From e42e9b65e018ac91a5432ec88ec1dee6e71b8def Mon Sep 17 00:00:00 2001 From: eabdullin Date: Wed, 22 May 2024 10:47:24 +0000 Subject: [PATCH] import CS rhel-system-roles-sap-3.6.0-2.el8 --- .gitignore | 3 +- .rhel-system-roles-sap.metadata | 3 +- SOURCES/community.sap_install-shebang.patch | 90 - .../redhat.sap_install-1.3.4-add_tests.patch | 1690 + .../redhat.sap_install-1.3.4-add_tools.patch | 128 + ...fb8bab50d2baa1c4aacdb59e4e5c9e2ba74f.patch | 37585 ++++++++++++++++ SPECS/rhel-system-roles-sap.spec | 180 +- 7 files changed, 39501 insertions(+), 178 deletions(-) delete mode 100644 SOURCES/community.sap_install-shebang.patch create mode 100644 SOURCES/redhat.sap_install-1.3.4-add_tests.patch create mode 100644 SOURCES/redhat.sap_install-1.3.4-add_tools.patch create mode 100644 SOURCES/redhat.sap_install-1.3.5-collections-files-324bfb8bab50d2baa1c4aacdb59e4e5c9e2ba74f.patch diff --git a/.gitignore b/.gitignore index b9983f9..6dd5852 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,2 @@ SOURCES/auto-maintenance-e2a233f5a0cb68363798bf014b16552cca681bd0.tar.gz -SOURCES/community.sap_install-f0deb287aaa0fb7d992b95a04b14e263b6690c23.tar.gz -SOURCES/prepare-redhat.sap_install-main.tar.bz2 +SOURCES/redhat.sap_install-1.3.5.tar.gz diff --git a/.rhel-system-roles-sap.metadata b/.rhel-system-roles-sap.metadata index 6860696..84e5363 100644 --- a/.rhel-system-roles-sap.metadata +++ b/.rhel-system-roles-sap.metadata @@ -1,3 +1,2 @@ 584f8d1681adf13cb7af256a7b38d94ca80dcab2 SOURCES/auto-maintenance-e2a233f5a0cb68363798bf014b16552cca681bd0.tar.gz -d991a279d5d4b5a991f229a29d20e772132af519 SOURCES/community.sap_install-f0deb287aaa0fb7d992b95a04b14e263b6690c23.tar.gz -017c84ab579375755b104b85d5eb77b26a117a80 SOURCES/prepare-redhat.sap_install-main.tar.bz2 +835376d0e4799989e9d4deb21ac7e1d335c941de SOURCES/redhat.sap_install-1.3.5.tar.gz diff --git a/SOURCES/community.sap_install-shebang.patch b/SOURCES/community.sap_install-shebang.patch deleted file mode 100644 index d773050..0000000 --- a/SOURCES/community.sap_install-shebang.patch +++ /dev/null @@ -1,90 +0,0 @@ -diff -up community.sap_install/roles/sap_general_preconfigure/tests/run-sap_general_preconfigure-tests.py.me community.sap_install/roles/sap_general_preconfigure/tests/run-sap_general_preconfigure-tests.py ---- community.sap_install/roles/sap_general_preconfigure/tests/run-sap_general_preconfigure-tests.py.me 2022-07-12 16:23:48.262581739 +0200 -+++ community.sap_install/roles/sap_general_preconfigure/tests/run-sap_general_preconfigure-tests.py 2022-07-12 16:36:43.620709628 +0200 -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - """ - Tests for role sap_general_preconfigure -diff -up community.sap_install/roles/sap_hana_install/tests/install/run-sap_hana_install-install-tests.py.me community.sap_install/roles/sap_hana_install/tests/install/run-sap_hana_install-install-tests.py ---- community.sap_install/roles/sap_hana_install/tests/install/run-sap_hana_install-install-tests.py.me 2022-07-12 16:36:52.262900877 +0200 -+++ community.sap_install/roles/sap_hana_install/tests/install/run-sap_hana_install-install-tests.py 2022-07-12 16:36:59.246055414 +0200 -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - import os - import sys -diff -up community.sap_install/roles/sap_hana_install/tests/sapcar/run-sap_hana_install-sapcar-tests.py.me community.sap_install/roles/sap_hana_install/tests/sapcar/run-sap_hana_install-sapcar-tests.py ---- community.sap_install/roles/sap_hana_install/tests/sapcar/run-sap_hana_install-sapcar-tests.py.me 2022-07-12 16:37:17.272454327 +0200 -+++ community.sap_install/roles/sap_hana_install/tests/sapcar/run-sap_hana_install-sapcar-tests.py 2022-07-12 16:37:24.142606360 +0200 -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - import os - import sys -diff -up community.sap_install/roles/sap_hana_preconfigure/tests/run-sap_hana_preconfigure-tests.py.me community.sap_install/roles/sap_hana_preconfigure/tests/run-sap_hana_preconfigure-tests.py ---- community.sap_install/roles/sap_hana_preconfigure/tests/run-sap_hana_preconfigure-tests.py.me 2022-07-12 16:37:52.794240408 +0200 -+++ community.sap_install/roles/sap_hana_preconfigure/tests/run-sap_hana_preconfigure-tests.py 2022-07-12 16:37:58.553367854 +0200 -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - """ - Tests for role sap_hana_preconfigure -diff -up community.sap_install/roles/sap_netweaver_preconfigure/tests/run-sap_netweaver_preconfigure-tests.py.me community.sap_install/roles/sap_netweaver_preconfigure/tests/run-sap_netweaver_preconfigure-tests.py ---- community.sap_install/roles/sap_netweaver_preconfigure/tests/run-sap_netweaver_preconfigure-tests.py.me 2022-07-12 16:37:34.384833016 +0200 -+++ community.sap_install/roles/sap_netweaver_preconfigure/tests/run-sap_netweaver_preconfigure-tests.py 2022-07-12 16:37:41.495990384 +0200 -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - """ - Tests for role sap_netweaver_preconfigure -diff -up community.sap_install/tools/swpm2_parameters_inifile_generate.py.me community.sap_install/tools/swpm2_parameters_inifile_generate.py ---- community.sap_install/tools/swpm2_parameters_inifile_generate.py.me 2022-07-12 16:38:10.026621753 +0200 -+++ community.sap_install/tools/swpm2_parameters_inifile_generate.py 2022-07-12 16:38:29.915061875 +0200 -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - from __future__ import (absolute_import, division, print_function) - __metaclass__ = type - -diff -up community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_general_preconfigure/tools/beautify-assert-output.sh.me community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_general_preconfigure/tools/beautify-assert-output.sh ---- community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_general_preconfigure/tools/beautify-assert-output.sh.me 2022-07-12 17:48:10.476508351 +0200 -+++ community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_general_preconfigure/tools/beautify-assert-output.sh 2022-07-12 17:48:27.813896005 +0200 -@@ -1,4 +1,4 @@ --#!/bin/bash -+#!/usr/bin/bash - - # default font color: Light Cyan, which should be readable on both bright and dark background - __FONT_COLOR=36m -diff -up community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_hana_install/files/tmp/tail-f-hdblcm-install-trc.sh.me community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_hana_install/files/tmp/tail-f-hdblcm-install-trc.sh ---- community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_hana_install/files/tmp/tail-f-hdblcm-install-trc.sh.me 2022-07-12 17:48:35.527068474 +0200 -+++ community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_hana_install/files/tmp/tail-f-hdblcm-install-trc.sh 2022-07-12 17:48:43.703251292 +0200 -@@ -1,4 +1,4 @@ --#!/bin/bash -+#!/usr/bin/bash - - while true; do - # in case hdblcm has not yet started, we assume that it is waiting for sapdsigner to complete: -diff -up community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_hana_preconfigure/tools/beautify-assert-output.sh.me community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_hana_preconfigure/tools/beautify-assert-output.sh ---- community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_hana_preconfigure/tools/beautify-assert-output.sh.me 2022-07-12 17:49:22.425117059 +0200 -+++ community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_hana_preconfigure/tools/beautify-assert-output.sh 2022-07-12 17:49:30.241291825 +0200 -@@ -1,4 +1,4 @@ --#!/bin/bash -+#!/usr/bin/bash - - # default font color: Light Cyan, which should be readable on both bright and dark background - __FONT_COLOR=36m -diff -up community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_netweaver_preconfigure/tools/beautify-assert-output.sh.me community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_netweaver_preconfigure/tools/beautify-assert-output.sh ---- community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_netweaver_preconfigure/tools/beautify-assert-output.sh.me 2022-07-12 17:48:51.584427510 +0200 -+++ community.sap_install-29b37456211c8bf825547f614652f24cf324860a/roles/sap_netweaver_preconfigure/tools/beautify-assert-output.sh 2022-07-12 17:49:00.678630847 +0200 -@@ -1,4 +1,4 @@ --#!/bin/bash -+#!/usr/bin/bash - - # default font color: Light Cyan, which should be readable on both bright and dark background - __FONT_COLOR=36m diff --git a/SOURCES/redhat.sap_install-1.3.4-add_tests.patch b/SOURCES/redhat.sap_install-1.3.4-add_tests.patch new file mode 100644 index 0000000..68d021b --- /dev/null +++ b/SOURCES/redhat.sap_install-1.3.4-add_tests.patch @@ -0,0 +1,1690 @@ +commit a7cb39c723ddcce5e45b7e8f370137e4ae42b629 +Author: Than Ngo +Date: Wed Jan 24 20:41:25 2024 +0100 + + Add missing tests folders + + Signed-off-by: Than Ngo + +diff --git a/roles/sap_general_preconfigure/tests/.pylintrc b/roles/sap_general_preconfigure/tests/.pylintrc +new file mode 120000 +index 0000000..0d402e7 +--- /dev/null ++++ b/roles/sap_general_preconfigure/tests/.pylintrc +@@ -0,0 +1 @@ ++../../../.pylintrc +\ No newline at end of file +diff --git a/roles/sap_general_preconfigure/tests/beautify-assert-output.sh b/roles/sap_general_preconfigure/tests/beautify-assert-output.sh +new file mode 120000 +index 0000000..9a2e976 +--- /dev/null ++++ b/roles/sap_general_preconfigure/tests/beautify-assert-output.sh +@@ -0,0 +1 @@ ++../tools/beautify-assert-output.sh +\ No newline at end of file +diff --git a/roles/sap_general_preconfigure/tests/run-sap_general_preconfigure-tests.py b/roles/sap_general_preconfigure/tests/run-sap_general_preconfigure-tests.py +new file mode 100755 +index 0000000..b09ea85 +--- /dev/null ++++ b/roles/sap_general_preconfigure/tests/run-sap_general_preconfigure-tests.py +@@ -0,0 +1,199 @@ ++#!/usr/bin/env python ++ ++""" ++Tests for role sap_general_preconfigure ++""" ++ ++import os ++import sys ++import subprocess ++ ++# output field delimiter for displaying the results: ++# FIELD_DELIMITER = ';' ++FIELD_DELIMITER = '\t' ++ ++if len(sys.argv) == 1: ++ _managed_node = input("Provide name of managed node: ") ++else: ++ _managed_node = sys.argv[1] ++ ++print('Running tests for role sap_general_preconfigure...\n') ++print('Managed node: ' + _managed_node) ++ ++_mn_rhel_release = subprocess.getoutput( ++ "ssh root@" ++ + _managed_node ++ + " cat /etc/redhat-release | \ ++ awk 'BEGIN{FS=\"release \"}{split($2, a, \" \"); print a[1]}'") ++print('Managed node Red Hat release: ' + _mn_rhel_release) ++_mn_hw_arch = subprocess.getoutput("ssh root@" + _managed_node + " uname -m") ++print('Managed node HW architecture: ' + _mn_hw_arch) ++ ++__tests = [ ++ { ++ 'number': '1', ++ 'name': 'Run in check mode on new system.', ++ 'command_line_parameter': '--check ', ++ 'ignore_error_final': True, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_general_preconfigure_fail_if_reboot_required': False, ++ } ++ ] ++ }, ++ { ++ 'number': '2', ++ 'name': 'Run in assert mode on new system, \ ++ check for enabled repos and for minor release lock, \ ++ check for possible RHEL update, \ ++ ignore assert errors.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_general_preconfigure_assert': True, ++ 'sap_general_preconfigure_assert_ignore_errors': True, ++ 'sap_general_preconfigure_update': True, ++ 'sap_general_preconfigure_enable_repos': True, ++ 'sap_general_preconfigure_set_minor_release': True, ++ } ++ ] ++ }, ++ { ++ 'number': '3', ++ 'name': 'Run in normal mode on new system, \ ++ enable repos and set minor release lock, \ ++ check for possible RHEL update, \ ++ set SELinux to permisive, \ ++ allow a reboot.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_general_preconfigure_update': True, ++ 'sap_general_preconfigure_enable_repos': True, ++ 'sap_general_preconfigure_set_minor_release': True, ++ 'sap_general_preconfigure_selinux_state': 'permissive', ++ 'sap_general_preconfigure_reboot_ok': True, ++ } ++ ] ++ }, ++ { ++ 'number': '4', ++ 'name': 'Idempotency check: Run in normal mode on modified system, \ ++ enable repos and set minor release lock, \ ++ check for possible RHEL update, \ ++ set SELinux to permisive, \ ++ allow a reboot.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_general_preconfigure_update': True, ++ 'sap_general_preconfigure_enable_repos': True, ++ 'sap_general_preconfigure_set_minor_release': True, ++ 'sap_general_preconfigure_selinux_state': 'permissive', ++ 'sap_general_preconfigure_reboot_ok': True, ++ } ++ ] ++ }, ++ { ++ 'number': '5', ++ 'name': 'Run in assert mode on modified system, \ ++ check for repos and for the RHEL minor release lock, \ ++ check for possible RHEL update, \ ++ check if SELinux is permisive, \ ++ ignore any assert error.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': True, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_general_preconfigure_assert': True, ++ 'sap_general_preconfigure_assert_ignore_errors': True, ++ 'sap_general_preconfigure_update': True, ++ 'sap_general_preconfigure_enable_repos': True, ++ 'sap_general_preconfigure_set_minor_release': True, ++ 'sap_general_preconfigure_selinux_state': 'permissive', ++ } ++ ] ++ }, ++ { ++ 'number': '6', ++ 'name': 'Run in check mode on modified system.', ++ 'command_line_parameter': '--check ', ++ 'ignore_error_final': True, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [] ++ }, ++] ++ ++for par1 in __tests: ++ print('\n' + 'Test ' + par1['number'] + ': ' + par1['name']) ++ command = ( ++ 'ansible-playbook sap_general_preconfigure-default-settings.yml ' ++ + par1['command_line_parameter'] ++ + '-l ' ++ + _managed_node ++ + ' ' ++ + '-e "' ++ ) ++ for par2 in par1['role_vars']: ++ command += str(par2) ++ command += '"' ++ if par1['compact_assert_output']: ++ command += ' | ./beautify-assert-output.sh' ++ print("command: " + command) ++ _py_rc = os.system(command) ++ par1['rc'] = str(int(_py_rc / 256)) ++ if _py_rc != 0: ++ if par1['ignore_error_final']: ++ print('Test ' ++ + par1['number'] ++ + ' finished with return code ' ++ + par1['rc'] + '. Continuing with the next test') ++ else: ++ print('Test ' ++ + par1['number'] ++ + ' finished with return code ' ++ + par1['rc'] + '.') ++ sys.exit(_py_rc) ++ else: ++ print('Test ' + par1['number'] + ' finished with return code ' + par1['rc'] + '.') ++ ++print('\nResults for role sap_general_preconfigure: ' ++ + _managed_node ++ + ' - RHEL ' ++ + _mn_rhel_release ++ + ' - ' ++ + _mn_hw_arch + ':') ++ ++print('\n#' ++ + FIELD_DELIMITER ++ + 'RC' + FIELD_DELIMITER ++ + 'name' + FIELD_DELIMITER ++ + 'argument' + FIELD_DELIMITER ++ + 'compact' + FIELD_DELIMITER ++ + 'role_vars') ++ ++for par1 in __tests: ++ print(par1['number'] + FIELD_DELIMITER ++ + par1['rc'] + FIELD_DELIMITER ++ + par1['name'] + FIELD_DELIMITER ++ + par1['command_line_parameter'] + FIELD_DELIMITER ++ + str(par1['compact_assert_output']) + FIELD_DELIMITER, end='') ++ if len(par1['role_vars']) == 0: ++ print("") ++ else: ++ for par2 in par1['role_vars']: ++ print(str(par2)) +diff --git a/roles/sap_general_preconfigure/tests/sap_general_preconfigure-default-settings.yml b/roles/sap_general_preconfigure/tests/sap_general_preconfigure-default-settings.yml +new file mode 100644 +index 0000000..a3c320b +--- /dev/null ++++ b/roles/sap_general_preconfigure/tests/sap_general_preconfigure-default-settings.yml +@@ -0,0 +1,6 @@ ++--- ++- hosts: all ++ collections: ++ - community.sap_install ++ roles: ++ - sap_general_preconfigure +diff --git a/roles/sap_hana_install/tests/README.md b/roles/sap_hana_install/tests/README.md +new file mode 100644 +index 0000000..ef2af5b +--- /dev/null ++++ b/roles/sap_hana_install/tests/README.md +@@ -0,0 +1,4 @@ ++# sap_hana_install testing ++ ++The tests in the subdirectories are designed for quality assurance processes. These files might be used for demonstration ++purposes as well, however it is recommended to use the sample files in directory `playbooks` in the root of the Ansible Collection. +diff --git a/roles/sap_hana_install/tests/install/README.md b/roles/sap_hana_install/tests/install/README.md +new file mode 100644 +index 0000000..7a344c4 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/README.md +@@ -0,0 +1,55 @@ ++# sap_hana_install Installation testing ++ ++Installation testing is done by running: ++`# run-sap_hana_install-install-tests.py ` ++where `managed_node` is the hostname of the host on which SAP HANA installation testing will take place, ++and `username` is the name of a user for accessing the managed node. Some basic information is retrieved ++from the managed node via `ssh`, for which we need a user name. ++ ++The following steps have to be performed to prepare the tests: ++- The files mentioned in the tasks `Copy ... to software directory` (e.g. `SAPCAR_1115-70006178.EXE`), ++ as well as their sha256 checksum files (e.g. `SAPCAR_1115-70006178.EXE.sha256`), need to be available ++ in the directory specified by variable `sap_hana_install_software_directory` in file ++ `install-vars.yml`, e.g. `/software/sap_hana_install_test`. ++- You can either download or copy these files manually or via Ansible with yml file ++ `prepare-install-tests-x86_64.yml` or `prepare-install-tests-ppc64le.yml`. ++ In that case, the required files need to be in a directory specified by variable `software_host_directory`, ++ followed by the output of `uname -m` (e.g. `/software/hana_store/x86_64`), on a server ++ specified by variable `software_host`. ++ ++For a SAP HANA scale-out test, the server(s) specified by variable `sap_hana_install_addhosts` in file ++`run-install-test-03.yml` (e.g. `node02`) need(s) to have the following file systems mounted from the node on ++which the test is run: ++- `/hana/data` ++- `/hana/log` ++- `/hana/shared` ++ ++Note: There should be no group named `sapsys` in file `/etc/group` on any of the test system(s), or if ++there is one, its group id should match the value of `sap_hana_install_groupid` (default `79`) in file ++install-vars.yml. ++ ++Each test cycle is running the following steps: ++- `ansible-playbook prepare-install-test-NN.yml -l managed_node` ++- `ansible-playbook run-install-test-NN.yml [...] -l managed_node -e [...]` ++- `ansible-playbook hana-uninstall.yml -l managed_node` ++ ++All screen outputs are saved in a newly created directory with the following name pattern: ++`hana-install-test-logs-` + rhel_release + `_` + hardware_architecture + `_` + date_time_string ++ ++Example: ++`hana-install-test-logs-8.4_x86_64_2022-03-06_23:29:34` ++ ++For each of the tests, there will be three output files in the log directory (shown with ++example file names for the directory mentioned above): ++- `hana-install-test-2022-03-06_23:29:34-prepare-01.log` ++- `hana-install-test-2022-03-06_23:29:34-run-01.log` ++- `hana-install-test-2022-03-06_23:29:34-uninstall-01.log` ++ ++and an additional file name at the end of all tests, named ++- `hana-install-test-2022-03-06_23:29:34-result.log` ++ ++If the return code of a test is `0`, the test has succeeded. If it is not `0` (default is `99`), ++the test has failed. ++ ++A test succeeds if the string specified in variable `expected_output_string` for each test is found ++in the output of the test run. +diff --git a/roles/sap_hana_install/tests/install/hana-uninstall.yml b/roles/sap_hana_install/tests/install/hana-uninstall.yml +new file mode 100644 +index 0000000..d5b0bbb +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/hana-uninstall.yml +@@ -0,0 +1,19 @@ ++--- ++ ++- hosts: all ++ become: true ++ vars_files: ++ - install-vars.yml ++ ++ tasks: ++ - name: "Uninstalling SAP HANA installation '{{ sap_hana_install_sid }}' after 5 seconds" ++ pause: ++ seconds: 5 ++ ++ - name: "Force uninstall SAP HANA '{{ sap_hana_install_sid }}' on '{{ ansible_hostname }}'" ++ shell: "{{ sap_hana_install_install_path }}/{{ sap_hana_install_sid }}/hdblcm/hdblcm --uninstall --components=all -b" ++ register: shell_output ++ ++ - name: Display the hdbuninst output ++ debug: ++ var: shell_output +diff --git a/roles/sap_hana_install/tests/install/install-vars.yml b/roles/sap_hana_install/tests/install/install-vars.yml +new file mode 100644 +index 0000000..080c174 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/install-vars.yml +@@ -0,0 +1,14 @@ ++--- ++ ++sap_hana_install_new_system: true ++sap_hana_install_software_directory: '/software/sap_hana_install_test' ++sap_hana_install_software_extract_directory: '/software/sap_hana_install_test/extracted' ++sap_hana_install_install_path: '/hana/shared' ++sap_hana_install_sid: 'T01' ++sap_hana_install_number: '01' ++sap_hana_install_master_password: 'NewPass$321' ++sap_hana_install_userid: 950 ++sap_hana_install_groupid: 79 ++sap_hana_install_env_type: 'production' ++sap_hana_install_mem_restrict: 'y' ++sap_hana_install_max_mem: 36000 +diff --git a/roles/sap_hana_install/tests/install/prepare-install-test-01.yml b/roles/sap_hana_install/tests/install/prepare-install-test-01.yml +new file mode 100644 +index 0000000..fd92728 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/prepare-install-test-01.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: ++ hosts: all ++ become: true ++ vars_files: ++ - install-vars.yml ++ gather_facts: false ++ ++ tasks: ++ - name: Prepare test 01 - Remove Software extraction directory ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}" ++ state: absent +diff --git a/roles/sap_hana_install/tests/install/prepare-install-test-02.yml b/roles/sap_hana_install/tests/install/prepare-install-test-02.yml +new file mode 100644 +index 0000000..eaf463d +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/prepare-install-test-02.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: ++ hosts: all ++ become: true ++ vars_files: ++ - install-vars.yml ++ gather_facts: false ++ ++ tasks: ++ - name: Prepare test 02 - Remove Software extraction directory ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}" ++ state: absent +diff --git a/roles/sap_hana_install/tests/install/prepare-install-test-03.yml b/roles/sap_hana_install/tests/install/prepare-install-test-03.yml +new file mode 100644 +index 0000000..eaf463d +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/prepare-install-test-03.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: ++ hosts: all ++ become: true ++ vars_files: ++ - install-vars.yml ++ gather_facts: false ++ ++ tasks: ++ - name: Prepare test 02 - Remove Software extraction directory ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}" ++ state: absent +diff --git a/roles/sap_hana_install/tests/install/prepare-install-tests-ppc64le.yml b/roles/sap_hana_install/tests/install/prepare-install-tests-ppc64le.yml +new file mode 100644 +index 0000000..4204079 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/prepare-install-tests-ppc64le.yml +@@ -0,0 +1,35 @@ ++--- ++ ++- name: ++ hosts: all ++ become: true ++ vars_files: ++ - install-vars.yml ++ vars: ++ software_host: hostname ++ software_host_user: username ++ software_host_directory: /software/hana_store ++ gather_facts: false ++ ++ tasks: ++ - name: Remove '{{ sap_hana_install_software_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/" ++ state: absent ++ ++ - name: Create '{{ sap_hana_install_software_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}" ++ state: directory ++ owner: root ++ group: root ++ mode: '0755' ++ ++ - name: Copy SAPCAR to software directory ++ ansible.builtin.shell: "scp {{ software_host_user }}@{{ software_host }}:{{ software_host_directory }}/ppc64le/SAPCAR_1115-70006238.EXE* {{ sap_hana_install_software_directory }}/" ++ ++ - name: Copy HANA rev 59.01 to software directory ++ ansible.builtin.shell: "scp {{ software_host_user }}@{{ software_host }}:{{ software_host_directory }}/ppc64le/IMDB_SERVER20_059_1-80002046.SAR* {{ sap_hana_install_software_directory }}/" ++ ++ - name: Copy SAP Hostagent to software directory ++ ansible.builtin.shell: "scp {{ software_host_user }}@{{ software_host }}:{{ software_host_directory }}/ppc64le/SAPHOSTAGENT55_55-80004831.SAR* {{ sap_hana_install_software_directory }}/" +diff --git a/roles/sap_hana_install/tests/install/prepare-install-tests-x86_64.yml b/roles/sap_hana_install/tests/install/prepare-install-tests-x86_64.yml +new file mode 100644 +index 0000000..0e5c111 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/prepare-install-tests-x86_64.yml +@@ -0,0 +1,35 @@ ++--- ++ ++- name: ++ hosts: all ++ become: true ++ vars_files: ++ - install-vars.yml ++ vars: ++ software_host: hostname ++ software_host_user: username ++ software_host_directory: /software/hana_store ++ gather_facts: false ++ ++ tasks: ++ - name: Remove '{{ sap_hana_install_software_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/" ++ state: absent ++ ++ - name: Create '{{ sap_hana_install_software_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}" ++ state: directory ++ owner: root ++ group: root ++ mode: '0755' ++ ++ - name: Copy SAPCAR to software directory ++ ansible.builtin.shell: "scp {{ software_host_user }}@{{ software_host }}:{{ software_host_directory }}/x86_64/SAPCAR_1115-70006178.EXE* {{ sap_hana_install_software_directory }}/" ++ ++ - name: Copy HANA rev 59.01 to software directory ++ ansible.builtin.shell: "scp {{ software_host_user }}@{{ software_host }}:{{ software_host_directory }}/x86_64/IMDB_SERVER20_059_1-80002031.SAR* {{ sap_hana_install_software_directory }}/" ++ ++ - name: Copy SAP Hostagent to software directory ++ ansible.builtin.shell: "scp {{ software_host_user }}@{{ software_host }}:{{ software_host_directory }}/x86_64/SAPHOSTAGENT55_55-80004822.SAR* {{ sap_hana_install_software_directory }}/" +diff --git a/roles/sap_hana_install/tests/install/remove-all-firewall-ports.yml b/roles/sap_hana_install/tests/install/remove-all-firewall-ports.yml +new file mode 100644 +index 0000000..7e958b5 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/remove-all-firewall-ports.yml +@@ -0,0 +1,67 @@ ++--- ++ ++- name: Remove all defined firewall ports as per field 'ports' in 'firewall-cmd --list-all' ++ hosts: all ++ become: true ++ vars_files: ++ - install-vars.yml ++ gather_facts: false ++ ++ tasks: ++ - name: Get the defined current firewall ports before removal ++ shell: | ++ firewall-cmd --list-all | awk '/ ports: /{gsub (" ports: ", ""); print}' ++ register: __register_firewall_ports_current_before_removal ++ ++ - name: Display the defined current firewall ports before removal ++ debug: ++ var: __register_firewall_ports_current_before_removal.stdout ++ ++ - name: Remove all defined current ports in the default zone ++ shell: | ++ firewall-cmd --list-all | \ ++ awk '/ ports: /{gsub (" ports: ", ""); if (length($0)!=0)print}' | \ ++ awk 'BEGIN{RS=" "}{printf ("--remove-port=%s\n", $0)}' | \ ++ eval $(awk 'BEGIN{printf("firewall-cmd ")}{printf ("%s ", $0)}END{print("")}') ++ register: __register_firewall_remove_ports_current ++ when: __register_firewall_ports_current_before_removal.stdout | length > 0 ++ ++ - name: Get the defined current firewall ports after removal ++ shell: | ++ firewall-cmd --list-all | awk '/ ports: /{gsub (" ports: ", ""); print}' ++ register: __register_firewall_ports_current_after_removal ++ when: __register_firewall_ports_current_before_removal.stdout | length > 0 ++ ++ - name: Display the defined current firewall ports after removal ++ debug: ++ var: __register_firewall_ports_current_after_removal.stdout ++ when: __register_firewall_ports_current_before_removal.stdout | length > 0 ++ ++ - name: Get the defined permanent firewall ports before removal ++ shell: | ++ firewall-cmd --list-all --permanent | awk '/ ports: /{gsub (" ports: ", ""); print}' ++ register: __register_firewall_ports_permanent_before_removal ++ ++ - name: Display the defined current firewall ports before removal ++ debug: ++ var: __register_firewall_ports_permanent_before_removal.stdout ++ ++ - name: Remove all defined permanent ports in the default zone ++ shell: | ++ firewall-cmd --list-all --permanent | \ ++ awk '/ ports: /{gsub (" ports: ", ""); if (length($0)!=0)print}' | \ ++ awk 'BEGIN{RS=" "}{printf ("--remove-port=%s\n", $0)}' | \ ++ eval $(awk 'BEGIN{printf("firewall-cmd --permanent ")}{printf ("%s ", $0)}END{print("")}') ++ register: __register_firewall_remove_ports_permanent ++ when: __register_firewall_ports_permanent_before_removal.stdout | length > 0 ++ ++ - name: Get the defined permanent firewall ports after removal ++ shell: | ++ firewall-cmd --list-all --permanent | awk '/ ports: /{gsub (" ports: ", ""); print}' ++ register: __register_firewall_ports_permanent_after_removal ++ when: __register_firewall_ports_current_before_removal.stdout | length > 0 ++ ++ - name: Display the defined current firewall ports after removal ++ debug: ++ var: __register_firewall_ports_permanent_after_removal.stdout ++ when: __register_firewall_ports_current_before_removal.stdout | length > 0 +diff --git a/roles/sap_hana_install/tests/install/run-install-test-01.yml b/roles/sap_hana_install/tests/install/run-install-test-01.yml +new file mode 100644 +index 0000000..a5ab136 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/run-install-test-01.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: test ++ hosts: all ++ collections: ++ - community.sap_install ++ become: true ++ vars_files: ++ - install-vars.yml ++ roles: ++ - sap_hana_install +diff --git a/roles/sap_hana_install/tests/install/run-install-test-02.yml b/roles/sap_hana_install/tests/install/run-install-test-02.yml +new file mode 100644 +index 0000000..a5ab136 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/run-install-test-02.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: test ++ hosts: all ++ collections: ++ - community.sap_install ++ become: true ++ vars_files: ++ - install-vars.yml ++ roles: ++ - sap_hana_install +diff --git a/roles/sap_hana_install/tests/install/run-install-test-03.yml b/roles/sap_hana_install/tests/install/run-install-test-03.yml +new file mode 100644 +index 0000000..ad91b88 +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/run-install-test-03.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: test ++ hosts: all ++ collections: ++ - community.sap_install ++ become: true ++ vars_files: ++ - install-vars.yml ++ vars: ++ sap_hana_install_addhosts: 'node02' ++ roles: ++ - sap_hana_install +diff --git a/roles/sap_hana_install/tests/install/run-sap_hana_install-install-tests.py b/roles/sap_hana_install/tests/install/run-sap_hana_install-install-tests.py +new file mode 100755 +index 0000000..fbf422e +--- /dev/null ++++ b/roles/sap_hana_install/tests/install/run-sap_hana_install-install-tests.py +@@ -0,0 +1,191 @@ ++#!/usr/bin/env python ++ ++import os ++import sys ++import datetime ++import subprocess ++import re ++import shlex ++import yaml ++ ++ ++def print_log(text): ++ sys.stdout.write(str(text)) ++ __filedescriptor.write(str(text)) ++ ++ ++# output field delimiter for displaying the results: ++__field_delimiter = '\t' ++ ++if(len(sys.argv) != 3): ++ print('Please provide the name of the managed node and the user name for logging in.') ++ __managed_node = input('Name of managed node: ') ++ __username = input('User name for connecting to managed node: ') ++else: ++ __managed_node = sys.argv[1] ++ __username = sys.argv[2] ++ ++__datestr = datetime.datetime.now().strftime('%Y-%m-%d_%H:%M:%S') ++__logfile_prefix = 'hana-install-test-' ++ ++print('Running HANA install tests for role sap_hana_install...\n') ++print('Managed node: ' + __managed_node) ++print('Username: ' + __username) ++ ++with open("install-vars.yml", 'r') as __filedescriptor: ++ __yml_data = yaml.safe_load(__filedescriptor) ++ ++print(__yml_data) ++# print('sap_hana_install_sapcar_filename: ' + __yml_data.get('sap_hana_install_sapcar_filename')) ++# print('sap_hana_install_sarfiles: ' + str(__yml_data.get('sap_hana_install_sarfiles')[0])) ++# print('sap_hana_install_sarfiles: ' + str(__yml_data.get('sap_hana_install_sarfiles')[1])) ++ ++# input('Press RETURN to continue: ') ++ ++__mn_rhel_release = subprocess.getoutput( ++ "ssh " ++ + __username ++ + "@" ++ + __managed_node ++ + " cat /etc/redhat-release | \ ++ awk 'BEGIN{FS=\"release \"}{split($2, a, \" \"); print a[1]}'") ++__mn_hw_arch = subprocess.getoutput("ssh " + __username + "@" + __managed_node + " uname -m") ++print('Managed node Red Hat release: ' + __mn_rhel_release) ++print('Managed node HW architecture: ' + __mn_hw_arch) ++ ++__logdir = 'hana-install-test-logs-' + __mn_rhel_release + '_' + __mn_hw_arch + '_' + __datestr ++print('Logdir: ' + __logdir) ++if not os.path.exists(__logdir): ++ os.mkdir(__logdir) ++ ++__tests = [ ++ { ++ 'number': '01', ++ 'name': 'install test, rev 59.01, default parameters', ++ 'command_line_parameter': '', ++ 'expected_output_string': 'SAP HANA deployment successfully completed:', ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ } ++ ] ++ }, ++ { ++ 'number': '02', ++ 'name': 'install test, rev 59.01, check installation, checksum and signature verification', ++ 'command_line_parameter': '', ++ 'expected_output_string': 'SAP HANA deployment successfully completed:', ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_install_check_installation': True, ++ 'sap_hana_install_verify_checksums': True, ++ 'sap_hana_install_verify_signature': True ++ } ++ ] ++ }, ++ { ++ 'number': '03', ++ 'name': 'install test, rev 59.01, scale-out', ++ 'command_line_parameter': '', ++ 'expected_output_string': 'SAP HANA deployment successfully completed:', ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ } ++ ] ++ }, ++] ++ ++# Loop over tests: ++for par1 in __tests[0:3]: ++ print('\n' + 'Test ' + par1['number'] + ': ' + par1['name']) ++# prepare the test: ++ command = ('ansible-playbook prepare-install-test-' ++ + par1['number'] ++ + '.yml ' ++ + '-l ' ++ + __managed_node) ++ args = shlex.split(command) ++# _py_rc = os.system(command) ++ __logfile = __logdir + '/' + __logfile_prefix + __datestr + '-prepare-' + par1['number'] + '.log' ++ with open(__logfile, 'wb') as __filedescriptor: ++ process = subprocess.Popen(args, stdout=subprocess.PIPE) ++ for line in iter(process.stdout.readline, b''): ++ sys.stdout.write(line.decode(sys.stdout.encoding)) ++ __filedescriptor.write(line) ++ __filedescriptor.flush() ++ ++# run the test: ++ command = ('ansible-playbook run-install-test-' ++ + par1['number'] ++ + '.yml ' ++ + par1['command_line_parameter'] ++ + '-l ' ++ + __managed_node ++ + ' ' ++ + '-e "') ++# add all role vars for this test: ++ for par2 in par1['role_vars']: ++ command += str(par2) ++ command += '"' ++ print("command: " + command) ++ args = shlex.split(command) ++# _output = subprocess.getoutput(command) ++ __logfile = __logdir + '/' + __logfile_prefix + __datestr + '-run-' + par1['number'] + '.log' ++ with open(__logfile, 'wb') as __filedescriptor: ++ process = subprocess.Popen(args, stdout=subprocess.PIPE) ++ for line in iter(process.stdout.readline, b''): ++ sys.stdout.write(line.decode(sys.stdout.encoding)) ++ __filedescriptor.write(line) ++ __filedescriptor.flush() ++ print('Expected output string: \'' + par1['expected_output_string'] + '\'') ++ __match = open(__logfile, 'r').read().find(par1['expected_output_string']) ++ print('__match: ' + str(__match)) ++# __match = re.search(par1['expected_output_string'], _output) ++ if __match >= 0: ++ par1['rc'] = '0' ++ print('Test ' + par1['number'] + ' passed!!!') ++ else: ++ print('Test ' + par1['number'] + ' FAILED!!!') ++ ++# uninstall SAP HANA: ++ command = ('ansible-playbook hana-uninstall.yml ' ++ + '-l ' ++ + __managed_node) ++ args = shlex.split(command) ++ __logfile = __logdir + '/' + __logfile_prefix + __datestr + '-uninstall-' + par1['number'] + '.log' ++ with open(__logfile, 'wb') as __filedescriptor: ++ process = subprocess.Popen(args, stdout=subprocess.PIPE) ++ for line in iter(process.stdout.readline, b''): ++ sys.stdout.write(line.decode(sys.stdout.encoding)) ++ __filedescriptor.write(line) ++ __filedescriptor.flush() ++ ++print('\n') ++ ++__logfile = __logdir + '/' + __logfile_prefix + __datestr + '-result.log' ++with open(__logfile, 'w') as __filedescriptor: ++ print_log('Results for role sap_hana_install on ' + __managed_node + ' - RHEL ' + __mn_rhel_release + ' - ' + __mn_hw_arch + ':\n') ++ ++ print_log('\n#' ++ + __field_delimiter ++ + 'RC' + __field_delimiter ++ + 'name' + __field_delimiter ++ + 'argument' + __field_delimiter ++ + 'expected output string' + __field_delimiter ++ + 'role_vars' + '\n') ++ ++ for par1 in __tests[0:3]: ++ print_log(par1['number'] + __field_delimiter ++ + par1['rc'] + __field_delimiter ++ + par1['name'] + __field_delimiter ++ + '\'' + par1['command_line_parameter'] + '\'' + __field_delimiter ++ + '\'' + par1['expected_output_string'] + '\'' + __field_delimiter) ++# + '\'' + par1['expected_output_string'] + '\'' + __field_delimiter, end='') ++ if(len(par1['role_vars']) == 0): ++ print_log('\n') ++ else: ++ for par2 in par1['role_vars']: ++ print_log(str(par2)) ++ print_log('\n') +diff --git a/roles/sap_hana_install/tests/sapcar/prepare-sapcar-tests.yml b/roles/sap_hana_install/tests/sapcar/prepare-sapcar-tests.yml +new file mode 100644 +index 0000000..f396065 +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/prepare-sapcar-tests.yml +@@ -0,0 +1,45 @@ ++--- ++ ++- name: Prepare sapcar tests ++ hosts: all ++ become: true ++ vars_files: ++ - sapcar-vars.yml ++ gather_facts: false ++ ++ tasks: ++ - name: Remove '{{ sap_hana_install_software_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/" ++ state: absent ++ ++ - name: Create '{{ sap_hana_install_software_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}" ++ state: directory ++ owner: root ++ group: root ++ mode: '0755' ++ ++# - name: Copy '/software/hana/{{ sap_hana_install_sapcar_filename }}' to '{{ sap_hana_install_software_directory }}' ++# ansible.builtin.copy: ++# src: "/software/hana/{{ sap_hana_install_sapcar_filename }}" ++# dest: "{{ sap_hana_install_software_directory }}/" ++# owner: root ++# group: root ++# mode: '0755' ++ ++ - name: Copy SAPCAR files from '/software/hana/' to '{{ sap_hana_install_software_directory }}' ++ ansible.builtin.copy: ++ src: "/software/hana/{{ item }}" ++ dest: "{{ sap_hana_install_software_directory }}/" ++ owner: root ++ group: root ++ mode: '0755' ++ loop: ++ - SAPCAR_1115-70006175.EXE ++ - SAPCAR_1115-70006177.EXE ++ - SAPCAR_1115-70006178.EXE ++ - SAPCAR_1115-70006234.EXE ++ - SAPCAR_1115-70006238.EXE ++ - SAPCAR_1211-80000935.EXE +diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-01.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-01.yml +new file mode 100644 +index 0000000..abdd860 +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/prepare-test-01.yml +@@ -0,0 +1,19 @@ ++--- ++ ++- name: Prepare test 01 ++ hosts: all ++ become: true ++ vars_files: ++ - sapcar-vars.yml ++ gather_facts: false ++ ++ tasks: ++ - name: Prepare test 01 - Make sure there is no checksum file ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/{{ sap_hana_install_sapcar_filename }}.sha256" ++ state: absent ++ ++ - name: Prepare test 01 - Make sure there is no SHA256 file ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/SHA256" ++ state: absent +diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-02.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-02.yml +new file mode 100644 +index 0000000..3a04208 +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/prepare-test-02.yml +@@ -0,0 +1,19 @@ ++--- ++ ++- name: Prepare test 02 ++ hosts: all ++ become: true ++ vars_files: ++ - sapcar-vars.yml ++ gather_facts: false ++ ++ tasks: ++ - name: Prepare test 02 - Make sure there is no SHA256 file ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/SHA256" ++ state: absent ++ ++ - name: Prepare test 02 - Create wrong checksum file ++ ansible.builtin.shell: ++ cmd: sha256sum "{{ sap_hana_install_sapcar_filename }}" | awk '{gsub ("1", "2", $1); printf ("%s %s\n", $1, $2)}' > "{{ sap_hana_install_sapcar_filename }}.sha256" ++ chdir: "{{ sap_hana_install_software_directory }}" +diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-03.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-03.yml +new file mode 100644 +index 0000000..7864eb5 +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/prepare-test-03.yml +@@ -0,0 +1,19 @@ ++--- ++ ++- name: Prepare test 03 ++ hosts: all ++ become: true ++ vars_files: ++ - sapcar-vars.yml ++ gather_facts: false ++ ++ tasks: ++ - name: Prepare test 03 - Make sure there is no SHA256 file ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/SHA256" ++ state: absent ++ ++ - name: Prepare test 03 - Create correct checksum file ++ ansible.builtin.shell: ++ cmd: sha256sum "{{ sap_hana_install_sapcar_filename }}" > "{{ sap_hana_install_sapcar_filename }}.sha256" ++ chdir: "{{ sap_hana_install_software_directory }}" +diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-04.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-04.yml +new file mode 100644 +index 0000000..a8b9a76 +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/prepare-test-04.yml +@@ -0,0 +1,21 @@ ++--- ++ ++- name: Prepare test 04 ++ hosts: all ++ become: true ++ vars_files: ++ - sapcar-vars.yml ++ vars: ++ sap_hana_install_global_checksum_file: "{{ sap_hana_install_software_directory }}/SHA256" ++ gather_facts: false ++ ++ tasks: ++ - name: Prepare test 04 - Make sure there is no checksum file ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/{{ sap_hana_install_sapcar_filename }}.sha256" ++ state: absent ++ ++ - name: Prepare test 04 - Create wrong checksum in global checksum file ++ ansible.builtin.shell: ++ cmd: (sha256sum /usr/bin/bash; sha256sum "{{ sap_hana_install_sapcar_filename }}" | awk '{gsub ("1", "2", $1); printf ("%s %s\n", $1, $2)}'; sha256sum /usr/bin/ls) > "{{ sap_hana_install_global_checksum_file }}" ++ chdir: "{{ sap_hana_install_software_directory }}" +diff --git a/roles/sap_hana_install/tests/sapcar/prepare-test-05.yml b/roles/sap_hana_install/tests/sapcar/prepare-test-05.yml +new file mode 100644 +index 0000000..58ed193 +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/prepare-test-05.yml +@@ -0,0 +1,21 @@ ++--- ++ ++- name: Prepare test 05 ++ hosts: all ++ become: true ++ vars_files: ++ - sapcar-vars.yml ++ vars: ++ sap_hana_install_global_checksum_file: "{{ sap_hana_install_software_directory }}/SHA256" ++ gather_facts: false ++ ++ tasks: ++ - name: Prepare test 05 - Make sure there is no checksum file ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_directory }}/{{ sap_hana_install_sapcar_filename }}.sha256" ++ state: absent ++ ++ - name: Prepare test 05 - Create correct checksum in global checksum file ++ ansible.builtin.shell: ++ cmd: (sha256sum /usr/bin/bash; sha256sum "{{ sap_hana_install_sapcar_filename }}"; sha256sum /usr/bin/ls) > "{{ sap_hana_install_global_checksum_file }}" ++ chdir: "{{ sap_hana_install_software_directory }}" +diff --git a/roles/sap_hana_install/tests/sapcar/run-sap_hana_install-sapcar-tests.py b/roles/sap_hana_install/tests/sapcar/run-sap_hana_install-sapcar-tests.py +new file mode 100755 +index 0000000..d9eceff +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/run-sap_hana_install-sapcar-tests.py +@@ -0,0 +1,186 @@ ++#!/usr/bin/env python ++ ++import os ++import sys ++import subprocess ++import re ++import yaml ++ ++# output field delimiter for displaying the results: ++_field_delimiter = '\t' ++ ++if(len(sys.argv) != 3): ++ print('Please provide the name of the managed node and the user name for logging in.') ++ _managed_node = input('Name of managed node: ') ++ _username = input('User name for connecting to managed node: ') ++else: ++ _managed_node = sys.argv[1] ++ _username = sys.argv[2] ++ ++print('Running sapcar preinstall tests for role sap_hana_install...\n') ++print('Managed node: ' + _managed_node) ++print('Username: ' + _username) ++ ++_mn_rhel_release = subprocess.getoutput( ++ "ssh " ++ + _username ++ + "@" ++ + _managed_node ++ + " cat /etc/redhat-release | \ ++ awk 'BEGIN{FS=\"release \"}{split ($2, a, \" \"); print a[1]}'") ++print('Managed node Red Hat release: ' + _mn_rhel_release) ++_mn_hw_arch = subprocess.getoutput("ssh " + _username + "@" + _managed_node + " uname -m") ++print('Managed node HW architecture: ' + _mn_hw_arch) ++ ++_vars_file = 'sapcar-vars.yml' ++with open(_vars_file, 'r') as _file: ++ _vars_1 = yaml.safe_load(_file) ++ ++sap_hana_install_sapcar_filename = _vars_1.get('sap_hana_install_sapcar_filename_' + _mn_hw_arch) ++print('sap_hana_install_sapcar_filename: ' + sap_hana_install_sapcar_filename) ++ ++__tests = [ ++ { ++ 'number': '01', ++ 'name': 'SAPCAR checksum test, missing sha256 file', ++ 'command_line_parameter': '--tags=sap_hana_install_prepare_sapcar ', ++ 'expected_output_string': 'FAIL: Missing checksum file \'/software/sap_hana_install_test/' + sap_hana_install_sapcar_filename + '.sha256\'!', ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_install_verify_checksums': True, ++ 'sap_hana_install_sapcar_filename': sap_hana_install_sapcar_filename ++ } ++ ] ++ }, ++ { ++ 'number': '02', ++ 'name': 'SAPCAR checksum test, sha256 file exists but checksum is not correct', ++ 'command_line_parameter': '--tags=sap_hana_install_prepare_sapcar ', ++ 'expected_output_string': ' does not match the checksum stored in file \'/software/sap_hana_install_test/' ++ + sap_hana_install_sapcar_filename ++ + '.sha256\'!', ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_install_verify_checksums': True, ++ 'sap_hana_install_sapcar_filename': sap_hana_install_sapcar_filename ++ } ++ ] ++ }, ++ { ++ 'number': '03', ++ 'name': 'SAPCAR checksum test, sha256 file exists with correct checksum', ++ 'command_line_parameter': '--tags=sap_hana_install_prepare_sapcar ', ++ 'expected_output_string': ' matches the checksum stored in file \'/software/sap_hana_install_test/' + sap_hana_install_sapcar_filename + '.sha256\'.', ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_install_verify_checksums': True, ++ 'sap_hana_install_sapcar_filename': sap_hana_install_sapcar_filename ++ } ++ ] ++ }, ++ { ++ 'number': '04', ++ 'name': 'SAPCAR checksum test, SHA256 file exists but checksum is not correct', ++ 'command_line_parameter': '--tags=sap_hana_install_prepare_sapcar ', ++ 'expected_output_string': ' does not match the checksum stored in file \'/software/sap_hana_install_test/SHA256\'!', ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_install_verify_checksums': True, ++ 'sap_hana_install_sapcar_filename': sap_hana_install_sapcar_filename, ++ 'sap_hana_install_global_checksum_file': "{{ sap_hana_install_software_directory }}/SHA256" ++ } ++ ] ++ }, ++ { ++ 'number': '05', ++ 'name': 'SAPCAR checksum test, SHA256 file exists with correct checksum', ++ 'command_line_parameter': '--tags=sap_hana_install_prepare_sapcar ', ++ 'expected_output_string': ' matches the checksum stored in file \'/software/sap_hana_install_test/SHA256\'.', ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_install_verify_checksums': True, ++ 'sap_hana_install_sapcar_filename': sap_hana_install_sapcar_filename, ++ 'sap_hana_install_global_checksum_file': "{{ sap_hana_install_software_directory }}/SHA256" ++ } ++ ] ++ }, ++] ++ ++command = ('ansible-playbook prepare-sapcar-tests.yml ' ++ + '-l ' ++ + _managed_node) ++_py_rc = os.system(command) ++ ++for par1 in __tests[0:5]: ++ print('\n' + 'Test ' + par1['number'] + ': ' + par1['name']) ++ command = ('ansible-playbook prepare-test-' ++ + par1['number'] ++ + '.yml ' ++ + '-l ' ++ + _managed_node ++ + ' -e "' ++ + '{ sap_hana_install_sapcar_filename: ' ++ + sap_hana_install_sapcar_filename ++ + ' }"') ++ print('command: >' + command + '<') ++ _py_rc = os.system(command) ++ command = ('ansible-playbook run-sapcar-test.yml ' ++ + par1['command_line_parameter'] ++ + '-l ' ++ + _managed_node ++ + ' -e "') ++ for par2 in par1['role_vars']: ++ command += str(par2) ++ command += '"' ++ print("command: >" + command + '<') ++# _py_rc = os.system(command) ++# _py_rc = os.popen(command).read() ++# _output = subprocess.check_output(command, stderr=subprocess.STDOUT, shell=True) ++ _output = subprocess.getoutput(command) ++ print('Output of test: ' + _output) ++ _match = re.search(par1['expected_output_string'], _output) ++ if _match: ++ par1['rc'] = '0' ++ print('Test ' + par1['number'] + ' passed!!!') ++# par1['rc'] = str(int(_py_rc/256)) ++# if(_py_rc != 0): ++# if par1['ignore_error_final']: ++# print('Test ' + par1['number'] + ' finished with return code ' + par1['rc'] + '. Continuing with the next test') ++# else: ++# print('Test ' + par1['number'] + ' finished with return code ' + par1['rc'] + '.') ++# exit(_py_rc) ++# else: ++# print('Test ' + par1['number'] + ' finished with return code ' + par1['rc'] + '.') ++ ++print('\nResults for role sap_hana_install preinstall: ' ++ + _managed_node ++ + ' - RHEL ' ++ + _mn_rhel_release ++ + ' - ' ++ + _mn_hw_arch ++ + ':') ++ ++print('\n#' ++ + _field_delimiter ++ + 'RC' + _field_delimiter ++ + 'name' + _field_delimiter ++ + 'argument' + _field_delimiter ++ + 'expected error string' + _field_delimiter ++ + 'role_vars') ++ ++for par1 in __tests[0:5]: ++ print(par1['number'] + _field_delimiter ++ + par1['rc'] + _field_delimiter ++ + par1['name'] + _field_delimiter ++ + '\'' + par1['command_line_parameter'] + '\'' + _field_delimiter ++ + '\'' + par1['expected_output_string'] + '\'' + _field_delimiter, end='') ++ if (len(par1['role_vars']) == 0): ++ print("") ++ else: ++ for par2 in par1['role_vars']: ++ print(str(par2)) +diff --git a/roles/sap_hana_install/tests/sapcar/run-sapcar-test.yml b/roles/sap_hana_install/tests/sapcar/run-sapcar-test.yml +new file mode 100644 +index 0000000..8bc6b98 +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/run-sapcar-test.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: test ++ hosts: all ++ collections: ++ - community.sap_install ++ become: true ++ vars_files: ++ - sapcar-vars.yml ++ roles: ++ - sap_hana_install +diff --git a/roles/sap_hana_install/tests/sapcar/sapcar-vars.yml b/roles/sap_hana_install/tests/sapcar/sapcar-vars.yml +new file mode 100644 +index 0000000..0b904f6 +--- /dev/null ++++ b/roles/sap_hana_install/tests/sapcar/sapcar-vars.yml +@@ -0,0 +1,10 @@ ++--- ++ ++sap_hana_install_sid: T01 ++sap_hana_install_number: 01 ++sap_hana_install_software_directory: '/software/sap_hana_install_test' ++sap_hana_install_checksum_algorithm: sha256 ++# sap_hana_install_sapcar_filename_ppc64: SAPCAR_1115-70006175.EXE # ppc64 ++sap_hana_install_sapcar_filename_ppc64le: SAPCAR_1115-70006238.EXE # ppc64le ++# sap_hana_install_sapcar_filename: SAPCAR_1211-80000935.EXE # x86_64, rel 721, patch 1211 ++sap_hana_install_sapcar_filename_x86_64: SAPCAR_1115-70006178.EXE # x86_64, rel 722, patch 1115 +diff --git a/roles/sap_hana_preconfigure/tests/.pylintrc b/roles/sap_hana_preconfigure/tests/.pylintrc +new file mode 120000 +index 0000000..0d402e7 +--- /dev/null ++++ b/roles/sap_hana_preconfigure/tests/.pylintrc +@@ -0,0 +1 @@ ++../../../.pylintrc +\ No newline at end of file +diff --git a/roles/sap_hana_preconfigure/tests/beautify-assert-output.sh b/roles/sap_hana_preconfigure/tests/beautify-assert-output.sh +new file mode 120000 +index 0000000..9a2e976 +--- /dev/null ++++ b/roles/sap_hana_preconfigure/tests/beautify-assert-output.sh +@@ -0,0 +1 @@ ++../tools/beautify-assert-output.sh +\ No newline at end of file +diff --git a/roles/sap_hana_preconfigure/tests/run-sap_hana_preconfigure-tests.py b/roles/sap_hana_preconfigure/tests/run-sap_hana_preconfigure-tests.py +new file mode 100755 +index 0000000..08bc7f5 +--- /dev/null ++++ b/roles/sap_hana_preconfigure/tests/run-sap_hana_preconfigure-tests.py +@@ -0,0 +1,242 @@ ++#!/usr/bin/env python ++ ++""" ++Tests for role sap_hana_preconfigure ++""" ++ ++import os ++import sys ++import subprocess ++ ++# output field delimiter for displaying the results: ++FIELD_DELIMITER = '\t' ++ ++if len(sys.argv) == 1: ++ _managed_node = input("Provide name of managed node: ") ++else: ++ _managed_node = sys.argv[1] ++ ++print('Running tests for role sap_hana_preconfigure...\n') ++print('Managed node: ' + _managed_node) ++ ++_mn_rhel_release = subprocess.getoutput( ++ "ssh root@" ++ + _managed_node ++ + " cat /etc/redhat-release | \ ++ awk 'BEGIN{FS=\"release \"}{split($2, a, \" \"); print a[1]}'") ++print('Managed node Red Hat release: ' + _mn_rhel_release) ++_mn_hw_arch = subprocess.getoutput("ssh root@" + _managed_node + " uname -m") ++print('Managed node HW architecture: ' + _mn_hw_arch) ++ ++__tests = [ ++ { ++ 'number': '1', ++ 'name': 'Run in check mode on new system.', ++ 'command_line_parameter': '--check ', ++ 'ignore_error_final': True, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [] ++ }, ++ { ++ 'number': '2', ++ 'name': 'Run in assert mode on new system, \ ++ ignore assert errors.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_preconfigure_assert': True, ++ 'sap_hana_preconfigure_assert_ignore_errors': True, ++ } ++ ] ++ }, ++ { ++ 'number': '3', ++ 'name': 'Run in normal mode on new system, \ ++ check for possible RHEL update, \ ++ allow a reboot.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_preconfigure_update': True, ++ 'sap_hana_preconfigure_reboot_ok': True, ++ } ++ ] ++ }, ++ { ++ 'number': '4', ++ 'name': 'Idempotency check: Run in normal mode again, \ ++ check for possible RHEL update, \ ++ allow a reboot.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_preconfigure_update': True, ++ 'sap_hana_preconfigure_reboot_ok': True, ++ } ++ ] ++ }, ++ { ++ 'number': '5', ++ 'name': 'Run in assert mode on modified system, \ ++ check for possible RHEL update, \ ++ ignore any assert error.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': True, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_preconfigure_assert': True, ++ 'sap_hana_preconfigure_assert_ignore_errors': True, ++ 'sap_hana_preconfigure_update': True, ++ } ++ ] ++ }, ++ { ++ 'number': '6', ++ 'name': 'Run in normal mode, \ ++ do not use tuned, \ ++ allow a reboot.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_preconfigure_use_tuned': False, ++ 'sap_hana_preconfigure_reboot_ok': True, ++ } ++ ] ++ }, ++ { ++ 'number': '7', ++ 'name': 'Run in normal mode, \ ++ use tuned and also modify boot command line, \ ++ allow a reboot.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_preconfigure_use_tuned': True, ++ 'sap_hana_preconfigure_modify_grub_cmdline_linux': True, ++ 'sap_hana_preconfigure_reboot_ok': True, ++ } ++ ] ++ }, ++ { ++ 'number': '8', ++ 'name': 'Idempotency check: Run in normal mode again, \ ++ use tuned and also modify boot command line, \ ++ allow a reboot.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_preconfigure_use_tuned': True, ++ 'sap_hana_preconfigure_modify_grub_cmdline_linux': True, ++ 'sap_hana_preconfigure_reboot_ok': True, ++ } ++ ] ++ }, ++ { ++ 'number': '9', ++ 'name': 'Run in assert mode, \ ++ check for possible RHEL update, \ ++ check all config, \ ++ compact output, \ ++ ignore any assert error.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': True, ++ 'compact_assert_output': True, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_hana_preconfigure_assert': True, ++ 'sap_hana_preconfigure_assert_all_config': True, ++ 'sap_hana_preconfigure_assert_ignore_errors': True, ++ } ++ ] ++ }, ++ { ++ 'number': '10', ++ 'name': 'Run in check mode on modified system.', ++ 'command_line_parameter': '--check ', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [] ++ } ++] ++ ++for par1 in __tests: ++ print('\n' + 'Test ' + par1['number'] + ': ' + par1['name']) ++ command = ('ansible-playbook sap_hana_preconfigure-default-settings.yml ' ++ + par1['command_line_parameter'] ++ + '-l ' ++ + _managed_node ++ + ' ' ++ + '-e "') ++ for par2 in par1['role_vars']: ++ command += str(par2) ++ command += '"' ++ if par1['compact_assert_output']: ++ command += ' | ./beautify-assert-output.sh' ++ print("command: " + command) ++ _py_rc = os.system(command) ++ par1['rc'] = str(int(_py_rc / 256)) ++ if _py_rc != 0: ++ if par1['ignore_error_final']: ++ print('Test ' ++ + par1['number'] ++ + ' finished with return code ' ++ + par1['rc'] ++ + '. Continuing with the next test') ++ else: ++ print('Test ' ++ + par1['number'] ++ + ' finished with return code ' ++ + par1['rc'] + '.') ++ sys.exit(_py_rc) ++ else: ++ print('Test ' + par1['number'] + ' finished with return code ' + par1['rc'] + '.') ++ ++print('\nResults for role sap_hana_preconfigure: ' ++ + _managed_node ++ + ' - RHEL ' ++ + _mn_rhel_release ++ + ' - ' ++ + _mn_hw_arch + ':') ++ ++print('\n#' ++ + FIELD_DELIMITER ++ + 'RC' + FIELD_DELIMITER ++ + 'name' + FIELD_DELIMITER ++ + 'argument' + FIELD_DELIMITER ++ + 'compact' + FIELD_DELIMITER ++ + 'role_vars') ++ ++for par1 in __tests: ++ print(par1['number'] + FIELD_DELIMITER ++ + par1['rc'] + FIELD_DELIMITER ++ + par1['name'] + FIELD_DELIMITER ++ + par1['command_line_parameter'] + FIELD_DELIMITER ++ + str(par1['compact_assert_output']) + FIELD_DELIMITER, end='') ++ if len(par1['role_vars']) == 0: ++ print("") ++ else: ++ for par2 in par1['role_vars']: ++ print(str(par2)) +diff --git a/roles/sap_hana_preconfigure/tests/sap_hana_preconfigure-default-settings.yml b/roles/sap_hana_preconfigure/tests/sap_hana_preconfigure-default-settings.yml +new file mode 100644 +index 0000000..561b391 +--- /dev/null ++++ b/roles/sap_hana_preconfigure/tests/sap_hana_preconfigure-default-settings.yml +@@ -0,0 +1,6 @@ ++--- ++- hosts: all ++ collections: ++ - community.sap_install ++ roles: ++ - sap_hana_preconfigure +diff --git a/roles/sap_netweaver_preconfigure/tests/.pylintrc b/roles/sap_netweaver_preconfigure/tests/.pylintrc +new file mode 120000 +index 0000000..0d402e7 +--- /dev/null ++++ b/roles/sap_netweaver_preconfigure/tests/.pylintrc +@@ -0,0 +1 @@ ++../../../.pylintrc +\ No newline at end of file +diff --git a/roles/sap_netweaver_preconfigure/tests/beautify-assert-output.sh b/roles/sap_netweaver_preconfigure/tests/beautify-assert-output.sh +new file mode 120000 +index 0000000..9a2e976 +--- /dev/null ++++ b/roles/sap_netweaver_preconfigure/tests/beautify-assert-output.sh +@@ -0,0 +1 @@ ++../tools/beautify-assert-output.sh +\ No newline at end of file +diff --git a/roles/sap_netweaver_preconfigure/tests/run-sap_netweaver_preconfigure-tests.py b/roles/sap_netweaver_preconfigure/tests/run-sap_netweaver_preconfigure-tests.py +new file mode 100755 +index 0000000..30cc250 +--- /dev/null ++++ b/roles/sap_netweaver_preconfigure/tests/run-sap_netweaver_preconfigure-tests.py +@@ -0,0 +1,153 @@ ++#!/usr/bin/env python ++ ++""" ++Tests for role sap_netweaver_preconfigure ++""" ++ ++import os ++import sys ++import subprocess ++ ++# output field delimiter for displaying the results: ++FIELD_DELIMITER = '\t' ++ ++if len(sys.argv) == 1: ++ _managed_node = input("Provide name of managed node: ") ++else: ++ _managed_node = sys.argv[1] ++ ++print('Running tests for role sap_netweaver_preconfigure...\n') ++print('Managed node: ' + _managed_node) ++ ++_mn_rhel_release = subprocess.getoutput( ++ "ssh root@" ++ + _managed_node ++ + " cat /etc/redhat-release | \ ++ awk 'BEGIN{FS=\"release \"}{split($2, a, \" \"); print a[1]}'") ++print('Managed node Red Hat release: ' + _mn_rhel_release) ++_mn_hw_arch = subprocess.getoutput("ssh root@" + _managed_node + " uname -m") ++print('Managed node HW architecture: ' + _mn_hw_arch) ++ ++__tests = [ ++ { ++ 'number': '1', ++ 'name': 'Run in check mode on new system.', ++ 'command_line_parameter': '--check ', ++ 'ignore_error_final': True, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [] ++ }, ++ { ++ 'number': '2', ++ 'name': 'Run in assert mode on new system, \ ++ ignore assert errors.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': True, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_netweaver_preconfigure_assert': True, ++ 'sap_netweaver_preconfigure_assert_ignore_errors': True, ++ } ++ ] ++ }, ++ { ++ 'number': '3', ++ 'name': 'Run in normal mode on new system. \ ++ Do not fail in case not enough swap space is configured.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': False, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured': False, ++ } ++ ] ++ }, ++ { ++ 'number': '4', ++ 'name': 'Run in assert mode on modified system, \ ++ compact output, \ ++ ignore any assert error.', ++ 'command_line_parameter': '', ++ 'ignore_error_final': True, ++ 'compact_assert_output': True, ++ 'rc': '99', ++ 'role_vars': [ ++ { ++ 'sap_netweaver_preconfigure_assert': True, ++ 'sap_netweaver_preconfigure_assert_ignore_errors': True, ++ } ++ ] ++ }, ++ { ++ 'number': '5', ++ 'name': 'Run in check mode on configured system. Ignore a final error.', ++ 'command_line_parameter': '--check ', ++ 'ignore_error_final': True, ++ 'compact_assert_output': False, ++ 'rc': '99', ++ 'role_vars': [] ++ }, ++] ++ ++for par1 in __tests: ++ print('\n' + 'Test ' + par1['number'] + ': ' + par1['name']) ++ command = ('ansible-playbook sap_netweaver_preconfigure-default-settings.yml ' ++ + par1['command_line_parameter'] ++ + '-l ' ++ + _managed_node ++ + ' ' ++ + '-e "') ++ for par2 in par1['role_vars']: ++ command += str(par2) ++ command += '"' ++ if par1['compact_assert_output']: ++ command += ' | ./beautify-assert-output.sh' ++ print("command: " + command) ++ _py_rc = os.system(command) ++ par1['rc'] = str(int(_py_rc / 256)) ++ if _py_rc != 0: ++ if par1['ignore_error_final']: ++ print('Test ' ++ + par1['number'] ++ + ' finished with return code ' ++ + par1['rc'] ++ + '. Continuing with the next test') ++ else: ++ print('Test ' ++ + par1['number'] ++ + ' finished with return code ' ++ + par1['rc'] + '.') ++ sys.exit(_py_rc) ++ else: ++ print('Test ' + par1['number'] + ' finished with return code ' + par1['rc'] + '.') ++ ++print('\nResults for role sap_netweaver_preconfigure: ' ++ + _managed_node ++ + ' - RHEL ' ++ + _mn_rhel_release ++ + ' - ' + _mn_hw_arch + ':') ++ ++print('\n#' ++ + FIELD_DELIMITER ++ + 'RC' + FIELD_DELIMITER ++ + 'name' + FIELD_DELIMITER ++ + 'argument' + FIELD_DELIMITER ++ + 'compact' + FIELD_DELIMITER ++ + 'role_vars') ++ ++for par1 in __tests: ++ print(par1['number'] + FIELD_DELIMITER ++ + par1['rc'] + FIELD_DELIMITER ++ + par1['name'] + FIELD_DELIMITER ++ + par1['command_line_parameter'] + FIELD_DELIMITER ++ + str(par1['compact_assert_output']) + FIELD_DELIMITER, end='') ++ if len(par1['role_vars']) == 0: ++ print("") ++ else: ++ for par2 in par1['role_vars']: ++ print(str(par2)) +diff --git a/roles/sap_netweaver_preconfigure/tests/sap_netweaver_preconfigure-default-settings.yml b/roles/sap_netweaver_preconfigure/tests/sap_netweaver_preconfigure-default-settings.yml +new file mode 100644 +index 0000000..e9e772a +--- /dev/null ++++ b/roles/sap_netweaver_preconfigure/tests/sap_netweaver_preconfigure-default-settings.yml +@@ -0,0 +1,6 @@ ++--- ++- hosts: all ++ collections: ++ - community.sap_install ++ roles: ++ - sap_netweaver_preconfigure diff --git a/SOURCES/redhat.sap_install-1.3.4-add_tools.patch b/SOURCES/redhat.sap_install-1.3.4-add_tools.patch new file mode 100644 index 0000000..38f2900 --- /dev/null +++ b/SOURCES/redhat.sap_install-1.3.4-add_tools.patch @@ -0,0 +1,128 @@ +commit 83db825f7f30445408efa6061631d8dd0590e891 +Author: Than Ngo +Date: Thu Jan 25 16:17:21 2024 +0100 + + add missing tools folders + + Signed-off-by: Than Ngo + +diff --git a/roles/sap_general_preconfigure/tools/beautify-assert-output.sh b/roles/sap_general_preconfigure/tools/beautify-assert-output.sh +new file mode 100755 +index 0000000..f48087c +--- /dev/null ++++ b/roles/sap_general_preconfigure/tools/beautify-assert-output.sh +@@ -0,0 +1,34 @@ ++#!/bin/bash ++ ++# default font color: Light Cyan, which should be readable on both bright and dark background ++__FONT_COLOR=36m ++ ++if [[ ${1}. == "font_light_gray". ]]; then ++ __FONT_COLOR=37m ++elif [[ ${1}. == "font_no_color". ]]; then ++ __FONT_COLOR=30m ++fi ++ ++if [[ ${2}. == "reset." ]]; then ++ awk 'BEGIN{printf ("\033['${__FONT_COLOR}'Resetting font color\n")}' ++ exit ++fi ++ ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033['${__FONT_COLOR}'[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033['${__FONT_COLOR}'[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033['${__FONT_COLOR}' Last TASK and fatal output:\n"); print task_line, fatal_line ++ exit 199 ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033['${__FONT_COLOR}'\n", nfail[var], nwarn[var], npass[var])} ++ if (nfail[var] != 0) exit (nfail[var]) ++ }' +diff --git a/roles/sap_hana_preconfigure/tools/beautify-assert-output.sh b/roles/sap_hana_preconfigure/tools/beautify-assert-output.sh +new file mode 100755 +index 0000000..f48087c +--- /dev/null ++++ b/roles/sap_hana_preconfigure/tools/beautify-assert-output.sh +@@ -0,0 +1,34 @@ ++#!/bin/bash ++ ++# default font color: Light Cyan, which should be readable on both bright and dark background ++__FONT_COLOR=36m ++ ++if [[ ${1}. == "font_light_gray". ]]; then ++ __FONT_COLOR=37m ++elif [[ ${1}. == "font_no_color". ]]; then ++ __FONT_COLOR=30m ++fi ++ ++if [[ ${2}. == "reset." ]]; then ++ awk 'BEGIN{printf ("\033['${__FONT_COLOR}'Resetting font color\n")}' ++ exit ++fi ++ ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033['${__FONT_COLOR}'[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033['${__FONT_COLOR}'[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033['${__FONT_COLOR}' Last TASK and fatal output:\n"); print task_line, fatal_line ++ exit 199 ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033['${__FONT_COLOR}'\n", nfail[var], nwarn[var], npass[var])} ++ if (nfail[var] != 0) exit (nfail[var]) ++ }' +diff --git a/roles/sap_netweaver_preconfigure/tools/beautify-assert-output.sh b/roles/sap_netweaver_preconfigure/tools/beautify-assert-output.sh +new file mode 100755 +index 0000000..f48087c +--- /dev/null ++++ b/roles/sap_netweaver_preconfigure/tools/beautify-assert-output.sh +@@ -0,0 +1,34 @@ ++#!/bin/bash ++ ++# default font color: Light Cyan, which should be readable on both bright and dark background ++__FONT_COLOR=36m ++ ++if [[ ${1}. == "font_light_gray". ]]; then ++ __FONT_COLOR=37m ++elif [[ ${1}. == "font_no_color". ]]; then ++ __FONT_COLOR=30m ++fi ++ ++if [[ ${2}. == "reset." ]]; then ++ awk 'BEGIN{printf ("\033['${__FONT_COLOR}'Resetting font color\n")}' ++ exit ++fi ++ ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033['${__FONT_COLOR}'[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033['${__FONT_COLOR}'[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033['${__FONT_COLOR}' Last TASK and fatal output:\n"); print task_line, fatal_line ++ exit 199 ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033['${__FONT_COLOR}'\n", nfail[var], nwarn[var], npass[var])} ++ if (nfail[var] != 0) exit (nfail[var]) ++ }' diff --git a/SOURCES/redhat.sap_install-1.3.5-collections-files-324bfb8bab50d2baa1c4aacdb59e4e5c9e2ba74f.patch b/SOURCES/redhat.sap_install-1.3.5-collections-files-324bfb8bab50d2baa1c4aacdb59e4e5c9e2ba74f.patch new file mode 100644 index 0000000..ec0f3c0 --- /dev/null +++ b/SOURCES/redhat.sap_install-1.3.5-collections-files-324bfb8bab50d2baa1c4aacdb59e4e5c9e2ba74f.patch @@ -0,0 +1,37585 @@ +commit 324bfb8bab50d2baa1c4aacdb59e4e5c9e2ba74f +Author: Bernd Finger +Date: Mon Feb 5 15:48:15 2024 +0100 + + version 1.3.5-rhel-package: Add collection files + + Also remove the collection tar.gz file + + Signed-off-by: Bernd Finger + +diff --git a/collections/ansible_collections/redhat/sap_install/.ansible-lint b/collections/ansible_collections/redhat/sap_install/.ansible-lint +new file mode 100644 +index 0000000..fc315df +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/.ansible-lint +@@ -0,0 +1,36 @@ ++--- ++# Collection wide lint-file ++# DO NOT CHANGE ++exclude_paths: ++ - .cache/ ++ - .github/ ++ #- docs/ ++ - changelogs/ ++ - playbooks/ ++ - roles/sap_anydb_install_oracle ++ #- roles/sap_general_preconfigure ++ #- roles/sap_ha_install_hana_hsr ++ #- roles/sap_ha_pacemaker_cluster ++ #- roles/sap_hana_install ++ #- roles/sap_hana_preconfigure ++ - roles/sap_hostagent ++ - roles/sap_hypervisor_node_preconfigure ++ #- roles/sap_install_media_detect ++ #- roles/sap_netweaver_preconfigure ++ #- roles/sap_storage_setup ++ #- roles/sap_swpm ++ - roles/sap_vm_preconfigure ++ - tests/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/.yamllint.yml b/collections/ansible_collections/redhat/sap_install/.yamllint.yml +new file mode 100644 +index 0000000..57ef427 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/.yamllint.yml +@@ -0,0 +1,21 @@ ++--- ++# Based on ansible-lint config ++extends: default ++ ++rules: ++ braces: {max-spaces-inside: 1, level: error} ++ brackets: {max-spaces-inside: 1, level: error} ++# colons: {max-spaces-after: -1, level: error} ++# commas: {max-spaces-after: -1, level: error} ++ comments: disable ++ comments-indentation: disable ++# document-start: disable ++# empty-lines: {max: 3, level: error} ++# hyphens: {level: error} ++# indentation: disable ++# key-duplicates: enable ++ line-length: disable ++# new-line-at-end-of-file: disable ++# new-lines: {type: unix} ++# trailing-spaces: disable ++ truthy: disable +diff --git a/collections/ansible_collections/redhat/sap_install/CHANGELOG.rst b/collections/ansible_collections/redhat/sap_install/CHANGELOG.rst +new file mode 100644 +index 0000000..4185e25 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/CHANGELOG.rst +@@ -0,0 +1,179 @@ ++================================ ++redhat.sap_install Release Notes ++================================ ++ ++.. contents:: Topics ++ ++ ++v1.3.5 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2024-01-31 ++| sap_hypervisor_node_preconfigure: Bug fix for role name and path for included tasks ++ ++v1.3.4 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2024-01-15 ++| collection: Feature add for CodeSpell in git repository ++| collection: Bug fix for ansible-lint of each Ansible Role within Ansible Collection ++| collection: Bug Fix for Ansible Core minimum version update to 2.12.0 for import compliance with Ansible Galaxy ++| collection: Bug Fix for Ansible CVE-2023-5764 ++| sap_general_preconfigure: Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility ++| sap_hana_preconfigure: Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune ++| sap_hana_preconfigure: Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility ++| sap_hana_preconfigure: Feature add to reduce restrictions on new OS versions which are not yet supported by SAP ++| sap_netweaver_preconfigure: Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune ++| sap_ha_pacemaker_cluster: Feature add for Virtual IP and Constraints logic with Cloud Hyperscaler vendors ++| sap_hypervisor_node_preconfigure: Feature add for preconfiguration of KubeVirt (OpenShift Virtualization) hypervisor nodes ++| sap_hypervisor_node_preconfigure: Bug fix for preconfiguration code structure of KVM (Red Hat Enterprise Virtualization) hypervisor nodes ++| sap_install_media_detect: Bug Fix for existing files ++| sap_maintain_etc_hosts: Feature add for maintaining the /etc/hosts file of an SAP software host ++| sap_swpm: Bug fix for runtime missing dependency python3-pip and advanced execution mode skipped tasks during certain installations ++| sap_swpm: Feature add for basic System Copy executions in default mode ++ ++v1.3.3 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2023-12-22 ++| collection: Make the preconfigure and sap_hana_install roles compatible with CVE-2023-5764 ++ ++v1.3.2 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2023-09-29 ++| sap_general_preconfigure: Update to latest SAP documentation for RHEL 9 package libxcrypt-compat ++| sap_general_preconfigure: Bug fix for directory creation and SELinux Labels ++| sap_ha_pacemaker_cluster: Bug fix for AWS EC2 Virtual Servers ++| sap_ha_pacemaker_cluster: Bug fix for Google Cloud Compute Engine VM netmask lock on Virtual IP ++| sap_ha_pacemaker_cluster: Feature add for improved SAP NetWeaver HA compatibility ++| sap_ha_pacemaker_cluster: Feature add for ENSA1 compatibility ++| sap_ha_pacemaker_cluster: Feature add for SAP HA Interface Cluster Connector after cluster init ++| sap_ha_pacemaker_cluster: Feature add for IBM PowerVM hypervisor ++| sap_ha_pacemaker_cluster: Feature add for multiple network interfaces with Virtual IP ++| sap_hana_install: Bug fix for SELinux disable when SLES4SAP ++| sap_install_media_detect: Feature add for NFS compatibility ++| sap_install_media_detect: Feature add for idempotency ++| sap_install_media_detect: Feature add for new file detection after code restructure ++| sap_install_media_detect: Bug fix for setting SAP Maintenance Planner Stack XML path ++| sap_storage_setup: Feature add for Multipathing detection ++| sap_storage_setup: Bug fix for NFS throttle from customer test on MS Azure ++| sap_storage_setup: Bug fix for packages on SLES and Google Cloud ++| sap_swpm: Bug fix for RDBMS var name ++| sap_swpm: Bug fix for SAP HANA Client hdbuserstore connection ++| sap_swpm: Bug fix for SAP Maintenance Planner Stack XML path ++ ++v1.3.1 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2023-08-14 ++| sap_ha_pacemaker_cluster: Improved AWS constructs based on feedback ++| sap_ha_pacemaker_cluster: Improved no STONITH resource definition handling ++| sap_hana_install: Bug fix for arg spec on deprecated vars ++| sap_hostagent: Bug fix for media handling ++| sap_install_media_detect: Improved handling based on feedback ++| sap_storage_setup: Bug fix for existing storage devices ++| sap_swpm: Make full log output optional and replace with sapcontrol log final status ++| collection: Bug fix for sample Ansible Playbooks ++ ++v1.3.0 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2023-07-21 ++| sap_general_preconfigure: Updates for new IBM Power packages with RHEL ++| sap_hana_preconfigure: Updates for new IBM Power packages with RHEL ++| sap_hana_install: Default Log Mode to normal and not Overwrite ++| sap_ha_pacemaker_cluster: Detection of and compatibility for additional Infrastructure Platforms ++| sap_ha_pacemaker_cluster: SAP NetWeaver compatibility added ++| sap_install_media_detect: Restructure and add execution controls ++| sap_storage_setup: Overhaul/Rewrite with breaking changes ++| sap_storage_setup: SAP NetWeaver and NFS compatibility added ++| sap_swpm: Minor alterations from High Availability test scenarios ++| collection: Sample Playbooks updated ++ ++v1.2.3 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2023-04-25 ++| sap_hana_preconfigure: Some modifications for HANA on RHEL 9 ++| sap_ha_pacemaker_cluster: Compatibility for custom stonith resource definitions containing more than one element ++| sap_hana_preconfigure: Be more flexible with IBM service and productivity tools ++ ++ ++v1.2.2 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2023-02-01 ++| Fix for sap_hana_preconfigure on SLES when tuned is not installed ++ ++ ++v1.2.1 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2023-01-26 ++| A few minor fixes ++ ++ ++v1.2.0 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2022-12-20 ++| Consolidate sap_ha_install_pacemaker, sap_ha_prepare_pacemaker, and sap_ha_set_hana into new sap_ha_pacemaker_cluster role ++| Use the ha_cluster Linux System Role and its enhanced features in the new role sap_ha_pacemaker_cluster ++| Improve SID and instance checking in role sap_hana_install ++| Enable modifying SELinux file labels for SAP directories ++| Upgrade SAP SWPM handling for compatibility with more scenarios when generating inifile.params ++| Add Ansible Role for basic Oracle DB installations for SAP ++| Various minor enhancements ++| Various fixes ++ ++ ++v1.1.0 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2022-06-30 ++| Add SAP HANA Two-Node Scale-Up Cluster Installation ++ ++ ++v1.0.3 ++====== ++ ++Release Summary ++--------------- ++ ++| Release Date: 2022-05-13 ++| Initial Release on Galaxy ++ +diff --git a/collections/ansible_collections/redhat/sap_install/FILES.json b/collections/ansible_collections/redhat/sap_install/FILES.json +new file mode 100644 +index 0000000..0d2f0ea +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/FILES.json +@@ -0,0 +1,4695 @@ ++{ ++ "files": [ ++ { ++ "name": ".", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "bc9042e879ea69ba10378735aa12e3dd970caae773472b43f14b6b43f9f0db6b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/files", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/files/etc", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/files/etc/tmpfiles.d", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/files/etc/tmpfiles.d/sap.conf", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "eeea9966f4cdeaa33e18e4554b362d1612620645c85c0da7b18835ebe9ffa99b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/files/etc/tmpfiles.d/sap_RedHat_9.conf", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3e4ab9bb5efd508802990eab9c1c826bda008540c117800020683cdffd0f37e6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/files/tmp", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/files/tmp/hostnamectl-fix.pp", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6be9ab8787f4bee9ca14bbbe734c4d1b486e6663a71cf1ef1e3123cc8f1b0a15", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/files/tmp/hostnamectl-fix.te", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7732497c20f49456987c1881efb65193315c88eb861a4e7e2faf86a458aa2908", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/handlers", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/handlers/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fb58ca2a70a15fee760b61d095af45e3887e53198560a887d194492484c6aebd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/meta/argument_specs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a96c5f661ded2292832456143bc3bd2013793caa5dcdcca8e5b6a2bacd7b7eb4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/meta/collection-requirements.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "610fdb5811c89f4e330b8ea3bff0ec936e69a4acba53460991d4b760f0a2c386", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "57bae4a5ae54b9efbbf5327e054614d4ff008e493fd4b672a546e41c00fba59a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/assert-configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8393b9c7a42ab6b51b6ad678ba4f5580b0c5535d933c45563fa2c74ba6481b9d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ca4b96999f69a9f34755bfa83ef5a94441be76411b567d29ef4afa761a7daf97", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f0cc89fb1f49cdba8daf950b339cd59bcb360a6a2e9c28b3035fd496f8c3a057", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6c023e5278f7840e853f7593ae65b09ec2c707adac6968acbbc296da5fd4d304", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c15fe7faca61f4fa21e7b3a3d3a6fab576945e816fde68629b1400d4de36b8dd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5459d4fc7bb58f8654572abd88e585da6e03f74e30659943ab785ef5b7ea6bf1", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c365ad92591d058535dbea910eb9b0d7ad079fa3b6d167e0cd081bc37856a536", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5c2e329b2c0de97e0434e1842f76fd93d52e31433130cc7023c9c1b71e52f667", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8f100a94812f1270f594363d77f0a1f4440715e2ec1514c5850984d19da438cd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-limits-conf-file.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8b146f9cae6c4169a831fb1c281dcdc0a64373fb28eef92698551a53232fd94b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e4118cf67cbbe3e74396c704b183ec2f543d812935989bfb1b72b88caf1d6170", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "eb305bc93f0e1d2aabc04bafc959a5bbe62ffa93d22b89b65667f4ee408fa5e2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "93136da35cd89a44abeefb9897b17fc1e4b3f632aa95dafce72307014370060c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-systemd-tmpfiles.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9093f34e311717250dfe6f037665b40669f4c4e8cb539414abe4f17fc1888d70", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "89be611051cda38d84f969b7091aaed1818e073446d7bedb6028e75f1012490b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6f2c56e88d14ad22d5258fe76b4f3028cc460441a095f68234ec0430a26fe1ed", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/check-dns-name-resolution.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c2ee0946cb377854aa1a3ff410783ba064f4562603af270acee95aeafe78c4cd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b65735c1c390d9fd5527220ad45ba95354b2db86e4263b91cd5d5d2e4de4fdcc", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5f3f5c1101673f46c83d3eb7195f4d675cded2df8e45acfe7b023b899e206cfb", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/configure-hostname.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4ea9a175bf4376d1b05b0949d7090e9cef11ef3e5819cf960a3e827a8a1dca86", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e40fadb6ef2e4a4d04ab9f1adfd4cf44e3df5d43f73f6192b59e0d0fae913e56", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/configure-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "bf20522a1b3766aa8020451a8bbe67ac93fba071d186c3adfd8bc2df786cd79a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/configure-systemd-tmpfiles.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "18dbdf05dd5d01c9b78be1dbb8332d5b7040cda442ba83178e5a65163c7b72e0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/configure-tmpfs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2980d593140cd5e8dffefe58df66a6bb7e887db29e1d31b2b891f3c7782e34eb", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/configure-uuidd.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5fdb09448015687c59229a355b790b1a827d8b75581bece8210c36091e210a67", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nofile-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "527580d05ceb42a4d050092ac01b8f57d3760cc099ed6c12932997a9fb581bba", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nproc-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1e47d9229e58cfb649e6277b9f2136fc62bebbdda17bcd9daafca7afb76cd3eb", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/RedHat/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ff87de67cd318b87c44535d04ca68cd9d9ef23149c52d3b9efb69c44c897b708", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/SLES", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/SLES/assert-configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8393b9c7a42ab6b51b6ad678ba4f5580b0c5535d933c45563fa2c74ba6481b9d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0dbaed8858d659896e431ba811f1793dd29d143cc789c12301fe8ef8c3184eb3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/SLES/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0f8032286ecad4154961372d3b2cb9e4fe9921ebe89524199be32f8332461eac", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/SLES/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6b558842f60a85221ddafaaedd4976abdf9b00fc94f2418ec70d1c2c29ba4e41", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2f5f3429d4ef1381743d1fa54b3c36ca97e5e143389e11e3e46f362baa70098b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/0941735.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9f338810c27bc74ad0acae58eb9ffd7b4152ad10e397d73ff85e96d19f9accca", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/1391070.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "429e0d9e39a5c33cd673f76bc2fc8f6cf8cdec4b5ed1b33d7b8b0b49e81af23f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/1771258.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e194b448356f4e6b858c5611bc827d67bcdceeba738e9a995f5a3cff5852b17c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7579340d38387c62a9e6c0b48cdbd330c45233d3f0d226bd2f3b28dabde3deb3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/02-assert-configuration-changes.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "061d807c47cbe983f1ab211bd6c56fa9e89f9f698a26e4445802d94597d60489", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/02-configuration-changes.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2c2f1b0283087ee922cab56073b21b808ec542209bcb56c5016f87fb0bf08536", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/03-assert-setting-the-hostname.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "653d43108798707d706ab3c483ac6b7fe68588773ac32cf8df343bd214a93482", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/03-setting-the-hostname.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1388726a8ad897c8e8d745427b3bea4b737db5d9f30878edc8083d35300f3611", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/04-assert-linux-kernel-parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ee2086ad4a060fce360006fd40148f203b59fe7df78e99de94d688322f154a15", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/04-linux-kernel-parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7e647a7c150b1cfdb30f7375afd7f0f5c19eb68032e7d059ca9c7af91dd380cc", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/05-assert-process-resource-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c97ec0f8947e01d867a80ee0ed4a465890f45db8b7a3f531af24b7a99783083b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/05-process-resource-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2729bd38444f0da9f1b597d587bd57c1e17dbcda424b335f0b62aedfd0e5d7ca", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/06-additional-notes-for-installing-sap-systems.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5837a5c5b1536403cf39e75d2a489582883a40ec51655c1b4ee2745dfec8ff22", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2002167/06-assert-additional-notes-for-installing-sap-systems.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4129d0dd16c018c7b7870c7ecb088e6d11f92e513302a8b5f711f96f354556f5", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "85afcd35b75740e4873f81fc90902a789c0f83ab0d310f5f1a1bd5690da91916", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/02-assert-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0bfad30ad66bffc501283768b7f1de8202e8cf49467e38b0c24d110be83b07a9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/02-configure-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "13308426f543c8a17f9051fb84de7765e6c7383a7c247f9b780b8f9461d40d23", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/03-assert-hostname.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6751d9e6a65baa0d58be4482b2b4bf22561387f2a0813b52d02f941a7e4301b0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/03-configure-hostname.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9db8c7a5e03e21652fb252127da40c209e4ce7a72b2804a389226d58a84e1e9a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/04-assert-network-time-and-date.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b75e832aa087d5b50f8267ae4c888254dae750c89e5eb426f4a4cad7d55f6766", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/04-configure-network-time-and-date.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "aabf45cbf6adb8263dd1954b28c804ea46b6e34258733be016acf4416c7d84aa", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/05-assert-firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f9661f60c69d748fab8a6fdf6f4cf9aa295b91b7f0cf474aa4d6ed8479031748", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/05-configure-firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b5fd949215b29a75a4548b90e0d93f5ccee4fc24d38960770af7b7dbd56753ee", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/06-assert-uuidd.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d3398fe3611a6de879b1a83c1953d0d206ac260c41db28584646b2d8bf09ae1d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/06-configure-uuidd.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "800cc356b240668681750ee6b9bfa672b4e70aa31bc19f4801ef892f4d4b1207", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/07-assert-tmpfs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d343b910db061aef1eda905b24c233df76c941977690daadf094d9dfede4d521", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/07-configure-tmpfs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "23c9b23b4901d7ca9e77c6276c0e01154ee1ccbf081d8cbbdfabd345df92c95f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/08-assert-linux-kernel-parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ff107ca430dd23f3a085215281e015baf26c2b71832a0f4e4d11af72bf6f852c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/08-configure-linux-kernel-parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f87c288ffadaa1e11e6c5a8a9418d8210a4ba8353580b37a05869e1d2ed57573", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/09-assert-process-resource-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d5391580149a1e2fc2e2dca9aaeb19fca42879978392f0261a8b650463fc6979", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/09-configure-process-resource-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "333b4762940b170248087e85277ef80f6b8aac4081ea78452582129abe6f1619", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/10-assert-systemd-tmpfiles.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "cf07fa5e8a9dd40c28b5b9ac10396b50fb6d6e526d0645245ffa36e6baa00daf", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/2772999/10-configure-systemd-tmpfiles.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8431fb3c44d71fd1d740812ccf42ee7a1908be1e20d389ea242da9fba162f3b9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "216bbe4234a4b371ba9569afb4d1eedc499942df6feb6e73a161e90f353c4f96", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/02-assert-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a8911de75fdd68af7deb687a9181d4d5321741f0c858bf48fa209025aeebf648", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/02-configure-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "dd9df1122a8367a45e7422a1d7d3a161ed4678f18c24c10b8d688adf38f20e56", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/03-assert-hostname.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2a79d621547808c1cb1758e641bb184c534e93071abf0617f256a0449f92d4dd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/03-configure-hostname.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "113bb607ba7df52a53ed8da208f52ede6abdb8e21b8b39e659e694d6174042b3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/04-assert-network-time-and-date.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5fac86371a0a6f48a15a95895f15490e776391bfa17aa64235f3a38aaabd03dd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/04-configure-network-time-and-date.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fbbe7922f416956e1372a3528e879e9789db5b472985a8dd4c9042782afed38d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/05-assert-firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a62b71e8435eda04de5c9463d7ece1f0eabd4ce26d3d674ce291461507169df7", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/05-configure-firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fdcdbc34c40b8ee4c701117159d53d282bb87e8805dbdea941365c67374f0a73", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/06-assert-uuidd.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e0092bd9981320d308b80ee90521fdea857fea24f1f0be0ca0de9e9cbfa20659", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/06-configure-uuidd.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "78c2eaf56ab10cf703de42f0b97f8ed3ec02369a798c853e9b99919ec766cd46", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/07-assert-tmpfs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fd04f944e500c9f44788bfae2e330685d431c83ea68b0e97361036cbab98f330", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/07-configure-tmpfs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "753a06eefe8c8c1cba156d994613e0468bb252e127ca60a8ba27afe29f92c37f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/08-assert-linux-kernel-parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b9cd712ddf72e06b8a8e8bfccc3cd355f115e6d980e9efb77963005d45748370", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/08-configure-linux-kernel-parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5bb18cc86a3023de2ea869b2adea5716421235e093569daeac15351ef48da202", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/09-assert-process-resource-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "50285a2224d2d25cf62ba87eb1ffc34b156732a795187d12b6cfcd7f9df0e368", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/09-configure-process-resource-limits.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ab75de13b51ca5fe8491603790b8dd405d2c1d2447322e4acadd7eb5c42f64db", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/10-assert-systemd-tmpfiles.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "61136c3b576bdc9dc6d986768db90e6a3f06d67603344ae9fbe4d53f46d67b4f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/3108316/10-configure-systemd-tmpfiles.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c7e9d7b5af9d221fe00e957324839e295de39f5b9c2694b7d326205f4d1acdff", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/assert-0941735.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2111218c1bda4816946cd550d2fad563a1b5be6fa8463eac60b610ea26733931", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/assert-1391070.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b6e89466dea8ae91c78f7b042e98361c6128b455dd1cdedc0c3b76b99b3ef252", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/assert-1771258.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "22fc050233962663f9246e1bdda78bb40b7ac6513be7615436231ec3254f5f2e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/assert-2002167.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9d61917259f447f423b66188d1da0e561d335fd40c97ef2cf0e98fb9b19326a4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/assert-2772999.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2367a910542039481efae51a987758d054c77ac7542eec8e91a53a83bcc8505a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/tasks/sapnote/assert-3108316.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e7dcd9658134a359ddd506bb2ed0b10e6feb552e5da4e44678b198bde283c153", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars/RedHat_7.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1fe4d822bb82f01423a985f7dabbfac7bcabe316f5b8e147d2117c7dbd544b94", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars/RedHat_8.0.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7e7e1383b07710c69a74156a414a2660d8c84a51bb21bcd4319d581c29b5f764", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars/RedHat_8.1.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e5a4775f94ea8be4f2a2856cc23f4d97f2783fbb6adf09d9498efd1c61167e35", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars/RedHat_8.2.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b9db3a5abe36ccba79efd68d89de40da539dac26295c43ed6676a3e644f1d0ac", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars/RedHat_8.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f27b80454498a4d95df7a6a4df0108680916cb392ac0ddf0b3b23ae9f4bc6899", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars/RedHat_9.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b3cae33158ffb8e6d90c037e7a1c5418601ac02cf7030529784c618ec00fba9c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars/SLES_15.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ce025c3a701b3aa1657a308d7fed7ce76e8fcd9bc719b7b08d5bde8a99840001", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/vars/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e71eae382a4e9515eb3c32f1e80067082e98e7c72e377b5b5b11039a5adb8bd3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3056d55af3e64516b3a73e77f7a95b37ffacbbd59ce18e67fe4d6dcee8db3d46", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_general_preconfigure/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9d154e5527d1b59ca316d6ab4a55fbf83eaab18b4aaa170a4371ed36129e02df", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c7e541593f61b570b6a57516c35f0372b6f13ae6c73b45a12a686504c0cfabd7", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/handlers", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/handlers/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "bf027c2a69f4dc58de187fbdf70d01486c7ec776643d7a986559833b39d24641", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/meta/argument_specs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "340a45df32e586546efa390fcac92a3ae646d0e5e6602a1aad1aa302dc1f92a7", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6b809da4dcfbffb7f8dca6607b7d35661d99d183dd5506df38fe790e9df793d2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/RedHat", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/RedHat/assert-configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ba657cac46c6601dad3946606c1ead0b3b61659472fc82c5c0fb0b17b89e620a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/RedHat/assert-installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f9649835851eddaa6f180166690cf17ca441935291f0255e4340c58ae0907871", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/RedHat/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a5179b482758b69725ee14e47563d2c34e3eb1a25f4adf66a490987ab0cf785a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3a1d85a1045a379658bbf0e25e51944a69054e1e9dc31383e09d16d69aec0972", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/SLES", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/SLES/assert-configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7f364eea2fc9b9a0dd50732b061b901c7e236fa09b3f730847059b1d7d875139", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7bc3f9f2f32d1c6e115d0034eb5d020331f7eb8966d5d9c08ab4d39f89cc57eb", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d484d161631500edbc2a5ce1e2f6355545b234453288ed21016918000ec27185", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "be483f7f72f1a054b938d4cb3c035731fe0f53c39169cf64eb93e47a6c7e4f46", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6fdb9e45dd1bfae4bccf825d4d7c29560256f030ea61dba7e646a15e1b136467", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/sapnote", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/sapnote/1275776", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "92f9ef9f00e294ea8c4fd690bccd1984dba02365c77c6c2984a5a2312a2e692c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9efd0fc53392d76c74958c185d530e7b1c1837d2bd9cafe304f4cb1d92dda673", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/sapnote/2526952.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7288f18f1475ff40b98923e2964fc82274c3e1dea12190185a3aa42e3edf8cfd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "793db37e29fe1d90b8d777cb26ba6dee6e34132c42c46fd90bf97f534a569971", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/sapnote/assert-2526952.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c585a77614212d0cc03a2fa2922b57e433a9c686392b29e7d5379318d9cbb142", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4090b991bed83247e429c5804567a55469b34798563e79773930cce519e229a6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/vars", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/vars/RedHat_7.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fec15579ed890e17ae12a670a07f7aeee6fe5a51803e383dea22a2b604477890", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/vars/RedHat_8.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ada30d02c737ea5f37a8adb060d716ee07bcc07516073cce84533e1f9d7b0fe9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/vars/RedHat_9.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a91538d98ce6e8623ccc646e5b021c190733ba45973117003b76cf0ca5d8d45a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/vars/SLES_15.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ef78a1b774a877a4479161248a59a21d866cc0010161c6fb864632d832abdb71", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/vars/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "14cc781aa872acf43fdba2467d2732ba0e649560d094a878c47b5ce1fe7f2e65", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "86afd13b9e577d0b345f9bb1ac6e3379218c8b244ee6dab9fd53b25bb0f93368", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_netweaver_preconfigure/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4e9b21576685f6710f6058f809eeac3125114c4c2b6344ec976167389c104098", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c65842713ac89755ff9079f5d8b8e54ab4ec3fb2bca733be7c1f95deadcf22f4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/files", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/files/etc", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/files/etc/tuned", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/files/etc/tuned/sap-hana-ppc64le", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/files/etc/tuned/sap-hana-ppc64le/tuned.conf", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8797c0caf0f17cc1cf624ace1ca695b3da172ccbbbfeef54839f6c487551bf0c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/handlers", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/handlers/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6b1a658387ecb50fef3f11dc1122e0ceb88792947606fd1a56cfe60b4740ff85", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/meta/argument_specs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "802f8e49247fb475818fe791ef0d1c0781bf477ec44ade35c00914cddc6058c9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/meta/collection-requirements.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "610fdb5811c89f4e330b8ea3bff0ec936e69a4acba53460991d4b760f0a2c386", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "dc9620b1fee06d81d71a23e7a79069ae7f8f5e40f1bbbcaad82e389c7e12163e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/assert-configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4837a642563fb6224ce32145214947da8096ac7eb5e1951246e753c17b8e7b20", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/assert-installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0e0ca44f99eb98c5ba63ef2a2c4ad24aed0ee24f51460d515c8b708ee1ad97aa", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8bf94fdeec07189307569e2aca49a85dc885e2063a1b09cbd68c1a2b97de9328", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2055470-loop-block.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "33f5031ccc3bb7049c09ebac620c60f7abe208bc89c12a13878177f61f1c9365", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2382421-loop-block.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a529145d3a81a38ef43230b9c24a797b75f729f3d43d57bda2a1e5da1674593d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2777782-01-loop-block.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8cf6fd3654c2da8741ba673377d1d5a7a580165a0891ac53be21f64b9e7b8e5d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-3024346-loop-block.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "538e23b5edaa8943a1276dea58cc15f852024c22c10e0ee4c5832b8e7b01ba0d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrt-ccpp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c1643b6dbf55d148ed8310a7f50594cf7b81f2e23df0b601bc732ffb73659adb", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrtd.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6217962b5498a1affa60ed348d6b496dc4e7bae13aa54b2970671c8fbcba7d17", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-auto-numa-balancing.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "86de247d39eb9ce5ea1412b01b826f389e2e0d0df4aa19394136d60a46ea514e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-c-states-for-lower-latency.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6c6194de24a493dde1f04721da6262e39d22148ad2511429add1b161f5760935", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-coredumps.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "122872e41bcf40dfa49bb30a9a37c92059a82d57c7d4180234589b4eb613e896", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-cpu-governor-for-performance.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f8845e22c0c30df25712b6469ef3721e0a5464081d6b668711216cda9a53023b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-epb.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a2f025ba72df14cdd53d35eef367d244f755b1fbaf1e1bf5a9fe2a4551a67eaf", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-firewalld.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "46eb5085e2cc70e375c7fc6183947a01feab7c96108e1ca2bbf8653a22142dfc", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-kdump.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "62c645c45106a66aeddfecedf344e600765b42b4993a53fe0c8964bffe275a48", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-ksm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fff5ae6cb93d1b6b17e8ca6df228e930f9e8aaa279df58fcfb8b716ecbf46040", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f1778d7a6745bda9311607cf6982ca9e6df4b70be5314ff872a90bf5dcbae6f9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-services.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1fa5a06491424ed0f6c5149d13c3944a5f3621dc0824bf304c2d2a2fcb2d6e57", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ea7b576e927b3d6c407a18d4dc630755e1e82de2c9e1c3038eb1144580925dbf", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tsx.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "aa4e15a6fb23977b29838bd66ba4b12a06e82a92809811f8da9f926861e1eff3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tuned.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "481ffd22c3a5aa103a65dfe184ff6c1260035d219127d1c1d1ea30e39162d33d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-c-states-for-lower-latency.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d2b6d9201f2626032f929435cc6b93836dfca7cc3047bb099ba1247260445656", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-cpu-governor-for-performance.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e498eb50cfb6b8f1b3a7dfec01dee8260ab074215c9f2373541e7780befaa8a5", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-epb.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ab1e7f4a4a9f47a487df137a8e5ebbfe60022ccb84391e39f1a6d0dd76264ba2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f7b7b88b2b959bd39a7647e511ef0672d26769dd06c7d5c68a891e24d75b5b8f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-tuned.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4dc773b9b5458523c4816724a0dbdda055635154bcee61d3f661a6e61e8b2ed9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrt-ccpp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ea64204563273e82188a0c830af05036543a58c4f2056b1d82ebcbd995972b6d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrtd.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b640024258b845d977299915e284f301ff5daaaa0c0af07f0d14fd797116565c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-coredumps.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "49f8bbcc1ba18ab3459a76abb26d555d27a06ed10f72960cfaf03c3217b9d9f1", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-firewalld.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7429e050573e5691f1bb22b8acf6a4d5ea6ea8b09eea5627955a9d9f5bafb167", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-kdump.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b251183df5e7707b7e1b0ecc2b33c1da4a1d01c95517a41f6e72a1715cd838b1", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-ksm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6d8570ea35085bec30487a82bf281787daa6202cf8b7a16f9c7912f152b0ca79", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-services.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4f47dfb036002c15e2b5b5f6466a0c019d38fa5a2a56d2ea9d48971c60792830", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-thp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4a80b93650fab974b4fb19abfdc1b8dbae3c9c6c274b86d24d2d98c12bc8c78a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/enable-tsx.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b038c562a4b79278aaa4c91332699716e59b1d1708fad9e27b117f3514f2bbea", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/generic/turn-off-auto-numa-balancing.