diff --git a/roles/sap_vm_provision/defaults/main.yml b/roles/sap_vm_provision/defaults/main.yml index 83befc6..9f671fa 100644 --- a/roles/sap_vm_provision/defaults/main.yml +++ b/roles/sap_vm_provision/defaults/main.yml @@ -84,6 +84,18 @@ sap_vm_provision_nfs_mount_point_type: "" # e.g. nfs, nfs4 sap_vm_provision_nfs_mount_point_opts: "" +#### +# VM Provision - Generic configuration - Calculate for SAP HANA Scale-Out +# Only to be used for SAP HANA Scale-Out, and requires additional changes to +# the Ansible Play that creates the dynamic inventory group before execution +# of the Ansible Role (see documentation) +#### + +# sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator: 1 +# sap_vm_provision_calculate_sap_hana_scaleout_active_worker: 2 +# sap_vm_provision_calculate_sap_hana_scaleout_standby: 1 # Only 0 or 1 + + #### # VM Provision - dynamic inventory variables # Cannot be given a value by end user, the Ansible Role populates the variable @@ -241,32 +253,30 @@ sap_vm_provision_aws_ec2_vs_host_os_image_dictionary: rhel-8-2: "*RHEL-8.2*_HVM*x86_64*" rhel-8-4: "*RHEL-8.4*_HVM*x86_64*" rhel-8-6: "*RHEL-8.6*_HVM*x86_64*" - rhel-7-7-sap-ha: "*RHEL-SAP-7.7*" - rhel-7-9-sap-ha: "*RHEL-SAP-7.9*" + rhel-8-8: "*RHEL-8.8*_HVM*x86_64*" rhel-8-1-sap-ha: "*RHEL-SAP-8.1.0*" rhel-8-2-sap-ha: "*RHEL-SAP-8.2.0*" rhel-8-4-sap-ha: "*RHEL-SAP-8.4.0*" rhel-8-6-sap-ha: "*RHEL-SAP-8.6.0*" + rhel-8-8-sap-ha: "*RHEL-SAP-8.8.0*" + rhel-9-0-sap-ha: "*RHEL-SAP-9.0.0*" + rhel-9-2-sap-ha: "*RHEL-SAP-9.2.0*" sles-15-2: "*suse-sles-15-sp2-v202*-hvm-ssd-x86_64*" sles-15-3: "*suse-sles-15-sp3-v202*-hvm-ssd-x86_64*" sles-15-4: "*suse-sles-15-sp4-v202*-hvm-ssd-x86_64*" - sles-12-5-sap: "*suse-sles-sap-12-sp5-v202*-hvm-ssd-x86_64*" - sles-15-1-sap: "*suse-sles-sap-15-sp1-v202*-hvm-ssd-x86_64*" - sles-15-2-sap: "*suse-sles-sap-15-sp2-v202*-hvm-ssd-x86_64*" - sles-15-3-sap: "*suse-sles-sap-15-sp3-v202*-hvm-ssd-x86_64*" - sles-15-4-sap: "*suse-sles-sap-15-sp4-v202*-hvm-ssd-x86_64*" + sles-15-5: "*suse-sles-15-sp5-v202*-hvm-ssd-x86_64*" + sles-12-5-sap-ha: "*suse-sles-sap-12-sp5-v202*-hvm-ssd-x86_64*" + sles-15-1-sap-ha: "*suse-sles-sap-15-sp1-v202*-hvm-ssd-x86_64*" + sles-15-2-sap-ha: "*suse-sles-sap-15-sp2-v202*-hvm-ssd-x86_64*" + sles-15-3-sap-ha: "*suse-sles-sap-15-sp3-v202*-hvm-ssd-x86_64*" + sles-15-4-sap-ha: "*suse-sles-sap-15-sp4-v202*-hvm-ssd-x86_64*" + sles-15-5-sap-ha: "*suse-sles-sap-15-sp5-v202*-hvm-ssd-x86_64*" # OS Images - Google Cloud sap_vm_provision_gcp_ce_vm_host_os_image_dictionary: rhel-8-latest: project: "rhel-cloud" family: "rhel-8" - rhel-7-7-sap-ha: - project: "rhel-sap-cloud" - family: "rhel-7-7-sap-ha" - rhel-7-9-sap-ha: - project: "rhel-sap-cloud" - family: "rhel-7-9-sap-ha" rhel-8-1-sap-ha: project: "rhel-sap-cloud" family: "rhel-8-1-sap-ha" @@ -279,6 +289,9 @@ sap_vm_provision_gcp_ce_vm_host_os_image_dictionary: rhel-8-6-sap-ha: project: "rhel-sap-cloud" family: "rhel-8-6-sap-ha" + rhel-8-8-sap-ha: + project: "rhel-sap-cloud" + family: "rhel-8-8-sap-ha" sles-15-latest: project: "suse-cloud" family: "sles-15" @@ -297,12 +310,15 @@ sap_vm_provision_ibmcloud_vs_host_os_image_dictionary: rhel-8-4: ".*redhat.*8-4.*minimal.*amd64.*" rhel-8-6: ".*redhat.*8-6.*minimal.*amd64.*" rhel-9-0: ".*redhat.*9-0.*minimal.*amd64.*" - rhel-7-9-sap-ha: ".*redhat.*7-9.*amd64.*hana.*" + rhel-9-2: ".*redhat.*9-2.*minimal.*amd64.*" rhel-8-4-sap-ha: ".*redhat.*8-4.*amd64.*hana.*" rhel-8-6-sap-ha: ".*redhat.*8-6.*amd64.*hana.*" + rhel-8-8-sap-ha: ".*redhat.*8-8.*amd64.*hana.*" + rhel-9-0-sap-ha: ".*redhat.*9-0.*amd64.*hana.*" + rhel-9-2-sap-ha: ".*redhat.*9-0.*amd64.*hana.*" sles-15-3-sap-ha: ".*sles.*15-3.*amd64.*hana.*" - sles-15-4-sap: ".*sles.*15-4.*amd64.*hana.*" - sles-15-5-sap: ".*sles.*15-5.*amd64.*hana.*" + sles-15-4-sap-ha: ".*sles.*15-4.*amd64.*hana.*" + sles-15-5-sap-ha: ".*sles.*15-5.*amd64.*hana.*" # OS Images - IBM Cloud, IBM Power VS 'Full Linux subscription' with support and activation keys sap_vm_provision_ibmcloud_powervs_host_os_image_dictionary: @@ -311,11 +327,12 @@ sap_vm_provision_ibmcloud_powervs_host_os_image_dictionary: rhel-9-2: ".*RHEL.*9.*2" sles-15-3: ".*SLES.*15.*3" sles-15-4: ".*SLES.*15.*4" - rhel-8-4-sap-ha: ".*RHEL.*8.*4.*SAP$" # ensure string suffix using $ rhel-8-6-sap-ha: ".*RHEL.*8.*6.*SAP$" # ensure string suffix using $ - sles-15-2-sap: ".*SLES.*15.*2.*SAP$" # ensure string suffix using $ - sles-15-3-sap: ".*SLES.*15.*3.*SAP$" # ensure string suffix using $ - sles-15-4-sap: ".*SLES.*15.*4.*SAP$" # ensure string suffix using $ + rhel-8-8-sap-ha: ".*RHEL.*8.*8.*SAP$" # ensure string suffix using $ + rhel-9-2-sap-ha: ".*RHEL.*9.*2.*SAP$" # ensure string suffix using $ + sles-15-2-sap-ha: ".*SLES.*15.*2.*SAP$" # ensure string suffix using $ + sles-15-3-sap-ha: ".*SLES.*15.*3.*SAP$" # ensure string suffix using $ + sles-15-4-sap-ha: ".*SLES.*15.*4.*SAP$" # ensure string suffix using $ # OS Images - MS Azure sap_vm_provision_msazure_vm_host_os_image_dictionary: @@ -335,6 +352,22 @@ sap_vm_provision_msazure_vm_host_os_image_dictionary: publisher: "RedHat" offer: "RHEL-SAP-HA" sku: "84sapha-gen2" + rhel-8-6-sap-ha: + publisher: "RedHat" + offer: "RHEL-SAP-HA" + sku: "86sapha-gen2" + rhel-8-8-sap-ha: + publisher: "RedHat" + offer: "RHEL-SAP-HA" + sku: "88sapha-gen2" + rhel-9-0-sap-ha: + publisher: "RedHat" + offer: "RHEL-SAP-HA" + sku: "90sapha-gen2" + rhel-9-2-sap-ha: + publisher: "RedHat" + offer: "RHEL-SAP-HA" + sku: "92sapha-gen2" rhel-8-1-sap-applications: publisher: "RedHat" offer: "RHEL-SAP-HA" @@ -347,6 +380,22 @@ sap_vm_provision_msazure_vm_host_os_image_dictionary: publisher: "RedHat" offer: "RHEL-SAP-HA" sku: "84sapapps-gen2" + rhel-8-6-sap-applications: + publisher: "RedHat" + offer: "RHEL-SAP-applications" + sku: "86sapapps-gen2" + rhel-8-8-sap-applications: + publisher: "RedHat" + offer: "RHEL-SAP-applications" + sku: "88sapapps-gen2" + rhel-9-0-sap-applications: + publisher: "RedHat" + offer: "RHEL-SAP-applications" + sku: "90sapapps-gen2" + rhel-9-2-sap-applications: + publisher: "RedHat" + offer: "RHEL-SAP-applications" + sku: "92sapapps-gen2" sles-15-sp3-sap: publisher: "SUSE" offer: "sles-sap-15-sp3" @@ -421,6 +470,7 @@ sap_vm_provision_ibmcloud_powervs_host_specifications_dictionary: example_host_specification_plan: host1: # Hostname, must be 13 characters or less virtual_machine_profile: ush1-4x256 # alt: use custom SAP instance profile sizes using cnp-2x16 (2 Power Cores [16 vCPU] x 16GB) and above + ibmcloud_powervs_hardware_machine_type: e980 # IBM Power hardware machine type (MT) used to host the Virtual Machine disable_ip_anti_spoofing: true #sap_system_type: project_dev # project_dev, project_tst, project_prd sap_host_type: hana_primary # hana_primary, hana_secondary, anydb_primary, anydb_secondary, nwas_ascs, nwas_ers, nwas_pas, nwas_aas diff --git a/roles/sap_vm_provision/tasks/common/register_os.yml b/roles/sap_vm_provision/tasks/common/register_os.yml index ce5bd58..b63a374 100644 --- a/roles/sap_vm_provision/tasks/common/register_os.yml +++ b/roles/sap_vm_provision/tasks/common/register_os.yml @@ -5,10 +5,9 @@ - name: Ansible Task block for RHEL Package Repositories setup when: - ansible_os_family == 'RedHat' - - sap_vm_provision_os_registration_ca_file_path is defined - - sap_vm_provision_os_registration_script_command is defined - - not sap_vm_provision_os_online_registration_user is defined - - not sap_vm_provision_os_online_registration_passcode is defined + - (sap_vm_provision_os_registration_script_command is defined) and (sap_vm_provision_os_registration_script_command | length > 0) + - (not sap_vm_provision_os_online_registration_user is defined) or (sap_vm_provision_os_online_registration_user | length == 0) + - (not sap_vm_provision_os_online_registration_passcode is defined) or (sap_vm_provision_os_online_registration_passcode | length == 0) block: - name: Red Hat Package Repositories - Clean any existing Red Hat Subscription Manager data @@ -21,6 +20,7 @@ owner: root group: root mode: '0644' + when: (sap_vm_provision_os_registration_ca_file_path is defined) and (sap_vm_provision_os_registration_ca_file_path | length > 0) - name: Red Hat Package Repositories - Update CA trust ansible.builtin.command: update-ca-trust && update-ca-certificates @@ -37,11 +37,9 @@ - name: Ansible Task block for SLES Package Repositories setup when: - ansible_os_family == 'Suse' - - sap_vm_provision_os_registration_ca_file_path is defined - - sap_vm_provision_os_registration_script_command is defined - - not sap_vm_provision_os_online_registration_user is defined - - not sap_vm_provision_os_online_registration_passcode is defined - + - (sap_vm_provision_os_registration_script_command is defined) and (sap_vm_provision_os_registration_script_command | length > 0) + - (not sap_vm_provision_os_online_registration_user is defined) or (sap_vm_provision_os_online_registration_user | length == 0) + - (not sap_vm_provision_os_online_registration_passcode is defined) or (sap_vm_provision_os_online_registration_passcode | length == 0) block: - name: SUSE Package Repositories - Import CA file for SUSE RMT server @@ -51,6 +49,7 @@ owner: root group: root mode: '0644' + when: (sap_vm_provision_os_registration_ca_file_path is defined) and (sap_vm_provision_os_registration_ca_file_path | length > 0) - name: SUSE Package Repositories - Update CA trust ansible.builtin.command: update-ca-trust && update-ca-certificates @@ -66,10 +65,9 @@ - name: Ansible Task block for RHEL Online Package Repositories setup when: - ansible_os_family == 'RedHat' - - not sap_vm_provision_os_registration_ca_file_path is defined - - not sap_vm_provision_os_registration_script_command is defined - - sap_vm_provision_os_online_registration_user is defined - - sap_vm_provision_os_online_registration_passcode is defined + - (not sap_vm_provision_os_registration_script_command is defined) or (sap_vm_provision_os_registration_script_command | length == 0) + - (sap_vm_provision_os_online_registration_user is defined) or (sap_vm_provision_os_online_registration_user | length > 0) + - (sap_vm_provision_os_online_registration_passcode is defined) or (sap_vm_provision_os_online_registration_passcode | length > 0) block: - name: Red Hat Customer Portal (RHCP) Online Package Repositories - Execute @@ -80,10 +78,9 @@ - name: Ansible Task block for SLES Online Package Repositories setup when: - ansible_os_family == 'Suse' - - not sap_vm_provision_os_registration_ca_file_path is defined - - not sap_vm_provision_os_registration_script_command is defined - - sap_vm_provision_os_online_registration_user is defined - - sap_vm_provision_os_online_registration_passcode is defined + - (not sap_vm_provision_os_registration_script_command is defined) or (sap_vm_provision_os_registration_script_command | length == 0) + - (sap_vm_provision_os_online_registration_user is defined) or (sap_vm_provision_os_online_registration_user | length > 0) + - (sap_vm_provision_os_online_registration_passcode is defined) or (sap_vm_provision_os_online_registration_passcode | length > 0) block: - name: SUSE Customer Center (SCC) Online Package Repositories - Execute diff --git a/roles/sap_vm_provision/tasks/common/register_proxy.yml b/roles/sap_vm_provision/tasks/common/register_proxy.yml index 4c89780..40ebddd 100644 --- a/roles/sap_vm_provision/tasks/common/register_proxy.yml +++ b/roles/sap_vm_provision/tasks/common/register_proxy.yml @@ -4,7 +4,7 @@ - name: Ansible Task block for Web Forward Proxy setup when: - - sap_vm_provision_proxy_web_forward_proxy_ip is defined + - (sap_vm_provision_proxy_web_forward_proxy_ip is defined) and (sap_vm_provision_proxy_web_forward_proxy_ip | length > 0) block: - name: Set var for non-interactive login shell on RHEL diff --git a/roles/sap_vm_provision/tasks/common/set_ansible_vars.yml b/roles/sap_vm_provision/tasks/common/set_ansible_vars.yml index 10df655..a6140c6 100644 --- a/roles/sap_vm_provision/tasks/common/set_ansible_vars.yml +++ b/roles/sap_vm_provision/tasks/common/set_ansible_vars.yml @@ -51,7 +51,7 @@ sap_ha_pacemaker_cluster_aws_region: "{{ sap_ha_pacemaker_cluster_aws_region }}" sap_ha_pacemaker_cluster_aws_access_key_id: "{{ sap_ha_pacemaker_cluster_aws_access_key_id }}" sap_ha_pacemaker_cluster_aws_secret_access_key: "{{ sap_ha_pacemaker_cluster_aws_secret_access_key }}" - sap_ha_pacemaker_cluster_aws_vip_update_rt: "{{ __sap_vm_provision_task_vpc_subnet_rt_info.route_tables[0].route_table_id }}" + sap_ha_pacemaker_cluster_aws_vip_update_rt: "{{ __sap_vm_provision_task_aws_vpc_subnet_rt_info.route_tables[0].route_table_id }}" when: - sap_ha_pacemaker_cluster_aws_region is defined - sap_vm_provision_iac_platform == "aws_ec2_vs" @@ -67,7 +67,7 @@ - name: Set facts for all hosts - use facts from localhost - HA/DR - IBM Cloud, IBM Power VS ansible.builtin.set_fact: - sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn: "{{ register_ibmcloud_power_iaas_workspace_service_instance.resource.crn }}" + sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn: "{{ __sap_vm_provision_task_ibmcloud_pi_workspace_service_instance.resource.crn }}" sap_ha_pacemaker_cluster_ibmcloud_api_key: "{{ sap_ha_pacemaker_cluster_ibmcloud_api_key }}" sap_ha_pacemaker_cluster_ibmcloud_region: "{{ list_ibmcloud_powervs_location_to_powervs_region[sap_vm_provision_ibmcloud_powervs_location] }}" # Lookup IBM Power VS Region from the given IBM Power VS Location during sap_vm_provision execution when: diff --git a/roles/sap_vm_provision/tasks/common/set_ansible_vars_storage.yml b/roles/sap_vm_provision/tasks/common/set_ansible_vars_storage.yml index d1f0393..b8925bb 100644 --- a/roles/sap_vm_provision/tasks/common/set_ansible_vars_storage.yml +++ b/roles/sap_vm_provision/tasks/common/set_ansible_vars_storage.yml @@ -5,7 +5,7 @@ ansible.builtin.set_fact: host_node_scaleout_origin_spec: "{{ ansible_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in vars[ansible_prompt_iac_platform_choice + '_host_specifications_dictionary'][sap_vm_provision_host_specification_plan].keys() # Use inventory_hostname_short to retrieve host specification from the dictionary. While ansible_hostname will work for Ansible only, using Ansible>Terraform may see ansible_hostname as 'localhost' and fail diff --git a/roles/sap_vm_provision/tasks/common/set_etc_hosts_scaleout.yml b/roles/sap_vm_provision/tasks/common/set_etc_hosts_scaleout.yml index 506259d..ae637a8 100644 --- a/roles/sap_vm_provision/tasks/common/set_etc_hosts_scaleout.yml +++ b/roles/sap_vm_provision/tasks/common/set_etc_hosts_scaleout.yml @@ -4,7 +4,7 @@ - name: Ansible Play for controlling execution to an Infrastructure Platform when SAP HANA Scale-Out is used when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) block: # Required to collect the remote host's facts for further processing @@ -35,7 +35,7 @@ loop_control: label: "{{ inventory_hostname_short }}" when: - - (sap_hana_scaleout_standby == 0) or (not sap_hana_scaleout_standby is defined) + - (sap_vm_provision_calculate_sap_hana_scaleout_standby == 0) or (not sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Update /etc/hosts file for SAP HANA Scale-Out Active Workers (with Standby) ansible.builtin.lineinfile: @@ -46,7 +46,7 @@ - "# SAP HANA scale-out workers\n{% for host in (groups['hana_primary'] | reject('search', '0') | list)[:-1] %}{% if (host != inventory_hostname_short) %}{{ hostvars[host]['ansible_host'] }}\t{{ hostvars[host]['ansible_fqdn'] }}\t{{ hostvars[host]['inventory_hostname_short'] }}\n{% endif %}{% endfor %}" loop_control: label: "{{ inventory_hostname_short }}" - when: sap_hana_scaleout_standby > 0 + when: sap_vm_provision_calculate_sap_hana_scaleout_standby > 0 - name: Update /etc/hosts file for SAP HANA Scale-Out Standby ansible.builtin.lineinfile: @@ -58,5 +58,5 @@ loop_control: label: "{{ inventory_hostname_short }}" when: - - sap_hana_scaleout_standby > 0 + - sap_vm_provision_calculate_sap_hana_scaleout_standby > 0 - not inventory_hostname_short == hostvars[(groups['hana_primary'] | last)]['inventory_hostname_short'] diff --git a/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_main.yml index 51a2722..f34ce81 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_main.yml @@ -71,7 +71,7 @@ file: common/set_ansible_vars.yml - name: Ansible AWS Route53 DNS Records for hosts - register: __sap_vm_provision_task_route53 + register: __sap_vm_provision_task_aws_route53 no_log: "{{ __sap_vm_provision_no_log }}" amazon.aws.route53: state: present @@ -100,7 +100,7 @@ - __sap_vm_provision_task_provision_host_single_volumes - __sap_vm_provision_task_provision_host_all_add - __sap_vm_provision_task_aws_vpc_subnet_rt_info - - __sap_vm_provision_task_route53 + - __sap_vm_provision_task_aws_route53 loop_control: loop_var: loop_item index_var: loop_item_index @@ -144,7 +144,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage diff --git a/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_provision.yml index 5747e5f..7c62e81 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_provision.yml @@ -11,7 +11,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() - name: Provision AWS EC2 Virtual Server instance diff --git a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_main.yml index 8e941b0..3639180 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_main.yml @@ -21,7 +21,7 @@ - family = "{{ lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_os_image_dictionary')[sap_vm_provision_gcp_ce_vm_host_os_image].family }}" - -deprecated.state = DEPRECATED auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" - name: Identify GCP Network (VPC) no_log: "{{ __sap_vm_provision_no_log }}" @@ -31,7 +31,7 @@ filters: - name = "{{ sap_vm_provision_gcp_vpc_name }}" auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" - name: Identify GCP Subnetwork (VPC Subnet) no_log: "{{ __sap_vm_provision_no_log }}" @@ -42,7 +42,7 @@ filters: - name = "{{ sap_vm_provision_gcp_vpc_subnet_name }}" auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" - name: Set fact to hold loop variables from include_tasks ansible.builtin.set_fact: @@ -93,7 +93,7 @@ filters: - name = {{ inventory_hostname }} auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" - name: Gather GCP VPC Subnet information no_log: "{{ __sap_vm_provision_no_log }}" @@ -104,7 +104,7 @@ filters: - name = {{ sap_vm_provision_gcp_vpc_subnet_name }} auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" - name: Gather GCP Private DNS information no_log: "{{ __sap_vm_provision_no_log }}" @@ -113,7 +113,7 @@ project: "{{ sap_vm_provision_gcp_project }}" dns_name: "{{ sap_vm_provision_dns_root_domain }}." auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # - name: Gather information about GCP Router and table for the VPC Subnet # no_log: "{{ __sap_vm_provision_no_log }}" @@ -125,7 +125,7 @@ # - network = "{{ __sap_vm_provision_task_gcp_vpc_info.resources[0].selfLink }}" # # - name = sap-vpc-router # auth_kind: "serviceaccount" - # service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + # service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # - name: Verify IP Forwarding for GCP VMs # ansible.builtin.fail: @@ -147,7 +147,7 @@ type: A ttl: 7200 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" until: not __sap_vm_provision_task_gcp_pdns_records.failed retries: 5 delay: 5 @@ -275,7 +275,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage diff --git a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_provision.yml index cd8529e..6050f77 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_provision.yml @@ -11,7 +11,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() # Create flat list with names for each volume to be created. @@ -52,7 +52,7 @@ name: "{{ inventory_hostname + '-vol-' + vol_item.name | replace('_', '-')}}" size_gb: "{{ vol_item.size }}" auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ storage_disks_map }}" loop_control: loop_var: vol_item @@ -120,7 +120,7 @@ - "https://www.googleapis.com/auth/cloud-platform" # Allow full access to all Cloud APIs # ["compute-rw", "storage-rw", "logging-write", "monitoring-write", "service-control", "service-management"] auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # Required as state: present on Ansible Module gcp_compute_instance does not allow for waiting until VM has booted - name: Wait 90 seconds for Google Cloud VM to boot @@ -138,7 +138,7 @@ filters: - name = {{ inventory_hostname }} auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" - name: Create fact for delegate host IP ansible.builtin.set_fact: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_setup_ha.yml b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_setup_ha.yml index 4037919..ba71fdb 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_setup_ha.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_setup_ha.yml @@ -16,7 +16,7 @@ # network: # selfLink: "{{ __sap_vm_provision_task_gcp_vpc_info.resources[0].selfLink }}" # auth_kind: "serviceaccount" -# service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" +# service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # loop: "{{ (groups['hana_primary'] | default([])) }}" # loop_control: # loop_var: host_node @@ -37,7 +37,7 @@ type: A ttl: 7200 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['hana_primary'] | default([])) }}" loop_control: loop_var: host_node @@ -58,7 +58,7 @@ # network: # selfLink: "{{ __sap_vm_provision_task_gcp_vpc_info.resources[0].selfLink }}" # auth_kind: "serviceaccount" -# service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" +# service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # loop: "{{ (groups['anydb_primary'] | default([])) }}" # loop_control: # loop_var: host_node @@ -79,7 +79,7 @@ type: A ttl: 7200 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['anydb_primary'] | default([])) }}" loop_control: loop_var: host_node @@ -100,7 +100,7 @@ # network: # selfLink: "{{ __sap_vm_provision_task_gcp_vpc_info.resources[0].selfLink }}" # auth_kind: "serviceaccount" -# service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" +# service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # loop: "{{ (groups['nwas_ascs'] | default([])) }}" # loop_control: # loop_var: host_node @@ -121,7 +121,7 @@ type: A ttl: 7200 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['nwas_ascs'] | default([])) }}" loop_control: loop_var: host_node @@ -142,7 +142,7 @@ # network: # selfLink: "{{ __sap_vm_provision_task_gcp_vpc_info.resources[0].selfLink }}" # auth_kind: "serviceaccount" -# service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" +# service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # loop: "{{ (groups['nwas_ers'] | default([])) }}" # loop_control: # loop_var: host_node @@ -163,7 +163,7 @@ type: A ttl: 7200 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['nwas_ers'] | default([])) }}" loop_control: loop_var: host_node @@ -186,7 +186,7 @@ # network: # selfLink: "{{ __sap_vm_provision_task_gcp_vpc_info.resources[0].selfLink }}" # auth_kind: "serviceaccount" -# service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" +# service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # loop: "{{ (groups['nwas_pas'] | default([])) }}" # loop_control: # loop_var: host_node @@ -207,7 +207,7 @@ # type: A # ttl: 7200 # auth_kind: "serviceaccount" -# service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" +# service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # loop: "{{ (groups['nwas_pas'] | default([])) }}" # loop_control: # loop_var: host_node @@ -228,7 +228,7 @@ # network: # selfLink: "{{ __sap_vm_provision_task_gcp_vpc_info.resources[0].selfLink }}" # auth_kind: "serviceaccount" -# service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" +# service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # loop: "{{ (groups['nwas_aas'] | default([])) }}" # loop_control: # loop_var: host_node @@ -249,7 +249,7 @@ # type: A # ttl: 7200 # auth_kind: "serviceaccount" -# service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" +# service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" # loop: "{{ (groups['nwas_aas'] | default([])) }}" # loop_control: # loop_var: host_node @@ -286,7 +286,7 @@ #network_tier: PREMIUM # An address with type INTERNAL cannot have a network tier purpose: GCE_ENDPOINT # GCE_ENDPOINT is for addresses used by VMs, alias IP ranges, and internal load balancers auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - vip_item | length > 0 - groups["hana_secondary"] is defined and (groups["hana_secondary"]|length>0) @@ -312,7 +312,7 @@ unhealthy_threshold: 2 healthy_threshold: 2 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["hana_secondary"] is defined and (groups["hana_secondary"]|length>0) @@ -325,7 +325,7 @@ filters: - name = {{ host_node }} auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ groups_merged_list }}" loop_control: loop_var: host_node @@ -346,7 +346,7 @@ # - name: http # default, not applicable to internal passthrough NLB, only applicable to proxy NLB # port: 80 # default auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['hana_primary'] | default([])) }}" loop_control: loop_var: host_node @@ -367,7 +367,7 @@ # - name: http # default, not applicable to internal passthrough NLB, only applicable to proxy NLB # port: 80 # default auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['hana_secondary'] | default([])) }}" loop_control: loop_var: host_node @@ -401,7 +401,7 @@ session_affinity: NONE #timeout_sec: 30 # value ignored for internal passthrough NLB, default 30s to wait for backend before failure - see https://cloud.google.com/load-balancing/docs/backend-service#timeout-setting auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["hana_secondary"] is defined and (groups["hana_secondary"]|length>0) @@ -423,7 +423,7 @@ load_balancing_scheme: INTERNAL network_tier: PREMIUM auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - vip_item | length > 0 - groups["hana_secondary"] is defined and (groups["hana_secondary"]|length>0) @@ -442,7 +442,7 @@ filters: - name = "lb-backend-service-hana" auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["hana_secondary"] is defined and (groups["hana_secondary"]|length>0) @@ -461,7 +461,7 @@ #network_tier: PREMIUM # An address with type INTERNAL cannot have a network tier purpose: GCE_ENDPOINT # GCE_ENDPOINT is for addresses used by VMs, alias IP ranges, and internal load balancers auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - vip_item | length > 0 - groups["anydb_secondary"] is defined and (groups["anydb_secondary"]|length>0) @@ -487,7 +487,7 @@ unhealthy_threshold: 2 healthy_threshold: 2 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["anydb_secondary"] is defined and (groups["anydb_secondary"]|length>0) @@ -500,7 +500,7 @@ filters: - name = {{ host_node }} auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ groups_merged_list }}" loop_control: loop_var: host_node @@ -521,7 +521,7 @@ # - name: http # default, not applicable to internal passthrough NLB, only applicable to proxy NLB # port: 80 # default auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['anydb_primary'] | default([])) }}" loop_control: loop_var: host_node @@ -542,7 +542,7 @@ # - name: http # default, not applicable to internal passthrough NLB, only applicable to proxy NLB # port: 80 # default auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['anydb_secondary'] | default([])) }}" loop_control: loop_var: host_node @@ -576,7 +576,7 @@ session_affinity: NONE #timeout_sec: 30 # value ignored for internal passthrough NLB, default 30s to wait for backend before failure - see https://cloud.google.com/load-balancing/docs/backend-service#timeout-setting auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["anydb_secondary"] is defined and (groups["anydb_secondary"]|length>0) @@ -598,7 +598,7 @@ load_balancing_scheme: INTERNAL network_tier: PREMIUM auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - vip_item | length > 0 - groups["anydb_secondary"] is defined and (groups["anydb_secondary"]|length>0) @@ -617,7 +617,7 @@ filters: - name = "lb-backend-service-anydb" auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["anydb_secondary"] is defined and (groups["anydb_secondary"]|length>0) @@ -636,7 +636,7 @@ #network_tier: PREMIUM # An address with type INTERNAL cannot have a network tier purpose: GCE_ENDPOINT # GCE_ENDPOINT is for addresses used by VMs, alias IP ranges, and internal load balancers auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -654,7 +654,7 @@ #network_tier: PREMIUM # An address with type INTERNAL cannot have a network tier purpose: GCE_ENDPOINT # GCE_ENDPOINT is for addresses used by VMs, alias IP ranges, and internal load balancers auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -674,7 +674,7 @@ unhealthy_threshold: 2 healthy_threshold: 2 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -694,7 +694,7 @@ unhealthy_threshold: 2 healthy_threshold: 2 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -707,7 +707,7 @@ filters: - name = {{ host_node }} auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ groups_merged_list }}" loop_control: loop_var: host_node @@ -728,7 +728,7 @@ # - name: http # default, not applicable to internal passthrough NLB, only applicable to proxy NLB # port: 80 # default auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['nwas_ascs'] | default([])) }}" loop_control: loop_var: host_node @@ -749,7 +749,7 @@ # - name: http # default, not applicable to internal passthrough NLB, only applicable to proxy NLB # port: 80 # default auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" loop: "{{ (groups['nwas_ers'] | default([])) }}" loop_control: loop_var: host_node @@ -783,7 +783,7 @@ session_affinity: NONE #timeout_sec: 30 # value ignored for internal passthrough NLB, default 30s to wait for backend before failure - see https://cloud.google.com/load-balancing/docs/backend-service#timeout-setting auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -814,7 +814,7 @@ session_affinity: NONE #timeout_sec: 30 # value ignored for internal passthrough NLB, default 30s to wait for backend before failure - see https://cloud.google.com/load-balancing/docs/backend-service#timeout-setting auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -836,7 +836,7 @@ load_balancing_scheme: INTERNAL network_tier: PREMIUM auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -858,7 +858,7 @@ load_balancing_scheme: INTERNAL network_tier: PREMIUM auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -872,7 +872,7 @@ filters: - name = "lb-backend-service-nwas-ascs" auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -885,6 +885,6 @@ filters: - name = "lb-backend-service-nwas-ers" auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) diff --git a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/post_deployment_execute.yml b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/post_deployment_execute.yml index c005d1d..d9dc144 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/post_deployment_execute.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/post_deployment_execute.yml @@ -60,7 +60,7 @@ unhealthy_threshold: 2 healthy_threshold: 2 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["hana_secondary"] is defined and (groups["hana_secondary"]|length>0) @@ -80,7 +80,7 @@ unhealthy_threshold: 2 healthy_threshold: 2 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["anydb_secondary"] is defined and (groups["anydb_secondary"]|length>0) @@ -100,7 +100,7 @@ unhealthy_threshold: 2 healthy_threshold: 2 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) @@ -120,6 +120,6 @@ unhealthy_threshold: 2 healthy_threshold: 2 auth_kind: "serviceaccount" - service_account_contents: "{{ sap_vm_provision_gcp_credentials_json }}" + service_account_file: "{{ sap_vm_provision_gcp_credentials_json }}" when: - groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0) diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_main.yml index c513f1a..a7642b5 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_main.yml @@ -62,7 +62,7 @@ # DNS may exist in separate Resource Group # Use empty string var (or default false if undefined) to evaluate to false boolean - - name: Identify Resource Group info for Private DNS + - name: Identify Resource Group info for IBM Cloud Private DNS no_log: "{{ __sap_vm_provision_no_log }}" register: __sap_vm_provision_task_ibmcloud_resource_group_dns ibm.cloudcollection.ibm_resource_group_info: @@ -80,7 +80,7 @@ name: "{{ sap_vm_provision_ibmcloud_powervs_workspace_name }}" ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" - - name: Identify pre-loaded Power Infrastructure SSH Public Key info + - name: Identify pre-loaded IBM Power Infrastructure SSH Public Key info no_log: "{{ __sap_vm_provision_no_log }}" register: __sap_vm_provision_task_ibmcloud_pi_ssh_public_key environment: @@ -90,7 +90,7 @@ pi_key_name: "{{ sap_vm_provision_ibmcloud_powervs_key_pair_name_ssh_host_public_key }}" ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" - - name: Identify Power Infrastructure VLAN Subnet info + - name: Identify IBM Power Infrastructure VLAN Subnet info no_log: "{{ __sap_vm_provision_no_log }}" register: __sap_vm_provision_task_ibmcloud_pi_subnet environment: @@ -100,19 +100,19 @@ pi_network_name: "{{ sap_vm_provision_ibmcloud_powervs_vlan_subnet_name }}" ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" - - name: Identify Power Infrastructure OS Image list - no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_task_ibmcloud_pi_os_image_list - environment: - IC_REGION: "{{ sap_vm_provision_ibmcloud_powervs_region }}" - ibm.cloudcollection.ibm_pi_catalog_images_info: - pi_cloud_instance_id: "{{ __sap_vm_provision_task_ibmcloud_pi_workspace_service_instance.resource.guid }}" # must be GUID, not CRN - sap: true # Return all OS Images for SAP - ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" + - name: Confirm IBM Power Infrastructure VLAN Subnet uses IBM Cloud IaaS Backbone DNS Resolver + ansible.builtin.fail: + msg: + If IBM Power Infrastructure Workspace uses Power Edge Router (and not legacy Cloud Connection) networking configuration, + then Subnet DNS Default should use IBM Cloud IaaS Backbone DNS Resolver 161.26.0.10/11 (which will be populated into /etc/resolv.conf). + Otherwise cloud-init actions during provisioning may not be successful. + when: + - not sap_vm_provision_proxy_web_forward_proxy_ip is defined + - not (__sap_vm_provision_task_ibmcloud_pi_subnet.resource.dns | first) in ['161.26.0.10', '161.26.0.11'] # DNS may exist in separate Resource Group # If previous identification task is skipped, use resource group else use the resource group defined for the Private DNS - - name: Identify Private DNS instance + - name: Identify IBM Cloud Private DNS instance no_log: "{{ __sap_vm_provision_no_log }}" register: __sap_vm_provision_task_ibmcloud_pdns_service_instance ibm.cloudcollection.ibm_resource_instance_info: @@ -122,18 +122,28 @@ name: "{{ sap_vm_provision_ibmcloud_private_dns_instance_name }}" ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" - - name: Identify Private DNS Zone info + - name: Identify IBM Cloud Private DNS Zone info no_log: "{{ __sap_vm_provision_no_log }}" register: __sap_vm_provision_task_ibmcloud_pdns ibm.cloudcollection.ibm_dns_zones_info: instance_id: "{{ __sap_vm_provision_task_ibmcloud_pdns_service_instance.resource.guid }}" ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" - - name: Set fact for latest IBM Power Infrastructure OS Catalog Stock Image + - name: Identify IBM Power Infrastructure OS Catalog Stock Image list + no_log: "{{ __sap_vm_provision_no_log }}" + register: __sap_vm_provision_task_ibmcloud_pi_os_image_list + environment: + IC_REGION: "{{ sap_vm_provision_ibmcloud_powervs_region }}" + ibm.cloudcollection.ibm_pi_catalog_images_info: + pi_cloud_instance_id: "{{ __sap_vm_provision_task_ibmcloud_pi_workspace_service_instance.resource.guid }}" # must be GUID, not CRN + sap: true # Return all OS Images for SAP + ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" + + - name: Set fact for selected IBM Power Infrastructure OS Catalog Stock Image ansible.builtin.set_fact: register_ibmcloud_pi_os_image_selected: "{{ __sap_vm_provision_task_ibmcloud_pi_os_image_list.resource.images | rejectattr('name', 'search', '.*BYOL.