From 80b5eb236b080239abaf7a5882e9e044d6412dc1 Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Tue, 8 Oct 2024 16:08:16 +0100 Subject: [PATCH 01/51] sap_swpm: add functionality to set specific DDIC and SAP* passwords --- roles/sap_swpm/defaults/main.yml | 9 +++++++-- roles/sap_swpm/templates/configfile.j2 | 19 +++++++++++++++++++ 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index 5ab134ff..72f5e346 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -231,8 +231,13 @@ sap_swpm_java_scs_instance_hostname: "" sap_swpm_master_password: # New Install - define DDIC 000 password -# Restore - DDIC 000 password from backup -sap_swpm_ddic_000_password: +# If not set, DDIC will be set to the master password +# Restore - DDIC 000 password from +sap_swpm_ddic_000_password: + +# New Install - define SAP* 000 password +# If not set, SAP* will be set to the master password +sap_swpm_sapstar_000_password: # initial = not an HA setup # set this in the input file when installing ascs, ers to indicate an HA setup diff --git a/roles/sap_swpm/templates/configfile.j2 b/roles/sap_swpm/templates/configfile.j2 index e71291e1..f107f1cc 100644 --- a/roles/sap_swpm/templates/configfile.j2 +++ b/roles/sap_swpm/templates/configfile.j2 @@ -254,6 +254,25 @@ HDB_Userstore.useABAPSSFS = false # NW_HDB_DBClient.checkCreateUserstore = true # NW_HDB_DBClient.clientPathStrategy = LOCAL {% endif %} +{% if sap_swpm_ddic_000_password | d('',true) | length > 0 %} + +###### +# newinstall_ddic_000_password_not_master +###### +# Are the passwords for the DDIC users different from the default value? +NW_CI_Instance_ABAP_Reports.ddic000Password = {{ sap_swpm_ddic_000_password }} +NW_CI_Instance_ABAP_Reports.needNewDDIC000Password = true +{% endif %} +{% if sap_swpm_sapstar_000_password | d('',true) | length > 0 %} + +###### +# newinstall_sapstar_000_password_not_master +###### +# Are the passwords for the SAP* users different from the default value? +NW_CI_Instance_ABAP_Reports.ddic000Password = +NW_CI_Instance_ABAP_Reports.needNewSapStar000Password = true +NW_CI_Instance_ABAP_Reports.sapStar000Password = {{ sap_swpm_sapstar_000_password }} +{% endif %} {% if 'credentials_syscopy' in sap_swpm_inifile_list %} ###### From c633d4d3948c0fafdeeabb7f58c760d01edaf4dc Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Tue, 8 Oct 2024 16:18:46 +0100 Subject: [PATCH 02/51] sap_swpm: add functionality to set specific DDIC and SAP* passwords --- roles/sap_swpm/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index 72f5e346..f56156df 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -232,8 +232,8 @@ sap_swpm_master_password: # New Install - define DDIC 000 password # If not set, DDIC will be set to the master password -# Restore - DDIC 000 password from -sap_swpm_ddic_000_password: +# Restore - DDIC 000 password from +sap_swpm_ddic_000_password: # New Install - define SAP* 000 password # If not set, SAP* will be set to the master password From 631d0ff43bd96df45ccc62174417759773626049 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Fri, 11 Oct 2024 11:05:01 +0200 Subject: [PATCH 03/51] fix: Issue 868 fix for SLES4SAP15 SP6 --- roles/sap_hana_preconfigure/defaults/main.yml | 13 +++---- .../meta/argument_specs.yml | 4 +-- roles/sap_hana_preconfigure/tasks/main.yml | 8 ++++- .../defaults/main.yml | 26 ++++++-------- .../meta/argument_specs.yml | 7 ++-- .../tasks/SLES/installation.yml | 29 ++++++++++++---- .../sap_netweaver_preconfigure/tasks/main.yml | 8 ++++- .../vars/SLES_SAP_15.6.yml | 34 +++++++++++++++++++ 8 files changed, 91 insertions(+), 38 deletions(-) create mode 100644 roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.6.yml diff --git a/roles/sap_hana_preconfigure/defaults/main.yml b/roles/sap_hana_preconfigure/defaults/main.yml index 741fed62..55e1ec05 100644 --- a/roles/sap_hana_preconfigure/defaults/main.yml +++ b/roles/sap_hana_preconfigure/defaults/main.yml @@ -166,18 +166,15 @@ sap_hana_preconfigure_run_grub2_mkconfig: true # It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999. # Example: See README.md -sap_hana_preconfigure_saptune_version: '' -# Version of saptune to install (SLES for SAP Applications). +# (SUSE specific) Version of saptune to install. # It is recommended to install latest version by keeping this variable empty. # This will replace the current installed version if present, even downgrade if necessary. +sap_hana_preconfigure_saptune_version: '' +# (SUSE specific) Saptune solution to be applied. +# Available options for HANA are: HANA, NETWEAVER+HANA, S4HANA-APP+DB, S4HANA-DBSERVER sap_hana_preconfigure_saptune_solution: 'HANA' -# The saptune solution to apply (SLES for SAP Applications). -# Possible Values: -# - HANA -# - NETWEAVER+HANA -# - S4HANA-APP+DB -# - S4HANA-DBSERVER + sap_hana_preconfigure_saptune_azure: false # On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications). diff --git a/roles/sap_hana_preconfigure/meta/argument_specs.yml b/roles/sap_hana_preconfigure/meta/argument_specs.yml index 53df54c5..ecb0c5cd 100644 --- a/roles/sap_hana_preconfigure/meta/argument_specs.yml +++ b/roles/sap_hana_preconfigure/meta/argument_specs.yml @@ -353,7 +353,7 @@ argument_specs: sap_hana_preconfigure_saptune_version: default: '' description: - - Version of saptune to install (SLES for SAP Applications). + - (SUSE specific) Version of saptune to install. - This will replace the current installed version if present, even downgrade if necessary. required: false type: str @@ -361,7 +361,7 @@ argument_specs: sap_hana_preconfigure_saptune_solution: default: HANA description: - - The saptune solution to apply (SLES for SAP Applications). + - (SUSE specific) Saptune solution to be applied. choices: - 'HANA' - 'NETWEAVER+HANA' diff --git a/roles/sap_hana_preconfigure/tasks/main.yml b/roles/sap_hana_preconfigure/tasks/main.yml index e977d796..03dfb981 100644 --- a/roles/sap_hana_preconfigure/tasks/main.yml +++ b/roles/sap_hana_preconfigure/tasks/main.yml @@ -5,12 +5,18 @@ ansible.builtin.debug: var: role_path +# Load variable file starting with actual version up to OS family. +# Example for SUSE Linux Enterprise Server for SAP Applications 15 SP6: +# 1. SLES_SAP_15.6.yml +# 2. SLES_SAP_15.yml +# 3. SLES_15.yml +# 4. Suse.yml - name: Include OS specific vars ansible.builtin.include_vars: '{{ item }}' with_first_found: - - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' + - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_os_family }}.yml' - name: Set filename prefix to empty string if role is run in normal mode diff --git a/roles/sap_netweaver_preconfigure/defaults/main.yml b/roles/sap_netweaver_preconfigure/defaults/main.yml index 6b46f518..36afc47d 100644 --- a/roles/sap_netweaver_preconfigure/defaults/main.yml +++ b/roles/sap_netweaver_preconfigure/defaults/main.yml @@ -3,30 +3,24 @@ # defaults file for sap_netweaver_preconfigure # Perform an assertion run: -sap_netweaver_preconfigure_assert: no +sap_netweaver_preconfigure_assert: false # In case of an assertion run, if set to "yes", the role will abort for any assertion error: -sap_netweaver_preconfigure_assert_ignore_errors: no +sap_netweaver_preconfigure_assert_ignore_errors: false sap_netweaver_preconfigure_min_swap_space_mb: '20480' -sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured: yes +sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured: true sap_netweaver_preconfigure_rpath: '/usr/sap/lib' -sap_netweaver_preconfigure_use_adobe_doc_services: no +sap_netweaver_preconfigure_use_adobe_doc_services: true -#SLES Only -sap_netweaver_preconfigure_saptune_version: '3.0.2' - -## The following variables control aspects of saptune and are only relevant for SLES for SAP Application - -# The saptune solution to apply. For netweaver, the only appropriate options are: -#NETWEAVER -#NETWEAVER+HANA -#S4HANA-APP+DB -#S4HANA-APPSERVER -#S4HANA-DBSERVER -# The default value is NETWEAVER +# (SUSE specific) Version of saptune to install. +# It is recommended to install latest version by keeping this variable empty. +# This will replace the current installed version if present, even downgrade if necessary. +sap_netweaver_preconfigure_saptune_version: '' +# (SUSE specific) Saptune solution to be applied. +# Available options for Netweaver are: NETWEAVER, NETWEAVER+HANA, S4HANA-APP+DB, S4HANA-APPSERVER, S4HANA-DBSERVER sap_netweaver_preconfigure_saptune_solution: NETWEAVER diff --git a/roles/sap_netweaver_preconfigure/meta/argument_specs.yml b/roles/sap_netweaver_preconfigure/meta/argument_specs.yml index 4f455464..f9392052 100644 --- a/roles/sap_netweaver_preconfigure/meta/argument_specs.yml +++ b/roles/sap_netweaver_preconfigure/meta/argument_specs.yml @@ -96,16 +96,17 @@ argument_specs: type: bool sap_netweaver_preconfigure_saptune_version: - default: '3.0.2' + default: '' description: - - On SLES systems, specifies the saptune version + - (SUSE specific) Version of saptune to install. + - This will replace the current installed version if present, even downgrade if necessary. required: false type: str sap_netweaver_preconfigure_saptune_solution: default: 'NETWEAVER' description: - - On SLES systems, specifies the saptune solution to apply. + - (SUSE specific) Saptune solution to be applied. choices: - 'NETWEAVER' - 'NETWEAVER+HANA' diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml index 14764a4f..72981ca4 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml @@ -20,15 +20,30 @@ - '"SLES" in sles_baseproduct.stat.lnk_target' - ansible_os_family == 'Suse' -# The use of zypper here allows exact saptune version to be declared and used. -- name: Ensure saptune is installed - community.general.zypper: - type: package - name: "saptune={{ sap_netweaver_preconfigure_saptune_version }}" - state: present - force: true + +- name: Prepare saptune when: - __sap_netweaver_preconfigure_run_saptune + block: + - name: Ensure latest saptune is installed + community.general.zypper: + type: package + name: saptune + state: present + when: + - sap_netweaver_preconfigure_saptune_version is undefined + or sap_netweaver_preconfigure_saptune_version | length == 0 + + - name: Ensure specific saptune version is installed + community.general.zypper: + type: package + name: "saptune={{ sap_netweaver_preconfigure_saptune_version }}" + state: present + force: true + when: + - sap_netweaver_preconfigure_saptune_version is defined + - sap_netweaver_preconfigure_saptune_version | length > 0 + - name: Ensure sapconf is installed community.general.zypper: diff --git a/roles/sap_netweaver_preconfigure/tasks/main.yml b/roles/sap_netweaver_preconfigure/tasks/main.yml index 016d3a7a..29c5cc72 100644 --- a/roles/sap_netweaver_preconfigure/tasks/main.yml +++ b/roles/sap_netweaver_preconfigure/tasks/main.yml @@ -5,12 +5,18 @@ ansible.builtin.debug: var: role_path +# Load variable file starting with actual version up to OS family. +# Example for SUSE Linux Enterprise Server for SAP Applications 15 SP6: +# 1. SLES_SAP_15.6.yml +# 2. SLES_SAP_15.yml +# 3. SLES_15.yml +# 4. Suse.yml - name: Include OS specific vars ansible.builtin.include_vars: '{{ item }}' with_first_found: - - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' + - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_os_family }}.yml' - name: Set filename prefix to empty string if role is run in normal mode diff --git a/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.6.yml b/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.6.yml new file mode 100644 index 00000000..50d05f4a --- /dev/null +++ b/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.6.yml @@ -0,0 +1,34 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# required SAP Notes for SLES 15 + +__sap_netweaver_preconfigure_sapnotes: + - "1275776" + +__sap_netweaver_preconfigure_packages: + - libstdc++6 + - libatomic1 + - libgcc_s1 + - libltdl7 + - insserv-compat + - cpupower + - hicolor-icon-theme + - libcpupower1 + - libsensors4 + - patterns-base-basesystem + - patterns-server-enterprise-sap_server + - patterns-yast-yast2_basis + - procmail + - sysstat + - system-user-uuidd + - uuidd + - yast2-auth-client + - yast2-auth-server + - yast2-theme + - yast2-vpn + - tcsh + - acl + +# SLES_SAP is using saptune, but SLES is using sapconf. +# Default value true runs saptune, but installation.yml auto-detects base product and adjusts. +__sap_netweaver_preconfigure_run_saptune: true From 002afb842251ebc91c4b76886f1710e4859c676f Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Fri, 11 Oct 2024 12:47:54 +0200 Subject: [PATCH 04/51] feat: Add new minor version across distribution --- roles/sap_hana_preconfigure/tasks/main.yml | 10 ++++++---- roles/sap_hana_preconfigure/vars/SLES_15.yml | 5 +++-- roles/sap_netweaver_preconfigure/tasks/main.yml | 10 ++++++---- .../vars/{SLES_SAP_15.6.yml => SLES_15.6.yml} | 6 ++++-- roles/sap_netweaver_preconfigure/vars/SLES_15.yml | 4 +++- 5 files changed, 22 insertions(+), 13 deletions(-) rename roles/sap_netweaver_preconfigure/vars/{SLES_SAP_15.6.yml => SLES_15.6.yml} (78%) diff --git a/roles/sap_hana_preconfigure/tasks/main.yml b/roles/sap_hana_preconfigure/tasks/main.yml index 03dfb981..1708ca6a 100644 --- a/roles/sap_hana_preconfigure/tasks/main.yml +++ b/roles/sap_hana_preconfigure/tasks/main.yml @@ -7,15 +7,17 @@ # Load variable file starting with actual version up to OS family. # Example for SUSE Linux Enterprise Server for SAP Applications 15 SP6: -# 1. SLES_SAP_15.6.yml -# 2. SLES_SAP_15.yml -# 3. SLES_15.yml -# 4. Suse.yml +# 1. SLES_SAP_15.6.yml - Specific to distribution with major and minor release. +# 2. SLES_SAP_15.yml - Specific to distribution and major release regardless of minor release. +# 3. SLES_15.6.yml - Specific to distribution family (SLES and SLES4SAP) and minor release. +# 4. SLES_15.yml - Specific to distribution. +# 5. Suse.yml - Specific to OS family. - name: Include OS specific vars ansible.builtin.include_vars: '{{ item }}' with_first_found: - '{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' + - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_version }}.yml' - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_os_family }}.yml' diff --git a/roles/sap_hana_preconfigure/vars/SLES_15.yml b/roles/sap_hana_preconfigure/vars/SLES_15.yml index a52238ba..1f98593b 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_15.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_15.yml @@ -1,7 +1,8 @@ # SPDX-License-Identifier: Apache-2.0 --- - -# required SAP Notes for SLES 15 +# Variables specific to following versions: +# - SUSE Linux Enterprise Server for SAP Applications 15 +# - SUSE Linux Enterprise Server 15 __sap_hana_preconfigure_sapnotes: # - "{% if ansible_architecture == 'ppc64le' %}2055470{% endif %}" diff --git a/roles/sap_netweaver_preconfigure/tasks/main.yml b/roles/sap_netweaver_preconfigure/tasks/main.yml index 29c5cc72..f0a525ab 100644 --- a/roles/sap_netweaver_preconfigure/tasks/main.yml +++ b/roles/sap_netweaver_preconfigure/tasks/main.yml @@ -7,15 +7,17 @@ # Load variable file starting with actual version up to OS family. # Example for SUSE Linux Enterprise Server for SAP Applications 15 SP6: -# 1. SLES_SAP_15.6.yml -# 2. SLES_SAP_15.yml -# 3. SLES_15.yml -# 4. Suse.yml +# 1. SLES_SAP_15.6.yml - Specific to distribution with major and minor release. +# 2. SLES_SAP_15.yml - Specific to distribution and major release regardless of minor release. +# 3. SLES_15.6.yml - Specific to distribution family (SLES and SLES4SAP) and minor release. +# 4. SLES_15.yml - Specific to distribution. +# 5. Suse.yml - Specific to OS family. - name: Include OS specific vars ansible.builtin.include_vars: '{{ item }}' with_first_found: - '{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml' - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' + - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_version }}.yml' - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' - '{{ ansible_os_family }}.yml' diff --git a/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.6.yml b/roles/sap_netweaver_preconfigure/vars/SLES_15.6.yml similarity index 78% rename from roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.6.yml rename to roles/sap_netweaver_preconfigure/vars/SLES_15.6.yml index 50d05f4a..34ad9619 100644 --- a/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.6.yml +++ b/roles/sap_netweaver_preconfigure/vars/SLES_15.6.yml @@ -1,6 +1,8 @@ # SPDX-License-Identifier: Apache-2.0 --- -# required SAP Notes for SLES 15 +# Variables specific to following versions: +# - SUSE Linux Enterprise Server for SAP Applications 15 SP6 +# - SUSE Linux Enterprise Server 15 SP6 __sap_netweaver_preconfigure_sapnotes: - "1275776" @@ -13,7 +15,7 @@ __sap_netweaver_preconfigure_packages: - insserv-compat - cpupower - hicolor-icon-theme - - libcpupower1 + - libcpupower1 # libcpupower0 was removed in SP6 - libsensors4 - patterns-base-basesystem - patterns-server-enterprise-sap_server diff --git a/roles/sap_netweaver_preconfigure/vars/SLES_15.yml b/roles/sap_netweaver_preconfigure/vars/SLES_15.yml index 454c589b..b6f0bacc 100644 --- a/roles/sap_netweaver_preconfigure/vars/SLES_15.yml +++ b/roles/sap_netweaver_preconfigure/vars/SLES_15.yml @@ -1,6 +1,8 @@ # SPDX-License-Identifier: Apache-2.0 --- -# required SAP Notes for SLES 15 +# Variables specific to following versions: +# - SUSE Linux Enterprise Server for SAP Applications 15 +# - SUSE Linux Enterprise Server 15 __sap_netweaver_preconfigure_sapnotes: - "1275776" From 19c7efced1da3c229ee2bc6ca88b56356705f362 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Tue, 24 Sep 2024 13:09:58 +0200 Subject: [PATCH 05/51] docs: Readme update collection, pacemaker --- README.md | 142 +- docs/README.md | 135 -- .../INPUT_PARAMETERS.md | 91 ++ roles/sap_anydb_install_oracle/README.md | 89 +- .../defaults/main.yml | 6 +- .../INPUT_PARAMETERS.md | 1020 ++++++++++++++ roles/sap_ha_pacemaker_cluster/README.md | 1252 ++--------------- 7 files changed, 1399 insertions(+), 1336 deletions(-) delete mode 100644 docs/README.md create mode 100644 roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md create mode 100644 roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md diff --git a/README.md b/README.md index 03a04fd0..55ca84a2 100644 --- a/README.md +++ b/README.md @@ -2,48 +2,140 @@ ![Ansible Lint](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint.yml/badge.svg?branch=main) -This Ansible Collection executes various SAP Software installations and configuration tasks for running various SAP solutions and deployment scenarios on Linux operating systems (RHEL or SLES). +## Description -This includes handlers for SAP HANA database lifecycle manager (HDBLCM) and SAP Software Provisioning Manager (SWPM), and can be combined with other Ansible Collections to provide end-to-end automation _(e.g. provision, download, install, operations)_. +This Ansible Collection executes various SAP Software installations and configuration tasks for various SAP solutions and deployment scenarios on supported Linux operating systems. +Included roles cover range of tasks: +- Preparation of Operating system and SAP installation media before installation +- Installation of SAP Database, either SAP HANA or Oracle Database +- Installation of SAP Products, like SAP S4HANA, SAP BW4HANA, SAP Netweaver, SAP Solution Manager and others. +- Configuration of replication of SAP HANA and High Availability clusters for SAP HANA and SAP Netweaver -**Examples of verified installations include:** +## Requirements + +### Control Nodes +Operating system: +- Any operating system with required Python and Ansible versions. + +Python: 3.11 or higher + +Ansible: 9.9.x + +Ansible-core: 2.16.x + +**NOTE: Ansible 10 and ansible-core 2.17.x are not supported, because of breaking changes requiring higher Python version on managed nodes.** + +### Managed Nodes +Operating system: +- SUSE Linux Enterprise Server for SAP applications 15 SP5+ (SLE4SAP) +- Red Hat Enterprise Linux for SAP Solutions 8.x 9.x (RHEL4SAP) + +**NOTE: Operating system needs to have access to required package repositories either directly or via subscription registration.** + + +Python: 3.6 or higher + + +## Installation Instructions + +### Installation +Install this collection with Ansible Galaxy command: +```console +ansible-galaxy collection install community.sap_install +``` + +Optionally you can include collection in requirements.yml file and include it together with other collections using: `ansible-galaxy collection install -r requirements.yml` +Requirements file need to be maintained in following format: +```yaml +collections: + - name: community.sap_install +``` + +### Upgrade +Installed Ansible Collection will not be upgraded automatically when Ansible package is upgraded. + +To upgrade the collection to the latest available version, run the following command: +```console +ansible-galaxy collection install community.sap_install --upgrade +``` + +You can also install a specific version of the collection, when you encounter issues with latest version. Please report these issues in affected Role repository if that happens. +Example of downgrading collection to version 1.4.0: +``` +ansible-galaxy collection install community.sap_install:==1.4.0 +``` + +See [Installing collections](https://docs.ansible.com/ansible/latest/collections_guide/collections_installing.html) for more details on installation methods. + + +## Use Cases + +### Example Scenarios +- Preparation of Operating system for SAP installation +- Preparation of SAP installation media for SAP installation +- Installation of SAP HANA (including High Availability with replication) or Oracle Database +- Installation of SAP S4HANA or other SAP products +- Configuration of Pacemaker cluster for SAP HANA and SAP Netweaver + +More deployment scenarios are available in [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) repository. + +### Ansible Roles +All included roles can be execute separately or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + +| Name | Summary | +| :--- | :--- | +| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | Install Oracle DB 19.x for SAP | +| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | Configure general OS settings for SAP software | +| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | Configure and enable SAP HANA System Replication | +| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | Configure Pacemaker cluster for SAP HANA and SAP Netweaver | +| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | Install SAP HANA via HDBLCM | +| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | Configure OS settings for SAP HANA database server | +| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | Install SAP Host Agent | +| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | Detect and extract SAP Software installation media | +| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | Maintain the /etc/hosts file of an SAP software host | +| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | Configure OS settings for SAP NetWeaver application server | +| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | Configure storage for SAP system (Folder structure, LVM, XFS, NFS) | +| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | Install SAP Software via SWPM | + + +## Testing +This Ansible Collection was tested across different Operating Systems, SAP products and scenarios. You can find examples of some of them below. + +Operating systems: +- SUSE Linux Enterprise Server for SAP applications 15 SP5+ (SLE4SAP) +- Red Hat Enterprise Linux for SAP Solutions 8.x 9.x (RHEL4SAP) + +Deployment scenarios: +- All scenarios included in [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) repository + +SAP Products: - SAP S/4HANA AnyPremise (1809, 1909, 2020, 2021, 2022, 2023) with setup as Standard, Distributed, High Availability and optional Maintenance Planner or Restore System Copy - SAP Business Suite (ECC) on HANA and SAP Business Suite (ECC) with SAP AnyDB - SAP ASE, SAP MaxDB, IBM Db2, Oracle DB - SAP BW/4HANA (2021, 2023) with setup as Standard or Scale-Out - SAP HANA 2.0 (SPS04+) with setup as Scale-Up, Scale-Out, High Availability - Other SAP installation activities; such as System Rename, System Copy Export, SAP Solution Manager and SAP Web Dispatcher +**NOTE: It is not possible to test every Operating System and SAP Product combination with every release. Testing is regularly done for common scenarios: SAP HANA, SAP HANA HA, SAP S4HANA Distributed HA** -**Please read the [full documentation](/docs#readme) for how-to guidance, requirements, and all other details. Summary documentation is below:** +## Contributing +You can find more information about ways you can contribute at [sap-linuxlab website](https://sap-linuxlab.github.io/initiative_contributions/). -## Contents +## Support +You can report any issues using [Issues](https://github.com/sap-linuxlab/community.sap_install/issues) section. -Within this Ansible Collection, there are various Ansible Roles and no custom Ansible Modules. -### Ansible Roles +## Release Notes and Roadmap +You can find the release notes of this collection in [Changelog file](https://github.com/sap-linuxlab/community.sap_install/blob/main/CHANGELOG.rst) -| Name | Summary | -| :--- | :--- | -| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | install Oracle DB 19.x for SAP | -| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | configure general OS settings for SAP software | -| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | install SAP HANA System Replication | -| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | install and configure pacemaker and SAP resources | -| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | install SAP HANA via HDBLCM | -| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | configure settings for SAP HANA database server | -| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | install SAP Host Agent | -| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | detect and extract SAP Software installation media | -| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | maintain the /etc/hosts file of an SAP software host | -| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | configure settings for SAP NetWeaver application server | -| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | configure storage for SAP HANA, with LVM partitions and XFS filesystem | -| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | install SAP Software via SWPM | -## License +## Further Information -- [Apache 2.0](./LICENSE) +### Variable Precedence Rules +Please follow [Ansible Precedence guidelines](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable) on how to pass variables when using this collection. -## Contributors -Contributors to the Ansible Roles within this Ansible Collection, are shown within [/docs/contributors](./docs/CONTRIBUTORS.md). +## License +[Apache 2.0](https://github.com/sap-linuxlab/community.sap_install/blob/main/LICENSE) diff --git a/docs/README.md b/docs/README.md deleted file mode 100644 index b71bedb2..00000000 --- a/docs/README.md +++ /dev/null @@ -1,135 +0,0 @@ -# Documentation of community.sap_install Ansible Collection - -## Introduction - -The `sap_install` Ansible Collection provides a variety of automated tasks for the configuration and installation of SAP Software. - -Each Ansible Role contained within this Ansible Collection, performs a distinct set of tasks and are designed to be run independently or cohesively - depending on the outcome desired by an end-user. - - -## Functionality - -This Ansible Collection executes various SAP Software installations for different SAP solution scenarios. The code structure and logic has been separated to support a flexible execution of different steps for various scenarios. - -Any Ansible Roles labelled "preconfigure" and "prepare" are prerequisites, executed before the corresponding installation Ansible Roles (such as `sap_hana_install` or `sap_swpm`). - -At a high-level, the key installation functionality of this Ansible Collection includes: - -1. **OS Preparation activities for SAP HANA Database Server, SAP AnyDB Database Server or SAP NetWeaver Application Server** - -2. **SAP HANA installations via SAP HANA database lifecycle manager (HDBLCM)** - - Configure Firewall rules and Hosts file for SAP HANA database server instance/s - - Install SAP Host Agent - - Install SAP HANA database server, with any SAP HANA Component (e.g. Live Cache Apps, Application Function Library etc.) - - Apply license to SAP HANA - -3. **SAP HANA High Availability tasks** - - Install SAP HANA System Replication - - Install Linux Pacemaker, configure Pacemaker Fencing Agents for a given Infrastructure Platform - - Configure Linux Pacemaker Resource Agents for SAP HANA - -4. **Every SAP Software installation via SAP Software Provisioning Manager (SWPM)** - - Execute SAP SWPM Unattended installation - - Using on-the-fly generated inifile.params from Ansible Variables - - Using a list of inifile parameters in an Ansible Dictionary - - Re-using an existing inifile.params - -5. **SAP NetWeaver High Availability tasks** - - Install Linux Pacemaker, configure Pacemaker Fencing Agents for a given Infrastructure Platform - - Configure Linux Pacemaker Resource Agents for SAP NetWeaver ASCS/ERS - - -## Execution - -An Ansible Playbook is the file created and executed by an end-user, which imports from Ansible Collections to perform various activities on the target hosts. - -The Ansible Playbook can call either an Ansible Role, or directly call the individual Ansible Modules: - -- **Ansible Roles** (runs multiple Ansible Modules) -- **Ansible Modules** (and adjoining Python/Bash Functions) - -It is strongly recommended to execute these Ansible Roles in accordance to best practice Ansible usage, where an Ansible Playbook is executed from a host and Ansible will login to a target host to perform the activities. - -> If an Ansible Playbook is executed from the target host itself (similar to logging in and running a shell script), this is known as an Ansible Playbook 'localhost execution' and is not recommended as it has limitations on SAP Software installations (particularly installations across multiple hosts). - -At a high-level, complex executions with various interlinked activities are run in parallel or sequentially using the following execution structure: - -``` -Ansible Playbook --> source Ansible Collection --> execute Ansible Task ----> run Ansible Role ------> run Ansible Module (e.g. built-in Ansible Module for Shell) -``` - -### Execution examples - -There are various methods to execute the Ansible Collection, dependent on the use case. - -For more information, see [Getting started](./getting_started#readme) and edit the [sample Ansible Playbooks in `/playbooks`](../playbooks/). - - -## Requirements and Dependencies - -### Target host - Operating System requirements - -Designed for Linux operating systems, e.g. RHEL (7.x, 8.x, 9.x) and SLES (15 SPx). - -This Ansible Collection has not been tested and amended for SAP NetWeaver Application Server instantiations on IBM AIX or Windows Server. - -Assumptions for executing the Ansible Roles from this Ansible Collection include: - -- Registered OS -- OS Package repositories are available (from the relevant content delivery network of the OS vendor) - -N.B. The Ansible Collection works with SLES from version 15 SP3 and upwards, for the following reasons: - -- firewalld is used within the Ansible Collection. In SLES 15 SP3, firewalld became the replacement for nftables. See changelog [SLE-16300](https://www.suse.com/releasenotes/x86_64/SUSE-SLES/15-SP3/index.html#jsc-SLE-16300) -- SELinux is used within the Ansible Collection. While introduced earlier with community support, full support for SELinux was provided as of SLES 15 SP3. See changelog [SLE-17307](https://www.suse.com/releasenotes/x86_64/SUSE-SLES/15-SP3/index.html#jsc-SLE-17307) - -### Execution/Controller host - Operating System requirements - -Execution of Ansible Playbooks using this Ansible Collection have been tested with: -- Python 3.10.14 and above (i.e. CPython distribution) -- Ansible Core 2.16.9 and above _(included with optional installation of Ansible Community Edition 5.0 and above)_ -- OS: macOS with Homebrew, RHEL, SLES, and containers in Task Runners (e.g. Azure DevOps) - -#### Ansible Core version - -This Ansible Collection was designed for maximum backwards compatibility, with full compatibility starting from Ansible Core 2.16.9 and above. - -**Note 1:** Ansible 2.9 was the last release before the Ansible project was split into Ansible Core and Ansible Community Edition, and was before Ansible Collections functionality was introduced. This Ansible Collection should execute when Ansible 2.9 is used, but it is not recommended and errors should be expected (and will not be resolved). - -**Note 2:** Ansible Core versions prior to 2.14.12 , 2.15.8 , and 2.16.1 where `CVE-2023-5764` (templating inside `that` statement of `assert` Ansible Tasks) security fix was addressed, will work after `v1.3.4` of this Ansible Collection. Otherwise an error similar to the following will occur: - -```yaml -fatal: [host01]: FAILED! => - msg: 'The conditional check ''13 <= 128'' failed. The error was: Conditional is marked as unsafe, and cannot be evaluated.' -``` - - -## Testing - -Various SAP Software solutions have been extensively tested. - -Prior to each release, basic scenarios are executed to confirm functionality is working as expected; including SAP S/4HANA installation. - -Important note: it is not possible for the project maintainers to test every SAP Software installation and solution scenario for each OS hosted on each Infrastructure Platform, if an error is identified please raise a [GitHub Issue](/../../issues/). - - -### Ansible Roles Lint Status - -| Role Name | Ansible Lint Status | -| :--- | :--- | -| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | N/A | -| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | [![Ansible Lint for sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml) | -| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | [![Ansible Lint for sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml) | -| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | [![Ansible Lint for sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml) | -| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | [![Ansible Lint for sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml) | -| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | [![Ansible Lint for sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml) | -| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | N/A | -| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | N/A | -| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | [![Ansible Lint for sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_maintain_etc_hosts.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_maintain_etc_hosts.yml) | -| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | [![Ansible Lint for sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_netweaver_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_netweaver_preconfigure.yml) | -| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | N/A | -| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | [![Ansible Lint for sap_swpm](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_swpm.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_swpm.yml) | diff --git a/roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md b/roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md new file mode 100644 index 00000000..70c6424b --- /dev/null +++ b/roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md @@ -0,0 +1,91 @@ +## Input Parameters for sap_anydb_install_oracle Ansible Role + + +### sap_anydb_install_oracle_prep_reboot_ok + +- _Type:_ `bool` +- _Default:_ `True` + +Allows reboot of Managed node after packages are installed during pre-steps tasks. + +### sap_anydb_install_oracle_prep_fail_if_reboot_required + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to fail execution if packages are installed during pre-steps tasks, but you don't want to proceed with reboot. + +### sap_anydb_install_oracle_prep_precheck + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to execute installation in Check mode to verify all inputs. This is extra validation and it does not disable installation. + +### sap_anydb_install_oracle_method + +- _Type:_ `string` +- _Default:_ `minimal` + +Select installation method out of available: `minimal` or `responsefile`. + +### sap_anydb_install_oracle_sid: + +- _Type:_ `string` +- _Default:_ `OR1` + +Enter Oracle Database SID. + +### sap_anydb_install_oracle_base + +- _Type:_ `string` +- _Default:_ `/oracle` + +Enter base folder for Oracle Database installation. + +### sap_anydb_install_oracle_filesystem_storage + +- _Type:_ `string` +- _Default:_ `/oradata` + +Enter path for `oracle.install.db.config.starterdb.fileSystemStorage.dataLocation` + +### sap_anydb_install_oracle_inventory_central + +- _Type:_ `string` +- _Default:_ `/oraInventory` + +Enter path for `INVENTORY_LOCATION` + +### sap_anydb_install_oracle_system_password + +- _Type:_ `string` + +Enter password for Oracle SYSTEM user. + +### sap_anydb_install_oracle_extract_path + +- _Type:_ `string` + +Enter path of Installation media, for example: `/software`. + +### sap_anydb_install_oracle_patch_opatch_zip + +- _Type:_ `string` + +Enter name of Oracle opatch file, for example: `OPATCH19P_2308-70004508.ZIP` + +### sap_anydb_install_oracle_patch_sap_zip + +- _Type:_ `string` + +Enter name of Oracle SAP patch file, for example: `SAP19P_2311-70004508.ZIP` + +### sap_anydb_install_oracle_patch_enable + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to allow post-installation patching. + + \ No newline at end of file diff --git a/roles/sap_anydb_install_oracle/README.md b/roles/sap_anydb_install_oracle/README.md index 9db03c63..7e55d242 100644 --- a/roles/sap_anydb_install_oracle/README.md +++ b/roles/sap_anydb_install_oracle/README.md @@ -1,54 +1,65 @@ + # sap_anydb_install_oracle Ansible Role + -Ansible role for Oracle DB 19.x installation for SAP +## Description + +Ansible role `sap_anydb_install_oracle` is used to install Oracle Database 19.x for SAP system. + ## Prerequisites - -### Software Installation files - -Download installation media from SAP Download Center on host, and set Ansible Variable `sap_anydb_install_oracle_extract_path` to this path. - -### Default Parameters - -Please check the default parameters file for more information on other parameters that can be used as an input -- [**sap_anydb_install_oracle** default parameters](defaults/main.yml) + +Managed nodes: +1. Installation media present and `sap_anydb_install_oracle_extract_path` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. + ## Execution - -Sample Ansible Playbook Execution: - -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-anydb-oracle-install.yml -e "@inputs/oracledb.install"` - -- Target Host Installation - - `ansible-playbook -i "" sap-anydb-oracle-install.yml -e "@inputs/oracledb.install"` - -## Sample playbook - + + + +### Execution Flow + +1. Prepare OS: Install packages, create users, create folders and copy installation media. +2. Install Oracle Database in desired method +3. Execute post installation tasks +4. Apply Oracle Patches if available + + +### Example + ```yaml --- -- hosts: all +- name: Ansible Play for Oracle Database installation + hosts: oracle_host become: true - - collections: - - community.sap_install - - vars: - sap_anydb_install_oracle_method: minimal - sap_anydb_install_oracle_sid: "OR1" - sap_anydb_install_oracle_base: "/oracle" - sap_anydb_install_oracle_system_password: "Password1%" - sap_anydb_install_oracle_extract_path: "/software/oracledb_extracted" - + tasks: - name: Execute Ansible Role sap_anydb_install_oracle - include_role: - name: { role: community.sap_install.sap_anydb_install_oracle } + ansible.builtin.include_role: + name: community.sap_install.sap_anydb_install_oracle + vars: + sap_anydb_install_oracle_method: minimal + sap_anydb_install_oracle_sid: "OR1" + sap_anydb_install_oracle_base: "/oracle" + sap_anydb_install_oracle_system_password: "Password1%" + sap_anydb_install_oracle_extract_path: "/software/oracledb_extracted" ``` + -## License + + + + + -Apache license 2.0 +## License + +Apache 2.0 + -## Author Information +## Maintainers + +- [Sean Freeman](https://github.com/sean-freeman) + -Sean Freeman +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md) diff --git a/roles/sap_anydb_install_oracle/defaults/main.yml b/roles/sap_anydb_install_oracle/defaults/main.yml index 5fb993aa..ef7a5e71 100644 --- a/roles/sap_anydb_install_oracle/defaults/main.yml +++ b/roles/sap_anydb_install_oracle/defaults/main.yml @@ -1,11 +1,11 @@ # SPDX-License-Identifier: Apache-2.0 --- -sap_anydb_install_oracle_prep_reboot_ok: yes +sap_anydb_install_oracle_prep_reboot_ok: true -sap_anydb_install_oracle_prep_fail_if_reboot_required: no +sap_anydb_install_oracle_prep_fail_if_reboot_required: false -sap_anydb_install_oracle_prep_precheck: no +sap_anydb_install_oracle_prep_precheck: false # minimal, responsefile sap_anydb_install_oracle_method: minimal diff --git a/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md b/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md new file mode 100644 index 00000000..49582b6b --- /dev/null +++ b/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md @@ -0,0 +1,1020 @@ +## Input Parameters for sap_ha_pacemaker_cluster Ansible Role + +Minimum required parameters for all clusters: + +- [sap_ha_pacemaker_cluster_hacluster_user_password](#sap_ha_pacemaker_cluster_hacluster_user_password) + +Additional minimum requirements depend on the type of cluster setup and on the target platform. + +### sap_ha_pacemaker_cluster_aws_access_key_id + +- _Type:_ `string` + +AWS access key to allow control of instances (for example for fencing operations).
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
+2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
+ +### sap_ha_pacemaker_cluster_aws_credentials_setup + +- _Type:_ `string` + +Set this parameter to 'true' to store AWS credentials into /root/.aws/credentials.
+Requires: `sap_ha_pacemaker_cluster_aws_access_key_id` and `sap_ha_pacemaker_cluster_aws_secret_access_key`
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
+ +### sap_ha_pacemaker_cluster_aws_region + +- _Type:_ `string` + +The AWS region in which the instances to be used for the cluster setup are located.
+Mandatory for cluster nodes setup on AWS EC2 instances.
+ +### sap_ha_pacemaker_cluster_aws_secret_access_key + +- _Type:_ `string` + +AWS secret key, paired with the access key for instance control.
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
+2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
+ +### sap_ha_pacemaker_cluster_aws_vip_update_rt + +- _Type:_ `string` + +List one more routing table IDs for managing Virtual IP failover through routing table changes.
+Multiple routing tables must be defined as a comma-separated string (no spaces).
+Mandatory for the VIP resource configuration in AWS EC2 environments.
+ +### sap_ha_pacemaker_cluster_cluster_name + +- _Type:_ `string` + +The name of the pacemaker cluster.
+Inherits the `ha_cluster` LSR native parameter `ha_cluster_cluster_name` if not defined.
+If not defined, the `ha_cluster` Linux System Role default will be used.
+ +### sap_ha_pacemaker_cluster_cluster_nodes + +- _Type:_ `list` + +List of cluster nodes and associated attributes to describe the target SAP HA environment.
+This is required for the HANA System Replication configuration.
+Synonym for this parameter is `sap_hana_cluster_nodes`.
+Mandatory to be defined for HANA clusters.
+ +- **hana_site**
+ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). +- **node_ip**
+ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ +- **node_name**
+ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ +- **node_role**
+ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ + +Example: + +```yaml +sap_ha_pacemaker_cluster_cluster_nodes: +- hana_site: DC01 + node_ip: 192.168.5.1 + node_name: nodeA + node_role: primary +- hana_site: DC02 +``` + +### sap_ha_pacemaker_cluster_cluster_properties + +- _Type:_ `dict` +- _Default:_ `{'concurrent-fencing': True, 'stonith-enabled': True, 'stonith-timeout': 900}` + +Standard pacemaker cluster properties are configured with recommended settings for cluster node fencing.
+When no STONITH resource is defined, STONITH will be disabled and a warning displayed.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_cluster_properties: + concurrent-fencing: true + stonith-enabled: true + stonith-timeout: 900 +``` + +### sap_ha_pacemaker_cluster_create_config_dest + +- _Type:_ `string` +- _Default:_ `review_resource_config.yml` + +The pacemaker cluster resource configuration optionally created by this role will be saved in a Yaml file in the current working directory.
+Requires `sap_ha_pacemaker_cluster_create_config_varfile` to be enabled for generating the output file.
+Specify a path/filename to save the file in a custom location.
+The file can be used as input vars file for an Ansible playbook running the 'ha_cluster' Linux System Role.
+ +### sap_ha_pacemaker_cluster_create_config_varfile + +- _Type:_ `bool` +- _Default:_ `False` + +When enabled, all cluster configuration parameters this role constructs for executing the 'ha_cluster' Linux System role will be written into a file in Yaml format.
+This allows using the output file later as input file for additional custom steps using the 'ha_cluster' role and covering the resource configuration in a cluster that was set up using this 'sap_ha_pacemaker_cluster' role.
+When enabled this parameters file is also created when the playbook is run in check_mode (`--check`) and can be used to review the configuration parameters without executing actual changes on the target nodes.
+WARNING! This report may include sensitive details like secrets required for certain cluster resources!
+ +### sap_ha_pacemaker_cluster_enable_cluster_connector + +- _Type:_ `bool` +- _Default:_ `True` + +Enables/Disables the SAP HA Interface for SAP ABAP application server instances, also known as `sap_cluster_connector`.
+Set this parameter to 'false' if the SAP HA interface should not be installed and configured.
+ +### sap_ha_pacemaker_cluster_extra_packages + +- _Type:_ `list` + +Additional extra packages to be installed, for instance specific resource packages.
+For SAP clusters configured by this role, the relevant standard packages for the target scenario are automatically included.
+ +### sap_ha_pacemaker_cluster_fence_agent_packages + +- _Type:_ `list` + +Additional fence agent packages to be installed.
+This is automatically combined with default packages in:
+`__sap_ha_pacemaker_cluster_fence_agent_packages_minimal`
+`__sap_ha_pacemaker_cluster_fence_agent_packages_platform`
+ +### sap_ha_pacemaker_cluster_gcp_project + +- _Type:_ `string` + +Google Cloud project name in which the target instances are installed.
+Mandatory for the cluster setup on GCP instances.
+ +### sap_ha_pacemaker_cluster_gcp_region_zone + +- _Type:_ `string` + +Google Cloud Platform region zone ID.
+Mandatory for the cluster setup on GCP instances.
+ +### sap_ha_pacemaker_cluster_ha_cluster + +- _Type:_ `dict` + +The `ha_cluster` LSR native parameter `ha_cluster` can be used as a synonym.
+Optional _**host_vars**_ parameter - if defined it must be set for each node.
+Dictionary that can contain various node options for the pacemaker cluster configuration.
+Supported options can be reviewed in the `ha_cluster` Linux System Role [https://github.com/linux-system-roles/ha_cluster/blob/master/README.md].
+If not defined, the `ha_cluster` Linux System Role default will be used.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_ha_cluster: + corosync_addresses: + - 192.168.1.10 + - 192.168.2.10 + node_name: nodeA +``` + +### sap_ha_pacemaker_cluster_hacluster_user_password required + +- _Type:_ `string` + +The password of the `hacluster` user which is created during pacemaker installation.
+Inherits the value of `ha_cluster_hacluster_password`, when defined.
+ +### sap_ha_pacemaker_cluster_hana_automated_register + +- _Type:_ `bool` +- _Default:_ `True` + +Parameter for the 'SAPHana' cluster resource.
+Define if a former primary should be re-registered automatically as secondary.
+ +### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name + +- _Type:_ `string` +- _Default:_ `col_saphana_vip__HDB_primary` + +Customize the cluster constraint name for VIP and SAPHana primary clone colocation.
+ +### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name + +- _Type:_ `string` +- _Default:_ `col_saphana_vip__HDB_readonly` + +Customize the cluster constraint name for VIP and SAPHana secondary clone colocation.
+ +### sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout + +- _Type:_ `int` +- _Default:_ `7200` + +Parameter for the 'SAPHana' cluster resource.
+Time difference needed between to primary time stamps, if a dual-primary situation occurs.
+If the time difference is less than the time gap, then the cluster holds one or both instances in a "WAITING" status.
+This is to give an admin a chance to react on a failover. A failed former primary will be registered after the time difference is passed.
+ +### sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_SAPHanaFil__HDB` + +Customize the cluster resource name of the SAP HANA Filesystem clone.
+ +### sap_ha_pacemaker_cluster_hana_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPHanaFil__HDB` + +Customize the cluster resource name of the SAP HANA Filesystem.
+ +### sap_ha_pacemaker_cluster_hana_global_ini_path + +- _Type:_ `string` +- _Default:_ `/usr/sap//SYS/global/hdb/custom/config/global.ini` + +Path with location of global.ini for srHook update
+ +### sap_ha_pacemaker_cluster_hana_hook_chksrv + +- _Type:_ `bool` +- _Default:_ `False` + +Controls if ChkSrv srHook is enabled during srHook creation.
+It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
+ +### sap_ha_pacemaker_cluster_hana_hook_tkover + +- _Type:_ `bool` +- _Default:_ `False` + +Controls if TkOver srHook is enabled during srHook creation.
+It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
+ +### sap_ha_pacemaker_cluster_hana_hooks + +- _Type:_ `list` +- _Default:_ `[]` + +Customize required list of SAP HANA Hooks
+Mandatory to include SAPHanaSR srHook in list.
+Mandatory attributes are provider and path.
+Example below shows mandatory SAPHanaSR, TkOver and ChkSrv hooks.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_hana_hooks: +- options: + - name: execution_order + value: 1 + path: /usr/share/SAPHanaSR/ + provider: SAPHanaSR +- options: + - name: execution_order + value: 2 + path: /usr/share/SAPHanaSR/ + provider: susTkOver +- options: + - name: execution_order + value: 3 + - name: action_on_lost + value: stop + path: /usr/share/SAPHanaSR/ + provider: susChkSrv +``` + +### sap_ha_pacemaker_cluster_hana_instance_nr + +- _Type:_ `string` + +The instance number of the SAP HANA database which this role will configure in the cluster.
+Inherits the value of `sap_hana_instance_number`, when defined.
+Mandatory for SAP HANA cluster setups.
+ +### sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name + +- _Type:_ `string` +- _Default:_ `ord_saphana_vip__HDB_primary` + +Customize the cluster constraint name for VIP and SAPHana primary clone order.
+ +### sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name + +- _Type:_ `string` +- _Default:_ `ord_saphana_vip__HDB_readonly` + +Customize the cluster constraint name for VIP and SAPHana secondary clone order.
+ +### sap_ha_pacemaker_cluster_hana_order_topology_hana_name + +- _Type:_ `string` +- _Default:_ `ord_saphana_saphanatop__HDB` + +Customize the cluster constraint name for SAPHana and Topology order.
+ +### sap_ha_pacemaker_cluster_hana_prefer_site_takeover + +- _Type:_ `bool` +- _Default:_ `True` + +Parameter for the 'SAPHana' cluster resource.
+Set to "false" if the cluster should first attempt to restart the instance on the same node.
+When set to "true" (default) a failover to secondary will be initiated on resource failure.
+ +### sap_ha_pacemaker_cluster_hana_resource_clone_msl_name + +- _Type:_ `string` +- _Default:_ `msl_SAPHana__HDB` + +Customize the cluster resource name of the SAP HANA DB resource master slave clone.
+Master Slave clone is specific to Classic SAPHana resource on SUSE (non-angi).
+ +### sap_ha_pacemaker_cluster_hana_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_SAPHana__HDB` + +Customize the cluster resource name of the SAP HANA DB resource clone.
+ +### sap_ha_pacemaker_cluster_hana_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPHana__HDB` + +Customize the cluster resource name of the SAP HANA DB resource.
+ +### sap_ha_pacemaker_cluster_hana_sid + +- _Type:_ `string` + +The SAP HANA SID of the instance that will be configured in the cluster.
+The SID must follow SAP specifications - see SAP Note 1979280.
+Inherits the value of `sap_hana_sid`, when defined.
+Mandatory for SAP HANA cluster setups.
+ +### sap_ha_pacemaker_cluster_hana_topology_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_SAPHanaTop__HDB` + +Customize the cluster resource name of the SAP HANA Topology resource clone.
+ +### sap_ha_pacemaker_cluster_hana_topology_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPHanaTop__HDB` + +Customize the cluster resource name of the SAP HANA Topology resource.
+ +### sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_SAPHanaCon__HDB` + +Customize the cluster resource name of the SAP HANA Controller clone.
+ +### sap_ha_pacemaker_cluster_hanacontroller_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPHanaCon__HDB` + +Customize the cluster resource name of the SAP HANA Controller.
+ +### sap_ha_pacemaker_cluster_host_type + +- _Type:_ `list` +- _Default:_ `hana_scaleup_perf` + +The SAP landscape to for which the cluster is to be configured.
+The default is a 2-node SAP HANA scale-up cluster.
+ +### sap_ha_pacemaker_cluster_ibmcloud_api_key + +- _Type:_ `string` + +The API key which is required to allow the control of instances (for example for fencing operations).
+Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
+ +### sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type + +- _Type:_ `string` + +IBM Power Virtual Server API Endpoint type (public or private) dependent on network interface attachments for the target instances.
+Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
+ +### sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url + +- _Type:_ `string` + +IBM Power Virtual Server forward proxy url when IBM Power Virtual Server API Endpoint type is set to private.
+When public network interface, can be ignored.
+When private network interface, mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
+ +### sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn + +- _Type:_ `string` + +IBM Power Virtual Server Workspace service cloud resource name (CRN) identifier which contains the target instances
+Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
+ +### sap_ha_pacemaker_cluster_ibmcloud_region + +- _Type:_ `string` + +The IBM Cloud VS region name in which the instances are running.
+Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
+ +### sap_ha_pacemaker_cluster_msazure_resource_group + +- _Type:_ `string` + +Resource group name/ID in which the target instances are defined.
+Mandatory for the cluster setup on MS Azure instances.
+ +### sap_ha_pacemaker_cluster_msazure_subscription_id + +- _Type:_ `string` + +Subscription ID of the MS Azure environment containing the target instances.
+Mandatory for the cluster setup on MS Azure instances.
+ +### sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr + +- _Type:_ `string` + +Instance number of the NetWeaver ABAP AAS instance.
+Mandatory for NetWeaver AAS cluster configuration.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 + +- _Type:_ `bool` +- _Default:_ `False` + +The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2.
+Set this parameter to 'true' to configure it as ENSA1.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount + +- _Type:_ `bool` +- _Default:_ `True` + +Enables preferred method for ASCS ERS ENSA2 clusters - Simple Mount
+Set this parameter to 'true' to configure ENSA2 Simple Mount.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__ASCS` + +Name of the filesystem resource for the ASCS instance.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness + +- _Type:_ `string` +- _Default:_ `3000` + +NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node it was started on.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr + +- _Type:_ `string` + +Instance number of the NetWeaver ABAP ASCS instance.
+Mandatory for NetWeaver ASCS/ERS cluster configuration.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool + +- _Type:_ `bool` +- _Default:_ `False` + +NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER".
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout + +- _Type:_ `string` +- _Default:_ `60` + +NetWeaver ASCS instance failure-timeout attribute.
+Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold + +- _Type:_ `string` +- _Default:_ `1` + +NetWeaver ASCS instance migration-threshold setting attribute.
+Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name + +- _Type:_ `string` + +The name of the ASCS instance, typically the profile name.
+Mandatory for the NetWeaver ASCS/ERS cluster setup
+Recommended format _ASCS_.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPInstance__ASCS` + +Name of the ASCS instance resource.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness + +- _Type:_ `string` +- _Default:_ `5000` + +NetWeaver ASCS instance resource stickiness attribute.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string + +- _Type:_ `string` + +The full path and name of the ASCS instance profile.
+Mandatory for the NetWeaver ASCS/ERS cluster setup.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPStartSrv__ASCS` + +Name of the ASCS SAPStartSrv resource for simple mount.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__ERS` + +Name of the filesystem resource for the ERS instance.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr + +- _Type:_ `string` + +Instance number of the NetWeaver ABAP ERS instance.
+Mandatory for NetWeaver ASCS/ERS cluster configuration.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool + +- _Type:_ `bool` +- _Default:_ `False` + +NetWeaver ERS instance resource option "AUTOMATIC_RECOVER".
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name + +- _Type:_ `string` + +The name of the ERS instance, typically the profile name.
+Mandatory for the NetWeaver ASCS/ERS cluster setup.
+Recommended format _ERS_.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPInstance__ERS` + +Name of the ERS instance resource.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string + +- _Type:_ `string` + +The full path and name of the ERS instance profile.
+Mandatory for the NetWeaver ASCS/ERS cluster.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPStartSrv__ERS` + +Name of the ERS SAPstartSrv resource for simple mount.
+ +### sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr + +- _Type:_ `string` + +Instance number of the NetWeaver ABAP PAS instance.
+Mandatory for NetWeaver PAS cluster configuration.
+ +### sap_ha_pacemaker_cluster_nwas_abap_sid + +- _Type:_ `string` + +SID of the NetWeaver instances.
+Mandatory for NetWeaver cluster configuration.
+Uses `sap_swpm_sid` if defined.
+Mandatory for NetWeaver cluster setups.
+ +### sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name + +- _Type:_ `string` +- _Default:_ `col_ascs_separate_` + +Customize the cluster constraint name for ASCS and ERS separation colocation.
+ +### sap_ha_pacemaker_cluster_nwas_order_ascs_first_name + +- _Type:_ `string` +- _Default:_ `ord_ascs_first_` + +Customize the cluster constraint name for ASCS starting before ERS order.
+ +### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_fs__sapmnt` + +Filesystem resource clone name for the shared filesystem /sapmnt.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__sapmnt` + +Filesystem resource name for the shared filesystem /sapmnt.
+Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed + +- _Type:_ `bool` +- _Default:_ `False` + +Change this parameter to 'true' if the 3 shared filesystems `/usr/sap/trans`, `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources.
+ +### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_fs__sys` + +Filesystem resource clone name for the shared filesystem /usr/sap//SYS.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__sys` + +Filesystem resource name for the transports filesystem /usr/sap//SYS.
+Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_fs__trans` + +Filesystem resource clone name for the shared filesystem /usr/sap/trans.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__trans` + +Filesystem resource name for the transports filesystem /usr/sap/trans.
+Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_operation_defaults + +- _Type:_ `dict` +- _Default:_ `{'record-pending': True, 'timeout': 600}` + +Set default operation parameters that will be valid for all pacemaker resources.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_operation_defaults: + record-pending: true + timeout: 600 +``` + +### sap_ha_pacemaker_cluster_resource_defaults + +- _Type:_ `dict` +- _Default:_ `{'migration-threshold': 5000, 'resource-stickiness': 3000}` + +Set default parameters that will be valid for all pacemaker resources.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_resource_defaults: + migration-threshold: 5000 + resource-stickiness: 1000 +``` + +### sap_ha_pacemaker_cluster_saphanasr_angi_detection + +- _Type:_ `string` +- _Default:_ `True` + +Disabling this variable enables to use Classic SAPHanaSR agents even on server, with SAPHanaSR-angi is available.
+ +### sap_ha_pacemaker_cluster_sbd_devices + +- _Type:_ `list` + +Required if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of block devices for Stonith SBD agent
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_sbd_devices: +- /dev/disk/by-id/scsi-3600 +``` + +### sap_ha_pacemaker_cluster_sbd_enabled + +- _Type:_ `bool` + +Set this parameter to 'true' to enable workflow to add Stonith SBD resource.
+Stonith SBD resource has to be provided as part of `sap_ha_pacemaker_cluster_stonith_custom`.
+Default SBD agents are: stonith:external/sbd for SLES and stonith:fence_sbd for RHEL
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_sbd_devices: +- /dev/disk/by-id/scsi-3600 +sap_ha_pacemaker_cluster_sbd_enabled: true +sap_ha_pacemaker_cluster_stonith_custom: +- agent: stonith:external/sbd + id: stonith_sbd + instance_attrs: + - attrs: + - name: pcmk_delay_max + value: 15 +``` + +### sap_ha_pacemaker_cluster_sbd_options + +- _Type:_ `list` + +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of SBD specific options that are added into SBD configuration file.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_sbd_options: +- name: startmode + value: clean +``` + +### sap_ha_pacemaker_cluster_sbd_watchdog + +- _Type:_ `str` +- _Default:_ `/dev/watchdog` + +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide watchdog name to override default /dev/watchdog
+ +### sap_ha_pacemaker_cluster_sbd_watchdog_modules + +- _Type:_ `list` + +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of watchdog kernel modules to be loaded (creates /dev/watchdog* devices).
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_sbd_watchdog_modules: +- softdog +``` + +### sap_ha_pacemaker_cluster_stonith_custom + +- _Type:_ `list` + +Custom list of STONITH resource(s) to be configured in the cluster.
+This definition override any defaults the role would apply otherwise.
+Definition follows structure of ha_cluster_resource_primitives in linux-system-roles/ha_cluster
+ +- **agent**
+ Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. +- **id**
+ Parameter `id` is required.
Name that will be used as the resource ID (name). +- **instance_attrs**
+ Defines resource agent params as list of name/value pairs.
Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail.
Example: stonith:fence_sbd agent requires devices option with list of SBD disks.
Example: stonith:external/sbd agent does not require devices option, but `sap_ha_pacemaker_cluster_sbd_devices`. +- **meta_attrs**
+ Defines meta attributes as list of name/value pairs. +- **name**
+ WARNING! This option will be removed in future release. +- **operations**
+ Defines list of resource agent operations. +- **options**
+ WARNING! This option will be removed in future release. + +Example: + +```yaml +sap_ha_pacemaker_cluster_stonith_custom: +- agent: stonith:fence_rhevm + id: my-fence-resource + instance_attrs: + - attrs: + - name: ip + value: rhevm-server + - name: username + value: login-user + - name: password + value: login-user-password + - name: pcmk_host_list + value: node1,node2 + - name: power_wait + value: 3 + meta_attrs: + - attrs: + - name: target-role + value: Started + operations: + - action: start + attrs: + - name: interval + value: 0 + - name: timeout + value: 180 +``` + +### sap_ha_pacemaker_cluster_storage_definition + +- _Type:_ `list` + +List of filesystem definitions used for filesystem cluster resources.
+Options relevant, see example.
+Mandatory for SAP NetWeaver HA cluster configurations.
+Reuse `sap_storage_setup_definition` if defined.
+Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'.
+Reuse `sap_storage_setup_definition` all options are documented under Ansible Role `sap_storage_setup`.
+Note! For this variable, the argument specification does not list options, to avoid errors during reuse of `sap_storage_setup_definition` if defined.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_storage_definition: +- mountpoint: /usr/sap + name: usr_sap + nfs_path: /usr/sap + nfs_server: nfs-server.example.com:/ +- mountpoint: /usr/sap/trans + name: usr_sap_trans + nfs_path: /usr/sap/trans + nfs_server: nfs-server.example.com:/ +- mountpoint: /sapmnt + name: sapmnt + nfs_filesystem_type: nfs + nfs_mount_options: defaults + nfs_path: /sapmnt + nfs_server: nfs-server.example.com:/ +``` + +### sap_ha_pacemaker_cluster_storage_nfs_filesytem_type + +- _Type:_ `string` +- _Default:_ `nfs` + +Filesystem type of the NFS filesystems that are part of the cluster configuration.
+ +### sap_ha_pacemaker_cluster_storage_nfs_mount_options + +- _Type:_ `string` +- _Default:_ `defaults` + +Mount options of the NFS filesystems that are part of the cluster configuration.
+ +### sap_ha_pacemaker_cluster_storage_nfs_server + +- _Type:_ `string` + +Default address of the NFS server, if not defined individually by filesystem.
+ +### sap_ha_pacemaker_cluster_system_roles_collection + +- _Type:_ `string` +- _Default:_ `fedora.linux_system_roles` + +Reference to the Ansible Collection used for the Linux System Roles.
+For community/upstream, use 'fedora.linux_system_roles'.
+For RHEL System Roles for SAP, or Red Hat Automation Hub, use 'redhat.rhel_system_roles'.
+ +### sap_ha_pacemaker_cluster_vip_client_interface + +- _Type:_ `string` + +OS device name of the network interface to use for the Virtual IP configuration.
+When there is only one interface on the system, its name will be used by default.
+ +### sap_ha_pacemaker_cluster_vip_hana_primary_ip_address + +- _Type:_ `string` + +The virtual IP of the primary HANA instance.
+Mandatory parameter for HANA clusters.
+ +### sap_ha_pacemaker_cluster_vip_hana_primary_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__HDB_primary` + +Customize the name of the resource managing the Virtual IP of the primary HANA instance.
+ +### sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address + +- _Type:_ `string` + +The virtual IP for read-only access to the secondary HANA instance.
+Optional parameter in HANA clusters.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address + +- _Type:_ `string` + +Virtual IP of the NetWeaver AAS instance.
+Mandatory for NetWeaver AAS cluster setup.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__AAS` + +Name of the SAPInstance resource for NetWeaver AAS.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address + +- _Type:_ `string` + +Virtual IP of the NetWeaver ASCS instance.
+Mandatory for NetWeaver ASCS/ERS cluster setup.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name + +- _Type:_ `string` +- _Default:_ `grp__ASCS` + +Name of the NetWeaver ASCS resource group.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__ASCS` + +Name of the SAPInstance resource for NetWeaver ASCS.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address + +- _Type:_ `string` + +Virtual IP of the NetWeaver ERS instance.
+Mandatory for NetWeaver ASCS/ERS cluster setup.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name + +- _Type:_ `string` +- _Default:_ `grp__ERS` + +Name of the NetWeaver ERS resource group.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__ERS` + +Name of the SAPInstance resource for NetWeaver ERS.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address + +- _Type:_ `string` + +Virtual IP of the NetWeaver PAS instance.
+Mandatory for NetWeaver PAS cluster setup.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__PAS` + +Name of the SAPInstance resource for NetWeaver PAS.
+ +### sap_ha_pacemaker_cluster_vip_secondary_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__HDB_readonly` + +Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
+ + + \ No newline at end of file diff --git a/roles/sap_ha_pacemaker_cluster/README.md b/roles/sap_ha_pacemaker_cluster/README.md index de8c0279..55e19ad2 100644 --- a/roles/sap_ha_pacemaker_cluster/README.md +++ b/roles/sap_ha_pacemaker_cluster/README.md @@ -1,1154 +1,138 @@ - + # sap_ha_pacemaker_cluster Ansible Role - + ![Ansible Lint for sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml/badge.svg) -Ansible Role for installation and configuration of Linux Pacemaker for High Availability of SAP Systems run on various Infrastructure Platforms. - -## Scope - -This Ansible Role provides: -- installation of Linux Pacemaker packages and dependencies -- configuration of Linux Pacemaker cluster with all relevant fencing agent and resource agent for an Infrastructure Platform and SAP Software (SAP HANA or SAP NetWeaver) -- setup and instantiation of Linux Pacemaker cluster (using `ha_cluster` Linux System Role) - -This Ansible Role has been tested for the following SAP Software Solution scenario deployments: -- SAP HANA Scale-up High Availability (SAPHanaSR Classic and SAPHanaSR-angi) -- SAP NetWeaver (ABAP) AS ASCS and ERS High Availability -- `Experimental:` SAP NetWeaver (ABAP) AS PAS and AAS High Availability -- `Experimental:` SAP NetWeaver (JAVA) AS SCS and ERS High Availability - -This Ansible Role contains Infrastructure Platform specific alterations for: -- AWS EC2 Virtual Servers -- `Beta:` Microsoft Azure Virtual Machines -- `Experimental:` Google Cloud Compute Engine Virtual Machine -- `Experimental:` IBM Cloud Virtual Server -- `Experimental:` IBM Power Virtual Server from IBM Cloud -- `Experimental:` IBM PowerVC hypervisor Virtual Machine - -Please note, this Ansible Role `sap_ha_pacemaker_cluster` is acting as a wrapper and generates the parameter definitions for a given SAP System, Infrastructure Platform specific variables and other additional steps to complete the SAP High Availability setup using Linux Pacemaker clusters. - -### Warnings :warning: - -- :warning: Do **not** execute this Ansible Role against already configured Linux Pacemaker cluster nodes; unless you know what you are doing and have prepared the input variables for the Ansible Role according to / matching to the existing Linux Pacemaker setup! -- :warning: Infrastructure Platforms not explicitly listed as available/tested are very unlikely to work. - -## Functionality - -_All of the following functionality is provided as **Technology Preview**._ - -### SAP HANA scale-up (performance-optimized) with SAP HANA System Replication, High Availability using Linux Pacemaker 2-node cluster - -| Platform | Usability | -| -------- | --------- | -| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | -| :heavy_check_mark: OVirt VM | tested and working | -| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | - -### SAP NetWeaver (ABAP) ASCS and ERS, High Availability using Linux Pacemaker 2-node cluster - -| Platform | Usability | -| -------- | --------- | -| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | -| :heavy_check_mark: OVirt VM | tested and working | -| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | - -## Requirements - -The Ansible Role requires the SAP HANA Database Server or SAP NetWeaver Application Server software installation to already exist on the target host/s. - -The target host must be either: -- Red Hat - - OS version: Registered RHEL4SAP (HA and US) 8.4+ - - OS package repositories enabled: SAP and High Availability -- SUSE - - OS version: Registered SLES for SAP 15+ (SLES4SAP 15+) - - OS package repositories enabled: HA Extension is part of registered SLES4SAP - - - -The Ansible Control System (where Ansible is executed from) must have: -- Ansible Core 2.9+ -- Access to dependency Ansible Collections and Ansible Roles: - - **Upstream**: - - Ansible Collection [`community.sap_install` from Ansible Galaxy](https://galaxy.ansible.com/community/sap_install) version `1.4.1` or later - - Ansible Collection [`fedora.linux_system_roles` from Ansible Galaxy](https://galaxy.ansible.com/fedora/linux_system_roles) version `1.82.0` or later - - **Supported (Downstream)** via Red Hat Ansible Automation Platform (AAP) license: - - Ansible Collection [`redhat.sap_install` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/sap_install) version `1.3.0` or later - - Ansible Collection [`redhat.rhel_system_roles` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles) version `1.20.0` or later - - **Supported (Downstream)** via RHEL4SAP license: - - RHEL System Roles for SAP RPM Package `rhel-system-roles-sap-3.6.0` or later - - RHEL System Roles RPM Package `rhel-system-roles-1.20.0` or later +## Description + +Ansible Role `sap_ha_pacemaker_cluster` is used to install and configure Linux Pacemaker High Availability clusters for SAP HANA and SAP Netweaver systems on various infrastructure platforms. + ## Prerequisites + +Infrastructure: +- It is required to create them manually or using [sap_vm_provision](https://github.com/sap-linuxlab/community.sap_infrastructure/tree/main/roles/sap_vm_provision) role, because this role does not create any Cloud platform resources that are required by Resource Agents. -All SAP Software must be installed, and all remote/file storage mounts must be available with correct permissions defined by SAP documentation. For SAP HANA High Availability, SAP HANA System Replication must already be installed. +Collection dependency: +1. `fedora.linux_system_roles` -In addition, the following network ports must be available: +Managed nodes: +1. Supported SAP system is installed +2. SAP HANA System Replication is configured for SAP HANA HA cluster +3. Operating system has access to all required packages +4. All required ports are open (details below) -| **SAP Technical Application and Component** | **Port** | +| SAP HANA System Replication process | Port | +| --- | --- | +| hdbnameserver
used for log and data shipping from a primary site to a secondary site.
System DB port number plus 10,000 | 4``01 | +| hdbnameserver
unencrypted metadata communication between sites.
System DB port number plus 10,000 | 4``02 | +| hdbnameserver
used for encrypted metadata communication between sites.
System DB port number plus 10,000 | 4``06 | +| hdbindexserver
used for first MDC Tenant database schema | 4``03 | +| hdbxsengine
used for SAP HANA XSC/XSA | 4``07| +| hdbscriptserver
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | +| hdbxsengine
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | + +| Linux Pacemaker process | Port | | --- | --- | -| **_SAP HANA System Replication_** | | -| hdbnameserver
used for log and data shipping from a primary site to a secondary site.
System DB port number plus 10,000 | 4``01 | -| hdbnameserver
unencrypted metadata communication between sites.
System DB port number plus 10,000 | 4``02 | -| hdbnameserver
used for encrypted metadata communication between sites.
System DB port number plus 10,000 | 4``06 | -| hdbindexserver
used for first MDC Tenant database schema | 4``03 | -| hdbxsengine
used for SAP HANA XSC/XSA | 4``07| -| hdbscriptserver
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | -| hdbxsengine
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | -| **_Linux Pacemaker_** | | | pcsd
cluster nodes requirement for node-to-node communication | 2224 (TCP)| | pacemaker
cluster nodes requirement for Pacemaker Remote service daemon | 3121 (TCP) | | corosync
cluster nodes requirement for node-to-node communication | 5404-5412 (UDP) | + + +## Execution + +**:warning: This ansible role will destroy and then recreate Linux Pacemaker cluster in process.** +:warning: Do not execute this Ansible Role against existing Linux Pacemaker clusters unless you know what you are doing and you prepare inputs according to existing cluster. + +Role can be execute separately or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + +### Supported Platforms +| Platform | Status | Notes | +| -------- | --------- | --------- | +| Physical server | :heavy_check_mark: | Need to specify valid fence agent | +| AWS EC2 Virtual Servers | :heavy_check_mark: | | +| Google Cloud Compute Engine Virtual Machine | :heavy_check_mark: | | +| Microsoft Azure Virtual Machines | :heavy_check_mark: | | +| IBM Cloud Virtual Server | :heavy_check_mark: | | +| IBM Power Virtual Server from IBM Cloud | :heavy_check_mark: | | +| IBM PowerVC hypervisor Virtual Machine | :heavy_check_mark: | | +| OVirt VM | :heavy_check_mark: | | + +### Supported scenarios + +| Platform | Variant | Status | +| -------- | --------- | --------- | +| SAP HANA scale-up (performance-optimized) 2 nodes | SAPHanaSR Classic | :heavy_check_mark: | +| SAP HANA scale-up (performance-optimized) 2 nodes | SAPHanaSR-angi | :heavy_check_mark: | +| SAP NetWeaver (ABAP) ASCS and ERS 2 nodes | Classic | :heavy_check_mark: | +| SAP NetWeaver (ABAP) ASCS and ERS 2 nodes | Simple Mount | :heavy_check_mark: | + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Detect target infrastructure platform and prepare recommended inputs unless they were provided. +3. Prepare variables with all cluster parameters and resources +4. Execute role `ha_cluster` from Ansible Collection `fedora.linux_system_roles` with prepared inputs. +5. Execute SAP product specific post tasks and verify cluster is running + + +### Example + +```yaml +--- +- name: Ansible Play for SAP HANA HA Scale-up cluster setup + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_ha_pacemaker_cluster + ansible.builtin.include_role: + name: community.sap_install.sap_ha_pacemaker_cluster + vars: + sap_ha_pacemaker_cluster_cluster_name: clusterhdb + sap_ha_pacemaker_cluster_hacluster_user_password: 'clusterpass' + + sap_ha_pacemaker_cluster_sap_type: saphana_scaleup + sap_ha_pacemaker_cluster_host_type: + - hana_scaleup_perf + + sap_ha_pacemaker_cluster_hana_sid: "H01" + sap_ha_pacemaker_cluster_hana_instance_nr: "01" + + sap_ha_pacemaker_cluster_cluster_nodes: + - node_name: h01hana0 + node_ip: "10.10.10.10" + node_role: primary + hana_site: DC01 + - node_name: h01hana1 + node_ip: "10.10.10.11" + node_role: secondary + hana_site: DC02 + sap_ha_pacemaker_cluster_replication_type: none + sap_ha_pacemaker_cluster_vip_resource_group_name: viphdb + + sap_hana_cluster_nodes: +``` + -## Execution Flow - -The Ansible Role is sequential: -- Validate input Ansible Variables -- Identify host's Infrastructure Platform -- Generate Linux Pacemaker definition for given Infrastructure Platform and SAP Software -- Execute `ha_cluster` Ansible Role with Linux Pacemaker definition -- Instantiate Linux Pacemaker cluster - -## Tips - -Check out the [role variables of the `ha_cluster` Linux System Role](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md) for additional possible settings that can be applied when using the `sap_ha_pacemaker_cluster` role. - -For example:
-Adding `ha_cluster_start_on_boot: false` to disable the automatic start of cluster services on boot. - -## Sample + + -Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. + +## Further Information +Cluster can be further customized with inputs available from underlying role [ha_cluster](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md), which will take precedence over `sap_ha_pacemaker_cluster` inputs. + ## License - + Apache 2.0 + -## Author Information +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) +- [Marcel Mamula](https://github.com/marcelmamula) + -Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions - - - ---- - ## Role Input Parameters - -Minimum required parameters for all clusters: - -- [sap_ha_pacemaker_cluster_hacluster_user_password](#sap_ha_pacemaker_cluster_hacluster_user_password) - -Additional minimum requirements depend on the type of cluster setup and on the target platform. - -### sap_ha_pacemaker_cluster_aws_access_key_id - -- _Type:_ `string` - -AWS access key to allow control of instances (for example for fencing operations).
-Mandatory for the cluster nodes setup on AWS EC2 instances, when:
-1. IAM Role or Instance profile is not attached to EC2 instance.
-2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
- -### sap_ha_pacemaker_cluster_aws_credentials_setup - -- _Type:_ `string` - -Set this parameter to 'true' to store AWS credentials into /root/.aws/credentials.
-Requires: `sap_ha_pacemaker_cluster_aws_access_key_id` and `sap_ha_pacemaker_cluster_aws_secret_access_key`
-Mandatory for the cluster nodes setup on AWS EC2 instances, when:
-1. IAM Role or Instance profile is not attached to EC2 instance.
- -### sap_ha_pacemaker_cluster_aws_region - -- _Type:_ `string` - -The AWS region in which the instances to be used for the cluster setup are located.
-Mandatory for cluster nodes setup on AWS EC2 instances.
- -### sap_ha_pacemaker_cluster_aws_secret_access_key - -- _Type:_ `string` - -AWS secret key, paired with the access key for instance control.
-Mandatory for the cluster nodes setup on AWS EC2 instances, when:
-1. IAM Role or Instance profile is not attached to EC2 instance.
-2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
- -### sap_ha_pacemaker_cluster_aws_vip_update_rt - -- _Type:_ `string` - -List one more routing table IDs for managing Virtual IP failover through routing table changes.
-Multiple routing tables must be defined as a comma-separated string (no spaces).
-Mandatory for the VIP resource configuration in AWS EC2 environments.
- -### sap_ha_pacemaker_cluster_cluster_name - -- _Type:_ `string` - -The name of the pacemaker cluster.
-Inherits the `ha_cluster` LSR native parameter `ha_cluster_cluster_name` if not defined.
-If not defined, the `ha_cluster` Linux System Role default will be used.
- -### sap_ha_pacemaker_cluster_cluster_nodes - -- _Type:_ `list` - -List of cluster nodes and associated attributes to describe the target SAP HA environment.
-This is required for the HANA System Replication configuration.
-Synonym for this parameter is `sap_hana_cluster_nodes`.
-Mandatory to be defined for HANA clusters.
- -- **hana_site**
- Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). -- **node_ip**
- IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ -- **node_name**
- Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ -- **node_role**
- Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ - -Example: - -```yaml -sap_ha_pacemaker_cluster_cluster_nodes: -- hana_site: DC01 - node_ip: 192.168.5.1 - node_name: nodeA - node_role: primary -- hana_site: DC02 -``` - -### sap_ha_pacemaker_cluster_cluster_properties - -- _Type:_ `dict` -- _Default:_ `{'concurrent-fencing': True, 'stonith-enabled': True, 'stonith-timeout': 900}` - -Standard pacemaker cluster properties are configured with recommended settings for cluster node fencing.
-When no STONITH resource is defined, STONITH will be disabled and a warning displayed.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_cluster_properties: - concurrent-fencing: true - stonith-enabled: true - stonith-timeout: 900 -``` - -### sap_ha_pacemaker_cluster_create_config_dest - -- _Type:_ `string` -- _Default:_ `review_resource_config.yml` - -The pacemaker cluster resource configuration optionally created by this role will be saved in a Yaml file in the current working directory.
-Requires `sap_ha_pacemaker_cluster_create_config_varfile` to be enabled for generating the output file.
-Specify a path/filename to save the file in a custom location.
-The file can be used as input vars file for an Ansible playbook running the 'ha_cluster' Linux System Role.
- -### sap_ha_pacemaker_cluster_create_config_varfile - -- _Type:_ `bool` -- _Default:_ `False` - -When enabled, all cluster configuration parameters this role constructs for executing the 'ha_cluster' Linux System role will be written into a file in Yaml format.
-This allows using the output file later as input file for additional custom steps using the 'ha_cluster' role and covering the resource configuration in a cluster that was set up using this 'sap_ha_pacemaker_cluster' role.
-When enabled this parameters file is also created when the playbook is run in check_mode (`--check`) and can be used to review the configuration parameters without executing actual changes on the target nodes.
-WARNING! This report may include sensitive details like secrets required for certain cluster resources!
- -### sap_ha_pacemaker_cluster_enable_cluster_connector - -- _Type:_ `bool` -- _Default:_ `True` - -Enables/Disables the SAP HA Interface for SAP ABAP application server instances, also known as `sap_cluster_connector`.
-Set this parameter to 'false' if the SAP HA interface should not be installed and configured.
- -### sap_ha_pacemaker_cluster_extra_packages - -- _Type:_ `list` - -Additional extra packages to be installed, for instance specific resource packages.
-For SAP clusters configured by this role, the relevant standard packages for the target scenario are automatically included.
- -### sap_ha_pacemaker_cluster_fence_agent_packages - -- _Type:_ `list` - -Additional fence agent packages to be installed.
-This is automatically combined with default packages in:
-`__sap_ha_pacemaker_cluster_fence_agent_packages_minimal`
-`__sap_ha_pacemaker_cluster_fence_agent_packages_platform`
- -### sap_ha_pacemaker_cluster_gcp_project - -- _Type:_ `string` - -Google Cloud project name in which the target instances are installed.
-Mandatory for the cluster setup on GCP instances.
- -### sap_ha_pacemaker_cluster_gcp_region_zone - -- _Type:_ `string` - -Google Cloud Platform region zone ID.
-Mandatory for the cluster setup on GCP instances.
- -### sap_ha_pacemaker_cluster_ha_cluster - -- _Type:_ `dict` - -The `ha_cluster` LSR native parameter `ha_cluster` can be used as a synonym.
-Optional _**host_vars**_ parameter - if defined it must be set for each node.
-Dictionary that can contain various node options for the pacemaker cluster configuration.
-Supported options can be reviewed in the `ha_cluster` Linux System Role [https://github.com/linux-system-roles/ha_cluster/blob/master/README.md].
-If not defined, the `ha_cluster` Linux System Role default will be used.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_ha_cluster: - corosync_addresses: - - 192.168.1.10 - - 192.168.2.10 - node_name: nodeA -``` - -### sap_ha_pacemaker_cluster_hacluster_user_password required - -- _Type:_ `string` - -The password of the `hacluster` user which is created during pacemaker installation.
-Inherits the value of `ha_cluster_hacluster_password`, when defined.
- -### sap_ha_pacemaker_cluster_hana_automated_register - -- _Type:_ `bool` -- _Default:_ `True` - -Parameter for the 'SAPHana' cluster resource.
-Define if a former primary should be re-registered automatically as secondary.
- -### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name - -- _Type:_ `string` -- _Default:_ `col_saphana_vip__HDB_primary` - -Customize the cluster constraint name for VIP and SAPHana primary clone colocation.
- -### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name - -- _Type:_ `string` -- _Default:_ `col_saphana_vip__HDB_readonly` - -Customize the cluster constraint name for VIP and SAPHana secondary clone colocation.
- -### sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout - -- _Type:_ `int` -- _Default:_ `7200` - -Parameter for the 'SAPHana' cluster resource.
-Time difference needed between to primary time stamps, if a dual-primary situation occurs.
-If the time difference is less than the time gap, then the cluster holds one or both instances in a "WAITING" status.
-This is to give an admin a chance to react on a failover. A failed former primary will be registered after the time difference is passed.
- -### sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaFil__HDB` - -Customize the cluster resource name of the SAP HANA Filesystem clone.
- -### sap_ha_pacemaker_cluster_hana_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaFil__HDB` - -Customize the cluster resource name of the SAP HANA Filesystem.
- -### sap_ha_pacemaker_cluster_hana_global_ini_path - -- _Type:_ `string` -- _Default:_ `/usr/sap//SYS/global/hdb/custom/config/global.ini` - -Path with location of global.ini for srHook update
- -### sap_ha_pacemaker_cluster_hana_hook_chksrv - -- _Type:_ `bool` -- _Default:_ `False` - -Controls if ChkSrv srHook is enabled during srHook creation.
-It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
- -### sap_ha_pacemaker_cluster_hana_hook_tkover - -- _Type:_ `bool` -- _Default:_ `False` - -Controls if TkOver srHook is enabled during srHook creation.
-It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
- -### sap_ha_pacemaker_cluster_hana_hooks - -- _Type:_ `list` -- _Default:_ `[]` - -Customize required list of SAP HANA Hooks
-Mandatory to include SAPHanaSR srHook in list.
-Mandatory attributes are provider and path.
