diff --git a/README.md b/README.md index 03a04fd0e..d413df34e 100644 --- a/README.md +++ b/README.md @@ -2,48 +2,143 @@ ![Ansible Lint](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint.yml/badge.svg?branch=main) -This Ansible Collection executes various SAP Software installations and configuration tasks for running various SAP solutions and deployment scenarios on Linux operating systems (RHEL or SLES). +## Description -This includes handlers for SAP HANA database lifecycle manager (HDBLCM) and SAP Software Provisioning Manager (SWPM), and can be combined with other Ansible Collections to provide end-to-end automation _(e.g. provision, download, install, operations)_. +This Ansible Collection executes various SAP Software installations and configuration tasks for various SAP solutions and deployment scenarios on supported Linux operating systems. +Included roles cover range of tasks: +- Preparation of Operating system and SAP installation media before installation +- Installation of SAP Database, either SAP HANA or Oracle Database +- Installation of SAP Products, like SAP S4HANA, SAP BW4HANA, SAP Netweaver, SAP Solution Manager and others. +- Configuration of replication of SAP HANA and High Availability clusters for SAP HANA and SAP Netweaver -**Examples of verified installations include:** +## Requirements + +### Control Nodes +Operating system: +- Any operating system with required Python and Ansible versions. + +Python: 3.11 or higher + +Ansible: 9.9.x + +Ansible-core: 2.16.x + +**NOTE: Ansible 10 and ansible-core 2.17.x are not supported, because of breaking changes requiring higher Python version on managed nodes.** + +### Managed Nodes +Operating system: +- SUSE Linux Enterprise Server for SAP applications 15 SP5+ (SLE4SAP) +- Red Hat Enterprise Linux for SAP Solutions 8.x 9.x (RHEL4SAP) + +**NOTE: Operating system needs to have access to required package repositories either directly or via subscription registration.** + + +Python: 3.6 or higher + + +## Installation Instructions + +### Installation +Install this collection with Ansible Galaxy command: +```console +ansible-galaxy collection install community.sap_install +``` + +Optionally you can include collection in requirements.yml file and include it together with other collections using: `ansible-galaxy collection install -r requirements.yml` +Requirements file need to be maintained in following format: +```yaml +collections: + - name: community.sap_install +``` + +### Upgrade +Installed Ansible Collection will not be upgraded automatically when Ansible package is upgraded. + +To upgrade the collection to the latest available version, run the following command: +```console +ansible-galaxy collection install community.sap_install --upgrade +``` + +You can also install a specific version of the collection, when you encounter issues with latest version. Please report these issues in affected Role repository if that happens. +Example of downgrading collection to version 1.4.0: +``` +ansible-galaxy collection install community.sap_install:==1.4.0 +``` + +See [Installing collections](https://docs.ansible.com/ansible/latest/collections_guide/collections_installing.html) for more details on installation methods. + + +## Use Cases + +### Example Scenarios +- Preparation of Operating system for SAP installation +- Preparation of SAP installation media for SAP installation +- Installation of SAP HANA (including High Availability with replication) or Oracle Database +- Installation of SAP S4HANA or other SAP products +- Configuration of Pacemaker cluster for SAP HANA and SAP Netweaver + +More deployment scenarios are available in [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) repository. + +### Ansible Roles +All included roles can be executed independently or as part of [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + +| Name | Summary | +| :--- | :--- | +| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | Install Oracle DB 19.x for SAP | +| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | Configure general OS settings for SAP software | +| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | Configure and enable SAP HANA System Replication | +| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | Configure Pacemaker cluster for SAP HANA and SAP Netweaver | +| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | Install SAP HANA via HDBLCM | +| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | Configure OS settings for SAP HANA database server | +| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | Install SAP Host Agent | +| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | Detect and extract SAP Software installation media | +| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | Maintain the /etc/hosts file of an SAP software host | +| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | Configure OS settings for SAP NetWeaver application server | +| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | Configure storage for SAP system (Folder structure, LVM, XFS, NFS) | +| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | Install SAP Software via SWPM | + + +## Testing +This Ansible Collection was tested across different Operating Systems, SAP products and scenarios. You can find examples of some of them below. + +Operating systems: +- SUSE Linux Enterprise Server for SAP applications 15 SP5+ (SLE4SAP) +- Red Hat Enterprise Linux for SAP Solutions 8.x 9.x (RHEL4SAP) + +Deployment scenarios: +- All scenarios included in [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) repository + +SAP Products: - SAP S/4HANA AnyPremise (1809, 1909, 2020, 2021, 2022, 2023) with setup as Standard, Distributed, High Availability and optional Maintenance Planner or Restore System Copy - SAP Business Suite (ECC) on HANA and SAP Business Suite (ECC) with SAP AnyDB - SAP ASE, SAP MaxDB, IBM Db2, Oracle DB - SAP BW/4HANA (2021, 2023) with setup as Standard or Scale-Out - SAP HANA 2.0 (SPS04+) with setup as Scale-Up, Scale-Out, High Availability - Other SAP installation activities; such as System Rename, System Copy Export, SAP Solution Manager and SAP Web Dispatcher +**NOTE: It is not possible to test every Operating System and SAP Product combination with every release. Testing is regularly done for common scenarios: SAP HANA, SAP HANA HA, SAP S4HANA Distributed HA** -**Please read the [full documentation](/docs#readme) for how-to guidance, requirements, and all other details. Summary documentation is below:** +## Contributing +You can find more information about ways you can contribute at [sap-linuxlab website](https://sap-linuxlab.github.io/initiative_contributions/). -## Contents +## Support +You can report any issues using [Issues](https://github.com/sap-linuxlab/community.sap_install/issues) section. -Within this Ansible Collection, there are various Ansible Roles and no custom Ansible Modules. -### Ansible Roles +## Release Notes and Roadmap +You can find the release notes of this collection in [Changelog file](https://github.com/sap-linuxlab/community.sap_install/blob/main/CHANGELOG.rst) -| Name | Summary | -| :--- | :--- | -| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | install Oracle DB 19.x for SAP | -| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | configure general OS settings for SAP software | -| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | install SAP HANA System Replication | -| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | install and configure pacemaker and SAP resources | -| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | install SAP HANA via HDBLCM | -| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | configure settings for SAP HANA database server | -| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | install SAP Host Agent | -| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | detect and extract SAP Software installation media | -| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | maintain the /etc/hosts file of an SAP software host | -| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | configure settings for SAP NetWeaver application server | -| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | configure storage for SAP HANA, with LVM partitions and XFS filesystem | -| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | install SAP Software via SWPM | -## License +## Further Information -- [Apache 2.0](./LICENSE) +### Variable Precedence Rules +Please follow [Ansible Precedence guidelines](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable) on how to pass variables when using this collection. -## Contributors +### Getting Started +More information on how to execute Ansible playbooks is in [Getting started guide](https://github.com/sap-linuxlab/community.sap_install/blob/main/docs/getting_started/README.md). -Contributors to the Ansible Roles within this Ansible Collection, are shown within [/docs/contributors](./docs/CONTRIBUTORS.md). + +## License +[Apache 2.0](https://github.com/sap-linuxlab/community.sap_install/blob/main/LICENSE) diff --git a/docs/README.md b/docs/README.md deleted file mode 100644 index b71bedb27..000000000 --- a/docs/README.md +++ /dev/null @@ -1,135 +0,0 @@ -# Documentation of community.sap_install Ansible Collection - -## Introduction - -The `sap_install` Ansible Collection provides a variety of automated tasks for the configuration and installation of SAP Software. - -Each Ansible Role contained within this Ansible Collection, performs a distinct set of tasks and are designed to be run independently or cohesively - depending on the outcome desired by an end-user. - - -## Functionality - -This Ansible Collection executes various SAP Software installations for different SAP solution scenarios. The code structure and logic has been separated to support a flexible execution of different steps for various scenarios. - -Any Ansible Roles labelled "preconfigure" and "prepare" are prerequisites, executed before the corresponding installation Ansible Roles (such as `sap_hana_install` or `sap_swpm`). - -At a high-level, the key installation functionality of this Ansible Collection includes: - -1. **OS Preparation activities for SAP HANA Database Server, SAP AnyDB Database Server or SAP NetWeaver Application Server** - -2. **SAP HANA installations via SAP HANA database lifecycle manager (HDBLCM)** - - Configure Firewall rules and Hosts file for SAP HANA database server instance/s - - Install SAP Host Agent - - Install SAP HANA database server, with any SAP HANA Component (e.g. Live Cache Apps, Application Function Library etc.) - - Apply license to SAP HANA - -3. **SAP HANA High Availability tasks** - - Install SAP HANA System Replication - - Install Linux Pacemaker, configure Pacemaker Fencing Agents for a given Infrastructure Platform - - Configure Linux Pacemaker Resource Agents for SAP HANA - -4. **Every SAP Software installation via SAP Software Provisioning Manager (SWPM)** - - Execute SAP SWPM Unattended installation - - Using on-the-fly generated inifile.params from Ansible Variables - - Using a list of inifile parameters in an Ansible Dictionary - - Re-using an existing inifile.params - -5. **SAP NetWeaver High Availability tasks** - - Install Linux Pacemaker, configure Pacemaker Fencing Agents for a given Infrastructure Platform - - Configure Linux Pacemaker Resource Agents for SAP NetWeaver ASCS/ERS - - -## Execution - -An Ansible Playbook is the file created and executed by an end-user, which imports from Ansible Collections to perform various activities on the target hosts. - -The Ansible Playbook can call either an Ansible Role, or directly call the individual Ansible Modules: - -- **Ansible Roles** (runs multiple Ansible Modules) -- **Ansible Modules** (and adjoining Python/Bash Functions) - -It is strongly recommended to execute these Ansible Roles in accordance to best practice Ansible usage, where an Ansible Playbook is executed from a host and Ansible will login to a target host to perform the activities. - -> If an Ansible Playbook is executed from the target host itself (similar to logging in and running a shell script), this is known as an Ansible Playbook 'localhost execution' and is not recommended as it has limitations on SAP Software installations (particularly installations across multiple hosts). - -At a high-level, complex executions with various interlinked activities are run in parallel or sequentially using the following execution structure: - -``` -Ansible Playbook --> source Ansible Collection --> execute Ansible Task ----> run Ansible Role ------> run Ansible Module (e.g. built-in Ansible Module for Shell) -``` - -### Execution examples - -There are various methods to execute the Ansible Collection, dependent on the use case. - -For more information, see [Getting started](./getting_started#readme) and edit the [sample Ansible Playbooks in `/playbooks`](../playbooks/). - - -## Requirements and Dependencies - -### Target host - Operating System requirements - -Designed for Linux operating systems, e.g. RHEL (7.x, 8.x, 9.x) and SLES (15 SPx). - -This Ansible Collection has not been tested and amended for SAP NetWeaver Application Server instantiations on IBM AIX or Windows Server. - -Assumptions for executing the Ansible Roles from this Ansible Collection include: - -- Registered OS -- OS Package repositories are available (from the relevant content delivery network of the OS vendor) - -N.B. The Ansible Collection works with SLES from version 15 SP3 and upwards, for the following reasons: - -- firewalld is used within the Ansible Collection. In SLES 15 SP3, firewalld became the replacement for nftables. See changelog [SLE-16300](https://www.suse.com/releasenotes/x86_64/SUSE-SLES/15-SP3/index.html#jsc-SLE-16300) -- SELinux is used within the Ansible Collection. While introduced earlier with community support, full support for SELinux was provided as of SLES 15 SP3. See changelog [SLE-17307](https://www.suse.com/releasenotes/x86_64/SUSE-SLES/15-SP3/index.html#jsc-SLE-17307) - -### Execution/Controller host - Operating System requirements - -Execution of Ansible Playbooks using this Ansible Collection have been tested with: -- Python 3.10.14 and above (i.e. CPython distribution) -- Ansible Core 2.16.9 and above _(included with optional installation of Ansible Community Edition 5.0 and above)_ -- OS: macOS with Homebrew, RHEL, SLES, and containers in Task Runners (e.g. Azure DevOps) - -#### Ansible Core version - -This Ansible Collection was designed for maximum backwards compatibility, with full compatibility starting from Ansible Core 2.16.9 and above. - -**Note 1:** Ansible 2.9 was the last release before the Ansible project was split into Ansible Core and Ansible Community Edition, and was before Ansible Collections functionality was introduced. This Ansible Collection should execute when Ansible 2.9 is used, but it is not recommended and errors should be expected (and will not be resolved). - -**Note 2:** Ansible Core versions prior to 2.14.12 , 2.15.8 , and 2.16.1 where `CVE-2023-5764` (templating inside `that` statement of `assert` Ansible Tasks) security fix was addressed, will work after `v1.3.4` of this Ansible Collection. Otherwise an error similar to the following will occur: - -```yaml -fatal: [host01]: FAILED! => - msg: 'The conditional check ''13 <= 128'' failed. The error was: Conditional is marked as unsafe, and cannot be evaluated.' -``` - - -## Testing - -Various SAP Software solutions have been extensively tested. - -Prior to each release, basic scenarios are executed to confirm functionality is working as expected; including SAP S/4HANA installation. - -Important note: it is not possible for the project maintainers to test every SAP Software installation and solution scenario for each OS hosted on each Infrastructure Platform, if an error is identified please raise a [GitHub Issue](/../../issues/). - - -### Ansible Roles Lint Status - -| Role Name | Ansible Lint Status | -| :--- | :--- | -| [sap_anydb_install_oracle](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_anydb_install_oracle) | N/A | -| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | [![Ansible Lint for sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml) | -| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | [![Ansible Lint for sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml) | -| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | [![Ansible Lint for sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml) | -| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | [![Ansible Lint for sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml) | -| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | [![Ansible Lint for sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml) | -| [sap_hostagent](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hostagent) | N/A | -| [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) | N/A | -| [sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_maintain_etc_hosts) | [![Ansible Lint for sap_maintain_etc_hosts](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_maintain_etc_hosts.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_maintain_etc_hosts.yml) | -| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | [![Ansible Lint for sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_netweaver_preconfigure.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_netweaver_preconfigure.yml) | -| [sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_storage_setup) | N/A | -| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | [![Ansible Lint for sap_swpm](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_swpm.yml/badge.svg)](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_swpm.yml) | diff --git a/docs/getting_started/README.md b/docs/getting_started/README.md index 7788e3c4d..c5b79b2c1 100644 --- a/docs/getting_started/README.md +++ b/docs/getting_started/README.md @@ -6,6 +6,7 @@ In this folder you will find sample files, a few additional tips for using the p - [Inventory and variable parameters](#inventory-and-variable-parameters) - [Security parameters](#security-parameters) - [Other useful options](#other-useful-options) + - [Improve readability of playbook output in terminal](#improve-readability-of-playbook-output-in-terminal) ## How to run playbooks @@ -95,3 +96,34 @@ These are not all available options, but ones that may help getting familiar wit Be careful to choose a task which covers pre-requisites, i.e. tasks that discover information which is used in subsequent tasks have to be run to fulfill conditionals. - `-C` attempts a dry-run of the playbook without applying actual changes. This is limited to simple tasks that do not require other changes already been done in previous tasks. - `--step` this executes the playbook but will prompt for every task to be run or skipped. At the prompt it can also be told to continue and not ask again, however. Useful to slow down execution and review each tasks result before proceeding with the next task. + +### Improve readability of playbook output in terminal +Note: For terminals with dark background, replace the color code `30m` by `37m`. +In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: +```yaml +printf "\033[37mreadable font\n" +``` +In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: +```yaml +printf "\033[30mreadable font\n" +``` + +Execution of `sap_general_preconfigure` playbook with a nice compact and colored output, this time for two hosts: +```console +ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | +awk '{sub (" \"msg\": ", "")} + /TASK/{task_line=$0} + /fatal:/{fatal_line=$0; nfatal[host]++} + /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} + /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} + /SAP note/{print "\033[30m[" host"] "$0} + /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} + /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} + /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} + /INFO:/{print "\033[34m[" host"] "$0} + /changed/&&/unreachable/{print "\033[30m[" host"] "$0} + END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { + printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line + } + else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' +``` diff --git a/roles/sap_anydb_install_oracle/README.md b/roles/sap_anydb_install_oracle/README.md index 9db03c630..c7e0cdd2c 100644 --- a/roles/sap_anydb_install_oracle/README.md +++ b/roles/sap_anydb_install_oracle/README.md @@ -1,54 +1,159 @@ + # sap_anydb_install_oracle Ansible Role + -Ansible role for Oracle DB 19.x installation for SAP +## Description + +The Ansible role `sap_anydb_install_oracle` is used to install Oracle Database 19.x for SAP system. + + + + + ## Prerequisites +Managed Nodes: +- Directory with installation media is present and `sap_anydb_install_oracle_extract_path` updated.
+ Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. + -### Software Installation files +## Execution + + + + + + +### Execution Flow + +1. Prepare OS: Install packages, create users, create folders and copy installation media. +2. Install Oracle Database in desired method +3. Execute post installation tasks +4. Apply Oracle Patches if available + + +### Example + +```yaml +--- +- name: Ansible Play for Oracle Database installation + hosts: oracle_host + become: true + tasks: + - name: Execute Ansible Role sap_anydb_install_oracle + ansible.builtin.include_role: + name: community.sap_install.sap_anydb_install_oracle + vars: + sap_anydb_install_oracle_method: minimal + sap_anydb_install_oracle_sid: "OR1" + sap_anydb_install_oracle_base: "/oracle" + sap_anydb_install_oracle_system_password: "Password1%" + sap_anydb_install_oracle_extract_path: "/software/oracledb_extracted" +``` + -Download installation media from SAP Download Center on host, and set Ansible Variable `sap_anydb_install_oracle_extract_path` to this path. + + -### Default Parameters + + -Please check the default parameters file for more information on other parameters that can be used as an input -- [**sap_anydb_install_oracle** default parameters](defaults/main.yml) +## License + +Apache 2.0 + -## Execution +## Maintainers + +- [Sean Freeman](https://github.com/sean-freeman) + -Sample Ansible Playbook Execution: +## Role Variables + +### sap_anydb_install_oracle_prep_reboot_ok -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-anydb-oracle-install.yml -e "@inputs/oracledb.install"` +- _Type:_ `bool` +- _Default:_ `True` -- Target Host Installation - - `ansible-playbook -i "" sap-anydb-oracle-install.yml -e "@inputs/oracledb.install"` +Allows reboot of Managed node after packages are installed during pre-steps tasks. -## Sample playbook +### sap_anydb_install_oracle_prep_fail_if_reboot_required -```yaml ---- -- hosts: all - become: true +- _Type:_ `bool` +- _Default:_ `False` - collections: - - community.sap_install +Enable to fail execution if packages are installed during pre-steps tasks, but you don't want to proceed with reboot. - vars: - sap_anydb_install_oracle_method: minimal - sap_anydb_install_oracle_sid: "OR1" - sap_anydb_install_oracle_base: "/oracle" - sap_anydb_install_oracle_system_password: "Password1%" - sap_anydb_install_oracle_extract_path: "/software/oracledb_extracted" +### sap_anydb_install_oracle_prep_precheck - - name: Execute Ansible Role sap_anydb_install_oracle - include_role: - name: { role: community.sap_install.sap_anydb_install_oracle } -``` +- _Type:_ `bool` +- _Default:_ `False` -## License +Enable to execute installation in Check mode to verify all inputs. This is extra validation and it does not disable installation. + +### sap_anydb_install_oracle_method + +- _Type:_ `string` +- _Default:_ `minimal` + +Select installation method out of available: `minimal` or `responsefile`. + +### sap_anydb_install_oracle_sid: + +- _Type:_ `string` +- _Default:_ `OR1` + +Enter Oracle Database SID. + +### sap_anydb_install_oracle_base + +- _Type:_ `string` +- _Default:_ `/oracle` + +Enter base folder for Oracle Database installation. + +### sap_anydb_install_oracle_filesystem_storage + +- _Type:_ `string` +- _Default:_ `/oradata` + +Enter path for `oracle.install.db.config.starterdb.fileSystemStorage.dataLocation` + +### sap_anydb_install_oracle_inventory_central + +- _Type:_ `string` +- _Default:_ `/oraInventory` + +Enter path for `INVENTORY_LOCATION` + +### sap_anydb_install_oracle_system_password + +- _Type:_ `string` + +Enter password for Oracle SYSTEM user. + +### sap_anydb_install_oracle_extract_path + +- _Type:_ `string` + +Enter path of Installation media, for example: `/software`. + +### sap_anydb_install_oracle_patch_opatch_zip + +- _Type:_ `string` + +Enter name of Oracle opatch file, for example: `OPATCH19P_2308-70004508.ZIP` + +### sap_anydb_install_oracle_patch_sap_zip + +- _Type:_ `string` + +Enter name of Oracle SAP patch file, for example: `SAP19P_2311-70004508.ZIP` -Apache license 2.0 +### sap_anydb_install_oracle_patch_enable -## Author Information +- _Type:_ `bool` +- _Default:_ `False` -Sean Freeman +Enable to allow post-installation patching. + \ No newline at end of file diff --git a/roles/sap_anydb_install_oracle/defaults/main.yml b/roles/sap_anydb_install_oracle/defaults/main.yml index 5fb993aae..ef7a5e71c 100644 --- a/roles/sap_anydb_install_oracle/defaults/main.yml +++ b/roles/sap_anydb_install_oracle/defaults/main.yml @@ -1,11 +1,11 @@ # SPDX-License-Identifier: Apache-2.0 --- -sap_anydb_install_oracle_prep_reboot_ok: yes +sap_anydb_install_oracle_prep_reboot_ok: true -sap_anydb_install_oracle_prep_fail_if_reboot_required: no +sap_anydb_install_oracle_prep_fail_if_reboot_required: false -sap_anydb_install_oracle_prep_precheck: no +sap_anydb_install_oracle_prep_precheck: false # minimal, responsefile sap_anydb_install_oracle_method: minimal diff --git a/roles/sap_general_preconfigure/README.md b/roles/sap_general_preconfigure/README.md index 65875d070..3511e61e9 100644 --- a/roles/sap_general_preconfigure/README.md +++ b/roles/sap_general_preconfigure/README.md @@ -1,32 +1,144 @@ + # sap_general_preconfigure Ansible Role + +![Ansible Lint for sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_general_preconfigure.yml/badge.svg) -This role installs required packages and performs configuration steps which are required for installing and running SAP NetWeaver or SAP HANA. Specific installation and configuration steps on top of these basic steps are performed with roles sap-netweaver-preconfigure and sap-hana-preconfigure. Future implementations may reduce the scope of this role, for example if certain installation or configuration steps are done in the more specific roles. +## Description + +The Ansible role `sap_general_preconfigure` installs required packages and performs basic OS configuration steps according to applicable SAP notes for installing and running SAP HANA or SAP ABAP Application Platform (formerly known as SAP NetWeaver). -For SLES systems, this role may not be necessary. The majority of SAP preparation and tuning is covered by `saptune` which is configured in the `sap_hana_preconfigure` and `sap_netweaver_preconfigure` roles. +Specific installation and configuration steps then have to be performed with the roles [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) and [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure). + -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -To use this role, your system needs to be installed according to: -- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section "Installing Red Hat Enterprise Linux 7" -- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 8". -- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 9". - -Note ----- -Do not run this role against an SAP or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` +- `community.sap_install` (This collection) + - Roles: + - `sap_maintain_etc_hosts` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + + +## Prerequisites + +(Red Hat specific) Ensure system is installed according to: +- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 8`. +- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section `Installing Red Hat Enterprise Linux 9`. + + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages and patch system if `sap_general_preconfigure_update:true` +3. Apply configurations based on SAP Notes +4. Reboot Managed nodes if packages were installed or patched and `sap_general_preconfigure_reboot_ok: true` + + +### Example + +```yaml +--- +- name: Ansible Play for SAP HANA HA Scale-up preconfigure + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure +``` +Further referenced as `example.yml` + - -## Role Input Parameters + +### Role Tags +With the following tags, the role can be called to perform certain activities only: +- tag `sap_general_preconfigure_installation`: Perform only the installation tasks +- tag `sap_general_preconfigure_configuration`: Perform only the configuration tasks +- tag `sap_general_preconfigure_3108316`: Perform only the tasks(s) related to this SAP note. +- tag `sap_general_preconfigure_2772999_03`: Perform only the tasks(s) related to step 3 of the SAP note. +- tag `sap_general_preconfigure_etc_hosts`: Perform only the tasks(s) related to this step. This step might be one of multiple + configuration activities of a SAP note. Also this step might be valid for multiple RHEL major releases. -#### Minimum required parameters: +
+ How to run sap_general_preconfigure with tags + + #### Perform only installation tasks: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_installation + ``` + + #### Perform only configuration tasks: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration + ``` + + #### Verify and modify /etc/hosts file: + ```console + ansible-playbook sap.yml --tags=sap_general_preconfigure_etc_hosts + ``` + + #### Perform all configuration steps except verifying and modifying the /etc/hosts file + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_etc_hosts + ``` + + #### (Red Hat) Perform configuration activities related to SAP note 3108316 (RHEL 9) + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316 + ``` + + #### (Red Hat) Perform configuration activities related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9) + ``` + ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316_02 + ``` + + #### (Red Hat) Perform all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific) + ``` + ansible-playbook sap-general-preconfigure.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_3108316_02 + ``` +
+ + + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -This role does not require any parameter to be set in the playbook or inventory. +## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Variables + +### Controlling execution with input parameters +Extended Check (assert) run, aborting for any error which has been found: +```yaml +ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes}" +``` +Extended Check (assert) run, not aborting even if an error has been found: +```yaml +ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes,sap_general_preconfigure_assert_ignore_errors: no}" +``` ### sap_general_preconfigure_config_all - _Type:_ `bool` @@ -72,13 +184,11 @@ This is useful if the role is used for reporting a system's SAP notes compliance ### sap_general_preconfigure_system_roles_collection - _Type:_ `str` - _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
+Available values: +- `fedora.linux_system_roles` - for community/upstream.
+- `redhat.rhel_system_roles` - for the RHEL System Roles for SAP, or for Red Hat Automation Hub.
