From dbf61196d75e9ec72fc8d4f87de367dee5f7967f Mon Sep 17 00:00:00 2001 From: sean-freeman <1815807+sean-freeman@users.noreply.github.com> Date: Fri, 5 Apr 2024 13:32:17 +0100 Subject: [PATCH 1/2] sap_vm_provision: add short hostname restrict --- .../tasks/platform_ansible/aws_ec2_vs/execute_provision.yml | 5 +++++ .../tasks/platform_ansible/gcp_ce_vm/execute_provision.yml | 5 +++++ .../platform_ansible/ibmcloud_powervs/execute_provision.yml | 5 +++++ .../platform_ansible/ibmcloud_vs/execute_provision.yml | 5 +++++ .../platform_ansible/ibmpowervm_vm/execute_provision.yml | 5 +++++ .../platform_ansible/kubevirt_vm/execute_provision.yml | 5 +++++ .../tasks/platform_ansible/msazure_vm/execute_provision.yml | 5 +++++ .../tasks/platform_ansible/ovirt_vm/execute_provision.yml | 5 +++++ .../tasks/platform_ansible/vmware_vm/execute_provision.yml | 6 ++++++ 9 files changed, 46 insertions(+) diff --git a/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_provision.yml index fb1f484..fa9ceb0 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/aws_ec2_vs/execute_provision.yml @@ -1,6 +1,11 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + # When SAP HANA Scale-Out is used, if host name is not in original specifications then strip suffix node number from host name - name: Set fact when performing SAP HANA Scale-Out ansible.builtin.set_fact: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_provision.yml index bb4536c..b013053 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/gcp_ce_vm/execute_provision.yml @@ -1,6 +1,11 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + # When SAP HANA Scale-Out is used, if host name is not in original specifications then strip suffix node number from host name - name: Set fact when performing SAP HANA Scale-Out ansible.builtin.set_fact: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_provision.yml index 6bf99c5..e5b7cf4 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_powervs/execute_provision.yml @@ -1,6 +1,11 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + # When SAP HANA Scale-Out is used, if host name is not in original specifications then strip suffix node number from host name - name: Set fact when performing SAP HANA Scale-Out ansible.builtin.set_fact: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_provision.yml index 3f61147..ed3400d 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmcloud_vs/execute_provision.yml @@ -1,6 +1,11 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + # When SAP HANA Scale-Out is used, if host name is not in original specifications then strip suffix node number from host name - name: Set fact when performing SAP HANA Scale-Out ansible.builtin.set_fact: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_provision.yml index 31ba15b..cfeeef0 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ibmpowervm_vm/execute_provision.yml @@ -1,6 +1,11 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + # NOTE: Pre-requisite to create IBM PowerVC Storage Templates (OpenStack Cinder Volume Type), which is not possible from Ansible Collection for Openstack # https://www.ibm.com/docs/en/powervc/1.4.3?topic=apis-supported-volume-type-extra-specs ### Show IBM PowerVC Storage list diff --git a/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_provision.yml index 7b10c3b..0939c2a 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/kubevirt_vm/execute_provision.yml @@ -1,6 +1,11 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + # When SAP HANA Scale-Out is used, if host name is not in original specifications then strip suffix node number from host name - name: Set fact when performing SAP HANA Scale-Out ansible.builtin.set_fact: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_provision.yml index a1df0ee..d932641 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/msazure_vm/execute_provision.yml @@ -1,6 +1,11 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + # When SAP HANA Scale-Out is used, if host name is not in original specifications then strip suffix node number from host name - name: Set fact when performing SAP HANA Scale-Out ansible.builtin.set_fact: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_provision.yml index af1db50..2c81e1c 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/ovirt_vm/execute_provision.yml @@ -1,6 +1,11 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + # When SAP HANA Scale-Out is used, if host name is not in