-Example below shows mandatory SAPHanaSR, TkOver and ChkSrv hooks.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_hana_hooks: -- options: - - name: execution_order - value: 1 - path: /usr/share/SAPHanaSR/ - provider: SAPHanaSR -- options: - - name: execution_order - value: 2 - path: /usr/share/SAPHanaSR/ - provider: susTkOver -- options: - - name: execution_order - value: 3 - - name: action_on_lost - value: stop - path: /usr/share/SAPHanaSR/ - provider: susChkSrv -``` - -### sap_ha_pacemaker_cluster_hana_instance_nr - -- _Type:_ `string` - -The instance number of the SAP HANA database which this role will configure in the cluster.
-Inherits the value of `sap_hana_instance_number`, when defined.
-Mandatory for SAP HANA cluster setups.
- -### sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_vip__HDB_primary` - -Customize the cluster constraint name for VIP and SAPHana primary clone order.
- -### sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_vip__HDB_readonly` - -Customize the cluster constraint name for VIP and SAPHana secondary clone order.
- -### sap_ha_pacemaker_cluster_hana_order_topology_hana_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_saphanatop__HDB` - -Customize the cluster constraint name for SAPHana and Topology order.
- -### sap_ha_pacemaker_cluster_hana_prefer_site_takeover - -- _Type:_ `bool` -- _Default:_ `True` - -Parameter for the 'SAPHana' cluster resource.
-Set to "false" if the cluster should first attempt to restart the instance on the same node.
-When set to "true" (default) a failover to secondary will be initiated on resource failure.
- -### sap_ha_pacemaker_cluster_hana_resource_clone_msl_name - -- _Type:_ `string` -- _Default:_ `msl_SAPHana__HDB` - -Customize the cluster resource name of the SAP HANA DB resource master slave clone.
-Master Slave clone is specific to Classic SAPHana resource on SUSE (non-angi).
- -### sap_ha_pacemaker_cluster_hana_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHana__HDB` - -Customize the cluster resource name of the SAP HANA DB resource clone.
- -### sap_ha_pacemaker_cluster_hana_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHana__HDB` - -Customize the cluster resource name of the SAP HANA DB resource.
- -### sap_ha_pacemaker_cluster_hana_sid - -- _Type:_ `string` - -The SAP HANA SID of the instance that will be configured in the cluster.
-The SID must follow SAP specifications - see SAP Note 1979280.
-Inherits the value of `sap_hana_sid`, when defined.
-Mandatory for SAP HANA cluster setups.
- -### sap_ha_pacemaker_cluster_hana_topology_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaTop__HDB` - -Customize the cluster resource name of the SAP HANA Topology resource clone.
- -### sap_ha_pacemaker_cluster_hana_topology_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaTop__HDB` - -Customize the cluster resource name of the SAP HANA Topology resource.
- -### sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaCon__HDB` - -Customize the cluster resource name of the SAP HANA Controller clone.
- -### sap_ha_pacemaker_cluster_hanacontroller_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaCon__HDB` - -Customize the cluster resource name of the SAP HANA Controller.
- -### sap_ha_pacemaker_cluster_host_type - -- _Type:_ `list` -- _Default:_ `hana_scaleup_perf` - -The SAP landscape to for which the cluster is to be configured.
-The default is a 2-node SAP HANA scale-up cluster.
- -### sap_ha_pacemaker_cluster_ibmcloud_api_key - -- _Type:_ `string` - -The API key which is required to allow the control of instances (for example for fencing operations).
-Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
- -### sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type - -- _Type:_ `string` - -IBM Power Virtual Server API Endpoint type (public or private) dependent on network interface attachments for the target instances.
-Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
- -### sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url - -- _Type:_ `string` - -IBM Power Virtual Server forward proxy url when IBM Power Virtual Server API Endpoint type is set to private.
-When public network interface, can be ignored.
-When private network interface, mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
- -### sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn - -- _Type:_ `string` - -IBM Power Virtual Server Workspace service cloud resource name (CRN) identifier which contains the target instances
-Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
- -### sap_ha_pacemaker_cluster_ibmcloud_region - -- _Type:_ `string` - -The IBM Cloud VS region name in which the instances are running.
-Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
- -### sap_ha_pacemaker_cluster_msazure_resource_group - -- _Type:_ `string` - -Resource group name/ID in which the target instances are defined.
-Mandatory for the cluster setup on MS Azure instances.
- -### sap_ha_pacemaker_cluster_msazure_subscription_id - -- _Type:_ `string` - -Subscription ID of the MS Azure environment containing the target instances.
-Mandatory for the cluster setup on MS Azure instances.
- -### sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP AAS instance.
-Mandatory for NetWeaver AAS cluster configuration.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 - -- _Type:_ `bool` -- _Default:_ `False` - -The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2.
-Set this parameter to 'true' to configure it as ENSA1.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount - -- _Type:_ `bool` -- _Default:_ `True` - -Enables preferred method for ASCS ERS ENSA2 clusters - Simple Mount
-Set this parameter to 'true' to configure ENSA2 Simple Mount.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__ASCS` - -Name of the filesystem resource for the ASCS instance.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness - -- _Type:_ `string` -- _Default:_ `3000` - -NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node it was started on.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP ASCS instance.
-Mandatory for NetWeaver ASCS/ERS cluster configuration.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool - -- _Type:_ `bool` -- _Default:_ `False` - -NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER".
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout - -- _Type:_ `string` -- _Default:_ `60` - -NetWeaver ASCS instance failure-timeout attribute.
-Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold - -- _Type:_ `string` -- _Default:_ `1` - -NetWeaver ASCS instance migration-threshold setting attribute.
-Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name - -- _Type:_ `string` - -The name of the ASCS instance, typically the profile name.
-Mandatory for the NetWeaver ASCS/ERS cluster setup
-Recommended format _ASCS_.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPInstance__ASCS` - -Name of the ASCS instance resource.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness - -- _Type:_ `string` -- _Default:_ `5000` - -NetWeaver ASCS instance resource stickiness attribute.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string - -- _Type:_ `string` - -The full path and name of the ASCS instance profile.
-Mandatory for the NetWeaver ASCS/ERS cluster setup.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPStartSrv__ASCS` - -Name of the ASCS SAPStartSrv resource for simple mount.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__ERS` - -Name of the filesystem resource for the ERS instance.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP ERS instance.
-Mandatory for NetWeaver ASCS/ERS cluster configuration.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool - -- _Type:_ `bool` -- _Default:_ `False` - -NetWeaver ERS instance resource option "AUTOMATIC_RECOVER".
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name - -- _Type:_ `string` - -The name of the ERS instance, typically the profile name.
-Mandatory for the NetWeaver ASCS/ERS cluster setup.
-Recommended format _ERS_.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPInstance__ERS` - -Name of the ERS instance resource.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string - -- _Type:_ `string` - -The full path and name of the ERS instance profile.
-Mandatory for the NetWeaver ASCS/ERS cluster.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPStartSrv__ERS` - -Name of the ERS SAPstartSrv resource for simple mount.
- -### sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP PAS instance.
-Mandatory for NetWeaver PAS cluster configuration.
- -### sap_ha_pacemaker_cluster_nwas_abap_sid - -- _Type:_ `string` - -SID of the NetWeaver instances.
-Mandatory for NetWeaver cluster configuration.
-Uses `sap_swpm_sid` if defined.
-Mandatory for NetWeaver cluster setups.
- -### sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name - -- _Type:_ `string` -- _Default:_ `col_ascs_separate_` - -Customize the cluster constraint name for ASCS and ERS separation colocation.
- -### sap_ha_pacemaker_cluster_nwas_order_ascs_first_name - -- _Type:_ `string` -- _Default:_ `ord_ascs_first_` - -Customize the cluster constraint name for ASCS starting before ERS order.
- -### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_fs__sapmnt` - -Filesystem resource clone name for the shared filesystem /sapmnt.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__sapmnt` - -Filesystem resource name for the shared filesystem /sapmnt.
-Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed - -- _Type:_ `bool` -- _Default:_ `False` - -Change this parameter to 'true' if the 3 shared filesystems `/usr/sap/trans`, `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources.
- -### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_fs__sys` - -Filesystem resource clone name for the shared filesystem /usr/sap//SYS.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__sys` - -Filesystem resource name for the transports filesystem /usr/sap//SYS.
-Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_fs__trans` - -Filesystem resource clone name for the shared filesystem /usr/sap/trans.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__trans` - -Filesystem resource name for the transports filesystem /usr/sap/trans.
-Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_operation_defaults - -- _Type:_ `dict` -- _Default:_ `{'record-pending': True, 'timeout': 600}` - -Set default operation parameters that will be valid for all pacemaker resources.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_operation_defaults: - record-pending: true - timeout: 600 -``` - -### sap_ha_pacemaker_cluster_resource_defaults - -- _Type:_ `dict` -- _Default:_ `{'migration-threshold': 5000, 'resource-stickiness': 3000}` - -Set default parameters that will be valid for all pacemaker resources.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_resource_defaults: - migration-threshold: 5000 - resource-stickiness: 1000 -``` - -### sap_ha_pacemaker_cluster_saphanasr_angi_detection - -- _Type:_ `string` -- _Default:_ `True` - -Disabling this variable enables to use Classic SAPHanaSR agents even on server, with SAPHanaSR-angi is available.
- -### sap_ha_pacemaker_cluster_sbd_devices - -- _Type:_ `list` - -Required if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
-Provide list of block devices for Stonith SBD agent
- -Example: - -```yaml -sap_ha_pacemaker_cluster_sbd_devices: -- /dev/disk/by-id/scsi-3600 -``` - -### sap_ha_pacemaker_cluster_sbd_enabled - -- _Type:_ `bool` - -Set this parameter to 'true' to enable workflow to add Stonith SBD resource.
-Stonith SBD resource has to be provided as part of `sap_ha_pacemaker_cluster_stonith_custom`.
-Default SBD agents are: stonith:external/sbd for SLES and stonith:fence_sbd for RHEL
- -Example: - -```yaml -sap_ha_pacemaker_cluster_sbd_devices: -- /dev/disk/by-id/scsi-3600 -sap_ha_pacemaker_cluster_sbd_enabled: true -sap_ha_pacemaker_cluster_stonith_custom: -- agent: stonith:external/sbd - id: stonith_sbd - instance_attrs: - - attrs: - - name: pcmk_delay_max - value: 15 -``` - -### sap_ha_pacemaker_cluster_sbd_options - -- _Type:_ `list` - -Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
-Provide list of SBD specific options that are added into SBD configuration file.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_sbd_options: -- name: startmode - value: clean -``` - -### sap_ha_pacemaker_cluster_sbd_watchdog - -- _Type:_ `str` -- _Default:_ `/dev/watchdog` - -Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
-Provide watchdog name to override default /dev/watchdog
- -### sap_ha_pacemaker_cluster_sbd_watchdog_modules - -- _Type:_ `list` - -Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
-Provide list of watchdog kernel modules to be loaded (creates /dev/watchdog* devices).
- -Example: - -```yaml -sap_ha_pacemaker_cluster_sbd_watchdog_modules: -- softdog -``` - -### sap_ha_pacemaker_cluster_stonith_custom - -- _Type:_ `list` - -Custom list of STONITH resource(s) to be configured in the cluster.
-This definition override any defaults the role would apply otherwise.
-Definition follows structure of ha_cluster_resource_primitives in linux-system-roles/ha_cluster
- -- **agent**
- Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. -- **id**
- Parameter `id` is required.
Name that will be used as the resource ID (name). -- **instance_attrs**
- Defines resource agent params as list of name/value pairs.
Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail.
Example: stonith:fence_sbd agent requires devices option with list of SBD disks.
Example: stonith:external/sbd agent does not require devices option, but `sap_ha_pacemaker_cluster_sbd_devices`. -- **meta_attrs**
- Defines meta attributes as list of name/value pairs. -- **name**
- WARNING! This option will be removed in future release. -- **operations**
- Defines list of resource agent operations. -- **options**
- WARNING! This option will be removed in future release. - -Example: - -```yaml -sap_ha_pacemaker_cluster_stonith_custom: -- agent: stonith:fence_rhevm - id: my-fence-resource - instance_attrs: - - attrs: - - name: ip - value: rhevm-server - - name: username - value: login-user - - name: password - value: login-user-password - - name: pcmk_host_list - value: node1,node2 - - name: power_wait - value: 3 - meta_attrs: - - attrs: - - name: target-role - value: Started - operations: - - action: start - attrs: - - name: interval - value: 0 - - name: timeout - value: 180 -``` - -### sap_ha_pacemaker_cluster_storage_definition - -- _Type:_ `list` - -List of filesystem definitions used for filesystem cluster resources.
-Options relevant, see example.
-Mandatory for SAP NetWeaver HA cluster configurations.
-Reuse `sap_storage_setup_definition` if defined.
-Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'.
-Reuse `sap_storage_setup_definition` all options are documented under Ansible Role `sap_storage_setup`.
-Note! For this variable, the argument specification does not list options, to avoid errors during reuse of `sap_storage_setup_definition` if defined.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_storage_definition: -- mountpoint: /usr/sap - name: usr_sap - nfs_path: /usr/sap - nfs_server: nfs-server.example.com:/ -- mountpoint: /usr/sap/trans - name: usr_sap_trans - nfs_path: /usr/sap/trans - nfs_server: nfs-server.example.com:/ -- mountpoint: /sapmnt - name: sapmnt - nfs_filesystem_type: nfs - nfs_mount_options: defaults - nfs_path: /sapmnt - nfs_server: nfs-server.example.com:/ -``` - -### sap_ha_pacemaker_cluster_storage_nfs_filesytem_type - -- _Type:_ `string` -- _Default:_ `nfs` - -Filesystem type of the NFS filesystems that are part of the cluster configuration.
- -### sap_ha_pacemaker_cluster_storage_nfs_mount_options - -- _Type:_ `string` -- _Default:_ `defaults` - -Mount options of the NFS filesystems that are part of the cluster configuration.
- -### sap_ha_pacemaker_cluster_storage_nfs_server - -- _Type:_ `string` - -Default address of the NFS server, if not defined individually by filesystem.
- -### sap_ha_pacemaker_cluster_system_roles_collection - -- _Type:_ `string` -- _Default:_ `fedora.linux_system_roles` - -Reference to the Ansible Collection used for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'.
-For RHEL System Roles for SAP, or Red Hat Automation Hub, use 'redhat.rhel_system_roles'.
- -### sap_ha_pacemaker_cluster_vip_client_interface - -- _Type:_ `string` - -OS device name of the network interface to use for the Virtual IP configuration.
-When there is only one interface on the system, its name will be used by default.
- -### sap_ha_pacemaker_cluster_vip_hana_primary_ip_address - -- _Type:_ `string` - -The virtual IP of the primary HANA instance.
-Mandatory parameter for HANA clusters.
- -### sap_ha_pacemaker_cluster_vip_hana_primary_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__HDB_primary` - -Customize the name of the resource managing the Virtual IP of the primary HANA instance.
- -### sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address - -- _Type:_ `string` - -The virtual IP for read-only access to the secondary HANA instance.
-Optional parameter in HANA clusters.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver AAS instance.
-Mandatory for NetWeaver AAS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__AAS` - -Name of the SAPInstance resource for NetWeaver AAS.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver ASCS instance.
-Mandatory for NetWeaver ASCS/ERS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name - -- _Type:_ `string` -- _Default:_ `grp__ASCS` - -Name of the NetWeaver ASCS resource group.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__ASCS` - -Name of the SAPInstance resource for NetWeaver ASCS.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver ERS instance.
-Mandatory for NetWeaver ASCS/ERS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name - -- _Type:_ `string` -- _Default:_ `grp__ERS` - -Name of the NetWeaver ERS resource group.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__ERS` - -Name of the SAPInstance resource for NetWeaver ERS.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver PAS instance.
-Mandatory for NetWeaver PAS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__PAS` - -Name of the SAPInstance resource for NetWeaver PAS.
- -### sap_ha_pacemaker_cluster_vip_secondary_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__HDB_readonly` - -Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
- - +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md) From 40bb2075c62743d188b6fb7035a5d17469fc393e Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Thu, 26 Sep 2024 13:39:10 +0200 Subject: [PATCH 06/51] Docs: Readme update for all roles except swpm --- README.md | 5 +- docs/getting_started/README.md | 32 + roles/sap_anydb_install_oracle/README.md | 10 +- .../INPUT_PARAMETERS.md | 311 +++++++++ roles/sap_general_preconfigure/README.md | 531 ++++----------- .../INPUT_PARAMETERS.md | 27 + roles/sap_ha_install_anydb_ibmdb2/README.md | 122 ++-- .../INPUT_PARAMETERS.md | 90 +++ roles/sap_ha_install_hana_hsr/README.md | 174 +++-- .../INPUT_PARAMETERS.md | 18 +- roles/sap_ha_pacemaker_cluster/README.md | 52 +- roles/sap_hana_install/INPUT_PARAMETERS.md | 59 ++ roles/sap_hana_install/README.md | 372 +++++------ .../sap_hana_preconfigure/INPUT_PARAMETERS.md | 324 +++++++++ roles/sap_hana_preconfigure/README.md | 626 ++++-------------- roles/sap_hostagent/INPUT_PARAMETERS.md | 130 ++++ roles/sap_hostagent/README.md | 254 ++++--- .../INPUT_PARAMETERS.md | 181 +++++ roles/sap_install_media_detect/README.md | 161 +++-- .../INPUT_PARAMETERS.md | 78 +++ roles/sap_maintain_etc_hosts/README.md | 218 +++--- .../INPUT_PARAMETERS.md | 92 +++ roles/sap_netweaver_preconfigure/README.md | 255 +++---- roles/sap_storage_setup/INPUT_PARAMETERS.md | 140 ++++ roles/sap_storage_setup/README.md | 259 ++++---- 25 files changed, 2595 insertions(+), 1926 deletions(-) create mode 100644 roles/sap_general_preconfigure/INPUT_PARAMETERS.md create mode 100644 roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md create mode 100644 roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md create mode 100644 roles/sap_hana_install/INPUT_PARAMETERS.md create mode 100644 roles/sap_hana_preconfigure/INPUT_PARAMETERS.md create mode 100644 roles/sap_hostagent/INPUT_PARAMETERS.md create mode 100644 roles/sap_install_media_detect/INPUT_PARAMETERS.md create mode 100644 roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md create mode 100644 roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md create mode 100644 roles/sap_storage_setup/INPUT_PARAMETERS.md diff --git a/README.md b/README.md index 55ca84a2..d413df34 100644 --- a/README.md +++ b/README.md @@ -82,7 +82,7 @@ See [Installing collections](https://docs.ansible.com/ansible/latest/collections More deployment scenarios are available in [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) repository. ### Ansible Roles -All included roles can be execute separately or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. +All included roles can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. | Name | Summary | | :--- | :--- | @@ -136,6 +136,9 @@ You can find the release notes of this collection in [Changelog file](https://gi ### Variable Precedence Rules Please follow [Ansible Precedence guidelines](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable) on how to pass variables when using this collection. +### Getting Started +More information on how to execute Ansible playbooks is in [Getting started guide](https://github.com/sap-linuxlab/community.sap_install/blob/main/docs/getting_started/README.md). + ## License [Apache 2.0](https://github.com/sap-linuxlab/community.sap_install/blob/main/LICENSE) diff --git a/docs/getting_started/README.md b/docs/getting_started/README.md index 7788e3c4..c5b79b2c 100644 --- a/docs/getting_started/README.md +++ b/docs/getting_started/README.md @@ -6,6 +6,7 @@ In this folder you will find sample files, a few additional tips for using the p - [Inventory and variable parameters](#inventory-and-variable-parameters) - [Security parameters](#security-parameters) - [Other useful options](#other-useful-options) + - [Improve readability of playbook output in terminal](#improve-readability-of-playbook-output-in-terminal) ## How to run playbooks @@ -95,3 +96,34 @@ These are not all available options, but ones that may help getting familiar wit Be careful to choose a task which covers pre-requisites, i.e. tasks that discover information which is used in subsequent tasks have to be run to fulfill conditionals. - `-C` attempts a dry-run of the playbook without applying actual changes. This is limited to simple tasks that do not require other changes already been done in previous tasks. - `--step` this executes the playbook but will prompt for every task to be run or skipped. At the prompt it can also be told to continue and not ask again, however. Useful to slow down execution and review each tasks result before proceeding with the next task. + +### Improve readability of playbook output in terminal +Note: For terminals with dark background, replace the color code `30m` by `37m`. +In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: +```yaml +printf "\033[37mreadable font\n" +``` +In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: +```yaml +printf "\033[30mreadable font\n" +``` + +Execution of `sap_general_preconfigure` playbook with a nice compact and colored output, this time for two hosts: +```console +ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | +awk '{sub (" \"msg\": ", "")} + /TASK/{task_line=$0} + /fatal:/{fatal_line=$0; nfatal[host]++} + /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} + /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} + /SAP note/{print "\033[30m[" host"] "$0} + /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} + /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} + /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} + /INFO:/{print "\033[34m[" host"] "$0} + /changed/&&/unreachable/{print "\033[30m[" host"] "$0} + END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { + printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line + } + else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' +``` diff --git a/roles/sap_anydb_install_oracle/README.md b/roles/sap_anydb_install_oracle/README.md index 7e55d242..027615e3 100644 --- a/roles/sap_anydb_install_oracle/README.md +++ b/roles/sap_anydb_install_oracle/README.md @@ -7,16 +7,22 @@ Ansible role `sap_anydb_install_oracle` is used to install Oracle Database 19.x for SAP system. -## Prerequisites + + + +## Prerequisites Managed nodes: -1. Installation media present and `sap_anydb_install_oracle_extract_path` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. +- Directory with installation media is present and `sap_anydb_install_oracle_extract_path` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. ## Execution + + + ### Execution Flow 1. Prepare OS: Install packages, create users, create folders and copy installation media. diff --git a/roles/sap_general_preconfigure/INPUT_PARAMETERS.md b/roles/sap_general_preconfigure/INPUT_PARAMETERS.md new file mode 100644 index 00000000..36468323 --- /dev/null +++ b/roles/sap_general_preconfigure/INPUT_PARAMETERS.md @@ -0,0 +1,311 @@ +## Input Parameters for sap_general_preconfigure Ansible Role + +#### Minimum required parameters: + +This role does not require any parameter to be set in the playbook or inventory. + + +### sap_general_preconfigure_config_all +- _Type:_ `bool` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_general_preconfigure_installation +- _Type:_ `bool` + +If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_general_preconfigure_configuration +- _Type:_ `bool` + +If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
+ +Example: + +```yaml +sap_general_preconfigure_config_all: false +sap_general_preconfigure_configuration: true +sap_general_preconfigure_2002167_02: true +sap_general_preconfigure_1391070: true +``` + +### sap_general_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_general_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_general_preconfigure_system_roles_collection +- _Type:_ `str` +- _Default:_ `'fedora.linux_system_roles'` +- _Possible Values:_
+ - `fedora.linux_system_roles` + - `redhat.rhel_system_roles` + +Set which Ansible Collection to use for the Linux System Roles.
+For community/upstream, use 'fedora.linux_system_roles'
+For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
+ +### sap_general_preconfigure_enable_repos +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want the role to enable the repos as configured by the following repo related parameters.
+The default is `false`, meaning that the role will not enable repos.
+ +### sap_general_preconfigure_use_netweaver_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the SAP NetWeaver repo(s).
+The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_use_hana_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the SAP HANA repo(s).
+The default is `true`, meaning that the role will enable the SAP HANA repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_use_ha_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the high availability repo(s).
+The default is `true`, meaning that the role will enable the high availability repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_disable_all_other_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above.
+The default is `true`, meaning that the role will disable all repos before enabling the desired ones.
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_req_repos +- _Type:_ `list` with elements of type `str` + +If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly.
+Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically
+(e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4).
+ +Example: + +```yaml +sap_general_preconfigure_req_repos: +- rhel-8-for-x86_64-baseos-eus-rpms +- rhel-8-for-x86_64-appstream-eus-rpms +- rhel-8-for-x86_64-sap-solutions-eus-rpms +- rhel-8-for-x86_64-sap-netweaver-eus-rpms +- rhel-8-for-x86_64-highavailability-eus-rpms +``` + +### sap_general_preconfigure_set_minor_release +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`.
+If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos.
+ +### sap_general_preconfigure_packagegroups +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +The name of the software package group to install.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +'@minimal-environment' +``` + +### sap_general_preconfigure_envgroups +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +The name of the software environment group to check.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +'@minimal-environment' +``` + +### sap_general_preconfigure_packages +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +The list of packages to install.
+The default for this variable is set in the vars file which corresponds to the detected OS version.
+ +### sap_general_preconfigure_min_package_check +- _Type:_ `bool` +- _Default:_ `true` + +The default is to install or check if the minimum package versions are installed as defined in the vars files.
+Set to `false` if you do not install or check these minimum package versions.
+ +### sap_general_preconfigure_install_ibm_power_tools +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
+See also SAP note 2679703.
+ +### sap_general_preconfigure_add_ibm_power_repo +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
+are already available on the local network). The IBM Power Systems service and productivity tools will only
+be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
+ +### sap_general_preconfigure_ibm_power_repo_url +- _Type:_ `str` +- _Default:_ `'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm'` + +URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools
+ +### sap_general_preconfigure_update +- _Type:_ `bool` +- _Default:_ `false` + +By default, the role will not update the system, for avoiding an unintentional minor OS release update.
+Set this parameter to `true` if you want to update your system to the latest package versions.
+When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of
+those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`.
+ +### sap_general_preconfigure_reboot_ok +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want to perform a reboot at the end of the role, if necessary.
+ +### sap_general_preconfigure_fail_if_reboot_required +- _Type:_ `bool` +- _Default:_ `true` + +If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
+remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
+Can be useful if you want to implement your own reboot handling.
+ +### sap_general_preconfigure_selinux_state +- _Type:_ `str` +- _Default:_ `'permissive'` +- _Possible Values:_
+ - `enforcing` + - `permissive` + - `disabled` + +One of the SELinux states to be set on the system.
+ +### sap_general_preconfigure_create_directories +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the SAP directories to be created by the role.
+The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels`
+(see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set.
+ +### sap_general_preconfigure_sap_directories +- _Type:_ `list` with elements of type `str` +- _Default:_ + - /usr/sap + +List of SAP directories to be created.
+ +### sap_general_preconfigure_modify_selinux_labels +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want to modify the SELinux labels for the SAP directories set
+in variable `sap_general_preconfigure_sap_directories`.
+ +### sap_general_preconfigure_size_of_tmpfs_gb +- _Type:_ `str` +- _Default:_ `"{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}"` + +The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735.
+ +### sap_general_preconfigure_modify_etc_hosts +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the role to modify the `/etc/hosts` file.
+ +### sap_general_preconfigure_etc_sysctl_sap_conf +- _Type:_ `str` +- _Default:_ `'/etc/sysctl.d/sap.conf'` + +The file name of the sysctl config file to be used
+ +### sap_general_preconfigure_kernel_parameters +- _Type:_ `list` with elements of type `dict` +- _Default:_ (set by platform/environment specific variables) + +The Linux kernel parameters to use. By default, these are taken from the vars file.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +sap_general_preconfigure_kernel_parameters: +- name: vm.max_map_count + value: '2147483647' +- name: fs.aio-max-nr + value: '18446744073709551615' +``` + +### sap_general_preconfigure_max_hostname_length +- _Type:_ `str` +- _Default:_ `'13'` + +The maximum length of the hostname. See SAP note 611361.
+ +### sap_hostname +- _Type:_ `str` +- _Default:_ `"{{ ansible_hostname }}"` + +The hostname to be used for updating or checking `/etc/hosts` entries.
+ +### sap_domain +- _Type:_ `str` +- _Default:_ `"{{ ansible_domain }}"` + +The DNS domain name to be used for updating or checking `/etc/hosts` entries.
+ +### sap_ip +- _Type:_ `str` +- _Default:_ `"{{ ansible_default_ipv4.address }}"` + +The IPV4 address to be used for updating or checking `/etc/hosts` entries.
+ +### sap_general_preconfigure_db_group_name +- _Type:_ `str` + +Use this variable to specify the name of the RHEL group which is used for the database processes.
+If defined, it will be used to configure process limits as per step
+Configuring Process Resource Limits
+ +Example: + +```yaml +sap_general_preconfigure_db_group_name: dba +``` + \ No newline at end of file diff --git a/roles/sap_general_preconfigure/README.md b/roles/sap_general_preconfigure/README.md index 65875d07..d2e05c7b 100644 --- a/roles/sap_general_preconfigure/README.md +++ b/roles/sap_general_preconfigure/README.md @@ -1,341 +1,74 @@ + # sap_general_preconfigure Ansible Role + +![Ansible Lint for sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml/badge.svg) -This role installs required packages and performs configuration steps which are required for installing and running SAP NetWeaver or SAP HANA. Specific installation and configuration steps on top of these basic steps are performed with roles sap-netweaver-preconfigure and sap-hana-preconfigure. Future implementations may reduce the scope of this role, for example if certain installation or configuration steps are done in the more specific roles. +## Description + +Ansible Role `sap_general_preconfigure` is used to ensure that Managed nodes are configured to host SAP systems according to SAP Notes. -For SLES systems, this role may not be necessary. The majority of SAP preparation and tuning is covered by `saptune` which is configured in the `sap_hana_preconfigure` and `sap_netweaver_preconfigure` roles. +This role performs installation of required packages for running SAP systems and configuration of Operating system parameters. -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -To use this role, your system needs to be installed according to: -- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section "Installing Red Hat Enterprise Linux 7" -- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 8". -- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 9". - -Note ----- -Do not run this role against an SAP or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. - - -## Role Input Parameters - -#### Minimum required parameters: - -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_general_preconfigure_config_all -- _Type:_ `bool` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_general_preconfigure_installation -- _Type:_ `bool` - -If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_general_preconfigure_configuration -- _Type:_ `bool` - -If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
- -Example: - -```yaml -sap_general_preconfigure_config_all: false -sap_general_preconfigure_configuration: true -sap_general_preconfigure_2002167_02: true -sap_general_preconfigure_1391070: true -``` - -### sap_general_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_general_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_general_preconfigure_system_roles_collection -- _Type:_ `str` -- _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` - -Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
- -### sap_general_preconfigure_enable_repos -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want the role to enable the repos as configured by the following repo related parameters.
-The default is `false`, meaning that the role will not enable repos.
- -### sap_general_preconfigure_use_netweaver_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the SAP NetWeaver repo(s).
-The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_use_hana_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the SAP HANA repo(s).
-The default is `true`, meaning that the role will enable the SAP HANA repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_use_ha_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the high availability repo(s).
-The default is `true`, meaning that the role will enable the high availability repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_disable_all_other_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above.
-The default is `true`, meaning that the role will disable all repos before enabling the desired ones.
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_req_repos -- _Type:_ `list` with elements of type `str` - -If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly.
-Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically
-(e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4).
- -Example: - -```yaml -sap_general_preconfigure_req_repos: -- rhel-8-for-x86_64-baseos-eus-rpms -- rhel-8-for-x86_64-appstream-eus-rpms -- rhel-8-for-x86_64-sap-solutions-eus-rpms -- rhel-8-for-x86_64-sap-netweaver-eus-rpms -- rhel-8-for-x86_64-highavailability-eus-rpms -``` - -### sap_general_preconfigure_set_minor_release -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`.
-If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos.
- -### sap_general_preconfigure_packagegroups -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -The name of the software package group to install.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -'@minimal-environment' -``` - -### sap_general_preconfigure_envgroups -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -The name of the software environment group to check.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -'@minimal-environment' -``` - -### sap_general_preconfigure_packages -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -The list of packages to install.
-The default for this variable is set in the vars file which corresponds to the detected OS version.
- -### sap_general_preconfigure_min_package_check -- _Type:_ `bool` -- _Default:_ `true` - -The default is to install or check if the minimum package versions are installed as defined in the vars files.
-Set to `false` if you do not install or check these minimum package versions.
- -### sap_general_preconfigure_install_ibm_power_tools -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
-See also SAP note 2679703.
- -### sap_general_preconfigure_add_ibm_power_repo -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
-are already available on the local network). The IBM Power Systems service and productivity tools will only
-be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
- -### sap_general_preconfigure_ibm_power_repo_url -- _Type:_ `str` -- _Default:_ `'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm'` - -URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools
- -### sap_general_preconfigure_update -- _Type:_ `bool` -- _Default:_ `false` - -By default, the role will not update the system, for avoiding an unintentional minor OS release update.
-Set this parameter to `true` if you want to update your system to the latest package versions.
-When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of
-those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`.
- -### sap_general_preconfigure_reboot_ok -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want to perform a reboot at the end of the role, if necessary.
- -### sap_general_preconfigure_fail_if_reboot_required -- _Type:_ `bool` -- _Default:_ `true` - -If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
-remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
-Can be useful if you want to implement your own reboot handling.
- -### sap_general_preconfigure_selinux_state -- _Type:_ `str` -- _Default:_ `'permissive'` -- _Possible Values:_
- - `enforcing` - - `permissive` - - `disabled` - -One of the SELinux states to be set on the system.
- -### sap_general_preconfigure_create_directories -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the SAP directories to be created by the role.
-The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels`
-(see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set.
- -### sap_general_preconfigure_sap_directories -- _Type:_ `list` with elements of type `str` -- _Default:_ - - /usr/sap - -List of SAP directories to be created.
- -### sap_general_preconfigure_modify_selinux_labels -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want to modify the SELinux labels for the SAP directories set
-in variable `sap_general_preconfigure_sap_directories`.
- -### sap_general_preconfigure_size_of_tmpfs_gb -- _Type:_ `str` -- _Default:_ `"{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}"` - -The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735.
- -### sap_general_preconfigure_modify_etc_hosts -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the role to modify the `/etc/hosts` file.
- -### sap_general_preconfigure_etc_sysctl_sap_conf -- _Type:_ `str` -- _Default:_ `'/etc/sysctl.d/sap.conf'` - -The file name of the sysctl config file to be used
- -### sap_general_preconfigure_kernel_parameters -- _Type:_ `list` with elements of type `dict` -- _Default:_ (set by platform/environment specific variables) - -The Linux kernel parameters to use. By default, these are taken from the vars file.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -sap_general_preconfigure_kernel_parameters: -- name: vm.max_map_count - value: '2147483647' -- name: fs.aio-max-nr - value: '18446744073709551615' -``` - -### sap_general_preconfigure_max_hostname_length -- _Type:_ `str` -- _Default:_ `'13'` - -The maximum length of the hostname. See SAP note 611361.
- -### sap_hostname -- _Type:_ `str` -- _Default:_ `"{{ ansible_hostname }}"` - -The hostname to be used for updating or checking `/etc/hosts` entries.
- -### sap_domain -- _Type:_ `str` -- _Default:_ `"{{ ansible_domain }}"` - -The DNS domain name to be used for updating or checking `/etc/hosts` entries.
- -### sap_ip -- _Type:_ `str` -- _Default:_ `"{{ ansible_default_ipv4.address }}"` - -The IPV4 address to be used for updating or checking `/etc/hosts` entries.
- -### sap_general_preconfigure_db_group_name -- _Type:_ `str` - -Use this variable to specify the name of the RHEL group which is used for the database processes.
-If defined, it will be used to configure process limits as per step
-Configuring Process Resource Limits
- -Example: +This is general preconfigure role that used for both SAP Netweaver and SAP HANA, which have separate follow-up roles [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) and [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure). + + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` +- `community.sap_install` (This collection) + - Roles: + - `sap_maintain_etc_hosts` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + + +## Prerequisites + +(Red Hat specific) Ensure system is installed according to: +- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section `Installing Red Hat Enterprise Linux 7`. +- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 8`. +- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 9`. + + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages and patch system if `sap_general_preconfigure_update:true` +3. Apply configurations based on SAP Notes +4. Reboot Managed nodes if packages were installed or patched and `sap_general_preconfigure_reboot_ok: true` + + +### Example + ```yaml -sap_general_preconfigure_db_group_name: dba -``` - - - -## Tags (RHEL systems only) - +--- +- name: Ansible Play for SAP HANA HA Scale-up preconfigure + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure +``` +Further referenced as `example.yml` + + + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_general_preconfigure_installation`: Perform only the installation tasks - tag `sap_general_preconfigure_configuration`: Perform only the configuration tasks @@ -344,69 +77,64 @@ With the following tags, the role can be called to perform certain activities on - tag `sap_general_preconfigure_etc_hosts`: Perform only the tasks(s) related to this step. This step might be one of multiple configuration activities of a SAP note. Also this step might be valid for multiple RHEL major releases. -Sample call for only performing all installation and configuration tasks (sample playbook name sap.yml, see the next section for -an example). This is the default behavior. If no tag is specified, all installation and configuration tasks are enabled: -``` -# ansible-playbook sap.yml -``` - -Sample call for only performing all installation tasks: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_installation -``` +
+ How to run sap_general_preconfigure with tags -Sample call for only performing all configuration tasks: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration -``` + #### Perform only installation tasks: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_installation + ``` -Sample call for only verifying and modifying the /etc/hosts file: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_etc_hosts -``` + #### Perform only configuration tasks: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration + ``` -Sample call for performing all configuration steps except verifying and modifying the /etc/hosts file: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_etc_hosts -``` + #### Verify and modify /etc/hosts file: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_etc_hosts + ``` -Sample call for only performing the configuration activities related to SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316 -``` + #### Perform all configuration steps except verifying and modifying the /etc/hosts file + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_etc_hosts + ``` -Sample call for performing all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -Sample call for only performing the configuration activities related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316_02 -``` + #### (Red Hat) Perform configuration activities related to SAP note 3108316 (RHEL 9) + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316 + ``` -Sample call for performing all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap-general-preconfigure.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_3108316_02 -``` + #### (Red Hat) Perform configuration activities related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9) + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316_02 + ``` -## Dependencies + #### (Red Hat) Perform all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific) + ``` + ansible-playbook sap-general-preconfigure.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_3108316_02 + ``` +
+ -This role does not depend on any other role. -## Example Playbook + + -Simple playbook, named sap.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure -``` +## License + +Apache 2.0 + -## Example Usage +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -Normal run: -```yaml -ansible-playbook sap.yml -l remote_host -``` +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_general_preconfigure/INPUT_PARAMETERS.md) +### Controlling execution with input parameters Extended Check (assert) run, aborting for any error which has been found: ```yaml ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes}" @@ -414,42 +142,5 @@ ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: ye Extended Check (assert) run, not aborting even if an error has been found: ```yaml -ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: no}" -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' +ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes,sap_general_preconfigure_assert_ignore_errors: no}" ``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## License - -Apache license 2.0 - -## Author Information - -Red Hat for SAP Community of Practice, Bernd Finger, Markus Koch, Rainer Leber diff --git a/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md b/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md new file mode 100644 index 00000000..7bc555e1 --- /dev/null +++ b/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md @@ -0,0 +1,27 @@ +## Input Parameters for sap_ha_install_anydb_ibmdb2 Ansible Role + +### sap_ha_install_anydb_ibmdb2_hostname_primary + +- _Type:_ `string` + +Enter IBM Db2 Primary node hostname + + +### sap_ha_install_anydb_ibmdb2_hostname_secondary + +- _Type:_ `string` + +Enter IBM Db2 Secondary node hostname + +### sap_ha_install_anydb_ibmdb2_sid + +- _Type:_ `string` + +Enter IBM Db2 System ID + +### sap_ha_install_anydb_ibmdb2_software_directory + +- _Type:_ `string` + +Enter IBM Db2 installation media path + \ No newline at end of file diff --git a/roles/sap_ha_install_anydb_ibmdb2/README.md b/roles/sap_ha_install_anydb_ibmdb2/README.md index 808f032e..a87751e6 100644 --- a/roles/sap_ha_install_anydb_ibmdb2/README.md +++ b/roles/sap_ha_install_anydb_ibmdb2/README.md @@ -1,82 +1,86 @@ `EXPERIMENTAL` - + # sap_ha_install_anydb_ibmdb2 Ansible Role + +## Description + Ansible Role for instantiation of IBM Db2 'Integrated Linux Pacemaker' HADR cluster Note: IBM Db2 with 'Integrated Linux Pacemaker' can use two deployment models: - Mutual Failover option, **not** covered by this Ansible Role -- High Availability and Disaster Recovery (HADR) option for Idle Standby, initialised by this Ansible Role +- High Availability and Disaster Recovery (HADR) option for Idle Standby, initialized by this Ansible Role + + + + ## Prerequisites +Managed nodes: +- Directory with installation media is present and `sap_ha_install_anydb_ibmdb2_software_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. -### Software Installation files - -Download IBM Db2 installation media from SAP Download Center on host, and set Ansible Variable `sap_ha_install_anydb_ibmdb2_software_directory` to this path. - -### Variables - -- `sap_ha_install_anydb_ibmdb2_hostname_primary` with the IBM Db2 Primary node hostname -- `sap_ha_install_anydb_ibmdb2_hostname_secondary` with the IBM Db2 Secondary node hostname -- `sap_ha_install_anydb_ibmdb2_sid` with the IBM Db2 System ID -- `sap_ha_install_anydb_ibmdb2_software_directory` with the IBM Db2 installation media path - -These are listed in the default variables file, but commented-out to enforce the required variables: -- [**sap_ha_install_anydb_ibmdb2** default parameters](defaults/main.yml) - -## Requirements and Dependencies - -This Ansible Role is applicable to IBM Db2 11.5 certified for SAP. - -It is applicable to 11.5.9 and later, which provides `db2cm` binary compatibility for AWS, GCP and MS Azure. - -### Target host - Infrastructure Platforms - -This Ansible Role contains Infrastructure Platform specific alterations for: -- AWS EC2 Virtual Servers -- Microsoft Azure Virtual Machines -- Google Cloud Compute Engine Virtual Machine -- IBM Cloud Virtual Server - -### Target host - Operating System requirements - -Designed for Linux operating systems, e.g. RHEL (7.x and 8.x) and SLES (15.x). +Software compatibility: +- This Ansible Role is applicable to IBM Db2 11.5 certified for SAP. +- It is applicable to 11.5.9 and later, which provides `db2cm` binary compatibility for AWS, GCP and MS Azure. + ## Execution - -Sample Ansible Playbook Execution: - -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-ha-anydb-ibmdb2-init.yml -e "@inputs/ibmdb2_vars.yml` - -- Target Host Installation - - `ansible-playbook -i "" sap-ha-anydb-ibmdb2-init.yml -e "@inputs/ibmdb2_vars.yml"` - -## Sample Ansible Playbook - + +### Supported Platforms +| Platform | Status | Notes | +| -------- | --------- | --------- | +| AWS EC2 Virtual Servers | :heavy_check_mark: | | +| Google Cloud Compute Engine Virtual Machine | :heavy_check_mark: | | +| Microsoft Azure Virtual Machines | :heavy_check_mark: | | +| IBM Cloud Virtual Server | :heavy_check_mark: | | + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Detect target infrastructure platform. +3. Execute platform specific configuration. +4. Instantiate IBM Db2 'Integrated Linux Pacemaker' HADR cluster. + + +### Example + ```yaml --- -- hosts: all - - collections: - - community.sap_install - - vars: - sap_ha_install_anydb_ibmdb2_sid: SD1 # Sandbox Database for D01 SAP System - sap_ha_install_anydb_ibmdb2_hostname_primary: db2-p - sap_ha_install_anydb_ibmdb2_hostname_secondary: db2-s - sap_ha_install_anydb_ibmdb2_software_directory: /software/ibmdb2_extracted - +- name: Ansible Play for IBM Db2 Database installation + hosts: db2_host + become: true + tasks: - name: Execute Ansible Role sap_ha_install_anydb_ibmdb2 ansible.builtin.include_role: name: community.sap_install.sap_ha_install_anydb_ibmdb2 + vars: + sap_ha_install_anydb_ibmdb2_sid: SD1 # Sandbox Database for D01 SAP System + sap_ha_install_anydb_ibmdb2_hostname_primary: db2-p + sap_ha_install_anydb_ibmdb2_hostname_secondary: db2-s + sap_ha_install_anydb_ibmdb2_software_directory: /software/ibmdb2_extracted ``` + -## License + + -Apache license 2.0 + + + +## License + +Apache 2.0 + -## Author Information +## Maintainers + +- [Sean Freeman](https://github.com/sean-freeman) + -Sean Freeman +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md) diff --git a/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md b/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md new file mode 100644 index 00000000..a9bab4b2 --- /dev/null +++ b/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md @@ -0,0 +1,90 @@ +## Input Parameters for sap_ha_pacemaker_cluster Ansible Role + + +### sap_ha_install_hana_hsr_sid + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_sid }}` + +Enter SID of SAP HANA database. + +### sap_ha_install_hana_hsr_instance_number + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_instance_number }}` + +Enter string value of SAP HANA SID. + +### sap_ha_install_hana_hsr_cluster_nodes + +- _Type:_ `list` +- _Default:_ `{{ sap_hana_cluster_nodes }}` + +List of cluster nodes and associated attributes to describe the target SAP HA environment.
+This is required for the HANA System Replication configuration.
+ +- **hana_site**
+ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). +- **node_ip**
+ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ +- **node_name**
+ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ +- **node_role**
+ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ + +Example: + +```yaml +sap_ha_install_hana_hsr_cluster_nodes: + - node_name: node1 + node_ip: 192.168.1.11 + node_role: primary + hana_site: DC01 + + - node_name: node2 + node_ip: 192.168.1.12 + node_role: secondary + hana_site: DC02 +``` + +### sap_ha_install_hana_hsr_hdbuserstore_system_backup_user + +- _Type:_ `string` +- _Default:_ `HDB_SYSTEMDB` + +Enter name of SYSTEM user for backup execution. + +### sap_ha_install_hana_hsr_db_system_password + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_install_master_password }}` + +Enter password of SYSTEM user for backup execution. + +### sap_ha_install_hana_hsr_fqdn + +- _Type:_ `string` +- _Default:_ {{ sap_domain }} + +Enter domain of SAP system, for example `example.com`. + +### sap_ha_install_hana_hsr_rep_mode + +- _Type:_ `string` +- _Default:_ `sync` + +Enter SAP HANA System Replication mode. + +### sap_ha_install_hana_hsr_oper_mode + +- _Type:_ `string` +- _Default:_ `logreplay` + +Enter SAP HANA System Replication operation mode. + +### sap_ha_install_hana_hsr_update_etchosts +- _Type:_ `bool` +- _Default:_ `True` + +Enable to update /etc/hosts file. + \ No newline at end of file diff --git a/roles/sap_ha_install_hana_hsr/README.md b/roles/sap_ha_install_hana_hsr/README.md index f8a5730b..e16b11b8 100644 --- a/roles/sap_ha_install_hana_hsr/README.md +++ b/roles/sap_ha_install_hana_hsr/README.md @@ -1,103 +1,93 @@ + # sap_ha_install_hana_hsr Ansible Role + +![Ansible Lint for sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml/badge.svg) -Ansible role for SAP HANA System Replication Setup on 2 nodes. +## Description + +Ansible Role `sap_ha_install_hana_hsr` is used to configure and enable SAP HANA System Replication between 2 nodes. + -## Prerequisites - -- target nodes are on the same OS level -- target nodes are using the same SAP HANA release - -## Overview - -The **sap_ha_install_hana_hsr** role is part of this system role sequence: - -| Sequence | System Role | Description | -| :------: | :----------------------- | :----------------------------------------------------------- | -| 1. | sap_general_preconfigure | System Preparation for SAP | -| 2. | sap_hana_preconfigure | System Preparation for SAP HANA | -| 3. | sap_hana_install | Installation of SAP HANA Database | -| _4._ | _sap_ha_install_hana_hsr_ | _Configuration of SAP HANA System Replication_ | -| 5. | sap_ha_pacemaker_cluster | Linux Pacemaker cluster setup and SAP resources configuration | - -The **sap_ha_install_hana_hsr** roles configures a HANA system replication relationship which is used by the pacemaker cluster to automate SAP HANA System Replication (HSR). Prerequisite is the SAP HANA installation on the nodes. - -## Tasks included - -| Task | Description | -| ---------------------- | ----------------------------------------------------------------------------------- | -| update_etchosts.yml | ensures that all nodes of the cluster are configured in all nodes' /etc/hosts | -| configure_firewall.yml | this will configure the firewall für HANA system replication (disabled) | -| hdbuserstore.yml | create a user in the hdbuserstore | -| log_mode.yml | check/set database logmode | -| pki_files.yml | copy pki file from primary to secondary database | -| run_backup.yml | perform backup on the primary note as pre required step for HANA system replication | -| configure_hsr.yml | enable HANA system replication on primary node and register secondary database node | - -## Common Variables/Parameters Used - -| Name | Description | Value | -| -------------------------------- | ------------------------------- | ---------------------- | -| sap_domain | Domain Name | example: `example.com` | -| sap_hana_sid | SAP ID | example: `RH1` | -| sap_hana_instance_number | Instance Number | example: `"00"` | -| sap_hana_install_master_password | DB System Password | -| sap_hana_cluster_nodes | Parameter list of cluster nodes | -| sap_hana_hacluster_password | Pacemaker hacluster Password | - -## Role specific Variables - -| Name | Description | Value | -| --------------------------------- | ---------------- | -------------------- | -| sap_ha_install_hana_hsr_rep_mode | replication mode | default is sync | -| sap_ha_install_hana_hsr_oper_mode | operation mode | default is logreplay | - -## Example Parameter File + + + +## Prerequisites +Managed nodes: +- Same Operating system version +- SAP HANA is installed with same version on both nodes. + + +## Execution + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order: +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. *`sap_ha_install_hana_hsr`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Verify connection between nodes. +3. Update /etc/hosts, hdbuserstore, Log mode, PKI +4. Execute database backup +5. Configure SAP HANA System Replication + + +### Example + ```yaml -sap_hana_sid: "DB1" -sap_hana_instance_number: "00" -sap_hana_install_master_password: "my_hana-password" - -### Cluster Definition -sap_ha_install_pacemaker_cluster_name: cluster1 -sap_hana_hacluster_password: "my_hacluster-password" - -sap_domain: example.com - -sap_hana_cluster_nodes: - - node_name: node1 - node_ip: 192.168.1.11 - node_role: primary - hana_site: DC01 - - - node_name: node2 - node_ip: 192.168.1.12 - node_role: secondary - hana_site: DC02 -``` - -### Execution Design - -Having the parameters specified as above, it can be executed with one command: - -```text -ansible-playbook example_playbook_with_parameters.ymnl -``` - -If you need to execute the role using an external handled, you can also limit the playbook for specific a **host** adding parameter defined in e **parameter_file**. - -```text -ansible-playbook -l node1 example_playbook.yml -e @parameter_file.yml +--- +- name: Ansible Play for SAP HANA System Replication setup + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_ha_install_hana_hsr + ansible.builtin.include_role: + name: community.sap_install.sap_ha_install_hana_hsr + vars: + sap_ha_install_hana_hsr_cluster_nodes: + - node_name: h01hana0 + node_ip: "10.10.10.10" + node_role: primary + hana_site: DC01 + + - node_name: h01hana1 + node_ip: "10.10.10.11" + node_role: secondary + hana_site: DC02 + + sap_ha_install_hana_hsr_sid: H01 + sap_ha_install_hana_hsr_instance_number: "01" + sap_ha_install_hana_hsr_hdbuserstore_system_backup_user: "HDB_SYSTEMDB" + sap_ha_install_hana_hsr_db_system_password: "Password" + sap_ha_install_hana_hsr_fqdn: example.com ``` + -A good way to start is executing the playbook with the option _--list_tasks_. You can than start a playbook with the option _--start-at-task_ at a specific point. _--list_task_ will not start any task. + + -For more information please check - -```text -ansible-playbook --help -``` + + ## License + +Apache 2.0 + + +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) + -Apache license 2.0 +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md) diff --git a/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md b/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md index 49582b6b..564cb3cf 100644 --- a/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md +++ b/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md @@ -6,6 +6,15 @@ Minimum required parameters for all clusters: Additional minimum requirements depend on the type of cluster setup and on the target platform. +### sap_ha_pacemaker_cluster_hacluster_user_password + +- _Type:_ `string` + +**Mandatory Input Parameter.**
+The password of the `hacluster` user which is created during pacemaker installation.
+Inherits the value of `ha_cluster_hacluster_password`, when defined.
+ + ### sap_ha_pacemaker_cluster_aws_access_key_id - _Type:_ `string` @@ -180,13 +189,6 @@ sap_ha_pacemaker_cluster_ha_cluster: node_name: nodeA ``` -### sap_ha_pacemaker_cluster_hacluster_user_password required - -- _Type:_ `string` - -The password of the `hacluster` user which is created during pacemaker installation.
-Inherits the value of `ha_cluster_hacluster_password`, when defined.
- ### sap_ha_pacemaker_cluster_hana_automated_register - _Type:_ `bool` @@ -1015,6 +1017,4 @@ Name of the SAPInstance resource for NetWeaver PAS.
- _Default:_ `rsc_vip__HDB_readonly` Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
- - \ No newline at end of file diff --git a/roles/sap_ha_pacemaker_cluster/README.md b/roles/sap_ha_pacemaker_cluster/README.md index 55e19ad2..2f0d9f3b 100644 --- a/roles/sap_ha_pacemaker_cluster/README.md +++ b/roles/sap_ha_pacemaker_cluster/README.md @@ -8,19 +8,25 @@ Ansible Role `sap_ha_pacemaker_cluster` is used to install and configure Linux Pacemaker High Availability clusters for SAP HANA and SAP Netweaver systems on various infrastructure platforms. -## Prerequisites + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `ha_cluster` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + +## Prerequisites Infrastructure: - It is required to create them manually or using [sap_vm_provision](https://github.com/sap-linuxlab/community.sap_infrastructure/tree/main/roles/sap_vm_provision) role, because this role does not create any Cloud platform resources that are required by Resource Agents. -Collection dependency: -1. `fedora.linux_system_roles` - Managed nodes: -1. Supported SAP system is installed -2. SAP HANA System Replication is configured for SAP HANA HA cluster -3. Operating system has access to all required packages -4. All required ports are open (details below) +- Supported SAP system is installed. See [Recommended](#recommended) section. +- SAP HANA System Replication is configured for SAP HANA HA cluster. See [Recommended](#recommended) section. +- Operating system has access to all required packages +- All required ports are open (details below) | SAP HANA System Replication process | Port | | --- | --- | @@ -41,10 +47,10 @@ Managed nodes: ## Execution -**:warning: This ansible role will destroy and then recreate Linux Pacemaker cluster in process.** +**:warning: This ansible role will destroy and then recreate Linux Pacemaker cluster in process.**
:warning: Do not execute this Ansible Role against existing Linux Pacemaker clusters unless you know what you are doing and you prepare inputs according to existing cluster. -Role can be execute separately or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ### Supported Platforms | Platform | Status | Notes | @@ -68,13 +74,32 @@ Role can be execute separately or as part of [ansible.playbooks_for_sap](https:/ | SAP NetWeaver (ABAP) ASCS and ERS 2 nodes | Simple Mount | :heavy_check_mark: | + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+#### SAP HANA cluster +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) +6. *`sap_ha_pacemaker_cluster`* + +#### SAP Netweaver cluster +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) +5. *`sap_ha_pacemaker_cluster`* + + ### Execution Flow 1. Assert that required inputs were provided. 2. Detect target infrastructure platform and prepare recommended inputs unless they were provided. -3. Prepare variables with all cluster parameters and resources +3. Prepare variables with all cluster parameters and resources. 4. Execute role `ha_cluster` from Ansible Collection `fedora.linux_system_roles` with prepared inputs. -5. Execute SAP product specific post tasks and verify cluster is running +5. Execute SAP product specific post tasks and verify cluster is running. ### Example @@ -104,14 +129,13 @@ Role can be execute separately or as part of [ansible.playbooks_for_sap](https:/ node_ip: "10.10.10.10" node_role: primary hana_site: DC01 + - node_name: h01hana1 node_ip: "10.10.10.11" node_role: secondary hana_site: DC02 sap_ha_pacemaker_cluster_replication_type: none sap_ha_pacemaker_cluster_vip_resource_group_name: viphdb - - sap_hana_cluster_nodes: ``` diff --git a/roles/sap_hana_install/INPUT_PARAMETERS.md b/roles/sap_hana_install/INPUT_PARAMETERS.md new file mode 100644 index 00000000..93f909fb --- /dev/null +++ b/roles/sap_hana_install/INPUT_PARAMETERS.md @@ -0,0 +1,59 @@ +## Input Parameters for sap_ha_pacemaker_cluster Ansible Role + +### sap_hana_install_sid + +- _Type:_ `string` + +Enter SAP HANA System ID (SID). + +### sap_hana_install_number + +- _Type:_ `string` + +Enter SAP HANA Instance number. + +### sap_hana_install_fapolicyd_integrity + +- _Type:_ `string` +- _Default:_ `sha256` + +Select fapolicyd integrity check option out of: `none`, `size`, `sha256`, `ima`. + +### sap_hana_install_check_sidadm_user + +- _Type:_ `bool` +- _Default:_ `True` + +If the variable `sap_hana_install_check_sidadm_user` is set to `False`, the role will install SAP HANA even +if the sidadm user exists. Default is `True`, in which case the installation will not be performed if the +sidadm user exists. + +### sap_hana_install_new_system + +- _Type:_ `bool` +- _Default:_ `True` + +The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation +or if it will add further hosts to an existing SAP HANA system as specified by variable +`sap_hana_install_addhosts`. Default is `True` for a fresh SAP HANA installation. + +### sap_hana_install_update_firewall + +- _Type:_ `bool` +- _Default:_ `False` + +The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set +the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined +in a variable which is compatible with the variable structure used by Linux System Role `firewall`. +The firewall ports for SAP HANA are defined in member `port` of the first field of variable +`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the +member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, +the ports will be disabled, which might be useful for testing. + +Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. +You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. +Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` +(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, +`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. + + \ No newline at end of file diff --git a/roles/sap_hana_install/README.md b/roles/sap_hana_install/README.md index 35d439c2..efd9bc84 100644 --- a/roles/sap_hana_install/README.md +++ b/roles/sap_hana_install/README.md @@ -1,80 +1,79 @@ + # sap_hana_install Ansible Role + +![Ansible Lint for sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml/badge.svg) -Ansible role for SAP HANA Installation +## Description + +Ansible Role `sap_hana_install` is used to install SAP HANA database using HDBLCM. + -## Requirements + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + -`ansible-galaxy install -vv -r meta/collection-requirements.yml` +## Prerequisites + +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community). +- Ensure that servers are configured for SAP HANA. See [Recommended](#recommended) section. +- Ensure that volumes and filesystems are configured correctly. See [Recommended](#recommended) section. -### Configure your system for the installation of SAP HANA - -- Make sure required volumes and filesystems are configured in the host. -You can use the role `sap_storage_setup` to configure this. More info [here](/roles/sap_storage_setup) - -- Run the roles `sap_general_preconfigure` and `sap_hana_preconfigure` for installing required packages and -for configuring system settings. - -### SAP HANA Software Installation .SAR Files +### Prepare SAP HANA installation media Place the following files in directory /software/hana or in any other directory specified by variable `sap_hana_install_software_directory`: - 1. The SAPCAR executable for the correct hardware architecture - 2. The SAP HANA Installation .SAR file - SAP HANA 2.0 Server - `IMDB_SERVER*.SAR` file - 3. Optional - SAP HANA Components .SAR files - Include other optional components such as `IMDB_AFL*.SAR` or `IMDB_LCAPPS*.SAR` - 4. Optional - SAP Host Agent .SAR file - Include other optional components such as `SAPHOSTAGENT*SAR` -#### Sample Directory Contents - with .SAR files - -- Sample directory `sap_hana_install_software_directory` containing SAP HANA software installation files - ```console - [root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR - -rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR - -rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR - -rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE - -rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR - -rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR - -rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR - -rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR - ``` - -If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version -for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with -variable `sap_hana_install_sapcar_filename`. Example: -``` -sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE -``` - -If more than one SAR file for a certain software product is present in the software directory, the automatic -handling of such SAR files will fail after extraction, when moving the newly created product directories -(like `SAP_HOST_AGENT`) to already existing destinations. -For avoiding such situations, use following variable to provide a list of SAR files to extract: - -`sap_hana_install_sarfiles`. - -Example: -``` -sap_hana_install_sarfiles: - - SAPHOSTAGENT54_54-80004822.SAR - - IMDB_SERVER20_060_0-80002031.SAR +Example of `sap_hana_install_software_directory` content for SAP HANA installation: +```console +[root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR +-rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR +-rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR +-rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE +-rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR +-rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR +-rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR +-rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR ``` -If there is a file named `.sha256` in the software download directory -`sap_hana_install_software_directory` which contains the checksum and the file name similar to the output -of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the -processing will continue only if the checksum matches. - -#### Extracted SAP HANA Software Installation Files - +**Considerations:** +- If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version + for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with + variable `sap_hana_install_sapcar_filename`. Example: + ``` + sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE + ``` +- If more than one SAR file for a certain software product is present in the software directory, the automatic + handling of such SAR files will fail after extraction, when moving the newly created product directories + (like `SAP_HOST_AGENT`) to already existing destinations. + For avoiding such situations, use following variable to provide a list of SAR files to extract: `sap_hana_install_sarfiles`. + + Example: + ``` + sap_hana_install_sarfiles: + - SAPHOSTAGENT54_54-80004822.SAR + - IMDB_SERVER20_060_0-80002031.SAR + ``` + +- If there is a file named `.sha256` in the software download directory + `sap_hana_install_software_directory` which contains the checksum and the file name similar to the output + of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the + processing will continue only if the checksum matches. + + +### Extracted SAP HANA Software Installation Files This role will detect if there is a file `hdblcm` already present in the directory specified by variable `sap_hana_install_software_extract_directory` or in any directory below. If If found, it will skip the .SAR extraction phase and proceed with the installation. @@ -94,16 +93,16 @@ software extract directory is required then set `sap_hana_install_cleanup_extrac these cleanup actions are false. -- Sample directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files - ```console - [root@hanahost extracted]# ll -lrt - drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL - drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT - drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS - drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE - drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT - drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 - ``` +- Example of directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files +```console +[root@hanahost extracted]# ll -lrt +drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL +drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT +drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS +drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE +drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT +drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 +``` #### SAP HANA hdblcm Configfile Processing @@ -140,111 +139,24 @@ Note: If there is a file named `configfile.cfg` in the directory specified by ro will be performed. Be aware that when using this file, any modifications to role variables after creation of this file will not be reflected. -## Further Variables and Parameters - -### Input Parameters - -If the variable `sap_hana_install_check_sidadm_user` is set to `no`, the role will install SAP HANA even -if the sidadm user exists. Default is `yes`, in which case the installation will not be performed if the -sidadm user exists. - -The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation -or if it will add further hosts to an existing SAP HANA system as specified by variable -`sap_hana_install_addhosts`. Default is `yes` for a fresh SAP HANA installation. - -The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set -the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined -in a variable which is compatible with the variable structure used by Linux System Role `firewall`. -The firewall ports for SAP HANA are defined in member `port` of the first field of variable -`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the -member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, -the ports will be disabled, which might be useful for testing. - -Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. -You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. -Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` -(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, -`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. - -### Default Parameters - -Please check the default parameters file for more information on other parameters that can be used as an input -- [**sap_hana_install** default parameters](defaults/main.yml) + ## Execution - -Sample Ansible Playbook Execution - -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-hana-install.yml -e "@inputs/HDB.install"` - -- Target Host Installation - - `ansible-playbook -i "" sap-hana-install.yml -e "@inputs/HDB.install"` - -## Sample playbooks - -### Sample playbook for installing a new scale-up (=single node) SAP HANA system - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -### Sample playbook for installing a new scale-out SAP HANA system - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_root_password: 'NewPass$321' - sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -### Sample playbook for adding additional nodes to an existing SAP HANA installation - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_new_system: no - sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_root_password: 'NewPass$321' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -You can find more complex playbooks in directory `playbooks` of the collection `community.sap_install`. - -## Flow - -### New SAP HANA Installation - + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. *`sap_hana_install`* + + +### Execution Flow + #### Perform Initial Checks These checks will be performed by default but can be skipped by setting `sap_hana_install_force` to `true`. @@ -338,9 +250,70 @@ in a temporary directory for use by the hdblcm command in the next step. #### Post-Install - Print a short summary of the result of the installation. + + +### Example + +#### Example playbook for installing a new scale-up (=single node) SAP HANA system +```yaml +--- +- name: Ansible Play for SAP HANA installation - One host + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + +#### Example playbook for installing a new scale-out SAP HANA system +```yaml +--- +- name: Ansible Play for SAP HANA installation - Scale-out + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_root_password: 'NewPass$321' + sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + +#### Example playbook for adding additional nodes to an existing SAP HANA installation +```yaml +--- +- name: Ansible Play for SAP HANA installation - Add host + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_new_system: no + sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_root_password: 'NewPass$321' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + -## Tags + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_hana_install_check_installation`: Perform an installation check, using `hdbcheck` or `hdblcm --action=check_installation`. @@ -373,30 +346,45 @@ With the following tags, the role can be called to perform certain activities on `overwrite`. - tag `sap_hana_install_store_connection_information`: Only run the `hdbuserstore` command -Sample call for only processing the SAPCAR and SAR files and creating the hdblcm configfile: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories -``` +
+ How to run sap_hana_install with tags -Sample call for only processing the SAPCAR files: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar -``` + #### Process SAPCAR and SAR files and create the hdblcm configfile: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories + ``` -Sample call for only processing the SAPCAR and SAR files, without extracting the SAR files: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles -``` + #### Process only SAPCAR files: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar + ``` -Sample call for only displaying the SAP HANA hdblcm command line: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline -``` + #### Process SAPCAR and SAR files without extracting SAR files: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles + ``` -## License + #### Display SAP HANA hdblcm command without using it + ``` + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline + ``` +
-Apache license 2.0 -## Author Information + + + + + +## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -Red Hat for SAP Community of Practice, IBM Lab for SAP Solutions, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hana_install/INPUT_PARAMETERS.md) diff --git a/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md b/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md new file mode 100644 index 00000000..5cd5c87e --- /dev/null +++ b/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md @@ -0,0 +1,324 @@ +## Input Parameters for sap_hana_preconfigure Ansible Role + +## Role Input Parameters + +#### Minimum required parameters: + +This role does not require any parameter to be set in the playbook or inventory. + + +### sap_hana_preconfigure_config_all +- _Type:_ `bool` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_hana_preconfigure_installation +- _Type:_ `bool` + +If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_hana_preconfigure_configuration +- _Type:_ `bool` + +If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
+ +Example: + +```yaml +sap_hana_preconfigure_config_all: false +sap_hana_preconfigure_configuration: true +sap_hana_preconfigure_2772999_04: true +sap_hana_preconfigure_2382421: true +``` + +### sap_hana_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_hana_preconfigure_assert_all_config +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will check either tuned or static settings.
+If this parameter is set to to `true`, the role will check both tuned and static settings.
+ +### sap_hana_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_hana_preconfigure_system_roles_collection +- _Type:_ `str` +- _Default:_ `'fedora.linux_system_roles'` +- _Possible Values:_
+ - `fedora.linux_system_roles` + - `redhat.rhel_system_roles` + +Set which Ansible Collection to use for the Linux System Roles.
+For community/upstream, use 'fedora.linux_system_roles'
+For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
+ +### sap_hana_preconfigure_min_rhel_release_check +- _Type:_ `bool` +- _Default:_ `false` + +Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of
+known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if
+the RHEL release is not part of that list. If set to `true`, the role will fail in such a case.
+ +### sap_hana_preconfigure_supported_rhel_minor_releases +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA supported RHEL minor releases.
+ +### sap_hana_preconfigure_enable_sap_hana_repos +- _Type:_ `bool` +- _Default:_ `false` + +Set to 'true' to enable the SAP HANA required RHEL repos.
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_7_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_7_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_8_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_8_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_9_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_9_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_set_minor_release +- _Type:_ `bool` +- _Default:_ `false` + +Use this parameter to set the RHEL minor release, which is required for SAP HANA.
+The related parameter is `sap_general_preconfigure_set_minor_release`.
+ +### sap_hana_preconfigure_create_directories +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the SAP HANA directories to be created by the role.
+The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels`
+(see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set.
+ +### sap_hana_preconfigure_hana_directories +- _Type:_ `list` with elements of type `str` +- _Default:_ + - /hana + - /lss/shared + +List of SAP HANA directories to be created.
+ +### sap_hana_preconfigure_modify_selinux_labels +- _Type:_ `bool` +- _Default:_ `true` + +For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add
+the `usr_t` label to directories and files in the directories where HANA is installed.
+If relabeling not desired, set this parameter `false`.
+If the variable is set to `true`, the SAP HANA directories will be created no matter
+how the variable `sap_hana_preconfigure_create_directories` (see above) is set.
+ +### sap_hana_preconfigure_packages +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list
+or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`).
+ +### sap_hana_preconfigure_min_package_check +- _Type:_ `bool` +- _Default:_ `true` + +SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
+Set this parameter to `false` if you want to ignore these requirements.
+ +### sap_hana_preconfigure_update +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` to update the system to the latest package levels.
+By setting the parameter `sap_general_preconfigure_set_minor_release` of the
+role `sap_general_preconfigure` to `true`, you can install the most recent package updates
+without updating to a more recent RHEL minor release.
+ +### sap_hana_preconfigure_reboot_ok +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want to perform a reboot at the end of the role, if necessary.
+ +### sap_hana_preconfigure_fail_if_reboot_required +- _Type:_ `bool` +- _Default:_ `true` + +If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
+remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
+Can be useful if you want to implement your own reboot handling.
+ +### sap_hana_preconfigure_kernel_parameters +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Network related linux kernel parameter settings for SAP HANA on all hardware platforms.
+ +### sap_hana_preconfigure_kernel_parameters_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Network related linux kernel parameter settings for platform ppc64le.
+ +### sap_hana_preconfigure_use_netapp_settings_nfs +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to also set NetApp NFS required kernel parameters.
+ +### sap_hana_preconfigure_install_ibm_power_tools +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
+ +### sap_hana_preconfigure_add_ibm_power_repo +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
+are already available on the local network). The IBM Power Systems service and productivity tools will only
+be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
+ +### sap_hana_preconfigure_ibm_power_repo_url +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +URL of the IBM Power tools repository.
+ +### sap_hana_preconfigure_ppcle_mtu9000_if +- _Type:_ `str` +- _Default:_ `''` + +List of interfaces for which the MTU size will be set to `9000`.
+ +### sap_hana_preconfigure_ppcle_tso_if +- _Type:_ `list` with elements of type `str` +- _Default:_ + '{{ ansible_interfaces | difference([''lo'']) }}' + +List of interfaces for which the tso flag will be set.
+ +### sap_hana_preconfigure_use_tuned +- _Type:_ `bool` +- _Default:_ `true` + +Use tuned for configuring most of the kernel settings for SAP HANA
+Set this parameter to `false` to use static kernel settings
+ +### sap_hana_preconfigure_tuned_profile +- _Type:_ `str` +- _Default:_ `'sap-hana'` + +Name of the SAP HANA tuned tuned profile to enable (RHEL).
+ +### sap_hana_preconfigure_modify_grub_cmdline_linux +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` to modify the Grub boot command line.
+ +### sap_hana_preconfigure_run_grub2_mkconfig +- _Type:_ `bool` +- _Default:_ `true` + +By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
+Set this parameter to `false` if this is not desired.
+ +### sap_hana_preconfigure_db_group_name +- _Type:_ `str` + +Use this parameter to specify the name of the RHEL group which is used for the database processes.
+It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999.
+ +Example: + +```yaml +sap_hana_preconfigure_db_group_name: dba +``` + +### sap_hana_preconfigure_saptune_version +- _Type:_ `str` +- _Default:_ `''` + +Version of saptune to install (SLES for SAP Applications).
+This will replace the current installed version if present, even downgrade if necessary.
+ +### sap_hana_preconfigure_saptune_solution +- _Type:_ `str` +- _Default:_ `'HANA'` +- _Possible Values:_
+ - `HANA` + - `NETWEAVER+HANA` + - `S4HANA-APP+DB` + - `S4HANA-DBSERVER` + +The saptune solution to apply (SLES for SAP Applications).
+ +### sap_hana_preconfigure_saptune_azure +- _Type:_ `bool` +- _Default:_ `false` + +On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
+If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
+Set this parameter to `true` on Azure.
+ + \ No newline at end of file diff --git a/roles/sap_hana_preconfigure/README.md b/roles/sap_hana_preconfigure/README.md index bb581b58..f141faac 100644 --- a/roles/sap_hana_preconfigure/README.md +++ b/roles/sap_hana_preconfigure/README.md @@ -1,504 +1,146 @@ + # sap_hana_preconfigure Ansible Role + +![Ansible Lint for sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml/badge.svg) -This role installs additional required packages and performs additional configuration steps for installing and running SAP HANA. -If you want to configure a RHEL system for the installation and later usage of SAP HANA, you have to first run role sap_general_preconfigure -and then role sap_hana_preconfigure. However, if we wish to run SLES for HANA, you may run only this role. +## Description + +Ansible Role `sap_hana_preconfigure` is used to ensure that Managed nodes are configured to host SAP HANA systems according to SAP Notes after [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) role was executed. -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). - -It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP HANA, to maintain an identical system time, before or after running role sap_hana_preconfigure. - -Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible (see also example playbook): - -for RHEL 7.x: -- rhel-7-[server|for-power-le]-e4s-rpms -- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms - -for RHEL 8.x: -- rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms -- rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms -- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -for RHEL 9.x: -- rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms -- rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms -- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -for SLES 15.x: -- SLE-Module-SAP-Applications15-[SP number]-Pool -- SLE-Module-SAP-Applications15-[SP number]-Updates -- SLE-Product-SLES_SAP15-[SP number]-Pool -- SLE-Product-SLES_SAP15-[SP number]-Updates - -For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. - -To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in the -- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms, -- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms, or -- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -repository. - -To get this repository you need to have one of the following products: - -- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) -- RHEL for Business Partner NFRs -- [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) - -To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. - -- [Registration Link](http://developers.redhat.com/register) : - Here you can either register a new personal account or link it to an already existing - **personal** Red Hat Network account. -- [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): - Here you can download the Installation DVD for RHEL with your previously registered - account - -*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional - product but only a special bundling. The subscription grants you access to the additional - packages through our content delivery network (CDN) after installation. - -For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). - -Details on configuring SLES repositories can be found on the following articles for [on-premise systems](https://www.suse.com/support/kb/doc/?id=000018564) or [BYOS cloud images](https://www.suse.com/c/byos-instances-and-the-suse-public-cloud-update-infrastructure/) - - -It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. -You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process - -If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. - -Note ----- -For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). - -For SLES, notes are applied using the saptune service. Saptune supports a number of solutions. A solution implements several SAP notes. The default solution for this role is 'HANA'. To see a list of supported solutions and the notes that they implement, you can run `saptune solution list` on the command line. - -Do not run this role against an SAP HANA or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. - -Changes -------- -1) Previous versions of this role used the variable sap_hana_preconfigure_use_tuned_where_possible to switch between either tuned settings -or kernel command line settings (where applicable). -The current version modifies this behavior: -- The variable sap_hana_preconfigure_use_tuned_where_possible has been renamed to sap_hana_preconfigure_use_tuned -- The variable sap_hana_preconfigure_switch_to_tuned_profile_sap_hana has been removed. -- If sap_hana_preconfigure_use_tuned is set to `yes`, which is also the default, the role will configure the system for using tuned and also switch to tuned profile sap-hana. - If sap_hana_preconfigure_use_tuned is set to `no`, the role will perform a static configuration, including the modification of the linux command line in grub. -- The role can use tuned, or configure the kernel command line, or both. - -2) Previous versions of this role used variable sap_hana_preconfigure_selinux_state to set the SELinux state to disabled. -As the role sap_general_preconfigure already allows to specify the desired SELinux state, and as sap_general_preconfigure -is always run before sap_hana_preconfigure, there is no need any more to let sap_hana_preconfigure configure the SELinux state. -The same applies to the assertion of the SELinux state. - -3) SLES systems are now configured using saptune rather than the ansible implementation of the notes. - - -## Role Input Parameters - -#### Minimum required parameters: - -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_hana_preconfigure_config_all -- _Type:_ `bool` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_hana_preconfigure_installation -- _Type:_ `bool` - -If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_hana_preconfigure_configuration -- _Type:_ `bool` - -If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
- -Example: - -```yaml -sap_hana_preconfigure_config_all: false -sap_hana_preconfigure_configuration: true -sap_hana_preconfigure_2772999_04: true -sap_hana_preconfigure_2382421: true -``` - -### sap_hana_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_hana_preconfigure_assert_all_config -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will check either tuned or static settings.
-If this parameter is set to to `true`, the role will check both tuned and static settings.
- -### sap_hana_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_hana_preconfigure_system_roles_collection -- _Type:_ `str` -- _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` - -Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
- -### sap_hana_preconfigure_min_rhel_release_check -- _Type:_ `bool` -- _Default:_ `false` - -Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of
-known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if
-the RHEL release is not part of that list. If set to `true`, the role will fail in such a case.
- -### sap_hana_preconfigure_supported_rhel_minor_releases -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA supported RHEL minor releases.
- -### sap_hana_preconfigure_enable_sap_hana_repos -- _Type:_ `bool` -- _Default:_ `false` - -Set to 'true' to enable the SAP HANA required RHEL repos.
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_7_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_7_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_8_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_8_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_9_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_9_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_set_minor_release -- _Type:_ `bool` -- _Default:_ `false` - -Use this parameter to set the RHEL minor release, which is required for SAP HANA.
-The related parameter is `sap_general_preconfigure_set_minor_release`.
- -### sap_hana_preconfigure_create_directories -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the SAP HANA directories to be created by the role.
-The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels`
-(see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set.
- -### sap_hana_preconfigure_hana_directories -- _Type:_ `list` with elements of type `str` -- _Default:_ - - /hana - - /lss/shared - -List of SAP HANA directories to be created.
- -### sap_hana_preconfigure_modify_selinux_labels -- _Type:_ `bool` -- _Default:_ `true` - -For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add
-the `usr_t` label to directories and files in the directories where HANA is installed.
-If relabeling not desired, set this parameter `false`.
-If the variable is set to `true`, the SAP HANA directories will be created no matter
-how the variable `sap_hana_preconfigure_create_directories` (see above) is set.
- -### sap_hana_preconfigure_packages -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list
-or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`).
- -### sap_hana_preconfigure_min_package_check -- _Type:_ `bool` -- _Default:_ `true` - -SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
-Set this parameter to `false` if you want to ignore these requirements.
- -### sap_hana_preconfigure_update -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` to update the system to the latest package levels.
-By setting the parameter `sap_general_preconfigure_set_minor_release` of the
-role `sap_general_preconfigure` to `true`, you can install the most recent package updates
-without updating to a more recent RHEL minor release.
- -### sap_hana_preconfigure_reboot_ok -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want to perform a reboot at the end of the role, if necessary.
- -### sap_hana_preconfigure_fail_if_reboot_required -- _Type:_ `bool` -- _Default:_ `true` - -If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
-remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
-Can be useful if you want to implement your own reboot handling.
- -### sap_hana_preconfigure_kernel_parameters -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Network related linux kernel parameter settings for SAP HANA on all hardware platforms.
- -### sap_hana_preconfigure_kernel_parameters_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Network related linux kernel parameter settings for platform ppc64le.
- -### sap_hana_preconfigure_use_netapp_settings_nfs -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` to also set NetApp NFS required kernel parameters.
- -### sap_hana_preconfigure_install_ibm_power_tools -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
- -### sap_hana_preconfigure_add_ibm_power_repo -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
-are already available on the local network). The IBM Power Systems service and productivity tools will only
-be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
- -### sap_hana_preconfigure_ibm_power_repo_url -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -URL of the IBM Power tools repository.
- -### sap_hana_preconfigure_ppcle_mtu9000_if -- _Type:_ `str` -- _Default:_ `''` - -List of interfaces for which the MTU size will be set to `9000`.
- -### sap_hana_preconfigure_ppcle_tso_if -- _Type:_ `list` with elements of type `str` -- _Default:_ - '{{ ansible_interfaces | difference([''lo'']) }}' - -List of interfaces for which the tso flag will be set.
- -### sap_hana_preconfigure_use_tuned -- _Type:_ `bool` -- _Default:_ `true` - -Use tuned for configuring most of the kernel settings for SAP HANA
-Set this parameter to `false` to use static kernel settings
- -### sap_hana_preconfigure_tuned_profile -- _Type:_ `str` -- _Default:_ `'sap-hana'` - -Name of the SAP HANA tuned tuned profile to enable (RHEL).
- -### sap_hana_preconfigure_modify_grub_cmdline_linux -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` to modify the Grub boot command line.
- -### sap_hana_preconfigure_run_grub2_mkconfig -- _Type:_ `bool` -- _Default:_ `true` - -By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
-Set this parameter to `false` if this is not desired.
- -### sap_hana_preconfigure_db_group_name -- _Type:_ `str` - -Use this parameter to specify the name of the RHEL group which is used for the database processes.
-It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999.
- -Example: - -```yaml -sap_hana_preconfigure_db_group_name: dba -``` - -### sap_hana_preconfigure_saptune_version -- _Type:_ `str` -- _Default:_ `''` - -Version of saptune to install (SLES for SAP Applications).
-This will replace the current installed version if present, even downgrade if necessary.
- -### sap_hana_preconfigure_saptune_solution -- _Type:_ `str` -- _Default:_ `'HANA'` -- _Possible Values:_
- - `HANA` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-DBSERVER` - -The saptune solution to apply (SLES for SAP Applications).
- -### sap_hana_preconfigure_saptune_azure -- _Type:_ `bool` -- _Default:_ `false` - -On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
-If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
-Set this parameter to `true` on Azure.