### sap_general_preconfigure_enable_repos - _Type:_ `bool` @@ -331,125 +441,4 @@ Example: ```yaml sap_general_preconfigure_db_group_name: dba ``` - - - -## Tags (RHEL systems only) - -With the following tags, the role can be called to perform certain activities only: -- tag `sap_general_preconfigure_installation`: Perform only the installation tasks -- tag `sap_general_preconfigure_configuration`: Perform only the configuration tasks -- tag `sap_general_preconfigure_3108316`: Perform only the tasks(s) related to this SAP note. -- tag `sap_general_preconfigure_2772999_03`: Perform only the tasks(s) related to step 3 of the SAP note. -- tag `sap_general_preconfigure_etc_hosts`: Perform only the tasks(s) related to this step. This step might be one of multiple - configuration activities of a SAP note. Also this step might be valid for multiple RHEL major releases. - -Sample call for only performing all installation and configuration tasks (sample playbook name sap.yml, see the next section for -an example). This is the default behavior. If no tag is specified, all installation and configuration tasks are enabled: -``` -# ansible-playbook sap.yml -``` - -Sample call for only performing all installation tasks: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_installation -``` - -Sample call for only performing all configuration tasks: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration -``` - -Sample call for only verifying and modifying the /etc/hosts file: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_etc_hosts -``` - -Sample call for performing all configuration steps except verifying and modifying the /etc/hosts file: -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_etc_hosts -``` - -Sample call for only performing the configuration activities related to SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316 -``` - -Sample call for performing all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -Sample call for only performing the configuration activities related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap.yml --tags=sap_general_preconfigure_3108316_02 -``` - -Sample call for performing all configuration activities except those related to step 2 (SELinux settings) of SAP note 3108316 (RHEL 9 specific): -``` -# ansible-playbook sap-general-preconfigure.yml --tags=sap_general_preconfigure_configuration --skip_tags=sap_general_preconfigure_3108316_02 -``` - -## Dependencies - -This role does not depend on any other role. - -## Example Playbook - -Simple playbook, named sap.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure -``` - -## Example Usage - -Normal run: -```yaml -ansible-playbook sap.yml -l remote_host -``` - -Extended Check (assert) run, aborting for any error which has been found: -```yaml -ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes}" -``` - -Extended Check (assert) run, not aborting even if an error has been found: -```yaml -ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: no}" -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## License - -Apache license 2.0 - -## Author Information - -Red Hat for SAP Community of Practice, Bernd Finger, Markus Koch, Rainer Leber + \ No newline at end of file diff --git a/roles/sap_ha_install_anydb_ibmdb2/README.md b/roles/sap_ha_install_anydb_ibmdb2/README.md index 808f032ed..92e604b03 100644 --- a/roles/sap_ha_install_anydb_ibmdb2/README.md +++ b/roles/sap_ha_install_anydb_ibmdb2/README.md @@ -1,82 +1,111 @@ `EXPERIMENTAL` - + # sap_ha_install_anydb_ibmdb2 Ansible Role + -Ansible Role for instantiation of IBM Db2 'Integrated Linux Pacemaker' HADR cluster +## Description + +The Ansible Role for instantiation of IBM Db2 'Integrated Linux Pacemaker' HADR cluster. -Note: IBM Db2 with 'Integrated Linux Pacemaker' can use two deployment models: +**NOTE:** IBM Db2 with 'Integrated Linux Pacemaker' can use two deployment models: - Mutual Failover option, **not** covered by this Ansible Role -- High Availability and Disaster Recovery (HADR) option for Idle Standby, initialised by this Ansible Role +- High Availability and Disaster Recovery (HADR) option for Idle Standby, initialized by this Ansible Role + + + + ## Prerequisites +Managed nodes: +- Directory with installation media is present and `sap_ha_install_anydb_ibmdb2_software_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. -### Software Installation files - -Download IBM Db2 installation media from SAP Download Center on host, and set Ansible Variable `sap_ha_install_anydb_ibmdb2_software_directory` to this path. - -### Variables - -- `sap_ha_install_anydb_ibmdb2_hostname_primary` with the IBM Db2 Primary node hostname -- `sap_ha_install_anydb_ibmdb2_hostname_secondary` with the IBM Db2 Secondary node hostname -- `sap_ha_install_anydb_ibmdb2_sid` with the IBM Db2 System ID -- `sap_ha_install_anydb_ibmdb2_software_directory` with the IBM Db2 installation media path - -These are listed in the default variables file, but commented-out to enforce the required variables: -- [**sap_ha_install_anydb_ibmdb2** default parameters](defaults/main.yml) - -## Requirements and Dependencies +Software compatibility: +- This Ansible Role is applicable to IBM Db2 11.5 certified for SAP. +- It is applicable to 11.5.9 and later, which provides `db2cm` binary compatibility for AWS, GCP and MS Azure. + -This Ansible Role is applicable to IBM Db2 11.5 certified for SAP. - -It is applicable to 11.5.9 and later, which provides `db2cm` binary compatibility for AWS, GCP and MS Azure. +## Execution + +### Supported Platforms +| Platform | Status | Notes | +| -------- | --------- | --------- | +| AWS EC2 Virtual Servers | :heavy_check_mark: | | +| Google Cloud Compute Engine Virtual Machine | :heavy_check_mark: | | +| Microsoft Azure Virtual Machines | :heavy_check_mark: | | +| IBM Cloud Virtual Server | :heavy_check_mark: | | + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Detect target infrastructure platform. +3. Execute platform specific configuration. +4. Instantiate IBM Db2 'Integrated Linux Pacemaker' HADR cluster. + + +### Example + +```yaml +--- +- name: Ansible Play for IBM Db2 Database installation + hosts: db2_host + become: true + tasks: + - name: Execute Ansible Role sap_ha_install_anydb_ibmdb2 + ansible.builtin.include_role: + name: community.sap_install.sap_ha_install_anydb_ibmdb2 + vars: + sap_ha_install_anydb_ibmdb2_sid: SD1 # Sandbox Database for D01 SAP System + sap_ha_install_anydb_ibmdb2_hostname_primary: db2-p + sap_ha_install_anydb_ibmdb2_hostname_secondary: db2-s + sap_ha_install_anydb_ibmdb2_software_directory: /software/ibmdb2_extracted +``` + -### Target host - Infrastructure Platforms + + -This Ansible Role contains Infrastructure Platform specific alterations for: -- AWS EC2 Virtual Servers -- Microsoft Azure Virtual Machines -- Google Cloud Compute Engine Virtual Machine -- IBM Cloud Virtual Server + + -### Target host - Operating System requirements +## License + +Apache 2.0 + -Designed for Linux operating systems, e.g. RHEL (7.x and 8.x) and SLES (15.x). +## Maintainers + +- [Sean Freeman](https://github.com/sean-freeman) + -## Execution +## Role Variables + +### sap_ha_install_anydb_ibmdb2_hostname_primary -Sample Ansible Playbook Execution: +- _Type:_ `string` -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-ha-anydb-ibmdb2-init.yml -e "@inputs/ibmdb2_vars.yml` +Enter IBM Db2 Primary node hostname -- Target Host Installation - - `ansible-playbook -i "" sap-ha-anydb-ibmdb2-init.yml -e "@inputs/ibmdb2_vars.yml"` -## Sample Ansible Playbook +### sap_ha_install_anydb_ibmdb2_hostname_secondary -```yaml ---- -- hosts: all +- _Type:_ `string` - collections: - - community.sap_install +Enter IBM Db2 Secondary node hostname - vars: - sap_ha_install_anydb_ibmdb2_sid: SD1 # Sandbox Database for D01 SAP System - sap_ha_install_anydb_ibmdb2_hostname_primary: db2-p - sap_ha_install_anydb_ibmdb2_hostname_secondary: db2-s - sap_ha_install_anydb_ibmdb2_software_directory: /software/ibmdb2_extracted +### sap_ha_install_anydb_ibmdb2_sid - - name: Execute Ansible Role sap_ha_install_anydb_ibmdb2 - ansible.builtin.include_role: - name: community.sap_install.sap_ha_install_anydb_ibmdb2 -``` +- _Type:_ `string` -## License +Enter IBM Db2 System ID -Apache license 2.0 +### sap_ha_install_anydb_ibmdb2_software_directory -## Author Information +- _Type:_ `string` -Sean Freeman +Enter IBM Db2 installation media path + \ No newline at end of file diff --git a/roles/sap_ha_install_hana_hsr/README.md b/roles/sap_ha_install_hana_hsr/README.md index f8a5730b3..9d2a1ae21 100644 --- a/roles/sap_ha_install_hana_hsr/README.md +++ b/roles/sap_ha_install_hana_hsr/README.md @@ -1,70 +1,132 @@ + # sap_ha_install_hana_hsr Ansible Role + +![Ansible Lint for sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_install_hana_hsr.yml/badge.svg) -Ansible role for SAP HANA System Replication Setup on 2 nodes. +## Description + +The Ansible Role `sap_ha_install_hana_hsr` is used to configure and enable SAP HANA System Replication between 2 nodes. + + + + + ## Prerequisites +Managed nodes: +- Same Operating system version +- SAP HANA is installed with same version on both nodes. + + +## Execution + + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order: +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. *`sap_ha_install_hana_hsr`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Verify connection between nodes. +3. Update /etc/hosts, hdbuserstore, Log mode, PKI +4. Execute database backup +5. Configure SAP HANA System Replication + + +### Example + +```yaml +--- +- name: Ansible Play for SAP HANA System Replication setup + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_ha_install_hana_hsr + ansible.builtin.include_role: + name: community.sap_install.sap_ha_install_hana_hsr + vars: + sap_ha_install_hana_hsr_cluster_nodes: + - node_name: h01hana0 + node_ip: "10.10.10.10" + node_role: primary + hana_site: DC01 + + - node_name: h01hana1 + node_ip: "10.10.10.11" + node_role: secondary + hana_site: DC02 + + sap_ha_install_hana_hsr_sid: H01 + sap_ha_install_hana_hsr_instance_number: "01" + sap_ha_install_hana_hsr_hdbuserstore_system_backup_user: "HDB_SYSTEMDB" + sap_ha_install_hana_hsr_db_system_password: "Password" + sap_ha_install_hana_hsr_fqdn: example.com +``` + -- target nodes are on the same OS level -- target nodes are using the same SAP HANA release + + -## Overview + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -The **sap_ha_install_hana_hsr** role is part of this system role sequence: +## License + +Apache 2.0 + -| Sequence | System Role | Description | -| :------: | :----------------------- | :----------------------------------------------------------- | -| 1. | sap_general_preconfigure | System Preparation for SAP | -| 2. | sap_hana_preconfigure | System Preparation for SAP HANA | -| 3. | sap_hana_install | Installation of SAP HANA Database | -| _4._ | _sap_ha_install_hana_hsr_ | _Configuration of SAP HANA System Replication_ | -| 5. | sap_ha_pacemaker_cluster | Linux Pacemaker cluster setup and SAP resources configuration | +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) + -The **sap_ha_install_hana_hsr** roles configures a HANA system replication relationship which is used by the pacemaker cluster to automate SAP HANA System Replication (HSR). Prerequisite is the SAP HANA installation on the nodes. +## Role Variables + +### sap_ha_install_hana_hsr_sid -## Tasks included +- _Type:_ `string` +- _Default:_ `{{ sap_hana_sid }}` -| Task | Description | -| ---------------------- | ----------------------------------------------------------------------------------- | -| update_etchosts.yml | ensures that all nodes of the cluster are configured in all nodes' /etc/hosts | -| configure_firewall.yml | this will configure the firewall für HANA system replication (disabled) | -| hdbuserstore.yml | create a user in the hdbuserstore | -| log_mode.yml | check/set database logmode | -| pki_files.yml | copy pki file from primary to secondary database | -| run_backup.yml | perform backup on the primary note as pre required step for HANA system replication | -| configure_hsr.yml | enable HANA system replication on primary node and register secondary database node | +Enter SID of SAP HANA database. -## Common Variables/Parameters Used +### sap_ha_install_hana_hsr_instance_number -| Name | Description | Value | -| -------------------------------- | ------------------------------- | ---------------------- | -| sap_domain | Domain Name | example: `example.com` | -| sap_hana_sid | SAP ID | example: `RH1` | -| sap_hana_instance_number | Instance Number | example: `"00"` | -| sap_hana_install_master_password | DB System Password | -| sap_hana_cluster_nodes | Parameter list of cluster nodes | -| sap_hana_hacluster_password | Pacemaker hacluster Password | +- _Type:_ `string` +- _Default:_ `{{ sap_hana_instance_number }}` -## Role specific Variables +Enter string value of SAP HANA SID. -| Name | Description | Value | -| --------------------------------- | ---------------- | -------------------- | -| sap_ha_install_hana_hsr_rep_mode | replication mode | default is sync | -| sap_ha_install_hana_hsr_oper_mode | operation mode | default is logreplay | +### sap_ha_install_hana_hsr_cluster_nodes -## Example Parameter File +- _Type:_ `list` +- _Default:_ `{{ sap_hana_cluster_nodes }}` -```yaml -sap_hana_sid: "DB1" -sap_hana_instance_number: "00" -sap_hana_install_master_password: "my_hana-password" +List of cluster nodes and associated attributes to describe the target SAP HA environment.
+This is required for the HANA System Replication configuration.
-### Cluster Definition -sap_ha_install_pacemaker_cluster_name: cluster1 -sap_hana_hacluster_password: "my_hacluster-password" +- **hana_site**
+ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). +- **node_ip**
+ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ +- **node_name**
+ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ +- **node_role**
+ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ -sap_domain: example.com +Example: -sap_hana_cluster_nodes: +```yaml +sap_ha_install_hana_hsr_cluster_nodes: - node_name: node1 node_ip: 192.168.1.11 node_role: primary @@ -76,28 +138,44 @@ sap_hana_cluster_nodes: hana_site: DC02 ``` -### Execution Design +### sap_ha_install_hana_hsr_hdbuserstore_system_backup_user -Having the parameters specified as above, it can be executed with one command: +- _Type:_ `string` +- _Default:_ `HDB_SYSTEMDB` -```text -ansible-playbook example_playbook_with_parameters.ymnl -``` +Enter name of SYSTEM user for backup execution. -If you need to execute the role using an external handled, you can also limit the playbook for specific a **host** adding parameter defined in e **parameter_file**. +### sap_ha_install_hana_hsr_db_system_password -```text -ansible-playbook -l node1 example_playbook.yml -e @parameter_file.yml -``` +- _Type:_ `string` +- _Default:_ `{{ sap_hana_install_master_password }}` -A good way to start is executing the playbook with the option _--list_tasks_. You can than start a playbook with the option _--start-at-task_ at a specific point. _--list_task_ will not start any task. +Enter password of SYSTEM user for backup execution. -For more information please check +### sap_ha_install_hana_hsr_fqdn -```text -ansible-playbook --help -``` +- _Type:_ `string` +- _Default:_ {{ sap_domain }} -## License +Enter domain of SAP system, for example `example.com`. + +### sap_ha_install_hana_hsr_rep_mode + +- _Type:_ `string` +- _Default:_ `sync` + +Enter SAP HANA System Replication mode. + +### sap_ha_install_hana_hsr_oper_mode + +- _Type:_ `string` +- _Default:_ `logreplay` + +Enter SAP HANA System Replication operation mode. + +### sap_ha_install_hana_hsr_update_etchosts +- _Type:_ `bool` +- _Default:_ `True` -Apache license 2.0 +Enable to update /etc/hosts file. + \ No newline at end of file diff --git a/roles/sap_ha_pacemaker_cluster/README.md b/roles/sap_ha_pacemaker_cluster/README.md index de8c02791..97491599f 100644 --- a/roles/sap_ha_pacemaker_cluster/README.md +++ b/roles/sap_ha_pacemaker_cluster/README.md @@ -1,146 +1,180 @@ - + # sap_ha_pacemaker_cluster Ansible Role - + ![Ansible Lint for sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml/badge.svg) -Ansible Role for installation and configuration of Linux Pacemaker for High Availability of SAP Systems run on various Infrastructure Platforms. - -## Scope - -This Ansible Role provides: -- installation of Linux Pacemaker packages and dependencies -- configuration of Linux Pacemaker cluster with all relevant fencing agent and resource agent for an Infrastructure Platform and SAP Software (SAP HANA or SAP NetWeaver) -- setup and instantiation of Linux Pacemaker cluster (using `ha_cluster` Linux System Role) - -This Ansible Role has been tested for the following SAP Software Solution scenario deployments: -- SAP HANA Scale-up High Availability (SAPHanaSR Classic and SAPHanaSR-angi) -- SAP NetWeaver (ABAP) AS ASCS and ERS High Availability -- `Experimental:` SAP NetWeaver (ABAP) AS PAS and AAS High Availability -- `Experimental:` SAP NetWeaver (JAVA) AS SCS and ERS High Availability - -This Ansible Role contains Infrastructure Platform specific alterations for: -- AWS EC2 Virtual Servers -- `Beta:` Microsoft Azure Virtual Machines -- `Experimental:` Google Cloud Compute Engine Virtual Machine -- `Experimental:` IBM Cloud Virtual Server -- `Experimental:` IBM Power Virtual Server from IBM Cloud -- `Experimental:` IBM PowerVC hypervisor Virtual Machine - -Please note, this Ansible Role `sap_ha_pacemaker_cluster` is acting as a wrapper and generates the parameter definitions for a given SAP System, Infrastructure Platform specific variables and other additional steps to complete the SAP High Availability setup using Linux Pacemaker clusters. - -### Warnings :warning: - -- :warning: Do **not** execute this Ansible Role against already configured Linux Pacemaker cluster nodes; unless you know what you are doing and have prepared the input variables for the Ansible Role according to / matching to the existing Linux Pacemaker setup! -- :warning: Infrastructure Platforms not explicitly listed as available/tested are very unlikely to work. - -## Functionality - -_All of the following functionality is provided as **Technology Preview**._ - -### SAP HANA scale-up (performance-optimized) with SAP HANA System Replication, High Availability using Linux Pacemaker 2-node cluster - -| Platform | Usability | -| -------- | --------- | -| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | -| :heavy_check_mark: OVirt VM | tested and working | -| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | +## Description + +The Ansible Role `sap_ha_pacemaker_cluster` is used to install and configure Linux Pacemaker High Availability clusters for SAP HANA and SAP Netweaver systems on various infrastructure platforms. + -### SAP NetWeaver (ABAP) ASCS and ERS, High Availability using Linux Pacemaker 2-node cluster + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `ha_cluster` -| Platform | Usability | -| -------- | --------- | -| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | -| :heavy_check_mark: OVirt VM | tested and working | -| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | - -## Requirements - -The Ansible Role requires the SAP HANA Database Server or SAP NetWeaver Application Server software installation to already exist on the target host/s. - -The target host must be either: -- Red Hat - - OS version: Registered RHEL4SAP (HA and US) 8.4+ - - OS package repositories enabled: SAP and High Availability -- SUSE - - OS version: Registered SLES for SAP 15+ (SLES4SAP 15+) - - OS package repositories enabled: HA Extension is part of registered SLES4SAP - - - -The Ansible Control System (where Ansible is executed from) must have: -- Ansible Core 2.9+ -- Access to dependency Ansible Collections and Ansible Roles: - - **Upstream**: - - Ansible Collection [`community.sap_install` from Ansible Galaxy](https://galaxy.ansible.com/community/sap_install) version `1.4.1` or later - - Ansible Collection [`fedora.linux_system_roles` from Ansible Galaxy](https://galaxy.ansible.com/fedora/linux_system_roles) version `1.82.0` or later - - **Supported (Downstream)** via Red Hat Ansible Automation Platform (AAP) license: - - Ansible Collection [`redhat.sap_install` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/sap_install) version `1.3.0` or later - - Ansible Collection [`redhat.rhel_system_roles` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles) version `1.20.0` or later - - **Supported (Downstream)** via RHEL4SAP license: - - RHEL System Roles for SAP RPM Package `rhel-system-roles-sap-3.6.0` or later - - RHEL System Roles RPM Package `rhel-system-roles-1.20.0` or later +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + ## Prerequisites +Infrastructure: +- It is required to create them manually or using [sap_vm_provision](https://github.com/sap-linuxlab/community.sap_infrastructure/tree/main/roles/sap_vm_provision) role, because this role does not create any Cloud platform resources that are required by Resource Agents. -All SAP Software must be installed, and all remote/file storage mounts must be available with correct permissions defined by SAP documentation. For SAP HANA High Availability, SAP HANA System Replication must already be installed. +Managed nodes: +- Supported SAP system is installed. See [Recommended](#recommended) section. +- SAP HANA System Replication is configured for SAP HANA HA cluster. See [Recommended](#recommended) section. +- Operating system has access to all required packages +- All required ports are open (details below) -In addition, the following network ports must be available: - -| **SAP Technical Application and Component** | **Port** | +| SAP HANA System Replication process | Port | +| --- | --- | +| hdbnameserver
used for log and data shipping from a primary site to a secondary site.