original specifications then strip suffix node number from host name - name: Set fact when performing SAP HANA Scale-Out ansible.builtin.set_fact: diff --git a/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_provision.yml b/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_provision.yml index ae2c144..f1b2160 100644 --- a/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_provision.yml +++ b/roles/sap_vm_provision/tasks/platform_ansible/vmware_vm/execute_provision.yml @@ -1,6 +1,12 @@ --- # The tasks in this file are executed in a loop over the defined hosts +- name: Ensure short hostname is not longer than 13 characters (see SAP Note 611361) + ansible.builtin.assert: + that: (inventory_hostname | length | int) <= (13 | int) + fail_msg: "FAIL: The length of the hostname is {{ inventory_hostname | length | int }} but must be less or equal to 13 characters!" + + # Use vmware.vmware_rest Ansible Collection for VMware vCenter REST API, for VMware vSphere 7.0.2+ # Does not use community.vmware Ansible Collection for legacy pyvmomi Python Package for VMware vCenter SOAP API From 2e5e7710d0d41120e65a229a2feb997eaf7c99d2 Mon Sep 17 00:00:00 2001 From: sean-freeman <1815807+sean-freeman@users.noreply.github.com> Date: Fri, 5 Apr 2024 14:27:27 +0100 Subject: [PATCH 2/2] sap_vm_provision: sample for test run --- .../sample-sap-vm-provision-aws-ec2-vs.yml | 39 +++++++++++ ...-variables-sap-vm-provision-aws-ec2-vs.yml | 70 +++++++++++++++++++ .../tasks/common/set_ansible_vars.yml | 14 ++-- 3 files changed, 116 insertions(+), 7 deletions(-) create mode 100644 playbooks/sample-sap-vm-provision-aws-ec2-vs.yml create mode 100644 playbooks/vars/sample-variables-sap-vm-provision-aws-ec2-vs.yml diff --git a/playbooks/sample-sap-vm-provision-aws-ec2-vs.yml b/playbooks/sample-sap-vm-provision-aws-ec2-vs.yml new file mode 100644 index 0000000..f060346 --- /dev/null +++ b/playbooks/sample-sap-vm-provision-aws-ec2-vs.yml @@ -0,0 +1,39 @@ +--- + +# This sample Ansible Playbook is not a full example, +# which would pass additional variables onto other +# Ansible Roles such as sap_storage_setup. +# It is only to test the provisioning process +# of a small Virtual Machine. + +- name: Ansible Play to include_vars + hosts: all + become: true + pre_tasks: + + # Alternative to executing ansible-playbook with -e for Ansible Extravars file + - name: Include sample variables for AWS EC2 + ansible.builtin.include_vars: ./vars/sample-variables-sap-vm-provision-aws-ec2-vs.yml + + +- name: Ansible Play to create dynamic inventory group for provisioning + hosts: localhost + gather_facts: false + tasks: + + - name: Create dynamic inventory group for Ansible Role sap_vm_provision + ansible.builtin.add_host: + name: "{{ item }}" + group: sap_vm_provision_target_inventory_group + loop: "{{ sap_vm_provision_ibmcloud_vs_host_specifications_dictionary[sap_vm_provision_host_specification_plan].keys() }}" + + +- name: Ansible Play to provision hosts for SAP + hosts: sap_vm_provision_target_inventory_group # Ansible Play target hosts pattern, use Inventory Group created by previous Ansible Task (add_host) + gather_facts: false + tasks: + + - name: Execute Ansible Role sap_vm_provision + ansible.builtin.include_role: + name: community.sap_infrastructure.sap_vm_provision + when: sap_vm_provision_iac_type == "ansible" or sap_vm_provision_iac_type == "ansible_to_terraform" diff --git a/playbooks/vars/sample-variables-sap-vm-provision-aws-ec2-vs.yml b/playbooks/vars/sample-variables-sap-vm-provision-aws-ec2-vs.yml new file mode 100644 index 0000000..a9752de --- /dev/null +++ b/playbooks/vars/sample-variables-sap-vm-provision-aws-ec2-vs.yml @@ -0,0 +1,70 @@ +--- + +# This sample Ansible Playbook is not a full example, +# which would pass additional variables onto other +# Ansible Roles such as sap_storage_setup. +# It is only to test the provisioning process +# of a small Virtual Machine. + +#### +# Infrastructure Provisioning selection +#### + +sap_vm_provision_iac_type: "ansible" # ansible , ansible_to_terraform , existing_hosts +sap_vm_provision_iac_platform: "aws_ec2_vs" # aws_ec2_vs , gcp_ce_vm , ibmcloud_vs , ibmcloud_powervs , msazure_vm , ibmpowervm_vm , kubevirt_vm , ovirt_vm , vmware_vm + +sap_vm_provision_host_specification_plan: "test_plan_16gb" +sap_vm_provision_dns_root_domain: "poc.cloud" + + +#### +# Infrastructure Provisioning selection +# AWS +# +# Only for use when 'aws_ec2_vs' is value provided for