- - - -## Example Playbook - -Simple playbook, named sap+hana.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure - - role: sap_hana_preconfigure -``` - -Simple playbook for an extended check (assert) run, named sap+hana-assert.yml: +This role performs installation of required packages for running SAP HANA systems and configuration of Operating system parameters. + + + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + + +## Prerequisites +Managed nodes: +- Ensure that general operating system configuration for SAP is performed by [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure). See [Recommended](#recommended) section. + +
+ (Red Hat) Ensure required repositories are available + + Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible: + + for RHEL 7.x: + - rhel-7-[server|for-power-le]-e4s-rpms + - rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms + + for RHEL 8.x: + - rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + for RHEL 9.x: + - rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. + + To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in one of following repositories + - rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + To get this repository you need to have one of the following products: + - [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) + - RHEL for Business Partner NFRs + - [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) + + To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. + + - [Registration Link](http://developers.redhat.com/register) : + Here you can either register a new personal account or link it to an already existing + **personal** Red Hat Network account. + - [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): + Here you can download the Installation DVD for RHEL with your previously registered + account + + *NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional + product but only a special bundling. The subscription grants you access to the additional + packages through our content delivery network (CDN) after installation. + + For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). + + It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. + You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process + + If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. + + Note + ---- + For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). +
+ + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +**NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_hana_preconfigure`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages and patch system if `sap_hana_preconfigure_update:true` +3. Apply configurations + - Execute configuration tasks based on SAP Notes + - (SUSE) Execute saptune with solution `sap_hana_preconfigure_saptune_solution` (Default: `HANA`) +4. Reboot Managed nodes if packages were installed or patched and `sap_hana_preconfigure_reboot_ok: true` + + +### Example + +Example of execution together with prerequisite role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) ```yaml --- -- hosts: all - vars: - sap_general_preconfigure_assert: yes - sap_general_preconfigure_assert_ignore_errors: yes - sap_hana_preconfigure_assert: yes - sap_hana_preconfigure_assert_ignore_errors: yes - roles: - - role: sap_general_preconfigure - - role: sap_hana_preconfigure -``` - -## Example Usage - -Normal run, for configuring server host_1 for SAP HANA: -```yaml -ansible-playbook sap+hana.yml -l host_1 -``` - -Extended Check (assert) run, not aborting if an error has been found: -```yaml -ansible-playbook sap+hana-assert.yml -l host_1 +- name: Ansible Play for SAP HANA HA Scale-up preconfigure + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Execute Ansible Role sap_hana_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_hana_preconfigure ``` + -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap+hana-assert.yml -l host_1,host_2 | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## Contribution + + -Please read the [developer guidelines](./README.DEV.md) if you want to contribute + + ## License + +Apache 2.0 + -Apache license 2.0 +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -## Author Information - -Red Hat for SAP Community of Practice, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md) diff --git a/roles/sap_hostagent/INPUT_PARAMETERS.md b/roles/sap_hostagent/INPUT_PARAMETERS.md new file mode 100644 index 00000000..1b10434b --- /dev/null +++ b/roles/sap_hostagent/INPUT_PARAMETERS.md @@ -0,0 +1,130 @@ +## Input Parameters for sap_hostagent Ansible Role + + +### sap_hostagent_installation_type + +- _Type:_ `string` +- _Default:_ `rpm` + +Select type of installation source for SAPHOSTAGENT.
+Available options: `sar`, `sar-remote`, `bundle`, `rpm` + + +## Input Parameters for SAR +Following input parameters are used by both Local SAR and Remote SAR. + +### sap_hostagent_sar_file_name + +- _Type:_ `string` + +Name of SAR file containing SAPHOSTAGENT. + +### sap_hostagent_sapcar_file_name + +- _Type:_ `string` + +Name of SAR file containing SAPCAR. + +## Input Parameters for Local SAR + +### sap_hostagent_sar_local_path + +- _Type:_ `string` + +Local directory path where SAR file is located. Do not use together with `sap_hostagent_sar_remote_path`. + +### sap_hostagent_sapcar_local_path + +- _Type:_ `string` + +Local directory path where SAPCAR file is located. Do not use together with `sap_hostagent_sapcar_remote_path`. + +## Input Parameters for Remote SAR + +### sap_hostagent_sar_remote_path + +- _Type:_ `string` + +Remote directory path where SAR file is located. Do not use together with `sap_hostagent_sar_local_path`. + +### sap_hostagent_sapcar_remote_path + +- _Type:_ `string` + +Local directory path where SAPCAR file is located. Do not use together with `sap_hostagent_sapcar_local_path`. + + +## Input Parameters for RPM + +### sap_hostagent_rpm_local_path + +- _Type:_ `string` + +Local directory path where RPM file is located. Do not use together with `sap_hostagent_rpm_remote_path`. + +### sap_hostagent_rpm_remote_path + +- _Type:_ `string` + +Remote directory path where RPM file is located. Do not use together with `sap_hostagent_rpm_local_path`. + +### sap_hostagent_rpm_file_name + +- _Type:_ `string` + +Name of RPM package containing SAPHOSTAGENT. + + +## Input Parameters for SAP Bundle + +### sap_hostagent_bundle_path + +- _Type:_ `string` + +Remote directory path where SAP Bundle file is located after being extracted. + + +## Input Parameters for SSL setup + +### sap_hostagent_config_ssl + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to configure PSE and create CSR.
+Adding signed certificates from a valid CA is not supported yet. + +### sap_hostagent_ssl_passwd + +- _Type:_ `string` + +Enter password for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +### sap_hostagent_ssl_org + +- _Type:_ `string` + +Enter Organization information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +### sap_hostagent_ssl_country + +- _Type:_ `string` + +Enter Country information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + + +### sap_hostagent_agent_tmp_directory + +- _Type:_ `string` +- _Default:_ `/tmp/hostagent` + +Temporary directory for processing of source file. + +### sap_hostagent_clean_tmp_directory + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to remove temporary directory after installation. + + \ No newline at end of file diff --git a/roles/sap_hostagent/README.md b/roles/sap_hostagent/README.md index 13aa84fa..40039515 100644 --- a/roles/sap_hostagent/README.md +++ b/roles/sap_hostagent/README.md @@ -1,150 +1,134 @@ + # sap_hostagent Ansible Role + -SAP Host Agent is an agent that can accomplish several life-cycle management tasks, such as operating system monitoring, database monitoring, system instance control and provisioning. - -It is recommended to install SAP Host Agent upfront in any HA environment. - -You can find the latest Documentation in [SAP NOTE 1907566](https://launchpad.support.sap.com/#/notes/1907566) - -This role installs or updates the SAP Host Agent on a RHEL 7.x or 8.x system. It is provided as RPM package, tarball or as part of an SAP softwarebundle. -While Red Hat recommends RPM for easier upgrade, this role take care of all formats. - -## Requirements - -This role is intended to use on a RHEL system that gets SAP software. -So your system needs to be installed with at least the RHEL core packages, properly registered and prepared for HANA or Netweaver installation. - -It needs access to the software repositories required to install SAP HANA (see also: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)) - -You can use the [redhat_sap.sap_rhsm](https://galaxy.ansible.com/redhat_sap/sap_rhsm) Galaxy Role to automate this process - -To install SAP software on Red Hat Enterprise Linux you need some additional packages which come in a special repository. To get this repository you need to have one -of the following products: - -- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard, developer Edition) -- [RHEL for Business Partner NFRs](https://partnercenter.redhat.com/NFRPageLayout) - -[Click here](https://developers.redhat.com/products/sap/download/) to achieve a personal developer edition of RHEL for SAP Solutions. Please register as a developer and download the developer edition. - -- [Registration Link](http://developers.redhat.com/register) : - Here you can either register a new personal account or link it to an already existing **personal** Red Hat Network account. -- [Download Link](https://access.redhat.com/downloads/): - Here you can download the Installation DVD for RHEL with your previously registered account - -*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional - product but only a special bundling. The subscription grants you access to the additional - packages through our content delivery network(CDN) after installation. - -It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-82c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. - -## Role Variables - -### RPM based installations - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes, with `rpm` value| -|sap_hostagent_rpm_local_path|Local directory path where RPM file is located|yes, unless `sap_hostagent_rpm_remote_path` is used| -|sap_hostagent_rpm_remote_path|Local directory path where RPM file is located|yes, unless `sap_hostagent_rpm_local_path` is used| -|sap_hostagent_rpm_file_name|Local RPM file name|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| - -### SAR based installations (content on ansible control node) - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `sar` value| -|sap_hostagent_sar_local_path|Local directory path where SAR file is located|yes| -|sap_hostagent_sar_file_name|Local SAR file name|yes| -|sap_hostagent_sapcar_local_path|Local directory path where SAPCAR tool file is located|yes| -|sap_hostagent_sapcar_file_name|Local SAPCAR tool file name|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| - -### SAR based installations (with content existing on target node) - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `sar-remote` value| -|sap_hostagent_sar_remote_path|Remote directory path where SAR tool file is located|yes| -|sap_hostagent_sar_file_name|SAR tool file name|yes| -|sap_hostagent_sapcar_remote_path|Remote directory path of SAR archive|yes| -|sap_hostagent_sapcar_file_name|Remote file name of SAR archive|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +## Description + +Ansible Role `sap_hostagent` is used install SAP Host Agent. +SAP Host Agent is an agent that can accomplish several life-cycle management tasks, such as operating system monitoring, database monitoring, system instance control and provisioning. -### SAP Bundle based installations - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `bundle` value| -|sap_hostagent_bundle_path|Target host directory path where SAP Installation Bundle has been unarchived| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| - -### SSL Configuration - -Right now the role will configure the PSE and create a CSR. Adding signed certificates from a valid CA is not supported yet - -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_config_ssl|This boolean variable will configure Agent for SSL communication|no (defaulted in the role)| -|sap_hostagent_ssl_passwd|Password to be used for the CSR|yes when `sap_hostagent_config_ssl` True| -|sap_hostagent_ssl_org|Organization information for the CSR|yes when `sap_hostagent_config_ssl` True| -|sap_hostagent_ssl_country|Country information for the CSR|yes when `sap_hostagent_config_ssl` True| - -## Dependencies - -Before using this role ensure your system has been configured properly to run SAP applications. - -You can use the supported role `sap_general_preconfigure` coming with RHEL 7 and 8 with RHEL for SAP Solutions Subscription - -The upstream version of this role can be found [here](https://github.com/linux-system-roles/sap_general_preconfigure) - -## Example Playbook - +This role installs SAP Host Agent with following source methods: +- SAP SAR file +- SAP Bundle +- RPM package (Red Hat only) + + + + + + +## Prerequisites +Managed nodes: +- Ensure that servers are configured for SAP Systems. See [Recommended](#recommended) section. + + +## Execution + + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_hostagent`* + + +### Execution Flow + +1. Create temporary directory. +2. Execute deployment based on chosen method. +3. Configure SSL if `sap_hostagent_config_ssl` was set. +4. Cleanup temporary directory + + +### Example + +#### Example playbook for installing using SAR file located on control node ```yaml - - hosts: servers - roles: - - role: sap_hostagent +--- +- name: Ansible Play for SAP Host Agent installation - Local SAR + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "sar" + sap_hostagent_sar_local_path: "/software/SAPHOSTAGENT" + sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" + sap_hostagent_sapcar_local_path: "/software/SAPHOSTAGENT" + sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" + sap_hostagent_clean_tmp_directory: true ``` - -## Example Inventory - -When using RPM: - +#### Example playbook for installing using SAR file located on managed node ```yaml -sap_hostagent_installation_type: "rpm" -sap_hostagent_rpm_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm" -sap_hostagent_clean_tmp_directory: true +--- +- name: Ansible Play for SAP Host Agent installation - Remote SAR + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "sar" + sap_hostagent_sar_remote_path: "/software/SAPHOSTAGENT" + sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" + sap_hostagent_sapcar_remote_path: "/software/SAPHOSTAGENT" + sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" + sap_hostagent_clean_tmp_directory: true ``` - -When using SAR: - +#### Example playbook for installing using SAP Bundle ```yaml -sap_hostagent_installation_type: "sar" -sap_hostagent_sar_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" -sap_hostagent_sapcar_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" -sap_hostagent_clean_tmp_directory: true +--- +- name: Ansible Play for SAP Host Agent installation - SAP bundle + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "bundle" + sap_hostagent_bundle_path: "/usr/local/src/HANA-BUNDLE/51053381" + sap_hostagent_clean_tmp_directory: true ``` - -When using SAP Bundle: - +#### Example playbook for installing using RPM on Red Hat ```yaml -sap_hostagent_installation_type: "bundle" -sap_hostagent_bundle_path: "/usr/local/src/HANA-BUNDLE/51053381" -sap_hostagent_clean_tmp_directory: true +--- +- name: Ansible Play for SAP Host Agent installation - SAP bundle + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "rpm" + sap_hostagent_rpm_local_path: "/mylocaldir/SAPHOSTAGENT" + sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm" + sap_hostagent_clean_tmp_directory: true ``` + -## License + + -Apache license 2.0 + + -## Author Information - -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice +## License + +Apache 2.0 + + +## Maintainers + +- [Markus Koch](https://github.com/rhmk) +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hostagent/INPUT_PARAMETERS.md) diff --git a/roles/sap_install_media_detect/INPUT_PARAMETERS.md b/roles/sap_install_media_detect/INPUT_PARAMETERS.md new file mode 100644 index 00000000..67beaf02 --- /dev/null +++ b/roles/sap_install_media_detect/INPUT_PARAMETERS.md @@ -0,0 +1,181 @@ +## Input Parameters for sap_install_media_detect Ansible Role + +### sap_install_media_detect_rar_handling + +- _Type:_ `bool` +- _Default:_ `True` + +Set this parameter to `false` for skipping the handling of RAR files. In this case, also no `unar` or other RAR handling software will be installed. + + +### sap_install_media_detect_rar_package + +- _Type:_ `str` +- _Default:_ `EPEL` + +Set this parameter to use either the `unar` package from `EPEL` or another software package for handling RAR files.
+Based on this setting, the commands for listing and extracting RAR files are being set in tasks/prepare/enable_rar_handling.yml + +### sap_install_media_detect_epel_gpg_key_url + +- _Type:_ `str` +- _Default:_ `https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}` + +URL for the EPEL GPG key + +### sap_install_media_detect_use_rpm_key_module_for_removing_the_key + +- _Type:_ `bool` +- _Default:_ `True` + +The `EPEL` GPG key can be removed with the rpm_key module and the URL for the key, or by using the `rpm -e` command.
+For using the rpm -e command, set this variable to 'false'. + +### sap_install_media_detect_file_server_only + +- _Type:_ `bool` +- _Default:_ `False` + +If this role is running on a file server on which the SAP software is not to be installed, set the following to true.
+If this role is running on a system on which the SAP software is to be installed, set the following to false. + +### sap_install_media_detect_rar_list + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar lb` + +Fully qualified path to the program for listing RAR files, including the argument for listing files.
+If not specified, the `lsar` program (or a link with the name `lsar`, pointing to the actual `lsar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar x` + +Fully qualified path to the program for extracting RAR files, including the argument for extracting files.
+If not specified, the `unar` program (or a link with the name `unar`, pointing to the actual `unar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract_directory_argument + +- _Type:_ `str` + +Fully qualified path to an additional argument to the program for extracting RAR files, for specifying the directory into which the archive is to be extracted. Needs to be empty or start with a space character.
+If sap_install_media_detect_rar_package is set to 'EPEL', this variable is not used. + +### sap_install_media_detect_source_directory + +- _Type:_ `str` +- _Default:_ `/software` + +Directory where the SAP software is located + +### sap_install_media_detect_target_directory + +- _Type:_ `str` + +Directory where the SAP software is located after the role is run, if different from `sap_install_media_detect_source_directory` + +### sap_install_media_detect_create_target_directory + +- _Type:_ `bool` +- _Default:_ `True` + +Create target directory if it does not yet exist. If set to false, perform a check only + +### sap_install_media_detect_rename_target_file_exists + +- _Type:_ `str` +- _Default:_ `skip` + +If there are two files of the same RAR or ZIP type, one with and one without suffix, the following parameter will determine what the role will do for such a file: `skip` the file renaming, `fail`, or `overwrite` the file with the suffix by the file without suffix + +### sap_install_media_detect_extract_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not extract archives which have the extract flag set, set the following parameter to `false`. + +### sap_install_media_detect_move_or_copy_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not move or copy archive files to the `target_dir` subdirectories, set the following parameter to `false`. + +### sap_install_media_detect_assert_after_sapfile + +- _Type:_ `bool` +- _Default:_ `True` + +By default, the presence of at least one file for each file type according to the configured role parameters is asserted. Set the following parameter to 'false' to skip this step. + +### sap_install_media_detect_db + +- _Type:_ `str` + +Select which database type to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_db_client + +- _Type:_ `str` + +Select which database client to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_swpm + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SWPM. + +### sap_install_media_detect_hostagent + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Hostagent. + +### sap_install_media_detect_igs + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP IGS. + +### sap_install_media_detect_kernel + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Kernel files. + +### sap_install_media_detect_kernel_db + +- _Type:_ `str` + +Select which database kernel to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2`
\ No newline at end of file diff --git a/roles/sap_install_media_detect/README.md b/roles/sap_install_media_detect/README.md index 23dfaa60..45e739bd 100644 --- a/roles/sap_install_media_detect/README.md +++ b/roles/sap_install_media_detect/README.md @@ -1,48 +1,104 @@ + # sap_install_media_detect Ansible Role - -Ansible Role for detection and extraction of SAP Software installation media - -This role is used to prepare for installation of SAP Software, by searching a given directory for SAP installation media (e.g. SAR files), -moving files to subdirectories (i.e. `/sap_hana` and `/sap_swpm`) with the directory/file ownership permissions, then extracting the detected files. - -Detection of installation media is available for SAP HANA and the various key installation files when using SAP SWPM to install -SAP Business Applications based upon SAP NetWeaver (e.g. SAP S/4HANA, SAP BW/4HANA, SAP ECC, SAP BW, SAP WebDispatcher etc). -As an example, SAP HANA Client would be detected and the SAP Kernel Part I/II would be detected. - -Once detection (e.g. using `zipinfo -1` and `unrar lb`) and extraction are completed, the file paths are shown and stored as variables for subsequent use by other Ansible Tasks. - -RAR files can be either handled by the unar package from EPEL or by another package which can list the contents of, and extract files from, -RAR files. See the comments and examples for the RAR file handling in `defaults/main.yml`. If the EPEL repo had been enabled at the time -when the role was run, it will remain enabled. If the EPEL repo was not present, the associated GPG key will be removed and the EPEL repo -will be disabled as the last task. - -## Execution Flow - -- At the beginning of the execution of the role, a new tool `sapfile` is pushed to a temporary directory on the managed node. -- Also a package which contains a command for extracting and listing content of files of type `RAR` is installed. -- The next step is to check if source and/or target directories exist. If role parameter `sap_install_media_detect_target_directory` is defined, files will later be copied from `sap_install_media_detect_source_directory`. This is the `remote_dir` case. -- If the system on which the `sap_install_media_detect_source_directory` is not writable, the role would normally fail because one or both of the following conditions are not met: - - The SAPCAR EXE file is not executable. - - There are one or more `ZIP` or `RAR` files without extension. -- In this `remote_dir` case, to make sure the role does not fail, it needs to be run first on the node on which `sap_install_media_detect_source_directory` is writable, with role parameter `sap_install_media_detect_file_server_only` set to `true` so the role will not perform and further file detection activities. -- After the SAPCAR EXE file is executable and there are no more `ZIP` or `RAR` files without extension, the role can be called on a managed node where `sap_install_media_detect_source_directory` is not writable. -- A new list of all files with the correct final file names will then be created, and for each of the files, the SAP file types are determined using the `sapfile` tool, either using the file names or - if this information is not sufficient - from information inside the file. -- We then assert that there is at least (or exactly, depending on the file type) one file available for each of the `sap_install_media_detect_*` parameters. For example, if `sap_install_media_detect_kernel_db` is set to `saphana`, then there must be one SAP Kernel DB dependent file for SAP HANA. -- In case of `remote_dir`, the next step is to copy all files from `sap_install_media_detect_source_directory` to `sap_install_media_detect_target_directory`. -- Then we extract files which are configured in `sapfile` to be extracted, and copy or move files which are configured in `sapfile` to be copied or moved. Certain files like `SAPCAR*.EXE` and the SAP Host Agent will be copied to two different directories. -- Once all necessary files have been extracted and all files are copied or moved to where we want them to be, we are using the Ansible find module to identify the different file types by using file or directory name patterns. -- The last step is to fill all required `sap_swpm` parameters from the result of the previous find step, and display all the variables. - -## Variables and Parameters - -See the file `defaults/main.yml`. - -## Dependencies - -This role does not depend on any other Ansible Role. - -## Tags - + +![Ansible Lint for sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_install_media_detect.yml/badge.svg) + +## Description + +Ansible Role `sap_install_media_detect` is used to detect and extract SAP installation media. + +This role searches provided source directory, sorts files based on type and extracts them to target directory. Extraction can be further adjusted to create individual folders based on defined inputs. + +Detection of supported installation media is available for SAP HANA and wide range of SAP Applications (example: SAP S/4HANA, SAP BW/4HANA, SAP ECC, SAP BW, SAP WebDispatcher, SAP Business Applications based upon SAP NetWeaver, etc). + + + + + + +## Prerequisites +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. + + +## Execution + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+#### SAP HANA +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. *`sap_install_media_detect`* +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) - High Availability specific +6. [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) - High Availability specific + +#### SAP Netweaver +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) +3. *`sap_install_media_detect`* +4. [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) +5. [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) - High Availability specific + + +### Execution Flow + +1. At the beginning of the execution of the role, a new tool `sapfile` is pushed to a temporary directory on the managed node. +2. Also a package which contains a command for extracting and listing content of files of type `RAR` is installed. +3. The next step is to check if source and/or target directories exist. If role parameter `sap_install_media_detect_target_directory` is defined, files will later be copied from `sap_install_media_detect_source_directory`. This is the `remote_dir` case. +4. If the system on which the `sap_install_media_detect_source_directory` is not writable, the role would normally fail because one or both of the following conditions are not met: + - The SAPCAR EXE file is not executable. + - There are one or more `ZIP` or `RAR` files without extension. +5. In this `remote_dir` case, to make sure the role does not fail, it needs to be run first on the node on which `sap_install_media_detect_source_directory` is writable, with role parameter `sap_install_media_detect_file_server_only` set to `true` so the role will not perform and further file detection activities. +6. After the SAPCAR EXE file is executable and there are no more `ZIP` or `RAR` files without extension, the role can be called on a managed node where `sap_install_media_detect_source_directory` is not writable. +7. A new list of all files with the correct final file names will then be created, and for each of the files, the SAP file types are determined using the `sapfile` tool, either using the file names or - if this information is not sufficient - from information inside the file. +8. We then assert that there is at least (or exactly, depending on the file type) one file available for each of the `sap_install_media_detect_*` parameters. For example, if `sap_install_media_detect_kernel_db` is set to `saphana`, then there must be one SAP Kernel DB dependent file for SAP HANA. +9. In case of `remote_dir`, the next step is to copy all files from `sap_install_media_detect_source_directory` to `sap_install_media_detect_target_directory`. +10. Then we extract files which are configured in `sapfile` to be extracted, and copy or move files which are configured in `sapfile` to be copied or moved. Certain files like `SAPCAR*.EXE` and the SAP Host Agent will be copied to two different directories. +11. Once all necessary files have been extracted and all files are copied or moved to where we want them to be, we are using the Ansible find module to identify the different file types by using file or directory name patterns. +12. The last step is to fill all required `sap_swpm` parameters from the result of the previous find step, and display all the variables. + - Once detection (e.g. using `zipinfo -1` and `unrar lb`) and extraction are completed, the file paths are shown and stored as variables for subsequent use by other Ansible Tasks. + +
+ (Red Hat) Additional steps for RAR files + + RAR files can be either handled by the unar package from EPEL or by another package which can list the contents of, and extract files from, RAR files. See the comments and examples for the RAR file handling in `defaults/main.yml`. + + - If the EPEL repo had been enabled at the time when the role was run, it will remain enabled. + - If the EPEL repo was not present, the associated GPG key will be removed and the EPEL repo will be disabled as the last task. +
+ + +### Example + +Example playbook to extract SAP Installation media for SAP ASCS Netweaver. +```yaml +--- +- name: Ansible Play for SAP NetWeaver ASCS - Extract SAP Installation media + hosts: nwas_ascs + become: true + any_errors_fatal: true + max_fail_percentage: 0 + tasks: + + - name: Execute Ansible Role sap_install_media_detect + ansible.builtin.include_role: + name: community.sap_install.sap_install_media_detect + vars: + sap_install_media_detect_swpm: true + sap_install_media_detect_hostagent: true + sap_install_media_detect_igs: true + sap_install_media_detect_kernel: true + sap_install_media_detect_webdisp: false +``` + + + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_install_media_detect_zip_handling`: Only perform the task for enabling the listing and extracting of files of type `ZIP`. - tag `sap_install_media_detect_rar_handling`: Only perform the tasks for enabling the listing and extracting of files of type `RAR`. This @@ -59,11 +115,20 @@ With the following tags, the role can be called to perform certain activities on Note: After running the role with the following four tags, the SAP archive files will be in the same place as before running the role the first time. The directories with pattern `*_extracted` will remain in place. `sap_install_media_detect_provide_sapfile_utility,sap_install_media_detect_check_directories,sap_install_media_detect_create_file_list_phase_1,sap_install_media_detect_move_files_to_main_directory` + -## License + + -Apache license 2.0 +## License + +Apache 2.0 + -## Author Information +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Bernd Finger +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_install_media_detect/INPUT_PARAMETERS.md) diff --git a/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md b/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md new file mode 100644 index 00000000..959447a1 --- /dev/null +++ b/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md @@ -0,0 +1,78 @@ +## Input Parameters for sap_maintain_etc_hosts Ansible Role + + +This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the `/etc/hosts` file. + +The default value is the definition of the cluster nodes like in the role [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster). If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined, then the role creates a default value from `ansible_facts`. + +**NOTE: If you want to use this role to remove entries from /etc/hosts it is a good practice to do this before adding entries. The adding/removal is done in the order the entries are listed.** + +### sap_maintain_etc_hosts_list + +- _Type:_ `list` with elements of type `dict` + +Mandatory list of nodes in form of dictionaries to be added or removed in `/etc/hosts` file. + +Following dictionary keys can be defined: +- **node_ip**
+ IP address of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, where `node_name` and `node_domain` can be used instead. + + - _Type:_ `string` + +- **node_name**
+ Hostname of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_ip` is not used. + + - _Type:_ `string` + +- **node_domain**
+ Domain name of the managed node. Defaults to `sap_domain` if set or `ansible_domain`.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_name` is used. + + - _Type:_ `string` + - _Default:_ `sap_domain` + +- **aliases**
+ List of aliases for the managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `list` with elements of type `string` + +- **alias_mode**
+ Select method of updating `/etc/hosts` file:
+ - `merge` : merges the list of aliases with the exiting aliases of the node.
+ - `overwrite` : overwrites the aliases of the node. + _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + - _Default:_ `merge` + +- **node_comment**
+ Node comment is appended at end of line of managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + - _Default:_ `managed by ansible sap_maintain_etc_hosts role` + +- **hana_site**
+ Used by [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) and it is appended to `node_comment`
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + +- **node_role**
+ Not used, but mentioned for compatibility reasons for [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role.
+ + - _Type:_ `string` + +- **state**
+ Select `present` for adding new entries, `absent` for removing them.
+ **Required** for removing entries, otherwise default `present` is used. + + - _Type:_ `string` + - _Default:_ `present` + \ No newline at end of file diff --git a/roles/sap_maintain_etc_hosts/README.md b/roles/sap_maintain_etc_hosts/README.md index 98fab9ad..e822ae55 100644 --- a/roles/sap_maintain_etc_hosts/README.md +++ b/roles/sap_maintain_etc_hosts/README.md @@ -1,142 +1,92 @@ -# Role Name: sap_maintain_etc_hosts - -This role can be used to reliably update the /etc/hosts file. - - - -## Role Input Parameters - -This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the hostfile. The default value is the definition of the cluster nodes like in the role `sap_ha_pacemaker_cluster`. If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined the role creates a default value from `ansible_facts`. - -Caution: If you want to use this role to remove entries from /etc/hosts it is a good practise to do this before adding entries. The adding/removal is done in the order the entries are listed. - -### sap_maintain_etc_hosts_list - -- _Type:_ `list` - - List of nodes to be added or removed in /etc/hosts - possible list options: - -#### node_ip - -- _Type:_ `string` - - IP address of the node. - It is required for adding a node. - When deleting a node use only when node_name and node_domain are not defined - -#### node_name - -- _Type:_ `string` - - Hostname of the node - It is required for adding a node. - When deleting a node use only when node_ip is not defined - -#### node_domain - -- _Type:_ `string` - - Domainname of the node - Defaults to sap_domain, if set, otherwise ansible_domain is the default - When deleting a node use only when node_name is defined - -#### aliases - -- _Type:_ `list` - - List of aliases for the node - Not used when state is absent - -#### alias_mode - -- _Type:_ `string` - - Options: - - - `merge` : merges the list of aliases with the exiting aliases of the node. (default) - - `overwrite` : overwrites the aliases of the node. - - Not used when state is absent - -#### node_comment - -- _Type:_ `string` - - default: managed by ansible sap_maintain_etc_hosts role` - String which is appended to line in hosts after comment string - Not used when state is absent - -#### hana_site - -- _Type:_ `string` - - if set (e.g. for configuring cluster) it is appended to the comment - Not used when state is absent - -#### node_role - - Not used. For compatibility reason only. - -#### state - -- _Type:_ `string` - - Options: - - - `present` : creates a host entry (default)` - - `absent` : removes a host entry by ip or hostname - - - -Example Playbook ----------------- - -If you want to setup/add entries your etc hosts you can use this snippet - -```[yaml] -- name: Ensure /etc/hosts is updated - include_role: sap_sap_maintain_etc_hosts - var: + +# sap_maintain_etc_hosts Ansible Role + + +## Description + +Ansible Role `sap_maintain_etc_hosts` is used to maintain `/etc/hosts` file. + + + + + + + + +## Execution + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Verify duplicate entries and conflicts; +3. Update `/etc/hosts` file. + + +### Example + +Example playbook will update `/etc/hosts`: +- Remove node with IP `10.10.10.10`. +- Remove node with name `host2`. +- Add node with IP `10.10.10.11`, name `host1`, aliases `alias1, alias2` and comment `host1 comment`. +```yaml +- name: Ansible Play for add entry in /etc/hosts + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_sap_maintain_etc_hosts + ansible.builtin.include_role: + name: community.sap_install.sap_sap_maintain_etc_hosts + vars: sap_maintain_etc_hosts_list: - - node_ip: 1.2.3.5 - state: absent - - node_name: host2 - state: absent - - node_ip: 1.2.3.4 - node_name: host1 - aliases: - - alias1 - - anotheralias2 - node_comment: "Here comes text after hashsign" (defaults to hana_site) - state: present + - node_ip: 10.10.10.10 + state: absent + - node_name: host2 + state: absent + - node_ip: 10.10.10.11 + node_name: host1 + aliases: + - alias1 + - alias2 + node_comment: "host1 comment" # Comment is created after hash sign (defaults to hana_site) + state: present ``` -If you have defined a cluster and the variable `sap_ha_pacemaker_cluster_cluster_nodes` or `sap_hana_cluster_nodes` is set, you can use the following play: - -```[yaml] -- name: ensure all cluster nodes are in /etc/hosts - include_role: sap_maintain_etc_hosts - var: - sap_maintain_etc_hosts_list: "{{ sap_hana_cluster_nodes }}" +Example playbook when executed together with [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role which uses either `sap_ha_pacemaker_cluster_cluster_nodes` or `sap_hana_cluster_nodes`. +```yaml +- name: Ansible Play for add entry in /etc/hosts + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_sap_maintain_etc_hosts + ansible.builtin.include_role: + name: community.sap_install.sap_sap_maintain_etc_hosts + vars: + sap_maintain_etc_hosts_list: "{{ sap_ha_pacemaker_cluster_cluster_nodes }}" ``` + -License -------- + + -Apache-2.0 + + -Author Information ------------------- +## License + +Apache 2.0 + -@rhmk 10/10/23 +## Maintainers + +- [Markus Koch](https://github.com/rhmk) +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_sap_maintain_etc_hosts/INPUT_PARAMETERS.md) diff --git a/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md b/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md new file mode 100644 index 00000000..bdaf4cdf --- /dev/null +++ b/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md @@ -0,0 +1,92 @@ +## Input Parameters for sap_netweaver_preconfigure Ansible Role + +## Role Input Parameters + +Minimum required parameters: +This role does not require any parameter to be set in the playbook or inventory. + + +### sap_netweaver_preconfigure_config_all +- _Type:_ `bool` +- _Default:_ `true` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_netweaver_preconfigure_installation +- _Type:_ `bool` +- _Default:_ `false` + +If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_netweaver_preconfigure_configuration +- _Type:_ `bool` +- _Default:_ `false` + +If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes.
+ +### sap_netweaver_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_netweaver_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_netweaver_preconfigure_min_swap_space_mb +- _Type:_ `str` +- _Default:_ `20480` + +Specifies the minimum amount of swap space on the system required by SAP NetWeaver.
+If this requirement is not met, the role will abort.
+Set your own value to override the default of `20480`.
+ +### sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured +- _Type:_ `bool` +- _Default:_ `true` + +If the system does not have the minimum amount of swap space configured as defined
+in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort.
+By setting this parameter to `false`, the role will not abort in such cases.
+ +### sap_netweaver_preconfigure_rpath +- _Type:_ `str` +- _Default:_ `/usr/sap/lib` + +Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role
+is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`,
+so that newer SAP kernels which are built with GCC10 can find the required symbols.
+ +### sap_netweaver_preconfigure_use_adobe_doc_services +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed.
+ +### sap_netweaver_preconfigure_saptune_version +- _Type:_ `str` +- _Default:_ `3.0.2` + +On SLES systems, specifies the saptune version
+ +### sap_netweaver_preconfigure_saptune_solution +- _Type:_ `str` +- _Default:_ `NETWEAVER` +- _Possible Values:_
+ - `NETWEAVER` + - `NETWEAVER+HANA` + - `S4HANA-APP+DB` + - `S4HANA-APPSERVER` + - `S4HANA-DBSERVER` + +On SLES systems, specifies the saptune solution to apply.
+ + \ No newline at end of file diff --git a/roles/sap_netweaver_preconfigure/README.md b/roles/sap_netweaver_preconfigure/README.md index ae666ccd..4375bfec 100644 --- a/roles/sap_netweaver_preconfigure/README.md +++ b/roles/sap_netweaver_preconfigure/README.md @@ -1,191 +1,84 @@ + # sap_netweaver_preconfigure Ansible Role - -This role installs additional required packages and performs additional configuration steps for installing and running SAP NetWeaver. -If you want to configure a RHEL system for the installation and later usage of SAP NetWeaver, you have to first run role `sap_general_preconfigure` and then role sap_netweaver_preconfigure. -For SLES, running the `sap_general_preconfigure` role is not necessary. - -## Requirements - -To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by -running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). -It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP NetWeaver, to maintain an identical -system time, before or after running role sap_netweaver_preconfigure. - -Note ----- -On RHEL, as per SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile -(e.g. virtual-guest) had been active before or not. - -On SLES, this role will switch the saptune solution to the one specified by the configuration and will override any previously set solution. -The default solution is `NETWEAVER`. - -The role can check if enough swap space - as per the prerequisite checker in sapinst - has been configured on the managed node. -Please check the SAP NetWeaver installation guide for swap space requirements. - -Do not run this role against an SAP NetWeaver or other production system. The role will enforce a certain configuration on the managed -node(s), which might not be intended. - - -## Role Input Parameters - -Minimum required parameters: -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_netweaver_preconfigure_config_all -- _Type:_ `bool` -- _Default:_ `true` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_netweaver_preconfigure_installation -- _Type:_ `bool` -- _Default:_ `false` - -If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_netweaver_preconfigure_configuration -- _Type:_ `bool` -- _Default:_ `false` - -If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes.
- -### sap_netweaver_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_netweaver_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_netweaver_preconfigure_min_swap_space_mb -- _Type:_ `str` -- _Default:_ `20480` - -Specifies the minimum amount of swap space on the system required by SAP NetWeaver.
-If this requirement is not met, the role will abort.
-Set your own value to override the default of `20480`.
- -### sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured -- _Type:_ `bool` -- _Default:_ `true` - -If the system does not have the minimum amount of swap space configured as defined
-in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort.
-By setting this parameter to `false`, the role will not abort in such cases.
- -### sap_netweaver_preconfigure_rpath -- _Type:_ `str` -- _Default:_ `/usr/sap/lib` - -Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role
-is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`,
-so that newer SAP kernels which are built with GCC10 can find the required symbols.
- -### sap_netweaver_preconfigure_use_adobe_doc_services -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed.
- -### sap_netweaver_preconfigure_saptune_version -- _Type:_ `str` -- _Default:_ `3.0.2` - -On SLES systems, specifies the saptune version
- -### sap_netweaver_preconfigure_saptune_solution -- _Type:_ `str` -- _Default:_ `NETWEAVER` -- _Possible Values:_
- - `NETWEAVER` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-APPSERVER` - - `S4HANA-DBSERVER` - -On SLES systems, specifies the saptune solution to apply.
- - - -## Example Playbook - -Simple playbook, named sap+netweaver.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure - - role: sap_netweaver_preconfigure -``` - -Simple playbook for an extended check (assert) run, named sap+netweaver-assert.yml: + + +## Description + +Ansible Role `sap_netweaver_preconfigure` is used to ensure that Managed nodes are configured to host SAP Netweaver systems according to SAP Notes after [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) role was executed. + +This role performs installation of required packages for running SAP Netweaver systems and configuration of Operating system parameters. + + + + + + +## Prerequisites +Managed nodes: +- Ensure that general operating system configuration for SAP is performed by [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure). See [Recommended](#recommended) section. + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +**NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_netweaver_preconfigure`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages +3. Apply configurations + - Execute configuration tasks based on SAP Notes + - (SUSE) Execute saptune with solution `sap_netweaver_preconfigure_saptune_solution` (Default: `NETWEAVER`) + +**Note: (Red Hat) Due to SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile (e.g. virtual-guest) had been active before or not.** + + +### Example + +Example of execution together with prerequisite role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) ```yaml --- -- hosts: all - vars: - sap_preconfigure_assert: yes - sap_preconfigure_assert_ignore_errors: yes - sap_netweaver_preconfigure_assert: yes - sap_netweaver_preconfigure_assert_ignore_errors: yes - roles: - - role: sap_general_preconfigure - - role: sap_netweaver_preconfigure +- name: Ansible Play for SAP Netweaver preconfigure + hosts: nwas_ascs, nwas_ers + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Execute Ansible Role sap_netweaver_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_netweaver_preconfigure ``` + -## Example Usage -Normal run, for configuring server host_1 for SAP NetWeaver: -```yaml -ansible-playbook sap+netweaver.yml -l host_1 -``` + + -Extended Check (assert) run, not aborting if an error has been found: -```yaml -ansible-playbook sap+netweaver-assert.yml -l host_1 -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap+netweaver-assert.yml -l host_1,host_2 | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` + + ## License + +Apache 2.0 + -Apache license 2.0 - -## Author Information +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + -Red Hat for SAP Community of Practice, Bernd Finger, Rainer Leber +## Role Input Parameters +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md) diff --git a/roles/sap_storage_setup/INPUT_PARAMETERS.md b/roles/sap_storage_setup/INPUT_PARAMETERS.md new file mode 100644 index 00000000..f4de99ad --- /dev/null +++ b/roles/sap_storage_setup/INPUT_PARAMETERS.md @@ -0,0 +1,140 @@ + +## Input Parameters for sap_netweaver_preconfigure Ansible Role + + +Minimum required parameters: + +- [sap_storage_setup_definition](#sap_storage_setup_definition-required) +- [sap_storage_setup_host_type](#sap_storage_setup_host_type-required) +- [sap_storage_setup_sid](#sap_storage_setup_sid-required) + + +### sap_storage_setup_definition required + +- _Type:_ `list` + +Describes list of the filesystems to be configured.
+ +- **disk_size**
+ Size of the disk device that is used for the filesystem.
For filesystems with no LVM logical volume striping, this is the total size of the filesystem.
For filesystems with LVM LV striping defined (`lvm_lv_stripes`), this is the size of each disk. The resulting filesystem size will be `disk_size` multiplied by `lvm_lv_stripes` (=disks). + + - _Type:_ `int` + +- **filesystem_type**
+ The type of filesystem that will be created on the logical volume. + + - _Type:_ `str` + - _Default:_ `xfs` + +- **lvm_lv_name**
+ The name of the LVM volume.
The default name is derived from the name value of the filesystem definition entry, for example 'lv_hanalog'. + + - _Type:_ `str` + +- **lvm_lv_stripe_size**
+ When setting up a striped volume, the stripe size can be defined.
Example format - "128K". + + - _Type:_ `str` + +- **lvm_lv_stripes**
+ Number of disks that will be configured in a striped volume.
This requires the availability of the same amount of unused disks, which must be of the size defined in `disk_size`. + + - _Type:_ `int` + _Default:_ `1` + +- **lvm_vg_name**
+ The name of the LVM volume group.
The default name is derived from the name value of the filesystem definition entry, for example 'vg_hanalog'. + + - _Type:_ `str` + +- **lvm_vg_physical_extent_size**
+ Adjustable size of the physical extents of the volume group in LVM. + + - _Type:_ `int` + - _Default:_ `4` + +- **mountpoint**
+ The path to where the filesystem will be mounted.
This can be left out for the definition of a swap volume. + + - _Type:_ `str` + +- **name**
+ A name of the filesystem definition entry.
This name is used to generate volume group name and logical volume name. + + - _Type:_ `str` + +- **nfs_filesystem_type**
+ The type of the NFS filesystem, for example `nfs`, `nfs4`. + + - _Type:_ `str` + - _Default:_ `nfs4` + +- **nfs_mount_options**
+ Mount options to use for the NFS mount.
Generic default is `hard,acl`.
Defaults depend on the specific platform detected by the role or defined explicitly. + + - _Type:_ `str` + - _Default:_ `hard,acl` + +- **nfs_path**
+ When defining an NFS filesystem, this is the directory path of the filesystem to be mounted. + + - _Type:_ `str` + +- **nfs_server**
+ When defining an NFS filesystem, this is the address of the NFS server.
The address must contain the root path, in which the mount directories exist or will be created.
For example, `192.168.1.100:/`. + + - _Type:_ `str` + +- **swap_path**
+ The path to the swap file.
When this option is defined for a swap filesystem definition, it will create a swap file on an existing filesystem. + + - _Type:_ `str` + +Example: + +```yaml +sap_storage_setup_definition: + + # Block Storage volume + - name: hana_data # required: string, filesystem name used to generate lvm_lv_name and lvm_vg_name + mountpoint: /hana/data # required: string, directory path where the filesystem is mounted + disk_size: 100 # required: integer, size in GB + filesystem_type: xfs # optional: string, value 'xfs'. Use 'swap' to create swap filesystem + + # File Storage volume + - name: hana_shared # required: string, reference name + mountpoint: /hana/shared # required: string, directory path where the filesystem is mounted + nfs_server: nfs.corp:/ # required: string, server and parent directory of the NFS Server; value default from var sap_storage_setup_nfs_server + + # Swap as file instead of Block Storage volume + # See SAP Note 1597355 - Swap-space recommendation for Linux + - name: swap # required: string, reference name + swap_path: /swapfile # required: string, directory path where swap file is created + disk_size: 4 # required: integer, size in GB of swap file + filesystem_type: swap # required: string, must be value 'swap' +``` + +### sap_storage_setup_host_type required + +- _Type:_ `list` + +The type of service the target system is going to be configured for.
+This can be a list of multiple types which apply to a single host.
+If not defined, the default will be inherited from the global parameter `sap_host_type`. One of these parameters must be defined.
+Available values: `hana_primary`, `hana_secondary`, `nwas_abap_ascs`, `nwas_abap_ers`, `nwas_abap_pas`, `nwas_abap_aas`, `nwas_java_scs`, `nwas_java_ers` + +### sap_storage_setup_multipath_enable_and_detect + +- _Type:_ `bool` +- _Default:_ `False` + +Define if multipathing should be enabled and dynamic multipath devices detected and used for the filesystem setup.
+ +### sap_storage_setup_sid required + +- _Type:_ `str` + +SID of the SAP service.
+If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
+ + \ No newline at end of file diff --git a/roles/sap_storage_setup/README.md b/roles/sap_storage_setup/README.md index d5e5ff23..55231f60 100644 --- a/roles/sap_storage_setup/README.md +++ b/roles/sap_storage_setup/README.md @@ -1,161 +1,126 @@ + # sap_storage_setup Ansible Role + +![Ansible Lint for sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_storage_setup.yml/badge.svg) -Ansible Role for preparing a host with the storage requirements of an SAP System (prior to software installation) +## Description + +Ansible Role `sap_storage_setup` is used to prepare a host with the storage requirements of an SAP System (prior to software installation). -## Scope - -This Ansible Role provides: -- local/block storage volumes setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path -- remote/file storage mount (and subdirectories as required) -- swap file or swap partition - -This Ansible Role has been tested for the following SAP software deployment types: -- SAP HANA Scale-up, Scale-out and Scale-up High Availability -- SAP NetWeaver AS in Sandbox (Two-Tier/OneHost), Standard (Three-Tier/DualHost), Distributed (Multi-Tier) and Distributed High Availability +This role can prepare host with: +- Local block storage volume setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path +- Remote file storage mount (and subdirectories as required) +- SWAP file or SWAP partition This Ansible Role is agnostic, and will run on any Infrastructure Platform. Only LVM is used for local/block storage, to allow for further expansion if the SAP System requires further storage space in the future. - -Please note, while this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. - -In addition, this Ansible Role: - -- Does not permit static definition for mountpoint to use a specific device (e.g. `/dev/sdk`). The definition will define the disk size to use for the mountpoint, and match accordingly. -- Enforces 1 mountpoint will use 1 LVM Logical Volume (LV) that consumes 100% of an LVM Volume Group (VG), with the LVM Volume Group (VG) consuming 100% of 1..n LVM Physical Volumes (PV). - - For granular control of LVM setup, the suggestion is to instead use Ansible Role `storage` from the `fedora.linux_system_roles` Ansible Collection or the Ansible Roles `lvg/lvol/filesystem` from `community.general` Ansible Collection - - -## Requirements - -The Ansible Role requires the `community.general` Ansible Collection (uses the `lvg`, `lvol` and `filesystem` Ansible Modules). - -Before using this Ansible Role, please make sure that the required collections are installed; for example, by using the command `ansible-galaxy install community.general` - + + + +## Dependencies +- `community.general` + - Modules: + - `lvg` + - `lvol` + - `filesystem` +Install required collection by `ansible-galaxy install community.general`. + + + ## Prerequisites +Managed nodes: +- All local/block storage volumes must be attached to the host +- All remote/file storage mounts must be available with host accessibility (e.g. port 2049). + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.**
+:warning: While this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. + +Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + +**Considerations** +- This role does not permit static definition for mountpoint to use a specific device (e.g. `/dev/sdk`). The definition will define the disk size to use for the mountpoint, and match accordingly. +- This role enforces that 1 mountpoint will use 1 LVM Logical Volume (LV) that consumes 100% of an LVM Volume Group (VG), with the LVM Volume Group (VG) consuming 100% of 1..n LVM Physical Volumes (PV). + - Following roles and modules offer alternative for more granular control of LVM setup: + - Role `storage` from [fedora.linux_system_roles](https://github.com/linux-system-roles/storage) + - Modules `filesystem`, `lvg`, `lvol` from [community.general](https://galaxy.ansible.com/ui/repo/published/community/general/) + + + + + +### Execution Flow + +1. Gather facts about hosts. +2. Create list of unused disk devices +3. Match/Map unused disk devices to the `sap_storage_setup_definition` +4. Create LVM Logical Volumes (and prerequisite LVM Volume Groups and LVM Physical Volumes) +5. Create swap file or swap partition +6. Mount NFS temporarily, create required subdirectories, unmount and mount subdirectory on the NFS share + + + +Example playbook to configure SAP HANA OneHost node on AWS that includes: +- 3 disks for `/hana/data`, `/hana/log` and ` /hana/shared` +- Remote filesystem for `/software` +- SWAP +```yaml +--- +- name: Ansible Play for SAP HANA HA storage setup + hosts: hana_primary + become: true + tasks: + - name: Execute Ansible Role sap_storage_setup + ansible.builtin.include_role: + name: community.sap_install.sap_storage_setup + vars: + sap_storage_setup_sid: "H01" + sap_storage_setup_host_type: "hana_primary" + sap_storage_setup_definition: + - name: hana_data + mountpoint: /hana/data + disk_size: 150 + filesystem_type: xfs + + - name: hana_log + mountpoint: /hana/log + disk_size: 100 + filesystem_type: xfs + + - name: hana_shared + mountpoint: /hana/shared + disk_size: 200 + filesystem_type: xfs + + - name: software + mountpoint: /software + nfs_path: /software + nfs_server: "fs-00000000000000000.efs.eu-central-1.amazonaws.com:/software" + nfs_filesystem_type: "nfs4" + nfs_mount_options: "vers=4.1,hard,timeo=600,retrans=2,acl" + + - name: swap + disk_size: 96 + filesystem_type: swap +``` + -All local/block storage volumes must be attached to the host, and all remote/file storage mounts must be available with host accessibility (e.g. port 2049). - -## Variables and Parameters - -The 3 critical variables are: -- `sap_storage_setup_definition` - a list with a dictionary for each mountpoint (e.g. /hana/data) for the host -- `sap_storage_setup_host_type` - a list which defines SAP Software on the host (e.g. list containing both hana_primary and nwas_abap_ascs values if creating a Sandbox Two-Tier/OneHost) -- `sap_storage_setup_sid` - a string with the SAP System ID of the logical system (e.g. D01) - -## Execution Flow - -The Ansible Role is sequential: -- Get host facts -- Create list of unused disk devices -- Match/Map unused disk devices to the `sap_storage_setup_definition` -- Create LVM Logical Volumes (and prerequisite LVM Volume Groups and LVM Physical Volumes) -- Create swap file or swap partition -- Mount NFS temporarily, create required subdirectories, unmount and mount subdictory on the NFS share - -## Sample + + -Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. + + ## License - + Apache 2.0 + -## Author Information - -Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) + ---- - ## Role Input Parameters - -Minimum required parameters: - -- [sap_storage_setup_definition](#sap_storage_setup_definition-required) -- [sap_storage_setup_host_type](#sap_storage_setup_host_type-required) -- [sap_storage_setup_sid](#sap_storage_setup_sid-required) - - -### sap_storage_setup_definition required - -- _Type:_ `list` - -Describes the filesystems to be configured.
- -- **disk_size**
- Size of the disk device that is used for the filesystem.
For filesystems with no LVM logical volume striping, this is the total size of the filesystem.
For filesystems with LVM LV striping defined (`lvm_lv_stripes`), this is the size of each disk. The resulting filesystem size will be `disk_size` multiplied by `lvm_lv_stripes` (=disks). -- **filesystem_type**
- _Default:_ `xfs`
- The type of filesystem that will be created on the logical volume. -- **lvm_lv_name**
- The name of the LVM volume.
The default name is derived from the name value of the filesystem definition entry, for example 'lv_hanalog'. -- **lvm_lv_stripe_size**
- When setting up a striped volume, the stripe size can be defined.
Example format - "128K". -- **lvm_lv_stripes**
- _Default:_ `1`
- Number of disks that will be configured in a striped volume.
This requires the availability of the same amount of unused disks, which must be of the size defined in `disk_size`. -- **lvm_vg_name**
- The name of the LVM volume group.
The default name is derived from the name value of the filesystem definition entry, for example 'vg_hanalog'. -- **lvm_vg_physical_extent_size**
- _Default:_ `4`
- Adjustable size of the physical extents of the volume group in LVM. -- **mountpoint**
- The path to where the filesystem will be mounted.
This can be left out for the definition of a swap volume. -- **name**
- A name of the filesystem definition entry.
This name is used to generate volume group name and logical volume name. -- **nfs_filesystem_type**
- _Default:_ `nfs4`
- The type of the NFS filesystem, for example `nfs`, `nfs4`. -- **nfs_mount_options**
- Mount options to use for the NFS mount.
Generic default is `hard,acl`.
Defaults depend on the specific platform detected by the role or defined explicitly. -- **nfs_path**
- When defining an NFS filesystem, this is the directory path of the filesystem to be mounted. -- **nfs_server**
- When defining an NFS filesystem, this is the address of the NFS server.
The address must contain the root path, in which the mount directories exist or will be created.
For example, `192.168.1.100:/`. -- **swap_path**
- The path to the swap file.
When this option is defined for a swap filesystem definition, it will create a swap file on an existing filesystem. - -Example: - -```yaml -sap_storage_setup_definition: - - # Block Storage volume - - name: hana_data # required: string, filesystem name used to generate lvm_lv_name and lvm_vg_name - mountpoint: /hana/data # required: string, directory path where the filesystem is mounted - disk_size: 100 # required: integer, size in GB - filesystem_type: xfs # optional: string, value 'xfs'. Use 'swap' to create swap filesystem - - # File Storage volume - - name: hana_shared # required: string, reference name - mountpoint: /hana/shared # required: string, directory path where the filesystem is mounted - nfs_server: nfs.corp:/ # required: string, server and parent directory of the NFS Server; value default from var sap_storage_setup_nfs_server - - # Swap as file instead of Block Storage volume - # See SAP Note 1597355 - Swap-space recommendation for Linux - - name: swap # required: string, reference name - swap_path: /swapfile # required: string, directory path where swap file is created - disk_size: 4 # required: integer, size in GB of swap file - filesystem_type: swap # required: string, must be value 'swap' -``` - -### sap_storage_setup_host_type required - - -The type of service the target system is going to be configured for.
-This can be a list of multiple types which apply to a single host.
-If not defined, the default will be inherited from the global parameter `sap_host_type`. One of these parameters must be defined.
- -### sap_storage_setup_multipath_enable_and_detect - -- _Type:_ `bool` -- _Default:_ `False` - -Define if multipathing should be enabled and dynamic multipath devices detected and used for the filesystem setup.
- -### sap_storage_setup_sid required - -- _Type:_ `str` - -SID of the SAP service.
-If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
- - +All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_storage_setup/INPUT_PARAMETERS.md) From 9a56b6c2211a878dc45b8db399470c13f9b53f96 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Fri, 27 Sep 2024 16:35:50 +0200 Subject: [PATCH 07/51] First round of adjustments after review --- .../INPUT_PARAMETERS.md | 91 -- roles/sap_anydb_install_oracle/README.md | 98 +- .../INPUT_PARAMETERS.md | 311 ----- roles/sap_general_preconfigure/README.md | 320 ++++- .../INPUT_PARAMETERS.md | 27 - roles/sap_ha_install_anydb_ibmdb2/README.md | 33 +- .../INPUT_PARAMETERS.md | 90 -- roles/sap_ha_install_hana_hsr/README.md | 96 +- .../INPUT_PARAMETERS.md | 1020 ---------------- roles/sap_ha_pacemaker_cluster/README.md | 1029 ++++++++++++++++- roles/sap_hana_install/INPUT_PARAMETERS.md | 59 - roles/sap_hana_install/README.md | 61 +- .../sap_hana_preconfigure/INPUT_PARAMETERS.md | 324 ------ roles/sap_hana_preconfigure/README.md | 320 ++++- roles/sap_hostagent/INPUT_PARAMETERS.md | 130 --- roles/sap_hostagent/README.md | 138 ++- .../INPUT_PARAMETERS.md | 181 --- roles/sap_install_media_detect/README.md | 196 +++- .../INPUT_PARAMETERS.md | 78 -- roles/sap_maintain_etc_hosts/README.md | 86 +- .../INPUT_PARAMETERS.md | 92 -- roles/sap_netweaver_preconfigure/README.md | 89 +- roles/sap_storage_setup/INPUT_PARAMETERS.md | 140 --- roles/sap_storage_setup/README.md | 146 ++- 24 files changed, 2549 insertions(+), 2606 deletions(-) delete mode 100644 roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md delete mode 100644 roles/sap_general_preconfigure/INPUT_PARAMETERS.md delete mode 100644 roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md delete mode 100644 roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md delete mode 100644 roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md delete mode 100644 roles/sap_hana_install/INPUT_PARAMETERS.md delete mode 100644 roles/sap_hana_preconfigure/INPUT_PARAMETERS.md delete mode 100644 roles/sap_hostagent/INPUT_PARAMETERS.md delete mode 100644 roles/sap_install_media_detect/INPUT_PARAMETERS.md delete mode 100644 roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md delete mode 100644 roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md delete mode 100644 roles/sap_storage_setup/INPUT_PARAMETERS.md diff --git a/roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md b/roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md deleted file mode 100644 index 70c6424b..00000000 --- a/roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md +++ /dev/null @@ -1,91 +0,0 @@ -## Input Parameters for sap_anydb_install_oracle Ansible Role - - -### sap_anydb_install_oracle_prep_reboot_ok - -- _Type:_ `bool` -- _Default:_ `True` - -Allows reboot of Managed node after packages are installed during pre-steps tasks. - -### sap_anydb_install_oracle_prep_fail_if_reboot_required - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to fail execution if packages are installed during pre-steps tasks, but you don't want to proceed with reboot. - -### sap_anydb_install_oracle_prep_precheck - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to execute installation in Check mode to verify all inputs. This is extra validation and it does not disable installation. - -### sap_anydb_install_oracle_method - -- _Type:_ `string` -- _Default:_ `minimal` - -Select installation method out of available: `minimal` or `responsefile`. - -### sap_anydb_install_oracle_sid: - -- _Type:_ `string` -- _Default:_ `OR1` - -Enter Oracle Database SID. - -### sap_anydb_install_oracle_base - -- _Type:_ `string` -- _Default:_ `/oracle` - -Enter base folder for Oracle Database installation. - -### sap_anydb_install_oracle_filesystem_storage - -- _Type:_ `string` -- _Default:_ `/oradata` - -Enter path for `oracle.install.db.config.starterdb.fileSystemStorage.dataLocation` - -### sap_anydb_install_oracle_inventory_central - -- _Type:_ `string` -- _Default:_ `/oraInventory` - -Enter path for `INVENTORY_LOCATION` - -### sap_anydb_install_oracle_system_password - -- _Type:_ `string` - -Enter password for Oracle SYSTEM user. - -### sap_anydb_install_oracle_extract_path - -- _Type:_ `string` - -Enter path of Installation media, for example: `/software`. - -### sap_anydb_install_oracle_patch_opatch_zip - -- _Type:_ `string` - -Enter name of Oracle opatch file, for example: `OPATCH19P_2308-70004508.ZIP` - -### sap_anydb_install_oracle_patch_sap_zip - -- _Type:_ `string` - -Enter name of Oracle SAP patch file, for example: `SAP19P_2311-70004508.ZIP` - -### sap_anydb_install_oracle_patch_enable - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to allow post-installation patching. - - \ No newline at end of file diff --git a/roles/sap_anydb_install_oracle/README.md b/roles/sap_anydb_install_oracle/README.md index 027615e3..c7e0cdd2 100644 --- a/roles/sap_anydb_install_oracle/README.md +++ b/roles/sap_anydb_install_oracle/README.md @@ -4,7 +4,7 @@ ## Description -Ansible role `sap_anydb_install_oracle` is used to install Oracle Database 19.x for SAP system. +The Ansible role `sap_anydb_install_oracle` is used to install Oracle Database 19.x for SAP system. @@ -12,8 +12,9 @@ Ansible role `sap_anydb_install_oracle` is used to install Oracle Database 19.x ## Prerequisites -Managed nodes: -- Directory with installation media is present and `sap_anydb_install_oracle_extract_path` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. +Managed Nodes: +- Directory with installation media is present and `sap_anydb_install_oracle_extract_path` updated.
+ Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. ## Execution @@ -67,5 +68,92 @@ Apache 2.0 - [Sean Freeman](https://github.com/sean-freeman) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_anydb_install_oracle/INPUT_PARAMETERS.md) +## Role Variables + +### sap_anydb_install_oracle_prep_reboot_ok + +- _Type:_ `bool` +- _Default:_ `True` + +Allows reboot of Managed node after packages are installed during pre-steps tasks. + +### sap_anydb_install_oracle_prep_fail_if_reboot_required + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to fail execution if packages are installed during pre-steps tasks, but you don't want to proceed with reboot. + +### sap_anydb_install_oracle_prep_precheck + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to execute installation in Check mode to verify all inputs. This is extra validation and it does not disable installation. + +### sap_anydb_install_oracle_method + +- _Type:_ `string` +- _Default:_ `minimal` + +Select installation method out of available: `minimal` or `responsefile`. + +### sap_anydb_install_oracle_sid: + +- _Type:_ `string` +- _Default:_ `OR1` + +Enter Oracle Database SID. + +### sap_anydb_install_oracle_base + +- _Type:_ `string` +- _Default:_ `/oracle` + +Enter base folder for Oracle Database installation. + +### sap_anydb_install_oracle_filesystem_storage + +- _Type:_ `string` +- _Default:_ `/oradata` + +Enter path for `oracle.install.db.config.starterdb.fileSystemStorage.dataLocation` + +### sap_anydb_install_oracle_inventory_central + +- _Type:_ `string` +- _Default:_ `/oraInventory` + +Enter path for `INVENTORY_LOCATION` + +### sap_anydb_install_oracle_system_password + +- _Type:_ `string` + +Enter password for Oracle SYSTEM user. + +### sap_anydb_install_oracle_extract_path + +- _Type:_ `string` + +Enter path of Installation media, for example: `/software`. + +### sap_anydb_install_oracle_patch_opatch_zip + +- _Type:_ `string` + +Enter name of Oracle opatch file, for example: `OPATCH19P_2308-70004508.ZIP` + +### sap_anydb_install_oracle_patch_sap_zip + +- _Type:_ `string` + +Enter name of Oracle SAP patch file, for example: `SAP19P_2311-70004508.ZIP` + +### sap_anydb_install_oracle_patch_enable + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to allow post-installation patching. + \ No newline at end of file diff --git a/roles/sap_general_preconfigure/INPUT_PARAMETERS.md b/roles/sap_general_preconfigure/INPUT_PARAMETERS.md deleted file mode 100644 index 36468323..00000000 --- a/roles/sap_general_preconfigure/INPUT_PARAMETERS.md +++ /dev/null @@ -1,311 +0,0 @@ -## Input Parameters for sap_general_preconfigure Ansible Role - -#### Minimum required parameters: - -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_general_preconfigure_config_all -- _Type:_ `bool` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_general_preconfigure_installation -- _Type:_ `bool` - -If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_general_preconfigure_configuration -- _Type:_ `bool` - -If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
- -Example: - -```yaml -sap_general_preconfigure_config_all: false -sap_general_preconfigure_configuration: true -sap_general_preconfigure_2002167_02: true -sap_general_preconfigure_1391070: true -``` - -### sap_general_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_general_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_general_preconfigure_system_roles_collection -- _Type:_ `str` -- _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` - -Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
- -### sap_general_preconfigure_enable_repos -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want the role to enable the repos as configured by the following repo related parameters.
-The default is `false`, meaning that the role will not enable repos.
- -### sap_general_preconfigure_use_netweaver_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the SAP NetWeaver repo(s).
-The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_use_hana_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the SAP HANA repo(s).
-The default is `true`, meaning that the role will enable the SAP HANA repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_use_ha_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not enable the high availability repo(s).
-The default is `true`, meaning that the role will enable the high availability repo(s).
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_disable_all_other_repos -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above.
-The default is `true`, meaning that the role will disable all repos before enabling the desired ones.
-Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
- -### sap_general_preconfigure_req_repos -- _Type:_ `list` with elements of type `str` - -If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly.
-Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically
-(e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4).
- -Example: - -```yaml -sap_general_preconfigure_req_repos: -- rhel-8-for-x86_64-baseos-eus-rpms -- rhel-8-for-x86_64-appstream-eus-rpms -- rhel-8-for-x86_64-sap-solutions-eus-rpms -- rhel-8-for-x86_64-sap-netweaver-eus-rpms -- rhel-8-for-x86_64-highavailability-eus-rpms -``` - -### sap_general_preconfigure_set_minor_release -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`.
-If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos.
- -### sap_general_preconfigure_packagegroups -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -The name of the software package group to install.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -'@minimal-environment' -``` - -### sap_general_preconfigure_envgroups -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -The name of the software environment group to check.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -'@minimal-environment' -``` - -### sap_general_preconfigure_packages -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -The list of packages to install.
-The default for this variable is set in the vars file which corresponds to the detected OS version.
- -### sap_general_preconfigure_min_package_check -- _Type:_ `bool` -- _Default:_ `true` - -The default is to install or check if the minimum package versions are installed as defined in the vars files.
-Set to `false` if you do not install or check these minimum package versions.
- -### sap_general_preconfigure_install_ibm_power_tools -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
-See also SAP note 2679703.
- -### sap_general_preconfigure_add_ibm_power_repo -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
-are already available on the local network). The IBM Power Systems service and productivity tools will only
-be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
- -### sap_general_preconfigure_ibm_power_repo_url -- _Type:_ `str` -- _Default:_ `'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm'` - -URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools
- -### sap_general_preconfigure_update -- _Type:_ `bool` -- _Default:_ `false` - -By default, the role will not update the system, for avoiding an unintentional minor OS release update.
-Set this parameter to `true` if you want to update your system to the latest package versions.
-When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of
-those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`.
- -### sap_general_preconfigure_reboot_ok -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want to perform a reboot at the end of the role, if necessary.
- -### sap_general_preconfigure_fail_if_reboot_required -- _Type:_ `bool` -- _Default:_ `true` - -If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
-remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
-Can be useful if you want to implement your own reboot handling.
- -### sap_general_preconfigure_selinux_state -- _Type:_ `str` -- _Default:_ `'permissive'` -- _Possible Values:_
- - `enforcing` - - `permissive` - - `disabled` - -One of the SELinux states to be set on the system.
- -### sap_general_preconfigure_create_directories -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the SAP directories to be created by the role.
-The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels`
-(see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set.
- -### sap_general_preconfigure_sap_directories -- _Type:_ `list` with elements of type `str` -- _Default:_ - - /usr/sap - -List of SAP directories to be created.
- -### sap_general_preconfigure_modify_selinux_labels -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want to modify the SELinux labels for the SAP directories set
-in variable `sap_general_preconfigure_sap_directories`.
- -### sap_general_preconfigure_size_of_tmpfs_gb -- _Type:_ `str` -- _Default:_ `"{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}"` - -The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735.
- -### sap_general_preconfigure_modify_etc_hosts -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the role to modify the `/etc/hosts` file.
- -### sap_general_preconfigure_etc_sysctl_sap_conf -- _Type:_ `str` -- _Default:_ `'/etc/sysctl.d/sap.conf'` - -The file name of the sysctl config file to be used
- -### sap_general_preconfigure_kernel_parameters -- _Type:_ `list` with elements of type `dict` -- _Default:_ (set by platform/environment specific variables) - -The Linux kernel parameters to use. By default, these are taken from the vars file.
-The default for this parameter is set in the vars file which corresponds to the detected OS version.
- -Example: - -```yaml -sap_general_preconfigure_kernel_parameters: -- name: vm.max_map_count - value: '2147483647' -- name: fs.aio-max-nr - value: '18446744073709551615' -``` - -### sap_general_preconfigure_max_hostname_length -- _Type:_ `str` -- _Default:_ `'13'` - -The maximum length of the hostname. See SAP note 611361.
- -### sap_hostname -- _Type:_ `str` -- _Default:_ `"{{ ansible_hostname }}"` - -The hostname to be used for updating or checking `/etc/hosts` entries.
- -### sap_domain -- _Type:_ `str` -- _Default:_ `"{{ ansible_domain }}"` - -The DNS domain name to be used for updating or checking `/etc/hosts` entries.
- -### sap_ip -- _Type:_ `str` -- _Default:_ `"{{ ansible_default_ipv4.address }}"` - -The IPV4 address to be used for updating or checking `/etc/hosts` entries.
- -### sap_general_preconfigure_db_group_name -- _Type:_ `str` - -Use this variable to specify the name of the RHEL group which is used for the database processes.
-If defined, it will be used to configure process limits as per step
-Configuring Process Resource Limits
- -Example: - -```yaml -sap_general_preconfigure_db_group_name: dba -``` - \ No newline at end of file diff --git a/roles/sap_general_preconfigure/README.md b/roles/sap_general_preconfigure/README.md index d2e05c7b..3511e61e 100644 --- a/roles/sap_general_preconfigure/README.md +++ b/roles/sap_general_preconfigure/README.md @@ -5,11 +5,9 @@ ## Description -Ansible Role `sap_general_preconfigure` is used to ensure that Managed nodes are configured to host SAP systems according to SAP Notes. +The Ansible role `sap_general_preconfigure` installs required packages and performs basic OS configuration steps according to applicable SAP notes for installing and running SAP HANA or SAP ABAP Application Platform (formerly known as SAP NetWeaver). -This role performs installation of required packages for running SAP systems and configuration of Operating system parameters. - -This is general preconfigure role that used for both SAP Netweaver and SAP HANA, which have separate follow-up roles [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) and [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure). +Specific installation and configuration steps then have to be performed with the roles [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) and [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure). @@ -28,7 +26,6 @@ Install required collections by `ansible-galaxy install -vv -r meta/collection-r ## Prerequisites (Red Hat specific) Ensure system is installed according to: -- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section `Installing Red Hat Enterprise Linux 7`. - RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 8`. - RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 9`. @@ -37,8 +34,6 @@ Install required collections by `ansible-galaxy install -vv -r meta/collection-r ## Execution **:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** - -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. @@ -117,8 +112,9 @@ With the following tags, the role can be called to perform certain activities on - +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ## License @@ -131,9 +127,8 @@ Apache 2.0 - [Bernd Finger](https://github.com/berndfinger) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_general_preconfigure/INPUT_PARAMETERS.md) - +## Role Variables + ### Controlling execution with input parameters Extended Check (assert) run, aborting for any error which has been found: ```yaml @@ -144,3 +139,306 @@ Extended Check (assert) run, not aborting even if an error has been found: ```yaml ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes,sap_general_preconfigure_assert_ignore_errors: no}" ``` + +### sap_general_preconfigure_config_all +- _Type:_ `bool` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_general_preconfigure_installation +- _Type:_ `bool` + +If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_general_preconfigure_configuration +- _Type:_ `bool` + +If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
+ +Example: + +```yaml +sap_general_preconfigure_config_all: false +sap_general_preconfigure_configuration: true +sap_general_preconfigure_2002167_02: true +sap_general_preconfigure_1391070: true +``` + +### sap_general_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_general_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_general_preconfigure_system_roles_collection +- _Type:_ `str` +- _Default:_ `'fedora.linux_system_roles'` + +Set which Ansible Collection to use for the Linux System Roles.
+Available values: +- `fedora.linux_system_roles` - for community/upstream.
+- `redhat.rhel_system_roles` - for the RHEL System Roles for SAP, or for Red Hat Automation Hub.
+ +### sap_general_preconfigure_enable_repos +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want the role to enable the repos as configured by the following repo related parameters.
+The default is `false`, meaning that the role will not enable repos.
+ +### sap_general_preconfigure_use_netweaver_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the SAP NetWeaver repo(s).
+The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_use_hana_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the SAP HANA repo(s).
+The default is `true`, meaning that the role will enable the SAP HANA repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_use_ha_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not enable the high availability repo(s).
+The default is `true`, meaning that the role will enable the high availability repo(s).
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_disable_all_other_repos +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above.
+The default is `true`, meaning that the role will disable all repos before enabling the desired ones.
+Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
+ +### sap_general_preconfigure_req_repos +- _Type:_ `list` with elements of type `str` + +If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly.
+Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically
+(e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4).
+ +Example: + +```yaml +sap_general_preconfigure_req_repos: +- rhel-8-for-x86_64-baseos-eus-rpms +- rhel-8-for-x86_64-appstream-eus-rpms +- rhel-8-for-x86_64-sap-solutions-eus-rpms +- rhel-8-for-x86_64-sap-netweaver-eus-rpms +- rhel-8-for-x86_64-highavailability-eus-rpms +``` + +### sap_general_preconfigure_set_minor_release +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`.
+If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos.
+ +### sap_general_preconfigure_packagegroups +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +The name of the software package group to install.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +'@minimal-environment' +``` + +### sap_general_preconfigure_envgroups +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +The name of the software environment group to check.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +'@minimal-environment' +``` + +### sap_general_preconfigure_packages +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +The list of packages to install.
+The default for this variable is set in the vars file which corresponds to the detected OS version.
+ +### sap_general_preconfigure_min_package_check +- _Type:_ `bool` +- _Default:_ `true` + +The default is to install or check if the minimum package versions are installed as defined in the vars files.
+Set to `false` if you do not install or check these minimum package versions.
+ +### sap_general_preconfigure_install_ibm_power_tools +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
+See also SAP note 2679703.
+ +### sap_general_preconfigure_add_ibm_power_repo +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
+are already available on the local network). The IBM Power Systems service and productivity tools will only
+be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
+ +### sap_general_preconfigure_ibm_power_repo_url +- _Type:_ `str` +- _Default:_ `'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm'` + +URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools
+ +### sap_general_preconfigure_update +- _Type:_ `bool` +- _Default:_ `false` + +By default, the role will not update the system, for avoiding an unintentional minor OS release update.
+Set this parameter to `true` if you want to update your system to the latest package versions.
+When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of
+those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`.
+ +### sap_general_preconfigure_reboot_ok +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want to perform a reboot at the end of the role, if necessary.
+ +### sap_general_preconfigure_fail_if_reboot_required +- _Type:_ `bool` +- _Default:_ `true` + +If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
+remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
+Can be useful if you want to implement your own reboot handling.
+ +### sap_general_preconfigure_selinux_state +- _Type:_ `str` +- _Default:_ `'permissive'` +- _Possible Values:_
+ - `enforcing` + - `permissive` + - `disabled` + +One of the SELinux states to be set on the system.
+ +### sap_general_preconfigure_create_directories +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the SAP directories to be created by the role.
+The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels`
+(see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set.
+ +### sap_general_preconfigure_sap_directories +- _Type:_ `list` with elements of type `str` +- _Default:_ + - /usr/sap + +List of SAP directories to be created.
+ +### sap_general_preconfigure_modify_selinux_labels +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want to modify the SELinux labels for the SAP directories set
+in variable `sap_general_preconfigure_sap_directories`.
+ +### sap_general_preconfigure_size_of_tmpfs_gb +- _Type:_ `str` +- _Default:_ `"{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}"` + +The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735.
+ +### sap_general_preconfigure_modify_etc_hosts +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the role to modify the `/etc/hosts` file.
+ +### sap_general_preconfigure_etc_sysctl_sap_conf +- _Type:_ `str` +- _Default:_ `'/etc/sysctl.d/sap.conf'` + +The file name of the sysctl config file to be used
+ +### sap_general_preconfigure_kernel_parameters +- _Type:_ `list` with elements of type `dict` +- _Default:_ (set by platform/environment specific variables) + +The Linux kernel parameters to use. By default, these are taken from the vars file.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ +Example: + +```yaml +sap_general_preconfigure_kernel_parameters: +- name: vm.max_map_count + value: '2147483647' +- name: fs.aio-max-nr + value: '18446744073709551615' +``` + +### sap_general_preconfigure_max_hostname_length +- _Type:_ `str` +- _Default:_ `'13'` + +The maximum length of the hostname. See SAP note 611361.
+ +### sap_hostname +- _Type:_ `str` +- _Default:_ `"{{ ansible_hostname }}"` + +The hostname to be used for updating or checking `/etc/hosts` entries.
+ +### sap_domain +- _Type:_ `str` +- _Default:_ `"{{ ansible_domain }}"` + +The DNS domain name to be used for updating or checking `/etc/hosts` entries.
+ +### sap_ip +- _Type:_ `str` +- _Default:_ `"{{ ansible_default_ipv4.address }}"` + +The IPV4 address to be used for updating or checking `/etc/hosts` entries.
+ +### sap_general_preconfigure_db_group_name +- _Type:_ `str` + +Use this variable to specify the name of the RHEL group which is used for the database processes.
+If defined, it will be used to configure process limits as per step
+Configuring Process Resource Limits
+ +Example: + +```yaml +sap_general_preconfigure_db_group_name: dba +``` + \ No newline at end of file diff --git a/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md b/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md deleted file mode 100644 index 7bc555e1..00000000 --- a/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md +++ /dev/null @@ -1,27 +0,0 @@ -## Input Parameters for sap_ha_install_anydb_ibmdb2 Ansible Role - -### sap_ha_install_anydb_ibmdb2_hostname_primary - -- _Type:_ `string` - -Enter IBM Db2 Primary node hostname - - -### sap_ha_install_anydb_ibmdb2_hostname_secondary - -- _Type:_ `string` - -Enter IBM Db2 Secondary node hostname - -### sap_ha_install_anydb_ibmdb2_sid - -- _Type:_ `string` - -Enter IBM Db2 System ID - -### sap_ha_install_anydb_ibmdb2_software_directory - -- _Type:_ `string` - -Enter IBM Db2 installation media path - \ No newline at end of file diff --git a/roles/sap_ha_install_anydb_ibmdb2/README.md b/roles/sap_ha_install_anydb_ibmdb2/README.md index a87751e6..92e604b0 100644 --- a/roles/sap_ha_install_anydb_ibmdb2/README.md +++ b/roles/sap_ha_install_anydb_ibmdb2/README.md @@ -5,9 +5,9 @@ ## Description -Ansible Role for instantiation of IBM Db2 'Integrated Linux Pacemaker' HADR cluster +The Ansible Role for instantiation of IBM Db2 'Integrated Linux Pacemaker' HADR cluster. -Note: IBM Db2 with 'Integrated Linux Pacemaker' can use two deployment models: +**NOTE:** IBM Db2 with 'Integrated Linux Pacemaker' can use two deployment models: - Mutual Failover option, **not** covered by this Ansible Role - High Availability and Disaster Recovery (HADR) option for Idle Standby, initialized by this Ansible Role @@ -82,5 +82,30 @@ Apache 2.0 - [Sean Freeman](https://github.com/sean-freeman) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_ha_install_anydb_ibmdb2/INPUT_PARAMETERS.md) +## Role Variables + +### sap_ha_install_anydb_ibmdb2_hostname_primary + +- _Type:_ `string` + +Enter IBM Db2 Primary node hostname + + +### sap_ha_install_anydb_ibmdb2_hostname_secondary + +- _Type:_ `string` + +Enter IBM Db2 Secondary node hostname + +### sap_ha_install_anydb_ibmdb2_sid + +- _Type:_ `string` + +Enter IBM Db2 System ID + +### sap_ha_install_anydb_ibmdb2_software_directory + +- _Type:_ `string` + +Enter IBM Db2 installation media path + \ No newline at end of file diff --git a/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md b/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md deleted file mode 100644 index a9bab4b2..00000000 --- a/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md +++ /dev/null @@ -1,90 +0,0 @@ -## Input Parameters for sap_ha_pacemaker_cluster Ansible Role - - -### sap_ha_install_hana_hsr_sid - -- _Type:_ `string` -- _Default:_ `{{ sap_hana_sid }}` - -Enter SID of SAP HANA database. - -### sap_ha_install_hana_hsr_instance_number - -- _Type:_ `string` -- _Default:_ `{{ sap_hana_instance_number }}` - -Enter string value of SAP HANA SID. - -### sap_ha_install_hana_hsr_cluster_nodes - -- _Type:_ `list` -- _Default:_ `{{ sap_hana_cluster_nodes }}` - -List of cluster nodes and associated attributes to describe the target SAP HA environment.
-This is required for the HANA System Replication configuration.
- -- **hana_site**
- Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). -- **node_ip**
- IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ -- **node_name**
- Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ -- **node_role**
- Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ - -Example: - -```yaml -sap_ha_install_hana_hsr_cluster_nodes: - - node_name: node1 - node_ip: 192.168.1.11 - node_role: primary - hana_site: DC01 - - - node_name: node2 - node_ip: 192.168.1.12 - node_role: secondary - hana_site: DC02 -``` - -### sap_ha_install_hana_hsr_hdbuserstore_system_backup_user - -- _Type:_ `string` -- _Default:_ `HDB_SYSTEMDB` - -Enter name of SYSTEM user for backup execution. - -### sap_ha_install_hana_hsr_db_system_password - -- _Type:_ `string` -- _Default:_ `{{ sap_hana_install_master_password }}` - -Enter password of SYSTEM user for backup execution. - -### sap_ha_install_hana_hsr_fqdn - -- _Type:_ `string` -- _Default:_ {{ sap_domain }} - -Enter domain of SAP system, for example `example.com`. - -### sap_ha_install_hana_hsr_rep_mode - -- _Type:_ `string` -- _Default:_ `sync` - -Enter SAP HANA System Replication mode. - -### sap_ha_install_hana_hsr_oper_mode - -- _Type:_ `string` -- _Default:_ `logreplay` - -Enter SAP HANA System Replication operation mode. - -### sap_ha_install_hana_hsr_update_etchosts -- _Type:_ `bool` -- _Default:_ `True` - -Enable to update /etc/hosts file. - \ No newline at end of file diff --git a/roles/sap_ha_install_hana_hsr/README.md b/roles/sap_ha_install_hana_hsr/README.md index e16b11b8..9d2a1ae2 100644 --- a/roles/sap_ha_install_hana_hsr/README.md +++ b/roles/sap_ha_install_hana_hsr/README.md @@ -5,7 +5,7 @@ ## Description -Ansible Role `sap_ha_install_hana_hsr` is used to configure and enable SAP HANA System Replication between 2 nodes. +The Ansible Role `sap_ha_install_hana_hsr` is used to configure and enable SAP HANA System Replication between 2 nodes. @@ -20,7 +20,6 @@ Managed nodes: ## Execution -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. @@ -77,6 +76,8 @@ It is recommended to execute this role together with other roles in this collect +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ## License @@ -89,5 +90,92 @@ Apache 2.0 - [Janine Fuchs](https://github.com/ja9fuchs) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_ha_install_hana_hsr/INPUT_PARAMETERS.md) +## Role Variables + +### sap_ha_install_hana_hsr_sid + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_sid }}` + +Enter SID of SAP HANA database. + +### sap_ha_install_hana_hsr_instance_number + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_instance_number }}` + +Enter string value of SAP HANA SID. + +### sap_ha_install_hana_hsr_cluster_nodes + +- _Type:_ `list` +- _Default:_ `{{ sap_hana_cluster_nodes }}` + +List of cluster nodes and associated attributes to describe the target SAP HA environment.
+This is required for the HANA System Replication configuration.
