster_vip_hana_primary_ip_address is defined - - sap_ha_pacemaker_cluster_vip_hana_primary_ip_address | length > 0 - fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_hana_primary_ip_address' is not defined." + - __sap_ha_pacemaker_cluster_vip_hana_primary_ip_address is defined + - __sap_ha_pacemaker_cluster_vip_hana_primary_ip_address | length > 0 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + Required input 'sap_ha_pacemaker_cluster_vip_hana_primary_ip_address' is not defined or empty. when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 - name: "SAP HA Prepare Pacemaker - (NetWeaver ASCS) Verify that the VIP is defined" ansible.builtin.assert: that: - - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address is defined - - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address | length > 0 - fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address' is not defined." + - __sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address is defined + - __sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address | length > 0 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + Required input 'sap_ha_pacemaker_cluster_vip_nwas_ascs_ip_address' is not defined or empty. when: - - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 -# - name: "SAP HA Prepare Pacemaker - (NetWeaver ERS) Verify that the VIP is defined" -# ansible.builtin.assert: -# that: -# - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address is defined -# - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address | length > 0 -# fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address' is not defined." -# when: -# - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 +- name: "SAP HA Prepare Pacemaker - (NetWeaver SCS) Verify that the VIP is defined" + ansible.builtin.assert: + that: + - __sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address is defined + - __sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address | length > 0 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + Required input 'sap_ha_pacemaker_cluster_vip_nwas_scs_ip_address' is not defined or empty. + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 + +- name: "SAP HA Prepare Pacemaker - (NetWeaver ERS) Verify that the VIP is defined" + ansible.builtin.assert: + that: + - __sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address is defined + - __sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address | length > 0 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + Required input 'sap_ha_pacemaker_cluster_vip_nwas_ers_ip_address' is not defined or empty. + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + or sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 - name: "SAP HA Prepare Pacemaker - (NetWeaver PAS) Verify that the VIP is defined" ansible.builtin.assert: that: - - sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address is defined - - sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address | length > 0 + - __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address is defined + - __sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address | length > 0 fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address' is not defined." when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_pas') | length > 0 @@ -138,8 +215,8 @@ - name: "SAP HA Prepare Pacemaker - (NetWeaver AAS) Verify that the ERS VIP is defined" ansible.builtin.assert: that: - - sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address is defined - - sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address | length > 0 + - __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address is defined + - __sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address | length > 0 fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address' is not defined." when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_pas_aas') | length > 0 diff --git a/roles/sap_ha_pacemaker_cluster/templates/cluster_create_config.j2 b/roles/sap_ha_pacemaker_cluster/templates/cluster_create_config.j2 index 98c536090..14f18adcc 100644 --- a/roles/sap_ha_pacemaker_cluster/templates/cluster_create_config.j2 +++ b/roles/sap_ha_pacemaker_cluster/templates/cluster_create_config.j2 @@ -6,58 +6,58 @@ # Created by: {{ ansible_role_name }} # The name of the cluster -ha_cluster_cluster_name: {{ ha_cluster_cluster_name | default('') }} +ha_cluster_cluster_name: {{ ha_cluster_cluster_name | d('') }} # Properties that enable and control cluster behavior ha_cluster_cluster_properties: -{{ ha_cluster_cluster_properties | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_cluster_properties | d() | to_nice_yaml(indent=2) }} # Definition of resource defaults ha_cluster_resource_defaults: -{{ ha_cluster_resource_defaults | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_resource_defaults | d() | to_nice_yaml(indent=2) }} # Definition of operation defaults ha_cluster_resource_operation_defaults: -{{ ha_cluster_resource_operation_defaults | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_resource_operation_defaults | d() | to_nice_yaml(indent=2) }} # Definition of resources which depend on other resources ha_cluster_constraints_colocation: -{{ ha_cluster_constraints_colocation | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_constraints_colocation | d() | to_nice_yaml(indent=2) }} # Definition of resources which have specific location dependencies or preferences ha_cluster_constraints_location: -{{ ha_cluster_constraints_location | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_constraints_location | d() | to_nice_yaml(indent=2) }} # Definition of an order in which resources must be started. # They are automatically stopped in reverse order. ha_cluster_constraints_order: -{{ ha_cluster_constraints_order | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_constraints_order | d() | to_nice_yaml(indent=2) }} # Extra packages that are needed for this HA environment ha_cluster_extra_packages: -{{ ha_cluster_extra_packages | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_extra_packages | d() | to_nice_yaml(indent=2) }} # Fence agent package(s) for this HA environment ha_cluster_fence_agent_packages: -{{ ha_cluster_fence_agent_packages | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_fence_agent_packages | d() | to_nice_yaml(indent=2) }} # Definition of repositories to enable (if disable) to ensure # access to all required packages __ha_cluster_repos: -{{ __ha_cluster_repos | default() | to_nice_yaml(indent=2) }} +{{ __ha_cluster_repos | d() | to_nice_yaml(indent=2) }} # Definition of resources that are cloned and monitored on all nodes ha_cluster_resource_clones: -{{ ha_cluster_resource_clones | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_resource_clones | d() | to_nice_yaml(indent=2) }} # Definition of resources that are grouped together ha_cluster_resource_groups: -{{ ha_cluster_resource_groups | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_resource_groups | d() | to_nice_yaml(indent=2) }} # Definition of all cluster resources ha_cluster_resource_primitives: -{{ ha_cluster_resource_primitives | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_resource_primitives | d() | to_nice_yaml(indent=2) }} # Definition of corosync totem settings ha_cluster_totem: -{{ ha_cluster_totem | default() | to_nice_yaml(indent=2) }} +{{ ha_cluster_totem | d() | to_nice_yaml(indent=2) }} diff --git a/roles/sap_ha_pacemaker_cluster/templates/sudofile_20-saphana.j2 b/roles/sap_ha_pacemaker_cluster/templates/sudofile_20-saphana.j2 index fbd8eb9c1..3b2547842 100644 --- a/roles/sap_ha_pacemaker_cluster/templates/sudofile_20-saphana.j2 +++ b/roles/sap_ha_pacemaker_cluster/templates/sudofile_20-saphana.j2 @@ -6,23 +6,23 @@ # to update the SAP HANA cluster resource status. {% for node in sap_ha_pacemaker_cluster_cluster_nodes %} -Cmnd_Alias {{ node.hana_site | upper }}_SOK = /usr/sbin/crm_attribute -n hana_{{ sap_ha_pacemaker_cluster_hana_sid | lower }}_site_srHook_{{ node.hana_site }} -v SOK -t crm_config -s {{ sap_ha_pacemaker_cluster_hadr_provider_name }} -Cmnd_Alias {{ node.hana_site | upper }}_SFAIL = /usr/sbin/crm_attribute -n hana_{{ sap_ha_pacemaker_cluster_hana_sid | lower }}_site_srHook_{{ node.hana_site }} -v SFAIL -t crm_config -s {{ sap_ha_pacemaker_cluster_hadr_provider_name }} +Cmnd_Alias {{ node.hana_site | upper }}_SOK = /usr/sbin/crm_attribute -n hana_{{ __sap_ha_pacemaker_cluster_hana_sid | lower }}_site_srHook_{{ node.hana_site }} -v SOK -t crm_config -s {{ sap_ha_pacemaker_cluster_hadr_provider_name }} +Cmnd_Alias {{ node.hana_site | upper }}_SFAIL = /usr/sbin/crm_attribute -n hana_{{ __sap_ha_pacemaker_cluster_hana_sid | lower }}_site_srHook_{{ node.hana_site }} -v SFAIL -t crm_config -s {{ sap_ha_pacemaker_cluster_hadr_provider_name }} {% endfor %} {% if __sap_ha_pacemaker_cluster_hana_hook_tkover and __sap_ha_pacemaker_cluster_saphanasr_angi_available %} -Cmnd_Alias HOOK_HELPER = /usr/bin/SAPHanaSR-hookHelper --sid={{ sap_ha_pacemaker_cluster_hana_sid | upper }} --case=checkTakeover +Cmnd_Alias HOOK_HELPER = /usr/bin/SAPHanaSR-hookHelper --sid={{ __sap_ha_pacemaker_cluster_hana_sid | upper }} --case=checkTakeover -{{ sap_ha_pacemaker_cluster_hana_sid | lower }}adm ALL=(ALL) NOPASSWD: {% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %}, HOOK_HELPER +{{ __sap_ha_pacemaker_cluster_hana_sid | lower }}adm ALL=(ALL) NOPASSWD: {% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %}, HOOK_HELPER Defaults!{% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %}, HOOK_HELPER !requiretty {% elif __sap_ha_pacemaker_cluster_hana_hook_tkover and not __sap_ha_pacemaker_cluster_saphanasr_angi_available %} -Cmnd_Alias HOOK_HELPER = /usr/sbin/SAPHanaSR-hookHelper --sid={{ sap_ha_pacemaker_cluster_hana_sid | upper }} --case=checkTakeover +Cmnd_Alias HOOK_HELPER = /usr/sbin/SAPHanaSR-hookHelper --sid={{ __sap_ha_pacemaker_cluster_hana_sid | upper }} --case=checkTakeover -{{ sap_ha_pacemaker_cluster_hana_sid | lower }}adm ALL=(ALL) NOPASSWD: {% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %}, HOOK_HELPER +{{ __sap_ha_pacemaker_cluster_hana_sid | lower }}adm ALL=(ALL) NOPASSWD: {% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %}, HOOK_HELPER Defaults!{% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %}, HOOK_HELPER !requiretty {% else %} -{{ sap_ha_pacemaker_cluster_hana_sid | lower }}adm ALL=(ALL) NOPASSWD: {% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %} +{{ __sap_ha_pacemaker_cluster_hana_sid | lower }}adm ALL=(ALL) NOPASSWD: {% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %} Defaults!{% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %} !requiretty {% endif %} diff --git a/roles/sap_ha_pacemaker_cluster/vars/hana_scaleout_perf.yml b/roles/sap_ha_pacemaker_cluster/vars/hana_scaleout_perf.yml index dce1d0639..3cd70e66f 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/hana_scaleout_perf.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/hana_scaleout_perf.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SAP HANA Scale-Out specific parameter values # @@ -7,7 +8,7 @@ # minimal base packages required for all scenarios # scenario specific packages __sap_ha_pacemaker_cluster_sap_extra_packages: "{{ - __sap_ha_pacemaker_cluster_sap_extra_packages_dict.minimal | default([]) + __sap_ha_pacemaker_cluster_sap_extra_packages_dict.minimal | d([]) + (__sap_ha_pacemaker_cluster_sap_extra_packages_dict.hana_angi if __sap_ha_pacemaker_cluster_saphanasr_angi_available else __sap_ha_pacemaker_cluster_sap_extra_packages_dict.hana_scaleout) }}" diff --git a/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_perf.yml b/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_perf.yml index 7d05279fb..d471f5f73 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_perf.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_perf.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SAP HANA Scale-Up specific parameter values # @@ -7,7 +8,7 @@ # minimal base packages required for all scenarios # scenario specific packages __sap_ha_pacemaker_cluster_sap_extra_packages: "{{ - __sap_ha_pacemaker_cluster_sap_extra_packages_dict.minimal | default([]) + __sap_ha_pacemaker_cluster_sap_extra_packages_dict.minimal | d([]) + (__sap_ha_pacemaker_cluster_sap_extra_packages_dict.hana_angi if __sap_ha_pacemaker_cluster_saphanasr_angi_available else __sap_ha_pacemaker_cluster_sap_extra_packages_dict.hana_scaleup) }}" @@ -29,9 +30,9 @@ __sap_ha_pacemaker_cluster_hana_hook_chksrv: __sap_ha_pacemaker_cluster_hana_hooks: "{{ lookup('ansible.builtin.vars', __sap_ha_pacemaker_cluster_hana_hook_dictionary).saphanasr + (lookup('ansible.builtin.vars', __sap_ha_pacemaker_cluster_hana_hook_dictionary).tkover - | default([]) if __sap_ha_pacemaker_cluster_hana_hook_tkover else []) + | d([]) if __sap_ha_pacemaker_cluster_hana_hook_tkover else []) + (lookup('ansible.builtin.vars', __sap_ha_pacemaker_cluster_hana_hook_dictionary).chksrv - | default([]) if __sap_ha_pacemaker_cluster_hana_hook_chksrv else []) + | d([]) if __sap_ha_pacemaker_cluster_hana_hook_chksrv else []) }}" # Define sap_ha_pacemaker_cluster_hadr_provider_name for jinja2 template diff --git a/roles/sap_ha_pacemaker_cluster/vars/main.yml b/roles/sap_ha_pacemaker_cluster/vars/main.yml index b784dc511..3ea75301e 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/main.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SAP System IDs that are reserved and must not be used # Reference: SAP Note 1979280 @@ -40,39 +41,19 @@ __sap_ha_pacemaker_cluster_available_vip_agents: ipaddr: agent: "ocf:heartbeat:IPaddr2" -# Health check helper variable for platforms that require it -sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" -sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" - -# For convenience to distinguish between VIP and HC resources: -__sap_ha_pacemaker_cluster_vip_resource_list: - - "{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" - -__sap_ha_pacemaker_cluster_healthcheck_resource_list: - - "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name }}" - - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name }}" - # Health check default port as string # Note: difference between HANA primary and read-only required # Ports must be pre-defined empty to skip entering construct_vars_vip_resources_* # includes when not overridden. sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: '' sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port: '' -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port: '' -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port: '' +# TODO: Remove backwards compatibility to nwas_abap_ascs +sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_port: + "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port | d('') }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_scs_port: '' +# TODO: Remove backwards compatibility to nwas_abap_ascs +sap_ha_pacemaker_cluster_healthcheck_nwas_ers_port: + "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port | d('') }}" sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: '' sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: '' diff --git a/roles/sap_ha_pacemaker_cluster/vars/nwas_abap_ascs_ers.yml b/roles/sap_ha_pacemaker_cluster/vars/nwas_abap_ascs_ers.yml index c9f42abb6..d5f438467 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/nwas_abap_ascs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/nwas_abap_ascs_ers.yml @@ -1,13 +1,14 @@ +# SPDX-License-Identifier: Apache-2.0 --- # The following directories are appended to the 'nfs_path' of the '/usr/sap' storage # definition. # Therefore, the /usr/sap prefix must be left out of the listed path items. -__sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_filesystems: - - "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" - - "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" +__sap_ha_pacemaker_cluster_nwas_ascs_ers_filesystems: + - "{{ __sap_ha_pacemaker_cluster_nwas_sid }}/ASCS{{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_sid }}/ERS{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" # List of ASCS/ERS profile names. # Used in tasks/configure_nwas_postinstallation.yml for sap_cluster_connector setup. -__sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_profile_paths: - - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string }}" - - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" +__sap_ha_pacemaker_cluster_nwas_ascs_ers_profile_paths: + - "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" diff --git a/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml b/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml index fb9b65cd5..4523021b6 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SAP NetWeaver ABAP specific parameter values # @@ -8,7 +9,7 @@ # scenario specific packages # halib package if selected __sap_ha_pacemaker_cluster_sap_extra_packages: "{{ - __sap_ha_pacemaker_cluster_sap_extra_packages_dict.minimal | default([]) + __sap_ha_pacemaker_cluster_sap_extra_packages_dict.minimal | d([]) + ([__sap_ha_pacemaker_cluster_halib_package] if sap_ha_pacemaker_cluster_enable_cluster_connector else []) + __sap_ha_pacemaker_cluster_sap_extra_packages_dict.nwas | unique }}" diff --git a/roles/sap_ha_pacemaker_cluster/vars/nwas_java_scs_ers.yml b/roles/sap_ha_pacemaker_cluster/vars/nwas_java_scs_ers.yml new file mode 100644 index 000000000..2bcf7a325 --- /dev/null +++ b/roles/sap_ha_pacemaker_cluster/vars/nwas_java_scs_ers.yml @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# The following directories are appended to the 'nfs_path' of the '/usr/sap' storage +# definition. +# Therefore, the /usr/sap prefix must be left out of the listed path items. +__sap_ha_pacemaker_cluster_nwas_scs_ers_filesystems: + - "{{ __sap_ha_pacemaker_cluster_nwas_sid }}/SCS{{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_sid }}/ERS{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" + +# List of SCS/ERS profile names. +# Used in tasks/configure_nwas_postinstallation.yml for sap_cluster_connector setup. +__sap_ha_pacemaker_cluster_nwas_scs_ers_profile_paths: + - "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" diff --git a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_aws_ec2_vs.yml b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_aws_ec2_vs.yml index 07dc54ecc..dec30bea7 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_aws_ec2_vs.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_aws_ec2_vs.yml @@ -1,42 +1,225 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables specific on AWS platform, EC2 Virtual Servers # # TODO: make sure to first respect 'ha_cluster' native variables -sap_ha_pacemaker_cluster_fence_agent_packages: - "{{ sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_aws | default([]) }}" +# Package definition +__sap_ha_pacemaker_cluster_fence_agent_packages_platform: + "{{ __sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_aws_ec2_vs | d([]) }}" __sap_ha_pacemaker_cluster_platform_extra_packages: - "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_aws | default([]) }}" + "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_aws_ec2_vs | d([]) }}" __sap_ha_pacemaker_cluster_repos: - - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" - name: High Availability - -# Predefine -__sap_ha_pacemaker_cluster_aws_instances: [] - -# When aws credentials and region are not defined it will -# default to using the aws cli configuration. -# The aws cli is currently configured anyway for the standard AWS VIP resource. -sap_ha_pacemaker_cluster_stonith_default: - id: "rsc_fence_aws" - # SUSE officially supports only stonith:external/ec2 for AWS. - agent: "{{ 'stonith:fence_aws' if ansible_os_family != 'Suse' else 'stonith:external/ec2' }}" - options: - # Fencing action delay is recommended. Default: 0 - pcmk_delay_max: "{{ 0 if ansible_os_family != 'Suse' else 15 }}" -# access_key: "{{ sap_ha_pacemaker_cluster_aws_access_key_id }}" -# secret_key: "{{ sap_ha_pacemaker_cluster_aws_secret_access_key }}" -# region: "{{ sap_ha_pacemaker_cluster_aws_region }}" - -# Platform corosync totem configuration -sap_ha_pacemaker_cluster_corosync_totem: - options: - token: 29000 + "{{ __sap_ha_pacemaker_cluster_repos_dict.cloud_aws_ec2_vs | d([]) }}" + + +# Stonith dictionary for default stonith agents. +# Custom stonith resource can be defined using sap_ha_pacemaker_cluster_stonith_custom +# Documentation sources: +# HANA: +# SLES: https://docs.aws.amazon.com/sap/latest/sap-hana/sap-hana-on-aws-stonith-device.html +# RHEL: https://docs.aws.amazon.com/sap/latest/sap-hana/sap-hana-on-aws-cluster-resources-1.html +# NWAS: +# SLES: https://docs.aws.amazon.com/sap/latest/sap-netweaver/sles-netweaver-ha-cluster-resources.html#create-stonith +# RHEL: https://docs.aws.amazon.com/sap/latest/sap-netweaver/rhel-netweaver-ha-cluster-resources.html#create-stonith + +__sap_ha_pacemaker_cluster_stonith_default_dict: + redhat_hana: + id: "rsc_fence_aws" + agent: "stonith:fence_aws" + instance_attrs: + - attrs: + # String of cluster hosts defined in include_vars_platform + - name: pcmk_host_map + value: "{{ __sap_ha_pacemaker_cluster_pcmk_host_map }}" + - name: pcmk_delay_max + value: 45 + - name: power_timeout + value: 600 + # It is recommended to disable default reboot action for Production environment or when manual investigation is required. + - name: pcmk_reboot_action + value: 'off' + - name: pcmk_reboot_timeout + value: 600 + - name: pcmk_reboot_retries + value: 4 + # AWS Credentials are not defined here, because they override attached + # IAM Role or IAM Instance Profile + # - name: access_key + # value: "{{ sap_ha_pacemaker_cluster_aws_access_key_id }}" + # - name: secret_key + # value: "{{ sap_ha_pacemaker_cluster_aws_secret_access_key }}" + # - name: region + # value: "{{ sap_ha_pacemaker_cluster_aws_region }}" + operations: + - action: start + attrs: + - name: timeout + value: 600 + - action: monitor + attrs: + - name: interval + value: 300 + - name: timeout + value: 60 + + redhat_nwas: + id: "rsc_fence_aws" + agent: "stonith:fence_aws" + instance_attrs: + - attrs: + # String of cluster hosts defined in include_vars_platform + - name: pcmk_host_map + value: "{{ __sap_ha_pacemaker_cluster_pcmk_host_map }}" + - name: pcmk_delay_max + value: 30 + - name: power_timeout + value: 240 + # It is recommended to disable default reboot action for Production environment or when manual investigation is required. + - name: pcmk_reboot_action + value: 'off' + - name: pcmk_reboot_timeout + value: 300 + - name: pcmk_reboot_retries + value: 2 + operations: + - action: start + attrs: + - name: timeout + value: 180 + - action: stop + attrs: + - name: timeout + value: 180 + - action: monitor + attrs: + - name: interval + value: 180 + - name: timeout + value: 60 + + # SUSE Recommends stonith:external/ec2 instead of fence_aws + suse_hana: + id: "rsc_fence_aws" + agent: "stonith:external/ec2" + instance_attrs: + - attrs: + - name: pcmk_delay_max + value: 45 + - name: tag + value: "pacemaker" # tag instance with pacemaker: {{ ansible_hostname }} + # Use AWS config profile if AWS credentials are used. + # - name: profile + # value: cluster + meta_attrs: + - attrs: + - name: target-role + value: Started + operations: + - action: start + attrs: + - name: interval + value: 0 + - name: timeout + value: 180 + - action: stop + attrs: + - name: interval + value: 0 + - name: timeout + value: 180 + - action: monitor + attrs: + - name: interval + value: 120 + - name: timeout + value: 60 + + suse_nwas: + id: "rsc_fence_aws" + agent: "stonith:external/ec2" + instance_attrs: + - attrs: + - name: pcmk_delay_max + value: 30 + - name: tag + value: "pacemaker" # tag instance with pacemaker: {{ ansible_hostname }} + # Use AWS config profile if AWS credentials are used. + # - name: profile + # value: cluster + meta_attrs: + - attrs: + - name: target-role + value: Started + operations: + - action: start + attrs: + - name: interval + value: 0 + - name: timeout + value: 180 + - action: stop + attrs: + - name: interval + value: 0 + - name: timeout + value: 180 + - action: monitor + attrs: + - name: interval + value: 120 + - name: timeout + value: 60 + +# Select __sap_ha_pacemaker_cluster_stonith_default +__sap_ha_pacemaker_cluster_stonith_default: + "{{ __sap_ha_pacemaker_cluster_stonith_default_dict[ansible_os_family | lower ~ '_hana'] + if sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 + else __sap_ha_pacemaker_cluster_stonith_default_dict[ansible_os_family | lower ~ '_nwas'] }}" + + +# Default corosync options - Platform specific +# These options combined with __sap_ha_pacemaker_cluster_corosync_totem_default (Same options are overwritten). +# Documentation sources: +# HANA: +# SLES: https://docs.aws.amazon.com/sap/latest/sap-hana/sap-hana-on-aws-cluster-configuration.html#sap-hana-on-aws-create-the-corosync-configuration-file +# https://documentation.suse.com/sbp/sap-15/html/SLES4SAP-hana-sr-guide-perfopt-15-aws/index.html#id-example-for-etccorosynccorosync-conf +# RHEL: https://docs.aws.amazon.com/sap/latest/sap-hana/sap-hana-on-aws-cluster-configuration-1.html#sap-hana-on-aws-corosync-increase +# NWAS: +# SLES: https://docs.aws.amazon.com/sap/latest/sap-netweaver/sap-netweaver-ha-setup.html#associations +# RHEL: https://docs.aws.amazon.com/sap/latest/sap-netweaver/rhel-sap-netweaver-ha-setup.html#associations +__sap_ha_pacemaker_cluster_corosync_totem_platform_dict: + redhat_hana: + options: + token: 30000 + + redhat_nwas: + options: + token: 30000 + + suse_hana: + options: + token: 30000 + consensus: 36000 + token_retransmits_before_loss_const: 6 + clear_node_high_bit: 'yes' + + suse_nwas: + options: + token: 30000 + consensus: 36000 + clear_node_high_bit: 'yes' + +__sap_ha_pacemaker_cluster_corosync_totem_platform: + "{{ __sap_ha_pacemaker_cluster_corosync_totem_platform_dict[ansible_os_family | lower ~ '_hana'] + if sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 + else __sap_ha_pacemaker_cluster_corosync_totem_platform_dict[ansible_os_family | lower ~ '_nwas'] }}" + # Platform specific VIP handling -sap_ha_pacemaker_cluster_vip_method: aws_vpc_move_ip +sap_ha_pacemaker_cluster_vip_method: "{{ __sap_ha_pacemaker_cluster_vip_method_dict.cloud_aws_ec2_vs | d('aws_vpc_move_ip') }}" sap_ha_pacemaker_cluster_vip_group_prefix: '' # the default supported VIP agent is a single resource only __sap_ha_pacemaker_cluster_available_vip_agents: diff --git a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_gcp_ce_vm.yml b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_gcp_ce_vm.yml index abf0104ea..3ab8fc99d 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_gcp_ce_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_gcp_ce_vm.yml @@ -1,53 +1,118 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables specific on Google Cloud platform, Compute Engine Virtual Machines # # TODO: make sure to first respect 'ha_cluster' native variables -sap_ha_pacemaker_cluster_fence_agent_packages: - "{{ sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_gcp | default([]) }}" +__sap_ha_pacemaker_cluster_fence_agent_packages_platform: + "{{ __sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_gcp_ce_vm | d([]) }}" __sap_ha_pacemaker_cluster_platform_extra_packages: - "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_gcp | default([]) }}" + "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_gcp_ce_vm | d([]) }}" __sap_ha_pacemaker_cluster_repos: - - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" - name: High Availability - -# Predefine -__sap_ha_pacemaker_cluster_gcp_hosts: [] - -sap_ha_pacemaker_cluster_stonith_default: - id: "res_fence_gce" - agent: "stonith:fence_gce" - options: - project: "{{ sap_ha_pacemaker_cluster_gcp_project }}" - zone: "{{ sap_ha_pacemaker_cluster_gcp_region_zone }}" - pcmk_reboot_timeout: 300 - pcmk_monitor_retries: 4 - pcmk_delay_max: 30 + "{{ __sap_ha_pacemaker_cluster_repos_dict.cloud_gcp_ce_vm | d([]) }}" + + +# Stonith dictionary for default stonith agents. +# Custom stonith resource can be defined using sap_ha_pacemaker_cluster_stonith_custom +# Documentation sources: +# HANA: +# SLES: https://cloud.google.com/solutions/sap/docs/sap-hana-ha-config-sles#set_up_fencing +# RHEL: https://cloud.google.com/solutions/sap/docs/sap-hana-ha-config-rhel#set_up_fencing +# NWAS: +# SLES: https://cloud.google.com/solutions/sap/docs/netweaver-ha-config-sles#set_up_fencing +# RHEL: https://cloud.google.com/solutions/sap/docs/netweaver-ha-config-rhel#set_up_fencing +# NOTE: fence_gce parameters are identical across all listed documents. + +__sap_ha_pacemaker_cluster_stonith_default_dict: + generic: + # fence_gce agent is created for every host in cluster + id: "rsc_fence_gce_{{ ansible_hostname }}" + agent: "stonith:fence_gce" + instance_attrs: + - attrs: + # GCP does not use pcmk_host_map, instead it specifies port + # fence_gce supports plug parameter, but all documentations mention only port. + - name: port + value: "{{ ansible_hostname }}" + + - name: project + value: "{{ sap_ha_pacemaker_cluster_gcp_project }}" + - name: zone + value: "{{ sap_ha_pacemaker_cluster_gcp_region_zone }}" + - name: pcmk_delay_max + value: 30 + - name: pcmk_monitor_retries + value: 4 + - name: pcmk_reboot_timeout + value: 300 + operations: + - action: start + attrs: + - name: interval + value: 0 + - name: timeout + value: 60 + - action: monitor + attrs: + - name: interval + value: 300 + - name: timeout + value: 120 + +# Select __sap_ha_pacemaker_cluster_stonith_default +__sap_ha_pacemaker_cluster_stonith_default: + "{{ __sap_ha_pacemaker_cluster_stonith_default_dict.generic }}" + + +# Default corosync options - Platform specific +# These options combined with __sap_ha_pacemaker_cluster_corosync_totem_default (Same options are overwritten). +# Documentation sources: +# HANA: +# SLES: https://cloud.google.com/solutions/sap/docs/sap-hana-ha-config-sles#create_the_corosync_configuration_files +# RHEL: https://cloud.google.com/solutions/sap/docs/sap-hana-ha-config-rhel#edit_the_corosyncconf_default_settings +# NWAS: +# SLES: https://cloud.google.com/solutions/sap/docs/netweaver-ha-config-sles#create_the_corosync_configuration_files +# RHEL: https://cloud.google.com/solutions/sap/docs/netweaver-ha-config-rhel#update_the_corosync_configuration_files +__sap_ha_pacemaker_cluster_corosync_totem_platform_dict: + redhat: + options: + token: 20000 + token_retransmits_before_loss_const: 10 + join: 60 + max_messages: 20 + suse: + options: + token: 20000 + +__sap_ha_pacemaker_cluster_corosync_totem_platform: + "{{ __sap_ha_pacemaker_cluster_corosync_totem_platform_dict[ansible_os_family | lower] }}" -# Platform specific VIP handling -sap_ha_pacemaker_cluster_vip_method: gcp_nlb_reserved_ip_haproxy # gcp_vpc_move_route -sap_ha_pacemaker_cluster_vip_group_prefix: group_ # GCP needs haproxy and ports defined -sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ __sap_ha_pacemaker_cluster_hana_instance_nr }}" sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port: >- - {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} - 620{{ sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} + {% if __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} + 620{{ __sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} {%- else %}{% endif %} -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" - -# Platform corosync totem configuration -sap_ha_pacemaker_cluster_corosync_totem: - options: - token: 20000 - token_retransmits_before_loss_const: 10 - join: 60 - max_messages: 20 +sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_port: "620{{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_ers_port: "620{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" + + +# Platform specific VIP handling +# Google documentation differs for each OS: +# SUSE - VIP: IPaddr2, Healthcheck: anything using socat +# HANA: https://cloud.google.com/solutions/sap/docs/sap-hana-ha-config-sles#create_a_local_cluster_ip_resource_for_the_vip_address +# NWAS: https://cloud.google.com/solutions/sap/docs/netweaver-ha-config-sles#create_the_vip_resources +# RHEL - VIP: IPaddr2, Healthcheck: haproxy +# HANA: https://cloud.google.com/solutions/sap/docs/sap-hana-ha-config-rhel#create_a_virtual_ip_address_resource +# NWAS: https://cloud.google.com/solutions/sap/docs/netweaver-ha-config-rhel#create_a_virtual_ip_address_resource +sap_ha_pacemaker_cluster_vip_method: "{{ __sap_ha_pacemaker_cluster_vip_method_dict.cloud_gcp_ce_vm | d('gcp_nlb_reserved_ip_haproxy') }}" + +sap_ha_pacemaker_cluster_vip_group_prefix: group_ __sap_ha_pacemaker_cluster_available_vip_agents: @@ -94,3 +159,9 @@ __sap_ha_pacemaker_cluster_available_vip_agents: gcp_vpc_move_route: agent: "ocf:heartbeat:gcp-vpc-move-route" with: ipaddr + + # This is dummy resource to run socat process for Health checks on SUSE + # https://cloud.google.com/solutions/sap/docs/netweaver-ha-config-sles#create_the_health_check_resources + gcp_anything_socat: + agent: "anything" + with: ipaddr diff --git a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_powervs.yml b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_powervs.yml index dfd234172..477d39235 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_powervs.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_powervs.yml @@ -1,56 +1,80 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables specific on IBM Cloud platform, IBM Power Virtual Servers (ppc64le) # # TODO: make sure to first respect 'ha_cluster' native variables -sap_ha_pacemaker_cluster_fence_agent_packages: - "{{ sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_ibmcloud_powervs | default([]) }}" +__sap_ha_pacemaker_cluster_fence_agent_packages_platform: + "{{ __sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_ibmcloud_powervs | d([]) }}" __sap_ha_pacemaker_cluster_platform_extra_packages: - "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_ibmcloud_powervs | default([]) }}" + "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_ibmcloud_powervs | d([]) }}" __sap_ha_pacemaker_cluster_repos: - - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" - name: High Availability E4S (4-Year) for Power, little endian -# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" -# name: High Availability EUS (2-Year) for Power, little endian -# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" -# name: High Availability for Power, little endian + "{{ __sap_ha_pacemaker_cluster_repos_dict.cloud_ibmcloud_powervs | d([]) }}" -# Predefine -__sap_ha_pacemaker_cluster_ibmcloud_powervs_hosts: [] +# Stonith dictionary for default stonith agents. +# Custom stonith resource can be defined using sap_ha_pacemaker_cluster_stonith_custom +__sap_ha_pacemaker_cluster_stonith_default_dict: + generic: + id: "rsc_fence_ibm_powervs" + agent: "stonith:fence_ibm_powervs" + instance_attrs: + - attrs: + - name: token + value: "{{ sap_ha_pacemaker_cluster_ibmcloud_api_key }}" + - name: region + value: "{{ sap_ha_pacemaker_cluster_ibmcloud_region }}" + - name: crn + value: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn }}" -sap_ha_pacemaker_cluster_stonith_default: - id: "res_fence_ibm_powervs" - agent: "stonith:fence_ibm_powervs" - options: - token: "{{ sap_ha_pacemaker_cluster_ibmcloud_api_key }}" - region: "{{ sap_ha_pacemaker_cluster_ibmcloud_region }}" - crn: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn }}" + # Identified during execution initial tasks, populated when variables are imported + - name: instance + value: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_guid }}" - # Identified during execution initial tasks, populated when variables are imported - instance: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_guid }}" + # Identified during execution initial tasks, populated when variables are imported. + # Unnecessary when using pcmk_host_map. Identified during execution initial tasks, populated when variables are imported + # plug: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_instance_id }}" - # Identified during execution initial tasks, populated when variables are imported. - # Unnecessary when using pcmk_host_map. Identified during execution initial tasks, populated when variables are imported - # plug: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_instance_id }}" + # Dependent on network interface attachments, if no public network interface + # then 'private' value must be provided. + - name: api-type + value: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type | d('public') }}" - # Dependent on network interface attachments, if no public network interface - # then 'private' value must be provided. - api-type: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type | default('public') }}" + # Dependent on network interface attachments, if no public network interface + # then a valid HTTP Proxy URL value must be provided. + - name: proxy + value: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url | d('') }}" - # Dependent on network interface attachments, if no public network interface - # then a valid HTTP Proxy URL value must be provided. - proxy: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url | default('') }}" + # String of cluster hosts defined in include_vars_platform + - name: pcmk_host_map + value: "{{ __sap_ha_pacemaker_cluster_pcmk_host_map }}" + - name: pcmk_reboot_timeout + value: 600 + - name: pcmk_monitor_timeout + value: 600 + - name: pcmk_status_timeout + value: 60 - pcmk_reboot_timeout: 600 - pcmk_monitor_timeout: 600 - pcmk_status_timeout: 60 +# Select __sap_ha_pacemaker_cluster_stonith_default +__sap_ha_pacemaker_cluster_stonith_default: + "{{ __sap_ha_pacemaker_cluster_stonith_default_dict.generic }}" + + +# Default corosync options - Platform specific +# These options combined with __sap_ha_pacemaker_cluster_corosync_totem_default (Same options are overwritten). +__sap_ha_pacemaker_cluster_corosync_totem_platform_dict: + generic: + options: + token: 30000 + +__sap_ha_pacemaker_cluster_corosync_totem_platform: + "{{ __sap_ha_pacemaker_cluster_corosync_totem_platform_dict.generic }}" # Platform specific VIP handling -sap_ha_pacemaker_cluster_vip_method: ipaddr_custom +sap_ha_pacemaker_cluster_vip_method: "{{ __sap_ha_pacemaker_cluster_vip_method_dict.cloud_ibmcloud_powervs | d('ipaddr_custom') }}" __sap_ha_pacemaker_cluster_available_vip_agents: diff --git a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_vs.yml b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_vs.yml index 412fd2001..bd49ffdc4 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_vs.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_vs.yml @@ -1,48 +1,69 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables specific on IBM Cloud platform, Virtual Servers (x86_64) # # TODO: make sure to first respect 'ha_cluster' native variables -sap_ha_pacemaker_cluster_fence_agent_packages: - "{{ sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_ibmcloud_vs | default([]) }}" +__sap_ha_pacemaker_cluster_fence_agent_packages_platform: + "{{ __sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_ibmcloud_vs | d([]) }}" __sap_ha_pacemaker_cluster_platform_extra_packages: - "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_ibmcloud_vs | default([]) }}" + "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_ibmcloud_vs | d([]) }}" __sap_ha_pacemaker_cluster_repos: - - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" - name: High Availability E4S (4-Year) -# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" -# name: High Availability EUS (2-Year) -# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" -# name: High Availability - -# Predefine -__sap_ha_pacemaker_cluster_ibmcloud_hosts: [] - -sap_ha_pacemaker_cluster_stonith_default: - id: "res_fence_ibm_vpc" - agent: "stonith:fence_ibm_vpc" - options: - apikey: "{{ sap_ha_pacemaker_cluster_ibmcloud_api_key }}" - region: "{{ sap_ha_pacemaker_cluster_ibmcloud_region }}" - pcmk_monitor_timeout: 600 + "{{ __sap_ha_pacemaker_cluster_repos_dict.cloud_ibmcloud_vs | d([]) }}" + + +# Stonith dictionary for default stonith agents. +# Custom stonith resource can be defined using sap_ha_pacemaker_cluster_stonith_custom +__sap_ha_pacemaker_cluster_stonith_default_dict: + generic: + id: "rsc_fence_ibm_vpc" + agent: "stonith:fence_ibm_vpc" + instance_attrs: + - attrs: + - name: apikey + value: "{{ sap_ha_pacemaker_cluster_ibmcloud_api_key }}" + - name: region + value: "{{ sap_ha_pacemaker_cluster_ibmcloud_region }}" + + # String of cluster hosts defined in include_vars_platform + - name: pcmk_host_map + value: "{{ __sap_ha_pacemaker_cluster_pcmk_host_map }}" + - name: pcmk_monitor_timeout + value: 600 + +# Select __sap_ha_pacemaker_cluster_stonith_default +__sap_ha_pacemaker_cluster_stonith_default: + "{{ __sap_ha_pacemaker_cluster_stonith_default_dict.generic }}" + + +# Default corosync options - Platform specific +# These options combined with __sap_ha_pacemaker_cluster_corosync_totem_default (Same options are overwritten). +__sap_ha_pacemaker_cluster_corosync_totem_platform_dict: + generic: + options: + token: 30000 + +__sap_ha_pacemaker_cluster_corosync_totem_platform: + "{{ __sap_ha_pacemaker_cluster_corosync_totem_platform_dict.generic }}" + # Platform specific VIP handling -sap_ha_pacemaker_cluster_vip_method: ibmcloud_alb_haproxy +sap_ha_pacemaker_cluster_vip_method: "{{ __sap_ha_pacemaker_cluster_vip_method_dict.cloud_ibmcloud_vs | d('ibmcloud_alb_haproxy') }}" # For HAPROXY an non-empty port default is required to enter the resource creation flow. # TODO: task logic that configures actual haproxy listening ports, # otherwise pairs like ASCS/ERS will conflict -sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ __sap_ha_pacemaker_cluster_hana_instance_nr }}" sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port: >- - {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} - 620{{ sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} + {% if __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} + 620{{ __sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} {%- else %}{% endif %} -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_port: "620{{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_ers_port: "620{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" __sap_ha_pacemaker_cluster_available_vip_agents: diff --git a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_msazure_vm.yml b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_msazure_vm.yml index 26c2afee8..e1f271d18 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_msazure_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_msazure_vm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables specific on MS Azure platform, Virtual Machines # @@ -6,45 +7,131 @@ # The packages of the following lists will be installed by the 'ha_cluster' Linux System Role. # Any packages that are pre-requisites for variable construction must be installed before, e.g. # in the preconfigure-* tasks. -sap_ha_pacemaker_cluster_fence_agent_packages: - "{{ sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_msazure_vm | default([]) }}" +__sap_ha_pacemaker_cluster_fence_agent_packages_platform: + "{{ __sap_ha_pacemaker_cluster_fence_agent_packages_dict.cloud_msazure_vm | d([]) }}" __sap_ha_pacemaker_cluster_platform_extra_packages: - "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_msazure_vm | default([]) }}" + "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.cloud_msazure_vm | d([]) }}" __sap_ha_pacemaker_cluster_repos: - - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" - name: High Availability - - id: "rhui-microsoft-azure-rhel8-sap-ha" - name: Microsoft Azure RPMs for Red Hat Enterprise Linux 8 (rhel8-sap-ha) - -# Predefine -__sap_ha_pacemaker_cluster_msazure_hosts: [] - -# Fencing via MS Azure Managed Service Identity (MSI) per cluster node -sap_ha_pacemaker_cluster_stonith_default: - id: "res_fence_azure_arm" - agent: "stonith:fence_azure_arm" - options: - msi: true - subscriptionId: "{{ sap_ha_pacemaker_cluster_msazure_subscription_id }}" - resourceGroup: "{{ sap_ha_pacemaker_cluster_msazure_resource_group }}" + "{{ __sap_ha_pacemaker_cluster_repos_dict.cloud_msazure_vm | d([]) }}" + + +# Stonith dictionary for default stonith agents. +# Custom stonith resource can be defined using sap_ha_pacemaker_cluster_stonith_custom +# Documentation sources: +# HANA: +# SLES: https://learn.microsoft.com/en-us/azure/sap/workloads/high-availability-guide-suse-pacemaker?tabs=msi#create-a-fencing-device-on-the-pacemaker-cluster +# RHEL: https://learn.microsoft.com/en-us/azure/sap/workloads/high-availability-guide-rhel-pacemaker?tabs=msi#azure-fence-agent-as-fencing-device +# NWAS: +# NOTE: There is no separate documentation for NWAS stonith setup. + +__sap_ha_pacemaker_cluster_stonith_default_dict: + redhat: + id: "rsc_fence_azure_arm" + agent: "stonith:fence_azure_arm" + instance_attrs: + - attrs: + - name: msi + value: true + - name: subscriptionId + value: "{{ sap_ha_pacemaker_cluster_msazure_subscription_id }}" + - name: resourceGroup + value: "{{ sap_ha_pacemaker_cluster_msazure_resource_group }}" + + # String of cluster hosts defined in include_vars_platform + - name: pcmk_host_map + value: "{{ __sap_ha_pacemaker_cluster_pcmk_host_map }}" + - name: pcmk_action_limit + value: 3 + - name: pcmk_delay_max + value: 15 + - name: pcmk_monitor_retries + value: 4 + - name: pcmk_monitor_timeout + value: 120 + - name: pcmk_reboot_timeout + value: 900 + - name: power_timeout + value: 240 + operations: + - action: monitor + attrs: + - name: interval + value: 3600 + + suse: + id: "rsc_fence_azure_arm" + agent: "stonith:fence_azure_arm" + instance_attrs: + - attrs: + - name: msi + value: true + - name: subscriptionId + value: "{{ sap_ha_pacemaker_cluster_msazure_subscription_id }}" + - name: resourceGroup + value: "{{ sap_ha_pacemaker_cluster_msazure_resource_group }}" + + # String of cluster hosts defined in include_vars_platform + - name: pcmk_host_map + value: "{{ __sap_ha_pacemaker_cluster_pcmk_host_map }}" + - name: pcmk_action_limit + value: 3 + - name: pcmk_delay_max + value: 15 + - name: pcmk_monitor_retries + value: 4 + - name: pcmk_reboot_timeout + value: 900 + - name: power_timeout + value: 240 + operations: + - action: monitor + attrs: + - name: interval + value: 3600 + - name: timeout + value: 120 + +# Select __sap_ha_pacemaker_cluster_stonith_default +__sap_ha_pacemaker_cluster_stonith_default: + "{{ __sap_ha_pacemaker_cluster_stonith_default_dict[ansible_os_family | lower] }}" + + +# Default corosync options - Platform specific +# These options combined with __sap_ha_pacemaker_cluster_corosync_totem_default (Same options are overwritten). +# Documentation sources: +# SLES: https://learn.microsoft.com/en-us/azure/sap/workloads/high-availability-guide-suse-pacemaker?tabs=msi#install-the-cluster 15.A +# RHEL: https://learn.microsoft.com/en-us/azure/sap/workloads/high-availability-guide-suse-pacemaker?tabs=msi#install-the-cluster +# NOTE: Azure does not differentiate between HANA and ASCS pacemaker setup. +__sap_ha_pacemaker_cluster_corosync_totem_platform_dict: + redhat: + options: + token: 30000 + suse: + options: + token: 30000 + consensus: 36000 + +__sap_ha_pacemaker_cluster_corosync_totem_platform: + "{{ __sap_ha_pacemaker_cluster_corosync_totem_platform_dict[ansible_os_family | lower] }}" + # Platform specific VIP handling -sap_ha_pacemaker_cluster_vip_method: azure_lb +sap_ha_pacemaker_cluster_vip_method: "{{ __sap_ha_pacemaker_cluster_vip_method_dict.cloud_msazure_vm | d('azure_lb') }}" # The VIP layer consists of 2 components - the VIP and the health check resource sap_ha_pacemaker_cluster_vip_group_prefix: group_ -sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ __sap_ha_pacemaker_cluster_hana_instance_nr }}" sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port: >- - {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} - 620{{ sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} + {% if __sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} + 620{{ __sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} {%- else %}{% endif %} -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" -sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_ascs_port: "620{{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_ers_port: "620{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ __sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" +sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ __sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" __sap_ha_pacemaker_cluster_available_vip_agents: diff --git a/roles/sap_ha_pacemaker_cluster/vars/platform_hyp_ibmpower_vm.yml b/roles/sap_ha_pacemaker_cluster/vars/platform_hyp_ibmpower_vm.yml index 8572b600f..55b34a1e3 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/platform_hyp_ibmpower_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/platform_hyp_ibmpower_vm.yml @@ -1,50 +1,76 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Variables specific on IBM PowerVM hypervisor, Virtual Machines (LPAR) # TODO: rename this file to match the actual "chassis_asset_tag" output # TODO: make sure to first respect 'ha_cluster' native variables -sap_ha_pacemaker_cluster_fence_agent_packages: - "{{ sap_ha_pacemaker_cluster_fence_agent_packages_dict.hyp_ibmpower_vm | default([]) }}" +__sap_ha_pacemaker_cluster_fence_agent_packages_platform: + "{{ __sap_ha_pacemaker_cluster_fence_agent_packages_dict.hyp_ibmpower_vm | d([]) }}" __sap_ha_pacemaker_cluster_platform_extra_packages: - "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.hyp_ibmpower_vm | default([]) }}" + "{{ __sap_ha_pacemaker_cluster_platform_extra_packages_dict.hyp_ibmpower_vm | d([]) }}" __sap_ha_pacemaker_cluster_repos: - - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" - name: High Availability E4S (4-Year) for Power, little endian -# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" -# name: High Availability EUS (2-Year) for Power, little endian -# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" -# name: High Availability for Power, little endian - -# Predefine -__sap_ha_pacemaker_cluster_ibmpower_vm_hosts: [] - - -sap_ha_pacemaker_cluster_stonith_default: - id: "res_fence_lpar" - agent: "stonith:fence_lpar" - options: - ip: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host }}" - ipport: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_port }}" - username: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_login }}" - password: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_login_password }}" - hmc_version: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_version | default('4') }}" - managed: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_host_mtms }}" - # Identified during execution initial tasks, populated when variables are imported - - # plug: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_partition_name }}" - # Unnecessary when using pcmk_host_map. Identified during execution initial tasks, populated when variables are imported - - pcmk_reboot_retries: 4 - pcmk_reboot_timeout: 600 - pcmk_monitor_timeout: 600 - pcmk_status_timeout: 60 - power_timeout: 240 + "{{ __sap_ha_pacemaker_cluster_repos_dict.hyp_ibmpower_vm | d([]) }}" + + +# Stonith dictionary for default stonith agents. +# Custom stonith resource can be defined using sap_ha_pacemaker_cluster_stonith_custom +__sap_ha_pacemaker_cluster_stonith_default_dict: + generic: + id: "rsc_fence_lpar" + agent: "stonith:fence_lpar" + instance_attrs: + - attrs: + - name: ip + value: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host }}" + - name: ipport + value: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_port }}" + - name: username + value: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_login }}" + - name: password + value: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_login_password }}" + - name: hmc_version + value: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_version | d('4') }}" + - name: managed + value: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_host_mtms }}" + + # Identified during execution initial tasks, populated when variables are imported + + # plug: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_partition_name }}" + # Unnecessary when using pcmk_host_map. Identified during execution initial tasks, populated when variables are imported + # String of cluster hosts defined in include_vars_platform + - name: pcmk_host_map + value: "{{ __sap_ha_pacemaker_cluster_pcmk_host_map }}" + - name: pcmk_reboot_retries + value: 4 + - name: pcmk_reboot_timeout + value: 600 + - name: pcmk_monitor_timeout + value: 600 + - name: pcmk_status_timeout + value: 60 + - name: power_timeout + value: 240 + +# Select __sap_ha_pacemaker_cluster_stonith_default +__sap_ha_pacemaker_cluster_stonith_default: + "{{ __sap_ha_pacemaker_cluster_stonith_default_dict.generic }}" + + +# Default corosync options - Platform specific +# These options combined with __sap_ha_pacemaker_cluster_corosync_totem_default (Same options are overwritten). +__sap_ha_pacemaker_cluster_corosync_totem_platform_dict: + generic: + options: + token: 30000 + +__sap_ha_pacemaker_cluster_corosync_totem_platform: + "{{ __sap_ha_pacemaker_cluster_corosync_totem_platform_dict.generic }}" # Platform specific VIP handling -sap_ha_pacemaker_cluster_vip_method: ipaddr +sap_ha_pacemaker_cluster_vip_method: "{{ __sap_ha_pacemaker_cluster_vip_method_dict.hyp_ibmpower_vm | d('ipaddr') }}" __sap_ha_pacemaker_cluster_available_vip_agents: diff --git a/roles/sap_ha_pacemaker_cluster/vars/redhat.yml b/roles/sap_ha_pacemaker_cluster/vars/redhat.yml index 477f9e82b..d8fc31b45 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/redhat.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/redhat.yml @@ -1,14 +1,49 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# Overwrite HA_CLUSTER repository ID to use E4S repository -# - an alternative logic could be to enable the repo before running ha_cluster +# Default repositories if platform does not override them. +# This selection does not affect imported __ha_cluster_repos due to precedence. __sap_ha_pacemaker_cluster_repos: - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" name: High Availability +# Dictionary with repos for each platform +__sap_ha_pacemaker_cluster_repos_dict: + cloud_aws_ec2_vs: + - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" + name: High Availability + cloud_gcp_ce_vm: + - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" + name: High Availability + cloud_ibmcloud_powervs: + - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" + name: High Availability E4S (4-Year) for Power, little endian + # - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" + # name: High Availability EUS (2-Year) for Power, little endian + # - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" + # name: High Availability for Power, little endian + cloud_ibmcloud_vs: + - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" + name: High Availability E4S (4-Year) + # - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" + # name: High Availability EUS (2-Year) + # - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" + # name: High Availability + cloud_msazure_vm: + - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" + name: High Availability + - id: "rhui-microsoft-azure-rhel{{ ansible_distribution_major_version }}-sap-ha" + name: Microsoft Azure RPMs for Red Hat Enterprise Linux {{ ansible_distribution_major_version }} (rhel{{ ansible_distribution_major_version }}-sap-ha) + hyp_ibmpower_vm: + - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" + name: High Availability E4S (4-Year) for Power, little endian + # - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" + # name: High Availability EUS (2-Year) for Power, little endian + # - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" + # name: High Availability for Power, little endian + __sap_ha_pacemaker_cluster_halib_package: sap-cluster-connector -# List of configuration lines that must be added to the instance profiles. -# Used in tasks/configure_nwas_ascs_ers_postinstallation.yml for SAP HA Interface setup. +# List of configuration lines that must be added to the instance profiles for SAP HA Interface setup. __sap_ha_pacemaker_cluster_connector_config_lines: - "service/halib = $(DIR_EXECUTABLE)/saphascriptco.so" - "service/halib_cluster_connector = /usr/bin/sap_cluster_connector" @@ -17,20 +52,23 @@ __sap_ha_pacemaker_cluster_connector_config_lines: __sap_ha_pacemaker_cluster_command: resource_stop: "pcs resource disable" resource_start: "pcs resource enable" - resource_defaults_show: "pcs resource defaults config" - resource_defaults_update: "pcs resource defaults update" resource_restart: "pcs resource restart" + resource_cleanup: "pcs resource cleanup" + +# Default corosync options - OS specific +__sap_ha_pacemaker_cluster_corosync_totem_default: + options: [] # Make sure that there is always the minimal default fed into the included role. # This is combined with the custom list 'sap_ha_pacemaker_cluster_fence_agent_packages'. -sap_ha_pacemaker_cluster_fence_agent_minimal_packages: +__sap_ha_pacemaker_cluster_fence_agent_packages_minimal: - fence-agents-all # Dictionary with fence packages for each platform -sap_ha_pacemaker_cluster_fence_agent_packages_dict: - cloud_aws: +__sap_ha_pacemaker_cluster_fence_agent_packages_dict: + cloud_aws_ec2_vs: - fence-agents-aws - cloud_gcp: + cloud_gcp_ce_vm: - fence-agents-gce cloud_ibmcloud_powervs: - fence-agents-ibm-powervs @@ -43,11 +81,13 @@ sap_ha_pacemaker_cluster_fence_agent_packages_dict: # Dictionary with extra platform specific packages __sap_ha_pacemaker_cluster_platform_extra_packages_dict: - cloud_aws: - - awscli - cloud_gcp: + cloud_aws_ec2_vs: + - "{{ 'resource-agents-cloud' if ansible_distribution_major_version is version('9', '>=') else 'awscli' }}" + - "{{ 'awscli2' if ansible_distribution_version is version('9.5', '>=') else '' }}" + cloud_gcp_ce_vm: - resource-agents-gcp cloud_msazure_vm: + - "{{ 'resource-agents-cloud' if ansible_distribution_major_version is version('9', '>=') else '' }}" - socat # Dictionary with additional cluster packages for specific scenarios @@ -59,6 +99,9 @@ __sap_ha_pacemaker_cluster_sap_extra_packages_dict: nwas: - resource-agents-sap +# Dictionary with preferred platform specific VIP method that differs from default +# __sap_ha_pacemaker_cluster_vip_method_dict: + # Resource agents - fully qualified names __sap_ha_pacemaker_cluster_resource_agents: saphanatopology: "ocf:heartbeat:SAPHanaTopology" @@ -93,6 +136,6 @@ __sap_ha_pacemaker_cluster_hook_hana_scaleout_angi: [] __sap_ha_pacemaker_cluster_hana_hook_tkover: false __sap_ha_pacemaker_cluster_hana_hook_chksrv: false -# Enable ASCS/ERS Simple Mount as default +# Central Services Cluster Simple Mount: Enabled as default # TODO: Enable when SAPStartSrv resource agents are available on Red Hat -sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount: false +sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount: false diff --git a/roles/sap_ha_pacemaker_cluster/vars/suse.yml b/roles/sap_ha_pacemaker_cluster/vars/suse.yml index 48036d288..e8fe64ee8 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/suse.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/suse.yml @@ -1,8 +1,12 @@ +# SPDX-License-Identifier: Apache-2.0 --- +# Default repositories are tied to subscription for SLES4SAP, no need to specify them. +# __sap_ha_pacemaker_cluster_repos: +# __sap_ha_pacemaker_cluster_repos_dict: + __sap_ha_pacemaker_cluster_halib_package: sap-suse-cluster-connector -# List of configuration lines that must be added to the instance profiles. -# Used in tasks/configure_nwas_ascs_ers_postinstallation.yml for SAP HA Interface setup. +# List of configuration lines that must be added to the instance profiles for SAP HA Interface setup. __sap_ha_pacemaker_cluster_connector_config_lines: - "service/halib = $(DIR_EXECUTABLE)/saphascriptco.so" - "service/halib_cluster_connector = /usr/bin/sap_suse_cluster_connector" @@ -11,23 +15,37 @@ __sap_ha_pacemaker_cluster_connector_config_lines: __sap_ha_pacemaker_cluster_command: resource_stop: "crm resource stop" resource_start: "crm resource start" - resource_defaults_show: "crm configure show type:rsc_defaults" - resource_defaults_update: "crm configure rsc_defaults" resource_restart: "crm resource restart" + resource_cleanup: "crm resource cleanup" + +# Default corosync options - OS specific +__sap_ha_pacemaker_cluster_corosync_totem_default: + options: + token: 5000 + token_retransmits_before_loss_const: 10 + join: 60 + consensus: 6000 + max_messages: 20 # Make sure that there is always the minimal default fed into the included role. # This is combined with the custom list 'sap_ha_pacemaker_cluster_fence_agent_packages'. -sap_ha_pacemaker_cluster_fence_agent_minimal_packages: +__sap_ha_pacemaker_cluster_fence_agent_packages_minimal: - fence-agents # Dictionary with fence packages for each platform -# fence-agents are defined in sap_ha_pacemaker_cluster_fence_agent_minimal_packages already. -# sap_ha_pacemaker_cluster_fence_agent_packages_dict: +# fence-agents are defined in __sap_ha_pacemaker_cluster_fence_agent_packages_minimal already. +__sap_ha_pacemaker_cluster_fence_agent_packages_dict: + # Separate agent because of https://www.suse.com/support/kb/doc/?id=000021504 + # This package is present in SLES4SAP 15 SP4 and higher + cloud_msazure_vm: + - fence-agents-azure-arm # Dictionary with extra platform specific packages __sap_ha_pacemaker_cluster_platform_extra_packages_dict: - cloud_aws: + cloud_aws_ec2_vs: - awscli + cloud_gcp_ce_vm: + - socat cloud_msazure_vm: - socat @@ -46,6 +64,10 @@ __sap_ha_pacemaker_cluster_sap_extra_packages_dict: - sap-suse-cluster-connector - sapstartsrv-resource-agents +# Dictionary with preferred platform specific VIP method that differs from default +__sap_ha_pacemaker_cluster_vip_method_dict: + cloud_gcp_ce_vm: gcp_anything_socat + # Resource agents - fully qualified names __sap_ha_pacemaker_cluster_resource_agents: saphanatopology: "ocf:suse:SAPHanaTopology" @@ -110,9 +132,5 @@ __sap_ha_pacemaker_cluster_hook_hana_scaleup_perf_angi: __sap_ha_pacemaker_cluster_hook_hana_scaleout: [] __sap_ha_pacemaker_cluster_hook_hana_scaleout_angi: [] -# Overwrite resource clone name for SAP HANA -sap_ha_pacemaker_cluster_hana_resource_clone_name: - "{{ sap_ha_pacemaker_cluster_hana_resource_clone_msl_name }}" - -# Enable ASCS/ERS Simple Mount as default -sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount: true +# Central Services Cluster Simple Mount: Enabled as default +sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount: true diff --git a/roles/sap_hana_install/.yamllint.yml b/roles/sap_hana_install/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_hana_install/.yamllint.yml +++ b/roles/sap_hana_install/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_hana_install/README.md b/roles/sap_hana_install/README.md index 35d439c27..636b21623 100644 --- a/roles/sap_hana_install/README.md +++ b/roles/sap_hana_install/README.md @@ -1,80 +1,79 @@ + # sap_hana_install Ansible Role + +![Ansible Lint for sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml/badge.svg) -Ansible role for SAP HANA Installation +## Description + +The Ansible role `sap_hana_install` installs SAP HANA using the SAP HANA database lifecycle manager (HDBLCM). + -## Requirements + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + -`ansible-galaxy install -vv -r meta/collection-requirements.yml` +## Prerequisites + +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community). +- Ensure that servers are configured for SAP HANA. See [Recommended](#recommended) section. +- Ensure that volumes and filesystems are configured correctly. See [Recommended](#recommended) section. -### Configure your system for the installation of SAP HANA - -- Make sure required volumes and filesystems are configured in the host. -You can use the role `sap_storage_setup` to configure this. More info [here](/roles/sap_storage_setup) - -- Run the roles `sap_general_preconfigure` and `sap_hana_preconfigure` for installing required packages and -for configuring system settings. - -### SAP HANA Software Installation .SAR Files +### Prepare SAP HANA installation media Place the following files in directory /software/hana or in any other directory specified by variable `sap_hana_install_software_directory`: - 1. The SAPCAR executable for the correct hardware architecture - 2. The SAP HANA Installation .SAR file - SAP HANA 2.0 Server - `IMDB_SERVER*.SAR` file - 3. Optional - SAP HANA Components .SAR files - Include other optional components such as `IMDB_AFL*.SAR` or `IMDB_LCAPPS*.SAR` - 4. Optional - SAP Host Agent .SAR file - Include other optional components such as `SAPHOSTAGENT*SAR` -#### Sample Directory Contents - with .SAR files - -- Sample directory `sap_hana_install_software_directory` containing SAP HANA software installation files - ```console - [root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR - -rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR - -rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR - -rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE - -rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR - -rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR - -rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR - -rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR - ``` - -If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version -for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with -variable `sap_hana_install_sapcar_filename`. Example: -``` -sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE -``` - -If more than one SAR file for a certain software product is present in the software directory, the automatic -handling of such SAR files will fail after extraction, when moving the newly created product directories -(like `SAP_HOST_AGENT`) to already existing destinations. -For avoiding such situations, use following variable to provide a list of SAR files to extract: - -`sap_hana_install_sarfiles`. - -Example: +Example of `sap_hana_install_software_directory` content for SAP HANA installation: +```console +[root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR +-rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR +-rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR +-rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE +-rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR +-rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR +-rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR +-rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR ``` -sap_hana_install_sarfiles: - - SAPHOSTAGENT54_54-80004822.SAR - - IMDB_SERVER20_060_0-80002031.SAR -``` - -If there is a file named `.sha256` in the software download directory -`sap_hana_install_software_directory` which contains the checksum and the file name similar to the output -of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the -processing will continue only if the checksum matches. - -#### Extracted SAP HANA Software Installation Files +**Considerations:** +- If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version + for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with + variable `sap_hana_install_sapcar_filename`. Example: + ``` + sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE + ``` +- If more than one SAR file for a certain software product is present in the software directory, the automatic + handling of such SAR files will fail after extraction, when moving the newly created product directories + (like `SAP_HOST_AGENT`) to already existing destinations. + For avoiding such situations, use following variable to provide a list of SAR files to extract: `sap_hana_install_sarfiles`. + + Example: + ``` + sap_hana_install_sarfiles: + - SAPHOSTAGENT54_54-80004822.SAR + - IMDB_SERVER20_060_0-80002031.SAR + ``` + +- If there is a file named `.sha256` in the software download directory + `sap_hana_install_software_directory` which contains the checksum and the file name similar to the output + of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the + processing will continue only if the checksum matches. + + +### Extracted SAP HANA Software Installation Files This role will detect if there is a file `hdblcm` already present in the directory specified by variable `sap_hana_install_software_extract_directory` or in any directory below. If If found, it will skip the .SAR extraction phase and proceed with the installation. @@ -94,16 +93,16 @@ software extract directory is required then set `sap_hana_install_cleanup_extrac these cleanup actions are false. -- Sample directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files - ```console - [root@hanahost extracted]# ll -lrt - drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL - drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT - drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS - drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE - drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT - drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 - ``` +- Example of directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files +```console +[root@hanahost extracted]# ll -lrt +drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL +drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT +drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS +drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE +drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT +drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 +``` #### SAP HANA hdblcm Configfile Processing @@ -140,111 +139,23 @@ Note: If there is a file named `configfile.cfg` in the directory specified by ro will be performed. Be aware that when using this file, any modifications to role variables after creation of this file will not be reflected. -## Further Variables and Parameters - -### Input Parameters - -If the variable `sap_hana_install_check_sidadm_user` is set to `no`, the role will install SAP HANA even -if the sidadm user exists. Default is `yes`, in which case the installation will not be performed if the -sidadm user exists. - -The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation -or if it will add further hosts to an existing SAP HANA system as specified by variable -`sap_hana_install_addhosts`. Default is `yes` for a fresh SAP HANA installation. - -The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set -the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined -in a variable which is compatible with the variable structure used by Linux System Role `firewall`. -The firewall ports for SAP HANA are defined in member `port` of the first field of variable -`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the -member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, -the ports will be disabled, which might be useful for testing. - -Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. -You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. -Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` -(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, -`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. - -### Default Parameters - -Please check the default parameters file for more information on other parameters that can be used as an input -- [**sap_hana_install** default parameters](defaults/main.yml) + ## Execution - -Sample Ansible Playbook Execution - -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-hana-install.yml -e "@inputs/HDB.install"` - -- Target Host Installation - - `ansible-playbook -i "" sap-hana-install.yml -e "@inputs/HDB.install"` - -## Sample playbooks - -### Sample playbook for installing a new scale-up (=single node) SAP HANA system - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -### Sample playbook for installing a new scale-out SAP HANA system - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_root_password: 'NewPass$321' - sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -### Sample playbook for adding additional nodes to an existing SAP HANA installation - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_new_system: no - sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_root_password: 'NewPass$321' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -You can find more complex playbooks in directory `playbooks` of the collection `community.sap_install`. - -## Flow - -### New SAP HANA Installation - + + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. *`sap_hana_install`* + + +### Execution Flow + #### Perform Initial Checks These checks will be performed by default but can be skipped by setting `sap_hana_install_force` to `true`. @@ -338,9 +249,70 @@ in a temporary directory for use by the hdblcm command in the next step. #### Post-Install - Print a short summary of the result of the installation. + + +### Example + +#### Example playbook for installing a new scale-up (=single node) SAP HANA system +```yaml +--- +- name: Ansible Play for SAP HANA installation - One host + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + +#### Example playbook for installing a new scale-out SAP HANA system +```yaml +--- +- name: Ansible Play for SAP HANA installation - Scale-out + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_root_password: 'NewPass$321' + sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + +#### Example playbook for adding additional nodes to an existing SAP HANA installation +```yaml +--- +- name: Ansible Play for SAP HANA installation - Add host + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_new_system: no + sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_root_password: 'NewPass$321' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + -## Tags + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_hana_install_check_installation`: Perform an installation check, using `hdbcheck` or `hdblcm --action=check_installation`. @@ -373,30 +345,103 @@ With the following tags, the role can be called to perform certain activities on `overwrite`. - tag `sap_hana_install_store_connection_information`: Only run the `hdbuserstore` command -Sample call for only processing the SAPCAR and SAR files and creating the hdblcm configfile: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories -``` +
+ How to run sap_hana_install with tags -Sample call for only processing the SAPCAR files: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar -``` + #### Process SAPCAR and SAR files and create the hdblcm configfile: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories + ``` -Sample call for only processing the SAPCAR and SAR files, without extracting the SAR files: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles -``` + #### Process only SAPCAR files: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar + ``` -Sample call for only displaying the SAP HANA hdblcm command line: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline -``` + #### Process SAPCAR and SAR files without extracting SAR files: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles + ``` + + #### Display SAP HANA hdblcm command without using it + ``` + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline + ``` +
+ + + + + +## Further Information +- Starting with SAP HANA 2.0 SPS08, the component LSS (Local Secure Store) will be installed by default +when installing SAP HANA. This requires the installation execution mode to be set to 'optimized', which is +now set in the file `defaults/main.yml`. + +- For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + ## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Variables + +### sap_hana_install_sid + +- _Type:_ `string` + +Enter SAP HANA System ID (SID). + +### sap_hana_install_number + +- _Type:_ `string` + +Enter SAP HANA Instance number. + +### sap_hana_install_fapolicyd_integrity + +- _Type:_ `string` +- _Default:_ `sha256` + +Select `fapolicyd` integrity check option.