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "81100938af2a276213bd2bd00841d3f0206c34edbfa139fe40244f7460cab812", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/RedHat/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a4c3398d6b63ccc02414da8d2a190c0355322da2d0a1c422da264c5a41cbc787", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/SLES", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/SLES/assert-configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "714e9c13d3ead45c6630bc0a1a6e7c0e67206dee4ee57de54553bd921f7b9213", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "30678935627af9098be5d9773bf2de7db165f097c2be92c7213f00a54d588318", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/SLES/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d658b576a4cf9552ef44c69505158566d1562a8dc724c562f6c1b7878899253f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/SLES/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "cf393706c98bae8dde294a4895903c66a88f744e4e503822e34273044c37fb6d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "10eea745ccdf589a06a59df73999bf4b725a7b0b6c6a93f328615ba2d7a4a77a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/1275776", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/1275776/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "50820d6e7729dcc59c9facb0f54cc9fac63ba004ce5f45325b3dcde918db0f5f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/1275776/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d727a0eb69c387ee9b03023c7d71c0ad215e38f9802ca55dcdbd47b096eae5c2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/1944799", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/1944799/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f52d711103d50a437830c6fbcd04fb4bab49a0f82f6d26d1c791c6e8488dd090", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/1944799/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "aef1e6669c4f0a13af799456861ac7d5014640253776ec3a4708c2bd7ec30dc2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2009879.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c349a3e576e9d2cd1cd76df99c0b8793b0307a834055bf33a3fa642145416cdb", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2009879_7.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "12f159ead6277366a7d4ad81f324bd938a5b563ddfac3ee4055d4fb3e6763e64", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8065e0d74b49fe1592c4a8104c47a6b904aa7a80d6a1d5d48e031754dd42f6c4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1220de277bffb4f33c4acdb4fcde09b3d277fa378464dd6de8f5f6cb8cb03735", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-assert-tuned.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "636b5a192373b9e29facb5fae2f9f5e715cfb489ecd1e0d88346b07ef77653e0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-configure-tuned.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "96931cae23f1ffbba2b08537d0dff1d51b81f1d68918f1eddf33380821edfdaa", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-assert-auto-numa-balancing.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c6beff90adfaa1ecd6acc7e9497fe91f69c7ac4cddba90b1ad82227a97be9c6b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-turn-off-auto-numa-balancing.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f6d4e08e36f0900244158d04ce3052c87d8abb4cc7c22b20585ffd92180dcb4b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-assert-thp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d869f782e90877da5942c31b1db153e396c0f68f24e33debb813e9c79a2daf8f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-disable-thp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "88a5c88897097d29eed32c8448a7692f796da7c252c680ed72a987d98f7950d3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-assert-c-states-for-lower-latency.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4c92f044d1b960cce9fa0bc581200f67eb754cf433500d78d0ab5139c165ab0e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-configure-c-states-for-lower-latency.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0a7a935891fd23b74dd788010deecdbf97cb174d245e3e306e6b61e1ac39590c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-assert-cpu-governor.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c5d31a5ba07feef7029089ede0b00e60cc46d7c683cc30342cd3f571aea9af44", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-configure-cpu-governor.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6eabcf92abab8414d60b0004daee4bc23c5c2f074b7a99b428eacda10cd0322a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-assert-epb.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "789dd3340a05ccda9741793bc326308c9062444de59dd11063470b071d087760", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-configure-epb.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d6ab6f67bacf9741d5fdbda8093124d62633dd5d035f8c032a6266fdf4ce092e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-assert-ksm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "79a414d8d88d8df67cbfa15446777f01055fec6c190a7968c478f53b826f4b5f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-disable-ksm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "91668a8993344eed206c8519a916ef219ff5ce99ca31d5b68bc3eaadaabcd614", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-assert-etc-sudoers.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8abd04a97014e595ed8e5b52dd2bee3b28be5fa3da574d83629f43b99af5d5a0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-check-etc-sudoers.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "98aad7e3cdb87ebc19bed8104ac50ef482c92493095d1b3f8217115b065fecf2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-assert-ibm-energyscale.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ed73c139bb9ae045f598bb07557bbc864fe6ed39edc7f9d5f1c5fc38c66d087c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-ibm-energyscale.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6a1c9aa6ba68c270dcfdb39336e01f234971a70921f33abf0297651e637b7c38", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "96f6e9d6466f7171e2d426b9273a691f9ce33df308a6669cfb8e5b6f8399275f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2578899", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2578899/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1f1c2ae1fdd05ad76f464a703ae5ccbbf83a2d5835452555aa65e24ccfdf3598", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2578899/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "76be4d5b950369e83996db050437d92948f2e159c6f73711bb29877d0fbe3193", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2684254", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e36ff75392c5f62f288bb8c41a9525cd73e4900dd8346b4ab51b0f5066dfbe60", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2684254/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "246bbc376e506540d9038e431e9c731bc9ed172e210d9c6e2cf134afcf921922", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "20a06d9c588ec763371409310c43037d28065845cec6564a9f6b11556a9e1dd0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-assert-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "bcbb22a1fed64c76bc943585e8a1f3b3c6e819dd0f91542ffdc7915b105deb6d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-configure-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "cb85515cec4859c24486f5b2387c560c216423f7003d1c9d27e71d523dccd531", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-assert-tuned.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8d8800ee99730528869aa6d2f78e1ae628a3e99dd4e352d35c0c66832ac10276", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-configure-tuned.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "206fce4da0cf224a5176593e95943fc4588b50c2c520e386d3aa9f3fab9cd545", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-assert-abrt-coredumps-kdump.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "63c821f6af89efa5e3ba502c0686667971f47a4b2cee5cfda7550258b53416f2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-disable-abrt-coredumps-kdump.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ff9ec6175da188a83dda8aa4b9e0f2ed0da3642771a75d571970c3ecabdab1ff", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-assert-auto-numa-balancing.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8e354381c0f5109194d0ff1cae6d68f3f665fa4da8996dddf5ab55bdb23c0273", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-turn-off-auto-numa-balancing.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f3c0ac076cf704e66a965e09f381fc81075bcfb54b806cd3ee1b68c62648e41a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-assert-thp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3a33aacce1a21ed9ad23241c88e65652b65556c512341043b9d689d80fb0ea1d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "bda4d7644a0580c7e8ff350210a4832d41eb8c25ea88c4922429c61272e1c5af", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-assert-c-states-for-lower-latency.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f0d94db6a68f63a0aca20a4bbb188f6cf652c45050690b4f2b1815bc8a8e18d9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-configure-c-states-for-lower-latency.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "450e3d1af379a0085a9a0d4bde7db6d1b0dd92d68db049eb6bdd8baf249c05db", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-assert-cpu-governor.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "103b35e7f6638f95763e58c7008836ff621bde2c4df815c671453bd8ad800aac", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-configure-cpu-governor.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "27f0afe696e77c514eed48515c1af47f00eb9df0b8b661176b65e2b7f90f10ee", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-assert-epb.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "03032cf5aa820dbe5b1144633d895aae1bdc287795f829909d8d62de7369bb15", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-configure-epb.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9d6965ff0a98aabe945adfd92971d2e7a57d0e50312c99996b7b2b758373d13e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-assert-ksm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5ad966abc516263d62ae2f21ef049173bf9a6590671ed37898fc5d2112a00fa6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-disable-ksm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "da00fed3133d047a9d2656c9152e097094b00263e564344d2ddf6e3caa95c80b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-assert-pidmax.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "11db98173ef560fb0d3b348470001c7900b6f697708ae6b42278688d2009353a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-increase-pidmax.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "875f6c6d1bd0510f80f919ec37851d3f4fa2112a55ba3da1ac7ec334a4f1a04d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-assert-tsx.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0c0c5ec916277c814820deff0163a05109d3f84beab43cd8ed6be52b6a87d2ea", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-enable-tsx.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "04032a75fbbd35b358ee73f9d3fbe869a931cc8925a49bc26490b8fa7da195fa", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "31c9fae090a07a4ec37a162ba157dfd0d7e2b57dc00c56a72eef7d2459ecb47f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "95fbf240034bebef2ca6cc53e620081411210dfb75d36067d6ed5f0c7e2d15b6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-assert-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e21250f7dce44c4d4ef1202e62ad854818b5be5c22701ff5847dd080ac4b83cc", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-configure-selinux.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0a79c06642bce7b427e23ea01b349d367dd57e4f5af15618c6c0a6a8e8afec83", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-assert-tuned.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c11c5d3400969fecfb6dd277607843e337da17acc231fe3ad57d08fe47d2ca95", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-configure-tuned.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ec76aa465eb82ed743e852fd0644764b9b55741e52ea5c16ae9e6ce8c268b104", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-assert-abrt-coredumps-kdump.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "99ea854cfb0d4c07b8fc0559b5f0f88fcbba0dab003f178ac149c23320a06c32", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-disable-abrt-coredumps-kdump.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4b231c5da02f363abaac1695834aa8a38a52823c0ebb66450b7569edcae16567", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-assert-auto-numa-balancing.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e710e1db7e58a289ca9830999cb5846c69eef8293a94fe9fe4250157488087ff", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-turn-off-auto-numa-balancing.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6f5380ab0fe380d64bcd612f31a6af8a858ad1a96746610e34c739d59774492c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0ec4dac4aeef79fdaafc4f97f3d0288764235431fdf9031e455d2a130d5d6983", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "90b55d8090a827f9ab6581609bc4b8902fc8d86d4ec6010914e535c89f8cc4e2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-assert-c-states-for-lower-latency.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f9da84ba4a10ace3a57e58443254de3319ffd4ef82a7614f8fa666f2d78d30d1", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-configure-c-states-for-lower-latency.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "543c68dfdaf260e05ac2d1438270517c7ee1f026801d8d2fec3a0a6851699622", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-assert-cpu-governor.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "bc63b7b1232c96e71c274e61fe76d2ce4bbc3e418ae0d726a2fa22b5b1dbad90", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-configure-cpu-governor.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ee550a4db1589a3e6c1a7ec0296247e1d28e83e4ebb5b04e15ff43c14f071be6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-assert-epb.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "54f182fa1fcc2bafdfe3fa6e7153cf69c9c439d3bfa8e9234dd9b5c96a43ee08", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-configure-epb.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ba06f28b14044ee9db51833118443baf8a04f224231a54081474564cdc0cffd3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-assert-ksm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "97a648c982b74bfdbc2a128236b96fdece5c5a1fdcb5fec4fe98c2f12f23a33f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-disable-ksm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "447bef806a56a559ea5e93a1343dc0232b1e4b92de5beae6c831c6b245e59242", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-assert-pidmax.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "78c4cfc010d445cea7a41bb8ed341c7de689d3c57a3c5dd53ef948cb0127036b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-increase-pidmax.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a468a5ba5d2daa9381f9098b0dd9a9da515a06ae788542fbd3ee5a93b1afc5e8", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-assert-tsx.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5d5f1ff9ef87a44250b3fee2ccd99f0b2a79e14fe80ec2ccd190ef489094d992", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-enable-tsx.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "665db5ec082ee1869f275b8939c86f1a34813158c3fda3a8220f950cbef519c1", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "41eba4c6bd8a81701772e3e05965660852eabd84bc641a7045994b899b034305", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879_7.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ae826fee72133d099c0ff5dde2995081683db8030445dfc965181f4df44bd1b2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/assert-2055470.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "577ee035d3a2923a71264dc93074a39fa89bf2fc639c899f11199c3a50f9e3ba", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/assert-2292690.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "76a9429c9e02a7bb70b145e78407661c99b700dc14409a5fa807c0ad8c2b1976", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/assert-2382421.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "22499eb43a70c0a21c10f324f24bfe7951e7d5e0fcd860836dd7cc216b99f1ff", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/assert-2777782.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "995db3f23357827c4233de577f6e91871946a6b7d73ca18fedb00d742a737b79", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/assert-3024346.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c603750daf60299d0fa92010702092ef26d65ddec1218fe2338f69c17671457b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fd4bc58807a3920ba60f72c566ad0a6c76643f2636fc4b3f20a1a7a9cf081530", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/vars", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/vars/RedHat_7.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1be27a87ebd63613e21f0232d81be969025a2209b75467f8c7c1f70443936baf", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/vars/RedHat_8.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ca3a7f9d8af99fee210236c29e2b8260b7a0e67294b17163f1d34008924c2037", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/vars/RedHat_9.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e84ce22b44329dfa37a6bbec27a216c236c5e664fe672591af4276bfbf02a140", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/vars/SLES_15.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "cb17768e600c06650b08a3559456ccf799a56dd8129a710e588dbfdd934154a5", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/vars/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2f5133359ecf86b23bb0b5a42096f50d9b38d06b1c42594c3d950876c4f624e3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c37a870529d20400f439aec26e929162a7d37ce0f098bf7f287717def45f89da", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_preconfigure/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e1a095708afc58272c88833fd407090983dff03e893a2f231049c0b793035366", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "150797f0634f6eb7c82ad8d32877478f096f7da61a29fea4286713111f4e5422", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/files", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/files/tmp", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/files/tmp/tail-f-hdblcm-install-trc.sh", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "46677e6e8f55f9e2ab2f7021444a0e6b15d963e93051da52cea2ba81ccc8f4ac", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/meta/argument_specs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "84673e5c588b2534449f0c3862291a40aa0f21a32594945fc868c981ac37a61e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/meta/collection-requirements.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "610fdb5811c89f4e330b8ea3bff0ec936e69a4acba53460991d4b760f0a2c386", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "281c604bcfecd68d19cf1a955e2ccf65e7ac2571856766e029dd06a78ddc9116", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/assert-addhosts-loop-block.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5b94ef3acc13d2c7586ddd84b9ed38932f3b777077560726dfdea0c63516ec10", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/hana_addhosts.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4d2163f0db2cc42d2ca2dbb8e051ac6e2bdb8b45f4204a41be7cbe97ebe7276a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/hana_exists.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f1fa9629de95aca28ebeb430b75d5a540a1dc937e3144b4550c49d4fbdc57980", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/hana_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fec7749762f7f38b274d39492010b7fd512a3fed1c5a3b7f74eba329161d2d38", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ece4edb6a376fd27700841f599a620ffbbdec18132fa853593152fdf6c9082ae", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7c334963b205d774f8567d1d54b0419aa910e90712a27096c109a13167b6eb80", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install/firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d6173b6dd7aaaad3d1b9de392a673d45471b32cd9b2f3e37c552c6edefa0aede", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install/hdbuserstore.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6fc344d5f13aefcbfd440d340a6c8b30322ee110b083899e218c72730817585b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install/license.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "73d6e7cdc97085cfba64d7f6085bb4d825522769cc247965cce12e97dc4c54fc", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install/log_mode.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "754741c024e8b4ea73d6e4203b9b3273718a49f70c7225bdf9a4b07d9a4d6193", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install/recreate_tenant_database.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "123ff8b63162678ca78d34762a46be62e5e0d8b2917d7d24a4428875d8efc01a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install/update_etchosts.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "67cd4f99c8b7a89eb9583cacd6fe8de1003a368d663d8bfa74bb11feb7ddf47c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/post_install/update_firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "12e3d29029f0263afbecffe536d37ee03dc7d0abb6ec3bdb870c26395de359a4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install-loop-block.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3b1b0d0287bc47f7a2360ec3c0d2e866e491e638378b0fc67af673c20d90efc8", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "38e1053486ae789672008410b8c12b480c16c430622b8b7a0ff83ff7f4ac2ddd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install/extract_sarfile.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f7bd04bd757e44e7c75b531d9d4e0d789185d8314a6a62af42dae1dd98371c99", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install/hdblcm_configfile.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8d7e3743be4f3db3184448bf514449fe58a74381d765fad7a5b70d9ddba8447c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install/hdblcm_prepare.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3422ac7abca19de1a1012a1d955c9e89a129419e901ff57cb9dabb7f3eaa5444", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install/prepare_sapcar.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "79a67621c73aa8d5c7ddfc9049727fd629cfc171672dc9ea7a7ccdffcea27074", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install/prepare_sarfiles.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8142a7d6580dff341549aa9becfa5204cc2a8b93f67e0f58f751fe4867391a3d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/tasks/pre_install/verify_checksum.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "066a37e14c95c547207612ea9783c13e06caef5d6ae23550e844dd1a0b58d6d0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/templates", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/templates/sap-nw-input.j2", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0645683a60c29b430dc6a7be687e25e4e2b163777dc0e90251186ee0d5442aeb", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/vars", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/vars/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2e52f2a609935be38c399ca6f651e3055f18f91fa0abf802428257791567a6f4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ba369db8672b1587e7d93c7b385a346f0cac1a8b8b2d791a2162fc44418df482", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hana_install/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a8ecc1c2998214172eeba3b4baec4573d3e0e1f235d2995dba4d0acddfdd90d3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "22d354aad5d984cc158f8664860d27c7093a0034fe6f5121894bb1df1efbfffc", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "29ead5bb4694d8c77122a499afabbff7feb93e1222c9f519c053ce5a62249b0e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/tasks/configure_hsr.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ac55cbadfdc9fc0748b96951c493ceb833fead5227c3d6ccb96ceecbf39a1762", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/tasks/hdbuserstore.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b09fb507a00f33bee8a88c1ce24b62b1e675968a15c500ab0dbed76828b79a44", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/tasks/log_mode.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "69111e820f5ee75e1070a8d56c4e3cde525bf4c9887f44cb5bcf1def4deac13d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c5b4667512abb18106084a99a16a500bd349ecdb4c7c38142d66eb4846ae821c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/tasks/pki_files.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f45092a8d67e0c978ac278aa738f6efcdf9de9ecdc168e3fc1b3b84e74c4a473", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/tasks/run_backup.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7b36cb0acedbd91d5261c8d58960eb92b4688cb71d8216a0b4aceaef83e8ebb4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/tasks/update_etchosts.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "fa0a1b9637101520a50058cc9443b5bc8badf168eff6562479d506eba6d7c376", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "46b3d7df56fcd4c8aff2cd918e99f59abcdc09d80225ac006f581e084dd92647", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_install_hana_hsr/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "738e181c141672668f2fa4c54db851e49dee882c726cdc071e1d4e063f38db66", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "88a899ff0293edba0f1c321c229058ae352367b7484926611b3035fc7d9b0572", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/handlers", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/handlers/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0267b4f8852649f65b1b7c95c0647c55effed02ea02f18182890f6458541e542", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "34785934d561594288d30d99d3d62f3f5cab5c1c89f1ae1c3d0249cec9a0fc9f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/meta/collection-requirements.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "610fdb5811c89f4e330b8ea3bff0ec936e69a4acba53460991d4b760f0a2c386", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "34e1424b81fc4b678c6745a9727f40f17fbd99a84d43f3622b489224f363f308", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c505e88b4b8f63515c0e2c78677496416f5506f02e6ebb1b22463729a4859df6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_ascs_ers_postinstallation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c05090177f68d555bbdd3a13e3d70b77961e1a645fad26c5418ff7f949894843", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3fbd27cc1ce2b82c876f46d6ec9b19c8d4cc55c096bfd0e991af44eb50fd1935", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_final_hacluster_vars.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6cc9dca0dd2044e27e2c1d03089f4978d90357cd25bb3bcf39d1c574b816143f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4c84a225458e0a8b7ec801bc3c6a7967b14adfcbc6fe2d06b67c2cbbff46a163", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_common.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "22236b43744a56ad6aaf03ba01d1c2906838f1cbc988e2ed43c8669da0d4683a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleout.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "78306bd0a62ed6e0a569b973939261e27255ab6b3d57f3c674c4b25b7dd0ece4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "019fef705a0ff4993fcd8b0aceafa125f0d0f0680e0a778acc56931a45d94d12", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_haproxy_constraints_hana.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "29ec00b9a1faa007e067e184c9ae46a008a65a0f6d7fce3415688c85838bd4d7", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "da38cfbca45d5e7239b1939fb4cf99a2a9ce54995686da9b7a076b7ed995842e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_pas_aas.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d773dffa9900655406024b9b424e76fba73773befae869aecb3f8a929b11fc58", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_common.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "56ae6a068db948165da5d86a7192c8cd2fb97c1d02bc9aae62f22f4fa25602f8", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "55c644c828d04d384c155bb10365784d3fae00c4f308b61d95e8c0b3476fbaa6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8cb5823886512a3e80bf426c4a568cd1a1435c9ae84e5a4934a37d056d08e262", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "06c8403e812178842dae4493b2bf9994ed4ec0e3a7326a183148ad7975d54aa9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_groups.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e10abce5009d30295bb57d2ed54d47e7afc1397bc5438d7ea66deff8f8a50326", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_resources_default.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "628d7a63f592059b13218228e7ae8eec6fd36cd951584993f4e2f95a6d27a3aa", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/import_hacluster_vars_from_inventory.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0522c39ec6cb5c60ae4edcb2da2d7f8a9b9a7f500f7caca24b9447e4ed179fc0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/include_construct_vip_resources.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5c5187ff3445dc90ce7b0a2ffc75549cf479c935812426748ec3b4e3f0987f55", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/include_vars_common.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d9ca303f5956d19a55cc518e76d3492cbb39e22c1284343e06a85619da8dc2d2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/include_vars_hana.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "74c592155f690d29bc4f3400f9b8980a1ced20981e02aa5cec86b0eee9d6f937", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2b571b545ce7c9be07ce39c460fe413d40f51a8d976055b1552ee2580bae52bf", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8ef1057422ce98accb027d31dc91c19f43df486b5255a546b52367414bc556c9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9319954b6324e1427d85f5bfcc00fcebe4891851ef319baa2f26c6d987468edb", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_aws_ec2_vs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "74e5d8fd0fd99ff278873cec6e1b24be40fe1b02cc631935a09c7ba5b16393f2", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_gcp_ce_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "933d4c269d0a5f4197bf836be3a9e7486ca45f767e1a15968467a8d6ed8ecc28", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_powervs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "96cd60af4a2c4f7c0259fa97cf6cbf6f1abc3ae5158c4265a82d3c9a23e23991", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_vs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0e69d13fd42a235d4202b40636db1dd13c2b6c37273f89e05d44697975589ff6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_msazure_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "081495ad15f76b56c53d06b1090362edc6d357fc2af04ad17ecf5b4bcae42df5", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_hyp_ibmpower_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8ca03c07a861edc607cbb2d1c67d0d9ce296afa1d58b1a771582c9dce6603809", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/include_vars_platform.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6ff537b0beac63a926ba67b1cc7eda390b8c79d7d75b0c3e2a52fedc4676e5b3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_aws_ec2_vs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4a1238f0925323ada8fe706bafefb79cfe5a8a7afc41c08821253543aae2c9ab", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6d69e097d0832cf5e435955232c5b4ab72cd298a036052ba5cec7e9f19f7144c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_powervs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2aed7abe962c249dd149125f4c2660e48af46a8e13ce0db18e6b8e2c80c18812", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "202b667503f058120d505b2e430537c9687742d077dbb5bca7a1d2408dbf952a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_msazure_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8f7f80010a6e8cdedf14e7c6c66194a08a984d7e60bf3647990d22e08b05425e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_powervs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0ad753a2fa96b15ed3ec341b96884dee35786e70eba0dcc08e6b2315b79e3736", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_vs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ae7c8a78570cee7311a612ef268d1ddf178e31ac2a78e53c4eae67858a07f83b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_hyp_ibmpower_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "31fd88d585526da6bb1bd4dc010292cb9fa052699424b5d1c8f5f3d9e0089b91", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/tasks/validate_input_parameters.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a63acac8e31d88d5fe7824f0c7b65ac2d6c109346f219c7d06361914f3ad44a7", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/templates", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/templates/cluster_create_config.j2", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9299888a2c8bc6c42dd33a584c306d88f71ffa7d0ff5b4a83e2707e018bd23d9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/templates/sudofile_20-saphana.j2", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "822da1f7d1ed759fa20449055a21b0faf2d9c0dbf561d17da3f6fcf21decc6e5", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/hana_scaleout_common.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a986b28bb3d7e6d5416c19d15e0d204b2a20678c403baa1749da4c443cb69609", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_common.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "be191d43899c75b30e1ae4fa3b1d9340bbec21c69835d65e234bfd3e87138286", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "79724468581f5c9d97d5a7f6ac7975673d6714abaf76c1ccf5594d9944e3988a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/nwas_abap_ascs_ers.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "77ef75c89939241ed9de3139caf98907449014c65c9cc5c498525f274e793d53", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "42baafda98059969cfe19124888b2df7d0a8c22fe20b395dadf2db30ab99407b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/platform_cloud_aws_ec2_vs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "33b4536ecce4808a557ec9f9ff846c4af74ae94caf10ed1509a57710a7bbf518", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/platform_cloud_gcp_ce_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "cb19df4d55a13102e18d1d76ef68e90bd0d8f810ce4ff24a52d3f89401f4484c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_powervs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3f52affe78f8fc3692c7f892ca42c9deff842f972cec17a7caecf4e26b205c17", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_vs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a496d6b7a0e26f3fc8f255fa1857cea4b644ca725b4c6515fc1141e5d77eb94f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/platform_cloud_msazure_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a09eea1b1c76b5a226ecc0684f6f168ace68d4e99a99bb95eb3d7439118ab616", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/platform_hyp_ibmpower_vm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a9d093f6e6b5554a2b7420cd669becf27332a4039c19878fbd3f80d654fd05e9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/redhat.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "17e873ad111b5c8a8eaeaa61174df64c276b6cf71462a9ece5a992ce62822fd5", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/vars/suse.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e11751824df3b7cbb4a61e3a85e95affd55c0cd41b472c2809e6a60ceb18345b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8a5ac0a9739af21c0fa798e1839c904b2600193890cbabde0c0a861f013a4f57", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_ha_pacemaker_cluster/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "cbee1ffdcfca23e09738f402cac631218f7abde4f3f2bc1f86aa172f0ccbf74c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a2bef663ebd34d4414bbafaa6507291290c5d42485a0cf3139806c84d5b7a31f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/meta/collection-requirements.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5b6334d41adbadb370270c0a078a6b5cd41b8f35cc6435b09829f82043a5002a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4f53af96b9f43c9e097d996daa550b5a6880db1056d4468c637500945686465b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "96fb9d7d826e1f54795ce1db7f6681e1a453ce2c0e65c9f1c303eea968f0b323", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/post_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d1f80bd03442a5b86eafaf6b0484fe9f8da42ceb98cb78f1afc38383200922e8", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/post_install", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/post_install/firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7a49ae8f9670364bd665a81d5cf5cad5ae2a0526971af290ca47e590edde3802", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/post_install/update_firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "828bec71e93c78e29c1f1508d1d1919838c5f285fc62b7b08e186f458c5ee983", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f6f89123f1de9839f5b38e43033488e9a631f0c855861e1be18ed9dcc59d7e7c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/create_os_user.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5929507d7fcc5e556b13c4b5ea5d5b2a224bf98a2b4c530c6c6ef2f8d7105ba1", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0ebe544ab11c5f77248c504d7639e6a505b33757bef30a94b626bed9817ca074", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/install_type.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "01c437b686ecbe791045b87fdc8bfc0a3013f912817d60382e4f4bc111577a10", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/install_type", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/install_type/general_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "882fcb0993b8ee06a0e9e6ff8ad65b7fe6bf0266ae9e7400a6f67ca6b17621f8", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/install_type/ha_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8182670f3af6a2bf350b3d5ea6f7f11f2428c8cc3b54fe6c8f01cd1fd3b68c01", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/install_type/ha_maint_plan_stack_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "46f5c59a94e84d89d68712a41d6cdffeb89df81684056f561fd6862eecac655b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2de84f82e8efb10893736ca5df859e098fedd04dc4efc3d3e55b12744675cc38", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/install_type/restore_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "bbab959d5563ca3a4e0d768545c89877703e922fd8924add67a34ef213fec9be", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/password_facts.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "87b049c480455f6f27dc652196151154de93ec2e3529891563428d3c4b615443", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/update_etchosts.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1fc819a57cf3ce68d7b068d7eb48c9c8ae6b279f6bd1a9e749ca7d3022620639", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/pre_install/update_firewall.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "828bec71e93c78e29c1f1508d1d1919838c5f285fc62b7b08e186f458c5ee983", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7503a6a47b5845d89e1847c2d77771e2ad8722a5279cc4991734f89deb026d61", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm/detect_variables.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4a8394333332e6abe9c3f1053a88bcfc054f7462bdb4d4e9906ed6f4bd04bfb1", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm/prepare_software.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "822c41d13c4fc09bb18cbfc1f0afd2763a791ee992888bdd614981f04f86807e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d104a71afb1690528baecd6f11293a08d93a01e75444a3455beb6b58706c184b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5b97d018e20ae2f8d479fc1d5866955e2a639e21324abacbcd34503fc3ab1a4a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "be2010f82a99225b3bdba348365ead6a4bcb01e8584570f2b16b4a7a5e950f9b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e5b3442f8ac9b07d9ecc6d14dbd6803b8c105f7bca05bdd2526befab72059d86", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "de49b0170a6072b3461337ab3429b56433d443b72e10115722db0ce532597c54", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/tasks/swpm/swpm_pre_install.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c34eff411adfb9cfef3c16dcf3f8eac06037629b15fd1594d04551128c8f26ac", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/templates", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/templates/configfile.j2", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b2f223cd30f96d3e8c7274c1353c51b78d97f75638588a4e701cbcca7cf7d625", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c37840bd68b042e740d1ff2959a786b882d30ce36046991dec381b3cea0188e3", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_swpm/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ab72e28de8b15ae5a3e9042ad459be4e309fd48ff5eae74911f4e58e3c1786fc", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3fa20418da1f1d15c75c500f4ec1c5528005d9452a3b98d6cdcf45c50df96831", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/files", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/files/platform", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/files/platform/ibmpower_phyp", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/files/platform/ibmpower_phyp/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/files/platform/redhat_ocp_virt", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/files/platform/redhat_ocp_virt/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/files/platform/vmware_vsphere", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/files/platform/vmware_vsphere/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6548668d3d66c4e03510fdf55ec995fbfa6ab96a98869b60f952e59f0e757dbd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform/ibmpower_phyp", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform/ibmpower_phyp/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_ocp_virt", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_ocp_virt/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_rhel_kvm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_rhel_kvm/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "23cd912348d1312a3d93b27df4f313b26d3f7c104edd3c29021e54773ccf3485", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform/vmware_vsphere", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/handlers/platform/vmware_vsphere/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1646e23e205e22666899469a63e932b46a714a2a0d6ceca5aac09116678b829b", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b23f4cd060eb53579e0ca8220be5f5c617840295d13f3bc2d3f38bce64c961f9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/ibmpower_phyp", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/ibmpower_phyp/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/99-kargs-worker.yml.j2", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "35cb139d9454e702d3782a3f96c8bab38142de8c8b55b1ac403642f007fae302", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/configure-worker-node.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6047929e110f7f33d4c1df95d9e73d465041bf033a3fd6a732db596fd359b8c0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/create-sap-bridge.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "acacba137dde9494e9b3c08e38b4c518a557c5c1b5ec2dd3587483d77ba00e3e", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-cnv-operator.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "83506be8a4914809e0705f88ba6cfe165595996269ea561c148923c9a1f0db8a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-hpp.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0786ee7155752e99e49cf52698123f03dab3f0e0d485b7c313084108806af11a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-nmstate-operator.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0abb12d1b4d901a661e2486e181be27dcbb18008829699c5eacc8df8f68a8133", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-sriov-operator.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ea236d410a46d7431df4385c0ad7581a1b49611dc67152e679b89c5f0c2b3c3d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-trident.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3a814f07e0b3acbc247c9813e759670589e60e96ea49e51bb486def5e6a93f00", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-virtctl.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e2588bf9f1605740efa0758b738f5a85702a1e84e8ddf43f82dbe5efac57de20", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/kargs.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "7b1596d5e62df8706aa5e43aaeeec0c861494490c4467f606ddec094e3b50c0c", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/label-worker-invtsc.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b9f9a3d42187d309d713de46e9e59e66689689faaa0226e03a67c71aa54328c8", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9c1ec186c2f4b36ee865d74cdd62f5a34e7078f031938e3611be1129b45a82ce", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/node-network.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "1c7cbb861ed6323a8e11987a6821fb390a79ad94dbf36288e675a1ab3935cc57", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/prepare.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c44752de4a5f8f2b588bb99f09d35e56121f1065df1635b976ab1a35fdf655a0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/setup-worker-nodes.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d97768554d9fa2e0c37b713c805ee18e6464a66ab8a332373d68b954b3badbcd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/sriov-enabled-unsupported-nics.sh", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "47f353e04708124d706b1e5b20490f41605dc442482801a233ff740d877626a4", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/trident-backend.json.j2", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3127953115fdffdb9c3a115d07f0f312a6ba5f969a362a6859959935bedf3f2a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/tuned-virtual-host.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "dd091cf44bb0ded54ca942a90f7b6ee3a4166c5bb62503e1f4b3f9f92b381b3a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/50_hana", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "429f9e20392fddbbe57c93c034f88e7080126481a7bd9cef071324c62b85c2dd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/50_iothread_pinning", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e16e5f10b0899df7df43216e4335e5a23c552af19d8e3e099016227bc0a88245", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/allocate-hugepages-at-runtime.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c2d94845dc5b26f84a627a4888ea9c701521bd9e9259ac2ee13d1e62088e2c8a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "a921f03e86b273b6bf820f1030ff91df8a829e0af4b5fd1c11abcac1d9ee8ccc", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "907ecea19764965765eeaff5187721da1b8b375e8aaff9248a647ffa86c8ad57", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-rhv-hooks.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "450e2a6a5d94e311b88cc853ad93e69198edbe3d32285745d9de3379201b0db9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-set-tuned-profile.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "b3dc6cdf240d99555f67657055623928fbad4e7157b57da2c20775748783d128", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/configuration.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "23be24433334e8358cee447d89b6e6cd4a17788a88c30585604fe46829896377", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/installation.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "9be2a9a495d330e06bda6b9c8e09964b0f9167b1e9d6ab17c4cfb8b198859d5f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6495d242cb5bdd115c61b59eb3ac66ae31cdc961cb3e17e6c1b214a517aa8e7d", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/rhv-hooks.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5008d946ca5464b45347bd51c16f53e0fec1ec3f4267277f9d227061f65fe63f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/set-tuned-profile.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "92a585fbdb45544b596469af542eceb0d56de9373eada4f021a7f37378303cf0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/vmware_vsphere", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/tasks/platform/vmware_vsphere/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/vars", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/vars/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f52d711103d50a437830c6fbcd04fb4bab49a0f82f6d26d1c791c6e8488dd090", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_ocp_virt.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "d93f2e229bf2223dacc857ee0f00b42d7cf1bfd3f14b312d082e7ebad50b36d0", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_rhel_kvm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8e06b6bbaa54f2c4bf039a33a8a32331a10d52badf852bfd7e74c3a00930eb29", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0766852bb80afda2ce8dabc700f892caaebd987fa4f053e5cfcab77b25fa879f", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_hypervisor_node_preconfigure/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "048a2f44a334c6cc54def1130623f45b173ee0e3031355025b5697494a63c4c9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/defaults", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/defaults/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c18914b848cf833d104087f9b8ff4b5656d697e53ca1d17d6de64f2ca63f63f9", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_aliyun_ecs_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_aliyun_ecs_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_aws_ec2_vs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_aws_ec2_vs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_gcp_ce_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_gcp_ce_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_ibmcloud_powervs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_ibmcloud_powervs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_ibmcloud_vs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_ibmcloud_vs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_msazure_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/cloud_msazure_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/ibmpower_lpar", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/ibmpower_lpar/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_ocp_virt_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_ocp_virt_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest/haltpoll.sh", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "6bf9df0f97b282873b479733c936cd479f9f7f17b52a3f224c35189a466b0a18", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest/tuned.conf", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "47e69f4cb1ca0c449c73638e6734daa19d864760e34f3d9d1ab58d4dce81eec5", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana/tuned.conf", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c53e0588677342a9628ae05ca8d1c10acdb59e478c376790ba1667950af22f83", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/vmware_vsphere_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/files/platform/vmware_vsphere_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "2e41c2cd234719142a873d1f9dd9c5eb9793f66867a89784d6388ad10b466793", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_aliyun_ecs_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_aliyun_ecs_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_aws_ec2_vs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_aws_ec2_vs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_gcp_ce_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_gcp_ce_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_ibmcloud_powervs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_ibmcloud_powervs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_ibmcloud_vs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_ibmcloud_vs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_msazure_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/cloud_msazure_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/ibmpower_lpar", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/ibmpower_lpar/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/redhat_ocp_virt_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/redhat_ocp_virt_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/redhat_rhel_kvm_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/redhat_rhel_kvm_vm/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4fd83bf8f3e16d1c5e5cd77aa76a4d1f9db07878db428277256c632290a393c6", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/vmware_vsphere_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/handlers/platform/vmware_vsphere_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/meta/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "25ec16be002d023b0afd244798638958683e7d3429c3603a46a8d319e60c7e24", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/detect_platform", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/detect_platform/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "afb5da4ee75c8622e6cdd558425c38b7f8f0451a79780467908a391b046db290", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "af656c0d296a0351baf8cc84f334109e0cdf14ad044302ccdc1429c96c09ef8a", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_aliyun_ecs_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_aliyun_ecs_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_aws_ec2_vs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_aws_ec2_vs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_gcp_ce_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_gcp_ce_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_ibmcloud_powervs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_ibmcloud_powervs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_ibmcloud_vs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_ibmcloud_vs/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_msazure_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/cloud_msazure_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_ibmpower_lpar", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_ibmpower_lpar/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_ocp_virt_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_ocp_virt_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/assert-set-tuned-profile.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ef38781c4c2d42a24ca5df92e15e6d0299e4f1f9e28d972546b935330069e617", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "88464659a6eedd2227ed8e2eb576140c1a0dc124ab13c3b6b435458304e73f72", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/set-tuned-profile.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "360a1777887ed89298723d2586febf99bb0623391886c28da551a8f5493e8bca", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_vmware_vsphere_vm", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/tasks/platform/hyp_vmware_vsphere_vm/.gitkeep", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/vars", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/vars/main.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f52d711103d50a437830c6fbcd04fb4bab49a0f82f6d26d1c791c6e8488dd090", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/vars/platform_defaults_redhat_rhel_kvm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "f3141c7c13561d51befe0555ab2784330f6a46998c354ba0121a0c4b7754d084", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "42311386db52c58da5ef791cf360a6e59d18f7e76f168a0443d10fad2a12aabd", ++ "format": 1 ++ }, ++ { ++ "name": "roles/sap_vm_preconfigure/.ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "643005705319a2ea2253df4d73c142691ae15bb8018cfc07b19ae095264c4f78", ++ "format": 1 ++ }, ++ { ++ "name": "README.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4dc116287a91036c56e0a1c05d8aea3fabf4a777abd73b93d071e6d20b0fc231", ++ "format": 1 ++ }, ++ { ++ "name": "tools", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "tools/beautify-assert-output.sh", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "5837217b260d32162eedb46ca962ced7b09885cb1e2d65b3bf182256a5a8694e", ++ "format": 1 ++ }, ++ { ++ "name": "meta", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "meta/runtime.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "4833e2900333e7a035d7e0f63f6d55777c2697476ee0a2f9bfcf250167c7571d", ++ "format": 1 ++ }, ++ { ++ "name": "docs", ++ "ftype": "dir", ++ "chksum_type": null, ++ "chksum_sha256": null, ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_general_preconfigure.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "3056d55af3e64516b3a73e77f7a95b37ffacbbd59ce18e67fe4d6dcee8db3d46", ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_netweaver_preconfigure.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "86afd13b9e577d0b345f9bb1ac6e3379218c8b244ee6dab9fd53b25bb0f93368", ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_hana_preconfigure.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c37a870529d20400f439aec26e929162a7d37ce0f098bf7f287717def45f89da", ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_hana_install.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "ba369db8672b1587e7d93c7b385a346f0cac1a8b8b2d791a2162fc44418df482", ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_ha_install_hana_hsr.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "46b3d7df56fcd4c8aff2cd918e99f59abcdc09d80225ac006f581e084dd92647", ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_ha_pacemaker_cluster.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "8a5ac0a9739af21c0fa798e1839c904b2600193890cbabde0c0a861f013a4f57", ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_swpm.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c37840bd68b042e740d1ff2959a786b882d30ce36046991dec381b3cea0188e3", ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_hypervisor_node_preconfigure.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0766852bb80afda2ce8dabc700f892caaebd987fa4f053e5cfcab77b25fa879f", ++ "format": 1 ++ }, ++ { ++ "name": "docs/README_sap_vm_preconfigure.md", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "42311386db52c58da5ef791cf360a6e59d18f7e76f168a0443d10fad2a12aabd", ++ "format": 1 ++ }, ++ { ++ "name": "requirements-sap_swpm.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c21704059069b661602183a76facc9b89d8ce762347d70a2814c1115309d2706", ++ "format": 1 ++ }, ++ { ++ "name": ".ansible-lint", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "e7c54d2713dff6625c16c9c4054c34b6951302bcc80fd224d7c6eeacd7989e35", ++ "format": 1 ++ }, ++ { ++ "name": ".yamllint.yml", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "472c1f78b944dd89a218a05882b9e6e6f7a0b468680648ea16aec26024d698b9", ++ "format": 1 ++ }, ++ { ++ "name": "LICENSE", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4", ++ "format": 1 ++ }, ++ { ++ "name": "CHANGELOG.rst", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "de5e20b4062762cbcdc112589404d19cda90c3131e3cc0fb778ef0c388944b97", ++ "format": 1 ++ } ++ ], ++ "format": 1 ++} +\ No newline at end of file +diff --git a/collections/ansible_collections/redhat/sap_install/LICENSE b/collections/ansible_collections/redhat/sap_install/LICENSE +new file mode 100644 +index 0000000..261eeb9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/LICENSE +@@ -0,0 +1,201 @@ ++ Apache License ++ Version 2.0, January 2004 ++ http://www.apache.org/licenses/ ++ ++ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION ++ ++ 1. Definitions. ++ ++ "License" shall mean the terms and conditions for use, reproduction, ++ and distribution as defined by Sections 1 through 9 of this document. ++ ++ "Licensor" shall mean the copyright owner or entity authorized by ++ the copyright owner that is granting the License. ++ ++ "Legal Entity" shall mean the union of the acting entity and all ++ other entities that control, are controlled by, or are under common ++ control with that entity. For the purposes of this definition, ++ "control" means (i) the power, direct or indirect, to cause the ++ direction or management of such entity, whether by contract or ++ otherwise, or (ii) ownership of fifty percent (50%) or more of the ++ outstanding shares, or (iii) beneficial ownership of such entity. ++ ++ "You" (or "Your") shall mean an individual or Legal Entity ++ exercising permissions granted by this License. ++ ++ "Source" form shall mean the preferred form for making modifications, ++ including but not limited to software source code, documentation ++ source, and configuration files. ++ ++ "Object" form shall mean any form resulting from mechanical ++ transformation or translation of a Source form, including but ++ not limited to compiled object code, generated documentation, ++ and conversions to other media types. ++ ++ "Work" shall mean the work of authorship, whether in Source or ++ Object form, made available under the License, as indicated by a ++ copyright notice that is included in or attached to the work ++ (an example is provided in the Appendix below). ++ ++ "Derivative Works" shall mean any work, whether in Source or Object ++ form, that is based on (or derived from) the Work and for which the ++ editorial revisions, annotations, elaborations, or other modifications ++ represent, as a whole, an original work of authorship. For the purposes ++ of this License, Derivative Works shall not include works that remain ++ separable from, or merely link (or bind by name) to the interfaces of, ++ the Work and Derivative Works thereof. ++ ++ "Contribution" shall mean any work of authorship, including ++ the original version of the Work and any modifications or additions ++ to that Work or Derivative Works thereof, that is intentionally ++ submitted to Licensor for inclusion in the Work by the copyright owner ++ or by an individual or Legal Entity authorized to submit on behalf of ++ the copyright owner. For the purposes of this definition, "submitted" ++ means any form of electronic, verbal, or written communication sent ++ to the Licensor or its representatives, including but not limited to ++ communication on electronic mailing lists, source code control systems, ++ and issue tracking systems that are managed by, or on behalf of, the ++ Licensor for the purpose of discussing and improving the Work, but ++ excluding communication that is conspicuously marked or otherwise ++ designated in writing by the copyright owner as "Not a Contribution." ++ ++ "Contributor" shall mean Licensor and any individual or Legal Entity ++ on behalf of whom a Contribution has been received by Licensor and ++ subsequently incorporated within the Work. ++ ++ 2. Grant of Copyright License. Subject to the terms and conditions of ++ this License, each Contributor hereby grants to You a perpetual, ++ worldwide, non-exclusive, no-charge, royalty-free, irrevocable ++ copyright license to reproduce, prepare Derivative Works of, ++ publicly display, publicly perform, sublicense, and distribute the ++ Work and such Derivative Works in Source or Object form. ++ ++ 3. Grant of Patent License. Subject to the terms and conditions of ++ this License, each Contributor hereby grants to You a perpetual, ++ worldwide, non-exclusive, no-charge, royalty-free, irrevocable ++ (except as stated in this section) patent license to make, have made, ++ use, offer to sell, sell, import, and otherwise transfer the Work, ++ where such license applies only to those patent claims licensable ++ by such Contributor that are necessarily infringed by their ++ Contribution(s) alone or by combination of their Contribution(s) ++ with the Work to which such Contribution(s) was submitted. If You ++ institute patent litigation against any entity (including a ++ cross-claim or counterclaim in a lawsuit) alleging that the Work ++ or a Contribution incorporated within the Work constitutes direct ++ or contributory patent infringement, then any patent licenses ++ granted to You under this License for that Work shall terminate ++ as of the date such litigation is filed. ++ ++ 4. Redistribution. You may reproduce and distribute copies of the ++ Work or Derivative Works thereof in any medium, with or without ++ modifications, and in Source or Object form, provided that You ++ meet the following conditions: ++ ++ (a) You must give any other recipients of the Work or ++ Derivative Works a copy of this License; and ++ ++ (b) You must cause any modified files to carry prominent notices ++ stating that You changed the files; and ++ ++ (c) You must retain, in the Source form of any Derivative Works ++ that You distribute, all copyright, patent, trademark, and ++ attribution notices from the Source form of the Work, ++ excluding those notices that do not pertain to any part of ++ the Derivative Works; and ++ ++ (d) If the Work includes a "NOTICE" text file as part of its ++ distribution, then any Derivative Works that You distribute must ++ include a readable copy of the attribution notices contained ++ within such NOTICE file, excluding those notices that do not ++ pertain to any part of the Derivative Works, in at least one ++ of the following places: within a NOTICE text file distributed ++ as part of the Derivative Works; within the Source form or ++ documentation, if provided along with the Derivative Works; or, ++ within a display generated by the Derivative Works, if and ++ wherever such third-party notices normally appear. The contents ++ of the NOTICE file are for informational purposes only and ++ do not modify the License. You may add Your own attribution ++ notices within Derivative Works that You distribute, alongside ++ or as an addendum to the NOTICE text from the Work, provided ++ that such additional attribution notices cannot be construed ++ as modifying the License. ++ ++ You may add Your own copyright statement to Your modifications and ++ may provide additional or different license terms and conditions ++ for use, reproduction, or distribution of Your modifications, or ++ for any such Derivative Works as a whole, provided Your use, ++ reproduction, and distribution of the Work otherwise complies with ++ the conditions stated in this License. ++ ++ 5. Submission of Contributions. Unless You explicitly state otherwise, ++ any Contribution intentionally submitted for inclusion in the Work ++ by You to the Licensor shall be under the terms and conditions of ++ this License, without any additional terms or conditions. ++ Notwithstanding the above, nothing herein shall supersede or modify ++ the terms of any separate license agreement you may have executed ++ with Licensor regarding such Contributions. ++ ++ 6. Trademarks. This License does not grant permission to use the trade ++ names, trademarks, service marks, or product names of the Licensor, ++ except as required for reasonable and customary use in describing the ++ origin of the Work and reproducing the content of the NOTICE file. ++ ++ 7. Disclaimer of Warranty. Unless required by applicable law or ++ agreed to in writing, Licensor provides the Work (and each ++ Contributor provides its Contributions) on an "AS IS" BASIS, ++ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or ++ implied, including, without limitation, any warranties or conditions ++ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A ++ PARTICULAR PURPOSE. You are solely responsible for determining the ++ appropriateness of using or redistributing the Work and assume any ++ risks associated with Your exercise of permissions under this License. ++ ++ 8. Limitation of Liability. In no event and under no legal theory, ++ whether in tort (including negligence), contract, or otherwise, ++ unless required by applicable law (such as deliberate and grossly ++ negligent acts) or agreed to in writing, shall any Contributor be ++ liable to You for damages, including any direct, indirect, special, ++ incidental, or consequential damages of any character arising as a ++ result of this License or out of the use or inability to use the ++ Work (including but not limited to damages for loss of goodwill, ++ work stoppage, computer failure or malfunction, or any and all ++ other commercial damages or losses), even if such Contributor ++ has been advised of the possibility of such damages. ++ ++ 9. Accepting Warranty or Additional Liability. While redistributing ++ the Work or Derivative Works thereof, You may choose to offer, ++ and charge a fee for, acceptance of support, warranty, indemnity, ++ or other liability obligations and/or rights consistent with this ++ License. However, in accepting such obligations, You may act only ++ on Your own behalf and on Your sole responsibility, not on behalf ++ of any other Contributor, and only if You agree to indemnify, ++ defend, and hold each Contributor harmless for any liability ++ incurred by, or claims asserted against, such Contributor by reason ++ of your accepting any such warranty or additional liability. ++ ++ END OF TERMS AND CONDITIONS ++ ++ APPENDIX: How to apply the Apache License to your work. ++ ++ To apply the Apache License to your work, attach the following ++ boilerplate notice, with the fields enclosed by brackets "[]" ++ replaced with your own identifying information. (Don't include ++ the brackets!) The text should be enclosed in the appropriate ++ comment syntax for the file format. We also recommend that a ++ file or class name and description of purpose be included on the ++ same "printed page" as the copyright notice for easier ++ identification within third-party archives. ++ ++ Copyright [yyyy] [name of copyright owner] ++ ++ Licensed under the Apache License, Version 2.0 (the "License"); ++ you may not use this file except in compliance with the License. ++ You may obtain a copy of the License at ++ ++ http://www.apache.org/licenses/LICENSE-2.0 ++ ++ Unless required by applicable law or agreed to in writing, software ++ distributed under the License is distributed on an "AS IS" BASIS, ++ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ See the License for the specific language governing permissions and ++ limitations under the License. +diff --git a/collections/ansible_collections/redhat/sap_install/MANIFEST.json b/collections/ansible_collections/redhat/sap_install/MANIFEST.json +new file mode 100644 +index 0000000..a9f6687 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/MANIFEST.json +@@ -0,0 +1,41 @@ ++{ ++ "collection_info": { ++ "namespace": "redhat", ++ "name": "sap_install", ++ "version": "1.3.5", ++ "authors": [ ++ "Bernd Finger ", ++ "Sean Freeman ", ++ "Rainer Leber ", ++ "Markus Koch ", ++ "Markus Moster ", ++ "Janine Fuchs ", ++ "Steven Stringer ", ++ "Marcel Mamula " ++ ], ++ "readme": "README.md", ++ "tags": [ ++ "database", ++ "application", ++ "sap" ++ ], ++ "description": "Collection of Ansible Roles for SAP software installation in various deployment configurations", ++ "license": [], ++ "license_file": "LICENSE", ++ "dependencies": { ++ "fedora.linux_system_roles": ">=1.13.0" ++ }, ++ "repository": "https://github.com/sap-linuxlab/community.sap_install", ++ "documentation": "https://github.com/sap-linuxlab/sap-linuxlab.github.io/blob/master/README.md", ++ "homepage": "https://sap-linuxlab.github.io", ++ "issues": "https://github.com/sap-linuxlab/community.sap_install/issues" ++ }, ++ "file_manifest_file": { ++ "name": "FILES.json", ++ "ftype": "file", ++ "chksum_type": "sha256", ++ "chksum_sha256": "0ee93261af1e914319c20155f40bc84ec223e43a0bf985dd09f7e5eac8d85851", ++ "format": 1 ++ }, ++ "format": 1 ++} +\ No newline at end of file +diff --git a/collections/ansible_collections/redhat/sap_install/README.md b/collections/ansible_collections/redhat/sap_install/README.md +new file mode 100644 +index 0000000..65cea1a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/README.md +@@ -0,0 +1,60 @@ ++# redhat.sap_install Ansible Collection ++ ++![Ansible Lint](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint.yml/badge.svg?branch=main) ++ ++This Ansible Collection executes various SAP Software installations and configuration tasks for running various SAP solutions and deployment scenarios on Linux operating systems (RHEL or SLES). ++ ++This includes handlers for SAP HANA database lifecycle manager (HDBLCM) and SAP Software Provisioning Manager (SWPM), and can be combined with other Ansible Collections to provide end-to-end automation _(e.g. provision, download, install, operations)_. ++ ++ ++**Please read the [full documentation](/docs#readme) for how-to guidance, requirements, and all other details. Summary documentation is below:** ++ ++## Functionality ++ ++This Ansible Collection contains roles for: ++ - **Preparing RHEL 7.9, RHEL 8, and RHEL 9 systems for the installation of SAP HANA and NetWeaver software** ++ ++ *NOTE*: The preconfigure roles in this version of the collection redhat.sap_install also contain code for configuring non-RHEL managed nodes. Only the configuration of RHEL managed nodes is supported by Red Hat. ++ ++ - **Installing SAP HANA standalone and scale-out, in a non clustered and clustered environment** ++ ++ - **Installing SAP software via the SAP Software Provisioning Manager (SWPM)** ++ ++ *NOTE*: This version of the collection redhat.sap_install contains the role `sap_swpm` with a support scope of *Technology Preview* ++ for the following deployment scenarios: ++ S/4HANA 2021 and S/4HANA 2022 single-host installation on RHEL 8.4, 8.6, 8.8, 9.0, 9.2 x86_64 and ppc64le. Only the `default` mode of the role `sap_swpm` is supported. All other functionality of this role is currently not supported by Red Hat. ++ ++ - **Configuring a hypervisor running VMs for SAP HANA** ++ ++ - **Configuring settings for a guest (VM) running on RHV/KVM for SAP HANA** ++ ++## Contents ++ ++Within this Ansible Collection, there are various Ansible Roles and no custom Ansible Modules. ++ ++### Ansible Roles ++ ++| Name | Summary | Support Status | ++| :--- | :--- | :--- | ++| [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) | configure general OS settings for SAP software | Fully supported for RHEL managed nodes | ++| [sap_ha_install_hana_hsr](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_install_hana_hsr) | install SAP HANA System Replication | Technology Preview | ++| [sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_ha_pacemaker_cluster) | install and configure pacemaker and SAP resources | Technology Preview | ++| [sap_hana_install](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_install) | install SAP HANA via HDBLCM | Fully supported | ++| [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) | configure settings for SAP HANA database server | Fully supported for RHEL managed nodes | ++| [sap_hypervisor_node_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hypervisor_node_preconfigure) | configure a hypervisor running VMs for SAP HANA | Technology Preview | ++| [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) | configure settings for SAP NetWeaver application server | Fully supported for RHEL managed nodes | ++| [sap_swpm](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_swpm) | install SAP Software via SWPM | Technology Preview for certain deployment scenarios only | ++| [sap_vm_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_vm_preconfigure) | configure settings for a guest (VM) running on RHV/KVM for SAP HANA | Technology Preview | ++ ++**_Notes_**: ++ ++In general the "preconfigure" roles are prerequisites for the corresponding installation roles. ++The logic has been separated to support a flexible execution of the different steps. ++ ++## License ++ ++- [Apache 2.0](./LICENSE) ++ ++## Contributors ++ ++Contributors to the Ansible Roles within this Ansible Collection are shown in the README.md file of each role. +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_general_preconfigure.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_general_preconfigure.md +new file mode 100644 +index 0000000..e6d80ae +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_general_preconfigure.md +@@ -0,0 +1,407 @@ ++# sap_general_preconfigure Ansible Role ++ ++This role installs required packages and performs configuration steps which are required for installing and running SAP NetWeaver or SAP HANA. Specific installation and configuration steps on top of these basic steps are performed with roles sap-netweaver-preconfigure and sap-hana-preconfigure. Future implementations may reduce the scope of this role, for example if certain installation or configuration steps are done in the more specific roles. ++ ++For SLES systems, this role may not be necessary. The majority of SAP preparation and tuning is covered by `saptune` which is configured in the `sap_hana_preconfigure` and `sap_netweaver_preconfigure` roles. ++ ++## Support Status ++ ++The support status of this role is: "Fully supported for RHEL managed nodes" ++ ++## Requirements ++ ++The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, ++make sure that the required collections are installed, for example by using the following command: ++ ++`ansible-galaxy install -vv -r meta/collection-requirements.yml` ++ ++To use this role, your system needs to be installed according to: ++- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section "Installing Red Hat Enterprise Linux 7" ++- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 8". ++- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 9". ++ ++Note ++---- ++Do not run this role against an SAP or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. ++ ++ ++## Role Input Parameters ++ ++#### Minimum required parameters: ++ ++This role does not require any parameter to be set in the playbook or inventory. ++ ++ ++### sap_general_preconfigure_config_all ++- _Type:_ `bool` ++ ++If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
++Default is to perform installation and configuration steps.
++ ++### sap_general_preconfigure_installation ++- _Type:_ `bool` ++ ++If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++installation steps of SAP notes.
++ ++### sap_general_preconfigure_configuration ++- _Type:_ `bool` ++ ++If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
++ ++Example: ++ ++```yaml ++sap_general_preconfigure_config_all: false ++sap_general_preconfigure_configuration: true ++sap_general_preconfigure_2002167_02: true ++sap_general_preconfigure_1391070: true ++``` ++ ++### sap_general_preconfigure_assert ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If set to `true`, the role will run in assertion mode instead of the default configuration mode.
++ ++### sap_general_preconfigure_assert_ignore_errors ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++In assertion mode, the role will abort when encountering any assertion error.
++If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
++This is useful if the role is used for reporting a system's SAP notes compliance.
++ ++### sap_general_preconfigure_system_roles_collection ++- _Type:_ `str` ++- _Default:_ `'fedora.linux_system_roles'` ++- _Possible Values:_
++ - `fedora.linux_system_roles` ++ - `redhat.rhel_system_roles` ++ ++Set which Ansible Collection to use for the Linux System Roles.
++For community/upstream, use 'fedora.linux_system_roles'
++For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
++ ++### sap_general_preconfigure_enable_repos ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` if you want the role to enable the repos as configured by the following repo related parameters.
++The default is `false`, meaning that the role will not enable repos.
++ ++### sap_general_preconfigure_use_netweaver_repos ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you want the role to not enable the SAP NetWeaver repo(s).
++The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s).
++Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
++ ++### sap_general_preconfigure_use_hana_repos ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you want the role to not enable the SAP HANA repo(s).
++The default is `true`, meaning that the role will enable the SAP HANA repo(s).
++Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
++ ++### sap_general_preconfigure_use_ha_repos ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you want the role to not enable the high availability repo(s).
++The default is `true`, meaning that the role will enable the high availability repo(s).
++Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
++ ++### sap_general_preconfigure_disable_all_other_repos ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above.
++The default is `true`, meaning that the role will disable all repos before enabling the desired ones.
++Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
++ ++### sap_general_preconfigure_req_repos ++- _Type:_ `list` with elements of type `str` ++ ++If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly.
++Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically
++(e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4).
++ ++Example: ++ ++```yaml ++sap_general_preconfigure_req_repos: ++- rhel-8-for-x86_64-baseos-eus-rpms ++- rhel-8-for-x86_64-appstream-eus-rpms ++- rhel-8-for-x86_64-sap-solutions-eus-rpms ++- rhel-8-for-x86_64-sap-netweaver-eus-rpms ++- rhel-8-for-x86_64-highavailability-eus-rpms ++``` ++ ++### sap_general_preconfigure_set_minor_release ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`.
++If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos.
++ ++### sap_general_preconfigure_packagegroups ++- _Type:_ `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++The name of the software package group to install.
++The default for this parameter is set in the vars file which corresponds to the detected OS version.
++ ++Example: ++ ++```yaml ++'@minimal-environment' ++``` ++ ++### sap_general_preconfigure_envgroups ++- _Type:_ `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++The name of the software environment group to check.
++The default for this parameter is set in the vars file which corresponds to the detected OS version.
++ ++Example: ++ ++```yaml ++'@minimal-environment' ++``` ++ ++### sap_general_preconfigure_packages ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++The list of packages to install.
++The default for this variable is set in the vars file which corresponds to the detected OS version.
++ ++### sap_general_preconfigure_min_package_check ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++The default is to install or check if the minimum package versions are installed as defined in the vars files.
++Set to `false` if you do not install or check these minimum package versions.
++ ++### sap_general_preconfigure_install_ibm_power_tools ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
++See also SAP note 2679703.
++ ++### sap_general_preconfigure_add_ibm_power_repo ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
++are already available on the local network). The IBM Power Systems service and productivity tools will only
++be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
++ ++### sap_general_preconfigure_ibm_power_repo_url ++- _Type:_ `str` ++- _Default:_ `'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm'` ++ ++URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools
++ ++### sap_general_preconfigure_update ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++By default, the role will not update the system, for avoiding an unintentional minor OS release update.
++Set this parameter to `true` if you want to update your system to the latest package versions.
++When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of
++those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`.
++ ++### sap_general_preconfigure_reboot_ok ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` if you want to perform a reboot at the end of the role, if necessary.
++ ++### sap_general_preconfigure_fail_if_reboot_required ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
++remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
++Can be useful if you want to implement your own reboot handling.
++ ++### sap_general_preconfigure_selinux_state ++- _Type:_ `str` ++- _Default:_ `'permissive'` ++- _Possible Values:_
++ - `enforcing` ++ - `permissive` ++ - `disabled` ++ ++One of the SELinux states to be set on the system.
++ ++### sap_general_preconfigure_create_directories ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you do not want the SAP directories to be created by the role.
++The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels`
++(see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set.
++ ++### sap_general_preconfigure_sap_directories ++- _Type:_ `list` with elements of type `str` ++- _Default:_ ++ - /usr/sap ++ ++List of SAP directories to be created.
++ ++### sap_general_preconfigure_modify_selinux_labels ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you do not want to modify the SELinux labels for the SAP directories set
++in variable `sap_general_preconfigure_sap_directories`.
++ ++### sap_general_preconfigure_size_of_tmpfs_gb ++- _Type:_ `str` ++- _Default:_ `"{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}"` ++ ++The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735.
++ ++### sap_general_preconfigure_modify_etc_hosts ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you do not want the role to modify the `/etc/hosts` file.
++ ++### sap_general_preconfigure_etc_sysctl_sap_conf ++- _Type:_ `str` ++- _Default:_ `'/etc/sysctl.d/sap.conf'` ++ ++The file name of the sysctl config file to be used
++ ++### sap_general_preconfigure_kernel_parameters ++- _Type:_ `list` with elements of type `dict` ++- _Default:_ (set by platform/environment specific variables) ++ ++The Linux kernel parameters to use. By default, these are taken from the vars file.
++The default for this parameter is set in the vars file which corresponds to the detected OS version.
++ ++Example: ++ ++```yaml ++sap_general_preconfigure_kernel_parameters: ++- name: vm.max_map_count ++ value: '2147483647' ++- name: fs.aio-max-nr ++ value: '18446744073709551615' ++``` ++ ++### sap_general_preconfigure_max_hostname_length ++- _Type:_ `str` ++- _Default:_ `'13'` ++ ++The maximum length of the hostname. See SAP note 611361.
++ ++### sap_hostname ++- _Type:_ `str` ++- _Default:_ `"{{ ansible_hostname }}"` ++ ++The hostname to be used for updating or checking `/etc/hosts` entries.
++ ++### sap_domain ++- _Type:_ `str` ++- _Default:_ `"{{ ansible_domain }}"` ++ ++The DNS domain name to be used for updating or checking `/etc/hosts` entries.
++ ++### sap_ip ++- _Type:_ `str` ++- _Default:_ `"{{ ansible_default_ipv4.address }}"` ++ ++The IPV4 address to be used for updating or checking `/etc/hosts` entries.
++ ++### sap_general_preconfigure_db_group_name ++- _Type:_ `str` ++ ++Use this variable to specify the name of the RHEL group which is used for the database processes.
++If defined, it will be used to configure process limits as per step
++Configuring Process Resource Limits
++ ++Example: ++ ++```yaml ++sap_general_preconfigure_db_group_name: dba ++``` ++ ++ ++ ++## Dependencies ++ ++This role does not depend on any other role. ++ ++## Example Playbook ++ ++Simple playbook, named sap.yml: ++```yaml ++--- ++- hosts: all ++ roles: ++ - role: sap_general_preconfigure ++``` ++ ++## Example Usage ++ ++Normal run: ++```yaml ++ansible-playbook sap.yml -l remote_host ++``` ++ ++Extended Check (assert) run, aborting for any error which has been found: ++```yaml ++ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes}" ++``` ++ ++Extended Check (assert) run, not aborting even if an error has been found: ++```yaml ++ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: no}" ++``` ++ ++Same as above, with a nice compact and colored output, this time for two hosts: ++```yaml ++ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033[30m[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033[30m[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' ++``` ++Note: For terminals with dark background, replace the color code `30m` by `37m`. ++In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: ++```yaml ++printf "\033[37mreadable font\n" ++``` ++In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: ++```yaml ++printf "\033[30mreadable font\n" ++``` ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, Bernd Finger, Markus Koch, Rainer Leber +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_ha_install_hana_hsr.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_ha_install_hana_hsr.md +new file mode 100644 +index 0000000..8536d7f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_ha_install_hana_hsr.md +@@ -0,0 +1,107 @@ ++# sap_ha_install_hana_hsr Ansible Role ++ ++Ansible role for SAP HANA System Replication Setup on 2 nodes. ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview" ++ ++## Prerequisites ++ ++- target nodes are on the same OS level ++- target nodes are using the same SAP HANA release ++ ++## Overview ++ ++The **sap_ha_install_hana_hsr** role is part of this system role sequence: ++ ++| Sequence | System Role | Description | ++| :------: | :----------------------- | :----------------------------------------------------------- | ++| 1. | sap_general_preconfigure | System Preparation for SAP | ++| 2. | sap_hana_preconfigure | System Preparation for SAP HANA | ++| 3. | sap_hana_install | Installation of SAP HANA Database | ++| _4._ | _sap_ha_install_hana_hsr_ | _Configuration of SAP HANA System Replication_ | ++| 5. | sap_ha_pacemaker_cluster | Linux Pacemaker cluster setup and SAP resources configuration | ++ ++The **sap_ha_install_hana_hsr** roles configures a HANA system replication relationship which is used by the pacemaker cluster to automate SAP HANA System Replication (HSR). Prerequisite is the SAP HANA installation on the nodes. ++ ++## Tasks included ++ ++| Task | Description | ++| ---------------------- | ----------------------------------------------------------------------------------- | ++| update_etchosts.yml | ensures that all nodes of the cluster are configured in all nodes' /etc/hosts | ++| configure_firewall.yml | this will configure the firewall für HANA system replication (disabled) | ++| hdbuserstore.yml | create a user in the hdbuserstore | ++| log_mode.yml | check/set database logmode | ++| pki_files.yml | copy pki file from primary to secondary database | ++| run_backup.yml | perform backup on the primary note as pre required step for HANA system replication | ++| configure_hsr.yml | enable HANA system replication on primary node and register secondary database node | ++ ++## Common Variables/Parameters Used ++ ++| Name | Description | Value | ++| -------------------------------- | ------------------------------- | ---------------------- | ++| sap_domain | Domain Name | example: `example.com` | ++| sap_hana_sid | SAP ID | example: `RH1` | ++| sap_hana_instance_number | Instance Number | example: `"00"` | ++| sap_hana_install_master_password | DB System Password | ++| sap_hana_cluster_nodes | Parameter list of cluster nodes | ++| sap_hana_hacluster_password | Pacemaker hacluster Password | ++ ++## Role specific Variables ++ ++| Name | Description | Value | ++| --------------------------------- | ---------------- | -------------------- | ++| sap_ha_install_hana_hsr_rep_mode | replication mode | default is sync | ++| sap_ha_install_hana_hsr_oper_mode | operation mode | default is logreplay | ++ ++## Example Parameter File ++ ++```yaml ++sap_hana_sid: "DB1" ++sap_hana_instance_number: "00" ++sap_hana_install_master_password: "my_hana-password" ++ ++### Cluster Definition ++sap_ha_install_pacemaker_cluster_name: cluster1 ++sap_hana_hacluster_password: "my_hacluster-password" ++ ++sap_domain: example.com ++ ++sap_hana_cluster_nodes: ++ - node_name: node1 ++ node_ip: 192.168.1.11 ++ node_role: primary ++ hana_site: DC01 ++ ++ - node_name: node2 ++ node_ip: 192.168.1.12 ++ node_role: secondary ++ hana_site: DC02 ++``` ++ ++### Execution Design ++ ++Having the parameters specified as above, it can be executed with one command: ++ ++```text ++ansible-playbook example_playbook_with_parameters.ymnl ++``` ++ ++If you need to execute the role using an external handled, you can also limit the playbook for specific a **host** adding parameter defined in e **parameter_file**. ++ ++```text ++ansible-playbook -l node1 example_playbook.yml -e @parameter_file.yml ++``` ++ ++A good way to start is executing the playbook with the option _--list_tasks_. You can than start a playbook with the option _--start-at-task_ at a specific point. _--list_task_ will not start any task. ++ ++For more information please check ++ ++```text ++ansible-playbook --help ++``` ++ ++## License ++ ++Apache license 2.0 +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_ha_pacemaker_cluster.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_ha_pacemaker_cluster.md +new file mode 100644 +index 0000000..99ab9ed +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_ha_pacemaker_cluster.md +@@ -0,0 +1,835 @@ ++ ++# sap_ha_pacemaker_cluster Ansible Role ++ ++![Ansible Lint for sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml/badge.svg) ++ ++Ansible Role for installation and configuration of Linux Pacemaker for High Availability of SAP Systems run on various Infrastructure Platforms. ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview" ++ ++## Scope ++ ++This Ansible Role provides: ++- installation of Linux Pacemaker packages and dependencies ++- configuration of Linux Pacemaker cluster with all relevant fencing agent and resource agent for an Infrastructure Platform and SAP Software (SAP HANA or SAP NetWeaver) ++- setup and instantiation of Linux Pacemaker cluster (using `ha_cluster` Linux System Role) ++ ++This Ansible Role has been tested for the following SAP Software Solution scenario deployments: ++- SAP HANA Scale-up High Availability ++- `Beta:` SAP NetWeaver (ABAP) AS ASCS and ERS High Availability ++- `Experimental:` SAP NetWeaver (ABAP) AS PAS and AAS High Availability ++- `Experimental:` SAP NetWeaver (JAVA) AS SCS and ERS High Availability ++ ++This Ansible Role contains Infrastructure Platform specific alterations for: ++- AWS EC2 Virtual Servers ++- `Beta:` Microsoft Azure Virtual Machines ++- `Experimental:` Google Cloud Compute Engine Virtual Machine ++- `Experimental:` IBM Cloud Virtual Server ++- `Experimental:` IBM Power Virtual Server from IBM Cloud ++- `Experimental:` IBM PowerVC hypervisor Virtual Machine ++ ++Please note, this Ansible Role `sap_ha_pacemaker_cluster` is acting as a wrapper and generates the parameter definitions for a given SAP System, Infrastructure Platform specific variables and other additional steps to complete the SAP High Availability setup using Linux Pacemaker clusters. ++ ++### Warnings :warning: ++ ++- :warning: Do **not** execute this Ansible Role against already configured Linux Pacemaker cluster nodes; unless you know what you are doing and have prepared the input variables for the Ansible Role according to / matching to the existing Linux Pacemaker setup! ++- :warning: Infrastructure Platforms not explicitly listed as available/tested are very unlikely to work. ++ ++## Functionality ++ ++_All of the following functionality is provided as **Technology Preview**._ ++ ++### SAP HANA scale-up (performance-optimized) with SAP HANA System Replication, High Availability using Linux Pacemaker 2-node cluster ++ ++| Platform | Usability | ++| -------- | --------- | ++| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | ++| :heavy_check_mark: OVirt VM | tested and working | ++| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | ++ ++### SAP NetWeaver (ABAP) ASCS and ERS, High Availability using Linux Pacemaker 2-node cluster ++ ++| Platform | Usability | ++| -------- | --------- | ++| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | ++| :heavy_check_mark: OVirt VM | tested and working | ++| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | ++ ++## Requirements ++ ++The Ansible Role requires the SAP HANA Database Server or SAP NetWeaver Application Server software installation to already exist on the target host/s. ++ ++The target host must have: ++- OS version and license - RHEL4SAP (HA and US) 8.4+ ++- OS package repositories enabled - SAP and High Availability ++ ++> _N.B. At this time SLES4SAP functionality is not available, until `crmsh` commands are provided in dependency Ansible Role [`ha_cluster`](https://github.com/linux-system-roles/ha_cluster)_ ++ ++The Ansible Control System (where Ansible is executed from) must have: ++- Ansible Core 2.9+ ++- Access to dependency Ansible Collections and Ansible Roles: ++ - **Upstream**: ++ - Ansible Collection [`community.sap_install` from Ansible Galaxy](https://galaxy.ansible.com/community/sap_install) version `1.3.0` or later ++ - Ansible Collection [`fedora.linux_system_roles` from Ansible Galaxy](https://galaxy.ansible.com/fedora/linux_system_roles) version `1.20.0` or later ++ - **Supported (Downstream)** via Red Hat Ansible Automation Platform (AAP) license: ++ - Ansible Collection [`redhat.sap_install` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/sap_install) version `1.3.0` or later ++ - Ansible Collection [`redhat.rhel_system_roles` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles) version `1.20.0` or later ++ - **Supported (Downstream)** via RHEL4SAP license: ++ - RHEL System Roles for SAP RPM Package `rhel-system-roles-sap-3.6.0` or later ++ - RHEL System Roles RPM Package `rhel-system-roles-1.20.0` or later ++ ++## Prerequisites ++ ++All SAP Software must be installed, and all remote/file storage mounts must be available with correct permissions defined by SAP documentation. For SAP HANA High Availability, SAP HANA System Replication must already be installed. ++ ++In addition, the following network ports must be available: ++ ++| **SAP Technical Application and Component** | **Port** | ++| --- | --- | ++| **_SAP HANA System Replication_** | | ++| hdbnameserver
used for log and data shipping from a primary site to a secondary site.
System DB port number plus 10,000
| 4``01 | ++| hdbnameserver
unencrypted metadata communication between sites.
System DB port number plus 10,000
| 4``02 | ++| hdbnameserver
used for encrypted metadata communication between sites.
System DB port number plus 10,000
| 4``06 | ++| hdbindexserver
used for first MDC Tenant database schema | 4``03 | ++| hdbxsengine
used for SAP HANA XSC/XSA | 4``07| ++| hdbscriptserver
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000
| 4``40-97 | ++| hdbxsengine
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000
| 4``40-97 | ++| **_Linux Pacemaker_** | | ++| pcsd
cluster nodes requirement for node-to-node communication | 2224 (TCP)| ++| pacemaker
cluster nodes requirement for Pacemaker Remote service daemon | 3121 (TCP) | ++| corosync
cluster nodes requirement for node-to-node communication | 5404-5412 (UDP) | ++ ++## Execution Flow ++ ++The Ansible Role is sequential: ++- Validate input Ansible Variables ++- Identify host's Infrastructure Platform ++- Generate Linux Pacemaker definition for given Infrastructure Platform and SAP Software ++- Execute `ha_cluster` Ansible Role with Linux Pacemaker definition ++- Instantiate Linux Pacemaker cluster ++ ++## Tips ++ ++Check out the [role variables of the `ha_cluster` Linux System Role](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md) for additional possible settings that can be applied when using the `sap_ha_pacemaker_cluster` role. ++ ++For example:
++Adding `ha_cluster_start_on_boot: false` to disable the automatic start of cluster services on boot. ++ ++## Sample ++ ++Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. ++ ++## License ++ ++Apache 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions ++ ++ ++ ++--- ++ ++## Role Input Parameters ++ ++Minimum required parameters for all clusters: ++ ++- [sap_ha_pacemaker_cluster_hacluster_user_password](#sap_ha_pacemaker_cluster_hacluster_user_password) ++ ++Additional minimum requirements depend on the type of cluster setup and on the target platform. ++ ++### sap_ha_pacemaker_cluster_aws_access_key_id ++ ++- _Type:_ `string` ++ ++AWS access key to allow control of instances (for example for fencing operations).
++Mandatory for the cluster nodes setup on AWS EC2 instances.
++ ++### sap_ha_pacemaker_cluster_aws_region ++ ++- _Type:_ `string` ++ ++The AWS region in which the instances to be used for the cluster setup are located.
++Mandatory for cluster nodes setup on AWS EC2 instances.
++ ++### sap_ha_pacemaker_cluster_aws_secret_access_key ++ ++- _Type:_ `string` ++ ++AWS secret key, paired with the access key for instance control.
++Mandatory for the cluster setup on AWS EC2 instances.
++ ++### sap_ha_pacemaker_cluster_aws_vip_update_rt ++ ++- _Type:_ `string` ++ ++List one more routing table IDs for managing Virtual IP failover through routing table changes.
++Multiple routing tables must be defined as a comma-separated string (no spaces).
++Mandatory for the VIP resource configuration in AWS EC2 environments.
++ ++### sap_ha_pacemaker_cluster_cluster_name ++ ++- _Type:_ `string` ++ ++The name of the pacemaker cluster.
++Inherits the `ha_cluster` LSR native parameter `ha_cluster_cluster_name` if not defined.
++If not defined, the `ha_cluster` Linux System Role default will be used.
++ ++### sap_ha_pacemaker_cluster_cluster_nodes ++ ++- _Type:_ `list` ++ ++List of cluster nodes and associated attributes to describe the target SAP HA environment.
++This is required for the HANA System Replication configuration.
++Synonym for this parameter is `sap_hana_cluster_nodes`.
++Mandatory to be defined for HANA clusters.
++ ++- **hana_site**
++ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). ++- **node_ip**
++ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ ++- **node_name**
++ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ ++- **node_role**
++ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ ++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_cluster_nodes: ++- hana_site: DC01 ++ node_ip: 192.168.5.1 ++ node_name: nodeA ++ node_role: primary ++- hana_site: DC02 ++``` ++ ++### sap_ha_pacemaker_cluster_cluster_properties ++ ++- _Type:_ `dict` ++- _Default:_ `{'concurrent-fencing': True, 'stonith-enabled': True, 'stonith-timeout': 900}` ++ ++Standard pacemaker cluster properties are configured with recommended settings for cluster node fencing.
++When no STONITH resource is defined, STONITH will be disabled and a warning displayed.
++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_cluster_properties: ++ concurrent-fencing: true ++ stonith-enabled: true ++ stonith-timeout: 900 ++``` ++ ++### sap_ha_pacemaker_cluster_create_config_dest ++ ++- _Type:_ `string` ++- _Default:_ `review_resource_config.yml` ++ ++The pacemaker cluster resource configuration optionally created by this role will be saved in a Yaml file in the current working directory.
++Requires `sap_ha_pacemaker_cluster_create_config_varfile` to be enabled for generating the output file.
++Specify a path/filename to save the file in a custom location.
++The file can be used as input vars file for an Ansible playbook running the 'ha_cluster' Linux System Role.
++ ++### sap_ha_pacemaker_cluster_create_config_varfile ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++When enabled, all cluster configuration parameters this role constructs for executing the 'ha_cluster' Linux System role will be written into a file in Yaml format.
++This allows using the output file later as input file for additional custom steps using the 'ha_cluster' role and covering the resource configuration in a cluster that was set up using this 'sap_ha_pacemaker_cluster' role.
++When enabled this parameters file is also created when the playbook is run in check_mode (`--check`) and can be used to review the configuration parameters without executing actual changes on the target nodes.
++WARNING! This report may include sensitive details like secrets required for certain cluster resources!
++ ++### sap_ha_pacemaker_cluster_enable_cluster_connector ++ ++- _Type:_ `bool` ++- _Default:_ `True` ++ ++Enables/Disables the SAP HA Interface for SAP ABAP application server instances, also known as `sap_cluster_connector`.
++Set this parameter to 'false' if the SAP HA interface should not be installed and configured.
++ ++### sap_ha_pacemaker_cluster_extra_packages ++ ++- _Type:_ `list` ++ ++Additional extra packages to be installed, for instance specific resource packages.
++For SAP clusters configured by this role, the relevant standard packages for the target scenario are automatically included.
++ ++### sap_ha_pacemaker_cluster_fence_agent_minimal_packages ++ ++- _Type:_ `list` ++- _Default:_ `['fence-agents-all']` ++ ++The minimal set of fence agent packages that will be installed.
++ ++### sap_ha_pacemaker_cluster_fence_agent_packages ++ ++- _Type:_ `list` ++ ++Additional fence agent packages to be installed.
++This is automatically combined with `sap_ha_pacemaker_cluster_fence_agent_minimal_packages`.
++ ++### sap_ha_pacemaker_cluster_gcp_project ++ ++- _Type:_ `string` ++ ++Google Cloud project name in which the target instances are installed.
++Mandatory for the cluster setup on GCP instances.
++ ++### sap_ha_pacemaker_cluster_gcp_region_zone ++ ++- _Type:_ `string` ++ ++Google Cloud Platform region zone ID.
++Mandatory for the cluster setup on GCP instances.
++ ++### sap_ha_pacemaker_cluster_ha_cluster ++ ++- _Type:_ `dict` ++ ++The `ha_cluster` LSR native parameter `ha_cluster` can be used as a synonym.
++Optional _**host_vars**_ parameter - if defined it must be set for each node.
++Dictionary that can contain various node options for the pacemaker cluster configuration.
++Supported options can be reviewed in the `ha_cluster` Linux System Role [https://github.com/linux-system-roles/ha_cluster/blob/master/README.md].
++If not defined, the `ha_cluster` Linux System Role default will be used.
++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_ha_cluster: ++ corosync_addresses: ++ - 192.168.1.10 ++ - 192.168.2.10 ++ node_name: nodeA ++``` ++ ++### sap_ha_pacemaker_cluster_hacluster_user_password required ++ ++- _Type:_ `string` ++ ++The password of the `hacluster` user which is created during pacemaker installation.
++Inherits the value of `ha_cluster_hacluster_password`, when defined.
++ ++### sap_ha_pacemaker_cluster_hana_automated_register ++ ++- _Type:_ `bool` ++- _Default:_ `True` ++ ++Parameter for the 'SAPHana' cluster resource.
++Define if a former primary should be re-registered automatically as secondary.
++ ++### sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout ++ ++- _Type:_ `int` ++- _Default:_ `900` ++ ++Parameter for the 'SAPHana' cluster resource.
++Time difference needed between to primary time stamps, if a dual-primary situation occurs.
++If the time difference is less than the time gap, then the cluster holds one or both instances in a "WAITING" status.
++This is to give an admin a chance to react on a failover. A failed former primary will be registered after the time difference is passed.
++ ++### sap_ha_pacemaker_cluster_hana_instance_nr ++ ++- _Type:_ `string` ++ ++The instance number of the SAP HANA database which this role will configure in the cluster.
++Inherits the value of `sap_hana_instance_number`, when defined.
++Mandatory for SAP HANA cluster setups.
++ ++### sap_ha_pacemaker_cluster_hana_prefer_site_takeover ++ ++- _Type:_ `bool` ++- _Default:_ `True` ++ ++Parameter for the 'SAPHana' cluster resource.
++Set to "false" if the cluster should first attempt to restart the instance on the same node.
++When set to "true" (default) a failover to secondary will be initiated on resource failure.
++ ++### sap_ha_pacemaker_cluster_hana_resource_clone_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPHana__-clone` ++ ++Customize the cluster resource name of the SAP HANA DB resource clone.
++ ++### sap_ha_pacemaker_cluster_hana_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPHana__` ++ ++Customize the cluster resource name of the SAP HANA DB resource.
++ ++### sap_ha_pacemaker_cluster_hana_sid ++ ++- _Type:_ `string` ++ ++The SAP HANA SID of the instance that will be configured in the cluster.
++The SID must follow SAP specifications - see SAP Note 1979280.
++Inherits the value of `sap_hana_sid`, when defined.
++Mandatory for SAP HANA cluster setups.
++ ++### sap_ha_pacemaker_cluster_hana_topology_resource_clone_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPHanaTopology__-clone` ++ ++Customize the cluster resource name of the SAP HANA Topology resource clone.
++ ++### sap_ha_pacemaker_cluster_hana_topology_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPHanaTopology__` ++ ++Customize the cluster resource name of the SAP HANA Topology resource.
++ ++### sap_ha_pacemaker_cluster_host_type ++ ++- _Type:_ `list` ++- _Default:_ `hana_scaleup_perf` ++ ++The SAP landscape to for which the cluster is to be configured.