variable sap_vm_provision_iac_platform +#### + +sap_vm_provision_aws_access_key: "ENTER_STRING_VALUE_HERE" +sap_vm_provision_aws_secret_access_key: "ENTER_STRING_VALUE_HERE" +sap_vm_provision_aws_region: "{{ sap_vm_provision_aws_vpc_availability_zone[:-1] }}" +sap_vm_provision_aws_vpc_availability_zone: "eu-west-2c" +sap_vm_provision_aws_vpc_subnet_create_boolean: "{{ true | default(false) if aws_vpc_subnet_id == 'new' else false }}" +sap_vm_provision_aws_vpc_subnet_id: "ENTER_STRING_VALUE_HERE" # if ansible_to_terraform, use "new" +sap_vm_provision_aws_ec2_vs_host_os_image: "ENTER_STRING_VALUE_HERE" +sap_vm_provision_bastion_user: "ENTER_STRING_VALUE_HERE" +sap_vm_provision_bastion_ssh_port: "ENTER_STRING_VALUE_HERE" + +# Only for use when 'ansible' is value provided for variable sap_vm_provision_iac_type +#### +sap_vm_provision_bastion_public_ip: "ENTER_STRING_VALUE_HERE" +sap_vm_provision_ssh_bastion_private_key_file_path: "./bastion_rsa" +sap_vm_provision_ssh_host_private_key_file_path: "./hosts_rsa" +sap_vm_provision_aws_key_pair_name_ssh_host_public_key: "ENTER_STRING_VALUE_HERE" +sap_vm_provision_aws_vpc_sg_names: "ENTER_STRING_VALUE_HERE" + + +#### +# Infrastructure Definitions +# AWS +#### + +sap_vm_provision_aws_ec2_vs_host_os_image_dictionary: + rhel-8-6: "*RHEL-8.6*_HVM*x86_64*" + rhel-8-6-sap-ha: "*RHEL-SAP-8.6.0*" + sles-15-4: "*suse-sles-15-sp4-v202*-hvm-ssd-x86_64*" + sles-15-4-sap-ha: "*suse-sles-sap-15-sp4-v202*-hvm-ssd-x86_64*" + +sap_vm_provision_aws_ec2_vs_host_specifications_dictionary: + test_plan_16gb: + test-ec2-vs: # Hostname, must be 13 characters or less + sap_host_type: hana_primary # hana_primary, hana_secondary, nwas_ascs, nwas_ers, nwas_pas, nwas_aas + virtual_machine_profile: r7i.large + disable_ip_anti_spoofing: true + storage_definition: + - name: hana_data + mountpoint: /hana/data + #disk_count: 1 # default: 1, if more then then LVM logical volume will be striped across the defined disks + disk_size: 384 # size in GB, integer + #disk_type: gp3 # default: gp3, for AWS EBS disk type + #disk_iops: # default: null, for AWS EBS with custom IOPS + filesystem_type: xfs # default: xfs diff --git a/roles/sap_vm_provision/tasks/common/set_ansible_vars.yml b/roles/sap_vm_provision/tasks/common/set_ansible_vars.yml index db3082f..6f06655 100644 --- a/roles/sap_vm_provision/tasks/common/set_ansible_vars.yml +++ b/roles/sap_vm_provision/tasks/common/set_ansible_vars.yml @@ -6,10 +6,10 @@ sap_vm_provision_host_specification_plan: "{{ sap_vm_provision_host_specification_plan }}" sap_vm_provision_nfs_mount_point: "{{ sap_vm_provision_nfs_mount_point | default('') }}" sap_vm_provision_nfs_mount_point_separate_sap_transport_dir: "{{ sap_vm_provision_nfs_mount_point_separate_sap_transport_dir | default('') }}" - sap_id_user: "{{ sap_id_user }}" - sap_id_user_password: "{{ sap_id_user_password }}" - sap_software_download_directory: "{{ sap_software_download_directory }}" - sap_install_media_detect_source_directory: "{{ sap_software_download_directory }}" + sap_id_user: "{{ sap_id_user | default('') }}" + sap_id_user_password: "{{ sap_id_user_password | default('') }}" + sap_software_download_directory: "{{ sap_software_download_directory | default('/software') }}" + sap_install_media_detect_source_directory: "{{ sap_software_download_directory | default('/software') }}" - name: Set facts for all hosts - use facts from localhost - Ansible only ansible.builtin.set_fact: @@ -21,9 +21,9 @@ ansible.builtin.set_fact: sap_hana_sid: "{{ sap_hana_sid | default(sap_system_hana_db_sid) }}" sap_hana_install_instance_nr: "{{ sap_hana_install_instance_nr | default(sap_system_hana_db_instance_nr) }}" - sap_hana_install_use_master_password: "y" - sap_hana_install_master_password: "{{ sap_hana_install_master_password }}" - sap_hana_install_software_directory: "{{ sap_software_download_directory }}" + sap_hana_install_use_master_password: "{{ sap_hana_install_use_master_password | default('y') }}" + sap_hana_install_master_password: "{{ sap_hana_install_master_password | default('') }}" + sap_hana_install_software_directory: "{{ sap_software_download_directory | default('/software') }}" when: - (sap_hana_sid is defined or sap_system_hana_db_sid is defined) or (hostvars[inventory_hostname].vars['sap_vm_provision_' + sap_vm_provision_iac_platform + '_host_specifications_dictionary'][sap_vm_provision_host_specification_plan][inventory_hostname].sap_system_hana_db_sid is defined)