+ +- **hana_site**
+ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). +- **node_ip**
+ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ +- **node_name**
+ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ +- **node_role**
+ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ + +Example: + +```yaml +sap_ha_install_hana_hsr_cluster_nodes: + - node_name: node1 + node_ip: 192.168.1.11 + node_role: primary + hana_site: DC01 + + - node_name: node2 + node_ip: 192.168.1.12 + node_role: secondary + hana_site: DC02 +``` + +### sap_ha_install_hana_hsr_hdbuserstore_system_backup_user + +- _Type:_ `string` +- _Default:_ `HDB_SYSTEMDB` + +Enter name of SYSTEM user for backup execution. + +### sap_ha_install_hana_hsr_db_system_password + +- _Type:_ `string` +- _Default:_ `{{ sap_hana_install_master_password }}` + +Enter password of SYSTEM user for backup execution. + +### sap_ha_install_hana_hsr_fqdn + +- _Type:_ `string` +- _Default:_ {{ sap_domain }} + +Enter domain of SAP system, for example `example.com`. + +### sap_ha_install_hana_hsr_rep_mode + +- _Type:_ `string` +- _Default:_ `sync` + +Enter SAP HANA System Replication mode. + +### sap_ha_install_hana_hsr_oper_mode + +- _Type:_ `string` +- _Default:_ `logreplay` + +Enter SAP HANA System Replication operation mode. + +### sap_ha_install_hana_hsr_update_etchosts +- _Type:_ `bool` +- _Default:_ `True` + +Enable to update /etc/hosts file. + \ No newline at end of file diff --git a/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md b/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md deleted file mode 100644 index 564cb3cf..00000000 --- a/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md +++ /dev/null @@ -1,1020 +0,0 @@ -## Input Parameters for sap_ha_pacemaker_cluster Ansible Role - -Minimum required parameters for all clusters: - -- [sap_ha_pacemaker_cluster_hacluster_user_password](#sap_ha_pacemaker_cluster_hacluster_user_password) - -Additional minimum requirements depend on the type of cluster setup and on the target platform. - -### sap_ha_pacemaker_cluster_hacluster_user_password - -- _Type:_ `string` - -**Mandatory Input Parameter.**
-The password of the `hacluster` user which is created during pacemaker installation.
-Inherits the value of `ha_cluster_hacluster_password`, when defined.
- - -### sap_ha_pacemaker_cluster_aws_access_key_id - -- _Type:_ `string` - -AWS access key to allow control of instances (for example for fencing operations).
-Mandatory for the cluster nodes setup on AWS EC2 instances, when:
-1. IAM Role or Instance profile is not attached to EC2 instance.
-2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
- -### sap_ha_pacemaker_cluster_aws_credentials_setup - -- _Type:_ `string` - -Set this parameter to 'true' to store AWS credentials into /root/.aws/credentials.
-Requires: `sap_ha_pacemaker_cluster_aws_access_key_id` and `sap_ha_pacemaker_cluster_aws_secret_access_key`
-Mandatory for the cluster nodes setup on AWS EC2 instances, when:
-1. IAM Role or Instance profile is not attached to EC2 instance.
- -### sap_ha_pacemaker_cluster_aws_region - -- _Type:_ `string` - -The AWS region in which the instances to be used for the cluster setup are located.
-Mandatory for cluster nodes setup on AWS EC2 instances.
- -### sap_ha_pacemaker_cluster_aws_secret_access_key - -- _Type:_ `string` - -AWS secret key, paired with the access key for instance control.
-Mandatory for the cluster nodes setup on AWS EC2 instances, when:
-1. IAM Role or Instance profile is not attached to EC2 instance.
-2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
- -### sap_ha_pacemaker_cluster_aws_vip_update_rt - -- _Type:_ `string` - -List one more routing table IDs for managing Virtual IP failover through routing table changes.
-Multiple routing tables must be defined as a comma-separated string (no spaces).
-Mandatory for the VIP resource configuration in AWS EC2 environments.
- -### sap_ha_pacemaker_cluster_cluster_name - -- _Type:_ `string` - -The name of the pacemaker cluster.
-Inherits the `ha_cluster` LSR native parameter `ha_cluster_cluster_name` if not defined.
-If not defined, the `ha_cluster` Linux System Role default will be used.
- -### sap_ha_pacemaker_cluster_cluster_nodes - -- _Type:_ `list` - -List of cluster nodes and associated attributes to describe the target SAP HA environment.
-This is required for the HANA System Replication configuration.
-Synonym for this parameter is `sap_hana_cluster_nodes`.
-Mandatory to be defined for HANA clusters.
- -- **hana_site**
- Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). -- **node_ip**
- IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ -- **node_name**
- Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ -- **node_role**
- Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ - -Example: - -```yaml -sap_ha_pacemaker_cluster_cluster_nodes: -- hana_site: DC01 - node_ip: 192.168.5.1 - node_name: nodeA - node_role: primary -- hana_site: DC02 -``` - -### sap_ha_pacemaker_cluster_cluster_properties - -- _Type:_ `dict` -- _Default:_ `{'concurrent-fencing': True, 'stonith-enabled': True, 'stonith-timeout': 900}` - -Standard pacemaker cluster properties are configured with recommended settings for cluster node fencing.
-When no STONITH resource is defined, STONITH will be disabled and a warning displayed.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_cluster_properties: - concurrent-fencing: true - stonith-enabled: true - stonith-timeout: 900 -``` - -### sap_ha_pacemaker_cluster_create_config_dest - -- _Type:_ `string` -- _Default:_ `review_resource_config.yml` - -The pacemaker cluster resource configuration optionally created by this role will be saved in a Yaml file in the current working directory.
-Requires `sap_ha_pacemaker_cluster_create_config_varfile` to be enabled for generating the output file.
-Specify a path/filename to save the file in a custom location.
-The file can be used as input vars file for an Ansible playbook running the 'ha_cluster' Linux System Role.
- -### sap_ha_pacemaker_cluster_create_config_varfile - -- _Type:_ `bool` -- _Default:_ `False` - -When enabled, all cluster configuration parameters this role constructs for executing the 'ha_cluster' Linux System role will be written into a file in Yaml format.
-This allows using the output file later as input file for additional custom steps using the 'ha_cluster' role and covering the resource configuration in a cluster that was set up using this 'sap_ha_pacemaker_cluster' role.
-When enabled this parameters file is also created when the playbook is run in check_mode (`--check`) and can be used to review the configuration parameters without executing actual changes on the target nodes.
-WARNING! This report may include sensitive details like secrets required for certain cluster resources!
- -### sap_ha_pacemaker_cluster_enable_cluster_connector - -- _Type:_ `bool` -- _Default:_ `True` - -Enables/Disables the SAP HA Interface for SAP ABAP application server instances, also known as `sap_cluster_connector`.
-Set this parameter to 'false' if the SAP HA interface should not be installed and configured.
- -### sap_ha_pacemaker_cluster_extra_packages - -- _Type:_ `list` - -Additional extra packages to be installed, for instance specific resource packages.
-For SAP clusters configured by this role, the relevant standard packages for the target scenario are automatically included.
- -### sap_ha_pacemaker_cluster_fence_agent_packages - -- _Type:_ `list` - -Additional fence agent packages to be installed.
-This is automatically combined with default packages in:
-`__sap_ha_pacemaker_cluster_fence_agent_packages_minimal`
-`__sap_ha_pacemaker_cluster_fence_agent_packages_platform`
- -### sap_ha_pacemaker_cluster_gcp_project - -- _Type:_ `string` - -Google Cloud project name in which the target instances are installed.
-Mandatory for the cluster setup on GCP instances.
- -### sap_ha_pacemaker_cluster_gcp_region_zone - -- _Type:_ `string` - -Google Cloud Platform region zone ID.
-Mandatory for the cluster setup on GCP instances.
- -### sap_ha_pacemaker_cluster_ha_cluster - -- _Type:_ `dict` - -The `ha_cluster` LSR native parameter `ha_cluster` can be used as a synonym.
-Optional _**host_vars**_ parameter - if defined it must be set for each node.
-Dictionary that can contain various node options for the pacemaker cluster configuration.
-Supported options can be reviewed in the `ha_cluster` Linux System Role [https://github.com/linux-system-roles/ha_cluster/blob/master/README.md].
-If not defined, the `ha_cluster` Linux System Role default will be used.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_ha_cluster: - corosync_addresses: - - 192.168.1.10 - - 192.168.2.10 - node_name: nodeA -``` - -### sap_ha_pacemaker_cluster_hana_automated_register - -- _Type:_ `bool` -- _Default:_ `True` - -Parameter for the 'SAPHana' cluster resource.
-Define if a former primary should be re-registered automatically as secondary.
- -### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name - -- _Type:_ `string` -- _Default:_ `col_saphana_vip__HDB_primary` - -Customize the cluster constraint name for VIP and SAPHana primary clone colocation.
- -### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name - -- _Type:_ `string` -- _Default:_ `col_saphana_vip__HDB_readonly` - -Customize the cluster constraint name for VIP and SAPHana secondary clone colocation.
- -### sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout - -- _Type:_ `int` -- _Default:_ `7200` - -Parameter for the 'SAPHana' cluster resource.
-Time difference needed between to primary time stamps, if a dual-primary situation occurs.
-If the time difference is less than the time gap, then the cluster holds one or both instances in a "WAITING" status.
-This is to give an admin a chance to react on a failover. A failed former primary will be registered after the time difference is passed.
- -### sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaFil__HDB` - -Customize the cluster resource name of the SAP HANA Filesystem clone.
- -### sap_ha_pacemaker_cluster_hana_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaFil__HDB` - -Customize the cluster resource name of the SAP HANA Filesystem.
- -### sap_ha_pacemaker_cluster_hana_global_ini_path - -- _Type:_ `string` -- _Default:_ `/usr/sap//SYS/global/hdb/custom/config/global.ini` - -Path with location of global.ini for srHook update
- -### sap_ha_pacemaker_cluster_hana_hook_chksrv - -- _Type:_ `bool` -- _Default:_ `False` - -Controls if ChkSrv srHook is enabled during srHook creation.
-It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
- -### sap_ha_pacemaker_cluster_hana_hook_tkover - -- _Type:_ `bool` -- _Default:_ `False` - -Controls if TkOver srHook is enabled during srHook creation.
-It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
- -### sap_ha_pacemaker_cluster_hana_hooks - -- _Type:_ `list` -- _Default:_ `[]` - -Customize required list of SAP HANA Hooks
-Mandatory to include SAPHanaSR srHook in list.
-Mandatory attributes are provider and path.
-Example below shows mandatory SAPHanaSR, TkOver and ChkSrv hooks.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_hana_hooks: -- options: - - name: execution_order - value: 1 - path: /usr/share/SAPHanaSR/ - provider: SAPHanaSR -- options: - - name: execution_order - value: 2 - path: /usr/share/SAPHanaSR/ - provider: susTkOver -- options: - - name: execution_order - value: 3 - - name: action_on_lost - value: stop - path: /usr/share/SAPHanaSR/ - provider: susChkSrv -``` - -### sap_ha_pacemaker_cluster_hana_instance_nr - -- _Type:_ `string` - -The instance number of the SAP HANA database which this role will configure in the cluster.
-Inherits the value of `sap_hana_instance_number`, when defined.
-Mandatory for SAP HANA cluster setups.
- -### sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_vip__HDB_primary` - -Customize the cluster constraint name for VIP and SAPHana primary clone order.
- -### sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_vip__HDB_readonly` - -Customize the cluster constraint name for VIP and SAPHana secondary clone order.
- -### sap_ha_pacemaker_cluster_hana_order_topology_hana_name - -- _Type:_ `string` -- _Default:_ `ord_saphana_saphanatop__HDB` - -Customize the cluster constraint name for SAPHana and Topology order.
- -### sap_ha_pacemaker_cluster_hana_prefer_site_takeover - -- _Type:_ `bool` -- _Default:_ `True` - -Parameter for the 'SAPHana' cluster resource.
-Set to "false" if the cluster should first attempt to restart the instance on the same node.
-When set to "true" (default) a failover to secondary will be initiated on resource failure.
- -### sap_ha_pacemaker_cluster_hana_resource_clone_msl_name - -- _Type:_ `string` -- _Default:_ `msl_SAPHana__HDB` - -Customize the cluster resource name of the SAP HANA DB resource master slave clone.
-Master Slave clone is specific to Classic SAPHana resource on SUSE (non-angi).
- -### sap_ha_pacemaker_cluster_hana_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHana__HDB` - -Customize the cluster resource name of the SAP HANA DB resource clone.
- -### sap_ha_pacemaker_cluster_hana_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHana__HDB` - -Customize the cluster resource name of the SAP HANA DB resource.
- -### sap_ha_pacemaker_cluster_hana_sid - -- _Type:_ `string` - -The SAP HANA SID of the instance that will be configured in the cluster.
-The SID must follow SAP specifications - see SAP Note 1979280.
-Inherits the value of `sap_hana_sid`, when defined.
-Mandatory for SAP HANA cluster setups.
- -### sap_ha_pacemaker_cluster_hana_topology_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaTop__HDB` - -Customize the cluster resource name of the SAP HANA Topology resource clone.
- -### sap_ha_pacemaker_cluster_hana_topology_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaTop__HDB` - -Customize the cluster resource name of the SAP HANA Topology resource.
- -### sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_SAPHanaCon__HDB` - -Customize the cluster resource name of the SAP HANA Controller clone.
- -### sap_ha_pacemaker_cluster_hanacontroller_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPHanaCon__HDB` - -Customize the cluster resource name of the SAP HANA Controller.
- -### sap_ha_pacemaker_cluster_host_type - -- _Type:_ `list` -- _Default:_ `hana_scaleup_perf` - -The SAP landscape to for which the cluster is to be configured.
-The default is a 2-node SAP HANA scale-up cluster.
- -### sap_ha_pacemaker_cluster_ibmcloud_api_key - -- _Type:_ `string` - -The API key which is required to allow the control of instances (for example for fencing operations).
-Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
- -### sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type - -- _Type:_ `string` - -IBM Power Virtual Server API Endpoint type (public or private) dependent on network interface attachments for the target instances.
-Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
- -### sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url - -- _Type:_ `string` - -IBM Power Virtual Server forward proxy url when IBM Power Virtual Server API Endpoint type is set to private.
-When public network interface, can be ignored.
-When private network interface, mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
- -### sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn - -- _Type:_ `string` - -IBM Power Virtual Server Workspace service cloud resource name (CRN) identifier which contains the target instances
-Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
- -### sap_ha_pacemaker_cluster_ibmcloud_region - -- _Type:_ `string` - -The IBM Cloud VS region name in which the instances are running.
-Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
- -### sap_ha_pacemaker_cluster_msazure_resource_group - -- _Type:_ `string` - -Resource group name/ID in which the target instances are defined.
-Mandatory for the cluster setup on MS Azure instances.
- -### sap_ha_pacemaker_cluster_msazure_subscription_id - -- _Type:_ `string` - -Subscription ID of the MS Azure environment containing the target instances.
-Mandatory for the cluster setup on MS Azure instances.
- -### sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP AAS instance.
-Mandatory for NetWeaver AAS cluster configuration.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 - -- _Type:_ `bool` -- _Default:_ `False` - -The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2.
-Set this parameter to 'true' to configure it as ENSA1.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount - -- _Type:_ `bool` -- _Default:_ `True` - -Enables preferred method for ASCS ERS ENSA2 clusters - Simple Mount
-Set this parameter to 'true' to configure ENSA2 Simple Mount.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__ASCS` - -Name of the filesystem resource for the ASCS instance.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness - -- _Type:_ `string` -- _Default:_ `3000` - -NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node it was started on.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP ASCS instance.
-Mandatory for NetWeaver ASCS/ERS cluster configuration.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool - -- _Type:_ `bool` -- _Default:_ `False` - -NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER".
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout - -- _Type:_ `string` -- _Default:_ `60` - -NetWeaver ASCS instance failure-timeout attribute.
-Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold - -- _Type:_ `string` -- _Default:_ `1` - -NetWeaver ASCS instance migration-threshold setting attribute.
-Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name - -- _Type:_ `string` - -The name of the ASCS instance, typically the profile name.
-Mandatory for the NetWeaver ASCS/ERS cluster setup
-Recommended format _ASCS_.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPInstance__ASCS` - -Name of the ASCS instance resource.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness - -- _Type:_ `string` -- _Default:_ `5000` - -NetWeaver ASCS instance resource stickiness attribute.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string - -- _Type:_ `string` - -The full path and name of the ASCS instance profile.
-Mandatory for the NetWeaver ASCS/ERS cluster setup.
- -### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPStartSrv__ASCS` - -Name of the ASCS SAPStartSrv resource for simple mount.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__ERS` - -Name of the filesystem resource for the ERS instance.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP ERS instance.
-Mandatory for NetWeaver ASCS/ERS cluster configuration.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool - -- _Type:_ `bool` -- _Default:_ `False` - -NetWeaver ERS instance resource option "AUTOMATIC_RECOVER".
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name - -- _Type:_ `string` - -The name of the ERS instance, typically the profile name.
-Mandatory for the NetWeaver ASCS/ERS cluster setup.
-Recommended format _ERS_.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPInstance__ERS` - -Name of the ERS instance resource.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string - -- _Type:_ `string` - -The full path and name of the ERS instance profile.
-Mandatory for the NetWeaver ASCS/ERS cluster.
- -### sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_SAPStartSrv__ERS` - -Name of the ERS SAPstartSrv resource for simple mount.
- -### sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr - -- _Type:_ `string` - -Instance number of the NetWeaver ABAP PAS instance.
-Mandatory for NetWeaver PAS cluster configuration.
- -### sap_ha_pacemaker_cluster_nwas_abap_sid - -- _Type:_ `string` - -SID of the NetWeaver instances.
-Mandatory for NetWeaver cluster configuration.
-Uses `sap_swpm_sid` if defined.
-Mandatory for NetWeaver cluster setups.
- -### sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name - -- _Type:_ `string` -- _Default:_ `col_ascs_separate_` - -Customize the cluster constraint name for ASCS and ERS separation colocation.
- -### sap_ha_pacemaker_cluster_nwas_order_ascs_first_name - -- _Type:_ `string` -- _Default:_ `ord_ascs_first_` - -Customize the cluster constraint name for ASCS starting before ERS order.
- -### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_fs__sapmnt` - -Filesystem resource clone name for the shared filesystem /sapmnt.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__sapmnt` - -Filesystem resource name for the shared filesystem /sapmnt.
-Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed - -- _Type:_ `bool` -- _Default:_ `False` - -Change this parameter to 'true' if the 3 shared filesystems `/usr/sap/trans`, `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources.
- -### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_fs__sys` - -Filesystem resource clone name for the shared filesystem /usr/sap//SYS.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__sys` - -Filesystem resource name for the transports filesystem /usr/sap//SYS.
-Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name - -- _Type:_ `string` -- _Default:_ `cln_fs__trans` - -Filesystem resource clone name for the shared filesystem /usr/sap/trans.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_fs__trans` - -Filesystem resource name for the transports filesystem /usr/sap/trans.
-Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
-Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
- -### sap_ha_pacemaker_cluster_operation_defaults - -- _Type:_ `dict` -- _Default:_ `{'record-pending': True, 'timeout': 600}` - -Set default operation parameters that will be valid for all pacemaker resources.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_operation_defaults: - record-pending: true - timeout: 600 -``` - -### sap_ha_pacemaker_cluster_resource_defaults - -- _Type:_ `dict` -- _Default:_ `{'migration-threshold': 5000, 'resource-stickiness': 3000}` - -Set default parameters that will be valid for all pacemaker resources.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_resource_defaults: - migration-threshold: 5000 - resource-stickiness: 1000 -``` - -### sap_ha_pacemaker_cluster_saphanasr_angi_detection - -- _Type:_ `string` -- _Default:_ `True` - -Disabling this variable enables to use Classic SAPHanaSR agents even on server, with SAPHanaSR-angi is available.
- -### sap_ha_pacemaker_cluster_sbd_devices - -- _Type:_ `list` - -Required if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
-Provide list of block devices for Stonith SBD agent
- -Example: - -```yaml -sap_ha_pacemaker_cluster_sbd_devices: -- /dev/disk/by-id/scsi-3600 -``` - -### sap_ha_pacemaker_cluster_sbd_enabled - -- _Type:_ `bool` - -Set this parameter to 'true' to enable workflow to add Stonith SBD resource.
-Stonith SBD resource has to be provided as part of `sap_ha_pacemaker_cluster_stonith_custom`.
-Default SBD agents are: stonith:external/sbd for SLES and stonith:fence_sbd for RHEL
- -Example: - -```yaml -sap_ha_pacemaker_cluster_sbd_devices: -- /dev/disk/by-id/scsi-3600 -sap_ha_pacemaker_cluster_sbd_enabled: true -sap_ha_pacemaker_cluster_stonith_custom: -- agent: stonith:external/sbd - id: stonith_sbd - instance_attrs: - - attrs: - - name: pcmk_delay_max - value: 15 -``` - -### sap_ha_pacemaker_cluster_sbd_options - -- _Type:_ `list` - -Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
-Provide list of SBD specific options that are added into SBD configuration file.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_sbd_options: -- name: startmode - value: clean -``` - -### sap_ha_pacemaker_cluster_sbd_watchdog - -- _Type:_ `str` -- _Default:_ `/dev/watchdog` - -Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
-Provide watchdog name to override default /dev/watchdog
- -### sap_ha_pacemaker_cluster_sbd_watchdog_modules - -- _Type:_ `list` - -Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
-Provide list of watchdog kernel modules to be loaded (creates /dev/watchdog* devices).
- -Example: - -```yaml -sap_ha_pacemaker_cluster_sbd_watchdog_modules: -- softdog -``` - -### sap_ha_pacemaker_cluster_stonith_custom - -- _Type:_ `list` - -Custom list of STONITH resource(s) to be configured in the cluster.
-This definition override any defaults the role would apply otherwise.
-Definition follows structure of ha_cluster_resource_primitives in linux-system-roles/ha_cluster
- -- **agent**
- Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. -- **id**
- Parameter `id` is required.
Name that will be used as the resource ID (name). -- **instance_attrs**
- Defines resource agent params as list of name/value pairs.
Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail.
Example: stonith:fence_sbd agent requires devices option with list of SBD disks.
Example: stonith:external/sbd agent does not require devices option, but `sap_ha_pacemaker_cluster_sbd_devices`. -- **meta_attrs**
- Defines meta attributes as list of name/value pairs. -- **name**
- WARNING! This option will be removed in future release. -- **operations**
- Defines list of resource agent operations. -- **options**
- WARNING! This option will be removed in future release. - -Example: - -```yaml -sap_ha_pacemaker_cluster_stonith_custom: -- agent: stonith:fence_rhevm - id: my-fence-resource - instance_attrs: - - attrs: - - name: ip - value: rhevm-server - - name: username - value: login-user - - name: password - value: login-user-password - - name: pcmk_host_list - value: node1,node2 - - name: power_wait - value: 3 - meta_attrs: - - attrs: - - name: target-role - value: Started - operations: - - action: start - attrs: - - name: interval - value: 0 - - name: timeout - value: 180 -``` - -### sap_ha_pacemaker_cluster_storage_definition - -- _Type:_ `list` - -List of filesystem definitions used for filesystem cluster resources.
-Options relevant, see example.
-Mandatory for SAP NetWeaver HA cluster configurations.
-Reuse `sap_storage_setup_definition` if defined.
-Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'.
-Reuse `sap_storage_setup_definition` all options are documented under Ansible Role `sap_storage_setup`.
-Note! For this variable, the argument specification does not list options, to avoid errors during reuse of `sap_storage_setup_definition` if defined.
- -Example: - -```yaml -sap_ha_pacemaker_cluster_storage_definition: -- mountpoint: /usr/sap - name: usr_sap - nfs_path: /usr/sap - nfs_server: nfs-server.example.com:/ -- mountpoint: /usr/sap/trans - name: usr_sap_trans - nfs_path: /usr/sap/trans - nfs_server: nfs-server.example.com:/ -- mountpoint: /sapmnt - name: sapmnt - nfs_filesystem_type: nfs - nfs_mount_options: defaults - nfs_path: /sapmnt - nfs_server: nfs-server.example.com:/ -``` - -### sap_ha_pacemaker_cluster_storage_nfs_filesytem_type - -- _Type:_ `string` -- _Default:_ `nfs` - -Filesystem type of the NFS filesystems that are part of the cluster configuration.
- -### sap_ha_pacemaker_cluster_storage_nfs_mount_options - -- _Type:_ `string` -- _Default:_ `defaults` - -Mount options of the NFS filesystems that are part of the cluster configuration.
- -### sap_ha_pacemaker_cluster_storage_nfs_server - -- _Type:_ `string` - -Default address of the NFS server, if not defined individually by filesystem.
- -### sap_ha_pacemaker_cluster_system_roles_collection - -- _Type:_ `string` -- _Default:_ `fedora.linux_system_roles` - -Reference to the Ansible Collection used for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'.
-For RHEL System Roles for SAP, or Red Hat Automation Hub, use 'redhat.rhel_system_roles'.
- -### sap_ha_pacemaker_cluster_vip_client_interface - -- _Type:_ `string` - -OS device name of the network interface to use for the Virtual IP configuration.
-When there is only one interface on the system, its name will be used by default.
- -### sap_ha_pacemaker_cluster_vip_hana_primary_ip_address - -- _Type:_ `string` - -The virtual IP of the primary HANA instance.
-Mandatory parameter for HANA clusters.
- -### sap_ha_pacemaker_cluster_vip_hana_primary_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__HDB_primary` - -Customize the name of the resource managing the Virtual IP of the primary HANA instance.
- -### sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address - -- _Type:_ `string` - -The virtual IP for read-only access to the secondary HANA instance.
-Optional parameter in HANA clusters.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver AAS instance.
-Mandatory for NetWeaver AAS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__AAS` - -Name of the SAPInstance resource for NetWeaver AAS.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver ASCS instance.
-Mandatory for NetWeaver ASCS/ERS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name - -- _Type:_ `string` -- _Default:_ `grp__ASCS` - -Name of the NetWeaver ASCS resource group.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__ASCS` - -Name of the SAPInstance resource for NetWeaver ASCS.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver ERS instance.
-Mandatory for NetWeaver ASCS/ERS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name - -- _Type:_ `string` -- _Default:_ `grp__ERS` - -Name of the NetWeaver ERS resource group.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__ERS` - -Name of the SAPInstance resource for NetWeaver ERS.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address - -- _Type:_ `string` - -Virtual IP of the NetWeaver PAS instance.
-Mandatory for NetWeaver PAS cluster setup.
- -### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__PAS` - -Name of the SAPInstance resource for NetWeaver PAS.
- -### sap_ha_pacemaker_cluster_vip_secondary_resource_name - -- _Type:_ `string` -- _Default:_ `rsc_vip__HDB_readonly` - -Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
- \ No newline at end of file diff --git a/roles/sap_ha_pacemaker_cluster/README.md b/roles/sap_ha_pacemaker_cluster/README.md index 2f0d9f3b..97491599 100644 --- a/roles/sap_ha_pacemaker_cluster/README.md +++ b/roles/sap_ha_pacemaker_cluster/README.md @@ -5,7 +5,7 @@ ## Description -Ansible Role `sap_ha_pacemaker_cluster` is used to install and configure Linux Pacemaker High Availability clusters for SAP HANA and SAP Netweaver systems on various infrastructure platforms. +The Ansible Role `sap_ha_pacemaker_cluster` is used to install and configure Linux Pacemaker High Availability clusters for SAP HANA and SAP Netweaver systems on various infrastructure platforms. @@ -50,8 +50,6 @@ Managed nodes: **:warning: This ansible role will destroy and then recreate Linux Pacemaker cluster in process.**
:warning: Do not execute this Ansible Role against existing Linux Pacemaker clusters unless you know what you are doing and you prepare inputs according to existing cluster. -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. - ### Supported Platforms | Platform | Status | Notes | | -------- | --------- | --------- | @@ -144,6 +142,8 @@ It is recommended to execute this role together with other roles in this collect ## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + Cluster can be further customized with inputs available from underlying role [ha_cluster](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md), which will take precedence over `sap_ha_pacemaker_cluster` inputs. @@ -158,5 +158,1024 @@ Apache 2.0 - [Marcel Mamula](https://github.com/marcelmamula) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_ha_pacemaker_cluster/INPUT_PARAMETERS.md) +## Role Variables + +Minimum required parameters for all clusters: + +- [sap_ha_pacemaker_cluster_hacluster_user_password](#sap_ha_pacemaker_cluster_hacluster_user_password) + +Additional minimum requirements depend on the type of cluster setup and on the target platform. + +### sap_ha_pacemaker_cluster_hacluster_user_password + +- _Type:_ `string` + +**Mandatory Input Parameter.**
+The password of the `hacluster` user which is created during pacemaker installation.
+Inherits the value of `ha_cluster_hacluster_password`, when defined.
+ + +### sap_ha_pacemaker_cluster_aws_access_key_id + +- _Type:_ `string` + +AWS access key to allow control of instances (for example for fencing operations).
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
+2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
+ +### sap_ha_pacemaker_cluster_aws_credentials_setup + +- _Type:_ `string` + +Set this parameter to 'true' to store AWS credentials into /root/.aws/credentials.
+Requires: `sap_ha_pacemaker_cluster_aws_access_key_id` and `sap_ha_pacemaker_cluster_aws_secret_access_key`
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
+ +### sap_ha_pacemaker_cluster_aws_region + +- _Type:_ `string` + +The AWS region in which the instances to be used for the cluster setup are located.
+Mandatory for cluster nodes setup on AWS EC2 instances.
+ +### sap_ha_pacemaker_cluster_aws_secret_access_key + +- _Type:_ `string` + +AWS secret key, paired with the access key for instance control.
+Mandatory for the cluster nodes setup on AWS EC2 instances, when:
+1. IAM Role or Instance profile is not attached to EC2 instance.
+2. `sap_ha_pacemaker_cluster_aws_credentials_setup` is `true`
+ +### sap_ha_pacemaker_cluster_aws_vip_update_rt + +- _Type:_ `string` + +List one more routing table IDs for managing Virtual IP failover through routing table changes.
+Multiple routing tables must be defined as a comma-separated string (no spaces).
+Mandatory for the VIP resource configuration in AWS EC2 environments.
+ +### sap_ha_pacemaker_cluster_cluster_name + +- _Type:_ `string` + +The name of the pacemaker cluster.
+Inherits the `ha_cluster` LSR native parameter `ha_cluster_cluster_name` if not defined.
+If not defined, the `ha_cluster` Linux System Role default will be used.
+ +### sap_ha_pacemaker_cluster_cluster_nodes + +- _Type:_ `list` + +List of cluster nodes and associated attributes to describe the target SAP HA environment.
+This is required for the HANA System Replication configuration.
+Synonym for this parameter is `sap_hana_cluster_nodes`.
+Mandatory to be defined for HANA clusters.
+ +- **hana_site**
+ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). +- **node_ip**
+ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ +- **node_name**
+ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ +- **node_role**
+ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ + +Example: + +```yaml +sap_ha_pacemaker_cluster_cluster_nodes: +- hana_site: DC01 + node_ip: 192.168.5.1 + node_name: nodeA + node_role: primary +- hana_site: DC02 +``` + +### sap_ha_pacemaker_cluster_cluster_properties + +- _Type:_ `dict` +- _Default:_ `{'concurrent-fencing': True, 'stonith-enabled': True, 'stonith-timeout': 900}` + +Standard pacemaker cluster properties are configured with recommended settings for cluster node fencing.
+When no STONITH resource is defined, STONITH will be disabled and a warning displayed.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_cluster_properties: + concurrent-fencing: true + stonith-enabled: true + stonith-timeout: 900 +``` + +### sap_ha_pacemaker_cluster_create_config_dest + +- _Type:_ `string` +- _Default:_ `review_resource_config.yml` + +The pacemaker cluster resource configuration optionally created by this role will be saved in a Yaml file in the current working directory.
+Requires `sap_ha_pacemaker_cluster_create_config_varfile` to be enabled for generating the output file.
+Specify a path/filename to save the file in a custom location.
+The file can be used as input vars file for an Ansible playbook running the 'ha_cluster' Linux System Role.
+ +### sap_ha_pacemaker_cluster_create_config_varfile + +- _Type:_ `bool` +- _Default:_ `False` + +When enabled, all cluster configuration parameters this role constructs for executing the 'ha_cluster' Linux System role will be written into a file in Yaml format.
+This allows using the output file later as input file for additional custom steps using the 'ha_cluster' role and covering the resource configuration in a cluster that was set up using this 'sap_ha_pacemaker_cluster' role.
+When enabled this parameters file is also created when the playbook is run in check_mode (`--check`) and can be used to review the configuration parameters without executing actual changes on the target nodes.
+WARNING! This report may include sensitive details like secrets required for certain cluster resources!
+ +### sap_ha_pacemaker_cluster_enable_cluster_connector + +- _Type:_ `bool` +- _Default:_ `True` + +Enables/Disables the SAP HA Interface for SAP ABAP application server instances, also known as `sap_cluster_connector`.
+Set this parameter to 'false' if the SAP HA interface should not be installed and configured.
+ +### sap_ha_pacemaker_cluster_extra_packages + +- _Type:_ `list` + +Additional extra packages to be installed, for instance specific resource packages.
+For SAP clusters configured by this role, the relevant standard packages for the target scenario are automatically included.
+ +### sap_ha_pacemaker_cluster_fence_agent_packages + +- _Type:_ `list` + +Additional fence agent packages to be installed.
+This is automatically combined with default packages in:
+`__sap_ha_pacemaker_cluster_fence_agent_packages_minimal`
+`__sap_ha_pacemaker_cluster_fence_agent_packages_platform`
+ +### sap_ha_pacemaker_cluster_gcp_project + +- _Type:_ `string` + +Google Cloud project name in which the target instances are installed.
+Mandatory for the cluster setup on GCP instances.
+ +### sap_ha_pacemaker_cluster_gcp_region_zone + +- _Type:_ `string` + +Google Cloud Platform region zone ID.
+Mandatory for the cluster setup on GCP instances.
+ +### sap_ha_pacemaker_cluster_ha_cluster + +- _Type:_ `dict` + +The `ha_cluster` LSR native parameter `ha_cluster` can be used as a synonym.
+Optional _**host_vars**_ parameter - if defined it must be set for each node.
+Dictionary that can contain various node options for the pacemaker cluster configuration.
+Supported options can be reviewed in the `ha_cluster` Linux System Role [https://github.com/linux-system-roles/ha_cluster/blob/master/README.md].
+If not defined, the `ha_cluster` Linux System Role default will be used.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_ha_cluster: + corosync_addresses: + - 192.168.1.10 + - 192.168.2.10 + node_name: nodeA +``` + +### sap_ha_pacemaker_cluster_hana_automated_register + +- _Type:_ `bool` +- _Default:_ `True` + +Parameter for the 'SAPHana' cluster resource.
+Define if a former primary should be re-registered automatically as secondary.
+ +### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_primary_name + +- _Type:_ `string` +- _Default:_ `col_saphana_vip__HDB_primary` + +Customize the cluster constraint name for VIP and SAPHana primary clone colocation.
+ +### sap_ha_pacemaker_cluster_hana_colocation_hana_vip_secondary_name + +- _Type:_ `string` +- _Default:_ `col_saphana_vip__HDB_readonly` + +Customize the cluster constraint name for VIP and SAPHana secondary clone colocation.
+ +### sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout + +- _Type:_ `int` +- _Default:_ `7200` + +Parameter for the 'SAPHana' cluster resource.
+Time difference needed between to primary time stamps, if a dual-primary situation occurs.
+If the time difference is less than the time gap, then the cluster holds one or both instances in a "WAITING" status.
+This is to give an admin a chance to react on a failover. A failed former primary will be registered after the time difference is passed.
+ +### sap_ha_pacemaker_cluster_hana_filesystem_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_SAPHanaFil__HDB` + +Customize the cluster resource name of the SAP HANA Filesystem clone.
+ +### sap_ha_pacemaker_cluster_hana_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPHanaFil__HDB` + +Customize the cluster resource name of the SAP HANA Filesystem.
+ +### sap_ha_pacemaker_cluster_hana_global_ini_path + +- _Type:_ `string` +- _Default:_ `/usr/sap//SYS/global/hdb/custom/config/global.ini` + +Path with location of global.ini for srHook update
+ +### sap_ha_pacemaker_cluster_hana_hook_chksrv + +- _Type:_ `bool` +- _Default:_ `False` + +Controls if ChkSrv srHook is enabled during srHook creation.
+It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
+ +### sap_ha_pacemaker_cluster_hana_hook_tkover + +- _Type:_ `bool` +- _Default:_ `False` + +Controls if TkOver srHook is enabled during srHook creation.
+It is ignored when sap_ha_pacemaker_cluster_hana_hooks is defined.
+ +### sap_ha_pacemaker_cluster_hana_hooks + +- _Type:_ `list` +- _Default:_ `[]` + +Customize required list of SAP HANA Hooks
+Mandatory to include SAPHanaSR srHook in list.
+Mandatory attributes are provider and path.
+Example below shows mandatory SAPHanaSR, TkOver and ChkSrv hooks.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_hana_hooks: +- options: + - name: execution_order + value: 1 + path: /usr/share/SAPHanaSR/ + provider: SAPHanaSR +- options: + - name: execution_order + value: 2 + path: /usr/share/SAPHanaSR/ + provider: susTkOver +- options: + - name: execution_order + value: 3 + - name: action_on_lost + value: stop + path: /usr/share/SAPHanaSR/ + provider: susChkSrv +``` + +### sap_ha_pacemaker_cluster_hana_instance_nr + +- _Type:_ `string` + +The instance number of the SAP HANA database which this role will configure in the cluster.
+Inherits the value of `sap_hana_instance_number`, when defined.
+Mandatory for SAP HANA cluster setups.
+ +### sap_ha_pacemaker_cluster_hana_order_hana_vip_primary_name + +- _Type:_ `string` +- _Default:_ `ord_saphana_vip__HDB_primary` + +Customize the cluster constraint name for VIP and SAPHana primary clone order.
+ +### sap_ha_pacemaker_cluster_hana_order_hana_vip_secondary_name + +- _Type:_ `string` +- _Default:_ `ord_saphana_vip__HDB_readonly` + +Customize the cluster constraint name for VIP and SAPHana secondary clone order.
+ +### sap_ha_pacemaker_cluster_hana_order_topology_hana_name + +- _Type:_ `string` +- _Default:_ `ord_saphana_saphanatop__HDB` + +Customize the cluster constraint name for SAPHana and Topology order.
+ +### sap_ha_pacemaker_cluster_hana_prefer_site_takeover + +- _Type:_ `bool` +- _Default:_ `True` + +Parameter for the 'SAPHana' cluster resource.
+Set to "false" if the cluster should first attempt to restart the instance on the same node.
+When set to "true" (default) a failover to secondary will be initiated on resource failure.
+ +### sap_ha_pacemaker_cluster_hana_resource_clone_msl_name + +- _Type:_ `string` +- _Default:_ `msl_SAPHana__HDB` + +Customize the cluster resource name of the SAP HANA DB resource master slave clone.
+Master Slave clone is specific to Classic SAPHana resource on SUSE (non-angi).
+ +### sap_ha_pacemaker_cluster_hana_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_SAPHana__HDB` + +Customize the cluster resource name of the SAP HANA DB resource clone.
+ +### sap_ha_pacemaker_cluster_hana_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPHana__HDB` + +Customize the cluster resource name of the SAP HANA DB resource.
+ +### sap_ha_pacemaker_cluster_hana_sid + +- _Type:_ `string` + +The SAP HANA SID of the instance that will be configured in the cluster.
+The SID must follow SAP specifications - see SAP Note 1979280.
+Inherits the value of `sap_hana_sid`, when defined.
+Mandatory for SAP HANA cluster setups.
+ +### sap_ha_pacemaker_cluster_hana_topology_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_SAPHanaTop__HDB` + +Customize the cluster resource name of the SAP HANA Topology resource clone.
+ +### sap_ha_pacemaker_cluster_hana_topology_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPHanaTop__HDB` + +Customize the cluster resource name of the SAP HANA Topology resource.
+ +### sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_SAPHanaCon__HDB` + +Customize the cluster resource name of the SAP HANA Controller clone.
+ +### sap_ha_pacemaker_cluster_hanacontroller_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPHanaCon__HDB` + +Customize the cluster resource name of the SAP HANA Controller.
+ +### sap_ha_pacemaker_cluster_host_type + +- _Type:_ `list` +- _Default:_ `hana_scaleup_perf` + +The SAP landscape to for which the cluster is to be configured.
+The default is a 2-node SAP HANA scale-up cluster.
+ +### sap_ha_pacemaker_cluster_ibmcloud_api_key + +- _Type:_ `string` + +The API key which is required to allow the control of instances (for example for fencing operations).
+Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
+ +### sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type + +- _Type:_ `string` + +IBM Power Virtual Server API Endpoint type (public or private) dependent on network interface attachments for the target instances.
+Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
+ +### sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url + +- _Type:_ `string` + +IBM Power Virtual Server forward proxy url when IBM Power Virtual Server API Endpoint type is set to private.
+When public network interface, can be ignored.
+When private network interface, mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
+ +### sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn + +- _Type:_ `string` + +IBM Power Virtual Server Workspace service cloud resource name (CRN) identifier which contains the target instances
+Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
+ +### sap_ha_pacemaker_cluster_ibmcloud_region + +- _Type:_ `string` + +The IBM Cloud VS region name in which the instances are running.
+Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
+ +### sap_ha_pacemaker_cluster_msazure_resource_group + +- _Type:_ `string` + +Resource group name/ID in which the target instances are defined.
+Mandatory for the cluster setup on MS Azure instances.
+ +### sap_ha_pacemaker_cluster_msazure_subscription_id + +- _Type:_ `string` + +Subscription ID of the MS Azure environment containing the target instances.
+Mandatory for the cluster setup on MS Azure instances.
+ +### sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr + +- _Type:_ `string` + +Instance number of the NetWeaver ABAP AAS instance.
+Mandatory for NetWeaver AAS cluster configuration.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 + +- _Type:_ `bool` +- _Default:_ `False` + +The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2.
+Set this parameter to 'true' to configure it as ENSA1.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_simple_mount + +- _Type:_ `bool` +- _Default:_ `True` + +Enables preferred method for ASCS ERS ENSA2 clusters - Simple Mount
+Set this parameter to 'true' to configure ENSA2 Simple Mount.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__ASCS` + +Name of the filesystem resource for the ASCS instance.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness + +- _Type:_ `string` +- _Default:_ `3000` + +NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node it was started on.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr + +- _Type:_ `string` + +Instance number of the NetWeaver ABAP ASCS instance.
+Mandatory for NetWeaver ASCS/ERS cluster configuration.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool + +- _Type:_ `bool` +- _Default:_ `False` + +NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER".
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout + +- _Type:_ `string` +- _Default:_ `60` + +NetWeaver ASCS instance failure-timeout attribute.
+Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold + +- _Type:_ `string` +- _Default:_ `1` + +NetWeaver ASCS instance migration-threshold setting attribute.
+Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name + +- _Type:_ `string` + +The name of the ASCS instance, typically the profile name.
+Mandatory for the NetWeaver ASCS/ERS cluster setup
+Recommended format _ASCS_.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPInstance__ASCS` + +Name of the ASCS instance resource.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness + +- _Type:_ `string` +- _Default:_ `5000` + +NetWeaver ASCS instance resource stickiness attribute.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string + +- _Type:_ `string` + +The full path and name of the ASCS instance profile.
+Mandatory for the NetWeaver ASCS/ERS cluster setup.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapstartsrv_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPStartSrv__ASCS` + +Name of the ASCS SAPStartSrv resource for simple mount.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__ERS` + +Name of the filesystem resource for the ERS instance.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr + +- _Type:_ `string` + +Instance number of the NetWeaver ABAP ERS instance.
+Mandatory for NetWeaver ASCS/ERS cluster configuration.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool + +- _Type:_ `bool` +- _Default:_ `False` + +NetWeaver ERS instance resource option "AUTOMATIC_RECOVER".
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name + +- _Type:_ `string` + +The name of the ERS instance, typically the profile name.
+Mandatory for the NetWeaver ASCS/ERS cluster setup.
+Recommended format _ERS_.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPInstance__ERS` + +Name of the ERS instance resource.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string + +- _Type:_ `string` + +The full path and name of the ERS instance profile.
+Mandatory for the NetWeaver ASCS/ERS cluster.
+ +### sap_ha_pacemaker_cluster_nwas_abap_ers_sapstartsrv_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_SAPStartSrv__ERS` + +Name of the ERS SAPstartSrv resource for simple mount.
+ +### sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr + +- _Type:_ `string` + +Instance number of the NetWeaver ABAP PAS instance.
+Mandatory for NetWeaver PAS cluster configuration.
+ +### sap_ha_pacemaker_cluster_nwas_abap_sid + +- _Type:_ `string` + +SID of the NetWeaver instances.
+Mandatory for NetWeaver cluster configuration.
+Uses `sap_swpm_sid` if defined.
+Mandatory for NetWeaver cluster setups.
+ +### sap_ha_pacemaker_cluster_nwas_colocation_ascs_no_ers_name + +- _Type:_ `string` +- _Default:_ `col_ascs_separate_` + +Customize the cluster constraint name for ASCS and ERS separation colocation.
+ +### sap_ha_pacemaker_cluster_nwas_order_ascs_first_name + +- _Type:_ `string` +- _Default:_ `ord_ascs_first_` + +Customize the cluster constraint name for ASCS starting before ERS order.
+ +### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_fs__sapmnt` + +Filesystem resource clone name for the shared filesystem /sapmnt.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__sapmnt` + +Filesystem resource name for the shared filesystem /sapmnt.
+Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed + +- _Type:_ `bool` +- _Default:_ `False` + +Change this parameter to 'true' if the 3 shared filesystems `/usr/sap/trans`, `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources.
+ +### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_fs__sys` + +Filesystem resource clone name for the shared filesystem /usr/sap//SYS.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__sys` + +Filesystem resource name for the transports filesystem /usr/sap//SYS.
+Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_clone_name + +- _Type:_ `string` +- _Default:_ `cln_fs__trans` + +Filesystem resource clone name for the shared filesystem /usr/sap/trans.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_fs__trans` + +Filesystem resource name for the transports filesystem /usr/sap/trans.
+Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
+Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
+ +### sap_ha_pacemaker_cluster_operation_defaults + +- _Type:_ `dict` +- _Default:_ `{'record-pending': True, 'timeout': 600}` + +Set default operation parameters that will be valid for all pacemaker resources.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_operation_defaults: + record-pending: true + timeout: 600 +``` + +### sap_ha_pacemaker_cluster_resource_defaults + +- _Type:_ `dict` +- _Default:_ `{'migration-threshold': 5000, 'resource-stickiness': 3000}` + +Set default parameters that will be valid for all pacemaker resources.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_resource_defaults: + migration-threshold: 5000 + resource-stickiness: 1000 +``` + +### sap_ha_pacemaker_cluster_saphanasr_angi_detection + +- _Type:_ `string` +- _Default:_ `True` + +Disabling this variable enables to use Classic SAPHanaSR agents even on server, with SAPHanaSR-angi is available.
+ +### sap_ha_pacemaker_cluster_sbd_devices + +- _Type:_ `list` + +Required if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of block devices for Stonith SBD agent
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_sbd_devices: +- /dev/disk/by-id/scsi-3600 +``` + +### sap_ha_pacemaker_cluster_sbd_enabled + +- _Type:_ `bool` + +Set this parameter to 'true' to enable workflow to add Stonith SBD resource.
+Stonith SBD resource has to be provided as part of `sap_ha_pacemaker_cluster_stonith_custom`.
+Default SBD agents are: `stonith:external/sbd` for SUSE and `stonith:fence_sbd` for Red Hat.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_sbd_devices: +- /dev/disk/by-id/scsi-3600 +sap_ha_pacemaker_cluster_sbd_enabled: true +sap_ha_pacemaker_cluster_stonith_custom: +- agent: stonith:external/sbd + id: stonith_sbd + instance_attrs: + - attrs: + - name: pcmk_delay_max + value: 15 +``` + +### sap_ha_pacemaker_cluster_sbd_options + +- _Type:_ `list` + +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of SBD specific options that are added into SBD configuration file.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_sbd_options: +- name: startmode + value: clean +``` + +### sap_ha_pacemaker_cluster_sbd_watchdog + +- _Type:_ `str` +- _Default:_ `/dev/watchdog` + +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide watchdog name to override default /dev/watchdog
+ +### sap_ha_pacemaker_cluster_sbd_watchdog_modules + +- _Type:_ `list` + +Optional if `sap_ha_pacemaker_cluster_sbd_enabled` is enabled.
+Provide list of watchdog kernel modules to be loaded (creates /dev/watchdog* devices).
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_sbd_watchdog_modules: +- softdog +``` + +### sap_ha_pacemaker_cluster_stonith_custom + +- _Type:_ `list` + +Custom list of STONITH resource(s) to be configured in the cluster.
+This definition override any defaults the role would apply otherwise.
+Definition follows structure of ha_cluster_resource_primitives in linux-system-roles/ha_cluster
+ +- **agent**
+ Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. +- **id**
+ Parameter `id` is required.
Name that will be used as the resource ID (name). +- **instance_attrs**
+ Defines resource agent params as list of name/value pairs.
Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail.
Example: stonith:fence_sbd agent requires devices option with list of SBD disks.
Example: stonith:external/sbd agent does not require devices option, but `sap_ha_pacemaker_cluster_sbd_devices`. +- **meta_attrs**
+ Defines meta attributes as list of name/value pairs. +- **name**
+ WARNING! This option will be removed in future release. +- **operations**
+ Defines list of resource agent operations. +- **options**
+ WARNING! This option will be removed in future release. + +Example: + +```yaml +sap_ha_pacemaker_cluster_stonith_custom: +- agent: stonith:fence_rhevm + id: my-fence-resource + instance_attrs: + - attrs: + - name: ip + value: rhevm-server + - name: username + value: login-user + - name: password + value: login-user-password + - name: pcmk_host_list + value: node1,node2 + - name: power_wait + value: 3 + meta_attrs: + - attrs: + - name: target-role + value: Started + operations: + - action: start + attrs: + - name: interval + value: 0 + - name: timeout + value: 180 +``` + +### sap_ha_pacemaker_cluster_storage_definition + +- _Type:_ `list` + +List of filesystem definitions used for filesystem cluster resources.
+Options relevant, see example.
+Mandatory for SAP NetWeaver HA cluster configurations.
+Reuse `sap_storage_setup_definition` if defined.
+Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'.
+Reuse `sap_storage_setup_definition` all options are documented under Ansible Role `sap_storage_setup`.
+Note! For this variable, the argument specification does not list options, to avoid errors during reuse of `sap_storage_setup_definition` if defined.
+ +Example: + +```yaml +sap_ha_pacemaker_cluster_storage_definition: +- mountpoint: /usr/sap + name: usr_sap + nfs_path: /usr/sap + nfs_server: nfs-server.example.com:/ +- mountpoint: /usr/sap/trans + name: usr_sap_trans + nfs_path: /usr/sap/trans + nfs_server: nfs-server.example.com:/ +- mountpoint: /sapmnt + name: sapmnt + nfs_filesystem_type: nfs + nfs_mount_options: defaults + nfs_path: /sapmnt + nfs_server: nfs-server.example.com:/ +``` + +### sap_ha_pacemaker_cluster_storage_nfs_filesytem_type + +- _Type:_ `string` +- _Default:_ `nfs` + +Filesystem type of the NFS filesystems that are part of the cluster configuration.
+ +### sap_ha_pacemaker_cluster_storage_nfs_mount_options + +- _Type:_ `string` +- _Default:_ `defaults` + +Mount options of the NFS filesystems that are part of the cluster configuration.
+ +### sap_ha_pacemaker_cluster_storage_nfs_server + +- _Type:_ `string` + +Default address of the NFS server, if not defined individually by filesystem.
+ +### sap_ha_pacemaker_cluster_system_roles_collection + +- _Type:_ `string` +- _Default:_ `fedora.linux_system_roles` + +Set which Ansible Collection to use for the Linux System Roles.
+Available values: +- `fedora.linux_system_roles` - for community/upstream.
+- `redhat.rhel_system_roles` - for the RHEL System Roles for SAP, or for Red Hat Automation Hub.
+ +### sap_ha_pacemaker_cluster_vip_client_interface + +- _Type:_ `string` + +OS device name of the network interface to use for the Virtual IP configuration.
+When there is only one interface on the system, its name will be used by default.
+ +### sap_ha_pacemaker_cluster_vip_hana_primary_ip_address + +- _Type:_ `string` + +The virtual IP of the primary HANA instance.
+Mandatory parameter for HANA clusters.
+ +### sap_ha_pacemaker_cluster_vip_hana_primary_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__HDB_primary` + +Customize the name of the resource managing the Virtual IP of the primary HANA instance.
+ +### sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address + +- _Type:_ `string` + +The virtual IP for read-only access to the secondary HANA instance.
+Optional parameter in HANA clusters.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address + +- _Type:_ `string` + +Virtual IP of the NetWeaver AAS instance.
+Mandatory for NetWeaver AAS cluster setup.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__AAS` + +Name of the SAPInstance resource for NetWeaver AAS.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address + +- _Type:_ `string` + +Virtual IP of the NetWeaver ASCS instance.
+Mandatory for NetWeaver ASCS/ERS cluster setup.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name + +- _Type:_ `string` +- _Default:_ `grp__ASCS` + +Name of the NetWeaver ASCS resource group.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__ASCS` + +Name of the SAPInstance resource for NetWeaver ASCS.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address + +- _Type:_ `string` + +Virtual IP of the NetWeaver ERS instance.
+Mandatory for NetWeaver ASCS/ERS cluster setup.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name + +- _Type:_ `string` +- _Default:_ `grp__ERS` + +Name of the NetWeaver ERS resource group.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__ERS` + +Name of the SAPInstance resource for NetWeaver ERS.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address + +- _Type:_ `string` + +Virtual IP of the NetWeaver PAS instance.
+Mandatory for NetWeaver PAS cluster setup.
+ +### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__PAS` + +Name of the SAPInstance resource for NetWeaver PAS.
+ +### sap_ha_pacemaker_cluster_vip_secondary_resource_name + +- _Type:_ `string` +- _Default:_ `rsc_vip__HDB_readonly` + +Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
+ \ No newline at end of file diff --git a/roles/sap_hana_install/INPUT_PARAMETERS.md b/roles/sap_hana_install/INPUT_PARAMETERS.md deleted file mode 100644 index 93f909fb..00000000 --- a/roles/sap_hana_install/INPUT_PARAMETERS.md +++ /dev/null @@ -1,59 +0,0 @@ -## Input Parameters for sap_ha_pacemaker_cluster Ansible Role - -### sap_hana_install_sid - -- _Type:_ `string` - -Enter SAP HANA System ID (SID). - -### sap_hana_install_number - -- _Type:_ `string` - -Enter SAP HANA Instance number. - -### sap_hana_install_fapolicyd_integrity - -- _Type:_ `string` -- _Default:_ `sha256` - -Select fapolicyd integrity check option out of: `none`, `size`, `sha256`, `ima`. - -### sap_hana_install_check_sidadm_user - -- _Type:_ `bool` -- _Default:_ `True` - -If the variable `sap_hana_install_check_sidadm_user` is set to `False`, the role will install SAP HANA even -if the sidadm user exists. Default is `True`, in which case the installation will not be performed if the -sidadm user exists. - -### sap_hana_install_new_system - -- _Type:_ `bool` -- _Default:_ `True` - -The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation -or if it will add further hosts to an existing SAP HANA system as specified by variable -`sap_hana_install_addhosts`. Default is `True` for a fresh SAP HANA installation. - -### sap_hana_install_update_firewall - -- _Type:_ `bool` -- _Default:_ `False` - -The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set -the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined -in a variable which is compatible with the variable structure used by Linux System Role `firewall`. -The firewall ports for SAP HANA are defined in member `port` of the first field of variable -`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the -member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, -the ports will be disabled, which might be useful for testing. - -Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. -You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. -Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` -(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, -`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. - - \ No newline at end of file diff --git a/roles/sap_hana_install/README.md b/roles/sap_hana_install/README.md index efd9bc84..265c7f92 100644 --- a/roles/sap_hana_install/README.md +++ b/roles/sap_hana_install/README.md @@ -5,7 +5,7 @@ ## Description -Ansible Role `sap_hana_install` is used to install SAP HANA database using HDBLCM. +The Ansible role `sap_hana_install` installs SAP HANA using the SAP HANA database lifecycle manager (HDBLCM). @@ -143,7 +143,6 @@ of this file will not be reflected. ## Execution -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. @@ -374,6 +373,8 @@ With the following tags, the role can be called to perform certain activities on +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ## License @@ -386,5 +387,57 @@ Apache 2.0 - [Bernd Finger](https://github.com/berndfinger) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hana_install/INPUT_PARAMETERS.md) +## Role Variables + +### sap_hana_install_sid + +- _Type:_ `string` + +Enter SAP HANA System ID (SID). + +### sap_hana_install_number + +- _Type:_ `string` + +Enter SAP HANA Instance number. + +### sap_hana_install_fapolicyd_integrity + +- _Type:_ `string` +- _Default:_ `sha256` + +Select `fapolicyd` integrity check option.
+Available values: `none`, `size`, `sha256`, `ima`. + +### sap_hana_install_check_sidadm_user + +- _Type:_ `bool` +- _Default:_ `True` + +Set to `False` to install SAP HANA even if the `sidadm` user exists.
+Default is `True`, in which case the installation will not be performed if the `sidadm` user exists. + +### sap_hana_install_new_system + +- _Type:_ `bool` +- _Default:_ `True` + +Set to `False` to use existing SAP HANA database and add more hosts using variable `sap_hana_install_addhosts`.
+Default is `True`, in which case fresh SAP HANA installation will be performed. + +### sap_hana_install_update_firewall + +- _Type:_ `bool` +- _Default:_ `False` + +The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set the variable `sap_hana_install_update_firewall` to `yes` (default is `no`).
+The firewall ports are defined in a variable which is compatible with the variable structure used by Linux System Role `firewall`.
+The firewall ports for SAP HANA are defined in member `port` of the first field of variable `sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`.
+If the member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, the ports will be disabled, which might be useful for testing.
+ +Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories.
+You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`.
+Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` (= SAP HANA instance number)
+ can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, `sap_hana_install_instance_number`, or `sap_hana_install_number`.
+ The order of precedence is from left to right. + \ No newline at end of file diff --git a/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md b/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md deleted file mode 100644 index 5cd5c87e..00000000 --- a/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md +++ /dev/null @@ -1,324 +0,0 @@ -## Input Parameters for sap_hana_preconfigure Ansible Role - -## Role Input Parameters - -#### Minimum required parameters: - -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_hana_preconfigure_config_all -- _Type:_ `bool` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_hana_preconfigure_installation -- _Type:_ `bool` - -If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_hana_preconfigure_configuration -- _Type:_ `bool` - -If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
- -Example: - -```yaml -sap_hana_preconfigure_config_all: false -sap_hana_preconfigure_configuration: true -sap_hana_preconfigure_2772999_04: true -sap_hana_preconfigure_2382421: true -``` - -### sap_hana_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_hana_preconfigure_assert_all_config -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will check either tuned or static settings.
-If this parameter is set to to `true`, the role will check both tuned and static settings.
- -### sap_hana_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_hana_preconfigure_system_roles_collection -- _Type:_ `str` -- _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` - -Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
- -### sap_hana_preconfigure_min_rhel_release_check -- _Type:_ `bool` -- _Default:_ `false` - -Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of
-known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if
-the RHEL release is not part of that list. If set to `true`, the role will fail in such a case.
- -### sap_hana_preconfigure_supported_rhel_minor_releases -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA supported RHEL minor releases.
- -### sap_hana_preconfigure_enable_sap_hana_repos -- _Type:_ `bool` -- _Default:_ `false` - -Set to 'true' to enable the SAP HANA required RHEL repos.
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_7_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_7_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_8_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_8_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_9_x86_64 -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_req_repos_redhat_9_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le'
-This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
-The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
- -### sap_hana_preconfigure_set_minor_release -- _Type:_ `bool` -- _Default:_ `false` - -Use this parameter to set the RHEL minor release, which is required for SAP HANA.
-The related parameter is `sap_general_preconfigure_set_minor_release`.
- -### sap_hana_preconfigure_create_directories -- _Type:_ `bool` -- _Default:_ `true` - -Set to `false` if you do not want the SAP HANA directories to be created by the role.
-The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels`
-(see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set.
- -### sap_hana_preconfigure_hana_directories -- _Type:_ `list` with elements of type `str` -- _Default:_ - - /hana - - /lss/shared - -List of SAP HANA directories to be created.
- -### sap_hana_preconfigure_modify_selinux_labels -- _Type:_ `bool` -- _Default:_ `true` - -For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add
-the `usr_t` label to directories and files in the directories where HANA is installed.
-If relabeling not desired, set this parameter `false`.
-If the variable is set to `true`, the SAP HANA directories will be created no matter
-how the variable `sap_hana_preconfigure_create_directories` (see above) is set.
- -### sap_hana_preconfigure_packages -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list
-or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`).
- -### sap_hana_preconfigure_min_package_check -- _Type:_ `bool` -- _Default:_ `true` - -SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
-Set this parameter to `false` if you want to ignore these requirements.
- -### sap_hana_preconfigure_update -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` to update the system to the latest package levels.
-By setting the parameter `sap_general_preconfigure_set_minor_release` of the
-role `sap_general_preconfigure` to `true`, you can install the most recent package updates
-without updating to a more recent RHEL minor release.
- -### sap_hana_preconfigure_reboot_ok -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` if you want to perform a reboot at the end of the role, if necessary.
- -### sap_hana_preconfigure_fail_if_reboot_required -- _Type:_ `bool` -- _Default:_ `true` - -If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
-remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
-Can be useful if you want to implement your own reboot handling.
- -### sap_hana_preconfigure_kernel_parameters -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Network related linux kernel parameter settings for SAP HANA on all hardware platforms.
- -### sap_hana_preconfigure_kernel_parameters_ppc64le -- _Type:_ `list` with elements of type `str` -- _Default:_ (set by platform/environment specific variables) - -Network related linux kernel parameter settings for platform ppc64le.
- -### sap_hana_preconfigure_use_netapp_settings_nfs -- _Type:_ `bool` -- _Default:_ `false` - -Set to `true` to also set NetApp NFS required kernel parameters.
- -### sap_hana_preconfigure_install_ibm_power_tools -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
- -### sap_hana_preconfigure_add_ibm_power_repo -- _Type:_ `bool` -- _Default:_ `true` - -Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
-are already available on the local network). The IBM Power Systems service and productivity tools will only
-be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
- -### sap_hana_preconfigure_ibm_power_repo_url -- _Type:_ `str` -- _Default:_ (set by platform/environment specific variables) - -URL of the IBM Power tools repository.
- -### sap_hana_preconfigure_ppcle_mtu9000_if -- _Type:_ `str` -- _Default:_ `''` - -List of interfaces for which the MTU size will be set to `9000`.
- -### sap_hana_preconfigure_ppcle_tso_if -- _Type:_ `list` with elements of type `str` -- _Default:_ - '{{ ansible_interfaces | difference([''lo'']) }}' - -List of interfaces for which the tso flag will be set.
- -### sap_hana_preconfigure_use_tuned -- _Type:_ `bool` -- _Default:_ `true` - -Use tuned for configuring most of the kernel settings for SAP HANA
-Set this parameter to `false` to use static kernel settings
- -### sap_hana_preconfigure_tuned_profile -- _Type:_ `str` -- _Default:_ `'sap-hana'` - -Name of the SAP HANA tuned tuned profile to enable (RHEL).
- -### sap_hana_preconfigure_modify_grub_cmdline_linux -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` to modify the Grub boot command line.
- -### sap_hana_preconfigure_run_grub2_mkconfig -- _Type:_ `bool` -- _Default:_ `true` - -By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
-Set this parameter to `false` if this is not desired.
- -### sap_hana_preconfigure_db_group_name -- _Type:_ `str` - -Use this parameter to specify the name of the RHEL group which is used for the database processes.
-It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999.
- -Example: - -```yaml -sap_hana_preconfigure_db_group_name: dba -``` - -### sap_hana_preconfigure_saptune_version -- _Type:_ `str` -- _Default:_ `''` - -Version of saptune to install (SLES for SAP Applications).
-This will replace the current installed version if present, even downgrade if necessary.
- -### sap_hana_preconfigure_saptune_solution -- _Type:_ `str` -- _Default:_ `'HANA'` -- _Possible Values:_
- - `HANA` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-DBSERVER` - -The saptune solution to apply (SLES for SAP Applications).
- -### sap_hana_preconfigure_saptune_azure -- _Type:_ `bool` -- _Default:_ `false` - -On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
-If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
-Set this parameter to `true` on Azure.
- - \ No newline at end of file diff --git a/roles/sap_hana_preconfigure/README.md b/roles/sap_hana_preconfigure/README.md index f141faac..d96e075b 100644 --- a/roles/sap_hana_preconfigure/README.md +++ b/roles/sap_hana_preconfigure/README.md @@ -5,9 +5,7 @@ ## Description -Ansible Role `sap_hana_preconfigure` is used to ensure that Managed nodes are configured to host SAP HANA systems according to SAP Notes after [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) role was executed. - -This role performs installation of required packages for running SAP HANA systems and configuration of Operating system parameters. +The Ansible role `sap_hana_preconfigure` installs additional required packages and performs additional OS configuration steps according to applicable SAP notes for installing and running SAP HANA after the role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) has been executed. @@ -86,8 +84,6 @@ Managed nodes: **:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** **NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** - -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. @@ -130,6 +126,8 @@ Example of execution together with prerequisite role [sap_general_preconfigure]( +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ## License @@ -142,5 +140,313 @@ Apache 2.0 - [Bernd Finger](https://github.com/berndfinger) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hana_preconfigure/INPUT_PARAMETERS.md) +## Role Variables + +### sap_hana_preconfigure_config_all +- _Type:_ `bool` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_hana_preconfigure_installation +- _Type:_ `bool` + +If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_hana_preconfigure_configuration +- _Type:_ `bool` + +If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
+ +Example: + +```yaml +sap_hana_preconfigure_config_all: false +sap_hana_preconfigure_configuration: true +sap_hana_preconfigure_2772999_04: true +sap_hana_preconfigure_2382421: true +``` + +### sap_hana_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_hana_preconfigure_assert_all_config +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will check either tuned or static settings.
+If this parameter is set to to `true`, the role will check both tuned and static settings.
+ +### sap_hana_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_hana_preconfigure_system_roles_collection +- _Type:_ `str` +- _Default:_ `'fedora.linux_system_roles'` + +Set which Ansible Collection to use for the Linux System Roles.
+Available values: +- `fedora.linux_system_roles` - for community/upstream.
+- `redhat.rhel_system_roles` - for the RHEL System Roles for SAP, or for Red Hat Automation Hub.
+ +### sap_hana_preconfigure_min_rhel_release_check +- _Type:_ `bool` +- _Default:_ `false` + +Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of
+known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if
+the RHEL release is not part of that list. If set to `true`, the role will fail in such a case.
+ +### sap_hana_preconfigure_supported_rhel_minor_releases +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA supported RHEL minor releases.
+ +### sap_hana_preconfigure_enable_sap_hana_repos +- _Type:_ `bool` +- _Default:_ `false` + +Set to 'true' to enable the SAP HANA required RHEL repos.
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_7_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_7_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_8_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_8_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_9_x86_64 +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_req_repos_redhat_9_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le'
+This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
+The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
+ +### sap_hana_preconfigure_set_minor_release +- _Type:_ `bool` +- _Default:_ `false` + +Use this parameter to set the RHEL minor release, which is required for SAP HANA.
+The related parameter is `sap_general_preconfigure_set_minor_release`.
+ +### sap_hana_preconfigure_create_directories +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` if you do not want the SAP HANA directories to be created by the role.
+The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels`
+(see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set.
+ +### sap_hana_preconfigure_hana_directories +- _Type:_ `list` with elements of type `str` +- _Default:_ + - /hana + - /lss/shared + +List of SAP HANA directories to be created.
+ +### sap_hana_preconfigure_modify_selinux_labels +- _Type:_ `bool` +- _Default:_ `true` + +For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add
+the `usr_t` label to directories and files in the directories where HANA is installed.
+If relabeling not desired, set this parameter `false`.
+If the variable is set to `true`, the SAP HANA directories will be created no matter
+how the variable `sap_hana_preconfigure_create_directories` (see above) is set.
+ +### sap_hana_preconfigure_packages +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list
+or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`).
+ +### sap_hana_preconfigure_min_package_check +- _Type:_ `bool` +- _Default:_ `true` + +SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
+Set this parameter to `false` if you want to ignore these requirements.
+ +### sap_hana_preconfigure_update +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` to update the system to the latest package levels.
+By setting the parameter `sap_general_preconfigure_set_minor_release` of the
+role `sap_general_preconfigure` to `true`, you can install the most recent package updates
+without updating to a more recent RHEL minor release.
+ +### sap_hana_preconfigure_reboot_ok +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` if you want to perform a reboot at the end of the role, if necessary.
+ +### sap_hana_preconfigure_fail_if_reboot_required +- _Type:_ `bool` +- _Default:_ `true` + +If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
+remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
+Can be useful if you want to implement your own reboot handling.
+ +### sap_hana_preconfigure_kernel_parameters +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Network related linux kernel parameter settings for SAP HANA on all hardware platforms.
+ +### sap_hana_preconfigure_kernel_parameters_ppc64le +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +Network related linux kernel parameter settings for platform ppc64le.
+ +### sap_hana_preconfigure_use_netapp_settings_nfs +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to also set NetApp NFS required kernel parameters.
+ +### sap_hana_preconfigure_install_ibm_power_tools +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
+ +### sap_hana_preconfigure_add_ibm_power_repo +- _Type:_ `bool` +- _Default:_ `true` + +Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
+are already available on the local network). The IBM Power Systems service and productivity tools will only
+be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
+ +### sap_hana_preconfigure_ibm_power_repo_url +- _Type:_ `str` +- _Default:_ (set by platform/environment specific variables) + +URL of the IBM Power tools repository.
+ +### sap_hana_preconfigure_ppcle_mtu9000_if +- _Type:_ `str` +- _Default:_ `''` + +List of interfaces for which the MTU size will be set to `9000`.
+ +### sap_hana_preconfigure_ppcle_tso_if +- _Type:_ `list` with elements of type `str` +- _Default:_ + '{{ ansible_interfaces | difference([''lo'']) }}' + +List of interfaces for which the tso flag will be set.
+ +### sap_hana_preconfigure_use_tuned +- _Type:_ `bool` +- _Default:_ `true` + +Use tuned for configuring most of the kernel settings for SAP HANA
+Set this parameter to `false` to use static kernel settings
+ +### sap_hana_preconfigure_tuned_profile +- _Type:_ `str` +- _Default:_ `'sap-hana'` + +Name of the SAP HANA tuned tuned profile to enable (RHEL).
+ +### sap_hana_preconfigure_modify_grub_cmdline_linux +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` to modify the Grub boot command line.
+ +### sap_hana_preconfigure_run_grub2_mkconfig +- _Type:_ `bool` +- _Default:_ `true` + +By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
+Set this parameter to `false` if this is not desired.
+ +### sap_hana_preconfigure_db_group_name +- _Type:_ `str` + +Use this parameter to specify the name of the RHEL group which is used for the database processes.
+It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999.
+ +Example: + +```yaml +sap_hana_preconfigure_db_group_name: dba +``` + +### sap_hana_preconfigure_saptune_version +- _Type:_ `str` +- _Default:_ `''` + +(SUSE specific) Specifies the saptune version.
+This will replace the current installed version if present, even downgrade if necessary.
+ +### sap_hana_preconfigure_saptune_solution +- _Type:_ `str` +- _Default:_ `'HANA'` + +(SUSE specific) Specifies the saptune solution to apply.
+Available values: `HANA`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-DBSERVER` + +### sap_hana_preconfigure_saptune_azure +- _Type:_ `bool` +- _Default:_ `false` + +(SUSE specific) On Azure, TCP timestamps, reuse and recycle should be disabled.
+If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
+Set this parameter to `true` on Azure.
+ \ No newline at end of file diff --git a/roles/sap_hostagent/INPUT_PARAMETERS.md b/roles/sap_hostagent/INPUT_PARAMETERS.md deleted file mode 100644 index 1b10434b..00000000 --- a/roles/sap_hostagent/INPUT_PARAMETERS.md +++ /dev/null @@ -1,130 +0,0 @@ -## Input Parameters for sap_hostagent Ansible Role - - -### sap_hostagent_installation_type - -- _Type:_ `string` -- _Default:_ `rpm` - -Select type of installation source for SAPHOSTAGENT.
-Available options: `sar`, `sar-remote`, `bundle`, `rpm` - - -## Input Parameters for SAR -Following input parameters are used by both Local SAR and Remote SAR. - -### sap_hostagent_sar_file_name - -- _Type:_ `string` - -Name of SAR file containing SAPHOSTAGENT. - -### sap_hostagent_sapcar_file_name - -- _Type:_ `string` - -Name of SAR file containing SAPCAR. - -## Input Parameters for Local SAR - -### sap_hostagent_sar_local_path - -- _Type:_ `string` - -Local directory path where SAR file is located. Do not use together with `sap_hostagent_sar_remote_path`. - -### sap_hostagent_sapcar_local_path - -- _Type:_ `string` - -Local directory path where SAPCAR file is located. Do not use together with `sap_hostagent_sapcar_remote_path`. - -## Input Parameters for Remote SAR - -### sap_hostagent_sar_remote_path - -- _Type:_ `string` - -Remote directory path where SAR file is located. Do not use together with `sap_hostagent_sar_local_path`. - -### sap_hostagent_sapcar_remote_path - -- _Type:_ `string` - -Local directory path where SAPCAR file is located. Do not use together with `sap_hostagent_sapcar_local_path`. - - -## Input Parameters for RPM - -### sap_hostagent_rpm_local_path - -- _Type:_ `string` - -Local directory path where RPM file is located. Do not use together with `sap_hostagent_rpm_remote_path`. - -### sap_hostagent_rpm_remote_path - -- _Type:_ `string` - -Remote directory path where RPM file is located. Do not use together with `sap_hostagent_rpm_local_path`. - -### sap_hostagent_rpm_file_name - -- _Type:_ `string` - -Name of RPM package containing SAPHOSTAGENT. - - -## Input Parameters for SAP Bundle - -### sap_hostagent_bundle_path - -- _Type:_ `string` - -Remote directory path where SAP Bundle file is located after being extracted. - - -## Input Parameters for SSL setup - -### sap_hostagent_config_ssl - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to configure PSE and create CSR.
-Adding signed certificates from a valid CA is not supported yet. - -### sap_hostagent_ssl_passwd - -- _Type:_ `string` - -Enter password for the CSR. It is used when `sap_hostagent_config_ssl` is set. - -### sap_hostagent_ssl_org - -- _Type:_ `string` - -Enter Organization information for the CSR. It is used when `sap_hostagent_config_ssl` is set. - -### sap_hostagent_ssl_country - -- _Type:_ `string` - -Enter Country information for the CSR. It is used when `sap_hostagent_config_ssl` is set. - - -### sap_hostagent_agent_tmp_directory - -- _Type:_ `string` -- _Default:_ `/tmp/hostagent` - -Temporary directory for processing of source file. - -### sap_hostagent_clean_tmp_directory - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to remove temporary directory after installation. - - \ No newline at end of file diff --git a/roles/sap_hostagent/README.md b/roles/sap_hostagent/README.md index 40039515..e72fc7cc 100644 --- a/roles/sap_hostagent/README.md +++ b/roles/sap_hostagent/README.md @@ -4,7 +4,7 @@ ## Description -Ansible Role `sap_hostagent` is used install SAP Host Agent. +The Ansible Role `sap_hostagent` is used install SAP Host Agent. SAP Host Agent is an agent that can accomplish several life-cycle management tasks, such as operating system monitoring, database monitoring, system instance control and provisioning. @@ -130,5 +130,137 @@ Apache 2.0 - [Bernd Finger](https://github.com/berndfinger) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hostagent/INPUT_PARAMETERS.md) +## Role Variables + +### sap_hostagent_installation_type + +- _Type:_ `string` +- _Default:_ `rpm` + +Select type of installation source for SAPHOSTAGENT.
+Available options: `sar`, `sar-remote`, `bundle`, `rpm` + + +### Input Parameters for SAR +Following input parameters are used by both Local SAR and Remote SAR. + +#### sap_hostagent_sar_file_name + +- _Type:_ `string` + +Name of SAR file containing SAPHOSTAGENT. + +#### sap_hostagent_sapcar_file_name + +- _Type:_ `string` + +Name of SAR file containing SAPCAR. + +### Input Parameters for Local SAR + +#### sap_hostagent_sar_local_path + +- _Type:_ `string` + +Local directory path where SAR file is located.
+**Do not use together with `sap_hostagent_sar_remote_path`.** + +#### sap_hostagent_sapcar_local_path + +- _Type:_ `string` + +Local directory path where SAPCAR file is located.
+**Do not use together with `sap_hostagent_sapcar_remote_path`.** + +### Input Parameters for Remote SAR + +#### sap_hostagent_sar_remote_path + +- _Type:_ `string` + +Remote directory path where SAR file is located.
+**Do not use together with `sap_hostagent_sar_local_path`.** + +#### sap_hostagent_sapcar_remote_path + +- _Type:_ `string` + +Local directory path where SAPCAR file is located.
+**Do not use together with `sap_hostagent_sapcar_local_path`.** + + +### Input Parameters for RPM + +#### sap_hostagent_rpm_local_path + +- _Type:_ `string` + +Local directory path where RPM file is located.
+**Do not use together with `sap_hostagent_rpm_remote_path`.** + +#### sap_hostagent_rpm_remote_path + +- _Type:_ `string` + +Remote directory path where RPM file is located.
+**Do not use together with `sap_hostagent_rpm_local_path`.** + +#### sap_hostagent_rpm_file_name + +- _Type:_ `string` + +Name of RPM package containing SAPHOSTAGENT. + + +### Input Parameters for SAP Bundle + +#### sap_hostagent_bundle_path + +- _Type:_ `string` + +Remote directory path where SAP Bundle file is located after being extracted. + + +### Input Parameters for SSL setup + +#### sap_hostagent_config_ssl + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to configure PSE and create CSR.
+Adding signed certificates from a valid CA is not supported yet. + +#### sap_hostagent_ssl_passwd + +- _Type:_ `string` + +Enter password for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +#### sap_hostagent_ssl_org + +- _Type:_ `string` + +Enter Organization information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +#### sap_hostagent_ssl_country + +- _Type:_ `string` + +Enter Country information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + + +#### sap_hostagent_agent_tmp_directory + +- _Type:_ `string` +- _Default:_ `/tmp/hostagent` + +Temporary directory for processing of source file. + +#### sap_hostagent_clean_tmp_directory + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to remove temporary directory after installation. + \ No newline at end of file diff --git a/roles/sap_install_media_detect/INPUT_PARAMETERS.md b/roles/sap_install_media_detect/INPUT_PARAMETERS.md deleted file mode 100644 index 67beaf02..00000000 --- a/roles/sap_install_media_detect/INPUT_PARAMETERS.md +++ /dev/null @@ -1,181 +0,0 @@ -## Input Parameters for sap_install_media_detect Ansible Role - -### sap_install_media_detect_rar_handling - -- _Type:_ `bool` -- _Default:_ `True` - -Set this parameter to `false` for skipping the handling of RAR files. In this case, also no `unar` or other RAR handling software will be installed. - - -### sap_install_media_detect_rar_package - -- _Type:_ `str` -- _Default:_ `EPEL` - -Set this parameter to use either the `unar` package from `EPEL` or another software package for handling RAR files.
-Based on this setting, the commands for listing and extracting RAR files are being set in tasks/prepare/enable_rar_handling.yml - -### sap_install_media_detect_epel_gpg_key_url - -- _Type:_ `str` -- _Default:_ `https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}` - -URL for the EPEL GPG key - -### sap_install_media_detect_use_rpm_key_module_for_removing_the_key - -- _Type:_ `bool` -- _Default:_ `True` - -The `EPEL` GPG key can be removed with the rpm_key module and the URL for the key, or by using the `rpm -e` command.
-For using the rpm -e command, set this variable to 'false'. - -### sap_install_media_detect_file_server_only - -- _Type:_ `bool` -- _Default:_ `False` - -If this role is running on a file server on which the SAP software is not to be installed, set the following to true.
-If this role is running on a system on which the SAP software is to be installed, set the following to false. - -### sap_install_media_detect_rar_list - -- _Type:_ `str` -- _Default:_ `/usr/bin/unrar lb` - -Fully qualified path to the program for listing RAR files, including the argument for listing files.
-If not specified, the `lsar` program (or a link with the name `lsar`, pointing to the actual `lsar` program) is expected to be located in one of the PATH directories.
-If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. - -### sap_install_media_detect_rar_extract - -- _Type:_ `str` -- _Default:_ `/usr/bin/unrar x` - -Fully qualified path to the program for extracting RAR files, including the argument for extracting files.
-If not specified, the `unar` program (or a link with the name `unar`, pointing to the actual `unar` program) is expected to be located in one of the PATH directories.
-If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. - -### sap_install_media_detect_rar_extract_directory_argument - -- _Type:_ `str` - -Fully qualified path to an additional argument to the program for extracting RAR files, for specifying the directory into which the archive is to be extracted. Needs to be empty or start with a space character.