+Available values: `none`, `size`, `sha256`, `ima`. + +### sap_hana_install_check_sidadm_user + +- _Type:_ `bool` +- _Default:_ `True` + +Set to `False` to install SAP HANA even if the `sidadm` user exists.
+Default is `True`, in which case the installation will not be performed if the `sidadm` user exists. + +### sap_hana_install_new_system + +- _Type:_ `bool` +- _Default:_ `True` + +Set to `False` to use existing SAP HANA database and add more hosts using variable `sap_hana_install_addhosts`.
+Default is `True`, in which case fresh SAP HANA installation will be performed. + +### sap_hana_install_update_firewall -Apache license 2.0 +- _Type:_ `bool` +- _Default:_ `False` -## Author Information +The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set the variable `sap_hana_install_update_firewall` to `yes` (default is `no`).
+The firewall ports are defined in a variable which is compatible with the variable structure used by Linux System Role `firewall`.
+The firewall ports for SAP HANA are defined in member `port` of the first field of variable `sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`.
+If the member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, the ports will be disabled, which might be useful for testing.
-Red Hat for SAP Community of Practice, IBM Lab for SAP Solutions, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories.
+You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`.
+Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` (= SAP HANA instance number)
+ can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, `sap_hana_install_instance_number`, or `sap_hana_install_number`.
+ The order of precedence is from left to right. + diff --git a/roles/sap_hana_install/defaults/main.yml b/roles/sap_hana_install/defaults/main.yml index 0e82c8e5d..6d4f47d38 100644 --- a/roles/sap_hana_install/defaults/main.yml +++ b/roles/sap_hana_install/defaults/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ################ @@ -139,6 +140,12 @@ sap_hana_install_system_usage: 'custom' sap_hana_install_restrict_max_mem: 'n' sap_hana_install_max_mem: +# Starting with SAP HANA 2.0 SPS08, the component LSS (Local Secure Store) will be installed by default +# when installing SAP HANA. This requires the installation execution mode to be set to 'optimized'. +# You can change the following variable to the default of 'standard' in your playbook or inventory, +# for example when installing an older version of SAP HANA or when not installing the 'lss' component. +sap_hana_install_install_execution_mode: 'optimized' + # hdblcm will use default ids if blank sap_hana_install_userid: sap_hana_install_groupid: @@ -224,3 +231,6 @@ sap_hana_install_create_initial_tenant: 'y' # The hostname is set by 'hdblcm --dump_configfile_template' during the preinstall phase but can also # be set to a different value in your playbook or hostvars: # sap_hana_install_hostname: + +# Display SAP HANA hdblcm unattended mode output (hdblcm stdout) +sap_hana_install_display_unattended_output: false diff --git a/roles/sap_hana_install/meta/argument_specs.yml b/roles/sap_hana_install/meta/argument_specs.yml index 563a282af..cda7f0b71 100644 --- a/roles/sap_hana_install/meta/argument_specs.yml +++ b/roles/sap_hana_install/meta/argument_specs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- argument_specs: main: diff --git a/roles/sap_hana_install/meta/collection-requirements.yml b/roles/sap_hana_install/meta/collection-requirements.yml index 0a4e50f46..a1227178d 100644 --- a/roles/sap_hana_install/meta/collection-requirements.yml +++ b/roles/sap_hana_install/meta/collection-requirements.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- collections: diff --git a/roles/sap_hana_install/meta/main.yml b/roles/sap_hana_install/meta/main.yml index 9c72ba4ec..be9d08d7a 100644 --- a/roles/sap_hana_install/meta/main.yml +++ b/roles/sap_hana_install/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_hana_install/tasks/assert-addhosts-loop-block.yml b/roles/sap_hana_install/tasks/assert-addhosts-loop-block.yml index 55581576f..b87641727 100644 --- a/roles/sap_hana_install/tasks/assert-addhosts-loop-block.yml +++ b/roles/sap_hana_install/tasks/assert-addhosts-loop-block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Add Hosts - Check for SAP HANA instance profile for '{{ line_item }}' diff --git a/roles/sap_hana_install/tasks/hana_addhosts.yml b/roles/sap_hana_install/tasks/hana_addhosts.yml index 63d202d98..7c415fed4 100644 --- a/roles/sap_hana_install/tasks/hana_addhosts.yml +++ b/roles/sap_hana_install/tasks/hana_addhosts.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Add Hosts - Fill new variable __sap_hana_install_addhosts_hosts diff --git a/roles/sap_hana_install/tasks/hana_exists.yml b/roles/sap_hana_install/tasks/hana_exists.yml index 3f352b830..c97c88f7e 100644 --- a/roles/sap_hana_install/tasks/hana_exists.yml +++ b/roles/sap_hana_install/tasks/hana_exists.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ## Try to use saphostctrl to figure out if HANA or other SID is installed diff --git a/roles/sap_hana_install/tasks/hana_install.yml b/roles/sap_hana_install/tasks/hana_install.yml index 198196f3f..66c480f0b 100644 --- a/roles/sap_hana_install/tasks/hana_install.yml +++ b/roles/sap_hana_install/tasks/hana_install.yml @@ -1,8 +1,9 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ansible does not support streaming of stdout, so we offer a workaround. # For more information, see https://github.com/ansible/proposals/issues/92 -- name: Copy file tail-f-hdblcm-install-trc.sh to '{{ __sap_hana_install_register_tmpdir.path }}' +- name: Install SAP HANA - Copy file tail-f-hdblcm-install-trc.sh to '{{ __sap_hana_install_register_tmpdir.path }}' ansible.builtin.copy: src: tmp/tail-f-hdblcm-install-trc.sh dest: "{{ __sap_hana_install_register_tmpdir.path }}/tail-f-hdblcm-install-trc.sh" @@ -11,7 +12,7 @@ mode: '0755' # Show how to use the workaround: -- name: Show how to watch the install process in real time +- name: Install SAP HANA - Show how to watch the install process in real time ansible.builtin.debug: msg: - 'Once the task "Install SAP HANA" has started, you can use the following command' @@ -20,12 +21,12 @@ - 'Alternatively, you can run the following command on the control node:' - "ssh {{ inventory_hostname }} {{ __sap_hana_install_register_tmpdir.path }}/tail-f-hdblcm-install-trc.sh" -- name: Set fact for the hdblcm verify_signature argument +- name: Install SAP HANA - Set fact for the hdblcm verify_signature argument ansible.builtin.set_fact: __sap_hana_install_fact_verify_signature: '--verify_signature' when: sap_hana_install_verify_signature -- name: Set fact for the hdblcm command line +- name: Install SAP HANA - Set fact for the hdblcm command line ansible.builtin.set_fact: __sap_hana_install_hdblcm_command: "./hdblcm {{ sap_hana_install_hdblcm_extraargs | d('') }} {{ __sap_hana_install_fact_verify_signature | d('') }} @@ -33,15 +34,43 @@ -b" tags: sap_hana_install_hdblcm_commandline -- name: Display the hdblcm command line +- name: Install SAP HANA - Display the hdblcm command line ansible.builtin.debug: msg: "SAP HANA install command: '{{ __sap_hana_install_hdblcm_command }}'" tags: sap_hana_install_hdblcm_commandline - name: Install SAP HANA - {{ sap_hana_install_sid }} {{ sap_hana_install_number }} ansible.builtin.command: "{{ __sap_hana_install_hdblcm_command }}" - register: __sap_hana_install_register_hdblcm_install + register: __sap_hana_install_register_hdblcm_install_async_job args: chdir: "{{ __sap_hana_install_fact_hdblcm_path }}" - changed_when: "'SAP HANA Lifecycle Management' in __sap_hana_install_register_hdblcm_install.stdout" + async: 86400 # Seconds for maximum runtime, set to 24 hours + poll: 0 # Seconds between polls, use 0 to run Ansible Tasks concurrently + changed_when: true when: not ansible_check_mode + +- name: Install SAP HANA - Wait for hdblcm process to exit, poll every 60 seconds + ansible.builtin.shell: + cmd: set -o pipefail && ps -ef | awk '/ hdblcm /&&/ {{ __sap_hana_install_configfile_arg }} /&&!/ awk /{print}' + register: __sap_hana_install_register_pids_sapinst + until: "__sap_hana_install_register_pids_sapinst.stdout | length == 0" + retries: 1440 + delay: 60 + vars: + __sap_hana_install_configfile_arg: "{{ '--configfile=' + (__sap_hana_install_register_tmpdir.path + '/configfile.cfg') | regex_replace('/', '\\/') }}" + changed_when: false + +- name: Install SAP HANA - Verify if hdblcm process finished successfully + ansible.builtin.async_status: + jid: "{{ __sap_hana_install_register_hdblcm_install_async_job.ansible_job_id }}" + register: __sap_hana_install_register_sapinst + failed_when: __sap_hana_install_register_sapinst.finished != 1 or __sap_hana_install_register_sapinst.rc != 0 + +- name: Install SAP HANA - Display the hdblcm return code + ansible.builtin.debug: + msg: "{{ __sap_hana_install_register_sapinst.rc }}" + +- name: Install SAP HANA - Display the hdblcm output + ansible.builtin.debug: + msg: "{{ __sap_hana_install_register_sapinst.stdout_lines }}" + when: sap_hana_install_display_unattended_output diff --git a/roles/sap_hana_install/tasks/main.yml b/roles/sap_hana_install/tasks/main.yml index 1a8f2eb7a..b9efc6398 100644 --- a/roles/sap_hana_install/tasks/main.yml +++ b/roles/sap_hana_install/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Rename some variables used by hdblcm configfile @@ -9,6 +10,7 @@ sap_hana_install_restrict_max_mem: "{{ sap_hana_install_mem_restrict | d(sap_hana_install_restrict_max_mem) }}" tags: - sap_hana_install_check_hana_exists + - sap_hana_install_check_installation - sap_hana_install_preinstall - sap_hana_install_set_log_mode - sap_hana_install_configure_firewall diff --git a/roles/sap_hana_install/tasks/post_install.yml b/roles/sap_hana_install/tasks/post_install.yml index 0af5f8773..c276775b3 100644 --- a/roles/sap_hana_install/tasks/post_install.yml +++ b/roles/sap_hana_install/tasks/post_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Tasks for new HANA Systems diff --git a/roles/sap_hana_install/tasks/post_install/firewall.yml b/roles/sap_hana_install/tasks/post_install/firewall.yml index a11661b66..aa7ede64e 100644 --- a/roles/sap_hana_install/tasks/post_install/firewall.yml +++ b/roles/sap_hana_install/tasks/post_install/firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Post Install - Enable and start the firewalld service diff --git a/roles/sap_hana_install/tasks/post_install/hdbuserstore.yml b/roles/sap_hana_install/tasks/post_install/hdbuserstore.yml index 24d8ecc7a..a4fa40e78 100644 --- a/roles/sap_hana_install/tasks/post_install/hdbuserstore.yml +++ b/roles/sap_hana_install/tasks/post_install/hdbuserstore.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Post Install - Create and Store Connection Info in hdbuserstore diff --git a/roles/sap_hana_install/tasks/post_install/license.yml b/roles/sap_hana_install/tasks/post_install/license.yml index df4f4e56c..409cfadd9 100644 --- a/roles/sap_hana_install/tasks/post_install/license.yml +++ b/roles/sap_hana_install/tasks/post_install/license.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Post Install - Apply the SAP HANA license diff --git a/roles/sap_hana_install/tasks/post_install/log_mode.yml b/roles/sap_hana_install/tasks/post_install/log_mode.yml index 9590f00f8..75338cdac 100644 --- a/roles/sap_hana_install/tasks/post_install/log_mode.yml +++ b/roles/sap_hana_install/tasks/post_install/log_mode.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Post Install - Set log_mode to overwrite, no initial tenant diff --git a/roles/sap_hana_install/tasks/post_install/recreate_tenant_database.yml b/roles/sap_hana_install/tasks/post_install/recreate_tenant_database.yml index 66041ce7e..8c2cfc8b6 100644 --- a/roles/sap_hana_install/tasks/post_install/recreate_tenant_database.yml +++ b/roles/sap_hana_install/tasks/post_install/recreate_tenant_database.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Post Install - Recreate the tenant database diff --git a/roles/sap_hana_install/tasks/post_install/update_etchosts.yml b/roles/sap_hana_install/tasks/post_install/update_etchosts.yml index 584252e3f..79c922a33 100644 --- a/roles/sap_hana_install/tasks/post_install/update_etchosts.yml +++ b/roles/sap_hana_install/tasks/post_install/update_etchosts.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Post Install - Deduplicate values from /etc/hosts diff --git a/roles/sap_hana_install/tasks/post_install/update_firewall.yml b/roles/sap_hana_install/tasks/post_install/update_firewall.yml index b2dfdb84c..a00d83048 100644 --- a/roles/sap_hana_install/tasks/post_install/update_firewall.yml +++ b/roles/sap_hana_install/tasks/post_install/update_firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # This task requires the variable passed_port diff --git a/roles/sap_hana_install/tasks/pre_install-loop-block.yml b/roles/sap_hana_install/tasks/pre_install-loop-block.yml index cf756e017..c27dbdc57 100644 --- a/roles/sap_hana_install/tasks/pre_install-loop-block.yml +++ b/roles/sap_hana_install/tasks/pre_install-loop-block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Pre Install - Set __sap_hana_install_fact_tmp_dirname diff --git a/roles/sap_hana_install/tasks/pre_install.yml b/roles/sap_hana_install/tasks/pre_install.yml index df158848c..22fef6159 100644 --- a/roles/sap_hana_install/tasks/pre_install.yml +++ b/roles/sap_hana_install/tasks/pre_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ################ # Password Facts diff --git a/roles/sap_hana_install/tasks/pre_install/extract_sarfile.yml b/roles/sap_hana_install/tasks/pre_install/extract_sarfile.yml index 7cfed7751..041fc08dd 100644 --- a/roles/sap_hana_install/tasks/pre_install/extract_sarfile.yml +++ b/roles/sap_hana_install/tasks/pre_install/extract_sarfile.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA hdblcm prepare - Set fact for temporary extraction directory, default @@ -14,7 +15,7 @@ ansible.builtin.file: path: "{{ __sap_hana_install_tmp_software_extract_directory }}" state: directory - mode: 0755 + mode: "0755" owner: root group: root diff --git a/roles/sap_hana_install/tasks/pre_install/hdblcm_configfile.yml b/roles/sap_hana_install/tasks/pre_install/hdblcm_configfile.yml index 6e807c63a..f6aa1e565 100644 --- a/roles/sap_hana_install/tasks/pre_install/hdblcm_configfile.yml +++ b/roles/sap_hana_install/tasks/pre_install/hdblcm_configfile.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA Pre Install - Create the hdblcm configfile directory '{{ sap_hana_install_configfile_directory }}' if it does not exist diff --git a/roles/sap_hana_install/tasks/pre_install/hdblcm_prepare.yml b/roles/sap_hana_install/tasks/pre_install/hdblcm_prepare.yml index 0a5119087..bdff8d74d 100644 --- a/roles/sap_hana_install/tasks/pre_install/hdblcm_prepare.yml +++ b/roles/sap_hana_install/tasks/pre_install/hdblcm_prepare.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # hdblcm prepare diff --git a/roles/sap_hana_install/tasks/pre_install/prepare_sapcar.yml b/roles/sap_hana_install/tasks/pre_install/prepare_sapcar.yml index 051feb27d..159d02efa 100644 --- a/roles/sap_hana_install/tasks/pre_install/prepare_sapcar.yml +++ b/roles/sap_hana_install/tasks/pre_install/prepare_sapcar.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # hdblcm prepare SAPCAR diff --git a/roles/sap_hana_install/tasks/pre_install/prepare_sarfiles.yml b/roles/sap_hana_install/tasks/pre_install/prepare_sarfiles.yml index a77c50ed9..299e8dbbe 100644 --- a/roles/sap_hana_install/tasks/pre_install/prepare_sarfiles.yml +++ b/roles/sap_hana_install/tasks/pre_install/prepare_sarfiles.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # hdblcm prepare sarfiles @@ -51,7 +52,7 @@ src: "{{ __sap_hana_install_fact_software_directory }}/{{ item }}" dest: "{{ sap_hana_install_software_extract_directory }}/sarfiles/{{ item }}" remote_src: true - mode: 0755 + mode: "0755" owner: root group: root with_items: "{{ __sap_hana_install_fact_sarfiles }}" diff --git a/roles/sap_hana_install/tasks/pre_install/verify_checksum.yml b/roles/sap_hana_install/tasks/pre_install/verify_checksum.yml index c8f6ee2f7..9f189983e 100644 --- a/roles/sap_hana_install/tasks/pre_install/verify_checksum.yml +++ b/roles/sap_hana_install/tasks/pre_install/verify_checksum.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP HANA hdblcm prepare - Check if checksum file exists diff --git a/roles/sap_hana_install/tests/install/hana-uninstall.yml b/roles/sap_hana_install/tests/install/hana-uninstall.yml index 24b8b16b6..73846c06c 100644 --- a/roles/sap_hana_install/tests/install/hana-uninstall.yml +++ b/roles/sap_hana_install/tests/install/hana-uninstall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - hosts: all diff --git a/roles/sap_hana_install/tests/install/install-vars.yml b/roles/sap_hana_install/tests/install/install-vars.yml index ce679444a..b5de8429d 100644 --- a/roles/sap_hana_install/tests/install/install-vars.yml +++ b/roles/sap_hana_install/tests/install/install-vars.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- sap_hana_install_new_system: true diff --git a/roles/sap_hana_install/tests/install/prepare-install-test-01.yml b/roles/sap_hana_install/tests/install/prepare-install-test-01.yml index fd9272862..c473b254f 100644 --- a/roles/sap_hana_install/tests/install/prepare-install-test-01.yml +++ b/roles/sap_hana_install/tests/install/prepare-install-test-01.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: diff --git a/roles/sap_hana_install/tests/install/prepare-install-test-02.yml b/roles/sap_hana_install/tests/install/prepare-install-test-02.yml index eaf463da9..0c83798bb 100644 --- a/roles/sap_hana_install/tests/install/prepare-install-test-02.yml +++ b/roles/sap_hana_install/tests/install/prepare-install-test-02.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: diff --git a/roles/sap_hana_install/tests/install/prepare-install-test-03.yml b/roles/sap_hana_install/tests/install/prepare-install-test-03.yml index eaf463da9..0c83798bb 100644 --- a/roles/sap_hana_install/tests/install/prepare-install-test-03.yml +++ b/roles/sap_hana_install/tests/install/prepare-install-test-03.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: diff --git a/roles/sap_hana_install/tests/install/prepare-install-tests-ppc64le.yml b/roles/sap_hana_install/tests/install/prepare-install-tests-ppc64le.yml index 42040793f..7233ef38a 100644 --- a/roles/sap_hana_install/tests/install/prepare-install-tests-ppc64le.yml +++ b/roles/sap_hana_install/tests/install/prepare-install-tests-ppc64le.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: diff --git a/roles/sap_hana_install/tests/install/prepare-install-tests-x86_64.yml b/roles/sap_hana_install/tests/install/prepare-install-tests-x86_64.yml index 0e5c1111d..31c3ccf1a 100644 --- a/roles/sap_hana_install/tests/install/prepare-install-tests-x86_64.yml +++ b/roles/sap_hana_install/tests/install/prepare-install-tests-x86_64.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: diff --git a/roles/sap_hana_install/tests/install/remove-all-firewall-ports.yml b/roles/sap_hana_install/tests/install/remove-all-firewall-ports.yml index 7e958b532..5e82bb651 100644 --- a/roles/sap_hana_install/tests/install/remove-all-firewall-ports.yml +++ b/roles/sap_hana_install/tests/install/remove-all-firewall-ports.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Remove all defined firewall ports as per field 'ports' in 'firewall-cmd --list-all' diff --git a/roles/sap_hana_install/tests/install/run-install-test-01.yml b/roles/sap_hana_install/tests/install/run-install-test-01.yml index a5ab13647..d092769b0 100644 --- a/roles/sap_hana_install/tests/install/run-install-test-01.yml +++ b/roles/sap_hana_install/tests/install/run-install-test-01.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: test diff --git a/roles/sap_hana_install/tests/install/run-install-test-02.yml b/roles/sap_hana_install/tests/install/run-install-test-02.yml index a5ab13647..d092769b0 100644 --- a/roles/sap_hana_install/tests/install/run-install-test-02.yml +++ b/roles/sap_hana_install/tests/install/run-install-test-02.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: test diff --git a/roles/sap_hana_install/tests/install/run-install-test-03.yml b/roles/sap_hana_install/tests/install/run-install-test-03.yml index ad91b88eb..bdb9dd5ba 100644 --- a/roles/sap_hana_install/tests/install/run-install-test-03.yml +++ b/roles/sap_hana_install/tests/install/run-install-test-03.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: test diff --git a/roles/sap_hana_install/tests/sapcar/prepare-sapcar-tests.yml b/roles/sap_hana_install/tests/sapcar/prepare-sapcar-tests.yml index f3960658d..585b7289a 100644 --- a/roles/sap_hana_install/tests/sapcar/prepare-sapcar-tests.yml +++ b/roles/sap_hana_install/tests/sapcar/prepare-sapcar-tests.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Prepare sapcar tests diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-01.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-01.yml index abdd86069..1a77f30ad 100644 --- a/roles/sap_hana_install/tests/sapcar/prepare-test-01.yml +++ b/roles/sap_hana_install/tests/sapcar/prepare-test-01.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Prepare test 01 diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-02.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-02.yml index 3a0420839..2f9316289 100644 --- a/roles/sap_hana_install/tests/sapcar/prepare-test-02.yml +++ b/roles/sap_hana_install/tests/sapcar/prepare-test-02.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Prepare test 02 diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-03.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-03.yml index 7864eb5dc..5656ae9da 100644 --- a/roles/sap_hana_install/tests/sapcar/prepare-test-03.yml +++ b/roles/sap_hana_install/tests/sapcar/prepare-test-03.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Prepare test 03 diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-04.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-04.yml index a8b9a765a..869413bfd 100644 --- a/roles/sap_hana_install/tests/sapcar/prepare-test-04.yml +++ b/roles/sap_hana_install/tests/sapcar/prepare-test-04.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Prepare test 04 diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-05.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-05.yml index 58ed19334..cf9e299e7 100644 --- a/roles/sap_hana_install/tests/sapcar/prepare-test-05.yml +++ b/roles/sap_hana_install/tests/sapcar/prepare-test-05.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Prepare test 05 diff --git a/roles/sap_hana_install/tests/sapcar/run-sapcar-test.yml b/roles/sap_hana_install/tests/sapcar/run-sapcar-test.yml index 8bc6b9852..3bac2df7b 100644 --- a/roles/sap_hana_install/tests/sapcar/run-sapcar-test.yml +++ b/roles/sap_hana_install/tests/sapcar/run-sapcar-test.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: test diff --git a/roles/sap_hana_install/tests/sapcar/sapcar-vars.yml b/roles/sap_hana_install/tests/sapcar/sapcar-vars.yml index 0b904f627..9242ad578 100644 --- a/roles/sap_hana_install/tests/sapcar/sapcar-vars.yml +++ b/roles/sap_hana_install/tests/sapcar/sapcar-vars.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- sap_hana_install_sid: T01 diff --git a/roles/sap_hana_install/vars/main.yml b/roles/sap_hana_install/vars/main.yml index b01f0a70d..5b23ad4a6 100644 --- a/roles/sap_hana_install/vars/main.yml +++ b/roles/sap_hana_install/vars/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SAP System IDs that are reserved and must not be used diff --git a/roles/sap_hana_preconfigure/.yamllint.yml b/roles/sap_hana_preconfigure/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_hana_preconfigure/.yamllint.yml +++ b/roles/sap_hana_preconfigure/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_hana_preconfigure/README.md b/roles/sap_hana_preconfigure/README.md index 6ee18a682..52014f2a4 100644 --- a/roles/sap_hana_preconfigure/README.md +++ b/roles/sap_hana_preconfigure/README.md @@ -1,114 +1,147 @@ + # sap_hana_preconfigure Ansible Role + +![Ansible Lint for sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml/badge.svg) + +## Description + +The Ansible role `sap_hana_preconfigure` installs additional required packages and performs additional OS configuration steps according to applicable SAP notes for installing and running SAP HANA after the role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) has been executed. + + + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + + +## Prerequisites +Managed nodes: +- Ensure that general operating system configuration for SAP is performed by [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure). See [Recommended](#recommended) section. + +
+ (Red Hat) Ensure required repositories are available + + Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible: + + for RHEL 7.x: + - rhel-7-[server|for-power-le]-e4s-rpms + - rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms + + for RHEL 8.x: + - rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + for RHEL 9.x: + - rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. + + To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in one of following repositories + - rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + To get this repository you need to have one of the following products: + - [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) + - RHEL for Business Partner NFRs + - [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) + + To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. + + - [Registration Link](http://developers.redhat.com/register) : + Here you can either register a new personal account or link it to an already existing + **personal** Red Hat Network account. + - [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): + Here you can download the Installation DVD for RHEL with your previously registered + account + + *NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional + product but only a special bundling. The subscription grants you access to the additional + packages through our content delivery network (CDN) after installation. + + For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). + + It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. + You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process + + If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. + + Note + ---- + For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). +
+ + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +**NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_hana_preconfigure`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages and patch system if `sap_hana_preconfigure_update:true` +3. Apply configurations + - Execute configuration tasks based on SAP Notes + - (SUSE) Execute saptune with solution `sap_hana_preconfigure_saptune_solution` (Default: `HANA`) +4. Reboot Managed nodes if packages were installed or patched and `sap_hana_preconfigure_reboot_ok: true` + + +### Example + +Example of execution together with prerequisite role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +```yaml +--- +- name: Ansible Play for SAP HANA HA Scale-up preconfigure + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Execute Ansible Role sap_hana_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_hana_preconfigure +``` + -This role installs additional required packages and performs additional configuration steps for installing and running SAP HANA. -If you want to configure a RHEL system for the installation and later usage of SAP HANA, you have to first run role sap_general_preconfigure -and then role sap_hana_preconfigure. However, if we wish to run SLES for HANA, you may run only this role. - -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). - -It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP HANA, to maintain an identical system time, before or after running role sap_hana_preconfigure. - -Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible (see also example playbook): - -for RHEL 7.x: -- rhel-7-[server|for-power-le]-e4s-rpms -- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms - -for RHEL 8.x: -- rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms -- rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms -- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -for RHEL 9.x: -- rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms -- rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms -- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -for SLES 15.x: -- SLE-Module-SAP-Applications15-[SP number]-Pool -- SLE-Module-SAP-Applications15-[SP number]-Updates -- SLE-Product-SLES_SAP15-[SP number]-Pool -- SLE-Product-SLES_SAP15-[SP number]-Updates - -For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. - -To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in the -- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms, -- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms, or -- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -repository. - -To get this repository you need to have one of the following products: - -- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) -- RHEL for Business Partner NFRs -- [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) - -To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. - -- [Registration Link](http://developers.redhat.com/register) : - Here you can either register a new personal account or link it to an already existing - **personal** Red Hat Network account. -- [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): - Here you can download the Installation DVD for RHEL with your previously registered - account - -*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional - product but only a special bundling. The subscription grants you access to the additional - packages through our content delivery network (CDN) after installation. - -For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). - -Details on configuring SLES repositories can be found on the following articles for [on-premise systems](https://www.suse.com/support/kb/doc/?id=000018564) or [BYOS cloud images](https://www.suse.com/c/byos-instances-and-the-suse-public-cloud-update-infrastructure/) - - -It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. -You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process - -If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. - -Note ----- -For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). - -For SLES, notes are applied using the saptune service. Saptune supports a number of solutions. A solution implements several SAP notes. The default solution for this role is 'HANA'. To see a list of supported solutions and the notes that they implement, you can run `saptune solution list` on the command line. - -Do not run this role against an SAP HANA or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. - -Changes -------- -1) Previous versions of this role used the variable sap_hana_preconfigure_use_tuned_where_possible to switch between either tuned settings -or kernel command line settings (where applicable). -The current version modifies this behavior: -- The variable sap_hana_preconfigure_use_tuned_where_possible has been renamed to sap_hana_preconfigure_use_tuned -- The variable sap_hana_preconfigure_switch_to_tuned_profile_sap_hana has been removed. -- If sap_hana_preconfigure_use_tuned is set to `yes`, which is also the default, the role will configure the system for using tuned and also switch to tuned profile sap-hana. - If sap_hana_preconfigure_use_tuned is set to `no`, the role will perform a static configuration, including the modification of the linux command line in grub. -- The role can use tuned, or configure the kernel command line, or both. - -2) Previous versions of this role used variable sap_hana_preconfigure_selinux_state to set the SELinux state to disabled. -As the role sap_general_preconfigure already allows to specify the desired SELinux state, and as sap_general_preconfigure -is always run before sap_hana_preconfigure, there is no need any more to let sap_hana_preconfigure configure the SELinux state. -The same applies to the assertion of the SELinux state. - -3) SLES systems are now configured using saptune rather than the ansible implementation of the notes. - - -## Role Input Parameters + + -#### Minimum required parameters: + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -This role does not require any parameter to be set in the playbook or inventory. +## License + +Apache 2.0 + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + +## Role Variables + ### sap_hana_preconfigure_config_all - _Type:_ `bool` @@ -160,13 +193,11 @@ This is useful if the role is used for reporting a system's SAP notes compliance ### sap_hana_preconfigure_system_roles_collection - _Type:_ `str` - _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
+Available values: +- `fedora.linux_system_roles` - for community/upstream.
+- `redhat.rhel_system_roles` - for the RHEL System Roles for SAP, or for Red Hat Automation Hub.
### sap_hana_preconfigure_min_rhel_release_check - _Type:_ `bool` @@ -326,13 +357,6 @@ Network related linux kernel parameter settings for platform ppc64le.
Set to `true` to also set NetApp NFS required kernel parameters.
-### sap_hana_preconfigure_use_netapp_settings_nfsv3 -- _Type:_ `bool` -- _Default:_ `false` - -If `sap_hana_preconfigure_use_netapp_settings_nfs` is set to `true` and NFS Version 3 is to be used,
-this parameter must be set to `true` as well.
- ### sap_hana_preconfigure_install_ibm_power_tools - _Type:_ `bool` - _Default:_ `true` @@ -392,6 +416,12 @@ Set this parameter to `true` to modify the Grub boot command line.
By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
Set this parameter to `false` if this is not desired.
+### sap_hana_preconfigure_thp +- _Type:_ `str` +- _Default:_ `` + +Override the default setting for THP, which is determined automatically by the role, depending on the RHEL version. + ### sap_hana_preconfigure_db_group_name - _Type:_ `str` @@ -406,105 +436,23 @@ sap_hana_preconfigure_db_group_name: dba ### sap_hana_preconfigure_saptune_version - _Type:_ `str` -- _Default:_ `'3.0.2'` +- _Default:_ `''` -Version of saptune to install (SLES for SAP Applications).
+(SUSE specific) Specifies the saptune version.
This will replace the current installed version if present, even downgrade if necessary.
### sap_hana_preconfigure_saptune_solution - _Type:_ `str` - _Default:_ `'HANA'` -- _Possible Values:_
- - `HANA` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-DBSERVER` -The saptune solution to apply (SLES for SAP Applications).
+(SUSE specific) Specifies the saptune solution to apply.
+Available values: `HANA`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-DBSERVER` ### sap_hana_preconfigure_saptune_azure - _Type:_ `bool` - _Default:_ `false` -On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
+(SUSE specific) On Azure, TCP timestamps, reuse and recycle should be disabled.
+If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
Set this parameter to `true` on Azure.
- - - -## Example Playbook - -Simple playbook, named sap+hana.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure - - role: sap_hana_preconfigure -``` - -Simple playbook for an extended check (assert) run, named sap+hana-assert.yml: -```yaml ---- -- hosts: all - vars: - sap_general_preconfigure_assert: yes - sap_general_preconfigure_assert_ignore_errors: yes - sap_hana_preconfigure_assert: yes - sap_hana_preconfigure_assert_ignore_errors: yes - roles: - - role: sap_general_preconfigure - - role: sap_hana_preconfigure -``` - -## Example Usage - -Normal run, for configuring server host_1 for SAP HANA: -```yaml -ansible-playbook sap+hana.yml -l host_1 -``` - -Extended Check (assert) run, not aborting if an error has been found: -```yaml -ansible-playbook sap+hana-assert.yml -l host_1 -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap+hana-assert.yml -l host_1,host_2 | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## Contribution - -Please read the [developer guidelines](./README.DEV.md) if you want to contribute - -## License - -Apache license 2.0 - -## Author Information - -Red Hat for SAP Community of Practice, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber + diff --git a/roles/sap_hana_preconfigure/defaults/main.yml b/roles/sap_hana_preconfigure/defaults/main.yml index 8b95b4982..393a1b016 100644 --- a/roles/sap_hana_preconfigure/defaults/main.yml +++ b/roles/sap_hana_preconfigure/defaults/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # BEGIN: Default Variables for sap_hana_preconfigure @@ -129,10 +130,6 @@ sap_hana_preconfigure_kernel_parameters_ppc64le: "{{ __sap_hana_preconfigure_ker sap_hana_preconfigure_use_netapp_settings_nfs: false # Set to `true` to also set NetApp NFS required kernel parameters. -sap_hana_preconfigure_use_netapp_settings_nfsv3: false -# If `sap_hana_preconfigure_use_netapp_settings_nfs` is set to `true` and NFS Version 3 is to be used, -# this parameter must be set to `true` as well. - sap_hana_preconfigure_install_ibm_power_tools: true # Set this parameter to `false` to not install the IBM Power Systems service and productivity tools. @@ -169,18 +166,19 @@ sap_hana_preconfigure_run_grub2_mkconfig: true # It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999. # Example: See README.md -sap_hana_preconfigure_saptune_version: '' -# Version of saptune to install (SLES for SAP Applications). +# sap_hana_preconfigure_thp: (not defined by default) +# Override the default setting for THP, which is determined automatically by the role, depending on the RHEL version. +# Can be one of 'always', 'madvise', or 'never'. + +# (SUSE specific) Version of saptune to install. # It is recommended to install latest version by keeping this variable empty. # This will replace the current installed version if present, even downgrade if necessary. +sap_hana_preconfigure_saptune_version: '' +# (SUSE specific) Saptune solution to be applied. +# Available options for HANA are: HANA, NETWEAVER+HANA, S4HANA-APP+DB, S4HANA-DBSERVER sap_hana_preconfigure_saptune_solution: 'HANA' -# The saptune solution to apply (SLES for SAP Applications). -# Possible Values: -# - HANA -# - NETWEAVER+HANA -# - S4HANA-APP+DB -# - S4HANA-DBSERVER + sap_hana_preconfigure_saptune_azure: false # On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications). diff --git a/roles/sap_hana_preconfigure/handlers/main.yml b/roles/sap_hana_preconfigure/handlers/main.yml index ee7eb5c9d..4f3887f6f 100644 --- a/roles/sap_hana_preconfigure/handlers/main.yml +++ b/roles/sap_hana_preconfigure/handlers/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: "Check if server is booted in BIOS or UEFI mode" @@ -70,11 +71,16 @@ - name: "Run grubby for enabling TSX" ansible.builtin.command: grubby --args="tsx=on" --update-kernel=ALL - register: __sap_hana_preconfigure_register_grubby_update changed_when: true listen: __sap_hana_preconfigure_grubby_update_handler notify: __sap_hana_preconfigure_reboot_handler +- name: "Run grubby for setting THP to '{{ __sap_hana_preconfigure_fact_thp }}'" + ansible.builtin.command: grubby --args="transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}" --update-kernel=ALL + changed_when: true + listen: __sap_hana_preconfigure_grubby_thp_handler + notify: __sap_hana_preconfigure_reboot_handler + - name: Reboot the managed node ansible.builtin.reboot: test_command: /bin/true @@ -82,6 +88,18 @@ when: - sap_hana_preconfigure_reboot_ok | d(false) +# Kernel update triggers zypper purge-kernels and lock after reboot. +- name: Wait for Zypper lock to be released + ansible.builtin.command: + cmd: zypper info zypper + retries: 60 + timeout: 5 + listen: __sap_hana_preconfigure_reboot_handler + when: + - ansible_os_family == 'Suse' + - sap_hana_preconfigure_reboot_ok | d(false) + changed_when: false + - name: Let the role fail if a reboot is required ansible.builtin.fail: msg: Reboot is required! diff --git a/roles/sap_hana_preconfigure/meta/argument_specs.yml b/roles/sap_hana_preconfigure/meta/argument_specs.yml index c1b59e3bb..098aa7db4 100644 --- a/roles/sap_hana_preconfigure/meta/argument_specs.yml +++ b/roles/sap_hana_preconfigure/meta/argument_specs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requires: ansible 2.11 # Argument specifications in this separate file maintain backwards compatibility. @@ -272,14 +273,6 @@ argument_specs: required: false type: bool - sap_hana_preconfigure_use_netapp_settings_nfsv3: - default: false - description: - - If `sap_hana_preconfigure_use_netapp_settings_nfs` is set to `true` and NFS Version 3 is to be used, - - this parameter must be set to `true` as well. - required: false - type: bool - sap_hana_preconfigure_install_ibm_power_tools: default: true description: @@ -348,6 +341,18 @@ argument_specs: required: false type: bool + sap_hana_preconfigure_thp: + default: '' + description: + - Override the default setting for THP, which is determined automatically by the role, depending on the RHEL version. + choices: + - '' + - 'always' + - 'madvise' + - 'never' + required: false + type: str + sap_hana_preconfigure_db_group_name: description: - Use this parameter to specify the name of the RHEL group which is used for the database processes. @@ -358,9 +363,9 @@ argument_specs: type: str sap_hana_preconfigure_saptune_version: - default: '3.0.2' + default: '' description: - - Version of saptune to install (SLES for SAP Applications). + - (SUSE specific) Version of saptune to install. - This will replace the current installed version if present, even downgrade if necessary. required: false type: str @@ -368,7 +373,7 @@ argument_specs: sap_hana_preconfigure_saptune_solution: default: HANA description: - - The saptune solution to apply (SLES for SAP Applications). + - (SUSE specific) Saptune solution to be applied. choices: - 'HANA' - 'NETWEAVER+HANA' diff --git a/roles/sap_hana_preconfigure/meta/collection-requirements.yml b/roles/sap_hana_preconfigure/meta/collection-requirements.yml index 0a4e50f46..a1227178d 100644 --- a/roles/sap_hana_preconfigure/meta/collection-requirements.yml +++ b/roles/sap_hana_preconfigure/meta/collection-requirements.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- collections: diff --git a/roles/sap_hana_preconfigure/meta/main.yml b/roles/sap_hana_preconfigure/meta/main.yml index 5baea0a64..c4271d479 100644 --- a/roles/sap_hana_preconfigure/meta/main.yml +++ b/roles/sap_hana_preconfigure/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/assert-configuration.yml b/roles/sap_hana_preconfigure/tasks/RedHat/assert-configuration.yml index c98be6d14..d0cba4756 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/assert-configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/assert-configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - List required SAP Notes diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/assert-installation.yml b/roles/sap_hana_preconfigure/tasks/RedHat/assert-installation.yml index 1a829bacc..2b05f9c47 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/assert-installation.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/assert-installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that the system is running a RHEL release which is supported for SAP HANA diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/configuration.yml b/roles/sap_hana_preconfigure/tasks/RedHat/configuration.yml index 24815aa52..5d334ef0d 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - List required SAP Notes diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2055470-loop-block.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2055470-loop-block.yml index 99033b7fe..7456017a9 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2055470-loop-block.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2055470-loop-block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # loop block for sapnote/assert-2055470.yml diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2382421-loop-block.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2382421-loop-block.yml index acc436cac..ec6f093ab 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2382421-loop-block.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2382421-loop-block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # loop block for sapnote/assert-2382421.yml diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2777782-01-loop-block.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2777782-01-loop-block.yml index 6dc476aaf..d321f06bb 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2777782-01-loop-block.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2777782-01-loop-block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: 2777782-01 - Check if the directory '{{ line_item }}' exists diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-3024346-loop-block.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-3024346-loop-block.yml index bb1d1dd76..ec51662c4 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-3024346-loop-block.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-3024346-loop-block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # loop block for sapnote/assert-3024346.yml diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrt-ccpp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrt-ccpp.yml index fc96e8365..9c955b025 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrt-ccpp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrt-ccpp.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that service abrt-ccpp is disabled, and inactive or stopped diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrtd.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrtd.yml index 36a63798a..9b3196b14 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrtd.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrtd.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that service abrtd is disabled, and inactive or stopped diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-auto-numa-balancing.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-auto-numa-balancing.yml index 94628b8ae..7cacc9189 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-auto-numa-balancing.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-auto-numa-balancing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-c-states-for-lower-latency.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-c-states-for-lower-latency.yml index 070e212ae..8a4a54cd9 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-c-states-for-lower-latency.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-c-states-for-lower-latency.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "force_latency=70" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-coredumps.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-coredumps.yml index 572ad8d54..71eacff52 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-coredumps.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-coredumps.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Get info about file /etc/security/limits.d/99-sap.conf diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-cpu-governor-for-performance.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-cpu-governor-for-performance.yml index 42355de1a..789fa2df9 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-cpu-governor-for-performance.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-cpu-governor-for-performance.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "governor=performance" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-epb.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-epb.yml index 7dee8c28e..164fcacab 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-epb.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-epb.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-firewalld.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-firewalld.yml index 5cb157679..c212b4cce 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-firewalld.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-firewalld.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that service firewalld is disabled, and inactive or stopped diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-kdump.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-kdump.yml index de5c370fc..f1e61ef5d 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-kdump.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-kdump.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that service kdump is disabled, and inactive or stopped diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-ksm.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-ksm.yml index ef35913cc..98af0080f 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-ksm.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-ksm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Get info about file /etc/init.d/boot.local diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-selinux.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-selinux.yml index f1ecf86a9..2a1893327 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-selinux.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reason for noqa: Both yum and dnf support "state: latest" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-services.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-services.yml index cd01228d3..37c7e6fe4 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-services.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-services.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that service {{ __sap_hana_preconfigure_packages_and_services_svc }} is disabled diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml index f365fc88b..b13bf9966 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml @@ -1,7 +1,8 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" -- name: Perform steps for setting transparent_hugepage=never +# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" or "transparent_hugepages=madvise" +- name: Assert correct setting of THP when: not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_modify_grub_cmdline_linux or sap_hana_preconfigure_assert_all_config | d(false) @@ -10,23 +11,61 @@ - name: THP - Get contents of GRUB_CMDLINE_LINUX in /etc/default/grub ansible.builtin.command: grep GRUB_CMDLINE_LINUX /etc/default/grub register: __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert - changed_when: no - - - name: Assert that transparent_hugepage=never is in GRUB_CMDLINE_LINUX in /etc/default/grub - ansible.builtin.assert: - that: "'transparent_hugepage=never' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" - fail_msg: "FAIL: 'transparent_hugepage=never' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" - success_msg: "PASS: 'transparent_hugepage=never' is in GRUB_CMDLINE_LINUX in /etc/default/grub." - ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + changed_when: false - name: THP - Get contents of /proc/cmdline ansible.builtin.command: cat /proc/cmdline register: __sap_hana_preconfigure_register_proc_cmdline_thp_assert - changed_when: no + changed_when: false + + - name: THP - Get current status of THP + ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled + register: __sap_hana_preconfigure_register_sys_kernel_thp_assert + changed_when: false + + - name: Set fact for THP, RHEL up to RHEL 9.1 + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: 'never' + when: + - sap_hana_preconfigure_thp is undefined or sap_hana_preconfigure_thp | length == 0 + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '7' or + ansible_distribution_major_version == '8' or + ansible_distribution_version == '9.0' or + ansible_distribution_version == '9.1' + + - name: Set fact for THP, RHEL 9.2 and later + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: 'madvise' + when: + - sap_hana_preconfigure_thp is undefined or sap_hana_preconfigure_thp | length == 0 + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '9' and + __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 + + - name: Set fact for THP if 'sap_hana_preconfigure_thp' is defined + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: "{{ sap_hana_preconfigure_thp }}" + when: + - sap_hana_preconfigure_thp is defined and sap_hana_preconfigure_thp + + - name: Assert that 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in GRUB_CMDLINE_LINUX in /etc/default/grub + ansible.builtin.assert: + that: "'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" + fail_msg: "FAIL: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" + success_msg: "PASS: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in GRUB_CMDLINE_LINUX in /etc/default/grub." + ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + + - name: Assert that 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in /proc/cmdline + ansible.builtin.assert: + that: "'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' in __sap_hana_preconfigure_register_proc_cmdline_thp_assert.stdout" + fail_msg: "FAIL: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is not in /proc/cmdline!" + success_msg: "PASS: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in /proc/cmdline." + ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" - - name: Assert that transparent_hugepage=never is in /proc/cmdline + - name: Assert that THP currently has the correct status ansible.builtin.assert: - that: "'transparent_hugepage=never' in __sap_hana_preconfigure_register_proc_cmdline_thp_assert.stdout" - fail_msg: "FAIL: 'transparent_hugepage=never' is not in /proc/cmdline!" - success_msg: "PASS: 'transparent_hugepage=never' is in /proc/cmdline." + that: __sap_hana_preconfigure_register_sys_kernel_thp_assert.stdout.split('[')[1].split(']')[0] == '{{ __sap_hana_preconfigure_fact_thp }}' + fail_msg: "FAIL: THP is currently configured with the status of '{{ __sap_hana_preconfigure_register_sys_kernel_thp_assert.stdout.split('[')[1].split(']')[0] }}' but it needs to be '{{ __sap_hana_preconfigure_fact_thp }}'!" + success_msg: "PASS: THP is currently configured with the correct status of '{{ __sap_hana_preconfigure_fact_thp }}'!" ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tsx.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tsx.yml index 3a64d2d3c..951fdcd05 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tsx.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tsx.yml @@ -1,18 +1,20 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Perform steps for checking TSX when: - ansible_architecture == 'x86_64' - ansible_distribution == 'RedHat' - - ansible_distribution_major_version == '8' - - __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 3 + - (ansible_distribution_major_version >= '9') or + (ansible_distribution_major_version == '8' and + __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 3) block: # There are CPUs which are not capable of enabling the rtm flag, so we just report the status: - name: Get all CPU flags ansible.builtin.shell: set -o pipefail && lscpu | grep "^Flags:" register: __sap_hana_preconfigure_register_lscpu_flags - changed_when: no + changed_when: false - name: Report that the rtm CPU flag exists ansible.builtin.debug: @@ -29,7 +31,7 @@ - name: TSX - Get contents of GRUB_CMDLINE_LINUX in /etc/default/grub ansible.builtin.command: grep GRUB_CMDLINE_LINUX /etc/default/grub register: __sap_hana_preconfigure_register_default_grub_cmdline_tsx_assert - changed_when: no + changed_when: false - name: Assert that tsx=on is in GRUB_CMDLINE_LINUX in /etc/default/grub ansible.builtin.assert: @@ -56,7 +58,7 @@ - name: TSX - Get contents of /proc/cmdline ansible.builtin.command: cat /proc/cmdline register: __sap_hana_preconfigure_register_proc_cmdline_tsx_assert - changed_when: no + changed_when: false - name: Assert that tsx=on is in /proc/cmdline ansible.builtin.assert: diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tuned.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tuned.yml index 91ca78fc4..729c6bfac 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tuned.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tuned.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Display the version of tuned diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-c-states-for-lower-latency.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-c-states-for-lower-latency.yml index 8c1d3b55f..4f66c7392 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-c-states-for-lower-latency.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-c-states-for-lower-latency.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "force_latency=70" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-cpu-governor-for-performance.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-cpu-governor-for-performance.yml index 29d77964e..edc54174e 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-cpu-governor-for-performance.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-cpu-governor-for-performance.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "governor=performance" @@ -28,7 +29,7 @@ ansible.builtin.file: path: /etc/rc.d/rc.local state: touch - mode: 0644 + mode: "0644" - name: Configure CPU Governor for performance at boot time (x86_64 platform only) ansible.builtin.lineinfile: diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-epb.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-epb.yml index 42195b1e4..c14e08c33 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-epb.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-epb.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" @@ -29,7 +30,7 @@ ansible.builtin.file: path: /etc/init.d/boot.local state: touch - mode: 0755 + mode: "0755" - name: Configure EPB at boot time ansible.builtin.lineinfile: diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-selinux.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-selinux.yml index 8a24bedf5..e432e2e09 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-selinux.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Set a new SELinux mode variable to the SELinux status if 'disabled' or otherwise to diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml new file mode 100644 index 000000000..1c60776b9 --- /dev/null +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml @@ -0,0 +1,60 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +- name: Get boot command line + ansible.builtin.slurp: + src: /proc/cmdline + register: __sap_hana_preconfigure_register_proc_cmdline_thp + +- name: Set fact for THP, RHEL up to RHEL 9.1 + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: 'never' + when: + - sap_hana_preconfigure_thp is undefined or sap_hana_preconfigure_thp | length == 0 + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '7' or + ansible_distribution_major_version == '8' or + ansible_distribution_version == '9.0' or + ansible_distribution_version == '9.1' + +- name: Set fact for THP, RHEL 9.2 and later + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: 'madvise' + when: + - sap_hana_preconfigure_thp is undefined or sap_hana_preconfigure_thp | length == 0 + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '9' and + __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 + +- name: Set fact for THP if 'sap_hana_preconfigure_thp' is defined + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: "{{ sap_hana_preconfigure_thp }}" + when: + - sap_hana_preconfigure_thp is defined and sap_hana_preconfigure_thp + +- name: Set THP to '{{ __sap_hana_preconfigure_fact_thp }}' at boot time + ansible.builtin.command: /bin/true + notify: __sap_hana_preconfigure_grubby_thp_handler + changed_when: true + when: not ( __sap_hana_preconfigure_register_proc_cmdline_thp['content'] | b64decode | regex_findall('transparent_hugepage=' + __sap_hana_preconfigure_fact_thp) ) + tags: grubconfig + +- name: Configure - Get initial status of THP + ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled + register: __sap_hana_preconfigure_register_thp_status_before + changed_when: false + +- name: Set THP to '{{ __sap_hana_preconfigure_fact_thp }}' on the running system + ansible.builtin.shell: echo '{{ __sap_hana_preconfigure_fact_thp }}' > /sys/kernel/mm/transparent_hugepage/enabled + changed_when: true + when: __sap_hana_preconfigure_register_thp_status_before.stdout.split('[')[1].split(']')[0] != __sap_hana_preconfigure_fact_thp + +- name: Configure - Get the status of THP + ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled + register: __sap_hana_preconfigure_register_thp_status + ignore_errors: true + changed_when: false + +- name: Display the status of THP + ansible.builtin.debug: + var: __sap_hana_preconfigure_register_thp_status.stdout_lines, __sap_hana_preconfigure_register_thp_status.stderr_lines diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-tuned.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-tuned.yml index 152d6d0ee..8bfd2801c 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-tuned.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-tuned.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Perform specific steps for tuned profile on RHEL 8.0 ppc64le diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrt-ccpp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrt-ccpp.yml index 0f54d0bd5..d8d37cdf3 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrt-ccpp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrt-ccpp.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Disable abrt-ccpp diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrtd.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrtd.yml index 6d4f5e08b..73debe69e 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrtd.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrtd.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Disable abrtd diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-coredumps.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-coredumps.yml index a82bb1ada..758cfc231 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-coredumps.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-coredumps.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reasons for noqa: 1. Tabs can increase readability; @@ -7,7 +8,7 @@ ansible.builtin.lineinfile: path: /etc/security/limits.d/99-sap.conf create: yes - mode: 0644 + mode: "0644" regexp: '^\*\s+{{ line_item }}\s+core\s.*' line: "*\t{{ line_item }}\tcore\t0" with_items: diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-firewalld.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-firewalld.yml index 76c8c8a06..485c34b79 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-firewalld.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-firewalld.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Disable firewalld diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-kdump.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-kdump.yml index b9728bc10..463776c86 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-kdump.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-kdump.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Disable kdump diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-ksm.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-ksm.yml index 2e9f64c2f..556d3b217 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-ksm.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-ksm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Get info about file /etc/init.d/boot.local @@ -9,7 +10,7 @@ ansible.builtin.file: path: /etc/init.d/boot.local state: touch - mode: 0755 + mode: "0755" when: not __sap_hana_preconfigure_register_stat_boot_local_ksm.stat.exists - name: Disable KSM at boot time diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-services.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-services.yml index f379b3576..c32cb90df 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-services.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-services.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Disable service {{ __sap_hana_preconfigure_packages_and_services[line_item].svc }} diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-thp.yml index 99a446771..b462cabb3 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-thp.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/enable-tsx.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/enable-tsx.yml index 4566cd726..84c15b629 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/enable-tsx.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/enable-tsx.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Get boot command line @@ -12,7 +13,8 @@ when: - ansible_architecture == 'x86_64' - ansible_distribution == 'RedHat' - - ansible_distribution_major_version == '8' - - __sap_hana_preconfigure_fact_ansible_distribution_minor_version|int >= 3 + - (ansible_distribution_major_version >= '9') or + (ansible_distribution_major_version == '8' and + __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 3) - not ( __sap_hana_preconfigure_register_proc_cmdline['content'] | b64decode | regex_findall('tsx=on') ) tags: grubconfig diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/turn-off-auto-numa-balancing.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/turn-off-auto-numa-balancing.yml index ff15decb6..9cd4317f4 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/turn-off-auto-numa-balancing.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/turn-off-auto-numa-balancing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/installation.yml b/roles/sap_hana_preconfigure/tasks/RedHat/installation.yml index c93046e30..1ffcd4be5 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/installation.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Get the current RHEL release @@ -41,6 +42,7 @@ - name: Enable required repositories # noqa no-changed-when ansible.builtin.command: "subscription-manager repos {{ __sap_hana_preconfigure_fact_required_repos_args | map('quote') | join(' ') }}" register: __sap_hana_preconfigure_register_subscription_enable_repos + tags: molecule-idempotence-notest - name: Display the output of the subscription-manager repos --enable command ansible.builtin.debug: diff --git a/roles/sap_hana_preconfigure/tasks/SLES/assert-configuration.yml b/roles/sap_hana_preconfigure/tasks/SLES/assert-configuration.yml index 198c5238e..b2e96401f 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/assert-configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/assert-configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Populate service facts ansible.builtin.service_facts: @@ -38,24 +39,3 @@ fail_msg: "FAIL: the configured saptune solution is '{{ __sap_hana_preconfigure_saptune_configured_solution }}'' and does not match the expected solution '{{ sap_hana_preconfigure_saptune_solution }}'" success_msg: "PASS: the configured saptune solution matches the expected solution '{{ sap_hana_preconfigure_saptune_solution }}'" - -# If this is a cluster node on Azure, we need to override to disable tcp timestamps, reuse and recycle. -# This can be done by copying the sapnote file 2382421 from /usr/share/saptune/notes to /etc/saptune/override -# The value can then override in the in the new file - -# - name: Disable TCP timestamps, recycle & reuse -# ansible.builtin.blockinfile: -# path: /etc/saptune/override/2382421 -# create: yes -# backup: yes -# owner: root -# group: root -# mode: '0640' -# marker: "" -# block: | -# [sysctl] -# net.ipv4.tcp_timestamps = 0 -# net.ipv4.tcp_tw_reuse = 0 -# net.ipv4.tcp_tw_recycle = 0 -# when: -# - sap_hana_preconfigure_saptune_azure diff --git a/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml b/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml index 79e9442a5..c04f406a5 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Capture all patterns along with their install status - name: Get zypper pattern information diff --git a/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml b/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml index d91792f22..61b9b0818 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Takover saptune and enable when: __sap_hana_preconfigure_run_saptune @@ -7,6 +8,7 @@ name: sapconf state: stopped enabled: false + when: "'sapconf' in ansible_facts.packages" - name: Make sure that sapconf and tuned are stopped and disabled ansible.builtin.command: "saptune service takeover" @@ -90,6 +92,7 @@ # If this is a cluster node on Azure, we need to override to disable tcp timestamps, reuse and recycle. # This can be done by copying the sapnote file 2382421 from /usr/share/saptune/notes to /etc/saptune/override # The value can then override in the in the new file +# net.ipv4.tcp_tw_recycle = 0 was removed as it is not relevant for SLES 15+ - name: Disable TCP timestamps, recycle & reuse ansible.builtin.blockinfile: @@ -104,7 +107,6 @@ [sysctl] net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_tw_reuse = 0 - net.ipv4.tcp_tw_recycle = 0 when: - sap_hana_preconfigure_saptune_azure diff --git a/roles/sap_hana_preconfigure/tasks/SLES/installation.yml b/roles/sap_hana_preconfigure/tasks/SLES/installation.yml index a01037e27..270fe3eec 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reason for noqa: Both yum and dnf support "state: latest" - name: Ensure that the system is updated to the latest patchlevel # noqa package-latest @@ -6,6 +7,12 @@ name: "*" when: sap_hana_preconfigure_update | bool +# SAP Note 2892338 +- name: Ensure package insserv-compat exists + ansible.builtin.package: + state: present + name: insserv-compat + # ----------- - name: Get contents of /etc/products.d/baseproduct ansible.builtin.stat: diff --git a/roles/sap_hana_preconfigure/tasks/main.yml b/roles/sap_hana_preconfigure/tasks/main.yml index ca32ccc4c..1708ca6aa 100644 --- a/roles/sap_hana_preconfigure/tasks/main.yml +++ b/roles/sap_hana_preconfigure/tasks/main.yml @@ -1,15 +1,24 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Display the role path ansible.builtin.debug: var: role_path +# Load variable file starting with actual version up to OS family. +# Example for SUSE Linux Enterprise Server for SAP Applications 15 SP6: +# 1. SLES_SAP_15.6.yml - Specific to distribution with major and minor release. +# 2. SLES_SAP_15.yml - Specific to distribution and major release regardless of minor release. +# 3. SLES_15.6.yml - Specific to distribution family (SLES and SLES4SAP) and minor release. +# 4. SLES_15.yml - Specific to distribution. +# 5. Suse.yml - Specific to OS family. - name: Include OS specific vars ansible.builtin.include_vars: '{{ item }}' with_first_found: - - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' + - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_version }}.yml' + - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_os_family }}.yml' - name: Set filename prefix to empty string if role is run in normal mode diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/1275776/configuration.yml b/roles/sap_hana_preconfigure/tasks/sapnote/1275776/configuration.yml index 867647236..de00bca37 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/1275776/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/1275776/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # - name: "1275776 - Tips & Advice (start sapconf)" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/1275776/installation.yml b/roles/sap_hana_preconfigure/tasks/sapnote/1275776/installation.yml index 4a6ef5ba6..e4b24f0c9 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/1275776/installation.