*') | selectattr('name', 'search', lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_os_image_dictionary')[sap_vm_provision_ibmcloud_powervs_host_os_image]) | sort(reverse=True,case_sensitive=False,attribute='name') | first }}" - - name: Create Boot Image from IBM Power Infrastructure OS Catalog Stock Image + - name: Import Boot Image to current IBM Power Infrastructure Workspace from the IBM Power Infrastructure OS Catalog Stock Image no_log: "{{ __sap_vm_provision_no_log }}" register: __sap_vm_provision_task_ibmcloud_pi_os_image_provisioned environment: @@ -146,6 +156,19 @@ failed_when: not __sap_vm_provision_task_ibmcloud_pi_os_image_provisioned.rc == 0 and not 'already exists' in __sap_vm_provision_task_ibmcloud_pi_os_image_provisioned.stderr run_once: true + - name: Identify IBM Power Infrastructure Workspace imported OS Image list + no_log: "{{ __sap_vm_provision_no_log }}" + register: __sap_vm_provision_task_ibmcloud_pi_imported_os_image_list + environment: + IC_REGION: "{{ sap_vm_provision_ibmcloud_powervs_region }}" + ibm.cloudcollection.ibm_pi_images_info: + pi_cloud_instance_id: "{{ __sap_vm_provision_task_ibmcloud_pi_workspace_service_instance.resource.guid }}" # must be GUID, not CRN + ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" + + - name: Set fact for selected IBM Power Infrastructure imported OS Image + ansible.builtin.set_fact: + register_ibmcloud_pi_imported_os_image_selected: "{{ __sap_vm_provision_task_ibmcloud_pi_imported_os_image_list.resource.image_info | rejectattr('name', 'search', '.*BYOL.*') | selectattr('name', 'search', lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_os_image_dictionary')[sap_vm_provision_ibmcloud_powervs_host_os_image]) | sort(reverse=True,case_sensitive=False,attribute='name') | first }}" + # Use check to avoid idempotency issues with legacy ibm.cloudcollection Ansible Collection (until ibm.cloud Ansible Collection is ready) - name: Check for existing Boot Image imported already from IBM Power Infrastructure OS Catalog Stock Image no_log: "{{ __sap_vm_provision_no_log }}" @@ -154,7 +177,7 @@ IC_REGION: "{{ sap_vm_provision_ibmcloud_powervs_region }}" ibm.cloudcollection.ibm_pi_image_info: pi_cloud_instance_id: "{{ __sap_vm_provision_task_ibmcloud_pi_workspace_service_instance.resource.guid }}" # must be GUID, not CRN - pi_image_name: "{{ register_ibmcloud_pi_os_image_selected.name }}" + pi_image_name: "{{ register_ibmcloud_pi_imported_os_image_selected.name }}" ibmcloud_api_key: "{{ sap_vm_provision_ibmcloud_api_key }}" run_once: true @@ -284,7 +307,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage @@ -296,35 +319,61 @@ path: /etc/resolv.conf line: nameserver 161.26.0.10 - - name: Register Web Forward Proxy + # Not applicable to the IBM PowerVS Workspace enabled with Power Edge Router (from Q4-2023 onwards) + - name: Register Web Forward Proxy (for legacy Power Infrastructure Cloud Connections networking configuration) ansible.builtin.include_tasks: file: common/register_proxy.yml + when: sap_vm_provision_proxy_web_forward_proxy_ip is defined + # Not applicable to the IBM PowerVS Workspace enabled with Power Edge Router (from Q4-2023 onwards) # Extract the generated command string and activation key from /usr/share, then execute script from /usr/local/bin # Use nohup to ensure completion, wait 2 minutes # Verify with /var/log/rhsm/rhsm.log if necessary - - name: Execute OS Activation Script for IBM Power Virtual Server - RHEL + - name: Execute OS Activation Script for IBM Power Virtual Server - RHEL - IBM PowerVS Workspace with legacy Cloud Connection ansible.builtin.shell: | - set -o pipefail && web_proxy_ip_port="{{ sap_vm_provision_proxy_web_forward_proxy_ip }}" - set -o pipefail && if [[ ! -f /usr/share/powervs-fls/powervs-fls-readme.md ]]; then echo "File does not exist" && exit 1; fi - set -o pipefail && activation_script_exec=$(cat /usr/share/powervs-fls/powervs-fls-readme.md | grep networklayer.com | sed "s|Private.proxy.IP.address:3128|$web_proxy_ip_port|" | sed 's|. ||') - set -o pipefail && nohup $activation_script_exec >/dev/null 2>&1 - set -o pipefail && sleep 120 + set -o pipefail && web_proxy_ip_port="{{ sap_vm_provision_proxy_web_forward_proxy_ip | default('') }}" + set -o pipefail && if [[ ! -f /usr/share/powervs-fls/powervs-fls-readme.md ]] ; then workspace_per=true ; else workspace_legacy_cc=true ; fi + set -o pipefail && if [ "${workspace_per}" = true ]; then echo "Not required, automatically executed in IBM Power VS Workspace with Power Edge Router enabled" exit 0 ; fi + set -o pipefail && if [ "${workspace_legacy_cc}" = true ]; then activation_script_exec=$(cat /usr/share/powervs-fls/powervs-fls-readme.md | grep networklayer.com | sed "s|Private.proxy.IP.address:3128|$web_proxy_ip_port|" | sed 's|. ||') ; fi + set -o pipefail && if [ "${workspace_legacy_cc}" = true ]; then nohup $activation_script_exec >/dev/null 2>&1 ; fi + set -o pipefail && if [ "${workspace_legacy_cc}" = true ]; then sleep 120 ; fi when: ansible_os_family == "RedHat" + # Not applicable to the IBM PowerVS Workspace enabled with Power Edge Router (from Q4-2023 onwards) # Extract the generated command string and activation key from /usr/share, then execute script from /usr/local/bin # Use nohup to ensure completion, wait 2 minutes - - name: Execute OS Activation Script for IBM Power Virtual Server - SLES + - name: Execute OS Activation Script for IBM Power Virtual Server - SLES - IBM PowerVS Workspace with legacy Cloud Connection ansible.builtin.shell: | - set -o pipefail && web_proxy_ip_port="{{ sap_vm_provision_proxy_web_forward_proxy_ip }}" - set -o pipefail && if [[ ! -f /usr/share/powervs-fls/powervs-fls-readme.md ]]; then echo "File does not exist" && exit 1; fi - set -o pipefail && activation_script_exec=$(cat /usr/share/powervs-fls/powervs-fls-readme.md | grep networklayer.com | sed 's|. ||' | sed "s|$|$web_proxy_ip_port|") - set -o pipefail && nohup $activation_script_exec >/dev/null 2>&1 - set -o pipefail && sleep 60 + set -o pipefail && web_proxy_ip_port="{{ sap_vm_provision_proxy_web_forward_proxy_ip | default('') }}" + set -o pipefail && if [[ ! -f /usr/share/powervs-fls/powervs-fls-readme.md ]] ; then workspace_per=true ; else workspace_legacy_cc=true ; fi + set -o pipefail && if [ "${workspace_per}" = true ]; then echo "Not required, automatically executed in IBM Power VS Workspace with Power Edge Router enabled" exit 0 ; fi + set -o pipefail && if [ "${workspace_legacy_cc}" = true ]; then activation_script_exec=$(cat /usr/share/powervs-fls/powervs-fls-readme.md | grep networklayer.com | sed 's|. ||' | sed "s|$|$web_proxy_ip_port|") ; fi + set -o pipefail && if [ "${workspace_legacy_cc}" = true ]; then nohup $activation_script_exec >/dev/null 2>&1 ; fi + set -o pipefail && if [ "${workspace_legacy_cc}" = true ]; then sleep 120 ; fi set -o pipefail && SUSEConnect --product PackageHub/{{ ansible_distribution_version }}/ppc64le when: ansible_os_family == "Suse" - # Enusure lock to RHEL major.minor version + - name: Verify connection to NFS + ansible.builtin.wait_for: + host: "{{ sap_vm_provision_nfs_mount_point | regex_replace(':.*', '') }}" + port: 2049 + delay: 10 + sleep: 10 + connect_timeout: 15 + timeout: 120 + when: sap_vm_provision_nfs_mount_point is defined + + - name: Verify connection to separate NFS for SAP Transport Directory + ansible.builtin.wait_for: + host: "{{ sap_vm_provision_nfs_mount_point_separate_sap_transport_dir | regex_replace(':.*', '') }}" + port: 2049 + delay: 10 + sleep: 10 + connect_timeout: 15 + timeout: 120 + when: sap_vm_provision_nfs_mount_point_separate_sap_transport_dir is defined + + # Ensure lock to RHEL major.minor version # Lock using subscription-manager release --set or /var/lib/rhsm/cache/releasever.json, alternatively using /etc/yum/vars/releasever or /etc/dnf/vars/releasever - name: Set facts on each host - HA/DR diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_provision.yml index bac424d..3862b07 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_provision.yml @@ -11,7 +11,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() @@ -23,10 +23,12 @@ pi_cloud_instance_id: "{{ __sap_vm_provision_task_ibmcloud_pi_workspace_service_instance.resource.guid }}" # must be GUID, not CRN pi_instance_name: "{{ inventory_hostname }}" - pi_image_id: "{{ __sap_vm_provision_task_ibmcloud_pi_os_image_provisioned.resource.id if __sap_vm_provision_task_ibmcloud_pi_os_image_provisioned.rc == 0 else __sap_vm_provision_task_ibmcloud_pi_os_image_existing.resource.id }}" + pi_image_id: "{{ __sap_vm_provision_task_ibmcloud_pi_os_image_existing.resource.id }}" + + pi_sys_type: "{{ lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan][scaleout_origin_host_spec | default(inventory_hostname)].ibmcloud_powervs_hardware_machine_type }}" - pi_sys_type: e980 pi_sap_profile_id: "{{ lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan][scaleout_origin_host_spec | default(inventory_hostname)].virtual_machine_profile }}" + pi_key_pair_name: "{{ sap_vm_provision_ibmcloud_powervs_key_pair_name_ssh_host_public_key }}" pi_network: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_main.yml index 3762a49..501d6d1 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_main.yml @@ -187,7 +187,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_provision.yml index d5e3ca0..cc0525e 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_provision.yml @@ -11,7 +11,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() - name: Provision IBM Cloud Virtual Server instance diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_main.yml index 97ea597..023dc59 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_main.yml @@ -155,17 +155,17 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage ansible.builtin.include_tasks: file: common/set_ansible_vars_storage.yml - - name: Register Package Repositories - ansible.builtin.include_tasks: - file: common/register_os.yml - - name: Register Web Forward Proxy