System DB port number plus 10,000 | 4``01 | +| hdbnameserver
unencrypted metadata communication between sites.
System DB port number plus 10,000 | 4``02 | +| hdbnameserver
used for encrypted metadata communication between sites.
System DB port number plus 10,000 | 4``06 | +| hdbindexserver
used for first MDC Tenant database schema | 4``03 | +| hdbxsengine
used for SAP HANA XSC/XSA | 4``07| +| hdbscriptserver
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | +| hdbxsengine
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | + +| Linux Pacemaker process | Port | | --- | --- | -| **_SAP HANA System Replication_** | | -| hdbnameserver
used for log and data shipping from a primary site to a secondary site.
System DB port number plus 10,000 | 4``01 | -| hdbnameserver
unencrypted metadata communication between sites.
System DB port number plus 10,000 | 4``02 | -| hdbnameserver
used for encrypted metadata communication between sites.
System DB port number plus 10,000 | 4``06 | -| hdbindexserver
used for first MDC Tenant database schema | 4``03 | -| hdbxsengine
used for SAP HANA XSC/XSA | 4``07| -| hdbscriptserver
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | -| hdbxsengine
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000 | 4``40-97 | -| **_Linux Pacemaker_** | | | pcsd
cluster nodes requirement for node-to-node communication | 2224 (TCP)| | pacemaker
cluster nodes requirement for Pacemaker Remote service daemon | 3121 (TCP) | | corosync
cluster nodes requirement for node-to-node communication | 5404-5412 (UDP) | + + +## Execution + +**:warning: This ansible role will destroy and then recreate Linux Pacemaker cluster in process.**
+:warning: Do not execute this Ansible Role against existing Linux Pacemaker clusters unless you know what you are doing and you prepare inputs according to existing cluster. + +### Supported Platforms +| Platform | Status | Notes | +| -------- | --------- | --------- | +| Physical server | :heavy_check_mark: | Need to specify valid fence agent | +| AWS EC2 Virtual Servers | :heavy_check_mark: | | +| Google Cloud Compute Engine Virtual Machine | :heavy_check_mark: | | +| Microsoft Azure Virtual Machines | :heavy_check_mark: | | +| IBM Cloud Virtual Server | :heavy_check_mark: | | +| IBM Power Virtual Server from IBM Cloud | :heavy_check_mark: | | +| IBM PowerVC hypervisor Virtual Machine | :heavy_check_mark: | | +| OVirt VM | :heavy_check_mark: | | + +### Supported scenarios + +| Platform | Variant | Status | +| -------- | --------- | --------- | +| SAP HANA scale-up (performance-optimized) 2 nodes | SAPHanaSR Classic | :heavy_check_mark: | +| SAP HANA scale-up (performance-optimized) 2 nodes | SAPHanaSR-angi | :heavy_check_mark: | +| SAP NetWeaver (ABAP) ASCS and ERS 2 nodes | Classic | :heavy_check_mark: | +| SAP NetWeaver (ABAP) ASCS and ERS 2 nodes | Simple Mount | :heavy_check_mark: | + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+#### SAP HANA cluster +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) +6. *`sap_ha_pacemaker_cluster`* + +#### SAP Netweaver cluster +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) +5. *`sap_ha_pacemaker_cluster`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Detect target infrastructure platform and prepare recommended inputs unless they were provided. +3. Prepare variables with all cluster parameters and resources. +4. Execute role `ha_cluster` from Ansible Collection `fedora.linux_system_roles` with prepared inputs. +5. Execute SAP product specific post tasks and verify cluster is running. + + +### Example + +```yaml +--- +- name: Ansible Play for SAP HANA HA Scale-up cluster setup + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_ha_pacemaker_cluster + ansible.builtin.include_role: + name: community.sap_install.sap_ha_pacemaker_cluster + vars: + sap_ha_pacemaker_cluster_cluster_name: clusterhdb + sap_ha_pacemaker_cluster_hacluster_user_password: 'clusterpass' + + sap_ha_pacemaker_cluster_sap_type: saphana_scaleup + sap_ha_pacemaker_cluster_host_type: + - hana_scaleup_perf + + sap_ha_pacemaker_cluster_hana_sid: "H01" + sap_ha_pacemaker_cluster_hana_instance_nr: "01" + + sap_ha_pacemaker_cluster_cluster_nodes: + - node_name: h01hana0 + node_ip: "10.10.10.10" + node_role: primary + hana_site: DC01 + + - node_name: h01hana1 + node_ip: "10.10.10.11" + node_role: secondary + hana_site: DC02 + sap_ha_pacemaker_cluster_replication_type: none + sap_ha_pacemaker_cluster_vip_resource_group_name: viphdb +``` + -## Execution Flow - -The Ansible Role is sequential: -- Validate input Ansible Variables -- Identify host's Infrastructure Platform -- Generate Linux Pacemaker definition for given Infrastructure Platform and SAP Software -- Execute `ha_cluster` Ansible Role with Linux Pacemaker definition -- Instantiate Linux Pacemaker cluster - -## Tips - -Check out the [role variables of the `ha_cluster` Linux System Role](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md) for additional possible settings that can be applied when using the `sap_ha_pacemaker_cluster` role. - -For example:
-Adding `ha_cluster_start_on_boot: false` to disable the automatic start of cluster services on boot. + + -## Sample + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. -Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. +Cluster can be further customized with inputs available from underlying role [ha_cluster](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md), which will take precedence over `sap_ha_pacemaker_cluster` inputs. + ## License - + Apache 2.0 + -## Author Information - -Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions - - - ---- - -## Role Input Parameters +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) +- [Marcel Mamula](https://github.com/marcelmamula) + +## Role Variables + Minimum required parameters for all clusters: - [sap_ha_pacemaker_cluster_hacluster_user_password](#sap_ha_pacemaker_cluster_hacluster_user_password) Additional minimum requirements depend on the type of cluster setup and on the target platform. +### sap_ha_pacemaker_cluster_hacluster_user_password + +- _Type:_ `string` + +**Mandatory Input Parameter.**
+The password of the `hacluster` user which is created during pacemaker installation.
+Inherits the value of `ha_cluster_hacluster_password`, when defined.
+ + ### sap_ha_pacemaker_cluster_aws_access_key_id - _Type:_ `string` @@ -315,13 +349,6 @@ sap_ha_pacemaker_cluster_ha_cluster: node_name: nodeA ``` -### sap_ha_pacemaker_cluster_hacluster_user_password required - -- _Type:_ `string` - -The password of the `hacluster` user which is created during pacemaker installation.
-Inherits the value of `ha_cluster_hacluster_password`, when defined.
- ### sap_ha_pacemaker_cluster_hana_automated_register - _Type:_ `bool` @@ -877,7 +904,7 @@ sap_ha_pacemaker_cluster_sbd_devices: Set this parameter to 'true' to enable workflow to add Stonith SBD resource.
Stonith SBD resource has to be provided as part of `sap_ha_pacemaker_cluster_stonith_custom`.
-Default SBD agents are: stonith:external/sbd for SLES and stonith:fence_sbd for RHEL
+Default SBD agents are: `stonith:external/sbd` for SUSE and `stonith:fence_sbd` for Red Hat.
Example: @@ -1042,9 +1069,10 @@ Default address of the NFS server, if not defined individually by filesystem.
-For community/upstream, use 'fedora.linux_system_roles'.
-For RHEL System Roles for SAP, or Red Hat Automation Hub, use 'redhat.rhel_system_roles'.
+Set which Ansible Collection to use for the Linux System Roles.
+Available values: +- `fedora.linux_system_roles` - for community/upstream.
+- `redhat.rhel_system_roles` - for the RHEL System Roles for SAP, or for Red Hat Automation Hub.
### sap_ha_pacemaker_cluster_vip_client_interface @@ -1150,5 +1178,4 @@ Name of the SAPInstance resource for NetWeaver PAS.
- _Default:_ `rsc_vip__HDB_readonly` Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
- - + \ No newline at end of file diff --git a/roles/sap_hana_install/README.md b/roles/sap_hana_install/README.md index 35d439c27..265c7f92e 100644 --- a/roles/sap_hana_install/README.md +++ b/roles/sap_hana_install/README.md @@ -1,80 +1,79 @@ + # sap_hana_install Ansible Role + +![Ansible Lint for sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_install.yml/badge.svg) -Ansible role for SAP HANA Installation +## Description + +The Ansible role `sap_hana_install` installs SAP HANA using the SAP HANA database lifecycle manager (HDBLCM). + -## Requirements + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + -`ansible-galaxy install -vv -r meta/collection-requirements.yml` +## Prerequisites + +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community). +- Ensure that servers are configured for SAP HANA. See [Recommended](#recommended) section. +- Ensure that volumes and filesystems are configured correctly. See [Recommended](#recommended) section. -### Configure your system for the installation of SAP HANA - -- Make sure required volumes and filesystems are configured in the host. -You can use the role `sap_storage_setup` to configure this. More info [here](/roles/sap_storage_setup) - -- Run the roles `sap_general_preconfigure` and `sap_hana_preconfigure` for installing required packages and -for configuring system settings. - -### SAP HANA Software Installation .SAR Files +### Prepare SAP HANA installation media Place the following files in directory /software/hana or in any other directory specified by variable `sap_hana_install_software_directory`: - 1. The SAPCAR executable for the correct hardware architecture - 2. The SAP HANA Installation .SAR file - SAP HANA 2.0 Server - `IMDB_SERVER*.SAR` file - 3. Optional - SAP HANA Components .SAR files - Include other optional components such as `IMDB_AFL*.SAR` or `IMDB_LCAPPS*.SAR` - 4. Optional - SAP Host Agent .SAR file - Include other optional components such as `SAPHOSTAGENT*SAR` -#### Sample Directory Contents - with .SAR files - -- Sample directory `sap_hana_install_software_directory` containing SAP HANA software installation files - ```console - [root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR - -rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR - -rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR - -rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE - -rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR - -rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR - -rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR - -rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR - ``` - -If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version -for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with -variable `sap_hana_install_sapcar_filename`. Example: -``` -sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE -``` - -If more than one SAR file for a certain software product is present in the software directory, the automatic -handling of such SAR files will fail after extraction, when moving the newly created product directories -(like `SAP_HOST_AGENT`) to already existing destinations. -For avoiding such situations, use following variable to provide a list of SAR files to extract: - -`sap_hana_install_sarfiles`. - -Example: +Example of `sap_hana_install_software_directory` content for SAP HANA installation: +```console +[root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR +-rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR +-rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR +-rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE +-rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR +-rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR +-rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR +-rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR ``` -sap_hana_install_sarfiles: - - SAPHOSTAGENT54_54-80004822.SAR - - IMDB_SERVER20_060_0-80002031.SAR -``` - -If there is a file named `.sha256` in the software download directory -`sap_hana_install_software_directory` which contains the checksum and the file name similar to the output -of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the -processing will continue only if the checksum matches. - -#### Extracted SAP HANA Software Installation Files +**Considerations:** +- If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version + for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with + variable `sap_hana_install_sapcar_filename`. Example: + ``` + sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE + ``` +- If more than one SAR file for a certain software product is present in the software directory, the automatic + handling of such SAR files will fail after extraction, when moving the newly created product directories + (like `SAP_HOST_AGENT`) to already existing destinations. + For avoiding such situations, use following variable to provide a list of SAR files to extract: `sap_hana_install_sarfiles`. + + Example: + ``` + sap_hana_install_sarfiles: + - SAPHOSTAGENT54_54-80004822.SAR + - IMDB_SERVER20_060_0-80002031.SAR + ``` + +- If there is a file named `.sha256` in the software download directory + `sap_hana_install_software_directory` which contains the checksum and the file name similar to the output + of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the + processing will continue only if the checksum matches. + + +### Extracted SAP HANA Software Installation Files This role will detect if there is a file `hdblcm` already present in the directory specified by variable `sap_hana_install_software_extract_directory` or in any directory below. If If found, it will skip the .SAR extraction phase and proceed with the installation. @@ -94,16 +93,16 @@ software extract directory is required then set `sap_hana_install_cleanup_extrac these cleanup actions are false. -- Sample directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files - ```console - [root@hanahost extracted]# ll -lrt - drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL - drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT - drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS - drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE - drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT - drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 - ``` +- Example of directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files +```console +[root@hanahost extracted]# ll -lrt +drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL +drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT +drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS +drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE +drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT +drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 +``` #### SAP HANA hdblcm Configfile Processing @@ -140,111 +139,23 @@ Note: If there is a file named `configfile.cfg` in the directory specified by ro will be performed. Be aware that when using this file, any modifications to role variables after creation of this file will not be reflected. -## Further Variables and Parameters - -### Input Parameters - -If the variable `sap_hana_install_check_sidadm_user` is set to `no`, the role will install SAP HANA even -if the sidadm user exists. Default is `yes`, in which case the installation will not be performed if the -sidadm user exists. - -The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation -or if it will add further hosts to an existing SAP HANA system as specified by variable -`sap_hana_install_addhosts`. Default is `yes` for a fresh SAP HANA installation. - -The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set -the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined -in a variable which is compatible with the variable structure used by Linux System Role `firewall`. -The firewall ports for SAP HANA are defined in member `port` of the first field of variable -`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the -member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, -the ports will be disabled, which might be useful for testing. - -Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. -You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. -Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` -(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, -`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. - -### Default Parameters - -Please check the default parameters file for more information on other parameters that can be used as an input -- [**sap_hana_install** default parameters](defaults/main.yml) + ## Execution - -Sample Ansible Playbook Execution - -- Local Host Installation - - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-hana-install.yml -e "@inputs/HDB.install"` - -- Target Host Installation - - `ansible-playbook -i "" sap-hana-install.yml -e "@inputs/HDB.install"` - -## Sample playbooks - -### Sample playbook for installing a new scale-up (=single node) SAP HANA system - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -### Sample playbook for installing a new scale-out SAP HANA system - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_root_password: 'NewPass$321' - sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -### Sample playbook for adding additional nodes to an existing SAP HANA installation - -```yaml ---- -- hosts: all - collections: - - community.sap_install - become: true - vars: - sap_hana_install_software_directory: /software/hana - sap_hana_install_new_system: no - sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' - sap_hana_install_common_master_password: 'NewPass$321' - sap_hana_install_root_password: 'NewPass$321' - sap_hana_install_sid: 'H01' - sap_hana_install_instance_nr: '00' - roles: - - sap_hana_install -``` - -You can find more complex playbooks in directory `playbooks` of the collection `community.sap_install`. - -## Flow - -### New SAP HANA Installation - + + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) +4. *`sap_hana_install`* + + +### Execution Flow + #### Perform Initial Checks These checks will be performed by default but can be skipped by setting `sap_hana_install_force` to `true`. @@ -338,9 +249,70 @@ in a temporary directory for use by the hdblcm command in the next step. #### Post-Install - Print a short summary of the result of the installation. + + +### Example + +#### Example playbook for installing a new scale-up (=single node) SAP HANA system +```yaml +--- +- name: Ansible Play for SAP HANA installation - One host + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` -## Tags +#### Example playbook for installing a new scale-out SAP HANA system +```yaml +--- +- name: Ansible Play for SAP HANA installation - Scale-out + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_root_password: 'NewPass$321' + sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` +#### Example playbook for adding additional nodes to an existing SAP HANA installation +```yaml +--- +- name: Ansible Play for SAP HANA installation - Add host + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hana_install + ansible.builtin.include_role: + name: community.sap_install.sap_hana_install + vars: + sap_hana_install_software_directory: /software/hana + sap_hana_install_new_system: no + sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' + sap_hana_install_common_master_password: 'NewPass$321' + sap_hana_install_root_password: 'NewPass$321' + sap_hana_install_sid: 'H01' + sap_hana_install_instance_nr: '00' +``` + + + + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_hana_install_check_installation`: Perform an installation check, using `hdbcheck` or `hdblcm --action=check_installation`. @@ -373,30 +345,99 @@ With the following tags, the role can be called to perform certain activities on `overwrite`. - tag `sap_hana_install_store_connection_information`: Only run the `hdbuserstore` command -Sample call for only processing the SAPCAR and SAR files and creating the hdblcm configfile: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories -``` +
+ How to run sap_hana_install with tags -Sample call for only processing the SAPCAR files: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar -``` + #### Process SAPCAR and SAR files and create the hdblcm configfile: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories + ``` -Sample call for only processing the SAPCAR and SAR files, without extracting the SAR files: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles -``` + #### Process only SAPCAR files: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar + ``` -Sample call for only displaying the SAP HANA hdblcm command line: -``` -# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline -``` + #### Process SAPCAR and SAR files without extracting SAR files: + ```console + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles + ``` + + #### Display SAP HANA hdblcm command without using it + ``` + ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline + ``` +
+ + + + + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + ## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Variables + +### sap_hana_install_sid + +- _Type:_ `string` + +Enter SAP HANA System ID (SID). + +### sap_hana_install_number + +- _Type:_ `string` + +Enter SAP HANA Instance number. + +### sap_hana_install_fapolicyd_integrity + +- _Type:_ `string` +- _Default:_ `sha256` + +Select `fapolicyd` integrity check option.