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/1275776/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: 1275776 - Installation saptune ansible.builtin.package: diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/1944799/configuration.yml b/roles/sap_hana_preconfigure/tasks/sapnote/1944799/configuration.yml index ed97d539c..51a15ea73 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/1944799/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/1944799/configuration.yml @@ -1 +1,2 @@ +# SPDX-License-Identifier: Apache-2.0 --- diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/1944799/installation.yml b/roles/sap_hana_preconfigure/tasks/sapnote/1944799/installation.yml index 6288c9fa8..c4d2ba26b 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/1944799/installation.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/1944799/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # base pattern defined in installation pdf # sap-hana and sap_server added by SVA (Thomas Bludau) diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2009879.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2009879.yml index a3c35f2fa..debcc6295 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2009879.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2009879.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # OS RELEASE: RHEL 6.x, 7.x # Check EUS Channels diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2009879_7.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2009879_7.yml index 44babf850..06ff0cb2f 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2009879_7.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2009879_7.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # OS RELEASE: RHEL 7.x # Check EUS Channels diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml index 21a0a7512..b3ba7a819 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # OS RELEASE: RHEL 7 # Platform: PPC64LE @@ -57,7 +58,7 @@ ansible.builtin.lineinfile: path: /etc/sysctl.d/ibm_largesend.conf create: yes - mode: 0644 + mode: "0644" regexp: ^{{ line_item.name }}.* line: "{{ line_item.name }}={{ line_item.value }}" state: present @@ -65,11 +66,25 @@ loop_control: loop_var: line_item -# Reason for noqa: We unconditionally reload the kernel parameters without first checking the current values - - name: Reload kernel parameters from file '/etc/sysctl.d/ibm_largesend.conf' # noqa no-changed-when +# Note: The sole purpose of the following two tasks is to collect the current value(s) of the kernel parameters +# in '/etc/sysctl.d/ibm_largesend.conf' so that the "Reload kernel parameters from file ..." task +# can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . + - name: Construct the command for getting all current parameters of file '/etc/sysctl.d/ibm_largesend.conf' + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' /etc/sysctl.d/ibm_largesend.conf + register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_command + changed_when: false + +# Reason for noqa: The command module tries to run the complete string as a single command + - name: Get all currently active values of the parameters of file '/etc/sysctl.d/ibm_largesend.conf' # noqa command-instead-of-shell + ansible.builtin.shell: "{{ __sap_hana_preconfigure_register_ibm_largesend_sysctl_command.stdout }}" + register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output_old + changed_when: false + + - name: Reload kernel parameters from file '/etc/sysctl.d/ibm_largesend.conf' ansible.builtin.command: sysctl -p /etc/sysctl.d/ibm_largesend.conf - register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output + register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output_new + changed_when: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output_old.stdout != __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output_new.stdout - name: Display largesend kernel parameters ansible.builtin.debug: - var: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output.stdout_lines + var: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output_new.stdout_lines diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690.yml index 93bb800e6..703eb6d5e 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Display SAP note number 2292690 and its version ansible.builtin.debug: diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-assert-tuned.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-assert-tuned.yml index a83b9025c..49efc74aa 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-assert-tuned.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-assert-tuned.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2292690-1 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-configure-tuned.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-configure-tuned.yml index cd1a6d95e..c45d9d48c 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-configure-tuned.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-configure-tuned.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2292690-1 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-assert-auto-numa-balancing.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-assert-auto-numa-balancing.yml index e3296d036..d4d3f506f 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-assert-auto-numa-balancing.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-assert-auto-numa-balancing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-turn-off-auto-numa-balancing.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-turn-off-auto-numa-balancing.yml index aabf98d86..f52fc71bd 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-turn-off-auto-numa-balancing.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-turn-off-auto-numa-balancing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-assert-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-assert-thp.yml index 9935ea665..24ed217e7 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-assert-thp.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-disable-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-disable-thp.yml index 7f4e24d57..106371743 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-disable-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-disable-thp.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-assert-c-states-for-lower-latency.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-assert-c-states-for-lower-latency.yml index 5481358a0..acb11d6d6 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-assert-c-states-for-lower-latency.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-assert-c-states-for-lower-latency.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "force_latency=70" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-configure-c-states-for-lower-latency.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-configure-c-states-for-lower-latency.yml index fb3b5f7d1..b856f1c67 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-configure-c-states-for-lower-latency.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-configure-c-states-for-lower-latency.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "force_latency=70" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-assert-cpu-governor.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-assert-cpu-governor.yml index e2549b68d..973690912 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-assert-cpu-governor.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-assert-cpu-governor.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "governor=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-configure-cpu-governor.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-configure-cpu-governor.yml index 8728d411c..9563328ff 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-configure-cpu-governor.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-configure-cpu-governor.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "governor=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-assert-epb.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-assert-epb.yml index 032b463f1..1a098e89d 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-assert-epb.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-assert-epb.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-configure-epb.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-configure-epb.yml index a02b2aae5..2a5e3a9f1 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-configure-epb.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-configure-epb.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-assert-ksm.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-assert-ksm.yml index 886a8af70..d582c5a54 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-assert-ksm.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-assert-ksm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2292690-7 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-disable-ksm.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-disable-ksm.yml index e96f62341..cc38ab1db 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-disable-ksm.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-disable-ksm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2292690-7 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-assert-etc-sudoers.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-assert-etc-sudoers.yml index 8311241ed..19c3b59e3 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-assert-etc-sudoers.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-assert-etc-sudoers.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2292690-9 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-check-etc-sudoers.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-check-etc-sudoers.yml index 23750c1cf..5eed177a1 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-check-etc-sudoers.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-check-etc-sudoers.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2292690-9 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-assert-ibm-energyscale.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-assert-ibm-energyscale.yml index e2bec3177..f1765d28b 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-assert-ibm-energyscale.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-assert-ibm-energyscale.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- #### Special recommendations for Power 8 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-ibm-energyscale.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-ibm-energyscale.yml index d6f9dfae7..a30e82ca3 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-ibm-energyscale.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-ibm-energyscale.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- #### Special recommendations for Power 8 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml index 3593e8daf..32ee24ad1 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SAP Note: 2382421 - Optimizing the Network Configuration on HANA- and OS-Level # @@ -10,11 +11,11 @@ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2382421 | d(false) block: - - name: Modify entries in file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' + - name: Ensure correct entries in file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' ansible.builtin.lineinfile: path: "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" create: yes - mode: 0644 + mode: "0644" regexp: ^{{ line_item.name }}.* line: "{{ line_item.name }}={{ line_item.value }}" state: present @@ -52,7 +53,7 @@ ansible.builtin.lineinfile: path: "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" create: yes - mode: 0644 + mode: "0644" regexp: ^net.core.wmem_max.* line: "net.core.wmem_max={{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem.stdout.split()[-1] }}" state: present @@ -61,16 +62,29 @@ ansible.builtin.lineinfile: path: "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" create: yes - mode: 0644 + mode: "0644" regexp: ^net.core.rmem_max.* line: "net.core.rmem_max={{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem.stdout.split()[-1] }}" state: present -# Reason for noqa: We unconditionally reload the kernel parameters without first checking the current values - - name: Reload kernel parameters from file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' # noqa no-changed-when +# Note: The sole purpose of the following two tasks is to collect the current value(s) of the kernel parameters +# in __sap_hana_preconfigure_etc_sysctl_saphana_conf so that the "Reload kernel parameters from file ..." task +# can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . + - name: Construct the command for getting all current parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" + register: __sap_hana_preconfigure_register_saphana_conf_sysctl_command + changed_when: false + + - name: Get all currently active values of the parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' + ansible.builtin.command: "{{ __sap_hana_preconfigure_register_saphana_conf_sysctl_command.stdout }}" + register: __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output_old + changed_when: false + + - name: Reload kernel parameters from file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' ansible.builtin.command: sysctl -p "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" - register: __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output + register: __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output_new + changed_when: __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output_old.stdout != __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output_new.stdout - name: Display kernel parameters for network tuning ansible.builtin.debug: - var: __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output.stdout_lines + var: __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output_new.stdout_lines diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2578899/configuration.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2578899/configuration.yml index 140d15bcb..7ee50bfb0 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2578899/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2578899/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: 2588899 - I/O scheduler diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2578899/installation.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2578899/installation.yml index 11508c4e9..76685b377 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2578899/installation.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2578899/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requires SLE-Module-Legacy15 Module - name: "2578899 - SAP HANA database" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml index 8d44d73d2..ce8da0002 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Disable numa_balancing at boot @@ -65,7 +66,7 @@ - name: "Energy Performance Bias (EPB, applies to Intel-based systems only)" ansible.builtin.lineinfile: path: /etc/init.d/boot.local - mode: 0744 + mode: "0744" line: 'cpupower set -b 0' state: present create: yes @@ -73,7 +74,7 @@ - name: Kernel samepage merging (KSM) ansible.builtin.lineinfile: dest: /etc/init.d/boot.local - mode: 0744 + mode: "0744" line: echo 0 > /sys/kernel/mm/ksm/run state: present create: yes diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2684254/installation.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2684254/installation.yml index d2b7ed823..d3de8971b 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2684254/installation.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2684254/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Additional notes for the installation of HANA 1.0 SPS12 and HANA 2.0 SPS03 - name: 2777782 - Additional notes for the installation of HANA 1.0 SPS12 and HANA 2.0 SPS03 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml index bd1184e2e..d200a097d 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Display SAP note number 2777782 and its version ansible.builtin.debug: @@ -22,8 +23,8 @@ ansible.builtin.import_tasks: 2777782/04-turn-off-auto-numa-balancing.yml when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_04|d(false) -- name: Import tasks from '2777782/05-disable-thp.yml' - ansible.builtin.import_tasks: 2777782/05-disable-thp.yml +- name: Import tasks from '2777782/05-configure-thp.yml' + ansible.builtin.import_tasks: 2777782/05-configure-thp.yml when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_05|d(false) - name: Import tasks from '2777782/06-configure-c-states-for-lower-latency.yml' diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-assert-selinux.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-assert-selinux.yml index 715819c85..98a9d12ab 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-assert-selinux.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-assert-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2777782-1 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-configure-selinux.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-configure-selinux.yml index 0aead6a74..0ab87b25f 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-configure-selinux.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-configure-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2777782-1 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-assert-tuned.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-assert-tuned.yml index b61b61b5a..049d94ecb 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-assert-tuned.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-assert-tuned.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2777782-2 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-configure-tuned.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-configure-tuned.yml index 3cc3f7a27..c7dbd6a2a 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-configure-tuned.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-configure-tuned.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2777782-2 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-assert-abrt-coredumps-kdump.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-assert-abrt-coredumps-kdump.yml index f995add3b..1bc02908c 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-assert-abrt-coredumps-kdump.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-assert-abrt-coredumps-kdump.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2777782-3 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-disable-abrt-coredumps-kdump.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-disable-abrt-coredumps-kdump.yml index 738e06f07..465b0157e 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-disable-abrt-coredumps-kdump.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-disable-abrt-coredumps-kdump.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2777782-3 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-assert-auto-numa-balancing.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-assert-auto-numa-balancing.yml index e685c4677..66c9373c1 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-assert-auto-numa-balancing.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-assert-auto-numa-balancing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-turn-off-auto-numa-balancing.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-turn-off-auto-numa-balancing.yml index 81d95a43f..965aad60f 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-turn-off-auto-numa-balancing.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-turn-off-auto-numa-balancing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-assert-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-assert-thp.yml index a7000dd85..5babd2edd 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-assert-thp.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-configure-thp.yml similarity index 56% rename from roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml rename to roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-configure-thp.yml index 5ee91783b..ee541f7cc 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-configure-thp.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" @@ -5,5 +6,5 @@ ansible.builtin.debug: msg: "SAP note 2777782 Step 5: Disable Transparent Hugepages (THP)" -- name: Import ../../RedHat/generic/disable-thp.yml - ansible.builtin.import_tasks: ../../RedHat/generic/disable-thp.yml +- name: Import ../../RedHat/generic/configure-thp.yml + ansible.builtin.import_tasks: ../../RedHat/generic/configure-thp.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-assert-c-states-for-lower-latency.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-assert-c-states-for-lower-latency.yml index 9ed6cc068..d50169c03 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-assert-c-states-for-lower-latency.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-assert-c-states-for-lower-latency.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "force_latency=70" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-configure-c-states-for-lower-latency.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-configure-c-states-for-lower-latency.yml index 445a43654..1c794352b 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-configure-c-states-for-lower-latency.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-configure-c-states-for-lower-latency.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "force_latency=70" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-assert-cpu-governor.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-assert-cpu-governor.yml index 8a600b0fb..19f369abc 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-assert-cpu-governor.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-assert-cpu-governor.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "governor=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-configure-cpu-governor.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-configure-cpu-governor.yml index 40d22dcbf..30aaee040 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-configure-cpu-governor.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-configure-cpu-governor.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "governor=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-assert-epb.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-assert-epb.yml index d7fb09e88..8f7b969f8 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-assert-epb.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-assert-epb.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-configure-epb.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-configure-epb.yml index 0d6c3a2ee..892e14cb1 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-configure-epb.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-configure-epb.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-assert-ksm.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-assert-ksm.yml index 3393445b9..ca887c23a 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-assert-ksm.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-assert-ksm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2777782-9 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-disable-ksm.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-disable-ksm.yml index a9cde0c26..6924720f1 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-disable-ksm.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-disable-ksm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2777782-9 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-assert-pidmax.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-assert-pidmax.yml index 3239fb7fc..2a0ee37f7 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-assert-pidmax.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-assert-pidmax.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2777782-10 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-increase-pidmax.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-increase-pidmax.yml index 9099120d3..a39ebbe99 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-increase-pidmax.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-increase-pidmax.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2777782-10 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-assert-tsx.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-assert-tsx.yml index bf8e695ca..95b5a6e34 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-assert-tsx.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-assert-tsx.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 2777782-11 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-enable-tsx.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-enable-tsx.yml index 509e152a3..433bc926d 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-enable-tsx.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-enable-tsx.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 2777782-11 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml index 67c92ac5f..795bbfcb2 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SAP Note: 3024346 - Linux Kernel Settings for NetApp NFS # @@ -12,11 +13,11 @@ - sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3024346|d(false) block: - - name: Modify entries in file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' + - name: Ensure correct entries in file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' ansible.builtin.lineinfile: path: "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" create: yes - mode: 0644 + mode: "0644" regexp: ^{{ line_item.name }}.* line: "{{ line_item.name }}={{ line_item.value }}" state: present @@ -24,20 +25,51 @@ loop_control: loop_var: line_item -# Reason for noqa: We unconditionally reload the kernel parameters without first checking the current values - - name: Reload kernel parameters from file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' # noqa no-changed-when +# Due to sysctl config file precedence rules, it can happen that previous entries in +# __sap_hana_preconfigure_etc_sysctl_saphana_conf remain in effect even after setting +# different parameter values in __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf. +# So we have to ensure that those duplicate entries are not present. +# See also https://github.com/sap-linuxlab/community.sap_install/issues/196. + - name: Ensure kernel tunables for NetApp NFS are not in file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' + ansible.builtin.lineinfile: + path: "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" + regexp: ^{{ line_item }} + state: absent + with_items: + - 'net.core.wmem_max' + - 'net.core.rmem_max' + loop_control: + loop_var: line_item + +# Note: The sole purpose of the following two tasks is to collect the current value(s) of the kernel parameters +# in __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf so that the "Reload kernel parameters from file ..." task +# can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . + - name: Construct the command for getting all current parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" + register: __sap_hana_preconfigure_register_netapp_sysctl_command + changed_when: false + +# Reason for noqa - risky-shell-pipe: when adding 'set -o pipefail', the complete string is attempted to be executed as a single command. +# Also the command after the pipe is not expected to fail. +# Reason for noqa - no-tabs: This is a false positive in ansible-lint 6.22.2, removed in 24.5.0. See https://github.com/ansible/ansible-lint/issues/4020 + - name: Get all currently active values of the parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' # noqa risky-shell-pipe no-tabs + ansible.builtin.shell: "{{ __sap_hana_preconfigure_register_netapp_sysctl_command.stdout }} | sed 's,\t, ,g'" + register: __sap_hana_preconfigure_register_netapp_sysctl_p_output_old + changed_when: false + + - name: Reload kernel parameters from file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' ansible.builtin.command: sysctl -p "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" - register: __sap_hana_preconfigure_register_netapp_sysctl_p_output + register: __sap_hana_preconfigure_register_netapp_sysctl_p_output_new + changed_when: __sap_hana_preconfigure_register_netapp_sysctl_p_output_old.stdout != __sap_hana_preconfigure_register_netapp_sysctl_p_output_new.stdout - name: Display kernel parameters for NetApp NFS ansible.builtin.debug: - var: __sap_hana_preconfigure_register_netapp_sysctl_p_output.stdout_lines + var: __sap_hana_preconfigure_register_netapp_sysctl_p_output_new.stdout_lines - - name: Set kernel tunable for NFSv3 as per SAP note 3024346 + - name: Set kernel tunable 'tcp_max_slot_table_entries' to '128' in file '/etc/modprobe.d/sunrpc.conf' ansible.builtin.lineinfile: path: /etc/modprobe.d/sunrpc.conf - create: yes - mode: 0644 + create: true + mode: "0644" regexp: '^options sunrpc tcp_max_slot_table_entries' line: options sunrpc tcp_max_slot_table_entries=128 - when: sap_hana_preconfigure_use_netapp_settings_nfsv3 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml index 984f8246d..f2cf27499 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Display SAP note number 3108302 and its version ansible.builtin.debug: @@ -22,8 +23,8 @@ ansible.builtin.import_tasks: 3108302/04-turn-off-auto-numa-balancing.yml when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_04|d(false) -- name: Import tasks from '3108302/05-disable-thp.yml' - ansible.builtin.import_tasks: 3108302/05-disable-thp.yml +- name: Import tasks from '3108302/05-configure-thp.yml' + ansible.builtin.import_tasks: 3108302/05-configure-thp.yml when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_05|d(false) - name: Import tasks from '3108302/06-configure-c-states-for-lower-latency.yml' diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-assert-selinux.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-assert-selinux.yml index 7113eef72..97f88397d 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-assert-selinux.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-assert-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108302-1 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-configure-selinux.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-configure-selinux.yml index ec9812923..2a7e7699d 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-configure-selinux.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-configure-selinux.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108302-1 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-assert-tuned.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-assert-tuned.yml index ba912890c..547775cdf 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-assert-tuned.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-assert-tuned.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108302-2 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-configure-tuned.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-configure-tuned.yml index e766b63bd..a14675024 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-configure-tuned.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-configure-tuned.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108302-2 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-assert-abrt-coredumps-kdump.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-assert-abrt-coredumps-kdump.yml index 86ba78076..3e4d41aee 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-assert-abrt-coredumps-kdump.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-assert-abrt-coredumps-kdump.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108302-3 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-disable-abrt-coredumps-kdump.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-disable-abrt-coredumps-kdump.yml index 228a32783..6c05d9c8b 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-disable-abrt-coredumps-kdump.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-disable-abrt-coredumps-kdump.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108302-3 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-assert-auto-numa-balancing.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-assert-auto-numa-balancing.yml index d3abd862e..5519d38f2 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-assert-auto-numa-balancing.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-assert-auto-numa-balancing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-turn-off-auto-numa-balancing.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-turn-off-auto-numa-balancing.yml index 3250fa04f..fd8d81b6a 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-turn-off-auto-numa-balancing.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-turn-off-auto-numa-balancing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml index a2d0f88b9..9573a190e 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml @@ -1,9 +1,10 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" - name: Assert 3108302-5 ansible.builtin.debug: - msg: "SAP note 3108302 Step 5: Disable Transparent Hugepages (THP)" + msg: "SAP note 3108302 Step 5: Configure Transparent Hugepages (THP)" - name: Import ../../RedHat/generic/assert-thp.yml ansible.builtin.import_tasks: ../../RedHat/generic/assert-thp.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-configure-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-configure-thp.yml new file mode 100644 index 000000000..f9d1fa746 --- /dev/null +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-configure-thp.yml @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" or "transparent_hugepages=madvise" +- name: Configure 3108302-5 + ansible.builtin.debug: + msg: "SAP note 3108302 Step 5: Configure Transparent Hugepages (THP)" + +- name: Import ../../RedHat/generic/configure-thp.yml + ansible.builtin.import_tasks: ../../RedHat/generic/configure-thp.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml deleted file mode 100644 index d280bacc0..000000000 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- - -# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" -- name: Configure 3108302-5 - ansible.builtin.debug: - msg: "SAP note 3108302 Step 5: Disable Transparent Hugepages (THP)" - -- name: Import ../../RedHat/generic/disable-thp.yml - ansible.builtin.import_tasks: ../../RedHat/generic/disable-thp.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-assert-c-states-for-lower-latency.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-assert-c-states-for-lower-latency.yml index fd9171ffc..b2e2792d0 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-assert-c-states-for-lower-latency.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-assert-c-states-for-lower-latency.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "force_latency=70" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-configure-c-states-for-lower-latency.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-configure-c-states-for-lower-latency.yml index 53de721d0..dcd9ffe52 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-configure-c-states-for-lower-latency.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-configure-c-states-for-lower-latency.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "force_latency=70" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-assert-cpu-governor.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-assert-cpu-governor.yml index 5e1c131f1..16e74941d 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-assert-cpu-governor.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-assert-cpu-governor.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "governor=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-configure-cpu-governor.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-configure-cpu-governor.yml index ad1fddfbf..788422636 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-configure-cpu-governor.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-configure-cpu-governor.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "governor=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-assert-epb.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-assert-epb.yml index 92636137d..93c6988d7 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-assert-epb.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-assert-epb.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-configure-epb.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-configure-epb.yml index cfad92ada..65a062565 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-configure-epb.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-configure-epb.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-assert-ksm.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-assert-ksm.yml index 114b551ed..773b89713 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-assert-ksm.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-assert-ksm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108302-9 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-disable-ksm.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-disable-ksm.yml index a8416b8a8..46e6011c3 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-disable-ksm.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-disable-ksm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108302-9 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-assert-pidmax.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-assert-pidmax.yml index 6fa9f56c0..e8599f69b 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-assert-pidmax.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-assert-pidmax.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108302-10 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-increase-pidmax.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-increase-pidmax.yml index d4962aeb2..64c7e4041 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-increase-pidmax.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-increase-pidmax.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108302-10 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-assert-tsx.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-assert-tsx.yml index 2210cc460..f6c4e663f 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-assert-tsx.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-assert-tsx.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert 3108302-11 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-enable-tsx.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-enable-tsx.yml index 55ec8538a..56d81f745 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-enable-tsx.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-enable-tsx.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure 3108302-11 diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879.yml index ce2b1519a..296f33413 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # OS RELEASE: RHEL 6.x, 7.x # Check EUS Channels diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879_7.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879_7.yml index f6176b580..f65962c4d 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879_7.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879_7.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # OS RELEASE: RHEL 7.x # Check EUS Channels diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2055470.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2055470.yml index 00d4215b4..39bc50b0c 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2055470.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2055470.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # OS RELEASE: RHEL 7 # Platform: PPC64LE diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2292690.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2292690.yml index 783edd6b4..6532f50e7 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2292690.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2292690.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Display SAP note number 2292690 and its version ansible.builtin.debug: diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2382421.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2382421.yml index e847d374e..824684ffb 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2382421.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2382421.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # OS RELEASE: RHEL 7 # SAP Note: 2382421 - Optimizing the Network Configuration on HANA- and OS-Level diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2777782.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2777782.yml index 8efa90274..cd5195bf2 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-2777782.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-2777782.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Display SAP note number 2777782 and its version ansible.builtin.debug: diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-3024346.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-3024346.yml index 8910a1dd0..7dcbd7b6b 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-3024346.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-3024346.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SAP Note: 3024346 - Linux Kernel Settings for NetApp NFS # @@ -42,25 +43,25 @@ - sap_hana_preconfigure_use_netapp_settings_nfs | d(false) - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) -- name: Check NetApp modprobe conf file for SAP HANA with NFSv3 +- name: Check NetApp modprobe conf file for SAP HANA when: - - sap_hana_preconfigure_use_netapp_settings_nfsv3 | d(false) + - sap_hana_preconfigure_use_netapp_settings_nfs | d(false) - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) block: - - name: Get info about file /etc/modprobe.d/sunrpc.conf + - name: Get info about file '/etc/modprobe.d/sunrpc.conf' ansible.builtin.stat: path: /etc/modprobe.d/sunrpc.conf register: __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert - - name: Assert that file /etc/modprobe.d/sunrpc.conf exists + - name: Assert that file '/etc/modprobe.d/sunrpc.conf' exists ansible.builtin.assert: that: __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.exists fail_msg: "FAIL: File /etc/modprobe.d/sunrpc.conf does not exist!" success_msg: "PASS: File /etc/modprobe.d/sunrpc.conf exists." ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" - - name: Assert that file /etc/modprobe.d/sunrpc.conf is a regular file + - name: Assert that file '/etc/modprobe.d/sunrpc.conf' is a regular file ansible.builtin.assert: that: __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.isreg fail_msg: "FAIL: File /etc/modprobe.d/sunrpc.conf is not a regular file!" @@ -68,17 +69,17 @@ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" when: __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.exists -- name: Get value of 'options sunrpc tcp_max_slot_table_entries' from /etc/modprobe.d/sunrpc.conf +- name: Get value of 'options sunrpc tcp_max_slot_table_entries' from '/etc/modprobe.d/sunrpc.conf' ansible.builtin.command: awk 'BEGIN{FS="="}/options sunrpc tcp_max_slot_table_entries/{print $NF}' /etc/modprobe.d/sunrpc.conf register: __sap_hana_preconfigure_register_tcp_max_slot_table_entries_assert changed_when: no ignore_errors: yes when: - - sap_hana_preconfigure_use_netapp_settings_nfsv3 | d(false) + - sap_hana_preconfigure_use_netapp_settings_nfs | d(false) - __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.exists - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) -- name: Assert that 'options sunrpc tcp_max_slot_table_entries' is set correctly in /etc/modprobe.d/sunrpc.conf +- name: Assert that 'options sunrpc tcp_max_slot_table_entries' is set correctly in '/etc/modprobe.d/sunrpc.conf' ansible.builtin.assert: that: __sap_hana_preconfigure_register_tcp_max_slot_table_entries_assert.stdout == '128' fail_msg: "FAIL: The value of 'options sunrpc tcp_max_slot_table_entries' in '/etc/modprobe.d/sunrpc.conf' is @@ -87,6 +88,6 @@ '{{ __sap_hana_preconfigure_register_tcp_max_slot_table_entries_assert.stdout }}'." ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" when: - - sap_hana_preconfigure_use_netapp_settings_nfsv3 | d(false) + - sap_hana_preconfigure_use_netapp_settings_nfs | d(false) - __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.exists - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml index 1727a0c5b..972a11a61 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Display SAP note number 3108302 and its version ansible.builtin.debug: diff --git a/roles/sap_hana_preconfigure/tests/sap_hana_preconfigure-default-settings.yml b/roles/sap_hana_preconfigure/tests/sap_hana_preconfigure-default-settings.yml index 561b391e8..0de4167b1 100644 --- a/roles/sap_hana_preconfigure/tests/sap_hana_preconfigure-default-settings.yml +++ b/roles/sap_hana_preconfigure/tests/sap_hana_preconfigure-default-settings.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - hosts: all collections: diff --git a/roles/sap_hana_preconfigure/vars/RedHat_7.yml b/roles/sap_hana_preconfigure/vars/RedHat_7.yml index 182813add..e1c09763a 100644 --- a/roles/sap_hana_preconfigure/vars/RedHat_7.yml +++ b/roles/sap_hana_preconfigure/vars/RedHat_7.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # supported RHEL 7 minor releases for SAP HANA: @@ -44,14 +45,14 @@ __sap_hana_preconfigure_sapnotes_versions_x86_64: - { number: '2009879', version: '28' } - { number: '2292690', version: '38' } - { number: '2382421', version: '40' } - - { number: '3024346', version: '3' } + - { number: '3024346', version: '10' } __sap_hana_preconfigure_sapnotes_versions_ppc64le: - { number: '2009879', version: '28' } - { number: '2055470', version: '85' } - { number: '2292690', version: '38' } - { number: '2382421', version: '40' } - - { number: '3024346', version: '3' } + - { number: '3024346', version: '10' } __sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" diff --git a/roles/sap_hana_preconfigure/vars/RedHat_8.yml b/roles/sap_hana_preconfigure/vars/RedHat_8.yml index 5b77385af..d21a720d7 100644 --- a/roles/sap_hana_preconfigure/vars/RedHat_8.yml +++ b/roles/sap_hana_preconfigure/vars/RedHat_8.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # supported RHEL 8 minor releases for SAP HANA: @@ -8,6 +9,7 @@ __sap_hana_preconfigure_supported_rhel_minor_releases: - "8.4" - "8.6" - "8.8" + - "8.10" # required repos for RHEL 8: __sap_hana_preconfigure_req_repos_redhat_8_0_x86_64: @@ -122,15 +124,15 @@ __sap_hana_preconfigure_req_repos_redhat_8_10_ppc64le: # required SAP notes for RHEL 8: __sap_hana_preconfigure_sapnotes_versions_x86_64: - - { number: '2777782', version: '40' } + - { number: '2777782', version: '49' } - { number: '2382421', version: '40' } - - { number: '3024346', version: '3' } + - { number: '3024346', version: '10' } __sap_hana_preconfigure_sapnotes_versions_ppc64le: - { number: '2055470', version: '87' } - - { number: '2777782', version: '40' } + - { number: '2777782', version: '49' } - { number: '2382421', version: '40' } - - { number: '3024346', version: '3' } + - { number: '3024346', version: '10' } __sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" @@ -187,6 +189,16 @@ __sap_hana_preconfigure_min_packages_8_8_x86_64: __sap_hana_preconfigure_min_packages_8_8_ppc64le: - [ 'kernel', '4.18.0-477.13.1.el8_8' ] +__sap_hana_preconfigure_min_packages_8_9_x86_64: + +__sap_hana_preconfigure_min_packages_8_9_ppc64le: + +__sap_hana_preconfigure_min_packages_8_10_x86_64: + - [ 'kernel', '4.18.0-553.16.1.el8_10' ] + +__sap_hana_preconfigure_min_packages_8_10_ppc64le: + - [ 'kernel', '4.18.0-553.16.1.el8_10' ] + __sap_hana_preconfigure_min_pkgs: "{{ lookup('vars', '__sap_hana_preconfigure_min_packages_' + ansible_distribution_version | string | replace(\".\", \"_\") + '_' + ansible_architecture) }}" __sap_hana_preconfigure_packages: diff --git a/roles/sap_hana_preconfigure/vars/RedHat_9.0.yml b/roles/sap_hana_preconfigure/vars/RedHat_9.0.yml new file mode 100644 index 000000000..573d10263 --- /dev/null +++ b/roles/sap_hana_preconfigure/vars/RedHat_9.0.yml @@ -0,0 +1,306 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# supported RHEL 9 minor releases for SAP HANA: +__sap_hana_preconfigure_supported_rhel_minor_releases: + - "9.0" + - "9.2" + - "9.4" + +# required repos for RHEL 9: +__sap_hana_preconfigure_req_repos_redhat_9_0_x86_64: + - "rhel-9-for-x86_64-baseos-e4s-rpms" + - "rhel-9-for-x86_64-appstream-e4s-rpms" + - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_0_ppc64le: + - "rhel-9-for-ppc64le-baseos-e4s-rpms" + - "rhel-9-for-ppc64le-appstream-e4s-rpms" + - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_1_x86_64: + - "rhel-9-for-x86_64-baseos-rpms" + - "rhel-9-for-x86_64-appstream-rpms" + - "rhel-9-for-x86_64-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_1_ppc64le: + - "rhel-9-for-ppc64le-baseos-rpms" + - "rhel-9-for-ppc64le-appstream-rpms" + - "rhel-9-for-ppc64le-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_2_x86_64: + - "rhel-9-for-x86_64-baseos-e4s-rpms" + - "rhel-9-for-x86_64-appstream-e4s-rpms" + - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_2_ppc64le: + - "rhel-9-for-ppc64le-baseos-e4s-rpms" + - "rhel-9-for-ppc64le-appstream-e4s-rpms" + - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_3_x86_64: + - "rhel-9-for-x86_64-baseos-rpms" + - "rhel-9-for-x86_64-appstream-rpms" + - "rhel-9-for-x86_64-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_3_ppc64le: + - "rhel-9-for-ppc64le-baseos-rpms" + - "rhel-9-for-ppc64le-appstream-rpms" + - "rhel-9-for-ppc64le-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_4_x86_64: + - "rhel-9-for-x86_64-baseos-e4s-rpms" + - "rhel-9-for-x86_64-appstream-e4s-rpms" + - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_4_ppc64le: + - "rhel-9-for-ppc64le-baseos-e4s-rpms" + - "rhel-9-for-ppc64le-appstream-e4s-rpms" + - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_5_x86_64: + - "rhel-9-for-x86_64-baseos-rpms" + - "rhel-9-for-x86_64-appstream-rpms" + - "rhel-9-for-x86_64-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_5_ppc64le: + - "rhel-9-for-ppc64le-baseos-rpms" + - "rhel-9-for-ppc64le-appstream-rpms" + - "rhel-9-for-ppc64le-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_6_x86_64: + - "rhel-9-for-x86_64-baseos-e4s-rpms" + - "rhel-9-for-x86_64-appstream-e4s-rpms" + - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_6_ppc64le: + - "rhel-9-for-ppc64le-baseos-e4s-rpms" + - "rhel-9-for-ppc64le-appstream-e4s-rpms" + - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_7_x86_64: + - "rhel-9-for-x86_64-baseos-rpms" + - "rhel-9-for-x86_64-appstream-rpms" + - "rhel-9-for-x86_64-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_7_ppc64le: + - "rhel-9-for-ppc64le-baseos-rpms" + - "rhel-9-for-ppc64le-appstream-rpms" + - "rhel-9-for-ppc64le-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_8_x86_64: + - "rhel-9-for-x86_64-baseos-e4s-rpms" + - "rhel-9-for-x86_64-appstream-e4s-rpms" + - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_8_ppc64le: + - "rhel-9-for-ppc64le-baseos-e4s-rpms" + - "rhel-9-for-ppc64le-appstream-e4s-rpms" + - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_9_x86_64: + - "rhel-9-for-x86_64-baseos-rpms" + - "rhel-9-for-x86_64-appstream-rpms" + - "rhel-9-for-x86_64-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_9_ppc64le: + - "rhel-9-for-ppc64le-baseos-rpms" + - "rhel-9-for-ppc64le-appstream-rpms" + - "rhel-9-for-ppc64le-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_10_x86_64: + - "rhel-9-for-x86_64-baseos-rpms" + - "rhel-9-for-x86_64-appstream-rpms" + - "rhel-9-for-x86_64-sap-solutions-rpms" + +__sap_hana_preconfigure_req_repos_redhat_9_10_ppc64le: + - "rhel-9-for-ppc64le-baseos-rpms" + - "rhel-9-for-ppc64le-appstream-rpms" + - "rhel-9-for-ppc64le-sap-solutions-rpms" + +# required SAP notes for RHEL 9: +__sap_hana_preconfigure_sapnotes_versions_x86_64: + - { number: '3108302', version: '11' } + - { number: '2382421', version: '47' } + - { number: '3024346', version: '11' } + +__sap_hana_preconfigure_sapnotes_versions_ppc64le: + - { number: '2055470', version: '90' } + - { number: '3108302', version: '11' } + - { number: '2382421', version: '47' } + - { number: '3024346', version: '11' } + +__sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" + +# In SAP Note XXX, certain minimal required packages for the different RHEL 9 minor releases are listed. +# The following will assign them properly to __sap_hana_preconfigure_min_pkgs. +# If variable __sap_hana_preconfigure_min_packages_VERSION_ARCH is not defined, +# variable __sap_hana_preconfigure_min_pkgs will be undefined as well. + +# Minimum required package levels for RHEL 9.0: +__sap_hana_preconfigure_min_packages_9_0_x86_64: + - [ 'kernel', '5.14.0-70.22.1.el9_0' ] + +__sap_hana_preconfigure_min_packages_9_0_ppc64le: + - [ 'kernel', '5.14.0-70.43.1.el9_0' ] + - [ 'glibc', '2.34-28.el9_0.3' ] + +__sap_hana_preconfigure_min_packages_9_1_x86_64: + +__sap_hana_preconfigure_min_packages_9_1_ppc64le: + +__sap_hana_preconfigure_min_packages_9_2_x86_64: + - [ 'kernel', '5.14.0-284.25.1.el9_2' ] + +__sap_hana_preconfigure_min_packages_9_2_ppc64le: + - [ 'kernel', '5.14.0-284.25.1.el9_2' ] + +__sap_hana_preconfigure_min_packages_9_3_x86_64: + +__sap_hana_preconfigure_min_packages_9_3_ppc64le: + +__sap_hana_preconfigure_min_packages_9_4_x86_64: + - [ 'kernel', '5.14.0-427.16.1.el9_4' ] + +__sap_hana_preconfigure_min_packages_9_4_ppc64le: + - [ 'kernel', '5.14.0-427.16.1.el9_4' ] + +__sap_hana_preconfigure_min_packages_9_5_x86_64: + +__sap_hana_preconfigure_min_packages_9_5_ppc64le: + +__sap_hana_preconfigure_min_packages_9_6_x86_64: + +__sap_hana_preconfigure_min_packages_9_6_ppc64le: + +__sap_hana_preconfigure_min_packages_9_7_x86_64: + +__sap_hana_preconfigure_min_packages_9_7_ppc64le: + +__sap_hana_preconfigure_min_packages_9_8_x86_64: + +__sap_hana_preconfigure_min_packages_9_8_ppc64le: + +__sap_hana_preconfigure_min_pkgs: "{{ lookup('vars', '__sap_hana_preconfigure_min_packages_' + ansible_distribution_version | string | replace(\".\", \"_\") + '_' + ansible_architecture) }}" + +__sap_hana_preconfigure_packages: +# SAP NOTE 3108316: + - expect +# package gtk2: only needed if the SAP HANA installation tools hdblcmgui and hdbsetup are used + - gtk2 + - krb5-workstation + - libatomic + - libcanberra-gtk2 + - libtool-ltdl + - numactl + - PackageKit-gtk3-module + - xorg-x11-xauth +# package chkconfig: needed by hdblcm to be able to access /etc/init.d + - chkconfig +# package compat-openssl11: needed for HANA scale-out and when configuring HANA backup on Azure + - compat-openssl11 +# package libxcrypt-compat: needed SAP HANA and also by sapstartsrv on RHEL 9: +# - libxcrypt-compat # now installed by role sap_general_preconfigure, see also SAP note 3108316, version 4. +# For support purposes: +# package graphwiz: graph visualization tools, for supportability) + - graphviz +# package iptraf-ng: TCP/IP network monitor, for supportability) + - iptraf-ng +# package lm-sensors: TCP/IP network monitor, for supportability) + - lm_sensors +# package nfs-utils: support utilities for NFS, for supportability) + - nfs-utils +# SAP NOTE 3108302: + - tuned-profiles-sap-hana + +__sap_hana_preconfigure_packages_min_install: +# SAP NOTE 3108316: + - expect +# package gtk2: only needed if the SAP HANA installation tools hdblcmgui and hdbsetup are used +# - gtk2 + - krb5-workstation + - libatomic + - libcanberra-gtk2 + - libtool-ltdl + - numactl + - PackageKit-gtk3-module + - xorg-x11-xauth +# package compat-openssl11: needed for HANA scale-out and when configuring HANA backup on Azure + - compat-openssl11 +# required for SAP HANA on RHEL 9: + - libxcrypt-compat +# For support purposes: +# package graphwiz: graph visualization tools, for supportability) +# - graphviz +# package iptraf-ng: TCP/IP network monitor, for supportability) +# - iptraf-ng +# package lm-sensors: TCP/IP network monitor, for supportability) +# - lm_sensors +# package nfs-utils: support utilities for NFS, for supportability) +# - nfs-utils +# SAP NOTE 3108302: + - tuned-profiles-sap-hana + +# URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools +__sap_hana_preconfigure_ibm_power_repo_url: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' + +__sap_hana_preconfigure_required_ppc64le: + - ibm-power-managed-rhel9 + +# Network related kernel parameters as set in SAP Note 2382421: +__sap_hana_preconfigure_kernel_parameters_default: +# The following parameter should always be set: + - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 } +# The following two parameters are automatically set by SAP Host Agent +# - { name: net.ipv4.ip_local_port_range, value: "40000 61000" } +# - { name: net.ipv4.ip_local_reserved_ports, value: -> SAP NOTE 2477204 } +# The following two parameters do not work when communicating with hosts behind NAT firewall: +# - { name: net.ipv4.tcp_tw_reuse, value: 1 } +# - { name: net.ipv4.tcp_tw_recycle, value: 1 } +# The following parameter should always be set but might not work on Azure (see SAP Note 2382421): + - { name: net.ipv4.tcp_timestamps, value: 1 } +# The following parameter should always be set: + - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 } +# Tune the next four parameters for low latency system replication: +# - { net.ipv4.tcp_wmem, value } +# - { net.ipv4.tcp_rmem, value } +# - { net.core.wmem_max, value } +# - { net.core.rmem_max, value } +# Should be set correctly already on most systems, according to SAP Note 2382421: +# - { net.ipv4.tcp_window_scaling, 1 } +# The following only applies to HANA 1 <= 122.14 and HANA 2 SPS00. +# So we do not change the default. +# - { name: net.ipv4.tcp_syn_retries, value: 8 } + +# Network related kernel parameters for ppc64le: +__sap_hana_preconfigure_kernel_parameters_default_ppc64le: + - { name: net.core.rmem_max, value: 56623104 } + - { name: net.core.wmem_max, value: 56623104 } + - { name: net.ipv4.tcp_rmem, value: "65536 262088 56623104" } + - { name: net.ipv4.tcp_wmem, value: "65536 262088 56623104" } + - { name: net.ipv4.tcp_mem, value: "56623104 56623104 56623104" } + +# Network related kernel parameters for NetApp NFS, as set in SAP Note 3024346: +__sap_hana_preconfigure_kernel_parameters_netapp_nfs: + - { name: net.core.rmem_max, value: 16777216 } + - { name: net.core.wmem_max, value: 16777216 } + - { name: net.ipv4.tcp_rmem, value: "4096 131072 16777216" } + - { name: net.ipv4.tcp_wmem, value: "4096 16384 16777216" } + - { name: net.core.netdev_max_backlog, value: 300000 } +# already set in SAP note 2382421: +# - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 } + - { name: net.ipv4.tcp_no_metrics_save, value: 1 } + - { name: net.ipv4.tcp_moderate_rcvbuf, value: 1 } + - { name: net.ipv4.tcp_window_scaling, value: 1 } +# already set in SAP note 2382421: +# - { name: net.ipv4.tcp_timestamps, value: 1 } + - { name: net.ipv4.tcp_sack, value: 1 } + +# yamllint disable rule:commas rule:colons +__sap_hana_preconfigure_packages_and_services: + abrtd: { pkg: 'abrt', svc: 'abrtd', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive' } + abrt-ccpp: { pkg: 'abrt-addon-ccpp', svc: 'abrt-ccpp', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive' } + numad: { pkg: 'numad', svc: 'numad', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive' } + kdump: { pkg: 'kexec-tools', svc: 'kdump', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive' } + firewalld: { pkg: 'firewalld', svc: 'firewalld', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive' } +# yamllint enable rule:commas rule:colons diff --git a/roles/sap_hana_preconfigure/vars/RedHat_9.yml b/roles/sap_hana_preconfigure/vars/RedHat_9.yml index 2eaa8ed3d..7a9e75350 100644 --- a/roles/sap_hana_preconfigure/vars/RedHat_9.yml +++ b/roles/sap_hana_preconfigure/vars/RedHat_9.yml @@ -1,9 +1,11 @@ +# SPDX-License-Identifier: Apache-2.0 --- # supported RHEL 9 minor releases for SAP HANA: __sap_hana_preconfigure_supported_rhel_minor_releases: - "9.0" - "9.2" + - "9.4" # required repos for RHEL 9: __sap_hana_preconfigure_req_repos_redhat_9_0_x86_64: @@ -118,15 +120,15 @@ __sap_hana_preconfigure_req_repos_redhat_9_10_ppc64le: # required SAP notes for RHEL 9: __sap_hana_preconfigure_sapnotes_versions_x86_64: - - { number: '3108302', version: '8' } - - { number: '2382421', version: '45' } - - { number: '3024346', version: '3' } + - { number: '3108302', version: '11' } + - { number: '2382421', version: '47' } + - { number: '3024346', version: '11' } __sap_hana_preconfigure_sapnotes_versions_ppc64le: - { number: '2055470', version: '90' } - - { number: '3108302', version: '8' } - - { number: '2382421', version: '45' } - - { number: '3024346', version: '3' } + - { number: '3108302', version: '11' } + - { number: '2382421', version: '47' } + - { number: '3024346', version: '11' } __sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" @@ -158,8 +160,10 @@ __sap_hana_preconfigure_min_packages_9_3_x86_64: __sap_hana_preconfigure_min_packages_9_3_ppc64le: __sap_hana_preconfigure_min_packages_9_4_x86_64: + - [ 'kernel', '5.14.0-427.16.1.el9_4' ] __sap_hana_preconfigure_min_packages_9_4_ppc64le: + - [ 'kernel', '5.14.0-427.16.1.el9_4' ] __sap_hana_preconfigure_min_packages_9_5_x86_64: @@ -208,6 +212,8 @@ __sap_hana_preconfigure_packages: - nfs-utils # SAP NOTE 3108302: - tuned-profiles-sap-hana +# SAP NOTE 3449186 - Required for HANA 2.0 SPS08: + - compat-sap-c++-13 __sap_hana_preconfigure_packages_min_install: # SAP NOTE 3108316: @@ -236,6 +242,8 @@ __sap_hana_preconfigure_packages_min_install: # - nfs-utils # SAP NOTE 3108302: - tuned-profiles-sap-hana +# SAP NOTE 3449186 - Required for HANA 2.0 SPS08: + - compat-sap-c++-13 # URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools __sap_hana_preconfigure_ibm_power_repo_url: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' @@ -245,8 +253,7 @@ __sap_hana_preconfigure_required_ppc64le: # Network related kernel parameters as set in SAP Note 2382421: __sap_hana_preconfigure_kernel_parameters_default: -# The following two parameter should always be set: - - { name: net.core.somaxconn, value: 4096 } +# The following parameter should always be set: - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 } # The following two parameters are automatically set by SAP Host Agent # - { name: net.ipv4.ip_local_port_range, value: "40000 61000" } diff --git a/roles/sap_hana_preconfigure/vars/SLES_15.yml b/roles/sap_hana_preconfigure/vars/SLES_15.yml index 32dac1dea..1f98593b5 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_15.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_15.yml @@ -1,6 +1,8 @@ +# SPDX-License-Identifier: Apache-2.0 --- - -# required SAP Notes for SLES 15 +# Variables specific to following versions: +# - SUSE Linux Enterprise Server for SAP Applications 15 +# - SUSE Linux Enterprise Server 15 __sap_hana_preconfigure_sapnotes: # - "{% if ansible_architecture == 'ppc64le' %}2055470{% endif %}" diff --git a/roles/sap_hana_preconfigure/vars/main.yml b/roles/sap_hana_preconfigure/vars/main.yml index 48003185c..ab2df93c4 100644 --- a/roles/sap_hana_preconfigure/vars/main.yml +++ b/roles/sap_hana_preconfigure/vars/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # define variables here that will not change diff --git a/roles/sap_hostagent/.yamllint.yml b/roles/sap_hostagent/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_hostagent/.yamllint.yml +++ b/roles/sap_hostagent/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_hostagent/README.md b/roles/sap_hostagent/README.md index 13aa84fa4..e72fc7cc7 100644 --- a/roles/sap_hostagent/README.md +++ b/roles/sap_hostagent/README.md @@ -1,150 +1,266 @@ + # sap_hostagent Ansible Role + + +## Description + +The Ansible Role `sap_hostagent` is used install SAP Host Agent. SAP Host Agent is an agent that can accomplish several life-cycle management tasks, such as operating system monitoring, database monitoring, system instance control and provisioning. -It is recommended to install SAP Host Agent upfront in any HA environment. +This role installs SAP Host Agent with following source methods: +- SAP SAR file +- SAP Bundle +- RPM package (Red Hat only) + + + + + + +## Prerequisites +Managed nodes: +- Ensure that servers are configured for SAP Systems. See [Recommended](#recommended) section. + + +## Execution + + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_hostagent`* + + +### Execution Flow + +1. Create temporary directory. +2. Execute deployment based on chosen method. +3. Configure SSL if `sap_hostagent_config_ssl` was set. +4. Cleanup temporary directory + + +### Example + +#### Example playbook for installing using SAR file located on control node +```yaml +--- +- name: Ansible Play for SAP Host Agent installation - Local SAR + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "sar" + sap_hostagent_sar_local_path: "/software/SAPHOSTAGENT" + sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" + sap_hostagent_sapcar_local_path: "/software/SAPHOSTAGENT" + sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" + sap_hostagent_clean_tmp_directory: true +``` +#### Example playbook for installing using SAR file located on managed node +```yaml +--- +- name: Ansible Play for SAP Host Agent installation - Remote SAR + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "sar" + sap_hostagent_sar_remote_path: "/software/SAPHOSTAGENT" + sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" + sap_hostagent_sapcar_remote_path: "/software/SAPHOSTAGENT" + sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" + sap_hostagent_clean_tmp_directory: true +``` +#### Example playbook for installing using SAP Bundle +```yaml +--- +- name: Ansible Play for SAP Host Agent installation - SAP bundle + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "bundle" + sap_hostagent_bundle_path: "/usr/local/src/HANA-BUNDLE/51053381" + sap_hostagent_clean_tmp_directory: true +``` +#### Example playbook for installing using RPM on Red Hat +```yaml +--- +- name: Ansible Play for SAP Host Agent installation - SAP bundle + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "rpm" + sap_hostagent_rpm_local_path: "/mylocaldir/SAPHOSTAGENT" + sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm" + sap_hostagent_clean_tmp_directory: true +``` + -You can find the latest Documentation in [SAP NOTE 1907566](https://launchpad.support.sap.com/#/notes/1907566) + + -This role installs or updates the SAP Host Agent on a RHEL 7.x or 8.x system. It is provided as RPM package, tarball or as part of an SAP softwarebundle. -While Red Hat recommends RPM for easier upgrade, this role take care of all formats. + + -## Requirements +## License + +Apache 2.0 + -This role is intended to use on a RHEL system that gets SAP software. -So your system needs to be installed with at least the RHEL core packages, properly registered and prepared for HANA or Netweaver installation. +## Maintainers + +- [Markus Koch](https://github.com/rhmk) +- [Bernd Finger](https://github.com/berndfinger) + -It needs access to the software repositories required to install SAP HANA (see also: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)) +## Role Variables + +### sap_hostagent_installation_type -You can use the [redhat_sap.sap_rhsm](https://galaxy.ansible.com/redhat_sap/sap_rhsm) Galaxy Role to automate this process +- _Type:_ `string` +- _Default:_ `rpm` -To install SAP software on Red Hat Enterprise Linux you need some additional packages which come in a special repository. To get this repository you need to have one -of the following products: +Select type of installation source for SAPHOSTAGENT.