-If sap_install_media_detect_rar_package is set to 'EPEL', this variable is not used. - -### sap_install_media_detect_source_directory - -- _Type:_ `str` -- _Default:_ `/software` - -Directory where the SAP software is located - -### sap_install_media_detect_target_directory - -- _Type:_ `str` - -Directory where the SAP software is located after the role is run, if different from `sap_install_media_detect_source_directory` - -### sap_install_media_detect_create_target_directory - -- _Type:_ `bool` -- _Default:_ `True` - -Create target directory if it does not yet exist. If set to false, perform a check only - -### sap_install_media_detect_rename_target_file_exists - -- _Type:_ `str` -- _Default:_ `skip` - -If there are two files of the same RAR or ZIP type, one with and one without suffix, the following parameter will determine what the role will do for such a file: `skip` the file renaming, `fail`, or `overwrite` the file with the suffix by the file without suffix - -### sap_install_media_detect_extract_archives - -- _Type:_ `bool` -- _Default:_ `True` - -If you want the role to not extract archives which have the extract flag set, set the following parameter to `false`. - -### sap_install_media_detect_move_or_copy_archives - -- _Type:_ `bool` -- _Default:_ `True` - -If you want the role to not move or copy archive files to the `target_dir` subdirectories, set the following parameter to `false`. - -### sap_install_media_detect_assert_after_sapfile - -- _Type:_ `bool` -- _Default:_ `True` - -By default, the presence of at least one file for each file type according to the configured role parameters is asserted. Set the following parameter to 'false' to skip this step. - -### sap_install_media_detect_db - -- _Type:_ `str` - -Select which database type to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` - -### sap_install_media_detect_db_client - -- _Type:_ `str` - -Select which database client to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` - -### sap_install_media_detect_swpm - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to detect SWPM. - -### sap_install_media_detect_hostagent - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to detect SAP Hostagent. - -### sap_install_media_detect_igs - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to detect SAP IGS. - -### sap_install_media_detect_kernel - -- _Type:_ `bool` -- _Default:_ `False` - -Enable to detect SAP Kernel files. - -### sap_install_media_detect_kernel_db - -- _Type:_ `str` - -Select which database kernel to detect: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2`
\ No newline at end of file diff --git a/roles/sap_install_media_detect/README.md b/roles/sap_install_media_detect/README.md index 45e739bd..1c0a100c 100644 --- a/roles/sap_install_media_detect/README.md +++ b/roles/sap_install_media_detect/README.md @@ -5,7 +5,7 @@ ## Description -Ansible Role `sap_install_media_detect` is used to detect and extract SAP installation media. +The Ansible Role `sap_install_media_detect` is used to detect and extract SAP installation media. This role searches provided source directory, sorts files based on type and extracts them to target directory. Extraction can be further adjusted to create individual folders based on defined inputs. @@ -23,7 +23,6 @@ Managed nodes: ## Execution -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. @@ -118,6 +117,8 @@ Note: After running the role with the following four tags, the SAP archive files +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ## License @@ -130,5 +131,192 @@ Apache 2.0 - [Bernd Finger](https://github.com/berndfinger) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_install_media_detect/INPUT_PARAMETERS.md) +## Role Variables + +### sap_install_media_detect_rar_handling + +- _Type:_ `bool` +- _Default:_ `True` + +Set this parameter to `false` for skipping the handling of RAR files. In this case, also no `unar` or other RAR handling software will be installed. + + +### sap_install_media_detect_rar_package + +- _Type:_ `str` +- _Default:_ `EPEL` + +Set this parameter to use either the `unar` package from `EPEL` or another software package for handling RAR files.
+Based on this setting, the commands for listing and extracting RAR files are being set in tasks/prepare/enable_rar_handling.yml + +### sap_install_media_detect_epel_gpg_key_url + +- _Type:_ `str` +- _Default:_ `https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}` + +URL for the EPEL GPG key + +### sap_install_media_detect_use_rpm_key_module_for_removing_the_key + +- _Type:_ `bool` +- _Default:_ `True` + +The `EPEL` GPG key can be removed with the rpm_key module and the URL for the key, or by using the `rpm -e` command.
+For using the rpm -e command, set this variable to 'false'. + +### sap_install_media_detect_file_server_only + +- _Type:_ `bool` +- _Default:_ `False` + +If this role is running on a file server on which the SAP software is not to be installed, set the following to true.
+If this role is running on a system on which the SAP software is to be installed, set the following to false. + +### sap_install_media_detect_rar_list + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar lb` + +Fully qualified path to the program for listing RAR files, including the argument for listing files.
+If not specified, the `lsar` program (or a link with the name `lsar`, pointing to the actual `lsar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar x` + +Fully qualified path to the program for extracting RAR files, including the argument for extracting files.
+If not specified, the `unar` program (or a link with the name `unar`, pointing to the actual `unar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract_directory_argument + +- _Type:_ `str` + +Fully qualified path to an additional argument to the program for extracting RAR files, for specifying the directory into which the archive is to be extracted.
+Needs to be empty or start with a space character.
+If sap_install_media_detect_rar_package is set to 'EPEL', this variable is not used. + +### sap_install_media_detect_source_directory + +- _Type:_ `str` +- _Default:_ `/software` + +Directory where the SAP software is located + +### sap_install_media_detect_target_directory + +- _Type:_ `str` + +Directory where the SAP software is located after the role is run, if different from `sap_install_media_detect_source_directory` + +### sap_install_media_detect_create_target_directory + +- _Type:_ `bool` +- _Default:_ `True` + +Create target directory if it does not yet exist. If set to false, perform a check only + +### sap_install_media_detect_rename_target_file_exists + +- _Type:_ `str` +- _Default:_ `skip` + +If there are two files of the same RAR or ZIP type, one with and one without suffix, the following parameter will determine what the role will do for such a file:
+- `skip` the file renaming. +- `fail` execution. +- `overwrite` the file with the suffix by the file without suffix. + +### sap_install_media_detect_extract_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not extract archives which have the extract flag set, set the following parameter to `false`. + +### sap_install_media_detect_move_or_copy_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not move or copy archive files to the `target_dir` subdirectories, set the following parameter to `false`. + +### sap_install_media_detect_assert_after_sapfile + +- _Type:_ `bool` +- _Default:_ `True` + +By default, the presence of at least one file for each file type according to the configured role parameters is asserted. Set the following parameter to 'false' to skip this step. + +### sap_install_media_detect_db + +- _Type:_ `str` + +Select which database type to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_db_client + +- _Type:_ `str` + +Select which database client to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_swpm + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SWPM. + +### sap_install_media_detect_hostagent + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Hostagent. + +### sap_install_media_detect_igs + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP IGS. + +### sap_install_media_detect_kernel + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Kernel files. + +### sap_install_media_detect_kernel_db + +- _Type:_ `str` + +Select which database kernel to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2`
+Only necessary if there is more than one SAPEXEDB file in the source directory + +### sap_install_media_detect_webdisp + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Web Dispatcher. + +### sap_install_media_detect_mpstack + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Maintenance Planner stack file. + +### sap_install_media_detect_export + +- _Type:_ `str` + +Select which database export to detect.
+Available values: `saps4hana`, `sapbw4hana`, `sapecc`, `sapecc_ides`, `sapnwas_abap`, `sapnwas_java`, `sapsolman_abap`, `sapsolman_java` + \ No newline at end of file diff --git a/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md b/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md deleted file mode 100644 index 959447a1..00000000 --- a/roles/sap_maintain_etc_hosts/INPUT_PARAMETERS.md +++ /dev/null @@ -1,78 +0,0 @@ -## Input Parameters for sap_maintain_etc_hosts Ansible Role - - -This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the `/etc/hosts` file. - -The default value is the definition of the cluster nodes like in the role [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster). If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined, then the role creates a default value from `ansible_facts`. - -**NOTE: If you want to use this role to remove entries from /etc/hosts it is a good practice to do this before adding entries. The adding/removal is done in the order the entries are listed.** - -### sap_maintain_etc_hosts_list - -- _Type:_ `list` with elements of type `dict` - -Mandatory list of nodes in form of dictionaries to be added or removed in `/etc/hosts` file. - -Following dictionary keys can be defined: -- **node_ip**
- IP address of the managed node.
- **Required** for adding new entries to `/etc/hosts`.
- _Optional_ for removing entries, where `node_name` and `node_domain` can be used instead. - - - _Type:_ `string` - -- **node_name**
- Hostname of the managed node.
- **Required** for adding new entries to `/etc/hosts`.
- _Optional_ for removing entries, when `node_ip` is not used. - - - _Type:_ `string` - -- **node_domain**
- Domain name of the managed node. Defaults to `sap_domain` if set or `ansible_domain`.
- **Required** for adding new entries to `/etc/hosts`.
- _Optional_ for removing entries, when `node_name` is used. - - - _Type:_ `string` - - _Default:_ `sap_domain` - -- **aliases**
- List of aliases for the managed node.
- _Optional_ for adding new entries to `/etc/hosts`. - - - _Type:_ `list` with elements of type `string` - -- **alias_mode**
- Select method of updating `/etc/hosts` file:
- - `merge` : merges the list of aliases with the exiting aliases of the node.
- - `overwrite` : overwrites the aliases of the node. - _Optional_ for adding new entries to `/etc/hosts`. - - - _Type:_ `string` - - _Default:_ `merge` - -- **node_comment**
- Node comment is appended at end of line of managed node.
- _Optional_ for adding new entries to `/etc/hosts`. - - - _Type:_ `string` - - _Default:_ `managed by ansible sap_maintain_etc_hosts role` - -- **hana_site**
- Used by [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) and it is appended to `node_comment`
- _Optional_ for adding new entries to `/etc/hosts`. - - - _Type:_ `string` - -- **node_role**
- Not used, but mentioned for compatibility reasons for [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role.
- - - _Type:_ `string` - -- **state**
- Select `present` for adding new entries, `absent` for removing them.
- **Required** for removing entries, otherwise default `present` is used. - - - _Type:_ `string` - - _Default:_ `present` - \ No newline at end of file diff --git a/roles/sap_maintain_etc_hosts/README.md b/roles/sap_maintain_etc_hosts/README.md index e822ae55..a308d204 100644 --- a/roles/sap_maintain_etc_hosts/README.md +++ b/roles/sap_maintain_etc_hosts/README.md @@ -4,7 +4,7 @@ ## Description -Ansible Role `sap_maintain_etc_hosts` is used to maintain `/etc/hosts` file. +The Ansible role `sap_maintain_etc_hosts` is used to maintain the `/etc/hosts` file.. @@ -15,7 +15,6 @@ Ansible Role `sap_maintain_etc_hosts` is used to maintain `/etc/hosts` file. ## Execution -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. @@ -75,6 +74,8 @@ Example playbook when executed together with [sap_ha_pacemaker_cluster](https:// +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ## License @@ -88,5 +89,82 @@ Apache 2.0 - [Bernd Finger](https://github.com/berndfinger) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_sap_maintain_etc_hosts/INPUT_PARAMETERS.md) +## Role Variables + + +This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the `/etc/hosts` file. + +The default value is the definition of the cluster nodes like in the role [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster).
+If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined, then the role creates a default value from `ansible_facts`. + +**NOTE: If you want to use this role to remove entries from /etc/hosts it is a good practice to do this before adding entries. The adding/removal is done in the order the entries are listed.** + +### sap_maintain_etc_hosts_list + +- _Type:_ `list` with elements of type `dict` + +Mandatory list of nodes in form of dictionaries to be added or removed in `/etc/hosts` file. + +Following dictionary keys can be defined: +- **node_ip**
+ IP address of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, where `node_name` and `node_domain` can be used instead. + + - _Type:_ `string` + +- **node_name**
+ Hostname of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_ip` is not used. + + - _Type:_ `string` + +- **node_domain**
+ Domain name of the managed node. Defaults to `sap_domain` if set or `ansible_domain`.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_name` is used. + + - _Type:_ `string` + - _Default:_ `sap_domain` + +- **aliases**
+ List of aliases for the managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `list` with elements of type `string` + +- **alias_mode**
+ Select method of updating `/etc/hosts` file:
+ - `merge` : merges the list of aliases with the exiting aliases of the node.
+ - `overwrite` : overwrites the aliases of the node. + _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + - _Default:_ `merge` + +- **node_comment**
+ Node comment is appended at end of line of managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + - _Default:_ `managed by ansible sap_maintain_etc_hosts role` + +- **hana_site**
+ Used by [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) and it is appended to `node_comment`
+ _Optional_ for adding new entries to `/etc/hosts`. + + - _Type:_ `string` + +- **node_role**
+ Not used, but mentioned for compatibility reasons for [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role.
+ + - _Type:_ `string` + +- **state**
+ Select `present` for adding new entries, `absent` for removing them.
+ **Required** for removing entries, otherwise default `present` is used. + + - _Type:_ `string` + - _Default:_ `present` + \ No newline at end of file diff --git a/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md b/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md deleted file mode 100644 index bdaf4cdf..00000000 --- a/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md +++ /dev/null @@ -1,92 +0,0 @@ -## Input Parameters for sap_netweaver_preconfigure Ansible Role - -## Role Input Parameters - -Minimum required parameters: -This role does not require any parameter to be set in the playbook or inventory. - - -### sap_netweaver_preconfigure_config_all -- _Type:_ `bool` -- _Default:_ `true` - -If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
-Default is to perform installation and configuration steps.
- -### sap_netweaver_preconfigure_installation -- _Type:_ `bool` -- _Default:_ `false` - -If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-installation steps of SAP notes.
- -### sap_netweaver_preconfigure_configuration -- _Type:_ `bool` -- _Default:_ `false` - -If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
-configuration steps of SAP notes.
- -### sap_netweaver_preconfigure_assert -- _Type:_ `bool` -- _Default:_ `false` - -If set to `true`, the role will run in assertion mode instead of the default configuration mode.
- -### sap_netweaver_preconfigure_assert_ignore_errors -- _Type:_ `bool` -- _Default:_ `false` - -In assertion mode, the role will abort when encountering any assertion error.
-If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
-This is useful if the role is used for reporting a system's SAP notes compliance.
- -### sap_netweaver_preconfigure_min_swap_space_mb -- _Type:_ `str` -- _Default:_ `20480` - -Specifies the minimum amount of swap space on the system required by SAP NetWeaver.
-If this requirement is not met, the role will abort.
-Set your own value to override the default of `20480`.
- -### sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured -- _Type:_ `bool` -- _Default:_ `true` - -If the system does not have the minimum amount of swap space configured as defined
-in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort.
-By setting this parameter to `false`, the role will not abort in such cases.
- -### sap_netweaver_preconfigure_rpath -- _Type:_ `str` -- _Default:_ `/usr/sap/lib` - -Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role
-is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`,
-so that newer SAP kernels which are built with GCC10 can find the required symbols.
- -### sap_netweaver_preconfigure_use_adobe_doc_services -- _Type:_ `bool` -- _Default:_ `false` - -Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed.
- -### sap_netweaver_preconfigure_saptune_version -- _Type:_ `str` -- _Default:_ `3.0.2` - -On SLES systems, specifies the saptune version
- -### sap_netweaver_preconfigure_saptune_solution -- _Type:_ `str` -- _Default:_ `NETWEAVER` -- _Possible Values:_
- - `NETWEAVER` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-APPSERVER` - - `S4HANA-DBSERVER` - -On SLES systems, specifies the saptune solution to apply.
- - \ No newline at end of file diff --git a/roles/sap_netweaver_preconfigure/README.md b/roles/sap_netweaver_preconfigure/README.md index 4375bfec..fc321756 100644 --- a/roles/sap_netweaver_preconfigure/README.md +++ b/roles/sap_netweaver_preconfigure/README.md @@ -4,9 +4,7 @@ ## Description -Ansible Role `sap_netweaver_preconfigure` is used to ensure that Managed nodes are configured to host SAP Netweaver systems according to SAP Notes after [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) role was executed. - -This role performs installation of required packages for running SAP Netweaver systems and configuration of Operating system parameters. +The Ansible role `sap_netweaver_preconfigure` installs additional required packages and performs additional OS configuration steps according to applicable SAP notes for installing and running SAP ABAP Application Platform (formerly known as SAP NetWeaver) after the role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) has been executed. @@ -23,8 +21,6 @@ Managed nodes: **:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** **NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** - -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. @@ -68,6 +64,8 @@ Example of execution together with prerequisite role [sap_general_preconfigure]( +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ## License @@ -80,5 +78,82 @@ Apache 2.0 - [Bernd Finger](https://github.com/berndfinger) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_netweaver_preconfigure/INPUT_PARAMETERS.md) +## Role Variables + +### sap_netweaver_preconfigure_config_all +- _Type:_ `bool` +- _Default:_ `true` + +If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
+Default is to perform installation and configuration steps.
+ +### sap_netweaver_preconfigure_installation +- _Type:_ `bool` +- _Default:_ `false` + +If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+installation steps of SAP notes.
+ +### sap_netweaver_preconfigure_configuration +- _Type:_ `bool` +- _Default:_ `false` + +If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
+configuration steps of SAP notes.
+ +### sap_netweaver_preconfigure_assert +- _Type:_ `bool` +- _Default:_ `false` + +If set to `true`, the role will run in assertion mode instead of the default configuration mode.
+ +### sap_netweaver_preconfigure_assert_ignore_errors +- _Type:_ `bool` +- _Default:_ `false` + +In assertion mode, the role will abort when encountering any assertion error.
+If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
+This is useful if the role is used for reporting a system's SAP notes compliance.
+ +### sap_netweaver_preconfigure_min_swap_space_mb +- _Type:_ `str` +- _Default:_ `20480` + +Specifies the minimum amount of swap space on the system required by SAP NetWeaver.
+If this requirement is not met, the role will abort.
+Set your own value to override the default of `20480`.
+ +### sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured +- _Type:_ `bool` +- _Default:_ `true` + +If the system does not have the minimum amount of swap space configured as defined
+in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort.
+By setting this parameter to `false`, the role will not abort in such cases.
+ +### sap_netweaver_preconfigure_rpath +- _Type:_ `str` +- _Default:_ `/usr/sap/lib` + +Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role
+is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`,
+so that newer SAP kernels which are built with GCC10 can find the required symbols.
+ +### sap_netweaver_preconfigure_use_adobe_doc_services +- _Type:_ `bool` +- _Default:_ `false` + +Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed.
+ +### sap_netweaver_preconfigure_saptune_version +- _Type:_ `str` + +(SUSE specific) Specifies the saptune version. + +### sap_netweaver_preconfigure_saptune_solution +- _Type:_ `str` +- _Default:_ `NETWEAVER` + +(SUSE specific) Specifies the saptune solution to apply.
+Available values: `NETWEAVER`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-APPSERVER`, `S4HANA-DBSERVER` + \ No newline at end of file diff --git a/roles/sap_storage_setup/INPUT_PARAMETERS.md b/roles/sap_storage_setup/INPUT_PARAMETERS.md deleted file mode 100644 index f4de99ad..00000000 --- a/roles/sap_storage_setup/INPUT_PARAMETERS.md +++ /dev/null @@ -1,140 +0,0 @@ - -## Input Parameters for sap_netweaver_preconfigure Ansible Role - - -Minimum required parameters: - -- [sap_storage_setup_definition](#sap_storage_setup_definition-required) -- [sap_storage_setup_host_type](#sap_storage_setup_host_type-required) -- [sap_storage_setup_sid](#sap_storage_setup_sid-required) - - -### sap_storage_setup_definition required - -- _Type:_ `list` - -Describes list of the filesystems to be configured.
- -- **disk_size**
- Size of the disk device that is used for the filesystem.
For filesystems with no LVM logical volume striping, this is the total size of the filesystem.
For filesystems with LVM LV striping defined (`lvm_lv_stripes`), this is the size of each disk. The resulting filesystem size will be `disk_size` multiplied by `lvm_lv_stripes` (=disks). - - - _Type:_ `int` - -- **filesystem_type**
- The type of filesystem that will be created on the logical volume. - - - _Type:_ `str` - - _Default:_ `xfs` - -- **lvm_lv_name**
- The name of the LVM volume.
The default name is derived from the name value of the filesystem definition entry, for example 'lv_hanalog'. - - - _Type:_ `str` - -- **lvm_lv_stripe_size**
- When setting up a striped volume, the stripe size can be defined.
Example format - "128K". - - - _Type:_ `str` - -- **lvm_lv_stripes**
- Number of disks that will be configured in a striped volume.
This requires the availability of the same amount of unused disks, which must be of the size defined in `disk_size`. - - - _Type:_ `int` - _Default:_ `1` - -- **lvm_vg_name**
- The name of the LVM volume group.
The default name is derived from the name value of the filesystem definition entry, for example 'vg_hanalog'. - - - _Type:_ `str` - -- **lvm_vg_physical_extent_size**
- Adjustable size of the physical extents of the volume group in LVM. - - - _Type:_ `int` - - _Default:_ `4` - -- **mountpoint**
- The path to where the filesystem will be mounted.
This can be left out for the definition of a swap volume. - - - _Type:_ `str` - -- **name**
- A name of the filesystem definition entry.
This name is used to generate volume group name and logical volume name. - - - _Type:_ `str` - -- **nfs_filesystem_type**
- The type of the NFS filesystem, for example `nfs`, `nfs4`. - - - _Type:_ `str` - - _Default:_ `nfs4` - -- **nfs_mount_options**
- Mount options to use for the NFS mount.
Generic default is `hard,acl`.
Defaults depend on the specific platform detected by the role or defined explicitly. - - - _Type:_ `str` - - _Default:_ `hard,acl` - -- **nfs_path**
- When defining an NFS filesystem, this is the directory path of the filesystem to be mounted. - - - _Type:_ `str` - -- **nfs_server**
- When defining an NFS filesystem, this is the address of the NFS server.
The address must contain the root path, in which the mount directories exist or will be created.
For example, `192.168.1.100:/`. - - - _Type:_ `str` - -- **swap_path**
- The path to the swap file.
When this option is defined for a swap filesystem definition, it will create a swap file on an existing filesystem. - - - _Type:_ `str` - -Example: - -```yaml -sap_storage_setup_definition: - - # Block Storage volume - - name: hana_data # required: string, filesystem name used to generate lvm_lv_name and lvm_vg_name - mountpoint: /hana/data # required: string, directory path where the filesystem is mounted - disk_size: 100 # required: integer, size in GB - filesystem_type: xfs # optional: string, value 'xfs'. Use 'swap' to create swap filesystem - - # File Storage volume - - name: hana_shared # required: string, reference name - mountpoint: /hana/shared # required: string, directory path where the filesystem is mounted - nfs_server: nfs.corp:/ # required: string, server and parent directory of the NFS Server; value default from var sap_storage_setup_nfs_server - - # Swap as file instead of Block Storage volume - # See SAP Note 1597355 - Swap-space recommendation for Linux - - name: swap # required: string, reference name - swap_path: /swapfile # required: string, directory path where swap file is created - disk_size: 4 # required: integer, size in GB of swap file - filesystem_type: swap # required: string, must be value 'swap' -``` - -### sap_storage_setup_host_type required - -- _Type:_ `list` - -The type of service the target system is going to be configured for.
-This can be a list of multiple types which apply to a single host.
-If not defined, the default will be inherited from the global parameter `sap_host_type`. One of these parameters must be defined.
-Available values: `hana_primary`, `hana_secondary`, `nwas_abap_ascs`, `nwas_abap_ers`, `nwas_abap_pas`, `nwas_abap_aas`, `nwas_java_scs`, `nwas_java_ers` - -### sap_storage_setup_multipath_enable_and_detect - -- _Type:_ `bool` -- _Default:_ `False` - -Define if multipathing should be enabled and dynamic multipath devices detected and used for the filesystem setup.
- -### sap_storage_setup_sid required - -- _Type:_ `str` - -SID of the SAP service.
-If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
- - \ No newline at end of file diff --git a/roles/sap_storage_setup/README.md b/roles/sap_storage_setup/README.md index 55231f60..7105d145 100644 --- a/roles/sap_storage_setup/README.md +++ b/roles/sap_storage_setup/README.md @@ -5,7 +5,7 @@ ## Description -Ansible Role `sap_storage_setup` is used to prepare a host with the storage requirements of an SAP System (prior to software installation). +The Ansible Role `sap_storage_setup` is used to prepare a host with the storage requirements of an SAP System (prior to software installation). This role can prepare host with: - Local block storage volume setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path @@ -37,8 +37,6 @@ Managed nodes: **:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.**
:warning: While this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. -Role can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. - **Considerations** - This role does not permit static definition for mountpoint to use a specific device (e.g. `/dev/sdk`). The definition will define the disk size to use for the mountpoint, and match accordingly. - This role enforces that 1 mountpoint will use 1 LVM Logical Volume (LV) that consumes 100% of an LVM Volume Group (VG), with the LVM Volume Group (VG) consuming 100% of 1..n LVM Physical Volumes (PV). @@ -110,6 +108,8 @@ Example playbook to configure SAP HANA OneHost node on AWS that includes: +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. ## License @@ -122,5 +122,141 @@ Apache 2.0 - [Janine Fuchs](https://github.com/ja9fuchs) -## Role Input Parameters -All input parameters used by role are described in [INPUT_PARAMETERS.md](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_storage_setup/INPUT_PARAMETERS.md) +## Role Variables + + +Minimum required parameters: + +- [sap_storage_setup_definition](#sap_storage_setup_definition-required) +- [sap_storage_setup_host_type](#sap_storage_setup_host_type-required) +- [sap_storage_setup_sid](#sap_storage_setup_sid-required) + + +### sap_storage_setup_definition required + +- _Type:_ `list` + +Describes list of the filesystems to be configured.
+ +- **disk_size**
+ Size of the disk device that is used for the filesystem.
For filesystems with no LVM logical volume striping, this is the total size of the filesystem.
For filesystems with LVM LV striping defined (`lvm_lv_stripes`), this is the size of each disk. The resulting filesystem size will be `disk_size` multiplied by `lvm_lv_stripes` (=disks). + + - _Type:_ `int` + +- **filesystem_type**
+ The type of filesystem that will be created on the logical volume. + + - _Type:_ `str` + - _Default:_ `xfs` + +- **lvm_lv_name**
+ The name of the LVM volume.
The default name is derived from the name value of the filesystem definition entry, for example 'lv_hanalog'. + + - _Type:_ `str` + +- **lvm_lv_stripe_size**
+ When setting up a striped volume, the stripe size can be defined.
Example format - "128K". + + - _Type:_ `str` + +- **lvm_lv_stripes**
+ Number of disks that will be configured in a striped volume.
This requires the availability of the same amount of unused disks, which must be of the size defined in `disk_size`. + + - _Type:_ `int` + _Default:_ `1` + +- **lvm_vg_name**
+ The name of the LVM volume group.
The default name is derived from the name value of the filesystem definition entry, for example 'vg_hanalog'. + + - _Type:_ `str` + +- **lvm_vg_physical_extent_size**
+ Adjustable size of the physical extents of the volume group in LVM. + + - _Type:_ `int` + - _Default:_ `4` + +- **mountpoint**
+ The path to where the filesystem will be mounted.
This can be left out for the definition of a swap volume. + + - _Type:_ `str` + +- **name**
+ A name of the filesystem definition entry.
This name is used to generate volume group name and logical volume name. + + - _Type:_ `str` + +- **nfs_filesystem_type**
+ The type of the NFS filesystem, for example `nfs`, `nfs4`. + + - _Type:_ `str` + - _Default:_ `nfs4` + +- **nfs_mount_options**
+ Mount options to use for the NFS mount.
Generic default is `hard,acl`.
Defaults depend on the specific platform detected by the role or defined explicitly. + + - _Type:_ `str` + - _Default:_ `hard,acl` + +- **nfs_path**
+ When defining an NFS filesystem, this is the directory path of the filesystem to be mounted. + + - _Type:_ `str` + +- **nfs_server**
+ When defining an NFS filesystem, this is the address of the NFS server.
The address must contain the root path, in which the mount directories exist or will be created.
For example, `192.168.1.100:/`. + + - _Type:_ `str` + +- **swap_path**
+ The path to the swap file.
When this option is defined for a swap filesystem definition, it will create a swap file on an existing filesystem. + + - _Type:_ `str` + +Example: + +```yaml +sap_storage_setup_definition: + + # Block Storage volume + - name: hana_data # required: string, filesystem name used to generate lvm_lv_name and lvm_vg_name + mountpoint: /hana/data # required: string, directory path where the filesystem is mounted + disk_size: 100 # required: integer, size in GB + filesystem_type: xfs # optional: string, value 'xfs'. Use 'swap' to create swap filesystem + + # File Storage volume + - name: hana_shared # required: string, reference name + mountpoint: /hana/shared # required: string, directory path where the filesystem is mounted + nfs_server: nfs.corp:/ # required: string, server and parent directory of the NFS Server; value default from var sap_storage_setup_nfs_server + + # Swap as file instead of Block Storage volume + # See SAP Note 1597355 - Swap-space recommendation for Linux + - name: swap # required: string, reference name + swap_path: /swapfile # required: string, directory path where swap file is created + disk_size: 4 # required: integer, size in GB of swap file + filesystem_type: swap # required: string, must be value 'swap' +``` + +### sap_storage_setup_host_type required + +- _Type:_ `list` + +The type of service the target system is going to be configured for.
+This can be a list of multiple types which apply to a single host.
+If not defined, the default will be inherited from the global parameter `sap_host_type`. One of these parameters must be defined.
+Available values: `hana_primary`, `hana_secondary`, `nwas_abap_ascs`, `nwas_abap_ers`, `nwas_abap_pas`, `nwas_abap_aas`, `nwas_java_scs`, `nwas_java_ers` + +### sap_storage_setup_multipath_enable_and_detect + +- _Type:_ `bool` +- _Default:_ `False` + +Define if multipathing should be enabled and dynamic multipath devices detected and used for the filesystem setup.
+ +### sap_storage_setup_sid required + +- _Type:_ `str` + +SID of the SAP service.
+If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
+ \ No newline at end of file From 50aa133aad5b451d25ce85c9a5ff896f28a424cc Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 21 Oct 2024 20:58:36 +0200 Subject: [PATCH 08/51] sap_hana_preconfigure: Set THP to madvise from RHEL 9.2 onwards Solves issue #879. Signed-off-by: Bernd Finger --- roles/sap_hana_preconfigure/handlers/main.yml | 13 +++++- .../tasks/RedHat/generic/assert-thp.yml | 42 +++++++++++++++++-- .../tasks/RedHat/generic/configure-thp.yml | 30 +++++++++++++ .../tasks/sapnote/2777782.yml | 4 +- ...5-disable-thp.yml => 05-configure-thp.yml} | 4 +- .../tasks/sapnote/3108302.yml | 4 +- .../tasks/sapnote/3108302/05-assert-thp.yml | 2 +- .../sapnote/3108302/05-configure-thp.yml | 10 +++++ .../tasks/sapnote/3108302/05-disable-thp.yml | 10 ----- 9 files changed, 97 insertions(+), 22 deletions(-) create mode 100644 roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml rename roles/sap_hana_preconfigure/tasks/sapnote/2777782/{05-disable-thp.yml => 05-configure-thp.yml} (66%) create mode 100644 roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-configure-thp.yml delete mode 100644 roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml diff --git a/roles/sap_hana_preconfigure/handlers/main.yml b/roles/sap_hana_preconfigure/handlers/main.yml index afebc569..54298448 100644 --- a/roles/sap_hana_preconfigure/handlers/main.yml +++ b/roles/sap_hana_preconfigure/handlers/main.yml @@ -71,11 +71,22 @@ - name: "Run grubby for enabling TSX" ansible.builtin.command: grubby --args="tsx=on" --update-kernel=ALL - register: __sap_hana_preconfigure_register_grubby_update changed_when: true listen: __sap_hana_preconfigure_grubby_update_handler notify: __sap_hana_preconfigure_reboot_handler +- name: "Run grubby for disabling THP" + ansible.builtin.command: grubby --args="transparent_hugepage=never" --update-kernel=ALL + changed_when: true + listen: __sap_hana_preconfigure_grubby_thp_never_handler + notify: __sap_hana_preconfigure_reboot_handler + +- name: "Run grubby for setting THP to madvise" + ansible.builtin.command: grubby --args="transparent_hugepage=madvise" --update-kernel=ALL + changed_when: true + listen: __sap_hana_preconfigure_grubby_thp_madvise_handler + notify: __sap_hana_preconfigure_reboot_handler + - name: Reboot the managed node ansible.builtin.reboot: test_command: /bin/true diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml index e97efd54..77fe53f7 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml @@ -1,8 +1,8 @@ # SPDX-License-Identifier: Apache-2.0 --- -# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" -- name: Perform steps for setting transparent_hugepage=never +# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" or "transparent_hugepages=madvise" +- name: Perform steps for setting transparent_hugepage to 'never' or 'madvise' when: not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_modify_grub_cmdline_linux or sap_hana_preconfigure_assert_all_config | d(false) @@ -13,21 +13,55 @@ register: __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert changed_when: no - - name: Assert that transparent_hugepage=never is in GRUB_CMDLINE_LINUX in /etc/default/grub + - name: Assert that 'transparent_hugepage=never' is in GRUB_CMDLINE_LINUX in /etc/default/grub ansible.builtin.assert: that: "'transparent_hugepage=never' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" fail_msg: "FAIL: 'transparent_hugepage=never' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" success_msg: "PASS: 'transparent_hugepage=never' is in GRUB_CMDLINE_LINUX in /etc/default/grub." ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + when: + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '7' or + ansible_distribution_major_version == '8' or + ansible_distribution_version == '9.0' or + ansible_distribution_version == '9.1' + + - name: Assert that 'transparent_hugepage=madvise' is in GRUB_CMDLINE_LINUX in /etc/default/grub + ansible.builtin.assert: + that: "'transparent_hugepage=madvise' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" + fail_msg: "FAIL: 'transparent_hugepage=madvise' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" + success_msg: "PASS: 'transparent_hugepage=madvise' is in GRUB_CMDLINE_LINUX in /etc/default/grub." + ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + when: + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '9' and + __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 - name: THP - Get contents of /proc/cmdline ansible.builtin.command: cat /proc/cmdline register: __sap_hana_preconfigure_register_proc_cmdline_thp_assert changed_when: no - - name: Assert that transparent_hugepage=never is in /proc/cmdline + - name: Assert that 'transparent_hugepage=never' is in /proc/cmdline ansible.builtin.assert: that: "'transparent_hugepage=never' in __sap_hana_preconfigure_register_proc_cmdline_thp_assert.stdout" fail_msg: "FAIL: 'transparent_hugepage=never' is not in /proc/cmdline!" success_msg: "PASS: 'transparent_hugepage=never' is in /proc/cmdline." ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + when: + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '7' or + ansible_distribution_major_version == '8' or + ansible_distribution_version == '9.0' or + ansible_distribution_version == '9.1' + + - name: Assert that 'transparent_hugepage=madvise' is in /proc/cmdline + ansible.builtin.assert: + that: "'transparent_hugepage=madvise' in __sap_hana_preconfigure_register_proc_cmdline_thp_assert.stdout" + fail_msg: "FAIL: 'transparent_hugepage=madvise' is not in /proc/cmdline!" + success_msg: "PASS: 'transparent_hugepage=madvise' is in /proc/cmdline." + ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + when: + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '9' and + __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml new file mode 100644 index 00000000..fb07f278 --- /dev/null +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +- name: Get boot command line + ansible.builtin.slurp: + src: /proc/cmdline + register: __sap_hana_preconfigure_register_proc_cmdline_thp + +- name: Set THP to 'never' at boot time + ansible.builtin.command: /bin/true + notify: __sap_hana_preconfigure_grubby_thp_never_handler + changed_when: true + when: + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '8' or + ansible_distribution_version == '9.0' or + ansible_distribution_version == '9.1' + - not ( __sap_hana_preconfigure_register_proc_cmdline_thp['content'] | b64decode | regex_findall('transparent_hugepage=never') ) + tags: grubconfig + +- name: Set THP to 'madvise' at boot time + ansible.builtin.command: /bin/true + notify: __sap_hana_preconfigure_grubby_thp_madvise_handler + changed_when: true + when: + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '9' and + __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 + - not ( __sap_hana_preconfigure_register_proc_cmdline_thp['content'] | b64decode | regex_findall('transparent_hugepage=madvise') ) + tags: grubconfig diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml index 9dce5fb8..d200a097 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml @@ -23,8 +23,8 @@ ansible.builtin.import_tasks: 2777782/04-turn-off-auto-numa-balancing.yml when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_04|d(false) -- name: Import tasks from '2777782/05-disable-thp.yml' - ansible.builtin.import_tasks: 2777782/05-disable-thp.yml +- name: Import tasks from '2777782/05-configure-thp.yml' + ansible.builtin.import_tasks: 2777782/05-configure-thp.yml when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_05|d(false) - name: Import tasks from '2777782/06-configure-c-states-for-lower-latency.yml' diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-configure-thp.yml similarity index 66% rename from roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml rename to roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-configure-thp.yml index 8430fbba..ee541f7c 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-configure-thp.yml @@ -6,5 +6,5 @@ ansible.builtin.debug: msg: "SAP note 2777782 Step 5: Disable Transparent Hugepages (THP)" -- name: Import ../../RedHat/generic/disable-thp.yml - ansible.builtin.import_tasks: ../../RedHat/generic/disable-thp.yml +- name: Import ../../RedHat/generic/configure-thp.yml + ansible.builtin.import_tasks: ../../RedHat/generic/configure-thp.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml index 81f00d5f..f2cf2749 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml @@ -23,8 +23,8 @@ ansible.builtin.import_tasks: 3108302/04-turn-off-auto-numa-balancing.yml when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_04|d(false) -- name: Import tasks from '3108302/05-disable-thp.yml' - ansible.builtin.import_tasks: 3108302/05-disable-thp.yml +- name: Import tasks from '3108302/05-configure-thp.yml' + ansible.builtin.import_tasks: 3108302/05-configure-thp.yml when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_05|d(false) - name: Import tasks from '3108302/06-configure-c-states-for-lower-latency.yml' diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml index 58e3d400..9573a190 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml @@ -4,7 +4,7 @@ # can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" - name: Assert 3108302-5 ansible.builtin.debug: - msg: "SAP note 3108302 Step 5: Disable Transparent Hugepages (THP)" + msg: "SAP note 3108302 Step 5: Configure Transparent Hugepages (THP)" - name: Import ../../RedHat/generic/assert-thp.yml ansible.builtin.import_tasks: ../../RedHat/generic/assert-thp.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-configure-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-configure-thp.yml new file mode 100644 index 00000000..f9d1fa74 --- /dev/null +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-configure-thp.yml @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" or "transparent_hugepages=madvise" +- name: Configure 3108302-5 + ansible.builtin.debug: + msg: "SAP note 3108302 Step 5: Configure Transparent Hugepages (THP)" + +- name: Import ../../RedHat/generic/configure-thp.yml + ansible.builtin.import_tasks: ../../RedHat/generic/configure-thp.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml deleted file mode 100644 index bf2db0e6..00000000 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml +++ /dev/null @@ -1,10 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" -- name: Configure 3108302-5 - ansible.builtin.debug: - msg: "SAP note 3108302 Step 5: Disable Transparent Hugepages (THP)" - -- name: Import ../../RedHat/generic/disable-thp.yml - ansible.builtin.import_tasks: ../../RedHat/generic/disable-thp.yml From 09c3d77a606fb72a882f571f775354cd0efa8381 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 24 Oct 2024 11:43:13 +0200 Subject: [PATCH 09/51] sap_hana_preconfigure: Also assert the current THP status Signed-off-by: Bernd Finger --- .../tasks/RedHat/generic/assert-thp.yml | 66 +++++++++---------- 1 file changed, 31 insertions(+), 35 deletions(-) diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml index 77fe53f7..76c03230 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml @@ -2,7 +2,7 @@ --- # can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" or "transparent_hugepages=madvise" -- name: Perform steps for setting transparent_hugepage to 'never' or 'madvise' +- name: Assert correct setting of THP when: not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_modify_grub_cmdline_linux or sap_hana_preconfigure_assert_all_config | d(false) @@ -13,12 +13,19 @@ register: __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert changed_when: no - - name: Assert that 'transparent_hugepage=never' is in GRUB_CMDLINE_LINUX in /etc/default/grub - ansible.builtin.assert: - that: "'transparent_hugepage=never' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" - fail_msg: "FAIL: 'transparent_hugepage=never' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" - success_msg: "PASS: 'transparent_hugepage=never' is in GRUB_CMDLINE_LINUX in /etc/default/grub." - ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + - name: THP - Get contents of /proc/cmdline + ansible.builtin.command: cat /proc/cmdline + register: __sap_hana_preconfigure_register_proc_cmdline_thp_assert + changed_when: no + + - name: THP - Get current status of THP + ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled + register: __sap_hana_preconfigure_register_sys_kernel_thp_assert + changed_when: no + + - name: Set fact for THP, RHEL up to RHEL 9.1 + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: 'never' when: - ansible_distribution == 'RedHat' - ansible_distribution_major_version == '7' or @@ -26,42 +33,31 @@ ansible_distribution_version == '9.0' or ansible_distribution_version == '9.1' - - name: Assert that 'transparent_hugepage=madvise' is in GRUB_CMDLINE_LINUX in /etc/default/grub - ansible.builtin.assert: - that: "'transparent_hugepage=madvise' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" - fail_msg: "FAIL: 'transparent_hugepage=madvise' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" - success_msg: "PASS: 'transparent_hugepage=madvise' is in GRUB_CMDLINE_LINUX in /etc/default/grub." - ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + - name: Set fact for THP, RHEL 9.2 and later + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: 'madvise' when: - ansible_distribution == 'RedHat' - ansible_distribution_major_version == '9' and __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 - - name: THP - Get contents of /proc/cmdline - ansible.builtin.command: cat /proc/cmdline - register: __sap_hana_preconfigure_register_proc_cmdline_thp_assert - changed_when: no + - name: Assert that 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in GRUB_CMDLINE_LINUX in /etc/default/grub + ansible.builtin.assert: + that: "'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" + fail_msg: "FAIL: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" + success_msg: "PASS: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in GRUB_CMDLINE_LINUX in /etc/default/grub." + ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" - - name: Assert that 'transparent_hugepage=never' is in /proc/cmdline + - name: Assert that 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in /proc/cmdline ansible.builtin.assert: - that: "'transparent_hugepage=never' in __sap_hana_preconfigure_register_proc_cmdline_thp_assert.stdout" - fail_msg: "FAIL: 'transparent_hugepage=never' is not in /proc/cmdline!" - success_msg: "PASS: 'transparent_hugepage=never' is in /proc/cmdline." + that: "'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' in __sap_hana_preconfigure_register_proc_cmdline_thp_assert.stdout" + fail_msg: "FAIL: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is not in /proc/cmdline!" + success_msg: "PASS: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in /proc/cmdline." ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" - when: - - ansible_distribution == 'RedHat' - - ansible_distribution_major_version == '7' or - ansible_distribution_major_version == '8' or - ansible_distribution_version == '9.0' or - ansible_distribution_version == '9.1' - - name: Assert that 'transparent_hugepage=madvise' is in /proc/cmdline + - name: Assert that THP currently has the correct current status ansible.builtin.assert: - that: "'transparent_hugepage=madvise' in __sap_hana_preconfigure_register_proc_cmdline_thp_assert.stdout" - fail_msg: "FAIL: 'transparent_hugepage=madvise' is not in /proc/cmdline!" - success_msg: "PASS: 'transparent_hugepage=madvise' is in /proc/cmdline." + that: __sap_hana_preconfigure_register_sys_kernel_thp_assert.stdout.split('[')[1].split(']')[0] == '{{ __sap_hana_preconfigure_fact_thp }}' + fail_msg: "FAIL: THP is currently configured with the status of '{{ __sap_hana_preconfigure_register_sys_kernel_thp_assert.stdout.split('[')[1].split(']')[0] }}' but it needs to be '{{ __sap_hana_preconfigure_fact_thp }}'!" + success_msg: "PASS: THP is currently configured with the correct status of '{{ __sap_hana_preconfigure_fact_thp }}'!" ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" - when: - - ansible_distribution == 'RedHat' - - ansible_distribution_major_version == '9' and - __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 From 6503e1dbb09a890d6746b8fb93f8240047a07273 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 24 Oct 2024 11:47:45 +0200 Subject: [PATCH 10/51] sap_hana_preconfigure: Fix typo in THP assert task Signed-off-by: Bernd Finger --- roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml index 76c03230..9262fd71 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml @@ -55,7 +55,7 @@ success_msg: "PASS: 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in /proc/cmdline." ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" - - name: Assert that THP currently has the correct current status + - name: Assert that THP currently has the correct status ansible.builtin.assert: that: __sap_hana_preconfigure_register_sys_kernel_thp_assert.stdout.split('[')[1].split(']')[0] == '{{ __sap_hana_preconfigure_fact_thp }}' fail_msg: "FAIL: THP is currently configured with the status of '{{ __sap_hana_preconfigure_register_sys_kernel_thp_assert.stdout.split('[')[1].split(']')[0] }}' but it needs to be '{{ __sap_hana_preconfigure_fact_thp }}'!" From 3e59f260e43cc6eb9306626be395ae9840e3a058 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 24 Oct 2024 11:50:56 +0200 Subject: [PATCH 11/51] sap_hana_preconfigure: Use false instead of no in THP assert tasks Signed-off-by: Bernd Finger --- .../tasks/RedHat/generic/assert-thp.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml index 9262fd71..ba356730 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml @@ -11,17 +11,17 @@ - name: THP - Get contents of GRUB_CMDLINE_LINUX in /etc/default/grub ansible.builtin.command: grep GRUB_CMDLINE_LINUX /etc/default/grub register: __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert - changed_when: no + changed_when: false - name: THP - Get contents of /proc/cmdline ansible.builtin.command: cat /proc/cmdline register: __sap_hana_preconfigure_register_proc_cmdline_thp_assert - changed_when: no + changed_when: false - name: THP - Get current status of THP ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled register: __sap_hana_preconfigure_register_sys_kernel_thp_assert - changed_when: no + changed_when: false - name: Set fact for THP, RHEL up to RHEL 9.1 ansible.builtin.set_fact: From 80fb0dd672ac98b3c9fb3eb9b0d92756f9d50982 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 24 Oct 2024 13:20:09 +0200 Subject: [PATCH 12/51] sap_hana_preconfigure: Also set the current THP state Signed-off-by: Bernd Finger --- .../tasks/RedHat/generic/configure-thp.yml | 34 +++++++++++++++++++ roles/sap_hana_preconfigure/vars/RedHat_9.yml | 4 +-- 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml index fb07f278..7d056aa1 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml @@ -28,3 +28,37 @@ __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 - not ( __sap_hana_preconfigure_register_proc_cmdline_thp['content'] | b64decode | regex_findall('transparent_hugepage=madvise') ) tags: grubconfig + +- name: Configure - Get initial status of THP + ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled + register: __sap_hana_preconfigure_register_thp_status_before + changed_when: false + +- name: Set THP to 'never' on the running system + ansible.builtin.shell: echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled + changed_when: true + when: + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '8' or + ansible_distribution_version == '9.0' or + ansible_distribution_version == '9.1' + - __sap_hana_preconfigure_register_thp_status_before.stdout.split('[')[1].split(']')[0] != 'never' + +- name: Set THP to 'madvise' on the running system + ansible.builtin.shell: echo 'madvise' > /sys/kernel/mm/transparent_hugepage/enabled + changed_when: true + when: + - ansible_distribution == 'RedHat' + - ansible_distribution_major_version == '9' and + __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 + - __sap_hana_preconfigure_register_thp_status_before.stdout.split('[')[1].split(']')[0] != 'madvise' + +- name: Configure - Get the status of THP + ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled + register: __sap_hana_preconfigure_register_thp_status + ignore_errors: true + changed_when: false + +- name: Display the status of THP + ansible.builtin.debug: + var: __sap_hana_preconfigure_register_thp_status.stdout_lines, __sap_hana_preconfigure_register_thp_status.stderr_lines diff --git a/roles/sap_hana_preconfigure/vars/RedHat_9.yml b/roles/sap_hana_preconfigure/vars/RedHat_9.yml index ebc31864..2ce0194b 100644 --- a/roles/sap_hana_preconfigure/vars/RedHat_9.yml +++ b/roles/sap_hana_preconfigure/vars/RedHat_9.yml @@ -122,13 +122,13 @@ __sap_hana_preconfigure_req_repos_redhat_9_10_ppc64le: __sap_hana_preconfigure_sapnotes_versions_x86_64: - { number: '3108302', version: '9' } - { number: '2382421', version: '45' } - - { number: '3024346', version: '10' } + - { number: '3024346', version: '11' } __sap_hana_preconfigure_sapnotes_versions_ppc64le: - { number: '2055470', version: '90' } - { number: '3108302', version: '9' } - { number: '2382421', version: '45' } - - { number: '3024346', version: '10' } + - { number: '3024346', version: '11' } __sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" From 4fa51e9cef0ef8d5c65f7b64c7c62d4d531d6279 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 31 Oct 2024 10:16:35 +0100 Subject: [PATCH 13/51] collection: Specify minimum version for dependent collections Solves issue #883. Signed-off-by: Bernd Finger --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 16eeebca..b5e6df5c 100644 --- a/requirements.yml +++ b/requirements.yml @@ -5,5 +5,5 @@ collections: version: '>=1.13.0' type: galaxy - name: community.general - version: latest + version: '>=9.5.0' type: galaxy From a172211348199726e646ed1c99fd34e10629cc77 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 4 Nov 2024 11:57:48 +0100 Subject: [PATCH 14/51] collection: Use 9.0.0 for the minimum required community.general version Signed-off-by: Bernd Finger --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index b5e6df5c..f5fb3c62 100644 --- a/requirements.yml +++ b/requirements.yml @@ -5,5 +5,5 @@ collections: version: '>=1.13.0' type: galaxy - name: community.general - version: '>=9.5.0' + version: '>=9.0.0' type: galaxy From 325a5771eda00f675cd5d85fc0e9406b25896fc8 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 2 Aug 2024 22:16:49 +0200 Subject: [PATCH 15/51] sap_swpm: No longer use different execution modes Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 72 +++----- roles/sap_swpm/defaults/main.yml | 22 ++- roles/sap_swpm/tasks/main.yml | 2 + roles/sap_swpm/tasks/pre_install.yml | 60 +++++-- .../tasks/pre_install/install_type.yml | 5 +- .../tasks/pre_install/password_facts.yml | 22 --- roles/sap_swpm/tasks/swpm.yml | 24 +-- .../sap_swpm/tasks/swpm/detect_variables.yml | 12 +- .../tasks/swpm/swpm_inifile_generate.yml | 163 ++++++++++++++++++ .../swpm/swpm_inifile_generate_advanced.yml | 35 ---- ...pm_inifile_generate_advanced_templates.yml | 64 ------- .../swpm/swpm_inifile_generate_default.yml | 31 ---- ...wpm_inifile_generate_default_templates.yml | 51 ------ .../sap_swpm/tasks/swpm/swpm_pre_install.yml | 46 +++-- .../{configfile.j2 => inifile_params.j2} | 159 ++++++++--------- 15 files changed, 373 insertions(+), 395 deletions(-) delete mode 100644 roles/sap_swpm/tasks/pre_install/password_facts.yml create mode 100644 roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml delete mode 100644 roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml delete mode 100644 roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml delete mode 100644 roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml delete mode 100644 roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml rename roles/sap_swpm/templates/{configfile.j2 => inifile_params.j2} (89%) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index f8a16e78..f9e03a94 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -157,66 +157,42 @@ Sample Ansible Playbook Execution - Apply firewall rules for SAP HANA (optional - no by default) -- Process SAP SWPM `inifile.params` based on inputs +- At this stage, a sapinst inifile is created by the role on the control node if not already present. -### SAP SWPM + - If a file `inifile.params` is located on the managed node in the directory specified in `sap_swpm_inifile_directory`, + the role will not create a new one but rather download this file to the control node. -- Execute SWPM + - If such a file does not exist, the role will create an SAP SWPM `inifile.params` file by one of the following methods: -### Post-Install + Method 1: Predefined sections of the file inifile_params.j2 will be used to create the file `inifile.params`. + The variable `sap_swpm_inifile_sections_list` determines which sections will be used. All other sections will be ignored. + The inifile parameters themselves will be set according to other role parameters. + Example: The inifile parameter `archives.downloadBasket` will be set to the content of the role parameter + `sap_swpm_software_path` -- Set expiry of Unix created users to 'never' + Method 2: The file `inifile.params` will be configured from the content of the dictionary `sap_swpm_inifile_parameters_dict`. + This dictionary is defined like in the following example: -- Apply firewall rules for SAP NW (optional - no by default) +``` +sap_swpm_inifile_parameters_dict: + archives.downloadBasket: /software/download_basket + NW_getFQDN.FQDN: poc.cloud +``` + It is also possible to use method 1 for creating the inifile and then replace or set additional variables using method 2: + Just define both of the related parameters, `sap_swpm_inifile_sections_list` and `sap_swpm_inifile_parameters_dict`. -## Execution Modes +- The file inifile.params is then transferred to a temporary directory on the control node, to be used by the sapinst process. -Every SAP Software installation via SAP Software Provisioning Manager (SWPM) is possible, there are different Ansible Role execution modes available: +### SAP SWPM -- Default (`sap_swpm_templates_product_input: default`), run software install tasks using easy Ansible Variable to generate SWPM Unattended installations - - Default Templates (`sap_swpm_templates_product_input: default_templates`), optional use of templating definitions for repeated installations -- Advanced (`sap_swpm_templates_product_input: advanced`), run software install tasks with Ansible Variables one-to-one matched to SWPM Unattended Inifile parameters to generate bespoke SWPM Unattended installations - - Advanced Templates (`sap_swpm_templates_product_input: advanced_templates`), optional use of templating definitions for repeated installations -- Inifile Reuse (`sap_swpm_templates_product_input: inifile_reuse`), run previously-defined installations with an existing SWPM Unattended inifile.params +- Execute SWPM. This and the remaining steps can be skipped by setting the default of the parameter `sap_swpm_run_sapinst` to `false`. -### Default Templates mode variables +### Post-Install -Example using all inifile list parameters with the Default Templates mode to install SAP ECC EhP8 on IBM Db2: +- Set expiry of Unix created users to 'never' -``` -sap_swpm_ansible_role_mode: default_templates -sap_swpm_templates_product_input: default_templates - -sap_swpm_templates_install_dictionary: - - template_name_ecc_ehp8_ibmdb2: - - sap_swpm_product_catalog_id: NW_ABAP_OneHost:BS2016.ERP608.DB6.PD - sap_swpm_inifile_dictionary: - sap_swpm_sid: - ... - sap_swpm_inifile_list: - - swpm_installation_media - - swpm_installation_media_swpm1 - - swpm_installation_media_swpm1_exportfiles - - swpm_installation_media_swpm1_ibmdb2 - - sum_config - - credentials - - credentials_anydb_ibmdb2 - - db_config_anydb_all - - db_config_anydb_ibmdb2 - - db_connection_nw_anydb_ibmdb2 - - nw_config_anydb - - nw_config_other - - nw_config_central_services_abap - # - nw_config_central_services_java - - nw_config_primary_application_server_instance - - nw_config_ports - - nw_config_host_agent - # - nw_config_post_abap_reports - - sap_os_linux_user -``` +- Apply firewall rules for SAP NW (optional - no by default) ## Tags diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index f56156df..c3e72a88 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -5,7 +5,8 @@ # SWPM Ansible Role variables ######################################## -sap_swpm_ansible_role_mode: "default" +# We do not use role modes any more: +# sap_swpm_ansible_role_mode: "default" # default # default_templates # advanced @@ -45,22 +46,21 @@ sap_swpm_files_non_sapcar_group: root ######################################## # SWPM Ansible Role variables -# for Inifile Reuse, Advanced, and Defaults/Advanced Templates Mode +# for creating the sapinst inifile ######################################## +# Have the role run the sapinst command with an existing inifile or after creating the inifile: +sap_swpm_run_sapinst: true + # Inifile Reuse Mode sap_swpm_inifile_reuse_source: sap_swpm_inifile_reuse_destination: -# Advanced Mode -#sap_swpm_inifile_custom_values_dictionary: +#sap_swpm_inifile_parameters_dict: # archives.downloadBasket: /software/download_basket # NW_getFQDN.FQDN: poc.cloud ## add.additional.parameters: '' -# Default/Advanced Templates Mode -#sap_swpm_templates_product_input: "" - ######################################## # SWPM Ansible Role variables @@ -68,7 +68,7 @@ sap_swpm_inifile_reuse_destination: # - List of inifile parameters to generate ######################################## -sap_swpm_inifile_list: +sap_swpm_inifile_sections_list: - swpm_installation_media - swpm_installation_media_swpm2_hana # - swpm_installation_media_swpm1 @@ -156,7 +156,7 @@ sap_swpm_software_extract_directory: # e.g. /software/sap_swpm_extracted sap_swpm_software_use_media: 'false' # Main path that this role will look for .SAR files -sap_swpm_software_path: +sap_swpm_software_path: /software/sapfiles ## This directory path should include these files: ## - igs*sar ## - igshelper*sar @@ -165,6 +165,10 @@ sap_swpm_software_path: ## - IMDB_CLIENT*SAR ## - SAPHOSTAGENT*SAR +# Directory in which a sapinst inifile which is to be used by the role can be stored: +sap_swpm_inifile_directory: "{{ sap_swpm_software_path }}/inifiles" +#sap_swpm_local_inifile_directory: '/tmp/inifiles' + # SWPM1 - paths that this role will look for CD Media software sap_swpm_cd_export_pt1_path: sap_swpm_cd_export_pt2_path: diff --git a/roles/sap_swpm/tasks/main.yml b/roles/sap_swpm/tasks/main.yml index aa784ef9..a35c3967 100644 --- a/roles/sap_swpm/tasks/main.yml +++ b/roles/sap_swpm/tasks/main.yml @@ -9,8 +9,10 @@ - name: SAP SWPM - run swpm ansible.builtin.import_tasks: swpm.yml + when: sap_swpm_run_sapinst tags: - sap_swpm_install - name: SAP SWPM - run postinstall task ansible.builtin.import_tasks: post_install.yml + when: sap_swpm_run_sapinst diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 9907a412..1f330fb3 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -1,6 +1,12 @@ # SPDX-License-Identifier: Apache-2.0 --- +- name: SAP SWPM Pre Install - Rename variables + ansible.builtin.set_fact: + sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_list | d(sap_swpm_inifile_sections_list) }}" + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_custom_values_dictionary | d(sap_swpm_inifile_parameters_dict) }}" + tags: always + ################ # Run Preinstallation Steps Based on Run Mode ################ @@ -11,23 +17,6 @@ - sap_swpm_generate_inifile - sap_swpm_sapinst_commandline -################ -# Set sapinst command -################ - -- name: SAP SWPM Pre Install - Set sapinst command - vars: - sap_swpm_swpm_command_guiserver: "{{ 'SAPINST_START_GUISERVER=false' if not sap_swpm_swpm_observer_mode else '' }}" - sap_swpm_swpm_command_observer: "{{ 'SAPINST_REMOTE_ACCESS_USER=' + sap_swpm_swpm_remote_access_user + ' SAPINST_REMOTE_ACCESS_USER_IS_TRUSTED=true' if sap_swpm_swpm_observer_mode and sap_swpm_swpm_remote_access_user | d('', true) | length > 0 else '' }}" - ansible.builtin.set_fact: - sap_swpm_swpm_command_inifile: "SAPINST_INPUT_PARAMETERS_URL={{ sap_swpm_tmpdir.path }}/inifile.params" - sap_swpm_swpm_command_product_id: "SAPINST_EXECUTE_PRODUCT_ID={{ sap_swpm_product_catalog_id }}" - # If SWPM is running a normal install Ansible Variable sap_swpm_swpm_command_virtual_hostname is blank - # IF SWPM is running a HA installation, Ansible Variable sap_swpm_swpm_command_virtual_hostname is set and contains "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" - # If SWPM is running a MP Stack XML installation, Ansible Variable sap_swpm_swpm_command_mp_stack is set and contains "SAPINST_STACK_XML={{ sap_swpm_mp_stack_path }} + '/' (if needed) + {{ sap_swpm_mp_stack_file_name }}" - sap_swpm_swpm_command_extra_args: "SAPINST_SKIP_DIALOGS=true {{ sap_swpm_swpm_command_guiserver }} {{ sap_swpm_swpm_command_observer }} {{ sap_swpm_swpm_command_virtual_hostname }} {{ sap_swpm_swpm_command_mp_stack }}" - tags: sap_swpm_sapinst_commandline - ################ # Pre Install Optional Tasks ################ @@ -39,7 +28,9 @@ file: pre_install/firewall.yml apply: tags: sap_swpm_setup_firewall - when: "sap_swpm_setup_firewall | bool" + when: + - sap_swpm_run_sapinst + - "sap_swpm_setup_firewall | bool" tags: sap_swpm_setup_firewall # /etc/hosts @@ -49,7 +40,9 @@ file: pre_install/update_etchosts.yml apply: tags: sap_swpm_update_etchosts - when: "sap_swpm_update_etchosts | bool" + when: + - sap_swpm_run_sapinst + - "sap_swpm_update_etchosts | bool" tags: sap_swpm_update_etchosts ################ @@ -81,3 +74,32 @@ - ' The installation can take up to 3 hours. Run the following command as root' - ' on {{ ansible_hostname }} to display the installation logs:' - ' # tail -f $(cat /tmp/sapinst_instdir/.lastInstallationLocation)/sapinst.log' + +################ +# Set sapinst command +################ + +- name: SAP SWPM Pre Install - Set the sapinst command parameters + vars: + sap_swpm_swpm_command_guiserver: "{{ 'SAPINST_START_GUISERVER=false' if not sap_swpm_swpm_observer_mode else '' }}" + sap_swpm_swpm_command_observer: "{{ 'SAPINST_REMOTE_ACCESS_USER=' + sap_swpm_swpm_remote_access_user + ' SAPINST_REMOTE_ACCESS_USER_IS_TRUSTED=true' if sap_swpm_swpm_observer_mode and sap_swpm_swpm_remote_access_user is defined and sap_swpm_swpm_remote_access_user | length > 0 else '' }}" + ansible.builtin.set_fact: + sap_swpm_swpm_command_inifile: "SAPINST_INPUT_PARAMETERS_URL={{ sap_swpm_tmpdir.path }}/inifile.params" + sap_swpm_swpm_command_product_id: "SAPINST_EXECUTE_PRODUCT_ID={{ sap_swpm_product_catalog_id }}" + # If SWPM is running a normal install Ansible Variable sap_swpm_swpm_command_virtual_hostname is blank + # IF SWPM is running a HA installation, Ansible Variable sap_swpm_swpm_command_virtual_hostname is set and contains "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" + # If SWPM is running a MP Stack XML installation, Ansible Variable sap_swpm_swpm_command_mp_stack is set and contains "SAPINST_STACK_XML={{ sap_swpm_mp_stack_path }} + '/' (if needed) + {{ sap_swpm_mp_stack_file_name }}" + sap_swpm_swpm_command_extra_args: "SAPINST_SKIP_DIALOGS=true {{ sap_swpm_swpm_command_guiserver }} {{ sap_swpm_swpm_command_observer }} {{ sap_swpm_swpm_command_virtual_hostname }} {{ sap_swpm_swpm_command_mp_stack }}" + tags: sap_swpm_sapinst_commandline + +- name: Set fact for the sapinst command line + ansible.builtin.set_fact: + __sap_swpm_sapinst_command: "umask {{ sap_swpm_umask | d('022') }} ; ./sapinst {{ sap_swpm_swpm_command_inifile }} + {{ sap_swpm_swpm_command_product_id }} + {{ sap_swpm_swpm_command_extra_args }}" + tags: sap_swpm_sapinst_commandline + +- name: Display the sapinst command line + ansible.builtin.debug: + msg: "SAP SWPM install command: '{{ __sap_swpm_sapinst_command }}'" + tags: sap_swpm_sapinst_commandline diff --git a/roles/sap_swpm/tasks/pre_install/install_type.yml b/roles/sap_swpm/tasks/pre_install/install_type.yml index ced5bbc9..10936a31 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type.yml @@ -4,7 +4,7 @@ - name: SAP SWPM Pre Install - Determine Installation Type ansible.builtin.set_fact: sap_swpm_swpm_installation_type: "" - sap_swpm_swpm_installation_header: "" + sap_swpm_swpm_installation_header: "Standard installation of SAP Software" sap_swpm_swpm_command_virtual_hostname: "" sap_swpm_swpm_command_mp_stack: "" @@ -60,7 +60,8 @@ - name: SAP SWPM Pre Install - Display the Installation Type ansible.builtin.debug: - var: sap_swpm_swpm_installation_type + msg: "The Installation Type is: '{{ sap_swpm_swpm_installation_type }}'" + when: "sap_swpm_swpm_installation_type | length > 0" - name: SAP SWPM Pre Install - Run Installation Type Steps ansible.builtin.include_tasks: "install_type/{{ sap_swpm_swpm_installation_type }}_install.yml" diff --git a/roles/sap_swpm/tasks/pre_install/password_facts.yml b/roles/sap_swpm/tasks/pre_install/password_facts.yml deleted file mode 100644 index 850283d8..00000000 --- a/roles/sap_swpm/tasks/pre_install/password_facts.yml +++ /dev/null @@ -1,22 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -- name: SAP SWPM Pre Install - Set password facts when ABAP - ansible.builtin.set_fact: - sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" - sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" - when: - - "'ABAP' in sap_swpm_product_catalog_id" - -- name: SAP SWPM Pre Install - Set password facts when Java - ansible.builtin.set_fact: - sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" - sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" - when: - - "'Java' in sap_swpm_product_catalog_id" - -- name: SAP SWPM Pre Install - Set other user passwords using master password - ansible.builtin.set_fact: - sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" - sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" - sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" diff --git a/roles/sap_swpm/tasks/swpm.yml b/roles/sap_swpm/tasks/swpm.yml index 46258750..d9d0bd4e 100644 --- a/roles/sap_swpm/tasks/swpm.yml +++ b/roles/sap_swpm/tasks/swpm.yml @@ -23,17 +23,19 @@ ### Async method -- name: Set fact for the sapinst command line - ansible.builtin.set_fact: - __sap_swpm_sapinst_command: "umask {{ sap_swpm_umask | d('022') }} ; ./sapinst {{ sap_swpm_swpm_command_inifile }} - {{ sap_swpm_swpm_command_product_id }} - {{ sap_swpm_swpm_command_extra_args }}" - tags: sap_swpm_sapinst_commandline - -- name: Display the sapinst command line - ansible.builtin.debug: - msg: "SAP SWPM install command: '{{ __sap_swpm_sapinst_command }}'" - tags: sap_swpm_sapinst_commandline +# now in file pre_install.yml: +#- name: Set fact for the sapinst command line +# ansible.builtin.set_fact: +# __sap_swpm_sapinst_command: "umask {{ sap_swpm_umask | d('022') }} ; ./sapinst {{ sap_swpm_swpm_command_inifile }} +# {{ sap_swpm_swpm_command_product_id }} +# {{ sap_swpm_swpm_command_extra_args }}" +# tags: sap_swpm_sapinst_commandline + +# now in file pre_install.yml: +#- name: Display the sapinst command line +# ansible.builtin.debug: +# msg: "SAP SWPM install command: '{{ __sap_swpm_sapinst_command }}'" +# tags: sap_swpm_sapinst_commandline # Call sapinst synchronously # Reason for noqa: This command installs software, so it will change things diff --git a/roles/sap_swpm/tasks/swpm/detect_variables.yml b/roles/sap_swpm/tasks/swpm/detect_variables.yml index 557c988a..ce9dc479 100644 --- a/roles/sap_swpm/tasks/swpm/detect_variables.yml +++ b/roles/sap_swpm/tasks/swpm/detect_variables.yml @@ -6,7 +6,8 @@ ansible.builtin.command: | awk 'BEGIN{IGNORECASE=1;a=0} /Product ID/&&a==0{a=1; gsub ("#", ""); gsub ("\047", ""); product_id=$NF} - END{print product_id}' {{ sap_swpm_tmpdir.path }}/inifile.params + END{print product_id}' {{ sap_swpm_tmpdir_local.path }}/inifile.params + delegate_to: localhost register: sap_swpm_inifile_product_id_detect changed_when: false when: not sap_swpm_product_catalog_id is defined @@ -25,7 +26,8 @@ # Detect Software Path - name: SAP SWPM - Detect Software Path ansible.builtin.command: | - awk '!/^#/&&/archives.downloadBasket/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params + awk '!/^#/&&/archives.downloadBasket/{print $3}' {{ sap_swpm_tmpdir_local.path }}/inifile.params + delegate_to: localhost register: sap_swpm_inifile_software_path changed_when: false when: not sap_swpm_software_path is defined @@ -44,7 +46,8 @@ # Detect SID - name: SAP SWPM - Detect SID ansible.builtin.command: | - awk '!/^#/&&/NW_GetSidNoProfiles.sid/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params + awk '!/^#/&&/NW_GetSidNoProfiles.sid/{print $3}' {{ sap_swpm_tmpdir_local.path }}/inifile.params + delegate_to: localhost register: sap_swpm_inifile_sid changed_when: false when: not sap_swpm_sid is defined @@ -63,7 +66,8 @@ # Detect FQDN - name: SAP SWPM - Detect FQDN ansible.builtin.command: | - awk '!/^#/&&/NW_getFQDN.FQDN/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params + awk '!/^#/&&/NW_getFQDN.FQDN/{print $3}' {{ sap_swpm_tmpdir_local.path }}/inifile.params + delegate_to: localhost register: sap_swpm_inifile_fqdn changed_when: false when: not sap_swpm_fqdn is defined diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml new file mode 100644 index 00000000..81414b65 --- /dev/null +++ b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml @@ -0,0 +1,163 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# Determine Installation Type, e.g. System Copy, HA, Maintenance Planner, ... +- name: SAP SWPM default mode - Determine Installation Type + ansible.builtin.include_tasks: + file: ../pre_install/install_type.yml + apply: + tags: sap_swpm_generate_inifile + tags: sap_swpm_generate_inifile + +# Password Facts +- name: SAP SWPM Pre Install - Set password facts when ABAP + ansible.builtin.set_fact: + sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" + sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" + when: "'ABAP' in sap_swpm_product_catalog_id" + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Set password facts when Java + ansible.builtin.set_fact: + sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" + sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" + when: "'Java' in sap_swpm_product_catalog_id" + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Set other user passwords using master password + ansible.builtin.set_fact: + sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" + sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" + sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Ensure the sapinst inifile directory '{{ sap_swpm_inifile_directory }}' exists + ansible.builtin.file: + path: "{{ sap_swpm_inifile_directory }}" + state: directory + owner: 'root' + group: 'root' + mode: '0755' + +- name: SAP SWPM Pre Install - Check if file '{{ sap_swpm_inifile_directory }}/inifile.params' exists + ansible.builtin.stat: + path: "{{ sap_swpm_inifile_directory }}/inifile.params" + check_mode: no + register: __sap_swpm_register_stat_sapinst_inifile + +- name: SAP SWPM Pre Install - Notify about existing sapinst inifile + ansible.builtin.debug: + msg: "INFO: Using existing sapinst inifile '{{ sap_swpm_inifile_directory }}/inifile.params'." + when: __sap_swpm_register_stat_sapinst_inifile.stat.exists + +- name: SAP SWPM Pre Install - Slurp the remote 'inifile.params' for copying to managed node + ansible.builtin.slurp: + src: "{{ sap_swpm_inifile_directory }}/inifile.params" + register: sap_swpm_slurped_remote_inifile + when: __sap_swpm_register_stat_sapinst_inifile.stat.exists + +- name: SAP SWPM Pre Install - Copy 'inifile.params' to the control node + ansible.builtin.copy: + content: "{{ sap_swpm_slurped_remote_inifile['content'] | b64decode }}" + dest: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" + owner: 'root' + group: 'root' + mode: '0640' + delegate_to: localhost + when: __sap_swpm_register_stat_sapinst_inifile.stat.exists + +# Note: Attempting to fetch and store into sap_swpm_tmpdir_local.path results in a 'Permission denied' error. +#- name: SAP SWPM Pre Install - Download existing sapinst inifile to '{{ sap_swpm_local_inifile_directory }}' +# ansible.builtin.fetch: +# src: "{{ sap_swpm_inifile_directory }}/inifile.params" +# dest: "{{ sap_swpm_tmpdir_local.path }}/" +## dest: "{{ sap_swpm_local_inifile_directory }}/" +# flat: true +# become: true +# when: __sap_swpm_register_stat_sapinst_inifile.stat.exists + +#- name: SAP SWPM Pre Install - Copy sapinst inifile to '{{ sap_swpm_tmpdir_local.path }}' +# ansible.builtin.copy: +# src: "{{ sap_swpm_local_inifile_directory }}/inifile.params" +# dest: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" +# delegate_to: localhost +# when: __sap_swpm_register_stat_sapinst_inifile.stat.exists + +- name: SAP SWPM Pre Install - Create the SWPM inifile 'inifile.params' dynamically + when: + - not __sap_swpm_register_stat_sapinst_inifile.stat.exists + block: + +# Generate inifile.params, step 1: Process SWPM Configfile template locally for creating inifile.params + - name: SAP SWPM Pre Install - Process SWPM inifile template for for creating 'inifile.params' + ansible.builtin.template: + src: "{{ role_path }}/templates/inifile_params.j2" + dest: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" + owner: 'root' + group: 'root' + mode: '0640' + delegate_to: localhost + when: + - sap_swpm_inifile_sections_list is defined + - sap_swpm_inifile_sections_list | length > 0 + tags: sap_swpm_generate_inifile + +# Generate inifile.params, step 2: Use any entries from sap_swpm_inifile_parameters_dict + - name: SAP SWPM Pre Install - Replace existing, or add missing, any inifile.params entries from sap_swpm_inifile_parameters_dict + ansible.builtin.lineinfile: + path: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" + create: true + state: present + line: "{{ sap_swpm_line_item.key }} = {{ sap_swpm_line_item.value }}" + regexp: "^{{ sap_swpm_line_item.key }}[\\s]*=[\\s]*.*" + owner: 'root' + group: 'root' + mode: '0640' + loop: "{{ sap_swpm_inifile_parameters_dict | dict2items }}" + loop_control: + loop_var: sap_swpm_line_item + register: replace_result + delegate_to: localhost + when: + - sap_swpm_inifile_parameters_dict is defined + - sap_swpm_inifile_parameters_dict | length > 0 + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Display the path of the local 'inifile.params' + ansible.builtin.debug: + msg: "The local inifile.params is: '{{ sap_swpm_tmpdir_local.path }}/inifile.params'" + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Detect Variables + ansible.builtin.include_tasks: + file: detect_variables.yml + apply: + tags: sap_swpm_generate_inifile + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Slurp the local 'inifile.params' for copying to managed node + ansible.builtin.slurp: + src: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" + register: sap_swpm_slurped_local_inifile + delegate_to: localhost + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Copy 'inifile.params' to the managed node + ansible.builtin.copy: + content: "{{ sap_swpm_slurped_local_inifile['content'] | b64decode }}" + dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" + owner: 'root' + group: 'root' + mode: '0640' + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Display the path of the remote 'inifile.params' + ansible.builtin.debug: + msg: "The local inifile.params has been copied to: '{{ sap_swpm_tmpdir.path }}/inifile.params'" + tags: sap_swpm_generate_inifile + +# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) +# Prepare Software +- name: SAP SWPM advanced mode - Prepare Software + ansible.builtin.include_tasks: prepare_software.yml + when: sap_swpm_run_sapinst diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml deleted file mode 100644 index 234dfb5d..00000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml +++ /dev/null @@ -1,35 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# Remove Existing inifile.params -- name: SAP SWPM advanced mode - Ensure 'inifile.params' exists - ansible.builtin.copy: - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - content: | - ### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} - tags: sap_swpm_generate_inifile - -- name: SAP SWPM advanced mode - Loop over the dictionary and output to file - ansible.builtin.lineinfile: - path: "{{ sap_swpm_tmpdir.path }}/inifile.params" - state: present - insertafter: EOF - line: "{{ item.key }} = {{ item.value }}" - with_dict: "{{ sap_swpm_inifile_custom_values_dictionary }}" - tags: sap_swpm_generate_inifile - -# NOTE: Values in Dictionary Keys for instance numbers must be string using '01' single quote, otherwise SAP SWPM will crash - -# Detect variables from generated inifile -- name: SAP SWPM advanced mode - Detect Variables - ansible.builtin.include_tasks: - file: detect_variables.