+Available values: `none`, `size`, `sha256`, `ima`. + +### sap_hana_install_check_sidadm_user + +- _Type:_ `bool` +- _Default:_ `True` + +Set to `False` to install SAP HANA even if the `sidadm` user exists.
+Default is `True`, in which case the installation will not be performed if the `sidadm` user exists. + +### sap_hana_install_new_system + +- _Type:_ `bool` +- _Default:_ `True` + +Set to `False` to use existing SAP HANA database and add more hosts using variable `sap_hana_install_addhosts`.
+Default is `True`, in which case fresh SAP HANA installation will be performed. + +### sap_hana_install_update_firewall -Apache license 2.0 +- _Type:_ `bool` +- _Default:_ `False` -## Author Information +The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set the variable `sap_hana_install_update_firewall` to `yes` (default is `no`).
+The firewall ports are defined in a variable which is compatible with the variable structure used by Linux System Role `firewall`.
+The firewall ports for SAP HANA are defined in member `port` of the first field of variable `sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`.
+If the member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, the ports will be disabled, which might be useful for testing.
-Red Hat for SAP Community of Practice, IBM Lab for SAP Solutions, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories.
+You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`.
+Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` (= SAP HANA instance number)
+ can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, `sap_hana_install_instance_number`, or `sap_hana_install_number`.
+ The order of precedence is from left to right. + \ No newline at end of file diff --git a/roles/sap_hana_preconfigure/README.md b/roles/sap_hana_preconfigure/README.md index bb581b58c..d96e075b0 100644 --- a/roles/sap_hana_preconfigure/README.md +++ b/roles/sap_hana_preconfigure/README.md @@ -1,114 +1,147 @@ + # sap_hana_preconfigure Ansible Role + +![Ansible Lint for sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_hana_preconfigure.yml/badge.svg) + +## Description + +The Ansible role `sap_hana_preconfigure` installs additional required packages and performs additional OS configuration steps according to applicable SAP notes for installing and running SAP HANA after the role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) has been executed. + + + +## Dependencies +- `fedora.linux_system_roles` + - Roles: + - `selinux` + +Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. + + + +## Prerequisites +Managed nodes: +- Ensure that general operating system configuration for SAP is performed by [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure). See [Recommended](#recommended) section. + +
+ (Red Hat) Ensure required repositories are available + + Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible: + + for RHEL 7.x: + - rhel-7-[server|for-power-le]-e4s-rpms + - rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms + + for RHEL 8.x: + - rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + for RHEL 9.x: + - rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. + + To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in one of following repositories + - rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms + - rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + - rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms + + To get this repository you need to have one of the following products: + - [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) + - RHEL for Business Partner NFRs + - [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) + + To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. + + - [Registration Link](http://developers.redhat.com/register) : + Here you can either register a new personal account or link it to an already existing + **personal** Red Hat Network account. + - [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): + Here you can download the Installation DVD for RHEL with your previously registered + account + + *NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional + product but only a special bundling. The subscription grants you access to the additional + packages through our content delivery network (CDN) after installation. + + For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). + + It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. + You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process + + If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. + + Note + ---- + For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). +
+ + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +**NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_hana_preconfigure`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages and patch system if `sap_hana_preconfigure_update:true` +3. Apply configurations + - Execute configuration tasks based on SAP Notes + - (SUSE) Execute saptune with solution `sap_hana_preconfigure_saptune_solution` (Default: `HANA`) +4. Reboot Managed nodes if packages were installed or patched and `sap_hana_preconfigure_reboot_ok: true` + + +### Example + +Example of execution together with prerequisite role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +```yaml +--- +- name: Ansible Play for SAP HANA HA Scale-up preconfigure + hosts: hana_primary, hana_secondary + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Execute Ansible Role sap_hana_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_hana_preconfigure +``` + -This role installs additional required packages and performs additional configuration steps for installing and running SAP HANA. -If you want to configure a RHEL system for the installation and later usage of SAP HANA, you have to first run role sap_general_preconfigure -and then role sap_hana_preconfigure. However, if we wish to run SLES for HANA, you may run only this role. - -## Requirements - -The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, -make sure that the required collections are installed, for example by using the following command: - -`ansible-galaxy install -vv -r meta/collection-requirements.yml` - -To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). - -It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP HANA, to maintain an identical system time, before or after running role sap_hana_preconfigure. - -Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible (see also example playbook): - -for RHEL 7.x: -- rhel-7-[server|for-power-le]-e4s-rpms -- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms - -for RHEL 8.x: -- rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms -- rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms -- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -for RHEL 9.x: -- rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms -- rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms -- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -for SLES 15.x: -- SLE-Module-SAP-Applications15-[SP number]-Pool -- SLE-Module-SAP-Applications15-[SP number]-Updates -- SLE-Product-SLES_SAP15-[SP number]-Pool -- SLE-Product-SLES_SAP15-[SP number]-Updates - -For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. - -To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in the -- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms, -- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms, or -- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms - -repository. - -To get this repository you need to have one of the following products: - -- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) -- RHEL for Business Partner NFRs -- [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) - -To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. - -- [Registration Link](http://developers.redhat.com/register) : - Here you can either register a new personal account or link it to an already existing - **personal** Red Hat Network account. -- [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): - Here you can download the Installation DVD for RHEL with your previously registered - account - -*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional - product but only a special bundling. The subscription grants you access to the additional - packages through our content delivery network (CDN) after installation. - -For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). - -Details on configuring SLES repositories can be found on the following articles for [on-premise systems](https://www.suse.com/support/kb/doc/?id=000018564) or [BYOS cloud images](https://www.suse.com/c/byos-instances-and-the-suse-public-cloud-update-infrastructure/) - - -It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. -You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process - -If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. - -Note ----- -For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). - -For SLES, notes are applied using the saptune service. Saptune supports a number of solutions. A solution implements several SAP notes. The default solution for this role is 'HANA'. To see a list of supported solutions and the notes that they implement, you can run `saptune solution list` on the command line. - -Do not run this role against an SAP HANA or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. - -Changes -------- -1) Previous versions of this role used the variable sap_hana_preconfigure_use_tuned_where_possible to switch between either tuned settings -or kernel command line settings (where applicable). -The current version modifies this behavior: -- The variable sap_hana_preconfigure_use_tuned_where_possible has been renamed to sap_hana_preconfigure_use_tuned -- The variable sap_hana_preconfigure_switch_to_tuned_profile_sap_hana has been removed. -- If sap_hana_preconfigure_use_tuned is set to `yes`, which is also the default, the role will configure the system for using tuned and also switch to tuned profile sap-hana. - If sap_hana_preconfigure_use_tuned is set to `no`, the role will perform a static configuration, including the modification of the linux command line in grub. -- The role can use tuned, or configure the kernel command line, or both. - -2) Previous versions of this role used variable sap_hana_preconfigure_selinux_state to set the SELinux state to disabled. -As the role sap_general_preconfigure already allows to specify the desired SELinux state, and as sap_general_preconfigure -is always run before sap_hana_preconfigure, there is no need any more to let sap_hana_preconfigure configure the SELinux state. -The same applies to the assertion of the SELinux state. - -3) SLES systems are now configured using saptune rather than the ansible implementation of the notes. - - -## Role Input Parameters + + -#### Minimum required parameters: + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -This role does not require any parameter to be set in the playbook or inventory. +## License + +Apache 2.0 + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + +## Role Variables + ### sap_hana_preconfigure_config_all - _Type:_ `bool` @@ -160,13 +193,11 @@ This is useful if the role is used for reporting a system's SAP notes compliance ### sap_hana_preconfigure_system_roles_collection - _Type:_ `str` - _Default:_ `'fedora.linux_system_roles'` -- _Possible Values:_
- - `fedora.linux_system_roles` - - `redhat.rhel_system_roles` Set which Ansible Collection to use for the Linux System Roles.
-For community/upstream, use 'fedora.linux_system_roles'
-For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
+Available values: +- `fedora.linux_system_roles` - for community/upstream.
+- `redhat.rhel_system_roles` - for the RHEL System Roles for SAP, or for Red Hat Automation Hub.
### sap_hana_preconfigure_min_rhel_release_check - _Type:_ `bool` @@ -401,104 +432,21 @@ sap_hana_preconfigure_db_group_name: dba - _Type:_ `str` - _Default:_ `''` -Version of saptune to install (SLES for SAP Applications).
+(SUSE specific) Specifies the saptune version.
This will replace the current installed version if present, even downgrade if necessary.
### sap_hana_preconfigure_saptune_solution - _Type:_ `str` - _Default:_ `'HANA'` -- _Possible Values:_
- - `HANA` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-DBSERVER` -The saptune solution to apply (SLES for SAP Applications).
+(SUSE specific) Specifies the saptune solution to apply.
+Available values: `HANA`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-DBSERVER` ### sap_hana_preconfigure_saptune_azure - _Type:_ `bool` - _Default:_ `false` -On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
+(SUSE specific) On Azure, TCP timestamps, reuse and recycle should be disabled.
If the variable is set, an override file for saptune will be created (/etc/saptune/override/2382421) to set net.ipv4.tcp_timestamps and net.ipv4.tcp_tw_reuse to 0.
Set this parameter to `true` on Azure.
- - - -## Example Playbook - -Simple playbook, named sap+hana.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure - - role: sap_hana_preconfigure -``` - -Simple playbook for an extended check (assert) run, named sap+hana-assert.yml: -```yaml ---- -- hosts: all - vars: - sap_general_preconfigure_assert: yes - sap_general_preconfigure_assert_ignore_errors: yes - sap_hana_preconfigure_assert: yes - sap_hana_preconfigure_assert_ignore_errors: yes - roles: - - role: sap_general_preconfigure - - role: sap_hana_preconfigure -``` - -## Example Usage - -Normal run, for configuring server host_1 for SAP HANA: -```yaml -ansible-playbook sap+hana.yml -l host_1 -``` - -Extended Check (assert) run, not aborting if an error has been found: -```yaml -ansible-playbook sap+hana-assert.yml -l host_1 -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap+hana-assert.yml -l host_1,host_2 | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## Contribution - -Please read the [developer guidelines](./README.DEV.md) if you want to contribute - -## License - -Apache license 2.0 - -## Author Information - -Red Hat for SAP Community of Practice, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber + \ No newline at end of file diff --git a/roles/sap_hostagent/README.md b/roles/sap_hostagent/README.md index 13aa84fa4..e72fc7cc7 100644 --- a/roles/sap_hostagent/README.md +++ b/roles/sap_hostagent/README.md @@ -1,150 +1,266 @@ + # sap_hostagent Ansible Role + + +## Description + +The Ansible Role `sap_hostagent` is used install SAP Host Agent. SAP Host Agent is an agent that can accomplish several life-cycle management tasks, such as operating system monitoring, database monitoring, system instance control and provisioning. -It is recommended to install SAP Host Agent upfront in any HA environment. +This role installs SAP Host Agent with following source methods: +- SAP SAR file +- SAP Bundle +- RPM package (Red Hat only) + + + + + + +## Prerequisites +Managed nodes: +- Ensure that servers are configured for SAP Systems. See [Recommended](#recommended) section. + + +## Execution + + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_hostagent`* + + +### Execution Flow + +1. Create temporary directory. +2. Execute deployment based on chosen method. +3. Configure SSL if `sap_hostagent_config_ssl` was set. +4. Cleanup temporary directory + + +### Example + +#### Example playbook for installing using SAR file located on control node +```yaml +--- +- name: Ansible Play for SAP Host Agent installation - Local SAR + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "sar" + sap_hostagent_sar_local_path: "/software/SAPHOSTAGENT" + sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" + sap_hostagent_sapcar_local_path: "/software/SAPHOSTAGENT" + sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" + sap_hostagent_clean_tmp_directory: true +``` +#### Example playbook for installing using SAR file located on managed node +```yaml +--- +- name: Ansible Play for SAP Host Agent installation - Remote SAR + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "sar" + sap_hostagent_sar_remote_path: "/software/SAPHOSTAGENT" + sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" + sap_hostagent_sapcar_remote_path: "/software/SAPHOSTAGENT" + sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" + sap_hostagent_clean_tmp_directory: true +``` +#### Example playbook for installing using SAP Bundle +```yaml +--- +- name: Ansible Play for SAP Host Agent installation - SAP bundle + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "bundle" + sap_hostagent_bundle_path: "/usr/local/src/HANA-BUNDLE/51053381" + sap_hostagent_clean_tmp_directory: true +``` +#### Example playbook for installing using RPM on Red Hat +```yaml +--- +- name: Ansible Play for SAP Host Agent installation - SAP bundle + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_hostagent + ansible.builtin.include_role: + name: community.sap_install.sap_hostagent + vars: + sap_hostagent_installation_type: "rpm" + sap_hostagent_rpm_local_path: "/mylocaldir/SAPHOSTAGENT" + sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm" + sap_hostagent_clean_tmp_directory: true +``` + -You can find the latest Documentation in [SAP NOTE 1907566](https://launchpad.support.sap.com/#/notes/1907566) + + -This role installs or updates the SAP Host Agent on a RHEL 7.x or 8.x system. It is provided as RPM package, tarball or as part of an SAP softwarebundle. -While Red Hat recommends RPM for easier upgrade, this role take care of all formats. + + -## Requirements +## License + +Apache 2.0 + -This role is intended to use on a RHEL system that gets SAP software. -So your system needs to be installed with at least the RHEL core packages, properly registered and prepared for HANA or Netweaver installation. +## Maintainers + +- [Markus Koch](https://github.com/rhmk) +- [Bernd Finger](https://github.com/berndfinger) + -It needs access to the software repositories required to install SAP HANA (see also: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)) +## Role Variables + +### sap_hostagent_installation_type -You can use the [redhat_sap.sap_rhsm](https://galaxy.ansible.com/redhat_sap/sap_rhsm) Galaxy Role to automate this process +- _Type:_ `string` +- _Default:_ `rpm` -To install SAP software on Red Hat Enterprise Linux you need some additional packages which come in a special repository. To get this repository you need to have one -of the following products: +Select type of installation source for SAPHOSTAGENT.