+Available options: `sar`, `sar-remote`, `bundle`, `rpm` -- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard, developer Edition) -- [RHEL for Business Partner NFRs](https://partnercenter.redhat.com/NFRPageLayout) -[Click here](https://developers.redhat.com/products/sap/download/) to achieve a personal developer edition of RHEL for SAP Solutions. Please register as a developer and download the developer edition. +### Input Parameters for SAR +Following input parameters are used by both Local SAR and Remote SAR. -- [Registration Link](http://developers.redhat.com/register) : - Here you can either register a new personal account or link it to an already existing **personal** Red Hat Network account. -- [Download Link](https://access.redhat.com/downloads/): - Here you can download the Installation DVD for RHEL with your previously registered account +#### sap_hostagent_sar_file_name -*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional - product but only a special bundling. The subscription grants you access to the additional - packages through our content delivery network(CDN) after installation. +- _Type:_ `string` -It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-82c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. +Name of SAR file containing SAPHOSTAGENT. -## Role Variables +#### sap_hostagent_sapcar_file_name -### RPM based installations +- _Type:_ `string` -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes, with `rpm` value| -|sap_hostagent_rpm_local_path|Local directory path where RPM file is located|yes, unless `sap_hostagent_rpm_remote_path` is used| -|sap_hostagent_rpm_remote_path|Local directory path where RPM file is located|yes, unless `sap_hostagent_rpm_local_path` is used| -|sap_hostagent_rpm_file_name|Local RPM file name|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +Name of SAR file containing SAPCAR. -### SAR based installations (content on ansible control node) +### Input Parameters for Local SAR -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `sar` value| -|sap_hostagent_sar_local_path|Local directory path where SAR file is located|yes| -|sap_hostagent_sar_file_name|Local SAR file name|yes| -|sap_hostagent_sapcar_local_path|Local directory path where SAPCAR tool file is located|yes| -|sap_hostagent_sapcar_file_name|Local SAPCAR tool file name|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +#### sap_hostagent_sar_local_path -### SAR based installations (with content existing on target node) +- _Type:_ `string` -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `sar-remote` value| -|sap_hostagent_sar_remote_path|Remote directory path where SAR tool file is located|yes| -|sap_hostagent_sar_file_name|SAR tool file name|yes| -|sap_hostagent_sapcar_remote_path|Remote directory path of SAR archive|yes| -|sap_hostagent_sapcar_file_name|Remote file name of SAR archive|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +Local directory path where SAR file is located.
+**Do not use together with `sap_hostagent_sar_remote_path`.** +#### sap_hostagent_sapcar_local_path -### SAP Bundle based installations +- _Type:_ `string` -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `bundle` value| -|sap_hostagent_bundle_path|Target host directory path where SAP Installation Bundle has been unarchived| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +Local directory path where SAPCAR file is located.
+**Do not use together with `sap_hostagent_sapcar_remote_path`.** -### SSL Configuration +### Input Parameters for Remote SAR -Right now the role will configure the PSE and create a CSR. Adding signed certificates from a valid CA is not supported yet +#### sap_hostagent_sar_remote_path -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_config_ssl|This boolean variable will configure Agent for SSL communication|no (defaulted in the role)| -|sap_hostagent_ssl_passwd|Password to be used for the CSR|yes when `sap_hostagent_config_ssl` True| -|sap_hostagent_ssl_org|Organization information for the CSR|yes when `sap_hostagent_config_ssl` True| -|sap_hostagent_ssl_country|Country information for the CSR|yes when `sap_hostagent_config_ssl` True| +- _Type:_ `string` -## Dependencies +Remote directory path where SAR file is located.
+**Do not use together with `sap_hostagent_sar_local_path`.** -Before using this role ensure your system has been configured properly to run SAP applications. +#### sap_hostagent_sapcar_remote_path -You can use the supported role `sap_general_preconfigure` coming with RHEL 7 and 8 with RHEL for SAP Solutions Subscription +- _Type:_ `string` -The upstream version of this role can be found [here](https://github.com/linux-system-roles/sap_general_preconfigure) +Local directory path where SAPCAR file is located.
+**Do not use together with `sap_hostagent_sapcar_local_path`.** -## Example Playbook -```yaml - - hosts: servers - roles: - - role: sap_hostagent -``` +### Input Parameters for RPM -## Example Inventory +#### sap_hostagent_rpm_local_path -When using RPM: +- _Type:_ `string` -```yaml -sap_hostagent_installation_type: "rpm" -sap_hostagent_rpm_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm" -sap_hostagent_clean_tmp_directory: true -``` +Local directory path where RPM file is located.
+**Do not use together with `sap_hostagent_rpm_remote_path`.** -When using SAR: +#### sap_hostagent_rpm_remote_path -```yaml -sap_hostagent_installation_type: "sar" -sap_hostagent_sar_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" -sap_hostagent_sapcar_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" -sap_hostagent_clean_tmp_directory: true -``` +- _Type:_ `string` -When using SAP Bundle: +Remote directory path where RPM file is located.
+**Do not use together with `sap_hostagent_rpm_local_path`.** -```yaml -sap_hostagent_installation_type: "bundle" -sap_hostagent_bundle_path: "/usr/local/src/HANA-BUNDLE/51053381" -sap_hostagent_clean_tmp_directory: true -``` +#### sap_hostagent_rpm_file_name -## License +- _Type:_ `string` + +Name of RPM package containing SAPHOSTAGENT. + + +### Input Parameters for SAP Bundle + +#### sap_hostagent_bundle_path + +- _Type:_ `string` + +Remote directory path where SAP Bundle file is located after being extracted. + + +### Input Parameters for SSL setup + +#### sap_hostagent_config_ssl + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to configure PSE and create CSR.
+Adding signed certificates from a valid CA is not supported yet. + +#### sap_hostagent_ssl_passwd + +- _Type:_ `string` + +Enter password for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +#### sap_hostagent_ssl_org + +- _Type:_ `string` + +Enter Organization information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +#### sap_hostagent_ssl_country + +- _Type:_ `string` + +Enter Country information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + + +#### sap_hostagent_agent_tmp_directory + +- _Type:_ `string` +- _Default:_ `/tmp/hostagent` + +Temporary directory for processing of source file. -Apache license 2.0 +#### sap_hostagent_clean_tmp_directory -## Author Information +- _Type:_ `bool` +- _Default:_ `False` -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice +Enable to remove temporary directory after installation. + \ No newline at end of file diff --git a/roles/sap_hostagent/defaults/main.yml b/roles/sap_hostagent/defaults/main.yml index 83db2b33c..ed1d754d9 100644 --- a/roles/sap_hostagent/defaults/main.yml +++ b/roles/sap_hostagent/defaults/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Global Default variables # Adapt to your default settings diff --git a/roles/sap_hostagent/meta/main.yml b/roles/sap_hostagent/meta/main.yml index 31cef273e..ddbb94eac 100644 --- a/roles/sap_hostagent/meta/main.yml +++ b/roles/sap_hostagent/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: author: IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice diff --git a/roles/sap_hostagent/tasks/common_post.yml b/roles/sap_hostagent/tasks/common_post.yml index 2d877f8f6..70469b491 100644 --- a/roles/sap_hostagent/tasks/common_post.yml +++ b/roles/sap_hostagent/tasks/common_post.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ensure {{ sap_hostagent_agent_tmp_directory }} directory is removed from the target host diff --git a/roles/sap_hostagent/tasks/common_pre.yml b/roles/sap_hostagent/tasks/common_pre.yml index 4c2e5acc2..cd2ac8214 100644 --- a/roles/sap_hostagent/tasks/common_pre.yml +++ b/roles/sap_hostagent/tasks/common_pre.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ensure {{ sap_hostagent_agent_tmp_directory }} directory exists on the target host diff --git a/roles/sap_hostagent/tasks/config_ssl.yml b/roles/sap_hostagent/tasks/config_ssl.yml index 3cdb5510c..f20506a48 100644 --- a/roles/sap_hostagent/tasks/config_ssl.yml +++ b/roles/sap_hostagent/tasks/config_ssl.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Ensure 'sapadm' user home directory exists diff --git a/roles/sap_hostagent/tasks/deploy_bundle.yml b/roles/sap_hostagent/tasks/deploy_bundle.yml index 0e859ae4f..39a83290e 100644 --- a/roles/sap_hostagent/tasks/deploy_bundle.yml +++ b/roles/sap_hostagent/tasks/deploy_bundle.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Extract the SAPHOSTAGENT TGZ file from the Bundle diff --git a/roles/sap_hostagent/tasks/deploy_rpm.yml b/roles/sap_hostagent/tasks/deploy_rpm.yml index 8b53a8496..6281af2ea 100644 --- a/roles/sap_hostagent/tasks/deploy_rpm.yml +++ b/roles/sap_hostagent/tasks/deploy_rpm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Copy RPM based SAPHOSTAGENT to the target host diff --git a/roles/sap_hostagent/tasks/deploy_sar.yml b/roles/sap_hostagent/tasks/deploy_sar.yml index 121da7254..8a6ecc71d 100644 --- a/roles/sap_hostagent/tasks/deploy_sar.yml +++ b/roles/sap_hostagent/tasks/deploy_sar.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Copy SAR based SAPHOSTAGENT to the target host diff --git a/roles/sap_hostagent/tasks/deploy_sar_remote.yml b/roles/sap_hostagent/tasks/deploy_sar_remote.yml index f99763ed8..e7e46e868 100644 --- a/roles/sap_hostagent/tasks/deploy_sar_remote.yml +++ b/roles/sap_hostagent/tasks/deploy_sar_remote.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Extract the SAPHOSTAGENT archive using SAPCAR diff --git a/roles/sap_hostagent/tasks/main.yml b/roles/sap_hostagent/tasks/main.yml index 17d29203a..f106a42c8 100644 --- a/roles/sap_hostagent/tasks/main.yml +++ b/roles/sap_hostagent/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Execute common pre installation tasks diff --git a/roles/sap_install_media_detect/.yamllint.yml b/roles/sap_install_media_detect/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_install_media_detect/.yamllint.yml +++ b/roles/sap_install_media_detect/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_install_media_detect/README.md b/roles/sap_install_media_detect/README.md index 23dfaa60c..1c0a100c5 100644 --- a/roles/sap_install_media_detect/README.md +++ b/roles/sap_install_media_detect/README.md @@ -1,48 +1,103 @@ + # sap_install_media_detect Ansible Role + +![Ansible Lint for sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_install_media_detect.yml/badge.svg) -Ansible Role for detection and extraction of SAP Software installation media +## Description + +The Ansible Role `sap_install_media_detect` is used to detect and extract SAP installation media. -This role is used to prepare for installation of SAP Software, by searching a given directory for SAP installation media (e.g. SAR files), -moving files to subdirectories (i.e. `/sap_hana` and `/sap_swpm`) with the directory/file ownership permissions, then extracting the detected files. +This role searches provided source directory, sorts files based on type and extracts them to target directory. Extraction can be further adjusted to create individual folders based on defined inputs. -Detection of installation media is available for SAP HANA and the various key installation files when using SAP SWPM to install -SAP Business Applications based upon SAP NetWeaver (e.g. SAP S/4HANA, SAP BW/4HANA, SAP ECC, SAP BW, SAP WebDispatcher etc). -As an example, SAP HANA Client would be detected and the SAP Kernel Part I/II would be detected. +Detection of supported installation media is available for SAP HANA and wide range of SAP Applications (example: SAP S/4HANA, SAP BW/4HANA, SAP ECC, SAP BW, SAP WebDispatcher, SAP Business Applications based upon SAP NetWeaver, etc). + -Once detection (e.g. using `zipinfo -1` and `unrar lb`) and extraction are completed, the file paths are shown and stored as variables for subsequent use by other Ansible Tasks. + + -RAR files can be either handled by the unar package from EPEL or by another package which can list the contents of, and extract files from, -RAR files. See the comments and examples for the RAR file handling in `defaults/main.yml`. If the EPEL repo had been enabled at the time -when the role was run, it will remain enabled. If the EPEL repo was not present, the associated GPG key will be removed and the EPEL repo -will be disabled as the last task. + +## Prerequisites +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. + -## Execution Flow +## Execution + + -- At the beginning of the execution of the role, a new tool `sapfile` is pushed to a temporary directory on the managed node. -- Also a package which contains a command for extracting and listing content of files of type `RAR` is installed. -- The next step is to check if source and/or target directories exist. If role parameter `sap_install_media_detect_target_directory` is defined, files will later be copied from `sap_install_media_detect_source_directory`. This is the `remote_dir` case. -- If the system on which the `sap_install_media_detect_source_directory` is not writable, the role would normally fail because one or both of the following conditions are not met: - - The SAPCAR EXE file is not executable. - - There are one or more `ZIP` or `RAR` files without extension. -- In this `remote_dir` case, to make sure the role does not fail, it needs to be run first on the node on which `sap_install_media_detect_source_directory` is writable, with role parameter `sap_install_media_detect_file_server_only` set to `true` so the role will not perform and further file detection activities. -- After the SAPCAR EXE file is executable and there are no more `ZIP` or `RAR` files without extension, the role can be called on a managed node where `sap_install_media_detect_source_directory` is not writable. -- A new list of all files with the correct final file names will then be created, and for each of the files, the SAP file types are determined using the `sapfile` tool, either using the file names or - if this information is not sufficient - from information inside the file. -- We then assert that there is at least (or exactly, depending on the file type) one file available for each of the `sap_install_media_detect_*` parameters. For example, if `sap_install_media_detect_kernel_db` is set to `saphana`, then there must be one SAP Kernel DB dependent file for SAP HANA. -- In case of `remote_dir`, the next step is to copy all files from `sap_install_media_detect_source_directory` to `sap_install_media_detect_target_directory`. -- Then we extract files which are configured in `sapfile` to be extracted, and copy or move files which are configured in `sapfile` to be copied or moved. Certain files like `SAPCAR*.EXE` and the SAP Host Agent will be copied to two different directories. -- Once all necessary files have been extracted and all files are copied or moved to where we want them to be, we are using the Ansible find module to identify the different file types by using file or directory name patterns. -- The last step is to fill all required `sap_swpm` parameters from the result of the previous find step, and display all the variables. + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+#### SAP HANA +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. *`sap_install_media_detect`* +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) - High Availability specific +6. [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) - High Availability specific -## Variables and Parameters +#### SAP Netweaver +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) +3. *`sap_install_media_detect`* +4. [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) +5. [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) - High Availability specific + -See the file `defaults/main.yml`. +### Execution Flow + +1. At the beginning of the execution of the role, a new tool `sapfile` is pushed to a temporary directory on the managed node. +2. Also a package which contains a command for extracting and listing content of files of type `RAR` is installed. +3. The next step is to check if source and/or target directories exist. If role parameter `sap_install_media_detect_target_directory` is defined, files will later be copied from `sap_install_media_detect_source_directory`. This is the `remote_dir` case. +4. If the system on which the `sap_install_media_detect_source_directory` is not writable, the role would normally fail because one or both of the following conditions are not met: + - The SAPCAR EXE file is not executable. + - There are one or more `ZIP` or `RAR` files without extension. +5. In this `remote_dir` case, to make sure the role does not fail, it needs to be run first on the node on which `sap_install_media_detect_source_directory` is writable, with role parameter `sap_install_media_detect_file_server_only` set to `true` so the role will not perform and further file detection activities. +6. After the SAPCAR EXE file is executable and there are no more `ZIP` or `RAR` files without extension, the role can be called on a managed node where `sap_install_media_detect_source_directory` is not writable. +7. A new list of all files with the correct final file names will then be created, and for each of the files, the SAP file types are determined using the `sapfile` tool, either using the file names or - if this information is not sufficient - from information inside the file. +8. We then assert that there is at least (or exactly, depending on the file type) one file available for each of the `sap_install_media_detect_*` parameters. For example, if `sap_install_media_detect_kernel_db` is set to `saphana`, then there must be one SAP Kernel DB dependent file for SAP HANA. +9. In case of `remote_dir`, the next step is to copy all files from `sap_install_media_detect_source_directory` to `sap_install_media_detect_target_directory`. +10. Then we extract files which are configured in `sapfile` to be extracted, and copy or move files which are configured in `sapfile` to be copied or moved. Certain files like `SAPCAR*.EXE` and the SAP Host Agent will be copied to two different directories. +11. Once all necessary files have been extracted and all files are copied or moved to where we want them to be, we are using the Ansible find module to identify the different file types by using file or directory name patterns. +12. The last step is to fill all required `sap_swpm` parameters from the result of the previous find step, and display all the variables. + - Once detection (e.g. using `zipinfo -1` and `unrar lb`) and extraction are completed, the file paths are shown and stored as variables for subsequent use by other Ansible Tasks. -## Dependencies +
+ (Red Hat) Additional steps for RAR files -This role does not depend on any other Ansible Role. + RAR files can be either handled by the unar package from EPEL or by another package which can list the contents of, and extract files from, RAR files. See the comments and examples for the RAR file handling in `defaults/main.yml`. -## Tags + - If the EPEL repo had been enabled at the time when the role was run, it will remain enabled. + - If the EPEL repo was not present, the associated GPG key will be removed and the EPEL repo will be disabled as the last task. +
+ +### Example + +Example playbook to extract SAP Installation media for SAP ASCS Netweaver. +```yaml +--- +- name: Ansible Play for SAP NetWeaver ASCS - Extract SAP Installation media + hosts: nwas_ascs + become: true + any_errors_fatal: true + max_fail_percentage: 0 + tasks: + + - name: Execute Ansible Role sap_install_media_detect + ansible.builtin.include_role: + name: community.sap_install.sap_install_media_detect + vars: + sap_install_media_detect_swpm: true + sap_install_media_detect_hostagent: true + sap_install_media_detect_igs: true + sap_install_media_detect_kernel: true + sap_install_media_detect_webdisp: false +``` + + + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_install_media_detect_zip_handling`: Only perform the task for enabling the listing and extracting of files of type `ZIP`. - tag `sap_install_media_detect_rar_handling`: Only perform the tasks for enabling the listing and extracting of files of type `RAR`. This @@ -59,11 +114,209 @@ With the following tags, the role can be called to perform certain activities on Note: After running the role with the following four tags, the SAP archive files will be in the same place as before running the role the first time. The directories with pattern `*_extracted` will remain in place. `sap_install_media_detect_provide_sapfile_utility,sap_install_media_detect_check_directories,sap_install_media_detect_create_file_list_phase_1,sap_install_media_detect_move_files_to_main_directory` + + + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + ## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Variables + +### sap_install_media_detect_rar_handling + +- _Type:_ `bool` +- _Default:_ `True` + +Set this parameter to `false` for skipping the handling of RAR files. In this case, also no `unar` or other RAR handling software will be installed. + + +### sap_install_media_detect_rar_package + +- _Type:_ `str` +- _Default:_ `EPEL` + +Set this parameter to use either the `unar` package from `EPEL` or another software package for handling RAR files.
+Based on this setting, the commands for listing and extracting RAR files are being set in tasks/prepare/enable_rar_handling.yml + +### sap_install_media_detect_epel_gpg_key_url + +- _Type:_ `str` +- _Default:_ `https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}` + +URL for the EPEL GPG key + +### sap_install_media_detect_use_rpm_key_module_for_removing_the_key + +- _Type:_ `bool` +- _Default:_ `True` + +The `EPEL` GPG key can be removed with the rpm_key module and the URL for the key, or by using the `rpm -e` command.
+For using the rpm -e command, set this variable to 'false'. + +### sap_install_media_detect_file_server_only + +- _Type:_ `bool` +- _Default:_ `False` + +If this role is running on a file server on which the SAP software is not to be installed, set the following to true.
+If this role is running on a system on which the SAP software is to be installed, set the following to false. + +### sap_install_media_detect_rar_list + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar lb` + +Fully qualified path to the program for listing RAR files, including the argument for listing files.
+If not specified, the `lsar` program (or a link with the name `lsar`, pointing to the actual `lsar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar x` + +Fully qualified path to the program for extracting RAR files, including the argument for extracting files.
+If not specified, the `unar` program (or a link with the name `unar`, pointing to the actual `unar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract_directory_argument + +- _Type:_ `str` + +Fully qualified path to an additional argument to the program for extracting RAR files, for specifying the directory into which the archive is to be extracted.
+Needs to be empty or start with a space character.
+If sap_install_media_detect_rar_package is set to 'EPEL', this variable is not used. + +### sap_install_media_detect_source_directory + +- _Type:_ `str` +- _Default:_ `/software` + +Directory where the SAP software is located + +### sap_install_media_detect_target_directory + +- _Type:_ `str` + +Directory where the SAP software is located after the role is run, if different from `sap_install_media_detect_source_directory` + +### sap_install_media_detect_create_target_directory + +- _Type:_ `bool` +- _Default:_ `True` + +Create target directory if it does not yet exist. If set to false, perform a check only + +### sap_install_media_detect_rename_target_file_exists + +- _Type:_ `str` +- _Default:_ `skip` + +If there are two files of the same RAR or ZIP type, one with and one without suffix, the following parameter will determine what the role will do for such a file:
+- `skip` the file renaming. +- `fail` execution. +- `overwrite` the file with the suffix by the file without suffix. + +### sap_install_media_detect_extract_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not extract archives which have the extract flag set, set the following parameter to `false`. + +### sap_install_media_detect_move_or_copy_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not move or copy archive files to the `target_dir` subdirectories, set the following parameter to `false`. + +### sap_install_media_detect_assert_after_sapfile + +- _Type:_ `bool` +- _Default:_ `True` + +By default, the presence of at least one file for each file type according to the configured role parameters is asserted. Set the following parameter to 'false' to skip this step. + +### sap_install_media_detect_db + +- _Type:_ `str` + +Select which database type to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_db_client + +- _Type:_ `str` + +Select which database client to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_swpm + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SWPM. + +### sap_install_media_detect_hostagent + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Hostagent. + +### sap_install_media_detect_igs + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP IGS. + +### sap_install_media_detect_kernel + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Kernel files. + +### sap_install_media_detect_kernel_db + +- _Type:_ `str` + +Select which database kernel to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2`
+Only necessary if there is more than one SAPEXEDB file in the source directory + +### sap_install_media_detect_webdisp + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Web Dispatcher. + +### sap_install_media_detect_mpstack + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Maintenance Planner stack file. -Apache license 2.0 +### sap_install_media_detect_export -## Author Information +- _Type:_ `str` -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Bernd Finger +Select which database export to detect.
+Available values: `saps4hana`, `sapbw4hana`, `sapecc`, `sapecc_ides`, `sapnwas_abap`, `sapnwas_java`, `sapsolman_abap`, `sapsolman_java` + \ No newline at end of file diff --git a/roles/sap_install_media_detect/defaults/main.yml b/roles/sap_install_media_detect/defaults/main.yml index a1a1fe264..29277a7c0 100644 --- a/roles/sap_install_media_detect/defaults/main.yml +++ b/roles/sap_install_media_detect/defaults/main.yml @@ -1,5 +1,10 @@ +# SPDX-License-Identifier: Apache-2.0 --- +# Set this parameter to `false` for skipping the handling of RAR files. In this case, also no unar or other RAR handling software +# will be installed. +sap_install_media_detect_rar_handling: true + # Set this parameter to use either the unar package from EPEL or another software package for handling RAR files. # Based on this setting, the commands for listing and extracting RAR files are being set in tasks/prepare/enable_rar_handling.yml sap_install_media_detect_rar_package: 'EPEL' diff --git a/roles/sap_install_media_detect/meta/main.yml b/roles/sap_install_media_detect/meta/main.yml index bc6c3b9f1..1aa398f10 100644 --- a/roles/sap_install_media_detect/meta/main.yml +++ b/roles/sap_install_media_detect/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_install_media_detect/tasks/cleanup/disable-epel-repo.yml b/roles/sap_install_media_detect/tasks/cleanup/disable-epel-repo.yml index c6668e1bd..f76d70fe1 100644 --- a/roles/sap_install_media_detect/tasks/cleanup/disable-epel-repo.yml +++ b/roles/sap_install_media_detect/tasks/cleanup/disable-epel-repo.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Note: This file is only included from tasks/main.yml if the epel-release package had not been initially detected. @@ -12,6 +13,7 @@ ansible.builtin.rpm_key: state: absent key: "{{ sap_install_media_detect_epel_gpg_key_url }}" + retries: 10 when: - sap_install_media_detect_use_rpm_key_module_for_removing_the_key - __sap_install_media_detect_register_rpm_q_gpg_pubkeys.stdout | length != 0 diff --git a/roles/sap_install_media_detect/tasks/cleanup/remove_sapfile_utility.yml b/roles/sap_install_media_detect/tasks/cleanup/remove_sapfile_utility.yml index 0e95e08bb..ace2e6811 100644 --- a/roles/sap_install_media_detect/tasks/cleanup/remove_sapfile_utility.yml +++ b/roles/sap_install_media_detect/tasks/cleanup/remove_sapfile_utility.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Prepare - Remove temporary directory diff --git a/roles/sap_install_media_detect/tasks/find_files_after_extraction.yml b/roles/sap_install_media_detect/tasks/find_files_after_extraction.yml index 7118e343e..782a4ad3d 100644 --- a/roles/sap_install_media_detect/tasks/find_files_after_extraction.yml +++ b/roles/sap_install_media_detect/tasks/find_files_after_extraction.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Find files after extraction - Initialize fact variables diff --git a/roles/sap_install_media_detect/tasks/main.yml b/roles/sap_install_media_detect/tasks/main.yml index 9f69cf1d3..2e46b9ac5 100644 --- a/roles/sap_install_media_detect/tasks/main.yml +++ b/roles/sap_install_media_detect/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # The sapcar (SAPCAR.EXE) program is required for the detection of the SAP file types. It is detected in create_file_list_phase_1.yml @@ -24,6 +25,7 @@ file: prepare/enable_rar_handling.yml apply: tags: sap_install_media_detect_rar_handling + when: sap_install_media_detect_rar_handling tags: sap_install_media_detect_rar_handling - name: SAP Install Media Detect - Prepare - Check directories @@ -94,6 +96,7 @@ tags: sap_install_media_detect_rar_handling tags: sap_install_media_detect_rar_handling when: + - sap_install_media_detect_rar_handling - sap_install_media_detect_rar_package == 'EPEL' - ansible_os_family == 'RedHat' - __sap_install_media_detect_register_rpm_q_epel.stdout != 'epel-release' diff --git a/roles/sap_install_media_detect/tasks/organize_files.yml b/roles/sap_install_media_detect/tasks/organize_files.yml index afa6c496f..2b7095137 100644 --- a/roles/sap_install_media_detect/tasks/organize_files.yml +++ b/roles/sap_install_media_detect/tasks/organize_files.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Organize all files - Copy files to {{ sap_install_media_detect_target_directory }} diff --git a/roles/sap_install_media_detect/tasks/prepare/check_directories.yml b/roles/sap_install_media_detect/tasks/prepare/check_directories.yml index a66b3acf7..caac7f4d0 100644 --- a/roles/sap_install_media_detect/tasks/prepare/check_directories.yml +++ b/roles/sap_install_media_detect/tasks/prepare/check_directories.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Prepare - Get info of 'sap_install_media_detect_source_directory' diff --git a/roles/sap_install_media_detect/tasks/prepare/create_file_list_phase_1.yml b/roles/sap_install_media_detect/tasks/prepare/create_file_list_phase_1.yml index 56f0835f7..2632f90db 100644 --- a/roles/sap_install_media_detect/tasks/prepare/create_file_list_phase_1.yml +++ b/roles/sap_install_media_detect/tasks/prepare/create_file_list_phase_1.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # The fact variables are appended in tasks of this file, so they need to be initialized explicitly. @@ -25,6 +26,8 @@ ansible.builtin.set_fact: __sap_install_media_detect_fact_find_result_phase_1: "{{ __sap_install_media_detect_fact_find_result_phase_1 + [item.path] }}" loop: "{{ __sap_install_media_detect_register_find_result_phase_1.files }}" + loop_control: + label: "{{ item.path }}" # If more than one SAPCAR file is found, we will use the last one. - name: SAP Install Media Detect - Prepare - Identify sapcar diff --git a/roles/sap_install_media_detect/tasks/prepare/create_file_list_phase_2.yml b/roles/sap_install_media_detect/tasks/prepare/create_file_list_phase_2.yml index 355836b98..e6b6d2497 100644 --- a/roles/sap_install_media_detect/tasks/prepare/create_file_list_phase_2.yml +++ b/roles/sap_install_media_detect/tasks/prepare/create_file_list_phase_2.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # The fact variables are appended in tasks of this file, so they need to be initialized explicitly. @@ -21,19 +22,39 @@ ansible.builtin.set_fact: __sap_install_media_detect_fact_find_result_phase_2: "{{ __sap_install_media_detect_fact_find_result_phase_2 + [item.path] }}" loop: "{{ __sap_install_media_detect_register_find_result_phase_2.files }}" + loop_control: + label: "{{ item.path }}" -- name: SAP Install Media Detect - Prepare - Iterate over files and determine file type +- name: SAP Install Media Detect - Prepare - Iterate over files and determine file type, including command for handling RAR files ansible.builtin.command: "{{ __sap_install_media_detect_sapfile_path }} -e --lsar_file={{ __sap_install_media_detect_rar_list.split(' ')[0] }} --sapcar_file={{ __sap_install_media_detect_fact_sapcar_path }} {{ line_item }}" - register: __sap_install_media_detect_register_files_phase_2 + register: __sap_install_media_detect_register_files_phase_2_rar loop: "{{ __sap_install_media_detect_fact_find_result_phase_2 }}" loop_control: loop_var: line_item changed_when: false + when: sap_install_media_detect_rar_handling + +- name: SAP Install Media Detect - Prepare - Iterate over files and determine file type, without command for handling RAR files + ansible.builtin.command: "{{ __sap_install_media_detect_sapfile_path }} -e --sapcar_file={{ __sap_install_media_detect_fact_sapcar_path }} {{ line_item }}" + register: __sap_install_media_detect_register_files_phase_2_norar + loop: "{{ __sap_install_media_detect_fact_find_result_phase_2 }}" + loop_control: + loop_var: line_item + changed_when: false + when: not sap_install_media_detect_rar_handling + +- name: SAP Install Media Detect - Prepare - Set fact from determining the file type + ansible.builtin.set_fact: + __sap_install_media_detect_register_files_phase_2: "{{ __sap_install_media_detect_register_files_phase_2_rar + if sap_install_media_detect_rar_handling + else __sap_install_media_detect_register_files_phase_2_norar }}" - name: SAP Install Media Detect - Prepare - Set fact with the results of the sapfile command ansible.builtin.set_fact: __sap_install_media_detect_fact_files_sapfile_results: "{{ __sap_install_media_detect_fact_files_sapfile_results + [__new_dict] }}" loop: "{{ __sap_install_media_detect_register_files_phase_2.results }}" + loop_control: + label: "{{ item.stdout.split(';')[0] }}" vars: __new_dict: dir: "{{ item.stdout.split(';')[0] | dirname }}" diff --git a/roles/sap_install_media_detect/tasks/prepare/enable_rar_handling.yml b/roles/sap_install_media_detect/tasks/prepare/enable_rar_handling.yml index a829654ab..3746b07c8 100644 --- a/roles/sap_install_media_detect/tasks/prepare/enable_rar_handling.yml +++ b/roles/sap_install_media_detect/tasks/prepare/enable_rar_handling.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Prepare - Install the unar package from EPEL @@ -26,6 +27,7 @@ ansible.builtin.rpm_key: state: present key: "{{ sap_install_media_detect_epel_gpg_key_url }}" + retries: 10 # ansible.builtin.command: "rpm --import {{ eap_install_media_detect_epel_gpg_key_url }}" # changed_when: true @@ -38,6 +40,7 @@ # name: "{{ sap_install_media_detect_epel_url }}" name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm" state: present + retries: 10 # Reason for noqa: We would need an extra call to /usr/bin/crb status to determine the current status - name: SAP Install Media Detect - Prepare - EPEL - Enable the CRB repo # noqa no-changed-when diff --git a/roles/sap_install_media_detect/tasks/prepare/enable_zip_handling.yml b/roles/sap_install_media_detect/tasks/prepare/enable_zip_handling.yml index 3c154e896..22b174ee5 100644 --- a/roles/sap_install_media_detect/tasks/prepare/enable_zip_handling.yml +++ b/roles/sap_install_media_detect/tasks/prepare/enable_zip_handling.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Prepare - Ensure the presence of the 'unzip' package diff --git a/roles/sap_install_media_detect/tasks/prepare/move_files_to_main_directory.yml b/roles/sap_install_media_detect/tasks/prepare/move_files_to_main_directory.yml index 5bfae97f1..f3d141b5f 100644 --- a/roles/sap_install_media_detect/tasks/prepare/move_files_to_main_directory.yml +++ b/roles/sap_install_media_detect/tasks/prepare/move_files_to_main_directory.yml @@ -1,15 +1,19 @@ +# SPDX-License-Identifier: Apache-2.0 --- -- name: SAP Install Media Detect - Prepare - Initialize fact variables, phase 1b +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Initialize fact variables, phase 1b ansible.builtin.set_fact: __sap_install_media_detect_fact_find_result_phase_1b: [] # If any files have been moved to non-extract subdirectories already, move them back to the top level, making the role idempotent # Reason for noqa: When using pipefail and there is no result from the grep -v, this tail will fail but it should never fail -- name: SAP Install Media Detect - Prepare - Find the relevant non-extract subdirectories # noqa risky-shell-pipe +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Find the relevant non-extract subdirectories # noqa risky-shell-pipe ansible.builtin.shell: cmd: > - ls -d sap_hana sap_swpm sap_swpm_download_basket $({{ __sap_install_media_detect_sapfile_path }} -s) 2>/dev/null | + ls -d + sap_hana sap_swpm sap_swpm_download_basket + sapase sapmaxdb oracledb ibmdb2 sap_export_nwas_java sap_export_ecc sap_export_nwas_abap sap_export_solman_java sap_export_ecc_ides + $({{ __sap_install_media_detect_sapfile_path }} -s) 2>/dev/null | awk '{print ("'{{ __sap_install_media_detect_software_main_directory }}'/"$0"/")}' chdir: "{{ __sap_install_media_detect_software_main_directory }}" register: __sap_install_media_detect_register_subdirectories_phase_1b @@ -17,21 +21,21 @@ failed_when: false # Reason for noqa: When using pipefail and there is no result from the grep -v, this tail will fail but it should never fail -- name: SAP Install Media Detect - Prepare - Find existing extract subdirectories # noqa risky-shell-pipe +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Find existing extract subdirectories # noqa risky-shell-pipe ansible.builtin.shell: ls -d {{ __sap_install_media_detect_software_main_directory }}/*/ | grep '_extracted/$' register: __sap_install_media_detect_register_subdirectories_phase_1b_extracted changed_when: false failed_when: false -- name: SAP Install Media Detect - Prepare - Display the relevant non-extract subdirectories +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Display the relevant non-extract subdirectories ansible.builtin.debug: var: __sap_install_media_detect_register_subdirectories_phase_1b.stdout_lines -- name: SAP Install Media Detect - Prepare - Display existing extract subdirectories +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Display existing extract subdirectories ansible.builtin.debug: var: __sap_install_media_detect_register_subdirectories_phase_1b_extracted.stdout_lines -- name: SAP Install Media Detect - Prepare - Create list of all files one level below '{{ __sap_install_media_detect_software_main_directory }}' +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Create list of all files one level below '{{ __sap_install_media_detect_software_main_directory }}' ansible.builtin.find: paths: "{{ line_item }}" patterns: '*' @@ -43,21 +47,21 @@ loop_var: line_item register: __sap_install_media_detect_register_find_result_phase_1b -- name: SAP Install Media Detect - Prepare - Set fact from find result, phase 1b +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Set fact from find result, phase 1b ansible.builtin.set_fact: __sap_install_media_detect_fact_find_result_phase_1b: "{{ __sap_install_media_detect_fact_find_result_phase_1b + [item.1.path] }}" - with_subelements: - - "{{ __sap_install_media_detect_register_find_result_phase_1b.results }}" - - files + loop: "{{ __sap_install_media_detect_register_find_result_phase_1b.results | subelements('files') }}" + loop_control: + label: "{{ item.1.path }}" # Reason for noqa: Too much additional code required for determining if anything has changed or not -- name: SAP Install Media Detect - Prepare - Move files back to '{{ __sap_install_media_detect_software_main_directory }}' # noqa no-changed-when +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Move files back to '{{ __sap_install_media_detect_software_main_directory }}' # noqa no-changed-when ansible.builtin.command: "mv {{ line_item }} {{ __sap_install_media_detect_software_main_directory }}/" loop: "{{ __sap_install_media_detect_fact_find_result_phase_1b }}" loop_control: loop_var: line_item -- name: SAP Install Media Detect - Prepare - Remove the relevant non-extract subdirectories +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Remove the relevant non-extract subdirectories ansible.builtin.file: path: "{{ line_item }}" state: absent @@ -65,7 +69,7 @@ loop_control: loop_var: line_item -- name: SAP Install Media Detect - Prepare - Remove the extract subdirectories +- name: SAP Install Media Detect - Prepare - Move files to parent for known subdirs - Remove the extract subdirectories ansible.builtin.file: path: "{{ line_item }}" state: absent diff --git a/roles/sap_install_media_detect/tasks/prepare/provide_sapfile_utility.yml b/roles/sap_install_media_detect/tasks/prepare/provide_sapfile_utility.yml index 971233b18..4e2157510 100644 --- a/roles/sap_install_media_detect/tasks/prepare/provide_sapfile_utility.yml +++ b/roles/sap_install_media_detect/tasks/prepare/provide_sapfile_utility.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Prepare - Create temporary directory to store various files diff --git a/roles/sap_install_media_detect/tasks/rename/add_exe_extension_loop_block.yml b/roles/sap_install_media_detect/tasks/rename/add_exe_extension_loop_block.yml index 3a5e565ec..500b9003c 100644 --- a/roles/sap_install_media_detect/tasks/rename/add_exe_extension_loop_block.yml +++ b/roles/sap_install_media_detect/tasks/rename/add_exe_extension_loop_block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Rename - Loop Block - Get info about target self-extracting rar file '{{ line_item.file }}.exe' diff --git a/roles/sap_install_media_detect/tasks/rename/add_file_extension.yml b/roles/sap_install_media_detect/tasks/rename/add_file_extension.yml index 45abd78fa..b95d9a22e 100644 --- a/roles/sap_install_media_detect/tasks/rename/add_file_extension.yml +++ b/roles/sap_install_media_detect/tasks/rename/add_file_extension.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Rename - Add 'zip' extension to zip files diff --git a/roles/sap_install_media_detect/tasks/rename/add_rar_extension_loop_block.yml b/roles/sap_install_media_detect/tasks/rename/add_rar_extension_loop_block.yml index 0f6c3f71d..9460a2327 100644 --- a/roles/sap_install_media_detect/tasks/rename/add_rar_extension_loop_block.yml +++ b/roles/sap_install_media_detect/tasks/rename/add_rar_extension_loop_block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Rename - Loop Block - Get info about target rar file '{{ line_item.file }}.rar' diff --git a/roles/sap_install_media_detect/tasks/rename/add_zip_extension_loop_block.yml b/roles/sap_install_media_detect/tasks/rename/add_zip_extension_loop_block.yml index 20892ed68..3e6226e15 100644 --- a/roles/sap_install_media_detect/tasks/rename/add_zip_extension_loop_block.yml +++ b/roles/sap_install_media_detect/tasks/rename/add_zip_extension_loop_block.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Rename - Loop Block - Get info about target zip file '{{ line_item.file }}.zip' diff --git a/roles/sap_install_media_detect/tasks/set_global_vars.yml b/roles/sap_install_media_detect/tasks/set_global_vars.yml index 7f449371f..845fc9386 100644 --- a/roles/sap_install_media_detect/tasks/set_global_vars.yml +++ b/roles/sap_install_media_detect/tasks/set_global_vars.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Install Media Detect - Detection completed - Initialize variables for collecting and displaying all variables diff --git a/roles/sap_maintain_etc_hosts/.yamllint.yml b/roles/sap_maintain_etc_hosts/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_maintain_etc_hosts/.yamllint.yml +++ b/roles/sap_maintain_etc_hosts/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_maintain_etc_hosts/README.md b/roles/sap_maintain_etc_hosts/README.md index 98fab9adf..a308d2042 100644 --- a/roles/sap_maintain_etc_hosts/README.md +++ b/roles/sap_maintain_etc_hosts/README.md @@ -1,142 +1,170 @@ -# Role Name: sap_maintain_etc_hosts - -This role can be used to reliably update the /etc/hosts file. - - - -## Role Input Parameters - -This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the hostfile. The default value is the definition of the cluster nodes like in the role `sap_ha_pacemaker_cluster`. If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined the role creates a default value from `ansible_facts`. - -Caution: If you want to use this role to remove entries from /etc/hosts it is a good practise to do this before adding entries. The adding/removal is done in the order the entries are listed. - -### sap_maintain_etc_hosts_list - -- _Type:_ `list` - - List of nodes to be added or removed in /etc/hosts - possible list options: - -#### node_ip - -- _Type:_ `string` - - IP address of the node. - It is required for adding a node. - When deleting a node use only when node_name and node_domain are not defined - -#### node_name - -- _Type:_ `string` - - Hostname of the node - It is required for adding a node. - When deleting a node use only when node_ip is not defined - -#### node_domain - -- _Type:_ `string` - - Domainname of the node - Defaults to sap_domain, if set, otherwise ansible_domain is the default - When deleting a node use only when node_name is defined + +# sap_maintain_etc_hosts Ansible Role + + +## Description + +The Ansible role `sap_maintain_etc_hosts` is used to maintain the `/etc/hosts` file.. + + + + + + + + +## Execution + + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Verify duplicate entries and conflicts; +3. Update `/etc/hosts` file. + + +### Example + +Example playbook will update `/etc/hosts`: +- Remove node with IP `10.10.10.10`. +- Remove node with name `host2`. +- Add node with IP `10.10.10.11`, name `host1`, aliases `alias1, alias2` and comment `host1 comment`. +```yaml +- name: Ansible Play for add entry in /etc/hosts + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_sap_maintain_etc_hosts + ansible.builtin.include_role: + name: community.sap_install.sap_sap_maintain_etc_hosts + vars: + sap_maintain_etc_hosts_list: + - node_ip: 10.10.10.10 + state: absent + - node_name: host2 + state: absent + - node_ip: 10.10.10.11 + node_name: host1 + aliases: + - alias1 + - alias2 + node_comment: "host1 comment" # Comment is created after hash sign (defaults to hana_site) + state: present +``` -#### aliases +Example playbook when executed together with [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role which uses either `sap_ha_pacemaker_cluster_cluster_nodes` or `sap_hana_cluster_nodes`. +```yaml +- name: Ansible Play for add entry in /etc/hosts + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_sap_maintain_etc_hosts + ansible.builtin.include_role: + name: community.sap_install.sap_sap_maintain_etc_hosts + vars: + sap_maintain_etc_hosts_list: "{{ sap_ha_pacemaker_cluster_cluster_nodes }}" +``` + -- _Type:_ `list` + + - List of aliases for the node - Not used when state is absent + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -#### alias_mode +## License + +Apache 2.0 + -- _Type:_ `string` +## Maintainers + +- [Markus Koch](https://github.com/rhmk) +- [Bernd Finger](https://github.com/berndfinger) + - Options: +## Role Variables + - - `merge` : merges the list of aliases with the exiting aliases of the node. (default) - - `overwrite` : overwrites the aliases of the node. +This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the `/etc/hosts` file. - Not used when state is absent +The default value is the definition of the cluster nodes like in the role [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster).
+If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined, then the role creates a default value from `ansible_facts`. -#### node_comment +**NOTE: If you want to use this role to remove entries from /etc/hosts it is a good practice to do this before adding entries. The adding/removal is done in the order the entries are listed.** -- _Type:_ `string` - - default: managed by ansible sap_maintain_etc_hosts role` - String which is appended to line in hosts after comment string - Not used when state is absent +### sap_maintain_etc_hosts_list -#### hana_site +- _Type:_ `list` with elements of type `dict` -- _Type:_ `string` +Mandatory list of nodes in form of dictionaries to be added or removed in `/etc/hosts` file. - if set (e.g. for configuring cluster) it is appended to the comment - Not used when state is absent +Following dictionary keys can be defined: +- **node_ip**
+ IP address of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, where `node_name` and `node_domain` can be used instead. -#### node_role + - _Type:_ `string` - Not used. For compatibility reason only. +- **node_name**
+ Hostname of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_ip` is not used. -#### state + - _Type:_ `string` -- _Type:_ `string` +- **node_domain**
+ Domain name of the managed node. Defaults to `sap_domain` if set or `ansible_domain`.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_name` is used. - Options: + - _Type:_ `string` + - _Default:_ `sap_domain` - - `present` : creates a host entry (default)` - - `absent` : removes a host entry by ip or hostname +- **aliases**
+ List of aliases for the managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. - +- **alias_mode**
+ Select method of updating `/etc/hosts` file:
+ - `merge` : merges the list of aliases with the exiting aliases of the node.
+ - `overwrite` : overwrites the aliases of the node. + _Optional_ for adding new entries to `/etc/hosts`. -Example Playbook ----------------- + - _Type:_ `string` + - _Default:_ `merge` -If you want to setup/add entries your etc hosts you can use this snippet +- **node_comment**
+ Node comment is appended at end of line of managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. -```[yaml] -- name: Ensure /etc/hosts is updated - include_role: sap_sap_maintain_etc_hosts - var: - sap_maintain_etc_hosts_list: - - node_ip: 1.2.3.5 - state: absent - - node_name: host2 - state: absent - - node_ip: 1.2.3.4 - node_name: host1 - aliases: - - alias1 - - anotheralias2 - node_comment: "Here comes text after hashsign" (defaults to hana_site) - state: present -``` + - _Type:_ `string` + - _Default:_ `managed by ansible sap_maintain_etc_hosts role` -If you have defined a cluster and the variable `sap_ha_pacemaker_cluster_cluster_nodes` or `sap_hana_cluster_nodes` is set, you can use the following play: +- **hana_site**
+ Used by [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) and it is appended to `node_comment`
+ _Optional_ for adding new entries to `/etc/hosts`. -```[yaml] -- name: ensure all cluster nodes are in /etc/hosts - include_role: sap_maintain_etc_hosts - var: - sap_maintain_etc_hosts_list: "{{ sap_hana_cluster_nodes }}" -``` + - _Type:_ `string` -License -------- +- **node_role**
+ Not used, but mentioned for compatibility reasons for [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role.
-Apache-2.0 + - _Type:_ `string` -Author Information ------------------- +- **state**
+ Select `present` for adding new entries, `absent` for removing them.
+ **Required** for removing entries, otherwise default `present` is used. -@rhmk 10/10/23 + - _Type:_ `string` + - _Default:_ `present` + \ No newline at end of file diff --git a/roles/sap_maintain_etc_hosts/defaults/main.yml b/roles/sap_maintain_etc_hosts/defaults/main.yml index 718730176..302ce0a1a 100644 --- a/roles/sap_maintain_etc_hosts/defaults/main.yml +++ b/roles/sap_maintain_etc_hosts/defaults/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # defaults file for sap_maintain_etc_hosts # BEGIN: Default Variables for sap_maintain_etc_hosts diff --git a/roles/sap_maintain_etc_hosts/meta/argument_specs.yml b/roles/sap_maintain_etc_hosts/meta/argument_specs.yml index a52430bf7..721ab9b5e 100644 --- a/roles/sap_maintain_etc_hosts/meta/argument_specs.yml +++ b/roles/sap_maintain_etc_hosts/meta/argument_specs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requires: ansible 2.11 # Argument specifications in this separate file maintain backwards compatibility. diff --git a/roles/sap_maintain_etc_hosts/meta/main.yml b/roles/sap_maintain_etc_hosts/meta/main.yml index ec0dd8471..9e6bfe4f2 100644 --- a/roles/sap_maintain_etc_hosts/meta/main.yml +++ b/roles/sap_maintain_etc_hosts/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_maintain_etc_hosts/tasks/main.yml b/roles/sap_maintain_etc_hosts/tasks/main.yml index 0fc42f203..f18877aa8 100644 --- a/roles/sap_maintain_etc_hosts/tasks/main.yml +++ b/roles/sap_maintain_etc_hosts/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # tasks file for sap_maintain_etc_hosts #- name: Double check that list entries with state present do not have duplicate IP addresses diff --git a/roles/sap_maintain_etc_hosts/tasks/update_host_absent.yml b/roles/sap_maintain_etc_hosts/tasks/update_host_absent.yml index 9155ba151..8fb34ca98 100644 --- a/roles/sap_maintain_etc_hosts/tasks/update_host_absent.yml +++ b/roles/sap_maintain_etc_hosts/tasks/update_host_absent.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Verify that variable node_ip is in the correct format ansible.builtin.assert: diff --git a/roles/sap_maintain_etc_hosts/tasks/update_host_present.yml b/roles/sap_maintain_etc_hosts/tasks/update_host_present.yml index c3c22fdc0..000ab6707 100644 --- a/roles/sap_maintain_etc_hosts/tasks/update_host_present.yml +++ b/roles/sap_maintain_etc_hosts/tasks/update_host_present.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Verify that variable node_ip is set ansible.builtin.assert: diff --git a/roles/sap_maintain_etc_hosts/tests/test.yml b/roles/sap_maintain_etc_hosts/tests/test.yml index 6bfeec021..23b26aa46 100644 --- a/roles/sap_maintain_etc_hosts/tests/test.yml +++ b/roles/sap_maintain_etc_hosts/tests/test.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # you can run 'ansible-playbook test.yml -K -e __sap_maintain_etc_hosts_file=./test.hosts' for testing this role - name: Test play diff --git a/roles/sap_maintain_etc_hosts/vars/main.yml b/roles/sap_maintain_etc_hosts/vars/main.yml index c65271322..ebb59dfb2 100644 --- a/roles/sap_maintain_etc_hosts/vars/main.yml +++ b/roles/sap_maintain_etc_hosts/vars/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_maintain_etc_hosts __sap_maintain_etc_hosts_file: /etc/hosts diff --git a/roles/sap_netweaver_preconfigure/.yamllint.yml b/roles/sap_netweaver_preconfigure/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_netweaver_preconfigure/.yamllint.yml +++ b/roles/sap_netweaver_preconfigure/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_netweaver_preconfigure/README.md b/roles/sap_netweaver_preconfigure/README.md index ae666ccd8..fc321756a 100644 --- a/roles/sap_netweaver_preconfigure/README.md +++ b/roles/sap_netweaver_preconfigure/README.md @@ -1,37 +1,85 @@ + # sap_netweaver_preconfigure Ansible Role + + +## Description + +The Ansible role `sap_netweaver_preconfigure` installs additional required packages and performs additional OS configuration steps according to applicable SAP notes for installing and running SAP ABAP Application Platform (formerly known as SAP NetWeaver) after the role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) has been executed. + + + + + + +## Prerequisites +Managed nodes: +- Ensure that general operating system configuration for SAP is performed by [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure). See [Recommended](#recommended) section. + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +**NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_netweaver_preconfigure`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages +3. Apply configurations + - Execute configuration tasks based on SAP Notes + - (SUSE) Execute saptune with solution `sap_netweaver_preconfigure_saptune_solution` (Default: `NETWEAVER`) + +**Note: (Red Hat) Due to SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile (e.g. virtual-guest) had been active before or not.** + + +### Example + +Example of execution together with prerequisite role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +```yaml +--- +- name: Ansible Play for SAP Netweaver preconfigure + hosts: nwas_ascs, nwas_ers + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Execute Ansible Role sap_netweaver_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_netweaver_preconfigure +``` + -This role installs additional required packages and performs additional configuration steps for installing and running SAP NetWeaver. -If you want to configure a RHEL system for the installation and later usage of SAP NetWeaver, you have to first run role `sap_general_preconfigure` and then role sap_netweaver_preconfigure. -For SLES, running the `sap_general_preconfigure` role is not necessary. - -## Requirements - -To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by -running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). -It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP NetWeaver, to maintain an identical -system time, before or after running role sap_netweaver_preconfigure. - -Note ----- -On RHEL, as per SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile -(e.g. virtual-guest) had been active before or not. - -On SLES, this role will switch the saptune solution to the one specified by the configuration and will override any previously set solution. -The default solution is `NETWEAVER`. - -The role can check if enough swap space - as per the prerequisite checker in sapinst - has been configured on the managed node. -Please check the SAP NetWeaver installation guide for swap space requirements. - -Do not run this role against an SAP NetWeaver or other production system. The role will enforce a certain configuration on the managed -node(s), which might not be intended. + + - -## Role Input Parameters + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -Minimum required parameters: -This role does not require any parameter to be set in the playbook or inventory. +## License + +Apache 2.0 + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + +## Role Variables + ### sap_netweaver_preconfigure_config_all - _Type:_ `bool` - _Default:_ `true` @@ -99,93 +147,13 @@ Set this parameter to `true` when using Adobe Document Services, to ensure all r ### sap_netweaver_preconfigure_saptune_version - _Type:_ `str` -- _Default:_ `3.0.2` -On SLES systems, specifies the saptune version
+(SUSE specific) Specifies the saptune version. ### sap_netweaver_preconfigure_saptune_solution - _Type:_ `str` - _Default:_ `NETWEAVER` -- _Possible Values:_
- - `NETWEAVER` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-APPSERVER` - - `S4HANA-DBSERVER` - -On SLES systems, specifies the saptune solution to apply.
- - - -## Example Playbook - -Simple playbook, named sap+netweaver.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure - - role: sap_netweaver_preconfigure -``` - -Simple playbook for an extended check (assert) run, named sap+netweaver-assert.yml: -```yaml ---- -- hosts: all - vars: - sap_preconfigure_assert: yes - sap_preconfigure_assert_ignore_errors: yes - sap_netweaver_preconfigure_assert: yes - sap_netweaver_preconfigure_assert_ignore_errors: yes - roles: - - role: sap_general_preconfigure - - role: sap_netweaver_preconfigure -``` - -## Example Usage -Normal run, for configuring server host_1 for SAP NetWeaver: -```yaml -ansible-playbook sap+netweaver.yml -l host_1 -``` - -Extended Check (assert) run, not aborting if an error has been found: -```yaml -ansible-playbook sap+netweaver-assert.yml -l host_1 -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap+netweaver-assert.yml -l host_1,host_2 | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## License - -Apache license 2.0 - -## Author Information -Red Hat for SAP Community of Practice, Bernd Finger, Rainer Leber +(SUSE specific) Specifies the saptune solution to apply.