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) -# Prepare Software -- name: SAP SWPM advanced mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml deleted file mode 100644 index b6685e34..00000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml +++ /dev/null @@ -1,64 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# Set facts based on the install dictionary -- name: SAP SWPM advanced_templates mode - Set product_catalog_id - ansible.builtin.set_fact: - sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" - tags: sap_swpm_generate_inifile - -- name: SAP SWPM advanced_templates mode - Create temporary directory - ansible.builtin.tempfile: - state: directory - suffix: swpmconfig - register: sap_swpm_tmpdir - tags: sap_swpm_generate_inifile - -# Remove Existing inifile.params -- name: SAP SWPM advanced_templates mode - Ensure 'inifile.params' exists - ansible.builtin.copy: - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - content: | - ### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} - tags: sap_swpm_generate_inifile - -- name: SAP SWPM advanced_templates mode - Loop over the dictionary and output to file - ansible.builtin.lineinfile: - path: "{{ sap_swpm_tmpdir.path }}/inifile.params" - state: present - insertafter: EOF - line: "{{ item.key }} = {{ item.value }}" - with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] }}" - tags: sap_swpm_generate_inifile - -# NOTE: Values in Dictionary Keys for instance numbers must be string using '01' single quote, otherwise SAP SWPM will crash - - -# Detect variables from generated inifile -- name: SAP SWPM advanced_templates mode - Detect Variables - ansible.builtin.include_tasks: - file: detect_variables.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) -# Prepare Software -- name: SAP SWPM advanced_templates mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml - -# ALT: Generate complete inifile.params with all parameters from control.xml, for every SAP software product -#- name: ALT: SAP SWPM advanced_templates mode - Generate complete inifile.params -# script: ./plugins/module_utils/swpm2_parameters_inifile_generate.py '/path/to/controlxml/' -# args: -# executable: /bin/python3 - -# ALT: Replace values of generated inifile with custom values -#- name: ALT: SAP SWPM advanced_templates mode - Replace values of generated inifile with custom values -# replace: -# path: "{{ sap_swpm_tmpdir.path }}/inifile.params" -# regexp: '^{{ item.key }}.*$' -# replace: '{{ item.key }}={{ item.value }}' -# backup: yes -# with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] }}" diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml deleted file mode 100644 index b04362cb..00000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml +++ /dev/null @@ -1,31 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# Determine Installation Type -- name: SAP SWPM default mode - Determine Installation Type - ansible.builtin.include_tasks: - file: ../pre_install/install_type.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Password Facts -- name: SAP SWPM default mode - Password Facts - ansible.builtin.include_tasks: - file: ../pre_install/password_facts.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Prepare Software -- name: SAP SWPM default mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml - -# Process SWPM Configfile Template -- name: SAP SWPM default mode - Process SWPM Configfile Template - ansible.builtin.template: - src: "{{ role_path }}/templates/configfile.j2" - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - register: sap_swpm_cftemplate - tags: sap_swpm_generate_inifile diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml deleted file mode 100644 index b5170621..00000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml +++ /dev/null @@ -1,51 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# Set facts based on the install dictionary -- name: SAP SWPM default_templates mode - Set product_catalog_id and inifile_list - ansible.builtin.set_fact: - sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" - sap_swpm_inifile_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] }}" - tags: sap_swpm_generate_inifile - -- name: SAP SWPM default_templates mode - Set product_catalog_id and inifile_list - ansible.builtin.set_fact: - sap_swpm_java_template_id_selected_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_java_template_id_selected_list'] }}" - when: "'java' in sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] | lower" - tags: sap_swpm_generate_inifile - -# Reason for noqa: We want to define variable names based on what is in the dictionary. -- name: SAP SWPM default_templates mode - If not already defined, use the default variable for the template # noqa var-naming[no-jinja] - ansible.builtin.set_fact: - "{{ item.key }}": "{{ item.value }}" - with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] }}" - tags: sap_swpm_generate_inifile - -# Determine Installation Type -- name: SAP SWPM default_templates mode - Determine Installation Type - ansible.builtin.include_tasks: - file: ../pre_install/install_type.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Password Facts -- name: SAP SWPM default_templates mode - Password Facts - ansible.builtin.include_tasks: - file: ../pre_install/password_facts.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Prepare Software -- name: SAP SWPM default_templates mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml - -# Process SWPM Configfile Template -- name: SAP SWPM default_templates mode - Process SWPM Configfile Template - ansible.builtin.template: - src: "{{ role_path }}/templates/configfile.j2" - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - register: sap_swpm_cftemplate - tags: sap_swpm_generate_inifile diff --git a/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml b/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml index 360df233..8664f9db 100644 --- a/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml +++ b/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml @@ -1,11 +1,30 @@ # SPDX-License-Identifier: Apache-2.0 --- -# Create temporary directory -- name: SAP SWPM Pre Install - Create temporary directory +- name: SAP SWPM Pre Install - Create temporary directory on control node ansible.builtin.tempfile: state: directory - suffix: swpmconfig + suffix: _swpm_tmp + delegate_to: localhost + register: sap_swpm_tmpdir_local + tags: + - sap_swpm_generate_inifile + - sap_swpm_sapinst_commandline + +- name: SAP SWPM Pre Install - Make the temporary directory on control node world readable + ansible.builtin.file: + path: "{{ sap_swpm_tmpdir_local.path }}" + state: directory + mode: '0777' + delegate_to: localhost + tags: + - sap_swpm_generate_inifile + - sap_swpm_sapinst_commandline + +- name: SAP SWPM Pre Install - Create temporary directory on managed node + ansible.builtin.tempfile: + state: directory + suffix: _swpm_config register: sap_swpm_tmpdir tags: - sap_swpm_generate_inifile @@ -21,21 +40,25 @@ when: sap_swpm_use_password_file == "y" tags: sap_swpm_generate_inifile -# Run SWPM inifile generation based on ansible role mode -- name: SAP SWPM Pre Install - generate swpm inifile - ansible.builtin.include_tasks: "swpm_inifile_generate_{{ sap_swpm_ansible_role_mode }}.yml" +# Create the SWPM inifile +## Run SWPM inifile generation based on ansible role mode +- name: SAP SWPM Pre Install - Generate the SWPM inifile + ansible.builtin.include_tasks: "swpm_inifile_generate.yml" +# ansible.builtin.include_tasks: "swpm_inifile_generate_{{ sap_swpm_ansible_role_mode }}.yml" tags: sap_swpm_generate_inifile -- name: SAP SWPM Pre Install - Display the location of file 'inifile.params' - ansible.builtin.debug: - msg: "{{ sap_swpm_tmpdir.path }}/inifile.params" - tags: sap_swpm_generate_inifile +#- name: SAP SWPM Pre Install - Display the location of file 'inifile.params' +# ansible.builtin.debug: +# msg: "/tmp/inifile.params" +# msg: "{{ sap_swpm_tmpdir.path }}/inifile.params" +# tags: sap_swpm_generate_inifile # Set fact for SWPM path - name: SAP SWPM Pre Install - Set fact for SWPM path when extract directory defined ansible.builtin.set_fact: sap_swpm_sapinst_path: "{{ sap_swpm_software_extract_directory }}" when: + - sap_swpm_run_sapinst - sap_swpm_software_extract_directory is defined - not (sap_swpm_software_extract_directory is none or (sap_swpm_software_extract_directory | length == 0)) @@ -44,6 +67,7 @@ ansible.builtin.set_fact: sap_swpm_sapinst_path: "{{ (sap_swpm_swpm_path | regex_replace('\\/$', '')) + '/extracted' }}" when: + - sap_swpm_run_sapinst - sap_swpm_software_extract_directory is undefined or (sap_swpm_software_extract_directory is none or (sap_swpm_software_extract_directory | length) == 0) - name: SAP SWPM Pre Install - Ensure directory '{{ sap_swpm_sapinst_path }}' exists @@ -51,6 +75,7 @@ path: "{{ sap_swpm_sapinst_path }}" state: directory mode: '0755' + when: sap_swpm_run_sapinst # Extract SWPM - name: SAP SWPM Pre Install - Extract SWPM @@ -62,3 +87,4 @@ args: chdir: "{{ sap_swpm_sapinst_path }}" changed_when: "'SAPCAR: processing archive' in sap_swpm_extractswpm.stdout" + when: sap_swpm_run_sapinst diff --git a/roles/sap_swpm/templates/configfile.j2 b/roles/sap_swpm/templates/inifile_params.j2 similarity index 89% rename from roles/sap_swpm/templates/configfile.j2 rename to roles/sap_swpm/templates/inifile_params.j2 index f107f1cc..4f15893d 100644 --- a/roles/sap_swpm/templates/configfile.j2 +++ b/roles/sap_swpm/templates/inifile_params.j2 @@ -1,6 +1,6 @@ ### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} -{% if 'swpm_installation_media' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media ###### @@ -11,14 +11,14 @@ archives.downloadBasket = {{ sap_swpm_software_path }} # NOTE: Specific media requirements will use format # SAPINST.CD.PACKAGE. = {% endif %} -{% if 'swpm_installation_media_swpm2_hana' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm2_hana' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm2_hana ###### HDB_Software_Dialogs.useMediaCD = {{ sap_swpm_software_use_media }} {% endif %} -{% if 'swpm_installation_media_swpm1' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm1' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm1 @@ -36,7 +36,7 @@ SAPINST.CD.PACKAGE.RDBMS = {{ sap_swpm_cd_rdbms_path }} # SAPINST.CD.PACKAGE.J2EE-INST = /path/JAVA_J2EE_OSINDEP_J2EE_INST # SAPINST.CD.PACKAGE.SCA = /path/JAVA_J2EE_OSINDEP_UT {% endif %} -{% if 'swpm_installation_media_swpm1_exportfiles' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm1_exportfiles' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm1_exportfiles @@ -47,7 +47,7 @@ SAPINST.CD.PACKAGE.LOAD1 = {{ sap_swpm_cd_export_pt1_path }} SAPINST.CD.PACKAGE.LOAD2 = {{ sap_swpm_cd_export_pt2_path }} # SAPINST.CD.PACKAGE.JMIG = {% endif %} -{% if 'swpm_installation_media_swpm1_ibmdb2' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm1_ibmdb2' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm1_ibmdb2 @@ -61,7 +61,7 @@ SAPINST.CD.PACKAGE.DB2CLIENT = {{ sap_swpm_cd_ibmdb2_client_path }} # IBM DB2 software unpack path e.g. /db2/db2x01/db2_software db6.DB2SoftwarePath = {{ sap_swpm_ibmdb2_unpack_path }} {% endif %} -{% if 'swpm_installation_media_swpm1_oracledb_121' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm1_oracledb_121' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm1_oracledb_121 @@ -72,7 +72,7 @@ SAPINST.CD.PACKAGE.RDBMS-ORA121 = {{ sap_swpm_cd_oracle_path }} # Requested package : RDBMS-ORA CLIENT SAPINST.CD.PACKAGE.ORACLI121 = {{ sap_swpm_cd_oracle_client_path }} {% endif %} -{% if 'swpm_installation_media_swpm1_oracledb_122' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm1_oracledb_122' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm1_oracledb_122 @@ -83,7 +83,7 @@ SAPINST.CD.PACKAGE.RDBMS-ORA122 = {{ sap_swpm_cd_oracle_path }} # Requested package : RDBMS-ORA CLIENT SAPINST.CD.PACKAGE.ORACLI122 = {{ sap_swpm_cd_oracle_client_path }} {% endif %} -{% if 'swpm_installation_media_swpm1_oracledb_19' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm1_oracledb_19' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm1_oracledb_19 @@ -94,7 +94,7 @@ SAPINST.CD.PACKAGE.RDBMS-ORA19 = {{ sap_swpm_cd_oracle_path }} # Requested package : RDBMS-ORA CLIENT SAPINST.CD.PACKAGE.ORACLI19 = {{ sap_swpm_cd_oracle_client_path }} {% endif %} -{% if 'swpm_installation_media_swpm1_sapase' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm1_sapase' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm1_sapase @@ -104,7 +104,7 @@ SAPINST.CD.PACKAGE.RDBMS-SYB = {{ sap_swpm_cd_sapase_path }} SAPINST.CD.PACKAGE.RDBMS-SYB-CLIENT = {{ sap_swpm_cd_sapase_client_path }} {% endif %} -{% if 'swpm_installation_media_swpm1_sapmaxdb' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_swpm1_sapmaxdb' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_swpm1_sapmaxdb @@ -112,7 +112,7 @@ SAPINST.CD.PACKAGE.RDBMS-SYB-CLIENT = {{ sap_swpm_cd_sapase_client_path }} # Requested package : RDBMS-ADA SAPINST.CD.PACKAGE.RDBMS-ADA = {{ sap_swpm_cd_sapmaxdb_path }} {% endif %} -{% if 'maintenance_plan_stack_tms_config' in sap_swpm_inifile_list %} +{% if 'maintenance_plan_stack_tms_config' in sap_swpm_inifile_sections_list %} ###### # maintenance_plan_stack_tms_config @@ -120,7 +120,7 @@ SAPINST.CD.PACKAGE.RDBMS-ADA = {{ sap_swpm_cd_sapmaxdb_path }} NW_ABAP_TMSConfig.configureTMS = {{ sap_swpm_configure_tms | lower }} NW_ABAP_TMSConfig.transportPassword = {{ sap_swpm_tmsadm_password }} {% endif %} -{% if 'maintenance_plan_stack_tms_transports' in sap_swpm_inifile_list %} +{% if 'maintenance_plan_stack_tms_transports' in sap_swpm_inifile_sections_list %} ###### # maintenance_plan_stack_tms_transports @@ -128,7 +128,7 @@ NW_ABAP_TMSConfig.transportPassword = {{ sap_swpm_tmsadm_password }} NW_ABAP_Include_Corrections.includeTransports = true NW_ABAP_Include_Corrections.transportFilesLocations = {{ sap_swpm_tms_tr_files_path }} {% endif %} -{% if 'maintenance_plan_stack_spam_config' in sap_swpm_inifile_list %} +{% if 'maintenance_plan_stack_spam_config' in sap_swpm_inifile_sections_list %} ###### # maintenance_plan_stack_spam_config @@ -140,7 +140,7 @@ NW_ABAP_SPAM_Update.SPAMUpdateArchive = {{ sap_swpm_spam_update_sar }} #NW_ABAP_SPAM_Update.SPAMUpdateArchive = {% endif %} {% endif %} -{% if 'maintenance_plan_stack_sum_config' in sap_swpm_inifile_list %} +{% if 'maintenance_plan_stack_sum_config' in sap_swpm_inifile_sections_list %} ###### # maintenance_plan_stack_sum_config @@ -151,7 +151,7 @@ NW_ABAP_Prepare_SUM.startSUM = {{ sap_swpm_sum_start | lower }} # Password for SUM must be for 'adm' user NW_ABAP_Prepare_SUM.Password = {{ sap_swpm_sap_sidadm_password }} {% endif %} -{% if 'maintenance_plan_stack_sum_10_batch_mode' in sap_swpm_inifile_list %} +{% if 'maintenance_plan_stack_sum_10_batch_mode' in sap_swpm_inifile_sections_list %} ###### # maintenance_plan_stack_sum_10_batch_mode @@ -159,7 +159,7 @@ NW_ABAP_Prepare_SUM.Password = {{ sap_swpm_sap_sidadm_password }} # Re-run of existing BatchModeInputFile.xml for NWAS JAVA (generated by SUM 1.0 on previous host into the /sdt/param/ subdirectory) NW_ABAP_Prepare_SUM.SUMBatchFile = {{ sap_swpm_sum_batch_file }} {% endif %} -{% if 'credentials' in sap_swpm_inifile_list %} +{% if 'credentials' in sap_swpm_inifile_sections_list %} ###### # credentials @@ -175,7 +175,7 @@ DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} # 'sapadm' user of the SAP Host Agent hostAgent.sapAdmPassword = {{ sap_swpm_sapadm_password }} {% endif %} -{% if 'credentials_hana' in sap_swpm_inifile_list %} +{% if 'credentials_hana' in sap_swpm_inifile_sections_list %} ###### # credentials_hana @@ -183,7 +183,7 @@ hostAgent.sapAdmPassword = {{ sap_swpm_sapadm_password }} HDB_Schema_Check_Dialogs.schemaPassword = {{ sap_swpm_db_schema_password }} storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} {% endif %} -{% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_list %} +{% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} ###### # credentials_anydb_ibmdb2 @@ -191,7 +191,7 @@ storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} nwUsers.db6.db2sidPassword = {{ sap_swpm_sap_sidadm_password }} # nwUsers.db6.db2sidUid = {% endif %} -{% if 'credentials_anydb_oracledb' in sap_swpm_inifile_list %} +{% if 'credentials_anydb_oracledb' in sap_swpm_inifile_sections_list %} ###### # credentials_anydb_oracledb @@ -208,7 +208,7 @@ ora.SysPassword = {{ sap_swpm_db_system_password }} # Oracle 'SYSTEM' password ora.SystemPassword = {{ sap_swpm_db_system_password }} {% endif %} -{% if 'credentials_anydb_sapase' in sap_swpm_inifile_list %} +{% if 'credentials_anydb_sapase' in sap_swpm_inifile_sections_list %} ###### # credentials_anydb_sapase @@ -222,7 +222,7 @@ SYB.NW_DB.sapsr3db_pass = {{ sap_swpm_db_system_password }} # SYB.NW_DB.sapsso_pass = # SYB.NW_DB.sslPassword = {% endif %} -{% if 'credentials_anydb_sapmaxdb' in sap_swpm_inifile_list %} +{% if 'credentials_anydb_sapmaxdb' in sap_swpm_inifile_sections_list %} ###### # credentials_anydb_sapmaxdb @@ -234,15 +234,15 @@ Sdb_DBUser.dbaPassword = {{ sap_swpm_db_system_password }} Sdb_DBUser.dbmPassword = {{ sap_swpm_db_system_password }} Sdb_Schema_Dialogs.dbSchemaPassword = {{ sap_swpm_db_schema_password }} {% endif %} -{% if 'credentials_nwas_ssfs' in sap_swpm_inifile_list %} +{% if 'credentials_nwas_ssfs' in sap_swpm_inifile_sections_list %} ###### # credentials_nwas_ssfs ###### HDB_Userstore.useABAPSSFS = true -# NW_ABAP_SSFS_CustomKey.ssfsKeyInputFile = +# NW_ABAP_SSFS_CustomKey.ssfsKeyInputFile = {% endif %} -{% if 'credentials_hdbuserstore' in sap_swpm_inifile_list %} +{% if 'credentials_hdbuserstore' in sap_swpm_inifile_sections_list %} ###### # credentials_hdbuserstore @@ -254,26 +254,7 @@ HDB_Userstore.useABAPSSFS = false # NW_HDB_DBClient.checkCreateUserstore = true # NW_HDB_DBClient.clientPathStrategy = LOCAL {% endif %} -{% if sap_swpm_ddic_000_password | d('',true) | length > 0 %} - -###### -# newinstall_ddic_000_password_not_master -###### -# Are the passwords for the DDIC users different from the default value? -NW_CI_Instance_ABAP_Reports.ddic000Password = {{ sap_swpm_ddic_000_password }} -NW_CI_Instance_ABAP_Reports.needNewDDIC000Password = true -{% endif %} -{% if sap_swpm_sapstar_000_password | d('',true) | length > 0 %} - -###### -# newinstall_sapstar_000_password_not_master -###### -# Are the passwords for the SAP* users different from the default value? -NW_CI_Instance_ABAP_Reports.ddic000Password = -NW_CI_Instance_ABAP_Reports.needNewSapStar000Password = true -NW_CI_Instance_ABAP_Reports.sapStar000Password = {{ sap_swpm_sapstar_000_password }} -{% endif %} -{% if 'credentials_syscopy' in sap_swpm_inifile_list %} +{% if 'credentials_syscopy' in sap_swpm_inifile_sections_list %} ###### # credentials_syscopy @@ -283,14 +264,14 @@ NW_DDIC_Password.needDDICPasswords = true NW_DDIC_Password.ddic000Password = {{ sap_swpm_ddic_000_password }} #NW_DDIC_Password.ddic001Password = {% endif %} -{% if 'db_config_hana' in sap_swpm_inifile_list %} +{% if 'db_config_hana' in sap_swpm_inifile_sections_list %} ###### # db_config_hana ###### storageBasedCopy.hdb.instanceNumber = {{ sap_swpm_db_instance_nr }} HDB_Schema_Check_Dialogs.schemaName = {{ sap_swpm_db_schema }} -{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} +{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_sections_list %} HDB_Schema_Check_Dialogs.validateSchemaName = true {% else %} @@ -300,14 +281,14 @@ HDB_Schema_Check_Dialogs.validateSchemaName = false # HDB_Schema_Check_Dialogs.dropSchema = false # hdb.create.dbacockpit.user = false {% endif %} -{% if 'db_config_anydb_all' in sap_swpm_inifile_list %} +{% if 'db_config_anydb_all' in sap_swpm_inifile_sections_list %} ###### # db_config_anydb_all ###### NW_ABAP_Import_Dialog.dbCodepage = 4103 {% endif %} -{% if 'db_config_anydb_ibmdb2' in sap_swpm_inifile_list %} +{% if 'db_config_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} ###### # db_config_anydb_ibmdb2 @@ -336,7 +317,7 @@ storageBasedCopy.db6.CommunicationPortNumber = 5912 storageBasedCopy.db6.PortRangeEnd = 5917 storageBasedCopy.db6.PortRangeStart = 5914 {% endif %} -{% if 'db_config_anydb_oracledb' in sap_swpm_inifile_list %} +{% if 'db_config_anydb_oracledb' in sap_swpm_inifile_sections_list %} ###### # db_config_anydb_oracledb @@ -364,7 +345,7 @@ ora.whatInstallation = isSingle ## CDB_ONLY: install CDB only. ora.multitenant.installMT = FALSE {% endif %} -{% if 'db_config_anydb_oracledb_121' in sap_swpm_inifile_list %} +{% if 'db_config_anydb_oracledb_121' in sap_swpm_inifile_sections_list %} ###### # db_config_anydb_oracledb_121 @@ -374,7 +355,7 @@ ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/121 storageBasedCopy.ora.clientVersion = 121 storageBasedCopy.ora.serverVersion = 121 {% endif %} -{% if 'db_config_anydb_oracledb_122' in sap_swpm_inifile_list %} +{% if 'db_config_anydb_oracledb_122' in sap_swpm_inifile_sections_list %} ###### # db_config_anydb_oracledb_122 @@ -384,7 +365,7 @@ ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/122 storageBasedCopy.ora.clientVersion = 122 storageBasedCopy.ora.serverVersion = 122 {% endif %} -{% if 'db_config_anydb_oracledb_19' in sap_swpm_inifile_list %} +{% if 'db_config_anydb_oracledb_19' in sap_swpm_inifile_sections_list %} ###### # db_config_anydb_oracledb_19 @@ -394,7 +375,7 @@ ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/19 storageBasedCopy.ora.clientVersion = 19 storageBasedCopy.ora.serverVersion = 19 {% endif %} -{% if 'db_config_anydb_sapase' in sap_swpm_inifile_list %} +{% if 'db_config_anydb_sapase' in sap_swpm_inifile_sections_list %} ###### # db_config_anydb_sapase @@ -426,12 +407,12 @@ SYB.NW_DB.userstore_hostname = {{ sap_swpm_ascs_instance_hostname }} # To avoid conflicts, leave all Ports blank and SAP SWPM will auto-assign # Ports by default are in order 4901, 4902, 4903, 4904. For each new ASE DB Server instance on the host, each port number is incremented by 4 -SYB.NW_DB.portDatabaseServer = -SYB.NW_DB.portBackupServer = -SYB.NW_DB.portJobScheduler = -SYB.NW_DB.portXPServer = +SYB.NW_DB.portDatabaseServer = +SYB.NW_DB.portBackupServer = +SYB.NW_DB.portJobScheduler = +SYB.NW_DB.portXPServer = {% endif %} -{% if 'db_config_anydb_sapmaxdb' in sap_swpm_inifile_list %} +{% if 'db_config_anydb_sapmaxdb' in sap_swpm_inifile_sections_list %} ###### # db_config_anydb_sapmaxdb @@ -444,7 +425,7 @@ SdbInstanceDialogs.minlogsize = 4000 SdbInstanceDialogs.sapdataFolder = sapdata SdbInstanceDialogs.saplogFolder = saplog {% endif %} -{% if 'db_connection_nw_hana' in sap_swpm_inifile_list %} +{% if 'db_connection_nw_hana' in sap_swpm_inifile_sections_list %} ###### # db_connection_nw_hana @@ -469,7 +450,7 @@ NW_Recovery_Install_HDB.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} # NW_HDB_getDBInfo.tenantOsUser = {{ sap_swpm_db_sid | lower }}usr # NW_HDB_getDBInfo.tenantPort = {% endif %} -{% if 'db_connection_nw_anydb_ibmdb2' in sap_swpm_inifile_list %} +{% if 'db_connection_nw_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} ###### # db_connection_nw_anydb_ibmdb2 @@ -487,7 +468,7 @@ NW_DB6_DB.db6.abap.schema = sap{{ sap_swpm_sid | lower }} # NW_DB6_DB.db6.java.connect.user = # NW_DB6_DB.db6.java.schema = {% endif %} -{% if 'db_connection_nw_anydb_oracledb' in sap_swpm_inifile_list %} +{% if 'db_connection_nw_anydb_oracledb' in sap_swpm_inifile_sections_list %} ###### # db_connection_nw_anydb_oracledb @@ -495,14 +476,14 @@ NW_DB6_DB.db6.abap.schema = sap{{ sap_swpm_sid | lower }} storageBasedCopy.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} storageBasedCopy.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} {% endif %} -{% if 'db_connection_nw_anydb_sapase' in sap_swpm_inifile_list %} +{% if 'db_connection_nw_anydb_sapase' in sap_swpm_inifile_sections_list %} ###### # db_connection_nw_anydb_sapase ###### # NW_SYB_CIABAP.sapsaPassword = {% endif %} -{% if 'db_restore_hana' in sap_swpm_inifile_list %} +{% if 'db_restore_hana' in sap_swpm_inifile_sections_list %} ###### # db_restore_hana @@ -525,7 +506,7 @@ HDB_Recovery_Dialogs.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} # HDB_System_Check_Dialogs.initTopology = false # NW_CreateDBandLoad.movePVCforUsagePiAndDi = {% endif %} -{% if 'nw_config_anydb' in sap_swpm_inifile_list %} +{% if 'nw_config_anydb' in sap_swpm_inifile_sections_list %} ###### # nw_config_anydb @@ -534,7 +515,7 @@ HDB_Recovery_Dialogs.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} # Execute ABAP program 'RUTPOADAPT' for depooling. Set it to 'true' if declustering / depooling is selected for the distributed database instance installation option NW_CI_Instance_ABAP_Reports.executeReportsForDepooling = false {% endif %} -{% if 'nw_config_other' in sap_swpm_inifile_list %} +{% if 'nw_config_other' in sap_swpm_inifile_sections_list %} ###### # nw_config_other @@ -556,7 +537,7 @@ NW_getLoadType.loadType = {{ sap_swpm_load_type }} # NW_adaptProfile.skipSecurityProfileSettings = false # OS4.DestinationASP = {% endif %} -{% if 'nw_config_central_services_abap' in sap_swpm_inifile_list %} +{% if 'nw_config_central_services_abap' in sap_swpm_inifile_sections_list %} ###### # nw_config_central_services_abap @@ -568,7 +549,7 @@ NW_CI_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} # NW_SCS_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} NW_SCS_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} {% endif %} -{% if 'nw_config_central_services_java' in sap_swpm_inifile_list %} +{% if 'nw_config_central_services_java' in sap_swpm_inifile_sections_list %} ###### # nw_config_central_services_java @@ -581,7 +562,7 @@ NW_SCS_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} NW_SCS_Instance.instanceNumber = {{ sap_swpm_java_scs_instance_nr }} NW_JAVA_Export.keyPhrase = {{ sap_swpm_master_password }} {% endif %} -{% if 'nw_config_primary_application_server_instance' in sap_swpm_inifile_list %} +{% if 'nw_config_primary_application_server_instance' in sap_swpm_inifile_sections_list %} ###### # nw_config_primary_application_server_instance @@ -590,12 +571,12 @@ NW_JAVA_Export.keyPhrase = {{ sap_swpm_master_password }} ###### NW_CI_Instance.ciVirtualHostname = {{ sap_swpm_pas_instance_hostname }} NW_CI_Instance.ciInstanceNumber = {{ sap_swpm_pas_instance_nr }} -# NW_CI_Instance.nodesNum = +# NW_CI_Instance.nodesNum = # NW_CI_Instance.nodesNumber = defNodes # NW_WPConfiguration.ciBtcWPNumber = 6 # NW_WPConfiguration.ciDialogWPNumber = 10 {% endif %} -{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} +{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_sections_list %} ###### # nw_config_additional_application_server_instance @@ -614,7 +595,7 @@ NW_AS.instanceNumber = {{ sap_swpm_aas_instance_nr }} # Virtual host name of the SAP NetWeaver Application Server instance. Leave empty to use the existing host name NW_DI_Instance.virtualHostname = {{ sap_swpm_aas_instance_hostname }} {% endif %} -{% if 'nw_config_ers' in sap_swpm_inifile_list %} +{% if 'nw_config_ers' in sap_swpm_inifile_sections_list %} ###### # nw_config_ers @@ -627,14 +608,14 @@ nw_instance_ers.ersInstanceNumber = {{ sap_swpm_ers_instance_nr }} # "User? Password? Stop. FAIL: Invalid Credentials" nw_instance_ers.restartSCS = false {% endif %} -{% if 'nw_config_ports' in sap_swpm_inifile_list %} +{% if 'nw_config_ports' in sap_swpm_inifile_sections_list %} ###### # nw_config_ports ###### NW_CI_Instance.ciMSPort = 36{{ sap_swpm_ascs_instance_nr }} NW_checkMsgServer.abapMSPort = 36{{ sap_swpm_ascs_instance_nr }} -# NW_CI_Instance.ciMSPortInternal = +# NW_CI_Instance.ciMSPortInternal = # NW_CI_Instance.createGlobalProxyInfoFile = false # NW_CI_Instance.createGlobalRegInfoFile = false # NW_CI_Instance.scsMSPortInternal = @@ -642,7 +623,7 @@ NW_checkMsgServer.abapMSPort = 36{{ sap_swpm_ascs_instance_nr }} # NW_SCS_Instance.createGlobalProxyInfoFile = false # NW_SCS_Instance.createGlobalRegInfoFile = false {% endif %} -{% if 'nw_config_java_ume' in sap_swpm_inifile_list %} +{% if 'nw_config_java_ume' in sap_swpm_inifile_sections_list %} ###### # nw_config_java_ume @@ -657,7 +638,7 @@ UmeConfiguration.umeInstance = {{ sap_swpm_ume_instance_nr }} UmeConfiguration.umeType = {{ sap_swpm_ume_type }} # UmeConfiguration.sapjsfName = SAPJSF {% endif %} -{% if 'nw_config_java_feature_template_ids' in sap_swpm_inifile_list %} +{% if 'nw_config_java_feature_template_ids' in sap_swpm_inifile_sections_list %} ###### # nw_config_java_feature_template_ids @@ -677,7 +658,7 @@ Select_PPMS_Instances.ListOfSelectedInstances = {% set selected_ids = [] %}{%- f ## Comma-separated value list containing which product instances (formerly known as usage types) are installed. Used for handling product instances in unattended mode. ## SAP_Software_Features_Select.selectedInstancesForInstallation = AS,AAS,BASIC,NW-MODEL,ESR,PI,PI-AF {%- endif %} -{% if 'nw_config_webdisp_generic' in sap_swpm_inifile_list %} +{% if 'nw_config_webdisp_generic' in sap_swpm_inifile_sections_list %} ###### # nw_config_webdisp_generic @@ -702,7 +683,7 @@ NW_webdispatcher_Instance.rfcClient = {{ sap_swpm_wd_backend_rfc_client_nr }} NW_webdispatcher_Instance.rfcUser = {{ sap_swpm_wd_backend_rfc_user }} NW_webdispatcher_Instance.rfcPassword = {{ sap_swpm_wd_backend_rfc_user_password }} {% endif %} -{% if 'nw_config_webdisp_gateway' in sap_swpm_inifile_list %} +{% if 'nw_config_webdisp_gateway' in sap_swpm_inifile_sections_list %} ###### # nw_config_webdisp_gateway @@ -717,14 +698,14 @@ NW_CI_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} # NW_CI_Instance.ascsInstallWebDispatcher = false # NW_SCS_Instance.ascsInstallWebDispatcher = false {% endif %} -{% if 'nw_config_host_agent' in sap_swpm_inifile_list %} +{% if 'nw_config_host_agent' in sap_swpm_inifile_sections_list %} ###### # nw_config_host_agent ###### NW_System.installSAPHostAgent = {{ sap_swpm_install_saphostagent | lower }} {% endif %} -{% if 'nw_config_post_load_abap_reports' in sap_swpm_inifile_list %} +{% if 'nw_config_post_load_abap_reports' in sap_swpm_inifile_sections_list %} ###### # nw_config_post_load_abap_reports @@ -765,7 +746,7 @@ NW_CI_Instance_ABAP_Reports.enableActivateICFService = true # Specify new password of the SAP* user in client 001, different from Master Password # NW_CI_Instance_ABAP_Reports.sapStar001Password = {% endif %} -{% if 'nw_config_livecache' in sap_swpm_inifile_list %} +{% if 'nw_config_livecache' in sap_swpm_inifile_sections_list %} ###### # nw_config_livecache @@ -777,7 +758,7 @@ NW_liveCache.liveCacheUser = NW_liveCache.liveCacheUserPwd = NW_liveCache.useLiveCache = {% endif %} -{% if 'nw_config_sld' in sap_swpm_inifile_list %} +{% if 'nw_config_sld' in sap_swpm_inifile_sections_list %} ###### # nw_config_sld @@ -789,7 +770,7 @@ NW_SLD_Configuration.sldUseHttps = NW_SLD_Configuration.sldUser = NW_SLD_Configuration.sldUserPassword = {% endif %} -{% if 'nw_config_abap_language_packages' in sap_swpm_inifile_list %} +{% if 'nw_config_abap_language_packages' in sap_swpm_inifile_sections_list %} ###### # nw_config_abap_language_packages @@ -800,7 +781,7 @@ NW_Language_Inst_Dialogs.folders = /software # Selected languages comma-separated list (by default DE,EN are installed) NW_Language_Inst_Dialogs.languages = AR,BG,CA,CS,DA,EL,ES,ET,FI,FR,HE,HI,HR,HU,IT,JA,KK,KO,LT,LV,MS,NL,NO,PL,PT,RO,RU,SH,SK,SL,SV,TH,TR,UK,VI,ZF,ZH {% endif %} -{% if 'sap_os_linux_user' in sap_swpm_inifile_list %} +{% if 'sap_os_linux_user' in sap_swpm_inifile_sections_list %} ###### # sap_os_linux_user @@ -809,7 +790,7 @@ nwUsers.sapadmUID = {{ sap_swpm_sapadm_uid }} nwUsers.sapsysGID = {{ sap_swpm_sapsys_gid }} nwUsers.sidAdmUID = {{ sap_swpm_sidadm_uid }} {% endif %} -{% if 'swpm_installation_media_download_service' in sap_swpm_inifile_list %} +{% if 'swpm_installation_media_download_service' in sap_swpm_inifile_sections_list %} ###### # swpm_installation_media_download_service @@ -825,14 +806,14 @@ nwUsers.sidAdmUID = {{ sap_swpm_sidadm_uid }} # DownloadService.Username = # DownloadService.planNumber = {% endif %} -{% if 'nw_config_java_icm_credentials' in sap_swpm_inifile_list %} +{% if 'nw_config_java_icm_credentials' in sap_swpm_inifile_sections_list %} ###### # nw_config_java_icm_credentials ###### NW_IcmAuth.webadmPassword = {{ sap_swpm_ume_j2ee_admin_password }} {% endif %} -{% if 'solman_abap_swpm1' in sap_swpm_inifile_list %} +{% if 'solman_abap_swpm1' in sap_swpm_inifile_sections_list %} ###### # solman_abap_swpm1 @@ -840,7 +821,7 @@ NW_IcmAuth.webadmPassword = {{ sap_swpm_ume_j2ee_admin_password }} ###### InitDeclusteringForImport.decluster = false {% endif %} -{% if 'solman_daa_swpm1' in sap_swpm_inifile_list %} +{% if 'solman_daa_swpm1' in sap_swpm_inifile_sections_list %} ###### # solman_daa_swpm1 @@ -867,7 +848,7 @@ InitDeclusteringForImport.decluster = false # DiagnosticsAgent.SolMan.UserName # DiagnosticsAgent.SolMan.UseSSL {% endif %} -{% if 'syscopy_export_anydb' in sap_swpm_inifile_list %} +{% if 'syscopy_export_anydb' in sap_swpm_inifile_sections_list %} ###### # syscopy_export_anydb @@ -939,7 +920,7 @@ NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile NW_getLoadType.loadType = {{ sap_swpm_load_type }} NW_getLoadType.importManuallyExecuted = false {% endif %} -{% if 'syscopy_import_anydb_ibmdb2' in sap_swpm_inifile_list %} +{% if 'syscopy_import_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} ###### # syscopy_import_anydb_ibmdb2 From 37bf6581693baefe49752888f229fbe4e03ab900 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 5 Aug 2024 16:52:53 +0200 Subject: [PATCH 16/51] sap_swpm: Improved section markers for inifile Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml index 81414b65..bb7b2ca0 100644 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml +++ b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml @@ -38,12 +38,14 @@ owner: 'root' group: 'root' mode: '0755' + tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Check if file '{{ sap_swpm_inifile_directory }}/inifile.params' exists ansible.builtin.stat: path: "{{ sap_swpm_inifile_directory }}/inifile.params" check_mode: no register: __sap_swpm_register_stat_sapinst_inifile + tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Notify about existing sapinst inifile ansible.builtin.debug: From 23beeadeda83b0257ffd0b7b3633faaf7f08744d Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 5 Aug 2024 18:20:28 +0200 Subject: [PATCH 17/51] sap_swpm: Reorganize yml files, part 1 Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/pre_install.yml | 2 +- .../detect_variables_from_inifile.yml} | 0 .../generate_inifile_params.yml} | 37 ++----------------- .../prepare_software.yml | 0 .../tasks/pre_install/set_password_facts.yml | 24 ++++++++++++ .../swpm_prepare.yml} | 16 +++++++- .../swpm_inifile_generate_inifile_reuse.yml | 13 ------- 7 files changed, 43 insertions(+), 49 deletions(-) rename roles/sap_swpm/tasks/{swpm/detect_variables.yml => pre_install/detect_variables_from_inifile.yml} (100%) rename roles/sap_swpm/tasks/{swpm/swpm_inifile_generate.yml => pre_install/generate_inifile_params.yml} (77%) rename roles/sap_swpm/tasks/{swpm => pre_install}/prepare_software.yml (100%) create mode 100644 roles/sap_swpm/tasks/pre_install/set_password_facts.yml rename roles/sap_swpm/tasks/{swpm/swpm_pre_install.yml => pre_install/swpm_prepare.yml} (83%) diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 1f330fb3..cf5b9ccb 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -12,7 +12,7 @@ ################ - name: SAP SWPM Pre Install - Run Preinstallation Steps - ansible.builtin.include_tasks: swpm/swpm_pre_install.yml + ansible.builtin.include_tasks: pre_install/swpm_prepare.yml tags: - sap_swpm_generate_inifile - sap_swpm_sapinst_commandline diff --git a/roles/sap_swpm/tasks/swpm/detect_variables.yml b/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml similarity index 100% rename from roles/sap_swpm/tasks/swpm/detect_variables.yml rename to roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml b/roles/sap_swpm/tasks/pre_install/generate_inifile_params.yml similarity index 77% rename from roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml rename to roles/sap_swpm/tasks/pre_install/generate_inifile_params.yml index bb7b2ca0..71a004d1 100644 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate.yml +++ b/roles/sap_swpm/tasks/pre_install/generate_inifile_params.yml @@ -1,34 +1,9 @@ # SPDX-License-Identifier: Apache-2.0 --- -# Determine Installation Type, e.g. System Copy, HA, Maintenance Planner, ... -- name: SAP SWPM default mode - Determine Installation Type - ansible.builtin.include_tasks: - file: ../pre_install/install_type.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - # Password Facts -- name: SAP SWPM Pre Install - Set password facts when ABAP - ansible.builtin.set_fact: - sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" - sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" - when: "'ABAP' in sap_swpm_product_catalog_id" - tags: sap_swpm_generate_inifile - -- name: SAP SWPM Pre Install - Set password facts when Java - ansible.builtin.set_fact: - sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" - sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" - when: "'Java' in sap_swpm_product_catalog_id" - tags: sap_swpm_generate_inifile - -- name: SAP SWPM Pre Install - Set other user passwords using master password - ansible.builtin.set_fact: - sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" - sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" - sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" +- name: SAP SWPM Pre Install - Set password facts + ansible.builtin.include_tasks: "set_password_facts.yml" tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Ensure the sapinst inifile directory '{{ sap_swpm_inifile_directory }}' exists @@ -132,7 +107,7 @@ - name: SAP SWPM Pre Install - Detect Variables ansible.builtin.include_tasks: - file: detect_variables.yml + file: detect_variables_from_inifile.yml apply: tags: sap_swpm_generate_inifile tags: sap_swpm_generate_inifile @@ -157,9 +132,3 @@ ansible.builtin.debug: msg: "The local inifile.params has been copied to: '{{ sap_swpm_tmpdir.path }}/inifile.params'" tags: sap_swpm_generate_inifile - -# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) -# Prepare Software -- name: SAP SWPM advanced mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml - when: sap_swpm_run_sapinst diff --git a/roles/sap_swpm/tasks/swpm/prepare_software.yml b/roles/sap_swpm/tasks/pre_install/prepare_software.yml similarity index 100% rename from roles/sap_swpm/tasks/swpm/prepare_software.yml rename to roles/sap_swpm/tasks/pre_install/prepare_software.yml diff --git a/roles/sap_swpm/tasks/pre_install/set_password_facts.yml b/roles/sap_swpm/tasks/pre_install/set_password_facts.yml new file mode 100644 index 00000000..96010efb --- /dev/null +++ b/roles/sap_swpm/tasks/pre_install/set_password_facts.yml @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# Password Facts +- name: SAP SWPM Pre Install - Set password facts when ABAP + ansible.builtin.set_fact: + sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" + sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" + when: "'ABAP' in sap_swpm_product_catalog_id" + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Set password facts when Java + ansible.builtin.set_fact: + sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" + sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" + when: "'Java' in sap_swpm_product_catalog_id" + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Set other user passwords using master password + ansible.builtin.set_fact: + sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" + sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" + sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" + tags: sap_swpm_generate_inifile diff --git a/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml similarity index 83% rename from roles/sap_swpm/tasks/swpm/swpm_pre_install.yml rename to roles/sap_swpm/tasks/pre_install/swpm_prepare.yml index 8664f9db..a22dbbe2 100644 --- a/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml @@ -40,13 +40,27 @@ when: sap_swpm_use_password_file == "y" tags: sap_swpm_generate_inifile +# Determine Installation Type, e.g. System Copy, HA, Maintenance Planner, ... +- name: SAP SWPM default mode - Determine Installation Type + ansible.builtin.include_tasks: + file: install_type.yml + apply: + tags: sap_swpm_generate_inifile + tags: sap_swpm_generate_inifile + # Create the SWPM inifile ## Run SWPM inifile generation based on ansible role mode - name: SAP SWPM Pre Install - Generate the SWPM inifile - ansible.builtin.include_tasks: "swpm_inifile_generate.yml" + ansible.builtin.include_tasks: "generate_inifile_params.yml" # ansible.builtin.include_tasks: "swpm_inifile_generate_{{ sap_swpm_ansible_role_mode }}.yml" tags: sap_swpm_generate_inifile +# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) +# Prepare Software +- name: SAP SWPM advanced mode - Prepare Software + ansible.builtin.include_tasks: prepare_software.yml + when: sap_swpm_run_sapinst + #- name: SAP SWPM Pre Install - Display the location of file 'inifile.params' # ansible.builtin.debug: # msg: "/tmp/inifile.params" diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml index b22ef348..f2257998 100644 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml +++ b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml @@ -24,16 +24,3 @@ msg: "{{ sap_swpm_inifile_reuse_source }} is not reusable" when: sap_swpm_inifile_read_file.stdout != '0' tags: sap_swpm_generate_inifile - -# Detect variables from generated inifile -- name: SAP SWPM inifile_reuse mode - Detect Variables - ansible.builtin.include_tasks: - file: detect_variables.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - -# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) -# Prepare Software -- name: SAP SWPM inifile_reuse mode - Prepare Software - ansible.builtin.include_tasks: prepare_software.yml From 0331724e9a60aa30217dccf2daf1aeee0cad9f49 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Tue, 6 Aug 2024 11:02:39 +0200 Subject: [PATCH 18/51] sap_swpm: Fix task name Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/pre_install/swpm_prepare.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml index a22dbbe2..a5d56915 100644 --- a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml +++ b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml @@ -57,7 +57,7 @@ # Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) # Prepare Software -- name: SAP SWPM advanced mode - Prepare Software +- name: SAP SWPM Pre Install - Prepare Software ansible.builtin.include_tasks: prepare_software.yml when: sap_swpm_run_sapinst From 0324e4159a123f5d891c424817ca1a1434599d37 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Tue, 6 Aug 2024 12:16:05 +0200 Subject: [PATCH 19/51] sap_swpm: Speed up inifile generation if tag is specified Signed-off-by: Bernd Finger --- ...nifile_params.yml => generate_inifile.yml} | 40 ++++++------------- .../tasks/pre_install/swpm_prepare.yml | 30 +++++++------- 2 files changed, 27 insertions(+), 43 deletions(-) rename roles/sap_swpm/tasks/pre_install/{generate_inifile_params.yml => generate_inifile.yml} (80%) diff --git a/roles/sap_swpm/tasks/pre_install/generate_inifile_params.yml b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml similarity index 80% rename from roles/sap_swpm/tasks/pre_install/generate_inifile_params.yml rename to roles/sap_swpm/tasks/pre_install/generate_inifile.yml index 71a004d1..a635aa23 100644 --- a/roles/sap_swpm/tasks/pre_install/generate_inifile_params.yml +++ b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml @@ -6,6 +6,7 @@ ansible.builtin.include_tasks: "set_password_facts.yml" tags: sap_swpm_generate_inifile +# The following task is used for checking if an inifile exists on the managed node - name: SAP SWPM Pre Install - Ensure the sapinst inifile directory '{{ sap_swpm_inifile_directory }}' exists ansible.builtin.file: path: "{{ sap_swpm_inifile_directory }}" @@ -13,20 +14,20 @@ owner: 'root' group: 'root' mode: '0755' - tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Check if file '{{ sap_swpm_inifile_directory }}/inifile.params' exists ansible.builtin.stat: path: "{{ sap_swpm_inifile_directory }}/inifile.params" check_mode: no register: __sap_swpm_register_stat_sapinst_inifile - tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Notify about existing sapinst inifile ansible.builtin.debug: msg: "INFO: Using existing sapinst inifile '{{ sap_swpm_inifile_directory }}/inifile.params'." when: __sap_swpm_register_stat_sapinst_inifile.stat.exists +# Note: Attempting to fetch and store into sap_swpm_tmpdir_local.path results in a 'Permission denied' error. +# So we are using 'slurp'+'copy' for this purpose. - name: SAP SWPM Pre Install - Slurp the remote 'inifile.params' for copying to managed node ansible.builtin.slurp: src: "{{ sap_swpm_inifile_directory }}/inifile.params" @@ -43,26 +44,11 @@ delegate_to: localhost when: __sap_swpm_register_stat_sapinst_inifile.stat.exists -# Note: Attempting to fetch and store into sap_swpm_tmpdir_local.path results in a 'Permission denied' error. -#- name: SAP SWPM Pre Install - Download existing sapinst inifile to '{{ sap_swpm_local_inifile_directory }}' -# ansible.builtin.fetch: -# src: "{{ sap_swpm_inifile_directory }}/inifile.params" -# dest: "{{ sap_swpm_tmpdir_local.path }}/" -## dest: "{{ sap_swpm_local_inifile_directory }}/" -# flat: true -# become: true -# when: __sap_swpm_register_stat_sapinst_inifile.stat.exists - -#- name: SAP SWPM Pre Install - Copy sapinst inifile to '{{ sap_swpm_tmpdir_local.path }}' -# ansible.builtin.copy: -# src: "{{ sap_swpm_local_inifile_directory }}/inifile.params" -# dest: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" -# delegate_to: localhost -# when: __sap_swpm_register_stat_sapinst_inifile.stat.exists - +# We are creating the inifile dynamically in one of the two cases: +# 1 - The tag sap_swpm_generate_inifile is specified +# 2 - There is no file 'inifile.params' available in 'sap_swpm_inifile_directory' - name: SAP SWPM Pre Install - Create the SWPM inifile 'inifile.params' dynamically - when: - - not __sap_swpm_register_stat_sapinst_inifile.stat.exists + when: "'sap_swpm_generate_inifile' in ansible_run_tags or (not __sap_swpm_register_stat_sapinst_inifile.stat.exists)" block: # Generate inifile.params, step 1: Process SWPM Configfile template locally for creating inifile.params @@ -108,16 +94,16 @@ - name: SAP SWPM Pre Install - Detect Variables ansible.builtin.include_tasks: file: detect_variables_from_inifile.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile +# apply: +# tags: sap_swpm_generate_inifile +# tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Slurp the local 'inifile.params' for copying to managed node ansible.builtin.slurp: src: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" register: sap_swpm_slurped_local_inifile delegate_to: localhost - tags: sap_swpm_generate_inifile +# tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Copy 'inifile.params' to the managed node ansible.builtin.copy: @@ -126,9 +112,9 @@ owner: 'root' group: 'root' mode: '0640' - tags: sap_swpm_generate_inifile +# tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Display the path of the remote 'inifile.params' ansible.builtin.debug: msg: "The local inifile.params has been copied to: '{{ sap_swpm_tmpdir.path }}/inifile.params'" - tags: sap_swpm_generate_inifile +# tags: sap_swpm_generate_inifile diff --git a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml index a5d56915..e34fd502 100644 --- a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml +++ b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml @@ -11,24 +11,24 @@ - sap_swpm_generate_inifile - sap_swpm_sapinst_commandline -- name: SAP SWPM Pre Install - Make the temporary directory on control node world readable - ansible.builtin.file: - path: "{{ sap_swpm_tmpdir_local.path }}" - state: directory - mode: '0777' - delegate_to: localhost - tags: - - sap_swpm_generate_inifile - - sap_swpm_sapinst_commandline +#- name: SAP SWPM Pre Install - Make the temporary directory on control node world readable +# ansible.builtin.file: +# path: "{{ sap_swpm_tmpdir_local.path }}" +# state: directory +# mode: '0777' +# delegate_to: localhost +# tags: +# - sap_swpm_generate_inifile +# - sap_swpm_sapinst_commandline - name: SAP SWPM Pre Install - Create temporary directory on managed node ansible.builtin.tempfile: state: directory suffix: _swpm_config register: sap_swpm_tmpdir - tags: - - sap_swpm_generate_inifile - - sap_swpm_sapinst_commandline +# tags: +# - sap_swpm_generate_inifile +# - sap_swpm_sapinst_commandline # Copy password file to the same location as inifile.params - name: SAP SWPM Pre Install - Copy password file to the same location as inifile.params @@ -38,7 +38,7 @@ remote_src: yes mode: '0640' when: sap_swpm_use_password_file == "y" - tags: sap_swpm_generate_inifile +# tags: sap_swpm_generate_inifile # Determine Installation Type, e.g. System Copy, HA, Maintenance Planner, ... - name: SAP SWPM default mode - Determine Installation Type @@ -49,10 +49,8 @@ tags: sap_swpm_generate_inifile # Create the SWPM inifile -## Run SWPM inifile generation based on ansible role mode - name: SAP SWPM Pre Install - Generate the SWPM inifile - ansible.builtin.include_tasks: "generate_inifile_params.yml" -# ansible.builtin.include_tasks: "swpm_inifile_generate_{{ sap_swpm_ansible_role_mode }}.yml" + ansible.builtin.include_tasks: "generate_inifile.yml" tags: sap_swpm_generate_inifile # Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) From e6e8967e6df02cd8f60f82e237b6ea2f2bc32214 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Tue, 6 Aug 2024 15:52:20 +0200 Subject: [PATCH 20/51] sap_swpm: Integrate the inifile_reuse mode Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/pre_install.yml | 2 +- .../tasks/pre_install/generate_inifile.yml | 63 ++++++++++++------- .../tasks/pre_install/swpm_prepare.yml | 9 +-- .../swpm_inifile_generate_inifile_reuse.yml | 26 -------- 4 files changed, 42 insertions(+), 58 deletions(-) delete mode 100644 roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index cf5b9ccb..bb2b63f0 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -23,7 +23,7 @@ # Firewall -- name: SAP SWPM Pre Install - Firewall Setup +- name: SAP SWPM Pre Install - Setup Firewall ansible.builtin.include_tasks: file: pre_install/firewall.yml apply: diff --git a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml index a635aa23..2f026bbe 100644 --- a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml +++ b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml @@ -7,7 +7,7 @@ tags: sap_swpm_generate_inifile # The following task is used for checking if an inifile exists on the managed node -- name: SAP SWPM Pre Install - Ensure the sapinst inifile directory '{{ sap_swpm_inifile_directory }}' exists +- name: SAP SWPM Pre Install - Ensure the sapinst inifile directory '{{ sap_swpm_inifile_directory }}' exists on the managed node ansible.builtin.file: path: "{{ sap_swpm_inifile_directory }}" state: directory @@ -15,44 +15,60 @@ group: 'root' mode: '0755' -- name: SAP SWPM Pre Install - Check if file '{{ sap_swpm_inifile_directory }}/inifile.params' exists +- name: SAP SWPM Pre Install - Check if file '{{ sap_swpm_inifile_directory }}/inifile.params' exists on the managed node ansible.builtin.stat: path: "{{ sap_swpm_inifile_directory }}/inifile.params" check_mode: no register: __sap_swpm_register_stat_sapinst_inifile -- name: SAP SWPM Pre Install - Notify about existing sapinst inifile - ansible.builtin.debug: - msg: "INFO: Using existing sapinst inifile '{{ sap_swpm_inifile_directory }}/inifile.params'." +- name: SAP SWPM Pre Install - Try using existing SWPM inifile 'inifile.params' when: __sap_swpm_register_stat_sapinst_inifile.stat.exists + block: + + - name: SAP SWPM Pre Install, use existing inifile - Notify about existing sapinst inifile on the managed node + ansible.builtin.debug: + msg: "INFO: Using existing sapinst inifile '{{ sap_swpm_inifile_directory }}/inifile.params'." # Note: Attempting to fetch and store into sap_swpm_tmpdir_local.path results in a 'Permission denied' error. -# So we are using 'slurp'+'copy' for this purpose. -- name: SAP SWPM Pre Install - Slurp the remote 'inifile.params' for copying to managed node - ansible.builtin.slurp: - src: "{{ sap_swpm_inifile_directory }}/inifile.params" - register: sap_swpm_slurped_remote_inifile - when: __sap_swpm_register_stat_sapinst_inifile.stat.exists +# So we are using 'slurp' and 'copy' for this purpose. + - name: SAP SWPM Pre Install, use existing inifile - Slurp the remote 'inifile.params' for copying to control node + ansible.builtin.slurp: + src: "{{ sap_swpm_inifile_directory }}/inifile.params" + register: sap_swpm_slurped_remote_inifile -- name: SAP SWPM Pre Install - Copy 'inifile.params' to the control node - ansible.builtin.copy: - content: "{{ sap_swpm_slurped_remote_inifile['content'] | b64decode }}" - dest: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" - owner: 'root' - group: 'root' - mode: '0640' - delegate_to: localhost - when: __sap_swpm_register_stat_sapinst_inifile.stat.exists + - name: SAP SWPM Pre Install, existing inifile - Copy 'inifile.params' to the control node + ansible.builtin.copy: + content: "{{ sap_swpm_slurped_remote_inifile['content'] | b64decode }}" + dest: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" + owner: 'root' + group: 'root' + mode: '0640' + delegate_to: localhost + +# Now we need to confirm that des25 is not in the inifile + - name: SAP SWPM Pre Install, use existing inifile - Search inifile for for des25 + ansible.builtin.shell: | + set -o pipefail && awk 'BEGIN{a=0}!/^#/&&/des25\(/{a++}END{print a}' {{ sap_swpm_tmpdir_local.path }}/inifile.params + delegate_to: localhost + register: sap_swpm_inifile_count_des25 + changed_when: false + + - name: SAP SWPM Pre Install, use existing inifile - Ensure that des25 is not present in inifile + ansible.builtin.fail: + msg: + - "Inifile '{{ sap_swpm_inifile_directory }}/inifile.params' cannot be reused because it contains des25 encrypted data." + - "See also SAP notes 2609804." + when: sap_swpm_inifile_count_des25.stdout != '0' # We are creating the inifile dynamically in one of the two cases: # 1 - The tag sap_swpm_generate_inifile is specified # 2 - There is no file 'inifile.params' available in 'sap_swpm_inifile_directory' -- name: SAP SWPM Pre Install - Create the SWPM inifile 'inifile.params' dynamically +- name: SAP SWPM Pre Install, create inifile - Create the SWPM inifile 'inifile.params' dynamically when: "'sap_swpm_generate_inifile' in ansible_run_tags or (not __sap_swpm_register_stat_sapinst_inifile.stat.exists)" block: # Generate inifile.params, step 1: Process SWPM Configfile template locally for creating inifile.params - - name: SAP SWPM Pre Install - Process SWPM inifile template for for creating 'inifile.params' + - name: SAP SWPM Pre Install, create inifile - Process SWPM inifile template for for creating 'inifile.params' ansible.builtin.template: src: "{{ role_path }}/templates/inifile_params.j2" dest: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" @@ -66,7 +82,7 @@ tags: sap_swpm_generate_inifile # Generate inifile.params, step 2: Use any entries from sap_swpm_inifile_parameters_dict - - name: SAP SWPM Pre Install - Replace existing, or add missing, any inifile.params entries from sap_swpm_inifile_parameters_dict + - name: SAP SWPM Pre Install, create inifile - Use any 'inifile.params' entries from sap_swpm_inifile_parameters_dict ansible.builtin.lineinfile: path: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" create: true @@ -117,4 +133,3 @@ - name: SAP SWPM Pre Install - Display the path of the remote 'inifile.params' ansible.builtin.debug: msg: "The local inifile.params has been copied to: '{{ sap_swpm_tmpdir.path }}/inifile.params'" -# tags: sap_swpm_generate_inifile diff --git a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml index e34fd502..0dc5718f 100644 --- a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml +++ b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml @@ -17,18 +17,14 @@ # state: directory # mode: '0777' # delegate_to: localhost -# tags: -# - sap_swpm_generate_inifile -# - sap_swpm_sapinst_commandline - name: SAP SWPM Pre Install - Create temporary directory on managed node ansible.builtin.tempfile: state: directory suffix: _swpm_config register: sap_swpm_tmpdir -# tags: -# - sap_swpm_generate_inifile -# - sap_swpm_sapinst_commandline + tags: + - sap_swpm_sapinst_commandline # Copy password file to the same location as inifile.params - name: SAP SWPM Pre Install - Copy password file to the same location as inifile.params @@ -38,7 +34,6 @@ remote_src: yes mode: '0640' when: sap_swpm_use_password_file == "y" -# tags: sap_swpm_generate_inifile # Determine Installation Type, e.g. System Copy, HA, Maintenance Planner, ... - name: SAP SWPM default mode - Determine Installation Type diff --git a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml b/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml deleted file mode 100644 index f2257998..00000000 --- a/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml +++ /dev/null @@ -1,26 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# Copy reused inifile -- name: SAP SWPM inifile_reuse mode - Copy reused inifile - ansible.builtin.copy: - src: "{{ sap_swpm_inifile_reuse_source }}" - dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" - mode: '0640' - tags: sap_swpm_generate_inifile - -# Check inifile for the presence of a line containing "des25(" -- name: SAP SWPM inifile_reuse mode - Check inifile for des25 - ansible.builtin.shell: | - set -o pipefail && cat "{{ sap_swpm_tmpdir.path }}/inifile.params" | - awk 'BEGIN{a=0}!/^#/&&/des25\(/{a++}END{print a}' - register: sap_swpm_inifile_read_file - changed_when: false - tags: sap_swpm_generate_inifile - -# Check if inifile is reusable - function des25 must not be present in inifile -- name: SAP SWPM inifile_reuse mode - Check if inifile is reusable, meaning function des25 is not present - ansible.builtin.fail: - msg: "{{ sap_swpm_inifile_reuse_source }} is not reusable" - when: sap_swpm_inifile_read_file.stdout != '0' - tags: sap_swpm_generate_inifile From beb32c2aaf8be336285f7fdff7183295a89e8704 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Wed, 7 Aug 2024 23:06:46 +0200 Subject: [PATCH 21/51] sap_swpm: Reorganize yml files, part 2 Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/pre_install.yml | 4 +- .../tasks/pre_install/generate_inifile.yml | 37 ++++++++++++++----- .../tasks/pre_install/set_password_facts.yml | 24 ------------ .../tasks/pre_install/swpm_prepare.yml | 22 ++++------- 4 files changed, 37 insertions(+), 50 deletions(-) delete mode 100644 roles/sap_swpm/tasks/pre_install/set_password_facts.yml diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index bb2b63f0..d008bd96 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -3,8 +3,8 @@ - name: SAP SWPM Pre Install - Rename variables ansible.builtin.set_fact: - sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_list | d(sap_swpm_inifile_sections_list) }}" - sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_custom_values_dictionary | d(sap_swpm_inifile_parameters_dict) }}" + sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_list | d(sap_swpm_inifile_sections_list | d([]) ) }}" + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_custom_values_dictionary | d(sap_swpm_inifile_parameters_dict) | d({}) }}" tags: always ################ diff --git a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml index 2f026bbe..1061e691 100644 --- a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml +++ b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml @@ -1,11 +1,6 @@ # SPDX-License-Identifier: Apache-2.0 --- -# Password Facts -- name: SAP SWPM Pre Install - Set password facts - ansible.builtin.include_tasks: "set_password_facts.yml" - tags: sap_swpm_generate_inifile - # The following task is used for checking if an inifile exists on the managed node - name: SAP SWPM Pre Install - Ensure the sapinst inifile directory '{{ sap_swpm_inifile_directory }}' exists on the managed node ansible.builtin.file: @@ -63,10 +58,37 @@ # We are creating the inifile dynamically in one of the two cases: # 1 - The tag sap_swpm_generate_inifile is specified # 2 - There is no file 'inifile.params' available in 'sap_swpm_inifile_directory' +# Prerequisite: Role parameter 'sap_swpm_product_catalog_id' is defined - name: SAP SWPM Pre Install, create inifile - Create the SWPM inifile 'inifile.params' dynamically when: "'sap_swpm_generate_inifile' in ansible_run_tags or (not __sap_swpm_register_stat_sapinst_inifile.stat.exists)" block: + - name: SAP SWPM Pre Install - Ensure role parameter 'sap_swpm_product_catalog_id' is defined + ansible.builtin.fail: + msg: + - "Role parameter 'sap_swpm_product_catalog_id' is not defined, so certain inifile entries cannot be determined." + - "Remediation: Define the role parameter 'sap_swpm_product_catalog_id' in your playbook or inventory and re-run the playbook." + when: sap_swpm_product_catalog_id is not defined + +# 3 tasks for setting password Facts, required for the template: + - name: SAP SWPM Pre Install - Set password facts when ABAP + ansible.builtin.set_fact: + sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" + sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" + when: "'ABAP' in sap_swpm_product_catalog_id" + + - name: SAP SWPM Pre Install - Set password facts when Java + ansible.builtin.set_fact: + sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" + sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" + when: "'Java' in sap_swpm_product_catalog_id" + + - name: SAP SWPM Pre Install - Set other user passwords using master password + ansible.builtin.set_fact: + sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" + sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" + sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" + # Generate inifile.params, step 1: Process SWPM Configfile template locally for creating inifile.params - name: SAP SWPM Pre Install, create inifile - Process SWPM inifile template for for creating 'inifile.params' ansible.builtin.template: @@ -110,16 +132,12 @@ - name: SAP SWPM Pre Install - Detect Variables ansible.builtin.include_tasks: file: detect_variables_from_inifile.yml -# apply: -# tags: sap_swpm_generate_inifile -# tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Slurp the local 'inifile.params' for copying to managed node ansible.builtin.slurp: src: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" register: sap_swpm_slurped_local_inifile delegate_to: localhost -# tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Copy 'inifile.params' to the managed node ansible.builtin.copy: @@ -128,7 +146,6 @@ owner: 'root' group: 'root' mode: '0640' -# tags: sap_swpm_generate_inifile - name: SAP SWPM Pre Install - Display the path of the remote 'inifile.params' ansible.builtin.debug: diff --git a/roles/sap_swpm/tasks/pre_install/set_password_facts.yml b/roles/sap_swpm/tasks/pre_install/set_password_facts.yml deleted file mode 100644 index 96010efb..00000000 --- a/roles/sap_swpm/tasks/pre_install/set_password_facts.yml +++ /dev/null @@ -1,24 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# Password Facts -- name: SAP SWPM Pre Install - Set password facts when ABAP - ansible.builtin.set_fact: - sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" - sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" - when: "'ABAP' in sap_swpm_product_catalog_id" - tags: sap_swpm_generate_inifile - -- name: SAP SWPM Pre Install - Set password facts when Java - ansible.builtin.set_fact: - sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" - sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" - when: "'Java' in sap_swpm_product_catalog_id" - tags: sap_swpm_generate_inifile - -- name: SAP SWPM Pre Install - Set other user passwords using master password - ansible.builtin.set_fact: - sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" - sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" - sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" - tags: sap_swpm_generate_inifile diff --git a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml index 0dc5718f..aef72126 100644 --- a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml +++ b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml @@ -35,31 +35,25 @@ mode: '0640' when: sap_swpm_use_password_file == "y" -# Determine Installation Type, e.g. System Copy, HA, Maintenance Planner, ... -- name: SAP SWPM default mode - Determine Installation Type - ansible.builtin.include_tasks: - file: install_type.yml - apply: - tags: sap_swpm_generate_inifile - tags: sap_swpm_generate_inifile - # Create the SWPM inifile - name: SAP SWPM Pre Install - Generate the SWPM inifile ansible.builtin.include_tasks: "generate_inifile.yml" tags: sap_swpm_generate_inifile +# Determine Installation Type, e.g. System Copy, HA, Maintenance Planner, ... +- name: SAP SWPM default mode - Determine Installation Type + ansible.builtin.include_tasks: + file: install_type.yml +# apply: +# tags: sap_swpm_generate_inifile +# tags: sap_swpm_generate_inifile + # Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) # Prepare Software - name: SAP SWPM Pre Install - Prepare Software ansible.builtin.include_tasks: prepare_software.yml when: sap_swpm_run_sapinst -#- name: SAP SWPM Pre Install - Display the location of file 'inifile.params' -# ansible.builtin.debug: -# msg: "/tmp/inifile.params" -# msg: "{{ sap_swpm_tmpdir.path }}/inifile.params" -# tags: sap_swpm_generate_inifile - # Set fact for SWPM path - name: SAP SWPM Pre Install - Set fact for SWPM path when extract directory defined ansible.builtin.set_fact: From 5d80ae771970334425b76b5da1770a3d1b3166e5 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 9 Aug 2024 11:58:42 +0200 Subject: [PATCH 22/51] sap_swpm: Improve variable detection Signed-off-by: Bernd Finger --- roles/sap_swpm/defaults/main.yml | 4 +- .../detect_variables_from_inifile.yml | 64 +++-------- .../tasks/pre_install/generate_inifile.yml | 105 ++++++++++++------ .../tasks/pre_install/swpm_prepare.yml | 7 -- 4 files changed, 91 insertions(+), 89 deletions(-) diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index c3e72a88..172166c1 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -156,7 +156,7 @@ sap_swpm_software_extract_directory: # e.g. /software/sap_swpm_extracted sap_swpm_software_use_media: 'false' # Main path that this role will look for .SAR files -sap_swpm_software_path: /software/sapfiles +#sap_swpm_software_path: /software/sapfiles ## This directory path should include these files: ## - igs*sar ## - igshelper*sar @@ -166,7 +166,7 @@ sap_swpm_software_path: /software/sapfiles ## - SAPHOSTAGENT*SAR # Directory in which a sapinst inifile which is to be used by the role can be stored: -sap_swpm_inifile_directory: "{{ sap_swpm_software_path }}/inifiles" +sap_swpm_inifile_directory: '/software/sap_swpm/inifiles' #sap_swpm_local_inifile_directory: '/tmp/inifiles' # SWPM1 - paths that this role will look for CD Media software diff --git a/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml b/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml index ce9dc479..7d362714 100644 --- a/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml +++ b/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml @@ -2,7 +2,7 @@ --- # Detect Product ID -- name: SAP SWPM - Detect Product ID +- name: SAP SWPM Pre Install - Detect Product ID from inifile ansible.builtin.command: | awk 'BEGIN{IGNORECASE=1;a=0} /Product ID/&&a==0{a=1; gsub ("#", ""); gsub ("\047", ""); product_id=$NF} @@ -10,75 +10,43 @@ delegate_to: localhost register: sap_swpm_inifile_product_id_detect changed_when: false - when: not sap_swpm_product_catalog_id is defined -# Set fact for product id -- name: SAP SWPM - Set SAP product ID +- name: SAP SWPM Pre Install - Set SAP product ID ansible.builtin.set_fact: sap_swpm_product_catalog_id: "{{ sap_swpm_inifile_product_id_detect.stdout }}" - when: not sap_swpm_product_catalog_id is defined -- name: SAP SWPM - Display SAP product ID - ansible.builtin.debug: - msg: - - "Product ID is {{ sap_swpm_product_catalog_id }}" - -# Detect Software Path -- name: SAP SWPM - Detect Software Path +# Detect and set Software Path +- name: SAP SWPM Pre Install - Detect Software Path from inifile ansible.builtin.command: | awk '!/^#/&&/archives.downloadBasket/{print $3}' {{ sap_swpm_tmpdir_local.path }}/inifile.params delegate_to: localhost - register: sap_swpm_inifile_software_path + register: sap_swpm_inifile_software_path_detect changed_when: false - when: not sap_swpm_software_path is defined -# Set fact for software path -- name: SAP SWPM - Set Software Path +- name: SAP SWPM Pre Install - Set Software Path ansible.builtin.set_fact: - sap_swpm_software_path: "{{ sap_swpm_inifile_software_path.stdout }}" - when: not sap_swpm_software_path is defined - -- name: SAP SWPM - Display Software Path - ansible.builtin.debug: - msg: - - "Software path is {{ sap_swpm_software_path }}" + sap_swpm_software_path: "{{ sap_swpm_inifile_software_path_detect.stdout }}" -# Detect SID -- name: SAP SWPM - Detect SID +# Detect and set SID +- name: SAP SWPM Pre Install - Detect SID from inifile ansible.builtin.command: | awk '!/^#/&&/NW_GetSidNoProfiles.sid/{print $3}' {{ sap_swpm_tmpdir_local.path }}/inifile.params delegate_to: localhost - register: sap_swpm_inifile_sid + register: sap_swpm_inifile_sid_detect changed_when: false - when: not sap_swpm_sid is defined -# Set fact for SID -- name: SAP SWPM - Set SID +- name: SAP SWPM Pre Install - Set SID from inifile ansible.builtin.set_fact: - sap_swpm_sid: "{{ sap_swpm_inifile_sid.stdout }}" - when: not sap_swpm_sid is defined - -- name: SAP SWPM - Display SAP SID - ansible.builtin.debug: - msg: - - "SAP SID {{ sap_swpm_sid }}" + sap_swpm_sid: "{{ sap_swpm_inifile_sid_detect.stdout }}" # Detect FQDN -- name: SAP SWPM - Detect FQDN +- name: SAP SWPM Pre Install - Detect FQDN from inifile ansible.builtin.command: | awk '!/^#/&&/NW_getFQDN.FQDN/{print $3}' {{ sap_swpm_tmpdir_local.path }}/inifile.params delegate_to: localhost - register: sap_swpm_inifile_fqdn + register: sap_swpm_inifile_fqdn_detect changed_when: false - when: not sap_swpm_fqdn is defined -# Set fact for FQDN -- name: SAP SWPM - Set FQDN +- name: SAP SWPM Pre Install - Set FQDN ansible.builtin.set_fact: - sap_swpm_fqdn: "{{ sap_swpm_inifile_fqdn.stdout }}" - when: not sap_swpm_fqdn is defined - -- name: SAP SWPM - Display FQDN - ansible.builtin.debug: - msg: - - "SAP fqdn {{ sap_swpm_fqdn }}" + sap_swpm_fqdn: "{{ sap_swpm_inifile_fqdn_detect.stdout }}" diff --git a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml index 1061e691..c8cdf1dd 100644 --- a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml +++ b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml @@ -20,13 +20,13 @@ when: __sap_swpm_register_stat_sapinst_inifile.stat.exists block: - - name: SAP SWPM Pre Install, use existing inifile - Notify about existing sapinst inifile on the managed node + - name: SAP SWPM Pre Install, existing inifile - Notify about existing sapinst inifile on the managed node ansible.builtin.debug: msg: "INFO: Using existing sapinst inifile '{{ sap_swpm_inifile_directory }}/inifile.params'." # Note: Attempting to fetch and store into sap_swpm_tmpdir_local.path results in a 'Permission denied' error. # So we are using 'slurp' and 'copy' for this purpose. - - name: SAP SWPM Pre Install, use existing inifile - Slurp the remote 'inifile.params' for copying to control node + - name: SAP SWPM Pre Install, existing inifile - Slurp the remote 'inifile.params' for copying to control node ansible.builtin.slurp: src: "{{ sap_swpm_inifile_directory }}/inifile.params" register: sap_swpm_slurped_remote_inifile @@ -41,36 +41,66 @@ delegate_to: localhost # Now we need to confirm that des25 is not in the inifile - - name: SAP SWPM Pre Install, use existing inifile - Search inifile for for des25 + - name: SAP SWPM Pre Install, existing inifile - Search inifile for for des25 ansible.builtin.shell: | set -o pipefail && awk 'BEGIN{a=0}!/^#/&&/des25\(/{a++}END{print a}' {{ sap_swpm_tmpdir_local.path }}/inifile.params delegate_to: localhost register: sap_swpm_inifile_count_des25 changed_when: false - - name: SAP SWPM Pre Install, use existing inifile - Ensure that des25 is not present in inifile + - name: SAP SWPM Pre Install, existing inifile - Ensure that des25 is not present in inifile ansible.builtin.fail: msg: - "Inifile '{{ sap_swpm_inifile_directory }}/inifile.params' cannot be reused because it contains des25 encrypted data." - "See also SAP notes 2609804." when: sap_swpm_inifile_count_des25.stdout != '0' + - name: SAP SWPM Pre Install - Detect Variables + ansible.builtin.import_tasks: + file: detect_variables_from_inifile.yml + +# At this point, the following variables need to be set: +# sap_swpm_product_catalog_id, sap_swpm_software_path, sap_swpm_sid, sap_swpm_fqdn +- name: SAP SWPM Pre Install - Assert that certain variables are set + ansible.builtin.assert: + that: "{{ __sap_swpm_vars_line_item }} is defined and {{ __sap_swpm_vars_line_item }}" + fail_msg: "FAIL: '{{ __sap_swpm_vars_line_item }}' is either undefined or empty!" + success_msg: "PASS: '{{ __sap_swpm_vars_line_item }}' is set.<" + loop: + - sap_swpm_product_catalog_id + - sap_swpm_software_path + - sap_swpm_sid + - sap_swpm_fqdn + loop_control: + loop_var: __sap_swpm_vars_line_item + label: __sap_swpm_vars_line_item + tags: sap_swpm_generate_inifile + +- name: SAP SWPM Pre Install - Display these variables + ansible.builtin.debug: + msg: + - "sap_swpm_product_catalog_id: >{{ sap_swpm_product_catalog_id }}<" + - "sap_swpm_software_path: >{{ sap_swpm_software_path }}<" + - "sap_swpm_sid: >{{ sap_swpm_sid }}<" + - "sap_swpm_fqdn: >{{ sap_swpm_fqdn }}<" + # We are creating the inifile dynamically in one of the two cases: # 1 - The tag sap_swpm_generate_inifile is specified # 2 - There is no file 'inifile.params' available in 'sap_swpm_inifile_directory' # Prerequisite: Role parameter 'sap_swpm_product_catalog_id' is defined - name: SAP SWPM Pre Install, create inifile - Create the SWPM inifile 'inifile.params' dynamically when: "'sap_swpm_generate_inifile' in ansible_run_tags or (not __sap_swpm_register_stat_sapinst_inifile.stat.exists)" + tags: sap_swpm_generate_inifile block: - - name: SAP SWPM Pre Install - Ensure role parameter 'sap_swpm_product_catalog_id' is defined - ansible.builtin.fail: - msg: - - "Role parameter 'sap_swpm_product_catalog_id' is not defined, so certain inifile entries cannot be determined." - - "Remediation: Define the role parameter 'sap_swpm_product_catalog_id' in your playbook or inventory and re-run the playbook." - when: sap_swpm_product_catalog_id is not defined +# - name: SAP SWPM Pre Install - Ensure role parameter 'sap_swpm_product_catalog_id' is defined +# ansible.builtin.fail: +# msg: +# - "Role parameter 'sap_swpm_product_catalog_id' is empty or not defined, so certain inifile entries cannot be determined." +# - "Remediation: Define the role parameter 'sap_swpm_product_catalog_id' in your playbook or inventory and re-run the playbook." +# when: sap_swpm_product_catalog_id is not defined or not sap_swpm_product_catalog_id -# 3 tasks for setting password Facts, required for the template: +# 3 tasks for setting password Facts, required by the template: - name: SAP SWPM Pre Install - Set password facts when ABAP ansible.builtin.set_fact: sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" @@ -101,38 +131,49 @@ when: - sap_swpm_inifile_sections_list is defined - sap_swpm_inifile_sections_list | length > 0 - tags: sap_swpm_generate_inifile # Generate inifile.params, step 2: Use any entries from sap_swpm_inifile_parameters_dict - - name: SAP SWPM Pre Install, create inifile - Use any 'inifile.params' entries from sap_swpm_inifile_parameters_dict - ansible.builtin.lineinfile: - path: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" - create: true - state: present - line: "{{ sap_swpm_line_item.key }} = {{ sap_swpm_line_item.value }}" - regexp: "^{{ sap_swpm_line_item.key }}[\\s]*=[\\s]*.*" - owner: 'root' - group: 'root' - mode: '0640' - loop: "{{ sap_swpm_inifile_parameters_dict | dict2items }}" - loop_control: - loop_var: sap_swpm_line_item - register: replace_result - delegate_to: localhost + - name: SAP SWPM Pre Install, create inifile - Use any 'inifile.params' entries from 'sap_swpm_inifile_parameters_dict' when: - sap_swpm_inifile_parameters_dict is defined - sap_swpm_inifile_parameters_dict | length > 0 - tags: sap_swpm_generate_inifile + block: + + - name: SAP SWPM Pre Install, create inifile - Configure entries in 'inifile.params' from 'sap_swpm_inifile_parameters_dict' + ansible.builtin.lineinfile: + path: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" + create: true + state: present + line: "{{ sap_swpm_line_item.key }} = {{ sap_swpm_line_item.value }}" + regexp: "^{{ sap_swpm_line_item.key }}[\\s]*=[\\s]*.*" + owner: 'root' + group: 'root' + mode: '0640' + loop: "{{ sap_swpm_inifile_parameters_dict | dict2items }}" + loop_control: + loop_var: sap_swpm_line_item + register: replace_result + delegate_to: localhost + + - name: SAP SWPM Pre Install, create inifile - Detect variables again if 'sap_swpm_inifile_parameters_dict' had been used + ansible.builtin.import_tasks: + file: detect_variables_from_inifile.yml + delegate_to: localhost + + - name: SAP SWPM Pre Install, create inifile - Display these variables again if 'sap_swpm_inifile_parameters_dict' had been used + ansible.builtin.debug: + msg: + - "sap_swpm_product_catalog_id: >{{ sap_swpm_product_catalog_id }}<" + - "sap_swpm_software_path: >{{ sap_swpm_software_path }}<" + - "sap_swpm_sid: >{{ sap_swpm_sid }}<" + - "sap_swpm_fqdn: >{{ sap_swpm_fqdn }}<" + delegate_to: localhost - name: SAP SWPM Pre Install - Display the path of the local 'inifile.params' ansible.builtin.debug: msg: "The local inifile.params is: '{{ sap_swpm_tmpdir_local.path }}/inifile.params'" tags: sap_swpm_generate_inifile -- name: SAP SWPM Pre Install - Detect Variables - ansible.builtin.include_tasks: - file: detect_variables_from_inifile.yml - - name: SAP SWPM Pre Install - Slurp the local 'inifile.params' for copying to managed node ansible.builtin.slurp: src: "{{ sap_swpm_tmpdir_local.path }}/inifile.params" diff --git a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml index aef72126..bbb21945 100644 --- a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml +++ b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml @@ -11,13 +11,6 @@ - sap_swpm_generate_inifile - sap_swpm_sapinst_commandline -#- name: SAP SWPM Pre Install - Make the temporary directory on control node world readable -# ansible.builtin.file: -# path: "{{ sap_swpm_tmpdir_local.path }}" -# state: directory -# mode: '0777' -# delegate_to: localhost - - name: SAP SWPM Pre Install - Create temporary directory on managed node ansible.builtin.tempfile: state: directory From ecf23d99e6c346ea0942bea4f05fe3041bdd7d19 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 12 Aug 2024 11:46:36 +0200 Subject: [PATCH 23/51] sap_swpm: Fix typo in README.md Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index f9e03a94..ae850ff2 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -182,7 +182,7 @@ sap_swpm_inifile_parameters_dict: It is also possible to use method 1 for creating the inifile and then replace or set additional variables using method 2: Just define both of the related parameters, `sap_swpm_inifile_sections_list` and `sap_swpm_inifile_parameters_dict`. -- The file inifile.params is then transferred to a temporary directory on the control node, to be used by the sapinst process. +- The file inifile.params is then transferred to a temporary directory on the managed node, to be used by the sapinst process. ### SAP SWPM From 2d78dacdaa639c0e70a08f4c5da369a80cde11c1 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 15 Aug 2024 16:13:01 +0200 Subject: [PATCH 24/51] sap_swpm: Add certain parameter consistency checks Signed-off-by: Bernd Finger --- .../detect_variables_from_inifile.yml | 34 +++++++++++++++++-- .../tasks/pre_install/generate_inifile.yml | 2 +- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml b/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml index 7d362714..54137896 100644 --- a/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml +++ b/roles/sap_swpm/tasks/pre_install/detect_variables_from_inifile.yml @@ -1,7 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 --- -# Detect Product ID +# Detect and set Product ID - name: SAP SWPM Pre Install - Detect Product ID from inifile ansible.builtin.command: | awk 'BEGIN{IGNORECASE=1;a=0} @@ -11,6 +11,13 @@ register: sap_swpm_inifile_product_id_detect changed_when: false +- name: SAP SWPM Pre Install - Report if 'sap_swpm_product_catalog_id' has been defined differently + ansible.builtin.debug: + msg: "NOTE: The Product ID in '{{ sap_swpm_tmpdir_local.path }}/inifile.params' is different from the role parameter 'sap_swpm_inifile_product_id_detect'." + when: + - sap_swpm_product_catalog_id + - sap_swpm_inifile_product_id_detect.stdout != sap_swpm_product_catalog_id + - name: SAP SWPM Pre Install - Set SAP product ID ansible.builtin.set_fact: sap_swpm_product_catalog_id: "{{ sap_swpm_inifile_product_id_detect.stdout }}" @@ -23,6 +30,13 @@ register: sap_swpm_inifile_software_path_detect changed_when: false +- name: SAP SWPM Pre Install - Report if 'sap_swpm_software_path' has been defined differently + ansible.builtin.debug: + msg: "NOTE: The Software Path in '{{ sap_swpm_tmpdir_local.path }}/inifile.params' is different from the role parameter 'sap_swpm_software_path'." + when: + - sap_swpm_software_path + - sap_swpm_inifile_software_path_detect.stdout != sap_swpm_software_path + - name: SAP SWPM Pre Install - Set Software Path ansible.builtin.set_fact: sap_swpm_software_path: "{{ sap_swpm_inifile_software_path_detect.stdout }}" @@ -35,11 +49,18 @@ register: sap_swpm_inifile_sid_detect changed_when: false -- name: SAP SWPM Pre Install - Set SID from inifile +- name: SAP SWPM Pre Install - Report if 'sap_swpm_sid' has been defined differently + ansible.builtin.debug: + msg: "NOTE: The SID in '{{ sap_swpm_tmpdir_local.path }}/inifile.params' is different from the role parameter 'sap_swpm_sid'." + when: + - sap_swpm_sid + - sap_swpm_inifile_sid_detect.stdout != sap_swpm_sid + +- name: SAP SWPM Pre Install - Set SID ansible.builtin.set_fact: sap_swpm_sid: "{{ sap_swpm_inifile_sid_detect.stdout }}" -# Detect FQDN +# Detect and set FQDN - name: SAP SWPM Pre Install - Detect FQDN from inifile ansible.builtin.command: | awk '!