+Available options: `sar`, `sar-remote`, `bundle`, `rpm` -- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard, developer Edition) -- [RHEL for Business Partner NFRs](https://partnercenter.redhat.com/NFRPageLayout) -[Click here](https://developers.redhat.com/products/sap/download/) to achieve a personal developer edition of RHEL for SAP Solutions. Please register as a developer and download the developer edition. +### Input Parameters for SAR +Following input parameters are used by both Local SAR and Remote SAR. -- [Registration Link](http://developers.redhat.com/register) : - Here you can either register a new personal account or link it to an already existing **personal** Red Hat Network account. -- [Download Link](https://access.redhat.com/downloads/): - Here you can download the Installation DVD for RHEL with your previously registered account +#### sap_hostagent_sar_file_name -*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional - product but only a special bundling. The subscription grants you access to the additional - packages through our content delivery network(CDN) after installation. +- _Type:_ `string` -It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-82c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. +Name of SAR file containing SAPHOSTAGENT. -## Role Variables +#### sap_hostagent_sapcar_file_name -### RPM based installations +- _Type:_ `string` -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes, with `rpm` value| -|sap_hostagent_rpm_local_path|Local directory path where RPM file is located|yes, unless `sap_hostagent_rpm_remote_path` is used| -|sap_hostagent_rpm_remote_path|Local directory path where RPM file is located|yes, unless `sap_hostagent_rpm_local_path` is used| -|sap_hostagent_rpm_file_name|Local RPM file name|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +Name of SAR file containing SAPCAR. -### SAR based installations (content on ansible control node) +### Input Parameters for Local SAR -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `sar` value| -|sap_hostagent_sar_local_path|Local directory path where SAR file is located|yes| -|sap_hostagent_sar_file_name|Local SAR file name|yes| -|sap_hostagent_sapcar_local_path|Local directory path where SAPCAR tool file is located|yes| -|sap_hostagent_sapcar_file_name|Local SAPCAR tool file name|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +#### sap_hostagent_sar_local_path -### SAR based installations (with content existing on target node) +- _Type:_ `string` -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `sar-remote` value| -|sap_hostagent_sar_remote_path|Remote directory path where SAR tool file is located|yes| -|sap_hostagent_sar_file_name|SAR tool file name|yes| -|sap_hostagent_sapcar_remote_path|Remote directory path of SAR archive|yes| -|sap_hostagent_sapcar_file_name|Remote file name of SAR archive|yes| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +Local directory path where SAR file is located.
+**Do not use together with `sap_hostagent_sar_remote_path`.** +#### sap_hostagent_sapcar_local_path -### SAP Bundle based installations +- _Type:_ `string` -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_installation_type|Source type of the installation for SAPHOSTAGENT|yes with `bundle` value| -|sap_hostagent_bundle_path|Target host directory path where SAP Installation Bundle has been unarchived| -|sap_hostagent_agent_tmp_directory|Temporary directory path that will be created on the target host|no (defaulted in the role)| -|sap_hostagent_clean_tmp_directory|Boolean variable to indicate if the temporary directory will be removed or not after the installation| no (defaulted in the role)| +Local directory path where SAPCAR file is located.
+**Do not use together with `sap_hostagent_sapcar_remote_path`.** -### SSL Configuration +### Input Parameters for Remote SAR -Right now the role will configure the PSE and create a CSR. Adding signed certificates from a valid CA is not supported yet +#### sap_hostagent_sar_remote_path -| variable | info | required? | -|:--------:|:----:|:---------:| -|sap_hostagent_config_ssl|This boolean variable will configure Agent for SSL communication|no (defaulted in the role)| -|sap_hostagent_ssl_passwd|Password to be used for the CSR|yes when `sap_hostagent_config_ssl` True| -|sap_hostagent_ssl_org|Organization information for the CSR|yes when `sap_hostagent_config_ssl` True| -|sap_hostagent_ssl_country|Country information for the CSR|yes when `sap_hostagent_config_ssl` True| +- _Type:_ `string` -## Dependencies +Remote directory path where SAR file is located.
+**Do not use together with `sap_hostagent_sar_local_path`.** -Before using this role ensure your system has been configured properly to run SAP applications. +#### sap_hostagent_sapcar_remote_path -You can use the supported role `sap_general_preconfigure` coming with RHEL 7 and 8 with RHEL for SAP Solutions Subscription +- _Type:_ `string` -The upstream version of this role can be found [here](https://github.com/linux-system-roles/sap_general_preconfigure) +Local directory path where SAPCAR file is located.
+**Do not use together with `sap_hostagent_sapcar_local_path`.** -## Example Playbook -```yaml - - hosts: servers - roles: - - role: sap_hostagent -``` +### Input Parameters for RPM -## Example Inventory +#### sap_hostagent_rpm_local_path -When using RPM: +- _Type:_ `string` -```yaml -sap_hostagent_installation_type: "rpm" -sap_hostagent_rpm_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm" -sap_hostagent_clean_tmp_directory: true -``` +Local directory path where RPM file is located.
+**Do not use together with `sap_hostagent_rpm_remote_path`.** -When using SAR: +#### sap_hostagent_rpm_remote_path -```yaml -sap_hostagent_installation_type: "sar" -sap_hostagent_sar_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_sar_file_name: "SAPHOSTAGENT44_44-20009394.SAR" -sap_hostagent_sapcar_local_path: "/mylocaldir/SAPHOSTAGENT" -sap_hostagent_sapcar_file_name: "SAPCAR_1311-80000935.EXE" -sap_hostagent_clean_tmp_directory: true -``` +- _Type:_ `string` -When using SAP Bundle: +Remote directory path where RPM file is located.
+**Do not use together with `sap_hostagent_rpm_local_path`.** -```yaml -sap_hostagent_installation_type: "bundle" -sap_hostagent_bundle_path: "/usr/local/src/HANA-BUNDLE/51053381" -sap_hostagent_clean_tmp_directory: true -``` +#### sap_hostagent_rpm_file_name -## License +- _Type:_ `string` + +Name of RPM package containing SAPHOSTAGENT. + + +### Input Parameters for SAP Bundle + +#### sap_hostagent_bundle_path + +- _Type:_ `string` + +Remote directory path where SAP Bundle file is located after being extracted. + + +### Input Parameters for SSL setup + +#### sap_hostagent_config_ssl + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to configure PSE and create CSR.
+Adding signed certificates from a valid CA is not supported yet. + +#### sap_hostagent_ssl_passwd + +- _Type:_ `string` + +Enter password for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +#### sap_hostagent_ssl_org + +- _Type:_ `string` + +Enter Organization information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + +#### sap_hostagent_ssl_country + +- _Type:_ `string` + +Enter Country information for the CSR. It is used when `sap_hostagent_config_ssl` is set. + + +#### sap_hostagent_agent_tmp_directory + +- _Type:_ `string` +- _Default:_ `/tmp/hostagent` + +Temporary directory for processing of source file. -Apache license 2.0 +#### sap_hostagent_clean_tmp_directory -## Author Information +- _Type:_ `bool` +- _Default:_ `False` -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice +Enable to remove temporary directory after installation. + \ No newline at end of file diff --git a/roles/sap_install_media_detect/README.md b/roles/sap_install_media_detect/README.md index 23dfaa60c..1c0a100c5 100644 --- a/roles/sap_install_media_detect/README.md +++ b/roles/sap_install_media_detect/README.md @@ -1,48 +1,103 @@ + # sap_install_media_detect Ansible Role + +![Ansible Lint for sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_install_media_detect.yml/badge.svg) -Ansible Role for detection and extraction of SAP Software installation media +## Description + +The Ansible Role `sap_install_media_detect` is used to detect and extract SAP installation media. -This role is used to prepare for installation of SAP Software, by searching a given directory for SAP installation media (e.g. SAR files), -moving files to subdirectories (i.e. `/sap_hana` and `/sap_swpm`) with the directory/file ownership permissions, then extracting the detected files. +This role searches provided source directory, sorts files based on type and extracts them to target directory. Extraction can be further adjusted to create individual folders based on defined inputs. -Detection of installation media is available for SAP HANA and the various key installation files when using SAP SWPM to install -SAP Business Applications based upon SAP NetWeaver (e.g. SAP S/4HANA, SAP BW/4HANA, SAP ECC, SAP BW, SAP WebDispatcher etc). -As an example, SAP HANA Client would be detected and the SAP Kernel Part I/II would be detected. +Detection of supported installation media is available for SAP HANA and wide range of SAP Applications (example: SAP S/4HANA, SAP BW/4HANA, SAP ECC, SAP BW, SAP WebDispatcher, SAP Business Applications based upon SAP NetWeaver, etc). + -Once detection (e.g. using `zipinfo -1` and `unrar lb`) and extraction are completed, the file paths are shown and stored as variables for subsequent use by other Ansible Tasks. + + -RAR files can be either handled by the unar package from EPEL or by another package which can list the contents of, and extract files from, -RAR files. See the comments and examples for the RAR file handling in `defaults/main.yml`. If the EPEL repo had been enabled at the time -when the role was run, it will remain enabled. If the EPEL repo was not present, the associated GPG key will be removed and the EPEL repo -will be disabled as the last task. + +## Prerequisites +Managed nodes: +- Directory with SAP Installation media is present and `sap_install_media_detect_source_directory` updated. Download can be completed using [community.sap_launchpad](https://github.com/sap-linuxlab/community.sap_launchpad) Ansible Collection. + -## Execution Flow +## Execution + + -- At the beginning of the execution of the role, a new tool `sapfile` is pushed to a temporary directory on the managed node. -- Also a package which contains a command for extracting and listing content of files of type `RAR` is installed. -- The next step is to check if source and/or target directories exist. If role parameter `sap_install_media_detect_target_directory` is defined, files will later be copied from `sap_install_media_detect_source_directory`. This is the `remote_dir` case. -- If the system on which the `sap_install_media_detect_source_directory` is not writable, the role would normally fail because one or both of the following conditions are not met: - - The SAPCAR EXE file is not executable. - - There are one or more `ZIP` or `RAR` files without extension. -- In this `remote_dir` case, to make sure the role does not fail, it needs to be run first on the node on which `sap_install_media_detect_source_directory` is writable, with role parameter `sap_install_media_detect_file_server_only` set to `true` so the role will not perform and further file detection activities. -- After the SAPCAR EXE file is executable and there are no more `ZIP` or `RAR` files without extension, the role can be called on a managed node where `sap_install_media_detect_source_directory` is not writable. -- A new list of all files with the correct final file names will then be created, and for each of the files, the SAP file types are determined using the `sapfile` tool, either using the file names or - if this information is not sufficient - from information inside the file. -- We then assert that there is at least (or exactly, depending on the file type) one file available for each of the `sap_install_media_detect_*` parameters. For example, if `sap_install_media_detect_kernel_db` is set to `saphana`, then there must be one SAP Kernel DB dependent file for SAP HANA. -- In case of `remote_dir`, the next step is to copy all files from `sap_install_media_detect_source_directory` to `sap_install_media_detect_target_directory`. -- Then we extract files which are configured in `sapfile` to be extracted, and copy or move files which are configured in `sapfile` to be copied or moved. Certain files like `SAPCAR*.EXE` and the SAP Host Agent will be copied to two different directories. -- Once all necessary files have been extracted and all files are copied or moved to where we want them to be, we are using the Ansible find module to identify the different file types by using file or directory name patterns. -- The last step is to fill all required `sap_swpm` parameters from the result of the previous find step, and display all the variables. + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+#### SAP HANA +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +3. *`sap_install_media_detect`* +4. [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) +5. [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) - High Availability specific +6. [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) - High Availability specific -## Variables and Parameters +#### SAP Netweaver +1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) +3. *`sap_install_media_detect`* +4. [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) +5. [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) - High Availability specific + -See the file `defaults/main.yml`. +### Execution Flow + +1. At the beginning of the execution of the role, a new tool `sapfile` is pushed to a temporary directory on the managed node. +2. Also a package which contains a command for extracting and listing content of files of type `RAR` is installed. +3. The next step is to check if source and/or target directories exist. If role parameter `sap_install_media_detect_target_directory` is defined, files will later be copied from `sap_install_media_detect_source_directory`. This is the `remote_dir` case. +4. If the system on which the `sap_install_media_detect_source_directory` is not writable, the role would normally fail because one or both of the following conditions are not met: + - The SAPCAR EXE file is not executable. + - There are one or more `ZIP` or `RAR` files without extension. +5. In this `remote_dir` case, to make sure the role does not fail, it needs to be run first on the node on which `sap_install_media_detect_source_directory` is writable, with role parameter `sap_install_media_detect_file_server_only` set to `true` so the role will not perform and further file detection activities. +6. After the SAPCAR EXE file is executable and there are no more `ZIP` or `RAR` files without extension, the role can be called on a managed node where `sap_install_media_detect_source_directory` is not writable. +7. A new list of all files with the correct final file names will then be created, and for each of the files, the SAP file types are determined using the `sapfile` tool, either using the file names or - if this information is not sufficient - from information inside the file. +8. We then assert that there is at least (or exactly, depending on the file type) one file available for each of the `sap_install_media_detect_*` parameters. For example, if `sap_install_media_detect_kernel_db` is set to `saphana`, then there must be one SAP Kernel DB dependent file for SAP HANA. +9. In case of `remote_dir`, the next step is to copy all files from `sap_install_media_detect_source_directory` to `sap_install_media_detect_target_directory`. +10. Then we extract files which are configured in `sapfile` to be extracted, and copy or move files which are configured in `sapfile` to be copied or moved. Certain files like `SAPCAR*.EXE` and the SAP Host Agent will be copied to two different directories. +11. Once all necessary files have been extracted and all files are copied or moved to where we want them to be, we are using the Ansible find module to identify the different file types by using file or directory name patterns. +12. The last step is to fill all required `sap_swpm` parameters from the result of the previous find step, and display all the variables. + - Once detection (e.g. using `zipinfo -1` and `unrar lb`) and extraction are completed, the file paths are shown and stored as variables for subsequent use by other Ansible Tasks. -## Dependencies +
+ (Red Hat) Additional steps for RAR files -This role does not depend on any other Ansible Role. + RAR files can be either handled by the unar package from EPEL or by another package which can list the contents of, and extract files from, RAR files. See the comments and examples for the RAR file handling in `defaults/main.yml`. -## Tags + - If the EPEL repo had been enabled at the time when the role was run, it will remain enabled. + - If the EPEL repo was not present, the associated GPG key will be removed and the EPEL repo will be disabled as the last task. +
+ +### Example + +Example playbook to extract SAP Installation media for SAP ASCS Netweaver. +```yaml +--- +- name: Ansible Play for SAP NetWeaver ASCS - Extract SAP Installation media + hosts: nwas_ascs + become: true + any_errors_fatal: true + max_fail_percentage: 0 + tasks: + + - name: Execute Ansible Role sap_install_media_detect + ansible.builtin.include_role: + name: community.sap_install.sap_install_media_detect + vars: + sap_install_media_detect_swpm: true + sap_install_media_detect_hostagent: true + sap_install_media_detect_igs: true + sap_install_media_detect_kernel: true + sap_install_media_detect_webdisp: false +``` + + + +### Role Tags With the following tags, the role can be called to perform certain activities only: - tag `sap_install_media_detect_zip_handling`: Only perform the task for enabling the listing and extracting of files of type `ZIP`. - tag `sap_install_media_detect_rar_handling`: Only perform the tasks for enabling the listing and extracting of files of type `RAR`. This @@ -59,11 +114,209 @@ With the following tags, the role can be called to perform certain activities on Note: After running the role with the following four tags, the SAP archive files will be in the same place as before running the role the first time. The directories with pattern `*_extracted` will remain in place. `sap_install_media_detect_provide_sapfile_utility,sap_install_media_detect_check_directories,sap_install_media_detect_create_file_list_phase_1,sap_install_media_detect_move_files_to_main_directory` + + + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + ## License + +Apache 2.0 + + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + + +## Role Variables + +### sap_install_media_detect_rar_handling + +- _Type:_ `bool` +- _Default:_ `True` + +Set this parameter to `false` for skipping the handling of RAR files. In this case, also no `unar` or other RAR handling software will be installed. + + +### sap_install_media_detect_rar_package + +- _Type:_ `str` +- _Default:_ `EPEL` + +Set this parameter to use either the `unar` package from `EPEL` or another software package for handling RAR files.