+Available values: `NETWEAVER`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-APPSERVER`, `S4HANA-DBSERVER` + \ No newline at end of file diff --git a/roles/sap_netweaver_preconfigure/defaults/main.yml b/roles/sap_netweaver_preconfigure/defaults/main.yml index b49137da0..0a458da5b 100644 --- a/roles/sap_netweaver_preconfigure/defaults/main.yml +++ b/roles/sap_netweaver_preconfigure/defaults/main.yml @@ -1,31 +1,26 @@ +# SPDX-License-Identifier: Apache-2.0 --- # defaults file for sap_netweaver_preconfigure # Perform an assertion run: -sap_netweaver_preconfigure_assert: no +sap_netweaver_preconfigure_assert: false # In case of an assertion run, if set to "yes", the role will abort for any assertion error: -sap_netweaver_preconfigure_assert_ignore_errors: no +sap_netweaver_preconfigure_assert_ignore_errors: false sap_netweaver_preconfigure_min_swap_space_mb: '20480' -sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured: yes +sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured: true sap_netweaver_preconfigure_rpath: '/usr/sap/lib' -sap_netweaver_preconfigure_use_adobe_doc_services: no +sap_netweaver_preconfigure_use_adobe_doc_services: false -#SLES Only -sap_netweaver_preconfigure_saptune_version: '3.0.2' - -## The following variables control aspects of saptune and are only relevant for SLES for SAP Application - -# The saptune solution to apply. For netweaver, the only appropriate options are: -#NETWEAVER -#NETWEAVER+HANA -#S4HANA-APP+DB -#S4HANA-APPSERVER -#S4HANA-DBSERVER -# The default value is NETWEAVER +# (SUSE specific) Version of saptune to install. +# It is recommended to install latest version by keeping this variable empty. +# This will replace the current installed version if present, even downgrade if necessary. +sap_netweaver_preconfigure_saptune_version: '' +# (SUSE specific) Saptune solution to be applied. +# Available options for Netweaver are: NETWEAVER, NETWEAVER+HANA, S4HANA-APP+DB, S4HANA-APPSERVER, S4HANA-DBSERVER sap_netweaver_preconfigure_saptune_solution: NETWEAVER diff --git a/roles/sap_netweaver_preconfigure/handlers/main.yml b/roles/sap_netweaver_preconfigure/handlers/main.yml index dacebbbf8..1c3157ad6 100644 --- a/roles/sap_netweaver_preconfigure/handlers/main.yml +++ b/roles/sap_netweaver_preconfigure/handlers/main.yml @@ -1,2 +1,3 @@ +# SPDX-License-Identifier: Apache-2.0 --- # handlers file for sap_netweaver_preconfigure diff --git a/roles/sap_netweaver_preconfigure/meta/argument_specs.yml b/roles/sap_netweaver_preconfigure/meta/argument_specs.yml index 595c9e090..f9392052a 100644 --- a/roles/sap_netweaver_preconfigure/meta/argument_specs.yml +++ b/roles/sap_netweaver_preconfigure/meta/argument_specs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requires: ansible 2.11 # Argument specifications in this separate file maintain backwards compatibility. @@ -95,16 +96,17 @@ argument_specs: type: bool sap_netweaver_preconfigure_saptune_version: - default: '3.0.2' + default: '' description: - - On SLES systems, specifies the saptune version + - (SUSE specific) Version of saptune to install. + - This will replace the current installed version if present, even downgrade if necessary. required: false type: str sap_netweaver_preconfigure_saptune_solution: default: 'NETWEAVER' description: - - On SLES systems, specifies the saptune solution to apply. + - (SUSE specific) Saptune solution to be applied. choices: - 'NETWEAVER' - 'NETWEAVER+HANA' diff --git a/roles/sap_netweaver_preconfigure/meta/main.yml b/roles/sap_netweaver_preconfigure/meta/main.yml index 9bc882c90..0ed0946aa 100644 --- a/roles/sap_netweaver_preconfigure/meta/main.yml +++ b/roles/sap_netweaver_preconfigure/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-configuration.yml b/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-configuration.yml index 496f5c88d..c1bc7b7ac 100644 --- a/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-configuration.yml +++ b/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - List required SAP Notes diff --git a/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-installation.yml b/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-installation.yml index 14fd4eb25..d5d271e27 100644 --- a/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert that all required packages are installed diff --git a/roles/sap_netweaver_preconfigure/tasks/RedHat/configuration.yml b/roles/sap_netweaver_preconfigure/tasks/RedHat/configuration.yml index 026b91138..7ab03d9dd 100644 --- a/roles/sap_netweaver_preconfigure/tasks/RedHat/configuration.yml +++ b/roles/sap_netweaver_preconfigure/tasks/RedHat/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - List required SAP Notes diff --git a/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml b/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml index 08610f9a4..bbd3763b0 100644 --- a/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Ensure required packages for SAP NetWeaver are installed @@ -5,8 +6,10 @@ state: present name: "{{ __sap_netweaver_preconfigure_packages }}" -- name: Ensure required packages for Adobe Document Services are installed +- name: Ensure required packages for Adobe Document Services are installed, x86_64 only ansible.builtin.package: state: present name: "{{ __sap_netweaver_preconfigure_adobe_doc_services_packages }}" - when: sap_netweaver_preconfigure_use_adobe_doc_services + when: + - ansible_architecture == 'x86_64' + - sap_netweaver_preconfigure_use_adobe_doc_services diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/assert-configuration.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/assert-configuration.yml index a3a4a87b8..8c0ff3c3c 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/assert-configuration.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/assert-configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Populate service facts ansible.builtin.service_facts: diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml index b4e51604f..077317a4b 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- #- name: Enable Debugging # debug: diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml index f3401bb7f..5463a1100 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Takover saptune and enable when: __sap_netweaver_preconfigure_run_saptune @@ -7,6 +8,7 @@ name: sapconf state: stopped enabled: false + when: "'sapconf' in ansible_facts.packages" - name: Make sure that sapconf and tuned are stopped and disabled ansible.builtin.command: "saptune service takeover" diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml index feef1ae71..72981ca44 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Ensure required packages for SAP NetWeaver are installed @@ -19,15 +20,30 @@ - '"SLES" in sles_baseproduct.stat.lnk_target' - ansible_os_family == 'Suse' -# The use of zypper here allows exact saptune version to be declared and used. -- name: Ensure saptune is installed - community.general.zypper: - type: package - name: "saptune={{ sap_netweaver_preconfigure_saptune_version }}" - state: present - force: true + +- name: Prepare saptune when: - __sap_netweaver_preconfigure_run_saptune + block: + - name: Ensure latest saptune is installed + community.general.zypper: + type: package + name: saptune + state: present + when: + - sap_netweaver_preconfigure_saptune_version is undefined + or sap_netweaver_preconfigure_saptune_version | length == 0 + + - name: Ensure specific saptune version is installed + community.general.zypper: + type: package + name: "saptune={{ sap_netweaver_preconfigure_saptune_version }}" + state: present + force: true + when: + - sap_netweaver_preconfigure_saptune_version is defined + - sap_netweaver_preconfigure_saptune_version | length > 0 + - name: Ensure sapconf is installed community.general.zypper: diff --git a/roles/sap_netweaver_preconfigure/tasks/main.yml b/roles/sap_netweaver_preconfigure/tasks/main.yml index c2855bb89..f0a525abd 100644 --- a/roles/sap_netweaver_preconfigure/tasks/main.yml +++ b/roles/sap_netweaver_preconfigure/tasks/main.yml @@ -1,15 +1,24 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Display the role path ansible.builtin.debug: var: role_path +# Load variable file starting with actual version up to OS family. +# Example for SUSE Linux Enterprise Server for SAP Applications 15 SP6: +# 1. SLES_SAP_15.6.yml - Specific to distribution with major and minor release. +# 2. SLES_SAP_15.yml - Specific to distribution and major release regardless of minor release. +# 3. SLES_15.6.yml - Specific to distribution family (SLES and SLES4SAP) and minor release. +# 4. SLES_15.yml - Specific to distribution. +# 5. Suse.yml - Specific to OS family. - name: Include OS specific vars ansible.builtin.include_vars: '{{ item }}' with_first_found: - - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' + - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_version }}.yml' + - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_os_family }}.yml' - name: Set filename prefix to empty string if role is run in normal mode diff --git a/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/configuration.yml b/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/configuration.yml index ccdf2bef8..14f2b1308 100644 --- a/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/configuration.yml +++ b/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/configuration.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # - name: "1275776 - Tips & Advice (start sapconf)" diff --git a/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/installation.yml b/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/installation.yml index f149aca40..8e26bee9f 100644 --- a/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/installation.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: 1275776 - Installation saptune diff --git a/roles/sap_netweaver_preconfigure/tasks/sapnote/2526952.yml b/roles/sap_netweaver_preconfigure/tasks/sapnote/2526952.yml index 19997a328..ab3bd37cc 100644 --- a/roles/sap_netweaver_preconfigure/tasks/sapnote/2526952.yml +++ b/roles/sap_netweaver_preconfigure/tasks/sapnote/2526952.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # OS RELEASE: RHEL 7 and RHEL 8 # SAP Note: 2526952 - Red Hat Enterprise Linux for SAP Solutions diff --git a/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml b/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml index 37883f1cd..60ca5ae7e 100644 --- a/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml +++ b/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Display SAP note number 3119751 and its version diff --git a/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-2526952.yml b/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-2526952.yml index 6fc7a4b61..d0fe88b23 100644 --- a/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-2526952.yml +++ b/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-2526952.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Assert - Display SAP note number 2526952 and its version diff --git a/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml b/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml index 54391eba0..d846c5552 100644 --- a/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml +++ b/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: Configure - Display SAP note number 3119751 and its version diff --git a/roles/sap_netweaver_preconfigure/tests/sap_netweaver_preconfigure-default-settings.yml b/roles/sap_netweaver_preconfigure/tests/sap_netweaver_preconfigure-default-settings.yml index e9e772a79..da625fb24 100644 --- a/roles/sap_netweaver_preconfigure/tests/sap_netweaver_preconfigure-default-settings.yml +++ b/roles/sap_netweaver_preconfigure/tests/sap_netweaver_preconfigure-default-settings.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - hosts: all collections: diff --git a/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml b/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml index 551082a14..1443046a3 100644 --- a/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml +++ b/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_netweaver_preconfigure @@ -11,6 +12,7 @@ __sap_netweaver_preconfigure_sapnotes_versions: __sap_netweaver_preconfigure_packages: - tuned-profiles-sap +# SAP note 2135057 v11: __sap_netweaver_preconfigure_adobe_doc_services_packages: - autoconf.noarch - automake.noarch @@ -18,26 +20,26 @@ __sap_netweaver_preconfigure_adobe_doc_services_packages: - expat.x86_64 - fontconfig.x86_64 - freetype.x86_64 - - glibc.x86_64 - - glibc-devel.x86_64 + - glibc.i686 + - glibc-devel.i686 - keyutils-libs.x86_64 - krb5-libs.x86_64 - libcom_err.x86_64 - - libgcc.x86_64 + - libgcc.i686 - libidn.x86_64 - libidn-devel.x86_64 - libselinux.x86_64 - libssh2.x86_64 - - libX11.x86_64 - - libXau.x86_64 - - libxcb.x86_64 + - libX11.i686 + - libXau.i686 + - libxcb.i686 - nspr.x86_64 - nss.x86_64 - nss-softokn.x86_64 - - nss-softokn-freebl.x86_64 + - nss-softokn-freebl.i686 - nss-util.x86_64 - openldap.x86_64 - openssl.x86_64 - transfig.x86_64 - zlib.x86_64 - - libuuid.x86_64 + - libuuid.i686 diff --git a/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml b/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml index 9bd5223a0..ad9dba4ea 100644 --- a/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml +++ b/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_netweaver_preconfigure @@ -13,6 +14,7 @@ __sap_netweaver_preconfigure_sapnotes_versions: __sap_netweaver_preconfigure_packages: - tuned-profiles-sap +# SAP note 2920407 v6: __sap_netweaver_preconfigure_adobe_doc_services_packages: - autoconf.noarch - automake.noarch @@ -25,7 +27,6 @@ __sap_netweaver_preconfigure_adobe_doc_services_packages: - libcom_err.x86_64 - libidn2.x86_64 - libselinux.x86_64 - - libssh2.x86_64 - libxcb.i686 - nspr.x86_64 - nss.x86_64 diff --git a/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml b/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml index 6fccccd37..b6ad0222e 100644 --- a/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml +++ b/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # vars file for sap_netweaver_preconfigure @@ -11,6 +12,7 @@ __sap_netweaver_preconfigure_sapnotes_versions: __sap_netweaver_preconfigure_packages: - tuned-profiles-sap +# SAP note 3242422 v2: __sap_netweaver_preconfigure_adobe_doc_services_packages: - autoconf.noarch - automake.noarch @@ -23,7 +25,6 @@ __sap_netweaver_preconfigure_adobe_doc_services_packages: - libcom_err.x86_64 - libidn2.x86_64 - libselinux.x86_64 - - libssh2.x86_64 - libxcb.i686 - nspr.x86_64 - nss.x86_64 diff --git a/roles/sap_netweaver_preconfigure/vars/SLES_15.6.yml b/roles/sap_netweaver_preconfigure/vars/SLES_15.6.yml new file mode 100644 index 000000000..34ad9619a --- /dev/null +++ b/roles/sap_netweaver_preconfigure/vars/SLES_15.6.yml @@ -0,0 +1,36 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# Variables specific to following versions: +# - SUSE Linux Enterprise Server for SAP Applications 15 SP6 +# - SUSE Linux Enterprise Server 15 SP6 + +__sap_netweaver_preconfigure_sapnotes: + - "1275776" + +__sap_netweaver_preconfigure_packages: + - libstdc++6 + - libatomic1 + - libgcc_s1 + - libltdl7 + - insserv-compat + - cpupower + - hicolor-icon-theme + - libcpupower1 # libcpupower0 was removed in SP6 + - libsensors4 + - patterns-base-basesystem + - patterns-server-enterprise-sap_server + - patterns-yast-yast2_basis + - procmail + - sysstat + - system-user-uuidd + - uuidd + - yast2-auth-client + - yast2-auth-server + - yast2-theme + - yast2-vpn + - tcsh + - acl + +# SLES_SAP is using saptune, but SLES is using sapconf. +# Default value true runs saptune, but installation.yml auto-detects base product and adjusts. +__sap_netweaver_preconfigure_run_saptune: true diff --git a/roles/sap_netweaver_preconfigure/vars/SLES_15.yml b/roles/sap_netweaver_preconfigure/vars/SLES_15.yml index 86ce492f5..b6f0bacc6 100644 --- a/roles/sap_netweaver_preconfigure/vars/SLES_15.yml +++ b/roles/sap_netweaver_preconfigure/vars/SLES_15.yml @@ -1,5 +1,8 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# required SAP Notes for SLES 15 +# Variables specific to following versions: +# - SUSE Linux Enterprise Server for SAP Applications 15 +# - SUSE Linux Enterprise Server 15 __sap_netweaver_preconfigure_sapnotes: - "1275776" diff --git a/roles/sap_netweaver_preconfigure/vars/main.yml b/roles/sap_netweaver_preconfigure/vars/main.yml index 5684d51f3..42ac22571 100644 --- a/roles/sap_netweaver_preconfigure/vars/main.yml +++ b/roles/sap_netweaver_preconfigure/vars/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # define variables here that will not change diff --git a/roles/sap_storage_setup/.yamllint.yml b/roles/sap_storage_setup/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_storage_setup/.yamllint.yml +++ b/roles/sap_storage_setup/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_storage_setup/README.md b/roles/sap_storage_setup/README.md index 1f3394813..7105d1454 100644 --- a/roles/sap_storage_setup/README.md +++ b/roles/sap_storage_setup/README.md @@ -1,131 +1,250 @@ + # sap_storage_setup Ansible Role + +![Ansible Lint for sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_storage_setup.yml/badge.svg) -Ansible Role for preparing a host with the storage requirements of an SAP System (prior to software installation) +## Description + +The Ansible Role `sap_storage_setup` is used to prepare a host with the storage requirements of an SAP System (prior to software installation). -## Scope - -This Ansible Role provides: -- local/block storage volumes setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path -- remote/file storage mount (and subdirectories as required) -- swap file or swap partition - -This Ansible Role has been tested for the following SAP software deployment types: -- SAP HANA Scale-up, Scale-out and Scale-up High Availability -- SAP NetWeaver AS in Sandbox (Two-Tier/OneHost), Standard (Three-Tier/DualHost), Distributed (Multi-Tier) and Distributed High Availability +This role can prepare host with: +- Local block storage volume setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path +- Remote file storage mount (and subdirectories as required) +- SWAP file or SWAP partition This Ansible Role is agnostic, and will run on any Infrastructure Platform. Only LVM is used for local/block storage, to allow for further expansion if the SAP System requires further storage space in the future. - -Please note, while this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. - -## Requirements - -The Ansible Role requires the `community.general` Ansible Collection (uses the `lvg`, `lvol` and `filesystem` Ansible Modules). - -Before using this Ansible Role, please make sure that the required collections are installed; for example, by using the command `ansible-galaxy install community.general` - + + + +## Dependencies +- `community.general` + - Modules: + - `lvg` + - `lvol` + - `filesystem` +Install required collection by `ansible-galaxy install community.general`. + + + ## Prerequisites +Managed nodes: +- All local/block storage volumes must be attached to the host +- All remote/file storage mounts must be available with host accessibility (e.g. port 2049). + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.**
+:warning: While this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. + +**Considerations** +- This role does not permit static definition for mountpoint to use a specific device (e.g. `/dev/sdk`). The definition will define the disk size to use for the mountpoint, and match accordingly. +- This role enforces that 1 mountpoint will use 1 LVM Logical Volume (LV) that consumes 100% of an LVM Volume Group (VG), with the LVM Volume Group (VG) consuming 100% of 1..n LVM Physical Volumes (PV). + - Following roles and modules offer alternative for more granular control of LVM setup: + - Role `storage` from [fedora.linux_system_roles](https://github.com/linux-system-roles/storage) + - Modules `filesystem`, `lvg`, `lvol` from [community.general](https://galaxy.ansible.com/ui/repo/published/community/general/) + + + + + +### Execution Flow + +1. Gather facts about hosts. +2. Create list of unused disk devices +3. Match/Map unused disk devices to the `sap_storage_setup_definition` +4. Create LVM Logical Volumes (and prerequisite LVM Volume Groups and LVM Physical Volumes) +5. Create swap file or swap partition +6. Mount NFS temporarily, create required subdirectories, unmount and mount subdirectory on the NFS share + + + +Example playbook to configure SAP HANA OneHost node on AWS that includes: +- 3 disks for `/hana/data`, `/hana/log` and ` /hana/shared` +- Remote filesystem for `/software` +- SWAP +```yaml +--- +- name: Ansible Play for SAP HANA HA storage setup + hosts: hana_primary + become: true + tasks: + - name: Execute Ansible Role sap_storage_setup + ansible.builtin.include_role: + name: community.sap_install.sap_storage_setup + vars: + sap_storage_setup_sid: "H01" + sap_storage_setup_host_type: "hana_primary" + sap_storage_setup_definition: + - name: hana_data + mountpoint: /hana/data + disk_size: 150 + filesystem_type: xfs + + - name: hana_log + mountpoint: /hana/log + disk_size: 100 + filesystem_type: xfs + + - name: hana_shared + mountpoint: /hana/shared + disk_size: 200 + filesystem_type: xfs + + - name: software + mountpoint: /software + nfs_path: /software + nfs_server: "fs-00000000000000000.efs.eu-central-1.amazonaws.com:/software" + nfs_filesystem_type: "nfs4" + nfs_mount_options: "vers=4.1,hard,timeo=600,retrans=2,acl" + + - name: swap + disk_size: 96 + filesystem_type: swap +``` + -All local/block storage volumes must be attached to the host, and all remote/file storage mounts must be available with host accessibility (e.g. port 2049). - -## Variables and Parameters - -The 3 critical variables are: -- `sap_storage_setup_definition` - a list with a dictionary for each mountpoint (e.g. /hana/data) for the host -- `sap_storage_setup_host_type` - a list which defines SAP Software on the host (e.g. list containing both hana_primary and nwas_abap_ascs values if creating a Sandbox Two-Tier/OneHost) -- `sap_storage_setup_sid` - a string with the SAP System ID of the logical system (e.g. D01) - -## Execution Flow - -The Ansible Role is sequential: -- Get host facts -- Create list of unused disk devices -- Match/Map unused disk devices to the `sap_storage_setup_definition` -- Create LVM Logical Volumes (and prerequisite LVM Volume Groups and LVM Physical Volumes) -- Create swap file or swap partition -- Mount NFS temporarily, create required subdirectories, unmount and mount subdictory on the NFS share - -## Sample + + -Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + ## License - + Apache 2.0 + -## Author Information - -Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) + ---- - -## Role Input Parameters +## Role Variables + Minimum required parameters: -- [sap_storage_setup_definition](#sap_storage_setup_definition) -- [sap_storage_setup_host_type](#sap_storage_setup_host_type) -- [sap_storage_setup_sid](#sap_storage_setup_sid) +- [sap_storage_setup_definition](#sap_storage_setup_definition-required) +- [sap_storage_setup_host_type](#sap_storage_setup_host_type-required) +- [sap_storage_setup_sid](#sap_storage_setup_sid-required) ### sap_storage_setup_definition required - _Type:_ `list` -Describes the filesystems to be configured.
+Describes list of the filesystems to be configured.
- **disk_size**
Size of the disk device that is used for the filesystem.
For filesystems with no LVM logical volume striping, this is the total size of the filesystem.
For filesystems with LVM LV striping defined (`lvm_lv_stripes`), this is the size of each disk. The resulting filesystem size will be `disk_size` multiplied by `lvm_lv_stripes` (=disks). + + - _Type:_ `int` + - **filesystem_type**
- _Default:_ `xfs`
The type of filesystem that will be created on the logical volume. + + - _Type:_ `str` + - _Default:_ `xfs` + - **lvm_lv_name**
The name of the LVM volume.
The default name is derived from the name value of the filesystem definition entry, for example 'lv_hanalog'. + + - _Type:_ `str` + - **lvm_lv_stripe_size**
When setting up a striped volume, the stripe size can be defined.
Example format - "128K". + + - _Type:_ `str` + - **lvm_lv_stripes**
- _Default:_ `1`
Number of disks that will be configured in a striped volume.
This requires the availability of the same amount of unused disks, which must be of the size defined in `disk_size`. + + - _Type:_ `int` + _Default:_ `1` + - **lvm_vg_name**
The name of the LVM volume group.
The default name is derived from the name value of the filesystem definition entry, for example 'vg_hanalog'. + + - _Type:_ `str` + - **lvm_vg_physical_extent_size**
- _Default:_ `4`
Adjustable size of the physical extents of the volume group in LVM. + + - _Type:_ `int` + - _Default:_ `4` + - **mountpoint**
The path to where the filesystem will be mounted.
This can be left out for the definition of a swap volume. + + - _Type:_ `str` + - **name**
A name of the filesystem definition entry.
This name is used to generate volume group name and logical volume name. + + - _Type:_ `str` + - **nfs_filesystem_type**
- _Default:_ `nfs4`
The type of the NFS filesystem, for example `nfs`, `nfs4`. + + - _Type:_ `str` + - _Default:_ `nfs4` + - **nfs_mount_options**
Mount options to use for the NFS mount.
Generic default is `hard,acl`.
Defaults depend on the specific platform detected by the role or defined explicitly. + + - _Type:_ `str` + - _Default:_ `hard,acl` + - **nfs_path**
When defining an NFS filesystem, this is the directory path of the filesystem to be mounted. + + - _Type:_ `str` + - **nfs_server**
When defining an NFS filesystem, this is the address of the NFS server.
The address must contain the root path, in which the mount directories exist or will be created.
For example, `192.168.1.100:/`. + + - _Type:_ `str` + - **swap_path**
The path to the swap file.
When this option is defined for a swap filesystem definition, it will create a swap file on an existing filesystem. + - _Type:_ `str` + Example: ```yaml sap_storage_setup_definition: -- disk_size: 100G - filesystem_type: xfs - mountpoint: /hana/data - name: hanadata -- disk_size: 100G - filesystem_type: xfs - mountpoint: /hana/log - name: hanalog + + # Block Storage volume + - name: hana_data # required: string, filesystem name used to generate lvm_lv_name and lvm_vg_name + mountpoint: /hana/data # required: string, directory path where the filesystem is mounted + disk_size: 100 # required: integer, size in GB + filesystem_type: xfs # optional: string, value 'xfs'. Use 'swap' to create swap filesystem + + # File Storage volume + - name: hana_shared # required: string, reference name + mountpoint: /hana/shared # required: string, directory path where the filesystem is mounted + nfs_server: nfs.corp:/ # required: string, server and parent directory of the NFS Server; value default from var sap_storage_setup_nfs_server + + # Swap as file instead of Block Storage volume + # See SAP Note 1597355 - Swap-space recommendation for Linux + - name: swap # required: string, reference name + swap_path: /swapfile # required: string, directory path where swap file is created + disk_size: 4 # required: integer, size in GB of swap file + filesystem_type: swap # required: string, must be value 'swap' ``` ### sap_storage_setup_host_type required +- _Type:_ `list` The type of service the target system is going to be configured for.
This can be a list of multiple types which apply to a single host.
If not defined, the default will be inherited from the global parameter `sap_host_type`. One of these parameters must be defined.
+Available values: `hana_primary`, `hana_secondary`, `nwas_abap_ascs`, `nwas_abap_ers`, `nwas_abap_pas`, `nwas_abap_aas`, `nwas_java_scs`, `nwas_java_ers` ### sap_storage_setup_multipath_enable_and_detect @@ -140,5 +259,4 @@ Define if multipathing should be enabled and dynamic multipath devices detected SID of the SAP service.
If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
- - + \ No newline at end of file diff --git a/roles/sap_storage_setup/defaults/main.yml b/roles/sap_storage_setup/defaults/main.yml index 8abea7e81..f4925f150 100644 --- a/roles/sap_storage_setup/defaults/main.yml +++ b/roles/sap_storage_setup/defaults/main.yml @@ -1,9 +1,59 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# Inherit from global parameters, if they exist -sap_storage_setup_host_type: "{{ sap_host_type }}" +# Mandatory +# Inherit from global parameter, if exist sap_storage_setup_sid: "{{ sap_system_sid }}" +# Mandatory +# Inherit from global parameter, if exist +# Use list with values: hana_primary, hana_secondary, nwas_abap_ascs, nwas_abap_ers, nwas_abap_pas, nwas_abap_aas, nwas_java_scs, nwas_java_ers +# Sandbox example +## sap_storage_setup_host_type: +## - hana_primary +## - nwas_abap_ascs +## - nwas_abap_pas +sap_storage_setup_host_type: "{{ sap_host_type }}" + + +#### Mandatory variable reference example for SAP System storage definition + +# # Mandatory +# sap_storage_setup_definition: + +# # Block Storage volume +# - name: name # required: string, filesystem name used to generate lvm_lv_name and lvm_vg_name +# mountpoint: /directory # required: string, directory path where the filesystem is mounted +# disk_size: 384 # required: integer, size in GB +# filesystem_type: xfs # optional: string, value 'xfs'. Use 'swap' to create swap filesystem +# #lvm_lv_name: # optional: string, value 'lv_' +# #lvm_lv_stripes: # optional: integer, value '1', stripe over LVM Physical Volumes within the LVM Volume Group +# #lvm_lv_stripe_size: # optional: string, value '128K', override definition by the OS. Akin to Virtualized Block Size +# #lvm_vg_name: # optional: string, value 'vg_'' +# #lvm_vg_options: # optional: string, value '', additional LVM VG options (e.g. "--dataalignment XX ..." to override MiB offset from disk start before first LVM VG Physical Extent) +# #lvm_vg_physical_extent_size: # optional: integer, value '4', size in MiB. Akin to Physical Block Size, difficult to change once set +# #lvm_pv_options: # optional: string, value '', additional LVM PV options (e.g. "--dataalignment XX ..." to override MiB offset from disk start before first LVM PV Physical Extent) + +# # File Storage volume +# - name: name # required: string, reference name +# mountpoint: /directory # required: string, directory path where the filesystem is mounted +# nfs_server: nfs.corp:/ # required: string, server and parent directory of the NFS Server; value default from var sap_storage_setup_nfs_server +# #nfs_path: # optional: string, value '', subdirectory path on the NFS Server +# #nfs_filesystem_type: # optional: string, value default 'nfs4' from var sap_storage_setup_nfs_filesystem_type, NFS Server protocol +# #nfs_mount_options: # optional: string, value default 'defaults' from var sap_storage_setup_nfs_mount_options, NFS Server specific options e.g. 'relatime' + +# # Swap as file instead of Block Storage volume +# - name: swap # required: string, reference name +# swap_path: /swapfile # required: string, directory path where swap file is created +# disk_size: 4 # required: integer, size in GB of swap file +# filesystem_type: swap # required: string, must be value 'swap' + +# # If applicable, create default for all nfs_server keys within sap_storage_setup_definition +# sap_storage_setup_nfs_server: 'nfs.corp:/' + + +#### Default variable values for SAP System storage + # By default do not look for multipath devices. # When enabled, this includes # - installation of necessary packages @@ -32,7 +82,8 @@ sap_storage_setup_nwas_java_ci_instance_nr: '21' # - NWAS JAVA AS uses J # - NWAS WebDispatcher uses W -#----------------------------------------------------------# + +#### NFS default values sap_storage_setup_nfs_filesystem_type: nfs4 sap_storage_setup_nfs_mount_options: defaults @@ -58,6 +109,7 @@ sap_storage_setup_nfs_dirs_usr_sap: nwas_java_scs: - "{{ sap_storage_setup_sid }}/SCS{{ sap_storage_setup_nwas_java_scs_instance_nr }}" + ##### #### Legacy code - retain vars for commented out code, until decision on specific activities for each Cloud ###### @@ -84,6 +136,3 @@ sap_storage_setup_aws_imds_url: sap_storage_setup_aws_vmsize_url: sap_storage_setup_aws_vmsize: - -# IBM Cloud variables -# diff --git a/roles/sap_storage_setup/meta/argument_specs.yml b/roles/sap_storage_setup/meta/argument_specs.yml index 55fe57cbb..b91499549 100644 --- a/roles/sap_storage_setup/meta/argument_specs.yml +++ b/roles/sap_storage_setup/meta/argument_specs.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Requires: ansible 2.11 # Argument specifications in this separate file maintain backwards compatibility. diff --git a/roles/sap_storage_setup/meta/main.yml b/roles/sap_storage_setup/meta/main.yml index 452b2c05a..d8f19f847 100644 --- a/roles/sap_storage_setup/meta/main.yml +++ b/roles/sap_storage_setup/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_storage_setup/tasks/generic_tasks/configure_local_filesystems.yml b/roles/sap_storage_setup/tasks/generic_tasks/configure_local_filesystems.yml index 1b00eccd0..ab99b9740 100644 --- a/roles/sap_storage_setup/tasks/generic_tasks/configure_local_filesystems.yml +++ b/roles/sap_storage_setup/tasks/generic_tasks/configure_local_filesystems.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Storage Setup - Create LVM volume groups community.general.lvg: diff --git a/roles/sap_storage_setup/tasks/generic_tasks/configure_multipathing.yml b/roles/sap_storage_setup/tasks/generic_tasks/configure_multipathing.yml index 7274b25d5..cca1f4bfd 100644 --- a/roles/sap_storage_setup/tasks/generic_tasks/configure_multipathing.yml +++ b/roles/sap_storage_setup/tasks/generic_tasks/configure_multipathing.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Storage Setup - (Multipathing) Install OS packages ansible.builtin.package: diff --git a/roles/sap_storage_setup/tasks/generic_tasks/configure_nfs_filesystems.yml b/roles/sap_storage_setup/tasks/generic_tasks/configure_nfs_filesystems.yml index 303174207..2d52a656d 100644 --- a/roles/sap_storage_setup/tasks/generic_tasks/configure_nfs_filesystems.yml +++ b/roles/sap_storage_setup/tasks/generic_tasks/configure_nfs_filesystems.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # These tasks are executed in a loop over all NFS filesystems # defined in sap_storage_setup_definition. @@ -44,18 +45,16 @@ 'dir_only': '/' + sap_storage_setup_sid, } ]) %} - {%- endif %} - {%- if nfs_item.mountpoint | regex_replace('/$', '') == '/usr/sap/trans' %} + {%- elif nfs_item.mountpoint | regex_replace('/$', '') == '/usr/sap/trans' %} {%- set add_trans = mount_list.extend([ { 'mount_src': nfs_item.nfs_path | regex_replace('/$', ''), 'mountpoint': nfs_item.mountpoint | regex_replace('/$', ''), } ]) %} - {%- endif %} - {%- if nfs_item.mountpoint | regex_replace('/$', '') == '/usr/sap' -%} + {%- elif nfs_item.mountpoint | regex_replace('/$', '') == '/usr/sap' -%} {%- for common in sap_storage_setup_nfs_dirs_usr_sap.all %} {%- set add_all_usrsap = mount_list.extend([ { @@ -76,6 +75,14 @@ {%- endfor %} {%- endfor %} + {%- elif nfs_item.mountpoint.startswith('/hana/') %} + {%- set add_hana = mount_list.extend([ + { + 'mount_src': nfs_item.nfs_path | regex_replace('/$', ''), + 'mountpoint': nfs_item.mountpoint | regex_replace('/$', ''), + } + ]) %} + {%- endif %} {{ mount_list }} diff --git a/roles/sap_storage_setup/tasks/generic_tasks/configure_swap.yml b/roles/sap_storage_setup/tasks/generic_tasks/configure_swap.yml index b09f3ee2c..af604c94f 100644 --- a/roles/sap_storage_setup/tasks/generic_tasks/configure_swap.yml +++ b/roles/sap_storage_setup/tasks/generic_tasks/configure_swap.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Storage Setup - Block handling the swap file # Block parameters @@ -36,7 +37,7 @@ - name: SAP Storage Setup - (swap file) Adjust file permissions ansible.builtin.file: path: "{{ swap_file.swap_path }}" - mode: 0600 + mode: "0600" - name: SAP Storage Setup - (swap file) Create and activate swap ansible.builtin.shell: | diff --git a/roles/sap_storage_setup/tasks/generic_tasks/map_single_disks_to_filesystems.yml b/roles/sap_storage_setup/tasks/generic_tasks/map_single_disks_to_filesystems.yml index b70e6574e..1fea460ed 100644 --- a/roles/sap_storage_setup/tasks/generic_tasks/map_single_disks_to_filesystems.yml +++ b/roles/sap_storage_setup/tasks/generic_tasks/map_single_disks_to_filesystems.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ########## # Creating a list of unused devices that match the requested filesystem sizes, using @@ -49,6 +50,8 @@ # defined already that is to be enhanced with single disk definitions, if # applicable. +# First pass assigns disks based on exact size. +# Second pass assigns disks based on approximate size -8GB and +8GB - name: SAP Storage Setup - Set fact for target filesystem device mapping ansible.builtin.set_fact: filesystem_device_map: "{{ filesystem_device_map | default([]) + __single_disk_to_fs_device_map }}" @@ -67,7 +70,21 @@ -%} {%- for dev in av_dev -%} + {%- if dev.value.size | regex_search('.*TB$') -%} + {% set disk_size_gb = (((( dev.value.size | replace(' TB','') | float * 1024) /8) | round(0,'ceil') * 8) | int) -%} + {%- else -%} + {% set disk_size_gb = (dev.value.size | regex_replace('(\.\d+\s*)', '') | replace('GB','') | int) -%} + {%- endif -%} + {%- if disk_size_gb == fs.disk_size + and dev.key not in assigned_dev + and dev.value.holders | length == 0 + and matching_dev | length < (fs.lvm_lv_stripes | d('1') | int) -%} + {%- set assigned = assigned_dev.append(dev.key) -%} + {%- set add = matching_dev.append('/dev/' + dev.key) -%} + {%- endif -%} + {%- endfor -%} + {%- for dev in av_dev -%} {%- if dev.value.size | regex_search('.*TB$') -%} {% set disk_size_gb = (((( dev.value.size | replace(' TB','') | float * 1024) /8) | round(0,'ceil') * 8) | int) -%} {%- else -%} @@ -81,7 +98,6 @@ {%- set assigned = assigned_dev.append(dev.key) -%} {%- set add = matching_dev.append('/dev/' + dev.key) -%} {%- endif -%} - {%- endfor -%} {%- if matching_dev | length > 0 -%} diff --git a/roles/sap_storage_setup/tasks/generic_tasks/remove_storage.yml b/roles/sap_storage_setup/tasks/generic_tasks/remove_storage.yml index d55ee4738..31a482186 100644 --- a/roles/sap_storage_setup/tasks/generic_tasks/remove_storage.yml +++ b/roles/sap_storage_setup/tasks/generic_tasks/remove_storage.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ## Unmount Filesystem diff --git a/roles/sap_storage_setup/tasks/main.yml b/roles/sap_storage_setup/tasks/main.yml index 91f3bb4af..92c813af1 100644 --- a/roles/sap_storage_setup/tasks/main.yml +++ b/roles/sap_storage_setup/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP Storage Setup - Get facts about the OS diff --git a/roles/sap_storage_setup/tasks/platform_tasks/aws_main.yml b/roles/sap_storage_setup/tasks/platform_tasks/aws_main.yml index 4fe7915fb..d417c63b9 100644 --- a/roles/sap_storage_setup/tasks/platform_tasks/aws_main.yml +++ b/roles/sap_storage_setup/tasks/platform_tasks/aws_main.yml @@ -1,2 +1,3 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Placeholder for AWS platform tasks diff --git a/roles/sap_storage_setup/tasks/platform_tasks/az_main.yml b/roles/sap_storage_setup/tasks/platform_tasks/az_main.yml index 9c5416bda..d092966a1 100644 --- a/roles/sap_storage_setup/tasks/platform_tasks/az_main.yml +++ b/roles/sap_storage_setup/tasks/platform_tasks/az_main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # TODO: review and adjust for Azure platform diff --git a/roles/sap_storage_setup/tasks/platform_tasks/prepare_storage_az.yml b/roles/sap_storage_setup/tasks/platform_tasks/prepare_storage_az.yml index c3f5f35b4..563290a8e 100644 --- a/roles/sap_storage_setup/tasks/platform_tasks/prepare_storage_az.yml +++ b/roles/sap_storage_setup/tasks/platform_tasks/prepare_storage_az.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ## Striped volume #- name: SAP Storage Preparation - {{ sap_storage_setup_cloud_type | upper }} - {{ sap_storage_setup_az_vmsize }} - {{ item.value.name }} - Striped diff --git a/roles/sap_storage_setup/tasks/platform_tasks/remove_storage_az.yml b/roles/sap_storage_setup/tasks/platform_tasks/remove_storage_az.yml index e7c8fe9bc..e3ea83328 100644 --- a/roles/sap_storage_setup/tasks/platform_tasks/remove_storage_az.yml +++ b/roles/sap_storage_setup/tasks/platform_tasks/remove_storage_az.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ## Unmount Filesystem diff --git a/roles/sap_storage_setup/vars/RedHat.yml b/roles/sap_storage_setup/vars/RedHat.yml index ef952716b..189c90d18 100644 --- a/roles/sap_storage_setup/vars/RedHat.yml +++ b/roles/sap_storage_setup/vars/RedHat.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # RHEL specific variables diff --git a/roles/sap_storage_setup/vars/Suse.yml b/roles/sap_storage_setup/vars/Suse.yml index 376d35e19..96b71ae8e 100644 --- a/roles/sap_storage_setup/vars/Suse.yml +++ b/roles/sap_storage_setup/vars/Suse.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # SLES specific variables diff --git a/roles/sap_swpm/.yamllint.yml b/roles/sap_swpm/.yamllint.yml index 57ef427c1..ee4457cfd 100644 --- a/roles/sap_swpm/.yamllint.yml +++ b/roles/sap_swpm/.yamllint.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Based on ansible-lint config extends: default @@ -7,7 +8,9 @@ rules: brackets: {max-spaces-inside: 1, level: error} # colons: {max-spaces-after: -1, level: error} # commas: {max-spaces-after: -1, level: error} - comments: disable + comments: + require-starting-space: false + min-spaces-from-content: 1 comments-indentation: disable # document-start: disable # empty-lines: {max: 3, level: error} @@ -19,3 +22,6 @@ rules: # new-lines: {type: unix} # trailing-spaces: disable truthy: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index f8a16e789..aafa3f751 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -1,236 +1,861 @@ + # sap_swpm Ansible Role + +![Ansible Lint for sap_swpm](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_swpm.yml/badge.svg) + +## Description + +The Ansible role `sap_swpm` installs various SAP Systems installable by SAP Software Provisioning Manager (SWPM). + + + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + +## Prerequisites + +Managed nodes: +- Directory with SAP Installation media is present and `sap_swpm_software_path` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community). +- Ensure that servers are configured for SAP Systems. See [Recommended](#recommended) section. +- Ensure that volumes and filesystems are configured correctly. See [Recommended](#recommended) section. + +### Prepare SAP installation media +Place a valid SAPCAR executable file in a directory specified by variable `sap_swpm_sapcar_path` (e.g. /software/sapcar). Example: `SAPCAR_1300-70007716.EXE` + +Place a valid SWPM SAR file in a directory specified by variable `sap_swpm_swpm_path` (e.g. /software/sap_swpm). Example: `SWPM20SP18_3-80003424.SAR` + +Place the following files in a directory specified by variable `sap_swpm_software_path` (e.g. /software/sap_swpm_download_basket): + - For a new installation + - Download the appropriate software from SAP Software Download Center, Maintenance Planner, etc. + - For a restore or new installation + - SAP IGS - `igs*.sar` + - SAP IGS HELPER - `igshelper*sar` + - SAP Host Agent - `SAPHOSTAGENT*SAR` + - SAP Kernel DB - `SAPEXEDB_*SAR` + - SAP Kernel DB Independent - `SAPEXE_*SAR` + - SAP HANA Client - `IMDB_CLIENT*SAR` + +Alternatively, you can place all the files mentioned above into a single directory and use the role [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) to identify the required files and set the role variables automatically so that the role `sap_swpm` has access to all the files needed for a successful installation of SAP System. + -Ansible role for SAP software installation using SWPM +## Execution + + -## Requirements + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. *`sap_swpm`* -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: +Note: For most scenarios, a database like SAP HANA must be available. Use the role [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) for installing the SAP HANA database. + -`ansible-galaxy install -vv -r meta/collection-requirements.yml` +### Execution Flow + -## Scope +### Pre-Install -This role has been tested and working for the following scenarios -- One Host Installation -- Dual Host Installation -- Distributed Installation -- System Restore -- High Availability Installation +- Determine installation type + - The product id specified determines the installation type + - standard installation + - system restore + - generic product installation + - high availability installation -This role has been tested and working for the following SAP products -- SAP S/4HANA 1809, 1909, 2020, 2021 -- SAP BW/4HANA -- SAP Solution Manager 7.2 -- SAP Netweaver Business Suite Applications (ECC, GRC, etc) -- SAP Web Dispatcher +- Get SAPCAR executable filename from `sap_swpm_sapcar_path` -> The general rule is - if the installation uses SAP SWPM then this Ansible Role can be used. +- Get SWPM executable filename from `sap_swpm_swpm_path` -### SAP Preconfigure +- Get all .SAR filenames from `sap_swpm_software_path` -- Ensure the required volumes and filesystems are configured in the host. You can use the role `sap_storage_setup` to configure this. More info [here](/roles/sap_storage_setup) +- (Optional) Update `/etc/hosts` if `sap_swpm_update_etchosts` is set to `true` (Default: `false`). -- Please run the RHEL SAP System Role `sap_general_preconfigure` for initial host configuration; as necessary, also use `sap_netweaver_preconfigure` and `sap_hana_preconfigure` +- (Optional) Apply firewall rules for SAP HANA if `sap_swpm_setup_firewall` is set to `true` (Default: `false`). -- For further guidance on using SAP SWPM for different SAP Software installations, please see System Provisioning with Software Provisioning Manager (SWPM) - [User Guides for SAP SWPM 1.0](30839dda13b2485889466316ce5b39e9/c8ed609927fa4e45988200b153ac63d1.html?locale=en-US) and [User Guides for SAP SWPM 2.0](https://help.sap.com/docs/SOFTWARE_PROVISIONING_MANAGER/30839dda13b2485889466316ce5b39e9/6865029dacbe473fadd8eff339bfa568.html?locale=en-US) +- At this stage, the role is searching for a sapinst inifile on the managed node, or it will create one: -### SAP Software Installation .SAR Files + - If a file `inifile.params` is located on the managed node in the directory specified in `sap_swpm_inifile_directory`, + the role will not create a new one but rather download this file to the control node. -1. SAPCAR executable + - If such a file does *not* exist, the role will create an SAP SWPM `inifile.params` file by one of the following methods: -2. Software Provisioning Manager .SAR file - - `SWPM*.SAR` + Method 1: Predefined sections of the file `inifile_params.j2` will be used to create the file `inifile.params`. The variable `sap_swpm_inifile_sections_list` contains a list of sections which will part of the file `inifile.params`. All other sections will be ignored. The inifile parameters themselves will be set according to other role parameters. Example: The inifile parameter `archives.downloadBasket` will be set to the content of the role parameter `sap_swpm_software_path`. -3. SAP Installation files - - For New Installation - - Download appropriate software from SAP Software Download Center, Maintenance Planner, etc - - For Restore or New Installation - - SAP IGS - `igs*.sar` - - SAP IGS HELPER - `igshelper*sar` - - SAP Host Agent - `SAPHOSTAGENT*SAR` - - SAP Kernel DB - `SAPEXEDB_*SAR` - - SAP Kernel DB Independent - `SAPEXE_*SAR` - - SAP HANA Client - `IMDB_CLIENT*SAR` + Method 2: The file `inifile.params` will be configured from the content of the dictionary `sap_swpm_inifile_parameters_dict`. This dictionary is defined like in the following example: -4. SAP HANA Database MDC DB Tenant Backup (for restore) - - stored on the local disk of the machine where the SAP HANA database server will reside +``` +sap_swpm_inifile_parameters_dict: + archives.downloadBasket: /software/download_basket + NW_getFQDN.FQDN: example.com +``` - NOTE: Specific media requirements will use format `SAPINST.CD.PACKAGE. = `, and the media names can be discovered by using this command on the SWPM directory `grep -rwh " -Please check the default parameters file for more information on other parameters that can be used as an input: -- [**sap_swpm** default parameters](defaults/main.yml) +### Example + -Sample Playbooks and sample parameters are shown in the Ansible Collection `/playbooks` directory. +#### Playbook for installing a SAP ABAP ASCS instance in distributed system with [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) role +Example shows execution together with [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) role, which sets required variables for `sap_swpm` role.
+```yaml +--- +- name: Ansible Play for SAP ABAP ASCS installation in distributed system + hosts: nwas_ascs + become: true + any_errors_fatal: true + max_fail_percentage: 0 + tasks: + + - name: Execute Ansible Role sap_install_media_detect + ansible.builtin.include_role: + name: community.sap_install.sap_install_media_detect + vars: + sap_install_media_detect_swpm: true + sap_install_media_detect_hostagent: true + sap_install_media_detect_igs: true + sap_install_media_detect_kernel: true + sap_install_media_detect_webdisp: false + sap_install_media_detect_source_directory: /software + + - name: Execute Ansible Role sap_swpm + ansible.builtin.include_role: + name: community.sap_install.sap_swpm + vars: + sap_swpm_sid: AE1 + sap_swpm_virtual_hostname: ae1ascs + sap_swpm_ascs_instance_nr: "01" + sap_swpm_master_password: "Password@1" # Do not use, this is example only! + sap_swpm_ddic_000_password: "Password@1" # Do not use, this is example only! + sap_swpm_sapadm_uid: "3000" + sap_swpm_sapsys_gid: "3001" + sap_swpm_sidadm_uid: "3001" + sap_swpm_product_catalog_id: NW_ABAP_ASCS:NW750.HDB.ABAPHA + sap_swpm_inifile_sections_list: + - swpm_installation_media + - swpm_installation_media_swpm1 + - credentials + - credentials_hana + - db_config_hana + - db_connection_nw_hana + - nw_config_other + - nw_config_central_services_abap + - nw_config_primary_application_server_instance + - nw_config_ports + - nw_config_host_agent + - sap_os_linux_user + + sap_swpm_role_parameters_dict: + sap_swpm_install_saphostagent: 'true' +``` -The Ansible Collection `/playbooks` directory includes sample playbooks for using the `sap_swpm` Ansible Role in the following 'modes': -- Default -- Default Templates -- Advanced -- Advanced Templates -- Inifile Reuse + -The Ansible Collection `/playbooks/vars` directory includes sample variable files for: -- `sap_swpm` 'Default mode' to generate inifile.params of... - - SAP BW/4HANA OneHost - - SAP S/4HANA Distributed - ASCS, DBCI, ERS, PAS - - SAP S/4HANA OneHost - - SAP S/4HANA System Copy OneHost - - SAP Solution Manager (ABAP) - - SAP Solution Manager (JAVA) - - SAP Web Dispatcher - - SAP System Rename -- `sap_swpm` 'Default Templates mode' to generate inifile.params of... - - SAP S/4HANA OneHost - - SAP S/4HANA System Copy OneHost - - SAP System Rename -- `sap_swpm` 'Advanced mode' to generate inifile.params of... - - SAP S/4HANA OneHost -- `sap_swpm` 'Advanced Templates mode' to generate inifile.params of... - - SAP BW/4HANA OneHost - - SAP S/4HANA Distributed - ASCS, DBCI, ERS, PAS - - SAP S/4HANA OneHost - - SAP S/4HANA System Copy OneHost - - SAP Solution Manager (ABAP) - - SAP Solution Manager (JAVA) - - SAP Web Dispatcher - - SAP System Rename -- `sap_swpm` 'Inifile Reuse mode' inifile.params file for... - - SAP S/4HANA OneHost - -NOTE: these are only sample files, they are meant to be edited by the user before execution and do not cover all scenarios possible (the Ansible Role can execute ant SAP SWPM installation) + +### Role Tags +With the following tags, the role can be called to perform certain activities only: +- tag `sap_swpm_generate_inifile`: Only create the sapinst inifile, without running most of the preinstall steps. + This can be useful for checking if the inifile is created as desired. +- tag `sap_swpm_sapinst_commandline`: Only show the sapinst command line. +- tag `sap_swpm_pre_install`: Perform all preinstallation steps, then exit. +- tag `sap_swpm_setup_firewall`: Only perform the firewall preinstallation settings (but only if variable `sap_swpm_setup_firewall` is set to `true`). +- tag `sap_swpm_update_etchosts`: Only update file `/etc/hosts` (but only if variable `sap_swpm_update_etchosts` is set to `true`). + -## Execution +## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) +- [Sean Freeman](https://github.com/seanfreeman) + + +## Role Variables + +**NOTE: Discontinued variables:** +- `sap_swpm_ansible_role_mode` -Sample Ansible Playbook Execution +### Variables for creating sapinst inifile -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-swpm.yml -e "@inputs/S4H.install"` +#### sap_swpm_run_sapinst +- _Type:_ `bool` +- _Default:_ `true` -- Target Host Installation - - `ansible-playbook -i "" sap-swpm.yml -e "@inputs/S4H.install"` +Set to `false` to disable execution of sapinst after creation of inifile. -### Sample Playbook +### Variables for controlling contents of inifile + +#### sap_swpm_inifile_sections_list +- _Type:_ `list` +- _Default:_ ```yaml ---- -- hosts: all - become: true - roles: - - { role: sap_swpm } +sap_swpm_inifile_sections_list: + - swpm_installation_media + - swpm_installation_media_swpm2_hana + - credentials + - credentials_hana + - db_config_hana + - db_connection_nw_hana + - db_restore_hana + - nw_config_other + - nw_config_central_services_abap + - nw_config_primary_application_server_instance + - nw_config_ports + - nw_config_host_agent + - sap_os_linux_user ``` -## Execution Flow +Define list of sections that will be used to control parameters added into sapinst inifile. +Available values: +```yaml +sap_swpm_inifile_sections_list: + - swpm_installation_media + - swpm_installation_media_swpm2_hana + - swpm_installation_media_swpm1 + - swpm_installation_media_swpm1_exportfiles + - swpm_installation_media_swpm1_ibmdb2 + - swpm_installation_media_swpm1_oracledb_121 + - swpm_installation_media_swpm1_oracledb_122 + - swpm_installation_media_swpm1_oracledb_19 + - swpm_installation_media_swpm1_sapase + - swpm_installation_media_swpm1_sapmaxdb + - maintenance_plan_stack_tms_config + - maintenance_plan_stack_tms_transports + - maintenance_plan_stack_spam_config + - maintenance_plan_stack_sum_config + - maintenance_plan_stack_sum_10_batch_mode + - credentials + - credentials_hana + - credentials_anydb_ibmdb2 + - credentials_anydb_oracledb + - credentials_anydb_sapase + - credentials_anydb_sapmaxdb + - credentials_nwas_ssfs + - credentials_hdbuserstore + - db_config_hana + - db_config_anydb_all + - db_config_anydb_ibmdb2 + - db_config_anydb_oracledb + - db_config_anydb_oracledb_121 + - db_config_anydb_oracledb_122 + - db_config_anydb_oracledb_19 + - db_config_anydb_sapase + - db_config_anydb_sapmaxdb + - db_connection_nw_hana + - db_connection_nw_anydb_ibmdb2 + - db_connection_nw_anydb_oracledb + - db_connection_nw_anydb_sapase + - db_restore_hana + - nw_config_anydb + - nw_config_other + - nw_config_central_services_abap + - nw_config_central_services_java + - nw_config_primary_application_server_instance + - nw_config_additional_application_server_instance + - nw_config_ers + - nw_config_ports + - nw_config_java_ume + - nw_config_java_feature_template_ids + - nw_config_java_icm_credentials + - nw_config_webdisp_generic + - nw_config_webdisp_gateway + - nw_config_host_agent + - nw_config_post_load_abap_reports + - nw_config_livecache + - nw_config_sld + - nw_config_abap_language_packages + - sap_os_linux_user +``` -### Pre-Install -- Determine installation type - - The product id specified determines the installation type - - standard installation - - system restore - - generic product installation - - high availability installation +### Variables to define software paths -- Get SAPCAR executable filename from `sap_swpm_sapcar_path` +#### sap_swpm_sapcar_path +- _Type:_ `string` -- Get SWPM executable filename from `sap_swpm_swpm_path` +Define path to directory with SAPCAR file. -- Get all .SAR filenames from `sap_swpm_software_path` +#### sap_swpm_sapcar_file_name +- _Type:_ `string` -- Update `/etc/hosts` (optional - yes by default) +(Optional) Define name of SAPCAR file, or leave for auto-detection. -- Apply firewall rules for SAP HANA (optional - no by default) +#### sap_swpm_swpm_path +- _Type:_ `string` -- Process SAP SWPM `inifile.params` based on inputs +Define path to directory with SWPM. -### SAP SWPM +#### sap_swpm_swpm_sar_file_name +- _Type:_ `string` -- Execute SWPM +(Optional) Define name of SWPM file, or leave for auto-detection. -### Post-Install +#### sap_swpm_software_extract_directory +- _Type:_ `string` -- Set expiry of Unix created users to 'never' +(Optional) Define path to directory with unpacked SWPM file. -- Apply firewall rules for SAP NW (optional - no by default) +#### sap_swpm_software_use_media +- _Type:_ `bool` +- _Default:_ `false` +Set to `true` to use SAP Media files instead of SAR files.
+- SWPM2 (New SAP products like S4H, BW4H) uses SAR files.
+- SWPM1 (Older SAP products) use CD Media files. -## Execution Modes +#### sap_swpm_inifile_directory +- _Type:_ `string` -Every SAP Software installation via SAP Software Provisioning Manager (SWPM) is possible, there are different Ansible Role execution modes available: +Define directory where sapinst inifile will be stored. -- Default (`sap_swpm_templates_product_input: default`), run software install tasks using easy Ansible Variable to generate SWPM Unattended installations - - Default Templates (`sap_swpm_templates_product_input: default_templates`), optional use of templating definitions for repeated installations -- Advanced (`sap_swpm_templates_product_input: advanced`), run software install tasks with Ansible Variables one-to-one matched to SWPM Unattended Inifile parameters to generate bespoke SWPM Unattended installations - - Advanced Templates (`sap_swpm_templates_product_input: advanced_templates`), optional use of templating definitions for repeated installations -- Inifile Reuse (`sap_swpm_templates_product_input: inifile_reuse`), run previously-defined installations with an existing SWPM Unattended inifile.params +#### sap_swpm_install_saphostagent +- _Type:_ `bool` +- _Default:_ `true` -### Default Templates mode variables +Set to `false` to disable installation of SAP Hostagent. **Not recommended** -Example using all inifile list parameters with the Default Templates mode to install SAP ECC EhP8 on IBM Db2: -``` -sap_swpm_ansible_role_mode: default_templates -sap_swpm_templates_product_input: default_templates - -sap_swpm_templates_install_dictionary: - - template_name_ecc_ehp8_ibmdb2: - - sap_swpm_product_catalog_id: NW_ABAP_OneHost:BS2016.ERP608.DB6.PD - sap_swpm_inifile_dictionary: - sap_swpm_sid: - ... - sap_swpm_inifile_list: - - swpm_installation_media - - swpm_installation_media_swpm1 - - swpm_installation_media_swpm1_exportfiles - - swpm_installation_media_swpm1_ibmdb2 - - sum_config - - credentials - - credentials_anydb_ibmdb2 - - db_config_anydb_all - - db_config_anydb_ibmdb2 - - db_connection_nw_anydb_ibmdb2 - - nw_config_anydb - - nw_config_other - - nw_config_central_services_abap - # - nw_config_central_services_java - - nw_config_primary_application_server_instance - - nw_config_ports - - nw_config_host_agent - # - nw_config_post_abap_reports - - sap_os_linux_user -``` +### Variables specific to SAP Netweaver -## Tags +#### sap_swpm_product_catalog_id +- _Type:_ `string` -With the following tags, the role can be called to perform certain activities only: -- tag `sap_swpm_generate_inifile`: Only create the sapinst inifile. This can be useful for checking if the inifile is created as desired. -- tag `sap_swpm_sapinst_commandline`: Only show the sapinst command line. -- tag `sap_swpm_pre_install`: Perform all preinstallation steps, then exit. -- tag `sap_swpm_setup_firewall`: Only perform the firewall preinstallation settings (but only if variable `sap_swpm_setup_firewall` is set to `true`). -- tag `sap_swpm_update_etchosts`: Only update file `/etc/hosts` (but only if variable `sap_swpm_update_etchosts` is set to `true`). +Define SWPM Product catalog ID for installation. Example for SAP ASCS Netweaver: `NW_ABAP_ASCS:NW750.HDB.ABAPHA`. -## License +#### sap_swpm_sid +- _Type:_ `string` + +Define SAP System ID (SID) for installation. + +#### sap_swpm_ascs_instance_nr +- _Type:_ `string` + +Define SAP Netweaver ABAP Central Services (ASCS) instance number. + +#### sap_swpm_ascs_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver ABAP Central Services (ASCS) hostname. + +#### sap_swpm_ers_instance_nr +- _Type:_ `string` + +Define SAP Netweaver Enqueue Replication Server (ERS) instance number. + +#### sap_swpm_ers_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver Enqueue Replication Server (ERS) hostname. + +#### sap_swpm_pas_instance_nr +- _Type:_ `string` + +Define SAP Netweaver Primary Application Server (PAS) instance number. + +#### sap_swpm_pas_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver Primary Application Server (PAS) hostname. + +#### sap_swpm_aas_instance_nr +- _Type:_ `string` + +Define SAP Netweaver Additional Application Server (AAS) instance number. + +#### sap_swpm_aas_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver Additional Application Server (AAS) hostname. + +#### sap_swpm_java_scs_instance_nr +- _Type:_ `string` + +Define SAP Netweaver JAVA Central Services (SCS) instance number. + +#### sap_swpm_java_scs_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver JAVA Central Services (SCS) hostname. + +#### sap_swpm_master_password +- _Type:_ `string` + +Define master password used for all users created during SWPM execution. + +#### sap_swpm_ddic_000_password +- _Type:_ `string` + +Define DDIC user password in client 000 for new install, or existing for restore. + +#### sap_swpm_virtual_hostname +- _Type:_ `string` + +Define virtual hostname when installing High Available instances (e.g. SAP ASCS/ERS cluster). +The role attempts to resolve `sap_swpm_virtual_hostname` on the managed node, using DNS and /etc/hosts, and will fail +if this hostname resolution fails. The role will also fail if the IPv4 address for `sap_swpm_virtual_hostname` is +not part of the IPv4 addresses of the managed node. + +### Variables specific to SAP HANA Database Installation + +#### sap_swpm_db_ip +- _Type:_ `string` + +Define IP Address of database host for /etc/hosts update. + +#### sap_swpm_db_fqdn +- _Type:_ `string` + +Define FQDN of database host for /etc/hosts update. + +#### sap_swpm_db_host +- _Type:_ `string` + +Define hostname of database host for /etc/hosts update. + +#### sap_swpm_db_sid +- _Type:_ `string` + +Define database ID (SID). + +#### sap_swpm_db_instance_nr +- _Type:_ `string` + +Define database instance number. + +#### sap_swpm_db_system_password +- _Type:_ `string` + +Define database SYSTEM user password. + +#### sap_swpm_db_systemdb_password +- _Type:_ `string` + +Define database SYSTEMDB user password. + +#### sap_swpm_db_sidadm_password +- _Type:_ `string` + +Define database sidadm user password. + +#### sap_swpm_db_schema_abap +- _Type:_ `string` + +Define ABAP database schema name based on database type:
+- `SAPHANADB` for SAP HANA +- `ABAP` or `SAPABAP1` on IBM Db2 +- `SAPSR3` on Oracle DB + +#### sap_swpm_db_schema_abap_password +- _Type:_ `string` + +Define ABAP database schema password for new installation or restore from backup. + +#### sap_swpm_db_schema_java +- _Type:_ `string` + +Define JAVA database schema name. + +#### sap_swpm_db_schema_java_password +- _Type:_ `string` + +Define JAVA database schema password for new installation or restore from backup. + +#### sap_swpm_db_schema +- _Type:_ `string` + +#### sap_swpm_db_schema_password: +- _Type:_ `string` + + +### Variables specific to SAP JAVA UME + +#### sap_swpm_ume_client_nr +- _Type:_ `string` +- _Default:_ `000` + +Define client number of JAVA UME. + +#### sap_swpm_ume_type +- _Type:_ `string` + +Define type of JAVA UME. + +#### sap_swpm_ume_instance_nr +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_pas_instance_nr }}` + +Define instance number of JAVA UME. + +#### sap_swpm_ume_j2ee_admin_password +- _Type:_ `string` + +Define admin password for JAVA UME. + +#### sap_swpm_ume_j2ee_guest_password +- _Type:_ `string` + +Define guest password for JAVA UME. + +#### sap_swpm_ume_sapjsf_password +- _Type:_ `string` + +Define sapjsf password for JAVA UME. + +#### sap_swpm_ume_instance_hostname +- _Type:_ `string` + +Define instance hostname of JAVA UME. + + +### Variables specific to SAP HANA Database Restore + +#### sap_swpm_backup_location +- _Type:_ `string` + +Define directory with SAP HANA Backup files. + +#### sap_swpm_backup_prefix +- _Type:_ `string` + +Define prefix of SAP HANA Backup files. + +#### sap_swpm_backup_system_password +- _Type:_ `string` + +Define SAP HANA SYSTEM password from source database. + + +### Variables specific to SAP Web Dispatcher + +#### sap_swpm_wd_instance_nr +- _Type:_ `string` + +Define instance number of SAP Web Dispatcher. + +#### sap_swpm_wd_system_connectivity +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to set parameter `configureSystemConnectivity` to true during installation. + +#### sap_swpm_wd_activate_icf +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to activate ICF. + +#### sap_swpm_wd_backend_sid +- _Type:_ `string` + +Define backend SID for SAP Web Dispatcher connection. + +#### sap_swpm_wd_backend_ms_http_port +- _Type:_ `string` + +Define backend message server HTTP port for SAP Web Dispatcher connection. + +#### sap_swpm_wd_backend_ms_host +- _Type:_ `string` + +Define backend message server hostname for SAP Web Dispatcher connection. + +#### sap_swpm_wd_backend_rfc_host +- _Type:_ `string` + +Define backend hostname for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_rfc_instance_nr +- _Type:_ `string` + +Define backend instance number for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_rfc_client_nr +- _Type:_ `string` +- _Default:_ `000` + +Define backend SAP client for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_rfc_user +- _Type:_ `string` +- _Default:_ `DDIC` + +Define backend SAP user for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_rfc_user_password +- _Type:_ `string` + +Define password for backend SAP user for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_scenario_size +- _Type:_ `string` + +Define to set parameter `scenarioSize` during installation. + +#### sap_swpm_wd_virtual_host +- _Type:_ `string` + +Define virtual hostname of SAP Web Dispatcher. + + +### Variables for Linux User + +#### sap_swpm_sapadm_password +- _Type:_ `string` + +Define password for Linux user SAPADM. + +#### sap_swpm_sap_sidadm_password +- _Type:_ `string` + +Define password for Linux user SIDADM. + +#### sap_swpm_sapadm_uid +- _Type:_ `string` + +Define UID of Linux user SAPADM. + +#### sap_swpm_sapsys_gid +- _Type:_ `string` + +Define GID of Linux group SAPSYS. + +#### sap_swpm_sidadm_uid +- _Type:_ `string` + +Define UID of Linux user SIDADM. + + +### Miscellaneous Variables + +#### sap_swpm_ascs_install_gateway +- _Type:_ `string` +- _Default:_ `true` + +Enable to install gateway as part of ASCS installation. + +#### sap_swpm_parallel_jobs_nr +- _Type:_ `string` +- _Default:_ `23` + +Define to limit number of parallel extraction SAP HANA jobs. + +#### sap_swpm_diagnostics_agent_password +- _Type:_ `string` + +Define password for Diagnostic Agent. + +#### sap_swpm_igs_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for SAP IGS file. `sap_swpm_software_path` is used by default. + +#### sap_swpm_igs_file_name +- _Type:_ `string` + +Define individual name of SAP IGS file. Newest file is auto-detected in `sap_swpm_igs_path`. + +#### sap_swpm_igs_helper_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for SAP IGS Helper file. `sap_swpm_software_path` is used by default. + +#### sap_swpm_igs_helper_file_name +- _Type:_ `string` + +Define individual name of SAP IGS Helper file. Newest file is auto-detected in `sap_swpm_igs_helper_path`. + +#### sap_swpm_kernel_dependent_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for Database dependent kernel files. `sap_swpm_software_path` is used by default. + +#### sap_swpm_kernel_dependent_file_name +- _Type:_ `string` + +Define individual name of Database dependent kernel file. Newest file is auto-detected in `sap_swpm_kernel_dependent_path`. + +#### sap_swpm_kernel_independent_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for Database independent kernel files. `sap_swpm_software_path` is used by default. + +#### sap_swpm_kernel_independent_file_name +- _Type:_ `string` + +Define individual name of Database independent kernel file. Newest file is auto-detected in `sap_swpm_kernel_independent_path`. + +#### sap_swpm_web_dispatcher_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for SAP Web Dispatcher files. `sap_swpm_software_path` is used by default. + +#### sap_swpm_web_dispatcher_file_name +- _Type:_ `string` + +Define individual name of SAP Web Dispatcher file. Newest file is auto-detected in `sap_swpm_web_dispatcher_path`. + +#### sap_swpm_fqdn +- _Type:_ `string` + +Define FQDN for SAP Installation. + +#### sap_swpm_set_fqdn +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` to disable enabling of FQDN during SWPM. + +#### sap_swpm_use_password_file +- _Type:_ `string` +- _Default:_ `n` + +Set to `y` to use encrypted password file for SWPM execution.