++The default is a 2-node SAP HANA scale-up cluster.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_api_key ++ ++- _Type:_ `string` ++ ++The API key which is required to allow the control of instances (for example for fencing operations).
++Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type ++ ++- _Type:_ `string` ++ ++IBM Power Virtual Server API Endpoint type (public or private) dependent on network interface attachments for the target instances.
++Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url ++ ++- _Type:_ `string` ++ ++IBM Power Virtual Server forward proxy url when IBM Power Virtual Server API Endpoint type is set to private.
++When public network interface, can be ignored.
++When private network interface, mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn ++ ++- _Type:_ `string` ++ ++IBM Power Virtual Server Workspace service cloud resource name (CRN) identifier which contains the target instances
++Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_region ++ ++- _Type:_ `string` ++ ++The IBM Cloud VS region name in which the instances are running.
++Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_msazure_resource_group ++ ++- _Type:_ `string` ++ ++Resource group name/ID in which the target instances are defined.
++Mandatory for the cluster setup on MS Azure instances.
++ ++### sap_ha_pacemaker_cluster_msazure_subscription_id ++ ++- _Type:_ `string` ++ ++Subscription ID of the MS Azure environment containing the target instances.
++Mandatory for the cluster setup on MS Azure instances.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr ++ ++- _Type:_ `string` ++ ++Instance number of the NetWeaver ABAP AAS instance.
++Mandatory for NetWeaver AAS cluster configuration.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2.
++Set this parameter to 'true' to configure it as ENSA1.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_ABAP_ASCS__` ++ ++Name of the filesystem resource for the ASCS instance.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness ++ ++- _Type:_ `string` ++- _Default:_ `3000` ++ ++NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node it was started on.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr ++ ++- _Type:_ `string` ++ ++Instance number of the NetWeaver ABAP ASCS instance.
++Mandatory for NetWeaver ASCS/ERS cluster configuration.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER".
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout ++ ++- _Type:_ `string` ++- _Default:_ `60` ++ ++NetWeaver ASCS instance failure-timeout attribute.
++Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold ++ ++- _Type:_ `string` ++- _Default:_ `1` ++ ++NetWeaver ASCS instance migration-threshold setting attribute.
++Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name ++ ++- _Type:_ `string` ++ ++The name of the ASCS instance, typically the profile name.
++Mandatory for the NetWeaver ASCS/ERS cluster setup
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPInstance_NWAS_ABAP_ASCS__` ++ ++Name of the ASCS instance resource.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness ++ ++- _Type:_ `string` ++- _Default:_ `5000` ++ ++NetWeaver ASCS instance resource stickiness attribute.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string ++ ++- _Type:_ `string` ++ ++The full path and name of the ASCS instance profile.
++Mandatory for the NetWeaver ASCS/ERS cluster setup.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_ABAP_ERS__` ++ ++Name of the filesystem resource for the ERS instance.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr ++ ++- _Type:_ `string` ++ ++Instance number of the NetWeaver ABAP ERS instance.
++Mandatory for NetWeaver ASCS/ERS cluster configuration.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++NetWeaver ERS instance resource option "AUTOMATIC_RECOVER".
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name ++ ++- _Type:_ `string` ++ ++The name of the ERS instance, typically the profile name.
++Mandatory for the NetWeaver ASCS/ERS cluster setup.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPInstance_NWAS_ABAP_ERS__` ++ ++Name of the ERS instance resource.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string ++ ++- _Type:_ `string` ++ ++The full path and name of the ERS instance profile.
++Mandatory for the NetWeaver ASCS/ERS cluster.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr ++ ++- _Type:_ `string` ++ ++Instance number of the NetWeaver ABAP PAS instance.
++Mandatory for NetWeaver PAS cluster configuration.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_sid ++ ++- _Type:_ `string` ++ ++SID of the NetWeaver instances.
++Mandatory for NetWeaver cluster configuration.
++Uses `sap_swpm_sid` if defined.
++Mandatory for NetWeaver cluster setups.
++ ++### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_SAPMNT_` ++ ++Filesystem resource name for the shared filesystem /sapmnt.
++Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
++Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
++ ++### sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++Change this parameter to 'true' if the 3 shared filesystems `/usr/sap/trans`, `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources.
++ ++### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_SYS_` ++ ++Filesystem resource name for the transports filesystem /usr/sap//SYS.
++Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
++Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
++ ++### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_TRANS_` ++ ++Filesystem resource name for the transports filesystem /usr/sap/trans.
++Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
++Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
++ ++### sap_ha_pacemaker_cluster_resource_defaults ++ ++- _Type:_ `dict` ++- _Default:_ `{'migration-threshold': 5000, 'resource-stickiness': 3000}` ++ ++Set default parameters that will be valid for all pacemaker resources.
++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_resource_defaults: ++ migration-threshold: 5000 ++ resource-stickiness: 1000 ++``` ++ ++### sap_ha_pacemaker_cluster_stonith_custom ++ ++- _Type:_ `list` ++ ++Custom list of STONITH resource(s) to be configured in the cluster.
++This definition override any defaults the role would apply otherwise.
++ ++- **agent**
++ Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. ++- **name**
++ Name that will be used as the resource ID (name). ++- **options**
++ The resource options listed in dictionary format, one option per line.
Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail. ++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_stonith_custom: ++- agent: stonith:fence_rhevm ++ name: my-fence-resource ++ options: ++ ip: rhevm-server ++ password: login-user-password ++ pcmk_host_list: node1,node2 ++ power_wait: 3 ++ username: login-user ++``` ++ ++### sap_ha_pacemaker_cluster_storage_definition ++ ++- _Type:_ `list` ++ ++List of filesystem definitions used for filesystem cluster resources.
++Options relevant, see example.
++Mandatory for SAP NetWeaver HA cluster configurations.
++Reuse `sap_storage_setup_definition` if defined.
++Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'.
++Reuse `sap_storage_setup_definition` all options are documented under Ansible Role `sap_storage_setup`.
++Note! For this variable, the argument specification does not list options, to avoid errors during reuse of `sap_storage_setup_definition` if defined.
++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_storage_definition: ++- mountpoint: /usr/sap ++ name: usr_sap ++ nfs_path: /usr/sap ++ nfs_server: nfs-server.example.com:/ ++- mountpoint: /usr/sap/trans ++ name: usr_sap_trans ++ nfs_path: /usr/sap/trans ++ nfs_server: nfs-server.example.com:/ ++- mountpoint: /sapmnt ++ name: sapmnt ++ nfs_filesystem_type: nfs ++ nfs_mount_options: defaults ++ nfs_path: /sapmnt ++ nfs_server: nfs-server.example.com:/ ++``` ++ ++### sap_ha_pacemaker_cluster_storage_nfs_filesytem_type ++ ++- _Type:_ `string` ++- _Default:_ `nfs` ++ ++Filesystem type of the NFS filesystems that are part of the cluster configuration.
++ ++### sap_ha_pacemaker_cluster_storage_nfs_mount_options ++ ++- _Type:_ `string` ++- _Default:_ `defaults` ++ ++Mount options of the NFS filesystems that are part of the cluster configuration.
++ ++### sap_ha_pacemaker_cluster_storage_nfs_server ++ ++- _Type:_ `string` ++ ++Default address of the NFS server, if not defined individually by filesystem.
++ ++### sap_ha_pacemaker_cluster_system_roles_collection ++ ++- _Type:_ `string` ++- _Default:_ `fedora.linux_system_roles` ++ ++Reference to the Ansible Collection used for the Linux System Roles.
++For community/upstream, use 'fedora.linux_system_roles'.
++For RHEL System Roles for SAP, or Red Hat Automation Hub, use 'redhat.rhel_system_roles'.
++ ++### sap_ha_pacemaker_cluster_vip_client_interface ++ ++- _Type:_ `string` ++ ++OS device name of the network interface to use for the Virtual IP configuration.
++When there is only one interface on the system, its name will be used by default.
++ ++### sap_ha_pacemaker_cluster_vip_hana_primary_ip_address ++ ++- _Type:_ `string` ++ ++The virtual IP of the primary HANA instance.
++Mandatory parameter for HANA clusters.
++ ++### sap_ha_pacemaker_cluster_vip_hana_primary_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip_` ++ ++Customize the name of the resource managing the Virtual IP of the primary HANA instance.
++ ++### sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address ++ ++- _Type:_ `string` ++ ++The virtual IP for read-only access to the secondary HANA instance.
++Optional parameter in HANA clusters.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address ++ ++- _Type:_ `string` ++ ++Virtual IP of the NetWeaver AAS instance.
++Mandatory for NetWeaver AAS cluster setup.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip___aas` ++ ++Name of the SAPInstance resource for NetWeaver AAS.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address ++ ++- _Type:_ `string` ++ ++Virtual IP of the NetWeaver ASCS instance.
++Mandatory for NetWeaver ASCS/ERS cluster setup.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name ++ ++- _Type:_ `string` ++- _Default:_ `_ASCS_group` ++ ++Name of the NetWeaver ASCS resource group.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip___ascs` ++ ++Name of the SAPInstance resource for NetWeaver ASCS.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address ++ ++- _Type:_ `string` ++ ++Virtual IP of the NetWeaver ERS instance.
++Mandatory for NetWeaver ASCS/ERS cluster setup.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name ++ ++- _Type:_ `string` ++- _Default:_ `_ERS_group` ++ ++Name of the NetWeaver ERS resource group.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip___ers` ++ ++Name of the SAPInstance resource for NetWeaver ERS.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address ++ ++- _Type:_ `string` ++ ++Virtual IP of the NetWeaver PAS instance.
++Mandatory for NetWeaver PAS cluster setup.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip___pas` ++ ++Name of the SAPInstance resource for NetWeaver PAS.
++ ++### sap_ha_pacemaker_cluster_vip_secondary_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip_` ++ ++Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
++ ++ +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_hana_install.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_hana_install.md +new file mode 100644 +index 0000000..52a1ab8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_hana_install.md +@@ -0,0 +1,408 @@ ++# sap_hana_install Ansible Role ++ ++Ansible role for SAP HANA Installation ++ ++## Support Status ++ ++The support status of this role is: "Fully supported" ++ ++## Requirements ++ ++The dependencies of this role should be automatically installed when installing the collection with ansible-galaxy. ++ ++For installing the dependencies manually, use the following command: ++ ++`ansible-galaxy install -vv -r meta/collection-requirements.yml` ++ ++### Configure your system for the installation of SAP HANA ++ ++- Make sure required volumes and filesystems are configured in the host. ++ ++- Run the roles `sap_general_preconfigure` and `sap_hana_preconfigure` for installing required packages and ++for configuring system settings. ++ ++### SAP HANA Software Installation .SAR Files ++ ++Place the following files in directory /software/hana or in any other directory specified by variable ++`sap_hana_install_software_directory`: ++ ++1. The SAPCAR executable for the correct hardware architecture ++ ++2. The SAP HANA Installation .SAR file ++ - SAP HANA 2.0 Server - `IMDB_SERVER*.SAR` file ++ ++3. Optional - SAP HANA Components .SAR files ++ - Include other optional components such as `IMDB_AFL*.SAR` or `IMDB_LCAPPS*.SAR` ++ ++4. Optional - SAP Host Agent .SAR file ++ - Include other optional components such as `SAPHOSTAGENT*SAR` ++ ++#### Sample Directory Contents - with .SAR files ++ ++- Sample directory `sap_hana_install_software_directory` containing SAP HANA software installation files ++ ```console ++ [root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR ++ -rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR ++ -rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR ++ -rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE ++ -rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR ++ -rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR ++ -rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR ++ -rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR ++ ``` ++ ++If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version ++for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with ++variable `sap_hana_install_sapcar_filename`. Example: ++``` ++sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE ++``` ++ ++If more than one SAR file for a certain software product is present in the software directory, the automatic ++handling of such SAR files will fail after extraction, when moving the newly created product directories ++(like `SAP_HOST_AGENT`) to already existing destinations. ++For avoiding such situations, use following variable to provide a list of SAR files to extract: ++ ++`sap_hana_install_sarfiles`. ++ ++Example: ++``` ++sap_hana_install_sarfiles: ++ - SAPHOSTAGENT54_54-80004822.SAR ++ - IMDB_SERVER20_060_0-80002031.SAR ++``` ++ ++If there is a file named `.sha256` in the software download directory ++`sap_hana_install_software_directory` which contains the checksum and the file name similar to the output ++of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the ++processing will continue only if the checksum matches. ++ ++#### Extracted SAP HANA Software Installation Files ++ ++This role will detect if there is a file `hdblcm` already present in the directory specified by variable ++`sap_hana_install_software_extract_directory` or in any directory below. If If found, it will skip ++the .SAR extraction phase and proceed with the installation. ++ ++The default for `sap_hana_install_software_extract_directory` is `{{ sap_hana_install_software_directory }}/extracted` but it ++can be set to a different directory. ++ ++If this role is executed on more than one host in parallel and the software extraction directory is shared among those hosts, ++the role will only extract the files on the first host on which the extraction has started. The role will proceed on the other hosts ++after the extraction of SAR files has completed. ++ ++If NFS is used for sharing the SAP HANA installation media between the nodes, then it is required to define ++`sap_hana_install_configfile_directory`. The default for `sap_hana_install_configfile_directory` is ++"{{ sap_hana_install_software_extract_directory }}/configfiles". This variable should point to a non nfs path. After installation, ++if a cleanup of configfile is required, then set `sap_hana_install_cleanup_configfile_directory` as true. If a cleanup of ++software extract directory is required then set `sap_hana_install_cleanup_extract_directory` as true. The default value for both ++these cleanup actions are false. ++ ++ ++- Sample directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files ++ ```console ++ [root@hanahost extracted]# ll -lrt ++ drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL ++ drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT ++ drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS ++ drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE ++ drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT ++ drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 ++ ``` ++ ++#### SAP HANA hdblcm Configfile Processing ++ ++By default, the hdblcm configfile will be created dynamically in each run, as follows: After the role has ++found the hdblcm command or extracted the SAP HANA SAR file, it will call the hdblcm command with the ++option `--dump_configfile_template` to create a configfile template, which will then be converted into ++a Jinja2 configfile template according to the following rules: For each hdblcm parameter, the value ++will be either the value of the role variable prepended by the role name and an underscore, or a ++default (if present in the hdblcm configfile template). ++ ++Example: The value of hdblcm parameter `system_usage` will be set to the value of role variable ++`sap_hana_install_system_usage` or to `custom` in case the role variable has not been set. ++ ++The result of the templating is a new, customized hdblcm configfile, which will be used by the ++hdblcm command for the SAP HANA installation. ++ ++This provides great flexibility for handling different SAP HANA releases, which typically have a slightly ++different set of hdblcm parameters. For preparing the installation of a new SAP HANA system, it can be useful ++to run the role with tag `sap_hana_install_preinstall` first. This will display the full path names of the ++hdblcm configfile template, the Jinja2 template, and the result of the templating. By comparing the hdblcm ++configfile template with the templating result (indicated by placeholder `TEMPLATING_RESULT` below), you ++can quickly check if all role variables for the hdblcm command are set correctly and make any necessary ++adjustments to the role variables. ++ ++For displaying only the modified default lines, in two columns, use: ++`# diff -y --suppress-common-lines hdblcm_configfile_template.cfg TEMPLATING_RESULT` ++ ++For checking and comparing all non-empty hdblcm parameter settings, use: ++`# diff -y <(awk 'BEGIN{FS="="}/^[a-z]/&&length($2)>0{print $0}' hdblcm_configfile_template.cfg) ++ <(awk 'BEGIN{FS="="}/^[a-z]/&&length($2)>0{print $0}' TEMPLATING_RESULT)` ++ ++Note: If there is a file named `configfile.cfg` in the directory specified by role variable ++`sap_hana_install_configfile_directory`, this file will be used and no dynamic hdblcm configfile processing ++will be performed. Be aware that when using this file, any modifications to role variables after creation ++of this file will not be reflected. ++ ++## Further Variables and Parameters ++ ++### Input Parameters ++ ++If the variable `sap_hana_install_check_sidadm_user` is set to `no`, the role will install SAP HANA even ++if the sidadm user exists. Default is `yes`, in which case the installation will not be performed if the ++sidadm user exists. ++ ++The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation ++or if it will add further hosts to an existing SAP HANA system as specified by variable ++`sap_hana_install_addhosts`. Default is `yes` for a fresh SAP HANA installation. ++ ++The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set ++the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined ++in a variable which is compatible with the variable structure used by Linux System Role `firewall`. ++The firewall ports for SAP HANA are defined in member `port` of the first field of variable ++`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the ++member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, ++the ports will be disabled, which might be useful for testing. ++ ++Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. ++You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. ++Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` ++(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, ++`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. ++ ++### Default Parameters ++ ++Please check the default parameters file for more information on other parameters that can be used as an input ++- [**sap_hana_install** default parameters](defaults/main.yml) ++ ++## Execution ++ ++Sample Ansible Playbook Execution ++ ++- Local Host Installation ++ - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-hana-install.yml -e "@inputs/HDB.install"` ++ ++- Target Host Installation ++ - `ansible-playbook -i "" sap-hana-install.yml -e "@inputs/HDB.install"` ++ ++## Sample playbooks ++ ++### Sample playbook for installing a new scale-up (=single node) SAP HANA system ++ ++```yaml ++--- ++- hosts: all ++ collections: ++ - redhat.sap_install ++ become: true ++ vars: ++ sap_hana_install_software_directory: /software/hana ++ sap_hana_install_common_master_password: 'NewPass$321' ++ sap_hana_install_sid: 'H01' ++ sap_hana_install_instance_nr: '00' ++ roles: ++ - sap_hana_install ++``` ++ ++### Sample playbook for installing a new scale-out SAP HANA system ++ ++```yaml ++--- ++- hosts: all ++ collections: ++ - redhat.sap_install ++ become: true ++ vars: ++ sap_hana_install_software_directory: /software/hana ++ sap_hana_install_common_master_password: 'NewPass$321' ++ sap_hana_install_root_password: 'NewPass$321' ++ sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' ++ sap_hana_install_sid: 'H01' ++ sap_hana_install_instance_nr: '00' ++ roles: ++ - sap_hana_install ++``` ++ ++### Sample playbook for adding additional nodes to an existing SAP HANA installation ++ ++```yaml ++--- ++- hosts: all ++ collections: ++ - redhat.sap_install ++ become: true ++ vars: ++ sap_hana_install_software_directory: /software/hana ++ sap_hana_install_new_system: no ++ sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' ++ sap_hana_install_common_master_password: 'NewPass$321' ++ sap_hana_install_root_password: 'NewPass$321' ++ sap_hana_install_sid: 'H01' ++ sap_hana_install_instance_nr: '00' ++ roles: ++ - sap_hana_install ++``` ++ ++You can find more complex playbooks in directory `playbooks` of the collection `community.sap_install`. ++ ++## Flow ++ ++### New SAP HANA Installation ++ ++#### Perform Initial Checks ++ ++These checks are only performed if `sap_hana_install_force` is set to `true`. Its default value is `false` ++- If variable `sap_hana_install_check_sidadm_user` is undefined or set to `yes`: Check if user sidadm exists. If yes, ++ abort the role. ++ ++- Check if `/usr/sap/hostctrl/exe/saphostctrl` exists and get info on running HANA instances. ++ - If conflicting instances exist the role aborts with a failure ++ - If desired instance is running, the role aborts with success ++ ++- If `/usr/sap/hostctrl/exe/saphostctrl` does not exist ++ - Check if directory `/hana/shared/` exists. If yes and not empty, abort the role. ++ - Check if directory `/usr/sap/` exists. If yes and not empty, abort the role. ++ ++#### Pre-Install ++ ++- Set all passwords to follow master password if set to 'y'. ++ ++- Prepare the software located in directory `sap_hana_install_software_directory`: ++ ++ - If file `hdblcm` is found, skip the next step and proceed with the `hdblcm` existence check. ++ ++ - If file `hdblcm` is not found, proceed with the next step. ++ ++- Prepare SAR files for `hdblcm`: ++ ++ - Get a list of hardware matching SAPCAR executables from `sap_hana_install_software_directory` in case its file name is not ++ provided by role variable. ++ ++ - Select the most recent version of SAPCAR from the hardware matching SAPCAR executables identified before. ++ ++ - Get all SAR files from `sap_hana_install_software_directory` or use the SAR files provided by the corresponding role variable, if set. ++ ++ - Extract all SAR files into `sap_hana_install_software_extract_directory`. ++ ++Note: For each SAPCAR or SAR file called or used by the role, if variable `sap_hana_install_verify_checksums` ++is set to `yes`, the role will perform a checksum verification against a specific or global checksum file. ++ ++- Check existence of `hdblcm` in `SAP_HANA_DATABASE` directory from the extracted SAR files. ++ ++- Check the existence of file `configfile.cfg` in the directory `configfiles` below `sap_hana_install_software_extract_directory`. ++ ++If this file exists, copy it to a temporary directory for use by the hdblcm command. Be aware that when using this file, ++any modifications to role variables after creation of this file will not be reflected. ++ ++If this file is not present, perform the following three steps: ++ ++- Create a hdblcm configfile template directly from the hdblcm command, using option `dump_configfile_template`. ++ ++- Convert the configfile template into a Jinja2 template and download it to the control node. ++ ++- Process the Jinja2 template, using the configured role variables or default settings, to create a customized hdblm configfile ++in a temporary directory for use by the hdblcm command in the next step. ++ ++#### SAP HANA Install ++ ++- Execute hdblcm, using the configfile mentioned above. ++ ++#### Post-Install ++ ++- Create and Store Connection Info in hdbuserstore. ++ ++- Set Log Mode key to overwrite value and apply to system. ++ ++- Apply SAP HANA license to the new deployed instance if set to `yes`. ++ ++- Set expiry of Unix created users to `never`. ++ ++- Update `/etc/hosts` (optional - `yes` by default). ++ ++- Apply firewall rules (optional - `no` by default). ++ ++- Generate input file for `sap_swpm`. ++ ++- Print a short summary of the result of the installation. ++ ++### Add hosts to an existing SAP HANA Installation ++ ++#### Pre-Install ++ ++- Process SAP HANA configfile based on input parameters. ++ ++#### SAP HANA Add Hosts ++ ++- For each host to be added, check if there is: ++ - an instance profile in `/hana/shared//profile/_HDB_` ++ - a directory `/usr/sap//HDB/` ++ - an entry in the output of `./hdblcm --list_systems` ++ If any of the above is true, abort the role. ++ ++- Execute hdblcm. ++ ++#### Post-Install ++ ++- Print a short summary of the result of the installation. ++ ++## Tags ++ ++With the following tags, the role can be called to perform certain activities only: ++- tag `sap_hana_install_check_installation`: Perform an installation check, using `hdbcheck` or ++ `hdblcm --action=check_installation`. ++- tag `sap_hana_install_chown_hana_directories`: Only perform the chown of the SAP HANA directories ++ `/hana`, `/hana/shared`, `/hana/log`, and `/hana/data`. The main purpose of this tag is to use it ++ with `--skip-tags`, to skip modifying these directories. This can be useful when using tag ++ `sap_hana_install_preinstall`. ++- tag `sap_hana_install_configure_firewall`: Use this flag to only configure the firewall ports for ++ SAP HANA. Note: The role variable `sap_hana_install_update_firewall` has to be set to `yes` as ++ well. ++- tag `sap_hana_install_extract_sarfiles`: Use this flag with `--skip-tags` to run the SAR file ++ preparation steps of tag `sap_hana_install_prepare_sarfiles` without extracting the SAR files. ++- tag `sap_hana_install_generate_input_file`: Only generate the input file for SAP Application ++ deployment ++- tag `sap_hana_install_hdblcm_commandline`: Only show the hdblcm command line, without processing ++ the hdblcm template. This can be useful for checking the hdblcm command line options, especially ++ when using the `addhosts` function. ++- tag `sap_hana_install_preinstall`: Only perform pre-install activities. This includes selecting ++ the SAPCAR EXE file, extracting the SAR files if necessary, searching for hdblcm, and creating ++ the hdblcm configfile. ++- tag `sap_hana_install_prepare_sapcar`: Only copy the SAPCAR EXE files for the current architecture ++ to the extraction directory, verify the checksums of these files, and select the latest ++ version. Or copy the SAPCAR EXE file if given by role variable `sap_hana_install_sapcar_filename` ++ and then verify the checksum. ++- tag `sap_hana_install_prepare_sarfiles`: Run the steps of tag `sap_hana_install_prepare_sapcar` ++ to select the correct SAPCAR file, then copy the selected or provided SAR files to the ++ extraction directory (if requested), then verify the checksums of each SAR file. Lastly, extract ++ these SAR files to the extraction directory. ++- tag `sap_hana_install_set_log_mode`: Only set the log mode of an existing HANA installation to ++ `overwrite`. ++- tag `sap_hana_install_store_connection_information`: Only run the `hdbuserstore` command ++ ++Sample call for only processing the SAPCAR and SAR files and creating the hdblcm configfile: ++``` ++# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories ++``` ++ ++Sample call for only processing the SAPCAR files: ++``` ++# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar ++``` ++ ++Sample call for only processing the SAPCAR and SAR files, without extracting the SAR files: ++``` ++# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles ++``` ++ ++Sample call for only displaying the SAP HANA hdblcm command line: ++``` ++# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline ++``` ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, IBM Lab for SAP Solutions, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_hana_preconfigure.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_hana_preconfigure.md +new file mode 100644 +index 0000000..1830c32 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_hana_preconfigure.md +@@ -0,0 +1,514 @@ ++# sap_hana_preconfigure Ansible Role ++ ++This role installs additional required packages and performs additional configuration steps for installing and running SAP HANA. ++If you want to configure a RHEL system for the installation and later usage of SAP HANA, you have to first run role sap_general_preconfigure ++and then role sap_hana_preconfigure. However, if we wish to run SLES for HANA, you may run only this role. ++ ++## Support Status ++ ++The support status of this role is: "Fully supported for RHEL managed nodes" ++ ++## Requirements ++ ++The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, ++make sure that the required collections are installed, for example by using the following command: ++ ++`ansible-galaxy install -vv -r meta/collection-requirements.yml` ++ ++To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). ++ ++It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP HANA, to maintain an identical system time, before or after running role sap_hana_preconfigure. ++ ++Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible (see also example playbook): ++ ++for RHEL 7.x: ++- rhel-7-[server|for-power-le]-e4s-rpms ++- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms ++ ++for RHEL 8.x: ++- rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms ++- rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms ++- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms ++ ++for RHEL 9.x: ++- rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms ++- rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms ++- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms ++ ++for SLES 15.x: ++- SLE-Module-SAP-Applications15-[SP number]-Pool ++- SLE-Module-SAP-Applications15-[SP number]-Updates ++- SLE-Product-SLES_SAP15-[SP number]-Pool ++- SLE-Product-SLES_SAP15-[SP number]-Updates ++ ++For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. ++ ++To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in the ++- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms, ++- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms, or ++- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms ++ ++repository. ++ ++To get this repository you need to have one of the following products: ++ ++- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) ++- RHEL for Business Partner NFRs ++- [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) ++ ++To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. ++ ++- [Registration Link](http://developers.redhat.com/register) : ++ Here you can either register a new personal account or link it to an already existing ++ **personal** Red Hat Network account. ++- [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): ++ Here you can download the Installation DVD for RHEL with your previously registered ++ account ++ ++*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional ++ product but only a special bundling. The subscription grants you access to the additional ++ packages through our content delivery network (CDN) after installation. ++ ++For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). ++ ++Details on configuring SLES repositories can be found on the following articles for [on-premise systems](https://www.suse.com/support/kb/doc/?id=000018564) or [BYOS cloud images](https://www.suse.com/c/byos-instances-and-the-suse-public-cloud-update-infrastructure/) ++ ++ ++It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. ++You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process ++ ++If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. ++ ++Note ++---- ++For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). ++ ++For SLES, notes are applied using the saptune service. Saptune supports a number of solutions. A solution implements several SAP notes. The default solution for this role is 'HANA'. To see a list of supported solutions and the notes that they implement, you can run `saptune solution list` on the command line. ++ ++Do not run this role against an SAP HANA or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. ++ ++Changes ++------- ++1) Previous versions of this role used the variable sap_hana_preconfigure_use_tuned_where_possible to switch between either tuned settings ++or kernel command line settings (where applicable). ++The current version modifies this behavior: ++- The variable sap_hana_preconfigure_use_tuned_where_possible has been renamed to sap_hana_preconfigure_use_tuned ++- The variable sap_hana_preconfigure_switch_to_tuned_profile_sap_hana has been removed. ++- If sap_hana_preconfigure_use_tuned is set to `yes`, which is also the default, the role will configure the system for using tuned and also switch to tuned profile sap-hana. ++ If sap_hana_preconfigure_use_tuned is set to `no`, the role will perform a static configuration, including the modification of the linux command line in grub. ++- The role can use tuned, or configure the kernel command line, or both. ++ ++2) Previous versions of this role used variable sap_hana_preconfigure_selinux_state to set the SELinux state to disabled. ++As the role sap_general_preconfigure already allows to specify the desired SELinux state, and as sap_general_preconfigure ++is always run before sap_hana_preconfigure, there is no need any more to let sap_hana_preconfigure configure the SELinux state. ++The same applies to the assertion of the SELinux state. ++ ++3) SLES systems are now configured using saptune rather than the ansible implementation of the notes. ++ ++ ++## Role Input Parameters ++ ++#### Minimum required parameters: ++ ++This role does not require any parameter to be set in the playbook or inventory. ++ ++ ++### sap_hana_preconfigure_config_all ++- _Type:_ `bool` ++ ++If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
++Default is to perform installation and configuration steps.
++ ++### sap_hana_preconfigure_installation ++- _Type:_ `bool` ++ ++If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++installation steps of SAP notes.
++ ++### sap_hana_preconfigure_configuration ++- _Type:_ `bool` ++ ++If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
++ ++Example: ++ ++```yaml ++sap_hana_preconfigure_config_all: false ++sap_hana_preconfigure_configuration: true ++sap_hana_preconfigure_2772999_04: true ++sap_hana_preconfigure_2382421: true ++``` ++ ++### sap_hana_preconfigure_assert ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If set to `true`, the role will run in assertion mode instead of the default configuration mode.
++ ++### sap_hana_preconfigure_assert_all_config ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++In assertion mode, the role will check either tuned or static settings.
++If this parameter is set to to `true`, the role will check both tuned and static settings.
++ ++### sap_hana_preconfigure_assert_ignore_errors ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++In assertion mode, the role will abort when encountering any assertion error.
++If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
++This is useful if the role is used for reporting a system's SAP notes compliance.
++ ++### sap_hana_preconfigure_system_roles_collection ++- _Type:_ `str` ++- _Default:_ `'fedora.linux_system_roles'` ++- _Possible Values:_
++ - `fedora.linux_system_roles` ++ - `redhat.rhel_system_roles` ++ ++Set which Ansible Collection to use for the Linux System Roles.
++For community/upstream, use 'fedora.linux_system_roles'
++For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
++ ++### sap_hana_preconfigure_min_rhel_release_check ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of
++known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if
++the RHEL release is not part of that list. If set to `true`, the role will fail in such a case.
++ ++### sap_hana_preconfigure_supported_rhel_minor_releases ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA supported RHEL minor releases.
++ ++### sap_hana_preconfigure_enable_sap_hana_repos ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to 'true' to enable the SAP HANA required RHEL repos.
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_7_x86_64 ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_7_ppc64le ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_8_x86_64 ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_8_ppc64le ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_9_x86_64 ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_9_ppc64le ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_set_minor_release ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Use this parameter to set the RHEL minor release, which is required for SAP HANA.
++The related parameter is `sap_general_preconfigure_set_minor_release`.
++ ++### sap_hana_preconfigure_create_directories ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you do not want the SAP HANA directories to be created by the role.
++The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels`
++(see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set.
++ ++### sap_hana_preconfigure_hana_directories ++- _Type:_ `list` with elements of type `str` ++- _Default:_ ++ - /hana ++ - /lss/shared ++ ++List of SAP HANA directories to be created.
++ ++### sap_hana_preconfigure_modify_selinux_labels ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add
++the `usr_t` label to directories and files in the directories where HANA is installed.
++If relabeling not desired, set this parameter `false`.
++If the variable is set to `true`, the SAP HANA directories will be created no matter
++how the variable `sap_hana_preconfigure_create_directories` (see above) is set.
++ ++### sap_hana_preconfigure_packages ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list
++or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`).
++ ++### sap_hana_preconfigure_min_package_check ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
++Set this parameter to `false` if you want to ignore these requirements.
++ ++### sap_hana_preconfigure_update ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set this parameter to `true` to update the system to the latest package levels.
++By setting the parameter `sap_general_preconfigure_set_minor_release` of the
++role `sap_general_preconfigure` to `true`, you can install the most recent package updates
++without updating to a more recent RHEL minor release.
++ ++### sap_hana_preconfigure_reboot_ok ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` if you want to perform a reboot at the end of the role, if necessary.
++ ++### sap_hana_preconfigure_fail_if_reboot_required ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
++remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
++Can be useful if you want to implement your own reboot handling.
++ ++### sap_hana_preconfigure_kernel_parameters ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Network related linux kernel parameter settings for SAP HANA on all hardware platforms.
++ ++### sap_hana_preconfigure_kernel_parameters_ppc64le ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Network related linux kernel parameter settings for platform ppc64le.
++ ++### sap_hana_preconfigure_use_netapp_settings_nfs ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` to also set NetApp NFS required kernel parameters.
++ ++### sap_hana_preconfigure_use_netapp_settings_nfsv3 ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If `sap_hana_preconfigure_use_netapp_settings_nfs` is set to `true` and NFS Version 3 is to be used,
++this parameter must be set to `true` as well.
++ ++### sap_hana_preconfigure_install_ibm_power_tools ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
++ ++### sap_hana_preconfigure_add_ibm_power_repo ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
++are already available on the local network). The IBM Power Systems service and productivity tools will only
++be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
++ ++### sap_hana_preconfigure_ibm_power_repo_url ++- _Type:_ `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++URL of the IBM Power tools repository.
++ ++### sap_hana_preconfigure_ppcle_mtu9000_if ++- _Type:_ `str` ++- _Default:_ `''` ++ ++List of interfaces for which the MTU size will be set to `9000`.
++ ++### sap_hana_preconfigure_ppcle_tso_if ++- _Type:_ `list` with elements of type `str` ++- _Default:_ ++ '{{ ansible_interfaces | difference([''lo'']) }}' ++ ++List of interfaces for which the tso flag will be set.
++ ++### sap_hana_preconfigure_use_tuned ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Use tuned for configuring most of the kernel settings for SAP HANA
++Set this parameter to `false` to use static kernel settings
++ ++### sap_hana_preconfigure_tuned_profile ++- _Type:_ `str` ++- _Default:_ `'sap-hana'` ++ ++Name of the SAP HANA tuned tuned profile to enable (RHEL).
++ ++### sap_hana_preconfigure_modify_grub_cmdline_linux ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set this parameter to `true` to modify the Grub boot command line.
++ ++### sap_hana_preconfigure_run_grub2_mkconfig ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
++Set this parameter to `false` if this is not desired.
++ ++### sap_hana_preconfigure_db_group_name ++- _Type:_ `str` ++ ++Use this parameter to specify the name of the RHEL group which is used for the database processes.
++It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999.
++ ++Example: ++ ++```yaml ++sap_hana_preconfigure_db_group_name: dba ++``` ++ ++### sap_hana_preconfigure_saptune_version ++- _Type:_ `str` ++- _Default:_ `'3.0.2'` ++ ++Version of saptune to install (SLES for SAP Applications).
++This will replace the current installed version if present, even downgrade if necessary.
++ ++### sap_hana_preconfigure_saptune_solution ++- _Type:_ `str` ++- _Default:_ `'HANA'` ++- _Possible Values:_
++ - `HANA` ++ - `NETWEAVER+HANA` ++ - `S4HANA-APP+DB` ++ - `S4HANA-DBSERVER` ++ ++The saptune solution to apply (SLES for SAP Applications).
++ ++### sap_hana_preconfigure_saptune_azure ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
++Set this parameter to `true` on Azure.
++ ++ ++ ++## Example Playbook ++ ++Simple playbook, named sap+hana.yml: ++```yaml ++--- ++- hosts: all ++ roles: ++ - role: sap_general_preconfigure ++ - role: sap_hana_preconfigure ++``` ++ ++Simple playbook for an extended check (assert) run, named sap+hana-assert.yml: ++```yaml ++--- ++- hosts: all ++ vars: ++ sap_general_preconfigure_assert: yes ++ sap_general_preconfigure_assert_ignore_errors: yes ++ sap_hana_preconfigure_assert: yes ++ sap_hana_preconfigure_assert_ignore_errors: yes ++ roles: ++ - role: sap_general_preconfigure ++ - role: sap_hana_preconfigure ++``` ++ ++## Example Usage ++ ++Normal run, for configuring server host_1 for SAP HANA: ++```yaml ++ansible-playbook sap+hana.yml -l host_1 ++``` ++ ++Extended Check (assert) run, not aborting if an error has been found: ++```yaml ++ansible-playbook sap+hana-assert.yml -l host_1 ++``` ++ ++Same as above, with a nice compact and colored output, this time for two hosts: ++```yaml ++ansible-playbook sap+hana-assert.yml -l host_1,host_2 | ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033[30m[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033[30m[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' ++``` ++Note: For terminals with dark background, replace the color code `30m` by `37m`. ++In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: ++```yaml ++printf "\033[37mreadable font\n" ++``` ++In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: ++```yaml ++printf "\033[30mreadable font\n" ++``` ++ ++## Contribution ++ ++Please read the [developer guidelines](./README.DEV.md) if you want to contribute ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_hypervisor_node_preconfigure.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_hypervisor_node_preconfigure.md +new file mode 100644 +index 0000000..596a3f8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_hypervisor_node_preconfigure.md +@@ -0,0 +1,241 @@ ++# sap_hypervisor_node_preconfigure ++ ++This role will configure the following hypervisors in order to run SAP workloads: ++* Red Hat OpenShift Virtualization (OCPV) ++* Red Hat Enterprise Virtualization (RHV) ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview" ++ ++## Platform: Red Hat OpenShift Virtualization ++ ++Will configure a plain vanilla OpenShift cluster so it can be used for SAP workloads. ++ ++### Requirements ++* An OpenShift cluster, best without any previous customization. ++* The worker nodes should have > 96GB of memory. ++* Worker nodes need to have Intel CPUs that provide TSX feature. ++* Storage is required, e.g. via NFS, OpenShift Data Foundation or local storage. This role can setup access to a Netapp Filer via Trident storage connector. ++Local storage will be configures using host path provisioner. ++* Point the `KUBECONFIG` environment variable to your `kubeconfig`. ++* Make the role available in case you didn't install it already in an ansible roles directory, e.g. ++* Make sure to install the dependencies mentioned below are installed. ++* To ensure your local checkout it found by ansible: ++``` ++mkdir -p ~/.ansible/roles/ ++ln -sf ~/community.sap_install/roles/sap_hypervisor_node_preconfigure ~/.ansible/roles/ ++``` ++### Dependencies ++ ++Needs the ansible kubernetes module and the python3 kubernetes binding. On a RHEL based system the are named ++* python3-kubernetes ++* ansible-collection-kubernetes-core ++ ++Needs `oc` binary available in path. ++ ++### Role Variables ++General variables are defined in sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_ocp_virt.yml ++``` ++# Install the trident NFS storage provider. If yes, expects configuration details under ++# sap_hypervisor_node_preconfigure_cluster_config.trident, see example config. ++sap_hypervisor_node_preconfigure_install_trident: True|False ++# URL of the trident installer package to use ++sap_hypervisor_node_preconfigure_install_trident_url: https://github.com/NetApp/trident/releases/download/v23.01.0/trident-installer-23.01.0.tar.gz ++ ++# should SRIOV be enabled for unsupported NICs ++sap_hypervisor_node_preconfigure_sriov_enable_unsupported_nics: True|False ++ ++# Amount of memory [GB] to be reserved for the hypervisor on hosts >= 512GB ++sap_hypervisor_node_preconfigure_hypervisor_reserved_ram_host_ge_512: 64 #GB ++# Amount of memory [GB] to be reserved for the hypervisor on hosts < 512GB ++sap_hypervisor_node_preconfigure_hypervisor_reserved_ram_host_lt_512: 32 #GB ++ ++# Should the check for the minimal amount of memory be ignored? Minimal amount is 96 GB ++# If ignored, the amount of $hostmemory - $reserved is allocated with a lower bound of 0 in case $reserved > $hostmemory ++sap_hypervisor_node_preconfigure_ignore_minimal_memory_check: True|False ++ ++# Define if the host path provisioner should be installed in order to use a local disk as storage device. ++# Uses the following variable to be set to the storage device to be used, e.g.: ++# sap_hypervisor_node_preconfigure_cluster_config.worker_localstorage_device: /dev/sdb ++sap_hypervisor_node_preconfigure_install_hpp: True|False ++``` ++The following variables are describing the nodes and networks to be used. It can make sense to have them in a separate file, e.g. see `playbooks/vars/sample-variables-sap-hypervisor-node-preconfigure-rh_ocp_virt.yml` for an example. ++``` ++sap_hypervisor_node_preconfigure_cluster_config: ++ # URL under which the OCP cluster is reachable ++ cluster_url: ocpcluster.domain.org ++ ++ # namespace under which the VMs are created, note this has to be ++ # openshift-sriov-network-operator in case of using SRIOV network ++ # devices ++ vm_namespace: sap ++ ++ # Optional, configuration for trident driver for Netapp NFS filer ++ trident: ++ management: management.domain.org ++ data: datalif.netapp.domain.org ++ svm: sap_svm ++ backend: nas_backend ++ aggregate: aggregate_Name ++ username: admin ++ password: xxxxx ++ storage_driver: ontap-nas ++ storage_prefix: ocpv_sap_ ++ ++ # CPU cores which will be reserved for kubernetes ++ worker_kubernetes_reserved_cpus: "0,1" ++ ++ # Storage device used for host path provisioner as local storage. ++ worker_localstorage_device: /dev/vdb ++ ++ # detailed configuration for every worker that should be configured ++ workers: ++ - name: worker-0 # name must match the node name ++ networks: # Example network config ++ - name: sapbridge # using a bridge ++ description: SAP bridge ++ state: up ++ type: linux-bridge ++ ipv4: ++ enabled: false ++ auto-gateway: false ++ auto-dns: false ++ bridge: ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens1f0 # network IF name ++ - name: storage # an SRIOV device ++ interface: ens2f0 # network IF name ++ type: sriov ++ ++ - bridge: # another bridge ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens2f0 # network IF name ++ description: storage ++ mtu: 9000 ++ ipv4: ++ address: ++ - ip: 192.168.1.51 # IP config ++ prefix-length: 24 ++ auto-dns: false ++ auto-gateway: false ++ enabled: true ++ name: storagebridge ++ state: up ++ type: linux-bridge ++ - name: multi # another SRIOV device ++ interface: ens2f1 # network IF name ++ type: sriov ++ ++ - name: worker-1 # second worker configuration ++ networks: # Example network config ++ - name: sapbridge # using a bridge ++ description: SAP bridge ++ state: up ++ type: linux-bridge ++ ipv4: ++ enabled: false ++ auto-gateway: false ++ auto-dns: false ++ bridge: ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens1f0 # network IF name ++ - name: storage # an SRIOV device ++ interface: ens2f0 # network IF name ++ type: sriov ++``` ++### Example Playbook ++See `playbooks/sample-sap-hypervisor-redhat_ocp_virt-preconfigure.yml` for an example. ++ ++### Example Usage ++Make sure to set the `KUBECONFIG` environment variable, e.g. ++``` ++export KUBECONFIG=~/.kubeconfig ++``` ++To invoke the example playbook with the example configuration using your localhost as ansible host use the following command line: ++``` ++ansible-playbook --connection=local -i localhost, playbooks/sample-sap-hypervisor-redhat_ocp_virt-preconfigure.yml -e @s/sample-sap-hypervisor-redhat_ocp_virt-preconfigure.yml ++``` ++ ++## Platform: RHEL KVM ++This Ansible Role allows preconfigure of Red Hat Virtualization (RHV), formerly called Red Hat Enterprise Virtualization (RHEV) prior to version 4.4 release. Red Hat Virtualization (RHV) consists of 'Red Hat Virtualization Manager (RHV-M)' and the 'Red Hat Virtualization Host (RHV-H)' hypervisor nodes that this Ansible Role preconfigures. Please note, Red Hat Virtualization is discontinued and maintenance support will end mid-2024. Extended life support for RHV ends mid-2026. ++This Ansible Role does not preconfigure RHEL KVM (RHEL-KVM) hypervisor nodes. Please note that RHEL KVM is standalone, and does not have Management tooling (previously provided by RHV-M). ++ ++### Requirements ++* A RHV hypervisor. ++ ++### Role Variables ++`sap_hypervisor_node_preconfigure_reserved_ram (default: 100)` Reserve memory [GB] for hypervisor host. Depending in the use case should be at least 50-100GB. ++ ++`sap_hypervisor_node_preconfigure_reserve_hugepages (default: static)` Hugepage allocation method: {static|runtime}. ++static: done at kernel command line which is slow, but safe ++runtime: done with hugeadm which is faster, but can in some cases not ensure all HPs are allocated. ++ ++`sap_hypervisor_node_preconfigure_kvm_nx_huge_pages (default: "auto")` Setting for the huge page shattering kvm.nx_huge_pages: {"auto"|"on"|"off"}. Note the importance of the quotes, otherwise off will be mapped to false. See https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html for additional information: ++``` ++ kvm.nx_huge_pages= ++ [KVM] Controls the software workaround for the ++ X86_BUG_ITLB_MULTIHIT bug. ++ force : Always deploy workaround. ++ off : Never deploy workaround. ++ auto : Deploy workaround based on the presence of ++ X86_BUG_ITLB_MULTIHIT. ++ ++ Default is 'auto'. ++ ++ If the software workaround is enabled for the host, ++ guests do need not to enable it for nested guests. ++``` ++ ++`sap_hypervisor_node_preconfigure_tsx (default: "off")` Intel Transactional Synchronization Extensions (TSX): {"on"|"off"}. Note the importance of the quotes, otherwise off will be mapped to false. ++ ++`sap_hypervisor_node_preconfigure_assert (default: false)` In assert mode, the parameters on the system are checked if the confirm with what this role would set. ++ ++`sap_hypervisor_node_preconfigure_ignore_failed_assertion (default: no)` Fail if assertion is invalid. ++ ++`sap_hypervisor_node_preconfigure_run_grub2_mkconfig (default: yes)` Update the grub2 config. ++ ++ ++### Example Playbook ++Simple example that just sets the parameters. ++``` ++--- ++- hosts: all ++ gather_facts: true ++ serial: 1 ++ vars: ++ sap_hypervisor_node_platform: redhat_rhel_kvm ++ tasks: ++ - name: Include Role ++ ansible.builtin.include_role: ++ name: sap_hypervisor_node_preconfigure ++``` ++ ++Run in assert mode to verify that parameters have been set. ++``` ++--- ++- hosts: all ++ gather_facts: true ++ serial: 1 ++ vars: ++ sap_hypervisor_node_platform: redhat_rhel_kvm ++ sap_hypervisor_node_preconfigure_assert: yes ++ tasks: ++ - name: Include Role ++ ansible.builtin.include_role: ++ name: sap_hypervisor_node_preconfigure ++``` ++### License ++Apache 2.0 ++ ++### Author Information ++Nils Koenig (nkoenig@redhat.com) +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_netweaver_preconfigure.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_netweaver_preconfigure.md +new file mode 100644 +index 0000000..306d438 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_netweaver_preconfigure.md +@@ -0,0 +1,195 @@ ++# sap_netweaver_preconfigure Ansible Role ++ ++This role installs additional required packages and performs additional configuration steps for installing and running SAP NetWeaver. ++If you want to configure a RHEL system for the installation and later usage of SAP NetWeaver, you have to first run role `sap_general_preconfigure` and then role sap_netweaver_preconfigure. ++For SLES, running the `sap_general_preconfigure` role is not necessary. ++ ++## Support Status ++ ++The support status of this role is: "Fully supported for RHEL managed nodes" ++ ++## Requirements ++ ++To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by ++running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). ++It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP NetWeaver, to maintain an identical ++system time, before or after running role sap_netweaver_preconfigure. ++ ++Note ++---- ++On RHEL, as per SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile ++(e.g. virtual-guest) had been active before or not. ++ ++On SLES, this role will switch the saptune solution to the one specified by the configuration and will override any previously set solution. ++The default solution is `NETWEAVER`. ++ ++The role can check if enough swap space - as per the prerequisite checker in sapinst - has been configured on the managed node. ++Please check the SAP NetWeaver installation guide for swap space requirements. ++ ++Do not run this role against an SAP NetWeaver or other production system. The role will enforce a certain configuration on the managed ++node(s), which might not be intended. ++ ++ ++## Role Input Parameters ++ ++Minimum required parameters: ++This role does not require any parameter to be set in the playbook or inventory. ++ ++ ++### sap_netweaver_preconfigure_config_all ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
++Default is to perform installation and configuration steps.
++ ++### sap_netweaver_preconfigure_installation ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++installation steps of SAP notes.
++ ++### sap_netweaver_preconfigure_configuration ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++configuration steps of SAP notes.
++ ++### sap_netweaver_preconfigure_assert ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If set to `true`, the role will run in assertion mode instead of the default configuration mode.
++ ++### sap_netweaver_preconfigure_assert_ignore_errors ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++In assertion mode, the role will abort when encountering any assertion error.
++If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
++This is useful if the role is used for reporting a system's SAP notes compliance.
++ ++### sap_netweaver_preconfigure_min_swap_space_mb ++- _Type:_ `str` ++- _Default:_ `20480` ++ ++Specifies the minimum amount of swap space on the system required by SAP NetWeaver.
++If this requirement is not met, the role will abort.
++Set your own value to override the default of `20480`.
++ ++### sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++If the system does not have the minimum amount of swap space configured as defined
++in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort.
++By setting this parameter to `false`, the role will not abort in such cases.
++ ++### sap_netweaver_preconfigure_rpath ++- _Type:_ `str` ++- _Default:_ `/usr/sap/lib` ++ ++Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role
++is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`,
++so that newer SAP kernels which are built with GCC10 can find the required symbols.
++ ++### sap_netweaver_preconfigure_use_adobe_doc_services ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed.
++ ++### sap_netweaver_preconfigure_saptune_version ++- _Type:_ `str` ++- _Default:_ `3.0.2` ++ ++On SLES systems, specifies the saptune version
++ ++### sap_netweaver_preconfigure_saptune_solution ++- _Type:_ `str` ++- _Default:_ `NETWEAVER` ++- _Possible Values:_
++ - `NETWEAVER` ++ - `NETWEAVER+HANA` ++ - `S4HANA-APP+DB` ++ - `S4HANA-APPSERVER` ++ - `S4HANA-DBSERVER` ++ ++On SLES systems, specifies the saptune solution to apply.
++ ++ ++ ++## Example Playbook ++ ++Simple playbook, named sap+netweaver.yml: ++```yaml ++--- ++- hosts: all ++ roles: ++ - role: sap_general_preconfigure ++ - role: sap_netweaver_preconfigure ++``` ++ ++Simple playbook for an extended check (assert) run, named sap+netweaver-assert.yml: ++```yaml ++--- ++- hosts: all ++ vars: ++ sap_preconfigure_assert: yes ++ sap_preconfigure_assert_ignore_errors: yes ++ sap_netweaver_preconfigure_assert: yes ++ sap_netweaver_preconfigure_assert_ignore_errors: yes ++ roles: ++ - role: sap_general_preconfigure ++ - role: sap_netweaver_preconfigure ++``` ++ ++## Example Usage ++Normal run, for configuring server host_1 for SAP NetWeaver: ++```yaml ++ansible-playbook sap+netweaver.yml -l host_1 ++``` ++ ++Extended Check (assert) run, not aborting if an error has been found: ++```yaml ++ansible-playbook sap+netweaver-assert.yml -l host_1 ++``` ++ ++Same as above, with a nice compact and colored output, this time for two hosts: ++```yaml ++ansible-playbook sap+netweaver-assert.yml -l host_1,host_2 | ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033[30m[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033[30m[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' ++``` ++Note: For terminals with dark background, replace the color code `30m` by `37m`. ++In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: ++```yaml ++printf "\033[37mreadable font\n" ++``` ++In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: ++```yaml ++printf "\033[30mreadable font\n" ++``` ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, Bernd Finger, Rainer Leber +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_swpm.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_swpm.md +new file mode 100644 +index 0000000..479c303 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_swpm.md +@@ -0,0 +1,131 @@ ++# sap_swpm Ansible Role ++ ++Ansible role for SAP software installation using SWPM ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview for certain deployment scenarios only" ++ ++## Requirements ++ ++The dependencies of this role should be automatically installed when installing the collection with ansible-galaxy. ++ ++For installing the dependencies manually, use the following command: ++ ++`ansible-galaxy install -vv -r meta/collection-requirements.yml` ++ ++## Scope ++ ++*NOTE*: This Ansible role is delivered by Red Hat with a support scope of *Technology Preview* only for the following deployment scenarios: ++S/4HANA 2021 and S/4HANA 2022 single-host installation on x86_64: RHEL 8.4, 8.6, 9.0 and ppc64le: RHEL 8.4 and 8.6. ++ ++Only the `default` role mode is supported. ++ ++All other functionality of this role is currently not supported by Red Hat. ++ ++### SAP Preconfigure ++ ++- Ensure the required volumes and filesystems are configured in the host. You can use the role `sap_storage_setup` to configure this. More info [here](/roles/sap_storage_setup) ++ ++- Please run the RHEL SAP System Role `sap_general_preconfigure` for initial host configuration; as necessary, also use `sap_netweaver_preconfigure` and `sap_hana_preconfigure` ++ ++- For further guidance on using SAP SWPM for different SAP Software installations, please see System Provisioning with Software Provisioning Manager (SWPM) - [User Guides for SAP SWPM 1.0](30839dda13b2485889466316ce5b39e9/c8ed609927fa4e45988200b153ac63d1.html?locale=en-US) and [User Guides for SAP SWPM 2.0](https://help.sap.com/docs/SOFTWARE_PROVISIONING_MANAGER/30839dda13b2485889466316ce5b39e9/6865029dacbe473fadd8eff339bfa568.html?locale=en-US) ++ ++### SAP Software Installation .SAR Files ++ ++1. SAPCAR executable ++ ++2. Software Provisioning Manager .SAR file ++ - `SWPM*.SAR` ++ ++3. SAP Installation files ++ - For New Installation ++ - Download appropriate software from SAP Software Download Center, Maintenance Planner, etc ++ - SAP IGS - `igs*.sar` ++ - SAP IGS HELPER - `igshelper*sar` ++ - SAP Host Agent - `SAPHOSTAGENT*SAR` ++ - SAP Kernel DB - `SAPEXEDB_*SAR` ++ - SAP Kernel DB Independent - `SAPEXE_*SAR` ++ - SAP HANA Client - `IMDB_CLIENT*SAR` ++ ++## Variables and Parameters ++ ++### Input Parameters ++ ++The inputs are critical for running this role ++ - Determines the installation type ++ - Incomplete parameters will result to failure ++ - Wrong parameters will result to failure ++ ++### Default Parameters ++ ++Please check the default parameters file for more information on other parameters that can be used as an input: ++- [**sap_swpm** default parameters](defaults/main.yml) ++ ++Red Hat KB article [6857351](https://access.redhat.com/articles/6857351) contains instructions for installing an S/4HANA single host system ++including a sample playbook. ++ ++Further examples can be found [here](https://github.com/sap-linuxlab/community.sap_install/tree/main/playbooks). ++ ++## Execution ++ ++Sample Ansible Playbook Execution ++ ++- Local Host Installation ++ - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-swpm.yml -e "@inputs/S4H.install"` ++ ++- Target Host Installation ++ - `ansible-playbook -i "" sap-swpm.yml -e "@inputs/S4H.install"` ++ ++### Sample Playbook ++ ++```yaml ++--- ++- hosts: all ++ become: true ++ roles: ++ - sap_swpm ++``` ++ ++## Execution Flow ++ ++### Pre-Install ++ ++- Get SAPCAR executable filename from `sap_swpm_sapcar_path` ++ ++- Get SWPM executable filename from `sap_swpm_swpm_path` ++ ++- Get all .SAR filenames from `sap_swpm_software_path` ++ ++- Update `/etc/hosts` (optional - yes by default) ++ ++- Apply firewall rules for SAP HANA (optional - no by default) ++ ++- Process SAP SWPM `inifile.params` based on inputs ++ ++### SAP SWPM ++ ++- Execute SWPM ++ ++### Post-Install ++ ++- Set expiry of Unix created users to 'never' ++ ++- Apply firewall rules for SAP NW (optional - no by default) ++ ++## Tags ++ ++With the following tags, the role can be called to perform certain activities only: ++- tag `sap_swpm_generate_inifile`: Only create the sapinst inifile. This can be useful for checking if the inifile is created as desired. ++- tag `sap_swpm_sapinst_commandline`: Only show the sapinst command line. ++- tag `sap_swpm_pre_install`: Perform all preinstallation steps, then exit. ++- tag `sap_swpm_setup_firewall`: Only perform the firewall preinstallation settings (but only if variable `sap_swpm_setup_firewall` is set to `true`). ++- tag `sap_swpm_update_etchosts`: Only update file `/etc/hosts` (but only if variable `sap_swpm_update_etchosts` is set to `true`). ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Jason Masipiquena, Sean Freeman, Bernd Finger, Markus Koch +diff --git a/collections/ansible_collections/redhat/sap_install/docs/README_sap_vm_preconfigure.md b/collections/ansible_collections/redhat/sap_install/docs/README_sap_vm_preconfigure.md +new file mode 100644 +index 0000000..89be43e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/docs/README_sap_vm_preconfigure.md +@@ -0,0 +1,65 @@ ++sap_vm_preconfigure ++================== ++ ++This role will set and check the required settings and parameters for a guest (VM) running on RHV/KVM for SAP HANA. ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview" ++ ++## Requirements ++ ++VM with at least RHEL 8.2 installed. ++The roles sap_general_preconfigure and sap_hana_preconfigure have been run on that system. ++ ++ ++## Role Variables ++ ++### Run the role in assert mode ++```yaml ++sap_vm_preconfigure_assert (default: no) ++``` ++If the following variable is set to `yes`, the role will only check if the configuration of the managed mmachines is according to this role. Default is `no`. ++ ++ ++### Behavior of the role in assert mode ++```yaml ++sap_vm_preconfigure_assert_ignore_errors (default: no) ++``` ++If the role is run in assert mode and the following variable is set to `yes`, assertion errors will not cause the role to fail. This can be useful for creating reports. ++Default is `no`, meaning that the role will fail for any assertion error which is discovered. This variable has no meaning if the role is not run in assert mode. ++ ++ ++ ++## Dependencies ++ ++The roles [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) and [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure). ++ ++ ++## Example Playbook ++ ++Simple example that just sets the parameters. ++``` ++- hosts: all ++ roles: ++ - sap_general_preconfigure ++ - sap_hana_preconfigure ++ - sap_vm_preconfigure ++``` ++ ++Run in assert mode to verify that parameters have been set. ++``` ++- hosts: all ++ roles: ++ - sap_vm_preconfigure ++ vars: ++ - sap_vm_preconfigure_assert: yes ++``` ++ ++## License ++ ++Apache-2.0 ++ ++## Author Information ++ ++Nils Koenig (nkoenig@redhat.com) +diff --git a/collections/ansible_collections/redhat/sap_install/meta/runtime.yml b/collections/ansible_collections/redhat/sap_install/meta/runtime.yml +new file mode 100644 +index 0000000..be99ccf +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/meta/runtime.yml +@@ -0,0 +1,2 @@ ++--- ++requires_ansible: '>=2.14.0' +diff --git a/collections/ansible_collections/redhat/sap_install/requirements-sap_swpm.yml b/collections/ansible_collections/redhat/sap_install/requirements-sap_swpm.yml +new file mode 100644 +index 0000000..ab387e5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/requirements-sap_swpm.yml +@@ -0,0 +1,5 @@ ++--- ++collections: ++ - name: https://github.com/ansible-collections/community.general ++ type: git ++ version: main +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/.ansible-lint b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/.ansible-lint +new file mode 100644 +index 0000000..487af36 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/.ansible-lint +@@ -0,0 +1,16 @@ ++--- ++exclude_paths: ++ - tests/sap_general_preconfigure/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/README.md b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/README.md +new file mode 100644 +index 0000000..e6d80ae +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/README.md +@@ -0,0 +1,407 @@ ++# sap_general_preconfigure Ansible Role ++ ++This role installs required packages and performs configuration steps which are required for installing and running SAP NetWeaver or SAP HANA. Specific installation and configuration steps on top of these basic steps are performed with roles sap-netweaver-preconfigure and sap-hana-preconfigure. Future implementations may reduce the scope of this role, for example if certain installation or configuration steps are done in the more specific roles. ++ ++For SLES systems, this role may not be necessary. The majority of SAP preparation and tuning is covered by `saptune` which is configured in the `sap_hana_preconfigure` and `sap_netweaver_preconfigure` roles. ++ ++## Support Status ++ ++The support status of this role is: "Fully supported for RHEL managed nodes" ++ ++## Requirements ++ ++The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, ++make sure that the required collections are installed, for example by using the following command: ++ ++`ansible-galaxy install -vv -r meta/collection-requirements.yml` ++ ++To use this role, your system needs to be installed according to: ++- RHEL 7: SAP note 2002167, Red Hat Enterprise Linux 7.x: Installation and Upgrade, section "Installing Red Hat Enterprise Linux 7" ++- RHEL 8: SAP note 2772999, Red Hat Enterprise Linux 8.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 8". ++- RHEL 9: SAP note 3108316, Red Hat Enterprise Linux 9.x: Installation and Configuration, section "Installing Red Hat Enterprise Linux 9". ++ ++Note ++---- ++Do not run this role against an SAP or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. ++ ++ ++## Role Input Parameters ++ ++#### Minimum required parameters: ++ ++This role does not require any parameter to be set in the playbook or inventory. ++ ++ ++### sap_general_preconfigure_config_all ++- _Type:_ `bool` ++ ++If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
++Default is to perform installation and configuration steps.
++ ++### sap_general_preconfigure_installation ++- _Type:_ `bool` ++ ++If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++installation steps of SAP notes.
++ ++### sap_general_preconfigure_configuration ++- _Type:_ `bool` ++ ++If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
++ ++Example: ++ ++```yaml ++sap_general_preconfigure_config_all: false ++sap_general_preconfigure_configuration: true ++sap_general_preconfigure_2002167_02: true ++sap_general_preconfigure_1391070: true ++``` ++ ++### sap_general_preconfigure_assert ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If set to `true`, the role will run in assertion mode instead of the default configuration mode.
++ ++### sap_general_preconfigure_assert_ignore_errors ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++In assertion mode, the role will abort when encountering any assertion error.
++If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
++This is useful if the role is used for reporting a system's SAP notes compliance.
++ ++### sap_general_preconfigure_system_roles_collection ++- _Type:_ `str` ++- _Default:_ `'fedora.linux_system_roles'` ++- _Possible Values:_
++ - `fedora.linux_system_roles` ++ - `redhat.rhel_system_roles` ++ ++Set which Ansible Collection to use for the Linux System Roles.
++For community/upstream, use 'fedora.linux_system_roles'
++For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
++ ++### sap_general_preconfigure_enable_repos ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` if you want the role to enable the repos as configured by the following repo related parameters.
++The default is `false`, meaning that the role will not enable repos.
++ ++### sap_general_preconfigure_use_netweaver_repos ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you want the role to not enable the SAP NetWeaver repo(s).
++The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s).
++Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
++ ++### sap_general_preconfigure_use_hana_repos ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you want the role to not enable the SAP HANA repo(s).
++The default is `true`, meaning that the role will enable the SAP HANA repo(s).
++Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
++ ++### sap_general_preconfigure_use_ha_repos ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you want the role to not enable the high availability repo(s).
++The default is `true`, meaning that the role will enable the high availability repo(s).
++Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
++ ++### sap_general_preconfigure_disable_all_other_repos ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above.
++The default is `true`, meaning that the role will disable all repos before enabling the desired ones.
++Only valid if `sap_general_preconfigure_enable_repos` is set to `true`.
++ ++### sap_general_preconfigure_req_repos ++- _Type:_ `list` with elements of type `str` ++ ++If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly.
++Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically
++(e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4).
++ ++Example: ++ ++```yaml ++sap_general_preconfigure_req_repos: ++- rhel-8-for-x86_64-baseos-eus-rpms ++- rhel-8-for-x86_64-appstream-eus-rpms ++- rhel-8-for-x86_64-sap-solutions-eus-rpms ++- rhel-8-for-x86_64-sap-netweaver-eus-rpms ++- rhel-8-for-x86_64-highavailability-eus-rpms ++``` ++ ++### sap_general_preconfigure_set_minor_release ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`.
++If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos.
++ ++### sap_general_preconfigure_packagegroups ++- _Type:_ `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++The name of the software package group to install.
++The default for this parameter is set in the vars file which corresponds to the detected OS version.
++ ++Example: ++ ++```yaml ++'@minimal-environment' ++``` ++ ++### sap_general_preconfigure_envgroups ++- _Type:_ `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++The name of the software environment group to check.
++The default for this parameter is set in the vars file which corresponds to the detected OS version.
++ ++Example: ++ ++```yaml ++'@minimal-environment' ++``` ++ ++### sap_general_preconfigure_packages ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++The list of packages to install.
++The default for this variable is set in the vars file which corresponds to the detected OS version.
++ ++### sap_general_preconfigure_min_package_check ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++The default is to install or check if the minimum package versions are installed as defined in the vars files.
++Set to `false` if you do not install or check these minimum package versions.
++ ++### sap_general_preconfigure_install_ibm_power_tools ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
++See also SAP note 2679703.
++ ++### sap_general_preconfigure_add_ibm_power_repo ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
++are already available on the local network). The IBM Power Systems service and productivity tools will only
++be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
++ ++### sap_general_preconfigure_ibm_power_repo_url ++- _Type:_ `str` ++- _Default:_ `'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm'` ++ ++URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools
++ ++### sap_general_preconfigure_update ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++By default, the role will not update the system, for avoiding an unintentional minor OS release update.
++Set this parameter to `true` if you want to update your system to the latest package versions.
++When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of
++those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`.
++ ++### sap_general_preconfigure_reboot_ok ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` if you want to perform a reboot at the end of the role, if necessary.
++ ++### sap_general_preconfigure_fail_if_reboot_required ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
++remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
++Can be useful if you want to implement your own reboot handling.
++ ++### sap_general_preconfigure_selinux_state ++- _Type:_ `str` ++- _Default:_ `'permissive'` ++- _Possible Values:_
++ - `enforcing` ++ - `permissive` ++ - `disabled` ++ ++One of the SELinux states to be set on the system.
++ ++### sap_general_preconfigure_create_directories ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you do not want the SAP directories to be created by the role.
++The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels`
++(see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set.
++ ++### sap_general_preconfigure_sap_directories ++- _Type:_ `list` with elements of type `str` ++- _Default:_ ++ - /usr/sap ++ ++List of SAP directories to be created.
++ ++### sap_general_preconfigure_modify_selinux_labels ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you do not want to modify the SELinux labels for the SAP directories set
++in variable `sap_general_preconfigure_sap_directories`.
++ ++### sap_general_preconfigure_size_of_tmpfs_gb ++- _Type:_ `str` ++- _Default:_ `"{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}"` ++ ++The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735.
++ ++### sap_general_preconfigure_modify_etc_hosts ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you do not want the role to modify the `/etc/hosts` file.
++ ++### sap_general_preconfigure_etc_sysctl_sap_conf ++- _Type:_ `str` ++- _Default:_ `'/etc/sysctl.d/sap.conf'` ++ ++The file name of the sysctl config file to be used
++ ++### sap_general_preconfigure_kernel_parameters ++- _Type:_ `list` with elements of type `dict` ++- _Default:_ (set by platform/environment specific variables) ++ ++The Linux kernel parameters to use. By default, these are taken from the vars file.
++The default for this parameter is set in the vars file which corresponds to the detected OS version.
++ ++Example: ++ ++```yaml ++sap_general_preconfigure_kernel_parameters: ++- name: vm.max_map_count ++ value: '2147483647' ++- name: fs.aio-max-nr ++ value: '18446744073709551615' ++``` ++ ++### sap_general_preconfigure_max_hostname_length ++- _Type:_ `str` ++- _Default:_ `'13'` ++ ++The maximum length of the hostname. See SAP note 611361.
++ ++### sap_hostname ++- _Type:_ `str` ++- _Default:_ `"{{ ansible_hostname }}"` ++ ++The hostname to be used for updating or checking `/etc/hosts` entries.
++ ++### sap_domain ++- _Type:_ `str` ++- _Default:_ `"{{ ansible_domain }}"` ++ ++The DNS domain name to be used for updating or checking `/etc/hosts` entries.
++ ++### sap_ip ++- _Type:_ `str` ++- _Default:_ `"{{ ansible_default_ipv4.address }}"` ++ ++The IPV4 address to be used for updating or checking `/etc/hosts` entries.
++ ++### sap_general_preconfigure_db_group_name ++- _Type:_ `str` ++ ++Use this variable to specify the name of the RHEL group which is used for the database processes.