/^#/&&/NW_getFQDN.FQDN/{print $3}' {{ sap_swpm_tmpdir_local.path }}/inifile.params @@ -47,6 +68,13 @@ register: sap_swpm_inifile_fqdn_detect changed_when: false +- name: SAP SWPM Pre Install - Report if 'sap_swpm_fqdn' has been defined differently + ansible.builtin.debug: + msg: "NOTE: The FQDN in '{{ sap_swpm_tmpdir_local.path }}/inifile.params' is different from the role parameter 'sap_swpm_fqdn'." + when: + - sap_swpm_fqdn + - sap_swpm_inifile_sid_detect.stdout != sap_swpm_fqdn + - name: SAP SWPM Pre Install - Set FQDN ansible.builtin.set_fact: sap_swpm_fqdn: "{{ sap_swpm_inifile_fqdn_detect.stdout }}" diff --git a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml index c8cdf1dd..53f4809f 100644 --- a/roles/sap_swpm/tasks/pre_install/generate_inifile.yml +++ b/roles/sap_swpm/tasks/pre_install/generate_inifile.yml @@ -65,7 +65,7 @@ ansible.builtin.assert: that: "{{ __sap_swpm_vars_line_item }} is defined and {{ __sap_swpm_vars_line_item }}" fail_msg: "FAIL: '{{ __sap_swpm_vars_line_item }}' is either undefined or empty!" - success_msg: "PASS: '{{ __sap_swpm_vars_line_item }}' is set.<" + success_msg: "PASS: '{{ __sap_swpm_vars_line_item }}' is set." loop: - sap_swpm_product_catalog_id - sap_swpm_software_path From e217e7ba8ac432e7df6aeac7ecd6ce3fe089db12 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 22 Aug 2024 14:05:30 +0200 Subject: [PATCH 25/51] sap_swpm: Adapt README.md Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 69 ++++++++-------------------------------- 1 file changed, 14 insertions(+), 55 deletions(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index ae850ff2..410e4f4b 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -63,59 +63,17 @@ This role has been tested and working for the following SAP products ### Input Parameters The inputs are critical for running this role - - Determines the installation type - - Incomplete parameters will result to failure - - Wrong parameters will result to failure + - Incomplete parameters will result in failure + - Wrong parameters will result in failure Create an input file which contains all relevant installation information. Sample input files are stored in the [inputs](/playbooks/vars) folder of this Ansible collection. Use the samples as guide for your desired installation ### Default Parameters -### Default Parameters - Please check the default parameters file for more information on other parameters that can be used as an input: - [**sap_swpm** default parameters](defaults/main.yml) -Sample Playbooks and sample parameters are shown in the Ansible Collection `/playbooks` directory. - -The Ansible Collection `/playbooks` directory includes sample playbooks for using the `sap_swpm` Ansible Role in the following 'modes': -- Default -- Default Templates -- Advanced -- Advanced Templates -- Inifile Reuse - -The Ansible Collection `/playbooks/vars` directory includes sample variable files for: -- `sap_swpm` 'Default mode' to generate inifile.params of... - - SAP BW/4HANA OneHost - - SAP S/4HANA Distributed - ASCS, DBCI, ERS, PAS - - SAP S/4HANA OneHost - - SAP S/4HANA System Copy OneHost - - SAP Solution Manager (ABAP) - - SAP Solution Manager (JAVA) - - SAP Web Dispatcher - - SAP System Rename -- `sap_swpm` 'Default Templates mode' to generate inifile.params of... - - SAP S/4HANA OneHost - - SAP S/4HANA System Copy OneHost - - SAP System Rename -- `sap_swpm` 'Advanced mode' to generate inifile.params of... - - SAP S/4HANA OneHost -- `sap_swpm` 'Advanced Templates mode' to generate inifile.params of... - - SAP BW/4HANA OneHost - - SAP S/4HANA Distributed - ASCS, DBCI, ERS, PAS - - SAP S/4HANA OneHost - - SAP S/4HANA System Copy OneHost - - SAP Solution Manager (ABAP) - - SAP Solution Manager (JAVA) - - SAP Web Dispatcher - - SAP System Rename -- `sap_swpm` 'Inifile Reuse mode' inifile.params file for... - - SAP S/4HANA OneHost - -NOTE: these are only sample files, they are meant to be edited by the user before execution and do not cover all scenarios possible (the Ansible Role can execute ant SAP SWPM installation) - ## Execution Sample Ansible Playbook Execution @@ -133,7 +91,7 @@ Sample Ansible Playbook Execution - hosts: all become: true roles: - - { role: sap_swpm } + - sap_swpm ``` ## Execution Flow @@ -153,22 +111,22 @@ Sample Ansible Playbook Execution - Get all .SAR filenames from `sap_swpm_software_path` -- Update `/etc/hosts` (optional - yes by default) +- Update `/etc/hosts` (optional - `false` by default) -- Apply firewall rules for SAP HANA (optional - no by default) +- Apply firewall rules for SAP HANA (optional - `false` by default) -- At this stage, a sapinst inifile is created by the role on the control node if not already present. +- At this stage, the role is searching for a sapinst inifile on the managed node, or it will create one: - If a file `inifile.params` is located on the managed node in the directory specified in `sap_swpm_inifile_directory`, the role will not create a new one but rather download this file to the control node. - - If such a file does not exist, the role will create an SAP SWPM `inifile.params` file by one of the following methods: + - If such a file does *not* exist, the role will create an SAP SWPM `inifile.params` file by one of the following methods: Method 1: Predefined sections of the file inifile_params.j2 will be used to create the file `inifile.params`. - The variable `sap_swpm_inifile_sections_list` determines which sections will be used. All other sections will be ignored. - The inifile parameters themselves will be set according to other role parameters. + The variable `sap_swpm_inifile_sections_list` contains a list of sections which will part of the file `inifile.params`. + All other sections will be ignored. The inifile parameters themselves will be set according to other role parameters. Example: The inifile parameter `archives.downloadBasket` will be set to the content of the role parameter - `sap_swpm_software_path` + `sap_swpm_software_path`. Method 2: The file `inifile.params` will be configured from the content of the dictionary `sap_swpm_inifile_parameters_dict`. This dictionary is defined like in the following example: @@ -182,7 +140,7 @@ sap_swpm_inifile_parameters_dict: It is also possible to use method 1 for creating the inifile and then replace or set additional variables using method 2: Just define both of the related parameters, `sap_swpm_inifile_sections_list` and `sap_swpm_inifile_parameters_dict`. -- The file inifile.params is then transferred to a temporary directory on the managed node, to be used by the sapinst process. +- The file `inifile.params` is then transferred to a temporary directory on the managed node, to be used by the sapinst process. ### SAP SWPM @@ -192,12 +150,13 @@ sap_swpm_inifile_parameters_dict: - Set expiry of Unix created users to 'never' -- Apply firewall rules for SAP NW (optional - no by default) +- Apply firewall rules for SAP NW (optional - false by default) ## Tags With the following tags, the role can be called to perform certain activities only: -- tag `sap_swpm_generate_inifile`: Only create the sapinst inifile. This can be useful for checking if the inifile is created as desired. +- tag `sap_swpm_generate_inifile`: Only create the sapinst inifile, without running most of the preinstall steps. + This can be useful for checking if the inifile is created as desired. - tag `sap_swpm_sapinst_commandline`: Only show the sapinst command line. - tag `sap_swpm_pre_install`: Perform all preinstallation steps, then exit. - tag `sap_swpm_setup_firewall`: Only perform the firewall preinstallation settings (but only if variable `sap_swpm_setup_firewall` is set to `true`). From ab215633b0f0f6f3c0142d1d55619f96b4b02acf Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 22 Aug 2024 15:51:19 +0200 Subject: [PATCH 26/51] sap_swpm: Explain how to migrate playbooks Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 52 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index 410e4f4b..bd5b0d25 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -67,13 +67,63 @@ The inputs are critical for running this role - Wrong parameters will result in failure Create an input file which contains all relevant installation information. -Sample input files are stored in the [inputs](/playbooks/vars) folder of this Ansible collection. Use the samples as guide for your desired installation +Sample input files are stored in the [inputs](/playbooks/vars) folder of this Ansible collection. Use the samples as guide for your desired installation. ### Default Parameters Please check the default parameters file for more information on other parameters that can be used as an input: - [**sap_swpm** default parameters](defaults/main.yml) +### Migrating playbooks from previous versions of sap_swpm +The following role parameter is no longer used because there are no role `modes` any more: +#### sap_swpm_ansible_role_mode + +The following two role parameters have been renamed, without automatic conversion between old and new name: + +#### sap_swpm_inifile_list -> sap_swpm_inifile_sections_list +Previous name: sap_swpm_inifile_list +New name: sap_swpm_inifile_sections_list +Reason: This variable contains sections of the sapinst input file, `inifile.params`. +The new variable name is reflecting this purpose. + +#### sap_swpm_inifile_custom_values_dictionary -> sap_swpm_inifile_parameters_dict +Previous name: sap_swpm_inifile_custom_values_dictionary +New name: sap_swpm_inifile_parameters_dict +Reason: This variable contains parameter names and values of the sapinst input file, `inifile.params`. +The new variable name is reflecting this purpose. + +#### Migration from the `*_templates` modes of the previous version of sap_swpm +The role `sap_swpm` does no longer use the dictionary `sap_swpm_templates_install_dictionary`. +This dictionary was used in the previous role modes `default_templates` and `advanced_templates. + +Because of this, required low level members of `sap_swpm_templates_install_dictionary` have to be redefined to top level variables. +Creating top level variables from low level members of a dict can be done: + +- in a separate task using ansible.builtin.set_fact before calling sap_swpm, or + +- in the task calling sap_swpm with a vars: section of the task calling sap_swpm. + +Be aware of the following limitation: You cannot define a variable in the same task in which you use this variable to access a member +of another variable. Any variable which is used to access low level dict members has to be defined before, in a separate task. + +Example: +For defining `sap_swpm_product_catalog_id` from a low level member of `sap_swpm_templates_install_dictionary`, use the following code: + +``` +# Step 1: Define level 2 dict member for accessing level 3 dict member in the following task +- name: Define variable sap_swpm_templates_product_input + ansible.builtin.set_fact: + sap_swpm_templates_product_input: "{{ sap_swpm_templates_product_input_prefix }}_nwas_ascs_ha" + +# Step 2: Define top level variable from level 3 dict member +- name: Define variables sap_swpm_product_catalog_id and sap_swpm_inifile_sections_list + ansible.builtin.set_fact: + sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" + sap_swpm_inifile_sections_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input][sap_swpm_inifile_sections_list] }}" + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict'] }}" + +``` + ## Execution Sample Ansible Playbook Execution From 56bce5e1eb3382d8fc9916b74bc08468fb459dee Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 5 Sep 2024 10:07:33 +0200 Subject: [PATCH 27/51] sap_swpm: Add missing single reverse quote Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index bd5b0d25..6fec3a0c 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -94,7 +94,7 @@ The new variable name is reflecting this purpose. #### Migration from the `*_templates` modes of the previous version of sap_swpm The role `sap_swpm` does no longer use the dictionary `sap_swpm_templates_install_dictionary`. -This dictionary was used in the previous role modes `default_templates` and `advanced_templates. +This dictionary was used in the previous role modes `default_templates` and `advanced_templates`. Because of this, required low level members of `sap_swpm_templates_install_dictionary` have to be redefined to top level variables. Creating top level variables from low level members of a dict can be done: From 00f9068cf5cf62ba2ae2894bdb82e3f9258c9354 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 5 Sep 2024 10:21:56 +0200 Subject: [PATCH 28/51] sap_swpm: Repeat PR #850 and solve ansible-lint error Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/pre_install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index d008bd96..89195d1c 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -3,7 +3,7 @@ - name: SAP SWPM Pre Install - Rename variables ansible.builtin.set_fact: - sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_list | d(sap_swpm_inifile_sections_list | d([]) ) }}" + sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_list | d(sap_swpm_inifile_sections_list | d([])) }}" sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_custom_values_dictionary | d(sap_swpm_inifile_parameters_dict) | d({}) }}" tags: always @@ -82,7 +82,7 @@ - name: SAP SWPM Pre Install - Set the sapinst command parameters vars: sap_swpm_swpm_command_guiserver: "{{ 'SAPINST_START_GUISERVER=false' if not sap_swpm_swpm_observer_mode else '' }}" - sap_swpm_swpm_command_observer: "{{ 'SAPINST_REMOTE_ACCESS_USER=' + sap_swpm_swpm_remote_access_user + ' SAPINST_REMOTE_ACCESS_USER_IS_TRUSTED=true' if sap_swpm_swpm_observer_mode and sap_swpm_swpm_remote_access_user is defined and sap_swpm_swpm_remote_access_user | length > 0 else '' }}" + sap_swpm_swpm_command_observer: "{{ 'SAPINST_REMOTE_ACCESS_USER=' + sap_swpm_swpm_remote_access_user + ' SAPINST_REMOTE_ACCESS_USER_IS_TRUSTED=true' if sap_swpm_swpm_observer_mode and sap_swpm_swpm_remote_access_user | d('', true) | length > 0 else '' }}" ansible.builtin.set_fact: sap_swpm_swpm_command_inifile: "SAPINST_INPUT_PARAMETERS_URL={{ sap_swpm_tmpdir.path }}/inifile.params" sap_swpm_swpm_command_product_id: "SAPINST_EXECUTE_PRODUCT_ID={{ sap_swpm_product_catalog_id }}" From 109e728f34b0b710c21bb796e8d83fe45c10a231 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 5 Sep 2024 10:40:16 +0200 Subject: [PATCH 29/51] sap_swpm: Further changes to README.md ... for better readability Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 41 +++++++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 17 deletions(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index 6fec3a0c..3cdd25d9 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -75,36 +75,43 @@ Please check the default parameters file for more information on other parameter - [**sap_swpm** default parameters](defaults/main.yml) ### Migrating playbooks from previous versions of sap_swpm + The following role parameter is no longer used because there are no role `modes` any more: + #### sap_swpm_ansible_role_mode -The following two role parameters have been renamed, without automatic conversion between old and new name: +The following two role parameters have been renamed. If the new variables are not defined, the old ones are converted to the new ones. #### sap_swpm_inifile_list -> sap_swpm_inifile_sections_list -Previous name: sap_swpm_inifile_list -New name: sap_swpm_inifile_sections_list -Reason: This variable contains sections of the sapinst input file, `inifile.params`. + +**Previous name**: sap_swpm_inifile_list\ +**New name**: sap_swpm_inifile_sections_list\ +**Reason**: This variable contains sections of the sapinst input file, `inifile.params`. The new variable name is reflecting this purpose. #### sap_swpm_inifile_custom_values_dictionary -> sap_swpm_inifile_parameters_dict -Previous name: sap_swpm_inifile_custom_values_dictionary -New name: sap_swpm_inifile_parameters_dict -Reason: This variable contains parameter names and values of the sapinst input file, `inifile.params`. -The new variable name is reflecting this purpose. -#### Migration from the `*_templates` modes of the previous version of sap_swpm +**Previous name**: sap_swpm_inifile_custom_values_dictionary\ +**New name**: sap_swpm_inifile_parameters_dict\ +**Reason**: This variable contains parameter names and values of the +sapinst input file, `inifile.params`. The new variable name is reflecting this purpose. + +#### Migration from the `*_templates` modes of the previous version of `sap_swpm` + The role `sap_swpm` does no longer use the dictionary `sap_swpm_templates_install_dictionary`. This dictionary was used in the previous role modes `default_templates` and `advanced_templates`. -Because of this, required low level members of `sap_swpm_templates_install_dictionary` have to be redefined to top level variables. -Creating top level variables from low level members of a dict can be done: +Because of this change, required low level members of `sap_swpm_templates_install_dictionary` have to be +redefined to top level variables. Creating top level variables from low level members +of a dict can be done: -- in a separate task using ansible.builtin.set_fact before calling sap_swpm, or +- in a separate task using `ansible.builtin.set_fact` before calling `sap_swpm`, or -- in the task calling sap_swpm with a vars: section of the task calling sap_swpm. +- in the task calling `sap_swpm` with a `vars`: section of the task calling `sap_swpm`. -Be aware of the following limitation: You cannot define a variable in the same task in which you use this variable to access a member -of another variable. Any variable which is used to access low level dict members has to be defined before, in a separate task. +Be aware of the following limitation: You cannot define a variable in the same task in +which you use this variable to access a member of another variable. Any variable which +is used to access low level dict members has to be defined before, in a *separate task*. Example: For defining `sap_swpm_product_catalog_id` from a low level member of `sap_swpm_templates_install_dictionary`, use the following code: @@ -172,9 +179,9 @@ Sample Ansible Playbook Execution - If such a file does *not* exist, the role will create an SAP SWPM `inifile.params` file by one of the following methods: - Method 1: Predefined sections of the file inifile_params.j2 will be used to create the file `inifile.params`. + Method 1: Predefined sections of the file `inifile_params.j2` will be used to create the file `inifile.params`. The variable `sap_swpm_inifile_sections_list` contains a list of sections which will part of the file `inifile.params`. - All other sections will be ignored. The inifile parameters themselves will be set according to other role parameters. + All other sections will be ignored. The inifile parameters themselves will be set according to other role parameters. Example: The inifile parameter `archives.downloadBasket` will be set to the content of the role parameter `sap_swpm_software_path`. From 8e57dbac9c6618e40a1f81e41012fefa92cc5be3 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 6 Sep 2024 10:31:34 +0200 Subject: [PATCH 30/51] sap_swpm: Only mention the `vars:` section for redefining variables Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 23 +++++++---------------- 1 file changed, 7 insertions(+), 16 deletions(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index 3cdd25d9..ac6b8caa 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -109,26 +109,17 @@ of a dict can be done: - in the task calling `sap_swpm` with a `vars`: section of the task calling `sap_swpm`. -Be aware of the following limitation: You cannot define a variable in the same task in -which you use this variable to access a member of another variable. Any variable which -is used to access low level dict members has to be defined before, in a *separate task*. - Example: -For defining `sap_swpm_product_catalog_id` from a low level member of `sap_swpm_templates_install_dictionary`, use the following code: ``` -# Step 1: Define level 2 dict member for accessing level 3 dict member in the following task -- name: Define variable sap_swpm_templates_product_input - ansible.builtin.set_fact: - sap_swpm_templates_product_input: "{{ sap_swpm_templates_product_input_prefix }}_nwas_ascs_ha" - -# Step 2: Define top level variable from level 3 dict member -- name: Define variables sap_swpm_product_catalog_id and sap_swpm_inifile_sections_list - ansible.builtin.set_fact: - sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" - sap_swpm_inifile_sections_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input][sap_swpm_inifile_sections_list] }}" - sap_swpm_inifile_parameters_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict'] }}" +- name: Execute the role sap_swpm + ansible.builtin.include_role: + name: community.sap_install.sap_swpm + vars: + sap_swpm_templates_product_input: "sap_s4hana_2023_distributed_nwas_ascs_ha" + sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" + sap_swpm_inifile_sections_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] }}" ``` ## Execution From 4c5b9523eb24e9cb24267cb435c271c3fffd9a58 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 9 Sep 2024 20:19:39 +0200 Subject: [PATCH 31/51] sap_swpm: Recognize sap_swpm_templates_install_dictionary Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 74 ++++++++-------- roles/sap_swpm/tasks/pre_install.yml | 125 ++++++++++++++++++++++++++- 2 files changed, 162 insertions(+), 37 deletions(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index ac6b8caa..6d033fb4 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -80,47 +80,59 @@ The following role parameter is no longer used because there are no role `modes` #### sap_swpm_ansible_role_mode -The following two role parameters have been renamed. If the new variables are not defined, the old ones are converted to the new ones. +The following two role parameters have been renamed. If the new variables are undefined and the old ones are defined, +the old ones are converted to the new ones. #### sap_swpm_inifile_list -> sap_swpm_inifile_sections_list -**Previous name**: sap_swpm_inifile_list\ -**New name**: sap_swpm_inifile_sections_list\ +**Previous name**: `sap_swpm_inifile_list`\ +**New name**: `sap_swpm_inifile_sections_list`\ **Reason**: This variable contains sections of the sapinst input file, `inifile.params`. The new variable name is reflecting this purpose. #### sap_swpm_inifile_custom_values_dictionary -> sap_swpm_inifile_parameters_dict -**Previous name**: sap_swpm_inifile_custom_values_dictionary\ -**New name**: sap_swpm_inifile_parameters_dict\ +**Previous name**: `sap_swpm_inifile_custom_values_dictionary`\ +**New name**: `sap_swpm_inifile_parameters_dict`\ **Reason**: This variable contains parameter names and values of the sapinst input file, `inifile.params`. The new variable name is reflecting this purpose. -#### Migration from the `*_templates` modes of the previous version of `sap_swpm` +#### sap_swpm_inifile_dictionary -> sap_swpm_role_parameters_dict -The role `sap_swpm` does no longer use the dictionary `sap_swpm_templates_install_dictionary`. -This dictionary was used in the previous role modes `default_templates` and `advanced_templates`. +**Previous name**: `sap_swpm_inifile_dictionary`\ +**New name**: `sap_swpm_role_parameters_dict`\ +**Reason**: This dictionary contains parameter names and values of the role `sap_swpm`. +The new variable name is reflecting this purpose.\ +**Note**: This variable was only used as a member of `sap_swpm_templates_install_dictionary`, in the +previous `default_templates` mode. -Because of this change, required low level members of `sap_swpm_templates_install_dictionary` have to be -redefined to top level variables. Creating top level variables from low level members -of a dict can be done: +#### Using sap_swpm_templates_install_dictionary -- in a separate task using `ansible.builtin.set_fact` before calling `sap_swpm`, or +The dictionary named `sap_swpm_templates_install_dictionary` can hold all necessary variables +needed by the role `sap_swpm` for different SAP products. See the `Ansible Playbooks for SAP` for examples. -- in the task calling `sap_swpm` with a `vars`: section of the task calling `sap_swpm`. +The role `sap_swpm` redefines low level members of this dictionary to top level +variables. The dictionary may contain either the definitions for the previous +version of the role (used in the previous role modes `default_templates` and `advanced_templates`), +or an updated definition of the dictionary containing the new variable names. +The role will fail if both old and new variable names are defined in the dictionary. +Variables on the top level take precedences over those members of `sap_swpm_templates_install_dictionary` with the same name. -Example: +Following is the complete list of conversions of members of the dictionary `sap_swpm_templates_install_dictionary`, where `sap_prod` is an +example entry for `sap_swpm_templates_product_input`: +- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_product_catalog_id']` -> `sap_swpm_product_catalog_id` +- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_sections_list']` -> `sap_swpm_inifile_sections_list` +- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_parameters_dict']` -> `sap_swpm_inifile_parameters_dict` +- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_role_parameters_dict']` -> `sap_swpm_role_parameters_dict` -> top level role variables\ + Example: `sap_swpm_install_saphostagent: 'true'` -``` -- name: Execute the role sap_swpm - ansible.builtin.include_role: - name: community.sap_install.sap_swpm - vars: - sap_swpm_templates_product_input: "sap_s4hana_2023_distributed_nwas_ascs_ha" - - sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" - sap_swpm_inifile_sections_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] }}" -``` +Former `default_templates` mode: +- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_list']` -> `sap_swpm_inifile_sections_list` +- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_dictionary']` -> top level role variables\ + Example: `sap_swpm_install_saphostagent: 'true'` + +Former `advanced_templates` mode: +- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_custom_values_dictionary']` -> `sap_swpm_inifile_parameters_dict` ## Execution @@ -170,23 +182,17 @@ Sample Ansible Playbook Execution - If such a file does *not* exist, the role will create an SAP SWPM `inifile.params` file by one of the following methods: - Method 1: Predefined sections of the file `inifile_params.j2` will be used to create the file `inifile.params`. - The variable `sap_swpm_inifile_sections_list` contains a list of sections which will part of the file `inifile.params`. - All other sections will be ignored. The inifile parameters themselves will be set according to other role parameters. - Example: The inifile parameter `archives.downloadBasket` will be set to the content of the role parameter - `sap_swpm_software_path`. + Method 1: Predefined sections of the file `inifile_params.j2` will be used to create the file `inifile.params`. The variable `sap_swpm_inifile_sections_list` contains a list of sections which will part of the file `inifile.params`. All other sections will be ignored. The inifile parameters themselves will be set according to other role parameters. Example: The inifile parameter `archives.downloadBasket` will be set to the content of the role parameter `sap_swpm_software_path`. - Method 2: The file `inifile.params` will be configured from the content of the dictionary `sap_swpm_inifile_parameters_dict`. - This dictionary is defined like in the following example: + Method 2: The file `inifile.params` will be configured from the content of the dictionary `sap_swpm_inifile_parameters_dict`. This dictionary is defined like in the following example: ``` sap_swpm_inifile_parameters_dict: archives.downloadBasket: /software/download_basket - NW_getFQDN.FQDN: poc.cloud + NW_getFQDN.FQDN: example.com ``` - It is also possible to use method 1 for creating the inifile and then replace or set additional variables using method 2: - Just define both of the related parameters, `sap_swpm_inifile_sections_list` and `sap_swpm_inifile_parameters_dict`. +It is also possible to use method 1 for creating the inifile and then replace or set additional variables using method 2: Define both of the related parameters, `sap_swpm_inifile_sections_list` and `sap_swpm_inifile_parameters_dict`. - The file `inifile.params` is then transferred to a temporary directory on the managed node, to be used by the sapinst process. diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 89195d1c..93d962a8 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -1,10 +1,129 @@ # SPDX-License-Identifier: Apache-2.0 --- -- name: SAP SWPM Pre Install - Rename variables +- name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_sections_list' from 'sap_swpm_inifile_list' if necessary ansible.builtin.set_fact: - sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_list | d(sap_swpm_inifile_sections_list | d([])) }}" - sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_custom_values_dictionary | d(sap_swpm_inifile_parameters_dict) | d({}) }}" + sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_list }}" + when: + - sap_swpm_inifile_sections_list is undefined + - sap_swpm_inifile_list is defined + tags: always + +- name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_parameters_dict' from 'sap_swpm_inifile_custom_values_dictionary' if necessary + ansible.builtin.set_fact: + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_custom_values_dictionary }}" + when: + - sap_swpm_inifile_parameters_dict is undefined + - sap_swpm_inifile_custom_values_dictionary is defined + tags: always + +- name: SAP SWPM Pre Install - Define variables from 'sap_swpm_templates_install_dictionary' if present + when: sap_swpm_templates_install_dictionary is defined + tags: always + block: + + - name: SAP SWPM Pre Install - Display 'sap_swpm_templates_product_input' + ansible.builtin.debug: + msg: + - "sap_swpm_templates_product_input: >{{ sap_swpm_templates_product_input }}<" + + - name: SAP SWPM Pre Install - Ensure that only one of 'sap_swpm_inifile_sections_list' and 'sap_swpm_inifile_list' is defined in the dict + ansible.builtin.fail: + msg: + - "FAIL: In 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]', both" + - "'sap_swpm_inifile_sections_list' and 'sap_swpm_inifile_list' are defined!" + - "Only one of these variables may be defined in 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]'." + when: + - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list'] is defined + - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] is defined + + - name: SAP SWPM Pre Install - Ensure that only one of 'sap_swpm_inifile_parameters_dict' or 'sap_swpm_inifile_custom_values_dictionary' is defined in the dict + ansible.builtin.fail: + msg: + - "FAIL: In 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]', both" + - "'sap_swpm_inifile_parameters_dict', and 'sap_swpm_inifile_custom_values_dictionary', are defined!" + - "Only one of these variables may be defined in 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]'." + when: + - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict'] is defined + - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] is defined + +# Define sap_swpm_product_catalog_id from low level member, or use top level variable if defined. Top level variable has precedence. + - name: SAP SWPM Pre Install - Define 'sap_swpm_product_catalog_id' from low level member with the same name + ansible.builtin.set_fact: + sap_swpm_product_catalog_id: "{{ sap_swpm_product_catalog_id | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id']) }}" + when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] is defined + + - name: SAP SWPM Pre Install - Display sap_swpm_product_catalog_id + ansible.builtin.debug: + msg: "sap_swpm_product_catalog_id: >{{ sap_swpm_product_catalog_id }}<" + +# Define sap_swpm_inifile_sections_list from low level member, or use top level variable if defined. Top level variable has precedence. + - name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_sections_list' from low level member + ansible.builtin.set_fact: + sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_sections_list | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list']) | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list']) }}" + when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] is defined or + sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list'] is defined + +# Define sap_swpm_role_parameters_dict from low level member. Top level variable does not exist. + - name: SAP SWPM Pre Install - Define 'sap_swpm_role_parameters_dict' from low level member + ansible.builtin.set_fact: + sap_swpm_role_parameters_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_role_parameters_dict']) }}" + when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] is defined or + sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_role_parameters_dict'] is defined + +# Define role variables from low level member, looping over 'sap_swpm_role_parameters_dict': +# Reason for noqa: We are setting variables from the content of a dict, and the variable names are in the dict keys. + - name: SAP SWPM Pre Install - Define role variables from low level member, looping over 'sap_swpm_role_parameters_dict' # noqa var-naming[no-jinja] + ansible.builtin.set_fact: + "{{ line_item.key }}": "{{ lookup('vars', line_item.key, default=line_item.value) }}" + loop: "{{ sap_swpm_role_parameters_dict | dict2items }}" + loop_control: + loop_var: line_item + when: sap_swpm_role_parameters_dict is defined + + - name: SAP SWPM Pre Install - Display all vars of 'sap_swpm_role_parameters_dict' + ansible.builtin.debug: + msg: "{{ line_item.key }}: {{ lookup('vars', line_item.key) }}" + loop: "{{ sap_swpm_role_parameters_dict | dict2items }}" + loop_control: + loop_var: line_item + + - name: SAP SWPM Pre Install - Looking for any differences... + ansible.builtin.set_fact: + different_values_sap_swpm_role_parameters_dict: + "{{ different_values_sap_swpm_role_parameters_dict | d({}) | combine({line_item.key: line_item.value}) }}" + loop: "{{ sap_swpm_role_parameters_dict | dict2items }}" + loop_control: + loop_var: line_item + when: + - line_item.value != lookup('vars', line_item.key) + ignore_errors: true + + - name: SAP SWPM Pre Install - Display any differences + ansible.builtin.debug: + msg: + - "Note: The following values from" + - "sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_role_parameters_dict']" + - "are ignored because they have already been defined on the top level, as follows:" + - "{{ different_values_sap_swpm_role_parameters_dict }}" + +# Define sap_swpm_inifile_parameters_dict from low level member, or use top level variable if defined. Top level variable has precedence. + - name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_parameters_dict' from low level member + ansible.builtin.set_fact: + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_parameters_dict | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary']) | + d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict']) }}" + when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] is defined or + sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict'] is defined + +- name: SAP SWPM Pre Install - Define the main inifile creation parameters as empty if necessary + ansible.builtin.set_fact: + sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_sections_list | d([]) }}" + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_parameters_dict | d({}) }}" tags: always ################ From 8f2c21164b312bc03ee4018fc4d3b5793ae41fc6 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Tue, 10 Sep 2024 10:45:22 +0200 Subject: [PATCH 32/51] sap_swpm: No longer define sap_swpm_product_catalog_id... ... in defaults/main.yml Signed-off-by: Bernd Finger --- roles/sap_swpm/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index 172166c1..a18855aa 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -139,7 +139,8 @@ sap_swpm_inifile_sections_list: ######################################## # SAP product that will be installed and passed as argument to the sapinst installer, example 'NW_ABAP_OneHost:S4HANA2020.CORE.HDB.ABAP' -sap_swpm_product_catalog_id: +# Needs to be defined in the playbook or inventory or can be determined from an existing inifile.params file. +#sap_swpm_product_catalog_id: # SAPCAR path and file name, only path is mandatory. The script will automatically get file_name sap_swpm_sapcar_path: From 66ecd472d28e42ea38fa77b9e4b9b2c2a6336375 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Tue, 10 Sep 2024 13:34:08 +0200 Subject: [PATCH 33/51] sap_swpm: Allow undefined or empty sap_swpm_role_parameters_dict Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/pre_install.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 93d962a8..304a4987 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -80,26 +80,28 @@ - name: SAP SWPM Pre Install - Define role variables from low level member, looping over 'sap_swpm_role_parameters_dict' # noqa var-naming[no-jinja] ansible.builtin.set_fact: "{{ line_item.key }}": "{{ lookup('vars', line_item.key, default=line_item.value) }}" - loop: "{{ sap_swpm_role_parameters_dict | dict2items }}" + loop: "{{ sap_swpm_role_parameters_dict | dict2items if sap_swpm_role_parameters_dict is mapping else [] }}" loop_control: loop_var: line_item - when: sap_swpm_role_parameters_dict is defined + when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict - name: SAP SWPM Pre Install - Display all vars of 'sap_swpm_role_parameters_dict' ansible.builtin.debug: msg: "{{ line_item.key }}: {{ lookup('vars', line_item.key) }}" - loop: "{{ sap_swpm_role_parameters_dict | dict2items }}" + loop: "{{ sap_swpm_role_parameters_dict | dict2items if sap_swpm_role_parameters_dict is mapping else [] }}" loop_control: loop_var: line_item + when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict - name: SAP SWPM Pre Install - Looking for any differences... ansible.builtin.set_fact: different_values_sap_swpm_role_parameters_dict: "{{ different_values_sap_swpm_role_parameters_dict | d({}) | combine({line_item.key: line_item.value}) }}" - loop: "{{ sap_swpm_role_parameters_dict | dict2items }}" + loop: "{{ sap_swpm_role_parameters_dict | dict2items if sap_swpm_role_parameters_dict is mapping else [] }}" loop_control: loop_var: line_item when: + - sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict - line_item.value != lookup('vars', line_item.key) ignore_errors: true @@ -110,6 +112,7 @@ - "sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_role_parameters_dict']" - "are ignored because they have already been defined on the top level, as follows:" - "{{ different_values_sap_swpm_role_parameters_dict }}" + when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict # Define sap_swpm_inifile_parameters_dict from low level member, or use top level variable if defined. Top level variable has precedence. - name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_parameters_dict' from low level member From 97e0a1ef9692e2c7109fe8fa20eb3bf19878f58d Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 19 Sep 2024 16:02:32 +0200 Subject: [PATCH 34/51] sap_swpm: Prioritize sap_swpm_templates_install_dictionary members Due to the use of global variables in sap_swpm, there appears to be no simple way of giving priority to top level vars over the same variables defined in sap_swpm_templates_install_dictionary. We can also assume that if using sap_swpm_templates_install_dictionary, this is done on purpose and with the intention to use its members with priority over top level variables. Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 8 ++-- roles/sap_swpm/tasks/pre_install.yml | 66 ++++++++++++---------------- 2 files changed, 32 insertions(+), 42 deletions(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index 6d033fb4..69acdc4d 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -111,12 +111,12 @@ previous `default_templates` mode. The dictionary named `sap_swpm_templates_install_dictionary` can hold all necessary variables needed by the role `sap_swpm` for different SAP products. See the `Ansible Playbooks for SAP` for examples. -The role `sap_swpm` redefines low level members of this dictionary to top level -variables. The dictionary may contain either the definitions for the previous -version of the role (used in the previous role modes `default_templates` and `advanced_templates`), +The role `sap_swpm` defines top level variables from low level members of this dictionary. +The dictionary may contain either the definitions for the previous version of the role +(used in the previous role modes `default_templates` and `advanced_templates`), or an updated definition of the dictionary containing the new variable names. The role will fail if both old and new variable names are defined in the dictionary. -Variables on the top level take precedences over those members of `sap_swpm_templates_install_dictionary` with the same name. +Variables on the top level will be overridden by members of `sap_swpm_templates_install_dictionary` with the same name. Following is the complete list of conversions of members of the dictionary `sap_swpm_templates_install_dictionary`, where `sap_prod` is an example entry for `sap_swpm_templates_product_input`: diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 304a4987..3e843656 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -17,6 +17,7 @@ - sap_swpm_inifile_custom_values_dictionary is defined tags: always +# Note: Variable definitions in sap_swpm_templates_install_dictionary will overwrite existing top level definitions. - name: SAP SWPM Pre Install - Define variables from 'sap_swpm_templates_install_dictionary' if present when: sap_swpm_templates_install_dictionary is defined tags: always @@ -26,8 +27,9 @@ ansible.builtin.debug: msg: - "sap_swpm_templates_product_input: >{{ sap_swpm_templates_product_input }}<" + ignore_errors: true - - name: SAP SWPM Pre Install - Ensure that only one of 'sap_swpm_inifile_sections_list' and 'sap_swpm_inifile_list' is defined in the dict + - name: SAP SWPM Pre Install - Fail if 'sap_swpm_inifile_sections_list' and 'sap_swpm_inifile_list' are both defined in the dict ansible.builtin.fail: msg: - "FAIL: In 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]', both" @@ -37,7 +39,7 @@ - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list'] is defined - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] is defined - - name: SAP SWPM Pre Install - Ensure that only one of 'sap_swpm_inifile_parameters_dict' or 'sap_swpm_inifile_custom_values_dictionary' is defined in the dict + - name: SAP SWPM Pre Install - Fail if 'sap_swpm_inifile_parameters_dict' and 'sap_swpm_inifile_custom_values_dictionary' are both defined in the dict ansible.builtin.fail: msg: - "FAIL: In 'sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]', both" @@ -47,27 +49,27 @@ - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict'] is defined - sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] is defined -# Define sap_swpm_product_catalog_id from low level member, or use top level variable if defined. Top level variable has precedence. +# Unconditionally define sap_swpm_product_catalog_id from low level member. - name: SAP SWPM Pre Install - Define 'sap_swpm_product_catalog_id' from low level member with the same name ansible.builtin.set_fact: - sap_swpm_product_catalog_id: "{{ sap_swpm_product_catalog_id | - d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id']) }}" +# sap_swpm_product_catalog_id: "{{ sap_swpm_product_catalog_id | +# d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id']) }}" + sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] is defined - - name: SAP SWPM Pre Install - Display sap_swpm_product_catalog_id + - name: SAP SWPM Pre Install - Display 'sap_swpm_product_catalog_id' ansible.builtin.debug: msg: "sap_swpm_product_catalog_id: >{{ sap_swpm_product_catalog_id }}<" -# Define sap_swpm_inifile_sections_list from low level member, or use top level variable if defined. Top level variable has precedence. +# Unconditionally define sap_swpm_inifile_sections_list from low level member. - name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_sections_list' from low level member ansible.builtin.set_fact: - sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_sections_list | - d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list']) | + sap_swpm_inifile_sections_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] | d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list']) }}" when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] is defined or sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_sections_list'] is defined -# Define sap_swpm_role_parameters_dict from low level member. Top level variable does not exist. +# Define sap_swpm_role_parameters_dict from low level member. - name: SAP SWPM Pre Install - Define 'sap_swpm_role_parameters_dict' from low level member ansible.builtin.set_fact: sap_swpm_role_parameters_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] | @@ -75,54 +77,42 @@ when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] is defined or sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_role_parameters_dict'] is defined -# Define role variables from low level member, looping over 'sap_swpm_role_parameters_dict': + - name: SAP SWPM Pre Install - Display 'sap_swpm_role_parameters_dict' + ansible.builtin.debug: + msg: "sap_swpm_role_parameters_dict: >{{ sap_swpm_role_parameters_dict }}<" + when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict + ignore_errors: true + +# Define role variables from low level member, looping over 'sap_swpm_role_parameters_dict'. # Reason for noqa: We are setting variables from the content of a dict, and the variable names are in the dict keys. - name: SAP SWPM Pre Install - Define role variables from low level member, looping over 'sap_swpm_role_parameters_dict' # noqa var-naming[no-jinja] ansible.builtin.set_fact: - "{{ line_item.key }}": "{{ lookup('vars', line_item.key, default=line_item.value) }}" + "{{ line_item.key }}": "{{ line_item.value }}" loop: "{{ sap_swpm_role_parameters_dict | dict2items if sap_swpm_role_parameters_dict is mapping else [] }}" loop_control: loop_var: line_item - when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict + when: + - sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict - - name: SAP SWPM Pre Install - Display all vars of 'sap_swpm_role_parameters_dict' + - name: SAP SWPM Pre Install - Display all vars and values of 'sap_swpm_role_parameters_dict' ansible.builtin.debug: - msg: "{{ line_item.key }}: {{ lookup('vars', line_item.key) }}" + msg: "{{ line_item.key }}: >{{ lookup('vars', line_item.key) }}<" loop: "{{ sap_swpm_role_parameters_dict | dict2items if sap_swpm_role_parameters_dict is mapping else [] }}" loop_control: loop_var: line_item when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict - - - name: SAP SWPM Pre Install - Looking for any differences... - ansible.builtin.set_fact: - different_values_sap_swpm_role_parameters_dict: - "{{ different_values_sap_swpm_role_parameters_dict | d({}) | combine({line_item.key: line_item.value}) }}" - loop: "{{ sap_swpm_role_parameters_dict | dict2items if sap_swpm_role_parameters_dict is mapping else [] }}" - loop_control: - loop_var: line_item - when: - - sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict - - line_item.value != lookup('vars', line_item.key) ignore_errors: true - - name: SAP SWPM Pre Install - Display any differences - ansible.builtin.debug: - msg: - - "Note: The following values from" - - "sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_role_parameters_dict']" - - "are ignored because they have already been defined on the top level, as follows:" - - "{{ different_values_sap_swpm_role_parameters_dict }}" - when: sap_swpm_role_parameters_dict is defined and sap_swpm_role_parameters_dict - -# Define sap_swpm_inifile_parameters_dict from low level member, or use top level variable if defined. Top level variable has precedence. +# Define sap_swpm_inifile_parameters_dict from low level member, or use top level variable if defined. Low level definition has precedence. - name: SAP SWPM Pre Install - Define 'sap_swpm_inifile_parameters_dict' from low level member ansible.builtin.set_fact: - sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_parameters_dict | - d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary']) | + sap_swpm_inifile_parameters_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] | d(sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict']) }}" when: sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] is defined or sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_parameters_dict'] is defined +# The following task ensures that the two main inifile creation parameters are defined. +# This is necessary when creating the file 'inifile.params'. - name: SAP SWPM Pre Install - Define the main inifile creation parameters as empty if necessary ansible.builtin.set_fact: sap_swpm_inifile_sections_list: "{{ sap_swpm_inifile_sections_list | d([]) }}" From cfe8f9870138f8c5f2e0463592c4f15492f3adc0 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 27 Sep 2024 16:26:38 +0200 Subject: [PATCH 35/51] sap_swpm: Adapt README.md to new standard Note: This is WIP. Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 247 +++++++++++++++------------------------ 1 file changed, 97 insertions(+), 150 deletions(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index 69acdc4d..6d1faf5f 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -1,51 +1,40 @@ + # sap_swpm Ansible Role - -Ansible role for SAP software installation using SWPM - -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -## Scope - -This role has been tested and working for the following scenarios -- One Host Installation -- Dual Host Installation -- Distributed Installation -- System Restore -- High Availability Installation - -This role has been tested and working for the following SAP products -- SAP S/4HANA 1809, 1909, 2020, 2021 -- SAP BW/4HANA -- SAP Solution Manager 7.2 -- SAP Netweaver Business Suite Applications (ECC, GRC, etc) -- SAP Web Dispatcher - -> The general rule is - if the installation uses SAP SWPM then this Ansible Role can be used. - -### SAP Preconfigure - -- Ensure the required volumes and filesystems are configured in the host. You can use the role `sap_storage_setup` to configure this. More info [here](/roles/sap_storage_setup) - -- Please run the RHEL SAP System Role `sap_general_preconfigure` for initial host configuration; as necessary, also use `sap_netweaver_preconfigure` and `sap_hana_preconfigure` - -- For further guidance on using SAP SWPM for different SAP Software installations, please see System Provisioning with Software Provisioning Manager (SWPM) - [User Guides for SAP SWPM 1.0](30839dda13b2485889466316ce5b39e9/c8ed609927fa4e45988200b153ac63d1.html?locale=en-US) and [User Guides for SAP SWPM 2.0](https://help.sap.com/docs/SOFTWARE_PROVISIONING_MANAGER/30839dda13b2485889466316ce5b39e9/6865029dacbe473fadd8eff339bfa568.html?locale=en-US) - -### SAP Software Installation .SAR Files - -1. SAPCAR executable - -2. Software Provisioning Manager .SAR file - - `SWPM*.SAR` - -3. SAP Installation files - - For New Installation - - Download appropriate software from SAP Software Download Center, Maintenance Planner, etc - - For Restore or New Installation + +![Ansible Lint for sap_swpm](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_swpm.yml/badge.svg) + +## Description + +The Ansible role `sap_swpm` installs the SAP ABAP Application Platform (formerly known as SAP NetWeaver) using the SAP Software Provisioning Manager (SWPM). + + + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + +## Prerequisites + +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community). +- Ensure that servers are configured for SAP ABAP Application Platform. See [Recommended](#recommended) section. +- Ensure that volumes and filesystems are configured correctly. See [Recommended](#recommended) section. + +### Prepare SAP ABAP Application Platform installation media +Place a valid SAPCAR executable file in a directory specified by variable `sap_swpm_sapcar_path`, e.g. /software/sapcar. Example: + - SAPCAR_1300-70007716.EXE + +Place the following files in a directory specified by variable `sap_swpm_swpm_path`, e.g. /software/sap_swpm: + - SWPM20SP18_3-80003424.SAR + +Place the following files in a directory specified by variable `sap_swpm_software_path`, e.g. /software/abap_application_platform: + - For a new installation + - Download the appropriate software from SAP Software Download Center, Maintenance Planner, etc + - For a restore or new installation - SAP IGS - `igs*.sar` - SAP IGS HELPER - `igshelper*sar` - SAP Host Agent - `SAPHOSTAGENT*SAR` @@ -53,108 +42,27 @@ This role has been tested and working for the following SAP products - SAP Kernel DB Independent - `SAPEXE_*SAR` - SAP HANA Client - `IMDB_CLIENT*SAR` -4. SAP HANA Database MDC DB Tenant Backup (for restore) - - stored on the local disk of the machine where the SAP HANA database server will reside - - NOTE: Specific media requirements will use format `SAPINST.CD.PACKAGE. = `, and the media names can be discovered by using this command on the SWPM directory `grep -rwh " sap_swpm_inifile_sections_list - -**Previous name**: `sap_swpm_inifile_list`\ -**New name**: `sap_swpm_inifile_sections_list`\ -**Reason**: This variable contains sections of the sapinst input file, `inifile.params`. -The new variable name is reflecting this purpose. - -#### sap_swpm_inifile_custom_values_dictionary -> sap_swpm_inifile_parameters_dict - -**Previous name**: `sap_swpm_inifile_custom_values_dictionary`\ -**New name**: `sap_swpm_inifile_parameters_dict`\ -**Reason**: This variable contains parameter names and values of the -sapinst input file, `inifile.params`. The new variable name is reflecting this purpose. - -#### sap_swpm_inifile_dictionary -> sap_swpm_role_parameters_dict - -**Previous name**: `sap_swpm_inifile_dictionary`\ -**New name**: `sap_swpm_role_parameters_dict`\ -**Reason**: This dictionary contains parameter names and values of the role `sap_swpm`. -The new variable name is reflecting this purpose.\ -**Note**: This variable was only used as a member of `sap_swpm_templates_install_dictionary`, in the -previous `default_templates` mode. - -#### Using sap_swpm_templates_install_dictionary - -The dictionary named `sap_swpm_templates_install_dictionary` can hold all necessary variables -needed by the role `sap_swpm` for different SAP products. See the `Ansible Playbooks for SAP` for examples. - -The role `sap_swpm` defines top level variables from low level members of this dictionary. -The dictionary may contain either the definitions for the previous version of the role -(used in the previous role modes `default_templates` and `advanced_templates`), -or an updated definition of the dictionary containing the new variable names. -The role will fail if both old and new variable names are defined in the dictionary. -Variables on the top level will be overridden by members of `sap_swpm_templates_install_dictionary` with the same name. - -Following is the complete list of conversions of members of the dictionary `sap_swpm_templates_install_dictionary`, where `sap_prod` is an -example entry for `sap_swpm_templates_product_input`: -- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_product_catalog_id']` -> `sap_swpm_product_catalog_id` -- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_sections_list']` -> `sap_swpm_inifile_sections_list` -- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_parameters_dict']` -> `sap_swpm_inifile_parameters_dict` -- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_role_parameters_dict']` -> `sap_swpm_role_parameters_dict` -> top level role variables\ - Example: `sap_swpm_install_saphostagent: 'true'` - -Former `default_templates` mode: -- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_list']` -> `sap_swpm_inifile_sections_list` -- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_dictionary']` -> top level role variables\ - Example: `sap_swpm_install_saphostagent: 'true'` - -Former `advanced_templates` mode: -- `sap_swpm_templates_install_dictionary[sap_prod]['sap_swpm_inifile_custom_values_dictionary']` -> `sap_swpm_inifile_parameters_dict` + ## Execution + + -Sample Ansible Playbook Execution + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. *`sap_swpm`* -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-swpm.yml -e "@inputs/S4H.install"` +Note: For most scenarios, a database like SAP HANA must be available. Use the role [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) for installing the SAP HANA database. + -- Target Host Installation - - `ansible-playbook -i "" sap-swpm.yml -e "@inputs/S4H.install"` - -### Sample Playbook - -```yaml ---- -- hosts: all - become: true - roles: - - sap_swpm -``` - -## Execution Flow +### Execution Flow + ### Pre-Install @@ -205,9 +113,44 @@ It is also possible to use method 1 for creating the inifile and then replace or - Set expiry of Unix created users to 'never' - Apply firewall rules for SAP NW (optional - false by default) + -## Tags +### Example + +#### Playbook for installing a Primary Application Server (PAS) instance + +```yaml +--- +- name: Ansible Play for SAP NetWeaver Application Server - Primary Application Server (PAS) + hosts: nwas_pas + become: true + any_errors_fatal: true # https://docs.ansible.com/ansible/latest/user_guide/playbooks_error_handling.html#aborting-a-play-on-all-hosts + max_fail_percentage: 0 + tasks: + + - name: Execute Ansible Role sap_install_media_detect + ansible.builtin.include_role: + name: community.sap_install.sap_install_media_detect + vars: + sap_install_media_detect_swpm: true + sap_install_media_detect_hostagent: true + sap_install_media_detect_igs: true + sap_install_media_detect_kernel: true + sap_install_media_detect_webdisp: false + sap_install_media_detect_db_client: "saphana" + + # Install SAP NetWeaver PAS via Ansible Role sap_swpm + - name: Execute Ansible Role sap_swpm + ansible.builtin.include_role: + name: community.sap_install.sap_swpm + vars: + *** TODO: Fill in variables *** +``` + + + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_swpm_generate_inifile`: Only create the sapinst inifile, without running most of the preinstall steps. This can be useful for checking if the inifile is created as desired. @@ -215,11 +158,15 @@ With the following tags, the role can be called to perform certain activities on - tag `sap_swpm_pre_install`: Perform all preinstallation steps, then exit. - tag `sap_swpm_setup_firewall`: Only perform the firewall preinstallation settings (but only if variable `sap_swpm_setup_firewall` is set to `true`). - tag `sap_swpm_update_etchosts`: Only update file `/etc/hosts` (but only if variable `sap_swpm_update_etchosts` is set to `true`). +!-- END Role Tags --> ## License - -Apache license 2.0 - -## Author Information - -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Jason Masipiquena, Sean Freeman, Bernd Finger, Markus Koch + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) +- [Sean Freeman](https://github.com/seanfreeman) + From 256c2f3c9c2670a162a780defd74888c4fa9105a Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Thu, 3 Oct 2024 15:47:01 +0200 Subject: [PATCH 36/51] docs: Update readme and add vars section --- roles/sap_swpm/README.md | 753 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 720 insertions(+), 33 deletions(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index 6d1faf5f..04c7360a 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -5,7 +5,7 @@ ## Description -The Ansible role `sap_swpm` installs the SAP ABAP Application Platform (formerly known as SAP NetWeaver) using the SAP Software Provisioning Manager (SWPM). +The Ansible role `sap_swpm` installs various SAP Systems installable by SAP Software Provisioning Manager (SWPM). @@ -20,30 +20,27 @@ Install required collections by `ansible-galaxy install -vv -r meta/collection-r ## Prerequisites Managed nodes: -- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community). -- Ensure that servers are configured for SAP ABAP Application Platform. See [Recommended](#recommended) section. +- Directory with SAP Installation media is present and `sap_swpm_software_path` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community). +- Ensure that servers are configured for SAP Systems. See [Recommended](#recommended) section. - Ensure that volumes and filesystems are configured correctly. See [Recommended](#recommended) section. -### Prepare SAP ABAP Application Platform installation media -Place a valid SAPCAR executable file in a directory specified by variable `sap_swpm_sapcar_path`, e.g. /software/sapcar. Example: - - SAPCAR_1300-70007716.EXE +### Prepare SAP installation media +Place a valid SAPCAR executable file in a directory specified by variable `sap_swpm_sapcar_path` (e.g. /software/sapcar). Example: `SAPCAR_1300-70007716.EXE` -Place the following files in a directory specified by variable `sap_swpm_swpm_path`, e.g. /software/sap_swpm: - - SWPM20SP18_3-80003424.SAR +Place a valid SWPM SAR file in a directory specified by variable `sap_swpm_swpm_path` (e.g. /software/sap_swpm). Example: `SWPM20SP18_3-80003424.SAR` -Place the following files in a directory specified by variable `sap_swpm_software_path`, e.g. /software/abap_application_platform: - - For a new installation - - Download the appropriate software from SAP Software Download Center, Maintenance Planner, etc - - For a restore or new installation - - SAP IGS - `igs*.sar` - - SAP IGS HELPER - `igshelper*sar` - - SAP Host Agent - `SAPHOSTAGENT*SAR` - - SAP Kernel DB - `SAPEXEDB_*SAR` - - SAP Kernel DB Independent - `SAPEXE_*SAR` - - SAP HANA Client - `IMDB_CLIENT*SAR` - -Alternatively, you can place all the files mentioned above into a single directory and use the role [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) to identify the required files and set the role variables automatically so that the role `sap_swpm` has access to all the files needed for a successful installation of SAP ABAP Application Platform. +Place the following files in a directory specified by variable `sap_swpm_software_path` (e.g. /software/sap_swpm_download_basket): + - For a new installation + - Download the appropriate software from SAP Software Download Center, Maintenance Planner, etc. + - For a restore or new installation + - SAP IGS - `igs*.sar` + - SAP IGS HELPER - `igshelper*sar` + - SAP Host Agent - `SAPHOSTAGENT*SAR` + - SAP Kernel DB - `SAPEXEDB_*SAR` + - SAP Kernel DB Independent - `SAPEXE_*SAR` + - SAP HANA Client - `IMDB_CLIENT*SAR` +Alternatively, you can place all the files mentioned above into a single directory and use the role [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) to identify the required files and set the role variables automatically so that the role `sap_swpm` has access to all the files needed for a successful installation of SAP System. ## Execution @@ -79,9 +76,9 @@ Note: For most scenarios, a database like SAP HANA must be available. Use the ro - Get all .SAR filenames from `sap_swpm_software_path` -- Update `/etc/hosts` (optional - `false` by default) +- (Optional) Update `/etc/hosts` if `sap_swpm_update_etchosts` is set to `true` (Default: `false`). -- Apply firewall rules for SAP HANA (optional - `false` by default) +- (Optional) Apply firewall rules for SAP HANA if `sap_swpm_setup_firewall` is set to `true` (Default: `false`). - At this stage, the role is searching for a sapinst inifile on the managed node, or it will create one: @@ -110,22 +107,22 @@ It is also possible to use method 1 for creating the inifile and then replace or ### Post-Install -- Set expiry of Unix created users to 'never' +- Set expiry of Linux created users to 'never' -- Apply firewall rules for SAP NW (optional - false by default) +- (Optional) Apply firewall rules for SAP Netweaver if `sap_swpm_setup_firewall` is set to `true` (Default: `false`). ### Example -#### Playbook for installing a Primary Application Server (PAS) instance - +#### Playbook for installing a SAP ABAP ASCS instance in distributed system with [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) role +Example shows execution together with [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) role, which sets required variables for `sap_swpm` role.
```yaml --- -- name: Ansible Play for SAP NetWeaver Application Server - Primary Application Server (PAS) - hosts: nwas_pas +- name: Ansible Play for SAP ABAP ASCS installation in distributed system + hosts: nwas_ascs become: true - any_errors_fatal: true # https://docs.ansible.com/ansible/latest/user_guide/playbooks_error_handling.html#aborting-a-play-on-all-hosts + any_errors_fatal: true max_fail_percentage: 0 tasks: @@ -138,15 +135,39 @@ It is also possible to use method 1 for creating the inifile and then replace or sap_install_media_detect_igs: true sap_install_media_detect_kernel: true sap_install_media_detect_webdisp: false - sap_install_media_detect_db_client: "saphana" + sap_install_media_detect_source_directory: /software - # Install SAP NetWeaver PAS via Ansible Role sap_swpm - name: Execute Ansible Role sap_swpm ansible.builtin.include_role: name: community.sap_install.sap_swpm vars: - *** TODO: Fill in variables *** + sap_swpm_sid: AE1 + sap_swpm_virtual_hostname: ae1ascs + sap_swpm_ascs_instance_nr: "01" + sap_swpm_master_password: "Password@1" # Do not use, this is example only! + sap_swpm_ddic_000_password: "Password@1" # Do not use, this is example only! + sap_swpm_sapadm_uid: "3000" + sap_swpm_sapsys_gid: "3001" + sap_swpm_sidadm_uid: "3001" + sap_swpm_product_catalog_id: NW_ABAP_ASCS:NW750.HDB.ABAPHA + sap_swpm_inifile_sections_list: + - swpm_installation_media + - swpm_installation_media_swpm1 + - credentials + - credentials_hana + - db_config_hana + - db_connection_nw_hana + - nw_config_other + - nw_config_central_services_abap + - nw_config_primary_application_server_instance + - nw_config_ports + - nw_config_host_agent + - sap_os_linux_user + + sap_swpm_role_parameters_dict: + sap_swpm_install_saphostagent: 'true' ``` + @@ -158,7 +179,7 @@ With the following tags, the role can be called to perform certain activities on - tag `sap_swpm_pre_install`: Perform all preinstallation steps, then exit. - tag `sap_swpm_setup_firewall`: Only perform the firewall preinstallation settings (but only if variable `sap_swpm_setup_firewall` is set to `true`). - tag `sap_swpm_update_etchosts`: Only update file `/etc/hosts` (but only if variable `sap_swpm_update_etchosts` is set to `true`). -!-- END Role Tags --> + ## License @@ -170,3 +191,669 @@ Apache 2.0 - [Bernd Finger](https://github.com/berndfinger) - [Sean Freeman](https://github.com/seanfreeman) + +## Role Variables + +**NOTE: Discontinued variables:** +- `sap_swpm_ansible_role_mode` + +### Variables for creating sapinst inifile + +#### sap_swpm_run_sapinst +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` to disable execution of sapinst after creation of inifile. + + +### Variables for controlling contents of inifile + +#### sap_swpm_inifile_sections_list +- _Type:_ `list` +- _Default:_ +```yaml +sap_swpm_inifile_sections_list: + - swpm_installation_media + - swpm_installation_media_swpm2_hana + - credentials + - credentials_hana + - db_config_hana + - db_connection_nw_hana + - db_restore_hana + - nw_config_other + - nw_config_central_services_abap + - nw_config_primary_application_server_instance + - nw_config_ports + - nw_config_host_agent + - sap_os_linux_user +``` + +Define list of sections that will be used to control parameters added into sapinst inifile. +Available values: +```yaml +sap_swpm_inifile_sections_list: + - swpm_installation_media + - swpm_installation_media_swpm2_hana + - swpm_installation_media_swpm1 + - swpm_installation_media_swpm1_exportfiles + - swpm_installation_media_swpm1_ibmdb2 + - swpm_installation_media_swpm1_oracledb_121 + - swpm_installation_media_swpm1_oracledb_122 + - swpm_installation_media_swpm1_oracledb_19 + - swpm_installation_media_swpm1_sapase + - swpm_installation_media_swpm1_sapmaxdb + - maintenance_plan_stack_tms_config + - maintenance_plan_stack_tms_transports + - maintenance_plan_stack_spam_config + - maintenance_plan_stack_sum_config + - maintenance_plan_stack_sum_10_batch_mode + - credentials + - credentials_hana + - credentials_anydb_ibmdb2 + - credentials_anydb_oracledb + - credentials_anydb_sapase + - credentials_anydb_sapmaxdb + - credentials_nwas_ssfs + - credentials_hdbuserstore + - db_config_hana + - db_config_anydb_all + - db_config_anydb_ibmdb2 + - db_config_anydb_oracledb + - db_config_anydb_oracledb_121 + - db_config_anydb_oracledb_122 + - db_config_anydb_oracledb_19 + - db_config_anydb_sapase + - db_config_anydb_sapmaxdb + - db_connection_nw_hana + - db_connection_nw_anydb_ibmdb2 + - db_connection_nw_anydb_oracledb + - db_connection_nw_anydb_sapase + - db_restore_hana + - nw_config_anydb + - nw_config_other + - nw_config_central_services_abap + - nw_config_central_services_java + - nw_config_primary_application_server_instance + - nw_config_additional_application_server_instance + - nw_config_ers + - nw_config_ports + - nw_config_java_ume + - nw_config_java_feature_template_ids + - nw_config_java_icm_credentials + - nw_config_webdisp_generic + - nw_config_webdisp_gateway + - nw_config_host_agent + - nw_config_post_load_abap_reports + - nw_config_livecache + - nw_config_sld + - nw_config_abap_language_packages + - sap_os_linux_user +``` + + +### Variables to define software paths + +#### sap_swpm_sapcar_path +- _Type:_ `string` + +Define path to directory with SAPCAR file. + +#### sap_swpm_sapcar_file_name +- _Type:_ `string` + +(Optional) Define name of SAPCAR file, or leave for auto-detection. + +#### sap_swpm_swpm_path +- _Type:_ `string` + +Define path to directory with SWPM. + +#### sap_swpm_swpm_sar_file_name +- _Type:_ `string` + +(Optional) Define name of SWPM file, or leave for auto-detection. + +#### sap_swpm_software_extract_directory +- _Type:_ `string` + +(Optional) Define path to directory with unpacked SWPM file. + +#### sap_swpm_software_use_media +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to use SAP Media files instead of SAR files.
+- SWPM2 (New SAP products like S4H, BW4H) uses SAR files.
+- SWPM1 (Older SAP products) use CD Media files. + +#### sap_swpm_inifile_directory +- _Type:_ `string` + +Define directory where sapinst inifile will be stored. + +#### sap_swpm_install_saphostagent +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` to disable installation of SAP Hostagent. **Not recommended** + + +### Variables specific to SAP Netweaver + +#### sap_swpm_product_catalog_id +- _Type:_ `string` + +Define SWPM Product catalog ID for installation. Example for SAP ASCS Netweaver: `NW_ABAP_ASCS:NW750.HDB.ABAPHA`. + +#### sap_swpm_sid +- _Type:_ `string` + +Define SAP System ID (SID) for installation. + +#### sap_swpm_ascs_instance_nr +- _Type:_ `string` + +Define SAP Netweaver ABAP Central Services (ASCS) instance number. + +#### sap_swpm_ascs_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver ABAP Central Services (ASCS) hostname. + +#### sap_swpm_ers_instance_nr +- _Type:_ `string` + +Define SAP Netweaver Enqueue Replication Server (ERS) instance number. + +#### sap_swpm_ers_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver Enqueue Replication Server (ERS) hostname. + +#### sap_swpm_pas_instance_nr +- _Type:_ `string` + +Define SAP Netweaver Primary Application Server (PAS) instance number. + +#### sap_swpm_pas_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver Primary Application Server (PAS) hostname. + +#### sap_swpm_aas_instance_nr +- _Type:_ `string` + +Define SAP Netweaver Additional Application Server (AAS) instance number. + +#### sap_swpm_aas_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver Additional Application Server (AAS) hostname. + +#### sap_swpm_java_scs_instance_nr +- _Type:_ `string` + +Define SAP Netweaver JAVA Central Services (SCS) instance number. + +#### sap_swpm_java_scs_instance_hostname +- _Type:_ `string` + +Define SAP Netweaver JAVA Central Services (SCS) hostname. + +#### sap_swpm_master_password +- _Type:_ `string` + +Define master password used for all users created during SWPM execution. + +#### sap_swpm_ddic_000_password +- _Type:_ `string` + +Define DDIC user password in client 000 for new install, or existing for restore. + +#### sap_swpm_virtual_hostname +- _Type:_ `string` + +Define virtual hostname when installing High Available instances (e.g. SAP ASCS/ERS cluster). + + +### Variables specific to SAP HANA Database Installation + +#### sap_swpm_db_ip +- _Type:_ `string` + +Define IP Address of database host for /etc/hosts update. + +#### sap_swpm_db_fqdn +- _Type:_ `string` + +Define FQDN of database host for /etc/hosts update. + +#### sap_swpm_db_host +- _Type:_ `string` + +Define hostname of database host for /etc/hosts update. + +#### sap_swpm_db_sid +- _Type:_ `string` + +Define database ID (SID). + +#### sap_swpm_db_instance_nr +- _Type:_ `string` + +Define database instance number. + +#### sap_swpm_db_system_password +- _Type:_ `string` + +Define database SYSTEM user password. + +#### sap_swpm_db_systemdb_password +- _Type:_ `string` + +Define database SYSTEMDB user password. + +#### sap_swpm_db_sidadm_password +- _Type:_ `string` + +Define database sidadm user password. + +#### sap_swpm_db_schema_abap +- _Type:_ `string` + +Define ABAP database schema name based on database type:
+- `SAPHANADB` for SAP HANA +- `ABAP` or `SAPABAP1` on IBM Db2 +- `SAPSR3` on Oracle DB + +#### sap_swpm_db_schema_abap_password +- _Type:_ `string` + +Define ABAP database schema password for new installation or restore from backup. + +#### sap_swpm_db_schema_java +- _Type:_ `string` + +Define JAVA database schema name. + +#### sap_swpm_db_schema_java_password +- _Type:_ `string` + +Define JAVA database schema password for new installation or restore from backup. + +#### sap_swpm_db_schema +- _Type:_ `string` + +#### sap_swpm_db_schema_password: +- _Type:_ `string` + + +### Variables specific to SAP JAVA UME + +#### sap_swpm_ume_client_nr +- _Type:_ `string` +- _Default:_ `000` + +Define client number of JAVA UME. + +#### sap_swpm_ume_type +- _Type:_ `string` + +Define type of JAVA UME. + +#### sap_swpm_ume_instance_nr +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_pas_instance_nr }}` + +Define instance number of JAVA UME. + +#### sap_swpm_ume_j2ee_admin_password +- _Type:_ `string` + +Define admin password for JAVA UME. + +#### sap_swpm_ume_j2ee_guest_password +- _Type:_ `string` + +Define guest password for JAVA UME. + +#### sap_swpm_ume_sapjsf_password +- _Type:_ `string` + +Define sapjsf password for JAVA UME. + +#### sap_swpm_ume_instance_hostname +- _Type:_ `string` + +Define instance hostname of JAVA UME. + + +### Variables specific to SAP HANA Database Restore + +#### sap_swpm_backup_location +- _Type:_ `string` + +Define directory with SAP HANA Backup files. + +#### sap_swpm_backup_prefix +- _Type:_ `string` + +Define prefix of SAP HANA Backup files. + +#### sap_swpm_backup_system_password +- _Type:_ `string` + +Define SAP HANA SYSTEM password from source database. + + +### Variables specific to SAP Web Dispatcher + +#### sap_swpm_wd_instance_nr +- _Type:_ `string` + +Define instance number of SAP Web Dispatcher. + +#### sap_swpm_wd_system_connectivity +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to set parameter `configureSystemConnectivity` to true during installation. + +#### sap_swpm_wd_activate_icf +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to activate ICF. + +#### sap_swpm_wd_backend_sid +- _Type:_ `string` + +Define backend SID for SAP Web Dispatcher connection. + +#### sap_swpm_wd_backend_ms_http_port +- _Type:_ `string` + +Define backend message server HTTP port for SAP Web Dispatcher connection. + +#### sap_swpm_wd_backend_ms_host +- _Type:_ `string` + +Define backend message server hostname for SAP Web Dispatcher connection. + +#### sap_swpm_wd_backend_rfc_host +- _Type:_ `string` + +Define backend hostname for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_rfc_instance_nr +- _Type:_ `string` + +Define backend instance number for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_rfc_client_nr +- _Type:_ `string` +- _Default:_ `000` + +Define backend SAP client for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_rfc_user +- _Type:_ `string` +- _Default:_ `DDIC` + +Define backend SAP user for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_rfc_user_password +- _Type:_ `string` + +Define password for backend SAP user for SAP Web Dispatcher RFC connection. + +#### sap_swpm_wd_backend_scenario_size +- _Type:_ `string` + +Define to set parameter `scenarioSize` during installation. + +#### sap_swpm_wd_virtual_host +- _Type:_ `string` + +Define virtual hostname of SAP Web Dispatcher. + + +### Variables for Linux User + +#### sap_swpm_sapadm_password +- _Type:_ `string` + +Define password for Linux user SAPADM. + +#### sap_swpm_sap_sidadm_password +- _Type:_ `string` + +Define password for Linux user SIDADM. + +#### sap_swpm_sapadm_uid +- _Type:_ `string` + +Define UID of Linux user SAPADM. + +#### sap_swpm_sapsys_gid +- _Type:_ `string` + +Define GID of Linux group SAPSYS. + +#### sap_swpm_sidadm_uid +- _Type:_ `string` + +Define UID of Linux user SIDADM. + + +### Miscellaneous Variables + +#### sap_swpm_ascs_install_gateway +- _Type:_ `string` +- _Default:_ `true` + +Enable to install gateway as part of ASCS installation. + +#### sap_swpm_parallel_jobs_nr +- _Type:_ `string` +- _Default:_ `23` + +Define to limit number of parallel extraction SAP HANA jobs. + +#### sap_swpm_diagnostics_agent_password +- _Type:_ `string` + +Define password for Diagnostic Agent. + +#### sap_swpm_igs_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for SAP IGS file. `sap_swpm_software_path` is used by default. + +#### sap_swpm_igs_file_name +- _Type:_ `string` + +Define individual name of SAP IGS file. Newest file is auto-detected in `sap_swpm_igs_path`. + +#### sap_swpm_igs_helper_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for SAP IGS Helper file. `sap_swpm_software_path` is used by default. + +#### sap_swpm_igs_helper_file_name +- _Type:_ `string` + +Define individual name of SAP IGS Helper file. Newest file is auto-detected in `sap_swpm_igs_helper_path`. + +#### sap_swpm_kernel_dependent_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for Database dependent kernel files. `sap_swpm_software_path` is used by default. + +#### sap_swpm_kernel_dependent_file_name +- _Type:_ `string` + +Define individual name of Database dependent kernel file. Newest file is auto-detected in `sap_swpm_kernel_dependent_path`. + +#### sap_swpm_kernel_independent_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for Database independent kernel files. `sap_swpm_software_path` is used by default. + +#### sap_swpm_kernel_independent_file_name +- _Type:_ `string` + +Define individual name of Database independent kernel file. Newest file is auto-detected in `sap_swpm_kernel_independent_path`. + +#### sap_swpm_web_dispatcher_path +- _Type:_ `string` +- _Default:_ `{{ sap_swpm_software_path }}` + +Define individual path for SAP Web Dispatcher files. `sap_swpm_software_path` is used by default. + +#### sap_swpm_web_dispatcher_file_name +- _Type:_ `string` + +Define individual name of SAP Web Dispatcher file. Newest file is auto-detected in `sap_swpm_web_dispatcher_path`. + +#### sap_swpm_fqdn +- _Type:_ `string` + +Define FQDN for SAP Installation. + +#### sap_swpm_set_fqdn +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` to disable enabling of FQDN during SWPM. + +#### sap_swpm_use_password_file +- _Type:_ `string` +- _Default:_ `n` + +Set to `y` to use encrypted password file for SWPM execution.
Location has to be same as parameter file location. + +#### sap_swpm_password_file_path +- _Type:_ `string` + +Define path to encrypted password file, used when `sap_swpm_use_password_file` is set to `y`. + +#### sap_swpm_use_livecache +- _Type:_ `bool` +- _Default:_ `false` + +Enable to use Livecache + +#### sap_swpm_load_type +- _Type:_ `string` +- _Default:_ `SAP` + +Define load type parameter `loadType`. + +#### sap_swpm_generic +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to execute `sap_swpm` role in generic auto-detection mode, ignoring steps for individual detection. + +#### sap_swpm_swpm_installation_type +- _Type:_ `string` + +Define installation type method. Available types: `restore`, `ha`, `maint_plan_stack`, `ha_maint_plan_stack`.