Location has to be same as parameter file location. + +#### sap_swpm_password_file_path +- _Type:_ `string` + +Define path to encrypted password file, used when `sap_swpm_use_password_file` is set to `y`. + +#### sap_swpm_use_livecache +- _Type:_ `bool` +- _Default:_ `false` + +Enable to use Livecache + +#### sap_swpm_load_type +- _Type:_ `string` +- _Default:_ `SAP` + +Define load type parameter `loadType`. + +#### sap_swpm_generic +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to execute `sap_swpm` role in generic auto-detection mode, ignoring steps for individual detection. + +#### sap_swpm_swpm_installation_type +- _Type:_ `string` + +Define installation type method. Available types: `restore`, `ha`, `maint_plan_stack`, `ha_maint_plan_stack`.
+Installation type is auto-detected from `sap_swpm_product_catalog_id`. + +#### sap_swpm_swpm_command_virtual_hostname +- _Type:_ `string` + +Define to override default virtual hostname `sap_swpm_virtual_hostname` sapinst command used for HA installation. + +#### sap_swpm_swpm_command_mp_stack +- _Type:_ `string` + +Define to override default sapinst command parameter for Maintenance Plan stack file. + +#### sap_swpm_setup_firewall +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to configure firewall after SWPM execution. + +#### sap_swpm_update_etchosts +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to to update `/etc/hosts` file with SAP system details for SWPM execution. + +#### sap_swpm_display_unattended_output +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to display what sapinst command is being executed. + + +### Variables for setting owner, group, and permissions for the SAP files in `sap_swpm_software_path` + +#### sap_swpm_set_file_permissions +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` to not change the owner, group, and permissions of the files in `sap_swpm_software_path`. + +#### sap_swpm_software_directory_mode +- _Type:_ `string` +- _Default:_ `0755` + +Set permissions for all directories in `sap_swpm_software_path`. + +#### sap_swpm_software_directory_owner +- _Type:_ `string` +- _Default:_ `root` + +Set owner for all directories in `sap_swpm_software_path`. + +#### sap_swpm_software_directory_group +- _Type:_ `string` +- _Default:_ `root` + +Set group ownership for all directories in `sap_swpm_software_path`. + +#### sap_swpm_files_sapcar_mode +- _Type:_ `string` +- _Default:_ `0755` + +Set permissions for SAPCAR file in `sap_swpm_sapcar_path`. + +#### sap_swpm_files_sapcar_owner +- _Type:_ `string` +- _Default:_ `root` + +Set owner for SAPCAR file in `sap_swpm_sapcar_path`. + +#### sap_swpm_files_sapcar_group +- _Type:_ `string` +- _Default:_ `root` + +Set group ownership for SAPCAR file in `sap_swpm_sapcar_path`. + +#### sap_swpm_files_non_sapcar_mode +- _Type:_ `string` +- _Default:_ `0644` + +Set permissions for all non-SAPCAR files in `sap_swpm_software_path` and for SWPM*.SAR files in `sap_swpm_swpm_path`. + +#### sap_swpm_files_non_sapcar_owner +- _Type:_ `string` +- _Default:_ `root` -Apache license 2.0 +Set owner for all non-SAPCAR files in `sap_swpm_software_path` and for SWPM*.SAR files in `sap_swpm_swpm_path`. -## Author Information +#### sap_swpm_files_non_sapcar_group +- _Type:_ `string` +- _Default:_ `root` -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Jason Masipiquena, Sean Freeman, Bernd Finger, Markus Koch +Set group ownership for all non-SAPCAR files in `sap_swpm_software_path` and for SWPM*.SAR files in `sap_swpm_swpm_path`. + diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index c3956bf99..28913cb74 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -1,10 +1,12 @@ +# SPDX-License-Identifier: Apache-2.0 --- ######################################## # SWPM Ansible Role variables ######################################## -sap_swpm_ansible_role_mode: "default" +# We do not use role modes any more: +# sap_swpm_ansible_role_mode: "default" # default # default_templates # advanced @@ -44,22 +46,21 @@ sap_swpm_files_non_sapcar_group: root ######################################## # SWPM Ansible Role variables -# for Inifile Reuse, Advanced, and Defaults/Advanced Templates Mode +# for creating the sapinst inifile ######################################## +# Have the role run the sapinst command with an existing inifile or after creating the inifile: +sap_swpm_run_sapinst: true + # Inifile Reuse Mode sap_swpm_inifile_reuse_source: sap_swpm_inifile_reuse_destination: -# Advanced Mode -#sap_swpm_inifile_custom_values_dictionary: +#sap_swpm_inifile_parameters_dict: # archives.downloadBasket: /software/download_basket # NW_getFQDN.FQDN: poc.cloud ## add.additional.parameters: '' -# Default/Advanced Templates Mode -#sap_swpm_templates_product_input: "" - ######################################## # SWPM Ansible Role variables @@ -67,7 +68,7 @@ sap_swpm_inifile_reuse_destination: # - List of inifile parameters to generate ######################################## -sap_swpm_inifile_list: +sap_swpm_inifile_sections_list: - swpm_installation_media - swpm_installation_media_swpm2_hana # - swpm_installation_media_swpm1 @@ -138,7 +139,8 @@ sap_swpm_inifile_list: ######################################## # SAP product that will be installed and passed as argument to the sapinst installer, example 'NW_ABAP_OneHost:S4HANA2020.CORE.HDB.ABAP' -sap_swpm_product_catalog_id: +# Needs to be defined in the playbook or inventory or can be determined from an existing inifile.params file. +#sap_swpm_product_catalog_id: # SAPCAR path and file name, only path is mandatory. The script will automatically get file_name sap_swpm_sapcar_path: @@ -152,10 +154,10 @@ sap_swpm_software_extract_directory: # e.g. /software/sap_swpm_extracted # Note: # When using SWPM2 (for modern SAP products such as S/4 B/4), using .SAR files is recommended - param value should be false # When using SWPM1 (for older SAP products), using CD Media is the only choice - param value should be true -sap_swpm_software_use_media: 'false' +sap_swpm_software_use_media: false # Main path that this role will look for .SAR files -sap_swpm_software_path: +#sap_swpm_software_path: /software/sapfiles ## This directory path should include these files: ## - igs*sar ## - igshelper*sar @@ -164,6 +166,10 @@ sap_swpm_software_path: ## - IMDB_CLIENT*SAR ## - SAPHOSTAGENT*SAR +# Directory in which a sapinst inifile which is to be used by the role can be stored: +sap_swpm_inifile_directory: '/software/sap_swpm/inifiles' +#sap_swpm_local_inifile_directory: '/tmp/inifiles' + # SWPM1 - paths that this role will look for CD Media software sap_swpm_cd_export_pt1_path: sap_swpm_cd_export_pt2_path: @@ -184,17 +190,27 @@ sap_swpm_ibmdb2_unpack_path: "/db2/db2{{ sap_swpm_db_sid | lower }}/db2_software sap_swpm_mp_stack_path: sap_swpm_mp_stack_file_name: # SUM -sap_swpm_sum_prepare: 'false' -sap_swpm_sum_start: 'false' +sap_swpm_sum_prepare: false +sap_swpm_sum_start: false sap_swpm_sum_batch_file: -sap_swpm_spam_update: 'false' +sap_swpm_spam_update: false sap_swpm_spam_update_sar: -sap_swpm_configure_tms: 'true' +sap_swpm_configure_tms: true sap_swpm_tmsadm_password: sap_swpm_tms_tr_files_path: # --- Experimental --- # -sap_swpm_install_saphostagent: 'true' +# --- Experimental - SWPM Observer mode --- # +# Enables observer mode of SWPM - TO BE USED for debugging/troubleshooting mainly +# This allows user to watch the installation progress from a browser (on standard port 4237) and possibly interact with it +# Note: Interaction can impact the automated installation and may result in the need for further manual actions in order to complete the installation +sap_swpm_swpm_observer_mode: false +# Allows to specify a different remote access user (e.g. when root's password is unknown). Default SWPM behaviour is to use root. This may not be desirable as +# root's password may not be available for security reasons. The remote access user must exist before SWPM is executed (i.e. adm can't be used if it doesn't exist yet). +sap_swpm_swpm_remote_access_user: +# --- Experimental - SWPM Observer mode --- # + +sap_swpm_install_saphostagent: true ######################################## @@ -214,6 +230,7 @@ sap_swpm_aas_instance_nr: "" sap_swpm_aas_instance_hostname: "" sap_swpm_java_scs_instance_nr: "" +sap_swpm_java_scs_instance_hostname: "" # Password used for all users created during SWPM installation sap_swpm_master_password: @@ -224,7 +241,7 @@ sap_swpm_ddic_000_password: # initial = not an HA setup # set this in the input file when installing ascs, ers to indicate an HA setup -sap_swpm_virtual_hostname: "initial" +sap_swpm_virtual_hostname: ######################################## @@ -340,7 +357,7 @@ sap_swpm_backup_prefix: sap_swpm_backup_system_password: # ASCS Install Gateway -sap_swpm_ascs_install_gateway: "true" +sap_swpm_ascs_install_gateway: true ######################################## @@ -351,8 +368,8 @@ sap_swpm_ascs_install_gateway: "true" sap_swpm_wd_instance_nr: -sap_swpm_wd_system_connectivity: 'false' -sap_swpm_wd_activate_icf: 'false' +sap_swpm_wd_system_connectivity: false +sap_swpm_wd_activate_icf: false sap_swpm_wd_backend_sid: sap_swpm_wd_backend_ms_http_port: sap_swpm_wd_backend_ms_host: @@ -405,18 +422,18 @@ sap_swpm_kernel_independent_file_name: sap_swpm_web_dispatcher_path: sap_swpm_web_dispatcher_file_name: sap_swpm_fqdn: -sap_swpm_set_fqdn: "true" +sap_swpm_set_fqdn: true # If the template to use already has the passwords and they are encrypted the password file must be in the same path as the parameter file -sap_swpm_use_password_file: "n" +sap_swpm_use_password_file: false sap_swpm_password_file_path: -sap_swpm_use_livecache: "false" +sap_swpm_use_livecache: false sap_swpm_ddic_001_password: sap_swpm_load_type: 'SAP' -sap_swpm_generic: 'false' +sap_swpm_generic: false # SWPM sap_swpm_swpm_installation_type: "" @@ -425,10 +442,10 @@ sap_swpm_swpm_command_virtual_hostname: "" sap_swpm_swpm_command_mp_stack: "" # Firewall setup -sap_swpm_setup_firewall: 'false' +sap_swpm_setup_firewall: false # Update /etc/hosts -sap_swpm_update_etchosts: 'false' +sap_swpm_update_etchosts: false # Display SAP SWPM Unattended Mode output (sapinst stdout) sap_swpm_display_unattended_output: false diff --git a/roles/sap_swpm/meta/collection-requirements.yml b/roles/sap_swpm/meta/collection-requirements.yml index a6d0e8348..c7f1b1f6d 100644 --- a/roles/sap_swpm/meta/collection-requirements.yml +++ b/roles/sap_swpm/meta/collection-requirements.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- collections: diff --git a/roles/sap_swpm/meta/main.yml b/roles/sap_swpm/meta/main.yml index 30b769844..68c1f88a5 100644 --- a/roles/sap_swpm/meta/main.yml +++ b/roles/sap_swpm/meta/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- galaxy_info: namespace: community diff --git a/roles/sap_swpm/requirements.yml b/roles/sap_swpm/requirements.yml deleted file mode 100644 index ab387e515..000000000 --- a/roles/sap_swpm/requirements.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -collections: - - name: https://github.com/ansible-collections/community.general - type: git - version: main diff --git a/roles/sap_swpm/tasks/main.yml b/roles/sap_swpm/tasks/main.yml index aa16a779e..a35c3967d 100644 --- a/roles/sap_swpm/tasks/main.yml +++ b/roles/sap_swpm/tasks/main.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP SWPM - run pre_install tasks @@ -8,8 +9,10 @@ - name: SAP SWPM - run swpm ansible.builtin.import_tasks: swpm.yml + when: sap_swpm_run_sapinst tags: - sap_swpm_install - name: SAP SWPM - run postinstall task ansible.builtin.import_tasks: post_install.yml + when: sap_swpm_run_sapinst diff --git a/roles/sap_swpm/tasks/post_install.yml b/roles/sap_swpm/tasks/post_install.yml index 4e0d39968..65fba3cf0 100644 --- a/roles/sap_swpm/tasks/post_install.yml +++ b/roles/sap_swpm/tasks/post_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Reason for noqa: The command might change things but we do not yet attempt to find out @@ -16,7 +17,7 @@ - name: SAP SWPM Post Install - Firewall Setup ansible.builtin.include_tasks: post_install/firewall.yml when: - - "sap_swpm_setup_firewall | bool" + - sap_swpm_setup_firewall ######################################################################################################################## @@ -26,8 +27,8 @@ - ' SAP SWPM deployment successfully completed ' - ' ' - ' SAP Product - {{ sap_swpm_product_catalog_id }} ' - - ' SID - {{ sap_swpm_sid }} ' - - ' Primary Instance - {{ sap_swpm_pas_instance_nr }} ' + - ' SID - {{ sap_swpm_sid | d("") }} ' + - ' Primary Instance - {{ sap_swpm_pas_instance_nr | d("") }} ' - ' Host - {{ ansible_hostname }} ' - ' FQDN - {{ ansible_fqdn }} ' - ' IP - {{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }} ' @@ -46,7 +47,7 @@ /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore \ SET DEFAULT \ {{ sap_swpm_db_host }}:3{{ sap_swpm_db_instance_nr }}13@{{ sap_swpm_db_sid }} \ - {{ sap_swpm_db_schema_abap }} '{{ sap_swpm_db_system_password }}' + {{ sap_swpm_db_schema_abap }} '{{ sap_swpm_db_schema_abap_password }}' args: executable: /bin/bash become: true diff --git a/roles/sap_swpm/tasks/post_install/firewall.yml b/roles/sap_swpm/tasks/post_install/firewall.yml index e8c5b3904..fb7b1a219 100644 --- a/roles/sap_swpm/tasks/post_install/firewall.yml +++ b/roles/sap_swpm/tasks/post_install/firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP SWPM Post Install - Firewall Setup diff --git a/roles/sap_swpm/tasks/post_install/update_firewall.yml b/roles/sap_swpm/tasks/post_install/update_firewall.yml index bf77074d1..331e88daa 100644 --- a/roles/sap_swpm/tasks/post_install/update_firewall.yml +++ b/roles/sap_swpm/tasks/post_install/update_firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # This task requires the variable passed_port diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 7e0cb7a6f..9d406993f 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -1,41 +1,165 @@ +# SPDX-License-Identifier: Apache-2.0 --- +- name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_sections_list' from 'sap_swpm_inifile_list' if necessary + ansible.builtin.set_fact: + sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_list }}" + when: + - sap_swpm_inifile_sections_list is undefined + - sap_swpm_inifile_list is defined + tags: always + +- name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_parameters_dict' from 'sap_swpm_inifile_custom_values_dictionary' if necessary + ansible.builtin.set_fact: + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_custom_values_dictionary }}" + when: + - sap_swpm_inifile_parameters_dict is undefined + - sap_swpm_inifile_custom_values_dictionary is defined + tags: always + +# Note: Variable definitions in sap_swpm_templates_install_dictionary will overwrite existing top level definitions. +- name: SAP SWPM Pre Install - Define variables from 'sap_swpm_templates_install_dictionary' if present + when: sap_swpm_templates_install_dictionary is defined + tags: always + block: + + - name: SAP SWPM Pre Install - Display 'sap_swpm_templates_product_input' + ansible.builtin.debug: + msg: + - "sap_swpm_templates_product_input: >{{ sap_swpm_templates_product_input }}<" + ignore_errors: true + + - name: SAP SWPM Pre Install - Fail if 'sap_swpm_inifile_sections_list' and 'sap_swpm_inifile_list' are both defined in the dict + ansible.builtin.fail: + msg: + - "FAIL: In 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]', both" + - "'sap_swpm_inifile_sections_list' and 'sap_swpm_inifile_list' are defined!" + - "Only one of these variables may be defined in 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]'." + when: + - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list'] is defined + - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] is defined + + - name: SAP SWPM Pre Install - Fail if 'sap_swpm_inifile_parameters_dict' and 'sap_swpm_inifile_custom_values_dictionary' are both defined in the dict + ansible.builtin.fail: + msg: + - "FAIL: In 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]', both" + - "'sap_swpm_inifile_parameters_dict', and 'sap_swpm_inifile_custom_values_dictionary', are defined!" + - "Only one of these variables may be defined in 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]'." + when: + - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict'] is defined + - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] is defined + +# Unconditionally define sap_swpm_product_catalog_id from low level member. + - name: SAP SWPM Pre Install - Define 'sap_swpm_product_catalog_id' from low level member with the same name + ansible.builtin.set_fact: +# sap_swpm_product_catalog_id: "{{ sap_swpm_product_catalog_id | +# d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id']) }}" + sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" + when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] is defined + + - name: SAP SWPM Pre Install - Display 'sap_swpm_product_catalog_id' + ansible.builtin.debug: + msg: "sap_swpm_product_catalog_id: >{{ sap_swpm_product_catalog_id }}<" + +# Unconditionally define sap_swpm_inifile_sections_list from low level member. + - name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_sections_list' from low level member + ansible.builtin.set_fact: + sap_swpm_inifile_sections_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list']) }}" + when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] is defined or + sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list'] is defined + +# Define sap_swpm_role_parameters_dict from low level member. + - name: SAP SWPM Pre Install - Define 'sap_swpm_role_parameters_dict' from low level member + ansible.builtin.set_fact: + sap_swpm_role_parameters_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_role_parameters_dict']) }}" + when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] is defined or + sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_role_parameters_dict'] is defined + + - name: SAP SWPM Pre Install - Display 'sap_swpm_role_parameters_dict' + ansible.builtin.debug: + msg: "sap_swpm_role_parameters_dict: >{{ sap_swpm_role_parameters_dict }}<" + when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict + ignore_errors: true + +# Define role variables from low level member, looping over 'sap_swpm_role_parameters_dict'. +# Reason for noqa: We are setting variables from the content of a dict, and the variable names are in the dict keys. + - name: SAP SWPM Pre Install - Define role variables from low level member, looping over 'sap_swpm_role_parameters_dict' # noqa var-naming[no-jinja] + ansible.builtin.set_fact: + "{{ line_item.key }}": "{{ line_item.value }}" + loop: "{{ sap_swpm_role_parameters_dict | dict2items if sap_swpm_role_parameters_dict is mapping else [] }}" + loop_control: + loop_var: line_item + when: + - sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict + + - name: SAP SWPM Pre Install - Display all vars and values of 'sap_swpm_role_parameters_dict' + ansible.builtin.debug: + msg: "{{ line_item.key }}: >{{ lookup('vars', line_item.key) }}<" + loop: "{{ sap_swpm_role_parameters_dict | dict2items if sap_swpm_role_parameters_dict is mapping else [] }}" + loop_control: + loop_var: line_item + when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict + ignore_errors: true + +# Define sap_swpm_inifile_parameters_dict from low level member, or use top level variable if defined. Low level definition has precedence. + - name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_parameters_dict' from low level member + ansible.builtin.set_fact: + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict']) }}" + when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] is defined or + sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict'] is defined + +# The following task ensures that the two main inifile creation parameters are defined. +# This is necessary when creating the file 'inifile.params'. +- name: SAP SWPM Pre Install - Define the main inifile creation parameters as empty if necessary + ansible.builtin.set_fact: + sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_sections_list | d([]) }}" + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_parameters_dict | d({}) }}" + tags: always + +# Assert correct hostname and IP resolution of virtual hostname and IP if: +# - sapinst is requested to be run, and +# - /etc/hosts file is requested to be updated, and +# - sap_swpm_virtual_hostname has been defined + +- name: SAP SWPM Pre Install - Assert hostname resolution for HA + ansible.builtin.include_tasks: + file: pre_install/assert_hostname_resolution_for_ha.yml + apply: + tags: sap_swpm_update_etchosts + when: + - sap_swpm_run_sapinst + - sap_swpm_update_etchosts + - sap_swpm_virtual_hostname | type_debug != 'NoneType' + - sap_swpm_virtual_hostname | length > 0 + tags: sap_swpm_update_etchosts + ################ # Run Preinstallation Steps Based on Run Mode ################ - name: SAP SWPM Pre Install - Run Preinstallation Steps - ansible.builtin.include_tasks: swpm/swpm_pre_install.yml + ansible.builtin.include_tasks: pre_install/swpm_prepare.yml tags: - sap_swpm_generate_inifile - sap_swpm_sapinst_commandline -################ -# Set sapinst command -################ - -- name: SAP SWPM Pre Install - Set sapinst command - ansible.builtin.set_fact: - sap_swpm_swpm_command_inifile: "SAPINST_INPUT_PARAMETERS_URL={{ sap_swpm_tmpdir.path }}/inifile.params" - sap_swpm_swpm_command_product_id: "SAPINST_EXECUTE_PRODUCT_ID={{ sap_swpm_product_catalog_id }}" - # If SWPM is running a normal install Ansible Variable sap_swpm_swpm_command_virtual_hostname is blank - # IF SWPM is running a HA installation, Ansible Variable sap_swpm_swpm_command_virtual_hostname is set and contains "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" - # If SWPM is running a MP Stack XML installation, Ansible Variable sap_swpm_swpm_command_mp_stack is set and contains "SAPINST_STACK_XML={{ sap_swpm_mp_stack_path }} + '/' (if needed) + {{ sap_swpm_mp_stack_file_name }}" - sap_swpm_swpm_command_extra_args: "SAPINST_SKIP_DIALOGS=true SAPINST_START_GUISERVER=false {{ sap_swpm_swpm_command_virtual_hostname }} {{ sap_swpm_swpm_command_mp_stack }}" - tags: sap_swpm_sapinst_commandline - ################ # Pre Install Optional Tasks ################ # Firewall -- name: SAP SWPM Pre Install - Firewall Setup +- name: SAP SWPM Pre Install - Setup Firewall ansible.builtin.include_tasks: file: pre_install/firewall.yml apply: tags: sap_swpm_setup_firewall - when: "sap_swpm_setup_firewall | bool" + when: + - sap_swpm_run_sapinst + - sap_swpm_setup_firewall tags: sap_swpm_setup_firewall # /etc/hosts @@ -45,7 +169,9 @@ file: pre_install/update_etchosts.yml apply: tags: sap_swpm_update_etchosts - when: "sap_swpm_update_etchosts | bool" + when: + - sap_swpm_run_sapinst + - sap_swpm_update_etchosts tags: sap_swpm_update_etchosts ################ @@ -77,3 +203,32 @@ - ' The installation can take up to 3 hours. Run the following command as root' - ' on {{ ansible_hostname }} to display the installation logs:' - ' # tail -f $(cat /tmp/sapinst_instdir/.lastInstallationLocation)/sapinst.log' + +################ +# Set sapinst command +################ + +- name: SAP SWPM Pre Install - Set the sapinst command parameters + vars: + sap_swpm_swpm_command_guiserver: "{{ 'SAPINST_START_GUISERVER=false' if not sap_swpm_swpm_observer_mode else '' }}" + sap_swpm_swpm_command_observer: "{{ 'SAPINST_REMOTE_ACCESS_USER=' + sap_swpm_swpm_remote_access_user + ' SAPINST_REMOTE_ACCESS_USER_IS_TRUSTED=true' if sap_swpm_swpm_observer_mode and sap_swpm_swpm_remote_access_user | d('', true) | length > 0 else '' }}" + ansible.builtin.set_fact: + sap_swpm_swpm_command_inifile: "SAPINST_INPUT_PARAMETERS_URL={{ sap_swpm_tmpdir.path }}/inifile.params" + sap_swpm_swpm_command_product_id: "SAPINST_EXECUTE_PRODUCT_ID={{ sap_swpm_product_catalog_id }}" + # If SWPM is running a normal install Ansible Variable sap_swpm_swpm_command_virtual_hostname is blank + # IF SWPM is running a HA installation, Ansible Variable sap_swpm_swpm_command_virtual_hostname is set and contains "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" + # If SWPM is running a MP Stack XML installation, Ansible Variable sap_swpm_swpm_command_mp_stack is set and contains "SAPINST_STACK_XML={{ sap_swpm_mp_stack_path }} + '/' (if needed) + {{ sap_swpm_mp_stack_file_name }}" + sap_swpm_swpm_command_extra_args: "SAPINST_SKIP_DIALOGS=true {{ sap_swpm_swpm_command_guiserver }} {{ sap_swpm_swpm_command_observer }} {{ sap_swpm_swpm_command_virtual_hostname }} {{ sap_swpm_swpm_command_mp_stack }}" + tags: sap_swpm_sapinst_commandline + +- name: Set fact for the sapinst command line + ansible.builtin.set_fact: + __sap_swpm_sapinst_command: "umask {{ sap_swpm_umask | d('022') }} ; ./sapinst {{ sap_swpm_swpm_command_inifile }} + {{ sap_swpm_swpm_command_product_id }} + {{ sap_swpm_swpm_command_extra_args }}" + tags: sap_swpm_sapinst_commandline + +- name: Display the sapinst command line + ansible.builtin.debug: + msg: "SAP SWPM install command: '{{ __sap_swpm_sapinst_command }}'" + tags: sap_swpm_sapinst_commandline diff --git a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml new file mode 100644 index 000000000..97b7c594a --- /dev/null +++ b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml @@ -0,0 +1,49 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# Assert HA settings + +- name: SAP SWPM Pre Install - HA settings - Ensure the dig command is present + ansible.builtin.package: + name: bind-utils + state: present + +- name: SAP SWPM Pre Install - HA settings - Try to resolve sap_swpm_virtual_hostname from DNS + ansible.builtin.command: dig +short +tries=1 +time=1 "{{ sap_swpm_virtual_hostname }}" + register: __sap_swpm_register_virtual_ip_dns + changed_when: false + failed_when: false + +- name: SAP SWPM Pre Install - HA settings - Assign sap_swpm_virtual_ip from DNS + ansible.builtin.set_fact: + __sap_swpm_fact_virtual_ip: "{{ __sap_swpm_register_virtual_ip_dns.stdout_lines[-1] }}" + when: __sap_swpm_register_virtual_ip_dns.stdout_lines | length > 0 + +- name: SAP SWPM Pre Install - HA settings - Try using /etc/hosts for name resolution + when: __sap_swpm_register_virtual_ip_dns.stdout_lines | length == 0 + block: + +# We assign the IP address only if there is exactly one line containing ipv4 and hostname: + - name: SAP SWPM Pre Install - HA settings - Try to resolve sap_swpm_virtual_hostname from /etc/hosts + ansible.builtin.shell: | + awk 'BEGIN{a=0}/^[^#]/&&(/\s{{ sap_swpm_virtual_hostname }}\./||/\s{{ sap_swpm_virtual_hostname }}/){a++; ipaddr=$1}END{if(a==1){print ipaddr}}' /etc/hosts + register: __sap_swpm_register_virtual_ip_etc_hosts + changed_when: false + failed_when: false + + - name: SAP SWPM Pre Install - HA settings - Assign sap_swpm_virtual_ip from /etc/hosts + ansible.builtin.set_fact: + __sap_swpm_fact_virtual_ip: "{{ __sap_swpm_register_virtual_ip_etc_hosts.stdout_lines[-1] }}" + when: __sap_swpm_register_virtual_ip_etc_hosts.stdout_lines | length > 0 + +- name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_virtual_hostname can be resolved + ansible.builtin.assert: + that: __sap_swpm_fact_virtual_ip is defined and __sap_swpm_fact_virtual_ip | length > 0 + fail_msg: "FAIL: 'sap_swpm_virtual_hostname' is not defined, cannot be resolved, or has multiple entries in /etc/hosts!" + success_msg: "PASS: {{ sap_swpm_virtual_hostname }} can be resolved." + +- name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_fact_virtual_ip is part of ansible_all_ipv4_addresses + ansible.builtin.assert: + that: __sap_swpm_fact_virtual_ip in ansible_all_ipv4_addresses + fail_msg: "FAIL: {{ __sap_swpm_fact_virtual_ip }} is not part of ansible_all_ipv4_addresses!" + success_msg: "PASS: {{ __sap_swpm_fact_virtual_ip }} is part of ansible_all_ipv4_addresses." diff --git a/roles/sap_swpm/tasks/pre_install/create_os_user.yml b/roles/sap_swpm/tasks/pre_install/create_os_user.yml index 397f81fa5..03e9cfe62 100644 --- a/roles/sap_swpm/tasks/pre_install/create_os_user.yml +++ b/roles/sap_swpm/tasks/pre_install/create_os_user.yml @@ -1,51 +1,55 @@ +# SPDX-License-Identifier: Apache-2.0 --- -- name: SAP SWPM Pre Install - Remove existing {{ sap_swpm_sid | lower + 'adm' }} - block: - -# Reason for noqa: We currently do not determine if there are processes to be killed - - name: SAP SWPM Pre Install - Kill all processes under {{ sap_swpm_sid | lower + 'adm' }} - ansible.builtin.shell: | - killall -u {{ sap_swpm_sid | lower }}adm - ignore_errors: yes - changed_when: true - - - name: SAP SWPM Pre Install - Remove user {{ sap_swpm_sid | lower + 'adm' }} - ansible.builtin.user: - name: '{{ sap_swpm_sid | lower }}adm' - state: absent - remove: yes - force: yes - - - name: SAP SWPM Pre Install - Remove group {{ sap_swpm_sid | lower + 'adm' }} - ansible.builtin.group: - name: '{{ sap_swpm_sid | lower }}adm' - state: absent - -- name: SAP SWPM Pre Install - Create sapsys group - ansible.builtin.group: - name: 'sapsys' - gid: '{{ sap_swpm_sapsys_gid }}' - state: present - -- name: SAP SWPM Pre Install - Create {{ sap_swpm_sid | lower + 'adm' }} - ansible.builtin.user: - name: '{{ sap_swpm_sid | lower }}adm' - comment: "SAP User - {{ sap_swpm_sid }}" - uid: '{{ sap_swpm_sidadm_uid }}' - group: '{{ sap_swpm_sapsys_gid }}' - -- name: SAP SWPM Pre Install - Create a /usr/sap/{{ sap_swpm_sid }} - ansible.builtin.file: - path: /usr/sap/{{ sap_swpm_sid }} - state: directory - owner: '{{ sap_swpm_sid | lower }}adm' - group: sapsys - recurse: yes - mode: '0755' - -# - name: SAP SWPM Pre Install - Purge parameters so it will not populate inifile.params to prevent SWPM from crashing -# ansible.builtin.set_facts: -# sap_swpm_sapadm_uid: "" -# sap_swpm_sapsys_gid: "" -# sap_swpm_sidadm_uid: "" +# Legacy code, appears to serve no function but does cause ASCS HA adm to not default to C Shell +# As test without this code installed ASCS HA successfully, the call to this file has been commented out for removal at later date + +# - name: SAP SWPM Pre Install - Remove existing {{ sap_swpm_sid | lower + 'adm' }} +# block: + +# # Reason for noqa: We currently do not determine if there are processes to be killed +# - name: SAP SWPM Pre Install - Kill all processes under {{ sap_swpm_sid | lower + 'adm' }} +# ansible.builtin.shell: | +# killall -u {{ sap_swpm_sid | lower }}adm +# ignore_errors: yes +# changed_when: true + +# - name: SAP SWPM Pre Install - Remove user {{ sap_swpm_sid | lower + 'adm' }} +# ansible.builtin.user: +# name: '{{ sap_swpm_sid | lower }}adm' +# state: absent +# remove: yes +# force: yes + +# - name: SAP SWPM Pre Install - Remove group {{ sap_swpm_sid | lower + 'adm' }} +# ansible.builtin.group: +# name: '{{ sap_swpm_sid | lower }}adm' +# state: absent + +# - name: SAP SWPM Pre Install - Create sapsys group +# ansible.builtin.group: +# name: 'sapsys' +# gid: '{{ sap_swpm_sapsys_gid }}' +# state: present + +# - name: SAP SWPM Pre Install - Create {{ sap_swpm_sid | lower + 'adm' }} +# ansible.builtin.user: +# name: '{{ sap_swpm_sid | lower }}adm' +# comment: "SAP User - {{ sap_swpm_sid }}" +# uid: '{{ sap_swpm_sidadm_uid }}' +# group: '{{ sap_swpm_sapsys_gid }}' + +# - name: SAP SWPM Pre Install - Create a /usr/sap/{{ sap_swpm_sid }} +# ansible.builtin.file: +# path: /usr/sap/{{ sap_swpm_sid }} +# state: directory +# owner: '{{ sap_swpm_sid | lower }}adm' +# group: sapsys +# recurse: yes +# mode: '0755' + +# # - name: SAP SWPM Pre Install - Purge parameters so it will not populate inifile.params to prevent SWPM from crashing +# # ansible.builtin.set_facts: +# # sap_swpm_sapadm_uid: "" +# # sap_swpm_sapsys_gid: "" +# # sap_swpm_sidadm_uid: "" diff --git a/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml b/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml new file mode 100644 index 000000000..a70e6479e --- /dev/null +++ b/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml @@ -0,0 +1,76 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# Detect and set Product ID +- name: SAP SWPM Pre Install - Detect Product ID from inifile + ansible.builtin.command: | + awk 'BEGIN{IGNORECASE=1;a=0} + /Product ID/&&a==0{a=1; gsub ("#", ""); gsub ("\047", ""); product_id=$NF} + END{print product_id}' {{ sap_swpm_tmpdir.path }}/inifile.params + register: sap_swpm_inifile_product_id_detect + changed_when: false + +- name: SAP SWPM Pre Install - Report if 'sap_swpm_product_catalog_id' has been defined differently + ansible.builtin.debug: + msg: "NOTE: The Product ID in '{{ sap_swpm_tmpdir.path }}/inifile.params' is different from the role parameter 'sap_swpm_inifile_product_id_detect'." + when: + - sap_swpm_product_catalog_id + - sap_swpm_inifile_product_id_detect.stdout != sap_swpm_product_catalog_id + +- name: SAP SWPM Pre Install - Set SAP product ID + ansible.builtin.set_fact: + sap_swpm_product_catalog_id: "{{ sap_swpm_inifile_product_id_detect.stdout }}" + +# Detect and set Software Path +- name: SAP SWPM Pre Install - Detect Software Path from inifile + ansible.builtin.command: | + awk '!/^#/&&/archives.downloadBasket/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params + register: sap_swpm_inifile_software_path_detect + changed_when: false + +- name: SAP SWPM Pre Install - Report if 'sap_swpm_software_path' has been defined differently + ansible.builtin.debug: + msg: "NOTE: The Software Path in '{{ sap_swpm_tmpdir.path }}/inifile.params' is different from the role parameter 'sap_swpm_software_path'." + when: + - sap_swpm_software_path + - sap_swpm_inifile_software_path_detect.stdout != sap_swpm_software_path + +- name: SAP SWPM Pre Install - Set Software Path + ansible.builtin.set_fact: + sap_swpm_software_path: "{{ sap_swpm_inifile_software_path_detect.stdout }}" + +# Detect and set SID +- name: SAP SWPM Pre Install - Detect SID from inifile + ansible.builtin.command: | + awk '!/^#/&&/NW_GetSidNoProfiles.sid/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params + register: sap_swpm_inifile_sid_detect + changed_when: false + +- name: SAP SWPM Pre Install - Report if 'sap_swpm_sid' has been defined differently + ansible.builtin.debug: + msg: "NOTE: The SID in '{{ sap_swpm_tmpdir.path }}/inifile.params' is different from the role parameter 'sap_swpm_sid'." + when: + - sap_swpm_sid + - sap_swpm_inifile_sid_detect.stdout != sap_swpm_sid + +- name: SAP SWPM Pre Install - Set SID + ansible.builtin.set_fact: + sap_swpm_sid: "{{ sap_swpm_inifile_sid_detect.stdout }}" + +# Detect and set FQDN +- name: SAP SWPM Pre Install - Detect FQDN from inifile + ansible.builtin.command: | + awk '!/^#/&&/NW_getFQDN.FQDN/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params + register: sap_swpm_inifile_fqdn_detect + changed_when: false + +- name: SAP SWPM Pre Install - Report if 'sap_swpm_fqdn' has been defined differently + ansible.builtin.debug: + msg: "NOTE: The FQDN in '{{ sap_swpm_tmpdir.path }}/inifile.params' is different from the role parameter 'sap_swpm_fqdn'." + when: + - sap_swpm_fqdn + - sap_swpm_inifile_sid_detect.stdout != sap_swpm_fqdn + +- name: SAP SWPM Pre Install - Set FQDN + ansible.builtin.set_fact: + sap_swpm_fqdn: "{{ sap_swpm_inifile_fqdn_detect.stdout }}" diff --git a/roles/sap_swpm/tasks/pre_install/firewall.yml b/roles/sap_swpm/tasks/pre_install/firewall.yml index 804e8675e..a36cb1644 100644 --- a/roles/sap_swpm/tasks/pre_install/firewall.yml +++ b/roles/sap_swpm/tasks/pre_install/firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP SWPM Pre Install - Firewall Setup @@ -53,7 +54,7 @@ - "51000" - "64997" when: - - not sap_swpm_generic | bool + - not sap_swpm_generic - name: SAP SWPM Pre Install - Add Ports Based on NR - {{ sap_swpm_db_instance_nr }} ansible.builtin.include_tasks: update_firewall.yml @@ -61,7 +62,7 @@ loop_control: loop_var: passed_port when: - - not sap_swpm_generic | bool + - not sap_swpm_generic # Reason for noqa: We currently do not determine if reloading the firewall changes anything - name: SAP SWPM Pre Install - Reload Firewall # noqa no-changed-when diff --git a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml new file mode 100644 index 000000000..7a53ba7bb --- /dev/null +++ b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml @@ -0,0 +1,158 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# The following task is used for checking if an inifile exists on the managed node +- name: SAP SWPM Pre Install - Ensure the sapinst inifile directory '{{ sap_swpm_inifile_directory }}' exists on the managed node + ansible.builtin.file: + path: "{{ sap_swpm_inifile_directory }}" + state: directory + owner: 'root' + group: 'root' + mode: '0755' + +- name: SAP SWPM Pre Install - Check if file '{{ sap_swpm_inifile_directory }}/inifile.params' exists on the managed node + ansible.builtin.stat: + path: "{{ sap_swpm_inifile_directory }}/inifile.params" + check_mode: no + register: __sap_swpm_register_stat_sapinst_inifile + +- name: SAP SWPM Pre Install - Try using existing SWPM inifile 'inifile.params' + when: __sap_swpm_register_stat_sapinst_inifile.stat.exists + block: + + - name: SAP SWPM Pre Install, existing inifile - Notify about existing sapinst inifile on the managed node + ansible.builtin.debug: + msg: "INFO: Using existing sapinst inifile '{{ sap_swpm_inifile_directory }}/inifile.params'." + +# - name: SAP SWPM Pre Install, existing inifile - Copy 'inifile.params' to the control node + - name: SAP SWPM Pre Install, existing inifile - Copy 'inifile.params' to sap_swpm_tmpdir + ansible.builtin.copy: + src: "{{ sap_swpm_inifile_directory }}/inifile.params" + dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" + owner: 'root' + group: 'root' + mode: '0640' + +# Now we need to confirm that des25 is not in the inifile + - name: SAP SWPM Pre Install, existing inifile - Search inifile for des25 + ansible.builtin.shell: | + set -o pipefail && awk 'BEGIN{a=0}!/^#/&&/des25\(/{a++}END{print a}' {{ sap_swpm_tmpdir.path }}/inifile.params + register: sap_swpm_inifile_count_des25 + changed_when: false + + - name: SAP SWPM Pre Install, existing inifile - Ensure that des25 is not present in inifile + ansible.builtin.fail: + msg: + - "Inifile '{{ sap_swpm_inifile_directory }}/inifile.params' cannot be reused because it contains des25 encrypted data." + - "See also SAP notes 2609804." + when: sap_swpm_inifile_count_des25.stdout != '0' + + - name: SAP SWPM Pre Install - Detect Variables + ansible.builtin.import_tasks: + file: detect_variables_from_inifile.yml + +# At this point, the following variables need to be set: +# sap_swpm_product_catalog_id, sap_swpm_software_path, sap_swpm_sid, sap_swpm_fqdn +- name: SAP SWPM Pre Install - Assert that certain variables are set + ansible.builtin.assert: + that: "{{ __sap_swpm_vars_line_item }} is defined and {{ __sap_swpm_vars_line_item }}" + fail_msg: "FAIL: '{{ __sap_swpm_vars_line_item }}' is either undefined or empty!" + success_msg: "PASS: '{{ __sap_swpm_vars_line_item }}' is set." + loop: + - sap_swpm_product_catalog_id + - sap_swpm_software_path + - sap_swpm_sid + - sap_swpm_fqdn + loop_control: + loop_var: __sap_swpm_vars_line_item + label: __sap_swpm_vars_line_item + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Display these variables + ansible.builtin.debug: + msg: + - "sap_swpm_product_catalog_id: >{{ sap_swpm_product_catalog_id }}<" + - "sap_swpm_software_path: >{{ sap_swpm_software_path }}<" + - "sap_swpm_sid: >{{ sap_swpm_sid }}<" + - "sap_swpm_fqdn: >{{ sap_swpm_fqdn }}<" + +# We are creating the inifile dynamically in one of the two cases: +# 1 - The tag sap_swpm_generate_inifile is specified +# 2 - There is no file 'inifile.params' available in 'sap_swpm_inifile_directory' +# Prerequisite: Role parameter 'sap_swpm_product_catalog_id' is defined +- name: SAP SWPM Pre Install, create inifile - Create the SWPM inifile 'inifile.params' dynamically + when: "'sap_swpm_generate_inifile' in ansible_run_tags or (not __sap_swpm_register_stat_sapinst_inifile.stat.exists)" + tags: sap_swpm_generate_inifile + block: + +# - name: SAP SWPM Pre Install - Ensure role parameter 'sap_swpm_product_catalog_id' is defined +# ansible.builtin.fail: +# msg: +# - "Role parameter 'sap_swpm_product_catalog_id' is empty or not defined, so certain inifile entries cannot be determined." +# - "Remediation: Define the role parameter 'sap_swpm_product_catalog_id' in your playbook or inventory and re-run the playbook." +# when: sap_swpm_product_catalog_id is not defined or not sap_swpm_product_catalog_id + +# 3 tasks for setting password Facts, required by the template: + - name: SAP SWPM Pre Install - Set password facts when ABAP + ansible.builtin.set_fact: + sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" + sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" + when: "'ABAP' in sap_swpm_product_catalog_id" + + - name: SAP SWPM Pre Install - Set password facts when Java + ansible.builtin.set_fact: + sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" + sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" + when: "'Java' in sap_swpm_product_catalog_id" + + - name: SAP SWPM Pre Install - Set other user passwords using master password + ansible.builtin.set_fact: + sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" + sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" + sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" + +# Generate inifile.params, step 1: Process SWPM Configfile template locally for creating inifile.params + - name: SAP SWPM Pre Install, create inifile - Process SWPM inifile template for creating 'inifile.params' + ansible.builtin.template: + src: "{{ role_path }}/templates/inifile_params.j2" + dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" + owner: 'root' + group: 'root' + mode: '0640' + when: + - sap_swpm_inifile_sections_list is defined + - sap_swpm_inifile_sections_list | length > 0 + +# Generate inifile.params, step 2: Use any entries from sap_swpm_inifile_parameters_dict + - name: SAP SWPM Pre Install, create inifile - Use any 'inifile.params' entries from 'sap_swpm_inifile_parameters_dict' + when: + - sap_swpm_inifile_parameters_dict is defined + - sap_swpm_inifile_parameters_dict | length > 0 + block: + + - name: SAP SWPM Pre Install, create inifile - Configure entries in 'inifile.params' from 'sap_swpm_inifile_parameters_dict' + ansible.builtin.lineinfile: + path: "{{ sap_swpm_tmpdir.path }}/inifile.params" + create: true + state: present + line: "{{ sap_swpm_line_item.key }} = {{ sap_swpm_line_item.value }}" + regexp: "^{{ sap_swpm_line_item.key }}[\\s]*=[\\s]*.*" + owner: 'root' + group: 'root' + mode: '0640' + loop: "{{ sap_swpm_inifile_parameters_dict | dict2items }}" + loop_control: + loop_var: sap_swpm_line_item + register: replace_result + + - name: SAP SWPM Pre Install, create inifile - Detect variables again if 'sap_swpm_inifile_parameters_dict' had been used + ansible.builtin.import_tasks: + file: detect_variables_from_inifile.yml + + - name: SAP SWPM Pre Install, create inifile - Display these variables again if 'sap_swpm_inifile_parameters_dict' had been used + ansible.builtin.debug: + msg: + - "sap_swpm_product_catalog_id: >{{ sap_swpm_product_catalog_id }}<" + - "sap_swpm_software_path: >{{ sap_swpm_software_path }}<" + - "sap_swpm_sid: >{{ sap_swpm_sid }}<" + - "sap_swpm_fqdn: >{{ sap_swpm_fqdn }}<" diff --git a/roles/sap_swpm/tasks/pre_install/install_type.yml b/roles/sap_swpm/tasks/pre_install/install_type.yml index 1eabb2157..b5afe12f0 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type.yml @@ -1,9 +1,10 @@ +# SPDX-License-Identifier: Apache-2.0 --- - name: SAP SWPM Pre Install - Determine Installation Type ansible.builtin.set_fact: sap_swpm_swpm_installation_type: "" - sap_swpm_swpm_installation_header: "" + sap_swpm_swpm_installation_header: "Standard installation of SAP Software" sap_swpm_swpm_command_virtual_hostname: "" sap_swpm_swpm_command_mp_stack: "" @@ -57,9 +58,45 @@ # Run Installation Type Steps ################ -- name: SAP SWPM Pre Install - Display the Installation Type - ansible.builtin.debug: - var: sap_swpm_swpm_installation_type +- name: SAP SWPM Pre Install - Assert installation type is defined (including empty) + ansible.builtin.assert: + that: + - sap_swpm_swpm_installation_type is defined + fail_msg: + - "The installation type (variable 'sap_swpm_swpm_installation_type') is not defined!" + success_msg: + - "The installation type (variable 'sap_swpm_swpm_installation_type') is defined (including an empty string)." + +- name: SAP SWPM Pre Install - Assert supported installation types + ansible.builtin.assert: + that: + - sap_swpm_swpm_installation_type == '' or + sap_swpm_swpm_installation_type == 'restore' or + sap_swpm_swpm_installation_type == 'ha' or + sap_swpm_swpm_installation_type == 'maint_plan_stack' or + sap_swpm_swpm_installation_type == 'ha_maint_plan_stack' + fail_msg: + - "The specified installation type, '{{ sap_swpm_swpm_installation_type }}', is not supported!" + - "The following installation types are supported:" + - "- '' (empty string, the default)" + - "- 'restore'" + - "- 'ha'" + - "- 'maint_plan_stack'" + - "- 'ha_maint_plan_stack'" + success_msg: + - "The specified installation type, '{{ sap_swpm_swpm_installation_type }}', is supported." + +- name: SAP SWPM Pre Install - Assert that necessary variable for HA is defined + ansible.builtin.assert: + that: sap_swpm_virtual_hostname is defined and sap_swpm_virtual_hostname + fail_msg: "FAIL: {{ sap_swpm_virtual_hostname }} is not defined!" + success_msg: "PASS: The variable 'sap_swpm_virtual_hostname' is defined, as '{{ sap_swpm_virtual_hostname }}'." + when: + - sap_swpm_swpm_installation_type | regex_search('ha') + +################ +# Installation Type file will not be included if install type is empty (= the default): +################ - name: SAP SWPM Pre Install - Run Installation Type Steps ansible.builtin.include_tasks: "install_type/{{ sap_swpm_swpm_installation_type }}_install.yml" diff --git a/roles/sap_swpm/tasks/pre_install/install_type/general_install.yml b/roles/sap_swpm/tasks/pre_install/install_type/general_install.yml index 9a31c6eee..ef3e6deb1 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type/general_install.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type/general_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Placeholder for future if required diff --git a/roles/sap_swpm/tasks/pre_install/install_type/ha_install.yml b/roles/sap_swpm/tasks/pre_install/install_type/ha_install.yml index 91ce10f5a..327bc30f9 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type/ha_install.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type/ha_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # High Availability installation @@ -8,8 +9,10 @@ ansible.builtin.set_fact: sap_swpm_swpm_command_virtual_hostname: "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" -# Create sidadm and sapsys when HA setup -- name: SAP SWPM Pre Install - HA Installation - Create User when ASCS (initial HA setup) - ansible.builtin.include_tasks: ../create_os_user.yml - when: - - "'_ASCS' in sap_swpm_product_catalog_id" +# Legacy code, appears to serve no function but does cause ASCS HA adm to not default to C Shell +# As test without this code installed ASCS HA successfully, commenting out for removal at later date +# # Create sidadm and sapsys when HA setup +# - name: SAP SWPM Pre Install - HA Installation - Create User when ASCS (initial HA setup) +# ansible.builtin.include_tasks: ../create_os_user.yml +# when: +# - "'_ASCS' in sap_swpm_product_catalog_id" diff --git a/roles/sap_swpm/tasks/pre_install/install_type/ha_maint_plan_stack_install.yml b/roles/sap_swpm/tasks/pre_install/install_type/ha_maint_plan_stack_install.yml index a1f7cbb6d..483628b5a 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type/ha_maint_plan_stack_install.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type/ha_maint_plan_stack_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # High Availability installation @@ -8,11 +9,13 @@ ansible.builtin.set_fact: sap_swpm_swpm_command_virtual_hostname: "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" -# Create sidadm and sapsys when HA setup -- name: SAP SWPM Pre Install - HA Installation - Create User when ASCS (initial HA setup) - ansible.builtin.include_tasks: ../create_os_user.yml - when: - - "'_ASCS' in sap_swpm_product_catalog_id" +# Legacy code, appears to serve no function but does cause ASCS HA adm to not default to C Shell +# As test without this code installed ASCS HA successfully, commenting out for removal at later date +# # Create sidadm and sapsys when HA setup +# - name: SAP SWPM Pre Install - HA Installation - Create User when ASCS (initial HA setup) +# ansible.builtin.include_tasks: ../create_os_user.yml +# when: +# - "'_ASCS' in sap_swpm_product_catalog_id" # Install using SAP Maintenance Planner Stack XML diff --git a/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml b/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml index 9bf39bded..91d437bc4 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Install using SAP Maintenance Planner Stack XML diff --git a/roles/sap_swpm/tasks/pre_install/install_type/restore_install.yml b/roles/sap_swpm/tasks/pre_install/install_type/restore_install.yml index 6dcd13347..e4e72e00b 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type/restore_install.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type/restore_install.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # System Copy restore installation diff --git a/roles/sap_swpm/tasks/pre_install/password_facts.yml b/roles/sap_swpm/tasks/pre_install/password_facts.yml deleted file mode 100644 index aa74a597e..000000000 --- a/roles/sap_swpm/tasks/pre_install/password_facts.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- - -- name: SAP SWPM Pre Install - Set password facts when ABAP - ansible.builtin.set_fact: - sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" - sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" - when: - - "'ABAP' in sap_swpm_product_catalog_id" - -- name: SAP SWPM Pre Install - Set password facts when Java - ansible.builtin.set_fact: - sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" - sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" - when: - - "'Java' in sap_swpm_product_catalog_id" - -- name: SAP SWPM Pre Install - Set other user passwords using master password - ansible.builtin.set_fact: - sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" - sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" - sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" diff --git a/roles/sap_swpm/tasks/swpm/prepare_software.yml b/roles/sap_swpm/tasks/pre_install/prepare_software.yml similarity index 90% rename from roles/sap_swpm/tasks/swpm/prepare_software.yml rename to roles/sap_swpm/tasks/pre_install/prepare_software.yml index 911d82fdc..26e40fb98 100644 --- a/roles/sap_swpm/tasks/swpm/prepare_software.yml +++ b/roles/sap_swpm/tasks/pre_install/prepare_software.