++If defined, it will be used to configure process limits as per step
++Configuring Process Resource Limits
++ ++Example: ++ ++```yaml ++sap_general_preconfigure_db_group_name: dba ++``` ++ ++ ++ ++## Dependencies ++ ++This role does not depend on any other role. ++ ++## Example Playbook ++ ++Simple playbook, named sap.yml: ++```yaml ++--- ++- hosts: all ++ roles: ++ - role: sap_general_preconfigure ++``` ++ ++## Example Usage ++ ++Normal run: ++```yaml ++ansible-playbook sap.yml -l remote_host ++``` ++ ++Extended Check (assert) run, aborting for any error which has been found: ++```yaml ++ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes}" ++``` ++ ++Extended Check (assert) run, not aborting even if an error has been found: ++```yaml ++ansible-playbook sap.yml -l remote_host -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: no}" ++``` ++ ++Same as above, with a nice compact and colored output, this time for two hosts: ++```yaml ++ansible-playbook sap.yml -l host_1,host_2 -e "{sap_general_preconfigure_assert: yes, sap_general_preconfigure_assert_ignore_errors: yes}" | ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033[30m[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033[30m[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' ++``` ++Note: For terminals with dark background, replace the color code `30m` by `37m`. ++In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: ++```yaml ++printf "\033[37mreadable font\n" ++``` ++In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: ++```yaml ++printf "\033[30mreadable font\n" ++``` ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, Bernd Finger, Markus Koch, Rainer Leber +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/defaults/main.yml +new file mode 100644 +index 0000000..44dcaa2 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/defaults/main.yml +@@ -0,0 +1,166 @@ ++--- ++# BEGIN: Default Variables for sap_general_preconfigure ++ ++# sap_general_preconfigure_config_all: (not defined by default) ++# If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes. ++# Default is to perform installation and configuration steps. ++ ++# sap_general_preconfigure_installation: (not defined by default) ++# If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++# installation steps of SAP notes. ++ ++# sap_general_preconfigure_configuration: (not defined by default) ++# If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++# configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`. ++# Example: See README.md ++ ++sap_general_preconfigure_assert: false ++# If set to `true`, the role will run in assertion mode instead of the default configuration mode. ++ ++sap_general_preconfigure_assert_ignore_errors: false ++# In assertion mode, the role will abort when encountering any assertion error. ++# If this parameter is set to `false`, the role will *not* abort when encountering an assertion error. ++# This is useful if the role is used for reporting a system's SAP notes compliance. ++ ++sap_general_preconfigure_system_roles_collection: 'redhat.rhel_system_roles' ++# Set which Ansible Collection to use for the Linux System Roles. ++# For community/upstream, use 'fedora.linux_system_roles' ++# For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles' ++# Possible Values: ++# - fedora.linux_system_roles ++# - redhat.rhel_system_roles ++ ++sap_general_preconfigure_enable_repos: false ++# Set to `true` if you want the role to enable the repos as configured by the following repo related parameters. ++# The default is `false`, meaning that the role will not enable repos. ++ ++sap_general_preconfigure_use_netweaver_repos: true ++# Set to `false` if you want the role to not enable the SAP NetWeaver repo(s). ++# The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s). ++# Only valid if `sap_general_preconfigure_enable_repos` is set to `true`. ++ ++sap_general_preconfigure_use_hana_repos: true ++# Set to `false` if you want the role to not enable the SAP HANA repo(s). ++# The default is `true`, meaning that the role will enable the SAP HANA repo(s). ++# Only valid if `sap_general_preconfigure_enable_repos` is set to `true`. ++ ++sap_general_preconfigure_use_ha_repos: true ++# Set to `false` if you want the role to not enable the high availability repo(s). ++# The default is `true`, meaning that the role will enable the high availability repo(s). ++# Only valid if `sap_general_preconfigure_enable_repos` is set to `true`. ++ ++sap_general_preconfigure_disable_all_other_repos: true ++# Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above. ++# The default is `true`, meaning that the role will disable all repos before enabling the desired ones. ++# Only valid if `sap_general_preconfigure_enable_repos` is set to `true`. ++ ++# sap_general_preconfigure_req_repos: (not defined by default) ++# If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly. ++# Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically ++# (e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4). ++# Example: See README.md ++ ++sap_general_preconfigure_set_minor_release: false ++# Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`. ++# If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos. ++ ++sap_general_preconfigure_packagegroups: "{{ __sap_general_preconfigure_packagegroups }}" ++# The name of the software package group to install. ++# The default for this parameter is set in the vars file which corresponds to the detected OS version. ++# Example: See README.md ++ ++sap_general_preconfigure_envgroups: "{{ __sap_general_preconfigure_envgroups }}" ++# The name of the software environment group to check. ++# The default for this parameter is set in the vars file which corresponds to the detected OS version. ++# Example: See README.md ++ ++sap_general_preconfigure_packages: "{{ __sap_general_preconfigure_packages }}" ++# The list of packages to install. ++# The default for this variable is set in the vars file which corresponds to the detected OS version. ++ ++sap_general_preconfigure_min_package_check: true ++# The default is to install or check if the minimum package versions are installed as defined in the vars files. ++# Set to `false` if you do not install or check these minimum package versions. ++ ++sap_general_preconfigure_install_ibm_power_tools: true ++# Set this parameter to `false` to not install the IBM Power Systems service and productivity tools. ++# See also SAP note 2679703. ++ ++sap_general_preconfigure_add_ibm_power_repo: true ++# Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages ++# are already available on the local network). The IBM Power Systems service and productivity tools will only ++# be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default. ++ ++sap_general_preconfigure_ibm_power_repo_url: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' ++# URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools ++ ++sap_general_preconfigure_update: false ++# By default, the role will not update the system, for avoiding an unintentional minor OS release update. ++# Set this parameter to `true` if you want to update your system to the latest package versions. ++# When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of ++# those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`. ++ ++sap_general_preconfigure_reboot_ok: false ++# Set to `true` if you want to perform a reboot at the end of the role, if necessary. ++ ++sap_general_preconfigure_fail_if_reboot_required: true ++# If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not ++# remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior. ++# Can be useful if you want to implement your own reboot handling. ++ ++sap_general_preconfigure_selinux_state: 'permissive' ++# One of the SELinux states to be set on the system. ++# Possible Values: ++# - enforcing ++# - permissive ++# - disabled ++ ++sap_general_preconfigure_create_directories: true ++# Set to `false` if you do not want the SAP directories to be created by the role. ++# The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels` ++# (see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set. ++ ++sap_general_preconfigure_sap_directories: ++ - /usr/sap ++# List of SAP directories to be created. ++ ++sap_general_preconfigure_modify_selinux_labels: true ++# Set to `false` if you do not want to modify the SELinux labels for the SAP directories set ++# in variable `sap_general_preconfigure_sap_directories`. ++ ++sap_general_preconfigure_size_of_tmpfs_gb: "{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}" ++# The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735. ++ ++sap_general_preconfigure_modify_etc_hosts: true ++# Set to `false` if you do not want the role to modify the `/etc/hosts` file. ++ ++sap_general_preconfigure_etc_sysctl_sap_conf: '/etc/sysctl.d/sap.conf' ++# The file name of the sysctl config file to be used ++ ++sap_general_preconfigure_kernel_parameters: "{{ __sap_general_preconfigure_kernel_parameters_default }}" ++# The Linux kernel parameters to use. By default, these are taken from the vars file. ++# The default for this parameter is set in the vars file which corresponds to the detected OS version. ++# Example: See README.md ++ ++sap_general_preconfigure_max_hostname_length: '13' ++# The maximum length of the hostname. See SAP note 611361. ++ ++# Reason for noqa: A separate role is planned to replace the code which uses this variable. ++sap_hostname: "{{ ansible_hostname }}" # noqa var-naming[no-role-prefix] ++# The hostname to be used for updating or checking `/etc/hosts` entries. ++ ++# Reason for noqa: A separate role is planned to replace the code which uses this variable. ++sap_domain: "{{ ansible_domain }}" # noqa var-naming[no-role-prefix] ++# The DNS domain name to be used for updating or checking `/etc/hosts` entries. ++ ++# Reason for noqa: A separate role is planned to replace the code which uses this variable. ++sap_ip: "{{ ansible_default_ipv4.address }}" # noqa var-naming[no-role-prefix] ++# The IPV4 address to be used for updating or checking `/etc/hosts` entries. ++ ++# sap_general_preconfigure_db_group_name: (not defined by default) ++# Use this variable to specify the name of the RHEL group which is used for the database processes. ++# If defined, it will be used to configure process limits as per step ++# Configuring Process Resource Limits ++# Example: See README.md ++ ++# END: Default Variables for sap_general_preconfigure +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/etc/tmpfiles.d/sap.conf b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/etc/tmpfiles.d/sap.conf +new file mode 100644 +index 0000000..13fa6ac +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/etc/tmpfiles.d/sap.conf +@@ -0,0 +1,13 @@ ++# systemd.tmpfiles exclude file for SAP ++# SAP software stores some important files in /tmp which should not be deleted automatically. ++# This file has been created using role sap_general_preconfigure in RHEL System Roles for SAP. ++# Do not change this file as it might be overwritten when running role sap_general_preconfigure again. ++ ++# Exclude SAP socket and lock files ++x /tmp/.sap* ++ ++# Exclude HANA lock file ++x /tmp/.hdb*lock ++ ++# Exclude TREX lock file ++x /tmp/.trex*lock +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/etc/tmpfiles.d/sap_RedHat_9.conf b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/etc/tmpfiles.d/sap_RedHat_9.conf +new file mode 100644 +index 0000000..082012b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/etc/tmpfiles.d/sap_RedHat_9.conf +@@ -0,0 +1,10 @@ ++# systemd.tmpfiles exclude file for SAP ++# SAP software stores some important files in /tmp which should not be deleted automatically. ++# This file has been created using role sap_general_preconfigure in RHEL System Roles for SAP. ++# Do not change this file as it might be overwritten when running role sap_general_preconfigure again. ++ ++# Exclude SAP socket and lock files ++x /tmp/.sap* ++ ++# Exclude TREX lock file ++x /tmp/.trex*lock +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/tmp/hostnamectl-fix.pp b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/tmp/hostnamectl-fix.pp +new file mode 100644 +index 0000000..ff98198 +Binary files /dev/null and b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/tmp/hostnamectl-fix.pp differ +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/tmp/hostnamectl-fix.te b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/tmp/hostnamectl-fix.te +new file mode 100644 +index 0000000..45190e7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/files/tmp/hostnamectl-fix.te +@@ -0,0 +1,11 @@ ++ ++module hostnamectl-fix 1.0; ++ ++require { ++ type initrc_t; ++ type systemd_hostnamed_t; ++ class dbus send_msg; ++} ++ ++#============= systemd_hostnamed_t ============== ++allow systemd_hostnamed_t initrc_t:dbus send_msg; +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/handlers/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/handlers/main.yml +new file mode 100644 +index 0000000..533d3f4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/handlers/main.yml +@@ -0,0 +1,43 @@ ++--- ++# handlers file for sap_general_preconfigure ++ ++- name: Reboot the managed node ++ ansible.builtin.reboot: ++ test_command: /bin/true ++ listen: __sap_general_preconfigure_reboot_handler ++ when: ++ - sap_general_preconfigure_reboot_ok|d(false) ++ ++- name: Let the role fail if a reboot is required ++ ansible.builtin.fail: ++ msg: Reboot is required! ++ listen: __sap_general_preconfigure_reboot_handler ++ when: ++ - sap_general_preconfigure_fail_if_reboot_required|d(true) ++ - not sap_general_preconfigure_reboot_ok|d(false) ++ ++- name: Show a warning message if a reboot is required ++ ansible.builtin.debug: ++ msg: "WARN: Reboot is required!" ++ listen: __sap_general_preconfigure_reboot_handler ++ when: ++ - not sap_general_preconfigure_fail_if_reboot_required|d(true) ++ - not sap_general_preconfigure_reboot_ok|d(false) ++ ++# Reasons for noqa: ++# - command-instead-of-module: We want to avoid non-ansible.builtin modules where possible ++# - no-changed-when: Remounting does not do any harm and does not affect idempotency. ++- name: Remount /dev/shm # noqa command-instead-of-module no-changed-when ++ ansible.builtin.command: mount -o remount /dev/shm ++ listen: __sap_general_preconfigure_mount_tmpfs_handler ++ ++- name: Check if /dev/shm is available ++ ansible.builtin.command: df -h /dev/shm ++ register: __sap_general_preconfigure_command_df_shm_result ++ changed_when: false ++ listen: __sap_general_preconfigure_mount_tmpfs_handler ++ ++- name: Show the result of df -h /dev/shm ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_command_df_shm_result.stdout_lines, __sap_general_preconfigure_command_df_shm_result.stderr_lines ++ listen: __sap_general_preconfigure_mount_tmpfs_handler +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/argument_specs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/argument_specs.yml +new file mode 100644 +index 0000000..e4f8a89 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/argument_specs.yml +@@ -0,0 +1,340 @@ ++--- ++# Requires: ansible 2.11 ++# Argument specifications in this separate file maintain backwards compatibility. ++argument_specs: ++ ++ main: ++ short_description: Variables for SAP general preconfiguration ++ options: ++ ++# sap_general_preconfigure_... ++# default: ++# description: ++# - ++# example: ++# ++# required: false ++# type: ++# options: # additional options for lists and dicts ++# : ++# description: ++# ... ++ ++ sap_general_preconfigure_config_all: ++ description: ++ - If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes. ++ - Default is to perform installation and configuration steps. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_installation: ++ description: ++ - If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++ - installation steps of SAP notes. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_configuration: ++ description: ++ - If `sap_general_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++ - configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`. ++ example: ++ sap_general_preconfigure_config_all: false ++ sap_general_preconfigure_configuration: true ++ sap_general_preconfigure_2002167_02: true ++ sap_general_preconfigure_1391070: true ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_assert: ++ default: false ++ description: ++ - If set to `true`, the role will run in assertion mode instead of the default configuration mode. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_assert_ignore_errors: ++ default: false ++ description: ++ - In assertion mode, the role will abort when encountering any assertion error. ++ - If this parameter is set to `false`, the role will *not* abort when encountering an assertion error. ++ - This is useful if the role is used for reporting a system's SAP notes compliance. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_system_roles_collection: ++ default: 'fedora.linux_system_roles' ++ description: ++ - Set which Ansible Collection to use for the Linux System Roles. ++ - For community/upstream, use 'fedora.linux_system_roles' ++ - For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles' ++ choices: ++ - 'fedora.linux_system_roles' ++ - 'redhat.rhel_system_roles' ++ required: false ++ type: str ++ ++ sap_general_preconfigure_enable_repos: ++ default: false ++ description: ++ - Set to `true` if you want the role to enable the repos as configured by the following repo related parameters. ++ - The default is `false`, meaning that the role will not enable repos. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_use_netweaver_repos: ++ default: true ++ description: ++ - Set to `false` if you want the role to not enable the SAP NetWeaver repo(s). ++ - The default is `true`, meaning that the role will enable the SAP NetWeaver repo(s). ++ - Only valid if `sap_general_preconfigure_enable_repos` is set to `true`. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_use_hana_repos: ++ default: true ++ description: ++ - Set to `false` if you want the role to not enable the SAP HANA repo(s). ++ - The default is `true`, meaning that the role will enable the SAP HANA repo(s). ++ - Only valid if `sap_general_preconfigure_enable_repos` is set to `true`. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_use_ha_repos: ++ default: true ++ description: ++ - Set to `false` if you want the role to not enable the high availability repo(s). ++ - The default is `true`, meaning that the role will enable the high availability repo(s). ++ - Only valid if `sap_general_preconfigure_enable_repos` is set to `true`. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_disable_all_other_repos: ++ default: true ++ description: ++ - Set to `false` if you want the role to not disable all repos before enabling the desired ones as configured above. ++ - The default is `true`, meaning that the role will disable all repos before enabling the desired ones. ++ - Only valid if `sap_general_preconfigure_enable_repos` is set to `true`. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_req_repos: ++ description: ++ - If you want to provide your own list of repos (e.g. on cloud systems), set this variable accordingly. ++ - Otherwise, the RHEL default repo names with the maximum support duration for the RHEL minor release are chosen automatically ++ - (e.g. normal repos for RHEL 8.3, e4s repos for RHEL 8.4). ++ example: ++ sap_general_preconfigure_req_repos: ++ - rhel-8-for-x86_64-baseos-eus-rpms ++ - rhel-8-for-x86_64-appstream-eus-rpms ++ - rhel-8-for-x86_64-sap-solutions-eus-rpms ++ - rhel-8-for-x86_64-sap-netweaver-eus-rpms ++ - rhel-8-for-x86_64-highavailability-eus-rpms ++ required: false ++ type: list ++ elements: str ++ ++ sap_general_preconfigure_set_minor_release: ++ default: false ++ description: ++ - Set to `true` if you want the role to set the RHEL minor release, which is required for SAP HANA. Default is `false`. ++ - If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_packagegroups: ++ default: "{{ __sap_general_preconfigure_packagegroups }}" ++ description: ++ - The name of the software package group to install. ++ - The default for this parameter is set in the vars file which corresponds to the detected OS version. ++ example: '@minimal-environment' ++ required: false ++ type: str ++ ++ sap_general_preconfigure_envgroups: ++ default: "{{ __sap_general_preconfigure_envgroups }}" ++ description: ++ - The name of the software environment group to check. ++ - The default for this parameter is set in the vars file which corresponds to the detected OS version. ++ example: '@minimal-environment' ++ required: false ++ type: str ++ ++ sap_general_preconfigure_packages: ++ default: "{{ __sap_general_preconfigure_packages }}" ++ description: ++ - The list of packages to install. ++ - The default for this variable is set in the vars file which corresponds to the detected OS version. ++ required: false ++ type: list ++ elements: str ++ ++ sap_general_preconfigure_min_package_check: ++ default: true ++ description: ++ - The default is to install or check if the minimum package versions are installed as defined in the vars files. ++ - Set to `false` if you do not install or check these minimum package versions. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_install_ibm_power_tools: ++ default: true ++ description: ++ - Set this parameter to `false` to not install the IBM Power Systems service and productivity tools. ++ - See also SAP note 2679703. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_add_ibm_power_repo: ++ default: true ++ description: ++ - Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages ++ - are already available on the local network). The IBM Power Systems service and productivity tools will only ++ - be installed if the variable `sap_general_preconfigure_install_ibm_power_tools` is set to `true`, which is the default. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_ibm_power_repo_url: ++ default: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' ++ description: ++ - URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools ++ required: false ++ type: str ++ ++ sap_general_preconfigure_update: ++ default: false ++ description: ++ - By default, the role will not update the system, for avoiding an unintentional minor OS release update. ++ - Set this parameter to `true` if you want to update your system to the latest package versions. ++ - When using SAP HANA, make sure to set the release lock properly so the minor OS release will be one of ++ - those for which SAP HANA is supported. See also `sap_general_preconfigure_set_minor_release`. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_reboot_ok: ++ default: false ++ description: ++ - Set to `true` if you want to perform a reboot at the end of the role, if necessary. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_fail_if_reboot_required: ++ default: true ++ description: ++ - If `sap_general_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not ++ - remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior. ++ - Can be useful if you want to implement your own reboot handling. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_selinux_state: ++ default: 'permissive' ++ description: ++ - One of the SELinux states to be set on the system. ++ choices: ++ - 'enforcing' ++ - 'permissive' ++ - 'disabled' ++ required: false ++ type: str ++ ++ sap_general_preconfigure_create_directories: ++ default: true ++ description: ++ - Set to `false` if you do not want the SAP directories to be created by the role. ++ - The SAP directories will always be created if `sap_general_preconfigure_modify_selinux_labels` ++ - (see below) is set to `true`, no matter how `sap_general_preconfigure_create_directories` is set. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_sap_directories: ++ default: ++ - '/usr/sap' ++ description: ++ - List of SAP directories to be created. ++ required: false ++ type: list ++ elements: str ++ ++ sap_general_preconfigure_modify_selinux_labels: ++ default: true ++ description: ++ - Set to `false` if you do not want to modify the SELinux labels for the SAP directories set ++ - in variable `sap_general_preconfigure_sap_directories`. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_size_of_tmpfs_gb: ++ default: "{{ ((0.75 * (ansible_memtotal_mb + ansible_swaptotal_mb)) / 1024) | round | int }}" ++ description: ++ - The size of the tmpfs in GB. The formula used here is mentioned in SAP note 941735. ++ required: false ++ type: str ++ ++ sap_general_preconfigure_modify_etc_hosts: ++ default: true ++ description: ++ - Set to `false` if you do not want the role to modify the `/etc/hosts` file. ++ required: false ++ type: bool ++ ++ sap_general_preconfigure_etc_sysctl_sap_conf: ++ default: '/etc/sysctl.d/sap.conf' ++ description: ++ - The file name of the sysctl config file to be used ++ required: false ++ type: str ++ ++ sap_general_preconfigure_kernel_parameters: ++ default: "{{ __sap_general_preconfigure_kernel_parameters_default }}" ++ description: ++ - The Linux kernel parameters to use. By default, these are taken from the vars file. ++ - The default for this parameter is set in the vars file which corresponds to the detected OS version. ++ example: ++ sap_general_preconfigure_kernel_parameters: ++ - name: vm.max_map_count ++ value: '2147483647' ++ - name: fs.aio-max-nr ++ value: '18446744073709551615' ++ required: false ++ type: list ++ elements: dict ++ ++# see SAP note 611361 for possible restrictions for the maximum length of the hostname: ++ sap_general_preconfigure_max_hostname_length: ++ default: '13' ++ description: ++ - The maximum length of the hostname. See SAP note 611361. ++ required: false ++ type: str ++ ++ sap_hostname: ++ default: "{{ ansible_hostname }}" ++ description: ++ - The hostname to be used for updating or checking `/etc/hosts` entries. ++ required: false ++ type: str ++ ++ sap_domain: ++ default: "{{ ansible_domain }}" ++ description: ++ - The DNS domain name to be used for updating or checking `/etc/hosts` entries. ++ required: false ++ type: str ++ ++ sap_ip: ++ default: "{{ ansible_default_ipv4.address }}" ++ description: ++ - The IPV4 address to be used for updating or checking `/etc/hosts` entries. ++ required: false ++ type: str ++ ++ sap_general_preconfigure_db_group_name: ++ description: ++ - Use this variable to specify the name of the RHEL group which is used for the database processes. ++ - If defined, it will be used to configure process limits as per step ++ - "Configuring Process Resource Limits" ++ example: ++ sap_general_preconfigure_db_group_name: 'dba' ++ required: false ++ type: str +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/collection-requirements.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/collection-requirements.yml +new file mode 100644 +index 0000000..58177a7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/collection-requirements.yml +@@ -0,0 +1,4 @@ ++--- ++ ++collections: ++ - name: redhat.rhel_system_roles +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/main.yml +new file mode 100644 +index 0000000..e93dd0d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/meta/main.yml +@@ -0,0 +1,15 @@ ++--- ++galaxy_info: ++ namespace: community ++ author: Red Hat for SAP Community of Practice, Bernd Finger, Markus Koch, Rainer Leber ++ description: Prepare Linux OS (RHEL, SLES) with common configurations required for either SAP NetWeaver or SAP HANA installation ++ company: Red Hat, Inc. ++ license: Apache-2.0 ++ min_ansible_version: 2.9 ++ platforms: ++ - name: EL ++ versions: [7, 8, 9] ++ - name: SLES ++ versions: [15SP3] ++ galaxy_tags: ['sap', 'rhel', 'redhat', 'sles', 'suse'] ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/assert-configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/assert-configuration.yml +new file mode 100644 +index 0000000..dc12b02 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/assert-configuration.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Assert - List required SAP Notes ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_sapnotes_versions | difference(['']) ++ ++- name: Gather service facts ++ ansible.builtin.service_facts: ++ ++- name: Assert - Include configuration actions for required sapnotes ++ ansible.builtin.include_tasks: "sapnote/assert-{{ sap_note_line_item.number }}.yml" ++ with_items: "{{ __sap_general_preconfigure_sapnotes_versions | difference(['']) }}" ++ loop_control: ++ loop_var: sap_note_line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml +new file mode 100644 +index 0000000..5733394 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml +@@ -0,0 +1,291 @@ ++--- ++ ++- name: Check enabled repos ++ when: sap_general_preconfigure_enable_repos ++ block: ++ ++ - name: Assert - Unset list of RHEL repos, SAP NetWeaver ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_netweaver_repos: '' ++ when: not sap_general_preconfigure_use_netweaver_repos ++ ++ - name: Assert - Unset list of RHEL repos, SAP HANA ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_hana_repos: '' ++ when: not sap_general_preconfigure_use_hana_repos ++ ++ - name: Assert - Unset list of RHEL repos, high availability ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_ha_repos: '' ++ when: not sap_general_preconfigure_use_ha_repos ++ ++ - name: Assert - Set final list of repos, non-s390x, auto ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_repos: "{{ __sap_general_preconfigure_req_os_repos | list + __sap_general_preconfigure_req_netweaver_repos | list + __sap_general_preconfigure_req_hana_repos | list + __sap_general_preconfigure_req_ha_repos | list }}" ++ when: ++ - sap_general_preconfigure_req_repos is undefined ++ - ansible_architecture != 's390x' ++ ++ - name: Assert - Set final list of repos, s390x, auto ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_repos: "{{ __sap_general_preconfigure_req_os_repos | list + __sap_general_preconfigure_req_netweaver_repos | list + __sap_general_preconfigure_req_ha_repos | list }}" ++ when: ++ - sap_general_preconfigure_req_repos is undefined ++ - ansible_architecture == 's390x' ++ ++ - name: Assert - Set final list of repos, manual ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_repos: "{{ sap_general_preconfigure_req_repos }}" ++ when: sap_general_preconfigure_req_repos is defined ++ ++ - name: Assert - Get info about enabled repos ++ ansible.builtin.shell: set -o pipefail && subscription-manager repos --list-enabled | awk '/Repo ID:/{print $NF}' ++ register: __sap_general_preconfigure_register_enabled_repos_assert ++ changed_when: no ++ ++ - name: Assert that all required repos are enabled ++ ansible.builtin.assert: ++ that: line_item in __sap_general_preconfigure_register_enabled_repos_assert.stdout_lines ++ fail_msg: "FAIL: Repository '{{ line_item }}' is not enabled!" ++ success_msg: "PASS: Repository '{{ line_item }}' is enabled." ++ with_items: ++ - "{{ __sap_general_preconfigure_req_repos }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Check the RHEL release lock ++ when: sap_general_preconfigure_set_minor_release ++ block: ++ ++ - name: Detect if and how the minor RHEL release is set ++ ansible.builtin.shell: set -o pipefail && subscription-manager release | awk 'NF==2{printf $NF}NF!=2{print}' ++ register: __sap_general_preconfigure_register_subscription_manager_release_assert ++ changed_when: no ++ ignore_errors: yes ++ ++ - name: Assert that the RHEL release is locked correctly ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_subscription_manager_release_assert.stdout == ansible_distribution_version ++ fail_msg: "FAIL: The RHEL release lock status is '{{ __sap_general_preconfigure_register_subscription_manager_release_assert.stdout }}' but the expected value is '{{ ansible_distribution_version }}'!" ++ success_msg: "PASS: The RHEL release is correctly locked to '{{ ansible_distribution_version }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: "ansible_distribution_version != '7.9'" ++ ++ - name: Report that checking the release lock is not necessary if the system is on RHEL 7.9 ++ ansible.builtin.debug: ++ msg: "INFO: No need to check the release lock setting as the RHEL release {{ ansible_distribution_version }} is the last RHEL {{ ansible_distribution_major_version }} minor release" ++ when: "ansible_distribution_version == '7.9'" ++ ++# Reason for noqa: A double brace might also occur in an awk command sequence. ++- name: Check RHEL 7 package groups ++ when: ++ - sap_general_preconfigure_packagegroups | d([]) ++ - ansible_distribution_major_version == '7' ++ block: ++ ++ - name: Set yum group list installed command # noqa jinja[spacing] ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_yum_group_list_installed_command_assert: "yum group list installed hidden ids | awk '/Installed Groups:/{a=1}/Done/{a=0}{if (a==1&&!/:/){print $NF}}' | sed 's,(,,;s,),,'" ++ ++ # Reason for noqa: The command to be executed might contain pipes ++ - name: Check if required RHEL 7 package groups are installed # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_general_preconfigure_fact_yum_group_list_installed_command_assert }}" ++ register: __sap_general_preconfigure_register_yum_group_assert ++ changed_when: no ++ ++ - name: Assert that all required RHEL 7 package groups are installed ++ ansible.builtin.assert: ++ that: line_item in __sap_general_preconfigure_register_yum_group_assert.stdout_lines ++ fail_msg: "FAIL: Package group '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Package group '{{ line_item }}' is installed." ++ loop: "{{ sap_general_preconfigure_packagegroups | map('replace', '@', '') | list }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++# Reason for noqa: A double brace might also occur in an awk command sequence. ++- name: Check RHEL 8 environment groups ++ when: ++ - sap_general_preconfigure_envgroups | d([]) ++ - ansible_distribution_major_version == '8' ++ block: ++ ++ - name: Set yum envgroup list installed command # noqa jinja[spacing] ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_yum_envgroup_list_installed_command_assert: "yum group list installed -v | awk '/Installed Environment Groups:/{a=1}/Installed Groups:/{a=0}{if (a==1&&!/:/){print $NF}}' | sed 's,(,,;s,),,'" ++ ++# Reason for noqa: The command to be executed might contain pipes ++ - name: Check if required RHEL 8 environment groups are installed # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_general_preconfigure_fact_yum_envgroup_list_installed_command_assert }}" ++ register: __sap_general_preconfigure_register_yum_envgroup_assert ++ changed_when: no ++ ++ - name: Assert that all required RHEL 8 environment groups are installed ++ ansible.builtin.assert: ++ that: line_item in __sap_general_preconfigure_register_yum_envgroup_assert.stdout_lines ++ fail_msg: "FAIL: Environment group '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Environment group '{{ line_item }}' is installed." ++ with_items: ++ - "{{ sap_general_preconfigure_envgroups }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that all required packages are installed ++ ansible.builtin.assert: ++ that: line_item in ansible_facts.packages ++ fail_msg: "FAIL: Package '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Package '{{ line_item }}' is installed." ++ with_items: ++ - "{{ sap_general_preconfigure_packages }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Get install status of required IBM packages ++ ansible.builtin.shell: | ++ set -o pipefail && yum info installed {{ __sap_general_preconfigure_required_ppc64le | map('quote') | join(' ') }} | ++ awk '/Name/{n=$NF}/Version/{v=$NF}/Release/{r=$NF}/Description/{printf ("%s\n", n)}' ++ register: __sap_general_preconfigure_register_required_ppc64le_packages_assert ++ changed_when: no ++ when: ansible_architecture == "ppc64le" ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that all required IBM packages are installed ++ ansible.builtin.assert: ++ that: line_item in __sap_general_preconfigure_register_required_ppc64le_packages_assert.stdout_lines ++ fail_msg: "FAIL: Package '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Package '{{ line_item }}' is installed." ++ with_items: ++ - "{{ __sap_general_preconfigure_required_ppc64le }}" ++ loop_control: ++ loop_var: line_item ++ when: ansible_architecture == "ppc64le" ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Minimum required package version check ++ when: ++ - sap_general_preconfigure_min_package_check|bool ++ - __sap_general_preconfigure_min_pkgs | d([]) ++ block: ++# Reason for noqa: We can safely fail at the last command in the pipeline. ++ - name: Assert - Create a list of minimum required package versions to be installed # noqa risky-shell-pipe ++# How does it work? ++# 1 - Print the required package name and version with a prefix "1" followed by a space. ++# 2 - In the same output sequence, list all installed versions of this package with a prefix "2" followed by a space. ++# 3 - Replace all occurrences of ".el" by ".0.0" so that the sort -V correctly sorts packages with ".el" in its name ++# 4 - Sort the list by the name and version. ++# 5 - Replace ".0.0" by ".el" again to get back the original names. ++# 6 - Store the last installed version of the package in variable latestpkg. ++# 7 - Store the last content of column 1 in variable col1, the last content of column 2 in variable col2, ++# and the last number of fields in variable _nf. ++# 8 - case 1: If the last number of output fields is greater than 2, it indicates that the package is not installed ++# because the output of "rpm -q" will be similar to "package XXX is not installed". ++# 8 - case 2a: If the first column of the last line of the output is "1", it means that the required package is ++# the latest of all required and installed versions of the package, so it means that the package needs ++# to be updated. ++# 8 - case 2b: If the first column of the last line of the output is "2", it means that at least of the installed ++# versions the package is equal to or greater than the required package version. ++ ansible.builtin.shell: | ++ (echo "1 {{ pkg[0] }}-{{ pkg[1] }}";rpm -q --qf "%{NAME}-%{VERSION}-%{RELEASE}\n" {{ pkg[0] }} | ++ awk '{printf ("2 %s\n", $0)}') | ++ awk '{gsub ("\\.el", ".0.0"); print}' | ++ sort -k 2 -k 1 -V | ++ awk '{gsub ("\\.0\\.0", ".el"); col1=$1; col2=$2; _nf=NF} ++ $1==2{latestpkg=$2} ++ END { ++ if (_nf>2) { ++ printf ("Package '\''{{ pkg[0] }}'\'' needs to be installed as {{ pkg[0] }}-{{ pkg[1] }}!\n") ++ } else { ++ if (col1==1) { ++ printf ("Package '\''{{ pkg[0] }}'\'' needs to be updated to %s! Currently installed latest version: %s.\n", $2, latestpkg) ++ } ++ if (col1==2) { ++ printf ("Package '\''{{ pkg[0] }}'\'' is already installed as {{ pkg[0] }}-{{ pkg[1] }} or later. Currently installed latest version: %s.\n", latestpkg) ++ } ++ } ++ }' ++ with_list: "{{ __sap_general_preconfigure_min_pkgs }}" ++ loop_control: ++ loop_var: pkg ++ check_mode: no ++ register: __sap_general_preconfigure_register_minpkglist_assert ++ changed_when: no ++ ++ - name: Assert that minimum required package versions are installed ++# If the output includes the string "is already installed" (case 2b), we have a PASS. Otherwise, it's a FAIL. ++ ansible.builtin.assert: ++ that: "'is already installed' in line_item.stdout" ++ fail_msg: "FAIL: {{ line_item.stdout }}" ++ success_msg: "PASS: {{ line_item.stdout }}" ++ with_items: "{{ __sap_general_preconfigure_register_minpkglist_assert.results }}" ++ loop_control: ++ loop_var: line_item ++ label: "" ++ ignore_errors: yes ++ ++- name: Report if no minimum required package version is defined for this RHEL release ++ ansible.builtin.debug: ++ msg: "INFO: No minimum required package version defined (variable __sap_general_preconfigure_min_pkgs)." ++ ignore_errors: yes ++ when: not __sap_general_preconfigure_min_pkgs | d([]) ++ ++# Reason for noqa: The yum module appears to not support the check-update option ++- name: Get info about possible package updates # noqa command-instead-of-module ++ ansible.builtin.command: yum check-update ++ register: __sap_general_preconfigure_register_yum_check_update_assert ++ changed_when: false ++ no_log: true ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: sap_general_preconfigure_update ++ ++- name: Assert that there are no more possible package updates ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_yum_check_update_assert is success ++ fail_msg: "FAIL: System needs to be updated!" ++ success_msg: "PASS: There are no more outstanding package updates." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: sap_general_preconfigure_update ++ ++- name: Report if checking for possible package updates is not requested ++ ansible.builtin.debug: ++ msg: "INFO: Not checking for possible package updates (variable sap_general_preconfigure_update)." ++ ignore_errors: yes ++ when: not sap_general_preconfigure_update ++ ++- name: "Assert - Set needs-restarting command in case of RHEL 7" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command_assert: "needs-restarting -r" ++ when: ansible_distribution_major_version == '7' ++ ++- name: "Assert - Set needs-restarting command in case of RHEL 8 or RHEL 9, except RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command_assert: "yum needs-restarting -r" ++ when: ++ - (ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' ) ++ - ansible_distribution_version != '8.0' ++ ++- name: "Assert - Set customized needs-restarting command in case of RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command_assert: "_IKRNL=$(rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,\"\"); print $1}'); _CKRNL=$(uname -r); if [ ${_IKRNL} != ${_CKRNL} ]; then exit 1; else exit 0; fi" ++ when: ansible_distribution_version == '8.0' ++ ++- name: Assert - Display the command for checking a reboot requirement ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_fact_needs_restarting_command_assert ++ ++# Reason for noqa: The command to be executed might contain pipes ++- name: Assert - Determine if the system needs to be restarted # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_general_preconfigure_fact_needs_restarting_command_assert }}" ++ register: __sap_general_preconfigure_register_needs_restarting_assert ++ changed_when: false ++ check_mode: false ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that system needs no restart ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_needs_restarting_assert is success ++ fail_msg: "FAIL: System needs to be restarted!" ++ success_msg: "PASS: System needs no restart." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/configuration.yml +new file mode 100644 +index 0000000..1707783 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/configuration.yml +@@ -0,0 +1,40 @@ ++--- ++ ++- name: Configure - List required SAP Notes ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_sapnotes_versions | difference(['']) ++ ++- name: Configure - Set directory variables for setting SELinux file contexts ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_fact_targets_setypes: "{{ sap_general_preconfigure_fact_targets_setypes | d([]) + [__sap_general_preconfigure_tmp_dict_target_setype] }}" ++ loop: "{{ sap_general_preconfigure_sap_directories }}" ++ loop_control: ++ loop_var: line_item ++ vars: ++ __sap_general_preconfigure_tmp_dict_target_setype: ++ target: "{{ line_item }}(/.*)?" ++ setype: 'usr_t' ++ when: sap_general_preconfigure_modify_selinux_labels ++ ++- name: Configure - Display directory variable ++ ansible.builtin.debug: ++ var: sap_general_preconfigure_fact_targets_setypes ++ when: sap_general_preconfigure_modify_selinux_labels ++ ++- name: Configure - Create directories ++ ansible.builtin.file: ++ path: "{{ line_item }}" ++ state: directory ++ mode: '0755' ++ owner: root ++ group: root ++ loop: "{{ sap_general_preconfigure_sap_directories }}" ++ loop_control: ++ loop_var: line_item ++ when: sap_general_preconfigure_create_directories or sap_general_preconfigure_modify_selinux_labels ++ ++- name: Configure - Include configuration actions for required sapnotes ++ ansible.builtin.include_tasks: "sapnote/{{ sap_note_line_item.number }}.yml" ++ with_items: "{{ __sap_general_preconfigure_sapnotes_versions | difference(['']) }}" ++ loop_control: ++ loop_var: sap_note_line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml +new file mode 100644 +index 0000000..c7df9b1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml +@@ -0,0 +1,75 @@ ++--- ++ ++- name: Assert that the DNS domain is set ++ ansible.builtin.assert: ++ that: not( (ansible_domain is undefined) or (ansible_domain is none) or (ansible_domain | trim == '') ) ++ fail_msg: "FAIL: The DNS domain is not configured! So variable 'sap_domain' needs to be configured!" ++ success_msg: "PASS: The DNS domain is configured." ++# ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ignore_errors: yes ++ ++- name: Assert that variable sap_domain is set ++ ansible.builtin.assert: ++ that: not( (sap_domain is undefined) or (sap_domain is none) or (sap_domain | trim == '') ) ++ fail_msg: "FAIL: The variable 'sap_domain' is not set!" ++ success_msg: "PASS: The variable 'sap_domain' is set." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Check if the bind-utils package, which contains the dig command, is available ++ ansible.builtin.assert: ++ that: "'bind-utils' in ansible_facts.packages" ++ fail_msg: "FAIL: The package 'bind-utils' is not installed! DNS checking not possible!" ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Check if IP address for sap_hostname.sap_domain is resolved correctly ++ ansible.builtin.command: dig {{ sap_hostname }}.{{ sap_domain }} +short ++ register: __sap_general_preconfigure_register_dig_short_assert ++ ignore_errors: yes ++ changed_when: no ++ when: "'bind-utils' in ansible_facts.packages" ++ ++- name: Assert that ansible_default_ipv4.address is set ++ ansible.builtin.assert: ++ that: not( (ansible_default_ipv4.address is undefined) or (ansible_default_ipv4.address is none) or (ansible_default_ipv4.address | trim == '') ) ++ fail_msg: "FAIL: The variable 'ansible_default_ipv4.address' is not defined!" ++ success_msg: "PASS: The variable 'ansible_default_ipv4.address' is defined." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that sap_ip is set ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_dig_short_assert.stdout == sap_ip ++ fail_msg: "FAIL: The variable 'sap_ip' is not set!" ++ success_msg: "PASS: The variable 'sap_ip' is set." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: "'bind-utils' in ansible_facts.packages" ++ ++### BUG: dig does not use search path in resolv.con on PPCle ++- name: Check if IP address for sap_hostname with search path is resolved correctly ++ ansible.builtin.command: dig {{ sap_hostname }} +search +short ++ register: __sap_general_preconfigure_register_dig_search_short_assert ++ changed_when: false ++ ignore_errors: true ++ when: "'bind-utils' in ansible_facts.packages" ++ ++- name: Assert that the IP address for sap_hostname is resolved correctly ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_dig_search_short_assert.stdout == sap_ip ++ fail_msg: "FAIL: The IP address for 'sap_hostname' could not be resolved!" ++ success_msg: "PASS: The IP address for 'sap_hostname' was resolved." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(true) }}" ++ when: "'bind-utils' in ansible_facts.packages" ++ ++- name: Check if the reverse name resolution is correct ++ ansible.builtin.command: dig -x {{ sap_ip }} +short ++ register: __sap_general_preconfigure_register_dig_reverse_assert ++ changed_when: false ++ ignore_errors: true ++ when: "'bind-utils' in ansible_facts.packages" ++ ++- name: Assert that the reverse name resolution is correct ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_dig_reverse_assert.stdout == (sap_hostname + '.' + sap_domain + '.') ++ fail_msg: "FAIL: The reverse name resolution of 'sap_ip' was not successful!" ++ success_msg: "PASS: The reverse name resolution of 'sap_ip' was successful." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(true) }}" ++ when: "'bind-utils' in ansible_facts.packages" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml +new file mode 100644 +index 0000000..45ae69e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml +@@ -0,0 +1,110 @@ ++--- ++ ++- name: Assert - Display host and domain name, and IP address ++ ansible.builtin.debug: ++ msg: ++ - "sap_hostname = {{ sap_hostname }}" ++ - "sap_domain = {{ sap_domain }}" ++ - "sap_ip = {{ sap_ip }}" ++ ++# Note: There is no check related to hostname aliases. ++#- name: Get all hostname aliases of {{ sap_ip }} ++# shell: | ++# awk '( $1 == "{{ sap_ip }}" ) { ++# for (i=2; i<=NF; ++i) { ++# if (( $i != "{{ sap_hostname }}" ) && ( $i != "{{ sap_hostname }}.{{ sap_domain }}" )) { printf $i" " } ++# } ++# }' /etc/hosts ++# register: sap_base_settings_register_hostname_aliases ++# changed_when: false ++# check_mode: false ++ ++#- name: Print hostname aliases ++# debug: ++# var=sap_hostname_aliases ++ ++- name: Check if ipv4 address, FQDN, and hostname are once in /etc/hosts ++ ansible.builtin.command: awk 'BEGIN{a=0}/{{ sap_ip }}/&&/{{ sap_hostname }}.{{ sap_domain }}/&&/{{ sap_hostname }}/{a++}END{print a}' /etc/hosts ++ register: __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that ipv4 address, FQDN, and hostname are once in /etc/hosts ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_assert.stdout == '1' ++ fail_msg: "FAIL: The line '{{ sap_ip }} {{ sap_hostname }}.{{ sap_domain }} {{ sap_hostname }}' needs to be once in /etc/hosts!" ++ success_msg: "PASS: The line '{{ sap_ip }} {{ sap_hostname }}.{{ sap_domain }} {{ sap_hostname }}' is once in /etc/hosts." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++#- name: Ensure that the entry in /etc/hosts is correct ++# ansible.builtin.lineinfile: ++# path: /etc/hosts ++# regexp: '^{{ sap_ip }}\s' ++# line: "{{ sap_ip }} {{ sap_hostname }}.{{ sap_domain }} {{ sap_hostname }} {{ sap_base_settings_register_hostname_aliases.stdout }}" ++# when: ++# - sap_general_preconfigure_assert_modify_etc_hosts | bool ++ ++- name: Count the number of sap_ip ({{ sap_ip }}) entries in /etc/hosts ++ ansible.builtin.command: awk 'BEGIN{a=0}/{{ sap_ip }}/{a++}END{print a}' /etc/hosts ++ register: __sap_general_preconfigure_register_sap_ip_once_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that there is just one line containing {{ sap_ip }} in /etc/hosts ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_sap_ip_once_assert.stdout == '1' ++ fail_msg: "FAIL: There is no line, or more than one line, containing '{{ sap_ip }}' in /etc/hosts!" ++ success_msg: "PASS: There is only one line containing '{{ sap_ip }}' in /etc/hosts." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Check for duplicate or missing entries of {{ sap_hostname }}.{{ sap_domain }} in /etc/hosts ++ ansible.builtin.command: awk 'BEGIN{a=0}/^{{ sap_hostname }}.{{ sap_domain }}\s/|| /\s{{ sap_hostname }}.{{ sap_domain }}\s/|| /\s{{ sap_hostname }}.{{ sap_domain }}$/{a++}END{print a}' /etc/hosts ++ register: __sap_general_preconfigure_register_fqdn_once_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that there is just one line containing {{ sap_hostname }}.{{ sap_domain }} in /etc/hosts ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_fqdn_once_assert.stdout == '1' ++ fail_msg: "FAIL: There is no line, or more than one line, containing '{{ sap_hostname }}.{{ sap_domain }}' in /etc/hosts!" ++ success_msg: "PASS: There is only one line containing '{{ sap_hostname }}.{{ sap_domain }}' in /etc/hosts." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Check for duplicate or missing entries of {{ sap_hostname }} in /etc/hosts ++ ansible.builtin.command: awk 'BEGIN{a=0}/^{{ sap_hostname }}\s/|| /\s{{ sap_hostname }}\s/|| /\s{{ sap_hostname }}$/{a++}END{print a}' /etc/hosts ++ register: __sap_general_preconfigure_register_sap_hostname_once_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that there is just one line containing {{ sap_hostname }} in /etc/hosts ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_sap_hostname_once_assert.stdout == '1' ++ fail_msg: "FAIL: There is no line, or more than one line, containing '{{ sap_hostname }}' in /etc/hosts!" ++ success_msg: "PASS: There is only one line containing '{{ sap_hostname }}' in /etc/hosts." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Check hostname -s ++ ansible.builtin.shell: test "$(hostname -s)" = "$(hostname)" ++ register: __sap_general_preconfigure_register_hostname_s_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that hostname -s matches the output of hostname ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_hostname_s_assert is success ++ fail_msg: "FAIL: The output of 'hostname -s' does not match the output of 'hostname'!" ++ success_msg: "PASS: The output of 'hostname -s' matches the output of 'hostname'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Check hostname -f ++ ansible.builtin.shell: test "$(hostname -f)" = "$(hostname).$(hostname -d)" ++ register: __sap_general_preconfigure_register_hostname_f_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that hostname -f matches the output of hostname.hostname -d ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_hostname_f_assert is success ++ fail_msg: "FAIL: The output of 'hostname -f' does not match the output of 'hostname'.'hostname -d'!" ++ success_msg: "PASS: The output of 'hostname -f' matches the output of 'hostname'.'hostname -d'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml +new file mode 100644 +index 0000000..5fc5cbd +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml +@@ -0,0 +1,42 @@ ++--- ++ ++# Note: firewalld is not contained in ansible_facts.services. ++#- name: Check firewalld ++# block: ++# - name: Assert that firewalld is disabled ++# assert: ++# that: ++# - "'stopped' in ansible_facts.packages['firewalld'].state" ++# - "'disabled' in ansible_facts.packages['firewalld'].status" ++ ++- name: Check firewalld ++ when: "'firewalld' in ansible_facts.packages" ++ block: ++ ++# Reason for noqa: We need to get the current status only ++ - name: Get status of firewalld # noqa command-instead-of-module ++ ansible.builtin.command: systemctl status firewalld ++ register: __sap_general_preconfigure_register_firewalld_status_assert ++ ignore_errors: yes ++ changed_when: no ++ no_log: yes ++ ++ - name: Assert that firewalld is disabled ++ ansible.builtin.assert: ++ that: "'/usr/lib/systemd/system/firewalld.service; disabled' in __sap_general_preconfigure_register_firewalld_status_assert.stdout" ++ fail_msg: "FAIL: Service 'firewalld' is not disabled!" ++ success_msg: "PASS: Service 'firewalld' is disabled." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that firewalld is inactive ++ ansible.builtin.assert: ++ that: "'inactive (dead)' in __sap_general_preconfigure_register_firewalld_status_assert.stdout" ++ fail_msg: "FAIL: Service 'firewalld' is active!" ++ success_msg: "PASS: Service 'firewalld' is inactive." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Report firewall install status ++ ansible.builtin.debug: ++ msg: "PASS: Service 'firewalld' is not installed." ++ ++ when: "'firewalld' not in ansible_facts.packages" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml +new file mode 100644 +index 0000000..0ee9b89 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml +@@ -0,0 +1,21 @@ ++--- ++ ++- name: Check if hostname is set ++ ansible.builtin.command: hostname ++ register: __sap_general_preconfigure_register_hostname_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that the output of hostname matches the content of variable sap_hostname ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_hostname_assert.stdout == sap_hostname ++ fail_msg: "FAIL: The output of 'hostname' does not match the content of variable 'sap_hostname'!" ++ success_msg: "PASS: The output of 'hostname' matches the content of variable 'sap_hostname'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: "Assert that the length of the hostname is not longer than 'sap_general_preconfigure_max_hostname_length'" ++ ansible.builtin.assert: ++ that: (sap_hostname | length | int) <= (sap_general_preconfigure_max_hostname_length | int) ++ fail_msg: "FAIL: The length of the hostname is {{ sap_hostname | length | int }} but must be less or equal to {{ sap_general_preconfigure_max_hostname_length }} (variable 'sap_general_preconfigure_max_hostname_length')!" ++ success_msg: "PASS: The length of the hostname is {{ sap_hostname | length | int }}, which is less or equal to {{ sap_general_preconfigure_max_hostname_length }} (variable 'sap_general_preconfigure_max_hostname_length')." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml +new file mode 100644 +index 0000000..16481fb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml +@@ -0,0 +1,31 @@ ++--- ++ ++# loop block for sapnote/RedHat/generic/assert-kernel-parameters.yml ++ ++- name: Get {{ line_item.name }} from {{ sap_general_preconfigure_etc_sysctl_sap_conf }} ++ ansible.builtin.shell: awk 'BEGIN{FS="="}/{{ line_item.name }}/{gsub ("^\\s*", "", $NF); print $NF}' {{ sap_general_preconfigure_etc_sysctl_sap_conf }} ++ register: __sap_general_preconfigure_register_sysctl_sap_conf_kernel_parameter_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_general_preconfigure_register_stat_sysctl_sap_conf_assert.stat.exists ++ ++- name: Assert that {{ line_item.name }} is set correctly in {{ sap_general_preconfigure_etc_sysctl_sap_conf }} ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_sysctl_sap_conf_kernel_parameter_assert.stdout == line_item.value ++ fail_msg: "FAIL: The value of '{{ line_item.name }}' in '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' is '{{ __sap_general_preconfigure_register_sysctl_sap_conf_kernel_parameter_assert.stdout }}' but the expected value is '{{ line_item.value }}'!" ++ success_msg: "PASS: The value of '{{ line_item.name }}' in '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' is '{{ __sap_general_preconfigure_register_sysctl_sap_conf_kernel_parameter_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_stat_sysctl_sap_conf_assert.stat.exists ++ ++- name: Get {{ line_item.name }} from sysctl ++ ansible.builtin.shell: sysctl -n {{ line_item.name }} | awk '{gsub ("\t", " "); print}' ++ register: __sap_general_preconfigure_register_sysctl_kernel_parameter_assert ++ changed_when: no ++ ignore_errors: yes ++ ++- name: Assert that {{ line_item.name }} is set correctly as per sysctl ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_sysctl_kernel_parameter_assert.stdout == line_item.value ++ fail_msg: "FAIL: The current value of '{{ line_item.name }}' as per sysctl is '{{ __sap_general_preconfigure_register_sysctl_kernel_parameter_assert.stdout }}' but the expected value is '{{ line_item.value }}'!" ++ success_msg: "PASS: The current value of '{{ line_item.name }}' as per sysctl is '{{ __sap_general_preconfigure_register_sysctl_kernel_parameter_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters.yml +new file mode 100644 +index 0000000..a6d2f49 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters.yml +@@ -0,0 +1,27 @@ ++--- ++ ++- name: Get info about file {{ sap_general_preconfigure_etc_sysctl_sap_conf }} ++ ansible.builtin.stat: ++ path: "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" ++ register: __sap_general_preconfigure_register_stat_sysctl_sap_conf_assert ++ ++- name: Assert that file /etc/sysctl.d/sap.conf exists ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_sysctl_sap_conf_assert.stat.exists ++ fail_msg: "FAIL: File {{ sap_general_preconfigure_etc_sysctl_sap_conf }} does not exist!" ++ success_msg: "PASS: File {{ sap_general_preconfigure_etc_sysctl_sap_conf }} exist." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that file /etc/sysctl.d/sap.conf is a regular file ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_sysctl_sap_conf_assert.stat.isreg ++ fail_msg: "FAIL: File {{ sap_general_preconfigure_etc_sysctl_sap_conf }} is not a regular file!" ++ success_msg: "PASS: File {{ sap_general_preconfigure_etc_sysctl_sap_conf }} is a regular file." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_stat_sysctl_sap_conf_assert.stat.exists ++ ++- name: Get and assert kernel tunables ++ ansible.builtin.include_tasks: assert-kernel-parameters-loop-block.yml ++ loop: "{{ sap_general_preconfigure_kernel_parameters }}" ++ loop_control: ++ loop_var: line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-limits-conf-file.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-limits-conf-file.yml +new file mode 100644 +index 0000000..612edc4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-limits-conf-file.yml +@@ -0,0 +1,21 @@ ++--- ++ ++- name: Get info about file /etc/security/limits.d/99-sap.conf ++ ansible.builtin.stat: ++ path: /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_stat_limits_sap_conf_assert ++ ++- name: Assert that file /etc/security/limits.d/99-sap.conf exists ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ fail_msg: "FAIL: File /etc/security/limits.d/99-sap.conf does not exist!" ++ success_msg: "PASS: File /etc/security/limits.d/99-sap.conf exist." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that file /etc/security/limits.d/99-sap.conf is a regular file ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ fail_msg: "FAIL: File /etc/security/limits.d/99-sap.conf is not a regular file!" ++ success_msg: "PASS: File /etc/security/limits.d/99-sap.conf is a regular file." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml +new file mode 100644 +index 0000000..d940856 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml +@@ -0,0 +1,81 @@ ++--- ++ ++- name: Check if the hard limit of nofile for group sapsys is 1048576 ++ ansible.builtin.command: awk '!/^#/&&/sapsys/&&/nofile/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_limits_sap_conf_nofile_hard_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ ++- name: Assert that the hard limit of nofile for group sapsys is 1048576 ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_limits_sap_conf_nofile_hard_assert.stdout == '1048576' ++ fail_msg: "FAIL: The hard limit of nofile for group 'sapsys' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_nofile_hard_assert.stdout }}' but the expected value is 1048576 !" ++ success_msg: "PASS: The hard limit of nofile for group 'sapsys' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_nofile_hard_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ ++- name: Check if the soft limit of nofile for group sapsys is 1048576 ++ ansible.builtin.command: awk '!/^#/&&/sapsys/&&/nofile/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_limits_sap_conf_nofile_soft_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ ++- name: Assert that the soft limit of nofile for group sapsys is 1048576 ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_limits_sap_conf_nofile_soft_assert.stdout == '1048576' ++ fail_msg: "FAIL: The soft limit of nofile for group 'sapsys' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_nofile_soft_assert.stdout }}' but the expected value is 1048576 !" ++ success_msg: "PASS: The soft limit of nofile for group 'sapsys' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_nofile_soft_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ ++- name: Get the hard limit of nofile for the database group ++ ansible.builtin.command: awk '!/^#/&&/@{{ sap_general_preconfigure_db_group_name }}/&&/nofile/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_limits_sap_conf_db_group_nofile_hard_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ - sap_general_preconfigure_db_group_name is defined ++ ++- name: Assert that the hard limit of nofile for the database group is 1048576 ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_limits_sap_conf_db_group_nofile_hard_assert.stdout == '1048576' ++ fail_msg: "FAIL: The hard limit of nofile for group '{{ sap_general_preconfigure_db_group_name }}' is not set to '1048576' in /etc/security/limits.d/99-sap.conf!" ++ success_msg: "PASS: The hard limit of nofile for group '{{ sap_general_preconfigure_db_group_name }}' is set to '1048576' in /etc/security/limits.d/99-sap.conf." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ - sap_general_preconfigure_db_group_name is defined ++ ++- name: Get the soft limit of nofile for the database group ++ ansible.builtin.command: awk '!/^#/&&/@{{ sap_general_preconfigure_db_group_name }}/&&/nofile/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_limits_sap_conf_db_group_nofile_soft_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ - sap_general_preconfigure_db_group_name is defined ++ ++- name: Assert that the soft limit of nofile for the database group is 1048576 ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_limits_sap_conf_db_group_nofile_soft_assert.stdout == '1048576' ++ fail_msg: "FAIL: The soft limit of nofile for group '{{ sap_general_preconfigure_db_group_name }}' is not set to '1048576' in /etc/security/limits.d/99-sap.conf!" ++ success_msg: "PASS: The soft limit of nofile for group '{{ sap_general_preconfigure_db_group_name }}' is set to '1048576' in /etc/security/limits.d/99-sap.conf." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ - sap_general_preconfigure_db_group_name is defined +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml +new file mode 100644 +index 0000000..2151a44 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml +@@ -0,0 +1,81 @@ ++--- ++ ++- name: Check if the hard limit of nproc for group sapsys is unlimited ++ ansible.builtin.command: awk '/sapsys/&&/nproc/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_limits_sap_conf_nproc_hard_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ ++- name: Assert that the hard limit of nproc for group sapsys is unlimited ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_limits_sap_conf_nproc_hard_assert.stdout == 'unlimited' ++ fail_msg: "FAIL: The hard limit of nproc for group 'sapsys' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_nproc_hard_assert.stdout }}' but the expected value is 'unlimited'!" ++ success_msg: "PASS: The hard limit of nproc for group 'sapsys' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_nproc_hard_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ ++- name: Check if the soft limit of nproc for group sapsys is unlimited ++ ansible.builtin.command: awk '/sapsys/&&/nproc/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_limits_sap_conf_nproc_soft_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ ++- name: Assert that the soft limit of nproc for group sapsys is unlimited ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_limits_sap_conf_nproc_soft_assert.stdout == 'unlimited' ++ fail_msg: "FAIL: The soft limit of nproc for group 'sapsys' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_nproc_hard_assert.stdout }}' but the expected value is 'unlimited'!" ++ success_msg: "PASS: The soft limit of nproc for group 'sapsys' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_nproc_soft_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ ++- name: Get the hard limit of nproc for the database group ++ ansible.builtin.command: awk '/@{{ sap_general_preconfigure_db_group_name }}/&&/nproc/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_hard_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ - sap_general_preconfigure_db_group_name is defined ++ ++- name: Assert that the hard limit of nproc for the database group is unlimited ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_hard_assert.stdout == 'unlimited' ++ fail_msg: "FAIL: The hard limit of nproc for group '{{ sap_general_preconfigure_db_group_name }}' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_hard_assert.stdout }}' but the expected value is 'unlimited'!" ++ success_msg: "PASS: The hard limit of nproc for group '{{ sap_general_preconfigure_db_group_name }}' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_hard_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ - sap_general_preconfigure_db_group_name is defined ++ ++- name: Get the soft limit of nproc for the database group ++ ansible.builtin.command: awk '/@{{ sap_general_preconfigure_db_group_name }}/&&/nproc/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_soft_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ - sap_general_preconfigure_db_group_name is defined ++ ++- name: Assert that the soft limit of nproc for the database group is unlimited ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_soft_assert.stdout == 'unlimited' ++ fail_msg: "FAIL: The soft limit of nproc for group '{{ sap_general_preconfigure_db_group_name }}' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_soft_assert.stdout }}' but the expected value is 'unlimited'!" ++ success_msg: "PASS: The soft limit of nproc for group '{{ sap_general_preconfigure_db_group_name }}' in /etc/security/limits.d/99-sap.conf is '{{ __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_soft_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ - sap_general_preconfigure_db_group_name is defined +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml +new file mode 100644 +index 0000000..2d54c45 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml +@@ -0,0 +1,111 @@ ++--- ++ ++- name: Get info about file '/etc/selinux/config' ++ ansible.builtin.stat: ++ path: /etc/selinux/config ++ register: __sap_general_preconfigure_register_stat_selinux_conf_assert ++ ++- name: Assert that file '/etc/selinux/config' exists and is a regular file ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_selinux_conf_assert.stat.isreg ++ fail_msg: "FAIL: File /etc/selinux/config does not exist or is not a regular file!" ++# success_msg: "PASS: File /etc/selinux/config exists and is a regular file." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Info about SELinux being set to 'enforcing' ++ ansible.builtin.debug: ++ msg: "INFO: The SELinux state has been set to 'enforcing' (variable sap_general_preconfigure_selinux_state)." ++ ignore_errors: yes ++ when: "sap_general_preconfigure_selinux_state == 'enforcing'" ++ ++- name: Warn about how SELinux would be set when role is run in normal mode ++ ansible.builtin.debug: ++ msg: "INFO: When running in normal mode, the role will set the SELinux state to '{{ sap_general_preconfigure_selinux_state }}' (variable sap_general_preconfigure_selinux_state)." ++ ignore_errors: yes ++ when: "sap_general_preconfigure_selinux_state != 'enforcing'" ++ ++- name: "Check if the permanent configuration of the SELinux state is '{{ sap_general_preconfigure_selinux_state }}'" ++ ansible.builtin.command: awk 'BEGIN{FS="="}/^SELINUX=/{print $NF}' /etc/selinux/config ++ register: __sap_general_preconfigure_register_selinux_conf_assert ++ changed_when: false ++ ignore_errors: yes ++ when: __sap_general_preconfigure_register_stat_selinux_conf_assert.stat.isreg ++ ++- name: "Assert that the permanent configuration of the SELinux state is set to '{{ sap_general_preconfigure_selinux_state }}'" ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_selinux_conf_assert.stdout == sap_general_preconfigure_selinux_state ++ fail_msg: "FAIL: The system is not configured for the SELinux state of '{{ sap_general_preconfigure_selinux_state }}'. Current configuration: '{{ __sap_general_preconfigure_register_selinux_conf_assert.stdout }}'." ++ success_msg: "PASS: The system is configured for the SELinux state of '{{ sap_general_preconfigure_selinux_state }}'" ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_stat_selinux_conf_assert.stat.isreg ++ ++- name: Assert - Determine the current SELinux state ++ ansible.builtin.command: getenforce ++ register: __sap_general_preconfigure_register_getenforce_assert ++ changed_when: false ++ ++- name: Assert that the SELinux state is set correctly ++ ansible.builtin.assert: ++ that: (__sap_general_preconfigure_register_getenforce_assert.stdout | lower) == sap_general_preconfigure_selinux_state ++ fail_msg: "FAIL: SELinux is currently not '{{ sap_general_preconfigure_selinux_state }}'! The current SELinux state is: '{{ __sap_general_preconfigure_register_getenforce_assert.stdout | lower }}'." ++ success_msg: "PASS: SELinux is currently {{ sap_general_preconfigure_selinux_state }}." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++# Reason for noqa: Both yum and dnf support "state: latest" ++- name: Install the package which provides the semanage command # noqa package-latest ++ ansible.builtin.package: ++ state: latest ++ name: policycoreutils-python-utils ++ when: ++ - sap_general_preconfigure_modify_selinux_labels ++ - ansible_distribution_major_version != '7' ++ ++- name: Check if the directory '/usr/sap' exists ++ ansible.builtin.stat: ++ path: '/usr/sap' ++ register: __sap_general_preconfigure_register_stat_usr_sap ++ failed_when: false ++ when: sap_general_preconfigure_modify_selinux_labels ++ ++- name: Report that SELinux checking will not be performed if the directory '/usr/sap' does not exist ++ ansible.builtin.debug: ++ msg: "INFO: SELinux checks will not be run because the directory '/usr/sap' does not exist." ++ when: ++ - sap_general_preconfigure_modify_selinux_labels ++ - not __sap_general_preconfigure_register_stat_usr_sap.stat.exists or (__sap_general_preconfigure_register_stat_usr_sap.stat.isdir is defined and not __sap_general_preconfigure_register_stat_usr_sap.stat.isdir) ++ ++- name: Count SELinux configuration database entries for '/usr/sap' ++ ansible.builtin.shell: set -o pipefail && semanage fcontext -l | awk 'BEGIN{a=0}$1=="/usr/sap(/.*)?"&&$NF~/usr_t/{a++}END{print a}' ++ register: __sap_general_preconfigure_register_semanage_fcontext_usr_sap ++ changed_when: false ++ when: ++ - sap_general_preconfigure_modify_selinux_labels ++ - __sap_general_preconfigure_register_stat_usr_sap.stat.isdir is defined and __sap_general_preconfigure_register_stat_usr_sap.stat.isdir ++ ++- name: Assert that there is an entry for '/usr/sap' in the SELinux configuration database ++ ansible.builtin.assert: ++ that: (__sap_general_preconfigure_register_semanage_fcontext_usr_sap.stdout | int) != 0 ++ fail_msg: "FAIL: There is no entry for '/usr/sap' in the SELinux configuration database!" ++ success_msg: "PASS: There is an entry for '/usr/sap' in the SELinux configuration database." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - sap_general_preconfigure_modify_selinux_labels ++ - __sap_general_preconfigure_register_stat_usr_sap.stat.isdir is defined and __sap_general_preconfigure_register_stat_usr_sap.stat.isdir ++ ++- name: Count files in '/usr/sap' and below without SELinux 'usr_t' file context ++ ansible.builtin.shell: "set -o pipefail && ls -1RZ /usr/sap | awk 'BEGIN{a=0}!/^$/&&NF>1&&$1!~/usr_t/{a++}END{print a}'" ++ register: __sap_general_preconfigure_register_ls_z_usr_sap ++ changed_when: false ++ when: ++ - sap_general_preconfigure_modify_selinux_labels ++ - __sap_general_preconfigure_register_stat_usr_sap.stat.isdir is defined and __sap_general_preconfigure_register_stat_usr_sap.stat.isdir ++ ++- name: Assert that all files in '/usr/sap' and below have the 'usr_t' file context ++ ansible.builtin.assert: ++ that: (__sap_general_preconfigure_register_ls_z_usr_sap.stdout | int) == 0 ++ fail_msg: "FAIL: There is at least one file in '/usr/sap' or below without the 'usr_t' file context!" ++ success_msg: "PASS: All files in '/usr/sap' and below have the 'usr_t' file context." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - sap_general_preconfigure_modify_selinux_labels ++ - __sap_general_preconfigure_register_stat_usr_sap.stat.isdir is defined and __sap_general_preconfigure_register_stat_usr_sap.stat.isdir +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-systemd-tmpfiles.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-systemd-tmpfiles.yml +new file mode 100644 +index 0000000..4c0b696 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-systemd-tmpfiles.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: Get info about file /etc/tmpfiles.d/sap.conf ++ ansible.builtin.stat: ++ path: /etc/tmpfiles.d/sap.conf ++ register: __sap_general_preconfigure_register_stat_tmpfiles_sap_conf_assert ++ ++- name: Assert that file /etc/tmpfiles.d/sap.conf exists ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_tmpfiles_sap_conf_assert.stat.exists ++ fail_msg: "FAIL: File /etc/tmpfiles.d/sap.conf does not exist!" ++ success_msg: "PASS: File /etc/tmpfiles.d/sap.conf exist." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml +new file mode 100644 +index 0000000..4c1ac52 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml +@@ -0,0 +1,35 @@ ++--- ++ ++- name: Check the size of tmpfs ++ ansible.builtin.command: awk '/\/dev\/shm/&&/tmpfs/{gsub ("defaults,size=", "", $4); print $4}' /etc/fstab ++ register: __sap_general_preconfigure_register_fstab_tmpfs_size_gb_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that there is an entry for tmpfs in /etc/fstab ++ ansible.builtin.assert: ++ that: (__sap_general_preconfigure_register_fstab_tmpfs_size_gb_assert.stdout | length) > 0 ++ fail_msg: "FAIL: There is no entry for 'tmpfs' in /etc/fstab!" ++ success_msg: "PASS: An entry for 'tmpfs' in /etc/fstab exists." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that the size of tmpfs is large enough as per /etc/fstab ++ ansible.builtin.assert: ++ that: (sap_general_preconfigure_size_of_tmpfs_gb + 'G') in __sap_general_preconfigure_register_fstab_tmpfs_size_gb_assert.stdout ++ fail_msg: "FAIL: The size of tmpfs in /etc/fstab is '{{ __sap_general_preconfigure_register_fstab_tmpfs_size_gb_assert.stdout }}' but the expected size is '{{ sap_general_preconfigure_size_of_tmpfs_gb }}G'!" ++ success_msg: "PASS: The size of tmpfs in /etc/fstab is '{{ __sap_general_preconfigure_register_fstab_tmpfs_size_gb_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_fstab_tmpfs_size_gb_assert.stdout | length > 0 ++ ++- name: Check if /dev/shm is available and has the expected size ++ ansible.builtin.shell: df -kl /dev/shm | awk '/\/dev\/shm/&&/tmpfs/{printf ("%.0fG\n", $2/1024/1024)}' ++ register: __sap_general_preconfigure_register_df_shm_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that the current size of tmpfs is large enough as per df output ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_df_shm_assert.stdout == (sap_general_preconfigure_size_of_tmpfs_gb + 'G') ++ fail_msg: "FAIL: The current size of tmpfs is '{{ __sap_general_preconfigure_register_df_shm_assert.stdout }}' but the expected size is '{{ sap_general_preconfigure_size_of_tmpfs_gb }}G'!" ++ success_msg: "PASS: The current size of tmpfs is '{{ __sap_general_preconfigure_register_df_shm_assert.stdout }}'." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml +new file mode 100644 +index 0000000..6d07d07 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml +@@ -0,0 +1,40 @@ ++--- ++ ++- name: Assert that uuidd.service exists ++ ansible.builtin.assert: ++ that: "'uuidd.service' in ansible_facts.services" ++ fail_msg: "FAIL: Service 'uuidd' could not be found!" ++ success_msg: "PASS: Service 'uuidd' is available." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++# uuidd is started on demand by uuidd.socket, so it does not need to be running: ++- name: Report uuidd service status ++ ansible.builtin.debug: ++ msg: "INFO: The 'uuidd' service is in status '{{ ansible_facts.services['uuidd.service']['status'] }}' and in state '{{ ansible_facts.services['uuidd.service']['state'] }}'." ++ when: "'uuidd.service' in ansible_facts.services" ++ ++# uuidd.socket is not contained in ansible_facts.services, so we need to get the status from systemctl: ++# Reason for noqa: We need to get the current status only ++- name: Get status of uuidd.socket # noqa command-instead-of-module ++ ansible.builtin.command: systemctl status uuidd.socket ++ register: __sap_general_preconfigure_register_uuidd_socket_status_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Report uuidd.socket service status ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_uuidd_socket_status_assert.stdout ++ ++- name: Assert that uuidd.socket is enabled ++ ansible.builtin.assert: ++ that: "'/usr/lib/systemd/system/uuidd.socket; enabled' in __sap_general_preconfigure_register_uuidd_socket_status_assert.stdout" ++ fail_msg: "FAIL: Service 'uuidd.socket' is not enabled!" ++ success_msg: "PASS: Service 'uuidd.socket' is enabled." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that uuidd.socket is active ++ ansible.builtin.assert: ++ that: "'active (running)' in __sap_general_preconfigure_register_uuidd_socket_status_assert.stdout or 'active (listening)' in __sap_general_preconfigure_register_uuidd_socket_status_assert.stdout" ++ fail_msg: "FAIL: Service 'uuidd.socket' is not active!" ++ success_msg: "PASS: Service 'uuidd.socket' is active." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/check-dns-name-resolution.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/check-dns-name-resolution.yml +new file mode 100644 +index 0000000..42ca533 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/check-dns-name-resolution.yml +@@ -0,0 +1,17 @@ ++--- ++ ++- name: Check dns forwarding settings ++ ansible.builtin.shell: test "$(dig {{ sap_hostname }}.{{ sap_domain }} +short)" = "{{ sap_ip }}" ++ changed_when: false ++ ignore_errors: true ++ ++### BUG: dig does not use search path in resolv.con on PPCle ++- name: Check resolv.conf settings ++ ansible.builtin.shell: test "$(dig {{ sap_hostname }} +search +short)" = "{{ sap_ip }}" ++ changed_when: false ++ ignore_errors: true ++ ++- name: Check dns reverse settings ++ ansible.builtin.shell: test "$(dig -x {{ sap_ip }} +short)" = "{{ sap_hostname }}.{{ sap_domain }}." ++ changed_when: false ++ ignore_errors: true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml +new file mode 100644 +index 0000000..5954cb5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml +@@ -0,0 +1,114 @@ ++--- ++ ++- name: Display host and domain name, and IP address before the modification ++ ansible.builtin.debug: ++ msg: ++ - "sap_hostname = {{ sap_hostname }}" ++ - "sap_domain = {{ sap_domain }}" ++ - "sap_ip = {{ sap_ip }}" ++ ++- name: Get all hostname aliases of {{ sap_ip }} ++ ansible.builtin.shell: | ++ awk '( $1 == "{{ sap_ip }}" ) { ++ for (i=2; i<=NF; ++i) { ++ if (( $i != "{{ sap_hostname }}" ) && ( $i != "{{ sap_hostname }}.{{ sap_domain }}" )) { printf " "$i } ++ } ++ }' /etc/hosts ++ register: __sap_general_preconfigure_register_sap_hostname_aliases ++ changed_when: false ++ ++- name: Display hostname aliases ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_sap_hostname_aliases ++ ++- name: Check if ipv4 address, FQDN, and hostname are in /etc/hosts ++ when: not sap_general_preconfigure_modify_etc_hosts | bool ++ block: ++ ++ - name: Perform the /etc/hosts completeness check ++ ansible.builtin.command: awk 'BEGIN{a=0}/{{ sap_ip }}/&&/{{ sap_hostname }}.{{ sap_domain }}/&&/{{ sap_hostname }}/{a++}END{print a}' /etc/hosts ++ register: __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check ++ changed_when: false ++ ++ - name: Display the output of the /etc/hosts completeness check ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check.stdout_lines, __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check.stderr_lines ++ ++ - name: Display the expected output of the /etc/hosts completeness check ++ ansible.builtin.debug: ++ msg: ++ - "Expected:" ++ - "{{ sap_ip }} {{ sap_hostname }}.{{ sap_domain }} {{ sap_hostname }}" ++ when: ++ - __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check.stdout != "1" ++ ++ - name: Fail if ip4 address, FQDN, or hostname are not in /etc/hosts ++ ansible.builtin.fail: ++ msg: ++ - "Server's ip4 address, FQDN, or hostname are not in /etc/hosts!" ++ - "Expected:" ++ - "{{ sap_ip }} {{ sap_hostname }}.{{ sap_domain }} {{ sap_hostname }}" ++ when: ++ - __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check.stdout != "1" ++ ignore_errors: "{{ ansible_check_mode }}" ++ ++# We allow more than one line containing sap_ip: ++- name: Check for duplicate entries of {{ sap_ip }} in /etc/hosts ++ ansible.builtin.shell: | ++ n=$(grep "^{{ sap_ip }}\s" /etc/hosts | wc -l) ++ if [ $n -gt 1 ]; then ++ echo "Duplicate IP entry in /etc/hosts!" ++ exit 1 ++ else ++ exit 0 ++ fi ++ register: __sap_general_preconfigure_register_duplicate_ip_check ++ changed_when: false ++ ignore_errors: yes ++ when: not ansible_check_mode ++ ++- name: Verify that variable sap_domain is set ++ ansible.builtin.assert: ++ that: not( (sap_domain is undefined) or (sap_domain is none) or (sap_domain | trim == '') ) ++ msg: "Variable 'sap_domain' is undefined or empty. Please define it in defaults/main.yml or via --extra-vars!" ++ ++- name: Report if there is more than one line with the IP address ++ ansible.builtin.debug: ++ msg: ++ - "More than one line containing {{ sap_ip }}. File /etc/hosts will not be modified." ++ when: ++ - not ansible_check_mode ++ - __sap_general_preconfigure_register_duplicate_ip_check.stdout == 'Duplicate IP entry in /etc/hosts!' ++ - sap_general_preconfigure_modify_etc_hosts | bool ++ ++- name: Ensure that the entry in /etc/hosts is correct ++ ansible.builtin.lineinfile: ++ path: /etc/hosts ++ regexp: '^{{ sap_ip }}\s' ++ line: "{{ sap_ip }} {{ sap_hostname }}.{{ sap_domain }} {{ sap_hostname }}{{ __sap_general_preconfigure_register_sap_hostname_aliases.stdout }}" ++ backup: yes ++ when: ++ - not ansible_check_mode ++ - sap_domain | length > 0 ++ - __sap_general_preconfigure_register_duplicate_ip_check.stdout != 'Duplicate IP entry in /etc/hosts!' ++ - sap_general_preconfigure_modify_etc_hosts | bool ++ ++- name: Check for duplicate or missing entries of hostname and fqdn in /etc/hosts ++ ansible.builtin.shell: | ++ n=$(awk 'BEGIN{a=0}/^{{ line_item }}\s/||/\s{{ line_item }}\s/||/\s{{ line_item }}$/{a++}END{print a}' /etc/hosts) ++ if [ $n -eq 1 ]; then ++ exit 0 ++ else ++ exit 1 ++ fi ++ with_items: ++ - '{{ sap_hostname }}.{{ sap_domain }}' ++ - '{{ sap_hostname }}' ++ changed_when: false ++ loop_control: ++ loop_var: line_item ++ when: not ansible_check_mode ++ ++- name: Check hostname -s and hostname -f settings ++ ansible.builtin.shell: test "$(hostname -s)" = "$(hostname)" -a "$(hostname -f)" = "$(hostname).$(hostname -d)" ++ changed_when: false +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml +new file mode 100644 +index 0000000..fc6cda1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Stop and disable service firewalld ++ ansible.builtin.systemd: ++ name: firewalld ++ state: stopped ++ enabled: no ++ when: "'firewalld' in ansible_facts.packages" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-hostname.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-hostname.yml +new file mode 100644 +index 0000000..9d37986 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-hostname.yml +@@ -0,0 +1,54 @@ ++--- ++ ++# The hostname module fails if it is run from an initrc_t context ++# See also: https://github.com/ansible/ansible/issues/19814 ++# The following applies an appropriate selinux rule if the role is run in initrc_t context ++ ++# 1) using compiled file tmp/hostnamectl-fix.pp: ++# - name: Adding SELinux rule so that hostname will work from initrc_t context ++# block: ++# - name: copy SELinux Rule ++# copy: ++# src=tmp/hostnamectl-fix.pp ++# dest=/tmp/hostnamectl-fix.pp ++# - name: apply SELinux Rule ++# command: semodule -i /tmp/hostnamectl-fix.pp ++# when: sap_base_settings_register_selinux_context.stdout.split(':')[2] is defined and sap_base_settings_register_selinux_context.stdout.split(':')[2] == 'initrc_t' ++ ++# 2) using source file tmp/hostnamectl-fix.te: ++# - name: Get current SELinux context ++# command: "id -Z" ++# register: sap_base_settings_register_selinux_context ++# changed_when: false ++# ignore_errors: true ++# ++# - name: Debug current SELinux context ++# debug: ++# msg: "The current SELinux context is {{ sap_base_settings_register_selinux_context.stdout.split(':')[2] }} " ++# ignore_errors: true ++# ++# - name: Add SELinux rule so that hostname will work from initrc_t context ++# block: ++# - name: copy SELinux Rule ++# copy: ++# src=tmp/hostnamectl-fix.te ++# dest=/tmp/hostnamectl-fix.te ++# - name: compile SELinux module file ++# command: checkmodule -M -m -o /tmp/hostnamectl-fix.mod /tmp/hostnamectl-fix.te ++# - name: build SELinux policy package ++# command: semodule_package -M -m -o /tmp/hostnamectl-fix.pp /tmp/hostnamectl-fix.mod ++# - name: load SELinux policy package ++# command: semodule -i /tmp/hostnamectl-fix.pp ++# - name: Remove temporary files ++# file: path=/tmp/hostnamectl-fix.* ++# state=absent ++# when: sap_base_settings_register_selinux_context.stdout.split(':')[2] is defined and sap_base_settings_register_selinux_context.stdout.split(':')[2] == 'initrc_t' ++ ++- name: Ensure that the short hostname is set ++ ansible.builtin.hostname: ++ name: "{{ sap_hostname }}" ++ ++- name: "Ensure that the length of the hostname is not longer than 'sap_general_preconfigure_max_hostname_length'" ++ ansible.builtin.assert: ++ that: (sap_hostname | length | int) <= (sap_general_preconfigure_max_hostname_length | int) ++ msg: "The length of the hostname is {{ sap_hostname | length | int }} but must be less or equal to {{ sap_general_preconfigure_max_hostname_length }} (variable 'sap_general_preconfigure_max_hostname_length')!" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml +new file mode 100644 +index 0000000..192d900 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml +@@ -0,0 +1,22 @@ ++--- ++ ++- name: Set kernel parameters ++ ansible.builtin.lineinfile: ++ path: "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" ++ create: yes ++ mode: '0644' ++ regexp: ^{{ line_item.name }}.* ++ line: "{{ line_item.name }}={{ line_item.value }}" ++ state: present ++ with_items: "{{ sap_general_preconfigure_kernel_parameters }}" ++ loop_control: ++ loop_var: line_item ++ ++- name: Reload kernel parameters from file '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' ++ ansible.builtin.command: sysctl -p "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" ++ register: __sap_general_preconfigure_register_sap_conf_sysctl_p_output ++ changed_when: true ++ ++- name: Display kernel parameters after setting kernel.pid_max ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_sap_conf_sysctl_p_output.stdout_lines +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-selinux.yml +new file mode 100644 +index 0000000..f19e0cb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-selinux.yml +@@ -0,0 +1,116 @@ ++--- ++ ++- name: Set SELinux state to '{{ sap_general_preconfigure_selinux_state }}' in /etc/selinux/config ++ ansible.builtin.lineinfile: ++ path: /etc/selinux/config ++ regexp: ^SELINUX\s*=.* ++ line: "SELINUX={{ sap_general_preconfigure_selinux_state }}" ++ state: present ++ register: __sap_general_preconfigure_register_selinux_config_state_changed ++ notify: __sap_general_preconfigure_reboot_handler ++ ++- name: Set SELinux type to 'targeted' in /etc/selinux/config ++ ansible.builtin.lineinfile: ++ path: /etc/selinux/config ++ regexp: ^SELINUXTYPE\s*=.* ++ line: 'SELINUXTYPE=targeted' ++ state: present ++ register: __sap_general_preconfigure_register_selinux_config_type_changed ++ notify: __sap_general_preconfigure_reboot_handler ++ ++# Set a new SELinux mode variable to the SELinux status if 'disabled' or otherwise to ++# the value of the 'mode' member ('permissive' or 'enforcing') ++- name: SELinux - Set an SELinux mode variable ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_selinux_mode: "{{ (ansible_selinux.status == 'disabled') | ternary(ansible_selinux.status, ansible_selinux.mode) }}" ++ ++- name: SELinux - Display the current SELinux mode or status ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_fact_selinux_mode ++ ++# Reason for noqa: We need to notify a handler in another role, which is not possible from a handler in the current role ++- name: SELinux - Set the flag that reboot is needed to apply changes # noqa no-handler ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_fact_reboot_required: true ++ when: __sap_general_preconfigure_register_selinux_config_state_changed.changed or __sap_general_preconfigure_register_selinux_config_type_changed.changed or __sap_general_preconfigure_fact_selinux_mode != sap_general_preconfigure_selinux_state ++ ++- name: SELinux - Call Reboot handler if necessary ++ ansible.builtin.command: /bin/true ++ notify: __sap_general_preconfigure_reboot_handler ++ changed_when: false ++ when: __sap_general_preconfigure_fact_selinux_mode != sap_general_preconfigure_selinux_state ++ ++- name: Set or unset SELinux kernel parameter, RHEL 8 and RHEL 9 ++ when: ++ - ansible_os_family == 'RedHat' ++ - ( ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' ) ++ block: ++ ++ - name: SELinux - Examine grub entries ++ ansible.builtin.shell: set -o pipefail && grubby --info=ALL | awk 'BEGIN{a=0;b=0}/^args/{a++}/selinux=0/{b++}END{print a, b}' ++ register: __sap_general_preconfigure_register_grubby_info_all_selinux ++ check_mode: no ++ changed_when: false ++ ++ - name: Disable SELinux on the kernel command line, RHEL 8 and RHEL 9 ++ when: ++ - sap_general_preconfigure_selinux_state == 'disabled' ++ - __sap_general_preconfigure_register_grubby_info_all_selinux.stdout.split(' ').1 != __sap_general_preconfigure_register_grubby_info_all_selinux.stdout.split(' ').0 ++ block: ++ ++# If the number of grub entries for args is different from the number of grub entries with "selinux=0", ++# we know that at least one grub entry is missing "selinux=0", so we make sure that all grub entries ++# contain "selinux=0" ++ - name: Disable SELinux also on the kernel command line, RHEL 8 and RHEL 9 ++ ansible.builtin.command: grubby --args="selinux=0" --update-kernel=ALL ++ notify: __sap_general_preconfigure_reboot_handler ++ changed_when: yes ++ ++# Reason for noqa: We need to notify a handler in another role, which is not possible from a handler in the current role ++ - name: SELinux, disable on the kernel command line - Set the flag that reboot is needed to apply changes # noqa no-handler ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_fact_reboot_required: true ++ ++ - name: Enable SELinux on the kernel command line, RHEL 8 and RHEL 9 ++ when: ++ - sap_general_preconfigure_selinux_state == 'enforcing' or sap_general_preconfigure_selinux_state == 'permissive' ++ - __sap_general_preconfigure_register_grubby_info_all_selinux.stdout.split(' ').1 != '0' ++ block: ++ ++# If the number of grub entries for args with "selinux=0" is not 0, we know that there is at least ++# one grub entry with "selinux=0", so we make sure that no grub entry contains "selinux=0" ++ - name: Make sure SELinux is not disabled on the kernel command line, RHEL 8 and RHEL 9 ++ ansible.builtin.command: grubby --remove-args="selinux" --update-kernel=ALL ++ notify: __sap_general_preconfigure_reboot_handler ++ changed_when: yes ++ ++# Reason for noqa: We need to notify a handler in another role, which is not possible from a handler in the current role ++ - name: SELinux, enable on the kernel command line - Set the flag that reboot is needed to apply changes # noqa no-handler ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_fact_reboot_required: true ++ ++- name: SELinux - Display the content of sap_general_preconfigure_fact_reboot_required ++ ansible.builtin.debug: ++ var: sap_general_preconfigure_fact_reboot_required | d(false) ++ ++- name: SELinux - Warn if the SELinux file contexts cannot be set ++ ansible.builtin.debug: ++ msg: "WARN: The SELinux file context cannot be set on an SELinux disabled system!" ++ when: ++ - sap_general_preconfigure_modify_selinux_labels ++ - __sap_general_preconfigure_fact_selinux_mode == 'disabled' ++ ++- name: SELinux - Configure SELinux file contexts ++ ansible.builtin.include_role: ++ name: '{{ sap_general_preconfigure_system_roles_collection }}.selinux' ++ vars: ++ selinux_booleans: ++ - {name: 'selinuxuser_execmod', state: 'on'} ++ selinux_fcontexts: ++ - "{{ sap_general_preconfigure_fact_targets_setypes }}" ++ selinux_restore_dirs: ++ - "{{ sap_general_preconfigure_sap_directories }}" ++ when: ++ - sap_general_preconfigure_modify_selinux_labels ++ - sap_general_preconfigure_selinux_state != 'disabled' ++ - __sap_general_preconfigure_fact_selinux_mode != 'disabled' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-systemd-tmpfiles.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-systemd-tmpfiles.yml +new file mode 100644 +index 0000000..3c81e52 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-systemd-tmpfiles.yml +@@ -0,0 +1,21 @@ ++--- ++ ++- name: Copy file /etc/tmpfiles.d/sap.conf, RHEL 7 or 8 ++ ansible.builtin.copy: ++ src: etc/tmpfiles.d/sap.conf ++ dest: /etc/tmpfiles.d/sap.conf ++ owner: root ++ group: root ++ mode: '0644' ++ backup: yes ++ when: ansible_distribution_major_version != '9' ++ ++- name: Copy file /etc/tmpfiles.d/sap.conf, RHEL 9 ++ ansible.builtin.copy: ++ src: etc/tmpfiles.d/sap_RedHat_9.conf ++ dest: /etc/tmpfiles.d/sap.conf ++ owner: root ++ group: root ++ mode: '0644' ++ backup: yes ++ when: ansible_distribution_major_version == '9' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-tmpfs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-tmpfs.yml +new file mode 100644 +index 0000000..ebda944 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-tmpfs.yml +@@ -0,0 +1,24 @@ ++--- ++ ++- name: Configure tmpfs in /etc/fstab ++ ansible.builtin.lineinfile: ++ path: /etc/fstab ++ regexp: '/dev/shm' ++ line: "none /dev/shm tmpfs defaults,size={{ sap_general_preconfigure_size_of_tmpfs_gb }}G 0 0" ++ state: present ++ notify: __sap_general_preconfigure_mount_tmpfs_handler ++ ++# The following is necessary to trigger a remount of /dev/shm in case the handler has not been notified ++# from the previous task ++- name: Get the current size of /dev/shm ++ ansible.builtin.shell: df -hl /dev/shm | awk '/\/dev\/shm/&&/tmpfs/{gsub ("G", ""); print $2}' ++ register: __sap_general_preconfigure_register_df_shm ++ ignore_errors: yes ++ changed_when: no ++ check_mode: no ++ ++- name: Trigger remounting if /dev/shm has not the expected size ++ ansible.builtin.command: /bin/true ++ notify: __sap_general_preconfigure_mount_tmpfs_handler ++ changed_when: false ++ when: __sap_general_preconfigure_register_df_shm.stdout != sap_general_preconfigure_size_of_tmpfs_gb +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-uuidd.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-uuidd.yml +new file mode 100644 +index 0000000..16e3dbc +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-uuidd.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: Enable and start service uuidd ++ ansible.builtin.systemd: ++ name: uuidd ++ enabled: yes ++ state: started ++ ++- name: Enable and start service uuidd.socket ++ ansible.builtin.systemd: ++ name: uuidd.socket ++ enabled: yes ++ state: started +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nofile-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nofile-limits.yml +new file mode 100644 +index 0000000..ecd59eb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nofile-limits.yml +@@ -0,0 +1,35 @@ ++--- ++ ++# Reasons for noqa: 1. Tabs can increase readability; ++# 2. The example in man limits.conf is tab formatted; ++# 3. It is difficult to replace tabs by spaces for entries for which their lengths are not known ++- name: Set the hard and soft limit for the max number of open files per process (nofile) to 1048576 for group 'sapsys' # noqa no-tabs ++ ansible.builtin.lineinfile: ++ path: /etc/security/limits.d/99-sap.conf ++ create: yes ++ mode: 0644 ++ regexp: '^@sapsys\s+{{ line_item }}\s+nofile\s.*' ++ line: "@sapsys\t{{ line_item }}\tnofile\t1048576" ++ with_items: ++ - hard ++ - soft ++ loop_control: ++ loop_var: line_item ++ ++# Reasons for noqa: 1. Tabs can increase readability; ++# 2. The example in man limits.conf is tab formatted; ++# 3. It is difficult to replace tabs by spaces for entries for which their lengths are not known ++- name: Set the hard and soft limit for the max number of open files per process (nofile) to 1048576 for group '{{ sap_general_preconfigure_db_group_name }}' # noqa no-tabs ++ ansible.builtin.lineinfile: ++ path: /etc/security/limits.d/99-sap.conf ++ create: yes ++ mode: 0644 ++ regexp: '^@{{ sap_general_preconfigure_db_group_name }}\s+{{ line_item }}\s+nofile\s.*' ++ line: "@{{ sap_general_preconfigure_db_group_name }}\t{{ line_item }}\tnofile\t1048576" ++ with_items: ++ - hard ++ - soft ++ loop_control: ++ loop_var: line_item ++ when: ++ - sap_general_preconfigure_db_group_name is defined +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nproc-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nproc-limits.yml +new file mode 100644 +index 0000000..bbb44a0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/generic/increase-nproc-limits.yml +@@ -0,0 +1,35 @@ ++--- ++ ++# Reasons for noqa: 1. Tabs can increase readability; ++# 2. The example in man limits.conf is tab formatted; ++# 3. It is difficult to replace tabs by spaces for entries for which their lengths are not known ++- name: Set the hard and soft limit for the max number of processes per user (nproc) to unlimited for group 'sapsys' # noqa no-tabs ++ ansible.builtin.lineinfile: ++ path: /etc/security/limits.d/99-sap.conf ++ create: yes ++ mode: 0644 ++ regexp: '^@sapsys\s+{{ line_item }}\s+nproc\s.*' ++ line: "@sapsys\t{{ line_item }}\tnproc\tunlimited" ++ with_items: ++ - hard ++ - soft ++ loop_control: ++ loop_var: line_item ++ ++# Reasons for noqa: 1. Tabs can increase readability; ++# 2. The example in man limits.conf is tab formatted; ++# 3. It is difficult to replace tabs by spaces for entries for which their lengths are not known ++- name: Set the hard and soft limit for the max number of processes per user (nproc) to unlimited for group '{{ sap_general_preconfigure_db_group_name }}' # noqa no-tabs ++ ansible.builtin.lineinfile: ++ path: /etc/security/limits.d/99-sap.conf ++ create: yes ++ mode: 0644 ++ regexp: '^@{{ sap_general_preconfigure_db_group_name }}\s+{{ line_item }}\s+nproc\s.*' ++ line: "@{{ sap_general_preconfigure_db_group_name }}\t{{ line_item }}\tnproc\tunlimited" ++ with_items: ++ - hard ++ - soft ++ loop_control: ++ loop_var: line_item ++ when: ++ - sap_general_preconfigure_db_group_name is defined +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/installation.yml +new file mode 100644 +index 0000000..1411003 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/RedHat/installation.yml +@@ -0,0 +1,271 @@ ++--- ++ ++- name: Perform steps for enabling required repos ++ when: sap_general_preconfigure_enable_repos ++ block: ++ ++ - name: Unset list of RHEL repos, SAP NetWeaver ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_netweaver_repos: '' ++ when: not sap_general_preconfigure_use_netweaver_repos ++ ++ - name: Unset list of RHEL repos, SAP HANA ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_hana_repos: '' ++ when: not sap_general_preconfigure_use_hana_repos ++ ++ - name: Unset list of RHEL repos, high availability ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_ha_repos: '' ++ when: not sap_general_preconfigure_use_ha_repos ++ ++ - name: Set final list of repos, non-s390x, auto ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_repos: "{{ __sap_general_preconfigure_req_os_repos | list + __sap_general_preconfigure_req_netweaver_repos | list + __sap_general_preconfigure_req_hana_repos | list + __sap_general_preconfigure_req_ha_repos | list }}" ++ when: ++ - sap_general_preconfigure_req_repos is undefined ++ - ansible_architecture != 's390x' ++ ++ - name: Set final list of repos, s390x, auto ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_repos: "{{ __sap_general_preconfigure_req_os_repos | list + __sap_general_preconfigure_req_netweaver_repos | list + __sap_general_preconfigure_req_ha_repos | list }}" ++ when: ++ - sap_general_preconfigure_req_repos is undefined ++ - ansible_architecture == 's390x' ++ ++ - name: Set final list of repos, manual ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_req_repos: "{{ sap_general_preconfigure_req_repos }}" ++ when: sap_general_preconfigure_req_repos is defined ++ ++ - name: Set subscription-manager argument for disabling all other repos to empty string ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_disable_all_other_repos_arg: '' ++ when: not sap_general_preconfigure_disable_all_other_repos ++ ++ - name: Set subscription-manager argument for disabling all other repos before enabling the desired ones ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_disable_all_other_repos_arg: '--disable="*" ' ++ when: sap_general_preconfigure_disable_all_other_repos ++ ++ - name: Construct valid argument list to the subscription-manager repos command ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_required_repos_args: "{{ ['--enable='] | product(__sap_general_preconfigure_req_repos) | map('join') | list }}" ++ ++ - name: Set fact for the subscription-manager command ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_subscription_manager_command: "subscription-manager repos {{ __sap_general_preconfigure_fact_disable_all_other_repos_arg }} {{ __sap_general_preconfigure_fact_required_repos_args | map('quote') | join(' ') }}" ++ ++ - name: Display the subscription-manager command ++ ansible.builtin.debug: ++ msg: "Command: {{ __sap_general_preconfigure_fact_subscription_manager_command }}" ++ ++# Reason for noqa: Avoid calling one more command for getting the currently enabled repos ++# and then having to compare the output against the list of desired repos ++ - name: Run the subscription-manager command # noqa no-changed-when ++ ansible.builtin.command: "{{ __sap_general_preconfigure_fact_subscription_manager_command }}" ++ ++# Reason for noqa: We need the output of the yum command ++ - name: Get list of enabled repositories ++ ansible.builtin.command: "yum repolist" # noqa command-instead-of-module ++ register: __sap_general_preconfigure_register_yum_repolist ++ changed_when: false ++ ++ - name: Display the list of enabled repositories ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_yum_repolist.stdout_lines ++ ++- name: Detect if the RHEL minor release lock is set ++ ansible.builtin.shell: set -o pipefail && subscription-manager release --show | awk '{print $NF}' ++ register: __sap_general_preconfigure_register_subscription_manager_release ++ changed_when: false ++ when: sap_general_preconfigure_set_minor_release ++ ++- name: Assert that the RHEL minor release lock is set ++ ansible.builtin.debug: ++ msg: "The RHEL minor release lock is set correctly to '{{ __sap_general_preconfigure_register_subscription_manager_release.stdout }}'." ++ when: ++ - sap_general_preconfigure_set_minor_release ++ - __sap_general_preconfigure_register_subscription_manager_release.stdout == ansible_distribution_version ++ ++# Reason for noqa: Finding out if the minor release has already been set would require one more task. ++- name: Set the minor RHEL release # noqa no-changed-when ++ ansible.builtin.command: subscription-manager release --set="{{ ansible_distribution_version }}" ++ when: ++ - sap_general_preconfigure_set_minor_release ++ - __sap_general_preconfigure_register_subscription_manager_release.stdout != ansible_distribution_version ++ ++- name: Ensure that the required package groups are installed, RHEL 7 ++ ansible.builtin.package: ++ name: "{{ sap_general_preconfigure_packagegroups }}" ++ state: present ++ when: ansible_distribution_major_version == '7' ++ ++# Note: We do not want package updates, see also Red Hat bug 1983749. ++# Because the installation of an environment or package group is not guaranteed to avoid package updates, ++# and because of bug 2011426 (for which the fix is not available in the RHEL 8.1 ISO image), a RHEL 8.1 ++# system might not boot after installing environment group Server. ++# Reason for noqa: Finding out if packages already are installed would require one more task. ++- name: Ensure that the required package groups are installed, RHEL 8 and RHEL 9 # noqa command-instead-of-module no-changed-when ++ ansible.builtin.command: "yum install {{ sap_general_preconfigure_packagegroups | join(' ') }} --nobest --exclude=kernel* -y" ++ register: __sap_general_preconfigure_register_yum_group_install ++ when: ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' ++ ++# possible replacement once we no longer need Ansible 2.9 compatibility: ++#- name: Ensure that the required package groups are installed, RHEL 8 and 9 ++# ansible.builtin.package: ++# name: "{{ sap_general_preconfigure_packagegroups }}" ++# state: present ++# nobest: true # supported from Ansible 2.11 ++# register: __sap_general_preconfigure_register_yum_group_install ++# when: ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' ++ ++- name: Ensure that the required packages are installed ++ ansible.builtin.package: ++ name: "{{ sap_general_preconfigure_packages }}" ++ state: present ++ ++- name: Install the ibm-power-repo package ++ ansible.builtin.package: ++ name: "{{ sap_general_preconfigure_ibm_power_repo_url }}" ++ state: present ++ disable_gpg_check: true ++ when: ++ - ansible_architecture == "ppc64le" ++ - sap_general_preconfigure_install_ibm_power_tools | d(true) ++ - sap_general_preconfigure_add_ibm_power_repo | d(true) ++ ++- name: Accept the license for the IBM Service and Productivity Tools ++ ansible.builtin.shell: LESS=+q /opt/ibm/lop/configure <<<'y' ++ changed_when: true ++ when: ++ - ansible_architecture == "ppc64le" ++ - sap_general_preconfigure_install_ibm_power_tools | d(true) ++ - sap_general_preconfigure_add_ibm_power_repo | d(true) ++ ++# Reason for noqa: Both yum and dnf support "state: latest" ++- name: Install the IBM Service and Productivity Tools # noqa package-latest ++ ansible.builtin.package: ++ state: latest ++ name: "{{ __sap_general_preconfigure_required_ppc64le }}" ++ when: ++ - ansible_architecture == "ppc64le" ++ - sap_general_preconfigure_install_ibm_power_tools | d(true) ++ ++- name: Ensure that the minimum required package versions are installed ++ when: ++ - sap_general_preconfigure_min_package_check | bool ++ - __sap_general_preconfigure_min_pkgs | d([]) ++ block: ++ ++# Reason for noqa: We can safely fail at the last command in the pipeline. ++ - name: Create a list of minimum required package versions to be installed # noqa risky-shell-pipe ++# How does it work? ++# 1 - Print the required package name and version with a prefix "1" followed by a space. ++# 2 - In the same output sequence, list all installed versions of this package with a prefix "2" followed by a space. ++# 3 - Replace all occurrences of ".el" by ".0.0" so that the sort -V correctly sorts packages with ".el" in its name ++# 4 - Sort the list by the name and version. ++# 5 - Replace ".0.0" by ".el" again to get back the original names. ++# 6 - Store the last installed version of the package in variable latestpkg. ++# 7 - Store the last content of column 1 in variable col1, the last content of column 2 in variable col2, ++# and the last number of fields in variable _nf. ++# 8 - case 1: If the last number of output fields is greater than 2, it indicates that the package is not installed ++# because the output of "rpm -q" will be similar to "package XXX is not installed". ++# 8 - case 2a: If the first column of the last line of the output is "1", it means that the required package is ++# the latest of all required and installed versions of the package, so it means that the package needs ++# to be updated. ++# 8 - case 2b: If the first column of the last line of the output is "2", it means that at least of the installed ++# versions the package is equal to or greater than the required package version. ++ ansible.builtin.shell: | ++ (echo "1 {{ pkg[0] }}-{{ pkg[1] }}";rpm -q --qf "%{NAME}-%{VERSION}-%{RELEASE}\n" {{ pkg[0] }} | ++ awk '{printf ("2 %s\n", $0)}') | ++ awk '{gsub ("\\.el", ".0.0"); print}' | ++ sort -k 2 -k 1 -V | ++ awk '{gsub ("\\.0\\.0", ".el"); col1=$1; col2=$2; _nf=NF} ++ $1==2{latestpkg=$2} ++ END { ++ if (_nf>2) { ++ printf ("{{ pkg[0] }}-{{ pkg[1] }}\n") ++ } else { ++ if (col1==1) { ++ printf ("{{ pkg[0] }}-{{ pkg[1] }}\n") ++ } ++ } ++ }' ++ with_list: "{{ __sap_general_preconfigure_min_pkgs }}" ++ loop_control: ++ loop_var: pkg ++ check_mode: no ++ register: __sap_general_preconfigure_register_minpkglist ++ changed_when: no ++ ++ - name: Display the content of the minimum package list variable ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_minpkglist ++ ++ - name: Install minimum packages if required ++ ansible.builtin.package: ++ name: "{{ line_item.stdout }}" ++ state: present ++ with_items: "{{ __sap_general_preconfigure_register_minpkglist.results }}" ++ loop_control: ++ loop_var: line_item ++ ++# Reason for noqa: Both yum and dnf support "state: latest" ++- name: Ensure that the system is updated to the latest patchlevel # noqa package-latest ++ ansible.builtin.package: ++ state: latest ++ name: "*" ++ when: sap_general_preconfigure_update ++ ++- name: "Set needs-restarting command in case of RHEL 7" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command: "needs-restarting -r" ++ when: ansible_distribution_major_version == '7' ++ ++- name: "Set needs-restarting command in case of RHEL 8 or RHEL 9, except RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command: "yum needs-restarting -r" ++ when: ++ - (ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' ) ++ - ansible_distribution_version != '8.0' ++ ++- name: "Set customized needs-restarting command in case of RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command: "_IKRNL=$(rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,\"\"); print $1}'); _CKRNL=$(uname -r); if [ ${_IKRNL} != ${_CKRNL} ]; then exit 1; else exit 0; fi" ++ when: ansible_distribution_version == '8.0' ++ ++- name: Display the command for checking a reboot requirement ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_fact_needs_restarting_command ++ ++# Reason for noqa: The command to be executed might contain pipes ++- name: Determine if the system needs to be restarted # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_general_preconfigure_fact_needs_restarting_command }}" ++ register: __sap_general_preconfigure_register_needs_restarting ++ ignore_errors: true ++ changed_when: false ++ check_mode: false ++ ++- name: Display the output of the reboot requirement check ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_needs_restarting ++ ++- name: Set the reboot requirement flag to false ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_fact_reboot_required: false ++ ++- name: For needs-restarting - Set the flag that reboot is needed to apply changes ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_fact_reboot_required: true ++ when: __sap_general_preconfigure_register_needs_restarting is failed ++ ++- name: For needs-restarting - Display the content of sap_general_preconfigure_fact_reboot_required ++ ansible.builtin.debug: ++ var: sap_general_preconfigure_fact_reboot_required ++ ++- name: Call Reboot handler if necessary ++ ansible.builtin.command: /bin/true ++ notify: __sap_general_preconfigure_reboot_handler ++ changed_when: false ++ when: __sap_general_preconfigure_register_needs_restarting is failed +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/assert-configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/assert-configuration.yml +new file mode 100644 +index 0000000..dc12b02 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/assert-configuration.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Assert - List required SAP Notes ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_sapnotes_versions | difference(['']) ++ ++- name: Gather service facts ++ ansible.builtin.service_facts: ++ ++- name: Assert - Include configuration actions for required sapnotes ++ ansible.builtin.include_tasks: "sapnote/assert-{{ sap_note_line_item.number }}.yml" ++ with_items: "{{ __sap_general_preconfigure_sapnotes_versions | difference(['']) }}" ++ loop_control: ++ loop_var: sap_note_line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml +new file mode 100644 +index 0000000..2d29556 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml +@@ -0,0 +1,143 @@ ++--- ++ ++- name: Assert that all required packages are installed ++ ansible.builtin.assert: ++ that: line_item in ansible_facts.packages ++ fail_msg: "FAIL: Package '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Package '{{ line_item }}' is installed." ++ with_items: ++ - "{{ sap_general_preconfigure_packages }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Minimum required package version check ++ when: ++ - sap_general_preconfigure_min_package_check | bool ++ - __sap_general_preconfigure_min_pkgs | d([]) ++ block: ++ ++# Reason for noqa: We can safely fail at the last command in the pipeline. ++ - name: Assert - Create a list of minimum required package versions to be installed # noqa risky-shell-pipe ++# How does it work? ++# 1 - Print the required package name and version with a prefix "1" followed by a space. ++# 2 - In the same output sequence, list all installed versions of this package with a prefix "2" followed by a space. ++# 3 - Replace all occurrences of ".el" by ".0.0" so that the sort -V correctly sorts packages with ".el" in its name ++# 4 - Sort the list by the name and version. ++# 5 - Replace ".0.0" by ".el" again to get back the original names. ++# 6 - Store the last installed version of the package in variable latestpkg. ++# 7 - Store the last content of column 1 in variable col1, the last content of column 2 in variable col2, ++# and the last number of fields in variable _nf. ++# 8 - case 1: If the last number of output fields is greater than 2, it indicates that the package is not installed ++# because the output of "rpm -q" will be similar to "package XXX is not installed". ++# 8 - case 2a: If the first column of the last line of the output is "1", it means that the required package is ++# the latest of all required and installed versions of the package, so it means that the package needs ++# to be updated. ++# 8 - case 2b: If the first column of the last line of the output is "2", it means that at least of the installed ++# versions the package is equal to or greater than the required package version. ++ ansible.builtin.shell: | ++ (echo "1 {{ pkg[0] }}-{{ pkg[1] }}";rpm -q --qf "%{NAME}-%{VERSION}-%{RELEASE}\n" {{ pkg[0] }} | ++ awk '{printf ("2 %s\n", $0)}') | ++ awk '{gsub ("\\.el", ".0.0"); print}' | ++ sort -k 2 -k 1 -V | ++ awk '{gsub ("\\.0\\.0", ".el"); col1=$1; col2=$2; _nf=NF} ++ $1==2{latestpkg=$2} ++ END { ++ if (_nf>2) { ++ printf ("Package '\''{{ pkg[0] }}'\'' needs to be installed as {{ pkg[0] }}-{{ pkg[1] }}!\n") ++ } else { ++ if (col1==1) { ++ printf ("Package '\''{{ pkg[0] }}'\'' needs to be updated to %s! Currently installed latest version: %s.\n", $2, latestpkg) ++ } ++ if (col1==2) { ++ printf ("Package '\''{{ pkg[0] }}'\'' is already installed as {{ pkg[0] }}-{{ pkg[1] }} or later. Currently installed latest version: %s.\n", latestpkg) ++ } ++ } ++ }' ++ with_list: "{{ __sap_general_preconfigure_min_pkgs }}" ++ loop_control: ++ loop_var: pkg ++ check_mode: no ++ register: __sap_general_preconfigure_register_minpkglist_assert ++ changed_when: no ++ ++ - name: Assert that minimum required package versions are installed ++# If the output includes the string "is already installed" (case 2b), we have a PASS. Otherwise, it's a FAIL. ++ ansible.builtin.assert: ++ that: "'is already installed' in line_item.stdout" ++ fail_msg: "FAIL: {{ line_item.stdout }}" ++ success_msg: "PASS: {{ line_item.stdout }}" ++ with_items: "{{ __sap_general_preconfigure_register_minpkglist_assert.results }}" ++ loop_control: ++ loop_var: line_item ++ label: "" ++ ignore_errors: yes ++ ++- name: Report if no minimum required package version is defined for this RHEL release ++ ansible.builtin.debug: ++ msg: "INFO: No minimum required package version defined (variable __sap_general_preconfigure_min_pkgs)." ++ ignore_errors: yes ++ when: not __sap_general_preconfigure_min_pkgs | d([]) ++ ++# Reason for noqa: The yum module appears to not support the check-update option ++- name: Get info about possible package updates # noqa command-instead-of-module ++ ansible.builtin.command: yum check-update ++ register: __sap_general_preconfigure_register_yum_check_update_assert ++ changed_when: false ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: sap_general_preconfigure_update ++ ++- name: Assert that there are no more possible package updates ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_yum_check_update_assert is success ++ fail_msg: "FAIL: System needs to be updated!" ++ success_msg: "PASS: There are no more outstanding package updates." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: sap_general_preconfigure_update ++ ++- name: Report if checking for possible package updates is not requested ++ ansible.builtin.debug: ++ msg: "INFO: Not checking for possible package updates (variable sap_general_preconfigure_update)." ++ ignore_errors: yes ++ when: not sap_general_preconfigure_update ++ ++- name: "Assert - Set needs-restarting command in case of RHEL 7" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command_assert: "needs-restarting -r" ++ when: ++ - ansible_os_family == 'RedHat' ++ - ansible_distribution_major_version == '7' ++ ++- name: "Assert - Set needs-restarting command in case of RHEL 8 or RHEL 9, except RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command_assert: "yum needs-restarting -r" ++ when: ++ - ansible_os_family == 'RedHat' ++ - (ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' ) ++ - ansible_distribution_version != '8.0' ++ ++- name: "Assert - Set customized needs-restarting command in case of RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_needs_restarting_command_assert: "_IKRNL=$(rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,\"\"); print $1}'); _CKRNL=$(uname -r); if [ ${_IKRNL} != ${_CKRNL} ]; then exit 1; else exit 0; fi" ++ when: ++ - ansible_os_family == 'RedHat' ++ - ansible_distribution_version == '8.0' ++ ++- name: Assert - Display the command for checking a reboot requirement ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_fact_needs_restarting_command_assert ++ ++# Reason for noqa: The command to be executed might contain pipes ++- name: Assert - Determine if the system needs to be restarted # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_general_preconfigure_fact_needs_restarting_command_assert }}" ++ register: __sap_general_preconfigure_register_needs_restarting_assert ++ changed_when: false ++ check_mode: false ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that system needs no restart ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_needs_restarting_assert is success ++ fail_msg: "FAIL: System needs to be restarted!" ++ success_msg: "PASS: System needs no restart." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/configuration.yml +new file mode 100644 +index 0000000..8537434 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/configuration.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: Configure - List required SAP Notes ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_sapnotes_versions | difference(['']) ++ ++- name: Configure - Include configuration actions for required sapnotes ++ ansible.builtin.include_tasks: "sapnote/{{ sap_note_line_item.number }}.yml" ++ with_items: "{{ __sap_general_preconfigure_sapnotes_versions | difference(['']) }}" ++ loop_control: ++ loop_var: sap_note_line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/installation.yml +new file mode 100644 +index 0000000..d13aef8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/SLES/installation.yml +@@ -0,0 +1,103 @@ ++--- ++ ++- name: Ensure that the required packages are installed ++ ansible.builtin.package: ++ state: present ++ name: "{{ sap_general_preconfigure_packages }}" ++ ++- name: Ensure that the minimum required package versions are installed ++ when: ++ - sap_general_preconfigure_min_package_check|bool ++ - __sap_general_preconfigure_min_pkgs|d([]) ++ block: ++ ++# Reason for noqa: We can safely fail at the last command in the pipeline. ++ - name: Create a list of minimum required package versions to be installed # noqa risky-shell-pipe ++# How does it work? ++# 1 - Print the required package name and version with a prefix "1" followed by a space. ++# 2 - In the same output sequence, list all installed versions of this package with a prefix "2" followed by a space. ++# 3 - Replace all occurrences of ".el" by ".0.0" so that the sort -V correctly sorts packages with ".el" in its name ++# 4 - Sort the list by the name and version. ++# 5 - Replace ".0.0" by ".el" again to get back the original names. ++# 6 - Store the last installed version of the package in variable latestpkg. ++# 7 - Store the last content of column 1 in variable col1, the last content of column 2 in variable col2, ++# and the last number of fields in variable _nf. ++# 8 - case 1: If the last number of output fields is greater than 2, it indicates that the package is not installed ++# because the output of "rpm -q" will be similar to "package XXX is not installed". ++# 8 - case 2a: If the first column of the last line of the output is "1", it means that the required package is ++# the latest of all required and installed versions of the package, so it means that the package needs ++# to be updated. ++# 8 - case 2b: If the first column of the last line of the output is "2", it means that at least of the installed ++# versions the package is equal to or greater than the required package version. ++ ansible.builtin.shell: | ++ (echo "1 {{ pkg[0] }}-{{ pkg[1] }}";rpm -q --qf "%{NAME}-%{VERSION}-%{RELEASE}\n" {{ pkg[0] }} | ++ awk '{printf ("2 %s\n", $0)}') | ++ awk '{gsub ("\\.el", ".0.0"); print}' | ++ sort -k 2 -k 1 -V | ++ awk '{gsub ("\\.0\\.0", ".el"); col1=$1; col2=$2; _nf=NF} ++ $1==2{latestpkg=$2} ++ END { ++ if (_nf>2) { ++ printf ("{{ pkg[0] }}-{{ pkg[1] }}\n") ++ } else { ++ if (col1==1) { ++ printf ("{{ pkg[0] }}-{{ pkg[1] }}\n") ++ } ++ } ++ }' ++ with_list: "{{ __sap_general_preconfigure_min_pkgs }}" ++ loop_control: ++ loop_var: pkg ++ check_mode: no ++ register: __sap_general_preconfigure_register_minpkglist ++ changed_when: no ++ ++ - name: Display the content of the minimum package list variable ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_minpkglist ++ ++ - name: Install minimum packages if required ++ ansible.builtin.package: ++ name: "{{ line_item.stdout }}" ++ state: present ++ with_items: "{{ __sap_general_preconfigure_register_minpkglist.results }}" ++ loop_control: ++ loop_var: line_item ++ ++# Reason for noqa: Both yum and dnf support "state: latest" ++- name: Ensure that the system is updated to the latest patchlevel # noqa package-latest ++ ansible.builtin.package: ++ state: latest ++ name: "*" ++ when: sap_general_preconfigure_update ++ ++# Reason for noqa: The command to be executed might contain pipes ++- name: Determine if the system needs to be restarted # noqa command-instead-of-shell ++ ansible.builtin.shell: "zypper ps" ++ register: __sap_general_preconfigure_register_needs_restarting ++ ignore_errors: true ++ changed_when: false ++ check_mode: false ++ ++- name: Display the output of the reboot requirement check ++ ansible.builtin.debug: ++ var: __sap_general_preconfigure_register_needs_restarting ++ ++- name: Set the reboot requirement flag to false ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_fact_reboot_required: false ++ ++- name: For needs-restarting - Set the flag that reboot is needed to apply changes ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_fact_reboot_required: true ++ when: __sap_general_preconfigure_register_needs_restarting is failed ++ ++- name: For needs-restarting - Display the content of sap_general_preconfigure_fact_reboot_required ++ ansible.builtin.debug: ++ var: sap_general_preconfigure_fact_reboot_required ++ ++- name: Call Reboot handler if necessary ++ ansible.builtin.command: /bin/true ++ notify: __sap_general_preconfigure_reboot_handler ++ changed_when: false ++ when: __sap_general_preconfigure_register_needs_restarting is failed +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/main.yml +new file mode 100644 +index 0000000..52b5fe1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/main.yml +@@ -0,0 +1,96 @@ ++--- ++ ++- name: Display the role path ++ ansible.builtin.debug: ++ var: role_path ++ ++- name: Include OS specific vars, specific ++ ansible.builtin.include_vars: '{{ item }}' ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_version }}.yml' ++ - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' ++ - '{{ ansible_os_family }}.yml' ++ ++- name: Rename user sap_preconfigure variables if found, generic ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_config_all: "{{ (sap_preconfigure_config_all | d(sap_general_preconfigure_config_all)) | d(true) }}" ++ sap_general_preconfigure_installation: "{{ (sap_preconfigure_installation | d(sap_general_preconfigure_installation)) | d(false) }}" ++ sap_general_preconfigure_configuration: "{{ (sap_preconfigure_configuration | d(sap_general_preconfigure_configuration)) | d(false) }}" ++ sap_general_preconfigure_assert: "{{ sap_preconfigure_assert | d(sap_general_preconfigure_assert) }}" ++ sap_general_preconfigure_assert_ignore_errors: "{{ sap_preconfigure_assert_ignore_errors | d(sap_general_preconfigure_assert_ignore_errors) }}" ++ sap_general_preconfigure_packagegroups: "{{ sap_preconfigure_packagegroups | d(sap_general_preconfigure_packagegroups) }}" ++ sap_general_preconfigure_envgroups: "{{ sap_preconfigure_envgroups | d(sap_general_preconfigure_envgroups) }}" ++ sap_general_preconfigure_packages: "{{ sap_preconfigure_packages | d(sap_general_preconfigure_packages) }}" ++ sap_general_preconfigure_min_package_check: "{{ sap_preconfigure_min_package_check | d(sap_general_preconfigure_min_package_check) }}" ++ sap_general_preconfigure_update: "{{ sap_preconfigure_update | d(sap_general_preconfigure_update) }}" ++ sap_general_preconfigure_reboot_ok: "{{ sap_preconfigure_reboot_ok | d(sap_general_preconfigure_reboot_ok) }}" ++ sap_general_preconfigure_fail_if_reboot_required: "{{ sap_preconfigure_fail_if_reboot_required | d(sap_general_preconfigure_fail_if_reboot_required) }}" ++ sap_general_preconfigure_selinux_state: "{{ sap_preconfigure_selinux_state | d(sap_general_preconfigure_selinux_state) }}" ++ sap_general_preconfigure_size_of_tmpfs_gb: "{{ sap_preconfigure_size_of_tmpfs_gb | d(sap_general_preconfigure_size_of_tmpfs_gb) }}" ++# sap_general_preconfigure_locale: "{{ sap_preconfigure_locale | d(sap_general_preconfigure_locale) }}" ++ sap_general_preconfigure_modify_etc_hosts: "{{ sap_preconfigure_modify_etc_hosts | d(sap_general_preconfigure_modify_etc_hosts) }}" ++ sap_general_preconfigure_kernel_parameters: "{{ sap_preconfigure_kernel_parameters | d(sap_general_preconfigure_kernel_parameters) }}" ++ sap_general_preconfigure_max_hostname_length: "{{ sap_preconfigure_max_hostname_length | d(sap_general_preconfigure_max_hostname_length) }}" ++ ++- name: Rename user sap_preconfigure variables if found, RHEL only ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_2002167_02: "{{ (sap_preconfigure_2002167_02 | d(sap_general_preconfigure_2002167_02)) | d(false) }}" ++ sap_general_preconfigure_2002167_03: "{{ (sap_preconfigure_2002167_03 | d(sap_general_preconfigure_2002167_03)) | d(false) }}" ++ sap_general_preconfigure_2002167_04: "{{ (sap_preconfigure_2002167_04 | d(sap_general_preconfigure_2002167_04)) | d(false) }}" ++ sap_general_preconfigure_2002167_05: "{{ (sap_preconfigure_2002167_05 | d(sap_general_preconfigure_2002167_05)) | d(false) }}" ++ sap_general_preconfigure_2002167_06: "{{ (sap_preconfigure_2002167_06 | d(sap_general_preconfigure_2002167_06)) | d(false) }}" ++ sap_general_preconfigure_0941735: "{{ (sap_preconfigure_0941735 | d(sap_general_preconfigure_0941735)) | d(false) }}" ++ sap_general_preconfigure_1391070: "{{ (sap_preconfigure_1391070 | d(sap_general_preconfigure_1391070)) | d(false) }}" ++ sap_general_preconfigure_1771258: "{{ (sap_preconfigure_1771258 | d(sap_general_preconfigure_1771258) | d(false)) }}" ++ sap_general_preconfigure_2772999_02: "{{ (sap_preconfigure_2772999_02 | d(sap_general_preconfigure_2772999_02) | d(false)) }}" ++ sap_general_preconfigure_2772999_03: "{{ (sap_preconfigure_2772999_03 | d(sap_general_preconfigure_2772999_03) | d(false)) }}" ++ sap_general_preconfigure_2772999_04: "{{ (sap_preconfigure_2772999_04 | d(sap_general_preconfigure_2772999_04) | d(false)) }}" ++ sap_general_preconfigure_2772999_05: "{{ (sap_preconfigure_2772999_05 | d(sap_general_preconfigure_2772999_05) | d(false)) }}" ++ sap_general_preconfigure_2772999_06: "{{ (sap_preconfigure_2772999_06 | d(sap_general_preconfigure_2772999_06) | d(false)) }}" ++ sap_general_preconfigure_2772999_07: "{{ (sap_preconfigure_2772999_07 | d(sap_general_preconfigure_2772999_07) | d(false)) }}" ++ sap_general_preconfigure_2772999_08: "{{ (sap_preconfigure_2772999_08 | d(sap_general_preconfigure_2772999_08)) | d(false) }}" ++ sap_general_preconfigure_2772999_09: "{{ (sap_preconfigure_2772999_09 | d(sap_general_preconfigure_2772999_09)) | d(false) }}" ++ sap_general_preconfigure_2772999_10: "{{ (sap_preconfigure_2772999_10 | d(sap_general_preconfigure_2772999_10)) | d(false) }}" ++ when: ansible_facts['distribution'] in ['RedHat'] ++ ++- name: Rename sap_preconfigure_db_group_name if defined ++ ansible.builtin.set_fact: ++ sap_general_preconfigure_db_group_name: "{{ sap_preconfigure_db_group_name | d(sap_general_preconfigure_db_group_name) }}" ++ when: sap_preconfigure_db_group_name is defined or sap_general_preconfigure_db_group_name is defined ++ ++- name: Set filename prefix to empty string if role is run in normal mode ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_assert_filename_prefix: "" ++ when: not sap_general_preconfigure_assert | d(false) ++ ++- name: Prepend filename with assert string if role is run in assert mode ++ ansible.builtin.set_fact: ++ __sap_general_preconfigure_fact_assert_filename_prefix: "assert-" ++ when: sap_general_preconfigure_assert | d(false) ++ ++# required for installation and configuration tasks: ++- name: Gather package facts ++ ansible.builtin.package_facts: ++ ++- name: Include tasks from 'installation.yml' ++ ansible.builtin.include_tasks: '{{ item }}/{{ __sap_general_preconfigure_fact_assert_filename_prefix }}installation.yml' ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_installation | d(false) ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}' ++ - '{{ ansible_distribution }}' ++ - '{{ ansible_os_family }}.yml' ++ ++- name: Gather package facts again after the installation phase ++ ansible.builtin.package_facts: ++ ++- name: Include tasks from 'configuration.yml' ++ ansible.builtin.include_tasks: '{{ item }}/{{ __sap_general_preconfigure_fact_assert_filename_prefix }}configuration.yml' ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_configuration | d(false) ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}' ++ - '{{ ansible_distribution }}' ++ - '{{ ansible_os_family }}.yml' ++ ++# allow a reboot at the end of the preconfigure role ++- name: Flush handlers ++ ansible.builtin.meta: flush_handlers +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/0941735.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/0941735.yml +new file mode 100644 +index 0000000..e092a26 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/0941735.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# Configure tmpfs ++- name: Configure - Display SAP note number 0941735 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^0941735$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^0941735$') | first).version }}): Configure tmpfs; memtotal_mb = {{ ansible_memtotal_mb }}; swaptotal_mb = {{ ansible_swaptotal_mb }}; sap_general_preconfigure_size_of_tmpfs_gb = {{ sap_general_preconfigure_size_of_tmpfs_gb }}" ++ ++- name: Import tasks from '../RedHat/generic/configure-tmpfs.yml' ++ ansible.builtin.import_tasks: ../RedHat/generic/configure-tmpfs.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_0941735 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/1391070.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/1391070.yml +new file mode 100644 +index 0000000..a3d1960 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/1391070.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# Linux-UUID-solutions ++- name: Configure - Display SAP note number 1391070 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^1391070$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^1391070$') | first).version }}): Configure uuidd" ++ ++- name: Import tasks from '../RedHat/generic/configure-uuidd.yml' ++ ansible.builtin.import_tasks: ../RedHat/generic/configure-uuidd.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_1391070 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/1771258.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/1771258.yml +new file mode 100644 +index 0000000..9dd7ad4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/1771258.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# Set nofile ++- name: Configure - Display SAP note number 1771258 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^1771258$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^1771258$') | first).version }}): User and system resource limits" ++ ++- name: Import tasks from '../RedHat/generic/increase-nofile-limits.yml' ++ ansible.builtin.import_tasks: ../RedHat/generic/increase-nofile-limits.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_1771258 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167.yml +new file mode 100644 +index 0000000..ddc67bc +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167.yml +@@ -0,0 +1,25 @@ ++--- ++ ++- name: Configure - Display SAP note number 2002167 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2002167$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2002167$') | first).version }}): Configure RHEL 7" ++ ++- name: Import tasks from '2002167/02-configuration-changes.yml' ++ ansible.builtin.import_tasks: 2002167/02-configuration-changes.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_02 | d(false) ++ ++- name: Import tasks from '2002167/03-setting-the-hostname.yml' ++ ansible.builtin.import_tasks: 2002167/03-setting-the-hostname.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_03 | d(false) ++ ++- name: Import tasks from '2002167/04-linux-kernel-parameters.yml' ++ ansible.builtin.import_tasks: 2002167/04-linux-kernel-parameters.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_04 | d(false) ++ ++- name: Import tasks from '2002167/05-process-resource-limits.yml' ++ ansible.builtin.import_tasks: 2002167/05-process-resource-limits.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_05 | d(false) ++ ++- name: Import tasks from '2002167/06-additional-notes-for-installing-sap-systems.yml' ++ ansible.builtin.import_tasks: 2002167/06-additional-notes-for-installing-sap-systems.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_06 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-assert-configuration-changes.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-assert-configuration-changes.yml +new file mode 100644 +index 0000000..cb5f0cb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-assert-configuration-changes.yml +@@ -0,0 +1,15 @@ ++--- ++ ++- name: Assert 2002167-2a ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 2a: Configure the Firewall" ++ ++- name: Import tasks from '../../RedHat/generic/assert-firewall.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-firewall.yml ++ ++- name: Assert 2002167-2b ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 2b: Configure SELinux" ++ ++- name: Import tasks from '../../RedHat/generic/assert-selinux.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-configuration-changes.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-configuration-changes.yml +new file mode 100644 +index 0000000..feaca9a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/02-configuration-changes.yml +@@ -0,0 +1,15 @@ ++--- ++ ++- name: Configure 2002167-2a ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 2a: Configure the Firewall" ++ ++- name: Import tasks from '../../RedHat/generic/configure-firewall.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-firewall.yml ++ ++- name: Configure 2002167-2b ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 2b: Configure SELinux" ++ ++- name: Import tasks from '../../RedHat/generic/configure-selinux.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-assert-setting-the-hostname.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-assert-setting-the-hostname.yml +new file mode 100644 +index 0000000..8c5dae0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-assert-setting-the-hostname.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Assert 2002167-3 ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 3: Setting the Hostname" ++ ++- name: Import tasks from '../../RedHat/generic/assert-hostname.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-hostname.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-etc-hosts.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-etc-hosts.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-dns-name-resolution.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-dns-name-resolution.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-setting-the-hostname.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-setting-the-hostname.yml +new file mode 100644 +index 0000000..7a59c12 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/03-setting-the-hostname.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Configure 2002167-3 ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 3: Setting the Hostname" ++ ++- name: Import tasks from '../../RedHat/generic/configure-hostname.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-hostname.yml ++ ++- name: Import tasks from '../../RedHat/generic/configure-etc-hosts.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-etc-hosts.yml ++ ++- name: Import tasks from '../../RedHat/generic/check-dns-name-resolution.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/check-dns-name-resolution.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-assert-linux-kernel-parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-assert-linux-kernel-parameters.yml +new file mode 100644 +index 0000000..c4f1be8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-assert-linux-kernel-parameters.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2002167-4 ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 4: Linux Kernel Parameters" ++ ++- name: Import tasks from '../../RedHat/generic/assert-kernel-parameters.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-kernel-parameters.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-linux-kernel-parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-linux-kernel-parameters.yml +new file mode 100644 +index 0000000..c428d82 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/04-linux-kernel-parameters.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2002167-4 ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 4: Linux Kernel Parameters" ++ ++- name: Import tasks from '../../RedHat/generic/configure-kernel-parameters.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-kernel-parameters.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-assert-process-resource-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-assert-process-resource-limits.yml +new file mode 100644 +index 0000000..6dc9736 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-assert-process-resource-limits.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: Assert 2002167-5 ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 5: Process Resource Limits" ++ ++- name: Import tasks from '../../RedHat/generic/assert-limits-conf-file.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-limits-conf-file.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-nproc-limits.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-nproc-limits.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-process-resource-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-process-resource-limits.yml +new file mode 100644 +index 0000000..ec91641 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/05-process-resource-limits.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2002167-5 ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 5: Process Resource Limits" ++ ++- name: Import tasks from '../../RedHat/generic/increase-nproc-limits.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/increase-nproc-limits.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-additional-notes-for-installing-sap-systems.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-additional-notes-for-installing-sap-systems.yml +new file mode 100644 +index 0000000..e922748 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-additional-notes-for-installing-sap-systems.yml +@@ -0,0 +1,20 @@ ++--- ++ ++- name: Configure 2002167-6 ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 6: Additional notes for installing SAP systems" ++ ++- name: Link LDAP library libldap ++ ansible.builtin.file: ++ src: /usr/lib64/libldap-2.3.so.0 ++ dest: /usr/lib64/libldap.so.199 ++ state: link ++ ++- name: Link LDAP library liblber ++ ansible.builtin.file: ++ src: /usr/lib64/liblber-2.3.so.0 ++ dest: /usr/lib64/liblber.so.199 ++ state: link ++ ++- name: Import tasks from '../../RedHat/generic/configure-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-systemd-tmpfiles.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-assert-additional-notes-for-installing-sap-systems.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-assert-additional-notes-for-installing-sap-systems.yml +new file mode 100644 +index 0000000..6ab03b8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2002167/06-assert-additional-notes-for-installing-sap-systems.yml +@@ -0,0 +1,64 @@ ++--- ++ ++- name: Assert 2002167-6 ++ ansible.builtin.debug: ++ msg: "SAP note 2002167 Step 6: Additional notes for installing SAP systems" ++ ++- name: Get info about file /usr/lib64/libldap.so.199 ++ ansible.builtin.stat: ++ path: /usr/lib64/libldap.so.199 ++ register: __sap_general_preconfigure_register_stat_libldap_assert ++ ++- name: Assert that file /usr/lib64/libldap.so.199 exists ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_libldap_assert.stat.exists ++ fail_msg: "FAIL: File /usr/lib64/libldap.so.199 does not exist!" ++ success_msg: "PASS: File /usr/lib64/libldap.so.199 exist." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that file /usr/lib64/libldap.so.199 is a link ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_libldap_assert.stat.islnk ++ fail_msg: "FAIL: File /usr/lib64/libldap.so.199 is not a link!" ++ success_msg: "PASS: File /usr/lib64/libldap.so.199 is a link." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_stat_libldap_assert.stat.exists ++ ++- name: Assert that file /usr/lib64/libldap.so.199 is a link to /usr/lib64/libldap-2.3.so.0 ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_libldap_assert.stat.lnk_target == '/usr/lib64/libldap-2.3.so.0' ++ fail_msg: "FAIL: File /usr/lib64/libldap.so.199 is not a link to /usr/lib64/libldap-2.3.so.0!" ++ success_msg: "PASS: File /usr/lib64/libldap.so.199 is a link to /usr/lib64/libldap-2.3.so.0." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_stat_libldap_assert.stat.exists ++ ++- name: Get info about file /usr/lib64/liblber.so.199 ++ ansible.builtin.stat: ++ path: /usr/lib64/liblber.so.199 ++ register: __sap_general_preconfigure_register_stat_liblber_assert ++ ++- name: Assert that file /usr/lib64/liblber.so.199 exists ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_liblber_assert.stat.exists ++ fail_msg: "FAIL: File /usr/lib64/liblber.so.199 does not exist!" ++ success_msg: "PASS: File /usr/lib64/liblber.so.199 exist." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that file /usr/lib64/liblber.so.199 exists and is a link ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_liblber_assert.stat.islnk ++ fail_msg: "FAIL: File /usr/lib64/liblber.so.199 is not a link!" ++ success_msg: "PASS: File /usr/lib64/liblber.so.199 is a link." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_stat_liblber_assert.stat.exists ++ ++- name: Assert that file /usr/lib64/liblber.so.199 is a link to /usr/lib64/liblber-2.3.so.0 ++ ansible.builtin.assert: ++ that: __sap_general_preconfigure_register_stat_liblber_assert.stat.lnk_target == '/usr/lib64/liblber-2.3.so.0' ++ fail_msg: "FAIL: File /usr/lib64/liblber.so.199 is not a link to /usr/lib64/liblber-2.3.so.0!" ++ success_msg: "PASS: File /usr/lib64/liblber.so.199 is a link to /usr/lib64/liblber-2.3.so.0." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_general_preconfigure_register_stat_liblber_assert.stat.exists ++ ++- name: Import tasks from '../../RedHat/generic/assert-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-systemd-tmpfiles.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999.yml +new file mode 100644 +index 0000000..a4b9a77 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999.yml +@@ -0,0 +1,41 @@ ++--- ++ ++- name: Configure - Display SAP note number 2772999 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2772999$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2772999$') | first).version }}): Configure RHEL 8" ++ ++- name: Import tasks from '2772999/02-configure-selinux.yml' ++ ansible.builtin.import_tasks: 2772999/02-configure-selinux.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_02 | d(false) ++ ++- name: Import tasks from '2772999/03-configure-hostname.yml' ++ ansible.builtin.import_tasks: 2772999/03-configure-hostname.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_03 | d(false) ++ ++- name: Import tasks from '2772999/04-configure-network-time-and-date.yml' ++ ansible.builtin.import_tasks: 2772999/04-configure-network-time-and-date.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_04 | d(false) ++ ++- name: Import tasks from '2772999/05-configure-firewall.yml' ++ ansible.builtin.import_tasks: 2772999/05-configure-firewall.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_05 | d(false) ++ ++- name: Import tasks from '2772999/06-configure-uuidd.yml' ++ ansible.builtin.import_tasks: 2772999/06-configure-uuidd.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_06 | d(false) ++ ++- name: Import tasks from '2772999/07-configure-tmpfs.yml' ++ ansible.builtin.import_tasks: 2772999/07-configure-tmpfs.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_07 | d(false) ++ ++- name: Import tasks from '2772999/08-configure-linux-kernel-parameters.yml' ++ ansible.builtin.import_tasks: 2772999/08-configure-linux-kernel-parameters.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_08 | d(false) ++ ++- name: Import tasks from '2772999/09-configure-process-resource-limits.yml' ++ ansible.builtin.import_tasks: 2772999/09-configure-process-resource-limits.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_09 | d(false) ++ ++- name: Import tasks from '2772999/10-configure-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: 2772999/10-configure-systemd-tmpfiles.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_10 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-assert-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-assert-selinux.yml +new file mode 100644 +index 0000000..f5cbea7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-assert-selinux.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2772999-2 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 2: Configure SELinux" ++ ++- name: Import tasks from '../../RedHat/generic/assert-selinux.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-configure-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-configure-selinux.yml +new file mode 100644 +index 0000000..e77d8d6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/02-configure-selinux.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2772999-2 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 2: Configure SELinux" ++ ++- name: Import tasks from '../../RedHat/generic/configure-selinux.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-assert-hostname.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-assert-hostname.yml +new file mode 100644 +index 0000000..6214a64 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-assert-hostname.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Assert 2772999-3 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 3: Configure Hostname" ++ ++- name: Import tasks from '../../RedHat/generic/assert-hostname.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-hostname.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-etc-hosts.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-etc-hosts.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-dns-name-resolution.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-dns-name-resolution.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-configure-hostname.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-configure-hostname.yml +new file mode 100644 +index 0000000..20204c9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/03-configure-hostname.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Configure 2772999-3 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 3: Configure Hostname" ++ ++- name: Import tasks from '../../RedHat/generic/configure-hostname.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-hostname.yml ++ ++- name: Import tasks from '../../RedHat/generic/configure-etc-hosts.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-etc-hosts.yml ++ ++- name: Import tasks from '../../RedHat/generic/check-dns-name-resolution.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/check-dns-name-resolution.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-assert-network-time-and-date.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-assert-network-time-and-date.yml +new file mode 100644 +index 0000000..28a36f5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-assert-network-time-and-date.yml +@@ -0,0 +1,26 @@ ++--- ++ ++- name: Assert 2772999-4 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 4: Configure Network Time and Date" ++ ++# Reason for noqa: We need to get the current status only ++- name: Get status of chronyd # noqa command-instead-of-module ++ ansible.builtin.command: systemctl status chronyd ++ register: __sap_general_preconfigure_register_chronyd_status_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that chronyd is enabled ++ ansible.builtin.assert: ++ that: "'/usr/lib/systemd/system/chronyd.service; enabled' in __sap_general_preconfigure_register_chronyd_status_assert.stdout" ++ fail_msg: "FAIL: Service 'chronyd' is not enabled!" ++ success_msg: "PASS: Service 'chronyd' is enabled." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that chronyd is active ++ ansible.builtin.assert: ++ that: "'active (running)' in __sap_general_preconfigure_register_chronyd_status_assert.stdout" ++ fail_msg: "FAIL: Service 'chronyd' is not active!" ++ success_msg: "PASS: Service 'chronyd' is active." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-configure-network-time-and-date.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-configure-network-time-and-date.yml +new file mode 100644 +index 0000000..6d51566 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/04-configure-network-time-and-date.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: Configure 2772999-4 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 4: Configure Network Time and Date" ++ ++- name: Start and enable service chronyd ++ ansible.builtin.systemd: ++ name: chronyd ++ state: started ++ enabled: yes +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-assert-firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-assert-firewall.yml +new file mode 100644 +index 0000000..4b974c6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-assert-firewall.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2772999-5 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 5: Configure the Firewall" ++ ++- name: Import tasks from '../../RedHat/generic/assert-firewall.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-firewall.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-configure-firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-configure-firewall.yml +new file mode 100644 +index 0000000..14b4b87 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/05-configure-firewall.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2772999-5 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 5: Configure the Firewall" ++ ++- name: Import tasks from '../../RedHat/generic/configure-firewall.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-firewall.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-assert-uuidd.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-assert-uuidd.yml +new file mode 100644 +index 0000000..c3cac06 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-assert-uuidd.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2772999-6 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 6: Configure uuidd" ++ ++- name: Import tasks from '../../RedHat/generic/assert-uuidd.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-uuidd.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-configure-uuidd.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-configure-uuidd.yml +new file mode 100644 +index 0000000..6736ab7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/06-configure-uuidd.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2772999-6 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 6: Configure uuidd" ++ ++- name: Import tasks from '../../RedHat/generic/configure-uuidd.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-uuidd.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-assert-tmpfs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-assert-tmpfs.yml +new file mode 100644 +index 0000000..18f23ab +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-assert-tmpfs.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2772999-7 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 7: Configure tmpfs; memtotal_mb = {{ ansible_memtotal_mb }}; swaptotal_mb = {{ ansible_swaptotal_mb }}; sap_general_preconfigure_size_of_tmpfs_gb = {{ sap_general_preconfigure_size_of_tmpfs_gb }}" ++ ++- name: Import tasks from '../../RedHat/generic/assert-tmpfs.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-tmpfs.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-configure-tmpfs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-configure-tmpfs.yml +new file mode 100644 +index 0000000..e2094f6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/07-configure-tmpfs.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2772999-7 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 7: Configure tmpfs; memtotal_mb = {{ ansible_memtotal_mb }}; swaptotal_mb = {{ ansible_swaptotal_mb }}; sap_general_preconfigure_size_of_tmpfs_gb = {{ sap_general_preconfigure_size_of_tmpfs_gb }}" ++ ++- name: Import tasks from '../../RedHat/generic/configure-tmpfs.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-tmpfs.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-assert-linux-kernel-parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-assert-linux-kernel-parameters.yml +new file mode 100644 +index 0000000..c4fdddd +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-assert-linux-kernel-parameters.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2772999-8 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 8: Configure Linux Kernel Parameters" ++ ++- name: Import tasks from '../../RedHat/generic/assert-kernel-parameters.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-kernel-parameters.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-configure-linux-kernel-parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-configure-linux-kernel-parameters.yml +new file mode 100644 +index 0000000..ef98d60 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/08-configure-linux-kernel-parameters.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2772999-8 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 8: Configure Linux Kernel Parameters" ++ ++- name: Import tasks from '../../RedHat/generic/configure-kernel-parameters.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-kernel-parameters.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-assert-process-resource-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-assert-process-resource-limits.yml +new file mode 100644 +index 0000000..4d11551 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-assert-process-resource-limits.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: Assert 2772999-9 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 9: Configure Process Resource Limits" ++ ++- name: Import tasks from '../../RedHat/generic/assert-limits-conf-file.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-limits-conf-file.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-nproc-limits.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-nproc-limits.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-configure-process-resource-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-configure-process-resource-limits.yml +new file mode 100644 +index 0000000..d04dd88 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/09-configure-process-resource-limits.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2772999-9 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 9: Configure Process Resource Limits" ++ ++- name: Import tasks from '../../RedHat/generic/increase-nproc-limits.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/increase-nproc-limits.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-assert-systemd-tmpfiles.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-assert-systemd-tmpfiles.yml +new file mode 100644 +index 0000000..a243017 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-assert-systemd-tmpfiles.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2772999-10 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 10: Configure systemd-tmpfiles" ++ ++- name: Import tasks from '../../RedHat/generic/assert-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-systemd-tmpfiles.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-configure-systemd-tmpfiles.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-configure-systemd-tmpfiles.yml +new file mode 100644 +index 0000000..6af6336 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/2772999/10-configure-systemd-tmpfiles.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2772999-10 ++ ansible.builtin.debug: ++ msg: "SAP note 2772999 Step 10: Configure systemd-tmpfiles" ++ ++- name: Import tasks from '../../RedHat/generic/configure-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-systemd-tmpfiles.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316.yml +new file mode 100644 +index 0000000..a8b68dc +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316.yml +@@ -0,0 +1,41 @@ ++--- ++ ++- name: Configure - Display SAP note number 3108316 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108316$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108316$') | first).version }}): Configure RHEL 8" ++ ++- name: Import tasks from '3108316/02-configure-selinux.yml' ++ ansible.builtin.import_tasks: 3108316/02-configure-selinux.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_02 | d(false) ++ ++- name: Import tasks from '3108316/03-configure-hostname.yml' ++ ansible.builtin.import_tasks: 3108316/03-configure-hostname.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_03 | d(false) ++ ++- name: Import tasks from '3108316/04-configure-network-time-and-date.yml' ++ ansible.builtin.import_tasks: 3108316/04-configure-network-time-and-date.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_04 | d(false) ++ ++- name: Import tasks from '3108316/05-configure-firewall.yml' ++ ansible.builtin.import_tasks: 3108316/05-configure-firewall.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_05 | d(false) ++ ++- name: Import tasks from '3108316/06-configure-uuidd.yml' ++ ansible.builtin.import_tasks: 3108316/06-configure-uuidd.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_06 | d(false) ++ ++- name: Import tasks from '3108316/07-configure-tmpfs.yml' ++ ansible.builtin.import_tasks: 3108316/07-configure-tmpfs.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_07 | d(false) ++ ++- name: Import tasks from '3108316/08-configure-linux-kernel-parameters.yml' ++ ansible.builtin.import_tasks: 3108316/08-configure-linux-kernel-parameters.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_08 | d(false) ++ ++- name: Import tasks from '3108316/09-configure-process-resource-limits.yml' ++ ansible.builtin.import_tasks: 3108316/09-configure-process-resource-limits.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_09 | d(false) ++ ++- name: Import tasks from '3108316/10-configure-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: 3108316/10-configure-systemd-tmpfiles.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_10 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-assert-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-assert-selinux.yml +new file mode 100644 +index 0000000..1c2fe6e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-assert-selinux.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108316-2 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 2: Configure SELinux" ++ ++- name: Import tasks from '../../RedHat/generic/assert-selinux.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-configure-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-configure-selinux.yml +new file mode 100644 +index 0000000..29a9501 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/02-configure-selinux.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108316-2 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 2: Configure SELinux" ++ ++- name: Import tasks from '../../RedHat/generic/configure-selinux.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-assert-hostname.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-assert-hostname.yml +new file mode 100644 +index 0000000..17aa807 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-assert-hostname.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Assert 3108316-3 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 3: Configure Hostname" ++ ++- name: Import tasks from '../../RedHat/generic/assert-hostname.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-hostname.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-etc-hosts.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-etc-hosts.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-dns-name-resolution.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-dns-name-resolution.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-configure-hostname.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-configure-hostname.yml +new file mode 100644 +index 0000000..d120c8e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/03-configure-hostname.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Configure 3108316-3 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 3: Configure Hostname" ++ ++- name: Import tasks from '../../RedHat/generic/configure-hostname.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-hostname.yml ++ ++- name: Import tasks from '../../RedHat/generic/configure-etc-hosts.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-etc-hosts.yml ++ ++- name: Import tasks from '../../RedHat/generic/check-dns-name-resolution.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/check-dns-name-resolution.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-assert-network-time-and-date.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-assert-network-time-and-date.yml +new file mode 100644 +index 0000000..f46e0aa +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-assert-network-time-and-date.yml +@@ -0,0 +1,26 @@ ++--- ++ ++- name: Assert 3108316-4 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 4: Configure Network Time and Date" ++ ++# Reason for noqa: We need to get the current status only ++- name: Get status of chronyd # noqa command-instead-of-module ++ ansible.builtin.command: systemctl status chronyd ++ register: __sap_general_preconfigure_register_chronyd_status_assert ++ ignore_errors: yes ++ changed_when: no ++ ++- name: Assert that chronyd is enabled ++ ansible.builtin.assert: ++ that: "'/usr/lib/systemd/system/chronyd.service; enabled' in __sap_general_preconfigure_register_chronyd_status_assert.stdout" ++ fail_msg: "FAIL: Service 'chronyd' is not enabled!" ++ success_msg: "PASS: Service 'chronyd' is enabled." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that chronyd is active ++ ansible.builtin.assert: ++ that: "'active (running)' in __sap_general_preconfigure_register_chronyd_status_assert.stdout" ++ fail_msg: "FAIL: Service 'chronyd' is not active!" ++ success_msg: "PASS: Service 'chronyd' is active." ++ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-configure-network-time-and-date.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-configure-network-time-and-date.yml +new file mode 100644 +index 0000000..510ca3f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/04-configure-network-time-and-date.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: Configure 3108316-4 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 4: Configure Network Time and Date" ++ ++- name: Start and enable service chronyd ++ ansible.builtin.systemd: ++ name: chronyd ++ state: started ++ enabled: yes +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-assert-firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-assert-firewall.yml +new file mode 100644 +index 0000000..9f70e16 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-assert-firewall.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108316-5 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 5: Configure the Firewall" ++ ++- name: Import tasks from '../../RedHat/generic/assert-firewall.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-firewall.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-configure-firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-configure-firewall.yml +new file mode 100644 +index 0000000..707b537 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/05-configure-firewall.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108316-5 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 5: Configure the Firewall" ++ ++- name: Import tasks from '../../RedHat/generic/configure-firewall.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-firewall.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-assert-uuidd.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-assert-uuidd.yml +new file mode 100644 +index 0000000..dab32ed +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-assert-uuidd.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108316-6 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 6: Configure uuidd" ++ ++- name: Import tasks from '../../RedHat/generic/assert-uuidd.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-uuidd.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-configure-uuidd.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-configure-uuidd.yml +new file mode 100644 +index 0000000..ff31a6c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/06-configure-uuidd.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108316-6 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 6: Configure uuidd" ++ ++- name: Import tasks from '../../RedHat/generic/configure-uuidd.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-uuidd.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-assert-tmpfs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-assert-tmpfs.yml +new file mode 100644 +index 0000000..d220308 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-assert-tmpfs.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108316-7 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 7: Configure tmpfs; memtotal_mb = {{ ansible_memtotal_mb }}; swaptotal_mb = {{ ansible_swaptotal_mb }}; sap_general_preconfigure_size_of_tmpfs_gb = {{ sap_general_preconfigure_size_of_tmpfs_gb }}" ++ ++- name: Import tasks from '../../RedHat/generic/assert-tmpfs.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-tmpfs.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-configure-tmpfs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-configure-tmpfs.yml +new file mode 100644 +index 0000000..6407a41 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/07-configure-tmpfs.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108316-7 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 7: Configure tmpfs; memtotal_mb = {{ ansible_memtotal_mb }}; swaptotal_mb = {{ ansible_swaptotal_mb }}; sap_general_preconfigure_size_of_tmpfs_gb = {{ sap_general_preconfigure_size_of_tmpfs_gb }}" ++ ++- name: Import tasks from '../../RedHat/generic/configure-tmpfs.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-tmpfs.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-assert-linux-kernel-parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-assert-linux-kernel-parameters.yml +new file mode 100644 +index 0000000..a5ed5b6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-assert-linux-kernel-parameters.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108316-8 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 8: Configure Linux Kernel Parameters" ++ ++- name: Import tasks from '../../RedHat/generic/assert-kernel-parameters.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-kernel-parameters.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-configure-linux-kernel-parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-configure-linux-kernel-parameters.yml +new file mode 100644 +index 0000000..5daf105 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/08-configure-linux-kernel-parameters.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108316-8 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 8: Configure Linux Kernel Parameters" ++ ++- name: Import tasks from '../../RedHat/generic/configure-kernel-parameters.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-kernel-parameters.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-assert-process-resource-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-assert-process-resource-limits.yml +new file mode 100644 +index 0000000..b556fe3 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-assert-process-resource-limits.yml +@@ -0,0 +1,11 @@ ++--- ++ ++- name: Assert 3108316-9 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 9: Configure Process Resource Limits" ++ ++- name: Import tasks from '../../RedHat/generic/assert-limits-conf-file.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-limits-conf-file.yml ++ ++- name: Import tasks from '../../RedHat/generic/assert-nproc-limits.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-nproc-limits.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-configure-process-resource-limits.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-configure-process-resource-limits.yml +new file mode 100644 +index 0000000..104bd24 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/09-configure-process-resource-limits.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108316-9 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 9: Configure Process Resource Limits" ++ ++- name: Import tasks from '../../RedHat/generic/increase-nproc-limits.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/increase-nproc-limits.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-assert-systemd-tmpfiles.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-assert-systemd-tmpfiles.yml +new file mode 100644 +index 0000000..37f6d65 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-assert-systemd-tmpfiles.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108316-10 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 10: Configure systemd-tmpfiles" ++ ++- name: Import tasks from '../../RedHat/generic/assert-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-systemd-tmpfiles.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-configure-systemd-tmpfiles.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-configure-systemd-tmpfiles.yml +new file mode 100644 +index 0000000..984bc83 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/3108316/10-configure-systemd-tmpfiles.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108316-10 ++ ansible.builtin.debug: ++ msg: "SAP note 3108316 Step 10: Configure systemd-tmpfiles" ++ ++- name: Import tasks from '../../RedHat/generic/configure-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-systemd-tmpfiles.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-0941735.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-0941735.yml +new file mode 100644 +index 0000000..1ac5085 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-0941735.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# Configure tmpfs ++- name: Assert - Display SAP note number 0941735 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^0941735$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^0941735$') | first).version }}): Configure tmpfs; memtotal_mb = {{ ansible_memtotal_mb }}; swaptotal_mb = {{ ansible_swaptotal_mb }}; sap_general_preconfigure_size_of_tmpfs_gb = {{ sap_general_preconfigure_size_of_tmpfs_gb }}" ++ ++- name: Import tasks from '../RedHat/generic/assert-tmpfs.yml' ++ ansible.builtin.import_tasks: ../RedHat/generic/assert-tmpfs.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_0941735 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-1391070.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-1391070.yml +new file mode 100644 +index 0000000..b0ab896 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-1391070.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# Linux-UUID-solutions ++- name: Assert - Display SAP note number 1391070 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^1391070$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^1391070$') | first).version }}): Configure uuidd" ++ ++- name: Import tasks from '../RedHat/generic/assert-uuidd.yml' ++ ansible.builtin.import_tasks: ../RedHat/generic/assert-uuidd.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_1391070 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-1771258.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-1771258.yml +new file mode 100644 +index 0000000..1b8b3ab +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-1771258.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# Configure tmpfs ++- name: Assert - Display SAP note number 1771258 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^1771258$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^1771258$') | first).version }}): User and system resource limits" ++ ++- name: Import tasks from '../RedHat/generic/assert-nofile-limits.yml' ++ ansible.builtin.import_tasks: ../RedHat/generic/assert-nofile-limits.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_1771258 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-2002167.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-2002167.yml +new file mode 100644 +index 0000000..0de661d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-2002167.yml +@@ -0,0 +1,25 @@ ++--- ++ ++- name: Assert - Display SAP note number 2002167 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2002167$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2002167$') | first).version }}): Configure RHEL 7" ++ ++- name: Import tasks from '2002167/02-assert-configuration-changes.yml' ++ ansible.builtin.import_tasks: 2002167/02-assert-configuration-changes.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_02 | d(false) ++ ++- name: Import tasks from '2002167/03-assert-setting-the-hostname.yml' ++ ansible.builtin.import_tasks: 2002167/03-assert-setting-the-hostname.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_03 | d(false) ++ ++- name: Import tasks from '2002167/04-assert-linux-kernel-parameters.yml' ++ ansible.builtin.import_tasks: 2002167/04-assert-linux-kernel-parameters.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_04 | d(false) ++ ++- name: Import tasks from '2002167/05-assert-process-resource-limits.yml' ++ ansible.builtin.import_tasks: 2002167/05-assert-process-resource-limits.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_05 | d(false) ++ ++- name: Import tasks from '2002167/06-assert-additional-notes-for-installing-sap-systems.yml' ++ ansible.builtin.import_tasks: 2002167/06-assert-additional-notes-for-installing-sap-systems.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2002167_06 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-2772999.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-2772999.yml +new file mode 100644 +index 0000000..7c9648b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-2772999.yml +@@ -0,0 +1,41 @@ ++--- ++ ++- name: Assert - Display SAP note number 2772999 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2772999$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2772999$') | first).version }}): Configure RHEL 8" ++ ++- name: Import tasks from '2772999/02-assert-selinux.yml' ++ ansible.builtin.import_tasks: 2772999/02-assert-selinux.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_02 | d(false) ++ ++- name: Import tasks from '2772999/03-assert-hostname.yml' ++ ansible.builtin.import_tasks: 2772999/03-assert-hostname.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_03 | d(false) ++ ++- name: Import tasks from '2772999/04-assert-network-time-and-date.yml' ++ ansible.builtin.import_tasks: 2772999/04-assert-network-time-and-date.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_04 | d(false) ++ ++- name: Import tasks from '2772999/05-assert-firewall.yml' ++ ansible.builtin.import_tasks: 2772999/05-assert-firewall.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_05 | d(false) ++ ++- name: Import tasks from '2772999/06-assert-uuidd.yml' ++ ansible.builtin.import_tasks: 2772999/06-assert-uuidd.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_06 | d(false) ++ ++- name: Import tasks from '2772999/07-assert-tmpfs.yml' ++ ansible.builtin.import_tasks: 2772999/07-assert-tmpfs.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_07 | d(false) ++ ++- name: Import tasks from '2772999/08-assert-linux-kernel-parameters.yml' ++ ansible.builtin.import_tasks: 2772999/08-assert-linux-kernel-parameters.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_08 | d(false) ++ ++- name: Import tasks from '2772999/09-assert-process-resource-limits.yml' ++ ansible.builtin.import_tasks: 2772999/09-assert-process-resource-limits.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_09 | d(false) ++ ++- name: Import tasks from '2772999/10-assert-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: 2772999/10-assert-systemd-tmpfiles.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_2772999_10 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-3108316.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-3108316.yml +new file mode 100644 +index 0000000..1a02ab2 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/tasks/sapnote/assert-3108316.yml +@@ -0,0 +1,41 @@ ++--- ++ ++- name: Assert - Display SAP note number 3108316 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108316$') | first).number }} (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108316$') | first).version }}): Configure RHEL 8" ++ ++- name: Import tasks from '3108316/02-assert-selinux.yml' ++ ansible.builtin.import_tasks: 3108316/02-assert-selinux.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_02 | d(false) ++ ++- name: Import tasks from '3108316/03-assert-hostname.yml' ++ ansible.builtin.import_tasks: 3108316/03-assert-hostname.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_03 | d(false) ++ ++- name: Import tasks from '3108316/04-assert-network-time-and-date.yml' ++ ansible.builtin.import_tasks: 3108316/04-assert-network-time-and-date.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_04 | d(false) ++ ++- name: Import tasks from '3108316/05-assert-firewall.yml' ++ ansible.builtin.import_tasks: 3108316/05-assert-firewall.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_05 | d(false) ++ ++- name: Import tasks from '3108316/06-assert-uuidd.yml' ++ ansible.builtin.import_tasks: 3108316/06-assert-uuidd.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_06 | d(false) ++ ++- name: Import tasks from '3108316/07-assert-tmpfs.yml' ++ ansible.builtin.import_tasks: 3108316/07-assert-tmpfs.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_07 | d(false) ++ ++- name: Import tasks from '3108316/08-assert-linux-kernel-parameters.yml' ++ ansible.builtin.import_tasks: 3108316/08-assert-linux-kernel-parameters.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_08 | d(false) ++ ++- name: Import tasks from '3108316/09-assert-process-resource-limits.yml' ++ ansible.builtin.import_tasks: 3108316/09-assert-process-resource-limits.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_09 | d(false) ++ ++- name: Import tasks from '3108316/10-assert-systemd-tmpfiles.yml' ++ ansible.builtin.import_tasks: 3108316/10-assert-systemd-tmpfiles.yml ++ when: sap_general_preconfigure_config_all | d(true) or sap_general_preconfigure_3108316_10 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_7.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_7.yml +new file mode 100644 +index 0000000..da1ef29 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_7.yml +@@ -0,0 +1,174 @@ ++--- ++ ++# vars file for sap_general_preconfigure ++ ++__sap_general_preconfigure_sapnotes_versions: ++ - {number: '2002167', version: '36'} ++ - {number: '1771258', version: '6'} ++ - {number: '1391070', version: '41'} ++ - {number: '0941735', version: '11'} ++ ++# RHEL 7 arch strings for setting the repo names: ++__sap_general_preconfigure_rhel_7_arch_string_x86_64: 'server' ++__sap_general_preconfigure_rhel_7_arch_string_ppc64le: 'for-power-le' ++__sap_general_preconfigure_rhel_7_arch_string_ppc64: 'for-power' ++__sap_general_preconfigure_rhel_7_arch_string_s390x: 'for-system-z' ++# HA repos have a different pattern for ppc64le: ++__sap_general_preconfigure_rhel_7_ha_arch_string_x86_64: '{{ __sap_general_preconfigure_rhel_7_arch_string_x86_64 }}' ++__sap_general_preconfigure_rhel_7_ha_arch_string_ppc64le: 'server-for-power-le' ++__sap_general_preconfigure_rhel_7_ha_arch_string_ppc64: '{{ __sap_general_preconfigure_rhel_7_arch_string_ppc64 }}' ++__sap_general_preconfigure_rhel_7_ha_arch_string_s390x: '{{ __sap_general_preconfigure_rhel_7_arch_string_s390x }}' ++ ++__sap_general_preconfigure_rhel_7_arch_string: "{{ lookup('vars', '__sap_general_preconfigure_rhel_7_arch_string_' + ansible_architecture) }}" ++__sap_general_preconfigure_rhel_7_ha_arch_string: "{{ lookup('vars', '__sap_general_preconfigure_rhel_7_ha_arch_string_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_max_repo_type_x86_64: 'e4s-' ++__sap_general_preconfigure_max_repo_type_ppc64le: 'e4s-' ++__sap_general_preconfigure_max_repo_type_ppc64: 'eus-' ++__sap_general_preconfigure_max_repo_type_s390x: 'eus-' ++# There are no eus HA repos for s390x: ++__sap_general_preconfigure_max_repo_type_ha_x86_64: '{{ __sap_general_preconfigure_max_repo_type_x86_64 }}' ++__sap_general_preconfigure_max_repo_type_ha_ppc64le: '{{ __sap_general_preconfigure_max_repo_type_ppc64le }}' ++__sap_general_preconfigure_max_repo_type_ha_ppc64: '{{ __sap_general_preconfigure_max_repo_type_ppc64 }}' ++__sap_general_preconfigure_max_repo_type_ha_s390x: '' ++ ++__sap_general_preconfigure_max_repo_type: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_' + ansible_architecture) }}" ++__sap_general_preconfigure_max_repo_type_ha: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_ha_' + ansible_architecture) }}" ++ ++# RHEL 7 minor releases maximum repo support duration ++__sap_general_preconfigure_max_repo_type_string_7_6: '{{ __sap_general_preconfigure_max_repo_type }}' ++__sap_general_preconfigure_max_repo_type_string_7_7: '{{ __sap_general_preconfigure_max_repo_type }}' ++__sap_general_preconfigure_max_repo_type_string_7_8: '' ++__sap_general_preconfigure_max_repo_type_string_7_9: '' ++__sap_general_preconfigure_max_repo_type_ha_string_7_6: '{{ __sap_general_preconfigure_max_repo_type_ha }}' ++__sap_general_preconfigure_max_repo_type_ha_string_7_7: '{{ __sap_general_preconfigure_max_repo_type_ha }}' ++__sap_general_preconfigure_max_repo_type_ha_string_7_8: '' ++__sap_general_preconfigure_max_repo_type_ha_string_7_9: '' ++ ++__sap_general_preconfigure_max_repo_type_string: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_string_' + ansible_distribution_version | replace(\".\", \"_\")) }}" ++__sap_general_preconfigure_max_repo_type_ha_string: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_ha_string_' + ansible_distribution_version | replace(\".\", \"_\")) }}" ++ ++__sap_general_preconfigure_req_os_repos: ++ - rhel-{{ ansible_distribution_major_version }}-{{ __sap_general_preconfigure_rhel_7_arch_string }}-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_netweaver_repos: ++ - rhel-sap-for-rhel-{{ ansible_distribution_major_version }}-{{ __sap_general_preconfigure_rhel_7_arch_string }}-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_hana_repos: ++ - rhel-sap-hana-for-rhel-{{ ansible_distribution_major_version }}-{{ __sap_general_preconfigure_rhel_7_arch_string }}-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_ha_repos: ++ - rhel-ha-for-rhel-{{ ansible_distribution_major_version }}-{{ __sap_general_preconfigure_rhel_7_ha_arch_string }}-{{ __sap_general_preconfigure_max_repo_type_ha_string }}rpms ++ ++__sap_general_preconfigure_envgroups: "" ++ ++__sap_general_preconfigure_packagegroups_x86_64: ++ - "@base" ++ - "@compat-libraries" ++ - "@large-systems" ++ - "@network-file-system-client" ++ - "@performance" ++ ++__sap_general_preconfigure_packagegroups_ppc64le: ++ - "@base" ++ - "@compat-libraries" ++ ++__sap_general_preconfigure_packagegroups_ppc64: ++ - "@base" ++ - "@compat-libraries" ++ ++__sap_general_preconfigure_packagegroups_s390x: ++ - "@base" ++ - "@compat-libraries" ++ - "@large-systems" ++ - "@network-file-system-client" ++ - "@performance" ++ ++__sap_general_preconfigure_packagegroups: "{{ lookup('vars', '__sap_general_preconfigure_packagegroups_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_packages_x86_64: ++ - uuidd ++ - tcsh ++ - psmisc ++ - compat-sap-c++-5 ++ - compat-sap-c++-6 ++ - compat-sap-c++-7 ++ - compat-sap-c++-9 ++ - compat-sap-c++-10 ++ ++__sap_general_preconfigure_packages_ppc64le: ++ - uuidd ++ - tcsh ++ - psmisc ++ - compat-sap-c++-5 ++ - compat-sap-c++-6 ++ - compat-sap-c++-7 ++ - compat-sap-c++-9 ++ - compat-sap-c++-10 ++ ++__sap_general_preconfigure_packages_ppc64: ++ - uuidd ++ - tcsh ++ - psmisc ++ - compat-sap-c++-5 ++ ++__sap_general_preconfigure_packages_s390x: ++ - uuidd ++ - tcsh ++ - psmisc ++ ++__sap_general_preconfigure_packages: "{{ lookup('vars', '__sap_general_preconfigure_packages_' + ansible_architecture) }}" ++ ++# As per https://www14.software.ibm.com/support/customercare/sas/f/lopdiags/home.html : ++__sap_general_preconfigure_required_ppc64le: ++ - librtas ++ - src ++ - rsct.core.utils ++ - rsct.core ++ - rsct.basic ++ - rsct.opt.storagerm ++ - devices.chrp.base.ServiceRM ++ - DynamicRM ++ - ncurses-libs ++ - readline ++ - sqlite ++ - sg3_utils ++ - libgcc ++ - libstdc++ ++ - zlib ++ - iprutils ++ - lsvpd ++ - libvpd ++ - libservicelog ++ - servicelog ++ - powerpc-utils ++ - powerpc-utils-python ++ - ppc64-diag ++ - IBMinvscout ++ ++__sap_general_preconfigure_min_packages_7_2: ++ ++__sap_general_preconfigure_min_packages_7_3: ++ ++# SAP note 2812427: ++__sap_general_preconfigure_min_packages_7_4: ++ - ['kernel', '3.10.0-693.58.1.el7'] ++ ++# SAP note 2812427: ++__sap_general_preconfigure_min_packages_7_5: ++ - ['kernel', '3.10.0-862.43.1.el7'] ++ ++# SAP note 2812427: ++__sap_general_preconfigure_min_packages_7_6: ++ - ['kernel', '3.10.0-957.35.1.el7'] ++ ++__sap_general_preconfigure_min_packages_7_7: ++ ++__sap_general_preconfigure_min_packages_7_8: ++ ++__sap_general_preconfigure_min_packages_7_9: ++ ++__sap_general_preconfigure_min_pkgs: "{{ lookup('vars', '__sap_general_preconfigure_min_packages_' + ansible_distribution_version | replace(\".\", \"_\")) }}" ++ ++# Note: The value for vm.max_map_count of 2147483647 (previously 2000000) ++# is set according to SAP note 900929. ++__sap_general_preconfigure_kernel_parameters_default: ++ - {name: kernel.sem, value: '1250 256000 100 1024'} ++ - {name: vm.max_map_count, value: '2147483647'} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.0.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.0.yml +new file mode 100644 +index 0000000..3015bb9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.0.yml +@@ -0,0 +1,60 @@ ++--- ++ ++# vars file for sap_general_preconfigure ++ ++__sap_general_preconfigure_sapnotes_versions: ++ - {number: '2772999', version: '24'} ++ - {number: '1771258', version: '6'} ++ ++__sap_general_preconfigure_max_repo_type_x86_64: 'e4s' ++__sap_general_preconfigure_max_repo_type_ppc64le: 'e4s' ++__sap_general_preconfigure_max_repo_type_s390x: 'eus' ++ ++__sap_general_preconfigure_max_repo_type: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_' + ansible_architecture) }}" ++ ++# RHEL 8 minor releases maximum repo support duration ++__sap_general_preconfigure_max_repo_type_string: '{{ __sap_general_preconfigure_max_repo_type }}-' ++ ++__sap_general_preconfigure_req_os_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-baseos-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-appstream-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_netweaver_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-netweaver-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_hana_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-solutions-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_ha_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ ++__sap_general_preconfigure_envgroups: ++ - "server-product-environment" ++ ++__sap_general_preconfigure_packagegroups_x86_64: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_ppc64le: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_s390x: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups: "{{ lookup('vars', '__sap_general_preconfigure_packagegroups_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_packages: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ ++__sap_general_preconfigure_required_ppc64le: ++ - ibm-power-managed-rhel8 ++ ++# SAP notes 2772999 (setup) and 2812427 (kernel): ++__sap_general_preconfigure_min_pkgs: ++ - ['setup', '2.12.2-2.el8_0.1'] ++ - ['kernel', '4.18.0-80.15.1.el8_0'] ++ ++__sap_general_preconfigure_kernel_parameters_default: ++ - {name: vm.max_map_count, value: '2147483647'} ++ - {name: kernel.pid_max, value: '4194304'} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.1.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.1.yml +new file mode 100644 +index 0000000..b2c8ffe +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.1.yml +@@ -0,0 +1,80 @@ ++--- ++ ++# vars file for sap_general_preconfigure ++ ++__sap_general_preconfigure_sapnotes_versions: ++ - {number: '2772999', version: '24'} ++ - {number: '1771258', version: '6'} ++ ++__sap_general_preconfigure_max_repo_type_x86_64: 'e4s' ++__sap_general_preconfigure_max_repo_type_ppc64le: 'e4s' ++__sap_general_preconfigure_max_repo_type_s390x: 'eus' ++ ++__sap_general_preconfigure_max_repo_type: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_' + ansible_architecture) }}" ++ ++# RHEL 8 minor releases maximum repo support duration ++__sap_general_preconfigure_max_repo_type_string: '{{ __sap_general_preconfigure_max_repo_type }}-' ++ ++__sap_general_preconfigure_req_os_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-baseos-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-appstream-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_netweaver_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-netweaver-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_hana_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-solutions-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_ha_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ ++__sap_general_preconfigure_envgroups: ++ - "server-product-environment" ++ ++__sap_general_preconfigure_packagegroups_x86_64: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_ppc64le: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_s390x: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups: "{{ lookup('vars', '__sap_general_preconfigure_packagegroups_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_packages_x86_64: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ - compat-sap-c++-9 ++ - compat-sap-c++-10 ++ ++__sap_general_preconfigure_packages_ppc64le: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ - compat-sap-c++-9 ++ - compat-sap-c++-10 ++ ++__sap_general_preconfigure_packages_s390x: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ ++__sap_general_preconfigure_packages: "{{ lookup('vars', '__sap_general_preconfigure_packages_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_required_ppc64le: ++ - ibm-power-managed-rhel8 ++ ++__sap_general_preconfigure_min_pkgs: ++ - ['setup', '2.12.2-2.el8_1.1'] ++ ++__sap_general_preconfigure_kernel_parameters_default: ++ - {name: vm.max_map_count, value: '2147483647'} ++ - {name: kernel.pid_max, value: '4194304'} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.2.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.2.yml +new file mode 100644 +index 0000000..9f0f13d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.2.yml +@@ -0,0 +1,76 @@ ++--- ++ ++# vars file for sap_general_preconfigure ++ ++__sap_general_preconfigure_sapnotes_versions: ++ - {number: '2772999', version: '24'} ++ - {number: '1771258', version: '6'} ++ ++__sap_general_preconfigure_max_repo_type_x86_64: 'e4s' ++__sap_general_preconfigure_max_repo_type_ppc64le: 'e4s' ++__sap_general_preconfigure_max_repo_type_s390x: 'eus' ++ ++__sap_general_preconfigure_max_repo_type: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_' + ansible_architecture) }}" ++ ++# RHEL 8 minor releases maximum repo support duration ++__sap_general_preconfigure_max_repo_type_string: '{{ __sap_general_preconfigure_max_repo_type }}-' ++ ++__sap_general_preconfigure_req_os_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-baseos-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-appstream-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_netweaver_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-netweaver-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_hana_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-solutions-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_ha_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ ++__sap_general_preconfigure_envgroups: ++ - "server-product-environment" ++ ++__sap_general_preconfigure_packagegroups_x86_64: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_ppc64le: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_s390x: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups: "{{ lookup('vars', '__sap_general_preconfigure_packagegroups_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_packages_x86_64: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ - compat-sap-c++-9 ++ - compat-sap-c++-10 ++ ++__sap_general_preconfigure_packages_ppc64le: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ - compat-sap-c++-9 ++ - compat-sap-c++-10 ++ ++__sap_general_preconfigure_packages_s390x: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ ++__sap_general_preconfigure_packages: "{{ lookup('vars', '__sap_general_preconfigure_packages_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_required_ppc64le: ++ - ibm-power-managed-rhel8 ++ ++__sap_general_preconfigure_kernel_parameters_default: ++ - {name: vm.max_map_count, value: '2147483647'} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.yml +new file mode 100644 +index 0000000..2b34e73 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_8.yml +@@ -0,0 +1,88 @@ ++--- ++ ++# vars file for sap_general_preconfigure ++ ++__sap_general_preconfigure_sapnotes_versions: ++ - {number: '2772999', version: '24'} ++ - {number: '1771258', version: '6'} ++ ++__sap_general_preconfigure_max_repo_type_x86_64: 'e4s' ++__sap_general_preconfigure_max_repo_type_ppc64le: 'e4s' ++__sap_general_preconfigure_max_repo_type_s390x: 'eus' ++ ++__sap_general_preconfigure_max_repo_type: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_' + ansible_architecture) }}" ++ ++# RHEL 8 minor releases maximum repo support duration ++__sap_general_preconfigure_max_repo_type_string_8_3: '' ++__sap_general_preconfigure_max_repo_type_string_8_4: '{{ __sap_general_preconfigure_max_repo_type }}-' ++__sap_general_preconfigure_max_repo_type_string_8_5: '' ++__sap_general_preconfigure_max_repo_type_string_8_6: '{{ __sap_general_preconfigure_max_repo_type }}-' ++__sap_general_preconfigure_max_repo_type_string_8_7: '' ++__sap_general_preconfigure_max_repo_type_string_8_8: '{{ __sap_general_preconfigure_max_repo_type }}-' ++__sap_general_preconfigure_max_repo_type_string_8_9: '' ++__sap_general_preconfigure_max_repo_type_string_8_10: '' ++ ++__sap_general_preconfigure_max_repo_type_string: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_string_' + ansible_distribution_version | replace(\".\", \"_\")) }}" ++ ++__sap_general_preconfigure_req_os_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-baseos-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-appstream-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_netweaver_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-netweaver-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_hana_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-solutions-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_ha_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ ++__sap_general_preconfigure_envgroups: ++ - "server-product-environment" ++ ++__sap_general_preconfigure_packagegroups_x86_64: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_ppc64le: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_s390x: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups: "{{ lookup('vars', '__sap_general_preconfigure_packagegroups_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_packages_x86_64: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ - compat-sap-c++-9 ++ - compat-sap-c++-10 ++ - compat-sap-c++-11 ++ ++__sap_general_preconfigure_packages_ppc64le: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ - compat-sap-c++-9 ++ - compat-sap-c++-10 ++ - compat-sap-c++-11 ++ ++__sap_general_preconfigure_packages_s390x: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++ - compat-sap-c++-10 ++ ++__sap_general_preconfigure_packages: "{{ lookup('vars', '__sap_general_preconfigure_packages_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_required_ppc64le: ++ - ibm-power-managed-rhel8 ++ ++__sap_general_preconfigure_kernel_parameters_default: ++ - {name: vm.max_map_count, value: '2147483647'} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_9.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_9.yml +new file mode 100644 +index 0000000..6c0da94 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/RedHat_9.yml +@@ -0,0 +1,102 @@ ++--- ++ ++# vars file for sap_general_preconfigure ++ ++__sap_general_preconfigure_sapnotes_versions: ++ - {number: '3108316', version: '2'} ++ - {number: '1771258', version: '6'} ++ ++__sap_general_preconfigure_max_repo_type_x86_64: 'e4s' ++__sap_general_preconfigure_max_repo_type_ppc64le: 'e4s' ++__sap_general_preconfigure_max_repo_type_s390x: 'eus' ++ ++__sap_general_preconfigure_max_repo_type: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_' + ansible_architecture) }}" ++ ++# RHEL 9 minor releases maximum repo support duration ++__sap_general_preconfigure_max_repo_type_string_9_0: '{{ __sap_general_preconfigure_max_repo_type }}-' ++__sap_general_preconfigure_max_repo_type_string_9_1: '' ++__sap_general_preconfigure_max_repo_type_string_9_2: '{{ __sap_general_preconfigure_max_repo_type }}-' ++__sap_general_preconfigure_max_repo_type_string_9_3: '' ++__sap_general_preconfigure_max_repo_type_string_9_4: '{{ __sap_general_preconfigure_max_repo_type }}-' ++__sap_general_preconfigure_max_repo_type_string_9_5: '' ++__sap_general_preconfigure_max_repo_type_string_9_6: '{{ __sap_general_preconfigure_max_repo_type }}-' ++__sap_general_preconfigure_max_repo_type_string_9_7: '' ++__sap_general_preconfigure_max_repo_type_string_9_8: '{{ __sap_general_preconfigure_max_repo_type }}-' ++__sap_general_preconfigure_max_repo_type_string_9_9: '' ++__sap_general_preconfigure_max_repo_type_string_9_10: '' ++ ++__sap_general_preconfigure_max_repo_type_string: "{{ lookup('vars', '__sap_general_preconfigure_max_repo_type_string_' + ansible_distribution_version | replace(\".\", \"_\")) }}" ++ ++__sap_general_preconfigure_req_os_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-baseos-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-appstream-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_netweaver_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-netweaver-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_hana_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-sap-solutions-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++__sap_general_preconfigure_req_ha_repos: ++ - rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-{{ __sap_general_preconfigure_max_repo_type_string }}rpms ++ ++__sap_general_preconfigure_envgroups: ++ - "server-product-environment" ++ ++__sap_general_preconfigure_packagegroups_x86_64: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_ppc64le: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups_s390x: ++ - "@server" ++ ++__sap_general_preconfigure_packagegroups: "{{ lookup('vars', '__sap_general_preconfigure_packagegroups_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_packages_x86_64: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++# package hostname: needed by rhel-system-roles-sap ++ - hostname ++# package tuned: no longer part of package group "Core" in RHEL 9, so we have to install it ++ - tuned ++# package libxcrypt-compat: needed by sapstartsrv and SAP HANA on RHEL 9: ++ - libxcrypt-compat ++ ++__sap_general_preconfigure_packages_ppc64le: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++# package hostname: needed by rhel-system-roles-sap ++ - hostname ++# package tuned: no longer part of package group "Core" in RHEL 9, so we have to install it ++ - tuned ++# package libxcrypt-compat: needed by sapstartsrv and SAP HANA on RHEL 9: ++ - libxcrypt-compat ++ ++__sap_general_preconfigure_packages_s390x: ++ - uuidd ++ - libnsl ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++# package hostname: needed by rhel-system-roles-sap ++ - hostname ++# package tuned: no longer part of package group "Core" in RHEL 9, so we have to install it ++ - tuned ++# package libxcrypt-compat: needed by sapstartsrv on RHEL 9: ++ - libxcrypt-compat ++ ++__sap_general_preconfigure_packages: "{{ lookup('vars', '__sap_general_preconfigure_packages_' + ansible_architecture) }}" ++ ++__sap_general_preconfigure_required_ppc64le: ++ - ibm-power-managed-rhel9 ++ ++__sap_general_preconfigure_kernel_parameters_default: ++ - {name: vm.max_map_count, value: '2147483647'} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/SLES_15.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/SLES_15.yml +new file mode 100644 +index 0000000..cc3c279 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/SLES_15.yml +@@ -0,0 +1,17 @@ ++--- ++__sap_general_preconfigure_sapnotes_versions: ++ - '' ++ ++__sap_general_preconfigure_packages: ++ - uuidd ++ - tcsh ++ - psmisc ++ - nfs-utils ++ - bind-utils ++# package hostname: needed by rhel-system-roles-sap ++ - hostname ++ ++__sap_general_preconfigure_min_pkgs: ++__sap_general_preconfigure_packagegroups: ++__sap_general_preconfigure_envgroups: ++__sap_general_preconfigure_kernel_parameters_default: +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/main.yml +new file mode 100644 +index 0000000..f3d4ba7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_general_preconfigure/vars/main.yml +@@ -0,0 +1,8 @@ ++--- ++ ++# dummy entries for passing the arg spec validation: ++__sap_general_preconfigure_packagegroups: '' ++__sap_general_preconfigure_envgroups: '' ++__sap_general_preconfigure_packages: [] ++__sap_general_preconfigure_size_of_tmpfs_gb: '' ++__sap_general_preconfigure_kernel_parameters_default: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/.ansible-lint b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/.ansible-lint +new file mode 100644 +index 0000000..9e09ac4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/.ansible-lint +@@ -0,0 +1,16 @@ ++--- ++exclude_paths: ++ - tests/sap_ha_install_hana_hsr/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/README.md b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/README.md +new file mode 100644 +index 0000000..8536d7f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/README.md +@@ -0,0 +1,107 @@ ++# sap_ha_install_hana_hsr Ansible Role ++ ++Ansible role for SAP HANA System Replication Setup on 2 nodes. ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview" ++ ++## Prerequisites ++ ++- target nodes are on the same OS level ++- target nodes are using the same SAP HANA release ++ ++## Overview ++ ++The **sap_ha_install_hana_hsr** role is part of this system role sequence: ++ ++| Sequence | System Role | Description | ++| :------: | :----------------------- | :----------------------------------------------------------- | ++| 1. | sap_general_preconfigure | System Preparation for SAP | ++| 2. | sap_hana_preconfigure | System Preparation for SAP HANA | ++| 3. | sap_hana_install | Installation of SAP HANA Database | ++| _4._ | _sap_ha_install_hana_hsr_ | _Configuration of SAP HANA System Replication_ | ++| 5. | sap_ha_pacemaker_cluster | Linux Pacemaker cluster setup and SAP resources configuration | ++ ++The **sap_ha_install_hana_hsr** roles configures a HANA system replication relationship which is used by the pacemaker cluster to automate SAP HANA System Replication (HSR). Prerequisite is the SAP HANA installation on the nodes. ++ ++## Tasks included ++ ++| Task | Description | ++| ---------------------- | ----------------------------------------------------------------------------------- | ++| update_etchosts.yml | ensures that all nodes of the cluster are configured in all nodes' /etc/hosts | ++| configure_firewall.yml | this will configure the firewall für HANA system replication (disabled) | ++| hdbuserstore.yml | create a user in the hdbuserstore | ++| log_mode.yml | check/set database logmode | ++| pki_files.yml | copy pki file from primary to secondary database | ++| run_backup.yml | perform backup on the primary note as pre required step for HANA system replication | ++| configure_hsr.yml | enable HANA system replication on primary node and register secondary database node | ++ ++## Common Variables/Parameters Used ++ ++| Name | Description | Value | ++| -------------------------------- | ------------------------------- | ---------------------- | ++| sap_domain | Domain Name | example: `example.com` | ++| sap_hana_sid | SAP ID | example: `RH1` | ++| sap_hana_instance_number | Instance Number | example: `"00"` | ++| sap_hana_install_master_password | DB System Password | ++| sap_hana_cluster_nodes | Parameter list of cluster nodes | ++| sap_hana_hacluster_password | Pacemaker hacluster Password | ++ ++## Role specific Variables ++ ++| Name | Description | Value | ++| --------------------------------- | ---------------- | -------------------- | ++| sap_ha_install_hana_hsr_rep_mode | replication mode | default is sync | ++| sap_ha_install_hana_hsr_oper_mode | operation mode | default is logreplay | ++ ++## Example Parameter File ++ ++```yaml ++sap_hana_sid: "DB1" ++sap_hana_instance_number: "00" ++sap_hana_install_master_password: "my_hana-password" ++ ++### Cluster Definition ++sap_ha_install_pacemaker_cluster_name: cluster1 ++sap_hana_hacluster_password: "my_hacluster-password" ++ ++sap_domain: example.com ++ ++sap_hana_cluster_nodes: ++ - node_name: node1 ++ node_ip: 192.168.1.11 ++ node_role: primary ++ hana_site: DC01 ++ ++ - node_name: node2 ++ node_ip: 192.168.1.12 ++ node_role: secondary ++ hana_site: DC02 ++``` ++ ++### Execution Design ++ ++Having the parameters specified as above, it can be executed with one command: ++ ++```text ++ansible-playbook example_playbook_with_parameters.ymnl ++``` ++ ++If you need to execute the role using an external handled, you can also limit the playbook for specific a **host** adding parameter defined in e **parameter_file**. ++ ++```text ++ansible-playbook -l node1 example_playbook.yml -e @parameter_file.yml ++``` ++ ++A good way to start is executing the playbook with the option _--list_tasks_. You can than start a playbook with the option _--start-at-task_ at a specific point. _--list_task_ will not start any task. ++ ++For more information please check ++ ++```text ++ansible-playbook --help ++``` ++ ++## License ++ ++Apache license 2.0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/defaults/main.yml +new file mode 100644 +index 0000000..5aed4c9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/defaults/main.yml +@@ -0,0 +1,12 @@ ++--- ++sap_ha_install_hana_hsr_sid: "{{ sap_hana_sid }}" ++sap_ha_install_hana_hsr_instance_number: "{{ sap_hana_instance_number }}" ++sap_ha_install_hana_hsr_cluster_nodes: "{{ sap_hana_cluster_nodes }}" ++ ++sap_ha_install_hana_hsr_hdbuserstore_system_backup_user: HDB_SYSTEMDB ++sap_ha_install_hana_hsr_db_system_password: "{{ sap_hana_install_master_password }}" ++sap_ha_install_hana_hsr_fqdn: "{{ sap_domain }}" ++sap_ha_install_hana_hsr_rep_mode: sync ++sap_ha_install_hana_hsr_oper_mode: logreplay ++ ++sap_ha_install_hana_hsr_update_etchosts: true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/meta/main.yml +new file mode 100644 +index 0000000..ec56cf1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/meta/main.yml +@@ -0,0 +1,15 @@ ++--- ++galaxy_info: ++ namespace: community ++ author: IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Jason Masipiquena, Sherard Guico, Markus Moster ++ description: Installation of SAP HANA System Replication on Linux OS (RHEL, SLES) ++ company: Red Hat, Inc. ++ license: Apache-2.0 ++ min_ansible_version: "2.9" ++ platforms: ++ - name: EL ++ versions: ["7", "8", "9"] ++ - name: SLES ++ versions: ["15SP3"] ++ galaxy_tags: ["sap", "hana", "ha", "dr", "linuxpacemaker", "rhel", "redhat", "sles", "suse"] ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/configure_hsr.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/configure_hsr.yml +new file mode 100644 +index 0000000..04c1084 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/configure_hsr.yml +@@ -0,0 +1,64 @@ ++--- ++- name: "SAP HSR - Check System Replication Status" ++ ansible.builtin.shell: | ++ source /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/home/.sapenv.sh && \ ++ /usr/sap/{{ sap_ha_install_hana_hsr_sid | upper }}/HDB{{ sap_ha_install_hana_hsr_instance_number }}/exe/hdbnsutil \ ++ -sr_state ++ become: true ++ become_user: "{{ sap_ha_install_hana_hsr_sid | lower }}adm" ++ register: __sap_ha_install_hana_hsr_srstate ++ changed_when: false ++ failed_when: false ++ ++# looping through cluster definition to run on defined primary ++# and apply the respective 'site' value ++- name: "SAP HSR - Enable HANA System Replication on primary node" ++ ansible.builtin.shell: | ++ source /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/home/.sapenv.sh && \ ++ /usr/sap/{{ sap_ha_install_hana_hsr_sid | upper }}/HDB{{ sap_ha_install_hana_hsr_instance_number }}/exe/hdbnsutil \ ++ -sr_enable --name="{{ item.hana_site }}" ++ become: true ++ become_user: "{{ sap_ha_install_hana_hsr_sid | lower }}adm" ++ register: enablesr ++ changed_when: "'successfully enabled system as system replication source site' in enablesr.stdout" ++ when: ++ - __sap_ha_install_hana_hsr_node_name == item.node_name.split('.')[0] ++ - item.node_role is defined and item.node_role == 'primary' ++ - "'is source system' not in __sap_ha_install_hana_hsr_srstate.stdout" ++ loop: "{{ sap_ha_install_hana_hsr_cluster_nodes }}" ++ loop_control: ++ label: "{{ item.node_name }}" ++ ++# looping through cluster definition to run on secondary node ++# and apply the respective 'site' value ++- name: "SAP HSR - Register secondary node to HANA System Replication" ++ ansible.builtin.shell: | ++ source /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/home/.sapenv.sh && \ ++ /usr/sap/{{ sap_ha_install_hana_hsr_sid | upper }}/HDB{{ sap_ha_install_hana_hsr_instance_number }}/exe/hdbnsutil \ ++ -sr_register --name={{ item.hana_site }} \ ++ --remoteHost={{ __sap_ha_install_hana_hsr_primary_node_name }} --remoteInstance={{ sap_ha_install_hana_hsr_instance_number }} \ ++ --replicationMode={{ sap_ha_install_hana_hsr_rep_mode }} --operationMode={{ sap_ha_install_hana_hsr_oper_mode }} \ ++ --online ++ become: true ++ become_user: "{{ sap_ha_install_hana_hsr_sid | lower }}adm" ++ register: registersr ++ when: ++ - __sap_ha_install_hana_hsr_node_name == item.node_name.split('.')[0] ++ - item.node_role is not defined or item.node_role == 'secondary' ++ - __sap_ha_install_hana_hsr_node_name not in __sap_ha_install_hana_hsr_srstate.stdout ++ loop: "{{ sap_ha_install_hana_hsr_cluster_nodes }}" ++ loop_control: ++ label: "{{ item.node_name }}" ++ changed_when: true ++ ++- name: "SAP HSR - Start HANA instance on secondary" ++ ansible.builtin.shell: | ++ /usr/sap/{{ sap_ha_install_hana_hsr_sid | upper }}/HDB{{ sap_ha_install_hana_hsr_instance_number }}/exe/sapcontrol \ ++ -nr {{ sap_ha_install_hana_hsr_instance_number }} -function StartSystem ++ become: true ++ become_user: "{{ sap_ha_install_hana_hsr_sid | lower }}adm" ++ register: startinstance ++ changed_when: "'StartSystem' in startinstance.stdout" ++ when: ++ - __sap_ha_install_hana_hsr_node_name != __sap_ha_install_hana_hsr_primary_node_name ++ - __sap_ha_install_hana_hsr_node_name not in __sap_ha_install_hana_hsr_srstate.stdout +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/hdbuserstore.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/hdbuserstore.yml +new file mode 100644 +index 0000000..290a868 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/hdbuserstore.yml +@@ -0,0 +1,27 @@ ++--- ++# ansible-lint: ++# become_user string is deduced from a variable + suffix with no spaces ++- name: "SAP HSR - Check if hdbuserstore exists" ++ become: true ++ become_user: "{{ sap_ha_install_hana_hsr_sid | lower }}adm" ++ ansible.builtin.command: | ++ /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/SYS/exe/hdb/hdbuserstore \ ++ List {{ sap_ha_install_hana_hsr_hdbuserstore_system_backup_user }} ++ register: sap_ha_install_hana_hsr_hdbuserstore ++ failed_when: false ++ changed_when: false ++ ++# CHECK: if ansible_hostname should be replaced by the connection interface name ? ++# ++# ansible-lint: ++# become_user string is deduced from a variable + suffix with no spaces ++- name: "SAP HSR - Create and Store Connection Info in hdbuserstore" ++ become: true ++ become_user: "{{ sap_ha_install_hana_hsr_sid | lower }}adm" ++ ansible.builtin.command: | ++ /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/SYS/exe/hdb/hdbuserstore \ ++ SET {{ sap_ha_install_hana_hsr_hdbuserstore_system_backup_user }} \ ++ {{ ansible_hostname }}:3{{ sap_ha_install_hana_hsr_instance_number }}13 \ ++ SYSTEM '{{ sap_ha_install_hana_hsr_db_system_password }}' ++ when: sap_ha_install_hana_hsr_hdbuserstore.rc != '0' ++ changed_when: true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/log_mode.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/log_mode.yml +new file mode 100644 +index 0000000..952abfa +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/log_mode.yml +@@ -0,0 +1,27 @@ ++--- ++- name: "SAP HSR - check log_mode" ++ tags: hsr_logmode ++ become: true ++ become_user: "{{ sap_ha_install_hana_hsr_sid | lower }}adm" ++ ansible.builtin.shell: | ++ set -o pipefail && ++ grep "log_mode" /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/SYS/global/hdb/custom/config/global.ini | grep normal ++ register: sap_ha_install_hana_hsr_log_mode ++ failed_when: false ++ changed_when: false ++ ++# CHECK, if ansible_hostname needs to be replaced with interface name ++- name: "SAP HSR - Set log_mode to normal" ++ tags: hsr_logmode ++ become: true ++ become_user: "{{ sap_ha_install_hana_hsr_sid | lower }}adm" ++ ansible.builtin.shell: | ++ /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/SYS/exe/hdb/hdbsql \ ++ -U {{ sap_ha_install_hana_hsr_hdbuserstore_system_backup_user }} \ ++ -m < 0 ++ ++ - name: "SAP HSR - Primary: Remove .ssh if it was created" ++ ansible.builtin.file: ++ path: ~/.ssh ++ state: absent ++ when: ++ - __sap_ha_install_hana_hsr_create_ssh_prim.changed is defined ++ - __sap_ha_install_hana_hsr_create_ssh_prim.changed ++ delegate_to: "{{ __sap_ha_install_hana_hsr_primary_node }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/run_backup.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/run_backup.yml +new file mode 100644 +index 0000000..7b09cdc +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_install_hana_hsr/tasks/run_backup.yml +@@ -0,0 +1,29 @@ ++--- ++- name: "SAP HSR - Run backup for SYSTEMDB" ++ ansible.builtin.shell: | ++ /usr/sap/{{ sap_ha_install_hana_hsr_sid }}/SYS/exe/hdb/hdbsql -quiet \ ++ -U {{ sap_ha_install_hana_hsr_hdbuserstore_system_backup_user }} \ ++ -m < ++# sap_ha_pacemaker_cluster Ansible Role ++ ++![Ansible Lint for sap_ha_pacemaker_cluster](https://github.com/sap-linuxlab/community.sap_install/actions/workflows/ansible-lint-sap_ha_pacemaker_cluster.yml/badge.svg) ++ ++Ansible Role for installation and configuration of Linux Pacemaker for High Availability of SAP Systems run on various Infrastructure Platforms. ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview" ++ ++## Scope ++ ++This Ansible Role provides: ++- installation of Linux Pacemaker packages and dependencies ++- configuration of Linux Pacemaker cluster with all relevant fencing agent and resource agent for an Infrastructure Platform and SAP Software (SAP HANA or SAP NetWeaver) ++- setup and instantiation of Linux Pacemaker cluster (using `ha_cluster` Linux System Role) ++ ++This Ansible Role has been tested for the following SAP Software Solution scenario deployments: ++- SAP HANA Scale-up High Availability ++- `Beta:` SAP NetWeaver (ABAP) AS ASCS and ERS High Availability ++- `Experimental:` SAP NetWeaver (ABAP) AS PAS and AAS High Availability ++- `Experimental:` SAP NetWeaver (JAVA) AS SCS and ERS High Availability ++ ++This Ansible Role contains Infrastructure Platform specific alterations for: ++- AWS EC2 Virtual Servers ++- `Beta:` Microsoft Azure Virtual Machines ++- `Experimental:` Google Cloud Compute Engine Virtual Machine ++- `Experimental:` IBM Cloud Virtual Server ++- `Experimental:` IBM Power Virtual Server from IBM Cloud ++- `Experimental:` IBM PowerVC hypervisor Virtual Machine ++ ++Please note, this Ansible Role `sap_ha_pacemaker_cluster` is acting as a wrapper and generates the parameter definitions for a given SAP System, Infrastructure Platform specific variables and other additional steps to complete the SAP High Availability setup using Linux Pacemaker clusters. ++ ++### Warnings :warning: ++ ++- :warning: Do **not** execute this Ansible Role against already configured Linux Pacemaker cluster nodes; unless you know what you are doing and have prepared the input variables for the Ansible Role according to / matching to the existing Linux Pacemaker setup! ++- :warning: Infrastructure Platforms not explicitly listed as available/tested are very unlikely to work. ++ ++## Functionality ++ ++_All of the following functionality is provided as **Technology Preview**._ ++ ++### SAP HANA scale-up (performance-optimized) with SAP HANA System Replication, High Availability using Linux Pacemaker 2-node cluster ++ ++| Platform | Usability | ++| -------- | --------- | ++| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | ++| :heavy_check_mark: OVirt VM | tested and working | ++| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | ++ ++### SAP NetWeaver (ABAP) ASCS and ERS, High Availability using Linux Pacemaker 2-node cluster ++ ++| Platform | Usability | ++| -------- | --------- | ++| :heavy_check_mark: physical server | expected to work with any fencing method that is supported by the `ha_cluster` Linux System Role | ++| :heavy_check_mark: OVirt VM | tested and working | ++| :heavy_check_mark: AWS EC2 VS | platform detection and awscli setup included, tested and expected to work | ++ ++## Requirements ++ ++The Ansible Role requires the SAP HANA Database Server or SAP NetWeaver Application Server software installation to already exist on the target host/s. ++ ++The target host must have: ++- OS version and license - RHEL4SAP (HA and US) 8.4+ ++- OS package repositories enabled - SAP and High Availability ++ ++> _N.B. At this time SLES4SAP functionality is not available, until `crmsh` commands are provided in dependency Ansible Role [`ha_cluster`](https://github.com/linux-system-roles/ha_cluster)_ ++ ++The Ansible Control System (where Ansible is executed from) must have: ++- Ansible Core 2.9+ ++- Access to dependency Ansible Collections and Ansible Roles: ++ - **Upstream**: ++ - Ansible Collection [`community.sap_install` from Ansible Galaxy](https://galaxy.ansible.com/community/sap_install) version `1.3.0` or later ++ - Ansible Collection [`fedora.linux_system_roles` from Ansible Galaxy](https://galaxy.ansible.com/fedora/linux_system_roles) version `1.20.0` or later ++ - **Supported (Downstream)** via Red Hat Ansible Automation Platform (AAP) license: ++ - Ansible Collection [`redhat.sap_install` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/sap_install) version `1.3.0` or later ++ - Ansible Collection [`redhat.rhel_system_roles` from Red Hat Ansible Automation Platform Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles) version `1.20.0` or later ++ - **Supported (Downstream)** via RHEL4SAP license: ++ - RHEL System Roles for SAP RPM Package `rhel-system-roles-sap-3.6.0` or later ++ - RHEL System Roles RPM Package `rhel-system-roles-1.20.0` or later ++ ++## Prerequisites ++ ++All SAP Software must be installed, and all remote/file storage mounts must be available with correct permissions defined by SAP documentation. For SAP HANA High Availability, SAP HANA System Replication must already be installed. ++ ++In addition, the following network ports must be available: ++ ++| **SAP Technical Application and Component** | **Port** | ++| --- | --- | ++| **_SAP HANA System Replication_** | | ++| hdbnameserver
used for log and data shipping from a primary site to a secondary site.
System DB port number plus 10,000
| 4``01 | ++| hdbnameserver
unencrypted metadata communication between sites.
System DB port number plus 10,000
| 4``02 | ++| hdbnameserver
used for encrypted metadata communication between sites.
System DB port number plus 10,000
| 4``06 | ++| hdbindexserver
used for first MDC Tenant database schema | 4``03 | ++| hdbxsengine
used for SAP HANA XSC/XSA | 4``07| ++| hdbscriptserver
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000
| 4``40-97 | ++| hdbxsengine
used for log and data shipping from a primary site to a secondary site.
Tenant port number plus 10,000
| 4``40-97 | ++| **_Linux Pacemaker_** | | ++| pcsd
cluster nodes requirement for node-to-node communication | 2224 (TCP)| ++| pacemaker
cluster nodes requirement for Pacemaker Remote service daemon | 3121 (TCP) | ++| corosync
cluster nodes requirement for node-to-node communication | 5404-5412 (UDP) | ++ ++## Execution Flow ++ ++The Ansible Role is sequential: ++- Validate input Ansible Variables ++- Identify host's Infrastructure Platform ++- Generate Linux Pacemaker definition for given Infrastructure Platform and SAP Software ++- Execute `ha_cluster` Ansible Role with Linux Pacemaker definition ++- Instantiate Linux Pacemaker cluster ++ ++## Tips ++ ++Check out the [role variables of the `ha_cluster` Linux System Role](https://github.com/linux-system-roles/ha_cluster/blob/main/README.md) for additional possible settings that can be applied when using the `sap_ha_pacemaker_cluster` role. ++ ++For example:
++Adding `ha_cluster_start_on_boot: false` to disable the automatic start of cluster services on boot. ++ ++## Sample ++ ++Please see a full sample using multiple hosts to create an SAP S/4HANA Distributed deployment in the [/playbooks](../../playbooks/) directory of the Ansible Collection `sap_install`. ++ ++## License ++ ++Apache 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, Janine Fuchs, IBM Lab for SAP Solutions ++ ++ ++ ++--- ++ ++## Role Input Parameters ++ ++Minimum required parameters for all clusters: ++ ++- [sap_ha_pacemaker_cluster_hacluster_user_password](#sap_ha_pacemaker_cluster_hacluster_user_password) ++ ++Additional minimum requirements depend on the type of cluster setup and on the target platform. ++ ++### sap_ha_pacemaker_cluster_aws_access_key_id ++ ++- _Type:_ `string` ++ ++AWS access key to allow control of instances (for example for fencing operations).
++Mandatory for the cluster nodes setup on AWS EC2 instances.
++ ++### sap_ha_pacemaker_cluster_aws_region ++ ++- _Type:_ `string` ++ ++The AWS region in which the instances to be used for the cluster setup are located.
++Mandatory for cluster nodes setup on AWS EC2 instances.
++ ++### sap_ha_pacemaker_cluster_aws_secret_access_key ++ ++- _Type:_ `string` ++ ++AWS secret key, paired with the access key for instance control.
++Mandatory for the cluster setup on AWS EC2 instances.
++ ++### sap_ha_pacemaker_cluster_aws_vip_update_rt ++ ++- _Type:_ `string` ++ ++List one more routing table IDs for managing Virtual IP failover through routing table changes.
++Multiple routing tables must be defined as a comma-separated string (no spaces).
++Mandatory for the VIP resource configuration in AWS EC2 environments.
++ ++### sap_ha_pacemaker_cluster_cluster_name ++ ++- _Type:_ `string` ++ ++The name of the pacemaker cluster.
++Inherits the `ha_cluster` LSR native parameter `ha_cluster_cluster_name` if not defined.
++If not defined, the `ha_cluster` Linux System Role default will be used.
++ ++### sap_ha_pacemaker_cluster_cluster_nodes ++ ++- _Type:_ `list` ++ ++List of cluster nodes and associated attributes to describe the target SAP HA environment.
++This is required for the HANA System Replication configuration.
++Synonym for this parameter is `sap_hana_cluster_nodes`.
++Mandatory to be defined for HANA clusters.
++ ++- **hana_site**
++ Site of the cluster and/or SAP HANA System Replication node (for example 'DC01').
Mandatory for HANA clusters (sudo config for system replication). ++- **node_ip**
++ IP address of the node used for HANA System Replication.
_Optional. Currently not needed/used in cluster configuration._ ++- **node_name**
++ Name of the cluster node, should match the remote systems' hostnames.
_Optional. Currently not needed/used in cluster configuration._ ++- **node_role**
++ Role of the defined `node_name` in the SAP HANA cluster setup.
There must be only **one** primary, but there can be multiple secondary nodes.
_Optional. Currently not needed/used in cluster configuration._ ++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_cluster_nodes: ++- hana_site: DC01 ++ node_ip: 192.168.5.1 ++ node_name: nodeA ++ node_role: primary ++- hana_site: DC02 ++``` ++ ++### sap_ha_pacemaker_cluster_cluster_properties ++ ++- _Type:_ `dict` ++- _Default:_ `{'concurrent-fencing': True, 'stonith-enabled': True, 'stonith-timeout': 900}` ++ ++Standard pacemaker cluster properties are configured with recommended settings for cluster node fencing.
++When no STONITH resource is defined, STONITH will be disabled and a warning displayed.
++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_cluster_properties: ++ concurrent-fencing: true ++ stonith-enabled: true ++ stonith-timeout: 900 ++``` ++ ++### sap_ha_pacemaker_cluster_create_config_dest ++ ++- _Type:_ `string` ++- _Default:_ `review_resource_config.yml` ++ ++The pacemaker cluster resource configuration optionally created by this role will be saved in a Yaml file in the current working directory.
++Requires `sap_ha_pacemaker_cluster_create_config_varfile` to be enabled for generating the output file.
++Specify a path/filename to save the file in a custom location.
++The file can be used as input vars file for an Ansible playbook running the 'ha_cluster' Linux System Role.
++ ++### sap_ha_pacemaker_cluster_create_config_varfile ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++When enabled, all cluster configuration parameters this role constructs for executing the 'ha_cluster' Linux System role will be written into a file in Yaml format.
++This allows using the output file later as input file for additional custom steps using the 'ha_cluster' role and covering the resource configuration in a cluster that was set up using this 'sap_ha_pacemaker_cluster' role.
++When enabled this parameters file is also created when the playbook is run in check_mode (`--check`) and can be used to review the configuration parameters without executing actual changes on the target nodes.
++WARNING! This report may include sensitive details like secrets required for certain cluster resources!
++ ++### sap_ha_pacemaker_cluster_enable_cluster_connector ++ ++- _Type:_ `bool` ++- _Default:_ `True` ++ ++Enables/Disables the SAP HA Interface for SAP ABAP application server instances, also known as `sap_cluster_connector`.
++Set this parameter to 'false' if the SAP HA interface should not be installed and configured.
++ ++### sap_ha_pacemaker_cluster_extra_packages ++ ++- _Type:_ `list` ++ ++Additional extra packages to be installed, for instance specific resource packages.
++For SAP clusters configured by this role, the relevant standard packages for the target scenario are automatically included.
++ ++### sap_ha_pacemaker_cluster_fence_agent_minimal_packages ++ ++- _Type:_ `list` ++- _Default:_ `['fence-agents-all']` ++ ++The minimal set of fence agent packages that will be installed.
++ ++### sap_ha_pacemaker_cluster_fence_agent_packages ++ ++- _Type:_ `list` ++ ++Additional fence agent packages to be installed.
++This is automatically combined with `sap_ha_pacemaker_cluster_fence_agent_minimal_packages`.
++ ++### sap_ha_pacemaker_cluster_gcp_project ++ ++- _Type:_ `string` ++ ++Google Cloud project name in which the target instances are installed.
++Mandatory for the cluster setup on GCP instances.
++ ++### sap_ha_pacemaker_cluster_gcp_region_zone ++ ++- _Type:_ `string` ++ ++Google Cloud Platform region zone ID.
++Mandatory for the cluster setup on GCP instances.
++ ++### sap_ha_pacemaker_cluster_ha_cluster ++ ++- _Type:_ `dict` ++ ++The `ha_cluster` LSR native parameter `ha_cluster` can be used as a synonym.
++Optional _**host_vars**_ parameter - if defined it must be set for each node.
++Dictionary that can contain various node options for the pacemaker cluster configuration.
++Supported options can be reviewed in the `ha_cluster` Linux System Role [https://github.com/linux-system-roles/ha_cluster/blob/master/README.md].
++If not defined, the `ha_cluster` Linux System Role default will be used.
++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_ha_cluster: ++ corosync_addresses: ++ - 192.168.1.10 ++ - 192.168.2.10 ++ node_name: nodeA ++``` ++ ++### sap_ha_pacemaker_cluster_hacluster_user_password required ++ ++- _Type:_ `string` ++ ++The password of the `hacluster` user which is created during pacemaker installation.
++Inherits the value of `ha_cluster_hacluster_password`, when defined.
++ ++### sap_ha_pacemaker_cluster_hana_automated_register ++ ++- _Type:_ `bool` ++- _Default:_ `True` ++ ++Parameter for the 'SAPHana' cluster resource.
++Define if a former primary should be re-registered automatically as secondary.
++ ++### sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout ++ ++- _Type:_ `int` ++- _Default:_ `900` ++ ++Parameter for the 'SAPHana' cluster resource.
++Time difference needed between to primary time stamps, if a dual-primary situation occurs.
++If the time difference is less than the time gap, then the cluster holds one or both instances in a "WAITING" status.
++This is to give an admin a chance to react on a failover. A failed former primary will be registered after the time difference is passed.
++ ++### sap_ha_pacemaker_cluster_hana_instance_nr ++ ++- _Type:_ `string` ++ ++The instance number of the SAP HANA database which this role will configure in the cluster.
++Inherits the value of `sap_hana_instance_number`, when defined.
++Mandatory for SAP HANA cluster setups.
++ ++### sap_ha_pacemaker_cluster_hana_prefer_site_takeover ++ ++- _Type:_ `bool` ++- _Default:_ `True` ++ ++Parameter for the 'SAPHana' cluster resource.
++Set to "false" if the cluster should first attempt to restart the instance on the same node.
++When set to "true" (default) a failover to secondary will be initiated on resource failure.
++ ++### sap_ha_pacemaker_cluster_hana_resource_clone_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPHana__-clone` ++ ++Customize the cluster resource name of the SAP HANA DB resource clone.
++ ++### sap_ha_pacemaker_cluster_hana_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPHana__` ++ ++Customize the cluster resource name of the SAP HANA DB resource.
++ ++### sap_ha_pacemaker_cluster_hana_sid ++ ++- _Type:_ `string` ++ ++The SAP HANA SID of the instance that will be configured in the cluster.
++The SID must follow SAP specifications - see SAP Note 1979280.
++Inherits the value of `sap_hana_sid`, when defined.
++Mandatory for SAP HANA cluster setups.
++ ++### sap_ha_pacemaker_cluster_hana_topology_resource_clone_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPHanaTopology__-clone` ++ ++Customize the cluster resource name of the SAP HANA Topology resource clone.
++ ++### sap_ha_pacemaker_cluster_hana_topology_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPHanaTopology__` ++ ++Customize the cluster resource name of the SAP HANA Topology resource.
++ ++### sap_ha_pacemaker_cluster_host_type ++ ++- _Type:_ `list` ++- _Default:_ `hana_scaleup_perf` ++ ++The SAP landscape to for which the cluster is to be configured.
++The default is a 2-node SAP HANA scale-up cluster.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_api_key ++ ++- _Type:_ `string` ++ ++The API key which is required to allow the control of instances (for example for fencing operations).
++Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type ++ ++- _Type:_ `string` ++ ++IBM Power Virtual Server API Endpoint type (public or private) dependent on network interface attachments for the target instances.
++Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url ++ ++- _Type:_ `string` ++ ++IBM Power Virtual Server forward proxy url when IBM Power Virtual Server API Endpoint type is set to private.
++When public network interface, can be ignored.
++When private network interface, mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn ++ ++- _Type:_ `string` ++ ++IBM Power Virtual Server Workspace service cloud resource name (CRN) identifier which contains the target instances
++Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_ibmcloud_region ++ ++- _Type:_ `string` ++ ++The IBM Cloud VS region name in which the instances are running.
++Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud.
++ ++### sap_ha_pacemaker_cluster_msazure_resource_group ++ ++- _Type:_ `string` ++ ++Resource group name/ID in which the target instances are defined.
++Mandatory for the cluster setup on MS Azure instances.
++ ++### sap_ha_pacemaker_cluster_msazure_subscription_id ++ ++- _Type:_ `string` ++ ++Subscription ID of the MS Azure environment containing the target instances.
++Mandatory for the cluster setup on MS Azure instances.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr ++ ++- _Type:_ `string` ++ ++Instance number of the NetWeaver ABAP AAS instance.
++Mandatory for NetWeaver AAS cluster configuration.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2.
++Set this parameter to 'true' to configure it as ENSA1.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_ABAP_ASCS__` ++ ++Name of the filesystem resource for the ASCS instance.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness ++ ++- _Type:_ `string` ++- _Default:_ `3000` ++ ++NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node it was started on.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr ++ ++- _Type:_ `string` ++ ++Instance number of the NetWeaver ABAP ASCS instance.