+Based on this setting, the commands for listing and extracting RAR files are being set in tasks/prepare/enable_rar_handling.yml + +### sap_install_media_detect_epel_gpg_key_url + +- _Type:_ `str` +- _Default:_ `https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}` + +URL for the EPEL GPG key + +### sap_install_media_detect_use_rpm_key_module_for_removing_the_key + +- _Type:_ `bool` +- _Default:_ `True` + +The `EPEL` GPG key can be removed with the rpm_key module and the URL for the key, or by using the `rpm -e` command.
+For using the rpm -e command, set this variable to 'false'. + +### sap_install_media_detect_file_server_only + +- _Type:_ `bool` +- _Default:_ `False` + +If this role is running on a file server on which the SAP software is not to be installed, set the following to true.
+If this role is running on a system on which the SAP software is to be installed, set the following to false. + +### sap_install_media_detect_rar_list + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar lb` + +Fully qualified path to the program for listing RAR files, including the argument for listing files.
+If not specified, the `lsar` program (or a link with the name `lsar`, pointing to the actual `lsar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract + +- _Type:_ `str` +- _Default:_ `/usr/bin/unrar x` + +Fully qualified path to the program for extracting RAR files, including the argument for extracting files.
+If not specified, the `unar` program (or a link with the name `unar`, pointing to the actual `unar` program) is expected to be located in one of the PATH directories.
+If sap_install_media_detect_rar_package is set to `EPEL`, this variable is not used. + +### sap_install_media_detect_rar_extract_directory_argument + +- _Type:_ `str` + +Fully qualified path to an additional argument to the program for extracting RAR files, for specifying the directory into which the archive is to be extracted.
+Needs to be empty or start with a space character.
+If sap_install_media_detect_rar_package is set to 'EPEL', this variable is not used. + +### sap_install_media_detect_source_directory + +- _Type:_ `str` +- _Default:_ `/software` + +Directory where the SAP software is located + +### sap_install_media_detect_target_directory + +- _Type:_ `str` + +Directory where the SAP software is located after the role is run, if different from `sap_install_media_detect_source_directory` + +### sap_install_media_detect_create_target_directory + +- _Type:_ `bool` +- _Default:_ `True` + +Create target directory if it does not yet exist. If set to false, perform a check only + +### sap_install_media_detect_rename_target_file_exists + +- _Type:_ `str` +- _Default:_ `skip` + +If there are two files of the same RAR or ZIP type, one with and one without suffix, the following parameter will determine what the role will do for such a file:
+- `skip` the file renaming. +- `fail` execution. +- `overwrite` the file with the suffix by the file without suffix. + +### sap_install_media_detect_extract_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not extract archives which have the extract flag set, set the following parameter to `false`. + +### sap_install_media_detect_move_or_copy_archives + +- _Type:_ `bool` +- _Default:_ `True` + +If you want the role to not move or copy archive files to the `target_dir` subdirectories, set the following parameter to `false`. + +### sap_install_media_detect_assert_after_sapfile + +- _Type:_ `bool` +- _Default:_ `True` + +By default, the presence of at least one file for each file type according to the configured role parameters is asserted. Set the following parameter to 'false' to skip this step. + +### sap_install_media_detect_db + +- _Type:_ `str` + +Select which database type to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_db_client + +- _Type:_ `str` + +Select which database client to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2` + +### sap_install_media_detect_swpm + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SWPM. + +### sap_install_media_detect_hostagent + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Hostagent. + +### sap_install_media_detect_igs + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP IGS. + +### sap_install_media_detect_kernel + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Kernel files. + +### sap_install_media_detect_kernel_db + +- _Type:_ `str` + +Select which database kernel to detect.
+Available values: `saphana`, `sapase`, `sapmaxdb`, `oracledb`, `ibmdb2`
+Only necessary if there is more than one SAPEXEDB file in the source directory + +### sap_install_media_detect_webdisp + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Web Dispatcher. + +### sap_install_media_detect_mpstack + +- _Type:_ `bool` +- _Default:_ `False` + +Enable to detect SAP Maintenance Planner stack file. -Apache license 2.0 +### sap_install_media_detect_export -## Author Information +- _Type:_ `str` -IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Bernd Finger +Select which database export to detect.
+Available values: `saps4hana`, `sapbw4hana`, `sapecc`, `sapecc_ides`, `sapnwas_abap`, `sapnwas_java`, `sapsolman_abap`, `sapsolman_java` + \ No newline at end of file diff --git a/roles/sap_maintain_etc_hosts/README.md b/roles/sap_maintain_etc_hosts/README.md index 98fab9adf..a308d2042 100644 --- a/roles/sap_maintain_etc_hosts/README.md +++ b/roles/sap_maintain_etc_hosts/README.md @@ -1,142 +1,170 @@ -# Role Name: sap_maintain_etc_hosts - -This role can be used to reliably update the /etc/hosts file. - - - -## Role Input Parameters - -This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the hostfile. The default value is the definition of the cluster nodes like in the role `sap_ha_pacemaker_cluster`. If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined the role creates a default value from `ansible_facts`. - -Caution: If you want to use this role to remove entries from /etc/hosts it is a good practise to do this before adding entries. The adding/removal is done in the order the entries are listed. - -### sap_maintain_etc_hosts_list - -- _Type:_ `list` - - List of nodes to be added or removed in /etc/hosts - possible list options: - -#### node_ip - -- _Type:_ `string` - - IP address of the node. - It is required for adding a node. - When deleting a node use only when node_name and node_domain are not defined - -#### node_name - -- _Type:_ `string` - - Hostname of the node - It is required for adding a node. - When deleting a node use only when node_ip is not defined - -#### node_domain - -- _Type:_ `string` - - Domainname of the node - Defaults to sap_domain, if set, otherwise ansible_domain is the default - When deleting a node use only when node_name is defined + +# sap_maintain_etc_hosts Ansible Role + + +## Description + +The Ansible role `sap_maintain_etc_hosts` is used to maintain the `/etc/hosts` file.. + + + + + + + + +## Execution + + + + + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Verify duplicate entries and conflicts; +3. Update `/etc/hosts` file. + + +### Example + +Example playbook will update `/etc/hosts`: +- Remove node with IP `10.10.10.10`. +- Remove node with name `host2`. +- Add node with IP `10.10.10.11`, name `host1`, aliases `alias1, alias2` and comment `host1 comment`. +```yaml +- name: Ansible Play for add entry in /etc/hosts + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_sap_maintain_etc_hosts + ansible.builtin.include_role: + name: community.sap_install.sap_sap_maintain_etc_hosts + vars: + sap_maintain_etc_hosts_list: + - node_ip: 10.10.10.10 + state: absent + - node_name: host2 + state: absent + - node_ip: 10.10.10.11 + node_name: host1 + aliases: + - alias1 + - alias2 + node_comment: "host1 comment" # Comment is created after hash sign (defaults to hana_site) + state: present +``` -#### aliases +Example playbook when executed together with [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role which uses either `sap_ha_pacemaker_cluster_cluster_nodes` or `sap_hana_cluster_nodes`. +```yaml +- name: Ansible Play for add entry in /etc/hosts + hosts: all + become: true + tasks: + - name: Execute Ansible Role sap_sap_maintain_etc_hosts + ansible.builtin.include_role: + name: community.sap_install.sap_sap_maintain_etc_hosts + vars: + sap_maintain_etc_hosts_list: "{{ sap_ha_pacemaker_cluster_cluster_nodes }}" +``` + -- _Type:_ `list` + + - List of aliases for the node - Not used when state is absent + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -#### alias_mode +## License + +Apache 2.0 + -- _Type:_ `string` +## Maintainers + +- [Markus Koch](https://github.com/rhmk) +- [Bernd Finger](https://github.com/berndfinger) + - Options: +## Role Variables + - - `merge` : merges the list of aliases with the exiting aliases of the node. (default) - - `overwrite` : overwrites the aliases of the node. +This role requires the dictionary `sap_maintain_etc_hosts_list` which contains the parameters for the `/etc/hosts` file. - Not used when state is absent +The default value is the definition of the cluster nodes like in the role [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster).
+If the value `sap_hana_cluster_nodes`or `sap_ha_pacemaker_cluster_cluster_nodes` is not defined, then the role creates a default value from `ansible_facts`. -#### node_comment +**NOTE: If you want to use this role to remove entries from /etc/hosts it is a good practice to do this before adding entries. The adding/removal is done in the order the entries are listed.** -- _Type:_ `string` - - default: managed by ansible sap_maintain_etc_hosts role` - String which is appended to line in hosts after comment string - Not used when state is absent +### sap_maintain_etc_hosts_list -#### hana_site +- _Type:_ `list` with elements of type `dict` -- _Type:_ `string` +Mandatory list of nodes in form of dictionaries to be added or removed in `/etc/hosts` file. - if set (e.g. for configuring cluster) it is appended to the comment - Not used when state is absent +Following dictionary keys can be defined: +- **node_ip**
+ IP address of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, where `node_name` and `node_domain` can be used instead. -#### node_role + - _Type:_ `string` - Not used. For compatibility reason only. +- **node_name**
+ Hostname of the managed node.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_ip` is not used. -#### state + - _Type:_ `string` -- _Type:_ `string` +- **node_domain**
+ Domain name of the managed node. Defaults to `sap_domain` if set or `ansible_domain`.
+ **Required** for adding new entries to `/etc/hosts`.
+ _Optional_ for removing entries, when `node_name` is used. - Options: + - _Type:_ `string` + - _Default:_ `sap_domain` - - `present` : creates a host entry (default)` - - `absent` : removes a host entry by ip or hostname +- **aliases**
+ List of aliases for the managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. - +- **alias_mode**
+ Select method of updating `/etc/hosts` file:
+ - `merge` : merges the list of aliases with the exiting aliases of the node.
+ - `overwrite` : overwrites the aliases of the node. + _Optional_ for adding new entries to `/etc/hosts`. -Example Playbook ----------------- + - _Type:_ `string` + - _Default:_ `merge` -If you want to setup/add entries your etc hosts you can use this snippet +- **node_comment**
+ Node comment is appended at end of line of managed node.
+ _Optional_ for adding new entries to `/etc/hosts`. -```[yaml] -- name: Ensure /etc/hosts is updated - include_role: sap_sap_maintain_etc_hosts - var: - sap_maintain_etc_hosts_list: - - node_ip: 1.2.3.5 - state: absent - - node_name: host2 - state: absent - - node_ip: 1.2.3.4 - node_name: host1 - aliases: - - alias1 - - anotheralias2 - node_comment: "Here comes text after hashsign" (defaults to hana_site) - state: present -``` + - _Type:_ `string` + - _Default:_ `managed by ansible sap_maintain_etc_hosts role` -If you have defined a cluster and the variable `sap_ha_pacemaker_cluster_cluster_nodes` or `sap_hana_cluster_nodes` is set, you can use the following play: +- **hana_site**
+ Used by [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) and it is appended to `node_comment`
+ _Optional_ for adding new entries to `/etc/hosts`. -```[yaml] -- name: ensure all cluster nodes are in /etc/hosts - include_role: sap_maintain_etc_hosts - var: - sap_maintain_etc_hosts_list: "{{ sap_hana_cluster_nodes }}" -``` + - _Type:_ `string` -License -------- +- **node_role**
+ Not used, but mentioned for compatibility reasons for [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) role.
-Apache-2.0 + - _Type:_ `string` -Author Information ------------------- +- **state**
+ Select `present` for adding new entries, `absent` for removing them.