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ################ @@ -22,31 +23,9 @@ file_type: directory register: __sap_swpm_register_find_result_directories - - name: SAP SWPM Pre Install - Find non-SAPCAR files - ansible.builtin.find: - path: "{{ sap_swpm_software_path }}" - file_type: file - recurse: true - excludes: "SAPCAR*EXE" - register: __sap_swpm_register_find_result_files_non_sapcar - - - name: SAP SWPM Pre Install - Create list of absolute directory names from the find result - ansible.builtin.set_fact: - __sap_swpm_fact_directories: "{{ __sap_swpm_fact_directories | d([]) + [line_item.path] }}" - loop: "{{ __sap_swpm_register_find_result_directories.files }}" - loop_control: - loop_var: line_item - label: "{{ line_item.path }}" - when: __sap_swpm_register_find_result_directories is defined - - - name: SAP SWPM Pre Install - Create list of absolute file names for non-SAPCAR files from the find result + - name: SAP SWPM Pre Install - Create list of directories ansible.builtin.set_fact: - __sap_swpm_fact_files_non_sapcar: "{{ __sap_swpm_fact_files_non_sapcar | d([]) + [line_item.path] }}" - loop: "{{ __sap_swpm_register_find_result_files_non_sapcar.files }}" - loop_control: - loop_var: line_item - label: "{{ line_item.path }}" - when: __sap_swpm_register_find_result_files_non_sapcar is defined + __sap_swpm_fact_directories: "{{ __sap_swpm_register_find_result_directories.files | map(attribute='path') | reject('contains', 'extracted') }}" - name: SAP SWPM Pre Install - Ensure correct permissions and ownership of all directories ansible.builtin.file: @@ -62,9 +41,18 @@ - __sap_swpm_fact_directories is defined - __sap_swpm_register_find_result_directories is defined - - name: SAP SWPM Pre Install - Create argument list for chown and chmod of non-SAPCAR*EXE files + - name: SAP SWPM Pre Install - Find non-SAPCAR files + ansible.builtin.find: + path: "{{ sap_swpm_software_path }}" + file_type: file + recurse: true + excludes: "SAPCAR*EXE" + register: __sap_swpm_register_find_result_files_non_sapcar + + - name: SAP SWPM Pre Install - Create list of files ansible.builtin.set_fact: - __sap_swpm_fact_files_non_sapcar_chown_arg_list: "{{ __sap_swpm_fact_files_non_sapcar | map('quote') | join(' ') }}" + __sap_swpm_fact_files_non_sapcar: "{{ __sap_swpm_register_find_result_files_non_sapcar.files | map(attribute='path') | reject('contains', 'extracted/') }}" + when: __sap_swpm_register_find_result_files_non_sapcar is defined # Reasons for noqa: # - command-instead-of-module: Shorter execution time compared to looping over a list when using the file module @@ -72,9 +60,13 @@ - name: SAP SWPM Pre Install - Ensure correct permissions and ownership of all non-SAPCAR files # noqa command-instead-of-module no-changed-when ansible.builtin.shell: > chown {{ sap_swpm_files_non_sapcar_owner }}:{{ sap_swpm_files_non_sapcar_group }} \ - {{ __sap_swpm_fact_files_non_sapcar_chown_arg_list }} && + {{ line_item | join(' ') }} && chmod {{ sap_swpm_files_non_sapcar_mode }} \ - {{ __sap_swpm_fact_files_non_sapcar_chown_arg_list }} + {{ line_item | join(' ') }} + loop: "{{ __sap_swpm_fact_files_non_sapcar | batch(100) }}" + loop_control: + loop_var: line_item + label: "Batch {{ (__sap_swpm_fact_files_non_sapcar.index(line_item[0]) // 100) + 1 }}, first item: {{ line_item[0] }}" when: - __sap_swpm_fact_files_non_sapcar is defined - __sap_swpm_register_find_result_files_non_sapcar is defined @@ -185,7 +177,7 @@ - sap_swpm_set_file_permissions - name: SAP SWPM Pre Install - Full SAP System - when: not sap_swpm_generic | bool + when: not sap_swpm_generic block: # 3. IGS diff --git a/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml similarity index 64% rename from roles/sap_swpm/tasks/swpm/swpm_pre_install.yml rename to roles/sap_swpm/tasks/pre_install/swpm_prepare.yml index 3a3158c38..6a1915edb 100644 --- a/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml @@ -1,13 +1,12 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# Create temporary directory -- name: SAP SWPM Pre Install - Create temporary directory +- name: SAP SWPM Pre Install - Create temporary directory on managed node ansible.builtin.tempfile: state: directory - suffix: swpmconfig + suffix: _swpm_config register: sap_swpm_tmpdir tags: - - sap_swpm_generate_inifile - sap_swpm_sapinst_commandline # Copy password file to the same location as inifile.params @@ -17,24 +16,33 @@ dest: "{{ sap_swpm_tmpdir.path }}/instkey.pkey" remote_src: yes mode: '0640' - when: sap_swpm_use_password_file == "y" - tags: sap_swpm_generate_inifile + when: sap_swpm_use_password_file -# Run SWPM inifile generation based on ansible role mode -- name: SAP SWPM Pre Install - generate swpm inifile - ansible.builtin.include_tasks: "swpm_inifile_generate_{{ sap_swpm_ansible_role_mode }}.yml" +# Create the SWPM inifile +- name: SAP SWPM Pre Install - Generate the SWPM inifile + ansible.builtin.include_tasks: "generate_inifile.yml" tags: sap_swpm_generate_inifile -- name: SAP SWPM Pre Install - Display the location of file 'inifile.params' - ansible.builtin.debug: - msg: "{{ sap_swpm_tmpdir.path }}/inifile.params" - tags: sap_swpm_generate_inifile +# Determine Installation Type, e.g. System Copy, HA, Maintenance Planner, ... +- name: SAP SWPM default mode - Determine Installation Type + ansible.builtin.include_tasks: + file: install_type.yml +# apply: +# tags: sap_swpm_generate_inifile +# tags: sap_swpm_generate_inifile + +# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) +# Prepare Software +- name: SAP SWPM Pre Install - Prepare Software + ansible.builtin.include_tasks: prepare_software.yml + when: sap_swpm_run_sapinst # Set fact for SWPM path - name: SAP SWPM Pre Install - Set fact for SWPM path when extract directory defined ansible.builtin.set_fact: sap_swpm_sapinst_path: "{{ sap_swpm_software_extract_directory }}" when: + - sap_swpm_run_sapinst - sap_swpm_software_extract_directory is defined - not (sap_swpm_software_extract_directory is none or (sap_swpm_software_extract_directory | length == 0)) @@ -43,6 +51,7 @@ ansible.builtin.set_fact: sap_swpm_sapinst_path: "{{ (sap_swpm_swpm_path | regex_replace('\\/$', '')) + '/extracted' }}" when: + - sap_swpm_run_sapinst - sap_swpm_software_extract_directory is undefined or (sap_swpm_software_extract_directory is none or (sap_swpm_software_extract_directory | length) == 0) - name: SAP SWPM Pre Install - Ensure directory '{{ sap_swpm_sapinst_path }}' exists @@ -50,6 +59,7 @@ path: "{{ sap_swpm_sapinst_path }}" state: directory mode: '0755' + when: sap_swpm_run_sapinst # Extract SWPM - name: SAP SWPM Pre Install - Extract SWPM @@ -61,3 +71,4 @@ args: chdir: "{{ sap_swpm_sapinst_path }}" changed_when: "'SAPCAR: processing archive' in sap_swpm_extractswpm.stdout" + when: sap_swpm_run_sapinst diff --git a/roles/sap_swpm/tasks/pre_install/update_etchosts.yml b/roles/sap_swpm/tasks/pre_install/update_etchosts.yml index 5044e5d2b..815ae29e6 100644 --- a/roles/sap_swpm/tasks/pre_install/update_etchosts.yml +++ b/roles/sap_swpm/tasks/pre_install/update_etchosts.yml @@ -1,74 +1,61 @@ +# SPDX-License-Identifier: Apache-2.0 --- -# Update etc hosts for NW +# Update /etc/hosts for NW -- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for NW due to missing 'sap_swpm_fqdn' +- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' will not be configured for NW due to missing 'sap_swpm_fqdn' ansible.builtin.debug: msg: "WARN: Not configuring NW entries in '/etc/hosts' because 'sap_swpm_fqdn' is not defined!" when: (sap_swpm_fqdn | type_debug == 'NoneType') or (sap_swpm_fqdn | length == 0) -# Update etc hosts for HANA - - name: SAP SWPM Pre Install - Update '/etc/hosts' for NW + ansible.builtin.import_role: + name: 'community.sap_install.sap_maintain_etc_hosts' + vars: + sap_maintain_etc_hosts_list: + - node_ip: "{{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }}" + node_name: "{{ ansible_hostname }}" + node_domain: "{{ sap_swpm_fqdn }}" + state: present when: - "sap_swpm_fqdn | type_debug != 'NoneType'" - "sap_swpm_fqdn | length > 0" - block: - - - name: SAP SWPM Pre Install - Deduplicate values from '/etc/hosts' - ansible.builtin.lineinfile: - path: /etc/hosts - create: false - regexp: (?i)^\s*{{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }}\s+ - state: absent -# Reason for noqa: 1. Tabs can increase readability; -# 2. Tabs are allowed for /etc/hosts - - name: SAP SWPM Pre Install - Update '/etc/hosts' with NW entry # noqa no-tabs - ansible.builtin.lineinfile: - path: /etc/hosts - line: "{{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }}\t{{ ansible_hostname }}.{{ sap_swpm_fqdn }}\t{{ ansible_hostname }}" +# Update /etc/hosts for HANA -- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA due to missing 'sap_swpm_db_ip' +- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' will not be configured for HANA due to missing 'sap_swpm_db_ip' ansible.builtin.debug: msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_ip' is not defined!" when: (sap_swpm_db_ip | type_debug == 'NoneType') or (sap_swpm_db_ip | length == 0) -- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA due to missing 'sap_swpm_db_host' +- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' will not be configured for HANA due to missing 'sap_swpm_db_host' ansible.builtin.debug: msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_host' is not defined!" when: (sap_swpm_db_host | type_debug == 'NoneType') or (sap_swpm_db_host | length == 0) -- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA because 'sap_swpm_db_host' is the current host +- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' will not be configured for HANA because 'sap_swpm_db_host' is the current host ansible.builtin.debug: msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_host' is the current host!" when: sap_swpm_db_host == ansible_hostname - name: SAP SWPM Pre Install - Update '/etc/hosts' for HANA + ansible.builtin.import_role: + name: 'community.sap_install.sap_maintain_etc_hosts' + vars: + sap_maintain_etc_hosts_list: + - node_ip: "{{ sap_swpm_db_ip }}" + node_name: "{{ sap_swpm_db_host }}" + node_domain: "{{ sap_swpm_fqdn }}" + state: present when: - "sap_swpm_db_ip | type_debug != 'NoneType'" - "sap_swpm_db_ip | length > 0" - "sap_swpm_db_host | type_debug != 'NoneType'" - "sap_swpm_db_host | length > 0" - "sap_swpm_db_host != ansible_hostname" - block: - - - name: SAP SWPM Pre Install - Deduplicate values from '/etc/hosts' - ansible.builtin.lineinfile: - path: /etc/hosts - create: false - regexp: (?i)^\s*{{ sap_swpm_db_ip }}\s+ - state: absent - -# Reason for noqa: 1. Tabs can increase readability; -# 2. Tabs are allowed for /etc/hosts - - name: SAP SWPM Pre Install - Update '/etc/hosts' with HANA entry # noqa no-tabs - ansible.builtin.lineinfile: - path: /etc/hosts - line: "{{ sap_swpm_db_ip }}\t{{ sap_swpm_db_host }}.{{ sap_swpm_fqdn }}\t{{ sap_swpm_db_host }}" diff --git a/roles/sap_swpm/tasks/pre_install/update_firewall.yml b/roles/sap_swpm/tasks/pre_install/update_firewall.yml index bf77074d1..331e88daa 100644 --- a/roles/sap_swpm/tasks/pre_install/update_firewall.yml +++ b/roles/sap_swpm/tasks/pre_install/update_firewall.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # This task requires the variable passed_port diff --git a/roles/sap_swpm/tasks/swpm.yml b/roles/sap_swpm/tasks/swpm.yml index 997235277..d9d0bd4eb 100644 --- a/roles/sap_swpm/tasks/swpm.yml +++ b/roles/sap_swpm/tasks/swpm.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- ### Deprecated standard method, can fail to detect process exit (e.g. hang errors with SAP SWPM 2.0 SP11) @@ -22,33 +23,19 @@ ### Async method -# Required for Ansible Module pids -- name: Install Python devel, Python pip and gcc to system Python - ansible.builtin.package: - name: - - python3-devel - - python3-pip - - gcc - state: present - -# Required for Ansible Module pids -- name: Install Python dependency psutil to system Python - ansible.builtin.pip: - name: - - psutil -# executable: pip3.6 - -- name: Set fact for the sapinst command line - ansible.builtin.set_fact: - __sap_swpm_sapinst_command: "umask {{ sap_swpm_umask | default('022') }} ; ./sapinst {{ sap_swpm_swpm_command_inifile }} - {{ sap_swpm_swpm_command_product_id }} - {{ sap_swpm_swpm_command_extra_args }}" - tags: sap_swpm_sapinst_commandline - -- name: Display the sapinst command line - ansible.builtin.debug: - msg: "SAP SWPM install command: '{{ __sap_swpm_sapinst_command }}'" - tags: sap_swpm_sapinst_commandline +# now in file pre_install.yml: +#- name: Set fact for the sapinst command line +# ansible.builtin.set_fact: +# __sap_swpm_sapinst_command: "umask {{ sap_swpm_umask | d('022') }} ; ./sapinst {{ sap_swpm_swpm_command_inifile }} +# {{ sap_swpm_swpm_command_product_id }} +# {{ sap_swpm_swpm_command_extra_args }}" +# tags: sap_swpm_sapinst_commandline + +# now in file pre_install.yml: +#- name: Display the sapinst command line +# ansible.builtin.debug: +# msg: "SAP SWPM install command: '{{ __sap_swpm_sapinst_command }}'" +# tags: sap_swpm_sapinst_commandline # Call sapinst synchronously # Reason for noqa: This command installs software, so it will change things @@ -70,16 +57,14 @@ async: 86400 # Seconds for maximum runtime, set to 24 hours poll: 0 # Seconds between polls, use 0 to run Ansible Tasks concurrently -# Monitor sapinst process (i.e. ps aux | grep sapinst) and wait for exit +# Monitor sapinst process and wait for exit - name: SAP SWPM - Wait for sapinst process to exit, poll every 60 seconds - community.general.pids: - name: sapinst -# shell: ps -ef | awk '/sapinst/&&!/awk/&&!/ansible/{print}' - register: pids_sapinst - until: "pids_sapinst.pids | length == 0" -# until: "pids_sapinst.stdout | length == 0" + ansible.builtin.shell: set -o pipefail && ps -ef | awk '/\.\/sapinst /&&!/umask/&&!/ awk /{print}' + register: __sap_swpm_register_pids_sapinst + until: "__sap_swpm_register_pids_sapinst.stdout | length == 0" retries: 1440 delay: 60 + changed_when: false - name: SAP SWPM - Verify if sapinst process finished successfully ansible.builtin.async_status: diff --git a/roles/sap_swpm/tasks/swpm/detect_variables.yml b/roles/sap_swpm/tasks/swpm/detect_variables.yml deleted file mode 100644 index 7b1d299f9..000000000 --- a/roles/sap_swpm/tasks/swpm/detect_variables.yml +++ /dev/null @@ -1,79 +0,0 @@ ---- - -# Detect Product ID -- name: SAP SWPM - Detect Product ID - ansible.builtin.command: | - awk 'BEGIN{IGNORECASE=1;a=0} - /Product ID/&&a==0{a=1; gsub ("#", ""); gsub ("\047", ""); product_id=$NF} - END{print product_id}' {{ sap_swpm_tmpdir.path }}/inifile.params - register: sap_swpm_inifile_product_id_detect - changed_when: false - when: not sap_swpm_product_catalog_id is defined - -# Set fact for product id -- name: SAP SWPM - Set SAP product ID - ansible.builtin.set_fact: - sap_swpm_product_catalog_id: "{{ sap_swpm_inifile_product_id_detect.stdout }}" - when: not sap_swpm_product_catalog_id is defined - -- name: SAP SWPM - Display SAP product ID - ansible.builtin.debug: - msg: - - "Product ID is {{ sap_swpm_product_catalog_id }}" - -# Detect Software Path -- name: SAP SWPM - Detect Software Path - ansible.builtin.command: | - awk '!/^#/&&/archives.downloadBasket/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params - register: sap_swpm_inifile_software_path - changed_when: false - when: not sap_swpm_software_path is defined - -# Set fact for software path -- name: SAP SWPM - Set Software Path - ansible.builtin.set_fact: - sap_swpm_software_path: "{{ sap_swpm_inifile_software_path.stdout }}" - when: not sap_swpm_software_path is defined - -- name: SAP SWPM - Display Software Path - ansible.builtin.debug: - msg: - - "Software path is {{ sap_swpm_software_path }}" - -# Detect SID -- name: SAP SWPM - Detect SID - ansible.builtin.command: | - awk '!/^#/&&/NW_GetSidNoProfiles.sid/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params - register: sap_swpm_inifile_sid - changed_when: false - when: not sap_swpm_sid is defined - -# Set fact for SID -- name: SAP SWPM - Set SID - ansible.builtin.set_fact: - sap_swpm_sid: "{{ sap_swpm_inifile_sid.stdout }}" - when: not sap_swpm_sid is defined - -- name: SAP SWPM - Display SAP SID - ansible.builtin.debug: - msg: - - "SAP SID {{ sap_swpm_sid }}" - -# Detect FQDN -- name: SAP SWPM - Detect FQDN - ansible.builtin.command: | - awk '!/^#/&&/NW_getFQDN.FQDN/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params - register: sap_swpm_inifile_fqdn - changed_when: false - when: not sap_swpm_fqdn is defined - -# Set fact for FQDN -- name: SAP SWPM - Set FQDN - ansible.builtin.set_fact: - sap_swpm_fqdn: "{{ sap_swpm_inifile_fqdn.stdout }}" - when: not sap_swpm_fqdn is defined - -- name: SAP SWPM - Display FQDN - ansible.builtin.debug: - msg: - - "SAP fqdn {{ sap_swpm_fqdn }}" diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml deleted file mode 100644 index 3228f97f4..000000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- - -# Remove Existing inifile.params -- name: SAP SWPM advanced mode - Ensure 'inifile.params' exists - ansible.builtin.copy: - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - content: | - ### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} - tags: sap_swpm_generate_inifile - -- name: SAP SWPM advanced mode - Loop over the dictionary and output to file - ansible.builtin.lineinfile: - path: "{{ sap_swpm_tmpdir.path }}/inifile.params" - state: present - insertafter: EOF - line: "{{ item.key }} = {{ item.value }}" - with_dict: "{{ sap_swpm_inifile_custom_values_dictionary }}" - tags: sap_swpm_generate_inifile - -# NOTE: Values in Dictionary Keys for instance numbers must be string using '01' single quote, otherwise SAP SWPM will crash - -# Detect variables from generated inifile -- name: SAP SWPM advanced mode - Detect Variables - ansible.builtin.include_tasks: - file: detect_variables.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) -# Prepare Software -- name: SAP SWPM advanced mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml deleted file mode 100644 index efeeab6f4..000000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml +++ /dev/null @@ -1,63 +0,0 @@ ---- - -# Set facts based on the install dictionary -- name: SAP SWPM advanced_templates mode - Set product_catalog_id - ansible.builtin.set_fact: - sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" - tags: sap_swpm_generate_inifile - -- name: SAP SWPM advanced_templates mode - Create temporary directory - ansible.builtin.tempfile: - state: directory - suffix: swpmconfig - register: sap_swpm_tmpdir - tags: sap_swpm_generate_inifile - -# Remove Existing inifile.params -- name: SAP SWPM advanced_templates mode - Ensure 'inifile.params' exists - ansible.builtin.copy: - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - content: | - ### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} - tags: sap_swpm_generate_inifile - -- name: SAP SWPM advanced_templates mode - Loop over the dictionary and output to file - ansible.builtin.lineinfile: - path: "{{ sap_swpm_tmpdir.path }}/inifile.params" - state: present - insertafter: EOF - line: "{{ item.key }} = {{ item.value }}" - with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] }}" - tags: sap_swpm_generate_inifile - -# NOTE: Values in Dictionary Keys for instance numbers must be string using '01' single quote, otherwise SAP SWPM will crash - - -# Detect variables from generated inifile -- name: SAP SWPM advanced_templates mode - Detect Variables - ansible.builtin.include_tasks: - file: detect_variables.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) -# Prepare Software -- name: SAP SWPM advanced_templates mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml - -# ALT: Generate complete inifile.params with all parameters from control.xml, for every SAP software product -#- name: ALT: SAP SWPM advanced_templates mode - Generate complete inifile.params -# script: ./plugins/module_utils/swpm2_parameters_inifile_generate.py '/path/to/controlxml/' -# args: -# executable: /bin/python3 - -# ALT: Replace values of generated inifile with custom values -#- name: ALT: SAP SWPM advanced_templates mode - Replace values of generated inifile with custom values -# replace: -# path: "{{ sap_swpm_tmpdir.path }}/inifile.params" -# regexp: '^{{ item.key }}.*$' -# replace: '{{ item.key }}={{ item.value }}' -# backup: yes -# with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] }}" diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml deleted file mode 100644 index cc4357f9f..000000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- - -# Determine Installation Type -- name: SAP SWPM default mode - Determine Installation Type - ansible.builtin.include_tasks: - file: ../pre_install/install_type.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Password Facts -- name: SAP SWPM default mode - Password Facts - ansible.builtin.include_tasks: - file: ../pre_install/password_facts.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Prepare Software -- name: SAP SWPM default mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml - -# Process SWPM Configfile Template -- name: SAP SWPM default mode - Process SWPM Configfile Template - ansible.builtin.template: - src: "{{ role_path }}/templates/configfile.j2" - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - register: sap_swpm_cftemplate - tags: sap_swpm_generate_inifile diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml deleted file mode 100644 index 68abe9de2..000000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- - -# Set facts based on the install dictionary -- name: SAP SWPM default_templates mode - Set product_catalog_id and inifile_list - ansible.builtin.set_fact: - sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" - sap_swpm_inifile_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] }}" - tags: sap_swpm_generate_inifile - -- name: SAP SWPM default_templates mode - Set product_catalog_id and inifile_list - ansible.builtin.set_fact: - sap_swpm_java_template_id_selected_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_java_template_id_selected_list'] }}" - when: "'java' in sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] | lower" - tags: sap_swpm_generate_inifile - -# Reason for noqa: We want to define variable names based on what is in the dictionary. -- name: SAP SWPM default_templates mode - If not already defined, use the default variable for the template # noqa var-naming[no-jinja] - ansible.builtin.set_fact: - "{{ item.key }}": "{{ item.value }}" - with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] }}" - tags: sap_swpm_generate_inifile - -# Determine Installation Type -- name: SAP SWPM default_templates mode - Determine Installation Type - ansible.builtin.include_tasks: - file: ../pre_install/install_type.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Password Facts -- name: SAP SWPM default_templates mode - Password Facts - ansible.builtin.include_tasks: - file: ../pre_install/password_facts.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Prepare Software -- name: SAP SWPM default_templates mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml - -# Process SWPM Configfile Template -- name: SAP SWPM default_templates mode - Process SWPM Configfile Template - ansible.builtin.template: - src: "{{ role_path }}/templates/configfile.j2" - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - register: sap_swpm_cftemplate - tags: sap_swpm_generate_inifile diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml deleted file mode 100644 index 2513a7971..000000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- - -# Copy reused inifile -- name: SAP SWPM inifile_reuse mode - Copy reused inifile - ansible.builtin.copy: - src: "{{ sap_swpm_inifile_reuse_source }}" - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - tags: sap_swpm_generate_inifile - -# Check inifile for the presence of a line containing "des25(" -- name: SAP SWPM inifile_reuse mode - Check inifile for des25 - ansible.builtin.shell: | - set -o pipefail && cat "{{ sap_swpm_tmpdir.path }}/inifile.params" | - awk 'BEGIN{a=0}!/^#/&&/des25\(/{a++}END{print a}' - register: sap_swpm_inifile_read_file - changed_when: false - tags: sap_swpm_generate_inifile - -# Check if inifile is reusable - function des25 must not be present in inifile -- name: SAP SWPM inifile_reuse mode - Check if inifile is reusable, meaning function des25 is not present - ansible.builtin.fail: - msg: "{{ sap_swpm_inifile_reuse_source }} is not reusable" - when: sap_swpm_inifile_read_file.stdout != '0' - tags: sap_swpm_generate_inifile - -# Detect variables from generated inifile -- name: SAP SWPM inifile_reuse mode - Detect Variables - ansible.builtin.include_tasks: - file: detect_variables.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) -# Prepare Software -- name: SAP SWPM inifile_reuse mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml diff --git a/roles/sap_swpm/templates/configfile.j2 b/roles/sap_swpm/templates/configfile.j2 deleted file mode 100644 index 48765b1b5..000000000 --- a/roles/sap_swpm/templates/configfile.j2 +++ /dev/null @@ -1,965 +0,0 @@ -### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} - -{% if 'swpm_installation_media' in sap_swpm_inifile_list %} -###### -# swpm_installation_media -###### -archives.downloadBasket = {{ sap_swpm_software_path }} - -# installation_export.archivesFolder = {{ sap_swpm_cd_export_path }} - -# NOTE: Specific media requirements will use format -# SAPINST.CD.PACKAGE. = -{% endif %} - -{% if 'swpm_installation_media_swpm2_hana' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm2_hana -###### -HDB_Software_Dialogs.useMediaCD = {{ sap_swpm_software_use_media }} -{% endif %} - -{% if 'swpm_installation_media_swpm1' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm1 -###### -SAPINST.CD.PACKAGE.LANGUAGE = {{ sap_swpm_cd_language_path }} -SAPINST.CD.PACKAGE.JAVA = {{ sap_swpm_cd_java_path }} -SAPINST.CD.PACKAGE.RDBMS = {{ sap_swpm_cd_rdbms_path }} -# SAPINST.CD.PACKAGE.KERNEL = -# SAPINST.CD.PACKAGE.KERNEL2 = -# SAPINST.CD.PACKAGE.KERNEL3 = - -# SAPINST.CD.PACKAGE.JAVA_EXPORT = /path/JAVA_EXPORT -# SAPINST.CD.PACKAGE.JDMP = /path/JAVA_EXPORT_JDMP -# SAPINST.CD.PACKAGE.J2EE = /path/JAVA_J2EE_OSINDEP -# SAPINST.CD.PACKAGE.J2EE-INST = /path/JAVA_J2EE_OSINDEP_J2EE_INST -# SAPINST.CD.PACKAGE.SCA = /path/JAVA_J2EE_OSINDEP_UT - -{% endif %} - -{% if 'swpm_installation_media_swpm1_exportfiles' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm1_exportfiles -###### -SAPINST.CD.PACKAGE.EXPORT = {{ sap_swpm_cd_export_path }} -# SAPINST.CD.PACKAGE.LOAD = -SAPINST.CD.PACKAGE.LOAD1 = {{ sap_swpm_cd_export_pt1_path }} -SAPINST.CD.PACKAGE.LOAD2 = {{ sap_swpm_cd_export_pt2_path }} -# SAPINST.CD.PACKAGE.JMIG = -{% endif %} - -{% if 'swpm_installation_media_swpm1_ibmdb2' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm1_ibmdb2 -###### -# Requested package : RDBMS-DB6 -SAPINST.CD.PACKAGE.DB2 = {{ sap_swpm_cd_ibmdb2_path }} - -# Requested package : RDBMS-DB6 CLIENT -SAPINST.CD.PACKAGE.DB2CLIENT = {{ sap_swpm_cd_ibmdb2_client_path }} - -# IBM DB2 software unpack path e.g. /db2/db2x01/db2_software -db6.DB2SoftwarePath = {{ sap_swpm_ibmdb2_unpack_path }} -{% endif %} - -{% if 'swpm_installation_media_swpm1_oracledb_121' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm1_oracledb_121 -###### -# Requested package : RDBMS-ORA -SAPINST.CD.PACKAGE.RDBMS-ORA121 = {{ sap_swpm_cd_oracle_path }} - -# Requested package : RDBMS-ORA CLIENT -SAPINST.CD.PACKAGE.ORACLI121 = {{ sap_swpm_cd_oracle_client_path }} -{% endif %} - -{% if 'swpm_installation_media_swpm1_oracledb_122' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm1_oracledb_122 -###### -# Requested package : RDBMS-ORA -SAPINST.CD.PACKAGE.RDBMS-ORA122 = {{ sap_swpm_cd_oracle_path }} - -# Requested package : RDBMS-ORA CLIENT -SAPINST.CD.PACKAGE.ORACLI122 = {{ sap_swpm_cd_oracle_client_path }} -{% endif %} - -{% if 'swpm_installation_media_swpm1_oracledb_19' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm1_oracledb_19 -###### -# Requested package : RDBMS-ORA -SAPINST.CD.PACKAGE.RDBMS-ORA19 = {{ sap_swpm_cd_oracle_path }} - -# Requested package : RDBMS-ORA CLIENT -SAPINST.CD.PACKAGE.ORACLI19 = {{ sap_swpm_cd_oracle_client_path }} -{% endif %} - -{% if 'swpm_installation_media_swpm1_sapase' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm1_sapase -###### -# Requested package : RDBMS-SYB -SAPINST.CD.PACKAGE.RDBMS-SYB = {{ sap_swpm_cd_sapase_path }} -SAPINST.CD.PACKAGE.RDBMS-SYB-CLIENT = {{ sap_swpm_cd_sapase_client_path }} - -{% endif %} - -{% if 'swpm_installation_media_swpm1_sapmaxdb' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_swpm1_sapmaxdb -###### -# Requested package : RDBMS-ADA -SAPINST.CD.PACKAGE.RDBMS-ADA = {{ sap_swpm_cd_sapmaxdb_path }} -{% endif %} - -{% if 'maintenance_plan_stack_tms_config' in sap_swpm_inifile_list %} -###### -# maintenance_plan_stack_tms_config -###### -NW_ABAP_TMSConfig.configureTMS = {{ sap_swpm_configure_tms | lower }} -NW_ABAP_TMSConfig.transportPassword = {{ sap_swpm_tmsadm_password }} -{% endif %} - -{% if 'maintenance_plan_stack_tms_transports' in sap_swpm_inifile_list %} -###### -# maintenance_plan_stack_tms_transports -###### -NW_ABAP_Include_Corrections.includeTransports = true -NW_ABAP_Include_Corrections.transportFilesLocations = {{ sap_swpm_tms_tr_files_path }} -{% endif %} - -{% if 'maintenance_plan_stack_spam_config' in sap_swpm_inifile_list %} -###### -# maintenance_plan_stack_spam_config -###### -NW_ABAP_SPAM_Update.SPAMUpdateDecision = {{ sap_swpm_spam_update | lower }} -{% if sap_swpm_spam_update %} -NW_ABAP_SPAM_Update.SPAMUpdateArchive = {{ sap_swpm_spam_update_sar }} -{% else %} -#NW_ABAP_SPAM_Update.SPAMUpdateArchive = -{% endif %} -{% endif %} - -{% if 'maintenance_plan_stack_sum_config' in sap_swpm_inifile_list %} -###### -# maintenance_plan_stack_sum_config -###### -NW_ABAP_Prepare_SUM.prepareSUM = {{ sap_swpm_sum_prepare | lower }} -NW_ABAP_Prepare_SUM.startSUM = {{ sap_swpm_sum_start | lower }} - -# Password for SUM must be for 'adm' user -NW_ABAP_Prepare_SUM.Password = {{ sap_swpm_sap_sidadm_password }} -{% endif %} - -{% if 'maintenance_plan_stack_sum_10_batch_mode' in sap_swpm_inifile_list %} -###### -# maintenance_plan_stack_sum_10_batch_mode -###### -# Re-run of existing BatchModeInputFile.xml for NWAS JAVA (generated by SUM 1.0 on previous host into the /sdt/param/ subdirectory) -NW_ABAP_Prepare_SUM.SUMBatchFile = {{ sap_swpm_sum_batch_file }} -{% endif %} - -{% if 'credentials' in sap_swpm_inifile_list %} -###### -# credentials -###### -# Master password -NW_GetMasterPassword.masterPwd = {{ sap_swpm_master_password }} - -# 'adm' user -nwUsers.sidadmPassword = {{ sap_swpm_sap_sidadm_password }} - -DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} - -# 'sapadm' user of the SAP Host Agent -hostAgent.sapAdmPassword = {{ sap_swpm_sapadm_password }} -{% endif %} - -{% if 'credentials_hana' in sap_swpm_inifile_list %} -###### -# credentials_hana -###### -HDB_Schema_Check_Dialogs.schemaPassword = {{ sap_swpm_db_schema_password }} -storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} -{% endif %} - -{% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_list %} -###### -# credentials_anydb_ibmdb2 -###### -nwUsers.db6.db2sidPassword = {{ sap_swpm_sap_sidadm_password }} -# nwUsers.db6.db2sidUid = -{% endif %} - -{% if 'credentials_anydb_oracledb' in sap_swpm_inifile_list %} -###### -# credentials_anydb_oracledb -###### -# Oracle database software owner -ora.oraclePassword = {{ sap_swpm_sap_sidadm_password }} - -# 'ora' user -ora.orasidPassword = {{ sap_swpm_sap_sidadm_password }} - -# Oracle 'SYS' password -ora.SysPassword = {{ sap_swpm_db_system_password }} - -# Oracle 'SYSTEM' password -ora.SystemPassword = {{ sap_swpm_db_system_password }} -{% endif %} - -{% if 'credentials_anydb_sapase' in sap_swpm_inifile_list %} -###### -# credentials_anydb_sapase -###### -nwUsers.syb.sybsidPassword = {{ sap_swpm_sap_sidadm_password }} -SYB.NW_DB.sa_pass = {{ sap_swpm_master_password }} -SYB.NW_DB.sapsa_pass = {{ sap_swpm_master_password }} -SYB.NW_DB.sapsr3_pass = {{ sap_swpm_master_password }} -SYB.NW_DB.sapsr3db_pass = {{ sap_swpm_db_system_password }} -# SYB.NW_DB.encryptionMasterKeyPassword = -# SYB.NW_DB.sapsso_pass = -# SYB.NW_DB.sslPassword = -{% endif %} - -{% if 'credentials_anydb_sapmaxdb' in sap_swpm_inifile_list %} -###### -# credentials_anydb_sapmaxdb -# -# The password of user DBUser may only consist of alphanumeric characters and the special characters #, $, @ and _ -###### -nwUsers.ada.sqdsidPassword = {{ sap_swpm_sap_sidadm_password }} -Sdb_DBUser.dbaPassword = {{ sap_swpm_db_system_password }} -Sdb_DBUser.dbmPassword = {{ sap_swpm_db_system_password }} -Sdb_Schema_Dialogs.dbSchemaPassword = {{ sap_swpm_db_schema_password }} -{% endif %} - -{% if 'credentials_nwas_ssfs' in sap_swpm_inifile_list %} -###### -# credentials_nwas_ssfs -###### -HDB_Userstore.useABAPSSFS = true -# NW_ABAP_SSFS_CustomKey.ssfsKeyInputFile = -{% endif %} - -{% if 'credentials_hdbuserstore' in sap_swpm_inifile_list %} -###### -# credentials_hdbuserstore -###### -HDB_Userstore.useABAPSSFS = false -# HDB_Userstore.doNotResolveHostnames = -# HDB_Userstore.HDB_USE_IDENT = -# HDB_Userstore.systemDBPort = -# NW_HDB_DBClient.checkCreateUserstore = true -# NW_HDB_DBClient.clientPathStrategy = LOCAL -{% endif %} - -{% if 'credentials_syscopy' in sap_swpm_inifile_list %} -###### -# credentials_syscopy -###### -# Are the passwords for the DDIC users different from the default value? -NW_DDIC_Password.needDDICPasswords = true -NW_DDIC_Password.ddic000Password = {{ sap_swpm_ddic_000_password }} -#NW_DDIC_Password.ddic001Password = -{% endif %} - -{% if 'db_config_hana' in sap_swpm_inifile_list %} -###### -# db_config_hana -###### -storageBasedCopy.hdb.instanceNumber = {{ sap_swpm_db_instance_nr }} -HDB_Schema_Check_Dialogs.schemaName = {{ sap_swpm_db_schema }} - -{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} -HDB_Schema_Check_Dialogs.validateSchemaName = true -{% else %} -HDB_Schema_Check_Dialogs.validateSchemaName = false -{% endif %} - -# HDB_Schema_Check_Dialogs.dropSchema = false -# hdb.create.dbacockpit.user = false -{% endif %} - -{% if 'db_config_anydb_all' in sap_swpm_inifile_list %} -###### -# db_config_anydb_all -###### -NW_ABAP_Import_Dialog.dbCodepage = 4103 -{% endif %} - -{% if 'db_config_anydb_ibmdb2' in sap_swpm_inifile_list %} -###### -# db_config_anydb_ibmdb2 -###### -NW_ABAP_Import_Dialog.migmonJobNum = 3 -NW_ABAP_Import_Dialog.migmonLoadArgs = -stop_on_error -loadprocedure fast LOAD:COMPRESS_ALL:DEF_CRT -NW_getDBInfoGeneric.dbhost = {{ sap_swpm_db_host }} -NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} -NW_getUnicode.isUnicode = true -# db6.useMcod = true -# db6.useBluSettings = false -# db6.gid_sysadm = -# db6.gid_sysctrl = -# db6.gid_sysmaint = -# db6.gid_sysmon = -db6.allowUnsignedDatabaseSoftware = true -db6.cluster.ClusterType = HADR (High Availability Disaster Recovery) -db6.createTablespacesUsingSapinst = true -db6.minimizeDatabaseSizeCompression = true -db6.TablespacePoolSizes = SAPSID#DATA{20} -db6.useAutoStorage = true -db6.useExtraSapdataSaptmpDirLayout = false -db6.UseStandardTablespacePool = true -db6.usesLDAP = false -storageBasedCopy.db6.CommunicationPortNumber = 5912 -storageBasedCopy.db6.PortRangeEnd = 5917 -storageBasedCopy.db6.PortRangeStart = 5914 -{% endif %} - -{% if 'db_config_anydb_oracledb' in sap_swpm_inifile_list %} -###### -# db_config_anydb_oracledb -###### -NW_ABAP_Import_Dialog.migmonJobNum = 3 -NW_ABAP_Import_Dialog.migmonLoadArgs = -stop_on_error -loadprocedure fast -NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} -storageBasedCopy.ora.listenerName = SAPORALISTENER -# storageBasedCopy.ora.listenerPort = -storageBasedCopy.ora.ABAPSchema = {{ sap_swpm_db_schema_abap }} -# storageBasedCopy.ora.JavaSchema = {{ sap_swpm_db_schema_java }} -# storageBasedCopy.ora.swowner = oracle -ora.createStatisticsCodeABAP = SKIP -ora.createStatisticsCodeJAVA = SKIP -ora.multitenant.pdbsid = {{ sap_swpm_sid | upper }} -ora.whatInstallation = isSingle -# ora.IgnoreClientVersion = false -# ora.maxDatafileSize = 2000 - -#### Oracle Multitenant Pluggable DB: #### -#### a single Oracle Container Database (CDB) can host multiple Oracle Pluggable Databases (PDB) #### -## FALSE: no pluggable installation (default value) -## CDB_PDB: install CDB and PDB -## PDB_ONLY: install PDB only in an existing CDB. -## CDB_ONLY: install CDB only. -ora.multitenant.installMT = FALSE -{% endif %} - -{% if 'db_config_anydb_oracledb_121' in sap_swpm_inifile_list %} -###### -# db_config_anydb_oracledb_121 -# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) -###### -ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/121 -storageBasedCopy.ora.clientVersion = 121 -storageBasedCopy.ora.serverVersion = 121 -{% endif %} - -{% if 'db_config_anydb_oracledb_122' in sap_swpm_inifile_list %} -###### -# db_config_anydb_oracledb_122 -# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) -###### -ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/122 -storageBasedCopy.ora.clientVersion = 122 -storageBasedCopy.ora.serverVersion = 122 -{% endif %} - -{% if 'db_config_anydb_oracledb_19' in sap_swpm_inifile_list %} -###### -# db_config_anydb_oracledb_19 -# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) -###### -ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/19 -storageBasedCopy.ora.clientVersion = 19 -storageBasedCopy.ora.serverVersion = 19 -{% endif %} - -{% if 'db_config_anydb_sapase' in sap_swpm_inifile_list %} -###### -# db_config_anydb_sapase -###### -NW_ABAP_Import_Dialog.migmonJobNum = 3 -NW_ABAP_Import_Dialog.migmonLoadArgs = -c 100000 -loadprocedure fast -NW_SYB_DBPostload.numberParallelStatisticJobs = 0 -SYB.NW_DB.aseSortOrder = binaryalt -SYB.NW_DB.databaseDevices = data device for SAP,/sybase/{{ sap_swpm_sid | upper }}/sapdata_1,88,,,{{ sap_swpm_sid | upper }}_data_001,log device for SAP,/sybase/{{ sap_swpm_sid | upper }}/saplog_1,10,,,{{ sap_swpm_sid | upper }}_log_001,data device for saptools,/sybase/{{ sap_swpm_sid | upper }}/sapdiag,2,,,saptools_data_001,log device for saptools,/sybase/{{ sap_swpm_sid | upper }}/sapdiag,2,,,saptools_log_001,data device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,1,,,sybsecurity_data_001,data device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,1,,,sybsecurity_data_002,log device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,0.5,,,sybsecurity_log_001,temp device for SAP,/sybase/{{ sap_swpm_sid | upper }}/saptemp,8,,,saptempdb_data_001, -SYB.NW_DB.databaseType = ase -SYB.NW_DB.enableGranularPermissions = true -SYB.NW_DB.enableStrongCipherSuitesForSSL = false -SYB.NW_DB.folderDatabaseSoftware = /sybase/{{ sap_swpm_sid | upper }} -SYB.NW_DB.folderDiagDevice = /sybase/{{ sap_swpm_sid | upper }}/sapdiag -SYB.NW_DB.folderSAPTempdbDevice = /sybase/{{ sap_swpm_sid | upper }}/saptemp -SYB.NW_DB.folderSecurityDevices = /sybase/{{ sap_swpm_sid | upper }}/sybsecurity -SYB.NW_DB.folderSystemDevices = /sybase/{{ sap_swpm_sid | upper }}/sybsystem -SYB.NW_DB.folderTempdbDevice = /sybase/{{ sap_swpm_sid | upper }}/sybtemp -SYB.NW_DB.indexConsumers = 3 -SYB.NW_DB.initializeDefaultSystemEncryptionPassword = false -SYB.NW_DB.maxIndexParallelDegree = 10 -SYB.NW_DB.maxQueryParallelDegree = 10 -SYB.NW_DB.numberWorkerProcesses = 50 -SYB.NW_DB.sqlServerConnections = 200 -SYB.NW_DB.sqlServerHostname = {{ sap_swpm_db_host }} -SYB.NW_DB.sybmgmtdbDataDeviceFolder = /sybase/{{ sap_swpm_sid | upper }}/sybsystem -SYB.NW_DB.sybmgmtdbLogDeviceFolder = /sybase/{{ sap_swpm_sid | upper }}/sybsystem -SYB.NW_DB.userstore_hostname = {{ sap_swpm_ascs_instance_hostname }} - -# To avoid conflicts, leave all Ports blank and SAP SWPM will auto-assign -# Ports by default are in order 4901, 4902, 4903, 4904. For each new ASE DB Server instance on the host, each port number is incremented by 4 -SYB.NW_DB.portDatabaseServer = -SYB.NW_DB.portBackupServer = -SYB.NW_DB.portJobScheduler = -SYB.NW_DB.portXPServer = -{% endif %} - -{% if 'db_config_anydb_sapmaxdb' in sap_swpm_inifile_list %} -###### -# db_config_anydb_sapmaxdb -###### -NW_ABAP_Import_Dialog.migmonJobNum = 90 -NW_ABAP_Import_Dialog.migmonLoadArgs = -para_cnt 90 -NW_ADA_getDBInfo.dbsid = {{ sap_swpm_db_sid }} -SdbInstanceDialogs.DB_sessions = 100 -SdbInstanceDialogs.minlogsize = 4000 -SdbInstanceDialogs.sapdataFolder = sapdata -SdbInstanceDialogs.saplogFolder = saplog -{% endif %} - -{% if 'db_connection_nw_hana' in sap_swpm_inifile_list %} -###### -# db_connection_nw_hana -###### -NW_HDB_getDBInfo.dbhost = {{ sap_swpm_db_host }} -NW_HDB_getDBInfo.dbsid = {{ sap_swpm_db_sid }} -NW_HDB_getDBInfo.instanceNumber = {{ sap_swpm_db_instance_nr }} -NW_HDB_getDBInfo.systemid = {{ sap_swpm_db_sid }} -NW_HDB_getDBInfo.systemPassword = {{ sap_swpm_db_system_password }} -# NW_HDB_getDBInfo.systemDbSid = SystemDB -NW_HDB_getDBInfo.systemDbPassword = {{ sap_swpm_db_systemdb_password }} -NW_HDB_DB.abapSchemaName = {{ sap_swpm_db_schema_abap }} -NW_HDB_DB.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} -NW_HDB_DB.javaSchemaName = {{ sap_swpm_db_schema_java }} -NW_HDB_DB.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} -NW_Recovery_Install_HDB.extractLocation = /usr/sap/{{ sap_swpm_db_sid }}/HDB{{ sap_swpm_db_instance_nr }}/backup/data/DB_HDB -NW_Recovery_Install_HDB.extractParallelJobs = {{ sap_swpm_parallel_jobs_nr }} -NW_Recovery_Install_HDB.sidAdmName = {{ sap_swpm_db_sid | lower }}adm -NW_Recovery_Install_HDB.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} -# NW_HDB_getDBInfo.dbadmin = SYSTEM -# NW_HDB_getDBInfo.tenantOsGroup = {{ sap_swpm_db_sid | lower }}grp -# NW_HDB_getDBInfo.tenantOsUser = {{ sap_swpm_db_sid | lower }}usr -# NW_HDB_getDBInfo.tenantPort = -{% endif %} - -{% if 'db_connection_nw_anydb_ibmdb2' in sap_swpm_inifile_list %} -###### -# db_connection_nw_anydb_ibmdb2 -###### -# db6.UseDb2SSLClientServerComm = false -nwUsers.db6.sapsidPassword = {{ sap_swpm_sapadm_password }} -# nwUsers.db6.sapsidUid = - -# nwUsers.db6.sapsiddbPassword = -# nwUsers.db6.sapsiddbUid = - -# Database Schema and Database Connect User for ABAP (default is sap and not sap) -NW_DB6_DB.db6.abap.connect.user = sap{{ sap_swpm_sid | lower }} -NW_DB6_DB.db6.abap.schema = sap{{ sap_swpm_sid | lower }} -# NW_DB6_DB.db6.java.connect.user = -# NW_DB6_DB.db6.java.schema = -{% endif %} - -{% if 'db_connection_nw_anydb_oracledb' in sap_swpm_inifile_list %} -###### -# db_connection_nw_anydb_oracledb -###### -storageBasedCopy.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} -storageBasedCopy.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} -{% endif %} - -{% if 'db_connection_nw_anydb_sapase' in sap_swpm_inifile_list %} -###### -# db_connection_nw_anydb_sapase -###### -# NW_SYB_CIABAP.sapsaPassword = -{% endif %} - -{% if 'db_restore_hana' in sap_swpm_inifile_list %} -###### -# db_restore_hana -###### -NW_HDB_getDBInfo.systemPasswordBackup = {{ sap_swpm_backup_system_password }} -HDB_Recovery_Dialogs.backupLocation = {{ sap_swpm_backup_location }} -HDB_Recovery_Dialogs.backupName = {{ sap_swpm_backup_prefix }} -HDB_Recovery_Dialogs.sapControlWsdlUrl = http://{{ sap_swpm_db_host }}:5{{ sap_swpm_db_instance_nr }}13/SAPControl?wsdl -HDB_Recovery_Dialogs.sidAdmName = {{ sap_swpm_db_sid | lower }}adm -HDB_Recovery_Dialogs.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} -# HDB_Recovery_Dialogs.backupDestinationType = File -# HDB_Recovery_Dialogs.licenseFile = -# HDB_Recovery_Dialogs.skipExistenceCheck = false -# HDB_Recovery_Dialogs.sourceDatabaseSid = -# HDB_Recovery_Dialogs.useLicenseFile = false -# NW_Recovery_Install_HDB.checkIntegrity = false -# NW_Recovery_Install_HDB.backupLocationHANA = -# NW_Recovery_Install_HDB.backupLocationSAP = -# NW_Recovery_Install_HDB.loadOrMount = load -# HDB_System_Check_Dialogs.initTopology = false -# NW_CreateDBandLoad.movePVCforUsagePiAndDi = -{% endif %} - -{% if 'nw_config_anydb' in sap_swpm_inifile_list %} -###### -# nw_config_anydb -###### -# Distributed installation or system copy with any database and SAP Basis release 740 or higher: -# Execute ABAP program 'RUTPOADAPT' for depooling. Set it to 'true' if declustering / depooling is selected for the distributed database instance installation option -NW_CI_Instance_ABAP_Reports.executeReportsForDepooling = false -{% endif %} - -{% if 'nw_config_other' in sap_swpm_inifile_list %} -###### -# nw_config_other -###### -# NW_Delete_Sapinst_Users.removeUsers = false -NW_getFQDN.FQDN = {{ sap_swpm_fqdn }} -NW_getFQDN.setFQDN = {{ sap_swpm_set_fqdn | lower }} -# NW_getFQDN.resolve = true -NW_GetSidNoProfiles.sid = {{ sap_swpm_sid }} -# NW_GetSidNoProfiles.sapmnt = /sapmnt -# NW_GetSidNoProfiles.strictSidCheck = true -# NW_GetSidNoProfiles.unicode = true -NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile -# NW_readProfileDir.profilesAvailable = -NW_getLoadType.loadType = {{ sap_swpm_load_type }} -# NW_getUnicode.isUnicode = -# MessageServer.configureAclInfo = false -# NW_Exit_Before_Systemstart.exit = false -# NW_adaptProfile.skipSecurityProfileSettings = false -# OS4.DestinationASP = -{% endif %} - -{% if 'nw_config_central_services_abap' in sap_swpm_inifile_list %} -###### -# nw_config_central_services_abap -# Central Services (ASCS) contains the Message server (MS) and Enqueue work processes (EN) for the ABAP Dispatcher. -# Formerly the processes were contained in the Central Instance (CI). -###### -NW_CI_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} -NW_CI_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} -# NW_SCS_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} -NW_SCS_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} -{% endif %} - -{% if 'nw_config_central_services_java' in sap_swpm_inifile_list %} -###### -# nw_config_central_services_java -# SAP Java Central Services Instance (SCS) contains the Java Message server (MS), Java Enqueue server (EN), Java Gateway (GW) and Java Internal Web Dispatcher (WD). -###### -NW_CI_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} -NW_CI_Instance.scsInstanceNumber = {{ sap_swpm_java_scs_instance_nr }} -NW_SCS_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} -# NW_SCS_Instance.scsInstanceNumber = -NW_SCS_Instance.instanceNumber = {{ sap_swpm_java_scs_instance_nr }} -NW_JAVA_Export.keyPhrase = {{ sap_swpm_master_password }} -{% endif %} - -{% if 'nw_config_primary_application_server_instance' in sap_swpm_inifile_list %} -###### -# nw_config_primary_application_server_instance -# Primary Application Server (PAS) contains the Internet Communication Manager (ICM), Gateway (GW), and ABAP Dispatcher (DI/WP) work processes. -# Formerly called the Central Instance (CI). -###### -NW_CI_Instance.ciVirtualHostname = {{ sap_swpm_pas_instance_hostname }} -NW_CI_Instance.ciInstanceNumber = {{ sap_swpm_pas_instance_nr }} -# NW_CI_Instance.nodesNum = -# NW_CI_Instance.nodesNumber = defNodes -# NW_WPConfiguration.ciBtcWPNumber = 6 -# NW_WPConfiguration.ciDialogWPNumber = 10 -{% endif %} - -{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} -###### -# nw_config_additional_application_server_instance -# Additional Application Server (AAS) contains ABAP Dispatcher (DI/WP) work processes. -# Formerly called the Dialog Instance (DI). -###### -# Instance number of SAP NetWeaver Application Server. Leave empty for default. -NW_AS.instanceNumber = {{ sap_swpm_aas_instance_nr }} - -# Do not skip unpacking archives if adding the SAP NetWeaver Application Server to another operating system / host. Default is 'false'. -# NW_AS.skipUnpacking = false - -# Start the SAP NetWeaver Application Server at the end of the installation. Default is 'true'. -# NW_AS.start = true - -# Virtual host name of the SAP NetWeaver Application Server instance. Leave empty to use the existing host name -NW_DI_Instance.virtualHostname = {{ sap_swpm_aas_instance_hostname }} -{% endif %} - -{% if 'nw_config_ers' in sap_swpm_inifile_list %} -###### -# nw_config_ers -###### -nw_instance_ers.ersVirtualHostname = {{ sap_swpm_ers_instance_hostname }} -nw_instance_ers.ersInstanceNumber = {{ sap_swpm_ers_instance_nr }} - -# Disable 'Automatic Instance and Service Restart' for SAP SWPM Unattended Mode, -# otherwise by default SAP SWPM will use sapcontrol -queryuser -function Stop and will cause error -# "User? Password? Stop. FAIL: Invalid Credentials" -nw_instance_ers.restartSCS = false -{% endif %} - -{% if 'nw_config_ports' in sap_swpm_inifile_list %} -###### -# nw_config_ports -###### -NW_CI_Instance.ciMSPort = 36{{ sap_swpm_ascs_instance_nr }} -NW_checkMsgServer.abapMSPort = 36{{ sap_swpm_ascs_instance_nr }} -# NW_CI_Instance.ciMSPortInternal = -# NW_CI_Instance.createGlobalProxyInfoFile = false -# NW_CI_Instance.createGlobalRegInfoFile = false -# NW_CI_Instance.scsMSPortInternal = -# NW_SCS_Instance.scsMSPort = -# NW_SCS_Instance.createGlobalProxyInfoFile = false -# NW_SCS_Instance.createGlobalRegInfoFile = false -{% endif %} - -{% if 'nw_config_java_ume' in sap_swpm_inifile_list %} -###### -# nw_config_java_ume -###### -UmeConfiguration.adminName = J2EE_ADM_{{ sap_swpm_sid }} -UmeConfiguration.adminPassword = {{ sap_swpm_ume_j2ee_admin_password }} -UmeConfiguration.guestName = J2EE_GST_{{ sap_swpm_sid }} -UmeConfiguration.sapjsfPassword = {{ sap_swpm_ume_sapjsf_password }} -UmeConfiguration.umeClient = {{ sap_swpm_ume_client_nr }} -UmeConfiguration.umeHost = {{ sap_swpm_pas_instance_hostname }} -UmeConfiguration.umeInstance = {{ sap_swpm_ume_instance_nr }} -UmeConfiguration.umeType = {{ sap_swpm_ume_type }} -# UmeConfiguration.sapjsfName = SAPJSF -{% endif %} - -{% if 'nw_config_java_feature_template_ids' in sap_swpm_inifile_list %} -###### -# nw_config_java_feature_template_ids -###### -NW_internal.useProductVersionDescriptor = true -nw_java_import.buildJEEusingExtraMileTool = {{ true if sap_swpm_java_import_method == 'extramile' else false }} - -# If use PV = true -# SAP SWPM 1.0 for SAP NetWeaver AS (JAVA), Product Version Software Instance **Feature Template IDs** comma-separated list -Select_PPMS_Instances.ListOfSelectedInstances = {% set selected_ids = [] %}{%- for item_selected in sap_swpm_java_template_id_selected_list %} -{%- if item_selected in sap_swpm_java_template_id_lookup_dictionary -%} -{{ selected_ids.append(sap_swpm_java_template_id_lookup_dictionary[item_selected]) }} -{%- endif %} -{%- endfor %}{{ selected_ids | flatten | join(',') }} - -## If use PV = false [LEGACY for before NWAS JAVA 7.40] -## Comma-separated value list containing which product instances (formerly known as usage types) are installed. Used for handling product instances in unattended mode. -## SAP_Software_Features_Select.selectedInstancesForInstallation = AS,AAS,BASIC,NW-MODEL,ESR,PI,PI-AF -{%- endif %} - -{% if 'nw_config_webdisp_generic' in sap_swpm_inifile_list %} -###### -# nw_config_webdisp_generic -###### -NW_Webdispatcher_Instance.wdInstanceNumber = {{ sap_swpm_wd_instance_nr }} -# NW_webdispatcher_Instance.encryptionMode = Always -# NW_webdispatcher_Instance.useWdHTTPPort = false -NW_webdispatcher_Instance.wdHTTPPort = 80{{ sap_swpm_wd_instance_nr }} -NW_webdispatcher_Instance.wdHTTPSPort = 443{{ sap_swpm_wd_instance_nr }} -NW_webdispatcher_Instance.wdVirtualHostname = {{ sap_swpm_wd_virtual_host }} - -NW_Webdispatcher_Instance.configureSystemConnectivity = {{ sap_swpm_wd_system_connectivity | lower }} -NW_webdispatcher_Instance.backEndSID = {{ sap_swpm_wd_backend_sid }} -NW_webdispatcher_Instance.msHTTPPort = {{ sap_swpm_wd_backend_ms_http_port }} -NW_webdispatcher_Instance.msHost = {{ sap_swpm_wd_backend_ms_host }} -NW_webdispatcher_Instance.scenarioSize = {{ sap_swpm_wd_backend_scenario_size }} - -NW_webdispatcher_Instance.activateICF = {{ sap_swpm_wd_activate_icf | lower }} -NW_webdispatcher_Instance.rfcHost = {{ sap_swpm_wd_backend_rfc_host }} -NW_webdispatcher_Instance.rfcInstance = {{ sap_swpm_wd_backend_rfc_instance_nr }} -NW_webdispatcher_Instance.rfcClient = {{ sap_swpm_wd_backend_rfc_client_nr }} -NW_webdispatcher_Instance.rfcUser = {{ sap_swpm_wd_backend_rfc_user }} -NW_webdispatcher_Instance.rfcPassword = {{ sap_swpm_wd_backend_rfc_user_password }} -{% endif %} - -{% if 'nw_config_webdisp_gateway' in sap_swpm_inifile_list %} -###### -# nw_config_webdisp_gateway -# -# It is recommended to install gateway as part of ASCS -# It is NOT recommended to install webdispatcher as part of ASCS. A separate Web Dispatcher instance should be installed (SAP Note 908097) -###### -NW_CI_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} -# NW_SCS_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} - -# Embedded SAP Web Dispatcher -# NW_CI_Instance.ascsInstallWebDispatcher = false -# NW_SCS_Instance.ascsInstallWebDispatcher = false -{% endif %} - -{% if 'nw_config_host_agent' in sap_swpm_inifile_list %} -###### -# nw_config_host_agent -###### -NW_System.installSAPHostAgent = {{ sap_swpm_install_saphostagent | lower }} -{% endif %} - -{% if 'nw_config_post_load_abap_reports' in sap_swpm_inifile_list %} -###### -# nw_config_post_load_abap_reports -###### -# Activate ICF node '/SAP/BC/REST/SLPROTOCOL' -NW_CI_Instance_ABAP_Reports.enableActivateICFService = true - -# SAP INTERNAL USE ONLY -# NW_CI_Instance_ABAP_Reports.enableSPAMUpdateWithoutStackXml = false - -# SAP INTERNAL USE ONLY -# NW_CI_Instance_ABAP_Reports.enableTMSConfigWithoutStackXml = false - -# SAP INTERNAL USE ONLY -# NW_CI_Instance_ABAP_Reports.enableTransportsWithoutStackXml = false - -# Need specific new password of the DDIC user in client 000, different from Master Password -# NW_CI_Instance_ABAP_Reports.needNewDDIC000Password = false - -# Need specific new password of the DDIC user in client 001, different from Master Password -# NW_CI_Instance_ABAP_Reports.needNewDDIC001Password = false - -# Need specific new password of the SAP* user in client 000, different from Master Password -# NW_CI_Instance_ABAP_Reports.needNewSapStar000Password = false - -# Need specific new password of the SAP* user in client 001, different from Master Password -# NW_CI_Instance_ABAP_Reports.needNewSapStar001Password = false - -# Specify new password of the DDIC user in client 000, different from Master Password -# NW_CI_Instance_ABAP_Reports.ddic000Password = - -# Specify new password of the DDIC user in client 001, different from Master Password -# NW_CI_Instance_ABAP_Reports.ddic001Password = - -# Specify new password of the SAP* user in client 000, different from Master Password -# NW_CI_Instance_ABAP_Reports.sapStar000Password = - -# Specify new password of the SAP* user in client 001, different from Master Password -# NW_CI_Instance_ABAP_Reports.sapStar001Password = -{% endif %} - -{% if 'nw_config_livecache' in sap_swpm_inifile_list %} -###### -# nw_config_livecache -###### -NW_liveCache.controlUserPwd = -NW_liveCache.liveCacheHost = -NW_liveCache.liveCacheID = -NW_liveCache.liveCacheUser = -NW_liveCache.liveCacheUserPwd = -NW_liveCache.useLiveCache = -{% endif %} - -{% if 'nw_config_sld' in