ansible.builtin.include_tasks: file: common/register_proxy.yml + + - name: Register Package Repositories + ansible.builtin.include_tasks: + file: common/register_os.yml diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_provision.yml index dbfc1d2..9103db1 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_provision.yml @@ -18,7 +18,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() - name: Check if VM exists diff --git a/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_main.yml index 2b61103..7563763 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_main.yml @@ -134,17 +134,17 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage ansible.builtin.include_tasks: file: common/set_ansible_vars_storage.yml - - name: Register Package Repositories - ansible.builtin.include_tasks: - file: common/register_os.yml - - name: Register Web Forward Proxy ansible.builtin.include_tasks: file: common/register_proxy.yml + + - name: Register Package Repositories + ansible.builtin.include_tasks: + file: common/register_os.yml diff --git a/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_provision.yml index e8d0de7..e068c90 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_provision.yml @@ -11,7 +11,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() diff --git a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_main.yml index 943eae7..6f5a96a 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_main.yml @@ -21,7 +21,7 @@ # Therefore use without any parameter to retrieve list of all SSH Public Keys and filter in Ansible - name: Get all SSH Public Keys in MS Azure no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_key_pair_name_ssh_host_public_keys + register: __sap_vm_provision_task_msazure_key_pair_name_ssh_host_public_keys azure.azcollection.azure_rm_sshpublickey_info: # Azure credentials subscription_id: "{{ sap_vm_provision_msazure_subscription_id }}" @@ -31,11 +31,11 @@ - name: Set fact for selected SSH Public Key in MS Azure ansible.builtin.set_fact: - __sap_vm_provision_msazure_key_pair_name_ssh_host_public_key_value: "{{ (__sap_vm_provision_msazure_key_pair_name_ssh_host_public_keys.ssh_keys | selectattr('name', '==', sap_vm_provision_msazure_key_pair_name_ssh_host_public_key))[0].public_key }}" + __sap_vm_provision_task_msazure_key_pair_name_ssh_host_public_key_value: "{{ (__sap_vm_provision_task_msazure_key_pair_name_ssh_host_public_keys.ssh_keys | selectattr('name', '==', sap_vm_provision_msazure_key_pair_name_ssh_host_public_key))[0].public_key }}" - name: Get Private DNS Zone Virtual Network Links no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_private_dns_virtual_network_links + register: __sap_vm_provision_task_msazure_private_dns_virtual_network_links azure.azcollection.azure_rm_privatednszonelink_info: # DNS may exist in separate Resource Group. Use empty string var (or default false if undefined) to evaluate to false boolean, and use Python or logic operator resource_group: "{{ (sap_vm_provision_msazure_private_dns_resource_group_name | default(false)) or sap_vm_provision_msazure_resource_group_name }}" @@ -48,7 +48,7 @@ - name: Set boolean fact for Auto Registration of DNS Records from Private DNS Zone Virtual Network Link ansible.builtin.set_fact: - __sap_vm_provision_msazure_private_dns_auto_register_records: "{{ (__sap_vm_provision_msazure_private_dns_virtual_network_links.virtualnetworklinks | selectattr('virtual_network.id', 'search', sap_vm_provision_msazure_vnet_name))[0].registration_enabled }}" + __sap_vm_provision_task_msazure_private_dns_auto_register_records: "{{ (__sap_vm_provision_task_msazure_private_dns_virtual_network_links.virtualnetworklinks | selectattr('virtual_network.id', 'search', sap_vm_provision_msazure_vnet_name))[0].registration_enabled }}" - name: Provision hosts to MS Azure register: __sap_vm_provision_task_provision_host_all_run @@ -105,7 +105,7 @@ tenant: "{{ sap_vm_provision_msazure_tenant_id }}" client_id: "{{ sap_vm_provision_msazure_app_client_id }}" secret: "{{ sap_vm_provision_msazure_app_client_secret }}" - when: not __sap_vm_provision_msazure_private_dns_auto_register_records + when: not __sap_vm_provision_task_msazure_private_dns_auto_register_records # - ansible.builtin.debug: # var: __sap_vm_provision_task_provision_host_all_add.results @@ -118,8 +118,8 @@ ansible.builtin.fail: msg: "{{ lookup('ansible.builtin.vars', loop_item) }}" loop: - - __sap_vm_provision_msazure_key_pair_name_ssh_host_public_keys - - __sap_vm_provision_msazure_private_dns_virtual_network_links + - __sap_vm_provision_task_msazure_key_pair_name_ssh_host_public_keys + - __sap_vm_provision_task_msazure_private_dns_virtual_network_links - __sap_vm_provision_task_provision_host_all_run - __sap_vm_provision_task_provision_host_single_vnic_info - __sap_vm_provision_task_provision_host_single_vnic @@ -171,7 +171,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage @@ -250,18 +250,18 @@ ansible.builtin.fail: msg: "{{ lookup('ansible.builtin.vars', loop_item) }}" loop: - - __sap_vm_provision_msazure_vnet_subnet_rt_info - - __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_hana - - __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_netweaver_ascs - - __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_netweaver_ers - - __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_netweaver_pas - - __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_netweaver_aas - - __sap_vm_provision_msazure_iam_role_fencing - - __sap_vm_provision_msazure_vm_info_collect - - __sap_vm_provision_msazure_vnet_subnet_info - - __sap_vm_provision_msazure_lb1a_info - - __sap_vm_provision_msazure_lb1b_info - - __sap_vm_provision_msazure_lb2_info + - __sap_vm_provision_task_msazure_vnet_subnet_rt_info + - __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_hana + - __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_netweaver_ascs + - __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_netweaver_ers + - __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_netweaver_pas + - __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_netweaver_aas + - __sap_vm_provision_task_msazure_iam_role_fencing + - __sap_vm_provision_task_msazure_vm_info_collect + - __sap_vm_provision_task_msazure_vnet_subnet_info + - __sap_vm_provision_task_msazure_lb1a_info + - __sap_vm_provision_task_msazure_lb1b_info + - __sap_vm_provision_task_msazure_lb2_info - __sap_vm_provision_task_provision_host_single_vnic1 - __sap_vm_provision_task_provision_host_single_vnic2 loop_control: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_provision.yml index fe6b361..bf25c1d 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_provision.yml @@ -11,7 +11,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() - name: Verify if network interface for MS Azure VM already exists (i.e. re-run) @@ -60,7 +60,7 @@ ssh_password_enabled: false ssh_public_keys: - path: /home/azureadmin/.ssh/authorized_keys - key_data: "{{ __sap_vm_provision_msazure_key_pair_name_ssh_host_public_key_value }}" + key_data: "{{ __sap_vm_provision_task_msazure_key_pair_name_ssh_host_public_key_value }}" vm_size: "{{ lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan][scaleout_origin_host_spec | default(inventory_hostname)].virtual_machine_profile }}" image: publisher: "{{ lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_os_image_dictionary')[sap_vm_provision_msazure_vm_host_os_image].publisher }}" diff --git a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_setup_ha.yml b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_setup_ha.yml index c2851b2..89d9c8a 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_setup_ha.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_setup_ha.yml @@ -1,7 +1,7 @@ --- # - name: Gather information about MS Azure Route Table for the VNet Subnet -# register: __sap_vm_provision_msazure_vnet_subnet_rt_info +# register: __sap_vm_provision_task_msazure_vnet_subnet_rt_info # no_log: "{{ __sap_vm_provision_no_log }}" # azure.azcollection.azure_rm_routetable_info: # resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" @@ -14,10 +14,10 @@ # - name: Ansible MS Azure Route Table append route for SAP HANA HA # no_log: "{{ __sap_vm_provision_no_log }}" -# register: __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_hana +# register: __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_hana # azure.azcollection.azure_rm_route: # resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" -# route_table_name: "{{ __sap_vm_provision_msazure_vnet_subnet_rt_info.route_tables[0].id }}" +# route_table_name: "{{ __sap_vm_provision_task_msazure_vnet_subnet_rt_info.route_tables[0].id }}" # name: "{{ sap_swpm_db_host }}-rt" # address_prefix: "{{ sap_ha_pacemaker_cluster_vip_hana_primary_ip_address | default('192.168.1.90/32') }}" # next_hop_type: "virtual_appliance" @@ -57,10 +57,10 @@ # - name: Ansible MS Azure Route Table append route for SAP NetWeaver ASCS HA # no_log: "{{ __sap_vm_provision_no_log }}" -# register: __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_netweaver_ascs +# register: __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_netweaver_ascs # azure.azcollection.azure_rm_route: # resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" -# route_table_name: "{{ __sap_vm_provision_msazure_vnet_subnet_rt_info.route_tables[0].id }}" +# route_table_name: "{{ __sap_vm_provision_task_msazure_vnet_subnet_rt_info.route_tables[0].id }}" # name: "{{ sap_swpm_ascs_instance_hostname }}-rt" # address_prefix: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address | default('192.168.2.10/32') }}" # next_hop_type: "virtual_appliance" @@ -100,10 +100,10 @@ # - name: Ansible MS Azure Route Table append route for SAP NetWeaver ERS HA # no_log: "{{ __sap_vm_provision_no_log }}" -# register: __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_netweaver_ers +# register: __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_netweaver_ers # azure.azcollection.azure_rm_route: # resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" -# route_table_name: "{{ __sap_vm_provision_msazure_vnet_subnet_rt_info.route_tables[0].id }}" +# route_table_name: "{{ __sap_vm_provision_task_msazure_vnet_subnet_rt_info.route_tables[0].id }}" # name: "{{ sap_swpm_ers_instance_hostname }}-rt" # address_prefix: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address | default('192.168.2.11/32') }}" # next_hop_type: "virtual_appliance" @@ -145,10 +145,10 @@ # - name: Ansible MS Azure Route Table append route for SAP NetWeaver PAS HA # no_log: "{{ __sap_vm_provision_no_log }}" -# register: __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_netweaver_pas +# register: __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_netweaver_pas # azure.azcollection.azure_rm_route: # resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" -# route_table_name: "{{ __sap_vm_provision_msazure_vnet_subnet_rt_info.route_tables[0].id }}" +# route_table_name: "{{ __sap_vm_provision_task_msazure_vnet_subnet_rt_info.route_tables[0].id }}" # name: "{{ sap_swpm_pas_instance_hostname }}-rt" # address_prefix: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address | default('192.168.2.12/32') }}" # next_hop_type: "virtual_appliance" @@ -188,10 +188,10 @@ # - name: Ansible MS Azure Route Table append route for SAP NetWeaver AAS HA # no_log: "{{ __sap_vm_provision_no_log }}" -# register: __sap_vm_provision_msazure_vnet_subnet_rt_route_sap_netweaver_aas +# register: __sap_vm_provision_task_msazure_vnet_subnet_rt_route_sap_netweaver_aas # azure.azcollection.azure_rm_route: # resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" -# route_table_name: "{{ __sap_vm_provision_msazure_vnet_subnet_rt_info.route_tables[0].id }}" +# route_table_name: "{{ __sap_vm_provision_task_msazure_vnet_subnet_rt_info.route_tables[0].id }}" # name: "{{ sap_swpm_aas_instance_hostname }}-rt" # address_prefix: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address | default('192.168.2.13/32') }}" # next_hop_type: "virtual_appliance" @@ -231,7 +231,7 @@ - name: MS Azure IAM Role - Definition no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_iam_role_fencing + register: __sap_vm_provision_task_msazure_iam_role_fencing azure.azcollection.azure_rm_roledefinition: name: "Linux Fence Agent Role" description: "Allows to power-off and start virtual machines" @@ -254,7 +254,7 @@ - name: MS Azure - GenericRestClient call to Virtual Machine API to identify Managed Service Identity (MSI) no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_vm_info_collect + register: __sap_vm_provision_task_msazure_vm_info_collect azure.azcollection.azure_rm_resource_info: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" provider: Compute @@ -275,7 +275,7 @@ azure.azcollection.azure_rm_roleassignment: #auth_source: msi role_definition_id: - "{{ __sap_vm_provision_msazure_iam_role_fencing.id }}" + "{{ __sap_vm_provision_task_msazure_iam_role_fencing.id }}" scope: "/subscriptions/{{ sap_vm_provision_msazure_subscription_id }}" assignee_object_id: "{{ host_node.response[0].identity.principalId | default(none) }}" # Azure credentials @@ -283,7 +283,7 @@ tenant: "{{ sap_vm_provision_msazure_tenant_id }}" client_id: "{{ sap_vm_provision_msazure_app_client_id }}" secret: "{{ sap_vm_provision_msazure_app_client_secret }}" - loop: "{{ __sap_vm_provision_msazure_vm_info_collect.results }}" + loop: "{{ __sap_vm_provision_task_msazure_vm_info_collect.results }}" loop_control: loop_var: host_node label: "{{ host_node.response[0].name | default(none) }}" # Use default to avoid "Failed to template 'dict object' has no attribute 'response'" @@ -330,7 +330,7 @@ - name: Gather MS Azure Subnet ID no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_vnet_subnet_info + register: __sap_vm_provision_task_msazure_vnet_subnet_info azure.azcollection.azure_rm_subnet_info: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" virtual_network_name: "{{ sap_vm_provision_msazure_vnet_name }}" @@ -349,7 +349,7 @@ name: "lb-vip-hana{{ vip_index_nr }}" private_ip_address: "{{ vip_item | regex_replace('/.*', '') }}" private_ip_allocation_method: "Static" - subnet: "{{ __sap_vm_provision_msazure_vnet_subnet_info.subnets[0].id }}" + subnet: "{{ __sap_vm_provision_task_msazure_vnet_subnet_info.subnets[0].id }}" zones: ["1", "2", "3"] # Zone-redundant when: - vip_item | length > 0 @@ -368,7 +368,7 @@ name: "lb-vip-anydb{{ vip_index_nr }}" private_ip_address: "{{ vip_item | regex_replace('/.*', '') }}" private_ip_allocation_method: "Static" - subnet: "{{ __sap_vm_provision_msazure_vnet_subnet_info.subnets[0].id }}" + subnet: "{{ __sap_vm_provision_task_msazure_vnet_subnet_info.subnets[0].id }}" zones: ["1", "2", "3"] # Zone-redundant when: - vip_item | length > 0 @@ -387,7 +387,7 @@ name: "lb-vip-nwas{{ vip_index_nr }}" private_ip_address: "{{ vip_item | regex_replace('/.*', '') }}" private_ip_allocation_method: "Static" - subnet: "{{ __sap_vm_provision_msazure_vnet_subnet_info.subnets[0].id }}" + subnet: "{{ __sap_vm_provision_task_msazure_vnet_subnet_info.subnets[0].id }}" zones: ["1", "2", "3"] # Zone-redundant when: - vip_item | length > 0 @@ -528,7 +528,7 @@ - name: MS Azure Load Balancer (network L4) - Create NLB for SAP HANA with Virtual IP and Health Probe configuration no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_lb1a_info + register: __sap_vm_provision_task_msazure_lb1a_info azure.azcollection.azure_rm_loadbalancer: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" name: "lb-sap-hana-ha" # "lb-sap-ha" @@ -547,7 +547,7 @@ - name: MS Azure Load Balancer (network L4) - Create NLB for SAP AnyDB with Virtual IP and Health Probe configuration no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_lb1b_info + register: __sap_vm_provision_task_msazure_lb1b_info azure.azcollection.azure_rm_loadbalancer: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" name: "lb-sap-anydb-ha" # "lb-sap-ha" @@ -566,12 +566,12 @@ - name: MS Azure Load Balancer (network L4) - Define Ansible Variable of Load Balancer for Database Server ansible.builtin.set_fact: - __sap_vm_provision_msazure_lb1_info: "{{ __sap_vm_provision_msazure_lb1a_info if (groups['hana_secondary'] is defined and (groups['hana_secondary']|length>0)) else __sap_vm_provision_msazure_lb1b_info if (groups['anydb_secondary'] is defined and (groups['anydb_secondary']|length>0)) }}" + __sap_vm_provision_task_msazure_lb1_info: "{{ __sap_vm_provision_task_msazure_lb1a_info if (groups['hana_secondary'] is defined and (groups['hana_secondary']|length>0)) else __sap_vm_provision_task_msazure_lb1b_info if (groups['anydb_secondary'] is defined and (groups['anydb_secondary']|length>0)) }}" when: (groups["hana_secondary"] is defined and (groups["hana_secondary"]|length>0)) or (groups["anydb_secondary"] is defined and (groups["anydb_secondary"]|length>0)) - name: MS Azure Load Balancer (network L4) - Create NLB for SAP NetWeaver with Virtual IP and Health Probe configuration no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_lb2_info + register: __sap_vm_provision_task_msazure_lb2_info azure.azcollection.azure_rm_loadbalancer: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" name: "lb-sap-nwas-ha" @@ -590,17 +590,17 @@ - name: Set fact to hold loop variables from include_tasks when SAP HANA HA ansible.builtin.set_fact: - lb_ha_sap_hana: "{{ __sap_vm_provision_msazure_lb1_info.state.backend_address_pools | selectattr('name', '==', 'lb-backend-pool-hana') | map(attribute='id') | first }}" + lb_ha_sap_hana: "{{ __sap_vm_provision_task_msazure_lb1_info.state.backend_address_pools | selectattr('name', '==', 'lb-backend-pool-hana') | map(attribute='id') | first }}" when: (groups["hana_secondary"] is defined and (groups["hana_secondary"]|length>0)) - name: Set fact to hold loop variables from include_tasks when SAP AnyDB HA ansible.builtin.set_fact: - lb_ha_sap_anydb: "{{ __sap_vm_provision_msazure_lb1_info.state.backend_address_pools | selectattr('name', '==', 'lb-backend-pool-anydb') | map(attribute='id') | first }}" + lb_ha_sap_anydb: "{{ __sap_vm_provision_task_msazure_lb1_info.state.backend_address_pools | selectattr('name', '==', 'lb-backend-pool-anydb') | map(attribute='id') | first }}" when: (groups["anyb_secondary"] is defined and (groups["anydb_secondary"]|length>0)) - name: Set fact to hold loop variables from include_tasks when SAP NetWeaver HA ansible.builtin.set_fact: - lb_ha_sap_nwas: "{{ __sap_vm_provision_msazure_lb2_info.state.backend_address_pools | selectattr('name', '==', 'lb-backend-pool-nwas-ascs') | map(attribute='id') | first }}" + lb_ha_sap_nwas: "{{ __sap_vm_provision_task_msazure_lb2_info.state.backend_address_pools | selectattr('name', '==', 'lb-backend-pool-nwas-ascs') | map(attribute='id') | first }}" when: (groups["nwas_ers"] is defined and (groups["nwas_ers"]|length>0)) - name: Update network interfaces for MS Azure VM - for SAP HANA HA with load balancing diff --git a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/post_deployment_execute.yml b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/post_deployment_execute.yml index ce1651c..36845b8 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/post_deployment_execute.