++Mandatory for NetWeaver ASCS/ERS cluster configuration.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER".
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout ++ ++- _Type:_ `string` ++- _Default:_ `60` ++ ++NetWeaver ASCS instance failure-timeout attribute.
++Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold ++ ++- _Type:_ `string` ++- _Default:_ `1` ++ ++NetWeaver ASCS instance migration-threshold setting attribute.
++Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name ++ ++- _Type:_ `string` ++ ++The name of the ASCS instance, typically the profile name.
++Mandatory for the NetWeaver ASCS/ERS cluster setup
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPInstance_NWAS_ABAP_ASCS__` ++ ++Name of the ASCS instance resource.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness ++ ++- _Type:_ `string` ++- _Default:_ `5000` ++ ++NetWeaver ASCS instance resource stickiness attribute.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string ++ ++- _Type:_ `string` ++ ++The full path and name of the ASCS instance profile.
++Mandatory for the NetWeaver ASCS/ERS cluster setup.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_ABAP_ERS__` ++ ++Name of the filesystem resource for the ERS instance.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr ++ ++- _Type:_ `string` ++ ++Instance number of the NetWeaver ABAP ERS instance.
++Mandatory for NetWeaver ASCS/ERS cluster configuration.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++NetWeaver ERS instance resource option "AUTOMATIC_RECOVER".
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name ++ ++- _Type:_ `string` ++ ++The name of the ERS instance, typically the profile name.
++Mandatory for the NetWeaver ASCS/ERS cluster setup.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `SAPInstance_NWAS_ABAP_ERS__` ++ ++Name of the ERS instance resource.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string ++ ++- _Type:_ `string` ++ ++The full path and name of the ERS instance profile.
++Mandatory for the NetWeaver ASCS/ERS cluster.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr ++ ++- _Type:_ `string` ++ ++Instance number of the NetWeaver ABAP PAS instance.
++Mandatory for NetWeaver PAS cluster configuration.
++ ++### sap_ha_pacemaker_cluster_nwas_abap_sid ++ ++- _Type:_ `string` ++ ++SID of the NetWeaver instances.
++Mandatory for NetWeaver cluster configuration.
++Uses `sap_swpm_sid` if defined.
++Mandatory for NetWeaver cluster setups.
++ ++### sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_SAPMNT_` ++ ++Filesystem resource name for the shared filesystem /sapmnt.
++Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
++Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
++ ++### sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed ++ ++- _Type:_ `bool` ++- _Default:_ `False` ++ ++Change this parameter to 'true' if the 3 shared filesystems `/usr/sap/trans`, `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources.
++ ++### sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_SYS_` ++ ++Filesystem resource name for the transports filesystem /usr/sap//SYS.
++Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
++Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
++ ++### sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `Filesystem_NWAS_TRANS_` ++ ++Filesystem resource name for the transports filesystem /usr/sap/trans.
++Optional, this is typically managed by the OS, but can as well be added to the cluster configuration.
++Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`.
++ ++### sap_ha_pacemaker_cluster_resource_defaults ++ ++- _Type:_ `dict` ++- _Default:_ `{'migration-threshold': 5000, 'resource-stickiness': 3000}` ++ ++Set default parameters that will be valid for all pacemaker resources.
++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_resource_defaults: ++ migration-threshold: 5000 ++ resource-stickiness: 1000 ++``` ++ ++### sap_ha_pacemaker_cluster_stonith_custom ++ ++- _Type:_ `list` ++ ++Custom list of STONITH resource(s) to be configured in the cluster.
++This definition override any defaults the role would apply otherwise.
++ ++- **agent**
++ Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. ++- **name**
++ Name that will be used as the resource ID (name). ++- **options**
++ The resource options listed in dictionary format, one option per line.
Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail. ++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_stonith_custom: ++- agent: stonith:fence_rhevm ++ name: my-fence-resource ++ options: ++ ip: rhevm-server ++ password: login-user-password ++ pcmk_host_list: node1,node2 ++ power_wait: 3 ++ username: login-user ++``` ++ ++### sap_ha_pacemaker_cluster_storage_definition ++ ++- _Type:_ `list` ++ ++List of filesystem definitions used for filesystem cluster resources.
++Options relevant, see example.
++Mandatory for SAP NetWeaver HA cluster configurations.
++Reuse `sap_storage_setup_definition` if defined.
++Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'.
++Reuse `sap_storage_setup_definition` all options are documented under Ansible Role `sap_storage_setup`.
++Note! For this variable, the argument specification does not list options, to avoid errors during reuse of `sap_storage_setup_definition` if defined.
++ ++Example: ++ ++```yaml ++sap_ha_pacemaker_cluster_storage_definition: ++- mountpoint: /usr/sap ++ name: usr_sap ++ nfs_path: /usr/sap ++ nfs_server: nfs-server.example.com:/ ++- mountpoint: /usr/sap/trans ++ name: usr_sap_trans ++ nfs_path: /usr/sap/trans ++ nfs_server: nfs-server.example.com:/ ++- mountpoint: /sapmnt ++ name: sapmnt ++ nfs_filesystem_type: nfs ++ nfs_mount_options: defaults ++ nfs_path: /sapmnt ++ nfs_server: nfs-server.example.com:/ ++``` ++ ++### sap_ha_pacemaker_cluster_storage_nfs_filesytem_type ++ ++- _Type:_ `string` ++- _Default:_ `nfs` ++ ++Filesystem type of the NFS filesystems that are part of the cluster configuration.
++ ++### sap_ha_pacemaker_cluster_storage_nfs_mount_options ++ ++- _Type:_ `string` ++- _Default:_ `defaults` ++ ++Mount options of the NFS filesystems that are part of the cluster configuration.
++ ++### sap_ha_pacemaker_cluster_storage_nfs_server ++ ++- _Type:_ `string` ++ ++Default address of the NFS server, if not defined individually by filesystem.
++ ++### sap_ha_pacemaker_cluster_system_roles_collection ++ ++- _Type:_ `string` ++- _Default:_ `fedora.linux_system_roles` ++ ++Reference to the Ansible Collection used for the Linux System Roles.
++For community/upstream, use 'fedora.linux_system_roles'.
++For RHEL System Roles for SAP, or Red Hat Automation Hub, use 'redhat.rhel_system_roles'.
++ ++### sap_ha_pacemaker_cluster_vip_client_interface ++ ++- _Type:_ `string` ++ ++OS device name of the network interface to use for the Virtual IP configuration.
++When there is only one interface on the system, its name will be used by default.
++ ++### sap_ha_pacemaker_cluster_vip_hana_primary_ip_address ++ ++- _Type:_ `string` ++ ++The virtual IP of the primary HANA instance.
++Mandatory parameter for HANA clusters.
++ ++### sap_ha_pacemaker_cluster_vip_hana_primary_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip_` ++ ++Customize the name of the resource managing the Virtual IP of the primary HANA instance.
++ ++### sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address ++ ++- _Type:_ `string` ++ ++The virtual IP for read-only access to the secondary HANA instance.
++Optional parameter in HANA clusters.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address ++ ++- _Type:_ `string` ++ ++Virtual IP of the NetWeaver AAS instance.
++Mandatory for NetWeaver AAS cluster setup.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip___aas` ++ ++Name of the SAPInstance resource for NetWeaver AAS.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address ++ ++- _Type:_ `string` ++ ++Virtual IP of the NetWeaver ASCS instance.
++Mandatory for NetWeaver ASCS/ERS cluster setup.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name ++ ++- _Type:_ `string` ++- _Default:_ `_ASCS_group` ++ ++Name of the NetWeaver ASCS resource group.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip___ascs` ++ ++Name of the SAPInstance resource for NetWeaver ASCS.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address ++ ++- _Type:_ `string` ++ ++Virtual IP of the NetWeaver ERS instance.
++Mandatory for NetWeaver ASCS/ERS cluster setup.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name ++ ++- _Type:_ `string` ++- _Default:_ `_ERS_group` ++ ++Name of the NetWeaver ERS resource group.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip___ers` ++ ++Name of the SAPInstance resource for NetWeaver ERS.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address ++ ++- _Type:_ `string` ++ ++Virtual IP of the NetWeaver PAS instance.
++Mandatory for NetWeaver PAS cluster setup.
++ ++### sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip___pas` ++ ++Name of the SAPInstance resource for NetWeaver PAS.
++ ++### sap_ha_pacemaker_cluster_vip_secondary_resource_name ++ ++- _Type:_ `string` ++- _Default:_ `vip_` ++ ++Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance.
++ ++ +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/defaults/main.yml +new file mode 100644 +index 0000000..bce5219 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/defaults/main.yml +@@ -0,0 +1,337 @@ ++--- ++################################################################################ ++# Role generic parameters ++################################################################################ ++ ++# Do NOT USE ANSIBLE FACTS for defaults to be compatible with ++# playbooks that disable generic fact gathering! ++ ++# Set which Ansible Collection to use for the Linux System Roles. ++# For community/upstream, use 'fedora.linux_system_roles' ++# For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles' ++sap_ha_pacemaker_cluster_system_roles_collection: 'redhat.rhel_system_roles' ++ ++# Variables for the cluster setup must be constructed by dedicated tasks! ++# The included 'ha_cluster' role will not work with the role variables set ++# in this role. This SAP HA role takes care of the parameter construction ++# based on the target cluster to be configured, before feeding it into 'ha_cluster'. ++ ++ ++# Optional: write all cluster configuration (including unencrypted credentials!) into a yaml ++# config file. ++# Useful for parameter review or reuse with the 'ha_cluster' LSR. ++sap_ha_pacemaker_cluster_create_config_varfile: false ++sap_ha_pacemaker_cluster_create_config_dest: "review_resource_config.yml" ++ ++# Inherit SAP common (global synonyms) parameters when defined. ++ ++# This variable is currently only required for HANA nodes to define ++# - hana_site: ++# Other options are needed in the separate HSR setup role. ++sap_ha_pacemaker_cluster_cluster_nodes: "{{ sap_hana_cluster_nodes | default([]) }}" ++ ++# Make sure that there is always the minimal default fed into the included role. ++# This is combined with the custom list 'sap_ha_pacemaker_cluster_fence_agent_packages'. ++sap_ha_pacemaker_cluster_fence_agent_minimal_packages: ++ - fence-agents-all ++ ++# Resource defaults are defined differently by cluster type in different tasks, if not custom defined. ++# TODO: migrate to 'ha_cluster' native parameter combination when moving the function to be included in the role ++# (newer feature in the LSR) ++sap_ha_pacemaker_cluster_resource_defaults: {} ++ ++# The type of SAP landscape and multi-node replication ++# TODO: Type definitions and feature support ++# TODO: Implement all types ++# hana_scaleup_costopt (not yet) ++# hana_scaleup_perf (available, default) ++# hana_scaleup_per_dr (not yet) ++# hana_scaleout (not yet) ++# nwas_abap_ascs_ers (available) ++# nwas_abap_pas_aas (not yet) ++# nwas_java_scs_ers (maybe) ++ ++# 'sap_ha_pacemaker_cluster_host_type' is converted from string to list type in ++# 'tasks/ascertain_sap_landscape.yml'. ++# TODO: review with testers, updated arg specs now require it to be a list from the start ++sap_ha_pacemaker_cluster_host_type: "{{ sap_host_type | default(['hana_scaleup_perf']) }}" ++ ++### VIP resource default patterns ++sap_ha_pacemaker_cluster_vip_client_interface: '' ++ ++## A custom stonith definition that takes precedence over platform defaults. ++# sap_ha_pacemaker_cluster_stonith_custom: ++# - name: "" ++# agent: "stonith:" ++# options: ++# pcmk_host_list: "" ++ ++# sap_ha_pacemaker_cluster_stonith_custom: [] ++ ++# Simpler definition format here which gets transformed into the 'ha_cluster' LSR native ++# 'ha_cluster_cluster_properties' parameter. ++sap_ha_pacemaker_cluster_cluster_properties: ++ stonith-enabled: true ++ stonith-timeout: 900 ++ concurrent-fencing: true ++ ++### Constraints: ++# score is dynamic and automatically increased for groups ++sap_ha_pacemaker_cluster_constraint_colo_base_score: 2000 ++ ++################################################################################ ++# Inherit from 'ha_cluster' Linux System Role parameters when defined ++################################################################################ ++ ++# Optional without a default. The 'ha_cluster' LSR defaults will apply when not defined. ++# sap_ha_pacemaker_cluster_ha_cluster: ++# sap_ha_pacemaker_cluster_cluster_name: ++ ++# Optional. Set a default here and not in the code. ++sap_ha_pacemaker_cluster_extra_packages: [] ++ ++# Optional: additional fence agent packages. This is combined with the above "minimal" list. ++sap_ha_pacemaker_cluster_fence_agent_packages: [] ++ ++# Mandatory. ++# Either inherit from the 'ha_cluster' LSR variable when defined, but do not set a default. ++# This fails the argument validation when none of the 2 vars are defined. ++sap_ha_pacemaker_cluster_hacluster_user_password: "{{ ha_cluster_hacluster_password }}" ++ ++ ++################################################################################ ++# HANA ++################################################################################ ++ ++sap_ha_pacemaker_cluster_hana_sid: "{{ sap_hana_sid | default('') }}" ++# Keeping 'sap_ha_pacemaker_cluster_hana_instance_number' for the time being for backwards compatibility. ++sap_ha_pacemaker_cluster_hana_instance_nr: >- ++ {{ sap_ha_pacemaker_cluster_hana_instance_number ++ | default(sap_hana_instance_number) | default('') }} ++ ++# Optional parameters to customize SAPHana resources ++# AUTOMATED_REGISTER ++sap_ha_pacemaker_cluster_hana_automated_register: true ++# DUPLICATE_PRIMARY_TIMEOUT ++sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout: 900 ++# PREFER_SITE_TAKEOVER ++sap_ha_pacemaker_cluster_hana_prefer_site_takeover: true ++ ++# SAP HANA - Resource IDs (names) as convenience parameters. ++sap_ha_pacemaker_cluster_hana_resource_name: >- ++ SAPHana_{{ sap_ha_pacemaker_cluster_hana_sid }}_{{ sap_ha_pacemaker_cluster_hana_instance_nr }} ++sap_ha_pacemaker_cluster_hana_resource_clone_name: >- ++ {{ sap_ha_pacemaker_cluster_hana_resource_name }}-clone ++sap_ha_pacemaker_cluster_hana_topology_resource_name: >- ++ SAPHanaTopology_{{ sap_ha_pacemaker_cluster_hana_sid }}_{{ sap_ha_pacemaker_cluster_hana_instance_nr }} ++sap_ha_pacemaker_cluster_hana_topology_resource_clone_name: >- ++ {{ sap_ha_pacemaker_cluster_hana_topology_resource_name }}-clone ++ ++ ++# Multiple VIP parameters can be defined and will be combined. ++# See tasks/include_construct_vip_resources.yml ++# ++# Mandatory: primary VIP address definition in HANA scale-up clusters ++sap_ha_pacemaker_cluster_vip_hana_primary_ip_address: '' ++sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: >- ++ vip_{{ sap_ha_pacemaker_cluster_hana_sid }}_{{ sap_ha_pacemaker_cluster_hana_instance_nr }}_primary ++sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address: '' ++sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name: >- ++ vip_{{ sap_ha_pacemaker_cluster_hana_sid }}_{{ sap_ha_pacemaker_cluster_hana_instance_nr }}_readonly ++ ++sap_ha_pacemaker_cluster_healthcheck_hana_primary_id: "{{ sap_ha_pacemaker_cluster_hana_sid + 'prim' }}" ++sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id: "{{ sap_ha_pacemaker_cluster_hana_sid + 'ro' }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid + 'ascs' }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid + 'ers' }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid + 'pas' }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid + 'aas' }}" ++ ++ ++################################################################################ ++# NetWeaver generic definitions ++################################################################################ ++ ++# Default will be ENSA2. To configure HA resources for ENSA1, ++# set this parameter to 'true'. ++sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1: false ++ ++# Enable/Disable sap_cluster_connector. ++# Ref.: https://access.redhat.com/solutions/3606101 ++sap_ha_pacemaker_cluster_enable_cluster_connector: true ++ ++# Inherit common synonym NetWeaver parameters when defined. ++sap_ha_pacemaker_cluster_nwas_abap_sid: "{{ sap_swpm_sid | default('') }}" ++sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr: "{{ sap_swpm_ascs_instance_nr | default('') }}" ++sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr: "{{ sap_swpm_ers_instance_nr | default('') }}" ++sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr: "{{ sap_swpm_pas_instance_nr | default('') }}" ++sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr: "{{ sap_swpm_aas_instance_nr | default('') }}" ++# Prepare in case JAVA SCS/ERS will be included later. ++# sap_ha_pacemaker_cluster_nwas_java_scs_instance_nr: "{{ sap_swpm_java_scs_instance_nr | default('') }}" ++# sap_ha_pacemaker_cluster_nwas_java_ers_instance_nr: "{{ sap_swpm_java_ers_instance_nr | default('') }}" ++ ++# Definitions for filesystems resources. Currently limited to NFS filesystems. ++sap_ha_pacemaker_cluster_storage_definition: "{{ sap_storage_setup_definition | default([]) }}" ++sap_ha_pacemaker_cluster_storage_nfs_filesytem_type: nfs ++sap_ha_pacemaker_cluster_storage_nfs_mount_options: 'defaults' ++sap_ha_pacemaker_cluster_storage_nfs_server: "{{ sap_storage_nfs_server | default('') }}" ++ ++# NFS filesystem resource requirement ++# Not adding to argument_specs because this should not be changed anyway. ++# TODO: review later and move to internal vars in vars/main.yml? ++sap_ha_pacemaker_cluster_resource_filesystem_force_unmount: safe ++ ++ ++# Multiple VIP parameters can be defined and will be combined. ++# See tasks/include_construct_vip_resources.yml ++sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address: '' ++sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name: >- ++ vip_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}_ascs ++sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address: '' ++sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name: >- ++ vip_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}_ers ++sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address: '' ++sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: >- ++ vip_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}_pas ++sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address: '' ++sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: >- ++ vip_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}_aas ++ ++ ++# SAP NetWeaver common - Resource IDs (names) as convenience parameters ++# for the following filesystems: ++# - /sapmnt ++# - /usr/sap/trans ++# - /usr/sap/<>/SYS ++sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name: >- ++ Filesystem_NWAS_SAPMNT_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }} ++sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name: >- ++ Filesystem_NWAS_TRANS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }} ++sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name: >- ++ Filesystem_NWAS_SYS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }} ++ ++# The shared filesystems are not required to be configured in the cluster. ++# By default it is assumed that they are mounted by the system and available on all cluster nodes. ++# Set this parameter to "true" to configure the 3 shared filesystems as part of the cluster. ++sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed: false ++ ++# SAP NetWeaver resource group names as convenience parameters ++sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name: >- ++ {{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}_group ++sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name: >- ++ {{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}_group ++ ++################################################################################ ++# ASCS resource defaults ++################################################################################ ++ ++# Name of the instance profile - mandatory to be user-defined ++sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name: '' ++# Full path with instance profile name - mandatory to be user-defined ++sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string: '' ++ ++# SAP NetWeaver ABAP ASCS/ERS - Resource IDs (names) as convenience parameters. ++# - /usr/sap/<>/ASCS<> ++# - /usr/sap/<>/ERS<> ++ ++sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name: >- ++ Filesystem_NWAS_ABAP_ASCS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} ++sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name: >- ++ SAPInstance_NWAS_ABAP_ASCS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} ++# sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_clone_name: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}-clone" ++sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool: false ++sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness: 5000 ++sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold: 1 ++sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout: 60 ++ ++# Stickiness of the ASCS group ++sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness: 3000 ++ ++################################################################################ ++# ERS resource defaults ++################################################################################ ++ ++# Name of the instance profile - mandatory to be user-defined ++sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name: '' ++ ++# Full path with instance profile name - mandatory to be user-defined ++sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string: '' ++ ++sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name: >- ++ Filesystem_NWAS_ABAP_ERS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} ++sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name: >- ++ SAPInstance_NWAS_ABAP_ERS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} ++# sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_clone_name: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name }}-clone" ++sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool: false ++ ++ ++################################################################################ ++# PAS/AAS resource defaults ++################################################################################ ++# SAP NetWeaver ABAP PAS/AAS - Resource IDs (names) as convenience parameters. ++# - /usr/sap/<>/D<> ++# sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_resource_name: > ++# "Filesystem_NWAS_ABAP_PAS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" ++# sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_resource_name: > ++# "SAPInstance_NWAS_ABAP_PAS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" ++# sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_resource_name: > ++# "Filesystem_NWAS_ABAP_AAS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" ++# sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_resource_name: > ++# "SAPInstance_NWAS_ABAP_AAS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" ++ ++################################################################################ ++# JAVA SCS/ERS resource defaults ++################################################################################ ++# SAP NetWeaver JAVA SCS/ERS - Resource IDs (names) as convenience parameters. ++# - /usr/sap/<>/SCS<> ++# - /usr/sap/<>/ERS<> ++# sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_resource_name: > ++# "Filesytem_NWAS_JAVA_SCS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_java_scs_instance_nr }}" ++# sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_name: > ++# "SAPInstance_NWAS_JAVA_SCS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_java_scs_instance_nr }}" ++# sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_clone_name: > ++# "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}-clone" ++# sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_resource_name: > ++# "Filesytem_NWAS_JAVA_ERS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_java_ers_instance_nr }}" ++# sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_name: > ++# "SAPInstance_NWAS_JAVA_ERS_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ sap_ha_pacemaker_cluster_nwas_java_ers_instance_nr }}" ++# sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_clone_name: > ++# "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name }}-clone" ++ ++ ++################################################################################ ++# Platform specific ++################################################################################ ++ ++## Infrastructure Platform variables, shown here for visibility only and should not be given default values ++ ++## AWS platform, EC2 Virtual Servers ++# sap_ha_pacemaker_cluster_aws_vip_update_rt ++# sap_ha_pacemaker_cluster_aws_access_key_id ++# sap_ha_pacemaker_cluster_aws_secret_access_key ++# sap_ha_pacemaker_cluster_aws_region ++ ++## Google Cloud platform, Compute Engine Virtual Machines ++# sap_ha_pacemaker_cluster_gcp_project ++# sap_ha_pacemaker_cluster_gcp_region_zone ++ ++## IBM Cloud platform, Virtual Servers (x86_64) ++# sap_ha_pacemaker_cluster_ibmcloud_api_key ++# sap_ha_pacemaker_cluster_ibmcloud_region ++ ++## IBM Cloud platform, IBM Power Virtual Servers (ppc64le) ++# sap_ha_pacemaker_cluster_ibmcloud_api_key ++# sap_ha_pacemaker_cluster_ibmcloud_region ++# sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn ++# sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type ++# sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url ++ ++## IBM PowerVM hypervisor, Virtual Machines (LPAR, ppc64le) ++# sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host ++# sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_port # default, SSH Port 22 ++# sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_login ++# sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_login_password ++# sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_version ++ ++## MS Azure platform, Virtual Machines ++# sap_ha_pacemaker_cluster_msazure_subscription_id ++# sap_ha_pacemaker_cluster_msazure_resource_group +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/handlers/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/handlers/main.yml +new file mode 100644 +index 0000000..7abbf7f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/handlers/main.yml +@@ -0,0 +1,5 @@ ++--- ++- name: "Reload systemd daemon" ++ ansible.builtin.systemd_service: ++ daemon_reload: true ++ listen: "systemd daemon-reload" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml +new file mode 100644 +index 0000000..dfb45db +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml +@@ -0,0 +1,675 @@ ++--- ++# Requires: ansible 2.11 ++# Argument specifications in this separate file maintain backwards compatibility. ++argument_specs: ++ ++# TODO: make 'ha_cluster' role variables the primary names ++# For required variables using aliases do not work and fail the argument validation. ++ ++ main: ++ short_description: SAP HA automated cluster setup requirements ++ options: ++ ++# Take this template and copy it to the desired place. ++# Add content and remove placeholders that are not needed. ++# Ideally sort by key (variable name) alphabetically. ++# ++# sap_ha_pacemaker_cluster_ ++# default: ++# description: ++# - ++# example: ++# ++# required: false ++# type: ++# options: # additional options for lists and dicts ++# : ++# description: ++# ... ++ ++ ######################################################################### ++ # SAP HA role generic parameters ++ ######################################################################### ++ sap_ha_pacemaker_cluster_system_roles_collection: ++ default: fedora.linux_system_roles ++ description: ++ - Reference to the Ansible Collection used for the Linux System Roles. ++ - For community/upstream, use 'fedora.linux_system_roles'. ++ - For RHEL System Roles for SAP, or Red Hat Automation Hub, use 'redhat.rhel_system_roles'. ++ ++ sap_ha_pacemaker_cluster_create_config_dest: ++ default: review_resource_config.yml ++ description: ++ - The pacemaker cluster resource configuration optionally created by this role will be saved in a Yaml file in the current working directory. ++ - Requires `sap_ha_pacemaker_cluster_create_config_varfile` to be enabled for generating the output file. ++ - Specify a path/filename to save the file in a custom location. ++ - The file can be used as input vars file for an Ansible playbook running the 'ha_cluster' Linux System Role. ++ ++ sap_ha_pacemaker_cluster_create_config_varfile: ++ type: bool ++ default: false ++ description: ++ - When enabled, all cluster configuration parameters this role constructs for executing the 'ha_cluster' Linux System role will be written into a file in Yaml format. ++ - This allows using the output file later as input file for additional custom steps using the 'ha_cluster' role and covering the resource configuration in a cluster that was set up using this 'sap_ha_pacemaker_cluster' role. ++ - When enabled this parameters file is also created when the playbook is run in check_mode (`--check`) and can be used to review the configuration parameters without executing actual changes on the target nodes. ++ - WARNING! This report may include sensitive details like secrets required for certain cluster resources! ++ ++ sap_ha_pacemaker_cluster_cluster_nodes: ++ type: list ++ description: ++ - List of cluster nodes and associated attributes to describe the target SAP HA environment. ++ - This is required for the HANA System Replication configuration. ++ - Synonym for this parameter is `sap_hana_cluster_nodes`. ++ - Mandatory to be defined for HANA clusters. ++ elements: dict ++ options: ++ node_ip: ++ description: ++ - IP address of the node used for HANA System Replication. ++ - _Optional. Currently not needed/used in cluster configuration._ ++ node_name: ++ description: ++ - Name of the cluster node, should match the remote systems' hostnames. ++ - _Optional. Currently not needed/used in cluster configuration._ ++ node_role: ++ choices: ++ - primary ++ - secondary ++ description: ++ - Role of the defined `node_name` in the SAP HANA cluster setup. ++ - There must be only **one** primary, but there can be multiple secondary nodes. ++ - _Optional. Currently not needed/used in cluster configuration._ ++ hana_site: ++ description: ++ - Site of the cluster and/or SAP HANA System Replication node (for example 'DC01'). ++ - Mandatory for HANA clusters (sudo config for system replication). ++ ++ example: ++ sap_ha_pacemaker_cluster_cluster_nodes: ++ - hana_site: DC01 ++ node_name: nodeA ++ node_role: primary ++ node_ip: 192.168.5.1 ++ - hana_site: DC02 ++ ++ sap_ha_pacemaker_cluster_fence_agent_minimal_packages: ++ type: list ++ default: ['fence-agents-all'] ++ description: ++ - The minimal set of fence agent packages that will be installed. ++ ++ sap_ha_pacemaker_cluster_resource_defaults: ++ type: dict ++ default: ++ resource-stickiness: 3000 ++ migration-threshold: 5000 ++ description: ++ - Set default parameters that will be valid for all pacemaker resources. ++ example: ++ sap_ha_pacemaker_cluster_resource_defaults: ++ resource-stickiness: 1000 ++ migration-threshold: 5000 ++ ++ sap_ha_pacemaker_cluster_host_type: ++ type: list ++ choices: ++# - hana_scaleup_costopt ++ - hana_scaleup_perf ++# - hana_scaleup_perf_dr ++# - hana_scaleout ++ - nwas_abap_ascs_ers ++# - nwas_abap_pas_aas ++# - nwas_java_scs_ers ++ default: hana_scaleup_perf ++ description: ++ - The SAP landscape to for which the cluster is to be configured. ++ - The default is a 2-node SAP HANA scale-up cluster. ++ ++# sap_ha_pacemaker_cluster_replication_type: ++# choices: ++# - mtr ++# - none ++# default: none ++# description: ++# - The type of SAP HANA site replication across multiple hosts. ++# - _Not yet supported_ ++ ++ sap_ha_pacemaker_cluster_vip_client_interface: ++ description: ++ - OS device name of the network interface to use for the Virtual IP configuration. ++ - When there is only one interface on the system, its name will be used by default. ++ ++ sap_ha_pacemaker_cluster_stonith_custom: ++ type: list ++ description: ++ - Custom list of STONITH resource(s) to be configured in the cluster. ++ - This definition override any defaults the role would apply otherwise. ++ elements: dict ++ options: ++ name: ++ description: ++ - Name that will be used as the resource ID (name). ++ required: true ++ agent: ++ description: ++ - Resource agent name, must contain the prefix "stonith:" to avoid mismatches or failures. ++ required: true ++ options: ++ description: ++ - The resource options listed in dictionary format, one option per line. ++ - Requires the mandatory options for the particular stonith resource agent to be defined, otherwise the setup will fail. ++ required: true ++ ++ example: ++ sap_ha_pacemaker_cluster_stonith_custom: ++ - name: "my-fence-resource" ++ agent: "stonith:fence_rhevm" ++ options: ++ ip: rhevm-server ++ username: login-user ++ password: login-user-password ++ pcmk_host_list: node1,node2 ++ power_wait: 3 ++ ++ sap_ha_pacemaker_cluster_cluster_properties: ++ type: dict ++ default: ++ stonith-enabled: true ++ stonith-timeout: 900 ++ concurrent-fencing: true ++ description: ++ - Standard pacemaker cluster properties are configured with recommended settings for cluster node fencing. ++ - When no STONITH resource is defined, STONITH will be disabled and a warning displayed. ++ ++ example: ++ sap_ha_pacemaker_cluster_cluster_properties: ++ stonith-enabled: true ++ stonith-timeout: 900 ++ concurrent-fencing: true ++ ++ ++ ########################################################################## ++ # Parameters that are optionally imported from 'ha_cluster' LSR parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_ha_cluster: ++ type: dict ++ description: ++ - The `ha_cluster` LSR native parameter `ha_cluster` can be used as a synonym. ++ - Optional _**host_vars**_ parameter - if defined it must be set for each node. ++ - Dictionary that can contain various node options for the pacemaker cluster configuration. ++ - Supported options can be reviewed in the `ha_cluster` Linux System Role [https://github.com/linux-system-roles/ha_cluster/blob/master/README.md]. ++ - If not defined, the `ha_cluster` Linux System Role default will be used. ++ ++ example: ++ sap_ha_pacemaker_cluster_ha_cluster: ++ corosync_addresses: ++ - 192.168.1.10 ++ - 192.168.2.10 ++ node_name: nodeA ++ ++ ++ sap_ha_pacemaker_cluster_cluster_name: ++ description: ++ - The name of the pacemaker cluster. ++ - Inherits the `ha_cluster` LSR native parameter `ha_cluster_cluster_name` if not defined. ++ - If not defined, the `ha_cluster` Linux System Role default will be used. ++ ++ sap_ha_pacemaker_cluster_extra_packages: ++ type: list ++ description: ++ - Additional extra packages to be installed, for instance specific resource packages. ++ - For SAP clusters configured by this role, the relevant standard packages for the target scenario are automatically included. ++ ++ sap_ha_pacemaker_cluster_fence_agent_packages: ++ type: list ++ description: ++ - Additional fence agent packages to be installed. ++ - This is automatically combined with `sap_ha_pacemaker_cluster_fence_agent_minimal_packages`. ++ ++ sap_ha_pacemaker_cluster_hacluster_user_password: ++ description: ++ - The password of the `hacluster` user which is created during pacemaker installation. ++ - Inherits the value of `ha_cluster_hacluster_password`, when defined. ++ no_log: true ++ required: true ++ ++ ++ ########################################################################## ++ # HANA specific parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_hana_sid: ++ description: ++ - The SAP HANA SID of the instance that will be configured in the cluster. ++ - The SID must follow SAP specifications - see SAP Note 1979280. ++ - Inherits the value of `sap_hana_sid`, when defined. ++ - Mandatory for SAP HANA cluster setups. ++ ++ sap_ha_pacemaker_cluster_hana_instance_nr: ++ description: ++ - The instance number of the SAP HANA database which this role will configure in the cluster. ++ - Inherits the value of `sap_hana_instance_number`, when defined. ++ - Mandatory for SAP HANA cluster setups. ++ ++ sap_ha_pacemaker_cluster_hana_automated_register: ++ type: bool ++ default: true ++ description: ++ - Parameter for the 'SAPHana' cluster resource. ++ - Define if a former primary should be re-registered automatically as secondary. ++ ++ sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout: ++ type: int ++ default: 900 ++ description: ++ - Parameter for the 'SAPHana' cluster resource. ++ - Time difference needed between to primary time stamps, if a dual-primary situation occurs. ++ - If the time difference is less than the time gap, then the cluster holds one or both instances in a "WAITING" status. ++ - This is to give an admin a chance to react on a failover. A failed former primary will be registered after the time difference is passed. ++ ++ sap_ha_pacemaker_cluster_hana_prefer_site_takeover: ++ type: bool ++ choices: ++ - true ++ - false ++ default: true ++ description: ++ - Parameter for the 'SAPHana' cluster resource. ++ - Set to "false" if the cluster should first attempt to restart the instance on the same node. ++ - When set to "true" (default) a failover to secondary will be initiated on resource failure. ++ ++ sap_ha_pacemaker_cluster_hana_resource_name: ++ default: "SAPHana__" ++ description: ++ - Customize the cluster resource name of the SAP HANA DB resource. ++ ++ sap_ha_pacemaker_cluster_hana_resource_clone_name: ++ default: "SAPHana__-clone" ++ description: ++ - Customize the cluster resource name of the SAP HANA DB resource clone. ++ ++ sap_ha_pacemaker_cluster_hana_topology_resource_name: ++ default: "SAPHanaTopology__" ++ description: ++ - Customize the cluster resource name of the SAP HANA Topology resource. ++ ++ sap_ha_pacemaker_cluster_hana_topology_resource_clone_name: ++ default: "SAPHanaTopology__-clone" ++ description: ++ - Customize the cluster resource name of the SAP HANA Topology resource clone. ++ ++ sap_ha_pacemaker_cluster_vip_hana_primary_ip_address: ++ description: ++ - The virtual IP of the primary HANA instance. ++ - Mandatory parameter for HANA clusters. ++ ++ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: ++ default: "vip_" ++ description: ++ - Customize the name of the resource managing the Virtual IP of the primary HANA instance. ++ ++ sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address: ++ description: ++ - The virtual IP for read-only access to the secondary HANA instance. ++ - Optional parameter in HANA clusters. ++ ++ sap_ha_pacemaker_cluster_vip_secondary_resource_name: ++ default: "vip_" ++ description: ++ - Customize the name of the resource managing the Virtual IP of read-only access to the secondary HANA instance. ++ ++ ++ ########################################################################## ++ # NetWeaver specific parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1: ++ type: bool ++ default: false ++ description: ++ - The standard NetWeaver ASCS/ERS cluster will be set up as ENSA2. ++ - Set this parameter to 'true' to configure it as ENSA1. ++ ++ sap_ha_pacemaker_cluster_enable_cluster_connector: ++ type: bool ++ default: true ++ description: ++ - Enables/Disables the SAP HA Interface for SAP ABAP application server instances, also known as `sap_cluster_connector`. ++ - Set this parameter to 'false' if the SAP HA interface should not be installed and configured. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_sid: ++ description: ++ - SID of the NetWeaver instances. ++ - Mandatory for NetWeaver cluster configuration. ++ - Uses `sap_swpm_sid` if defined. ++ - Mandatory for NetWeaver cluster setups. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr: ++ description: ++ - Instance number of the NetWeaver ABAP ASCS instance. ++ - Mandatory for NetWeaver ASCS/ERS cluster configuration. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr: ++ description: ++ - Instance number of the NetWeaver ABAP ERS instance. ++ - Mandatory for NetWeaver ASCS/ERS cluster configuration. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr: ++ description: ++ - Instance number of the NetWeaver ABAP PAS instance. ++ - Mandatory for NetWeaver PAS cluster configuration. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr: ++ description: ++ - Instance number of the NetWeaver ABAP AAS instance. ++ - Mandatory for NetWeaver AAS cluster configuration. ++ ++ sap_ha_pacemaker_cluster_storage_definition: ++ type: list ++ description: ++ - List of filesystem definitions used for filesystem cluster resources. ++ - Options relevant, see example. ++ - Mandatory for SAP NetWeaver HA cluster configurations. ++ - Reuse `sap_storage_setup_definition` if defined. ++ - Reuse `sap_storage_setup_definition` will extract values 'mountpoint', 'nfs_filesystem_type', 'nfs_mount_options', 'nfs_path', 'nfs_server'. ++ - Reuse `sap_storage_setup_definition` all options are documented under Ansible Role `sap_storage_setup`. ++ - Note! For this variable, the argument specification does not list options, to avoid errors during reuse of `sap_storage_setup_definition` if defined. ++ elements: dict ++ ++ example: ++ sap_ha_pacemaker_cluster_storage_definition: ++ - name: usr_sap ++ mountpoint: /usr/sap ++ nfs_path: /usr/sap ++ nfs_server: "nfs-server.example.com:/" ++ - name: usr_sap_trans ++ mountpoint: /usr/sap/trans ++ nfs_path: /usr/sap/trans ++ nfs_server: "nfs-server.example.com:/" ++ - name: sapmnt ++ mountpoint: /sapmnt ++ nfs_filesystem_type: nfs ++ nfs_mount_options: defaults ++ nfs_path: /sapmnt ++ nfs_server: "nfs-server.example.com:/" ++ ++ ++ sap_ha_pacemaker_cluster_storage_nfs_filesytem_type: ++ default: nfs ++ description: ++ - Filesystem type of the NFS filesystems that are part of the cluster configuration. ++ ++ sap_ha_pacemaker_cluster_storage_nfs_mount_options: ++ default: defaults ++ description: ++ - Mount options of the NFS filesystems that are part of the cluster configuration. ++ ++ sap_ha_pacemaker_cluster_storage_nfs_server: ++ description: ++ - Default address of the NFS server, if not defined individually by filesystem. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address: ++ description: ++ - Virtual IP of the NetWeaver ASCS instance. ++ - Mandatory for NetWeaver ASCS/ERS cluster setup. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name: ++ default: vip___ascs ++ description: ++ - Name of the SAPInstance resource for NetWeaver ASCS. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address: ++ description: ++ - Virtual IP of the NetWeaver ERS instance. ++ - Mandatory for NetWeaver ASCS/ERS cluster setup. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name: ++ default: vip___ers ++ description: ++ - Name of the SAPInstance resource for NetWeaver ERS. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address: ++ description: ++ - Virtual IP of the NetWeaver PAS instance. ++ - Mandatory for NetWeaver PAS cluster setup. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: ++ default: vip___pas ++ description: ++ - Name of the SAPInstance resource for NetWeaver PAS. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address: ++ description: ++ - Virtual IP of the NetWeaver AAS instance. ++ - Mandatory for NetWeaver AAS cluster setup. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: ++ default: vip___aas ++ description: ++ - Name of the SAPInstance resource for NetWeaver AAS. ++ ++ sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name: ++ default: Filesystem_NWAS_SAPMNT_ ++ description: ++ - Filesystem resource name for the shared filesystem /sapmnt. ++ - Optional, this is typically managed by the OS, but can as well be added to the cluster configuration. ++ - Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`. ++ ++ sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name: ++ default: Filesystem_NWAS_TRANS_ ++ description: ++ - Filesystem resource name for the transports filesystem /usr/sap/trans. ++ - Optional, this is typically managed by the OS, but can as well be added to the cluster configuration. ++ - Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`. ++ ++ sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name: ++ default: Filesystem_NWAS_SYS_ ++ description: ++ - Filesystem resource name for the transports filesystem /usr/sap//SYS. ++ - Optional, this is typically managed by the OS, but can as well be added to the cluster configuration. ++ - Enable this resource setup using `sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed`. ++ ++ sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed: ++ type: bool ++ default: false ++ description: ++ - Change this parameter to 'true' if the 3 shared filesystems `/usr/sap/trans`, `/usr/sap//SYS` and '/sapmnt' shall be configured as cloned cluster resources. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name: ++ default: _ASCS_group ++ description: ++ - Name of the NetWeaver ASCS resource group. ++ ++ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name: ++ default: _ERS_group ++ description: ++ - Name of the NetWeaver ERS resource group. ++ ++ ########################################################################## ++ # NetWeaver ASCS specific parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name: ++ description: ++ - The name of the ASCS instance, typically the profile name. ++ - Mandatory for the NetWeaver ASCS/ERS cluster setup ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string: ++ description: ++ - The full path and name of the ASCS instance profile. ++ - Mandatory for the NetWeaver ASCS/ERS cluster setup. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name: ++ default: Filesystem_NWAS_ABAP_ASCS__ ++ description: ++ - Name of the filesystem resource for the ASCS instance. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name: ++ default: SAPInstance_NWAS_ABAP_ASCS__ ++ description: ++ - Name of the ASCS instance resource. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool: ++ type: bool ++ default: false ++ description: ++ - NetWeaver ASCS instance resource option "AUTOMATIC_RECOVER". ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness: ++ default: 5000 ++ description: ++ - NetWeaver ASCS instance resource stickiness attribute. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold: ++ default: 1 ++ description: ++ - NetWeaver ASCS instance migration-threshold setting attribute. ++ - Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout: ++ default: 60 ++ description: ++ - NetWeaver ASCS instance failure-timeout attribute. ++ - Only used for ENSA1 setups (see `sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1`). Default setup is ENSA2. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness: ++ default: 3000 ++ description: ++ - NetWeaver ASCS resource group stickiness to prefer the ASCS group to stay on the node it was started on. ++ ++ ++ ########################################################################## ++ # NetWeaver ERS specific parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name: ++ description: ++ - The name of the ERS instance, typically the profile name. ++ - Mandatory for the NetWeaver ASCS/ERS cluster setup. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string: ++ description: ++ - The full path and name of the ERS instance profile. ++ - Mandatory for the NetWeaver ASCS/ERS cluster. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool: ++ type: bool ++ default: false ++ description: ++ - NetWeaver ERS instance resource option "AUTOMATIC_RECOVER". ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name: ++ default: Filesystem_NWAS_ABAP_ERS__ ++ description: ++ - Name of the filesystem resource for the ERS instance. ++ ++ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name: ++ default: SAPInstance_NWAS_ABAP_ERS__ ++ description: ++ - Name of the ERS instance resource. ++ ++ ++ ########################################################################## ++ # PAS specific parameters ++ ########################################################################## ++ ++ # TODO: implement PAS cluster setup ++ ++ ########################################################################## ++ # PAS specific parameters ++ ########################################################################## ++ ++ # TODO: implement AAS cluster setup ++ ++ ++ ########################################################################## ++ # Platforms: AWS specific parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_aws_vip_update_rt: ++ description: ++ - List one more routing table IDs for managing Virtual IP failover through routing table changes. ++ - Multiple routing tables must be defined as a comma-separated string (no spaces). ++ - Mandatory for the VIP resource configuration in AWS EC2 environments. ++ ++ sap_ha_pacemaker_cluster_aws_region: ++ description: ++ - The AWS region in which the instances to be used for the cluster setup are located. ++ - Mandatory for cluster nodes setup on AWS EC2 instances. ++ ++ sap_ha_pacemaker_cluster_aws_access_key_id: ++ description: ++ - AWS access key to allow control of instances (for example for fencing operations). ++ - Mandatory for the cluster nodes setup on AWS EC2 instances. ++ ++ sap_ha_pacemaker_cluster_aws_secret_access_key: ++ description: ++ - AWS secret key, paired with the access key for instance control. ++ - Mandatory for the cluster setup on AWS EC2 instances. ++ ++ ++ ########################################################################## ++ # Platforms: GCP specific parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_gcp_project: ++ description: ++ - Google Cloud project name in which the target instances are installed. ++ - Mandatory for the cluster setup on GCP instances. ++ ++ sap_ha_pacemaker_cluster_gcp_region_zone: ++ description: ++ - Google Cloud Platform region zone ID. ++ - Mandatory for the cluster setup on GCP instances. ++ ++ ++ ########################################################################## ++ # Platforms: IBM Cloud specific parameters - VS and Power VS common ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_ibmcloud_api_key: ++ description: ++ - The API key which is required to allow the control of instances (for example for fencing operations). ++ - Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud. ++ ++ sap_ha_pacemaker_cluster_ibmcloud_region: ++ description: ++ - The IBM Cloud VS region name in which the instances are running. ++ - Mandatory for the cluster setup on IBM Cloud Virtual Server instances or IBM Power Virtual Server on IBM Cloud. ++ ++ ++ ########################################################################## ++ # Platforms: IBM Power VS on IBM Cloud specific parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn: ++ description: ++ - IBM Power Virtual Server Workspace service cloud resource name (CRN) identifier which contains the target instances ++ - Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud. ++ ++ sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type: ++ description: ++ - IBM Power Virtual Server API Endpoint type (public or private) dependent on network interface attachments for the target instances. ++ - Mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud. ++ ++ sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url: ++ description: ++ - IBM Power Virtual Server forward proxy url when IBM Power Virtual Server API Endpoint type is set to private. ++ - When public network interface, can be ignored. ++ - When private network interface, mandatory for the cluster setup on IBM Power Virtual Server from IBM Cloud. ++ ++ ++ ########################################################################## ++ # Platforms: MS Azure specific parameters ++ ########################################################################## ++ ++ sap_ha_pacemaker_cluster_msazure_subscription_id: ++ description: ++ - Subscription ID of the MS Azure environment containing the target instances. ++ - Mandatory for the cluster setup on MS Azure instances. ++ ++ sap_ha_pacemaker_cluster_msazure_resource_group: ++ description: ++ - Resource group name/ID in which the target instances are defined. ++ - Mandatory for the cluster setup on MS Azure instances. +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/collection-requirements.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/collection-requirements.yml +new file mode 100644 +index 0000000..58177a7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/collection-requirements.yml +@@ -0,0 +1,4 @@ ++--- ++ ++collections: ++ - name: redhat.rhel_system_roles +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/main.yml +new file mode 100644 +index 0000000..4ee8090 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/meta/main.yml +@@ -0,0 +1,27 @@ ++--- ++galaxy_info: ++ namespace: community ++ author: Red Hat for SAP Community of Practice, Janine Fuchs ++ description: Installation and configuration of Pacemaker Cluster for SAP solutions ++ company: Red Hat, Inc. ++ ++ license: Apache-2.0 ++ ++ min_ansible_version: 2.9 ++ ++ platforms: ++ - name: EL ++ versions: ++ - 8 ++ - 9 ++ ++ galaxy_tags: ++ - sap ++ - hana ++ - rhel ++ - redhat ++ ++# Not defining ha_cluster as dependency here, but using role include tasks ++# because this role defines a lot of variables and functions as a wrapper ++# to deploy the cluster for SAP environments ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml +new file mode 100644 +index 0000000..b6bdaaa +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml +@@ -0,0 +1,44 @@ ++--- ++# The following tasks will check which SAP landscape can be configured with ++# the provided parameters. ++# It will validate if requirements are met for the cluster configuration. ++ ++# TODO: fail if there is only one host in the play? ++# TODO: check play hosts against cluster nodes definition - there should be no ++# hosts in the play that are undefined? ++ ++# 2 nodes are also valid for other scenarios. ++# TODO: collect possible rules for target landscapes ++ ++- name: "SAP HA Prepare Pacemaker - Fail if there is only 1 target host" ++ ansible.builtin.assert: ++ that: ++ - ansible_play_hosts | length > 1 ++ ++- name: "SAP HA Prepare Pacemaker - Make sure the 'type' parameter is a list" ++ ansible.builtin.set_fact: ++ sap_ha_pacemaker_cluster_host_type: | ++ {% if sap_ha_pacemaker_cluster_host_type | type_debug != 'list' -%} ++ {{ sap_ha_pacemaker_cluster_host_type | split(' ') }} ++ {%- else -%} ++ {{ sap_ha_pacemaker_cluster_host_type }} ++ {%- endif %} ++ ++- name: "SAP HA Prepare Pacemaker - Verify that for 'hana_scaleup' types 2 nodes are used" ++ ansible.builtin.assert: ++ that: ++ - ansible_play_hosts | length == 2 ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - Include HANA specific variables" ++ ansible.builtin.include_tasks: ++ file: include_vars_hana.yml ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - Include NETWEAVER specific variables" ++ ansible.builtin.include_tasks: ++ file: include_vars_nwas.yml ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas') | length > 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_ascs_ers_postinstallation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_ascs_ers_postinstallation.yml +new file mode 100644 +index 0000000..f034efe +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_ascs_ers_postinstallation.yml +@@ -0,0 +1,205 @@ ++--- ++# After NetWeaver ASCS/ERS instances were configured in the cluster, ++# they must be disabled from automatically (re)starting outside of ++# cluster control. ++ ++- name: "SAP HA Pacemaker - (ASCS profile) Prevent automatic restart of enqueue server" ++ ansible.builtin.replace: ++ path: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string }}" ++ backup: true ++ regexp: 'Restart_Program_01' ++ replace: 'Start_Program_01' ++ ++- name: "SAP HA Pacemaker - (ERS profile) Prevent automatic restart" ++ ansible.builtin.replace: ++ path: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" ++ backup: true ++ regexp: 'Restart_Program_00' ++ replace: 'Start_Program_00' ++ ++# Comment out lines in /usr/sap/sapservices, which ++# - contain the target instance profile names ++# - are not commented out yet ++- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" ++ ansible.builtin.replace: ++ path: /usr/sap/sapservices ++ backup: true ++ regexp: '^([^#\n].+{{ sapserv_item }}.+)$' ++ replace: '# \1' ++ loop: ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name }}" ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name }}" ++ loop_control: ++ loop_var: sapserv_item ++ ++- name: "SAP HA Pacemaker - (systemd) Check for ASCS/ERS services" ++ ansible.builtin.stat: ++ path: "/etc/systemd/system/SAP{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ systemd_item }}.service" ++ loop: ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" ++ loop_control: ++ loop_var: systemd_item ++ label: "SAP{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_{{ systemd_item }}.service" ++ register: __sap_ha_pacemaker_cluster_register_instance_service ++ ++- name: "SAP HA Pacemaker - (systemd) Save found ASCS/ERS services" ++ ansible.builtin.set_fact: ++ sap_ha_pacemaker_cluster_instance_services_fact: "{{ __sap_ha_pacemaker_cluster_register_instance_service.results | selectattr('stat.exists') | map(attribute='stat.path') | regex_replace('/etc/systemd/system/', '') }}" ++ ++# BLOCK: ++# When the systemd based SAP startup framework is used, make sure that the ++# instance services do not auto-start. ++- name: "SAP HA Pacemaker - Block to disable systemd auto-start of instances" ++ when: ++ - sap_ha_pacemaker_cluster_instance_services_fact is defined ++ - sap_ha_pacemaker_cluster_instance_services_fact | length > 0 ++ block: ++ ++ - name: "SAP HA Pacemaker - (systemd) Disable ASCS/ERS instance service" ++ ansible.builtin.service: ++ name: "{{ instance_srv_item }}" ++ enabled: false ++ loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" ++ loop_control: ++ loop_var: instance_srv_item ++ ++ # Creates a config file for the services. ++ # Parent directories will be created when missing. ++ - name: "SAP HA Pacemaker - (systemd) Create ASCS/ERS instance unit config file" ++ ansible.builtin.lineinfile: ++ create: true ++ path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" ++ line: "[Service]" ++ owner: root ++ group: root ++ mode: '0644' ++ loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" ++ loop_control: ++ loop_var: dropfile_item ++ ++ - name: "SAP HA Pacemaker - (systemd) Disable ASCS/ERS instance unit auto-restart" ++ ansible.builtin.lineinfile: ++ path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" ++ regex: '^Restart\s*=\s*no' ++ insertafter: '^[Service]$' ++ line: "Restart=no" ++ owner: root ++ group: root ++ mode: '0644' ++ loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" ++ loop_control: ++ loop_var: dropfile_item ++ ++### END of BLOCK for systemd setup. ++ ++ ++# Block for configuring the SAP HA Interface (sap_cluster_connector). ++# ++# The 'sap-cluster-connector' package is already optionally added to ++# '__sap_ha_pacemaker_cluster_sap_extra_packages'. ++- name: "SAP HA Pacemaker - (SAP HA Interface) Configure SAP HA Interface" ++ when: ++ - sap_ha_pacemaker_cluster_enable_cluster_connector ++ block: ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Add {{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm user to 'haclient' group" ++ ansible.builtin.user: ++ name: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" ++ groups: haclient ++ append: true ++ state: present ++ ++ # Using 'lineinfile' with a nested loop to avoid duplicate entries for existing configuration. ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Add connector to start profiles" ++ ansible.builtin.lineinfile: ++ backup: true ++ path: "{{ nwas_profile_item.0 }}" ++ line: "{{ nwas_profile_item.1 }}" ++ loop: "{{ __sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_profile_paths | product(__sap_ha_pacemaker_cluster_connector_config_lines) }}" ++ loop_control: ++ loop_var: nwas_profile_item ++ label: "{{ nwas_profile_item.0 }} -> {{ nwas_profile_item.1 }}" ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ASCS to be up and running" ++ become: true ++ become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" ++ register: __sap_ha_pacemaker_cluster_register_where_ascs ++ ansible.builtin.shell: | ++ /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function WaitforStarted 600 15 ++ changed_when: false ++ failed_when: false ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" ++ become: true ++ become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" ++ register: __sap_ha_pacemaker_cluster_register_where_ers ++ ansible.builtin.shell: | ++ /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function WaitforStarted 600 15 ++ changed_when: false ++ failed_when: false ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ASCS service" ++ when: ++ - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 ++ become: true ++ become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" ++ register: __sap_ha_pacemaker_cluster_register_restart_ascs ++ ansible.builtin.shell: | ++ /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function RestartService ++ changed_when: __sap_ha_pacemaker_cluster_register_restart_ascs.rc == 0 ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" ++ when: ++ - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 ++ become: true ++ become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" ++ register: __sap_ha_pacemaker_cluster_register_restart_ers ++ ansible.builtin.shell: | ++ /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function RestartService ++ changed_when: __sap_ha_pacemaker_cluster_register_restart_ers.rc == 0 ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Pause after service restart" ++ when: ++ - __sap_ha_pacemaker_cluster_register_restart_ascs.changed or __sap_ha_pacemaker_cluster_register_restart_ers.changed ++ ansible.builtin.pause: ++ seconds: 10 ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Run HA check for ASCS" ++ when: ++ - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 ++ become: true ++ become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" ++ register: __sap_ha_pacemaker_cluster_register_ascs_ha ++ ansible.builtin.shell: | ++ /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }} -function HACheckConfig ++ changed_when: false ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Run HA check for ERS" ++ when: ++ - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 ++ become: true ++ become_user: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid | lower }}adm" ++ register: __sap_ha_pacemaker_cluster_register_ers_ha ++ ansible.builtin.shell: | ++ /usr/sap/hostctrl/exe/sapcontrol -nr {{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }} -function HACheckConfig ++ changed_when: false ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Display HA check results for ASCS" ++ when: ++ - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 ++ ansible.builtin.debug: ++ msg: | ++ {{ __sap_ha_pacemaker_cluster_register_ascs_ha.stdout }} ++ ++ - name: "SAP HA Pacemaker - (SAP HA Interface) Display HA check results for ERS" ++ when: ++ - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 ++ ansible.builtin.debug: ++ msg: | ++ {{ __sap_ha_pacemaker_cluster_register_ers_ha.stdout }} ++ ++ ++ # TODO: verification checks that the instances are running and HA Interface is enabled ++ ++### END of BLOCK for sap_cluster_connector. +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml +new file mode 100644 +index 0000000..d68b644 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml +@@ -0,0 +1,53 @@ ++--- ++- name: "SAP HA Pacemaker srHook - Create srHook shared directory" ++ ansible.builtin.file: ++ path: "{{ sap_ha_pacemaker_cluster_hadr_provider_path }}" ++ state: directory ++ mode: "0755" ++ owner: "{{ sap_ha_pacemaker_cluster_hana_sid | lower }}adm" ++ group: sapsys ++ ++- name: "SAP HA Pacemaker srHook - Copy srHook to shared directory" ++ ansible.builtin.copy: ++ remote_src: true ++ src: /usr/share/SAPHanaSR/srHook/SAPHanaSR.py ++ dest: "{{ sap_ha_pacemaker_cluster_hadr_provider_path }}/{{ sap_ha_pacemaker_cluster_hadr_provider_name }}.py" ++ mode: "0755" ++ owner: "{{ sap_ha_pacemaker_cluster_hana_sid | lower }}adm" ++ group: sapsys ++# Do not run in check mode because the path is created in the previous step ++ when: not ansible_check_mode ++ ++- name: "SAP HA Pacemaker srHook - Check global.ini for 'ha_dr_saphanasr'" ++ ansible.builtin.shell: | ++ grep ha_dr_saphanasr /usr/sap/{{ sap_ha_pacemaker_cluster_hana_sid | upper }}/SYS/global/hdb/custom/config/global.ini ++ register: __sap_ha_pacemaker_cluster_srhook_trace_global ++ failed_when: false ++# This command should always run, even in check mode. ++# It never does a change, but the return code is required for the next task. ++ check_mode: false ++ changed_when: false ++ ++- name: "SAP HA Pacemaker srHook - Update srHook in global.ini" ++ ansible.builtin.blockinfile: ++ path: /usr/sap/{{ sap_ha_pacemaker_cluster_hana_sid | upper }}/SYS/global/hdb/custom/config/global.ini ++ marker: "" ++ block: | ++ [ha_dr_provider_{{ sap_ha_pacemaker_cluster_hadr_provider_name }}] ++ provider = {{ sap_ha_pacemaker_cluster_hadr_provider_name }} ++ path = {{ sap_ha_pacemaker_cluster_hadr_provider_path }} ++ execution_order = 1 ++ ++ [trace] ++ ha_dr_saphanasr = info ++ when: __sap_ha_pacemaker_cluster_srhook_trace_global.rc == 1 ++ ++- name: "SAP HA Pacemaker srHook - Add srHook sudo entries" ++ ansible.builtin.template: ++ backup: true ++ dest: /etc/sudoers.d/20-saphana ++ mode: "0440" ++ owner: root ++ group: root ++ src: templates/sudofile_20-saphana.j2 ++ validate: visudo -cf %s +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_final_hacluster_vars.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_final_hacluster_vars.yml +new file mode 100644 +index 0000000..a26754c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_final_hacluster_vars.yml +@@ -0,0 +1,101 @@ ++--- ++# After all of the previous construction flows, the final parameters must ++# be translated to 'ha_cluster' Linux System Role syntax. ++# ++# This way the include_role parameters are set as play vars and do not ++# require a static list of vars when the role is included. ++ ++# List of parameters that are constructed by this role, but not all of them ++# are mandatory to be defined. For any undefined parameter the default of the ++# 'ha_cluster' role will apply, if the role has a default defined. ++# ++# Make sure to always define those parameters which have no 'ha_cluster' LSR default! ++# ++# SAP HA Pacemaker Cluster role -> 'ha_cluster' Linux System Role ++# ------------------------------------------------------------------------------ ++# __sap_ha_pacemaker_cluster_ha_cluster ha_cluster ++# __sap_ha_pacemaker_cluster_cluster_name ha_cluster_cluster_name ++# __sap_ha_pacemaker_cluster_cluster_properties ha_cluster_cluster_properties ++# __sap_ha_pacemaker_cluster_constraints_colocation ha_cluster_constraints_colocation ++# __sap_ha_pacemaker_cluster_constraints_location ha_cluster_constraints_location ++# __sap_ha_pacemaker_cluster_constraints_order ha_cluster_constraints_order ++# __sap_ha_pacemaker_cluster_extra_packages ha_cluster_extra_packages ++# __sap_ha_pacemaker_cluster_fence_agent_packages ha_cluster_fence_agent_packages ++# __sap_ha_pacemaker_cluster_hacluster_user_password ha_cluster_hacluster_password ++# __sap_ha_pacemaker_cluster_repos __ha_cluster_repos ++# __sap_ha_pacemaker_cluster_resource_clones ha_cluster_resource_clones ++# __sap_ha_pacemaker_cluster_resource_groups ha_cluster_resource_groups ++# __sap_ha_pacemaker_cluster_resource_primitives ha_cluster_resource_primitives ++# __sap_ha_pacemaker_cluster_corosync_totem ha_cluster_totem ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster'" ++ when: __sap_ha_pacemaker_cluster_ha_cluster is defined ++ ansible.builtin.set_fact: ++ ha_cluster: "{{ __sap_ha_pacemaker_cluster_ha_cluster }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_cluster_name'" ++ when: __sap_ha_pacemaker_cluster_cluster_name is defined ++ ansible.builtin.set_fact: ++ ha_cluster_cluster_name: "{{ __sap_ha_pacemaker_cluster_cluster_name }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_cluster_properties'" ++ when: __sap_ha_pacemaker_cluster_cluster_properties is defined ++ ansible.builtin.set_fact: ++ ha_cluster_cluster_properties: "{{ __sap_ha_pacemaker_cluster_cluster_properties }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_constraints_colocation'" ++ when: __sap_ha_pacemaker_cluster_constraints_colocation is defined ++ ansible.builtin.set_fact: ++ ha_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_constraints_location'" ++ when: __sap_ha_pacemaker_cluster_constraints_location is defined ++ ansible.builtin.set_fact: ++ ha_cluster_constraints_location: "{{ __sap_ha_pacemaker_cluster_constraints_location }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_constraints_order'" ++ when: __sap_ha_pacemaker_cluster_constraints_order is defined ++ ansible.builtin.set_fact: ++ ha_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_extra_packages'" ++ when: __sap_ha_pacemaker_cluster_extra_packages is defined ++ ansible.builtin.set_fact: ++ ha_cluster_extra_packages: "{{ __sap_ha_pacemaker_cluster_extra_packages }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_fence_agent_packages'" ++ when: __sap_ha_pacemaker_cluster_fence_agent_packages is defined ++ ansible.builtin.set_fact: ++ ha_cluster_fence_agent_packages: "{{ __sap_ha_pacemaker_cluster_fence_agent_packages }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_hacluster_password'" ++ when: __sap_ha_pacemaker_cluster_hacluster_user_password is defined ++ ansible.builtin.set_fact: ++ ha_cluster_hacluster_password: "{{ __sap_ha_pacemaker_cluster_hacluster_user_password }}" ++ no_log: true # secure the credential ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_repos'" ++ when: __sap_ha_pacemaker_cluster_repos is defined ++ ansible.builtin.set_fact: ++ __ha_cluster_repos: "{{ __sap_ha_pacemaker_cluster_repos }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_resource_clones'" ++ when: __sap_ha_pacemaker_cluster_resource_clones is defined ++ ansible.builtin.set_fact: ++ ha_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_resource_groups'" ++ when: __sap_ha_pacemaker_cluster_resource_groups is defined ++ ansible.builtin.set_fact: ++ ha_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups }}" ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_resource_primitives'" ++ when: __sap_ha_pacemaker_cluster_resource_primitives is defined ++ ansible.builtin.set_fact: ++ ha_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives }}" ++ no_log: true # be paranoid, there could be credentials in it ++ ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_totem'" ++ when: __sap_ha_pacemaker_cluster_corosync_totem is defined ++ ansible.builtin.set_fact: ++ ha_cluster_totem: "{{ __sap_ha_pacemaker_cluster_corosync_totem }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml +new file mode 100644 +index 0000000..d52463f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml +@@ -0,0 +1,60 @@ ++--- ++# Combine input parameters with inherited vars from the 'ha_cluster' role. ++# The inherited values take precedence. Some parameters are not required to be set. ++# The 'ha_cluster' LSR will apply its role defaults. ++# For mandatory parameters, sanity checks will be done separately. ++ ++# sap_ha_pacemaker_cluster_cluster_name -> user-defined or default inherited from {{ ha_cluster_cluster_name }} ++- name: "SAP HA Prepare Pacemaker - Set cluster name" ++ when: ++ - __sap_ha_pacemaker_cluster_cluster_name is not defined ++ - sap_ha_pacemaker_cluster_cluster_name is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_cluster_name: "{{ sap_ha_pacemaker_cluster_cluster_name }}" ++ ++# sap_ha_pacemaker_cluster_hacluster_user_password -> user-defined or default inherited from {{ ha_cluster_hacluster_password }} ++- name: "SAP HA Prepare Pacemaker - Register the 'hacluster' user password" ++ when: ++ - __sap_ha_pacemaker_cluster_hacluster_user_password is not defined ++ - sap_ha_pacemaker_cluster_hacluster_user_password ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_hacluster_user_password: "{{ sap_ha_pacemaker_cluster_hacluster_user_password }}" ++ no_log: true # secure the credential ++ ++ ++# sap_ha_pacemaker_cluster_extra_packages -> user-defined, empty by global default ++# __sap_ha_pacemaker_cluster_sap_extra_packages -> included from vars/* ++# __sap_ha_pacemaker_cluster_platform_extra_packages -> included from vars/platform* ++ ++- name: "SAP HA Prepare Pacemaker - Combine extra packages lists" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_extra_packages: "{{ (sap_ha_pacemaker_cluster_extra_packages + __sap_ha_pacemaker_cluster_sap_extra_packages + __sap_ha_pacemaker_cluster_platform_extra_packages) | unique | select() }}" ++# remove duplicates and empty elements ++ ++# sap_ha_pacemaker_cluster_fence_agent_minimal_packages -> global default ++# sap_ha_pacemaker_cluster_fence_agent_packages -> global default ++# __sap_ha_pacemaker_cluster_fence_agent_packages -> internal default (vars/main.yml) ++ ++- name: "SAP HA Prepare Pacemaker - Combine fence agent packages lists" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_fence_agent_packages: "{{ (sap_ha_pacemaker_cluster_fence_agent_minimal_packages + sap_ha_pacemaker_cluster_fence_agent_packages + __sap_ha_pacemaker_cluster_fence_agent_packages) | unique }}" ++ ++- name: "SAP HA Prepare Pacemaker - Add default corosync totem settings" ++ when: ++ - sap_ha_pacemaker_cluster_corosync_totem is defined ++ - sap_ha_pacemaker_cluster_corosync_totem.options is defined ++ - sap_ha_pacemaker_cluster_corosync_totem.options | length > 0 ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_corosync_totem: ++ options: "{{ __sap_ha_pacemaker_cluster_corosync_totem.options | default([]) + __totem_settings }}" ++ vars: ++ __totem_settings: |- ++ {% set new_opts = [] %} ++ {% for option in sap_ha_pacemaker_cluster_corosync_totem.options | dict2items -%} ++ {%- set add_opts = new_opts.extend([ ++ { ++ 'name': option.key, ++ 'value': option.value ++ }]) -%} ++ {%- endfor %} ++ {{ new_opts }} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_common.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_common.yml +new file mode 100644 +index 0000000..19a9f80 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_common.yml +@@ -0,0 +1,158 @@ ++--- ++# Variables containing variables must be constructed with values ++# to be fed into the included ha_cluster role ++ ++# - put here all scale-up and scale-out common resources ++# - certain differences like ra agent names are provided through ++# type specific variables ++ ++# TODO: add conditionals to verify that the same resource agent is not already ++# defined in user input variables. Conflicting user input should take precedence. ++ ++- name: "SAP HA Prepare Pacemaker - Define resource defaults for HANA clusters" ++ when: ++ - sap_ha_pacemaker_cluster_resource_defaults is not defined or sap_ha_pacemaker_cluster_resource_defaults | length == 0 ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_defaults: ++ resource-stickiness: 1000 ++ migration-threshold: 5000 ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: SAP HANA Topology" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_hana_topology] }}" ++ vars: ++ __resource_hana_topology: ++ id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_name }}" ++ agent: "ocf:heartbeat:SAPHanaTopology" ++ instance_attrs: ++ - attrs: ++ - name: SID ++ value: "{{ sap_ha_pacemaker_cluster_hana_sid }}" ++ - name: InstanceNumber ++ value: "{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" ++ operations: ++ - action: start ++ attrs: ++ - name: timeout ++ value: 600 ++ - action: stop ++ attrs: ++ - name: timeout ++ value: 600 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 10 ++ - name: timeout ++ value: 600 ++ when: ++ - __resource_hana_topology.agent not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='agent')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: SAP HANA DB" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_hana] }}" ++ vars: ++ __resource_hana: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_name }}" ++ agent: "ocf:heartbeat:{{ sap_ha_pacemaker_cluster_ra_hana }}" ++ instance_attrs: ++ - attrs: ++ - name: SID ++ value: "{{ sap_ha_pacemaker_cluster_hana_sid }}" ++ - name: InstanceNumber ++ value: "{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" ++ - name: AUTOMATED_REGISTER ++ value: "{{ sap_ha_pacemaker_cluster_hana_automated_register | string }}" ++ - name: DUPLICATE_PRIMARY_TIMEOUT ++ value: "{{ sap_ha_pacemaker_cluster_hana_duplicate_primary_timeout | string }}" ++ - name: PREFER_SITE_TAKEOVER ++ value: "{{ sap_ha_pacemaker_cluster_hana_prefer_site_takeover | string }}" ++ operations: ++ - action: start ++ attrs: ++ - name: timeout ++ value: 3600 ++ - action: stop ++ attrs: ++ - name: timeout ++ value: 3600 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 61 ++ - name: role ++ value: Slave ++ - name: timeout ++ value: 700 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 59 ++ - name: role ++ value: Master ++ - name: timeout ++ value: 700 ++ - action: promote ++ attrs: ++ - name: timeout ++ value: 3600 ++ - action: demote ++ attrs: ++ - name: timeout ++ value: 3600 ++ when: ++ - __resource_hana.agent not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='agent')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource clone: SAP HANA Topology" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_hana_topology] }}" ++ vars: ++ __clone_hana_topology: ++ resource_id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_name }}" ++ meta_attrs: ++ - attrs: ++ - name: clone-max ++ value: 2 ++ - name: clone-node-max ++ value: 1 ++ - name: interleave ++ value: "true" ++ when: ++ - __clone_hana_topology.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource clone: SAP HANA DB" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_hana] }}" ++ vars: ++ __clone_hana: ++ resource_id: "{{ sap_ha_pacemaker_cluster_hana_resource_name }}" ++ meta_attrs: ++ - attrs: ++ - name: clone-max ++ value: 2 ++ - name: clone-node-max ++ value: 1 ++ - name: interleave ++ value: "true" ++ - name: promotable ++ value: "true" ++ when: ++ - __clone_hana.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) ++ ++# First start Topology, then HANA (automatically stops in reverse order) ++- name: "SAP HA Prepare Pacemaker - Add order constraint: Topology starts before DB" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_hana_topology] }}" ++ vars: ++ __constraint_order_hana_topology: ++ resource_first: ++ id: "{{ sap_ha_pacemaker_cluster_hana_topology_resource_clone_name }}" ++ action: start ++ resource_then: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" ++ action: start ++ options: ++ - name: symmetrical ++ value: "false" ++ when: ++ - __constraint_order_hana_topology.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleout.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleout.yml +new file mode 100644 +index 0000000..03df61f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleout.yml +@@ -0,0 +1,13 @@ ++--- ++# Variables containing variables must be constructed with values ++# to be fed into an included role ++ ++# TODO: add here any scale-out special variable constructions ++# Make sure to first respect 'ha_cluster' native variables ++ ++# - name: "SAP HA Prepare Pacemaker - Construct cluster vars for SAP HANA Scale-out" ++# ansible.builtin.set_fact: ++ ++- name: "SAP HA Prepare Pacemaker - Info" ++ ansible.builtin.debug: ++ msg: "INFO: There is currently no Scale-out specific construction, in addition to the SAP HANA common definitions." +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup.yml +new file mode 100644 +index 0000000..b9215eb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_hana_scaleup.yml +@@ -0,0 +1,13 @@ ++--- ++# Variables containing variables must be constructed with values ++# to be fed into an included role ++ ++# TODO: add here any scale-up special variable constructions ++# Make sure to first respect 'ha_cluster' native variables ++ ++# - name: "SAP HA Prepare Pacemaker - Construct cluster vars for SAP HANA Scale-up" ++# ansible.builtin.set_fact: ++# ++- name: "SAP HA Prepare Pacemaker - Info" ++ ansible.builtin.debug: ++ msg: "INFO: There is currently no Scale-up specific construction, in addition to the SAP HANA common definitions." +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_haproxy_constraints_hana.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_haproxy_constraints_hana.yml +new file mode 100644 +index 0000000..a1fb86b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_haproxy_constraints_hana.yml +@@ -0,0 +1,53 @@ ++--- ++# Reminder: This file is included in a loop over a dictionary. ++ ++# Start haproxy only after the HANA resource has been promoted ++- name: "SAP HA Prepare Pacemaker - Add order constraint: 'haproxy' starts after DB is promoted" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_haproxy] }}" ++ vars: ++ __constraint_order_haproxy: ++ resource_first: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" ++ action: promote ++ resource_then: ++ id: "{{ vip_list_item.key }}" ++ action: start ++ when: ++ - __constraint_order_haproxy.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) ++ ++# The primary haproxy only runs where HANA is promoted ++- name: "SAP HA Prepare Pacemaker - Add colocation constraint: Primary 'haproxy' runs where HANA is promoted" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_haproxy] }}" ++ vars: ++ __constraint_colo_haproxy: ++ resource_leader: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" ++ role: promoted ++ resource_follower: ++ id: "{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" ++ options: ++ - name: score ++ value: "{{ sap_ha_pacemaker_cluster_constraint_colo_base_score }}" ++ when: ++ - __constraint_colo_haproxy.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) ++ ++# The secondary haproxy only runs where HANA is UNpromoted ++- name: "SAP HA Prepare Pacemaker - Add colocation constraint: Secondary 'haproxy' runs where HANA is not promoted" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_haproxy] }}" ++ vars: ++ __constraint_colo_haproxy: ++ resource_leader: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" ++ role: unpromoted ++ resource_follower: ++ id: "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" ++ options: ++ - name: score ++ value: "{{ sap_ha_pacemaker_cluster_constraint_colo_base_score }}" ++ when: ++ - __constraint_colo_haproxy.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) ++ - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address is defined ++ - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address != '' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml +new file mode 100644 +index 0000000..0aa1563 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml +@@ -0,0 +1,412 @@ ++--- ++# Variables containing variables must be constructed with values ++# to be fed into the included ha_cluster role ++ ++# TODO: add conditionals to verify that the same resource agent is not already ++# defined in user input variables. Conflicting user input should take precedence. ++ ++# Several parameters are pre-defined from potentially inherited ha_cluster LSR definitions. ++# They are necessary to be used for combining all cluster setup definitions. ++# ++# See tasks/ascertain_ha_cluster_in_inventory.yml: ++# ++# __sap_ha_pacemaker_cluster_cluster_properties: "{{ ha_cluster_cluster_properties }}" ++# __sap_ha_pacemaker_cluster_constraints_colocation: "{{ ha_cluster_constraints_colocation }}" ++# __sap_ha_pacemaker_cluster_constraints_location: "{{ ha_cluster_constraints_location }}" ++# __sap_ha_pacemaker_cluster_constraints_order: "{{ ha_cluster_constraints_order }}" ++# __sap_ha_pacemaker_cluster_fence_agent_packages: "{{ ha_cluster_fence_agent_packages }}" ++# __sap_ha_pacemaker_cluster_repos: "{{ ha_cluster_repos }}" ++# __sap_ha_pacemaker_cluster_resource_clones: "{{ ha_cluster_resource_clones }}" ++# __sap_ha_pacemaker_cluster_resource_groups: "{{ ha_cluster_resource_groups }}" ++# __sap_ha_pacemaker_cluster_resource_primitives: "{{ ha_cluster_resource_primitives }}" ++ ++ ++### Different SAPInstance resource attributes for ENSA1 and ENSA2 ++- name: "SAP HA Prepare Pacemaker - Define default ASCS/ERS instance attributes (ENSA2)" ++ when: not sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_meta_attrs: ++ - name: resource-stickiness ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness }}" ++ ++ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs: ++ - name: InstanceName ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name }}" ++ - name: START_PROFILE ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" ++ - name: AUTOMATIC_RECOVER ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool | string }}" ++ ++ ++- name: "SAP HA Prepare Pacemaker - Define ASCS/ERS instance attributes (ENSA1)" ++ when: sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_meta_attrs: ++ - name: resource-stickiness ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_stickiness }}" ++ - name: migration-threshold ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_migration_threshold }}" ++ - name: failure-timeout ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_ensa1_failure_timeout }}" ++ ++ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs: ++ - name: InstanceName ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_instance_name }}" ++ - name: START_PROFILE ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" ++ - name: AUTOMATIC_RECOVER ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_automatic_recover_bool | string }}" ++ - name: IS_ERS ++ value: true ++ ++ ++### ASCS/ERS instance filesystems ++- name: "SAP HA Prepare Pacemaker - Add filesystem resources for ASCS/ERS to resource definition" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" ++ vars: ++ __resource_filesystem: ++ id: |- ++ {%- if '/ASCS' in __mountpoint -%} ++ {% set idname = sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name %} ++ {%- elif '/ERS' in __mountpoint -%} ++ {% set idname = sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name %} ++ {%- endif -%} ++ {{ idname }} ++ agent: "ocf:heartbeat:Filesystem" ++ instance_attrs: ++ - attrs: ++ - name: device ++ value: "{{ __nfs_server }}/{{ __nfs_path }}/{{ __mountpoint }}" ++ - name: directory ++ value: "/usr/sap/{{ __mountpoint }}" ++ - name: fstype ++ value: "{{ __fstype }}" ++ - name: options ++ value: "{{ __mount_opts }}" ++ - name: force_unmount ++ value: "{{ sap_ha_pacemaker_cluster_resource_filesystem_force_unmount }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 60 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 120 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 200 ++ - name: timeout ++ value: 40 ++ ++ # Format input variables to make above construction code more readable. ++ # Method: ++ # - parse sap_ha_pacemaker_cluster_storage_definition ++ # - check if a mounpoint is defined (filters out swap) ++ # - if the needed parameter is defined, take it ++ # - otherwise, take the value from a default parameter ++ ++ __fstype: |- ++ {% for def in sap_ha_pacemaker_cluster_storage_definition -%} ++ {% if def.mountpoint is defined and '/usr/sap' == def.mountpoint | regex_replace('/$', '') -%} ++ {% if def.nfs_filesystem_type is defined -%} ++ {{ def.nfs_filesystem_type }} ++ {%- else -%} ++ {{ sap_ha_pacemaker_cluster_storage_nfs_filesytem_type }} ++ {%- endif %} ++ {%- endif %} ++ {%- endfor %} ++ __mount_opts: |- ++ {% for def in sap_ha_pacemaker_cluster_storage_definition -%} ++ {% if def.mountpoint is defined and '/usr/sap' == def.mountpoint | regex_replace('/$', '') -%} ++ {% if def.nfs_mount_options is defined -%} ++ {{ def.nfs_mount_options }} ++ {%- else -%} ++ {{ sap_ha_pacemaker_cluster_storage_nfs_mount_options }} ++ {%- endif %} ++ {%- endif %} ++ {%- endfor %} ++ __nfs_path: |- ++ {% for def in sap_ha_pacemaker_cluster_storage_definition -%} ++ {% if def.mountpoint is defined and '/usr/sap' == def.mountpoint | regex_replace('/$', '') -%} ++ {{ def.nfs_path | regex_replace('^/', '') | regex_replace('/$', '') }} ++ {%- endif %} ++ {%- endfor %} ++ __nfs_server: |- ++ {% for def in sap_ha_pacemaker_cluster_storage_definition -%} ++ {% if def.mountpoint is defined and '/usr/sap' == def.mountpoint | regex_replace('/$', '') -%} ++ {% if def.nfs_server is defined -%} ++ {{ def.nfs_server | regex_replace('/$', '') }} ++ {%- else -%} ++ {{ sap_ha_pacemaker_cluster_storage_nfs_server | regex_replace('/$', '') }} ++ {%- endif %} ++ {%- endif %} ++ {%- endfor %} ++ __mountpoint: "{{ fsres_item }}" ++ ++ loop: "{{ __sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_filesystems }}" ++ loop_control: ++ loop_var: fsres_item ++ label: "{{ fsres_item }}" ++ when: ++ - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++# End of filesystem resource task ++ ++ ++# ASCS instance resource definition ++- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Central Service (ABAP ASCS)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance] }}" ++ vars: ++ __resource_sapinstance: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}" ++ agent: "ocf:heartbeat:SAPInstance" ++ instance_attrs: ++ - attrs: ++ - name: InstanceName ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_instance_name }}" ++ - name: START_PROFILE ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string }}" ++ - name: AUTOMATIC_RECOVER ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_automatic_recover_bool | string }}" ++ meta_attrs: ++ - attrs: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_meta_attrs }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 20 ++ - name: on-fail ++ value: restart ++ - name: timeout ++ value: 60 ++ when: ++ - __resource_sapinstance.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++ ++# ERS instance resource definition ++- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (ABAP ERS)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance_ers] }}" ++ vars: ++ __resource_sapinstance_ers: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name }}" ++ agent: "ocf:heartbeat:SAPInstance" ++ instance_attrs: ++ - attrs: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_attrs }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 20 ++ - name: on-fail ++ value: restart ++ - name: timeout ++ value: 60 ++ when: ++ - __resource_sapinstance_ers.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++ ++################################################# ++# Group resources that belong together ++# ############################################### ++ ++# ASCS group consists of resources for ++# - ASCS filesystem ++# - ASCS instance ++# - ASCS VIP ++# The order of the resources in the group define the order in which they are ++# started - resources are stopped in reverse order. ++# ++# Only resources that were defined as resources to be configured will be ++# added to the group. ++ ++- name: "SAP HA Prepare Pacemaker - Add resource group for ASCS resources" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__ascs_group] }}" ++ vars: ++ __ascs_group: ++ id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_group_name }}" ++ resource_ids: | ++ {% set resource_ids_list = [] %} ++ {%- for resource in ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_filesystem_resource_name, ++ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name, ++ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name, ++ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name %} ++ {%- if resource | length > 0 ++ and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} ++ {%- set ids = resource_ids_list.append(resource) %} ++ {%- endif %} ++ {%- endfor %} ++ {{ resource_ids_list }} ++ meta_attrs: ++ - attrs: ++ - name: resource-stickiness ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_group_stickiness }}" ++ when: ++ - __ascs_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) ++ ++ ++# ERS group consists of resources for ++# - ERS filesystem ++# - ERS instance ++# - ERS VIP ++# The order of the resources in the group define the order in which they are ++# started - resources are stopped in reverse order. ++# ++# Only resources that were defined as resources to be configured will be ++# added to the group. ++ ++- name: "SAP HA Prepare Pacemaker - Add resource group for ERS resources" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__ers_group] }}" ++ vars: ++ __ers_group: ++ id: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_group_name }}" ++ resource_ids: | ++ {% set resource_ids_list = [] %} ++ {%- for resource in ++ sap_ha_pacemaker_cluster_nwas_abap_ers_filesystem_resource_name, ++ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_resource_name, ++ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name, ++ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name %} ++ {%- if resource | length > 0 ++ and resource in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) %} ++ {%- set ids = resource_ids_list.append(resource) %} ++ {%- endif %} ++ {%- endfor %} ++ {{ resource_ids_list }} ++ when: ++ - __ers_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) ++ ++- name: "SAP HA Prepare Pacemaker - Display VIP resource group definition if any were built" ++ ansible.builtin.debug: ++ var: __sap_ha_pacemaker_cluster_resource_groups ++ when: ++ - __sap_ha_pacemaker_cluster_resource_groups is defined ++ - __sap_ha_pacemaker_cluster_resource_groups | length > 0 ++ ++################################################# ++# Constraints ++################################################# ++ ++# Constraint parameters are pre-defined from potentially inherited ha_cluster LSR definitions. ++# Constraint definitions are combined into these parameters. ++# See tasks/ascertain_ha_cluster_in_inventory.yml: ++# ++# __sap_ha_pacemaker_cluster_constraints_colocation: "{{ ha_cluster_constraints_colocation }}" ++# __sap_ha_pacemaker_cluster_constraints_location: "{{ ha_cluster_constraints_location }}" ++# __sap_ha_pacemaker_cluster_constraints_order: "{{ ha_cluster_constraints_order }}" ++ ++# ERS and ASCS resource groups should try to avoid running on the same node ++- name: "SAP HA Prepare Pacemaker - Add colocation constraint: ERS avoids to run on the ASCS node" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_ers] }}" ++ vars: ++ __constraint_colo_ers: ++ resource_leader: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}_group" ++ role: started ++ resource_follower: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}_group" ++ options: ++ - name: score ++ value: -5000 ++ when: ++ - __constraint_colo_ers.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) ++ ++# Optional: ASCS should be started before ERS ++- name: "SAP HA Prepare Pacemaker - Add order constraint: first start ASCS group, then ERS group" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_ascs_ers] }}" ++ vars: ++ __constraint_order_ascs_ers: ++ resource_first: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}_group" ++ role: started ++ resource_then: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}_group" ++ options: ++ - name: symmetrical ++ value: "false" ++ - name: kind ++ value: Optional ++# when: ++# - __constraint_order_ascs_ers.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) ++ ++# ENSA1 only: location rule for ASCS to follow ERS ++- name: "SAP HA Prepare Pacemaker - Add location constraint: ASCS follows ERS in ENSA1 setup" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_location: "{{ __sap_ha_pacemaker_cluster_constraints_location + [__constraint_location_ascs_ers] }}" ++ vars: ++ __constraint_location_ascs_ers: ++ resource: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_resource_name }}" ++ rule: "runs_ers_{{ sap_ha_pacemaker_cluster_nwas_abap_sid }} eq 1" ++ options: ++ - name: score ++ value: 2000 ++ when: ++ - sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_ensa1 ++ ++ ++# When /sapmnt is managed by the cluster, ++# start instance groups only after the SAPMNT resource is running. ++- name: "SAP HA Prepare Pacemaker - Add order constraint: first start /sapmnt, then start ASCS group" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_sapmnt] }}" ++ vars: ++ __constraint_order_sapmnt: ++ resource_first: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name }}-clone" ++ role: started ++ resource_then: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}_group" ++ when: ++ - sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed ++ ++- name: "SAP HA Prepare Pacemaker - Add order constraint: first start /sapmnt, then start ERS group" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_sapmnt] }}" ++ vars: ++ __constraint_order_sapmnt: ++ resource_first: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name }}-clone" ++ role: started ++ resource_then: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}_ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}_group" ++ when: ++ - sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_pas_aas.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_pas_aas.yml +new file mode 100644 +index 0000000..17be8c3 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_pas_aas.yml +@@ -0,0 +1,187 @@ ++--- ++# Variables containing variables must be constructed with values ++# to be fed into the included ha_cluster role ++ ++# - put here all scale-up and scale-out common resources ++# - certain differences like ra agent names are provided through ++# type specific variables ++ ++# TODO: add conditionals to verify that the same resource agent is not already ++# defined in user input variables. Conflicting user input should take precedence. ++ ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: Filesystem /usr/sap/<>/D<>" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" ++ vars: ++ __resource_filesystem: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_resource_name }}" ++ agent: "ocf:heartbeat:Filesystem" ++ instance_attrs: ++ - attrs: ++ - name: device ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_host_mount_path }}" ++ - name: directory ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_local_mount_path }}" ++ - name: fstype ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_fstype }}" ++ - name: options ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_options_string }}" ++ - name: force_unmount ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_filesystem_force_unmount }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 60 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 120 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 200 ++ - name: timeout ++ value: 40 ++ when: ++ - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: Filesystem /usr/sap/<>/D<>" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" ++ vars: ++ __resource_filesystem: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_resource_name }}" ++ agent: "ocf:heartbeat:Filesystem" ++ instance_attrs: ++ - attrs: ++ - name: device ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_host_mount_path }}" ++ - name: directory ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_local_mount_path }}" ++ - name: fstype ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_fstype }}" ++ - name: options ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_options_string }}" ++ - name: force_unmount ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_filesystem_force_unmount }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 60 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 120 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 200 ++ - name: timeout ++ value: 40 ++ when: ++ - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Primary Application Server (ABAP PAS)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance] }}" ++ vars: ++ __resource_sapinstance: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_resource_name }}" ++ agent: "ocf:heartbeat:SAPInstance" ++ instance_attrs: ++ - attrs: ++ - name: InstanceName ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_instance_name }}" ++ - name: START_PROFILE ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_start_profile_string }}" ++ - name: AUTOMATIC_RECOVER ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_automatic_recover_bool | string }}" ++ meta_attrs: ++ - attrs: ++ - name: resource-stickiness ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_resource_stickiness }}" ++ - name: migration-threshold ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_migration_threshold }}" ++ - name: failure-timeout ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_pas_sapinstance_failure_timeout }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 20 ++ - name: on-fail ++ value: restart ++ - name: timeout ++ value: 60 ++ when: ++ - __resource_sapinstance.