sap_swpm_inifile_list %} -###### -# nw_config_sld -###### -NW_SLD_Configuration.configureSld = -NW_SLD_Configuration.sldHost = -NW_SLD_Configuration.sldPort = -NW_SLD_Configuration.sldUseHttps = -NW_SLD_Configuration.sldUser = -NW_SLD_Configuration.sldUserPassword = -{% endif %} - -{% if 'nw_config_abap_language_packages' in sap_swpm_inifile_list %} -###### -# nw_config_abap_language_packages -###### -NW_Language_Inst_Dialogs.install = true -# Path to language archive files (e.g. S4HANAOP***_LANG_EN.SAR) -NW_Language_Inst_Dialogs.folders = /software -# Selected languages comma-separated list (by default DE,EN are installed) -NW_Language_Inst_Dialogs.languages = AR,BG,CA,CS,DA,EL,ES,ET,FI,FR,HE,HI,HR,HU,IT,JA,KK,KO,LT,LV,MS,NL,NO,PL,PT,RO,RU,SH,SK,SL,SV,TH,TR,UK,VI,ZF,ZH -{% endif %} - -{% if 'sap_os_linux_user' in sap_swpm_inifile_list %} -###### -# sap_os_linux_user -###### -nwUsers.sapadmUID = {{ sap_swpm_sapadm_uid }} -nwUsers.sapsysGID = {{ sap_swpm_sapsys_gid }} -nwUsers.sidAdmUID = {{ sap_swpm_sidadm_uid }} -{% endif %} - -{% if 'swpm_installation_media_download_service' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_download_service -# Not in use by sap_swpm Ansible Role -###### -# nwUsers.sapServiceSIDPassword = -# download_service.directory = -# DownloadService.EnableProxy = -# DownloadService.HostName = -# DownloadService.Password = -# DownloadService.Port = -# DownloadService.ProvideAuthentication = -# DownloadService.Username = -# DownloadService.planNumber = -{% endif %} - - -{% if 'nw_config_java_icm_credentials' in sap_swpm_inifile_list %} -###### -# nw_config_java_icm_credentials -###### -NW_IcmAuth.webadmPassword = {{ sap_swpm_ume_j2ee_admin_password }} -{% endif %} - - -{% if 'solman_abap_swpm1' in sap_swpm_inifile_list %} -###### -# solman_abap_swpm1 -# Not in use by sap_swpm Ansible Role -###### -InitDeclusteringForImport.decluster = false -{% endif %} - - -{% if 'solman_daa_swpm1' in sap_swpm_inifile_list %} -###### -# solman_daa_swpm1 -# Not in use by sap_swpm Ansible Role -###### -# DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} -# DiagnosticsAgent.installSAPHostAgent -# DiagnosticsAgent.InstanceNumber -# DiagnosticsAgent.LogicalHostName -# DiagnosticsAgent.SAPJVMVersion -# DiagnosticsAgent.SAProuter.Password -# DiagnosticsAgent.SAProuter.RouteString -# DiagnosticsAgent.SID -# DiagnosticsAgent.SLD.Connection -# DiagnosticsAgent.SLD.HostName -# DiagnosticsAgent.SLD.Password -# DiagnosticsAgent.SLD.PortNumber -# DiagnosticsAgent.SLD.UseHTTPS -# DiagnosticsAgent.SLD.UserName -# DiagnosticsAgent.SolMan.Connection -# DiagnosticsAgent.SolMan.HostName -# DiagnosticsAgent.SolMan.Password -# DiagnosticsAgent.SolMan.PortNumber -# DiagnosticsAgent.SolMan.UserName -# DiagnosticsAgent.SolMan.UseSSL -{% endif %} - - -{% if 'syscopy_export_anydb' in sap_swpm_inifile_list %} -###### -# syscopy_export_anydb -# Not in use by sap_swpm Ansible Role -###### -# InitDeclusteringForExport.decluster = -# NW_ABAP_Export_Dialog.customPackageOrder = -# NW_ABAP_Export_Dialog.customSortOrderFile = -# NW_ABAP_Export_Dialog.exportTimeFile = -# NW_ABAP_Export_Dialog.importTimeFile = -# NW_ABAP_Export_Dialog.jobNumberGroupLarge = 7 -# NW_ABAP_Export_Dialog.jobNumberGroupSmall = 4 -# NW_ABAP_Export_Dialog.migmonComHost = -# NW_ABAP_Export_Dialog.migmonComPort = -# NW_ABAP_Export_Dialog.migmonComType = EXCHANGE -# NW_ABAP_Export_Dialog.migmonDataTransferType = NET -# NW_ABAP_Export_Dialog.migmonFtpExchangeDir = -# NW_ABAP_Export_Dialog.migmonFtpExportDir = -# NW_ABAP_Export_Dialog.migmonFtpHost = -# NW_ABAP_Export_Dialog.migmonFtpPassword = -# NW_ABAP_Export_Dialog.migmonFtpUser = -NW_ABAP_Export_Dialog.migmonJobNum = 3 -NW_ABAP_Export_Dialog.migmonLoadArgs = -stop_on_error -# NW_ABAP_Export_Dialog.migmonNetExchangeDir = -# NW_ABAP_Export_Dialog.migmonTaskArgs = -# NW_ABAP_Export_Dialog.nonStandardAbapObjectsHandlingSkip = false -NW_ABAP_Export_Dialog.parallelR3szchkExecution = true -NW_ABAP_Export_Dialog.r3szchkDetermineSizeValue = DB -# NW_ABAP_Export_Dialog.r3szchkJobNum = 10 -NW_ABAP_Export_Dialog.repeatExport = COMPLETE -NW_ABAP_Export_Dialog.splitPackageLimitVal = 5000 -# NW_ABAP_Export_Dialog.splitMaxTableNumVal = 1000 -# NW_ABAP_Export_Dialog.splitTableFile = -# NW_ABAP_Export_Dialog.splitTableLimitVal = 300 -# NW_ABAP_Export_Dialog.splitTableNumVal = 10 -# NW_ABAP_Export_Dialog.splitUseMaxTableNum = false -# NW_ABAP_Export_Dialog.splitUsePackageLimit = true -# NW_ABAP_Export_Dialog.splitUseTableFile = false -# NW_ABAP_Export_Dialog.splitUseTableLimit = false -# NW_ABAP_Export_Dialog.splitUseTableNum = true -# NW_ABAP_Export_Dialog.sqlFileDir = -NW_ABAP_Export_Dialog.targetHardwarePlatform = LITTLE_ENDIAN - -## Target database types for Linux are ADA, HDB, DB6, ORA, SYB -NW_ABAP_Export_Dialog.targetDbType = {{ sap_swpm_export_target_db_type }} - -# NW_ABAP_Export_Dialog.useAdditionalExportHosts = false -# NW_ABAP_Export_Dialog.useAdvancedUnloadConfig = false -# NW_ABAP_Export_Dialog.useCustomPackageOrder = false -# NW_ABAP_Export_Dialog.useCustomSortOrder = false -# NW_ABAP_Export_Dialog.useMigMonConfig = false -# NW_ABAP_Export_Dialog.useParallelExportImport = false -# NW_ABAP_Export_Dialog.useSplit = true -NW_ABAP_Export_Dialog.useSqlFiles = NOSQL -# NW_ABAP_Export_Dialog.useUnicodeTargetSystem = -NW_ABAP_Export_Dialog.useUnsortedUnload = true - -NW_Export.accessLevel4ExportDir = DEFAULT -NW_Export.choiceSepKernel = false -NW_Export.mainExportDir = {{ sap_swpm_export_files_path }} - -# Do not stop SAP System before data is unloaded -# SAP SWPM is unable to automatically stop the SAP System (i.e. DB, ASCS, PAS instances), -# if stop is true then SAP SWPM Unattended will fail on step mainExportParameters -NW_Export.stopRunningSystem = true - -NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile - -NW_getLoadType.loadType = {{ sap_swpm_load_type }} -NW_getLoadType.importManuallyExecuted = false -{% endif %} - - -{% if 'syscopy_import_anydb_ibmdb2' in sap_swpm_inifile_list %} -###### -# syscopy_import_anydb_ibmdb2 -# Not in use by sap_swpm Ansible Role -###### -# db6.Additional_DbServer = -# db6.cluster.HADRPort1 = -# db6.cluster.HADRPort2 = -# db6.cluster.SyncMode = -# db6.ConfigureCluster = false -# db6.DropSchemaList = -# db6.InstallPureScale = false -# db6.InstallTSA = false -# db6.minimizeDatabaseSizeCompression = -# db6.minimizeDatabaseSizeCompressionJava = -# db6.minimizeDatabaseSizeDeferredTable = true -# db6.notuseMcod = -# db6.NumAdditionalPartitions = -# db6.useDB2ControlFiles = false -# db6.UseDb2NativeEncryption = false -# NW_adaptProfile.templateFiles = -# NW_CreateDBandLoad.movePVCforUsagePiAndDi = -db6.allowUnsignedDatabaseSoftware = true -db6.cluster.ClusterType = HADR (High Availability Disaster Recovery) -db6.usingSystemCopyBRforHADR = true -NW_getDBInfoGeneric.dbhost = {{ sap_swpm_db_host }} -NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} -NW_getLoadType.loadType = {{ sap_swpm_load_type }} -NW_getLoadType.importManuallyExecuted = false -NW_getUnicode.isUnicode = true -# NW_getDBInfoGeneric.strictDbSidCheck = true -storageBasedCopy.db6.CommunicationPortNumber = 5912 -storageBasedCopy.db6.PortRangeEnd = 5917 -storageBasedCopy.db6.PortRangeStart = 5914 -# storageBasedCopy.db6.db6updatedbpath = -{% endif %} diff --git a/roles/sap_swpm/templates/inifile_params.j2 b/roles/sap_swpm/templates/inifile_params.j2 new file mode 100644 index 000000000..56da03da8 --- /dev/null +++ b/roles/sap_swpm/templates/inifile_params.j2 @@ -0,0 +1,1158 @@ +### inifile.params generated for SWPM - Product ID is {{ sap_swpm_product_catalog_id }} + +{% if 'swpm_installation_media' in sap_swpm_inifile_sections_list %} +################################################################### +# BEGIN section swpm_installation_media # +# # +archives.downloadBasket = {{ sap_swpm_software_path }} + +# installation_export.archivesFolder = {{ sap_swpm_cd_export_path }} + +# NOTE: Specific media requirements will use format +# SAPINST.CD.PACKAGE. = +# # +# END section swpm_installation_media # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm2_hana' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_swpm2_hana # +# # +HDB_Software_Dialogs.useMediaCD = {{ sap_swpm_software_use_media }} +# # +# END section swpm_installation_media_swpm2_hana # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm1' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_swpm1 # +# # +SAPINST.CD.PACKAGE.LANGUAGE = {{ sap_swpm_cd_language_path }} +SAPINST.CD.PACKAGE.JAVA = {{ sap_swpm_cd_java_path }} +SAPINST.CD.PACKAGE.RDBMS = {{ sap_swpm_cd_rdbms_path }} +# SAPINST.CD.PACKAGE.KERNEL = +# SAPINST.CD.PACKAGE.KERNEL2 = +# SAPINST.CD.PACKAGE.KERNEL3 = + +# SAPINST.CD.PACKAGE.JAVA_EXPORT = /path/JAVA_EXPORT +# SAPINST.CD.PACKAGE.JDMP = /path/JAVA_EXPORT_JDMP +# SAPINST.CD.PACKAGE.J2EE = /path/JAVA_J2EE_OSINDEP +# SAPINST.CD.PACKAGE.J2EE-INST = /path/JAVA_J2EE_OSINDEP_J2EE_INST +# SAPINST.CD.PACKAGE.SCA = /path/JAVA_J2EE_OSINDEP_UT +# # +# END section swpm_installation_media_swpm1 # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm1_exportfiles' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_swpm1_exportfiles # +# # +SAPINST.CD.PACKAGE.EXPORT = {{ sap_swpm_cd_export_path }} +# SAPINST.CD.PACKAGE.LOAD = +SAPINST.CD.PACKAGE.LOAD1 = {{ sap_swpm_cd_export_pt1_path }} +SAPINST.CD.PACKAGE.LOAD2 = {{ sap_swpm_cd_export_pt2_path }} +# SAPINST.CD.PACKAGE.JMIG = +# # +# END section swpm_installation_media_swpm1_exportfiles # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm1_ibmdb2' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_swpm1_ibmdb2 # +# # +# Requested package : RDBMS-DB6 +SAPINST.CD.PACKAGE.DB2 = {{ sap_swpm_cd_ibmdb2_path }} + +# Requested package : RDBMS-DB6 CLIENT +SAPINST.CD.PACKAGE.DB2CLIENT = {{ sap_swpm_cd_ibmdb2_client_path }} + +# IBM DB2 software unpack path e.g. /db2/db2x01/db2_software +db6.DB2SoftwarePath = {{ sap_swpm_ibmdb2_unpack_path }} +# # +# END section swpm_installation_media_swpm1_ibmdb2 # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm1_oracledb_121' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_swpm1_oracledb_121 # +# # +# Requested package : RDBMS-ORA +SAPINST.CD.PACKAGE.RDBMS-ORA121 = {{ sap_swpm_cd_oracle_path }} + +# Requested package : RDBMS-ORA CLIENT +SAPINST.CD.PACKAGE.ORACLI121 = {{ sap_swpm_cd_oracle_client_path }} +# # +# END section swpm_installation_media_swpm1_oracledb_121 # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm1_oracledb_122' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_swpm1_oracledb_122 # +# # +# Requested package : RDBMS-ORA +SAPINST.CD.PACKAGE.RDBMS-ORA122 = {{ sap_swpm_cd_oracle_path }} + +# Requested package : RDBMS-ORA CLIENT +SAPINST.CD.PACKAGE.ORACLI122 = {{ sap_swpm_cd_oracle_client_path }} +# # +# END section swpm_installation_media_swpm1_oracledb_122 # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm1_oracledb_19' in sap_swpm_inifile_sections_list %} + +# Requested package : RDBMS-ORA +################################################################### +# BEGIN section swpm_installation_media_swpm1_oracledb_19 # +# # +SAPINST.CD.PACKAGE.RDBMS-ORA19 = {{ sap_swpm_cd_oracle_path }} + +# Requested package : RDBMS-ORA CLIENT +SAPINST.CD.PACKAGE.ORACLI19 = {{ sap_swpm_cd_oracle_client_path }} +# # +# END section swpm_installation_media_swpm1_oracledb_19 # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm1_sapase' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_swpm1_sapase # +# # +# Requested package : RDBMS-SYB +SAPINST.CD.PACKAGE.RDBMS-SYB = {{ sap_swpm_cd_sapase_path }} +SAPINST.CD.PACKAGE.RDBMS-SYB-CLIENT = {{ sap_swpm_cd_sapase_client_path }} +# # +# END section swpm_installation_media_swpm1_sapase # +################################################################### +{% endif %} +{% if 'swpm_installation_media_swpm1_sapmaxdb' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_swpm1_sapmaxdb # +# # +# Requested package : RDBMS-ADA +SAPINST.CD.PACKAGE.RDBMS-ADA = {{ sap_swpm_cd_sapmaxdb_path }} +# # +# END section swpm_installation_media_swpm1_sapmaxdb # +################################################################### +{% endif %} +{% if 'maintenance_plan_stack_tms_config' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section maintenance_plan_stack_tms_config # +# # +NW_ABAP_TMSConfig.configureTMS = {{ sap_swpm_configure_tms | lower }} +NW_ABAP_TMSConfig.transportPassword = {{ sap_swpm_tmsadm_password }} +# # +# END section maintenance_plan_stack_tms_config # +################################################################### +{% endif %} +{% if 'maintenance_plan_stack_tms_transports' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section maintenance_plan_stack_tms_transports # +# # +NW_ABAP_Include_Corrections.includeTransports = true +NW_ABAP_Include_Corrections.transportFilesLocations = {{ sap_swpm_tms_tr_files_path }} +# # +# END section maintenance_plan_stack_tms_transports # +################################################################### +{% endif %} +{% if 'maintenance_plan_stack_spam_config' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section maintenance_plan_stack_spam_config # +# # +NW_ABAP_SPAM_Update.SPAMUpdateDecision = {{ sap_swpm_spam_update | lower }} +{% if sap_swpm_spam_update %} +NW_ABAP_SPAM_Update.SPAMUpdateArchive = {{ sap_swpm_spam_update_sar }} +{% else %} +#NW_ABAP_SPAM_Update.SPAMUpdateArchive = +{% endif %} +# # +# END section maintenance_plan_stack_spam_config # +################################################################### +{% endif %} +{% if 'maintenance_plan_stack_sum_config' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section maintenance_plan_stack_sum_config +# # +NW_ABAP_Prepare_SUM.prepareSUM = {{ sap_swpm_sum_prepare | lower }} +NW_ABAP_Prepare_SUM.startSUM = {{ sap_swpm_sum_start | lower }} + +# Password for SUM must be for 'adm' user +NW_ABAP_Prepare_SUM.Password = {{ sap_swpm_sap_sidadm_password }} +# # +# END section maintenance_plan_stack_sum_config +################################################################### +{% endif %} +{% if 'maintenance_plan_stack_sum_10_batch_mode' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section maintenance_plan_stack_sum_10_batch_mode # +# # +# Re-run of existing BatchModeInputFile.xml for NWAS JAVA (generated by SUM 1.0 on previous host into the /sdt/param/ subdirectory) +NW_ABAP_Prepare_SUM.SUMBatchFile = {{ sap_swpm_sum_batch_file }} +# # +# END section maintenance_plan_stack_sum_10_batch_mode # +################################################################### +{% endif %} +{% if 'credentials' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials # +# # +# Master password: +NW_GetMasterPassword.masterPwd = {{ sap_swpm_master_password }} +# 'adm' user: +nwUsers.sidadmPassword = {{ sap_swpm_sap_sidadm_password }} +DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} +# 'sapadm' user of the SAP Host Agent: +hostAgent.sapAdmPassword = {{ sap_swpm_sapadm_password }} +# # +# END section credentials # +################################################################### +{% endif %} +{% if 'credentials_hana' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_hana # +# # +HDB_Schema_Check_Dialogs.schemaPassword = {{ sap_swpm_db_schema_password }} +storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} +# # +# END section credentials_hana # +################################################################### +HDB_Schema_Check_Dialogs.schemaPassword = {{ sap_swpm_db_schema_password }} +storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} +{% endif %} +{% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_anydb_ibmdb2 # +# # +nwUsers.db6.db2sidPassword = {{ sap_swpm_sap_sidadm_password }} +# nwUsers.db6.db2sidUid = +# # +# END section credentials_anydb_ibmdb2 # +################################################################### +{% endif %} +{% if 'credentials_anydb_oracledb' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_anydb_oracledb # +# # +# Oracle database software owner +ora.oraclePassword = {{ sap_swpm_sap_sidadm_password }} +# 'ora' user +ora.orasidPassword = {{ sap_swpm_sap_sidadm_password }} +# Oracle 'SYS' password +ora.SysPassword = {{ sap_swpm_db_system_password }} +# Oracle 'SYSTEM' password +ora.SystemPassword = {{ sap_swpm_db_system_password }} +# # +# END section credentials_anydb_oracledb # +################################################################### +{% endif %} +{% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_anydb_ibmdb2 # +# # +nwUsers.db6.db2sidPassword = {{ sap_swpm_sap_sidadm_password }} +# nwUsers.db6.db2sidUid = +# # +# END section credentials_anydb_ibmdb2 # +################################################################### +{% endif %} +{% if 'credentials_anydb_sapase' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_anydb_sapase # +# # +nwUsers.syb.sybsidPassword = {{ sap_swpm_sap_sidadm_password }} +SYB.NW_DB.sa_pass = {{ sap_swpm_master_password }} +SYB.NW_DB.sapsa_pass = {{ sap_swpm_master_password }} +SYB.NW_DB.sapsr3_pass = {{ sap_swpm_master_password }} +SYB.NW_DB.sapsr3db_pass = {{ sap_swpm_db_system_password }} +# SYB.NW_DB.encryptionMasterKeyPassword = +# SYB.NW_DB.sapsso_pass = +# SYB.NW_DB.sslPassword = +# # +# END section credentials_anydb_sapase # +################################################################### +{% endif %} +{% if 'credentials_anydb_sapmaxdb' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_anydb_sapmaxdb # +# # +# Note: The password of user DBUser may only consist of alphanumeric characters and the special characters #, $, @ and _ +nwUsers.ada.sqdsidPassword = {{ sap_swpm_sap_sidadm_password }} +Sdb_DBUser.dbaPassword = {{ sap_swpm_db_system_password }} +Sdb_DBUser.dbmPassword = {{ sap_swpm_db_system_password }} +Sdb_Schema_Dialogs.dbSchemaPassword = {{ sap_swpm_db_schema_password }} +# # +# END section credentials_anydb_sapmaxdb # +################################################################### +{% endif %} +{% if 'credentials_nwas_ssfs' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_nwas_ssfs # +# # +HDB_Userstore.useABAPSSFS = true +# NW_ABAP_SSFS_CustomKey.ssfsKeyInputFile = +# # +# END section credentials_nwas_ssfs # +################################################################### +{% endif %} +{% if 'credentials_hdbuserstore' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_hdbuserstore # +# # +HDB_Userstore.useABAPSSFS = false +# HDB_Userstore.doNotResolveHostnames = +# HDB_Userstore.HDB_USE_IDENT = +# HDB_Userstore.systemDBPort = +# NW_HDB_DBClient.checkCreateUserstore = true +# NW_HDB_DBClient.clientPathStrategy = LOCAL +# # +# END section credentials_hdbuserstore # +################################################################### +{% endif %} +{% if 'credentials_syscopy' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section credentials_syscopy # +# # +# Are the passwords for the DDIC users different from the default value? +NW_DDIC_Password.needDDICPasswords = true +NW_DDIC_Password.ddic000Password = {{ sap_swpm_ddic_000_password }} +#NW_DDIC_Password.ddic001Password = +# # +# END section credentials_syscopy # +################################################################### +{% endif %} +{% if 'db_config_hana' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_hana # +# # +storageBasedCopy.hdb.instanceNumber = {{ sap_swpm_db_instance_nr }} +HDB_Schema_Check_Dialogs.schemaName = {{ sap_swpm_db_schema }} +###################################################################### +# BEGIN subsection nw_config_additional_application_server_instance # +# # +{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_sections_list %} +HDB_Schema_Check_Dialogs.validateSchemaName = true +{% else %} +HDB_Schema_Check_Dialogs.validateSchemaName = false +# # +# END subsection nw_config_additional_application_server_instance # +###################################################################### +{% endif %} +# HDB_Schema_Check_Dialogs.dropSchema = false +# hdb.create.dbacockpit.user = false +# # +# END section db_config_hana # +################################################################### +{% endif %} +{% if 'db_config_anydb_all' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_anydb_all # +# # +NW_ABAP_Import_Dialog.dbCodepage = 4103 +# # +# END section db_config_anydb_all # +################################################################### +{% endif %} +{% if 'db_config_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_anydb_ibmdb2 # +# # +NW_ABAP_Import_Dialog.migmonJobNum = 3 +NW_ABAP_Import_Dialog.migmonLoadArgs = -stop_on_error -loadprocedure fast LOAD:COMPRESS_ALL:DEF_CRT +NW_getDBInfoGeneric.dbhost = {{ sap_swpm_db_host }} +NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} +NW_getUnicode.isUnicode = true +# db6.useMcod = true +# db6.useBluSettings = false +# db6.gid_sysadm = +# db6.gid_sysctrl = +# db6.gid_sysmaint = +# db6.gid_sysmon = +db6.allowUnsignedDatabaseSoftware = true +db6.cluster.ClusterType = HADR (High Availability Disaster Recovery) +db6.createTablespacesUsingSapinst = true +db6.minimizeDatabaseSizeCompression = true +db6.TablespacePoolSizes = SAPSID#DATA{20} +db6.useAutoStorage = true +db6.useExtraSapdataSaptmpDirLayout = false +db6.UseStandardTablespacePool = true +db6.usesLDAP = false +storageBasedCopy.db6.CommunicationPortNumber = 5912 +storageBasedCopy.db6.PortRangeEnd = 5917 +storageBasedCopy.db6.PortRangeStart = 5914 +# # +# END section db_config_anydb_ibmdb2 # +################################################################### +{% endif %} +{% if 'db_config_anydb_oracledb' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_anydb_oracledb # +# # +NW_ABAP_Import_Dialog.migmonJobNum = 3 +NW_ABAP_Import_Dialog.migmonLoadArgs = -stop_on_error -loadprocedure fast +NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} +storageBasedCopy.ora.listenerName = SAPORALISTENER +# storageBasedCopy.ora.listenerPort = +storageBasedCopy.ora.ABAPSchema = {{ sap_swpm_db_schema_abap }} +# storageBasedCopy.ora.JavaSchema = {{ sap_swpm_db_schema_java }} +# storageBasedCopy.ora.swowner = oracle +ora.createStatisticsCodeABAP = SKIP +ora.createStatisticsCodeJAVA = SKIP +ora.multitenant.pdbsid = {{ sap_swpm_sid | upper }} +ora.whatInstallation = isSingle +# ora.IgnoreClientVersion = false +# ora.maxDatafileSize = 2000 + +#### Oracle Multitenant Pluggable DB: #### +#### a single Oracle Container Database (CDB) can host multiple Oracle Pluggable Databases (PDB) #### +## FALSE: no pluggable installation (default value) +## CDB_PDB: install CDB and PDB +## PDB_ONLY: install PDB only in an existing CDB. +## CDB_ONLY: install CDB only. +ora.multitenant.installMT = FALSE +# # +# END section db_config_anydb_oracledb # +################################################################### +{% endif %} +{% if 'db_config_anydb_oracledb_121' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_anydb_oracledb_121 # +# # +# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) +ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/121 +storageBasedCopy.ora.clientVersion = 121 +storageBasedCopy.ora.serverVersion = 121 +# # +# END section db_config_anydb_oracledb_121 # +################################################################### +{% endif %} +{% if 'db_config_anydb_oracledb_122' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_anydb_oracledb_122 # +# # +# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) +ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/122 +storageBasedCopy.ora.clientVersion = 122 +storageBasedCopy.ora.serverVersion = 122 +# # +# END section db_config_anydb_oracledb_122 # +################################################################### +{% endif %} +{% if 'db_config_anydb_oracledb_19' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_anydb_oracledb_19 # +# # +# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) +ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/19 +storageBasedCopy.ora.clientVersion = 19 +storageBasedCopy.ora.serverVersion = 19 +# # +# END section db_config_anydb_oracledb_19 # +################################################################### +{% endif %} +{% if 'db_config_anydb_sapase' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_anydb_sapase # +# # +NW_ABAP_Import_Dialog.migmonJobNum = 3 +NW_ABAP_Import_Dialog.migmonLoadArgs = -c 100000 -loadprocedure fast +NW_SYB_DBPostload.numberParallelStatisticJobs = 0 +SYB.NW_DB.aseSortOrder = binaryalt +SYB.NW_DB.databaseDevices = data device for SAP,/sybase/{{ sap_swpm_sid | upper }}/sapdata_1,88,,,{{ sap_swpm_sid | upper }}_data_001,log device for SAP,/sybase/{{ sap_swpm_sid | upper }}/saplog_1,10,,,{{ sap_swpm_sid | upper }}_log_001,data device for saptools,/sybase/{{ sap_swpm_sid | upper }}/sapdiag,2,,,saptools_data_001,log device for saptools,/sybase/{{ sap_swpm_sid | upper }}/sapdiag,2,,,saptools_log_001,data device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,1,,,sybsecurity_data_001,data device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,1,,,sybsecurity_data_002,log device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,0.5,,,sybsecurity_log_001,temp device for SAP,/sybase/{{ sap_swpm_sid | upper }}/saptemp,8,,,saptempdb_data_001, +SYB.NW_DB.databaseType = ase +SYB.NW_DB.enableGranularPermissions = true +SYB.NW_DB.enableStrongCipherSuitesForSSL = false +SYB.NW_DB.folderDatabaseSoftware = /sybase/{{ sap_swpm_sid | upper }} +SYB.NW_DB.folderDiagDevice = /sybase/{{ sap_swpm_sid | upper }}/sapdiag +SYB.NW_DB.folderSAPTempdbDevice = /sybase/{{ sap_swpm_sid | upper }}/saptemp +SYB.NW_DB.folderSecurityDevices = /sybase/{{ sap_swpm_sid | upper }}/sybsecurity +SYB.NW_DB.folderSystemDevices = /sybase/{{ sap_swpm_sid | upper }}/sybsystem +SYB.NW_DB.folderTempdbDevice = /sybase/{{ sap_swpm_sid | upper }}/sybtemp +SYB.NW_DB.indexConsumers = 3 +SYB.NW_DB.initializeDefaultSystemEncryptionPassword = false +SYB.NW_DB.maxIndexParallelDegree = 10 +SYB.NW_DB.maxQueryParallelDegree = 10 +SYB.NW_DB.numberWorkerProcesses = 50 +SYB.NW_DB.sqlServerConnections = 200 +SYB.NW_DB.sqlServerHostname = {{ sap_swpm_db_host }} +SYB.NW_DB.sybmgmtdbDataDeviceFolder = /sybase/{{ sap_swpm_sid | upper }}/sybsystem +SYB.NW_DB.sybmgmtdbLogDeviceFolder = /sybase/{{ sap_swpm_sid | upper }}/sybsystem +SYB.NW_DB.userstore_hostname = {{ sap_swpm_ascs_instance_hostname }} + +# To avoid conflicts, leave all Ports blank and SAP SWPM will auto-assign +# Ports by default are in order 4901, 4902, 4903, 4904. For each new ASE DB Server instance on the host, each port number is incremented by 4 +SYB.NW_DB.portDatabaseServer = +SYB.NW_DB.portBackupServer = +SYB.NW_DB.portJobScheduler = +SYB.NW_DB.portXPServer = +# # +# END section db_config_anydb_sapase # +################################################################### +{% endif %} +{% if 'db_config_anydb_sapmaxdb' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_config_anydb_sapmaxdb # +# # +NW_ABAP_Import_Dialog.migmonJobNum = 90 +NW_ABAP_Import_Dialog.migmonLoadArgs = -para_cnt 90 +NW_ADA_getDBInfo.dbsid = {{ sap_swpm_db_sid }} +SdbInstanceDialogs.DB_sessions = 100 +SdbInstanceDialogs.minlogsize = 4000 +SdbInstanceDialogs.sapdataFolder = sapdata +SdbInstanceDialogs.saplogFolder = saplog +# # +# END section db_config_anydb_sapmaxdb # +################################################################### +{% endif %} +{% if 'db_connection_nw_hana' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_connection_nw_hana # +# # +NW_HDB_getDBInfo.dbhost = {{ sap_swpm_db_host }} +NW_HDB_getDBInfo.dbsid = {{ sap_swpm_db_sid }} +NW_HDB_getDBInfo.instanceNumber = {{ sap_swpm_db_instance_nr }} +NW_HDB_getDBInfo.systemid = {{ sap_swpm_db_sid }} +NW_HDB_getDBInfo.systemPassword = {{ sap_swpm_db_system_password }} +# NW_HDB_getDBInfo.systemDbSid = SystemDB +NW_HDB_getDBInfo.systemDbPassword = {{ sap_swpm_db_systemdb_password }} +NW_HDB_DB.abapSchemaName = {{ sap_swpm_db_schema_abap }} +NW_HDB_DB.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} +NW_HDB_DB.javaSchemaName = {{ sap_swpm_db_schema_java }} +NW_HDB_DB.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} +NW_Recovery_Install_HDB.extractLocation = /usr/sap/{{ sap_swpm_db_sid }}/HDB{{ sap_swpm_db_instance_nr }}/backup/data/DB_HDB +NW_Recovery_Install_HDB.extractParallelJobs = {{ sap_swpm_parallel_jobs_nr }} +NW_Recovery_Install_HDB.sidAdmName = {{ sap_swpm_db_sid | lower }}adm +NW_Recovery_Install_HDB.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} +# NW_HDB_getDBInfo.dbadmin = SYSTEM +# NW_HDB_getDBInfo.tenantOsGroup = {{ sap_swpm_db_sid | lower }}grp +# NW_HDB_getDBInfo.tenantOsUser = {{ sap_swpm_db_sid | lower }}usr +# NW_HDB_getDBInfo.tenantPort = +# # +# END section db_connection_nw_hana # +################################################################### +{% endif %} +{% if 'db_connection_nw_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_connection_nw_anydb_ibmdb2 # +# # +# db6.UseDb2SSLClientServerComm = false +nwUsers.db6.sapsidPassword = {{ sap_swpm_sapadm_password }} +# nwUsers.db6.sapsidUid = + +# nwUsers.db6.sapsiddbPassword = +# nwUsers.db6.sapsiddbUid = + +# Database Schema and Database Connect User for ABAP (default is sap and not sap) +NW_DB6_DB.db6.abap.connect.user = sap{{ sap_swpm_sid | lower }} +NW_DB6_DB.db6.abap.schema = sap{{ sap_swpm_sid | lower }} +# NW_DB6_DB.db6.java.connect.user = +# NW_DB6_DB.db6.java.schema = +# # +# END section db_connection_nw_anydb_ibmdb2 # +################################################################### +{% endif %} +{% if 'db_connection_nw_anydb_oracledb' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_connection_nw_anydb_oracledb # +# # +storageBasedCopy.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} +storageBasedCopy.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} +# # +# END section db_connection_nw_anydb_oracledb # +################################################################### +{% endif %} +{% if 'db_connection_nw_anydb_sapase' in sap_swpm_inifile_sections_list %} + +################################################################### +# db_connection_nw_anydb_sapase +################################################################### +# NW_SYB_CIABAP.sapsaPassword = +{% endif %} +{% if 'db_restore_hana' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section db_restore_hana # +# # +NW_HDB_getDBInfo.systemPasswordBackup = {{ sap_swpm_backup_system_password }} +HDB_Recovery_Dialogs.backupLocation = {{ sap_swpm_backup_location }} +HDB_Recovery_Dialogs.backupName = {{ sap_swpm_backup_prefix }} +HDB_Recovery_Dialogs.sapControlWsdlUrl = http://{{ sap_swpm_db_host }}:5{{ sap_swpm_db_instance_nr }}13/SAPControl?wsdl +HDB_Recovery_Dialogs.sidAdmName = {{ sap_swpm_db_sid | lower }}adm +HDB_Recovery_Dialogs.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} +# HDB_Recovery_Dialogs.backupDestinationType = File +# HDB_Recovery_Dialogs.licenseFile = +# HDB_Recovery_Dialogs.skipExistenceCheck = false +# HDB_Recovery_Dialogs.sourceDatabaseSid = +# HDB_Recovery_Dialogs.useLicenseFile = false +# NW_Recovery_Install_HDB.checkIntegrity = false +# NW_Recovery_Install_HDB.backupLocationHANA = +# NW_Recovery_Install_HDB.backupLocationSAP = +# NW_Recovery_Install_HDB.loadOrMount = load +# HDB_System_Check_Dialogs.initTopology = false +# NW_CreateDBandLoad.movePVCforUsagePiAndDi = +# # +# END section db_restore_hana # +################################################################### +{% endif %} +{% if 'nw_config_anydb' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_anydb # +# # +# Distributed installation or system copy with any database and SAP Basis release 740 or higher: +# Execute ABAP program 'RUTPOADAPT' for depooling. Set it to 'true' if declustering / depooling is selected for the distributed database instance installation option +NW_CI_Instance_ABAP_Reports.executeReportsForDepooling = false +# # +# END section nw_config_anydb # +################################################################### +{% endif %} +{% if 'nw_config_other' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_other # +# # +# NW_Delete_Sapinst_Users.removeUsers = false +NW_getFQDN.FQDN = {{ sap_swpm_fqdn }} +NW_getFQDN.setFQDN = {{ sap_swpm_set_fqdn | lower }} +# NW_getFQDN.resolve = true +NW_GetSidNoProfiles.sid = {{ sap_swpm_sid }} +# NW_GetSidNoProfiles.sapmnt = /sapmnt +# NW_GetSidNoProfiles.strictSidCheck = true +# NW_GetSidNoProfiles.unicode = true +NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile +# NW_readProfileDir.profilesAvailable = +NW_getLoadType.loadType = {{ sap_swpm_load_type }} +# NW_getUnicode.isUnicode = +# MessageServer.configureAclInfo = false +# NW_Exit_Before_Systemstart.exit = false +# NW_adaptProfile.skipSecurityProfileSettings = false +# OS4.DestinationASP = +# # +# END section nw_config_other # +################################################################### +{% endif %} +{% if 'nw_config_central_services_abap' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_central_services_abap # +# # +# Central Services (ASCS) contains the Message server (MS) and Enqueue work processes (EN) for the ABAP Dispatcher. +# Formerly the processes were contained in the Central Instance (CI). +################################################################### +NW_CI_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} +NW_CI_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} +# NW_SCS_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} +NW_SCS_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} +# # +# END section nw_config_central_services_abap # +################################################################### +{% endif %} +{% if 'nw_config_central_services_java' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_central_services_java # +# # +# SAP Java Central Services Instance (SCS) contains: +# - Java Message server (MS), +# - Java Enqueue server (EN), +# - Java Gateway (GW) and +# - Java Internal Web Dispatcher (WD). +################################################################### +NW_CI_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} +NW_CI_Instance.scsInstanceNumber = {{ sap_swpm_java_scs_instance_nr }} +NW_SCS_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} +# NW_SCS_Instance.scsInstanceNumber = +NW_SCS_Instance.instanceNumber = {{ sap_swpm_java_scs_instance_nr }} +NW_JAVA_Export.keyPhrase = {{ sap_swpm_master_password }} +# # +# END section nw_config_central_services_java # +################################################################### +{% endif %} +{% if 'nw_config_primary_application_server_instance' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_primary_application_server_instance # +# # +# Primary Application Server (PAS) contains: +# - Internet Communication Manager (ICM), +# - Gateway (GW) and +# - ABAP Dispatcher (DI/WP) work processes. +# Formerly called the Central Instance (CI). +NW_CI_Instance.ciVirtualHostname = {{ sap_swpm_pas_instance_hostname }} +NW_CI_Instance.ciInstanceNumber = {{ sap_swpm_pas_instance_nr }} +# NW_CI_Instance.nodesNum = +# NW_CI_Instance.nodesNumber = defNodes +# NW_WPConfiguration.ciBtcWPNumber = 6 +# NW_WPConfiguration.ciDialogWPNumber = 10 +# # +# END section nw_config_primary_application_server_instance # +################################################################### +{% endif %} +{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_additional_application_server_instance # +# # +# Additional Application Server (AAS) contains: +# - ABAP Dispatcher (DI/WP) work processes. +# Formerly called the Dialog Instance (DI). +# Instance number of SAP NetWeaver Application Server. Leave empty for default. +NW_AS.instanceNumber = {{ sap_swpm_aas_instance_nr }} + +# Do not skip unpacking archives if adding the SAP NetWeaver Application Server to another operating system / host. Default is 'false'. +# NW_AS.skipUnpacking = false + +# Start the SAP NetWeaver Application Server at the end of the installation. Default is 'true'. +# NW_AS.start = true + +# Virtual host name of the SAP NetWeaver Application Server instance. Leave empty to use the existing host name +NW_DI_Instance.virtualHostname = {{ sap_swpm_aas_instance_hostname }} +# # +# END section nw_config_additional_application_server_instance # +################################################################### +{% endif %} +{% if 'nw_config_ers' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_ers # +# # +nw_instance_ers.ersVirtualHostname = {{ sap_swpm_ers_instance_hostname }} +nw_instance_ers.ersInstanceNumber = {{ sap_swpm_ers_instance_nr }} + +# Disable 'Automatic Instance and Service Restart' for SAP SWPM Unattended Mode, +# otherwise by default SAP SWPM will use sapcontrol -queryuser -function Stop and will cause error +# "User? Password? Stop. FAIL: Invalid Credentials" +nw_instance_ers.restartSCS = false +# # +# END section nw_config_ers # +################################################################### +{% endif %} +{% if 'nw_config_ports' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_ports # +# # +NW_CI_Instance.ciMSPort = 36{{ sap_swpm_ascs_instance_nr }} +NW_checkMsgServer.abapMSPort = 36{{ sap_swpm_ascs_instance_nr }} +# NW_CI_Instance.ciMSPortInternal = +# NW_CI_Instance.createGlobalProxyInfoFile = false +# NW_CI_Instance.createGlobalRegInfoFile = false +# NW_CI_Instance.scsMSPortInternal = +# NW_SCS_Instance.scsMSPort = +# NW_SCS_Instance.createGlobalProxyInfoFile = false +# NW_SCS_Instance.createGlobalRegInfoFile = false +# # +# END section nw_config_ports # +################################################################### +{% endif %} +{% if 'nw_config_java_ume' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_java_ume # +# # +UmeConfiguration.adminName = J2EE_ADM_{{ sap_swpm_sid }} +UmeConfiguration.adminPassword = {{ sap_swpm_ume_j2ee_admin_password }} +UmeConfiguration.guestName = J2EE_GST_{{ sap_swpm_sid }} +UmeConfiguration.sapjsfPassword = {{ sap_swpm_ume_sapjsf_password }} +UmeConfiguration.umeClient = {{ sap_swpm_ume_client_nr }} +UmeConfiguration.umeHost = {{ sap_swpm_pas_instance_hostname }} +UmeConfiguration.umeInstance = {{ sap_swpm_ume_instance_nr }} +UmeConfiguration.umeType = {{ sap_swpm_ume_type }} +# UmeConfiguration.sapjsfName = SAPJSF +# # +# END section nw_config_java_ume # +################################################################### +{% endif %} +{% if 'nw_config_java_feature_template_ids' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_java_feature_template_ids # +# # +NW_internal.useProductVersionDescriptor = true +nw_java_import.buildJEEusingExtraMileTool = {{ true if sap_swpm_java_import_method == 'extramile' else false }} + +# If use PV = true +# SAP SWPM 1.0 for SAP NetWeaver AS (JAVA), Product Version Software Instance **Feature Template IDs** comma-separated list +Select_PPMS_Instances.ListOfSelectedInstances = {% set selected_ids = [] %}{%- for item_selected in sap_swpm_java_template_id_selected_list %} +{%- if item_selected in sap_swpm_java_template_id_lookup_dictionary -%} +{{ selected_ids.append(sap_swpm_java_template_id_lookup_dictionary[item_selected]) }} +{%- endif %} +{%- endfor %}{{ selected_ids | flatten | join(',') }} + +## If use PV = false [LEGACY for before NWAS JAVA 7.40] +## Comma-separated value list containing which product instances (formerly known as usage types) are installed. Used for handling product instances in unattended mode. +## SAP_Software_Features_Select.selectedInstancesForInstallation = AS,AAS,BASIC,NW-MODEL,ESR,PI,PI-AF +# # +# END section nw_config_java_feature_template_ids # +################################################################### +{%- endif %} +{% if 'nw_config_webdisp_generic' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_webdisp_generic # +# # +NW_Webdispatcher_Instance.wdInstanceNumber = {{ sap_swpm_wd_instance_nr }} +# NW_webdispatcher_Instance.encryptionMode = Always +# NW_webdispatcher_Instance.useWdHTTPPort = false +NW_webdispatcher_Instance.wdHTTPPort = 80{{ sap_swpm_wd_instance_nr }} +NW_webdispatcher_Instance.wdHTTPSPort = 443{{ sap_swpm_wd_instance_nr }} +NW_webdispatcher_Instance.wdVirtualHostname = {{ sap_swpm_wd_virtual_host }} + +NW_Webdispatcher_Instance.configureSystemConnectivity = {{ sap_swpm_wd_system_connectivity | lower }} +NW_webdispatcher_Instance.backEndSID = {{ sap_swpm_wd_backend_sid }} +NW_webdispatcher_Instance.msHTTPPort = {{ sap_swpm_wd_backend_ms_http_port }} +NW_webdispatcher_Instance.msHost = {{ sap_swpm_wd_backend_ms_host }} +NW_webdispatcher_Instance.scenarioSize = {{ sap_swpm_wd_backend_scenario_size }} + +NW_webdispatcher_Instance.activateICF = {{ sap_swpm_wd_activate_icf | lower }} +NW_webdispatcher_Instance.rfcHost = {{ sap_swpm_wd_backend_rfc_host }} +NW_webdispatcher_Instance.rfcInstance = {{ sap_swpm_wd_backend_rfc_instance_nr }} +NW_webdispatcher_Instance.rfcClient = {{ sap_swpm_wd_backend_rfc_client_nr }} +NW_webdispatcher_Instance.rfcUser = {{ sap_swpm_wd_backend_rfc_user }} +NW_webdispatcher_Instance.rfcPassword = {{ sap_swpm_wd_backend_rfc_user_password }} +# # +# END section nw_config_webdisp_generic # +################################################################### +{% endif %} +{% if 'nw_config_webdisp_gateway' in sap_swpm_inifile_sections_list %} + +################################################################### +# nw_config_webdisp_gateway +# +# It is recommended to install gateway as part of ASCS +# It is NOT recommended to install webdispatcher as part of ASCS. A separate Web Dispatcher instance should be installed (SAP Note 908097) +################################################################### +NW_CI_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} +# NW_SCS_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} + +# Embedded SAP Web Dispatcher +# NW_CI_Instance.ascsInstallWebDispatcher = false +# NW_SCS_Instance.ascsInstallWebDispatcher = false +{% endif %} +{% if 'nw_config_host_agent' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_host_agent # +# # +NW_System.installSAPHostAgent = {{ sap_swpm_install_saphostagent | lower }} +# # +# END section nw_config_host_agent # +################################################################### +{% endif %} +{% if 'nw_config_post_load_abap_reports' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_post_load_abap_reports # +# # +# Activate ICF node '/SAP/BC/REST/SLPROTOCOL' +NW_CI_Instance_ABAP_Reports.enableActivateICFService = true + +# SAP INTERNAL USE ONLY +# NW_CI_Instance_ABAP_Reports.enableSPAMUpdateWithoutStackXml = false + +# SAP INTERNAL USE ONLY +# NW_CI_Instance_ABAP_Reports.enableTMSConfigWithoutStackXml = false + +# SAP INTERNAL USE ONLY +# NW_CI_Instance_ABAP_Reports.enableTransportsWithoutStackXml = false + +# Need specific new password of the DDIC user in client 000, different from Master Password +# NW_CI_Instance_ABAP_Reports.needNewDDIC000Password = false + +# Need specific new password of the DDIC user in client 001, different from Master Password +# NW_CI_Instance_ABAP_Reports.needNewDDIC001Password = false + +# Need specific new password of the SAP* user in client 000, different from Master Password +# NW_CI_Instance_ABAP_Reports.needNewSapStar000Password = false + +# Need specific new password of the SAP* user in client 001, different from Master Password +# NW_CI_Instance_ABAP_Reports.needNewSapStar001Password = false + +# Specify new password of the DDIC user in client 000, different from Master Password +# NW_CI_Instance_ABAP_Reports.ddic000Password = + +# Specify new password of the DDIC user in client 001, different from Master Password +# NW_CI_Instance_ABAP_Reports.ddic001Password = + +# Specify new password of the SAP* user in client 000, different from Master Password +# NW_CI_Instance_ABAP_Reports.sapStar000Password = + +# Specify new password of the SAP* user in client 001, different from Master Password +# NW_CI_Instance_ABAP_Reports.sapStar001Password = +# # +# END section nw_config_post_load_abap_reports # +################################################################### +{% endif %} +{% if 'nw_config_livecache' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_livecache # +# # +NW_liveCache.controlUserPwd = +NW_liveCache.liveCacheHost = +NW_liveCache.liveCacheID = +NW_liveCache.liveCacheUser = +NW_liveCache.liveCacheUserPwd = +NW_liveCache.useLiveCache = +# # +# END section nw_config_livecache # +################################################################### +{% endif %} +{% if 'nw_config_sld' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_sld # +# # +NW_SLD_Configuration.configureSld = +NW_SLD_Configuration.sldHost = +NW_SLD_Configuration.sldPort = +NW_SLD_Configuration.sldUseHttps = +NW_SLD_Configuration.sldUser = +NW_SLD_Configuration.sldUserPassword = +# # +# END section nw_config_sld # +################################################################### +{% endif %} +{% if 'nw_config_abap_language_packages' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_abap_language_packages # +# # +NW_Language_Inst_Dialogs.install = true +# Path to language archive files (e.g. S4HANAOP***_LANG_EN.SAR) +NW_Language_Inst_Dialogs.folders = /software +# Selected languages comma-separated list (by default DE,EN are installed) +NW_Language_Inst_Dialogs.languages = AR,BG,CA,CS,DA,EL,ES,ET,FI,FR,HE,HI,HR,HU,IT,JA,KK,KO,LT,LV,MS,NL,NO,PL,PT,RO,RU,SH,SK,SL,SV,TH,TR,UK,VI,ZF,ZH +# # +# END section nw_config_abap_language_packages # +################################################################### +{% endif %} +{% if 'sap_os_linux_user' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section sap_os_linux_user # +# # +nwUsers.sapadmUID = {{ sap_swpm_sapadm_uid }} +nwUsers.sapsysGID = {{ sap_swpm_sapsys_gid }} +nwUsers.sidAdmUID = {{ sap_swpm_sidadm_uid }} +# # +# END section sap_os_linux_user # +################################################################### +{% endif %} +{% if 'swpm_installation_media_download_service' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section swpm_installation_media_download_service # +# Note: This section is not in use by sap_swpm Ansible Role # +# # +# nwUsers.sapServiceSIDPassword = +# download_service.directory = +# DownloadService.EnableProxy = +# DownloadService.HostName = +# DownloadService.Password = +# DownloadService.Port = +# DownloadService.ProvideAuthentication = +# DownloadService.Username = +# DownloadService.planNumber = +# # +# END section swpm_installation_media_download_service # +################################################################### +{% endif %} +{% if 'nw_config_java_icm_credentials' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section nw_config_java_icm_credentials # +# # +NW_IcmAuth.webadmPassword = {{ sap_swpm_ume_j2ee_admin_password }} +# # +# END section nw_config_java_icm_credentials # +################################################################### +{% endif %} +{% if 'solman_abap_swpm1' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section solman_abap_swpm1 # +# Note: This section is not in use by sap_swpm Ansible Role # +# # +InitDeclusteringForImport.decluster = false +# # +# END section solman_abap_swpm1 # +################################################################### +{% endif %} +{% if 'solman_daa_swpm1' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section solman_daa_swpm1 # +# Note: This section is not in use by sap_swpm Ansible Role # +# # +# DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} +# DiagnosticsAgent.installSAPHostAgent +# DiagnosticsAgent.InstanceNumber +# DiagnosticsAgent.LogicalHostName +# DiagnosticsAgent.SAPJVMVersion +# DiagnosticsAgent.SAProuter.Password +# DiagnosticsAgent.SAProuter.RouteString +# DiagnosticsAgent.SID +# DiagnosticsAgent.SLD.Connection +# DiagnosticsAgent.SLD.HostName +# DiagnosticsAgent.SLD.Password +# DiagnosticsAgent.SLD.PortNumber +# DiagnosticsAgent.SLD.UseHTTPS +# DiagnosticsAgent.SLD.UserName +# DiagnosticsAgent.SolMan.Connection +# DiagnosticsAgent.SolMan.HostName +# DiagnosticsAgent.SolMan.Password +# DiagnosticsAgent.SolMan.PortNumber +# DiagnosticsAgent.SolMan.UserName +# DiagnosticsAgent.SolMan.UseSSL +# # +# END section solman_daa_swpm1 # +################################################################### +{% endif %} +{% if 'syscopy_export_anydb' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section syscopy_export_anydb # +# Note: This section is not in use by sap_swpm Ansible Role # +# # +# InitDeclusteringForExport.decluster = +# NW_ABAP_Export_Dialog.customPackageOrder = +# NW_ABAP_Export_Dialog.customSortOrderFile = +# NW_ABAP_Export_Dialog.exportTimeFile = +# NW_ABAP_Export_Dialog.importTimeFile = +# NW_ABAP_Export_Dialog.jobNumberGroupLarge = 7 +# NW_ABAP_Export_Dialog.jobNumberGroupSmall = 4 +# NW_ABAP_Export_Dialog.migmonComHost = +# NW_ABAP_Export_Dialog.migmonComPort = +# NW_ABAP_Export_Dialog.migmonComType = EXCHANGE +# NW_ABAP_Export_Dialog.migmonDataTransferType = NET +# NW_ABAP_Export_Dialog.migmonFtpExchangeDir = +# NW_ABAP_Export_Dialog.migmonFtpExportDir = +# NW_ABAP_Export_Dialog.migmonFtpHost = +# NW_ABAP_Export_Dialog.migmonFtpPassword = +# NW_ABAP_Export_Dialog.migmonFtpUser = +NW_ABAP_Export_Dialog.migmonJobNum = 3 +NW_ABAP_Export_Dialog.migmonLoadArgs = -stop_on_error +# NW_ABAP_Export_Dialog.migmonNetExchangeDir = +# NW_ABAP_Export_Dialog.migmonTaskArgs = +# NW_ABAP_Export_Dialog.nonStandardAbapObjectsHandlingSkip = false +NW_ABAP_Export_Dialog.parallelR3szchkExecution = true +NW_ABAP_Export_Dialog.r3szchkDetermineSizeValue = DB +# NW_ABAP_Export_Dialog.r3szchkJobNum = 10 +NW_ABAP_Export_Dialog.repeatExport = COMPLETE +NW_ABAP_Export_Dialog.splitPackageLimitVal = 5000 +# NW_ABAP_Export_Dialog.splitMaxTableNumVal = 1000 +# NW_ABAP_Export_Dialog.splitTableFile = +# NW_ABAP_Export_Dialog.splitTableLimitVal = 300 +# NW_ABAP_Export_Dialog.splitTableNumVal = 10 +# NW_ABAP_Export_Dialog.splitUseMaxTableNum = false +# NW_ABAP_Export_Dialog.splitUsePackageLimit = true +# NW_ABAP_Export_Dialog.splitUseTableFile = false +# NW_ABAP_Export_Dialog.splitUseTableLimit = false +# NW_ABAP_Export_Dialog.splitUseTableNum = true +# NW_ABAP_Export_Dialog.sqlFileDir = +NW_ABAP_Export_Dialog.targetHardwarePlatform = LITTLE_ENDIAN + +## Target database types for Linux are ADA, HDB, DB6, ORA, SYB +NW_ABAP_Export_Dialog.targetDbType = {{ sap_swpm_export_target_db_type }} + +# NW_ABAP_Export_Dialog.useAdditionalExportHosts = false +# NW_ABAP_Export_Dialog.useAdvancedUnloadConfig = false +# NW_ABAP_Export_Dialog.useCustomPackageOrder = false +# NW_ABAP_Export_Dialog.useCustomSortOrder = false +# NW_ABAP_Export_Dialog.useMigMonConfig = false +# NW_ABAP_Export_Dialog.useParallelExportImport = false +# NW_ABAP_Export_Dialog.useSplit = true +NW_ABAP_Export_Dialog.useSqlFiles = NOSQL +# NW_ABAP_Export_Dialog.useUnicodeTargetSystem = +NW_ABAP_Export_Dialog.useUnsortedUnload = true + +NW_Export.accessLevel4ExportDir = DEFAULT +NW_Export.choiceSepKernel = false +NW_Export.mainExportDir = {{ sap_swpm_export_files_path }} + +# Do not stop SAP System before data is unloaded +# SAP SWPM is unable to automatically stop the SAP System (i.e. DB, ASCS, PAS instances), +# if stop is true then SAP SWPM Unattended will fail on step mainExportParameters +NW_Export.stopRunningSystem = true + +NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile + +NW_getLoadType.loadType = {{ sap_swpm_load_type }} +NW_getLoadType.importManuallyExecuted = false +# # +# END section syscopy_export_anydb # +################################################################### +{% endif %} +{% if 'syscopy_import_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} + +################################################################### +# BEGIN section syscopy_import_anydb_ibmdb2 # +# Note: This section is not in use by sap_swpm Ansible Role # +# # +# db6.Additional_DbServer = +# db6.cluster.HADRPort1 = +# db6.cluster.HADRPort2 = +# db6.cluster.SyncMode = +# db6.ConfigureCluster = false +# db6.DropSchemaList = +# db6.InstallPureScale = false +# db6.InstallTSA = false +# db6.minimizeDatabaseSizeCompression = +# db6.minimizeDatabaseSizeCompressionJava = +# db6.minimizeDatabaseSizeDeferredTable = true +# db6.notuseMcod = +# db6.NumAdditionalPartitions = +# db6.useDB2ControlFiles = false +# db6.UseDb2NativeEncryption = false +# NW_adaptProfile.templateFiles = +# NW_CreateDBandLoad.movePVCforUsagePiAndDi = +db6.allowUnsignedDatabaseSoftware = true +db6.cluster.ClusterType = HADR (High Availability Disaster Recovery) +db6.usingSystemCopyBRforHADR = true +NW_getDBInfoGeneric.dbhost = {{ sap_swpm_db_host }} +NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} +NW_getLoadType.loadType = {{ sap_swpm_load_type }} +NW_getLoadType.importManuallyExecuted = false +NW_getUnicode.isUnicode = true +# NW_getDBInfoGeneric.strictDbSidCheck = true +storageBasedCopy.db6.CommunicationPortNumber = 5912 +storageBasedCopy.db6.PortRangeEnd = 5917 +storageBasedCopy.db6.PortRangeStart = 5914 +# storageBasedCopy.db6.db6updatedbpath = +# # +# END section syscopy_import_anydb_ibmdb2 # +################################################################### +{% endif %}