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/post_deployment_execute.yml @@ -48,7 +48,7 @@ - name: Gather MS Azure Subnet ID no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_vnet_subnet_info + register: __sap_vm_provision_task_msazure_vnet_subnet_info azure.azcollection.azure_rm_subnet_info: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" virtual_network_name: "{{ sap_vm_provision_msazure_vnet_name }}" @@ -67,7 +67,7 @@ name: "lb-vip-hana{{ vip_index_nr }}" private_ip_address: "{{ vip_item | regex_replace('/.*', '') }}" private_ip_allocation_method: "Static" - subnet: "{{ __sap_vm_provision_msazure_vnet_subnet_info.subnets[0].id }}" + subnet: "{{ __sap_vm_provision_task_msazure_vnet_subnet_info.subnets[0].id }}" zones: ["1", "2", "3"] # Zone-redundant when: - vip_item | length > 0 @@ -86,7 +86,7 @@ name: "lb-vip-anydb{{ vip_index_nr }}" private_ip_address: "{{ vip_item | regex_replace('/.*', '') }}" private_ip_allocation_method: "Static" - subnet: "{{ __sap_vm_provision_msazure_vnet_subnet_info.subnets[0].id }}" + subnet: "{{ __sap_vm_provision_task_msazure_vnet_subnet_info.subnets[0].id }}" zones: ["1", "2", "3"] # Zone-redundant when: - vip_item | length > 0 @@ -105,7 +105,7 @@ name: "lb-vip-nwas{{ vip_index_nr }}" private_ip_address: "{{ vip_item | regex_replace('/.*', '') }}" private_ip_allocation_method: "Static" - subnet: "{{ __sap_vm_provision_msazure_vnet_subnet_info.subnets[0].id }}" + subnet: "{{ __sap_vm_provision_task_msazure_vnet_subnet_info.subnets[0].id }}" zones: ["1", "2", "3"] # Zone-redundant when: - vip_item | length > 0 @@ -247,7 +247,7 @@ - name: MS Azure Load Balancer (network L4) - Update NLB for SAP HANA with Virtual IP and Health Probe configuration no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_lb1_info + register: __sap_vm_provision_task_msazure_lb1_info azure.azcollection.azure_rm_loadbalancer: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" name: "lb-sap-hana-ha" # "lb-sap-ha" @@ -266,7 +266,7 @@ - name: MS Azure Load Balancer (network L4) - Update NLB for SAP AnyDB with Virtual IP and Health Probe configuration no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_lb1_info + register: __sap_vm_provision_task_msazure_lb1_info azure.azcollection.azure_rm_loadbalancer: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" name: "lb-sap-anydb-ha" # "lb-sap-ha" @@ -285,7 +285,7 @@ - name: MS Azure Load Balancer (network L4) - Update NLB for SAP NetWeaver with Virtual IP and Health Probe configuration no_log: "{{ __sap_vm_provision_no_log }}" - register: __sap_vm_provision_msazure_lb2_info + register: __sap_vm_provision_task_msazure_lb2_info azure.azcollection.azure_rm_loadbalancer: resource_group: "{{ sap_vm_provision_msazure_resource_group_name }}" name: "lb-sap-nwas-ha" diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_main.yml index a266572..adf33e8 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_main.yml @@ -119,17 +119,17 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage ansible.builtin.include_tasks: file: common/set_ansible_vars_storage.yml - - name: Register Package Repositories - ansible.builtin.include_tasks: - file: common/register_os.yml - - name: Register Web Forward Proxy ansible.builtin.include_tasks: file: common/register_proxy.yml + + - name: Register Package Repositories + ansible.builtin.include_tasks: + file: common/register_os.yml diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_provision.yml index 93e5bfc..a5efbb1 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_provision.yml @@ -11,7 +11,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() - name: Check if VM exists diff --git a/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_main.yml index f93da46..c340434 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_main.yml @@ -123,17 +123,17 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) - name: Set vars for sap_storage_setup Ansible Role register: __sap_vm_provision_task_ansible_vars_storage ansible.builtin.include_tasks: file: common/set_ansible_vars_storage.yml - - name: Register Package Repositories - ansible.builtin.include_tasks: - file: common/register_os.yml - - name: Register Web Forward Proxy ansible.builtin.include_tasks: file: common/register_proxy.yml + + - name: Register Package Repositories + ansible.builtin.include_tasks: + file: common/register_os.yml diff --git a/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_provision.yml index afe0297..4f8d31e 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_provision.yml @@ -16,7 +16,7 @@ ansible.builtin.set_fact: scaleout_origin_host_spec: "{{ inventory_hostname | regex_replace('^(.+?)\\d*$', '\\1') }}" when: - - sap_hana_scaleout_active_coordinator is defined + - sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined - not inventory_hostname in lookup('ansible.builtin.vars', 'sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary')[sap_vm_provision_host_specification_plan].keys() - name: Identify VM Folder diff --git a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/aws_ec2_vs/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/aws_ec2_vs/execute_main.yml index 11f94e9..05df174 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/aws_ec2_vs/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/aws_ec2_vs/execute_main.yml @@ -170,7 +170,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) args: apply: delegate_to: "{{ item }}" diff --git a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/gcp_ce_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/gcp_ce_vm/execute_main.yml index 30d716b..59f1275 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/gcp_ce_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/gcp_ce_vm/execute_main.yml @@ -166,7 +166,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) args: apply: delegate_to: "{{ item }}" diff --git a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmcloud_powervs/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmcloud_powervs/execute_main.yml index 1789ca8..f6c519a 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmcloud_powervs/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmcloud_powervs/execute_main.yml @@ -166,7 +166,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) args: apply: delegate_to: "{{ item }}" diff --git a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmcloud_vs/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmcloud_vs/execute_main.yml index 1789ca8..f6c519a 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmcloud_vs/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmcloud_vs/execute_main.yml @@ -166,7 +166,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) args: apply: delegate_to: "{{ item }}" diff --git a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmpowervm_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmpowervm_vm/execute_main.yml index 5f0a5db..2dba5d7 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmpowervm_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/ibmpowervm_vm/execute_main.yml @@ -168,7 +168,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) args: apply: delegate_to: "{{ item }}" diff --git a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/msazure_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/msazure_vm/execute_main.yml index 649fdde..88471ae 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/msazure_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/msazure_vm/execute_main.yml @@ -171,7 +171,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) args: apply: delegate_to: "{{ item }}" diff --git a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/vmware_vm/execute_main.yml b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/vmware_vm/execute_main.yml index b016c0b..1d15706 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/vmware_vm/execute_main.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible_to_terraform/vmware_vm/execute_main.yml @@ -169,7 +169,7 @@ ansible.builtin.include_tasks: file: common/set_etc_hosts_scaleout.yml when: - - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_hana_scaleout_active_coordinator is defined or sap_hana_scaleout_active_worker is defined or sap_hana_scaleout_standby is defined) + - (groups["hana_primary"] is defined and (groups["hana_primary"] | length>0)) and (sap_vm_provision_calculate_sap_hana_scaleout_active_coordinator is defined or sap_vm_provision_calculate_sap_hana_scaleout_active_worker is defined or sap_vm_provision_calculate_sap_hana_scaleout_standby is defined) args: apply: delegate_to: "{{ item }}"