+ **Required** for removing entries, otherwise default `present` is used. -@rhmk 10/10/23 + - _Type:_ `string` + - _Default:_ `present` + \ No newline at end of file diff --git a/roles/sap_netweaver_preconfigure/README.md b/roles/sap_netweaver_preconfigure/README.md index ae666ccd8..fc321756a 100644 --- a/roles/sap_netweaver_preconfigure/README.md +++ b/roles/sap_netweaver_preconfigure/README.md @@ -1,37 +1,85 @@ + # sap_netweaver_preconfigure Ansible Role + + +## Description + +The Ansible role `sap_netweaver_preconfigure` installs additional required packages and performs additional OS configuration steps according to applicable SAP notes for installing and running SAP ABAP Application Platform (formerly known as SAP NetWeaver) after the role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) has been executed. + + + + + + +## Prerequisites +Managed nodes: +- Ensure that general operating system configuration for SAP is performed by [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure). See [Recommended](#recommended) section. + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.** + +**NOTE: It is recommended to execute `timesync` role from Ansible Collection `fedora.linux_system_roles` before or after executing this role.** + + + +### Recommended +It is recommended to execute this role together with other roles in this collection, in the following order:
+1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +2. *`sap_netweaver_preconfigure`* + + +### Execution Flow + +1. Assert that required inputs were provided. +2. Install required packages +3. Apply configurations + - Execute configuration tasks based on SAP Notes + - (SUSE) Execute saptune with solution `sap_netweaver_preconfigure_saptune_solution` (Default: `NETWEAVER`) + +**Note: (Red Hat) Due to SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile (e.g. virtual-guest) had been active before or not.** + + +### Example + +Example of execution together with prerequisite role [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) +```yaml +--- +- name: Ansible Play for SAP Netweaver preconfigure + hosts: nwas_ascs, nwas_ers + become: true + tasks: + - name: Execute Ansible Role sap_general_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_general_preconfigure + + - name: Execute Ansible Role sap_netweaver_preconfigure + ansible.builtin.include_role: + name: community.sap_install.sap_netweaver_preconfigure +``` + -This role installs additional required packages and performs additional configuration steps for installing and running SAP NetWeaver. -If you want to configure a RHEL system for the installation and later usage of SAP NetWeaver, you have to first run role `sap_general_preconfigure` and then role sap_netweaver_preconfigure. -For SLES, running the `sap_general_preconfigure` role is not necessary. - -## Requirements - -To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by -running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). -It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP NetWeaver, to maintain an identical -system time, before or after running role sap_netweaver_preconfigure. - -Note ----- -On RHEL, as per SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile -(e.g. virtual-guest) had been active before or not. - -On SLES, this role will switch the saptune solution to the one specified by the configuration and will override any previously set solution. -The default solution is `NETWEAVER`. - -The role can check if enough swap space - as per the prerequisite checker in sapinst - has been configured on the managed node. -Please check the SAP NetWeaver installation guide for swap space requirements. - -Do not run this role against an SAP NetWeaver or other production system. The role will enforce a certain configuration on the managed -node(s), which might not be intended. + + - -## Role Input Parameters + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + -Minimum required parameters: -This role does not require any parameter to be set in the playbook or inventory. +## License + +Apache 2.0 + +## Maintainers + +- [Bernd Finger](https://github.com/berndfinger) + +## Role Variables + ### sap_netweaver_preconfigure_config_all - _Type:_ `bool` - _Default:_ `true` @@ -99,93 +147,13 @@ Set this parameter to `true` when using Adobe Document Services, to ensure all r ### sap_netweaver_preconfigure_saptune_version - _Type:_ `str` -- _Default:_ `3.0.2` -On SLES systems, specifies the saptune version
+(SUSE specific) Specifies the saptune version. ### sap_netweaver_preconfigure_saptune_solution - _Type:_ `str` - _Default:_ `NETWEAVER` -- _Possible Values:_
- - `NETWEAVER` - - `NETWEAVER+HANA` - - `S4HANA-APP+DB` - - `S4HANA-APPSERVER` - - `S4HANA-DBSERVER` - -On SLES systems, specifies the saptune solution to apply.
- - - -## Example Playbook - -Simple playbook, named sap+netweaver.yml: -```yaml ---- -- hosts: all - roles: - - role: sap_general_preconfigure - - role: sap_netweaver_preconfigure -``` - -Simple playbook for an extended check (assert) run, named sap+netweaver-assert.yml: -```yaml ---- -- hosts: all - vars: - sap_preconfigure_assert: yes - sap_preconfigure_assert_ignore_errors: yes - sap_netweaver_preconfigure_assert: yes - sap_netweaver_preconfigure_assert_ignore_errors: yes - roles: - - role: sap_general_preconfigure - - role: sap_netweaver_preconfigure -``` - -## Example Usage -Normal run, for configuring server host_1 for SAP NetWeaver: -```yaml -ansible-playbook sap+netweaver.yml -l host_1 -``` - -Extended Check (assert) run, not aborting if an error has been found: -```yaml -ansible-playbook sap+netweaver-assert.yml -l host_1 -``` - -Same as above, with a nice compact and colored output, this time for two hosts: -```yaml -ansible-playbook sap+netweaver-assert.yml -l host_1,host_2 | -awk '{sub (" \"msg\": ", "")} - /TASK/{task_line=$0} - /fatal:/{fatal_line=$0; nfatal[host]++} - /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} - /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} - /SAP note/{print "\033[30m[" host"] "$0} - /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} - /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} - /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} - /INFO:/{print "\033[34m[" host"] "$0} - /changed/&&/unreachable/{print "\033[30m[" host"] "$0} - END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { - printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line - } - else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' -``` -Note: For terminals with dark background, replace the color code `30m` by `37m`. -In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: -```yaml -printf "\033[37mreadable font\n" -``` -In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: -```yaml -printf "\033[30mreadable font\n" -``` - -## License - -Apache license 2.0 - -## Author Information -Red Hat for SAP Community of Practice, Bernd Finger, Rainer Leber +(SUSE specific) Specifies the saptune solution to apply.
+Available values: `NETWEAVER`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-APPSERVER`, `S4HANA-DBSERVER` + \ No newline at end of file diff --git a/roles/sap_storage_setup/README.md b/roles/sap_storage_setup/README.md index d5e5ff23c..7105d1454 100644 --- a/roles/sap_storage_setup/README.md +++ b/roles/sap_storage_setup/README.md @@ -1,71 +1,129 @@ + # sap_storage_setup Ansible Role + +![Ansible Lint for sap_storage_setup](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_storage_setup.yml/badge.svg) -Ansible Role for preparing a host with the storage requirements of an SAP System (prior to software installation) +## Description + +The Ansible Role `sap_storage_setup` is used to prepare a host with the storage requirements of an SAP System (prior to software installation). -## Scope - -This Ansible Role provides: -- local/block storage volumes setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path -- remote/file storage mount (and subdirectories as required) -- swap file or swap partition - -This Ansible Role has been tested for the following SAP software deployment types: -- SAP HANA Scale-up, Scale-out and Scale-up High Availability -- SAP NetWeaver AS in Sandbox (Two-Tier/OneHost), Standard (Three-Tier/DualHost), Distributed (Multi-Tier) and Distributed High Availability +This role can prepare host with: +- Local block storage volume setup as LVM Logical Volumes, Filesystem formatting and mount to defined directory path +- Remote file storage mount (and subdirectories as required) +- SWAP file or SWAP partition This Ansible Role is agnostic, and will run on any Infrastructure Platform. Only LVM is used for local/block storage, to allow for further expansion if the SAP System requires further storage space in the future. - -Please note, while this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. - -In addition, this Ansible Role: - -- Does not permit static definition for mountpoint to use a specific device (e.g. `/dev/sdk`). The definition will define the disk size to use for the mountpoint, and match accordingly. -- Enforces 1 mountpoint will use 1 LVM Logical Volume (LV) that consumes 100% of an LVM Volume Group (VG), with the LVM Volume Group (VG) consuming 100% of 1..n LVM Physical Volumes (PV). - - For granular control of LVM setup, the suggestion is to instead use Ansible Role `storage` from the `fedora.linux_system_roles` Ansible Collection or the Ansible Roles `lvg/lvol/filesystem` from `community.general` Ansible Collection - - -## Requirements - -The Ansible Role requires the `community.general` Ansible Collection (uses the `lvg`, `lvol` and `filesystem` Ansible Modules). - -Before using this Ansible Role, please make sure that the required collections are installed; for example, by using the command `ansible-galaxy install community.general` - + + + +## Dependencies +- `community.general` + - Modules: + - `lvg` + - `lvol` + - `filesystem` +Install required collection by `ansible-galaxy install community.general`. + + + ## Prerequisites +Managed nodes: +- All local/block storage volumes must be attached to the host +- All remote/file storage mounts must be available with host accessibility (e.g. port 2049). + + +## Execution + +**:warning: Do not execute this Ansible Role against existing SAP systems unless you know what you are doing and you prepare inputs to avoid unintended changes caused by default inputs.**
+:warning: While this Ansible Role has protection against overwrite of existing disks and filesystems - sensible review and care is required for any automation of disk storage. Please review the documentation and samples/examples carefully. It is strongly suggested to initially execute the Ansible Playbook calling this Ansible Role, with `ansible-playbook --check` for Check Mode - this will perform no changes to the host and show which changes would be made. + +**Considerations** +- This role does not permit static definition for mountpoint to use a specific device (e.g. `/dev/sdk`). The definition will define the disk size to use for the mountpoint, and match accordingly. +- This role enforces that 1 mountpoint will use 1 LVM Logical Volume (LV) that consumes 100% of an LVM Volume Group (VG), with the LVM Volume Group (VG) consuming 100% of 1..n LVM Physical Volumes (PV). + - Following roles and modules offer alternative for more granular control of LVM setup: + - Role `storage` from [fedora.linux_system_roles](https://github.com/linux-system-roles/storage) + - Modules `filesystem`, `lvg`, `lvol` from [community.general](https://galaxy.ansible.com/ui/repo/published/community/general/) + + + + + +### Execution Flow + +1. Gather facts about hosts. +2. Create list of unused disk devices +3. Match/Map unused disk devices to the `sap_storage_setup_definition` +4. Create LVM Logical Volumes (and prerequisite LVM Volume Groups and LVM Physical Volumes) +5. Create swap file or swap partition +6. Mount NFS temporarily, create required subdirectories, unmount and mount subdirectory on the NFS share + + + +Example playbook to configure SAP HANA OneHost node on AWS that includes: +- 3 disks for `/hana/data`, `/hana/log` and ` /hana/shared` +- Remote filesystem for `/software` +- SWAP +```yaml +--- +- name: Ansible Play for SAP HANA HA storage setup + hosts: hana_primary + become: true + tasks: + - name: Execute Ansible Role sap_storage_setup + ansible.builtin.include_role: + name: community.sap_install.sap_storage_setup + vars: + sap_storage_setup_sid: "H01" + sap_storage_setup_host_type: "hana_primary" + sap_storage_setup_definition: + - name: hana_data + mountpoint: /hana/data + disk_size: 150 + filesystem_type: xfs + + - name: hana_log + mountpoint: /hana/log + disk_size: 100 + filesystem_type: xfs + + - name: hana_shared + mountpoint: /hana/shared + disk_size: 200 + filesystem_type: xfs + + - name: software + mountpoint: /software + nfs_path: /software + nfs_server: "fs-00000000000000000.efs.eu-central-1.amazonaws.com:/software" + nfs_filesystem_type: "nfs4" + nfs_mount_options: "vers=4.1,hard,timeo=600,retrans=2,acl" + + - name: swap + disk_size: 96 + filesystem_type: swap +``` + -All local/block storage volumes must be attached to the host, and all remote/file storage mounts must be available with host accessibility (e.g. port 2049). - -## Variables and Parameters - -The 3 critical variables are: -- `sap_storage_setup_definition` - a list with a dictionary for each mountpoint (e.g. /hana/data) for the host -- `sap_storage_setup_host_type` - a list which defines SAP Software on the host (e.g. list containing both hana_primary and nwas_abap_ascs values if creating a Sandbox Two-Tier/OneHost) -- `sap_storage_setup_sid` - a string with the SAP System ID of the logical system (e.g. D01) - -## Execution Flow - -The Ansible Role is sequential: -- Get host facts -- Create list of unused disk devices -- Match/Map unused disk devices to the `sap_storage_setup_definition` -- Create LVM Logical Volumes (and prerequisite LVM Volume Groups and LVM Physical Volumes) -- Create swap file or swap partition -- Mount NFS temporarily, create required subdirectories, unmount and mount subdictory on the NFS share - -## Sample + + -Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. + +## Further Information +For more examples on how to use this role in different installation scenarios, refer to the [ansible.playbooks_for_sap](https://github.com/sap-linuxlab/ansible.playbooks_for_sap) playbooks. + ## License - + Apache 2.0 + -## Author Information - -Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions +## Maintainers + +- [Janine Fuchs](https://github.com/ja9fuchs) + ---- - -## Role Input Parameters +## Role Variables + Minimum required parameters: @@ -78,41 +136,83 @@ Minimum required parameters: - _Type:_ `list` -Describes the filesystems to be configured.
+Describes list of the filesystems to be configured.
- **disk_size**
Size of the disk device that is used for the filesystem.
For filesystems with no LVM logical volume striping, this is the total size of the filesystem.
For filesystems with LVM LV striping defined (`lvm_lv_stripes`), this is the size of each disk. The resulting filesystem size will be `disk_size` multiplied by `lvm_lv_stripes` (=disks). + + - _Type:_ `int` + - **filesystem_type**
- _Default:_ `xfs`
The type of filesystem that will be created on the logical volume. + + - _Type:_ `str` + - _Default:_ `xfs` + - **lvm_lv_name**
The name of the LVM volume.
The default name is derived from the name value of the filesystem definition entry, for example 'lv_hanalog'. + + - _Type:_ `str` + - **lvm_lv_stripe_size**
When setting up a striped volume, the stripe size can be defined.
Example format - "128K". + + - _Type:_ `str` + - **lvm_lv_stripes**
- _Default:_ `1`
Number of disks that will be configured in a striped volume.
This requires the availability of the same amount of unused disks, which must be of the size defined in `disk_size`. + + - _Type:_ `int` + _Default:_ `1` + - **lvm_vg_name**
The name of the LVM volume group.
The default name is derived from the name value of the filesystem definition entry, for example 'vg_hanalog'. + + - _Type:_ `str` + - **lvm_vg_physical_extent_size**
- _Default:_ `4`
Adjustable size of the physical extents of the volume group in LVM. + + - _Type:_ `int` + - _Default:_ `4` + - **mountpoint**
The path to where the filesystem will be mounted.
This can be left out for the definition of a swap volume. + + - _Type:_ `str` + - **name**
A name of the filesystem definition entry.
This name is used to generate volume group name and logical volume name. + + - _Type:_ `str` + - **nfs_filesystem_type**
- _Default:_ `nfs4`
The type of the NFS filesystem, for example `nfs`, `nfs4`. + + - _Type:_ `str` + - _Default:_ `nfs4` + - **nfs_mount_options**
Mount options to use for the NFS mount.
Generic default is `hard,acl`.
Defaults depend on the specific platform detected by the role or defined explicitly. + + - _Type:_ `str` + - _Default:_ `hard,acl` + - **nfs_path**
When defining an NFS filesystem, this is the directory path of the filesystem to be mounted. + + - _Type:_ `str` + - **nfs_server**
When defining an NFS filesystem, this is the address of the NFS server.
The address must contain the root path, in which the mount directories exist or will be created.
For example, `192.168.1.100:/`. + + - _Type:_ `str` + - **swap_path**
The path to the swap file.
When this option is defined for a swap filesystem definition, it will create a swap file on an existing filesystem. + - _Type:_ `str` + Example: ```yaml @@ -139,10 +239,12 @@ sap_storage_setup_definition: ### sap_storage_setup_host_type required +- _Type:_ `list` The type of service the target system is going to be configured for.
This can be a list of multiple types which apply to a single host.
If not defined, the default will be inherited from the global parameter `sap_host_type`. One of these parameters must be defined.
+Available values: `hana_primary`, `hana_secondary`, `nwas_abap_ascs`, `nwas_abap_ers`, `nwas_abap_pas`, `nwas_abap_aas`, `nwas_java_scs`, `nwas_java_ers` ### sap_storage_setup_multipath_enable_and_detect @@ -157,5 +259,4 @@ Define if multipathing should be enabled and dynamic multipath devices detected SID of the SAP service.
If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
- - + \ No newline at end of file