+Installation type is auto-detected from `sap_swpm_product_catalog_id`. + +#### sap_swpm_swpm_command_virtual_hostname +- _Type:_ `string` + +Define to override default virtual hostname `sap_swpm_virtual_hostname` sapinst command used for HA installation. + +#### sap_swpm_swpm_command_mp_stack +- _Type:_ `string` + +Define to override default sapinst command parameter for Maintenance Plan stack file. + +#### sap_swpm_setup_firewall +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to configure firewall after SWPM execution. + +#### sap_swpm_update_etchosts +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to to update `/etc/hosts` file with SAP system details for SWPM execution. + +#### sap_swpm_display_unattended_output +- _Type:_ `bool` +- _Default:_ `false` + +Set to `true` to display what sapinst command is being executed. + + +### Variables for setting owner, group, and permissions for the SAP files in `sap_swpm_software_path` + +#### sap_swpm_set_file_permissions +- _Type:_ `bool` +- _Default:_ `true` + +Set to `false` to not change the owner, group, and permissions of the files in `sap_swpm_software_path`. + +#### sap_swpm_software_directory_mode +- _Type:_ `string` +- _Default:_ `0755` + +Set permissions for all directories in `sap_swpm_software_path`. + +#### sap_swpm_software_directory_owner +- _Type:_ `string` +- _Default:_ `root` + +Set owner for all directories in `sap_swpm_software_path`. + +#### sap_swpm_software_directory_group +- _Type:_ `string` +- _Default:_ `root` + +Set group ownership for all directories in `sap_swpm_software_path`. + +#### sap_swpm_files_sapcar_mode +- _Type:_ `string` +- _Default:_ `0755` + +Set permissions for SAPCAR file in `sap_swpm_sapcar_path`. + +#### sap_swpm_files_sapcar_owner +- _Type:_ `string` +- _Default:_ `root` + +Set owner for SAPCAR file in `sap_swpm_sapcar_path`. + +#### sap_swpm_files_sapcar_group +- _Type:_ `string` +- _Default:_ `root` + +Set group ownership for SAPCAR file in `sap_swpm_sapcar_path`. + +#### sap_swpm_files_non_sapcar_mode +- _Type:_ `string` +- _Default:_ `0644` + +Set permissions for all non-SAPCAR files in `sap_swpm_software_path` and for SWPM*.SAR files in `sap_swpm_swpm_path`. + +#### sap_swpm_files_non_sapcar_owner +- _Type:_ `string` +- _Default:_ `root` + +Set owner for all non-SAPCAR files in `sap_swpm_software_path` and for SWPM*.SAR files in `sap_swpm_swpm_path`. + +#### sap_swpm_files_non_sapcar_group +- _Type:_ `string` +- _Default:_ `root` + +Set group ownership for all non-SAPCAR files in `sap_swpm_software_path` and for SWPM*.SAR files in `sap_swpm_swpm_path`. + \ No newline at end of file From cdb5f4f1d0e266c65e6547e3df3b8e26a54680a7 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 21 Oct 2024 18:08:23 +0200 Subject: [PATCH 37/51] sap_swpm: Use sap_maintain_etc_hosts role; use booleans Signed-off-by: Bernd Finger --- roles/sap_swpm/defaults/main.yml | 30 +++++----- roles/sap_swpm/tasks/post_install.yml | 2 +- roles/sap_swpm/tasks/pre_install.yml | 4 +- roles/sap_swpm/tasks/pre_install/firewall.yml | 4 +- .../tasks/pre_install/prepare_software.yml | 2 +- .../tasks/pre_install/swpm_prepare.yml | 2 +- .../tasks/pre_install/update_etchosts.yml | 58 +++++++------------ 7 files changed, 44 insertions(+), 58 deletions(-) diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index a18855aa..74cfd477 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -154,7 +154,7 @@ sap_swpm_software_extract_directory: # e.g. /software/sap_swpm_extracted # Note: # When using SWPM2 (for modern SAP products such as S/4 B/4), using .SAR files is recommended - param value should be false # When using SWPM1 (for older SAP products), using CD Media is the only choice - param value should be true -sap_swpm_software_use_media: 'false' +sap_swpm_software_use_media: false # Main path that this role will look for .SAR files #sap_swpm_software_path: /software/sapfiles @@ -190,12 +190,12 @@ sap_swpm_ibmdb2_unpack_path: "/db2/db2{{ sap_swpm_db_sid | lower }}/db2_software sap_swpm_mp_stack_path: sap_swpm_mp_stack_file_name: # SUM -sap_swpm_sum_prepare: 'false' -sap_swpm_sum_start: 'false' +sap_swpm_sum_prepare: false +sap_swpm_sum_start: false sap_swpm_sum_batch_file: -sap_swpm_spam_update: 'false' +sap_swpm_spam_update: false sap_swpm_spam_update_sar: -sap_swpm_configure_tms: 'true' +sap_swpm_configure_tms: true sap_swpm_tmsadm_password: sap_swpm_tms_tr_files_path: # --- Experimental --- # @@ -210,7 +210,7 @@ sap_swpm_swpm_observer_mode: false sap_swpm_swpm_remote_access_user: # --- Experimental - SWPM Observer mode --- # -sap_swpm_install_saphostagent: 'true' +sap_swpm_install_saphostagent: true ######################################## @@ -362,7 +362,7 @@ sap_swpm_backup_prefix: sap_swpm_backup_system_password: # ASCS Install Gateway -sap_swpm_ascs_install_gateway: "true" +sap_swpm_ascs_install_gateway: true ######################################## @@ -373,8 +373,8 @@ sap_swpm_ascs_install_gateway: "true" sap_swpm_wd_instance_nr: -sap_swpm_wd_system_connectivity: 'false' -sap_swpm_wd_activate_icf: 'false' +sap_swpm_wd_system_connectivity: false +sap_swpm_wd_activate_icf: false sap_swpm_wd_backend_sid: sap_swpm_wd_backend_ms_http_port: sap_swpm_wd_backend_ms_host: @@ -427,18 +427,18 @@ sap_swpm_kernel_independent_file_name: sap_swpm_web_dispatcher_path: sap_swpm_web_dispatcher_file_name: sap_swpm_fqdn: -sap_swpm_set_fqdn: "true" +sap_swpm_set_fqdn: true # If the template to use already has the passwords and they are encrypted the password file must be in the same path as the parameter file -sap_swpm_use_password_file: "n" +sap_swpm_use_password_file: false sap_swpm_password_file_path: -sap_swpm_use_livecache: "false" +sap_swpm_use_livecache: false sap_swpm_ddic_001_password: sap_swpm_load_type: 'SAP' -sap_swpm_generic: 'false' +sap_swpm_generic: false # SWPM sap_swpm_swpm_installation_type: "" @@ -447,10 +447,10 @@ sap_swpm_swpm_command_virtual_hostname: "" sap_swpm_swpm_command_mp_stack: "" # Firewall setup -sap_swpm_setup_firewall: 'false' +sap_swpm_setup_firewall: false # Update /etc/hosts -sap_swpm_update_etchosts: 'false' +sap_swpm_update_etchosts: false # Display SAP SWPM Unattended Mode output (sapinst stdout) sap_swpm_display_unattended_output: false diff --git a/roles/sap_swpm/tasks/post_install.yml b/roles/sap_swpm/tasks/post_install.yml index 935ed057..65fba3cf 100644 --- a/roles/sap_swpm/tasks/post_install.yml +++ b/roles/sap_swpm/tasks/post_install.yml @@ -17,7 +17,7 @@ - name: SAP SWPM Post Install - Firewall Setup ansible.builtin.include_tasks: post_install/firewall.yml when: - - "sap_swpm_setup_firewall | bool" + - sap_swpm_setup_firewall ######################################################################################################################## diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 3e843656..803ad9c9 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -142,7 +142,7 @@ tags: sap_swpm_setup_firewall when: - sap_swpm_run_sapinst - - "sap_swpm_setup_firewall | bool" + - sap_swpm_setup_firewall tags: sap_swpm_setup_firewall # /etc/hosts @@ -154,7 +154,7 @@ tags: sap_swpm_update_etchosts when: - sap_swpm_run_sapinst - - "sap_swpm_update_etchosts | bool" + - sap_swpm_update_etchosts tags: sap_swpm_update_etchosts ################ diff --git a/roles/sap_swpm/tasks/pre_install/firewall.yml b/roles/sap_swpm/tasks/pre_install/firewall.yml index f27aea55..a36cb164 100644 --- a/roles/sap_swpm/tasks/pre_install/firewall.yml +++ b/roles/sap_swpm/tasks/pre_install/firewall.yml @@ -54,7 +54,7 @@ - "51000" - "64997" when: - - not sap_swpm_generic | bool + - not sap_swpm_generic - name: SAP SWPM Pre Install - Add Ports Based on NR - {{ sap_swpm_db_instance_nr }} ansible.builtin.include_tasks: update_firewall.yml @@ -62,7 +62,7 @@ loop_control: loop_var: passed_port when: - - not sap_swpm_generic | bool + - not sap_swpm_generic # Reason for noqa: We currently do not determine if reloading the firewall changes anything - name: SAP SWPM Pre Install - Reload Firewall # noqa no-changed-when diff --git a/roles/sap_swpm/tasks/pre_install/prepare_software.yml b/roles/sap_swpm/tasks/pre_install/prepare_software.yml index 62ca21d1..26e40fb9 100644 --- a/roles/sap_swpm/tasks/pre_install/prepare_software.yml +++ b/roles/sap_swpm/tasks/pre_install/prepare_software.yml @@ -177,7 +177,7 @@ - sap_swpm_set_file_permissions - name: SAP SWPM Pre Install - Full SAP System - when: not sap_swpm_generic | bool + when: not sap_swpm_generic block: # 3. IGS diff --git a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml index bbb21945..f2ae6cb6 100644 --- a/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml +++ b/roles/sap_swpm/tasks/pre_install/swpm_prepare.yml @@ -26,7 +26,7 @@ dest: "{{ sap_swpm_tmpdir.path }}/instkey.pkey" remote_src: yes mode: '0640' - when: sap_swpm_use_password_file == "y" + when: sap_swpm_use_password_file # Create the SWPM inifile - name: SAP SWPM Pre Install - Generate the SWPM inifile diff --git a/roles/sap_swpm/tasks/pre_install/update_etchosts.yml b/roles/sap_swpm/tasks/pre_install/update_etchosts.yml index 4adbdcf3..815ae29e 100644 --- a/roles/sap_swpm/tasks/pre_install/update_etchosts.yml +++ b/roles/sap_swpm/tasks/pre_install/update_etchosts.yml @@ -1,75 +1,61 @@ # SPDX-License-Identifier: Apache-2.0 --- -# Update etc hosts for NW +# Update /etc/hosts for NW -- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for NW due to missing 'sap_swpm_fqdn' +- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' will not be configured for NW due to missing 'sap_swpm_fqdn' ansible.builtin.debug: msg: "WARN: Not configuring NW entries in '/etc/hosts' because 'sap_swpm_fqdn' is not defined!" when: (sap_swpm_fqdn | type_debug == 'NoneType') or (sap_swpm_fqdn | length == 0) -# Update etc hosts for HANA - - name: SAP SWPM Pre Install - Update '/etc/hosts' for NW + ansible.builtin.import_role: + name: 'community.sap_install.sap_maintain_etc_hosts' + vars: + sap_maintain_etc_hosts_list: + - node_ip: "{{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }}" + node_name: "{{ ansible_hostname }}" + node_domain: "{{ sap_swpm_fqdn }}" + state: present when: - "sap_swpm_fqdn | type_debug != 'NoneType'" - "sap_swpm_fqdn | length > 0" - block: - - - name: SAP SWPM Pre Install - Deduplicate values from '/etc/hosts' - ansible.builtin.lineinfile: - path: /etc/hosts - create: false - regexp: (?i)^\s*{{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }}\s+ - state: absent -# Reason for noqa: 1. Tabs can increase readability; -# 2. Tabs are allowed for /etc/hosts - - name: SAP SWPM Pre Install - Update '/etc/hosts' with NW entry # noqa no-tabs - ansible.builtin.lineinfile: - path: /etc/hosts - line: "{{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }}\t{{ ansible_hostname }}.{{ sap_swpm_fqdn }}\t{{ ansible_hostname }}" +# Update /etc/hosts for HANA -- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA due to missing 'sap_swpm_db_ip' +- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' will not be configured for HANA due to missing 'sap_swpm_db_ip' ansible.builtin.debug: msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_ip' is not defined!" when: (sap_swpm_db_ip | type_debug == 'NoneType') or (sap_swpm_db_ip | length == 0) -- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA due to missing 'sap_swpm_db_host' +- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' will not be configured for HANA due to missing 'sap_swpm_db_host' ansible.builtin.debug: msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_host' is not defined!" when: (sap_swpm_db_host | type_debug == 'NoneType') or (sap_swpm_db_host | length == 0) -- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA because 'sap_swpm_db_host' is the current host +- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' will not be configured for HANA because 'sap_swpm_db_host' is the current host ansible.builtin.debug: msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_host' is the current host!" when: sap_swpm_db_host == ansible_hostname - name: SAP SWPM Pre Install - Update '/etc/hosts' for HANA + ansible.builtin.import_role: + name: 'community.sap_install.sap_maintain_etc_hosts' + vars: + sap_maintain_etc_hosts_list: + - node_ip: "{{ sap_swpm_db_ip }}" + node_name: "{{ sap_swpm_db_host }}" + node_domain: "{{ sap_swpm_fqdn }}" + state: present when: - "sap_swpm_db_ip | type_debug != 'NoneType'" - "sap_swpm_db_ip | length > 0" - "sap_swpm_db_host | type_debug != 'NoneType'" - "sap_swpm_db_host | length > 0" - "sap_swpm_db_host != ansible_hostname" - block: - - - name: SAP SWPM Pre Install - Deduplicate values from '/etc/hosts' - ansible.builtin.lineinfile: - path: /etc/hosts - create: false - regexp: (?i)^\s*{{ sap_swpm_db_ip }}\s+ - state: absent - -# Reason for noqa: 1. Tabs can increase readability; -# 2. Tabs are allowed for /etc/hosts - - name: SAP SWPM Pre Install - Update '/etc/hosts' with HANA entry # noqa no-tabs - ansible.builtin.lineinfile: - path: /etc/hosts - line: "{{ sap_swpm_db_ip }}\t{{ sap_swpm_db_host }}.{{ sap_swpm_fqdn }}\t{{ sap_swpm_db_host }}" From 6ad2e85afaa8ff93bb3bfc5a26c998956a9a76a1 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 28 Oct 2024 16:36:34 +0100 Subject: [PATCH 38/51] sap_swpm: Add support for HA virtual hostname resolution Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 6 ++- roles/sap_swpm/defaults/main.yml | 2 +- roles/sap_swpm/tasks/pre_install.yml | 12 +++++ .../assert_hostname_resolution_for_ha.yml | 48 +++++++++++++++++++ 4 files changed, 65 insertions(+), 3 deletions(-) create mode 100644 roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index 04c7360a..aafa3f75 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -414,7 +414,9 @@ Define DDIC user password in client 000 for new install, or existing for restore - _Type:_ `string` Define virtual hostname when installing High Available instances (e.g. SAP ASCS/ERS cluster). - +The role attempts to resolve `sap_swpm_virtual_hostname` on the managed node, using DNS and /etc/hosts, and will fail +if this hostname resolution fails. The role will also fail if the IPv4 address for `sap_swpm_virtual_hostname` is +not part of the IPv4 addresses of the managed node. ### Variables specific to SAP HANA Database Installation @@ -856,4 +858,4 @@ Set owner for all non-SAPCAR files in `sap_swpm_software_path` and for SWPM*.SAR - _Default:_ `root` Set group ownership for all non-SAPCAR files in `sap_swpm_software_path` and for SWPM*.SAR files in `sap_swpm_swpm_path`. - \ No newline at end of file + diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index 74cfd477..45d31984 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -246,7 +246,7 @@ sap_swpm_sapstar_000_password: # initial = not an HA setup # set this in the input file when installing ascs, ers to indicate an HA setup -sap_swpm_virtual_hostname: "initial" +sap_swpm_virtual_hostname: ######################################## diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 803ad9c9..23bdbfb7 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -147,6 +147,18 @@ # /etc/hosts +- name: SAP SWPM Pre Install - Assert hostname resolution for HA + ansible.builtin.include_tasks: + file: pre_install/assert_hostname_resolution_for_ha.yml + apply: + tags: sap_swpm_update_etchosts + when: + - sap_swpm_run_sapinst + - sap_swpm_update_etchosts + - sap_swpm_virtual_hostname | type_debug != 'NoneType' + - sap_swpm_virtual_hostname | length > 0 + tags: sap_swpm_update_etchosts + - name: SAP SWPM Pre Install - Update /etc/hosts ansible.builtin.include_tasks: file: pre_install/update_etchosts.yml diff --git a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml new file mode 100644 index 00000000..af8d26c0 --- /dev/null +++ b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml @@ -0,0 +1,48 @@ +# SPDX-License-Identifier: Apache-2.0 +--- + +# Assert HA settings + +- name: SAP SWPM Pre Install - HA settings - Ensure the dig command is present + ansible.builtin.package: + name: bind-utils + state: present + +- name: SAP SWPM Pre Install - HA settings - Try to resolve sap_swpm_virtual_hostname from DNS + ansible.builtin.command: dig +short +tries=1 +time=1 "{{ sap_swpm_virtual_hostname }}" + register: __sap_swpm_register_virtual_ip_dns + changed_when: false + failed_when: false + +- name: SAP SWPM Pre Install - HA settings - Assign sap_swpm_virtual_ip from DNS + ansible.builtin.set_fact: + __sap_swpm_fact_virtual_ip: "{{ __sap_swpm_register_virtual_ip_dns.stdout_lines[-1] }}" + when: __sap_swpm_register_virtual_ip_dns.stdout_lines | length > 0 + +- name: SAP SWPM Pre Install - HA settings - Try using /etc/hosts for name resolution + when: __sap_swpm_register_virtual_ip_dns.stdout_lines | length == 0 + block: + + - name: SAP SWPM Pre Install - HA settings - Try to resolve sap_swpm_virtual_hostname from /etc/hosts + ansible.builtin.shell: | + awk '/\s{{ sap_swpm_virtual_hostname }}\./||/\s{{ sap_swpm_virtual_hostname }}/{print $1}' /etc/hosts + register: __sap_swpm_register_virtual_ip_etc_hosts + changed_when: false + failed_when: false + + - name: SAP SWPM Pre Install - HA settings - Assign sap_swpm_virtual_ip from /etc/hosts + ansible.builtin.set_fact: + __sap_swpm_fact_virtual_ip: "{{ __sap_swpm_register_virtual_ip_etc_hosts.stdout_lines[-1] }}" + when: __sap_swpm_register_virtual_ip_etc_hosts.stdout_lines | length > 0 + +- name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_virtual_hostname can be resolved + ansible.builtin.assert: + that: __sap_swpm_fact_virtual_ip | length > 0 + fail_msg: "FAIL: sap_swpm_virtual_hostname cannot be resolved!" + success_msg: "PASS: sap_swpm__virtual_hostname can be resolved." + +- name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_fact_virtual_ip is part of ansible_all_ipv4_addresses + ansible.builtin.assert: + that: __sap_swpm_fact_virtual_ip in ansible_all_ipv4_addresses + fail_msg: "FAIL: __sap_swpm_fact_virtual_ip is not part of ansible_all_ipv4_addresses!" + success_msg: "PASS: __sap_swpm_fact_virtual_ip is part of ansible_all_ipv4_addresses." From e448e6944757ff537defc090bb3978287e43d6e6 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 31 Oct 2024 10:01:51 +0100 Subject: [PATCH 39/51] sap_swpm: remove roles/sap_swpm/requirements.yml This file should only exist on the collection level. Signed-off-by: Bernd Finger --- roles/sap_swpm/requirements.yml | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 roles/sap_swpm/requirements.yml diff --git a/roles/sap_swpm/requirements.yml b/roles/sap_swpm/requirements.yml deleted file mode 100644 index 57520f35..00000000 --- a/roles/sap_swpm/requirements.yml +++ /dev/null @@ -1,6 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- -collections: - - name: https://github.com/ansible-collections/community.general - type: git - version: main From 7d1ff33f17538d774f2724f3f48b9fde0cb74086 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 4 Nov 2024 13:33:09 +0100 Subject: [PATCH 40/51] sap_swpm: Implement changes requested for virtual IP checks Signed-off-by: Bernd Finger --- .../pre_install/assert_hostname_resolution_for_ha.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml index af8d26c0..87f31897 100644 --- a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml +++ b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml @@ -37,12 +37,12 @@ - name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_virtual_hostname can be resolved ansible.builtin.assert: - that: __sap_swpm_fact_virtual_ip | length > 0 - fail_msg: "FAIL: sap_swpm_virtual_hostname cannot be resolved!" - success_msg: "PASS: sap_swpm__virtual_hostname can be resolved." + that: __sap_swpm_fact_virtual_ip is defined and __sap_swpm_fact_virtual_ip | length > 0 + fail_msg: "FAIL: {{ sap_swpm_virtual_hostname }} cannot be resolved!" + success_msg: "PASS: {{ sap_swpm_virtual_hostname }} can be resolved." - name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_fact_virtual_ip is part of ansible_all_ipv4_addresses ansible.builtin.assert: that: __sap_swpm_fact_virtual_ip in ansible_all_ipv4_addresses - fail_msg: "FAIL: __sap_swpm_fact_virtual_ip is not part of ansible_all_ipv4_addresses!" - success_msg: "PASS: __sap_swpm_fact_virtual_ip is part of ansible_all_ipv4_addresses." + fail_msg: "FAIL: {{ __sap_swpm_fact_virtual_ip }} is not part of ansible_all_ipv4_addresses!" + success_msg: "PASS: {{ __sap_swpm_fact_virtual_ip }} is part of ansible_all_ipv4_addresses." From e62a8296b294b998f9133866edd61849716b697b Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 4 Nov 2024 13:41:48 +0100 Subject: [PATCH 41/51] sap_swpm: Run the virtual IP checks before the swpm_prepare tasks Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/pre_install.yml | 29 ++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/roles/sap_swpm/tasks/pre_install.yml b/roles/sap_swpm/tasks/pre_install.yml index 23bdbfb7..9d406993 100644 --- a/roles/sap_swpm/tasks/pre_install.yml +++ b/roles/sap_swpm/tasks/pre_install.yml @@ -119,6 +119,23 @@ sap_swpm_inifile_parameters_dict: "{{ sap_swpm_inifile_parameters_dict | d({}) }}" tags: always +# Assert correct hostname and IP resolution of virtual hostname and IP if: +# - sapinst is requested to be run, and +# - /etc/hosts file is requested to be updated, and +# - sap_swpm_virtual_hostname has been defined + +- name: SAP SWPM Pre Install - Assert hostname resolution for HA + ansible.builtin.include_tasks: + file: pre_install/assert_hostname_resolution_for_ha.yml + apply: + tags: sap_swpm_update_etchosts + when: + - sap_swpm_run_sapinst + - sap_swpm_update_etchosts + - sap_swpm_virtual_hostname | type_debug != 'NoneType' + - sap_swpm_virtual_hostname | length > 0 + tags: sap_swpm_update_etchosts + ################ # Run Preinstallation Steps Based on Run Mode ################ @@ -147,18 +164,6 @@ # /etc/hosts -- name: SAP SWPM Pre Install - Assert hostname resolution for HA - ansible.builtin.include_tasks: - file: pre_install/assert_hostname_resolution_for_ha.yml - apply: - tags: sap_swpm_update_etchosts - when: - - sap_swpm_run_sapinst - - sap_swpm_update_etchosts - - sap_swpm_virtual_hostname | type_debug != 'NoneType' - - sap_swpm_virtual_hostname | length > 0 - tags: sap_swpm_update_etchosts - - name: SAP SWPM Pre Install - Update /etc/hosts ansible.builtin.include_tasks: file: pre_install/update_etchosts.yml From 71a78110ee515d8a0f231feffdc4781bd51aa201 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 4 Nov 2024 14:29:41 +0100 Subject: [PATCH 42/51] sap_swpm: Perform additional assertions for the install type ... and for the presence of sap_swpm_virtual_hostname in case of HA installation types Signed-off-by: Bernd Finger --- .../tasks/pre_install/install_type.yml | 40 ++++++++++++++++--- 1 file changed, 35 insertions(+), 5 deletions(-) diff --git a/roles/sap_swpm/tasks/pre_install/install_type.yml b/roles/sap_swpm/tasks/pre_install/install_type.yml index 10936a31..869f90f8 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type.yml @@ -58,11 +58,41 @@ # Run Installation Type Steps ################ -- name: SAP SWPM Pre Install - Display the Installation Type - ansible.builtin.debug: - msg: "The Installation Type is: '{{ sap_swpm_swpm_installation_type }}'" - when: "sap_swpm_swpm_installation_type | length > 0" +- name: SAP SWPM Pre Install - Assert installation type is defined (including empty) + ansible.builtin.assert: + that: + - sap_swpm_swpm_installation_type is defined + fail_msg: + - "The installation type (variable 'sap_swpm_swpm_installation_type') is not defined!" + success_msg: + - "The installation type (variable 'sap_swpm_swpm_installation_type') is defined (including an empty string)." + +- name: SAP SWPM Pre Install - Assert supported installation types + ansible.builtin.assert: + that: + - sap_swpm_swpm_installation_type == '' or + sap_swpm_swpm_installation_type == 'restore' or + sap_swpm_swpm_installation_type == 'ha' or + sap_swpm_swpm_installation_type == 'maint_plan_stack' or + sap_swpm_swpm_installation_type == 'ha_maint_plan_stack' + fail_msg: + - "The specified installation type, '{{ sap_swpm_swpm_installation_type }}', is not supported!" + - "The following installation types are supported:" + - "- '' (empty string, the default)" + - "- 'restore'" + - "- 'ha'" + - "- 'maint_plan_stack'" + - "- 'ha_maint_plan_stack'" + success_msg: + - "The specified installation type, '{{ sap_swpm_swpm_installation_type }}', is supported." + +- name: SAP SWPM Pre Install - Assert that necessary variable for HA is defined + ansible.builtin.assert: + that: sap_swpm_virtual_hostname is defined and sap_swpm_virtual_hostname + fail_msg: "FAIL: {{ sap_swpm_virtual_hostname }} is not defined!" + success_msg: "PASS: The variable 'sap_swpm_virtual_hostname' is defined, as '{{ sap_swpm_virtual_hostname }}'." + when: + - sap_swpm_swpm_installation_type | regex_search('ha') - name: SAP SWPM Pre Install - Run Installation Type Steps ansible.builtin.include_tasks: "install_type/{{ sap_swpm_swpm_installation_type }}_install.yml" - when: "sap_swpm_swpm_installation_type | length > 0" From c50558d50199f27c4c1e51782e18ea6f0d63f700 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Tue, 5 Nov 2024 16:09:19 +0100 Subject: [PATCH 43/51] sap_swpm: Do not include the installation type file for default case Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/pre_install/install_type.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/sap_swpm/tasks/pre_install/install_type.yml b/roles/sap_swpm/tasks/pre_install/install_type.yml index 869f90f8..b5afe12f 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type.yml @@ -94,5 +94,10 @@ when: - sap_swpm_swpm_installation_type | regex_search('ha') +################ +# Installation Type file will not be included if install type is empty (= the default): +################ + - name: SAP SWPM Pre Install - Run Installation Type Steps ansible.builtin.include_tasks: "install_type/{{ sap_swpm_swpm_installation_type }}_install.yml" + when: "sap_swpm_swpm_installation_type | length > 0" From 16e61573e994d5e1565ccd52aad539fb3181af45 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Wed, 6 Nov 2024 10:43:01 +0100 Subject: [PATCH 44/51] sap_swpm: Skip comments in /etc/hosts check Signed-off-by: Bernd Finger --- .../tasks/pre_install/assert_hostname_resolution_for_ha.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml index 87f31897..c97fbcd4 100644 --- a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml +++ b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml @@ -25,7 +25,7 @@ - name: SAP SWPM Pre Install - HA settings - Try to resolve sap_swpm_virtual_hostname from /etc/hosts ansible.builtin.shell: | - awk '/\s{{ sap_swpm_virtual_hostname }}\./||/\s{{ sap_swpm_virtual_hostname }}/{print $1}' /etc/hosts + awk '/^[^#]/&&(/\s{{ sap_swpm_virtual_hostname }}\./||/\s{{ sap_swpm_virtual_hostname }}/){print $1}' /etc/hosts register: __sap_swpm_register_virtual_ip_etc_hosts changed_when: false failed_when: false From c1c43686ceec0e19be2b5ebc3f29c6083655b90e Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Wed, 6 Nov 2024 11:12:36 +0100 Subject: [PATCH 45/51] sap_swpm: Fix /etc/hosts ip address resolution Also modify the fail_msg to not resolve sap_swpm_virtual_hostname Signed-off-by: Bernd Finger --- .../tasks/pre_install/assert_hostname_resolution_for_ha.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml index c97fbcd4..4f9e075a 100644 --- a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml +++ b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml @@ -23,9 +23,10 @@ when: __sap_swpm_register_virtual_ip_dns.stdout_lines | length == 0 block: +# We assign the IP address only if there is exactly one line containing ipv4 and hostname: - name: SAP SWPM Pre Install - HA settings - Try to resolve sap_swpm_virtual_hostname from /etc/hosts ansible.builtin.shell: | - awk '/^[^#]/&&(/\s{{ sap_swpm_virtual_hostname }}\./||/\s{{ sap_swpm_virtual_hostname }}/){print $1}' /etc/hosts + awk 'BEGIN{a=0}/^[^#]/&&(/\s{{ sap_swpm_virtual_hostname }}\./||/\s{{ sap_swpm_virtual_hostname }}/){a++; ipaddr=$1}END{if(a==1){print ipaddr}}' /etc/hosts register: __sap_swpm_register_virtual_ip_etc_hosts changed_when: false failed_when: false @@ -38,7 +39,7 @@ - name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_virtual_hostname can be resolved ansible.builtin.assert: that: __sap_swpm_fact_virtual_ip is defined and __sap_swpm_fact_virtual_ip | length > 0 - fail_msg: "FAIL: {{ sap_swpm_virtual_hostname }} cannot be resolved!" + fail_msg: "FAIL: 'sap_swpm_virtual_hostname' is not defined or cannot be resolved correctly!" success_msg: "PASS: {{ sap_swpm_virtual_hostname }} can be resolved." - name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_fact_virtual_ip is part of ansible_all_ipv4_addresses From 0f087c4b91e4faf779752e7c5cd757555c6138c9 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Wed, 6 Nov 2024 13:46:02 +0100 Subject: [PATCH 46/51] sap_swpm: Improve the fail message for virt hostname resolution Signed-off-by: Bernd Finger --- .../tasks/pre_install/assert_hostname_resolution_for_ha.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml index 4f9e075a..97b7c594 100644 --- a/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml +++ b/roles/sap_swpm/tasks/pre_install/assert_hostname_resolution_for_ha.yml @@ -39,7 +39,7 @@ - name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_virtual_hostname can be resolved ansible.builtin.assert: that: __sap_swpm_fact_virtual_ip is defined and __sap_swpm_fact_virtual_ip | length > 0 - fail_msg: "FAIL: 'sap_swpm_virtual_hostname' is not defined or cannot be resolved correctly!" + fail_msg: "FAIL: 'sap_swpm_virtual_hostname' is not defined, cannot be resolved, or has multiple entries in /etc/hosts!" success_msg: "PASS: {{ sap_swpm_virtual_hostname }} can be resolved." - name: SAP SWPM Pre Install - HA settings - Assert that sap_swpm_fact_virtual_ip is part of ansible_all_ipv4_addresses From b0c7b603221b33f5af32ebd5f68724c7d42af8b7 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 8 Nov 2024 14:32:54 +0100 Subject: [PATCH 47/51] sap_hana_preconfigure: Allow setting THP to any possible value Solves issue #885. Signed-off-by: Bernd Finger --- roles/sap_hana_preconfigure/README.md | 8 ++- roles/sap_hana_preconfigure/defaults/main.yml | 4 ++ roles/sap_hana_preconfigure/handlers/main.yml | 12 ++--- .../meta/argument_specs.yml | 12 +++++ .../tasks/RedHat/generic/assert-thp.yml | 8 +++ .../tasks/RedHat/generic/configure-thp.yml | 54 +++++++++---------- 6 files changed, 59 insertions(+), 39 deletions(-) diff --git a/roles/sap_hana_preconfigure/README.md b/roles/sap_hana_preconfigure/README.md index d96e075b..52014f2a 100644 --- a/roles/sap_hana_preconfigure/README.md +++ b/roles/sap_hana_preconfigure/README.md @@ -416,6 +416,12 @@ Set this parameter to `true` to modify the Grub boot command line.
By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
Set this parameter to `false` if this is not desired.
+### sap_hana_preconfigure_thp +- _Type:_ `str` +- _Default:_ `` + +Override the default setting for THP, which is determined automatically by the role, depending on the RHEL version. + ### sap_hana_preconfigure_db_group_name - _Type:_ `str` @@ -449,4 +455,4 @@ Available values: `HANA`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-DBSERVER` (SUSE specific) On Azure, TCP timestamps, reuse and recycle should be disabled.
If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
Set this parameter to `true` on Azure.
- \ No newline at end of file + diff --git a/roles/sap_hana_preconfigure/defaults/main.yml b/roles/sap_hana_preconfigure/defaults/main.yml index 55e1ec05..393a1b01 100644 --- a/roles/sap_hana_preconfigure/defaults/main.yml +++ b/roles/sap_hana_preconfigure/defaults/main.yml @@ -166,6 +166,10 @@ sap_hana_preconfigure_run_grub2_mkconfig: true # It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999. # Example: See README.md +# sap_hana_preconfigure_thp: (not defined by default) +# Override the default setting for THP, which is determined automatically by the role, depending on the RHEL version. +# Can be one of 'always', 'madvise', or 'never'. + # (SUSE specific) Version of saptune to install. # It is recommended to install latest version by keeping this variable empty. # This will replace the current installed version if present, even downgrade if necessary. diff --git a/roles/sap_hana_preconfigure/handlers/main.yml b/roles/sap_hana_preconfigure/handlers/main.yml index 54298448..4f3887f6 100644 --- a/roles/sap_hana_preconfigure/handlers/main.yml +++ b/roles/sap_hana_preconfigure/handlers/main.yml @@ -75,16 +75,10 @@ listen: __sap_hana_preconfigure_grubby_update_handler notify: __sap_hana_preconfigure_reboot_handler -- name: "Run grubby for disabling THP" - ansible.builtin.command: grubby --args="transparent_hugepage=never" --update-kernel=ALL +- name: "Run grubby for setting THP to '{{ __sap_hana_preconfigure_fact_thp }}'" + ansible.builtin.command: grubby --args="transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}" --update-kernel=ALL changed_when: true - listen: __sap_hana_preconfigure_grubby_thp_never_handler - notify: __sap_hana_preconfigure_reboot_handler - -- name: "Run grubby for setting THP to madvise" - ansible.builtin.command: grubby --args="transparent_hugepage=madvise" --update-kernel=ALL - changed_when: true - listen: __sap_hana_preconfigure_grubby_thp_madvise_handler + listen: __sap_hana_preconfigure_grubby_thp_handler notify: __sap_hana_preconfigure_reboot_handler - name: Reboot the managed node diff --git a/roles/sap_hana_preconfigure/meta/argument_specs.yml b/roles/sap_hana_preconfigure/meta/argument_specs.yml index ecb0c5cd..098aa7db 100644 --- a/roles/sap_hana_preconfigure/meta/argument_specs.yml +++ b/roles/sap_hana_preconfigure/meta/argument_specs.yml @@ -341,6 +341,18 @@ argument_specs: required: false type: bool + sap_hana_preconfigure_thp: + default: '' + description: + - Override the default setting for THP, which is determined automatically by the role, depending on the RHEL version. + choices: + - '' + - 'always' + - 'madvise' + - 'never' + required: false + type: str + sap_hana_preconfigure_db_group_name: description: - Use this parameter to specify the name of the RHEL group which is used for the database processes. diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml index ba356730..b13bf996 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml @@ -27,6 +27,7 @@ ansible.builtin.set_fact: __sap_hana_preconfigure_fact_thp: 'never' when: + - sap_hana_preconfigure_thp is undefined or sap_hana_preconfigure_thp | length == 0 - ansible_distribution == 'RedHat' - ansible_distribution_major_version == '7' or ansible_distribution_major_version == '8' or @@ -37,10 +38,17 @@ ansible.builtin.set_fact: __sap_hana_preconfigure_fact_thp: 'madvise' when: + - sap_hana_preconfigure_thp is undefined or sap_hana_preconfigure_thp | length == 0 - ansible_distribution == 'RedHat' - ansible_distribution_major_version == '9' and __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 + - name: Set fact for THP if 'sap_hana_preconfigure_thp' is defined + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: "{{ sap_hana_preconfigure_thp }}" + when: + - sap_hana_preconfigure_thp is defined and sap_hana_preconfigure_thp + - name: Assert that 'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' is in GRUB_CMDLINE_LINUX in /etc/default/grub ansible.builtin.assert: that: "'transparent_hugepage={{ __sap_hana_preconfigure_fact_thp }}' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml index 7d056aa1..1c60776b 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml @@ -6,27 +6,37 @@ src: /proc/cmdline register: __sap_hana_preconfigure_register_proc_cmdline_thp -- name: Set THP to 'never' at boot time - ansible.builtin.command: /bin/true - notify: __sap_hana_preconfigure_grubby_thp_never_handler - changed_when: true +- name: Set fact for THP, RHEL up to RHEL 9.1 + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: 'never' when: + - sap_hana_preconfigure_thp is undefined or sap_hana_preconfigure_thp | length == 0 - ansible_distribution == 'RedHat' - - ansible_distribution_major_version == '8' or + - ansible_distribution_major_version == '7' or + ansible_distribution_major_version == '8' or ansible_distribution_version == '9.0' or ansible_distribution_version == '9.1' - - not ( __sap_hana_preconfigure_register_proc_cmdline_thp['content'] | b64decode | regex_findall('transparent_hugepage=never') ) - tags: grubconfig -- name: Set THP to 'madvise' at boot time - ansible.builtin.command: /bin/true - notify: __sap_hana_preconfigure_grubby_thp_madvise_handler - changed_when: true +- name: Set fact for THP, RHEL 9.2 and later + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: 'madvise' when: + - sap_hana_preconfigure_thp is undefined or sap_hana_preconfigure_thp | length == 0 - ansible_distribution == 'RedHat' - ansible_distribution_major_version == '9' and __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 - - not ( __sap_hana_preconfigure_register_proc_cmdline_thp['content'] | b64decode | regex_findall('transparent_hugepage=madvise') ) + +- name: Set fact for THP if 'sap_hana_preconfigure_thp' is defined + ansible.builtin.set_fact: + __sap_hana_preconfigure_fact_thp: "{{ sap_hana_preconfigure_thp }}" + when: + - sap_hana_preconfigure_thp is defined and sap_hana_preconfigure_thp + +- name: Set THP to '{{ __sap_hana_preconfigure_fact_thp }}' at boot time + ansible.builtin.command: /bin/true + notify: __sap_hana_preconfigure_grubby_thp_handler + changed_when: true + when: not ( __sap_hana_preconfigure_register_proc_cmdline_thp['content'] | b64decode | regex_findall('transparent_hugepage=' + __sap_hana_preconfigure_fact_thp) ) tags: grubconfig - name: Configure - Get initial status of THP @@ -34,24 +44,10 @@ register: __sap_hana_preconfigure_register_thp_status_before changed_when: false -- name: Set THP to 'never' on the running system - ansible.builtin.shell: echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled +- name: Set THP to '{{ __sap_hana_preconfigure_fact_thp }}' on the running system + ansible.builtin.shell: echo '{{ __sap_hana_preconfigure_fact_thp }}' > /sys/kernel/mm/transparent_hugepage/enabled changed_when: true - when: - - ansible_distribution == 'RedHat' - - ansible_distribution_major_version == '8' or - ansible_distribution_version == '9.0' or - ansible_distribution_version == '9.1' - - __sap_hana_preconfigure_register_thp_status_before.stdout.split('[')[1].split(']')[0] != 'never' - -- name: Set THP to 'madvise' on the running system - ansible.builtin.shell: echo 'madvise' > /sys/kernel/mm/transparent_hugepage/enabled - changed_when: true - when: - - ansible_distribution == 'RedHat' - - ansible_distribution_major_version == '9' and - __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 2 - - __sap_hana_preconfigure_register_thp_status_before.stdout.split('[')[1].split(']')[0] != 'madvise' + when: __sap_hana_preconfigure_register_thp_status_before.stdout.split('[')[1].split(']')[0] != __sap_hana_preconfigure_fact_thp - name: Configure - Get the status of THP ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled From 4fb4e6af40d382b0a15a179ab9ced3d37b64fd70 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 15 Nov 2024 18:20:46 +0100 Subject: [PATCH 48/51] sap_hana_preconfigure: No longer set net.core.somaxconn in RHEL 9 Solves issue #782. Signed-off-by: Bernd Finger --- roles/sap_hana_preconfigure/vars/RedHat_9.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/roles/sap_hana_preconfigure/vars/RedHat_9.yml b/roles/sap_hana_preconfigure/vars/RedHat_9.yml index 2ce0194b..573d1026 100644 --- a/roles/sap_hana_preconfigure/vars/RedHat_9.yml +++ b/roles/sap_hana_preconfigure/vars/RedHat_9.yml @@ -120,14 +120,14 @@ __sap_hana_preconfigure_req_repos_redhat_9_10_ppc64le: # required SAP notes for RHEL 9: __sap_hana_preconfigure_sapnotes_versions_x86_64: - - { number: '3108302', version: '9' } - - { number: '2382421', version: '45' } + - { number: '3108302', version: '11' } + - { number: '2382421', version: '47' } - { number: '3024346', version: '11' } __sap_hana_preconfigure_sapnotes_versions_ppc64le: - { number: '2055470', version: '90' } - - { number: '3108302', version: '9' } - - { number: '2382421', version: '45' } + - { number: '3108302', version: '11' } + - { number: '2382421', version: '47' } - { number: '3024346', version: '11' } __sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" @@ -249,8 +249,7 @@ __sap_hana_preconfigure_required_ppc64le: # Network related kernel parameters as set in SAP Note 2382421: __sap_hana_preconfigure_kernel_parameters_default: -# The following two parameter should always be set: - - { name: net.core.somaxconn, value: 4096 } +# The following parameter should always be set: - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 } # The following two parameters are automatically set by SAP Host Agent # - { name: net.ipv4.ip_local_port_range, value: "40000 61000" } From 936f2910a90e080b9ab9aa688f4e29d242ace1d7 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 18 Nov 2024 16:53:54 +0100 Subject: [PATCH 49/51] sap_netweaver_preconfigure: Sync with applicable SAP notes for Adobe DS Solves issue #689. Further changes in this commit: - Add the SAP note numbers and versions in a comment before the list of packages in the RedHat*.yml files in vars. - Add 'ansible_architecture' as a condition in the related installation task, so that there is no task failure when running on another architecture than 'x86_64'. - Also revert back to the default of 'false' for the role variable 'sap_netweaver_preconfigure_use_adobe_doc_services'. See commit 384f4d82, PR #876. Signed-off-by: Bernd Finger --- .../defaults/main.yml | 2 +- .../tasks/RedHat/installation.yml | 6 ++++-- .../vars/RedHat_7.yml | 17 +++++++++-------- .../vars/RedHat_8.yml | 2 +- .../vars/RedHat_9.yml | 2 +- 5 files changed, 16 insertions(+), 13 deletions(-) diff --git a/roles/sap_netweaver_preconfigure/defaults/main.yml b/roles/sap_netweaver_preconfigure/defaults/main.yml index 36afc47d..0a458da5 100644 --- a/roles/sap_netweaver_preconfigure/defaults/main.yml +++ b/roles/sap_netweaver_preconfigure/defaults/main.yml @@ -14,7 +14,7 @@ sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured: true sap_netweaver_preconfigure_rpath: '/usr/sap/lib' -sap_netweaver_preconfigure_use_adobe_doc_services: true +sap_netweaver_preconfigure_use_adobe_doc_services: false # (SUSE specific) Version of saptune to install. # It is recommended to install latest version by keeping this variable empty. diff --git a/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml b/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml index 551c046f..bbd3763b 100644 --- a/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml @@ -6,8 +6,10 @@ state: present name: "{{ __sap_netweaver_preconfigure_packages }}" -- name: Ensure required packages for Adobe Document Services are installed +- name: Ensure required packages for Adobe Document Services are installed, x86_64 only ansible.builtin.package: state: present name: "{{ __sap_netweaver_preconfigure_adobe_doc_services_packages }}" - when: sap_netweaver_preconfigure_use_adobe_doc_services + when: + - ansible_architecture == 'x86_64' + - sap_netweaver_preconfigure_use_adobe_doc_services diff --git a/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml b/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml index 4e8fe4de..1443046a 100644 --- a/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml +++ b/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml @@ -12,6 +12,7 @@ __sap_netweaver_preconfigure_sapnotes_versions: __sap_netweaver_preconfigure_packages: - tuned-profiles-sap +# SAP note 2135057 v11: __sap_netweaver_preconfigure_adobe_doc_services_packages: - autoconf.noarch - automake.noarch @@ -19,26 +20,26 @@ __sap_netweaver_preconfigure_adobe_doc_services_packages: - expat.x86_64 - fontconfig.x86_64 - freetype.x86_64 - - glibc.x86_64 - - glibc-devel.x86_64 + - glibc.i686 + - glibc-devel.i686 - keyutils-libs.x86_64 - krb5-libs.x86_64 - libcom_err.x86_64 - - libgcc.x86_64 + - libgcc.i686 - libidn.x86_64 - libidn-devel.x86_64 - libselinux.x86_64 - libssh2.x86_64 - - libX11.x86_64 - - libXau.x86_64 - - libxcb.x86_64 + - libX11.i686 + - libXau.i686 + - libxcb.i686 - nspr.x86_64 - nss.x86_64 - nss-softokn.x86_64 - - nss-softokn-freebl.x86_64 + - nss-softokn-freebl.i686 - nss-util.x86_64 - openldap.x86_64 - openssl.x86_64 - transfig.x86_64 - zlib.x86_64 - - libuuid.x86_64 + - libuuid.i686 diff --git a/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml b/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml index c74c0a8b..ad9dba4e 100644 --- a/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml +++ b/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml @@ -14,6 +14,7 @@ __sap_netweaver_preconfigure_sapnotes_versions: __sap_netweaver_preconfigure_packages: - tuned-profiles-sap +# SAP note 2920407 v6: __sap_netweaver_preconfigure_adobe_doc_services_packages: - autoconf.noarch - automake.noarch @@ -26,7 +27,6 @@ __sap_netweaver_preconfigure_adobe_doc_services_packages: - libcom_err.x86_64 - libidn2.x86_64 - libselinux.x86_64 - - libssh2.x86_64 - libxcb.i686 - nspr.x86_64 - nss.x86_64 diff --git a/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml b/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml index 07320f10..b6ad0222 100644 --- a/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml +++ b/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml @@ -12,6 +12,7 @@ __sap_netweaver_preconfigure_sapnotes_versions: __sap_netweaver_preconfigure_packages: - tuned-profiles-sap +# SAP note 3242422 v2: __sap_netweaver_preconfigure_adobe_doc_services_packages: - autoconf.noarch - automake.noarch @@ -24,7 +25,6 @@ __sap_netweaver_preconfigure_adobe_doc_services_packages: - libcom_err.x86_64 - libidn2.x86_64 - libselinux.x86_64 - - libssh2.x86_64 - libxcb.i686 - nspr.x86_64 - nss.x86_64 From f7679f7df11e33681480a84805d3f63c1186913c Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 22 Nov 2024 09:45:53 +0100 Subject: [PATCH 50/51] sap_hana_preconfigure: Add compat-sap-c++-13 SAP HANA 2.0 SPS08 is built with GCC13, so we need to install compat-sap-c++-13. Solves #893. Signed-off-by: Bernd Finger --- roles/sap_hana_preconfigure/vars/RedHat_9.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/sap_hana_preconfigure/vars/RedHat_9.yml b/roles/sap_hana_preconfigure/vars/RedHat_9.yml index 573d1026..7a9e7535 100644 --- a/roles/sap_hana_preconfigure/vars/RedHat_9.yml +++ b/roles/sap_hana_preconfigure/vars/RedHat_9.yml @@ -212,6 +212,8 @@ __sap_hana_preconfigure_packages: - nfs-utils # SAP NOTE 3108302: - tuned-profiles-sap-hana +# SAP NOTE 3449186 - Required for HANA 2.0 SPS08: + - compat-sap-c++-13 __sap_hana_preconfigure_packages_min_install: # SAP NOTE 3108316: @@ -240,6 +242,8 @@ __sap_hana_preconfigure_packages_min_install: # - nfs-utils # SAP NOTE 3108302: - tuned-profiles-sap-hana +# SAP NOTE 3449186 - Required for HANA 2.0 SPS08: + - compat-sap-c++-13 # URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools __sap_hana_preconfigure_ibm_power_repo_url: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' From 3a4affbd0b2054ec3a691c526634173429cfe70a Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Tue, 8 Oct 2024 16:08:16 +0100 Subject: [PATCH 51/51] sap_swpm: add functionality to set specific DDIC and SAP* passwords --- roles/sap_swpm/templates/configfile.j2 | 978 +++++++++++++++++++++++++ 1 file changed, 978 insertions(+) create mode 100644 roles/sap_swpm/templates/configfile.j2 diff --git a/roles/sap_swpm/templates/configfile.j2 b/roles/sap_swpm/templates/configfile.j2 new file mode 100644 index 00000000..f107f1cc --- /dev/null +++ b/roles/sap_swpm/templates/configfile.j2 @@ -0,0 +1,978 @@ +### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} + +{% if 'swpm_installation_media' in sap_swpm_inifile_list %} +###### +# swpm_installation_media +###### +archives.downloadBasket = {{ sap_swpm_software_path }} + +# installation_export.archivesFolder = {{ sap_swpm_cd_export_path }} + +# NOTE: Specific media requirements will use format +# SAPINST.CD.PACKAGE. = +{% endif %} +{% if 'swpm_installation_media_swpm2_hana' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm2_hana +###### +HDB_Software_Dialogs.useMediaCD = {{ sap_swpm_software_use_media }} +{% endif %} +{% if 'swpm_installation_media_swpm1' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm1 +###### +SAPINST.CD.PACKAGE.LANGUAGE = {{ sap_swpm_cd_language_path }} +SAPINST.CD.PACKAGE.JAVA = {{ sap_swpm_cd_java_path }} +SAPINST.CD.PACKAGE.RDBMS = {{ sap_swpm_cd_rdbms_path }} +# SAPINST.CD.PACKAGE.KERNEL = +# SAPINST.CD.PACKAGE.KERNEL2 = +# SAPINST.CD.PACKAGE.KERNEL3 = + +# SAPINST.CD.PACKAGE.JAVA_EXPORT = /path/JAVA_EXPORT +# SAPINST.CD.PACKAGE.JDMP = /path/JAVA_EXPORT_JDMP +# SAPINST.CD.PACKAGE.J2EE = /path/JAVA_J2EE_OSINDEP +# SAPINST.CD.PACKAGE.J2EE-INST = /path/JAVA_J2EE_OSINDEP_J2EE_INST +# SAPINST.CD.PACKAGE.SCA = /path/JAVA_J2EE_OSINDEP_UT +{% endif %} +{% if 'swpm_installation_media_swpm1_exportfiles' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm1_exportfiles +###### +SAPINST.CD.PACKAGE.EXPORT = {{ sap_swpm_cd_export_path }} +# SAPINST.CD.PACKAGE.LOAD = +SAPINST.CD.PACKAGE.LOAD1 = {{ sap_swpm_cd_export_pt1_path }} +SAPINST.CD.PACKAGE.LOAD2 = {{ sap_swpm_cd_export_pt2_path }} +# SAPINST.CD.PACKAGE.JMIG = +{% endif %} +{% if 'swpm_installation_media_swpm1_ibmdb2' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm1_ibmdb2 +###### +# Requested package : RDBMS-DB6 +SAPINST.CD.PACKAGE.DB2 = {{ sap_swpm_cd_ibmdb2_path }} + +# Requested package : RDBMS-DB6 CLIENT +SAPINST.CD.PACKAGE.DB2CLIENT = {{ sap_swpm_cd_ibmdb2_client_path }} + +# IBM DB2 software unpack path e.g. /db2/db2x01/db2_software +db6.DB2SoftwarePath = {{ sap_swpm_ibmdb2_unpack_path }} +{% endif %} +{% if 'swpm_installation_media_swpm1_oracledb_121' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm1_oracledb_121 +###### +# Requested package : RDBMS-ORA +SAPINST.CD.PACKAGE.RDBMS-ORA121 = {{ sap_swpm_cd_oracle_path }} + +# Requested package : RDBMS-ORA CLIENT +SAPINST.CD.PACKAGE.ORACLI121 = {{ sap_swpm_cd_oracle_client_path }} +{% endif %} +{% if 'swpm_installation_media_swpm1_oracledb_122' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm1_oracledb_122 +###### +# Requested package : RDBMS-ORA +SAPINST.CD.PACKAGE.RDBMS-ORA122 = {{ sap_swpm_cd_oracle_path }} + +# Requested package : RDBMS-ORA CLIENT +SAPINST.CD.PACKAGE.ORACLI122 = {{ sap_swpm_cd_oracle_client_path }} +{% endif %} +{% if 'swpm_installation_media_swpm1_oracledb_19' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm1_oracledb_19 +###### +# Requested package : RDBMS-ORA +SAPINST.CD.PACKAGE.RDBMS-ORA19 = {{ sap_swpm_cd_oracle_path }} + +# Requested package : RDBMS-ORA CLIENT +SAPINST.CD.PACKAGE.ORACLI19 = {{ sap_swpm_cd_oracle_client_path }} +{% endif %} +{% if 'swpm_installation_media_swpm1_sapase' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm1_sapase +###### +# Requested package : RDBMS-SYB +SAPINST.CD.PACKAGE.RDBMS-SYB = {{ sap_swpm_cd_sapase_path }} +SAPINST.CD.PACKAGE.RDBMS-SYB-CLIENT = {{ sap_swpm_cd_sapase_client_path }} + +{% endif %} +{% if 'swpm_installation_media_swpm1_sapmaxdb' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_swpm1_sapmaxdb +###### +# Requested package : RDBMS-ADA +SAPINST.CD.PACKAGE.RDBMS-ADA = {{ sap_swpm_cd_sapmaxdb_path }} +{% endif %} +{% if 'maintenance_plan_stack_tms_config' in sap_swpm_inifile_list %} + +###### +# maintenance_plan_stack_tms_config +###### +NW_ABAP_TMSConfig.configureTMS = {{ sap_swpm_configure_tms | lower }} +NW_ABAP_TMSConfig.transportPassword = {{ sap_swpm_tmsadm_password }} +{% endif %} +{% if 'maintenance_plan_stack_tms_transports' in sap_swpm_inifile_list %} + +###### +# maintenance_plan_stack_tms_transports +###### +NW_ABAP_Include_Corrections.includeTransports = true +NW_ABAP_Include_Corrections.transportFilesLocations = {{ sap_swpm_tms_tr_files_path }} +{% endif %} +{% if 'maintenance_plan_stack_spam_config' in sap_swpm_inifile_list %} + +###### +# maintenance_plan_stack_spam_config +###### +NW_ABAP_SPAM_Update.SPAMUpdateDecision = {{ sap_swpm_spam_update | lower }} +{% if sap_swpm_spam_update %} +NW_ABAP_SPAM_Update.SPAMUpdateArchive = {{ sap_swpm_spam_update_sar }} +{% else %} +#NW_ABAP_SPAM_Update.SPAMUpdateArchive = +{% endif %} +{% endif %} +{% if 'maintenance_plan_stack_sum_config' in sap_swpm_inifile_list %} + +###### +# maintenance_plan_stack_sum_config +###### +NW_ABAP_Prepare_SUM.prepareSUM = {{ sap_swpm_sum_prepare | lower }} +NW_ABAP_Prepare_SUM.startSUM = {{ sap_swpm_sum_start | lower }} + +# Password for SUM must be for 'adm' user +NW_ABAP_Prepare_SUM.Password = {{ sap_swpm_sap_sidadm_password }} +{% endif %} +{% if 'maintenance_plan_stack_sum_10_batch_mode' in sap_swpm_inifile_list %} + +###### +# maintenance_plan_stack_sum_10_batch_mode +###### +# Re-run of existing BatchModeInputFile.xml for NWAS JAVA (generated by SUM 1.0 on previous host into the /sdt/param/ subdirectory) +NW_ABAP_Prepare_SUM.SUMBatchFile = {{ sap_swpm_sum_batch_file }} +{% endif %} +{% if 'credentials' in sap_swpm_inifile_list %} + +###### +# credentials +###### +# Master password +NW_GetMasterPassword.masterPwd = {{ sap_swpm_master_password }} + +# 'adm' user +nwUsers.sidadmPassword = {{ sap_swpm_sap_sidadm_password }} + +DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} + +# 'sapadm' user of the SAP Host Agent +hostAgent.sapAdmPassword = {{ sap_swpm_sapadm_password }} +{% endif %} +{% if 'credentials_hana' in sap_swpm_inifile_list %} + +###### +# credentials_hana +###### +HDB_Schema_Check_Dialogs.schemaPassword = {{ sap_swpm_db_schema_password }} +storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} +{% endif %} +{% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_list %} + +###### +# credentials_anydb_ibmdb2 +###### +nwUsers.db6.db2sidPassword = {{ sap_swpm_sap_sidadm_password }} +# nwUsers.db6.db2sidUid = +{% endif %} +{% if 'credentials_anydb_oracledb' in sap_swpm_inifile_list %} + +###### +# credentials_anydb_oracledb +###### +# Oracle database software owner +ora.oraclePassword = {{ sap_swpm_sap_sidadm_password }} + +# 'ora' user +ora.orasidPassword = {{ sap_swpm_sap_sidadm_password }} + +# Oracle 'SYS' password +ora.SysPassword = {{ sap_swpm_db_system_password }} + +# Oracle 'SYSTEM' password +ora.SystemPassword = {{ sap_swpm_db_system_password }} +{% endif %} +{% if 'credentials_anydb_sapase' in sap_swpm_inifile_list %} + +###### +# credentials_anydb_sapase +###### +nwUsers.syb.sybsidPassword = {{ sap_swpm_sap_sidadm_password }} +SYB.NW_DB.sa_pass = {{ sap_swpm_master_password }} +SYB.NW_DB.sapsa_pass = {{ sap_swpm_master_password }} +SYB.NW_DB.sapsr3_pass = {{ sap_swpm_master_password }} +SYB.NW_DB.sapsr3db_pass = {{ sap_swpm_db_system_password }} +# SYB.NW_DB.encryptionMasterKeyPassword = +# SYB.NW_DB.sapsso_pass = +# SYB.NW_DB.sslPassword = +{% endif %} +{% if 'credentials_anydb_sapmaxdb' in sap_swpm_inifile_list %} + +###### +# credentials_anydb_sapmaxdb +# +# The password of user DBUser may only consist of alphanumeric characters and the special characters #, $, @ and _ +###### +nwUsers.ada.sqdsidPassword = {{ sap_swpm_sap_sidadm_password }} +Sdb_DBUser.dbaPassword = {{ sap_swpm_db_system_password }} +Sdb_DBUser.dbmPassword = {{ sap_swpm_db_system_password }} +Sdb_Schema_Dialogs.dbSchemaPassword = {{ sap_swpm_db_schema_password }} +{% endif %} +{% if 'credentials_nwas_ssfs' in sap_swpm_inifile_list %} + +###### +# credentials_nwas_ssfs +###### +HDB_Userstore.useABAPSSFS = true +# NW_ABAP_SSFS_CustomKey.ssfsKeyInputFile = +{% endif %} +{% if 'credentials_hdbuserstore' in sap_swpm_inifile_list %} + +###### +# credentials_hdbuserstore +###### +HDB_Userstore.useABAPSSFS = false +# HDB_Userstore.doNotResolveHostnames = +# HDB_Userstore.HDB_USE_IDENT = +# HDB_Userstore.systemDBPort = +# NW_HDB_DBClient.checkCreateUserstore = true +# NW_HDB_DBClient.clientPathStrategy = LOCAL +{% endif %} +{% if sap_swpm_ddic_000_password | d('',true) | length > 0 %} + +###### +# newinstall_ddic_000_password_not_master +###### +# Are the passwords for the DDIC users different from the default value? +NW_CI_Instance_ABAP_Reports.ddic000Password = {{ sap_swpm_ddic_000_password }} +NW_CI_Instance_ABAP_Reports.needNewDDIC000Password = true +{% endif %} +{% if sap_swpm_sapstar_000_password | d('',true) | length > 0 %} + +###### +# newinstall_sapstar_000_password_not_master +###### +# Are the passwords for the SAP* users different from the default value? +NW_CI_Instance_ABAP_Reports.ddic000Password = +NW_CI_Instance_ABAP_Reports.needNewSapStar000Password = true +NW_CI_Instance_ABAP_Reports.sapStar000Password = {{ sap_swpm_sapstar_000_password }} +{% endif %} +{% if 'credentials_syscopy' in sap_swpm_inifile_list %} + +###### +# credentials_syscopy +###### +# Are the passwords for the DDIC users different from the default value? +NW_DDIC_Password.needDDICPasswords = true +NW_DDIC_Password.ddic000Password = {{ sap_swpm_ddic_000_password }} +#NW_DDIC_Password.ddic001Password = +{% endif %} +{% if 'db_config_hana' in sap_swpm_inifile_list %} + +###### +# db_config_hana +###### +storageBasedCopy.hdb.instanceNumber = {{ sap_swpm_db_instance_nr }} +HDB_Schema_Check_Dialogs.schemaName = {{ sap_swpm_db_schema }} +{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} + +HDB_Schema_Check_Dialogs.validateSchemaName = true +{% else %} +HDB_Schema_Check_Dialogs.validateSchemaName = false +{% endif %} + +# HDB_Schema_Check_Dialogs.dropSchema = false +# hdb.create.dbacockpit.user = false +{% endif %} +{% if 'db_config_anydb_all' in sap_swpm_inifile_list %} + +###### +# db_config_anydb_all +###### +NW_ABAP_Import_Dialog.dbCodepage = 4103 +{% endif %} +{% if 'db_config_anydb_ibmdb2' in sap_swpm_inifile_list %} + +###### +# db_config_anydb_ibmdb2 +###### +NW_ABAP_Import_Dialog.migmonJobNum = 3 +NW_ABAP_Import_Dialog.migmonLoadArgs = -stop_on_error -loadprocedure fast LOAD:COMPRESS_ALL:DEF_CRT +NW_getDBInfoGeneric.dbhost = {{ sap_swpm_db_host }} +NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} +NW_getUnicode.isUnicode = true +# db6.useMcod = true +# db6.useBluSettings = false +# db6.gid_sysadm = +# db6.gid_sysctrl = +# db6.gid_sysmaint = +# db6.gid_sysmon = +db6.allowUnsignedDatabaseSoftware = true +db6.cluster.ClusterType = HADR (High Availability Disaster Recovery) +db6.createTablespacesUsingSapinst = true +db6.minimizeDatabaseSizeCompression = true +db6.TablespacePoolSizes = SAPSID#DATA{20} +db6.useAutoStorage = true +db6.useExtraSapdataSaptmpDirLayout = false +db6.UseStandardTablespacePool = true +db6.usesLDAP = false +storageBasedCopy.db6.CommunicationPortNumber = 5912 +storageBasedCopy.db6.PortRangeEnd = 5917 +storageBasedCopy.db6.PortRangeStart = 5914 +{% endif %} +{% if 'db_config_anydb_oracledb' in sap_swpm_inifile_list %} + +###### +# db_config_anydb_oracledb +###### +NW_ABAP_Import_Dialog.migmonJobNum = 3 +NW_ABAP_Import_Dialog.migmonLoadArgs = -stop_on_error -loadprocedure fast +NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} +storageBasedCopy.ora.listenerName = SAPORALISTENER +# storageBasedCopy.ora.listenerPort = +storageBasedCopy.ora.ABAPSchema = {{ sap_swpm_db_schema_abap }} +# storageBasedCopy.ora.JavaSchema = {{ sap_swpm_db_schema_java }} +# storageBasedCopy.ora.swowner = oracle +ora.createStatisticsCodeABAP = SKIP +ora.createStatisticsCodeJAVA = SKIP +ora.multitenant.pdbsid = {{ sap_swpm_sid | upper }} +ora.whatInstallation = isSingle +# ora.IgnoreClientVersion = false +# ora.maxDatafileSize = 2000 + +#### Oracle Multitenant Pluggable DB: #### +#### a single Oracle Container Database (CDB) can host multiple Oracle Pluggable Databases (PDB) #### +## FALSE: no pluggable installation (default value) +## CDB_PDB: install CDB and PDB +## PDB_ONLY: install PDB only in an existing CDB. +## CDB_ONLY: install CDB only. +ora.multitenant.installMT = FALSE +{% endif %} +{% if 'db_config_anydb_oracledb_121' in sap_swpm_inifile_list %} + +###### +# db_config_anydb_oracledb_121 +# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) +###### +ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/121 +storageBasedCopy.ora.clientVersion = 121 +storageBasedCopy.ora.serverVersion = 121 +{% endif %} +{% if 'db_config_anydb_oracledb_122' in sap_swpm_inifile_list %} + +###### +# db_config_anydb_oracledb_122 +# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) +###### +ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/122 +storageBasedCopy.ora.clientVersion = 122 +storageBasedCopy.ora.serverVersion = 122 +{% endif %} +{% if 'db_config_anydb_oracledb_19' in sap_swpm_inifile_list %} + +###### +# db_config_anydb_oracledb_19 +# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) +###### +ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/19 +storageBasedCopy.ora.clientVersion = 19 +storageBasedCopy.ora.serverVersion = 19 +{% endif %} +{% if 'db_config_anydb_sapase' in sap_swpm_inifile_list %} + +###### +# db_config_anydb_sapase +###### +NW_ABAP_Import_Dialog.migmonJobNum = 3 +NW_ABAP_Import_Dialog.migmonLoadArgs = -c 100000 -loadprocedure fast +NW_SYB_DBPostload.numberParallelStatisticJobs = 0 +SYB.NW_DB.aseSortOrder = binaryalt +SYB.NW_DB.databaseDevices = data device for SAP,/sybase/{{ sap_swpm_sid | upper }}/sapdata_1,88,,,{{ sap_swpm_sid | upper }}_data_001,log device for SAP,/sybase/{{ sap_swpm_sid | upper }}/saplog_1,10,,,{{ sap_swpm_sid | upper }}_log_001,data device for saptools,/sybase/{{ sap_swpm_sid | upper }}/sapdiag,2,,,saptools_data_001,log device for saptools,/sybase/{{ sap_swpm_sid | upper }}/sapdiag,2,,,saptools_log_001,data device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,1,,,sybsecurity_data_001,data device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,1,,,sybsecurity_data_002,log device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,0.5,,,sybsecurity_log_001,temp device for SAP,/sybase/{{ sap_swpm_sid | upper }}/saptemp,8,,,saptempdb_data_001, +SYB.NW_DB.databaseType = ase +SYB.NW_DB.enableGranularPermissions = true +SYB.NW_DB.enableStrongCipherSuitesForSSL = false +SYB.NW_DB.folderDatabaseSoftware = /sybase/{{ sap_swpm_sid | upper }} +SYB.NW_DB.folderDiagDevice = /sybase/{{ sap_swpm_sid | upper }}/sapdiag +SYB.NW_DB.folderSAPTempdbDevice = /sybase/{{ sap_swpm_sid | upper }}/saptemp +SYB.NW_DB.folderSecurityDevices = /sybase/{{ sap_swpm_sid | upper }}/sybsecurity +SYB.NW_DB.folderSystemDevices = /sybase/{{ sap_swpm_sid | upper }}/sybsystem +SYB.NW_DB.folderTempdbDevice = /sybase/{{ sap_swpm_sid | upper }}/sybtemp +SYB.NW_DB.indexConsumers = 3 +SYB.NW_DB.initializeDefaultSystemEncryptionPassword = false +SYB.NW_DB.maxIndexParallelDegree = 10 +SYB.NW_DB.maxQueryParallelDegree = 10 +SYB.NW_DB.numberWorkerProcesses = 50 +SYB.NW_DB.sqlServerConnections = 200 +SYB.NW_DB.sqlServerHostname = {{ sap_swpm_db_host }} +SYB.NW_DB.sybmgmtdbDataDeviceFolder = /sybase/{{ sap_swpm_sid | upper }}/sybsystem +SYB.NW_DB.sybmgmtdbLogDeviceFolder = /sybase/{{ sap_swpm_sid | upper }}/sybsystem +SYB.NW_DB.userstore_hostname = {{ sap_swpm_ascs_instance_hostname }} + +# To avoid conflicts, leave all Ports blank and SAP SWPM will auto-assign +# Ports by default are in order 4901, 4902, 4903, 4904. For each new ASE DB Server instance on the host, each port number is incremented by 4 +SYB.NW_DB.portDatabaseServer = +SYB.NW_DB.portBackupServer = +SYB.NW_DB.portJobScheduler = +SYB.NW_DB.portXPServer = +{% endif %} +{% if 'db_config_anydb_sapmaxdb' in sap_swpm_inifile_list %} + +###### +# db_config_anydb_sapmaxdb +###### +NW_ABAP_Import_Dialog.migmonJobNum = 90 +NW_ABAP_Import_Dialog.migmonLoadArgs = -para_cnt 90 +NW_ADA_getDBInfo.dbsid = {{ sap_swpm_db_sid }} +SdbInstanceDialogs.DB_sessions = 100 +SdbInstanceDialogs.minlogsize = 4000 +SdbInstanceDialogs.sapdataFolder = sapdata +SdbInstanceDialogs.saplogFolder = saplog +{% endif %} +{% if 'db_connection_nw_hana' in sap_swpm_inifile_list %} + +###### +# db_connection_nw_hana +###### +NW_HDB_getDBInfo.dbhost = {{ sap_swpm_db_host }} +NW_HDB_getDBInfo.dbsid = {{ sap_swpm_db_sid }} +NW_HDB_getDBInfo.instanceNumber = {{ sap_swpm_db_instance_nr }} +NW_HDB_getDBInfo.systemid = {{ sap_swpm_db_sid }} +NW_HDB_getDBInfo.systemPassword = {{ sap_swpm_db_system_password }} +# NW_HDB_getDBInfo.systemDbSid = SystemDB +NW_HDB_getDBInfo.systemDbPassword = {{ sap_swpm_db_systemdb_password }} +NW_HDB_DB.abapSchemaName = {{ sap_swpm_db_schema_abap }} +NW_HDB_DB.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} +NW_HDB_DB.javaSchemaName = {{ sap_swpm_db_schema_java }} +NW_HDB_DB.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} +NW_Recovery_Install_HDB.extractLocation = /usr/sap/{{ sap_swpm_db_sid }}/HDB{{ sap_swpm_db_instance_nr }}/backup/data/DB_HDB +NW_Recovery_Install_HDB.extractParallelJobs = {{ sap_swpm_parallel_jobs_nr }} +NW_Recovery_Install_HDB.sidAdmName = {{ sap_swpm_db_sid | lower }}adm +NW_Recovery_Install_HDB.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} +# NW_HDB_getDBInfo.dbadmin = SYSTEM +# NW_HDB_getDBInfo.tenantOsGroup = {{ sap_swpm_db_sid | lower }}grp +# NW_HDB_getDBInfo.tenantOsUser = {{ sap_swpm_db_sid | lower }}usr +# NW_HDB_getDBInfo.tenantPort = +{% endif %} +{% if 'db_connection_nw_anydb_ibmdb2' in sap_swpm_inifile_list %} + +###### +# db_connection_nw_anydb_ibmdb2 +###### +# db6.UseDb2SSLClientServerComm = false +nwUsers.db6.sapsidPassword = {{ sap_swpm_sapadm_password }} +# nwUsers.db6.sapsidUid = + +# nwUsers.db6.sapsiddbPassword = +# nwUsers.db6.sapsiddbUid = + +# Database Schema and Database Connect User for ABAP (default is sap and not sap) +NW_DB6_DB.db6.abap.connect.user = sap{{ sap_swpm_sid | lower }} +NW_DB6_DB.db6.abap.schema = sap{{ sap_swpm_sid | lower }} +# NW_DB6_DB.db6.java.connect.user = +# NW_DB6_DB.db6.java.schema = +{% endif %} +{% if 'db_connection_nw_anydb_oracledb' in sap_swpm_inifile_list %} + +###### +# db_connection_nw_anydb_oracledb +###### +storageBasedCopy.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} +storageBasedCopy.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} +{% endif %} +{% if 'db_connection_nw_anydb_sapase' in sap_swpm_inifile_list %} + +###### +# db_connection_nw_anydb_sapase +###### +# NW_SYB_CIABAP.sapsaPassword = +{% endif %} +{% if 'db_restore_hana' in sap_swpm_inifile_list %} + +###### +# db_restore_hana +###### +NW_HDB_getDBInfo.systemPasswordBackup = {{ sap_swpm_backup_system_password }} +HDB_Recovery_Dialogs.backupLocation = {{ sap_swpm_backup_location }} +HDB_Recovery_Dialogs.backupName = {{ sap_swpm_backup_prefix }} +HDB_Recovery_Dialogs.sapControlWsdlUrl = http://{{ sap_swpm_db_host }}:5{{ sap_swpm_db_instance_nr }}13/SAPControl?wsdl +HDB_Recovery_Dialogs.sidAdmName = {{ sap_swpm_db_sid | lower }}adm +HDB_Recovery_Dialogs.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} +# HDB_Recovery_Dialogs.backupDestinationType = File +# HDB_Recovery_Dialogs.licenseFile = +# HDB_Recovery_Dialogs.skipExistenceCheck = false +# HDB_Recovery_Dialogs.sourceDatabaseSid = +# HDB_Recovery_Dialogs.useLicenseFile = false +# NW_Recovery_Install_HDB.checkIntegrity = false +# NW_Recovery_Install_HDB.backupLocationHANA = +# NW_Recovery_Install_HDB.backupLocationSAP = +# NW_Recovery_Install_HDB.loadOrMount = load +# HDB_System_Check_Dialogs.initTopology = false +# NW_CreateDBandLoad.movePVCforUsagePiAndDi = +{% endif %} +{% if 'nw_config_anydb' in sap_swpm_inifile_list %} + +###### +# nw_config_anydb +###### +# Distributed installation or system copy with any database and SAP Basis release 740 or higher: +# Execute ABAP program 'RUTPOADAPT' for depooling. Set it to 'true' if declustering / depooling is selected for the distributed database instance installation option +NW_CI_Instance_ABAP_Reports.executeReportsForDepooling = false +{% endif %} +{% if 'nw_config_other' in sap_swpm_inifile_list %} + +###### +# nw_config_other +###### +# NW_Delete_Sapinst_Users.removeUsers = false +NW_getFQDN.FQDN = {{ sap_swpm_fqdn }} +NW_getFQDN.setFQDN = {{ sap_swpm_set_fqdn | lower }} +# NW_getFQDN.resolve = true +NW_GetSidNoProfiles.sid = {{ sap_swpm_sid }} +# NW_GetSidNoProfiles.sapmnt = /sapmnt +# NW_GetSidNoProfiles.strictSidCheck = true +# NW_GetSidNoProfiles.unicode = true +NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile +# NW_readProfileDir.profilesAvailable = +NW_getLoadType.loadType = {{ sap_swpm_load_type }} +# NW_getUnicode.isUnicode = +# MessageServer.configureAclInfo = false +# NW_Exit_Before_Systemstart.exit = false +# NW_adaptProfile.skipSecurityProfileSettings = false +# OS4.DestinationASP = +{% endif %} +{% if 'nw_config_central_services_abap' in sap_swpm_inifile_list %} + +###### +# nw_config_central_services_abap +# Central Services (ASCS) contains the Message server (MS) and Enqueue work processes (EN) for the ABAP Dispatcher. +# Formerly the processes were contained in the Central Instance (CI). +###### +NW_CI_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} +NW_CI_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} +# NW_SCS_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} +NW_SCS_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} +{% endif %} +{% if 'nw_config_central_services_java' in sap_swpm_inifile_list %} + +###### +# nw_config_central_services_java +# SAP Java Central Services Instance (SCS) contains the Java Message server (MS), Java Enqueue server (EN), Java Gateway (GW) and Java Internal Web Dispatcher (WD). +###### +NW_CI_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} +NW_CI_Instance.scsInstanceNumber = {{ sap_swpm_java_scs_instance_nr }} +NW_SCS_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} +# NW_SCS_Instance.scsInstanceNumber = +NW_SCS_Instance.instanceNumber = {{ sap_swpm_java_scs_instance_nr }} +NW_JAVA_Export.keyPhrase = {{ sap_swpm_master_password }} +{% endif %} +{% if 'nw_config_primary_application_server_instance' in sap_swpm_inifile_list %} + +###### +# nw_config_primary_application_server_instance +# Primary Application Server (PAS) contains the Internet Communication Manager (ICM), Gateway (GW), and ABAP Dispatcher (DI/WP) work processes. +# Formerly called the Central Instance (CI). +###### +NW_CI_Instance.ciVirtualHostname = {{ sap_swpm_pas_instance_hostname }} +NW_CI_Instance.ciInstanceNumber = {{ sap_swpm_pas_instance_nr }} +# NW_CI_Instance.nodesNum = +# NW_CI_Instance.nodesNumber = defNodes +# NW_WPConfiguration.ciBtcWPNumber = 6 +# NW_WPConfiguration.ciDialogWPNumber = 10 +{% endif %} +{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} + +###### +# nw_config_additional_application_server_instance +# Additional Application Server (AAS) contains ABAP Dispatcher (DI/WP) work processes. +# Formerly called the Dialog Instance (DI). +###### +# Instance number of SAP NetWeaver Application Server. Leave empty for default. +NW_AS.instanceNumber = {{ sap_swpm_aas_instance_nr }} + +# Do not skip unpacking archives if adding the SAP NetWeaver Application Server to another operating system / host. Default is 'false'. +# NW_AS.skipUnpacking = false + +# Start the SAP NetWeaver Application Server at the end of the installation. Default is 'true'. +# NW_AS.start = true + +# Virtual host name of the SAP NetWeaver Application Server instance. Leave empty to use the existing host name +NW_DI_Instance.virtualHostname = {{ sap_swpm_aas_instance_hostname }} +{% endif %} +{% if 'nw_config_ers' in sap_swpm_inifile_list %} + +###### +# nw_config_ers +###### +nw_instance_ers.ersVirtualHostname = {{ sap_swpm_ers_instance_hostname }} +nw_instance_ers.ersInstanceNumber = {{ sap_swpm_ers_instance_nr }} + +# Disable 'Automatic Instance and Service Restart' for SAP SWPM Unattended Mode, +# otherwise by default SAP SWPM will use sapcontrol -queryuser -function Stop and will cause error +# "User? Password? Stop. FAIL: Invalid Credentials" +nw_instance_ers.restartSCS = false +{% endif %} +{% if 'nw_config_ports' in sap_swpm_inifile_list %} + +###### +# nw_config_ports +###### +NW_CI_Instance.ciMSPort = 36{{ sap_swpm_ascs_instance_nr }} +NW_checkMsgServer.abapMSPort = 36{{ sap_swpm_ascs_instance_nr }} +# NW_CI_Instance.ciMSPortInternal = +# NW_CI_Instance.createGlobalProxyInfoFile = false +# NW_CI_Instance.createGlobalRegInfoFile = false +# NW_CI_Instance.scsMSPortInternal = +# NW_SCS_Instance.scsMSPort = +# NW_SCS_Instance.createGlobalProxyInfoFile = false +# NW_SCS_Instance.createGlobalRegInfoFile = false +{% endif %} +{% if 'nw_config_java_ume' in sap_swpm_inifile_list %} + +###### +# nw_config_java_ume +###### +UmeConfiguration.adminName = J2EE_ADM_{{ sap_swpm_sid }} +UmeConfiguration.adminPassword = {{ sap_swpm_ume_j2ee_admin_password }} +UmeConfiguration.guestName = J2EE_GST_{{ sap_swpm_sid }} +UmeConfiguration.sapjsfPassword = {{ sap_swpm_ume_sapjsf_password }} +UmeConfiguration.umeClient = {{ sap_swpm_ume_client_nr }} +UmeConfiguration.umeHost = {{ sap_swpm_pas_instance_hostname }} +UmeConfiguration.umeInstance = {{ sap_swpm_ume_instance_nr }} +UmeConfiguration.umeType = {{ sap_swpm_ume_type }} +# UmeConfiguration.sapjsfName = SAPJSF +{% endif %} +{% if 'nw_config_java_feature_template_ids' in sap_swpm_inifile_list %} + +###### +# nw_config_java_feature_template_ids +###### +NW_internal.useProductVersionDescriptor = true +nw_java_import.buildJEEusingExtraMileTool = {{ true if sap_swpm_java_import_method == 'extramile' else false }} + +# If use PV = true +# SAP SWPM 1.0 for SAP NetWeaver AS (JAVA), Product Version Software Instance **Feature Template IDs** comma-separated list +Select_PPMS_Instances.ListOfSelectedInstances = {% set selected_ids = [] %}{%- for item_selected in sap_swpm_java_template_id_selected_list %} +{%- if item_selected in sap_swpm_java_template_id_lookup_dictionary -%} +{{ selected_ids.append(sap_swpm_java_template_id_lookup_dictionary[item_selected]) }} +{%- endif %} +{%- endfor %}{{ selected_ids | flatten | join(',') }} + +## If use PV = false [LEGACY for before NWAS JAVA 7.40] +## Comma-separated value list containing which product instances (formerly known as usage types) are installed. Used for handling product instances in unattended mode. +## SAP_Software_Features_Select.selectedInstancesForInstallation = AS,AAS,BASIC,NW-MODEL,ESR,PI,PI-AF +{%- endif %} +{% if 'nw_config_webdisp_generic' in sap_swpm_inifile_list %} + +###### +# nw_config_webdisp_generic +###### +NW_Webdispatcher_Instance.wdInstanceNumber = {{ sap_swpm_wd_instance_nr }} +# NW_webdispatcher_Instance.encryptionMode = Always +# NW_webdispatcher_Instance.useWdHTTPPort = false +NW_webdispatcher_Instance.wdHTTPPort = 80{{ sap_swpm_wd_instance_nr }} +NW_webdispatcher_Instance.wdHTTPSPort = 443{{ sap_swpm_wd_instance_nr }} +NW_webdispatcher_Instance.wdVirtualHostname = {{ sap_swpm_wd_virtual_host }} + +NW_Webdispatcher_Instance.configureSystemConnectivity = {{ sap_swpm_wd_system_connectivity | lower }} +NW_webdispatcher_Instance.backEndSID = {{ sap_swpm_wd_backend_sid }} +NW_webdispatcher_Instance.msHTTPPort = {{ sap_swpm_wd_backend_ms_http_port }} +NW_webdispatcher_Instance.msHost = {{ sap_swpm_wd_backend_ms_host }} +NW_webdispatcher_Instance.scenarioSize = {{ sap_swpm_wd_backend_scenario_size }} + +NW_webdispatcher_Instance.activateICF = {{ sap_swpm_wd_activate_icf | lower }} +NW_webdispatcher_Instance.rfcHost = {{ sap_swpm_wd_backend_rfc_host }} +NW_webdispatcher_Instance.rfcInstance = {{ sap_swpm_wd_backend_rfc_instance_nr }} +NW_webdispatcher_Instance.rfcClient = {{ sap_swpm_wd_backend_rfc_client_nr }} +NW_webdispatcher_Instance.rfcUser = {{ sap_swpm_wd_backend_rfc_user }} +NW_webdispatcher_Instance.rfcPassword = {{ sap_swpm_wd_backend_rfc_user_password }} +{% endif %} +{% if 'nw_config_webdisp_gateway' in sap_swpm_inifile_list %} + +###### +# nw_config_webdisp_gateway +# +# It is recommended to install gateway as part of ASCS +# It is NOT recommended to install webdispatcher as part of ASCS. A separate Web Dispatcher instance should be installed (SAP Note 908097) +###### +NW_CI_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} +# NW_SCS_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} + +# Embedded SAP Web Dispatcher +# NW_CI_Instance.ascsInstallWebDispatcher = false +# NW_SCS_Instance.ascsInstallWebDispatcher = false +{% endif %} +{% if 'nw_config_host_agent' in sap_swpm_inifile_list %} + +###### +# nw_config_host_agent +###### +NW_System.installSAPHostAgent = {{ sap_swpm_install_saphostagent | lower }} +{% endif %} +{% if 'nw_config_post_load_abap_reports' in sap_swpm_inifile_list %} + +###### +# nw_config_post_load_abap_reports +###### +# Activate ICF node '/SAP/BC/REST/SLPROTOCOL' +NW_CI_Instance_ABAP_Reports.enableActivateICFService = true + +# SAP INTERNAL USE ONLY +# NW_CI_Instance_ABAP_Reports.enableSPAMUpdateWithoutStackXml = false + +# SAP INTERNAL USE ONLY +# NW_CI_Instance_ABAP_Reports.enableTMSConfigWithoutStackXml = false + +# SAP INTERNAL USE ONLY +# NW_CI_Instance_ABAP_Reports.enableTransportsWithoutStackXml = false + +# Need specific new password of the DDIC user in client 000, different from Master Password +# NW_CI_Instance_ABAP_Reports.needNewDDIC000Password = false + +# Need specific new password of the DDIC user in client 001, different from Master Password +# NW_CI_Instance_ABAP_Reports.needNewDDIC001Password = false + +# Need specific new password of the SAP* user in client 000, different from Master Password +# NW_CI_Instance_ABAP_Reports.needNewSapStar000Password = false + +# Need specific new password of the SAP* user in client 001, different from Master Password +# NW_CI_Instance_ABAP_Reports.needNewSapStar001Password = false + +# Specify new password of the DDIC user in client 000, different from Master Password +# NW_CI_Instance_ABAP_Reports.ddic000Password = + +# Specify new password of the DDIC user in client 001, different from Master Password +# NW_CI_Instance_ABAP_Reports.ddic001Password = + +# Specify new password of the SAP* user in client 000, different from Master Password +# NW_CI_Instance_ABAP_Reports.sapStar000Password = + +# Specify new password of the SAP* user in client 001, different from Master Password +# NW_CI_Instance_ABAP_Reports.sapStar001Password = +{% endif %} +{% if 'nw_config_livecache' in sap_swpm_inifile_list %} + +###### +# nw_config_livecache +###### +NW_liveCache.controlUserPwd = +NW_liveCache.liveCacheHost = +NW_liveCache.liveCacheID = +NW_liveCache.liveCacheUser = +NW_liveCache.liveCacheUserPwd = +NW_liveCache.useLiveCache = +{% endif %} +{% if 'nw_config_sld' in sap_swpm_inifile_list %} + +###### +# nw_config_sld +###### +NW_SLD_Configuration.configureSld = +NW_SLD_Configuration.sldHost = +NW_SLD_Configuration.sldPort = +NW_SLD_Configuration.sldUseHttps = +NW_SLD_Configuration.sldUser = +NW_SLD_Configuration.sldUserPassword = +{% endif %} +{% if 'nw_config_abap_language_packages' in sap_swpm_inifile_list %} + +###### +# nw_config_abap_language_packages +###### +NW_Language_Inst_Dialogs.install = true +# Path to language archive files (e.g. S4HANAOP***_LANG_EN.SAR) +NW_Language_Inst_Dialogs.folders = /software +# Selected languages comma-separated list (by default DE,EN are installed) +NW_Language_Inst_Dialogs.languages = AR,BG,CA,CS,DA,EL,ES,ET,FI,FR,HE,HI,HR,HU,IT,JA,KK,KO,LT,LV,MS,NL,NO,PL,PT,RO,RU,SH,SK,SL,SV,TH,TR,UK,VI,ZF,ZH +{% endif %} +{% if 'sap_os_linux_user' in sap_swpm_inifile_list %} + +###### +# sap_os_linux_user +###### +nwUsers.sapadmUID = {{ sap_swpm_sapadm_uid }} +nwUsers.sapsysGID = {{ sap_swpm_sapsys_gid }} +nwUsers.sidAdmUID = {{ sap_swpm_sidadm_uid }} +{% endif %} +{% if 'swpm_installation_media_download_service' in sap_swpm_inifile_list %} + +###### +# swpm_installation_media_download_service +# Not in use by sap_swpm Ansible Role +###### +# nwUsers.sapServiceSIDPassword = +# download_service.directory = +# DownloadService.EnableProxy = +# DownloadService.HostName = +# DownloadService.Password = +# DownloadService.Port = +# DownloadService.ProvideAuthentication = +# DownloadService.Username = +# DownloadService.planNumber = +{% endif %} +{% if 'nw_config_java_icm_credentials' in sap_swpm_inifile_list %} + +###### +# nw_config_java_icm_credentials +###### +NW_IcmAuth.webadmPassword = {{ sap_swpm_ume_j2ee_admin_password }} +{% endif %} +{% if 'solman_abap_swpm1' in sap_swpm_inifile_list %} + +###### +# solman_abap_swpm1 +# Not in use by sap_swpm Ansible Role +###### +InitDeclusteringForImport.decluster = false +{% endif %} +{% if 'solman_daa_swpm1' in sap_swpm_inifile_list %} + +###### +# solman_daa_swpm1 +# Not in use by sap_swpm Ansible Role +###### +# DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} +# DiagnosticsAgent.installSAPHostAgent +# DiagnosticsAgent.InstanceNumber +# DiagnosticsAgent.LogicalHostName +# DiagnosticsAgent.SAPJVMVersion +# DiagnosticsAgent.SAProuter.Password +# DiagnosticsAgent.SAProuter.RouteString +# DiagnosticsAgent.SID +# DiagnosticsAgent.SLD.Connection +# DiagnosticsAgent.SLD.HostName +# DiagnosticsAgent.SLD.Password +# DiagnosticsAgent.SLD.PortNumber +# DiagnosticsAgent.SLD.UseHTTPS +# DiagnosticsAgent.SLD.UserName +# DiagnosticsAgent.SolMan.Connection +# DiagnosticsAgent.SolMan.HostName +# DiagnosticsAgent.SolMan.Password +# DiagnosticsAgent.SolMan.PortNumber +# DiagnosticsAgent.SolMan.UserName +# DiagnosticsAgent.SolMan.UseSSL +{% endif %} +{% if 'syscopy_export_anydb' in sap_swpm_inifile_list %} + +###### +# syscopy_export_anydb +# Not in use by sap_swpm Ansible Role +###### +# InitDeclusteringForExport.decluster = +# NW_ABAP_Export_Dialog.customPackageOrder = +# NW_ABAP_Export_Dialog.customSortOrderFile = +# NW_ABAP_Export_Dialog.exportTimeFile = +# NW_ABAP_Export_Dialog.importTimeFile = +# NW_ABAP_Export_Dialog.jobNumberGroupLarge = 7 +# NW_ABAP_Export_Dialog.jobNumberGroupSmall = 4 +# NW_ABAP_Export_Dialog.migmonComHost = +# NW_ABAP_Export_Dialog.migmonComPort = +# NW_ABAP_Export_Dialog.migmonComType = EXCHANGE +# NW_ABAP_Export_Dialog.migmonDataTransferType = NET +# NW_ABAP_Export_Dialog.migmonFtpExchangeDir = +# NW_ABAP_Export_Dialog.migmonFtpExportDir = +# NW_ABAP_Export_Dialog.migmonFtpHost = +# NW_ABAP_Export_Dialog.migmonFtpPassword = +# NW_ABAP_Export_Dialog.migmonFtpUser = +NW_ABAP_Export_Dialog.migmonJobNum = 3 +NW_ABAP_Export_Dialog.migmonLoadArgs = -stop_on_error +# NW_ABAP_Export_Dialog.migmonNetExchangeDir = +# NW_ABAP_Export_Dialog.migmonTaskArgs = +# NW_ABAP_Export_Dialog.nonStandardAbapObjectsHandlingSkip = false +NW_ABAP_Export_Dialog.parallelR3szchkExecution = true +NW_ABAP_Export_Dialog.r3szchkDetermineSizeValue = DB +# NW_ABAP_Export_Dialog.r3szchkJobNum = 10 +NW_ABAP_Export_Dialog.repeatExport = COMPLETE +NW_ABAP_Export_Dialog.splitPackageLimitVal = 5000 +# NW_ABAP_Export_Dialog.splitMaxTableNumVal = 1000 +# NW_ABAP_Export_Dialog.splitTableFile = +# NW_ABAP_Export_Dialog.splitTableLimitVal = 300 +# NW_ABAP_Export_Dialog.splitTableNumVal = 10 +# NW_ABAP_Export_Dialog.splitUseMaxTableNum = false +# NW_ABAP_Export_Dialog.splitUsePackageLimit = true +# NW_ABAP_Export_Dialog.splitUseTableFile = false +# NW_ABAP_Export_Dialog.splitUseTableLimit = false +# NW_ABAP_Export_Dialog.splitUseTableNum = true +# NW_ABAP_Export_Dialog.sqlFileDir = +NW_ABAP_Export_Dialog.targetHardwarePlatform = LITTLE_ENDIAN + +## Target database types for Linux are ADA, HDB, DB6, ORA, SYB +NW_ABAP_Export_Dialog.targetDbType = {{ sap_swpm_export_target_db_type }} + +# NW_ABAP_Export_Dialog.useAdditionalExportHosts = false +# NW_ABAP_Export_Dialog.useAdvancedUnloadConfig = false +# NW_ABAP_Export_Dialog.useCustomPackageOrder = false +# NW_ABAP_Export_Dialog.useCustomSortOrder = false +# NW_ABAP_Export_Dialog.useMigMonConfig = false +# NW_ABAP_Export_Dialog.useParallelExportImport = false +# NW_ABAP_Export_Dialog.useSplit = true +NW_ABAP_Export_Dialog.useSqlFiles = NOSQL +# NW_ABAP_Export_Dialog.useUnicodeTargetSystem = +NW_ABAP_Export_Dialog.useUnsortedUnload = true + +NW_Export.accessLevel4ExportDir = DEFAULT +NW_Export.choiceSepKernel = false +NW_Export.mainExportDir = {{ sap_swpm_export_files_path }} + +# Do not stop SAP System before data is unloaded +# SAP SWPM is unable to automatically stop the SAP System (i.e. DB, ASCS, PAS instances), +# if stop is true then SAP SWPM Unattended will fail on step mainExportParameters +NW_Export.stopRunningSystem = true + +NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile + +NW_getLoadType.loadType = {{ sap_swpm_load_type }} +NW_getLoadType.importManuallyExecuted = false +{% endif %} +{% if 'syscopy_import_anydb_ibmdb2' in sap_swpm_inifile_list %} + +###### +# syscopy_import_anydb_ibmdb2 +# Not in use by sap_swpm Ansible Role +###### +# db6.Additional_DbServer = +# db6.cluster.HADRPort1 = +# db6.cluster.HADRPort2 = +# db6.cluster.SyncMode = +# db6.ConfigureCluster = false +# db6.DropSchemaList = +# db6.InstallPureScale = false +# db6.InstallTSA = false +# db6.minimizeDatabaseSizeCompression = +# db6.minimizeDatabaseSizeCompressionJava = +# db6.minimizeDatabaseSizeDeferredTable = true +# db6.notuseMcod = +# db6.NumAdditionalPartitions = +# db6.useDB2ControlFiles = false +# db6.UseDb2NativeEncryption = false +# NW_adaptProfile.templateFiles = +# NW_CreateDBandLoad.movePVCforUsagePiAndDi = +db6.allowUnsignedDatabaseSoftware = true +db6.cluster.ClusterType = HADR (High Availability Disaster Recovery) +db6.usingSystemCopyBRforHADR = true +NW_getDBInfoGeneric.dbhost = {{ sap_swpm_db_host }} +NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} +NW_getLoadType.loadType = {{ sap_swpm_load_type }} +NW_getLoadType.importManuallyExecuted = false +NW_getUnicode.isUnicode = true +# NW_getDBInfoGeneric.strictDbSidCheck = true +storageBasedCopy.db6.CommunicationPortNumber = 5912 +storageBasedCopy.db6.PortRangeEnd = 5917 +storageBasedCopy.db6.PortRangeStart = 5914 +# storageBasedCopy.db6.db6updatedbpath = +{% endif %}