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Additional Application Server (ABAP AAS)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance_ers] }}" ++ vars: ++ __resource_sapinstance_ers: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_resource_name }}" ++ agent: "ocf:heartbeat:SAPInstance" ++ instance_attrs: ++ - attrs: ++ - name: InstanceName ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_instance_name }}" ++ - name: START_PROFILE ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_start_profile_string }}" ++ - name: AUTOMATIC_RECOVER ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_automatic_recover_bool | string }}" ++ meta_attrs: ++ - attrs: ++ - name: resource-stickiness ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_resource_stickiness }}" ++ - name: migration-threshold ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_migration_threshold }}" ++ - name: failure-timeout ++ value: "{{ sap_ha_pacemaker_cluster_nwas_abap_aas_sapinstance_failure_timeout }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 20 ++ - name: on-fail ++ value: restart ++ - name: timeout ++ value: 60 ++ when: ++ - __resource_sapinstance_ers.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_common.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_common.yml +new file mode 100644 +index 0000000..41f35a6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_common.yml +@@ -0,0 +1,134 @@ ++--- ++# Variables containing variables must be constructed with values ++# to be fed into the included ha_cluster role ++ ++# - put here all NetWeaver common resources ++ ++# TODO: add conditionals to verify that the same resource agent is not already ++# defined in user input variables. Conflicting user input should take precedence. ++ ++- name: "SAP HA Prepare Pacemaker - Define resource defaults for NetWeaver clusters" ++ when: ++ - sap_ha_pacemaker_cluster_resource_defaults is not defined or sap_ha_pacemaker_cluster_resource_defaults | length == 0 ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_defaults: ++ resource-stickiness: 1 ++ migration-threshold: 3 ++ ++ ++- name: "SAP HA Prepare Pacemaker - Add NetWeaver common filesystem resources to resource definition" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" ++ vars: ++ __resource_filesystem: ++ id: |- ++ {%- if '/sapmnt' in __mountpoint -%} ++ {% set idname = sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name %} ++ {% elif '/usr/sap/trans' in __mountpoint -%} ++ {% set idname = sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name %} ++ {% elif '/usr/sap/' + sap_ha_pacemaker_cluster_nwas_abap_sid + '/SYS' in __mountpoint -%} ++ {% set idname = sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name %} ++ {% endif %} ++ {{ idname }} ++ ++ agent: "ocf:heartbeat:Filesystem" ++ instance_attrs: ++ - attrs: ++ - name: device ++ value: "{{ __nfs_server }}/{{ __nfs_path }}" ++ - name: directory ++ value: "{{ __mountpoint }}" ++ - name: fstype ++ value: "{{ __fstype }}" ++ - name: options ++ value: "{{ __mount_opts }}" ++ - name: force_unmount ++ value: "{{ sap_ha_pacemaker_cluster_resource_filesystem_force_unmount }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 60 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 120 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 200 ++ - name: timeout ++ value: 40 ++ ++ # Format input variables to make above construction code more readable. ++ __fstype: "{{ commonfs_item.nfs_filesystem_type | default(sap_ha_pacemaker_cluster_storage_nfs_filesytem_type) }}" ++ __mount_opts: "{{ commonfs_item.nfs_mount_options | default(sap_ha_pacemaker_cluster_storage_nfs_mount_options) }}" ++ __nfs_server: "{{ commonfs_item.nfs_server | default(sap_ha_pacemaker_cluster_storage_nfs_server) | regex_replace('/$', '') }}" ++ __nfs_path: |- ++ {%- if '/usr/sap' in commonfs_item.nfs_path and '/usr/sap/trans' not in commonfs_item.nfs_path -%} ++ {{ commonfs_item.nfs_path | regex_replace('^/', '') | regex_replace('/$', '') }}/{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/SYS ++ {%- else -%} ++ {{ commonfs_item.nfs_path | regex_replace('^/', '') | regex_replace('/$', '') }} ++ {%- endif %} ++ __mountpoint: |- ++ {%- if commonfs_item.mountpoint | regex_replace('/$', '') == '/usr/sap' -%} ++ {{ commonfs_item.mountpoint | regex_replace('/$', '') }}/{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/SYS ++ {%- else -%} ++ {{ commonfs_item.mountpoint | regex_replace('/$', '') }} ++ {%- endif %} ++ ++ loop: "{{ sap_ha_pacemaker_cluster_storage_definition }}" ++ loop_control: ++ loop_var: commonfs_item ++ label: "{{ commonfs_item.name }}" ++ when: ++ - sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed ++ - commonfs_item.mountpoint is defined ++ - commonfs_item.nfs_path is defined ++ - "'/usr/sap' in commonfs_item.mountpoint or '/sapmnt' in commonfs_item.mountpoint" ++ - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++# End of shared filesystems resource definition task ++ ++ ++# The shared/common filesystems are clones. ++- name: "SAP HA Prepare Pacemaker - Add resource clones for NetWeaver common shared filesystems" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_common_filesystem] }}" ++ vars: ++ __clone_common_filesystem: ++ resource_id: |- ++ {%- if '/sapmnt' in __mountpoint -%} ++ {% set idname = sap_ha_pacemaker_cluster_nwas_sapmnt_filesystem_resource_name %} ++ {% elif '/usr/sap/trans' in __mountpoint -%} ++ {% set idname = sap_ha_pacemaker_cluster_nwas_transports_filesystem_resource_name %} ++ {% elif '/usr/sap/' + sap_ha_pacemaker_cluster_nwas_abap_sid + '/SYS' in __mountpoint -%} ++ {% set idname = sap_ha_pacemaker_cluster_nwas_sys_filesystem_resource_name %} ++ {% endif %} ++ {{ idname }} ++ meta_attrs: ++ - attrs: ++ - name: interleave ++ value: "true" ++ ++ __mountpoint: |- ++ {%- if commonfsclone_item.mountpoint | regex_replace('/$', '') == '/usr/sap' -%} ++ {{ commonfsclone_item.mountpoint | regex_replace('/$', '') }}/{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/SYS ++ {%- else -%} ++ {{ commonfsclone_item.mountpoint | regex_replace('/$', '') }} ++ {%- endif %} ++ ++ loop: "{{ sap_ha_pacemaker_cluster_storage_definition }}" ++ loop_control: ++ loop_var: commonfsclone_item ++ label: "{{ commonfsclone_item.name }}" ++ when: ++ - sap_ha_pacemaker_cluster_nwas_shared_filesystems_cluster_managed ++ - commonfsclone_item.mountpoint is defined ++ - commonfsclone_item.nfs_path is defined ++ - "'/usr/sap' in commonfsclone_item.mountpoint or '/sapmnt' in commonfsclone_item.mountpoint" ++ - __clone_common_filesystem.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers.yml +new file mode 100644 +index 0000000..42867c0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers.yml +@@ -0,0 +1,282 @@ ++--- ++# Variables containing variables must be constructed with values ++# to be fed into the included ha_cluster role ++ ++# - put here all scale-up and scale-out common resources ++# - certain differences like ra agent names are provided through ++# type specific variables ++ ++# TODO: add conditionals to verify that the same resource agent is not already ++# defined in user input variables. Conflicting user input should take precedence. ++ ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: Filesystem /usr/sap/<>/SCS<>" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" ++ vars: ++ __resource_filesystem: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_resource_name }}" ++ agent: "ocf:heartbeat:Filesystem" ++ instance_attrs: ++ - attrs: ++ - name: device ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_host_mount_path }}" ++ - name: directory ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_local_mount_path }}" ++ - name: fstype ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_fstype }}" ++ - name: options ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_options_string }}" ++ - name: force_unmount ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_force_unmount }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 60 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 120 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 200 ++ - name: timeout ++ value: 40 ++ when: ++ - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: Filesystem /usr/sap/<>/ERS<>" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_filesystem] }}" ++ vars: ++ __resource_filesystem: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_resource_name }}" ++ agent: "ocf:heartbeat:Filesystem" ++ instance_attrs: ++ - attrs: ++ - name: device ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_host_mount_path }}" ++ - name: directory ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_local_mount_path }}" ++ - name: fstype ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_fstype }}" ++ - name: options ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_options_string }}" ++ - name: force_unmount ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_force_unmount }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 60 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 120 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 200 ++ - name: timeout ++ value: 40 ++ when: ++ - __resource_filesystem.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Central Service (JAVA SCS)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance] }}" ++ vars: ++ __resource_sapinstance: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_name }}" ++ agent: "ocf:heartbeat:SAPInstance" ++ instance_attrs: ++ - attrs: ++ - name: InstanceName ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_instance_name }}" ++ - name: START_PROFILE ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_start_profile_string }}" ++ - name: AUTOMATIC_RECOVER ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_automatic_recover_bool | string }}" ++ meta_attrs: ++ - attrs: ++ - name: resource-stickiness ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_stickiness }}" ++ - name: migration-threshold ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_migration_threshold }}" ++ - name: failure-timeout ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_failure_timeout }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 20 ++ - name: on-fail ++ value: restart ++ - name: timeout ++ value: 60 ++ when: ++ - __resource_sapinstance.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: SAPInstance for Enqueue Replication Service (JAVA ERS)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_sapinstance_ers] }}" ++ vars: ++ __resource_sapinstance_ers: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_name }}" ++ agent: "ocf:heartbeat:SAPInstance" ++ instance_attrs: ++ - attrs: ++ - name: InstanceName ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_instance_name }}" ++ - name: START_PROFILE ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_start_profile_string }}" ++ - name: AUTOMATIC_RECOVER ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_automatic_recover_bool | string }}" ++ meta_attrs: ++ - attrs: ++ - name: resource-stickiness ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_stickiness }}" ++ - name: migration-threshold ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_migration_threshold }}" ++ - name: failure-timeout ++ value: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_failure_timeout }}" ++ operations: ++ - action: start ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: stop ++ attrs: ++ - name: interval ++ value: 0 ++ - name: timeout ++ value: 600 ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 20 ++ - name: on-fail ++ value: restart ++ - name: timeout ++ value: 60 ++ when: ++ - __resource_sapinstance_ers.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ ++ ++- name: "SAP HA Prepare Pacemaker - Add resource clone: Filesystem /usr/sap/<>/SCS<>" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_filesystem] }}" ++ vars: ++ __clone_filesystem: ++ resource_id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_filesystem_resource_name }}" ++ promotable: "no" ++ meta_attrs: ++ - attrs: ++ - name: clone-max ++ value: 2 ++ - name: clone-node-max ++ value: 1 ++ - name: interleave ++ value: "true" ++ when: ++ - __clone_filesystem.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource clone: Filesystem /usr/sap/<>/ERS<>" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_filesystem] }}" ++ vars: ++ __clone_filesystem: ++ resource_id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_filesystem_resource_name }}" ++ promotable: "no" ++ meta_attrs: ++ - attrs: ++ - name: clone-max ++ value: 2 ++ - name: clone-node-max ++ value: 1 ++ - name: interleave ++ value: "true" ++ when: ++ - __clone_filesystem.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) ++ ++ ++- name: "SAP HA Prepare Pacemaker - Add resource clone: SAPInstance for Central Service (JAVA SCS)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_sapinstance] }}" ++ vars: ++ __clone_sapinstance: ++ resource_id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_name }}" ++ promotable: "yes" ++ meta_attrs: ++ - attrs: ++ - name: clone-max ++ value: 2 ++ - name: clone-node-max ++ value: 1 ++ - name: interleave ++ value: "true" ++ when: ++ - __clone_sapinstance.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) ++ ++- name: "SAP HA Prepare Pacemaker - Add resource clone: SAPInstance for Enqueue Replication Service (JAVA ERS)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones + [__clone_sapinstance_ers] }}" ++ vars: ++ __clone_sapinstance_ers: ++ resource_id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_name }}" ++ promotable: "yes" ++ meta_attrs: ++ - attrs: ++ - name: clone-max ++ value: 2 ++ - name: clone-node-max ++ value: 1 ++ - name: interleave ++ value: "true" ++ when: ++ - __clone_sapinstance_ers.resource_id not in (__sap_ha_pacemaker_cluster_resource_clones | map(attribute='resource_id')) ++ ++# First start SAPInstance for Central Service, then SAPInstance for Enqueue Replication Service (automatically stops in reverse order) ++- name: "SAP HA Prepare Pacemaker - Add order constraint: Central Service starts before Enqueue Replication Service" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_sapinstance] }}" ++ vars: ++ __constraint_order_sapinstance: ++ resource_first: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_java_scs_sapinstance_resource_clone_name }}" ++ action: start ++ resource_then: ++ id: "{{ sap_ha_pacemaker_cluster_nwas_java_ers_sapinstance_resource_clone_name }}" ++ action: start ++ options: ++ - name: symmetrical ++ value: "false" ++ - name: kind ++ value: "Optional" ++ when: ++ - __constraint_order_sapinstance.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml +new file mode 100644 +index 0000000..841e3e5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml +@@ -0,0 +1,157 @@ ++--- ++# The following variables are constructed here in order to be provided as ++# input for the included 'ha_cluster' system role. ++ ++### Block for disabling stonith when no stonith resource definition is found ++# ++# This block is entered when ++# - no default stonith resource is defined and no custom is defined either ++# - an empty custom is defined to override any default (defined or not) ++- name: "SAP HA Prepare Pacemaker - (STONITH) Block when no STONITH resource is defined" ++ when: ++ - ( sap_ha_pacemaker_cluster_stonith_custom is defined and ( sap_ha_pacemaker_cluster_stonith_custom == '' or sap_ha_pacemaker_cluster_stonith_custom | length == 0 ) ) or ( sap_ha_pacemaker_cluster_stonith_custom is not defined and sap_ha_pacemaker_cluster_stonith_default is defined and ( sap_ha_pacemaker_cluster_stonith_default == '' or sap_ha_pacemaker_cluster_stonith_default | length == 0 ) ) or ( sap_ha_pacemaker_cluster_stonith_custom is not defined and sap_ha_pacemaker_cluster_stonith_default is not defined ) ++ block: ++ ++ - name: "SAP HA Prepare Pacemaker - (STONITH) Set to disabled when no fencing resource is defined" ++ ansible.builtin.set_fact: ++ sap_ha_pacemaker_cluster_cluster_properties: "{{ sap_ha_pacemaker_cluster_cluster_properties | combine({'stonith-enabled': false}) }}" ++ ++ - name: "SAP HA Prepare Pacemaker - Warn that there is no STONITH configured" ++ ansible.builtin.pause: ++ seconds: 5 ++ prompt: |2 ++ ++ WARNING: No STONITH resource is defined and STONITH is disabled! ++ ++ Recommendation: Add a STONITH resource and set cluster property ++ "stonith-enabled=true" ++ before using this cluster for production services. ++ ++# END of block for disabling stonith ++ ++ ++- name: "SAP HA Prepare Pacemaker - (STONITH) Define cluster properties" ++ when: ++ - sap_ha_pacemaker_cluster_cluster_properties is defined ++ - sap_ha_pacemaker_cluster_cluster_properties is iterable ++ - sap_ha_pacemaker_cluster_cluster_properties | length > 0 ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_cluster_properties: "{{ __sap_ha_pacemaker_cluster_cluster_properties | default([]) + __stonith_properties }}" ++ vars: ++ __stonith_properties: ++ - attrs: |- ++ {% set attrs = __sap_ha_pacemaker_cluster_cluster_properties | map(attribute='attrs') | flatten -%} ++ {%- for default_cluster_properties in (sap_ha_pacemaker_cluster_cluster_properties | dict2items) -%} ++ {% if default_cluster_properties.key not in ++ (__sap_ha_pacemaker_cluster_cluster_properties | map(attribute='attrs') | flatten | map(attribute='name')) -%} ++ {% set role_attrs = attrs.extend([ ++ { ++ 'name': default_cluster_properties.key, ++ 'value': default_cluster_properties.value ++ } ++ ]) -%} ++ {%- endif %} ++ {%- endfor %} ++ {{ attrs }} ++ ++# Combine the default stonith resource config from ++# - assembled pcmk_host_map ++# (see platform tasks: __sap_ha_pacemaker_cluster_pcmk_host_map) ++# - fence agent specific required options ++# (see platform vars: sap_ha_pacemaker_cluster_stonith_default) ++# - generic pacemaker fence resource options ++# (see defaults: sap_ha_pacemaker_cluster_fence_options) ++ ++# Note: the 'ha_cluster' LSR only calls the stonith creation for ONE host ++# -> the definition must contain the resources for all hosts, if multiple ++ ++- name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resource definition from platform default" ++ when: ++ - sap_ha_pacemaker_cluster_stonith_default is defined ++ - sap_ha_pacemaker_cluster_stonith_default | length > 0 ++ - sap_ha_pacemaker_cluster_stonith_custom is not defined ++ - __stonith_resource_element.id not in (__sap_ha_pacemaker_cluster_stonith_resource | default([])| map(attribute='id')) ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_stonith_resource: "{{ __sap_ha_pacemaker_cluster_stonith_resource | default([]) + [__stonith_resource_element] }}" ++ vars: ++ __stonith_resource_element: ++ id: "{{ sap_ha_pacemaker_cluster_stonith_default.id + __plug_suffix }}" ++ agent: "{{ sap_ha_pacemaker_cluster_stonith_default.agent }}" ++ instance_attrs: ++ - attrs: >- ++ {% set attrs = [] -%} ++ {% if __sap_ha_pacemaker_cluster_pcmk_host_map | length > 0 -%} ++ {% set map = attrs.extend([ ++ { ++ 'name': 'pcmk_host_map', ++ 'value': __sap_ha_pacemaker_cluster_pcmk_host_map ++ }]) -%} ++ {%- else -%} ++ {% set map = attrs.extend([ ++ { ++ 'name': 'plug', ++ 'value': stonith_host_item ++ }]) -%} ++ {%- endif %} ++ {%- if sap_ha_pacemaker_cluster_stonith_default.options is defined ++ and sap_ha_pacemaker_cluster_stonith_default.options | length > 0 -%} ++ {%- for agent_opt in (sap_ha_pacemaker_cluster_stonith_default.options | default({}) | dict2items) -%} ++ {% set aopts = attrs.extend([ ++ { ++ 'name': agent_opt.key, ++ 'value': agent_opt.value ++ }]) -%} ++ {%- endfor %} ++ {%- endif -%} ++ {{ attrs }} ++ ++ __plug_suffix: >- ++ {%- if __sap_ha_pacemaker_cluster_pcmk_host_map | length == 0 -%} ++ _{{ stonith_host_item }} ++ {%- else %}{% endif -%} ++ ++ loop: "{{ ansible_play_hosts_all }}" ++ loop_control: ++ loop_var: stonith_host_item ++ label: "{{ stonith_host_item }}" ++ ++ ++- name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resources from custom definition" ++ when: ++ - sap_ha_pacemaker_cluster_stonith_custom is defined ++ - __stonith_resource_element.id not in (__sap_ha_pacemaker_cluster_stonith_resource | default([]) | map(attribute='id')) ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_stonith_resource: "{{ __sap_ha_pacemaker_cluster_stonith_resource | default([]) + [__stonith_resource_element] }}" ++ vars: ++ __stonith_resource_element: ++ id: "res_{{ item.name }}" ++ agent: "{{ item.agent }}" ++ instance_attrs: ++ - attrs: |- ++ {% set attrs = [] -%} ++ {%- for option in (item.options | dict2items) -%} ++ {% set aopts = attrs.extend([ ++ { ++ 'name': option.key, ++ 'value': option.value ++ } ++ ]) -%} ++ {%- endfor %} ++ {{ attrs }} ++ loop: "{{ sap_ha_pacemaker_cluster_stonith_custom }}" ++ loop_control: ++ label: "{{ item.name }}" ++ ++ ++# The STONITH resource is an element in the cluster_resource_primitives list ++- name: "SAP HA Prepare Pacemaker - (STONITH) Construct resources definition" ++ when: ++ - __sap_ha_pacemaker_cluster_stonith_resource is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: |- ++ {{ ++ __sap_ha_pacemaker_cluster_resource_primitives ++ + ++ (__sap_ha_pacemaker_cluster_stonith_resource | from_yaml) ++ }} ++ no_log: true # stonith resources usually contain secrets +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml +new file mode 100644 +index 0000000..c47a60a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml +@@ -0,0 +1,183 @@ ++--- ++# Included in: tasks/main.yml ++ ++- name: "SAP HA Prepare Pacemaker - Add order constraint: Primary VIP starts after DB is promoted" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_vip] }}" ++ vars: ++ __constraint_order_vip: ++ resource_first: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" ++ action: promote ++ resource_then: ++ id: "{{ __res_or_grp }}" ++ action: start ++ ++ # Check if there is ++ # - a group for the hana_primary VIP/HC resources ++ # - otherwise check if the VIP resource for hana_primary is defined ++ # - otherwise check for a HC resource for hana_primary ++ # and use the found resource in the constraint. ++ __res_or_grp: |- ++ {% if sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 and ++ __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} ++ {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} ++ {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }} ++ {%- else -%} ++ none_found ++ {%- endif -%} ++ ++ when: ++ - __constraint_order_vip.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) ++ - __res_or_grp != 'none_found' # fallback skip if there was neither a group nor any VIP/HC resources found ++ ++- name: "SAP HA Prepare Pacemaker - Add order constraint: Read-only VIP starts after DB on the secondary" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_vip] }}" ++ vars: ++ __constraint_order_vip: ++ resource_first: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" ++ action: start ++ resource_then: ++ id: "{{ __res_or_grp }}" ++ action: start ++ ++ # Check if there is ++ # - a group for the hana_secondary VIP/HC resources ++ # - otherwise check if the VIP resource for hana_secondary is defined ++ # - otherwise check for a HC resource for hana_secondary ++ # and use the found resource in the constraint. ++ __res_or_grp: |- ++ {% if sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 and ++ __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} ++ {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} ++ {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }} ++ {%- else -%} ++ none_found ++ {%- endif -%} ++ ++ when: ++ - __constraint_order_vip.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) ++ - __res_or_grp != 'none_found' # fallback skip if there was neither a group nor any VIP/HC resources found ++ ++ ++# The primary VIP only runs where HANA is promoted ++- name: "SAP HA Prepare Pacemaker - Add colocation constraint: Primary VIP runs where HANA is promoted" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_vip] }}" ++ vars: ++ __constraint_colo_vip: ++ resource_leader: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" ++ role: promoted ++ resource_follower: ++ id: "{{ __res_or_grp }}" ++ options: ++ - name: score ++ value: "{{ __colo_score }}" ++ ++ ## Group or single resource? ++ # Check if there is ++ # - a group for the hana_primary VIP/HC resources ++ # - otherwise check if the VIP resource for hana_primary is defined ++ # - otherwise check for a HC resource for hana_primary ++ # and use the found resource in the constraint. ++ __res_or_grp: |- ++ {% if sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 and ++ __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} ++ {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }} ++ {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }} ++ {%- else -%} ++ none_found ++ {%- endif -%} ++ ++ ## When in a group, increase the default base score by adding 1000 per resource in the group. ++ __colo_score: >- ++ {% if __sap_ha_pacemaker_cluster_resource_groups | length > 0 -%} ++ {% for group in __sap_ha_pacemaker_cluster_resource_groups -%} ++ {% if group.id == (sap_ha_pacemaker_cluster_vip_group_prefix ++ + sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} ++ {{ (group.resource_ids | length * 1000) + sap_ha_pacemaker_cluster_constraint_colo_base_score }} ++ {%- endif %} ++ {%- endfor %} ++ {%- else -%} ++ {{ sap_ha_pacemaker_cluster_constraint_colo_base_score }} ++ {%- endif %} ++ ++ when: ++ - __constraint_colo_vip.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) ++ - __res_or_grp != 'none_found' # fallback skip if there was neither a group nor any VIP/HC resources found ++ ++ ++# The secondary VIP only runs where HANA is UNpromoted ++- name: "SAP HA Prepare Pacemaker - Add colocation constraint: Read-only VIP runs where HANA is not promoted" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation + [__constraint_colo_vip] }}" ++ vars: ++ __constraint_colo_vip: ++ resource_leader: ++ id: "{{ sap_ha_pacemaker_cluster_hana_resource_clone_name }}" ++ role: unpromoted ++ resource_follower: ++ id: "{{ __res_or_grp }}" ++ options: ++ - name: score ++ value: "{{ __colo_score }}" ++ ++ # Check if there is ++ # - a group for the hana_secondary VIP/HC resources ++ # - otherwise check if the VIP resource for hana_secondary is defined ++ # - otherwise check for a HC resource for hana_secondary ++ # and use the found resource in the constraint. ++ __res_or_grp: |- ++ {% if sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 and ++ __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_vip_group_prefix + sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} ++ {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }} ++ {%- elif __sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id') ++ | select('match', sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name) -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }} ++ {%- else -%} ++ none_found ++ {%- endif -%} ++ ++ ## When in a group, increase the default base score by adding 1000 per resource in the group. ++ __colo_score: >- ++ {% if __sap_ha_pacemaker_cluster_resource_groups | length > 0 -%} ++ {% for group in __sap_ha_pacemaker_cluster_resource_groups -%} ++ {% if group.id == (sap_ha_pacemaker_cluster_vip_group_prefix ++ + sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} ++ {{ (group.resource_ids | length * 1000) + sap_ha_pacemaker_cluster_constraint_colo_base_score }} ++ {%- endif %} ++ {%- endfor %} ++ {%- else -%} ++ {{ sap_ha_pacemaker_cluster_constraint_colo_base_score }} ++ {%- endif %} ++ ++ when: ++ - __constraint_colo_vip.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) ++ - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address is defined ++ - sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address != '' ++ - __res_or_grp != 'none_found' # fallback skip if there was neither a group nor any VIP/HC resources found +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_groups.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_groups.yml +new file mode 100644 +index 0000000..18c634f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_groups.yml +@@ -0,0 +1,54 @@ ++--- ++# Currently this is only used for HANA scenarios. ++- name: "SAP HA Prepare Pacemaker - Group the related VIP and healthcheck resources together" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__vip_group] }}" ++ vars: ++ __vip_group: ++ id: "{{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ group_item.name }}" ++ resource_ids: "{{ group_item.vip_hc_resources }}" ++ ++ __instance: ++ - name: "{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" ++ vip_hc_resources: ++ - "{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }}" ++ - name: "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" ++ vip_hc_resources: ++ - "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }}" ++ - name: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" ++ vip_hc_resources: ++ - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name }}" ++ - name: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" ++ vip_hc_resources: ++ - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name }}" ++ - name: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" ++ vip_hc_resources: ++ - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name }}" ++ - name: "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" ++ vip_hc_resources: ++ - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name }}" ++ loop: "{{ __instance }}" ++ loop_control: ++ loop_var: group_item ++ label: "{{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ group_item.name }}" ++ when: ++ - group_item.vip_hc_resources | difference(__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) | length == 0 ++ - sap_ha_pacemaker_cluster_vip_group_prefix | length > 0 ++ - __vip_group.id not in __sap_ha_pacemaker_cluster_resource_groups | map(attribute='id') ++# Only create the group when ++# - all resources in the 'vip_hc_resources' sub-list are part of the cluster resource definition ++# - a group name prefix has been set (default = '') ++# - the group resource does not exist yet in the definition (by group name) ++ ++- name: "SAP HA Prepare Pacemaker - Display VIP resource group definition if any were built" ++ ansible.builtin.debug: ++ var: __sap_ha_pacemaker_cluster_resource_groups ++ when: ++ - __sap_ha_pacemaker_cluster_resource_groups is defined ++ - __sap_ha_pacemaker_cluster_resource_groups | length > 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_resources_default.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_resources_default.yml +new file mode 100644 +index 0000000..d60b789 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_resources_default.yml +@@ -0,0 +1,26 @@ ++--- ++# Reminder: This file is included in a loop over a dictionary. ++# Included in: tasks/include_construct_vip_resources.yml ++# ++# file loop var: vip_list_item ++# ++# Example: ++# {{ vip_list_item.key }} => vip_SID_00_primary ++# {{ vip_list_item.value }} => 192.168.1.10 ++ ++- name: "SAP HA Prepare Pacemaker - Add resource: VIP {{ vip_list_item.key }} (IPaddr2)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_vip] }}" ++ vars: ++ __resource_vip: ++ id: "{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents['ipaddr'].agent }}" ++ instance_attrs: ++ - attrs: ++ - name: ip ++ value: "{{ vip_list_item.value | quote }}" ++ - name: nic ++ value: "{{ sap_ha_pacemaker_cluster_vip_client_interface }}" ++ when: ++ - vip_list_item.key not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ - sap_ha_pacemaker_cluster_vip_method == 'ipaddr' or (__sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].with is defined and __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].with == 'ipaddr') +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/import_hacluster_vars_from_inventory.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/import_hacluster_vars_from_inventory.yml +new file mode 100644 +index 0000000..07dc501 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/import_hacluster_vars_from_inventory.yml +@@ -0,0 +1,100 @@ ++--- ++# If there are "ha_cluster" Linux System Role parameters already defined in the ++# inventory, we will include these custom specifications and they take precedence. ++ ++# Only parameters which need to be adjusted or enhanced by the SAP HA role ++# need to be included here. ++ ++ ++### Take the following template to add additional parameters to be inherited: ++# - name: "SAP HA Prepare Pacemaker - Register ha_cluster_" ++# ansible.builtin.set_fact: ++# __sap_ha_pacemaker_cluster_: "{{ ha_cluster_ }}" ++# when: ha_cluster_ is defined ++ ++ ++# ha_cluster ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster'" ++ when: ha_cluster is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_ha_cluster: "{{ ha_cluster }}" ++ ++# ha_cluster_cluster_name ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_cluster_name'" ++ when: ha_cluster_cluster_name is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_cluster_name: "{{ ha_cluster_cluster_name }}" ++ ++# ha_cluster_cluster_properties ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_cluster_properties'" ++ when: ha_cluster_cluster_properties is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_cluster_properties: "{{ ha_cluster_cluster_properties }}" ++ ++# __sap_ha_pacemaker_cluster_resource_groups ha_cluster_constraints_colocation ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_constraints_colocation'" ++ when: ha_cluster_constraints_colocation is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_colocation: "{{ ha_cluster_constraints_colocation }}" ++ ++# ha_cluster_constraints_location ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_constraints_location'" ++ when: ha_cluster_constraints_location is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_location: "{{ ha_cluster_constraints_location }}" ++ ++# ha_cluster_constraints_order ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_constraints_order'" ++ when: ha_cluster_constraints_order is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_constraints_order: "{{ ha_cluster_constraints_order }}" ++ ++# ha_cluster_extra_packages ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_extra_packages'" ++ when: ha_cluster_extra_packages is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_extra_packages: "{{ ha_cluster_extra_packages }}" ++ ++# ha_cluster_fence_agent_packages ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_fence_agent_packages'" ++ when: ha_cluster_fence_agent_packages is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_fence_agent_packages: "{{ ha_cluster_fence_agent_packages }}" ++ ++# ha_cluster_hacluster_password ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_repos'" ++ when: ha_cluster_hacluster_password is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_hacluster_user_password: "{{ ha_cluster_hacluster_password }}" ++ no_log: true # handle credentials with care ++ ++# ha_cluster_repos ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_repos'" ++ when: ha_cluster_repos is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_repos: "{{ ha_cluster_repos }}" ++ ++# ha_cluster_resource_clones ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_resource_clones'" ++ when: ha_cluster_resource_clones is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_clones: "{{ ha_cluster_resource_clones }}" ++ ++# ha_cluster_resource_groups ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_resource_groups'" ++ when: ha_cluster_resource_groups is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_groups: "{{ ha_cluster_resource_groups }}" ++ ++# ha_cluster_resource_primitives ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_resource_primitives'" ++ when: ha_cluster_resource_primitives is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ ha_cluster_resource_primitives }}" ++ no_log: true # be paranoid, there could be credentials in it ++ ++# ha_cluster_totem ++- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_totem'" ++ when: ha_cluster_totem is defined ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_corosync_totem: "{{ ha_cluster_totem }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_construct_vip_resources.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_construct_vip_resources.yml +new file mode 100644 +index 0000000..d26b4fd +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_construct_vip_resources.yml +@@ -0,0 +1,89 @@ ++--- ++# For the sake of readability and maintainability, suppress cosmetical ansible-lint warnings. ++- name: "SAP HA Prepare Pacemaker - Make a list of potential VIP definitions" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_all_vip_fact: # noqa: jinja[spacing] ++ hana_scaleup_perf: "{{ { sap_ha_pacemaker_cluster_vip_hana_primary_resource_name: sap_ha_pacemaker_cluster_vip_hana_primary_ip_address | regex_replace('/.*', ''), sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name: sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | regex_replace('/.*', ''), sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name: sap_ha_pacemaker_cluster_healthcheck_hana_primary_port, sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name: sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port } }}" ++ nwas_abap_ascs_ers: "{{ { sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name: sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address | regex_replace('/.*', ''), sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name: sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address | regex_replace('/.*', ''), sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name: sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port, sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name: sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port } }}" ++ nwas_abap_pas_aas: "{{ { sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name: sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address | regex_replace('/.*', ''), sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name: sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address | regex_replace('/.*', ''), sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name: sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port, sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name: sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port } }}" ++ ++### Maintenance note ++# ++# The above task returns the following structure with a definition for HANA and ASCS/ERS, ++# example for platform "MS Azure": ++# ++# __sap_ha_pacemaker_cluster_all_vip_fact: ++# hana_scaleup_perf: ++# vip_HAN_10_primary: 192.168.1.10 ++# vip_HAN_10_readonly: ++# hc_vip_HAN_10_primary: 62610 ++# hc_vip_HAN_10_readonly: 0 ++# nwas_abap_ascs_ers: ++# vip_NW1_20_ascs: 192.168.2.20 ++# vip_NW2_30_ers: 192.168.2.30 ++# hc_vip_NW1_20_ascs: 62620 ++# hc_vip_NW2_30_ers: 62630 ++# nwas_abap_pas_aas: ++# vip___pas: ++# vip___aaas: ++# hc_vip___pas: 0 ++# hc_vip___aas: 0 ++ ++- name: "SAP HA Prepare Pacemaker - Combine VIP parameters" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_vip_resource_definition: "{{ __sap_ha_pacemaker_cluster_vip_resource_definition | default({}) | combine(__sap_ha_pacemaker_cluster_all_vip_fact[vip_item]) | dict2items | rejectattr('value', 'equalto', '') | list | items2dict }}" ++ loop: "{{ sap_ha_pacemaker_cluster_host_type }}" ++ loop_control: ++ loop_var: vip_item ++ ++### Maintenance note ++# ++# The above task reduces the previous dictionary to the contents matching the target ++# host type definition. It reduces the VIP/HC resources list to only those with values. ++# Example for NW ASCS/ERS: ++# ++# __sap_ha_pacemaker_cluster_vip_resource_definition: ++# nwas_abap_ascs_ers: ++# vip_NW1_20_ascs: 192.168.2.20 ++# vip_NW2_30_ers: 192.168.2.30 ++# hc_vip_NW1_20_ascs: 62620 ++# hc_vip_NW2_30_ers: 62630 ++ ++ ++# The VIP resource construction files are included in a loop to allow ++# for multiple IPs to be configured in cluster resources ++ ++# Repeat the VIP resource definition in a loop over the above combined possible parameters. ++# Applies to systems with no particular platform detected. ++# VIP resources creation only. ++- name: "SAP HA Prepare Pacemaker - Include variable construction for standard VIP resources" ++ ansible.builtin.include_tasks: construct_vars_vip_resources_default.yml ++ loop: "{{ query('dict', __sap_ha_pacemaker_cluster_vip_resource_definition) }}" ++ loop_control: ++ index_var: loop_index ++ loop_var: vip_list_item ++ label: "{{ vip_list_item.key }} - {{ vip_list_item.value }}" ++ when: ++ - __sap_ha_pacemaker_cluster_platform != 'cloud_gcp_ce_vm' # custom IPaddr2 task per platform ++ - __sap_ha_pacemaker_cluster_platform != 'cloud_ibmcloud_powervs' # custom IPaddr2 task per platform ++ - __sap_ha_pacemaker_cluster_platform != 'cloud_ibmcloud_vs' # no IPaddr2 resource creation, even when an IP is defined ++ - vip_list_item.key in __sap_ha_pacemaker_cluster_vip_resource_list ++ ++# Platform custom VIP and/or health check resources creation. ++- name: "SAP HA Prepare Pacemaker - Include variable construction for platform VIP methods" ++ ansible.builtin.include_tasks: "platform/construct_vars_vip_resources_{{ __sap_ha_pacemaker_cluster_platform }}.yml" ++ loop: "{{ query('dict', __sap_ha_pacemaker_cluster_vip_resource_definition) }}" ++ loop_control: ++ index_var: loop_index ++ loop_var: vip_list_item ++ label: "{{ vip_list_item.key }} - {{ vip_list_item.value }}" ++ when: ++ - __sap_ha_pacemaker_cluster_platform | length > 0 ++ ++ ++# Group VIP and healthcheck resources if applicable. ++- name: "SAP HA Prepare Pacemaker - Include VIP and healthcheck group creation" ++ ansible.builtin.include_tasks: ++ file: construct_vars_vip_groups.yml ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_common.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_common.yml +new file mode 100644 +index 0000000..31a306c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_common.yml +@@ -0,0 +1,42 @@ ++--- ++# Gather specific subsets of facts if the required facts are not yet available. ++- name: "SAP HA Prepare Pacemaker - Collect required facts" ++ when: ++ - not ansible_facts.keys() | list | intersect(__sap_ha_pacemaker_cluster_required_facts) == __sap_ha_pacemaker_cluster_required_facts ++ ansible.builtin.setup: ++ gather_subset: hardware,interfaces ++ ++# Multi-NIC: ++# Find out if there is more than one interface present, this will ++# be used for determining the target NIC for VIP configurations. ++# Assumption: The local loopback "lo" is always in the list. ++- name: "SAP HA Prepare Pacemaker - Set multi-NIC when more than one interface is found" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_nic_multi_bool: true ++ when: ++ - ansible_interfaces | length > 2 ++ ++- name: "SAP HA Prepare Pacemaker - Set interface name when only one interface is present" ++ ansible.builtin.set_fact: ++ sap_ha_pacemaker_cluster_vip_client_interface: "{{ ansible_default_ipv4.interface }}" ++ when: ++ - not __sap_ha_pacemaker_cluster_nic_multi_bool ++ - sap_ha_pacemaker_cluster_vip_client_interface == '' ++ ++ ++# Include vars files based on the environment. ++# Respect order for potential variable precedence. ++- name: "SAP HA Prepare Pacemaker - Include environment specific variables" ++ when: __sap_ha_pacemaker_cluster_vars_file is file ++ ansible.builtin.include_vars: "{{ __sap_ha_pacemaker_cluster_vars_file }}" ++ loop: ++ - "{{ ansible_os_family | lower }}.yml" ++ - "{{ ansible_distribution | lower }}.yml" ++ - >- ++ {{ ansible_distribution | lower ~ '_' ~ ++ ansible_distribution_major_version }}.yml ++ - >- ++ {{ ansible_distribution | lower ~ '_' ~ ++ ansible_distribution_version }}.yml ++ vars: ++ __sap_ha_pacemaker_cluster_vars_file: "{{ role_path }}/vars/{{ item }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_hana.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_hana.yml +new file mode 100644 +index 0000000..ed2f2f4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_hana.yml +@@ -0,0 +1,13 @@ ++--- ++- name: SAP HA Prepare Pacemaker - Include HANA landscape specific variables ++ ansible.builtin.include_vars: "{{ role_path }}/vars/{{ include_item }}.yml" ++ loop: "{{ __host_type_list | flatten }}" ++ loop_control: ++ loop_var: include_item ++ label: "{{ include_item }}.yml" ++ vars: ++ __host_type_list: ++ - hana_scaleup_common ++ - "{{ sap_ha_pacemaker_cluster_host_type }}" ++ when: ++ - "(role_path + '/vars/' + include_item + '.yml') is file" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml +new file mode 100644 +index 0000000..7ffa92e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml +@@ -0,0 +1,13 @@ ++--- ++- name: SAP HA Prepare Pacemaker - Include NETWEAVER landscape specific variables ++ ansible.builtin.include_vars: "{{ role_path }}/vars/{{ include_item }}.yml" ++ loop: "{{ __host_type_list | flatten }}" ++ loop_control: ++ loop_var: include_item ++ label: "{{ include_item }}.yml" ++ vars: ++ __host_type_list: ++ - nwas_common ++ - "{{ sap_ha_pacemaker_cluster_host_type }}" ++ when: ++ - "(role_path + '/vars/' + include_item + '.yml') is file" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/main.yml +new file mode 100644 +index 0000000..d934097 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/main.yml +@@ -0,0 +1,280 @@ ++--- ++# 1. Role arguments are validated through meta/arguments_spec.yml (ansible >= 2.11) ++# 2. Detect SAP solution to be configured (scale-up, scale-out, etc.) ++# * Play hosts must have SAP installed and landscape information discoverable ?! ++# 3. Include tasks for parameter validation for the selected solution ++# * Certain parameters must match the target solution ++# (networking, IDs, number of nodes) ++# 4. Include tasks for building the ha_cluster arguments for the selected solution ++# * scale-up, scale-out, scale-up + mtr, scale-out + mtr ++# 5. Include LSR "ha_cluster" with the constructed parameters as role arguments ++# 6. Add solution specific config ++# * srhook ++# 7. Save LSR "ha_cluster" input parameters in .yml file for easy reuse ++ ++# TODO: Build all resource/constraint configuration variables based on ++# simpler user input (think: drop-down options in a UI) ++ ++- name: "SAP HA Prepare Pacemaker - Include parameter validation tasks" ++ ansible.builtin.import_tasks: validate_input_parameters.yml ++ ++# Make sure that all parameters already set for 'ha_cluster' are also inherited. ++# Add to this file a task for EACH parameter which this SAP cluster role ++# supports. ++- name: "SAP HA Prepare Pacemaker - Include tasks from 'ha_cluster' role definitions" ++ ansible.builtin.import_tasks: import_hacluster_vars_from_inventory.yml ++ ++- name: "SAP HA Prepare Pacemaker - Include facts and common variables" ++ ansible.builtin.import_tasks: include_vars_common.yml ++ ++# Determine which SAP landscape we are going to configure in the cluster. ++- name: "SAP HA Prepare Pacemaker - Include tasks for SAP landscape calculation" ++ ansible.builtin.import_tasks: ascertain_sap_landscape.yml ++ ++# Determine if we are on a cloud platform. ++- name: "SAP HA Prepare Pacemaker - Include tasks for platform detection" ++ ansible.builtin.import_tasks: platform/ascertain_platform_type.yml ++ ++- name: "SAP HA Prepare Pacemaker - Include platform specific variables" ++ ansible.builtin.import_tasks: platform/include_vars_platform.yml ++ ++- name: "SAP HA Prepare Pacemaker - Include common variable construction tasks" ++ ansible.builtin.import_tasks: construct_vars_common.yml ++ ++- name: "SAP HA Prepare Pacemaker - Include variable construction for STONITH resources" ++ ansible.builtin.import_tasks: construct_vars_stonith.yml ++ ++- name: "SAP HA Prepare Pacemaker - Include variable construction for VIP resources" ++ ansible.builtin.import_tasks: include_construct_vip_resources.yml ++ ++# Include construction task files for different scenarios. ++ ++- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP HANA common" ++ ansible.builtin.include_tasks: ++ file: construct_vars_hana_common.yml ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP HANA Scale-up" ++ ansible.builtin.include_tasks: ++ file: construct_vars_hana_scaleup.yml ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver common" ++ ansible.builtin.include_tasks: ++ file: construct_vars_nwas_common.yml ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ABAP ASCS/ERS" ++ ansible.builtin.include_tasks: ++ file: construct_vars_nwas_abap_ascs_ers.yml ++ loop: "{{ sap_ha_pacemaker_cluster_host_type }}" ++ loop_control: ++ loop_var: nwas_build_item ++ when: ++ - "'nwas_abap_ascs' in nwas_build_item" ++ ++- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ABAP PAS/AAS" ++ ansible.builtin.include_tasks: ++ file: construct_vars_nwas_abap_pas_aas.yml ++ loop: "{{ sap_ha_pacemaker_cluster_host_type }}" ++ loop_control: ++ loop_var: nwas_build_item ++ when: ++ - "'nwas_abap_pas' in nwas_build_item" ++ ++- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver Java SCS/ERS" ++ ansible.builtin.include_tasks: ++ file: construct_vars_nwas_java_scs_ers.yml ++ loop: "{{ sap_ha_pacemaker_cluster_host_type }}" ++ loop_control: ++ loop_var: nwas_build_item ++ when: ++ - "'nwas_java' in nwas_build_item" ++ ++# Include constraints construction after the related resources were constructed. ++- name: "SAP HA Prepare Pacemaker - Include variable construction for SAP Hana VIP constraints" ++ ansible.builtin.include_tasks: ++ file: construct_vars_vip_constraints_hana.yml ++ ++# All of the SAP HA role constructed parameters must be translated to ++# 'ha_cluster' Linux System Role parameters. ++- name: "SAP HA Prepare Pacemaker - Translate all parameters to 'ha_cluster' input variables" ++ ansible.builtin.include_tasks: ++ file: construct_final_hacluster_vars.yml ++ ++ ++########################################################## ++# BLOCK which covers actual changes on the target systems ++########################################################## ++ ++- name: "SAP HA Install Pacemaker - Block with actual changes" ++ block: ++ ++ # Start with prerequisite changes for certain platforms, if applicable ++ - name: "SAP HA Install Pacemaker - Include platform specific prerequisites" ++ when: __sap_ha_pacemaker_cluster_platform_file is file ++ ansible.builtin.include_tasks: ++ file: "{{ item }}" ++ loop: ++ - "platform/preconfigure_{{ __sap_ha_pacemaker_cluster_platform }}.yml" ++ vars: ++ __sap_ha_pacemaker_cluster_platform_file: "{{ role_path }}/tasks/{{ item }}" ++ ++ # Stop and disable services that conflict with cluster setups, ++ # for instance cloud-init services on cloud platforms ++ - name: "SAP HA Install Pacemaker - Stop and disable services" ++ when: sap_ha_pacemaker_cluster_disable_services is defined ++ register: __sap_ha_pacemaker_cluster_disable_services ++ ansible.builtin.service: ++ name: "{{ service_item }}" ++ enabled: false ++ state: stopped ++ loop: "{{ sap_ha_pacemaker_cluster_disable_services }}" ++ loop_control: ++ loop_var: service_item ++ label: "{{ service_item }}" ++ failed_when: ++ - __sap_ha_pacemaker_cluster_disable_services.failed ++ - '"Could not find the requested service" not in __sap_ha_pacemaker_cluster_disable_services.msg' ++ ++ - name: "SAP HA Install Pacemaker - Query if CIB already exists" ++ ansible.builtin.command: ++ cmd: cibadmin --query ++ register: __sap_ha_pacemaker_cluster_cib_query ++ check_mode: false ++ changed_when: false ++ failed_when: false ++ ++ - name: "SAP HA Install Pacemaker - Create backup of existing CIB" ++ when: ++ - __sap_ha_pacemaker_cluster_cib_query.stdout is defined ++ - __sap_ha_pacemaker_cluster_cib_query.stdout|length > 0 ++ ansible.builtin.copy: # noqa template-instead-of-copy ++ backup: true ++ content: "{{ __sap_ha_pacemaker_cluster_cib_query.stdout }}" ++ dest: /root/cib_backup.xml ++ group: root ++ owner: root ++ mode: "0600" ++ ++ # Cluster installation and configuration through the dedicated ++ # linux system role 'ha_cluster' ++ - name: "SAP HA Install Pacemaker - Include System Role 'ha_cluster'" ++ ansible.builtin.import_role: ++ name: "{{ sap_ha_pacemaker_cluster_system_roles_collection }}.ha_cluster" ++ no_log: "{{ __sap_ha_pacemaker_cluster_no_log }}" # some parameters contain secrets ++ ++ # Resource defaults settings were added to "ha_cluster" in Apr 2023 (GH version 1.9.0) ++ # https://github.com/linux-system-roles/ha_cluster#ha_cluster_resource_defaults ++ # Keeping separate for compatibility with older versions of the ha_cluster role. ++ # TODO: Change resource defaults update to "ha_cluster" native syntax. ++ - name: "SAP HA Install Pacemaker - Check resource defaults" ++ ansible.builtin.command: ++ cmd: | ++ {{ __sap_ha_pacemaker_cluster_command.resource_defaults_show }} ++ register: __sap_ha_pacemaker_cluster_check_resource_defaults ++ run_once: true ++ changed_when: false ++ check_mode: false ++ ++ - name: "SAP HA Install Pacemaker - Update resource default attributes" ++ when: ++ - item.key ~ '=' ~ item.value not in __sap_ha_pacemaker_cluster_check_resource_defaults.stdout ++ - __sap_ha_pacemaker_cluster_resource_defaults is defined ++ - __sap_ha_pacemaker_cluster_resource_defaults | length > 0 ++ ansible.builtin.command: ++ cmd: | ++ {{ __sap_ha_pacemaker_cluster_command.resource_defaults_update }} {{ item.key }}={{ item.value }} ++ loop: "{{ __sap_ha_pacemaker_cluster_resource_defaults | dict2items }}" ++ loop_control: ++ label: "{{ item.key }}={{ item.value }}" ++ run_once: true ++ changed_when: true ++ ++ # Corosync post-inst ++ - name: "SAP HA Install Pacemaker - Make sure corosync systemd directory exists" ++ ansible.builtin.file: ++ path: /etc/systemd/system/corosync.service.d ++ state: directory ++ mode: '0755' ++ when: ++ - __sap_ha_pacemaker_cluster_platform == 'cloud_gcp_ce_vm' ++ ++ - name: "SAP HA Install Pacemaker - Corosync systemd configuration" ++ ansible.builtin.copy: ++ backup: true ++ content: |- ++ [Service] ++ ExecStartPre=/bin/sleep 60 ++ ++ dest: /etc/systemd/system/corosync.service.d/override.conf ++ group: root ++ owner: root ++ mode: '0644' ++ when: ++ - __sap_ha_pacemaker_cluster_platform == 'cloud_gcp_ce_vm' ++ notify: "Reload systemd daemon" ++ ++ - name: "SAP HA Install Pacemaker - Include srHook configuration" ++ ansible.builtin.include_tasks: ++ file: configure_srhook.yml ++ apply: ++ tags: srhook ++ tags: srhook ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 ++ ++ - name: "SAP HA Install Pacemaker - Include NetWeaver ASCS/ERS post installation" ++ ansible.builtin.include_tasks: ++ file: configure_nwas_ascs_ers_postinstallation.yml ++ apply: ++ tags: nwas_postinst ++ tags: nwas_postinst ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 ++ ++### END OF BLOCK: prerequisite changes and cluster setup ++ ++# Save all the constructed cluster parameters into a vars file. ++# ++# This will help re-using ha_cluster afterwards without losing the already ++# configured resources and constraints. ++# The ha_cluster role will otherwise remove configuration that is not part ++# of the parameters provided during any subsequent run outside of the current ++# SAP system role. ++# ++# TODO: Deal with secrets in output. They should be masked, maybe with ++# their user provided variables? ++ ++- name: "SAP HA Install Pacemaker - Create cluster configuration parameters file" ++ when: ++ - sap_ha_pacemaker_cluster_create_config_varfile ++ - sap_ha_pacemaker_cluster_create_config_dest | length ++ ansible.builtin.template: ++ backup: true ++ dest: "{{ sap_ha_pacemaker_cluster_create_config_dest }}" ++ mode: "0600" ++ src: cluster_create_config.j2 ++ trim_blocks: true ++ lstrip_blocks: true ++ delegate_to: localhost ++ run_once: true ++ become: false ++ check_mode: false ++ ++- name: "SAP HA Install Pacemaker - Display configuration parameters SAVE FILE location" ++ when: ++ - sap_ha_pacemaker_cluster_create_config_varfile ++ - sap_ha_pacemaker_cluster_create_config_dest | length ++ ansible.builtin.debug: ++ msg: | ++ The cluster resource configuration parameters have been saved here: ++ >>>>> {{ sap_ha_pacemaker_cluster_create_config_dest }} <<<<< ++ ++ Please include these variable definitions if you run the 'ha_cluster' ++ linux system role separately. ++ !! Secret values of resources may be included in this output !! ++ run_once: true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml +new file mode 100644 +index 0000000..f44067f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml +@@ -0,0 +1,127 @@ ++--- ++# Platform detection for cloud and other infrastructure platforms. ++ ++### Facts already available to Ansible ++# ++### Amazon Web Services EC2 Virtual Server. Not applicable for AWS Classic. ++# ansible_chassis_asset_tag: "Amazon EC2" # SMBIOS Chassis Asset Tag ++# ansible_board_asset_tag: "i-043d3c1a889ed9016" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform ++# ansible_chassis_vendor: "Amazon EC2" ++# ansible_product_name: "r5.8xlarge" # IaaS profile name ++# ansible_system_vendor: "Amazon EC2" ++# ++### Google Cloud Compute Engine Virtual Machine. ++# ansible_chassis_asset_tag: "NA" # SMBIOS Chassis Asset Tag ++# ansible_board_asset_tag: "9EAF3038-7EF5-3F1E-6620-FB3BDA7A3709" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform ++# ansible_chassis_vendor: "Google" ++# ansible_product_name: "Google Compute Engine" ++# ansible_system_vendor: "Google" ++# ++### IBM Cloud Virtual Server. Not applicable for IBM Cloud Classic Infrastructure. ++# ansible_chassis_asset_tag: "ibmcloud" # SMBIOS Chassis Asset Tag ++# ansible_board_asset_tag: "0c7d4459-xxxx-yyyy-zzzz-abcdefghijkl" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform ++# ansible_chassis_vendor: "IBM:Cloud Compute Server 1.0:mx2-16x128" # IaaS profile name as suffix (after colon) ++# ansible_product_name: "Standard PC (i440FX + PIIX, 1996)" ++# ansible_system_vendor: "QEMU" ++# ++### Microsoft Azure Virtual Machine. Not applicable for MS Azure Classic/ASM. ++# ansible_chassis_asset_tag: "7783-xxxx-yyyy-zzzz-aaaa-bbbb-cc" # SMBIOS Chassis Asset Tag ++# ansible_board_asset_tag: "None" # SMBIOS Baseboard Asset Tag ++# ansible_chassis_vendor: "Microsoft Corporation" ++# ansible_product_name: "Virtual Machine" ++# ansible_system_vendor: "70f4a858-1eea-4c35-b9e1-e179c32fc6b5" # ID of virtual machine on platform ++# ++### VMware vSphere ++# ansible_product_name: "VMware7,1", ++# ansible_system_vendor: "VMware, Inc.", ++# ansible_virtualization_type: "VMware" ++# ++### End of comment ++ ++ ++# TODO: detection based on multiple facts and providing one standard ++# name for use as platform type in related include files ++# cloud_aliyun_ecs_vm, cloud_aws_ec2_vs, cloud_gcp_ce_vm, cloud_ibmcloud_powervs, cloud_ibmcloud_vs, ++# cloud_msazure_vm, hyp_ibmpower_vm, hyp_redhat_ocp_virt_vm, hyp_redhat_rhel_kvm_vm, ++# hyp_vmware_vsphere_vm ++ ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is Amazon Web Services EC2 Virtual Server" ++ when: ++ - '"amazon" in ansible_system_vendor | lower or "amazon" in ansible_product_name | lower or "amazon" in ansible_product_version | lower' ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_platform: cloud_aws_ec2_vs ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is Google Cloud Compute Engine Virtual Machine" ++ when: ++ - ansible_product_name == 'Google Compute Engine' ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_platform: cloud_gcp_ce_vm ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is IBM Cloud Virtual Server" ++ when: ++ - ansible_chassis_asset_tag == 'ibmcloud' ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_platform: cloud_ibmcloud_vs ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is Microsoft Azure Virtual Machine" ++ when: ++ - ansible_product_name == 'Virtual Machine' ++ - ansible_chassis_vendor == 'Microsoft Corporation' ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_platform: cloud_msazure_vm ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is IBM Power - RSCT binary check" ++ ansible.builtin.shell: | ++ set -o pipefail && rpm -qa | grep -E -e "rsct.basic" ++ register: __sap_ha_pacemaker_cluster_power_rsct_check ++ changed_when: false ++ when: ansible_architecture == "ppc64le" ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is IBM Power - RSCT binary check" ++ ansible.builtin.fail: ++ msg: Please install RSCT from IBM Power Systems service and productivity tools repository ++ when: ++ - ansible_architecture == "ppc64le" ++ - __sap_ha_pacemaker_cluster_power_rsct_check.stdout == "" ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is IBM Power - RSCT binary check" ++ ansible.builtin.shell: | ++ /opt/rsct/bin/ctgethscid ++ register: __sap_ha_pacemaker_cluster_power_rsct_hscid ++ changed_when: false ++ when: ++ - ansible_architecture == "ppc64le" ++ - __sap_ha_pacemaker_cluster_power_rsct_check.stdout != "" ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is IBM Power Virtual Server from IBM Cloud" ++ when: ++ - ansible_architecture == "ppc64le" ++ - '"ibmcloud" in __sap_ha_pacemaker_cluster_power_rsct_hscid.stdout' ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_platform: cloud_ibmcloud_powervs ++ ++- name: "SAP HA Prepare Pacemaker - Check if platform is IBM PowerVM" ++ when: ++ - ansible_architecture == "ppc64le" ++ - '"ibmcloud" not in __sap_ha_pacemaker_cluster_power_rsct_hscid.stdout' ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_platform: hyp_ibmpower_vm ++ ++# - name: "SAP HA Prepare Pacemaker - Check if platform is VMware vSphere" ++# when: ++# - ansible_virtualization_type == 'VMware' ++# ansible.builtin.set_fact: ++# __sap_ha_pacemaker_cluster_platform: hyp_vmware_vsphere_vm ++ ++# Call tasks to discover information that is needed as input for any further steps. ++# Run this before including the platform vars in order to build vars based on the ++# discovered data. ++- name: "SAP HA Prepare Pacemaker - Include platform specific information collection" ++ when: __sap_ha_pacemaker_cluster_platform_info is file ++ ansible.builtin.include_tasks: ++ file: "{{ item }}" ++ loop: ++ - "platform/register_sysinfo_{{ __sap_ha_pacemaker_cluster_platform }}.yml" ++ vars: ++ __sap_ha_pacemaker_cluster_platform_info: "{{ role_path }}/tasks/{{ item }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_aws_ec2_vs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_aws_ec2_vs.yml +new file mode 100644 +index 0000000..0dbcdf4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_aws_ec2_vs.yml +@@ -0,0 +1,65 @@ ++--- ++# Reminder: This file is included in a loop over a dictionary. ++# Included in: tasks/include_construct_vip_resources.yml ++# ++# file loop var: vip_list_item ++# ++# Example: ++# {{ vip_list_item.key }} => vip_SID_00_primary ++# {{ vip_list_item.value }} => 192.168.1.10 ++ ++# 1. Using the IPaddr2 resource agent is not recommended nor supported ++# 2. IPaddr2 resources would be created by construct_vars_vip_resources_default.yml ++# ++# Using 'awsvip' is also not recommended or supported officially for SAP setups. ++# This is for testing purpose only and works together with the standard IPaddr2 resource. ++- name: "SAP HA Prepare Pacemaker - AWS EC2 VS - Add resource: AWS floating IP: {{ vip_list_item.key }} (awsvip - dev/test only!)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_vip] }}" ++ vars: ++ __resource_vip: ++ id: "pri_{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].agent }}" ++ instance_attrs: ++ - attrs: ++ - name: secondary_private_ip ++ value: "{{ vip_list_item.value }}" ++ when: ++ - ('pri_' ~ vip_list_item.key) not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ - sap_ha_pacemaker_cluster_vip_method == 'awsvip' ++ - vip_list_item.key in __sap_ha_pacemaker_cluster_vip_resource_list ++ ++- name: "SAP HA Prepare Pacemaker - AWS EC2 VS - Add resource group for VIP resources (dev/test only)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups + [__vip_group] }}" ++ vars: ++ __vip_group: ++ id: "{{ sap_ha_pacemaker_cluster_vip_group_prefix }}{{ vip_list_item.key }}" ++ resource_ids: ++ - "{{ vip_list_item.key }}" ++ - "pri_{{ vip_list_item.key }}" ++ when: ++ - __vip_group.id is not in (__sap_ha_pacemaker_cluster_resource_groups | map(attribute='id')) ++ - sap_ha_pacemaker_cluster_vip_method in ['awsvip'] ++ - vip_list_item.key in __sap_ha_pacemaker_cluster_vip_resource_list ++ ++# The following is the officially recommended and supported method for VIP resources on AWS EC2. ++- name: "SAP HA Prepare Pacemaker - AWS EC2 VS - Add resource: AWS VIP OverlayIP: {{ vip_list_item.key }} (aws_vpc_move_ip)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_vip] }}" ++ vars: ++ __resource_vip: ++ id: "{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].agent }}" ++ instance_attrs: ++ - attrs: ++ - name: ip ++ value: "{{ vip_list_item.value }}" ++ - name: interface ++ value: "{{ sap_ha_pacemaker_cluster_vip_client_interface }}" ++ - name: routing_table ++ value: "{{ sap_ha_pacemaker_cluster_aws_vip_update_rt }}" ++ when: ++ - vip_list_item.key not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ - sap_ha_pacemaker_cluster_vip_method == 'aws_vpc_move_ip' ++ - vip_list_item.key in __sap_ha_pacemaker_cluster_vip_resource_list +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_gcp_ce_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_gcp_ce_vm.yml +new file mode 100644 +index 0000000..f036949 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_gcp_ce_vm.yml +@@ -0,0 +1,73 @@ ++--- ++# Reminder: This file is included in a loop over a dictionary. ++# Included in: tasks/include_construct_vip_resources.yml ++# ++# file loop var: vip_list_item ++# ++# Example: ++# {{ vip_list_item.key }} => vip_SID_00_primary ++# {{ vip_list_item.value }} => 192.168.1.10 ++ ++- name: "SAP HA Prepare Pacemaker - GCP CE - Add resource: OS network interface Virtual IP: {{ vip_list_item.key }} (IPaddr2)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_vip] }}" ++ vars: ++ __resource_vip: ++ id: "{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents['ipaddr'].agent }}" ++ instance_attrs: ++ - attrs: ++ - name: ip ++ value: "{{ vip_list_item.value }}" ++ - name: cidr_netmask ++ value: 32 ++ - name: nic ++ value: "{{ sap_ha_pacemaker_cluster_vip_client_interface }}" ++ operations: ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 3600 ++ ++ when: ++ - vip_list_item.key not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ - sap_ha_pacemaker_cluster_vip_method == 'ipaddr' or (__sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].with is defined and __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].with == 'ipaddr') ++ - vip_list_item.key in __sap_ha_pacemaker_cluster_vip_resource_list ++ ++- name: "SAP HA Prepare Pacemaker - GCP CE - Add resource: Network Load Balancer (NLB L-4) for VIP routing: {{ vip_list_item.key }} (haproxy)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__health_check] }}" ++ vars: ++ __health_check: ++ id: "{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].agent + '@' + __haproxy_id }}" ++ operations: ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 10 ++ - name: timeout ++ value: 20 ++ ++ __haproxy_id: >- ++ {% if vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name ++ and sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port | length > 4 -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_id }} ++ {%- else -%} ++ {%- endif %} ++ ++ when: ++ - vip_list_item.key not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ - sap_ha_pacemaker_cluster_vip_method == 'gcp_nlb_reserved_ip_haproxy' ++ - vip_list_item.key in __sap_ha_pacemaker_cluster_healthcheck_resource_list ++ - __haproxy_id | length > 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_powervs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_powervs.yml +new file mode 100644 +index 0000000..d9834f0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_powervs.yml +@@ -0,0 +1,22 @@ ++--- ++# Reminder: This file is included in a loop over a dictionary. ++ ++- name: "SAP HA Prepare Pacemaker - IBM Cloud PowerVS - Add resource: OS network interface Virtual IP: {{ vip_list_item.key }} (IPaddr2)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_vip] }}" ++ vars: ++ __resource_vip: ++ id: "{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents['ipaddr_custom'].agent }}" ++ instance_attrs: ++ - attrs: ++ - name: ip ++ value: "{{ vip_list_item.value }}" ++ - name: cidr_netmask ++ value: "{{ __sap_ha_pacemaker_cluster_vip_client_interface_subnet_cidr.stdout | int }}" ++ - name: nic ++ value: "{{ sap_ha_pacemaker_cluster_vip_client_interface }}" ++ when: ++ - vip_list_item.key not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ - sap_ha_pacemaker_cluster_vip_method == 'ipaddr_custom' or (__sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].with is defined and __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].with == 'ipaddr_custom') ++ - vip_list_item.key in __sap_ha_pacemaker_cluster_vip_resource_list +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_vs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_vs.yml +new file mode 100644 +index 0000000..57137ed +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_ibmcloud_vs.yml +@@ -0,0 +1,58 @@ ++--- ++# Reminder: This file is included in a loop over a dictionary. ++# Included in: tasks/include_construct_vip_resources.yml ++# ++# file loop var: vip_list_item ++# ++# Example for VIP definition: ++# {{ vip_list_item.key }} => vip_SID_00_primary ++# {{ vip_list_item.value }} => 192.168.1.10 ++# ++# Example for HC definition: ++# {{ vip_list_item.key }} => hc_vip_SID_00_primary ++# {{ vip_list_item.value }} => 62600 ++ ++ ++- name: "SAP HA Prepare Pacemaker - IBM Cloud VS - Add resource: Load Balancer Private ALB L-7 (or NLB L-4) for VIP routing: {{ vip_list_item.key }} (haproxy)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__health_check] }}" ++ vars: ++ __health_check: ++ id: "{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].agent + '@' + __haproxy_id }}" ++ operations: ++ - action: monitor ++ attrs: ++ - name: interval ++ value: 10 ++ - name: timeout ++ value: 20 ++ ++ __haproxy_id: >- ++ {% if vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name ++ and sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port | length > 4 -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_id }} ++ {%- elif vip_list_item.key == sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_id }} ++ {%- else -%} ++ {%- endif %} ++ ++ when: ++ - __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].agent == 'service:haproxy' ++ - vip_list_item.key not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ - vip_list_item.key in __sap_ha_pacemaker_cluster_healthcheck_resource_list ++ - __haproxy_id | length > 0 ++ ++# IBM Cloud Load Balancer will own and control the Virtual IP (VIP) routing and failover ++# When Linux Pacemaker failover to secondary occurs, the primary will cease Health Check response to IBM Cloud Load Balancer, ++# the secondary will emit Health Check response to IBM Cloud Load Balancer, ++# and then the IBM Cloud Load Balancer will automatically route traffic to secondary; ++# therefore Linux Pacemaker does not require a Resource (e.g. IPAddr2 Resource Agent) allocated for the VIP +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_msazure_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_msazure_vm.yml +new file mode 100644 +index 0000000..255a2b4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_cloud_msazure_vm.yml +@@ -0,0 +1,48 @@ ++--- ++# Reminder: This file is included in a loop over a dictionary. ++# Included in: tasks/include_construct_vip_resources.yml ++# ++# file loop var: vip_list_item ++# ++# Example: ++# {{ vip_list_item.key }} => vip_SID_00_primary ++# {{ vip_list_item.value }} => 192.168.1.10 ++# ++# Example for HC definition: ++# {{ vip_list_item.key }} => hc_vip_SID_00_primary ++# {{ vip_list_item.value }} => 62600 ++ ++# Azure requires 2 resources for the floating IP setup. ++# ++# 1) resource type "IPaddr2" ++# => is already created through construct_vars_vip_resources_default.yml ++ ++ ++# 2) resource type "azure_lb" (requires 'socat') ++ ++#- name: "SAP HA Prepare Pacemaker - MS Azure - Verify socat binary path" ++# ansible.builtin.shell: | ++# which socat ++# register: __sap_ha_pacemaker_cluster_register_socat_path ++# changed_when: false ++ ++# Hint: the 'vip_list_item's will only be the ones matching the cluster host type. ++- name: "SAP HA Prepare Pacemaker - MS Azure - Add resource: Azure Load Balancer (NLB L-4) for VIP routing: {{ vip_list_item.key }} (azure_lb)" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__health_check] }}" ++ vars: ++ __health_check: ++ id: "{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].agent }}" ++ instance_attrs: ++ - attrs: ++ - name: port ++ value: "{{ vip_list_item.value }}" ++# - name: nc ++# value: "{{ __sap_ha_pacemaker_cluster_register_socat_path.stdout }}" ++ when: ++ - sap_ha_pacemaker_cluster_vip_method == 'azure_lb' ++ - __health_check.id in __sap_ha_pacemaker_cluster_healthcheck_resource_list ++ - __health_check.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++# - __sap_ha_pacemaker_cluster_register_socat_path.stdout is defined ++# - __sap_ha_pacemaker_cluster_register_socat_path.stdout | length > 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_hyp_ibmpower_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_hyp_ibmpower_vm.yml +new file mode 100644 +index 0000000..6de2ea3 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/construct_vars_vip_resources_hyp_ibmpower_vm.yml +@@ -0,0 +1,19 @@ ++--- ++# Reminder: This file is included in a loop over a dictionary. ++ ++- name: "SAP HA Prepare Pacemaker - ipaddr resource agent - Add resource: OS network interface Virtual IP" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_vip] }}" ++ vars: ++ __resource_vip: ++ id: "{{ vip_list_item.key }}" ++ agent: "{{ __sap_ha_pacemaker_cluster_available_vip_agents['ipaddr'].agent }}" ++ instance_attrs: ++ - attrs: ++ - name: ip ++ value: "{{ vip_list_item.value }}" ++ - name: nic ++ value: "{{ sap_ha_pacemaker_cluster_vip_client_interface }}" ++ when: ++ - vip_list_item.key not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) ++ - (sap_ha_pacemaker_cluster_vip_method == 'ipaddr') or (__sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].with is defined and 'ipaddr' in __sap_ha_pacemaker_cluster_available_vip_agents[sap_ha_pacemaker_cluster_vip_method].with) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/include_vars_platform.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/include_vars_platform.yml +new file mode 100644 +index 0000000..0a7199b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/include_vars_platform.yml +@@ -0,0 +1,82 @@ ++--- ++ ++# Include vars files based on the environment. ++- name: "SAP HA Prepare Pacemaker - Include platform specific variables" ++ when: __sap_ha_pacemaker_cluster_vars_file is file ++ ansible.builtin.include_vars: "{{ __sap_ha_pacemaker_cluster_vars_file }}" ++ loop: ++ - "platform_{{ __sap_ha_pacemaker_cluster_platform }}.yml" ++ vars: ++ __sap_ha_pacemaker_cluster_vars_file: "{{ role_path }}/vars/{{ item }}" ++ ++ ++# pcmk_host_map format: :;:... ++- name: "SAP HA Prepare Pacemaker - AWS EC2 VS - Assemble host mapping" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_pcmk_host_map: |- ++ {% for node in ansible_play_hosts_all -%} ++ {{ hostvars[node].ansible_hostname }}:{{ hostvars[node].ansible_board_asset_tag }} ++ {%- if not loop.last %};{% endif %} ++ {% endfor %} ++ when: __sap_ha_pacemaker_cluster_platform == "cloud_aws_ec2_vs" ++ ++- name: "SAP HA Prepare Pacemaker - IBM Power VS from IBM Cloud - Set variable for fencing agent" ++ ansible.builtin.set_fact: ++ sap_ha_pacemaker_cluster_ibmcloud_powervs_host_guid: >- ++ {{ __sap_ha_pacemaker_cluster_register_ibmcloud_powervs_host }} ++ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_guid: >- ++ {{ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn ++ | replace("::", "") | regex_replace(".*\:") }} ++ when: __sap_ha_pacemaker_cluster_platform == "cloud_ibmcloud_powervs" ++ ++# pcmk_host_map format: :;:... ++- name: "SAP HA Prepare Pacemaker - IBM Power VS from IBM Cloud - Assemble host mapping" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_pcmk_host_map: |- ++ {% for node in ansible_play_hosts_all -%} ++ {{ hostvars[node].ansible_hostname }}:{{ hostvars[node].__sap_ha_pacemaker_cluster_register_ibmcloud_powervs_host.stdout }} ++ {%- if not loop.last %};{% endif %} ++ {% endfor %} ++ when: __sap_ha_pacemaker_cluster_platform == "cloud_ibmcloud_powervs" ++ ++ ++- name: "SAP HA Prepare Pacemaker - IBM PowerVM - Set variable for fencing agent" ++ ansible.builtin.set_fact: ++ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_partition_name: >- ++ {{ __sap_ha_pacemaker_cluster_register_ibmpower_vm_hmc_system_partition_name.stdout }} ++ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_host_mtms: >- ++ {{ __sap_ha_pacemaker_cluster_register_ibmpower_vm_hmc_system_host_mtms_gui_string.stdout }} ++ ++ when: __sap_ha_pacemaker_cluster_platform == "hyp_ibmpower_vm" ++ ++# pcmk_host_map format: :;:... ++- name: "SAP HA Prepare Pacemaker - IBM PowerVM - Assemble host mapping" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_pcmk_host_map: |- ++ {% for node in ansible_play_hosts_all -%} ++ {{ hostvars[node].ansible_hostname }}:{{ hostvars[node].sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_partition_name }} ++ {%- if not loop.last %};{% endif %} ++ {% endfor %} ++ when: __sap_ha_pacemaker_cluster_platform == "hyp_ibmpower_vm" ++ ++ ++# pcmk_host_map format: :;:... ++- name: "SAP HA Prepare Pacemaker - IBM Cloud VS - Assemble host mapping" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_pcmk_host_map: |- ++ {% for node in ansible_play_hosts_all -%} ++ {{ hostvars[node].ansible_hostname }}:{{ hostvars[node].__sap_ha_pacemaker_cluster_register_ibmcloud_vs_host.stdout }} ++ {%- if not loop.last %};{% endif %} ++ {% endfor %} ++ when: __sap_ha_pacemaker_cluster_platform == "cloud_ibmcloud_vs" ++ ++ ++# pcmk_host_map format: :;:... ++- name: "SAP HA Prepare Pacemaker - MS Azure VM - Assemble host mapping" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_pcmk_host_map: |- ++ {% for node in ansible_play_hosts_all -%} ++ {{ hostvars[node].ansible_hostname }}:{{ hostvars[node].ansible_hostname }} ++ {%- if not loop.last %};{% endif %} ++ {% endfor %} ++ when: __sap_ha_pacemaker_cluster_platform == "cloud_msazure_vm" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_aws_ec2_vs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_aws_ec2_vs.yml +new file mode 100644 +index 0000000..87c181d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_aws_ec2_vs.yml +@@ -0,0 +1,33 @@ ++--- ++# Requirement to enable the fencing resource to function. ++ ++- name: "SAP HA Prepare Pacemaker - AWS EC2 VS - Create awscli config directory" ++ ansible.builtin.file: ++ mode: "0755" ++ owner: root ++ path: /root/.aws ++ state: directory ++ ++- name: "SAP HA Prepare Pacemaker - AWS EC2 VS - Create awscli config" ++ ansible.builtin.blockinfile: ++ backup: true ++ block: | ++ [default] ++ region = {{ sap_ha_pacemaker_cluster_aws_region }} ++ create: true ++ mode: "0600" ++ owner: root ++ path: /root/.aws/config ++ ++- name: "SAP HA Prepare Pacemaker - AWS EC2 VS - Store awscli credentials" ++ ansible.builtin.blockinfile: ++ backup: true ++ block: | ++ [default] ++ aws_access_key_id = {{ sap_ha_pacemaker_cluster_aws_access_key_id }} ++ aws_secret_access_key = {{ sap_ha_pacemaker_cluster_aws_secret_access_key }} ++ create: true ++ mode: "0600" ++ owner: root ++ path: /root/.aws/credentials ++ no_log: true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml +new file mode 100644 +index 0000000..68fa80a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml +@@ -0,0 +1,154 @@ ++--- ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Install haproxy" ++ ansible.builtin.package: ++ name: haproxy ++ state: present ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Check if haproxy service template exists" ++ ansible.builtin.stat: ++ path: /etc/systemd/system/haproxy@.service ++ register: __sap_ha_pacemaker_cluster_register_haproxy_template ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy service template" ++ ansible.builtin.copy: ++ dest: /etc/systemd/system/haproxy@.service ++ remote_src: true ++ src: /usr/lib/systemd/system/haproxy.service ++ mode: '0644' ++ when: ++ - not __sap_ha_pacemaker_cluster_register_haproxy_template.stat.exists ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Update haproxy service template description" ++ ansible.builtin.lineinfile: ++ backup: true ++ path: /etc/systemd/system/haproxy@.service ++ regexp: '^Description=' ++ line: 'Description=HAProxy Load Balancer %i' ++ state: present ++ insertafter: '^[Unit]$' ++ notify: "systemd daemon-reload" ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Update haproxy service template environment" ++ ansible.builtin.lineinfile: ++ backup: true ++ path: /etc/systemd/system/haproxy@.service ++ regexp: '^Environment=' ++ line: 'Environment="CONFIG=/etc/haproxy/haproxy-%i.cfg" "PIDFILE=/run/haproxy-%i.pid"' ++ state: present ++ insertafter: '^[Service]$' ++ notify: "systemd daemon-reload" ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Define healthcheck details for HANA" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_healthcheck_list_hana: ++ - name: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }}" ++ port: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_port }}" ++ # If no custom port is defined, calculate the port for the secondary ++ # by adding 10, to avoid a conflict with the port for the primary hc port. ++ - name: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }}" ++ port: >- ++ {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port }} ++ {%- else %}0{%- endif %} ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Define healthcheck details for NW ASCS/ERS" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_healthcheck_list_ascs: ++ - name: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id }}" ++ port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port }}" ++ - name: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id }}" ++ port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port }}" ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 ++ ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for HANA instances" ++ ansible.builtin.blockinfile: ++ backup: false ++ create: true ++ path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" ++ mode: "0644" ++ owner: root ++ group: root ++ marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" ++ block: | ++ global ++ chroot /var/lib/haproxy ++ pidfile /var/run/haproxy-%i.pid ++ user haproxy ++ group haproxy ++ daemon ++ ++ defaults ++ mode tcp ++ log global ++ option dontlognull ++ option redispatch ++ retries 3 ++ timeout queue 1m ++ timeout connect 10s ++ timeout client 1m ++ timeout server 1m ++ timeout check 10s ++ maxconn 3000 ++ ++ # Listener for SAP healthcheck ++ listen healthcheck ++ bind *:{{ haproxy_item.port }} ++ loop: "{{ __sap_ha_pacemaker_cluster_healthcheck_list_hana }}" ++ loop_control: ++ loop_var: haproxy_item ++ label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 ++ - haproxy_item.port | length > 4 ++ ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for NWAS ASCS/ERS instances" ++ ansible.builtin.blockinfile: ++ create: true ++ path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" ++ mode: "0644" ++ owner: root ++ group: root ++ marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" ++ block: | ++ global ++ chroot /var/lib/haproxy ++ pidfile /var/run/haproxy-%i.pid ++ user haproxy ++ group haproxy ++ daemon ++ ++ defaults ++ mode tcp ++ log global ++ option dontlognull ++ option redispatch ++ retries 3 ++ timeout queue 1m ++ timeout connect 10s ++ timeout client 1m ++ timeout server 1m ++ timeout check 10s ++ maxconn 3000 ++ ++ # Listener for SAP healthcheck ++ listen healthcheck ++ bind *:{{ haproxy_item.port }} ++ loop: "{{ __sap_ha_pacemaker_cluster_healthcheck_list_ascs }}" ++ loop_control: ++ loop_var: haproxy_item ++ label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 ++ ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Ensure that haproxy service is running" ++ ansible.builtin.service: ++ name: haproxy ++ enabled: false ++ state: started +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_powervs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_powervs.yml +new file mode 100644 +index 0000000..33c4f2d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_powervs.yml +@@ -0,0 +1,2 @@ ++--- ++# Requirement to enable the fencing resource to function. +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml +new file mode 100644 +index 0000000..507100f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml +@@ -0,0 +1,198 @@ ++--- ++# Requirement to enable the fencing resource to function. ++ ++- name: "SAP HA Prepare Pacemaker - IBM Cloud VS - Install haproxy" ++ ansible.builtin.package: ++ name: haproxy ++ state: present ++ ++# - name: "SAP HA Prepare Pacemaker - IBM Cloud VS - Create haproxy log directory for rsyslog" ++# ansible.builtin.file: ++# path: /var/log/haproxy ++# state: directory ++# mode: '0755' ++# ++# - name: "SAP HA Prepare Pacemaker - IBM Cloud VS - Create haproxy config for rsyslog" ++# ansible.builtin.copy: ++# dest: /etc/rsyslog.d/haproxy.conf ++# mode: '0644' ++# content: | ++# # Additional socket in haproxy's chroot ++# # to allow logging via /dev/log to chroot'ed HAProxy processes ++# $AddUnixListenSocket /var/lib/haproxy/dev/log ++# ++# # Send HAProxy messages to a dedicated logfile ++# :programname,startswith,"haproxy" /var/log/haproxy/haproxy.log ++# ++# - name: "SAP HA Prepare Pacemaker - IBM Cloud VS - rsyslog service restart" ++# ansible.builtin.service: ++# name: rsyslog ++# state: restarted ++# enabled: true ++ ++- name: "SAP HA Install Pacemaker - IBM Cloud VS - Check if haproxy service template exists" ++ ansible.builtin.stat: ++ path: /etc/systemd/system/haproxy@.service ++ register: __sap_ha_pacemaker_cluster_register_haproxy_template ++ ++- name: "SAP HA Install Pacemaker - IBM Cloud VS - Create haproxy service template" ++ ansible.builtin.copy: ++ dest: /etc/systemd/system/haproxy@.service ++ remote_src: true ++ src: /usr/lib/systemd/system/haproxy.service ++ mode: '0644' ++ when: ++ - not __sap_ha_pacemaker_cluster_register_haproxy_template.stat.exists ++ ++- name: "SAP HA Install Pacemaker - IBM Cloud VS - Update haproxy service template description" ++ ansible.builtin.lineinfile: ++ backup: true ++ path: /etc/systemd/system/haproxy@.service ++ regexp: '^Description=' ++ line: 'Description=HAProxy Load Balancer %i' ++ state: present ++ insertafter: '^[Unit]$' ++ notify: "systemd daemon-reload" ++ ++- name: "SAP HA Install Pacemaker - IBM Cloud VS - Update haproxy service template environment" ++ ansible.builtin.lineinfile: ++ backup: true ++ path: /etc/systemd/system/haproxy@.service ++ regexp: '^Environment=' ++ line: 'Environment="CONFIG=/etc/haproxy/haproxy-%i.cfg" "PIDFILE=/run/haproxy-%i.pid"' ++ state: present ++ insertafter: '^[Service]$' ++ notify: "systemd daemon-reload" ++ ++- name: "SAP HA Install Pacemaker - IBM Cloud VS - Update haproxy service template environment" ++ ansible.builtin.lineinfile: ++ backup: true ++ path: /etc/systemd/system/haproxy@.service ++ regexp: '^Environment=' ++ line: 'Environment="CONFIG=/etc/haproxy/haproxy-%i.cfg" "PIDFILE=/run/haproxy-%i.pid"' ++ state: present ++ insertafter: '^[Service]$' ++ notify: "systemd daemon-reload" ++ ++- name: "SAP HA Install Pacemaker - IBM Cloud VS - Define healthcheck details for HANA" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_healthcheck_list_hana: ++ - name: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_id }}" ++ port: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_port }}" ++ # If no custom port is defined, calculate the port for the secondary ++ # by adding 10, to avoid a conflict with the port for the primary hc port. ++ - name: "{{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_id }}" ++ port: >- ++ {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} ++ {{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port }} ++ {%- else %}0{%- endif %} ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 ++ ++- name: "SAP HA Install Pacemaker - IBM Cloud VS - Define healthcheck details for NW ASCS/ERS" ++ ansible.builtin.set_fact: ++ __sap_ha_pacemaker_cluster_healthcheck_list_ascs: ++ - name: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_id }}" ++ port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port }}" ++ - name: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_id }}" ++ port: "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port }}" ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for HANA instances" ++ ansible.builtin.blockinfile: ++ backup: false ++ create: true ++ path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" ++ mode: "0644" ++ owner: root ++ group: root ++ marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" ++ block: | ++ global ++ chroot /var/lib/haproxy ++ pidfile /var/run/haproxy-%i.pid ++ user haproxy ++ group haproxy ++ daemon ++ ++ defaults ++ mode tcp ++ log global ++ option dontlognull ++ option redispatch ++ retries 3 ++ timeout queue 1m ++ timeout connect 10s ++ timeout client 1m ++ timeout server 1m ++ timeout check 10s ++ maxconn 3000 ++ ++ # Listener for SAP healthcheck ++ listen healthcheck ++ bind *:{{ haproxy_item.port }} ++ loop: "{{ __sap_ha_pacemaker_cluster_healthcheck_list_hana }}" ++ loop_control: ++ loop_var: haproxy_item ++ label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 ++ - haproxy_item.port | length > 4 ++ ++- name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for NWAS ASCS/ERS instances" ++ ansible.builtin.blockinfile: ++ create: true ++ path: "/etc/haproxy/haproxy-{{ haproxy_item.name }}.cfg" ++ mode: "0644" ++ owner: root ++ group: root ++ marker: "# {mark} Created by Ansible role sap_ha_pacemaker_cluster" ++ block: | ++ global ++ chroot /var/lib/haproxy ++ pidfile /var/run/haproxy-%i.pid ++ user haproxy ++ group haproxy ++ daemon ++ ++ defaults ++ mode tcp ++ log global ++ option dontlognull ++ option redispatch ++ retries 3 ++ timeout queue 1m ++ timeout connect 10s ++ timeout client 1m ++ timeout server 1m ++ timeout check 10s ++ maxconn 3000 ++ ++ # Listener for SAP healthcheck ++ listen healthcheck ++ bind *:{{ haproxy_item.port }} ++ loop: "{{ __sap_ha_pacemaker_cluster_healthcheck_list_ascs }}" ++ loop_control: ++ loop_var: haproxy_item ++ label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 ++ ++ ++# - name: "SAP HA Prepare Pacemaker - IBM Cloud VS - haproxy listener configuration" ++# ansible.builtin.blockinfile: ++# state: present ++# insertafter: EOF ++# dest: /etc/haproxy/haproxy.cfg ++# marker_begin: "---- haproxy health check listener ----" ++# marker_end: "----" ++# content: | ++# when: ++# - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - IBM Cloud VS - haproxy service start (without enable on boot)" ++ ansible.builtin.service: ++ name: haproxy ++ state: started ++ enabled: false # Do not start on boot +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_msazure_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_msazure_vm.yml +new file mode 100644 +index 0000000..94d09ab +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_msazure_vm.yml +@@ -0,0 +1,4 @@ ++--- ++# Requirement to enable the fencing resource to function. ++# ++# TODO: firewall config for the LB health probe port +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_powervs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_powervs.yml +new file mode 100644 +index 0000000..2445e4c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_powervs.yml +@@ -0,0 +1,30 @@ ++--- ++# Ansible facts rely on SMBIOS/DMI, which does not exist on ppc64le CPU Architecture. ++ ++# Discovered input used for plug (via pcmk_host_map) ++# The Instance ID in the IBM Power Virtual Server Workspace, is identical string to the UUID reported in the host ++# alt command using IBM Power RSCT binary: /opt/rsct/bin/ctgethscid | grep PartitionUUID | cut -d \" -f2 ++# alt command using cloud-init data: cat /run/cloud-init/instance-data.json | grep uuid | cut -d \" -f4 ++# alt command using cloud-init data: cat /run/cloud-init/instance-data.json | grep instance_id | cut -d \" -f4 ++- name: "SAP HA Prepare Pacemaker - IBM Cloud Power VS - IBM Power Virtual Server UUID" ++ ansible.builtin.shell: | ++ set -o pipefail && echo $(tr -d '\0' < /proc/device-tree/ibm,partition-uuid) ++ register: __sap_ha_pacemaker_cluster_register_ibmcloud_powervs_host ++ changed_when: false ++ check_mode: false ++ ++- name: "SAP HA Prepare Pacemaker - Ensure ipcalc binary installed" ++ ansible.builtin.package: ++ name: ++ - ipcalc ++ state: present ++ ++- name: "SAP HA Prepare Pacemaker - IBM Cloud PowerVS - Calculate network interface subnet CIDR" ++ ansible.builtin.shell: | ++ set -o pipefail && ipcalc --prefix \ ++ {{ ansible_facts[sap_ha_pacemaker_cluster_vip_client_interface].ipv4.network ++ + '/' + ansible_facts[sap_ha_pacemaker_cluster_vip_client_interface].ipv4.netmask }} \ ++ | sed 's|PREFIX=||' ++ register: __sap_ha_pacemaker_cluster_vip_client_interface_subnet_cidr ++ changed_when: false ++ check_mode: false +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_vs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_vs.yml +new file mode 100644 +index 0000000..298804b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_cloud_ibmcloud_vs.yml +@@ -0,0 +1,9 @@ ++--- ++# There is no ansible fact with the fully qualified VM instance ID. ++# We get this information from the SMBIOS/DMI. ++- name: "SAP HA Prepare Pacemaker - IBM Cloud VS - Register instance ID" ++ ansible.builtin.shell: | ++ dmidecode -s system-family ++ register: __sap_ha_pacemaker_cluster_register_ibmcloud_vs_host ++ changed_when: false ++ check_mode: false +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_hyp_ibmpower_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_hyp_ibmpower_vm.yml +new file mode 100644 +index 0000000..f703571 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/platform/register_sysinfo_hyp_ibmpower_vm.yml +@@ -0,0 +1,32 @@ ++--- ++# Ansible facts rely on SMBIOS/DMI, which does not exist on ppc64le CPU Architecture. ++# Use Open Firmware (OF) device tree values ++ ++# Do not use cat on /proc files to avoid error 'ignored null byte in input' ++ ++ ++# The System's Machine Type and Machine Serial Number (MTMS) is a combined string, which is sometimes separated by underscore '_' ++# and in IBM Power HMC Web GUI is separated by asterisk '*' ++# An example of the combined string is '9009-22A' as Machine Type + '*' + '11A111' as Machine Serial Number ++# This is an alternative value to populate --managed instead of the IBM PowerVM HMC System Name, ++# which works with the command 'lssyscfg -r lpar -m <<--managed value of HMC System Name or System MTMS or System UUID>> ++- name: SAP HA Prepare Pacemaker - IBM Power VM - HMC System (aka. Hypervisor Node) Machine Type and Machine Serial Number (MTMS) ++ ansible.builtin.shell: | ++ set -o pipefail && echo $(tr -d '\0' < /proc/device-tree/model | sed 's/IBM,//g')*$(tr -d '\0' < /proc/device-tree/ibm,hardware-sn) ++ register: __sap_ha_pacemaker_cluster_register_ibmpower_vm_hmc_system_host_mtms_gui_string ++ changed_when: false ++ check_mode: false ++ ++- name: SAP HA Prepare Pacemaker - IBM Power VM - HMC System's Partition Name of the Virtual Machine ++ ansible.builtin.shell: | ++ set -o pipefail && echo $(tr -d '\0' < /proc/device-tree/ibm,partition-name) ++ register: __sap_ha_pacemaker_cluster_register_ibmpower_vm_hmc_system_partition_name ++ changed_when: false ++ check_mode: false ++ ++- name: SAP HA Prepare Pacemaker - IBM Power VM - HMC System's Partition UUID of the Virtual Machine ++ ansible.builtin.shell: | ++ set -o pipefail && echo $(tr -d '\0' < /proc/device-tree/ibm,partition-uuid) ++ register: __sap_ha_pacemaker_cluster_register_ibmpower_vm_hmc_system_partition_uuid ++ changed_when: false ++ check_mode: false +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/validate_input_parameters.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/validate_input_parameters.yml +new file mode 100644 +index 0000000..fb9116c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/tasks/validate_input_parameters.yml +@@ -0,0 +1,124 @@ ++--- ++# The SAP ID must follow a strict format and not use reserved special values ++- name: "SAP HA Prepare Pacemaker - (SAP HANA) Validate SAP System ID" ++ ansible.builtin.assert: ++ that: ++ - sap_ha_pacemaker_cluster_hana_sid | length == 3 ++ - sap_ha_pacemaker_cluster_hana_sid not in __sap_ha_pacemaker_cluster_sid_prohibited ++ fail_msg: | ++ Host type = {{ sap_ha_pacemaker_cluster_host_type }} ++ Requires 'sap_ha_pacemaker_cluster_hana_sid' to be defined! ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - (SAP HANA) Validate SAP Instance Number" ++ ansible.builtin.assert: ++ that: ++ - ( sap_ha_pacemaker_cluster_hana_instance_nr | type_debug != 'int' and sap_ha_pacemaker_cluster_hana_instance_nr | length == 2 ) or ( sap_ha_pacemaker_cluster_hana_instance_nr | type_debug == 'int' and sap_ha_pacemaker_cluster_hana_instance_nr is regex("^[0-9][0-9]$") ) ++ fail_msg: |2 ++ ++ Host type = {{ sap_ha_pacemaker_cluster_host_type }} ++ Requires 'sap_ha_pacemaker_cluster_hana_instance_nr' to be defined. ++ ++ The instance number must be exactly 2 digits. ++ Add quotes if the number starts with a 0! ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - (SAP NetWeaver) Validate SAP System ID" ++ ansible.builtin.assert: ++ that: ++ - sap_ha_pacemaker_cluster_nwas_abap_sid | length == 3 ++ - sap_ha_pacemaker_cluster_nwas_abap_sid not in __sap_ha_pacemaker_cluster_sid_prohibited ++ fail_msg: | ++ Host type = {{ sap_ha_pacemaker_cluster_host_type }} ++ Requires 'sap_ha_pacemaker_cluster_nwas_abap_sid' to be defined! ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - (SAP NetWeaver) Validate SAP Instance Number" ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 ++ ansible.builtin.assert: ++ that: ++ - ( ascs_ers_nr_item | type_debug != 'int' and ascs_ers_nr_item | length == 2 ) or ( ascs_ers_nr_item | type_debug == 'int' and ascs_ers_nr_item is regex("^[0-9][0-9]$") ) ++ fail_msg: |2 ++ ++ Host type = {{ sap_ha_pacemaker_cluster_host_type }} ++ Requires the ASCS/ERS instance numbers to be defined: ++ - sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr ++ - sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr ++ ++ The instance number must be exactly 2 digits. ++ Add quotes if the number starts with a 0! ++ ++ loop: ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" ++ loop_control: ++ loop_var: ascs_ers_nr_item ++ ++ ++# NIC definition validation ++- name: "SAP HA Prepare Pacemaker - Verify that a custom NIC name is defined when multiple NICs exist" ++ ansible.builtin.assert: ++ that: ++ - sap_ha_pacemaker_cluster_vip_client_interface is defined ++ - sap_ha_pacemaker_cluster_vip_client_interface | length > 0 ++ fail_msg: "Multiple interfaces are found on the system.\n{{ ansible_interfaces | to_nice_yaml }}\nIn this case 'sap_ha_pacemaker_cluster_vip_client_interface' must be defined." ++ when: ++ - ansible_interfaces | length > 2 ++ ++- name: "SAP HA Prepare Pacemaker - Verify that the custom NIC name exists" ++ ansible.builtin.assert: ++ that: ++ - sap_ha_pacemaker_cluster_vip_client_interface in ansible_interfaces ++ fail_msg: "The interface '{{ sap_ha_pacemaker_cluster_vip_client_interface }}' does not exist on this system!" ++ when: ++ - sap_ha_pacemaker_cluster_vip_client_interface | length > 0 ++ ++# VIP definition validation ++- name: "SAP HA Prepare Pacemaker - (HANA primary) Verify that the VIP is defined" ++ ansible.builtin.assert: ++ that: ++ - sap_ha_pacemaker_cluster_vip_hana_primary_ip_address is defined ++ - sap_ha_pacemaker_cluster_vip_hana_primary_ip_address | length > 0 ++ fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_hana_primary_ip_address' is not defined." ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - (NetWeaver ASCS) Verify that the VIP is defined" ++ ansible.builtin.assert: ++ that: ++ - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address is defined ++ - sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address | length > 0 ++ fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_ip_address' is not defined." ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs') | length > 0 ++ ++# - name: "SAP HA Prepare Pacemaker - (NetWeaver ERS) Verify that the VIP is defined" ++# ansible.builtin.assert: ++# that: ++# - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address is defined ++# - sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address | length > 0 ++# fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_nwas_abap_ers_ip_address' is not defined." ++# when: ++# - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - (NetWeaver PAS) Verify that the VIP is defined" ++ ansible.builtin.assert: ++ that: ++ - sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address is defined ++ - sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address | length > 0 ++ fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_nwas_abap_pas_ip_address' is not defined." ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_pas') | length > 0 ++ ++- name: "SAP HA Prepare Pacemaker - (NetWeaver AAS) Verify that the ERS VIP is defined" ++ ansible.builtin.assert: ++ that: ++ - sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address is defined ++ - sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address | length > 0 ++ fail_msg: "Host type = '{{ sap_ha_pacemaker_cluster_host_type }}', but 'sap_ha_pacemaker_cluster_vip_nwas_abap_aas_ip_address' is not defined." ++ when: ++ - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_pas_aas') | length > 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/templates/cluster_create_config.j2 b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/templates/cluster_create_config.j2 +new file mode 100644 +index 0000000..622cf8e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/templates/cluster_create_config.j2 +@@ -0,0 +1,55 @@ ++--- ++ ++# This is an input variables file automatically generated for use with the ++# 'ha_cluster' linux system role. ++# ++# Created by: {{ ansible_role_name }} ++ ++# The name of the cluster ++ha_cluster_cluster_name: {{ ha_cluster_cluster_name | default('') }} ++ ++# Properties that enable and control cluster behavior ++ha_cluster_cluster_properties: ++{{ ha_cluster_cluster_properties | default() | to_nice_yaml(indent=2) }} ++ ++# Definition of resources which depend on other resources ++ha_cluster_constraints_colocation: ++{{ ha_cluster_constraints_colocation | default() | to_nice_yaml(indent=2) }} ++ ++# Definition of resources which have specific location dependencies or preferences ++ha_cluster_constraints_location: ++{{ ha_cluster_constraints_location | default() | to_nice_yaml(indent=2) }} ++ ++# Definition of an order in which resources must be started. ++# They are automatically stopped in reverse order. ++ha_cluster_constraints_order: ++{{ ha_cluster_constraints_order | default() | to_nice_yaml(indent=2) }} ++ ++# Extra packages that are needed for this HA environment ++ha_cluster_extra_packages: ++{{ ha_cluster_extra_packages | default() | to_nice_yaml(indent=2) }} ++ ++# Fence agent package(s) for this HA environment ++ha_cluster_fence_agent_packages: ++{{ ha_cluster_fence_agent_packages | default() | to_nice_yaml(indent=2) }} ++ ++# Definition of repositories to enable (if disable) to ensure ++# access to all required packages ++__ha_cluster_repos: ++{{ __ha_cluster_repos | default() | to_nice_yaml(indent=2) }} ++ ++# Definition of resources that are cloned and monitored on all nodes ++ha_cluster_resource_clones: ++{{ ha_cluster_resource_clones | default() | to_nice_yaml(indent=2) }} ++ ++# Definition of resources that are grouped together ++ha_cluster_resource_groups: ++{{ ha_cluster_resource_groups | default() | to_nice_yaml(indent=2) }} ++ ++# Definition of all cluster resources ++ha_cluster_resource_primitives: ++{{ ha_cluster_resource_primitives | default() | to_nice_yaml(indent=2) }} ++ ++# Definition of corosync totem settings ++ha_cluster_totem: ++{{ ha_cluster_totem | default() | to_nice_yaml(indent=2) }} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/templates/sudofile_20-saphana.j2 b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/templates/sudofile_20-saphana.j2 +new file mode 100644 +index 0000000..a8f3709 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/templates/sudofile_20-saphana.j2 +@@ -0,0 +1,15 @@ ++# Managed by Ansible ++# Role: {{ ansible_role_name }} ++# ++# Description: ++# The following are sudo entries which are required for the pacemaker cluster ++# to update the SAP HANA cluster resource status. ++ ++{% for node in sap_ha_pacemaker_cluster_cluster_nodes %} ++Cmnd_Alias {{ node.hana_site | upper }}_SOK = /usr/sbin/crm_attribute -n hana_{{ sap_ha_pacemaker_cluster_hana_sid | lower }}_site_srHook_{{ node.hana_site }} -v SOK -t crm_config -s {{ sap_ha_pacemaker_cluster_hadr_provider_name }} ++Cmnd_Alias {{ node.hana_site | upper }}_SFAIL = /usr/sbin/crm_attribute -n hana_{{ sap_ha_pacemaker_cluster_hana_sid | lower }}_site_srHook_{{ node.hana_site }} -v SFAIL -t crm_config -s {{ sap_ha_pacemaker_cluster_hadr_provider_name }} ++{% endfor %} ++ ++{{ sap_ha_pacemaker_cluster_hana_sid | lower }}adm ALL=(ALL) NOPASSWD: {% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %} ++ ++Defaults!{% for node in sap_ha_pacemaker_cluster_cluster_nodes %}{{ node.hana_site | upper }}_SOK, {{ node.hana_site | upper }}_SFAIL{{ ", " if not loop.last else "" }}{% endfor %} !requiretty +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/hana_scaleout_common.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/hana_scaleout_common.yml +new file mode 100644 +index 0000000..4175257 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/hana_scaleout_common.yml +@@ -0,0 +1,11 @@ ++--- ++# SAP HANA Scale-Out specific parameter values ++# ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++__sap_ha_pacemaker_cluster_sap_extra_packages: ++ - resource-agents-sap-hana-scaleout ++ ++sap_ha_pacemaker_cluster_ra_hana: SAPHanaController ++sap_ha_pacemaker_cluster_hadr_provider_name: SAPHanaSR ++sap_ha_pacemaker_cluster_hadr_provider_path: /hana/shared/myHooks +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_common.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_common.yml +new file mode 100644 +index 0000000..85043b5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_common.yml +@@ -0,0 +1,11 @@ ++--- ++# SAP HANA Scale-Up specific parameter values ++# ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++__sap_ha_pacemaker_cluster_sap_extra_packages: ++ - resource-agents-sap-hana ++ ++sap_ha_pacemaker_cluster_ra_hana: SAPHana ++sap_ha_pacemaker_cluster_hadr_provider_name: SAPHanaSR ++sap_ha_pacemaker_cluster_hadr_provider_path: /hana/shared/myHooks +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/main.yml +new file mode 100644 +index 0000000..6d78375 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/main.yml +@@ -0,0 +1,121 @@ ++--- ++# SAP System IDs that are reserved and must not be used ++# Reference: SAP Note 1979280 ++__sap_ha_pacemaker_cluster_sid_prohibited: ['ADD', 'ADM', 'ALL', 'AMD', 'AND', 'ANY', 'ARE', 'ASC', 'AUX', 'AVG', 'BIN', 'BIT', 'CDC', 'COM', 'CON', 'DAA', 'DBA', 'DBM', 'DBO', 'DTD', 'ECO', 'END', 'EPS', 'EXE', 'FOR', 'GET', 'GID', 'IBM', 'INT', 'KEY', 'LIB', 'LOG', 'LPT', 'MAP', 'MAX', 'MEM', 'MIG', 'MIN', 'MON', 'NET', 'NIX', 'NOT', 'NUL', 'OFF', 'OLD', 'OMS', 'OUT', 'PAD', 'PRN', 'RAW', 'REF', 'ROW', 'SAP', 'SET', 'SGA', 'SHG', 'SID', 'SQL', 'SUM', 'SYS', 'TMP', 'TOP', 'TRC', 'UID', 'USE', 'USR', 'VAR'] ++ ++# ansible_facts required by the role ++__sap_ha_pacemaker_cluster_required_facts: ++ - architecture # subset: min, hardware ++ - board_asset_tag # subset: hardware ++ - default_ipv4 # subset: interfaces ++ - distribution # subset: min, hardware ++ - distribution_major_version # subset: min, hardware ++ - distribution_version # subset: min, hardware ++ - hostname # subset: min, hardware ++ - os_family # subset: min, hardware ++# - selinux # subset: min, hardware ++# - service_mgr # subset: min, hardware ++ - system_vendor # subset: hardware ++# - virtualization_role # subset: virtual ++# - virtualization_type # subset: virtual ++ ++# By default assume non-multi-NIC configuration. ++# This is automatically adjusted during preparation tasks. ++__sap_ha_pacemaker_cluster_nic_multi_bool: false ++ ++# By default use the construction of IPaddr2 VIP resources ++# Platforms define different methods out of optional agents, as applicable. ++sap_ha_pacemaker_cluster_vip_method: ipaddr ++sap_ha_pacemaker_cluster_vip_group_prefix: '' ++ ++__sap_ha_pacemaker_cluster_available_vip_agents: ++ ipaddr: ++ agent: "ocf:heartbeat:IPaddr2" ++ ++# Health check helper variable for platforms that require it ++sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" ++sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name: "hc_{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" ++ ++# For convenience to distinguish between VIP and HC resources: ++__sap_ha_pacemaker_cluster_vip_resource_list: ++ - "{{ sap_ha_pacemaker_cluster_vip_hana_primary_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ascs_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_ers_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_pas_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_vip_nwas_abap_aas_resource_name }}" ++ ++__sap_ha_pacemaker_cluster_healthcheck_resource_list: ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_hana_primary_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_hana_secondary_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_resource_name }}" ++ - "{{ sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_resource_name }}" ++ ++# Health check default port as string ++# Note: difference between HANA primary and read-only required ++# Ports must be pre-defined empty to skip entering construct_vars_vip_resources_* ++# includes when not overridden. ++sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: '' ++sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port: '' ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port: '' ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port: '' ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: '' ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: '' ++ ++# (cloud) platform helper variable - leave empty for default = not cloud ++__sap_ha_pacemaker_cluster_platform: '' ++ ++__sap_ha_pacemaker_cluster_no_log: true ++ ++# ATTENTION: ++# Any variables for 'ha_cluster' which this SAP role supports/inherits should also ++# be added to ++# - variable validations ++# - conditionals (if applicable) ++# - config report template ++# ++# TODO: verify that the task flow logic works without these explicit ++# pre-definitions. Otherwise there is a need to hard-code parameters ++# which have defaults in the 'ha_cluster' LSR. ++# Remove this section when validated. ++# ++# Never set defaults for these: ++# __sap_ha_pacemaker_cluster_cluster_name: ++# __sap_ha_pacemaker_cluster_hacluster_user_password: ++ ++# Predefine host_map for variable construction ++__sap_ha_pacemaker_cluster_pcmk_host_map: '' ++ ++############################################################################### ++# 'ha_cluster' Linux System Role transparent integration ++# ++# For each additional 'ha_cluster' role variable used in this SAP HA role, ++# make sure to update the following: ++# - below list of role internal variables ++# - tasks/import_hacluster_vars_from_inventory.yml ++# - tasks/construct_final_hacluster_vars.yml ++ ++# Pre-define internal optional parameters to avoid defaults in the code: ++__sap_ha_pacemaker_cluster_sap_extra_packages: [] ++__sap_ha_pacemaker_cluster_platform_extra_packages: [] ++ ++__sap_ha_pacemaker_cluster_cluster_properties: [] ++__sap_ha_pacemaker_cluster_constraints_colocation: [] ++__sap_ha_pacemaker_cluster_constraints_location: [] ++__sap_ha_pacemaker_cluster_constraints_order: [] ++__sap_ha_pacemaker_cluster_extra_packages: [] ++__sap_ha_pacemaker_cluster_fence_agent_packages: [] ++__sap_ha_pacemaker_cluster_repos: [] ++__sap_ha_pacemaker_cluster_resource_clones: [] ++__sap_ha_pacemaker_cluster_resource_groups: [] ++__sap_ha_pacemaker_cluster_resource_primitives: [] ++ ++# Pre-define this parameter in its dictionary format: ++__sap_ha_pacemaker_cluster_corosync_totem: ++ options: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/nwas_abap_ascs_ers.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/nwas_abap_ascs_ers.yml +new file mode 100644 +index 0000000..c9f42ab +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/nwas_abap_ascs_ers.yml +@@ -0,0 +1,13 @@ ++--- ++# The following directories are appended to the 'nfs_path' of the '/usr/sap' storage ++# definition. ++# Therefore, the /usr/sap prefix must be left out of the listed path items. ++__sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_filesystems: ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/ASCS{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_sid }}/ERS{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" ++ ++# List of ASCS/ERS profile names. ++# Used in tasks/configure_nwas_postinstallation.yml for sap_cluster_connector setup. ++__sap_ha_pacemaker_cluster_nwas_abap_ascs_ers_profile_paths: ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_sapinstance_start_profile_string }}" ++ - "{{ sap_ha_pacemaker_cluster_nwas_abap_ers_sapinstance_start_profile_string }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml +new file mode 100644 +index 0000000..c74b238 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml +@@ -0,0 +1,8 @@ ++--- ++# SAP NetWeaver ABAP specific parameter values ++# ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++__sap_ha_pacemaker_cluster_sap_extra_packages: ++ - resource-agents-sap ++ - "{% if sap_ha_pacemaker_cluster_enable_cluster_connector %}{{ __sap_ha_pacemaker_cluster_halib_package }}{% endif %}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_aws_ec2_vs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_aws_ec2_vs.yml +new file mode 100644 +index 0000000..b6f2248 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_aws_ec2_vs.yml +@@ -0,0 +1,58 @@ ++--- ++# Variables specific on AWS platform, EC2 Virtual Servers ++# ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++sap_ha_pacemaker_cluster_fence_agent_packages: ++ - fence-agents-aws ++ ++__sap_ha_pacemaker_cluster_platform_extra_packages: ++ - awscli ++ ++__sap_ha_pacemaker_cluster_repos: ++ - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" ++ name: High Availability ++ ++# Predefine ++__sap_ha_pacemaker_cluster_aws_instances: [] ++ ++# When aws credentials and region are not defined it will ++# default to using the aws cli configuration. ++# The aws cli is currently configured anyway for the standard AWS VIP resource. ++sap_ha_pacemaker_cluster_stonith_default: ++ id: "res_fence_aws" ++ agent: "stonith:fence_aws" ++# options: ++# access_key: "{{ sap_ha_pacemaker_cluster_aws_access_key_id }}" ++# secret_key: "{{ sap_ha_pacemaker_cluster_aws_secret_access_key }}" ++# region: "{{ sap_ha_pacemaker_cluster_aws_region }}" ++ ++# Platform corosync totem configuration ++sap_ha_pacemaker_cluster_corosync_totem: ++ options: ++ token: 29000 ++ ++# Platform specific VIP handling ++sap_ha_pacemaker_cluster_vip_method: aws_vpc_move_ip ++sap_ha_pacemaker_cluster_vip_group_prefix: '' # the default supported VIP agent is a single resource only ++ ++__sap_ha_pacemaker_cluster_available_vip_agents: ++ # Testing only! Not officially supported for SAP on AWS. ++ ipaddr: ++ agent: "ocf:heartbeat:IPaddr2" ++ ++ # Testing only! Not officially supported for SAP on AWS. Updates VM Instance network interface (ENI) with Secondary Private IP. ++ awsvip: ++ agent: "ocf:heartbeat:awsvip" ++ with: ipaddr ++ ++ # Supported agent to manage Virtual/Overlay IPs for SAP on AWS by updating VPC Routing Table. ++ aws_vpc_move_ip: ++ agent: "ocf:heartbeat:aws-vpc-move-ip" ++ ++# RHEL 8.6 and later: ++# Services that must be disabled and stopped for the VIP to work ++# otherwise AWS cloud-init keeps deleting the IP ++sap_ha_pacemaker_cluster_disable_services: ++ - nm-cloud-setup.timer ++ - nm-cloud-setup +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_gcp_ce_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_gcp_ce_vm.yml +new file mode 100644 +index 0000000..2e766b3 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_gcp_ce_vm.yml +@@ -0,0 +1,96 @@ ++--- ++# Variables specific on Google Cloud platform, Compute Engine Virtual Machines ++# ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++sap_ha_pacemaker_cluster_fence_agent_packages: ++ - fence-agents-gce ++ ++__sap_ha_pacemaker_cluster_platform_extra_packages: ++ - resource-agents-gcp ++ ++__sap_ha_pacemaker_cluster_repos: ++ - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" ++ name: High Availability ++ ++# Predefine ++__sap_ha_pacemaker_cluster_gcp_hosts: [] ++ ++sap_ha_pacemaker_cluster_stonith_default: ++ id: "res_fence_gce" ++ agent: "stonith:fence_gce" ++ options: ++ project: "{{ sap_ha_pacemaker_cluster_gcp_project }}" ++ zone: "{{ sap_ha_pacemaker_cluster_gcp_region_zone }}" ++ pcmk_reboot_timeout: 300 ++ pcmk_monitor_retries: 4 ++ pcmk_delay_max: 30 ++ ++# Platform specific VIP handling ++sap_ha_pacemaker_cluster_vip_method: gcp_nlb_reserved_ip_haproxy # gcp_vpc_move_route ++sap_ha_pacemaker_cluster_vip_group_prefix: group_ ++ ++# GCP needs haproxy and ports defined ++sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port: >- ++ {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} ++ 620{{ sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} ++ {%- else %}{% endif %} ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" ++ ++# Platform corosync totem configuration ++sap_ha_pacemaker_cluster_corosync_totem: ++ options: ++ token: 20000 ++ token_retransmits_before_loss_const: 10 ++ join: 60 ++ max_messages: 20 ++ ++__sap_ha_pacemaker_cluster_available_vip_agents: ++ ++ ipaddr: ++ agent: "ocf:heartbeat:IPaddr2" ++ ++ # Recommended method is to use an internal passthrough Network Load Balancer (NLB for TCP/UDP) ++ # and Reserved Static Internal IP Address, with host health check response using socat or HAProxy. ++ # ++ # Alternative method is to use static route Virtual IP (outside VPC Subnet ranges) using ++ # VPC Routing Table. ++ # ++ # Refer to Google Cloud Compute Engine Reserved Static Internal IP Address: ++ # https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address ++ # ++ # Refer to Google Cloud Load Balancing - Internal passthrough Network Load Balancer overview: ++ # https://cloud.google.com/load-balancing/docs/internal ++ # ++ # Refer to SAP HANA guidance 1: ++ # https://cloud.google.com/solutions/sap/docs/sap-hana-ha-planning-guide#virtual_ip_address ++ # ++ # Refer to SAP HANA guidance 2: ++ # https://cloud.google.com/solutions/sap/docs/sap-hana-ha-planning-guide#vip_implementation ++ # ++ # Refer to SAP NetWeaver guidance: ++ # https://cloud.google.com/solutions/sap/docs/sap-hana-ha-planning-guide#virtual_ip_address ++ ++ # Recommended method ++ # Use Linux Pacemaker resource class/standard (pcs resource standards) as ++ # 'service:' because this is an alias for selecting LSB/Systemd/Upstart dependent on OS ++ # https://clusterlabs.org/pacemaker/doc/2.1/Pacemaker_Explained/singlehtml/#system-services ++ gcp_nlb_reserved_ip_haproxy: ++ agent: "service:haproxy" ++ with: ipaddr ++ ++ # Alternative method: ++ # Move Virtual/Floating IP, must be outside of the VPC Subnet Range, by replacing ++ # (temporary route, delete, create, delete temp.) ++ # the VPC Routing Table record with next-hop as the VM Instance's ID. ++ # ++ # Execution via Python urllib to GCP Compute Engine API and GCP Metadata Server API ++ # heartbeat:gcp-vpc-move-route is the replacement of heartbeat:gcp-vpc-move-ip ++ # (which uses execution via GCloud CLI, and is itself a fork of external/gcp:route) ++ gcp_vpc_move_route: ++ agent: "ocf:heartbeat:gcp-vpc-move-route" ++ with: ipaddr +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_powervs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_powervs.yml +new file mode 100644 +index 0000000..e5938f1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_powervs.yml +@@ -0,0 +1,62 @@ ++--- ++# Variables specific on IBM Cloud platform, IBM Power Virtual Servers (ppc64le) ++# ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++sap_ha_pacemaker_cluster_fence_agent_packages: ++ - fence-agents-ibm-powervs ++ ++# __sap_ha_pacemaker_cluster_platform_extra_packages: ++# - ++ ++__sap_ha_pacemaker_cluster_repos: ++ - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" ++ name: High Availability E4S (4-Year) for Power, little endian ++# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" ++# name: High Availability EUS (2-Year) for Power, little endian ++# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" ++# name: High Availability for Power, little endian ++ ++# Predefine ++__sap_ha_pacemaker_cluster_ibmcloud_powervs_hosts: [] ++ ++ ++sap_ha_pacemaker_cluster_stonith_default: ++ id: "res_fence_ibm_powervs" ++ agent: "stonith:fence_ibm_powervs" ++ options: ++ token: "{{ sap_ha_pacemaker_cluster_ibmcloud_api_key }}" ++ region: "{{ sap_ha_pacemaker_cluster_ibmcloud_region }}" ++ crn: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_crn }}" ++ ++ # Identified during execution initial tasks, populated when variables are imported ++ instance: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_workspace_guid }}" ++ ++ # Identified during execution initial tasks, populated when variables are imported. ++ # Unnecessary when using pcmk_host_map. Identified during execution initial tasks, populated when variables are imported ++ # plug: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_instance_id }}" ++ ++ # Dependent on network interface attachments, if no public network interface ++ # then 'private' value must be provided. ++ api-type: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_api_type | default('public') }}" ++ ++ # Dependent on network interface attachments, if no public network interface ++ # then a valid HTTP Proxy URL value must be provided. ++ proxy: "{{ sap_ha_pacemaker_cluster_ibmcloud_powervs_forward_proxy_url | default('') }}" ++ ++ pcmk_reboot_timeout: 600 ++ pcmk_monitor_timeout: 600 ++ pcmk_status_timeout: 60 ++ ++ ++# Platform specific VIP handling ++sap_ha_pacemaker_cluster_vip_method: ipaddr_custom ++ ++__sap_ha_pacemaker_cluster_available_vip_agents: ++ ++ # IPaddr2 requires a Virtual IP within a common Network (i.e. 1 VLAN / 1 VPC / 1 VNet), ++ # one or more Subnets may be used. ++ # With this design restriction, IPaddr2 is only to be used for High Availability within ++ # a single location (i.e. 1 Availability Zone / Datacenter / Location within 1 Region). ++ ipaddr_custom: ++ agent: "ocf:heartbeat:IPaddr2" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_vs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_vs.yml +new file mode 100644 +index 0000000..e70b138 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_ibmcloud_vs.yml +@@ -0,0 +1,63 @@ ++--- ++# Variables specific on IBM Cloud platform, Virtual Servers (x86_64) ++# ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++sap_ha_pacemaker_cluster_fence_agent_packages: ++ - fence-agents-ibm-vpc ++ ++# __sap_ha_pacemaker_cluster_platform_extra_packages: ++# - ++ ++__sap_ha_pacemaker_cluster_repos: ++ - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" ++ name: High Availability E4S (4-Year) ++# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" ++# name: High Availability EUS (2-Year) ++# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" ++# name: High Availability ++ ++# Predefine ++__sap_ha_pacemaker_cluster_ibmcloud_hosts: [] ++ ++sap_ha_pacemaker_cluster_stonith_default: ++ id: "res_fence_ibm_vpc" ++ agent: "stonith:fence_ibm_vpc" ++ options: ++ apikey: "{{ sap_ha_pacemaker_cluster_ibmcloud_api_key }}" ++ region: "{{ sap_ha_pacemaker_cluster_ibmcloud_region }}" ++ pcmk_monitor_timeout: 600 ++ ++# Platform specific VIP handling ++sap_ha_pacemaker_cluster_vip_method: ibmcloud_alb_haproxy ++ ++# For HAPROXY an non-empty port default is required to enter the resource creation flow. ++# TODO: task logic that configures actual haproxy listening ports, ++# otherwise pairs like ASCS/ERS will conflict ++sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port: >- ++ {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} ++ 620{{ sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} ++ {%- else %}{% endif %} ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" ++ ++ ++__sap_ha_pacemaker_cluster_available_vip_agents: ++ ++ # Refer to IBM Cloud Load Balancer - Private Network Load Balancer (NLB Layer 4) ++ # for HA within 1 AZ of 1 Region: https://cloud.ibm.com/docs/vpc?topic=vpc-network-load-balancers ++ # ++ # Refer to IBM Cloud Load Balancer - Private Application Load Balancer (ALB Layer 7) ++ # for HA across 2 AZ of 1 Region: https://cloud.ibm.com/docs/vpc?topic=vpc-load-balancers-about ++ # ++ # The IBM Cloud Load Balancer's Back-end Pool Health Check will poll for connection response ++ # from a host listening port (using a designated OS process such as netcat, socat or HAProxy). ++ ++ # Use haproxy daemon to listen for and respond to health check probe monitoring private network ++ # requests from IBM Cloud Application Load Balancer (ALB), ++ # if failure to respond then the Load Balancer will perform failover activities. ++ ibmcloud_alb_haproxy: ++ agent: "service:haproxy" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_msazure_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_msazure_vm.yml +new file mode 100644 +index 0000000..d8607e3 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_cloud_msazure_vm.yml +@@ -0,0 +1,62 @@ ++--- ++# Variables specific on MS Azure platform, Virtual Machines ++# ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++# The packages of the following lists will be installed by the 'ha_cluster' Linux System Role. ++# Any packages that are pre-requisites for variable construction must be installed before, e.g. ++# in the preconfigure-* tasks. ++sap_ha_pacemaker_cluster_fence_agent_packages: ++ - fence-agents-azure-arm ++ ++__sap_ha_pacemaker_cluster_platform_extra_packages: ++ - socat ++ ++__sap_ha_pacemaker_cluster_repos: ++ - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rhui-rpms" ++ name: High Availability ++ - id: "rhui-microsoft-azure-rhel8-sap-ha" ++ name: Microsoft Azure RPMs for Red Hat Enterprise Linux 8 (rhel8-sap-ha) ++ ++# Predefine ++__sap_ha_pacemaker_cluster_msazure_hosts: [] ++ ++# Fencing via MS Azure Managed Service Identity (MSI) per cluster node ++sap_ha_pacemaker_cluster_stonith_default: ++ id: "res_fence_azure_arm" ++ agent: "stonith:fence_azure_arm" ++ options: ++ msi: true ++ subscriptionId: "{{ sap_ha_pacemaker_cluster_msazure_subscription_id }}" ++ resourceGroup: "{{ sap_ha_pacemaker_cluster_msazure_resource_group }}" ++ ++# Platform specific VIP handling ++sap_ha_pacemaker_cluster_vip_method: azure_lb ++ ++# The VIP layer consists of 2 components - the VIP and the health check resource ++sap_ha_pacemaker_cluster_vip_group_prefix: group_ ++ ++sap_ha_pacemaker_cluster_healthcheck_hana_primary_port: "620{{ sap_ha_pacemaker_cluster_hana_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_hana_secondary_port: >- ++ {% if sap_ha_pacemaker_cluster_vip_hana_secondary_ip_address | length > 0 -%} ++ 620{{ sap_ha_pacemaker_cluster_hana_instance_nr | int + 1 }} ++ {%- else %}{% endif %} ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ascs_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ascs_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_ers_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_ers_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_pas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_pas_instance_nr }}" ++sap_ha_pacemaker_cluster_healthcheck_nwas_abap_aas_port: "620{{ sap_ha_pacemaker_cluster_nwas_abap_aas_instance_nr }}" ++ ++__sap_ha_pacemaker_cluster_available_vip_agents: ++ ++ # IPaddr2 requires a Virtual IP within a common Network (i.e. 1 VLAN / 1 VPC / 1 VNet), ++ # one or more Subnets may be used. ++ # With this design restriction, IPaddr2 is only to be used for High Availability within ++ # a single location (i.e. 1 Availability Zone / Datacenter / Location within 1 Region) ++ ipaddr: ++ agent: "ocf:heartbeat:IPaddr2" ++ ++ # Use nc/socat to listen for and respond to health check probe monitoring requests from ++ # Azure Load Balancer, if failure to respond then the Load Balancer will perform failover activities ++ azure_lb: ++ agent: "ocf:heartbeat:azure-lb" ++ with: ipaddr +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_hyp_ibmpower_vm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_hyp_ibmpower_vm.yml +new file mode 100644 +index 0000000..dc4300e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/platform_hyp_ibmpower_vm.yml +@@ -0,0 +1,56 @@ ++--- ++# Variables specific on IBM PowerVM hypervisor, Virtual Machines (LPAR) ++# TODO: rename this file to match the actual "chassis_asset_tag" output ++# TODO: make sure to first respect 'ha_cluster' native variables ++ ++sap_ha_pacemaker_cluster_fence_agent_packages: ++ - fence-agents-lpar ++ ++# __sap_ha_pacemaker_cluster_platform_extra_packages: ++# - ++ ++__sap_ha_pacemaker_cluster_repos: ++ - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" ++ name: High Availability E4S (4-Year) for Power, little endian ++# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-eus-rpms" ++# name: High Availability EUS (2-Year) for Power, little endian ++# - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-rpms" ++# name: High Availability for Power, little endian ++ ++# Predefine ++__sap_ha_pacemaker_cluster_ibmpower_vm_hosts: [] ++ ++ ++sap_ha_pacemaker_cluster_stonith_default: ++ id: "res_fence_lpar" ++ agent: "stonith:fence_lpar" ++ options: ++ ip: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host }}" ++ ipport: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_port }}" ++ username: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_login }}" ++ password: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_login_password }}" ++ hmc_version: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_host_version | default('4') }}" ++ managed: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_host_mtms }}" ++ # Identified during execution initial tasks, populated when variables are imported ++ ++ # plug: "{{ sap_ha_pacemaker_cluster_ibmpower_vm_hmc_system_partition_name }}" ++ # Unnecessary when using pcmk_host_map. Identified during execution initial tasks, populated when variables are imported ++ ++ pcmk_reboot_retries: 4 ++ pcmk_reboot_timeout: 600 ++ pcmk_monitor_timeout: 600 ++ pcmk_status_timeout: 60 ++ power_timeout: 240 ++ ++ ++# Platform specific VIP handling ++sap_ha_pacemaker_cluster_vip_method: ipaddr ++ ++__sap_ha_pacemaker_cluster_available_vip_agents: ++ ++ # IPaddr2 requires a Virtual IP within a common Network (i.e. 1 VLAN / 1 VPC / 1 VNet), ++ # one or more Subnets may be used ++ # With this design restriction, IPaddr2 is only to be used for High Availability within ++ # a single location (i.e. 1 Availability Zone / Datacenter / Location within 1 Region) ++ ipaddr: ++ agent: "ocf:heartbeat:IPaddr2" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/redhat.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/redhat.yml +new file mode 100644 +index 0000000..dcf8452 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/redhat.yml +@@ -0,0 +1,21 @@ ++--- ++# Overwrite HA_CLUSTER repository ID to use E4S repository ++# - an alternative logic could be to enable the repo before running ha_cluster ++__sap_ha_pacemaker_cluster_repos: ++ - id: "rhel-{{ ansible_distribution_major_version }}-for-{{ ansible_architecture }}-highavailability-e4s-rpms" ++ name: High Availability ++ ++__sap_ha_pacemaker_cluster_halib_package: sap-cluster-connector ++ ++# List of configuration lines that must be added to the instance profiles. ++# Used in tasks/configure_nwas_ascs_ers_postinstallation.yml for SAP HA Interface setup. ++__sap_ha_pacemaker_cluster_connector_config_lines: ++ - "service/halib = $(DIR_EXECUTABLE)/saphascriptco.so" ++ - "service/halib_cluster_connector = /usr/bin/sap_cluster_connector" ++ ++# Cluster command to manage resources - pcs commands in Redhat OS family. ++__sap_ha_pacemaker_cluster_command: ++ resource_stop: "pcs resource disable" ++ resource_start: "pcs resource enable" ++ resource_defaults_show: "pcs resource defaults config" ++ resource_defaults_update: "pcs resource defaults update" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/suse.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/suse.yml +new file mode 100644 +index 0000000..c821de8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_ha_pacemaker_cluster/vars/suse.yml +@@ -0,0 +1,15 @@ ++--- ++__sap_ha_pacemaker_cluster_halib_package: sap-suse-cluster-connector ++ ++# List of configuration lines that must be added to the instance profiles. ++# Used in tasks/configure_nwas_ascs_ers_postinstallation.yml for SAP HA Interface setup. ++__sap_ha_pacemaker_cluster_connector_config_lines: ++ - "service/halib = $(DIR_EXECUTABLE)/saphascriptco.so" ++ - "service/halib_cluster_connector = /usr/bin/sap_suse_cluster_connector" ++ ++# Cluster commands to manage resources - crmsh commands in SUSE OS family. ++__sap_ha_pacemaker_cluster_command: ++ resource_stop: "crm resource stop" ++ resource_start: "crm resource start" ++ resource_defaults_show: "crm configure show type:rsc_defaults" ++ resource_defaults_update: "crm configure rsc_defaults" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/.ansible-lint b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/.ansible-lint +new file mode 100644 +index 0000000..90d348b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/.ansible-lint +@@ -0,0 +1,16 @@ ++--- ++exclude_paths: ++ - tests/sap_hana_install/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/README.md b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/README.md +new file mode 100644 +index 0000000..52a1ab8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/README.md +@@ -0,0 +1,408 @@ ++# sap_hana_install Ansible Role ++ ++Ansible role for SAP HANA Installation ++ ++## Support Status ++ ++The support status of this role is: "Fully supported" ++ ++## Requirements ++ ++The dependencies of this role should be automatically installed when installing the collection with ansible-galaxy. ++ ++For installing the dependencies manually, use the following command: ++ ++`ansible-galaxy install -vv -r meta/collection-requirements.yml` ++ ++### Configure your system for the installation of SAP HANA ++ ++- Make sure required volumes and filesystems are configured in the host. ++ ++- Run the roles `sap_general_preconfigure` and `sap_hana_preconfigure` for installing required packages and ++for configuring system settings. ++ ++### SAP HANA Software Installation .SAR Files ++ ++Place the following files in directory /software/hana or in any other directory specified by variable ++`sap_hana_install_software_directory`: ++ ++1. The SAPCAR executable for the correct hardware architecture ++ ++2. The SAP HANA Installation .SAR file ++ - SAP HANA 2.0 Server - `IMDB_SERVER*.SAR` file ++ ++3. Optional - SAP HANA Components .SAR files ++ - Include other optional components such as `IMDB_AFL*.SAR` or `IMDB_LCAPPS*.SAR` ++ ++4. Optional - SAP Host Agent .SAR file ++ - Include other optional components such as `SAPHOSTAGENT*SAR` ++ ++#### Sample Directory Contents - with .SAR files ++ ++- Sample directory `sap_hana_install_software_directory` containing SAP HANA software installation files ++ ```console ++ [root@hanahost SAP_HANA_INSTALLATION]# ls -l *.EXE *.SAR ++ -rwxr-xr-x. 1 nobody nobody 149561376 Mar 4 2021 IMDB_AFL20_054_1-80001894.SAR ++ -rwxr-xr-x. 1 nobody nobody 211762405 Mar 4 2021 IMDB_CLIENT20_007_23-80002082.SAR ++ -rwxr-xr-x. 1 nobody nobody 4483040 Mar 4 2021 SAPCAR_1010-70006178.EXE ++ -rwxr-xr-x. 1 nobody nobody 109492976 Mar 4 2021 IMDB_LCAPPS_2054_0-20010426.SAR ++ -rwxr-xr-x. 1 nobody nobody 109752805 Mar 4 2021 VCH202000_2054_0-80005463.SAR ++ -rwxr-xr-x. 1 nobody nobody 3694683699 Mar 4 2021 IMDB_SERVER20_054_0-80002031.SAR ++ -rwxr-xr-x. 1 nobody nobody 89285401 Sep 30 04:24 SAPHOSTAGENT51_51-20009394.SAR ++ ``` ++ ++If more than one SAPCAR EXE file is present in the software directory, the role will select the latest version ++for the current hardware architecture. Alternatively, the file name of the SAPCAR EXE file can also be set with ++variable `sap_hana_install_sapcar_filename`. Example: ++``` ++sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE ++``` ++ ++If more than one SAR file for a certain software product is present in the software directory, the automatic ++handling of such SAR files will fail after extraction, when moving the newly created product directories ++(like `SAP_HOST_AGENT`) to already existing destinations. ++For avoiding such situations, use following variable to provide a list of SAR files to extract: ++ ++`sap_hana_install_sarfiles`. ++ ++Example: ++``` ++sap_hana_install_sarfiles: ++ - SAPHOSTAGENT54_54-80004822.SAR ++ - IMDB_SERVER20_060_0-80002031.SAR ++``` ++ ++If there is a file named `.sha256` in the software download directory ++`sap_hana_install_software_directory` which contains the checksum and the file name similar to the output ++of the sha256sum command, the role will examine the sha256sum for the corresponding SAPCAR or SAR file and the ++processing will continue only if the checksum matches. ++ ++#### Extracted SAP HANA Software Installation Files ++ ++This role will detect if there is a file `hdblcm` already present in the directory specified by variable ++`sap_hana_install_software_extract_directory` or in any directory below. If If found, it will skip ++the .SAR extraction phase and proceed with the installation. ++ ++The default for `sap_hana_install_software_extract_directory` is `{{ sap_hana_install_software_directory }}/extracted` but it ++can be set to a different directory. ++ ++If this role is executed on more than one host in parallel and the software extraction directory is shared among those hosts, ++the role will only extract the files on the first host on which the extraction has started. The role will proceed on the other hosts ++after the extraction of SAR files has completed. ++ ++If NFS is used for sharing the SAP HANA installation media between the nodes, then it is required to define ++`sap_hana_install_configfile_directory`. The default for `sap_hana_install_configfile_directory` is ++"{{ sap_hana_install_software_extract_directory }}/configfiles". This variable should point to a non nfs path. After installation, ++if a cleanup of configfile is required, then set `sap_hana_install_cleanup_configfile_directory` as true. If a cleanup of ++software extract directory is required then set `sap_hana_install_cleanup_extract_directory` as true. The default value for both ++these cleanup actions are false. ++ ++ ++- Sample directory `sap_hana_install_software_extract_directory` containing extracted SAP HANA software installation files ++ ```console ++ [root@hanahost extracted]# ll -lrt ++ drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_AFL ++ drwxr-xr-x 5 root root 4096 Sep 30 04:55 SAP_HANA_CLIENT ++ drwxr-xr-x 4 root root 4096 Sep 30 04:55 SAP_HANA_LCAPPS ++ drwxr-xr-x 8 root root 4096 Sep 30 04:57 SAP_HANA_DATABASE ++ drwxr-xr-x 2 root root 4096 Sep 30 04:58 SAP_HOST_AGENT ++ drwxr-xr-x 4 root root 4096 Sep 30 04:58 VCH_AFL_2020 ++ ``` ++ ++#### SAP HANA hdblcm Configfile Processing ++ ++By default, the hdblcm configfile will be created dynamically in each run, as follows: After the role has ++found the hdblcm command or extracted the SAP HANA SAR file, it will call the hdblcm command with the ++option `--dump_configfile_template` to create a configfile template, which will then be converted into ++a Jinja2 configfile template according to the following rules: For each hdblcm parameter, the value ++will be either the value of the role variable prepended by the role name and an underscore, or a ++default (if present in the hdblcm configfile template). ++ ++Example: The value of hdblcm parameter `system_usage` will be set to the value of role variable ++`sap_hana_install_system_usage` or to `custom` in case the role variable has not been set. ++ ++The result of the templating is a new, customized hdblcm configfile, which will be used by the ++hdblcm command for the SAP HANA installation. ++ ++This provides great flexibility for handling different SAP HANA releases, which typically have a slightly ++different set of hdblcm parameters. For preparing the installation of a new SAP HANA system, it can be useful ++to run the role with tag `sap_hana_install_preinstall` first. This will display the full path names of the ++hdblcm configfile template, the Jinja2 template, and the result of the templating. By comparing the hdblcm ++configfile template with the templating result (indicated by placeholder `TEMPLATING_RESULT` below), you ++can quickly check if all role variables for the hdblcm command are set correctly and make any necessary ++adjustments to the role variables. ++ ++For displaying only the modified default lines, in two columns, use: ++`# diff -y --suppress-common-lines hdblcm_configfile_template.cfg TEMPLATING_RESULT` ++ ++For checking and comparing all non-empty hdblcm parameter settings, use: ++`# diff -y <(awk 'BEGIN{FS="="}/^[a-z]/&&length($2)>0{print $0}' hdblcm_configfile_template.cfg) ++ <(awk 'BEGIN{FS="="}/^[a-z]/&&length($2)>0{print $0}' TEMPLATING_RESULT)` ++ ++Note: If there is a file named `configfile.cfg` in the directory specified by role variable ++`sap_hana_install_configfile_directory`, this file will be used and no dynamic hdblcm configfile processing ++will be performed. Be aware that when using this file, any modifications to role variables after creation ++of this file will not be reflected. ++ ++## Further Variables and Parameters ++ ++### Input Parameters ++ ++If the variable `sap_hana_install_check_sidadm_user` is set to `no`, the role will install SAP HANA even ++if the sidadm user exists. Default is `yes`, in which case the installation will not be performed if the ++sidadm user exists. ++ ++The variable `sap_hana_install_new_system` determines if the role will perform a fresh SAP HANA installation ++or if it will add further hosts to an existing SAP HANA system as specified by variable ++`sap_hana_install_addhosts`. Default is `yes` for a fresh SAP HANA installation. ++ ++The role can be configured to also set the required firewall ports for SAP HANA. If this is desired, set ++the variable `sap_hana_install_update_firewall` to `yes` (default is `no`). The firewall ports are defined ++in a variable which is compatible with the variable structure used by Linux System Role `firewall`. ++The firewall ports for SAP HANA are defined in member `port` of the first field of variable ++`sap_hana_install_firewall` (`sap_hana_install_firewall[0].port`), see file `defaults/main.yml`. If the ++member `state` is set to `enabled`, the ports will be enabled. If the member `state` is set to `disabled`, ++the ports will be disabled, which might be useful for testing. ++ ++Certain parameters have identical meanings, for supporting different naming schemes in playbooks and inventories. ++You can find those in the task `Rename some variables used by hdblcm configfile` of the file `tasks/main.yml`. ++Example: The parameter `sap_hana_install_number`, which is used by the role to define the hdblm parameter `number` ++(= SAP HANA instance number) can be defined by setting `sap_hana_instance_number`, `sap_hana_install_instance_nr`, ++`sap_hana_install_instance_number`, or `sap_hana_install_number`. The order of precedence is from left to right. ++ ++### Default Parameters ++ ++Please check the default parameters file for more information on other parameters that can be used as an input ++- [**sap_hana_install** default parameters](defaults/main.yml) ++ ++## Execution ++ ++Sample Ansible Playbook Execution ++ ++- Local Host Installation ++ - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-hana-install.yml -e "@inputs/HDB.install"` ++ ++- Target Host Installation ++ - `ansible-playbook -i "" sap-hana-install.yml -e "@inputs/HDB.install"` ++ ++## Sample playbooks ++ ++### Sample playbook for installing a new scale-up (=single node) SAP HANA system ++ ++```yaml ++--- ++- hosts: all ++ collections: ++ - redhat.sap_install ++ become: true ++ vars: ++ sap_hana_install_software_directory: /software/hana ++ sap_hana_install_common_master_password: 'NewPass$321' ++ sap_hana_install_sid: 'H01' ++ sap_hana_install_instance_nr: '00' ++ roles: ++ - sap_hana_install ++``` ++ ++### Sample playbook for installing a new scale-out SAP HANA system ++ ++```yaml ++--- ++- hosts: all ++ collections: ++ - redhat.sap_install ++ become: true ++ vars: ++ sap_hana_install_software_directory: /software/hana ++ sap_hana_install_common_master_password: 'NewPass$321' ++ sap_hana_install_root_password: 'NewPass$321' ++ sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' ++ sap_hana_install_sid: 'H01' ++ sap_hana_install_instance_nr: '00' ++ roles: ++ - sap_hana_install ++``` ++ ++### Sample playbook for adding additional nodes to an existing SAP HANA installation ++ ++```yaml ++--- ++- hosts: all ++ collections: ++ - redhat.sap_install ++ become: true ++ vars: ++ sap_hana_install_software_directory: /software/hana ++ sap_hana_install_new_system: no ++ sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' ++ sap_hana_install_common_master_password: 'NewPass$321' ++ sap_hana_install_root_password: 'NewPass$321' ++ sap_hana_install_sid: 'H01' ++ sap_hana_install_instance_nr: '00' ++ roles: ++ - sap_hana_install ++``` ++ ++You can find more complex playbooks in directory `playbooks` of the collection `community.sap_install`. ++ ++## Flow ++ ++### New SAP HANA Installation ++ ++#### Perform Initial Checks ++ ++These checks are only performed if `sap_hana_install_force` is set to `true`. Its default value is `false` ++- If variable `sap_hana_install_check_sidadm_user` is undefined or set to `yes`: Check if user sidadm exists. If yes, ++ abort the role. ++ ++- Check if `/usr/sap/hostctrl/exe/saphostctrl` exists and get info on running HANA instances. ++ - If conflicting instances exist the role aborts with a failure ++ - If desired instance is running, the role aborts with success ++ ++- If `/usr/sap/hostctrl/exe/saphostctrl` does not exist ++ - Check if directory `/hana/shared/` exists. If yes and not empty, abort the role. ++ - Check if directory `/usr/sap/` exists. If yes and not empty, abort the role. ++ ++#### Pre-Install ++ ++- Set all passwords to follow master password if set to 'y'. ++ ++- Prepare the software located in directory `sap_hana_install_software_directory`: ++ ++ - If file `hdblcm` is found, skip the next step and proceed with the `hdblcm` existence check. ++ ++ - If file `hdblcm` is not found, proceed with the next step. ++ ++- Prepare SAR files for `hdblcm`: ++ ++ - Get a list of hardware matching SAPCAR executables from `sap_hana_install_software_directory` in case its file name is not ++ provided by role variable. ++ ++ - Select the most recent version of SAPCAR from the hardware matching SAPCAR executables identified before. ++ ++ - Get all SAR files from `sap_hana_install_software_directory` or use the SAR files provided by the corresponding role variable, if set. ++ ++ - Extract all SAR files into `sap_hana_install_software_extract_directory`. ++ ++Note: For each SAPCAR or SAR file called or used by the role, if variable `sap_hana_install_verify_checksums` ++is set to `yes`, the role will perform a checksum verification against a specific or global checksum file. ++ ++- Check existence of `hdblcm` in `SAP_HANA_DATABASE` directory from the extracted SAR files. ++ ++- Check the existence of file `configfile.cfg` in the directory `configfiles` below `sap_hana_install_software_extract_directory`. ++ ++If this file exists, copy it to a temporary directory for use by the hdblcm command. Be aware that when using this file, ++any modifications to role variables after creation of this file will not be reflected. ++ ++If this file is not present, perform the following three steps: ++ ++- Create a hdblcm configfile template directly from the hdblcm command, using option `dump_configfile_template`. ++ ++- Convert the configfile template into a Jinja2 template and download it to the control node. ++ ++- Process the Jinja2 template, using the configured role variables or default settings, to create a customized hdblm configfile ++in a temporary directory for use by the hdblcm command in the next step. ++ ++#### SAP HANA Install ++ ++- Execute hdblcm, using the configfile mentioned above. ++ ++#### Post-Install ++ ++- Create and Store Connection Info in hdbuserstore. ++ ++- Set Log Mode key to overwrite value and apply to system. ++ ++- Apply SAP HANA license to the new deployed instance if set to `yes`. ++ ++- Set expiry of Unix created users to `never`. ++ ++- Update `/etc/hosts` (optional - `yes` by default). ++ ++- Apply firewall rules (optional - `no` by default). ++ ++- Generate input file for `sap_swpm`. ++ ++- Print a short summary of the result of the installation. ++ ++### Add hosts to an existing SAP HANA Installation ++ ++#### Pre-Install ++ ++- Process SAP HANA configfile based on input parameters. ++ ++#### SAP HANA Add Hosts ++ ++- For each host to be added, check if there is: ++ - an instance profile in `/hana/shared//profile/_HDB_` ++ - a directory `/usr/sap//HDB/` ++ - an entry in the output of `./hdblcm --list_systems` ++ If any of the above is true, abort the role. ++ ++- Execute hdblcm. ++ ++#### Post-Install ++ ++- Print a short summary of the result of the installation. ++ ++## Tags ++ ++With the following tags, the role can be called to perform certain activities only: ++- tag `sap_hana_install_check_installation`: Perform an installation check, using `hdbcheck` or ++ `hdblcm --action=check_installation`. ++- tag `sap_hana_install_chown_hana_directories`: Only perform the chown of the SAP HANA directories ++ `/hana`, `/hana/shared`, `/hana/log`, and `/hana/data`. The main purpose of this tag is to use it ++ with `--skip-tags`, to skip modifying these directories. This can be useful when using tag ++ `sap_hana_install_preinstall`. ++- tag `sap_hana_install_configure_firewall`: Use this flag to only configure the firewall ports for ++ SAP HANA. Note: The role variable `sap_hana_install_update_firewall` has to be set to `yes` as ++ well. ++- tag `sap_hana_install_extract_sarfiles`: Use this flag with `--skip-tags` to run the SAR file ++ preparation steps of tag `sap_hana_install_prepare_sarfiles` without extracting the SAR files. ++- tag `sap_hana_install_generate_input_file`: Only generate the input file for SAP Application ++ deployment ++- tag `sap_hana_install_hdblcm_commandline`: Only show the hdblcm command line, without processing ++ the hdblcm template. This can be useful for checking the hdblcm command line options, especially ++ when using the `addhosts` function. ++- tag `sap_hana_install_preinstall`: Only perform pre-install activities. This includes selecting ++ the SAPCAR EXE file, extracting the SAR files if necessary, searching for hdblcm, and creating ++ the hdblcm configfile. ++- tag `sap_hana_install_prepare_sapcar`: Only copy the SAPCAR EXE files for the current architecture ++ to the extraction directory, verify the checksums of these files, and select the latest ++ version. Or copy the SAPCAR EXE file if given by role variable `sap_hana_install_sapcar_filename` ++ and then verify the checksum. ++- tag `sap_hana_install_prepare_sarfiles`: Run the steps of tag `sap_hana_install_prepare_sapcar` ++ to select the correct SAPCAR file, then copy the selected or provided SAR files to the ++ extraction directory (if requested), then verify the checksums of each SAR file. Lastly, extract ++ these SAR files to the extraction directory. ++- tag `sap_hana_install_set_log_mode`: Only set the log mode of an existing HANA installation to ++ `overwrite`. ++- tag `sap_hana_install_store_connection_information`: Only run the `hdbuserstore` command ++ ++Sample call for only processing the SAPCAR and SAR files and creating the hdblcm configfile: ++``` ++# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_preinstall --skip-tags=sap_hana_install_chown_hana_directories ++``` ++ ++Sample call for only processing the SAPCAR files: ++``` ++# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sapcar ++``` ++ ++Sample call for only processing the SAPCAR and SAR files, without extracting the SAR files: ++``` ++# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_prepare_sarfiles --skip-tags=sap_hana_install_extract_sarfiles ++``` ++ ++Sample call for only displaying the SAP HANA hdblcm command line: ++``` ++# ansible-playbook sap-hana-install.yml --tags=sap_hana_install_hdblcm_commandline ++``` ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, IBM Lab for SAP Solutions, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/defaults/main.yml +new file mode 100644 +index 0000000..98970c6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/defaults/main.yml +@@ -0,0 +1,208 @@ ++--- ++ ++################ ++# Main role parameters: ++################ ++# Set which Ansible Collection to use for the Linux System Roles. ++# For community/upstream, use 'fedora.linux_system_roles' ++# For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles' ++sap_hana_install_system_roles_collection: 'redhat.rhel_system_roles' ++ ++# Directory containing the IMDB SAR files and all components ++sap_hana_install_software_directory: '/software/hana' ++ ++# Directory into which the SAR files will be extracted. Defaults is {{ sap_hana_install_software_directory }}/extracted . ++# Note: In case the directory SAP_HANA_DATABASE does not exist in this directory, the directory will be removed and ++# created again before the extraction starts. ++sap_hana_install_software_extract_directory: "{{ sap_hana_install_software_directory }}/extracted" ++ ++# If there is a requirement to cleanup "sap_hana_install_software_extract_directory" after SAP HANA Installation, then ++# set the value to true. By default, this directory will not be removed ++sap_hana_install_cleanup_extract_directory: false ++ ++# Set this variable to `yes` if you want to copy the SAR files from `sap_hana_install_software_directory` ++# to `sap_hana_install_software_extract_directory/sarfiles` before extracting. ++# This might be useful if the SAR files are on a slow fileshare. ++sap_hana_install_copy_sarfiles: no ++ ++# Set the following variable to `yes` if you want to keep the copied SAR files. By default, the SAR files will be ++# removed after extraction. ++sap_hana_install_keep_copied_sarfiles: no ++ ++# File name of SAPCAR*EXE in the software directory. If the variable is not set and there is more than one SAPCAR executable ++# in the software directory, the latest SAPCAR executable for the CPU architecture will be selected automatically. ++#sap_hana_install_sapcar_filename: SAPCAR_1115-70006178.EXE ++ ++# List of file names of SAR files to extract. Can be set in case there are more SAR files in the software directory ++# than needed or desired for the HANA installation. ++#sap_hana_install_sarfiles: ++# - SAPHOSTAGENT54_54-80004822.SAR ++# - IMDB_SERVER20_060_0-80002031.SAR ++ ++# Set the following variable to `yes` to let the role abort if checksum verification fails for any SAPCAR or SAR file ++# called or used by the role. ++sap_hana_install_verify_checksums: no ++ ++# Checksum algorithm for checksum verification. Default is sha256, for which a checksum is available in the SAP software ++# download pages. ++sap_hana_install_checksum_algorithm: sha256 ++ ++# In case a global checksum file is present, use the following variable to specify the full path to this file: ++#sap_hana_install_global_checksum_file: "{{ sap_hana_install_software_directory }}/SHA256" ++ ++# Set the following variable to `yes` to let hdbclm verify SAR file signatures. This corresponds to the hdblcm command line ++# argument `--verify_signature`. ++sap_hana_install_verify_signature: no ++ ++# hdblcm configfile related variables: ++# Directory where to store the hdblcm configfile template and the Jinja2 template: ++sap_hana_install_configfile_directory: "{{ sap_hana_install_software_extract_directory }}/configfiles" ++ ++# If a custom path for sap_hana_install_configfile_directory was defined and if there is a requirement to cleanup this directory, ++# then set "sap_hana_install_cleanup_configfile_directory" as true. In case if a custom path was not defined and ++# "sap_hana_install_cleanup_extract_directory" was set as true, then the configfiles will be removed. ++sap_hana_install_cleanup_configfile_directory: false ++ ++# File name prefix for the hdblcm configfile template and the Jinja2 template: ++sap_hana_install_configfile_template_prefix: "hdblcm_configfile_template" ++ ++# Directory where to download the Jinja2 template: ++sap_hana_install_local_configfile_directory: '/tmp' ++ ++# If you would like to perform an installation check after the installation, set the following variable to 'yes'. ++# Note: This only works if there is no static configfile available in sap_hana_install_configfile_directory. ++sap_hana_install_check_installation: no ++ ++# Only if sap_hana_install_check_installation (above) is set to 'yes', you can select which command to use by setting the ++# following variable to `yes` or `no`. ++# yes: use the command 'hdbcheck', with parameters `--remote_execution=ssh` and `--scope=system` ++# no: use the command `hdblcm --action=check_installation` ++sap_hana_install_use_hdbcheck: yes ++ ++# If the following variable is set to yes, the HANA installation check will be skipped ++sap_hana_install_force: no ++ ++# If the following variable is set to `no`, the role will attempt to install SAP HANA even if there is already a sidadm user. ++# Default is `yes`. ++sap_hana_install_check_sidadm_user: yes ++ ++# If the following variable is undefined or set to `yes`, the role will perform a fresh SAP HANA installation. ++# If set to `no`, additional hosts as specified by variable sap_hana_install_addhosts will be added to ++# an existing HANA system. ++sap_hana_install_new_system: yes ++ ++# The first tenant database is using a port range not within the range of the ports of additional tenant databases. ++# In case this is not desired, you can set the following parameter to `yes` to recreate the initial tenant database. ++sap_hana_install_recreate_tenant_database: no ++ ++# For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively relabel directories and files ++# in `/hana` before the installation starts and in `/usr/sap` after the installation has finished. ++# If relabeling not desired, set the following variable to `no`. ++sap_hana_install_modify_selinux_labels: yes ++ ++################ ++# Parameters for hdblcm: ++################ ++# List of components to be installed, default 'all' ++# Components should be comma separated ++sap_hana_install_components: 'all' ++ ++# Pass some extra arguments to hdblcm, see some examples below. ++#sap_hana_install_hdblcm_extraargs: '--verify_signature' ++#sap_hana_install_hdblcm_extraargs: '--ignore=check_diskspace,check_min_mem' ++ ++# Instance details ++sap_hana_install_sid: ++sap_hana_install_number: ++sap_hana_install_install_path: '/hana/shared' ++ ++# Adjust these accordingly for your installation type ++sap_hana_install_system_usage: 'custom' ++sap_hana_install_restrict_max_mem: 'n' ++sap_hana_install_max_mem: ++ ++# hdblcm will use default ids if blank ++sap_hana_install_userid: ++sap_hana_install_groupid: ++ ++# Passwords ++# Setting master password to 'y' will use that master password for all passwords - recommended ++sap_hana_install_use_master_password: 'y' ++# Set one or more of the following password variables in your playbook or inventory. ++#sap_hana_install_master_password: ++#sap_hana_install_sidadm_password: ++#sap_hana_install_db_system_password: ++#sap_hana_install_lss_user_password: ++#sap_hana_install_lss_backup_password: ++#sap_hana_install_ase_user_password: ++#sap_hana_install_root_password: ++#sap_hana_install_sapadm_password: ++#sap_hana_install_xs_org_password: ++ ++# Optional steps ++sap_hana_install_update_firewall: no ++ ++# List of firewall ports for SAP HANA. Note: The structure of the variable is compatible ++# with the variable `firewall` of Linux System Role `firewall`. ++sap_hana_install_firewall: ++ - { port: ++ ['1128-1129/tcp', ++ '43{{ sap_hana_install_number }}/tcp', ++ '5050/tcp', ++ '9090-9093/tcp', ++ '3{{ sap_hana_install_number }}00-3{{ sap_hana_install_number }}90/tcp', ++ '30105/tcp', ++ '30107/tcp', ++ '30140/tcp', ++ '4{{ sap_hana_install_number }}01-4{{ sap_hana_install_number }}02/tcp', ++ '4{{ sap_hana_install_number }}06/tcp', ++ '4{{ sap_hana_install_number }}12/tcp', ++ '4{{ sap_hana_install_number }}14/tcp', ++ '4{{ sap_hana_install_number }}40/tcp', ++ '5{{ sap_hana_install_number }}00/tcp', ++ '5{{ sap_hana_install_number }}13-5{{ sap_hana_install_number }}14/tcp', ++ '51000/tcp', ++ '64997/tcp'], ++ state: 'enabled' } ++ ++# The following variable is no longer used. Setting /etc/hosts entries is done in role sap_general_preconfigure. ++#sap_hana_install_update_etchosts: yes ++ ++# Post install parameters ++sap_hana_install_hdbuserstore_key: 'HDB_SYSTEMDB' ++sap_hana_install_nw_input_location: '/tmp' ++ ++# License ++sap_hana_install_apply_license: no ++#sap_hana_install_license_path: ++#sap_hana_install_license_file_name: ++ ++# Misc ++ ++# The following variable can be used to specify the hostname used for generation of self-signed SSL certificates ++# for the SAP Host Agent. If empty, the current host will be used. ++sap_hana_install_certificates_hostmap: ++ ++# If the following variable is set to `y`, the role will start SAP HANA after each system boot. ++sap_hana_install_system_restart: 'n' ++ ++# If the following variable is undefined or set to `y`, the role will create an initial tenant database. ++# corresponding entry in the hdblcm configfile: ++# create_initial_tenant, default: 'y' ++sap_hana_install_create_initial_tenant: 'y' ++ ++# The following variable can be used to modify the log_mode to 'overwrite' after the installation has finished. ++# If unset or set to 'normal', the role will leave the log_mode to 'normal', which is required for SAP HANA ++# System Replication. The log_mode 'overwrite' is useful for limiting cost or capacity if System Replication ++# is not used. ++#sap_hana_install_log_mode: 'overwrite' ++ ++# If the following variable is specified, the role will perform a scaleout installation or it will add additional ++# hosts to an existing HANA system. ++# Corresponding hdblcm parameter: addhosts ++# Example: ++#sap_hana_install_addhosts: 'host2:role=worker,host3:role=worker:group=g02,host4:role=standby:group=g02' ++ ++# The hostname is set by 'hdblcm --dump_configfile_template' during the preinstall phase but can also ++# be set to a different value in your playbook or hostvars: ++# sap_hana_install_hostname: +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/files/tmp/tail-f-hdblcm-install-trc.sh b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/files/tmp/tail-f-hdblcm-install-trc.sh +new file mode 100644 +index 0000000..eef4290 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/files/tmp/tail-f-hdblcm-install-trc.sh +@@ -0,0 +1,20 @@ ++#!/bin/bash ++ ++while true; do ++# in case hdblcm has not yet started, we assume that it is waiting for sapdsigner to complete: ++ ps -ef | awk '/\/usr\/sap\/hostctrl\/exe\/sapdsigner/&&!/awk/{print}' ++ _HDBLCM_PID=$(ps -ef | awk '/hdblcm/&&/instlog_dir/&&!/awk/{print $2}') ++ if [[ ${_HDBLCM_PID}. != "." ]]; then ++# skip SC2046: No need to quote at "$(ps" because the awk statement should take ++# care of preventing word splitting ++# skip SC2125: We are using braces inside awk, not inside the shell. ++# shellcheck disable=SC2046,SC2125 ++ _HDBLCM_TRC_FILE=$(echo /var/tmp/hdblcm_$(ps -ef | awk '/hdblcm/{print}' | \ ++ awk 'BEGIN{RS=" "}/instlog_dir/{split ($0, a, "install_"); print a[2]}')*.trc) ++ echo "hdblcm trace file: ${_HDBLCM_TRC_FILE}" ++ tail -100f "${_HDBLCM_TRC_FILE}" ++ else ++ echo "Still waiting for hdblcm." ++ fi ++ sleep 2 ++done +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/argument_specs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/argument_specs.yml +new file mode 100644 +index 0000000..6fbc34b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/argument_specs.yml +@@ -0,0 +1,13 @@ ++--- ++argument_specs: ++ main: ++ short_description: SAP HANA Installation ++ options: # List of variables ++ sap_hana_install_sid: ++ description: HANA SID ++ type: str # str, list, dict, bool, int, float, path, raw, jsonarg, json, bytes, bits ++ required: false ++ sap_hana_install_number: ++ description: HANA Instance Number ++ type: str # str, list, dict, bool, int, float, path, raw, jsonarg, json, bytes, bits ++ required: false +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/collection-requirements.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/collection-requirements.yml +new file mode 100644 +index 0000000..58177a7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/collection-requirements.yml +@@ -0,0 +1,4 @@ ++--- ++ ++collections: ++ - name: redhat.rhel_system_roles +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/main.yml +new file mode 100644 +index 0000000..e1c9c06 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/meta/main.yml +@@ -0,0 +1,13 @@ ++--- ++galaxy_info: ++ namespace: community ++ author: Red Hat for SAP Community of Practice, IBM Lab for SAP Solutions, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber ++ description: Installation of SAP HANA on Linux OS (RHEL, SLES) ++ company: Red Hat, Inc. ++ license: Apache-2.0 ++ min_ansible_version: 2.9 ++ platforms: ++ - name: EL ++ versions: [7, 8, 9] ++ galaxy_tags: ['sap', 'hana', 'rhel', 'redhat', 'sles', 'suse'] ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/assert-addhosts-loop-block.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/assert-addhosts-loop-block.yml +new file mode 100644 +index 0000000..92d38b2 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/assert-addhosts-loop-block.yml +@@ -0,0 +1,37 @@ ++--- ++ ++- name: SAP HANA Add Hosts - Check for SAP HANA instance profile for '{{ line_item }}' ++ ansible.builtin.stat: ++ path: "/hana/shared/{{ sap_hana_install_sid }}/profile/{{ sap_hana_install_sid }}_HDB{{ sap_hana_install_number }}_{{ line_item }}" ++ register: __sap_hana_install_register_instance_profile_addhost ++ ++- name: SAP HANA Add Hosts - Show the path name of the instance profile ++ ansible.builtin.debug: ++ msg: "Instance profile: '/hana/shared/{{ sap_hana_install_sid }}/profile/{{ sap_hana_install_sid }}_HDB{{ sap_hana_install_number }}_{{ line_item }}'" ++ ++- name: SAP HANA Add Hosts - Assert that there is no instance profile for the additional hosts ++ ansible.builtin.assert: ++ that: not __sap_hana_install_register_instance_profile_addhost.stat.exists ++ fail_msg: ++ - "FAIL: There is already an instance profile for host '{{ line_item }}', at location:" ++ - " '/hana/shared/{{ sap_hana_install_sid }}/profile/{{ sap_hana_install_sid }}_HDB{{ sap_hana_install_number }}_{'{ line_item }}." ++ - "Because of this, the addhost operation will not be performed." ++ success_msg: "PASS: No instance profile was found for host '{{ line_item }}'." ++ ++- name: SAP HANA Add Hosts - Check for SAP HANA instance directory in '/usr/sap' ++ ansible.builtin.stat: ++ path: "/usr/sap/{{ sap_hana_install_sid }}/HDB{{ sap_hana_install_number }}/{{ line_item }}" ++ register: __sap_hana_install_register_usr_sap_instance_directory ++ ++- name: SAP HANA Add Hosts - Show the path name of the instance directory in '/usr/sap' ++ ansible.builtin.debug: ++ msg: "Instance directory in /usr/sap: '/usr/sap/{{ sap_hana_install_sid }}/HDB{{ sap_hana_install_number }}/{{ line_item }}'" ++ ++- name: SAP HANA Add Hosts - Assert that there is no SAP HANA instance directory in '/usr/sap' for the additional hosts ++ ansible.builtin.assert: ++ that: not __sap_hana_install_register_usr_sap_instance_directory.stat.exists ++ fail_msg: ++ - "FAIL: There is already an instance directory for host '{{ sap_hana_install_addhosts.split(':')[0] }}', at location:" ++ - " '/usr/sap/{{ sap_hana_install_sid }}/HDB{{ sap_hana_install_number }}/{{ line_item }}' ." ++ - "Because of this, the addhost operation will not be performed." ++ success_msg: "PASS: No instance directory was found for host '{{ line_item }}' in /usr/sap." +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_addhosts.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_addhosts.yml +new file mode 100644 +index 0000000..42c0e48 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_addhosts.yml +@@ -0,0 +1,94 @@ ++--- ++ ++- name: SAP HANA Add Hosts - Fill new variable __sap_hana_install_addhosts_hosts ++ ansible.builtin.set_fact: ++ __sap_hana_install_addhosts_hosts: "{{ __sap_hana_install_addhosts_hosts | d([]) + [item.split(':')[0]] }}" ++ with_items: "{{ sap_hana_install_addhosts.split(',') }}" ++ ++- name: SAP HANA Add Hosts - Show the contents of __sap_hana_install_addhosts_hosts ++ ansible.builtin.debug: ++ var: __sap_hana_install_addhosts_hosts ++ ++- name: SAP HANA Add Hosts - Show the additional hosts to be added ++ ansible.builtin.debug: ++ msg: "Additional hosts: '{{ __sap_hana_install_addhosts_hosts }}'" ++ ++- name: SAP HANA Add Hosts - Make sure the additional hosts are not yet part of the exiting SAP HANA system - file checks ++ ansible.builtin.include_tasks: assert-addhosts-loop-block.yml ++ loop: "{{ __sap_hana_install_addhosts_hosts }}" ++ loop_control: ++ loop_var: line_item ++ ++- name: SAP HANA Add Hosts - Make sure the additional hosts are not yet part of the exiting SAP HANA system - hdblcm checks ++ when: not ansible_check_mode ++ block: ++ ++# Reason for noqa: We can safely fail at the last command in the pipeline. ++ - name: SAP HANA Add Hosts - Run 'hdblcm --list_systems' # noqa risky-shell-pipe ++ ansible.builtin.shell: | ++ ./hdblcm --list_systems | awk '/\/hana\/shared\/{{ sap_hana_install_sid }}/{a=1} ++ /hosts:/{if (a==1){ ++ gsub ("^\\s*hosts: ", "");print;a=0} ++ }' ++ args: ++ chdir: "{{ sap_hana_install_install_path }}/{{ sap_hana_install_sid }}/hdblcm" ++ register: __sap_hana_install_register_hdblcm_list_systems ++ changed_when: false ++ ++ - name: SAP HANA Add Hosts - Show the output of hdblcm --list_systems ++ ansible.builtin.debug: ++ var: __sap_hana_install_register_hdblcm_list_systems ++ ++ - name: SAP HANA Add Hosts - Assert that the additional hosts are not shown in hdblcm --list_systems ++ ansible.builtin.assert: ++ that: line_item not in __sap_hana_install_register_hdblcm_list_systems.stdout ++ fail_msg: ++ - "FAIL: Host '{{ line_item }}' is already part of system '{{ sap_hana_install_sid }}'" ++ - "Because of this, the addhost operation will not be performed." ++ success_msg: "PASS: Host '{{ line_item }}' is not yet part of system '{{ sap_hana_install_sid }}'." ++ loop: "{{ __sap_hana_install_addhosts_hosts }}" ++ loop_control: ++ loop_var: line_item ++ ++- name: SAP HANA Add Hosts - Set fact for hdblcm command line ++ ansible.builtin.set_fact: ++ __sap_hana_install_hdblcm_command: "./hdblcm {{ sap_hana_install_hdblcm_extraargs | d('') }} --action=add_hosts --password={{ sap_hana_install_sidadm_password | d(sap_hana_install_master_password) }} --configfile={{ __sap_hana_install_register_tmpdir.path }}/configfile.cfg -b" ++ tags: sap_hana_install_hdblcm_commandline ++ ++- name: SAP HANA Add Hosts - Show the hdblcm addhosts command line ++ ansible.builtin.debug: ++ msg: "SAP HANA addhosts command: '{{ __sap_hana_install_hdblcm_command }}'" ++ tags: sap_hana_install_hdblcm_commandline ++ ++- name: SAP HANA Add Hosts - Add hosts to the existing SAP HANA installation ++ ansible.builtin.command: "{{ __sap_hana_install_hdblcm_command }}" ++ register: __sap_hana_install_register_hdblcm_add_hosts ++ args: ++ chdir: "{{ sap_hana_install_install_path }}/{{ sap_hana_install_sid }}/hdblcm" ++ changed_when: "'SAP HANA Lifecycle Management' in __sap_hana_install_register_hdblcm_add_hosts.stdout" ++ when: not ansible_check_mode ++ ++- name: SAP HANA Add Hosts - Show the result of hdblcm add_hosts ++ ansible.builtin.debug: ++ var: __sap_hana_install_register_hdblcm_add_hosts.stdout ++ when: not ansible_check_mode ++ ++- name: SAP HANA Add Hosts - Run 'hdblcm --list_systems' after the installation ++ ansible.builtin.shell: | ++ set -o pipefail && ./hdblcm --list_systems | awk '/\/hana\/shared\/{{ sap_hana_install_sid }}/{a=1} ++ /version:/{if (a==1){ ++ gsub ("^\\s*version: ", "");printf ("version: %s; hosts: ", $NF)} ++ } ++ /hosts?:/{if (a==1){ ++ gsub ("^\\s*hosts?: ", ""); print; a=0} ++ }' ++ args: ++ chdir: "{{ sap_hana_install_install_path }}/{{ sap_hana_install_sid }}/hdblcm" ++ register: __sap_hana_install_register_addhosts_result ++ changed_when: false ++ when: not ansible_check_mode ++ ++- name: SAP HANA Add Hosts - Show the HANA version and hosts ++ ansible.builtin.debug: ++ msg: "HANA system '{{ sap_hana_install_sid }}': {{ __sap_hana_install_register_addhosts_result.stdout }}" ++ when: not ansible_check_mode +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_exists.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_exists.yml +new file mode 100644 +index 0000000..679cc4e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_exists.yml +@@ -0,0 +1,151 @@ ++--- ++ ++## Try to use saphostctrl to figure out if HANA or other SID is installed ++- name: SAP HANA Checks - Check if saphostctrl is installed ++ ansible.builtin.stat: ++ path: /usr/sap/hostctrl/exe/saphostctrl ++ check_mode: false ++ register: __sap_hana_install_register_stat_saphostctrl ++ failed_when: false ++ ++- name: SAP HANA Checks - Check if SAP instances are installed with saphostctrl ++ when: __sap_hana_install_register_stat_saphostctrl.stat.exists ++ block: ++ ++ - name: SAP HANA Checks - Get list of installed SAP instances ++ ansible.builtin.shell: set -o pipefail && /usr/sap/hostctrl/exe/saphostctrl -function ListInstances | cut -d":" -f2- ++ register: __sap_hana_install_register_instancelist ++ changed_when: false ++ ++ - name: SAP HANA Checks - Display instances ++ ansible.builtin.debug: ++ var: __sap_hana_install_register_instancelist.stdout_lines ++ verbosity: 1 ++ ++ - name: SAP HANA Checks - Desired HANA is installed and running ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_is_installed: true ++ when: ++ - __sap_hana_install_loop_instance.split('-')[0] | trim == sap_hana_install_sid ++ - __sap_hana_install_loop_instance.split('-')[1] | trim == sap_hana_install_number ++ loop: "{{ __sap_hana_install_register_instancelist.stdout_lines }}" ++ loop_control: ++ loop_var: __sap_hana_install_loop_instance ++ label: "{{ __sap_hana_install_loop_instance.split('-')[0] | trim }}" ++ ++ - name: SAP HANA Checks - Trying to install HANA with other SID and existing instance number ++ ansible.builtin.fail: ++ msg: "The instance number {{ sap_hana_install_number }} is already used by HANA system {{ __sap_hana_install_loop_instance.split('-')[0] | trim }}!" ++ when: ++ - __sap_hana_install_loop_instance.split('-')[0] | trim != sap_hana_install_sid ++ - __sap_hana_install_loop_instance.split('-')[1] | trim == sap_hana_install_number ++ loop: "{{ __sap_hana_install_register_instancelist.stdout_lines }}" ++ loop_control: ++ loop_var: __sap_hana_install_loop_instance ++ label: "{{ __sap_hana_install_loop_instance.split('-')[0] | trim }}" ++ ++ - name: SAP HANA Checks - Trying to install HANA with existing SID and other instance number ++ ansible.builtin.fail: ++ msg: "HANA system {{ sap_hana_install_sid }} already exists with different instance number {{ __sap_hana_install_loop_instance.split('-')[1] | trim }}!" ++ when: ++ - __sap_hana_install_loop_instance.split('-')[0] | trim == sap_hana_install_sid ++ - __sap_hana_install_loop_instance.split('-')[1] | trim != sap_hana_install_number ++ loop: "{{ __sap_hana_install_register_instancelist.stdout_lines }}" ++ loop_control: ++ loop_var: __sap_hana_install_loop_instance ++ label: "{{ __sap_hana_install_loop_instance.split('-')[0] | trim }}" ++ ++## If saphostcontrol is not installed ++ ++- name: SAP HANA Checks - Check directories if no saphostctrl is found ++ when: not __sap_hana_install_register_stat_saphostctrl.stat.exists ++ block: ++ ++ - name: SAP HANA Checks - Get status of '/hana/shared/{{ sap_hana_install_sid }}' ++ ansible.builtin.stat: ++ path: "/hana/shared/{{ sap_hana_install_sid }}" ++ check_mode: false ++ register: __sap_hana_install_register_stat_hana_shared_sid_assert ++ failed_when: false ++ ++ - name: SAP HANA Checks - Get contents of '/hana/shared/{{ sap_hana_install_sid }}' ++ ansible.builtin.find: ++ paths: "/hana/shared/{{ sap_hana_install_sid }}" ++ patterns: '*' ++ register: __sap_hana_install_register_files_in_hana_shared_sid_assert ++ when: __sap_hana_install_register_stat_hana_shared_sid_assert.stat.exists ++ ++ - name: SAP HANA Checks - Fail if directory '/hana/shared/{{ sap_hana_install_sid }}' exists and is not empty ++ ansible.builtin.fail: ++ msg: "FAIL: Directory '/hana/shared/{{ sap_hana_install_sid }}' exists and is not empty!" ++ when: ++ - __sap_hana_install_register_stat_hana_shared_sid_assert.stat.exists ++ - __sap_hana_install_register_files_in_hana_shared_sid_assert.matched | int != 0 ++ ++ - name: SAP HANA Checks - Get status of '/usr/sap/{{ sap_hana_install_sid }}' ++ ansible.builtin.stat: ++ path: "/usr/sap/{{ sap_hana_install_sid }}" ++ check_mode: false ++ register: __sap_hana_install_register_stat_usr_sap_sid_assert ++ failed_when: false ++ ++ - name: SAP HANA Checks - Get contents of '/usr/sap/{{ sap_hana_install_sid }}' ++ ansible.builtin.find: ++ paths: "/usr/sap/{{ sap_hana_install_sid }}" ++ patterns: '*' ++ register: __sap_hana_install_register_files_in_usr_sap_sid_assert ++ when: __sap_hana_install_register_stat_usr_sap_sid_assert.stat.exists ++ ++ - name: SAP HANA Checks - Fail if directory '/usr/sap/{{ sap_hana_install_sid }}' exists and is not empty ++ ansible.builtin.fail: ++ msg: "FAIL: Directory '/usr/sap/{{ sap_hana_install_sid }}' exists and is not empty!" ++ when: ++ - __sap_hana_install_register_stat_usr_sap_sid_assert.stat.exists ++ - __sap_hana_install_register_files_in_usr_sap_sid_assert.matched | int != 0 ++ ++- name: SAP HANA Checks - HANA admin user check ++ when: ++ - sap_hana_install_check_sidadm_user | d(true) ++ - not __sap_hana_install_fact_is_installed | d(false) ++ block: ++ ++ - name: SAP HANA Checks - Get info about '{{ sap_hana_install_sid | lower }}adm' user ++ ansible.builtin.command: getent passwd {{ sap_hana_install_sid | lower }}adm ++ check_mode: false ++ register: __sap_hana_install_register_getent_passwd_sidadm ++ changed_when: false ++ failed_when: false ++ ++ - name: SAP HANA Checks - Fail if the user '{{ sap_hana_install_sid | lower }}adm' exists ++ ansible.builtin.fail: ++ msg: "FAIL: User '{{ sap_hana_install_sid | lower }}adm' exists!" ++ when: __sap_hana_install_register_getent_passwd_sidadm.rc == 0 ++ ++# The role supports specifying the SAP HANA group id in variable `sap_hana_install_groupid`, which is the id of the sapsys group. ++# The SAP HANA installation will fail if there is already a group named sapsys but with a different ID. Let's better fail before. ++- name: SAP HANA Checks - Check HANA admin group ++ when: ++ - sap_hana_install_groupid is defined ++ - sap_hana_install_groupid | string != "None" ++ - sap_hana_install_groupid | string | length > 0 ++ - not __sap_hana_install_fact_is_installed | d(false) ++ block: ++ ++ - name: SAP HANA Checks - Get info about the ID of the 'sapsys' group ++ ansible.builtin.command: getent group sapsys ++ check_mode: false ++ register: __sap_hana_install_register_getent_group_sapsys ++ changed_when: false ++ failed_when: false ++ ++ - name: SAP HANA Checks - Define new variable for the assertion ++ ansible.builtin.set_fact: ++ __sap_hana_install_existing_sapsys_gid: "{{ __sap_hana_install_register_getent_group_sapsys.stdout.split(':')[2] }}" ++ when: __sap_hana_install_register_getent_group_sapsys.rc == 0 ++ ++ - name: SAP HANA Checks - In case there is a group 'sapsys', assert that its group ID is identical to 'sap_hana_install_groupid' ++ ansible.builtin.assert: ++ that: (__sap_hana_install_existing_sapsys_gid | int) == (sap_hana_install_groupid | int) ++ success_msg: "PASS: The group ID of 'sapsys' is identical to the value of variable sap_hana_install_groupid, which is '{{ sap_hana_install_groupid }}'" ++ fail_msg: "FAIL: Group 'sapsys' exists but with a different group ID than '{{ sap_hana_install_groupid }}' (specified in variable sap_hana_install_groupid)!" ++ when: __sap_hana_install_register_getent_group_sapsys.rc == 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_install.yml +new file mode 100644 +index 0000000..72c7a17 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/hana_install.yml +@@ -0,0 +1,44 @@ ++--- ++ ++# Ansible does not support streaming of stdout, so we offer a workaround. ++# For more information, see https://github.com/ansible/proposals/issues/92 ++- name: Copy file tail-f-hdblcm-install-trc.sh to '{{ __sap_hana_install_register_tmpdir.path }}' ++ ansible.builtin.copy: ++ src: tmp/tail-f-hdblcm-install-trc.sh ++ dest: "{{ __sap_hana_install_register_tmpdir.path }}/tail-f-hdblcm-install-trc.sh" ++ owner: root ++ group: root ++ mode: '0755' ++ ++# Show how to use the workaround: ++- name: Show how to watch the install process in real time ++ ansible.builtin.debug: ++ msg: ++ - 'Once the task "Install SAP HANA" has started, you can use the following command' ++ - 'in a terminal session on {{ inventory_hostname }} to watch the install progress in real time:' ++ - "{{ __sap_hana_install_register_tmpdir.path }}/tail-f-hdblcm-install-trc.sh" ++ - 'Alternatively, you can run the following command on the control node:' ++ - "ssh {{ inventory_hostname }} {{ __sap_hana_install_register_tmpdir.path }}/tail-f-hdblcm-install-trc.sh" ++ ++- name: Set fact for the hdblcm verify_signature argument ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_verify_signature: '--verify_signature' ++ when: sap_hana_install_verify_signature ++ ++- name: Set fact for the hdblcm command line ++ ansible.builtin.set_fact: ++ __sap_hana_install_hdblcm_command: "./hdblcm {{ sap_hana_install_hdblcm_extraargs | d('') }} {{ __sap_hana_install_fact_verify_signature | d('') }} --configfile={{ __sap_hana_install_register_tmpdir.path }}/configfile.cfg -b" ++ tags: sap_hana_install_hdblcm_commandline ++ ++- name: Display the hdblcm command line ++ ansible.builtin.debug: ++ msg: "SAP HANA install command: '{{ __sap_hana_install_hdblcm_command }}'" ++ tags: sap_hana_install_hdblcm_commandline ++ ++- name: Install SAP HANA - {{ sap_hana_install_sid }} {{ sap_hana_install_number }} ++ ansible.builtin.command: "{{ __sap_hana_install_hdblcm_command }}" ++ register: __sap_hana_install_register_hdblcm_install ++ args: ++ chdir: "{{ __sap_hana_install_fact_hdblcm_path }}" ++ changed_when: "'SAP HANA Lifecycle Management' in __sap_hana_install_register_hdblcm_install.stdout" ++ when: not ansible_check_mode +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/main.yml +new file mode 100644 +index 0000000..1a8f2eb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/main.yml +@@ -0,0 +1,76 @@ ++--- ++ ++- name: Rename some variables used by hdblcm configfile ++ ansible.builtin.set_fact: ++ sap_hana_install_sid: "{{ sap_hana_sid | d(sap_hana_install_sid) | d('') }}" ++ sap_hana_install_number: "{{ sap_hana_instance_number | d(sap_hana_install_instance_nr) | d(sap_hana_install_instance_number) | d(sap_hana_install_number) | d('') }}" ++ sap_hana_install_master_password: "{{ sap_hana_install_common_master_password | d(sap_hana_install_master_password) }}" ++ sap_hana_install_system_usage: "{{ sap_hana_install_env_type | d(sap_hana_install_system_usage) }}" ++ sap_hana_install_restrict_max_mem: "{{ sap_hana_install_mem_restrict | d(sap_hana_install_restrict_max_mem) }}" ++ tags: ++ - sap_hana_install_check_hana_exists ++ - sap_hana_install_preinstall ++ - sap_hana_install_set_log_mode ++ - sap_hana_install_configure_firewall ++ ++- name: Fail if necessary variable 'sap_hana_install_sid' is not defined ++ ansible.builtin.fail: ++ msg: "The variable 'sap_hana_install_sid' is not defined." ++ when: sap_hana_install_sid | length == 0 ++ tags: ++ - sap_hana_install_check_hana_exists ++ - sap_hana_install_preinstall ++ ++- name: Validate SAP HANA System ID - 'sap_hana_install_sid' consists of 3 characters ++ ansible.builtin.assert: ++ that: sap_hana_install_sid | length == 3 ++ success_msg: "PASS: The length of the SAP System ID '{{ sap_hana_install_sid }}' is 3 characters." ++ fail_msg: "FAIL: The length of the SAP HANA System ID '{{ sap_hana_install_sid }}' is not 3 characters!" ++ tags: ++ - sap_hana_install_check_hana_exists ++ - sap_hana_install_preinstall ++ ++- name: Validate SAP HANA System ID - 'sap_hana_install_sid' is not in the list of reserved SAP SIDs ++ ansible.builtin.assert: ++ that: sap_hana_install_sid not in __sap_hana_install_sid_prohibited ++ success_msg: "PASS: The SAP HANA System ID '{{ sap_hana_install_sid }}' is not in the list of reserved SAP SIDs in SAP note 1979280 v.20." ++ fail_msg: "FAIL: The SAP HANA System ID '{{ sap_hana_install_sid }}' is in the list of reserved SAP SIDs in SAP note 1979280 v.20!" ++ tags: ++ - sap_hana_install_check_hana_exists ++ - sap_hana_install_preinstall ++ ++- name: Fail if necessary variable 'sap_hana_install_number' is not defined ++ ansible.builtin.fail: ++ msg: "The variable 'sap_hana_install_number' is not defined." ++ when: sap_hana_install_number | length == 0 ++ tags: ++ - sap_hana_install_check_hana_exists ++ - sap_hana_install_preinstall ++ ++- name: SAP HANA existence checking ++ ansible.builtin.import_tasks: hana_exists.yml ++ when: ++ - sap_hana_install_new_system | d(true) ++ - not sap_hana_install_force | d(false) ++ tags: ++ - sap_hana_install_check_hana_exists ++ - sap_hana_install_preinstall ++ ++- name: Install SAP HANA ++ when: not __sap_hana_install_fact_is_installed | d(false) ++ block: ++ ++ - name: SAP HANA pre-install steps ++ ansible.builtin.import_tasks: pre_install.yml ++ tags: sap_hana_install_preinstall ++ ++ - name: SAP HANA installation steps ++ ansible.builtin.import_tasks: hana_install.yml ++ when: sap_hana_install_new_system | d(true) ++ ++ - name: SAP HANA addhosts steps ++ ansible.builtin.import_tasks: hana_addhosts.yml ++ when: not sap_hana_install_new_system | d(true) ++ ++ - name: SAP HANA post-install steps ++ ansible.builtin.import_tasks: post_install.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install.yml +new file mode 100644 +index 0000000..23b443c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install.yml +@@ -0,0 +1,198 @@ ++--- ++ ++- name: Tasks for new HANA Systems ++ when: sap_hana_install_new_system | d(true) ++ block: ++ ++ - name: SAP HANA Post Install - Store connection information ++ ansible.builtin.include_tasks: post_install/hdbuserstore.yml ++ tags: sap_hana_install_store_connection_information ++ ++ - name: SAP HANA Post Install - Set log_mode ++ ansible.builtin.include_tasks: post_install/log_mode.yml ++ tags: sap_hana_install_set_log_mode ++ ++ - name: SAP HANA Post Install - Apply license ++ ansible.builtin.include_tasks: post_install/license.yml ++ when: sap_hana_install_apply_license ++ ++ - name: SAP HANA Post Install - Set '{{ sap_hana_install_sid | lower }}adm' to no expire ++ ansible.builtin.shell: | ++ chage -m 0 -M 99999 -I -1 -E -1 {{ sap_hana_install_sid | lower }}adm ++ args: ++ executable: /bin/bash ++ become: true ++ register: __sap_hana_install_post_install_register_sidadm_noexpire ++ changed_when: __sap_hana_install_post_install_register_sidadm_noexpire.rc == 0 ++ ++ - name: SAP HANA Post Install - Recreate the initial tenant database ++ ansible.builtin.include_tasks: post_install/recreate_tenant_database.yml ++ when: sap_hana_install_recreate_tenant_database | d(true) ++ ++# Optional Post Install Tasks ++ ++# not needed because already done in sap_general_preconfigure ++#- name: SAP HANA Post Install - Update /etc/hosts ++# ansible.builtin.include_tasks: post_install/update_etchosts.yml ++# when: ++# - "sap_hana_install_update_etchosts | bool" ++ ++ - name: SAP HANA Post Install - Firewall ++ ansible.builtin.include_tasks: post_install/firewall.yml ++ when: "sap_hana_install_update_firewall | bool" ++ tags: sap_hana_install_configure_firewall ++ ++ - name: SAP HANA Post Install - Generate Input File for SAP Application Deployment '{{ sap_hana_install_nw_input_location }}/{{ sap_hana_install_sid }}.info.nw.install' ++ ansible.builtin.template: ++ src: "{{ role_path }}/templates/sap-nw-input.j2" ++ dest: "{{ sap_hana_install_nw_input_location }}/{{ sap_hana_install_sid }}.info.nw.install" ++ mode: '0600' ++ become: false ++ delegate_to: 127.0.0.1 ++ vars: ++ ansible_become: false ++ tags: sap_hana_install_generate_input_file ++ ++################ ++ ++- name: Perform an hdblcm installation check ++ when: sap_hana_install_check_installation | d(false) ++ tags: sap_hana_install_check_installation ++ block: ++ ++ - name: SAP HANA hdblcm installation check - Create a Jinja2 template from the hdblcm xml configfile template ++ ansible.builtin.shell: | ++ set -o pipefail && ++ awk ' ++ !/^ /&&!/^\n")} ++ /^ /{split ($0, b, "[\*\*\*]"); gsub (">", ""); split ($0, a, "<"); printf ("%s\{\{ sap_hana_install_%s | d(sap_hana_install_master_password) \}\}%s\n", b[1], a[2], b[4])}' {{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.cfg.xml > {{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.xml.j2 ++ register: __sap_hana_install_create_jinja2_template ++ changed_when: no ++ ++ - name: SAP HANA hdblcm installation check - Display the location of the remote Jinja2 template ++ ansible.builtin.debug: ++ msg: "The Jinja2 template for creating the hdblcm configfile xml has been saved to '{{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.xml.j2'." ++ ++ - name: SAP HANA hdblcm installation check - Download the Jinja2 template ++ ansible.builtin.fetch: ++ src: "{{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.xml.j2" ++ dest: "{{ sap_hana_install_local_configfile_directory }}" ++ register: __sap_hana_install_register_fetch_hdblcm_configfile_xml_jinja2_template ++ ++ - name: SAP HANA hdblcm installation check - Display the location of the local Jinja2 template ++ ansible.builtin.debug: ++ msg: "The Jinja2 template has been downloaded to '{{ __sap_hana_install_register_fetch_hdblcm_configfile_xml_jinja2_template.dest }}'." ++ when: not ansible_check_mode ++ ++ - name: SAP HANA hdblcm installation check - Process the Jinja2 template to create the hdblcm xml configfile ++ ansible.builtin.template: ++ src: "{{ __sap_hana_install_register_fetch_hdblcm_configfile_xml_jinja2_template.dest }}" ++ dest: "{{ __sap_hana_install_register_tmpdir.path }}/configfile.cfg.xml" ++ mode: '0644' ++ register: __sap_hana_install_register_cftemplate ++ when: not ansible_check_mode ++ ++ - name: SAP HANA hdblcm installation check - Construct an hdbcheck command line ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_installation_check_command: "set -o pipefail && ./hdbcheck -b --read_password_from_stdin=xml --property_file={{ sap_hana_install_install_path }}/{{ sap_hana_install_sid }}/global/hdb/install/support/hdbcheck.xml --remote_execution=ssh --scope=system -b < {{ __sap_hana_install_register_tmpdir.path }}/configfile.cfg.xml" ++ when: sap_hana_install_use_hdbcheck | d(true) ++ ++ - name: SAP HANA hdblcm installation check - Construct an hdblcm command line ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_installation_check_command: "set -o pipefail && ./hdblcm --action=check_installation --read_password_from_stdin=xml -b < {{ __sap_hana_install_register_tmpdir.path }}/configfile.cfg.xml" ++ when: not sap_hana_install_use_hdbcheck | d(true) ++ ++ - name: SAP HANA hdblcm installation check - Display the command line ++ ansible.builtin.debug: ++ var: __sap_hana_install_fact_installation_check_command ++ ++# Reason for noqa: The command to be executed contains input redirection ++ - name: SAP HANA hdblcm installation check with hdbcheck - Perform the check # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_hana_install_fact_installation_check_command }}" ++ args: ++ chdir: "{{ sap_hana_install_install_path }}/{{ sap_hana_install_sid }}/global/hdb/install/bin" ++ register: __sap_hana_install_register_installation_check ++ changed_when: false ++ when: sap_hana_install_use_hdbcheck | d(true) ++ ++ - name: SAP HANA hdblcm installation check with hdbcheck - Display the result ++ ansible.builtin.debug: ++ var: __sap_hana_install_register_installation_check.stdout_lines ++ when: sap_hana_install_use_hdbcheck | d(true) ++ ++# Reason for noqa: The command to be executed contains input redirection ++ - name: SAP HANA hdblcm installation check with hdblcm - Perform the check # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_hana_install_fact_installation_check_command }}" ++ args: ++ chdir: "{{ sap_hana_install_install_path }}/{{ sap_hana_install_sid }}/hdblcm" ++ register: __sap_hana_install_register_installation_check ++ changed_when: false ++ when: not sap_hana_install_use_hdbcheck | d(true) ++ ++ - name: SAP HANA hdblcm installation check with hdblcm - Display the result ++ ansible.builtin.debug: ++ var: __sap_hana_install_register_installation_check.stdout_lines ++ when: not sap_hana_install_use_hdbcheck | d(true) ++ ++- name: SAP HANA Install - Run 'hdblcm --list_systems' after the installation ++ ansible.builtin.shell: | ++ set -o pipefail && ./hdblcm --list_systems | awk '/\/hana\/shared\/{{ sap_hana_install_sid }}/{a=1} ++ /version:/{if (a==1){ ++ gsub ("^\\s*version: ", "");printf ("%s;", $NF)} ++ } ++ /hosts?:/{if (a==1){ ++ gsub ("^\\s*hosts?: ", ""); gsub (", ", ","); print; a=0} ++ }' ++ args: ++ chdir: "{{ sap_hana_install_install_path }}/{{ sap_hana_install_sid }}/hdblcm" ++ register: __sap_hana_install_register_install_result ++ changed_when: no ++ when: not ansible_check_mode ++ ++- name: Configure '/usr/sap' SELinux file contexts ++ ansible.builtin.include_role: ++ name: '{{ sap_hana_install_system_roles_collection }}.selinux' ++ vars: ++ selinux_fcontexts: ++ - {target: '/usr/sap(/.*)?', setype: 'usr_t'} ++ selinux_restore_dirs: ++ - /usr/sap ++ when: sap_hana_install_modify_selinux_labels ++ ++- name: Set fact - HANA version ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_hana_version: "{{ __sap_hana_install_register_install_result.stdout.split(';')[0] }}" ++ when: not ansible_check_mode ++ ++- name: SAP HANA Post Install - Deleting software extract directory '{{ sap_hana_install_software_extract_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}" ++ state: absent ++ when: sap_hana_install_cleanup_extract_directory ++ ++- name: SAP HANA Post Install - Deleting Configfile Directory '{{ sap_hana_install_configfile_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_configfile_directory }}" ++ state: absent ++ when: sap_hana_install_cleanup_configfile_directory ++ ++- name: Set fact - HANA hosts ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_hana_hosts: "{{ __sap_hana_install_register_install_result.stdout.split(';')[1] }}" ++ when: not ansible_check_mode ++ ++- name: SAP HANA Deployment - Finished ++ ansible.builtin.debug: ++ msg: ++ - ' SAP HANA deployment successfully completed:' ++ - ' ' ++ - ' HANA Version - {{ __sap_hana_install_fact_hana_version }}' ++ - ' Hosts - {{ __sap_hana_install_fact_hana_hosts }}' ++ - ' SID - {{ sap_hana_install_sid }}' ++ - ' NR - {{ sap_hana_install_number }}' ++# - ' Master Password - {{ sap_hana_install_master_password }}' ++# - ' IP - {{ ansible_default_ipv4.address | default(ansible_all_ipv4_addresses[0]) }}' ++# - ' Host - {{ ansible_hostname }}' ++# - ' FQDN - {{ ansible_fqdn }}' ++ when: not ansible_check_mode +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/firewall.yml +new file mode 100644 +index 0000000..d9407bb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/firewall.yml +@@ -0,0 +1,68 @@ ++--- ++ ++- name: SAP HANA Post Install - Enable and start the firewalld service ++ ansible.builtin.systemd: ++ name: firewalld ++ state: started ++ enabled: yes ++ tags: sap_hana_install_configure_firewall ++ ++- name: SAP HANA Post Install - Construct the argument list for 'firewall-cmd --add-port' ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_firewall_cmd_args: "{{ ['--add-port='] | product(sap_hana_install_firewall[0].port) | map('join') | list }}" ++ when: sap_hana_install_firewall[0].state == 'enabled' ++ tags: sap_hana_install_configure_firewall ++ ++- name: SAP HANA Post Install - Construct the argument list for 'firewall-cmd --remove-port' ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_firewall_cmd_args: "{{ ['--remove-port='] | product(sap_hana_install_firewall[0].port) | map('join') | list }}" ++ when: sap_hana_install_firewall[0].state == 'disabled' ++ tags: sap_hana_install_configure_firewall ++ ++- name: SAP HANA Post Install - Set fact for the 'firewall-cmd' command ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_firewall_cmd_command: "firewall-cmd --zone=public {{ __sap_hana_install_fact_firewall_cmd_args | map('quote') | join(' ') }}" ++ tags: sap_hana_install_configure_firewall ++ ++- name: SAP HANA Post Install - Display the 'firewall-cmd' command ++ ansible.builtin.debug: ++ var: __sap_hana_install_fact_firewall_cmd_command ++ tags: sap_hana_install_configure_firewall ++ ++# No matter if the ports have already been enabled or not, the changed state ++# of the command is always true. For avoiding ansible-lint to report a violation ++# of the no-changed-when rule, we just set changed_when to true here. ++- name: SAP HANA Post Install - Enable the required ports immediately ++ ansible.builtin.command: "{{ __sap_hana_install_fact_firewall_cmd_command }}" ++ changed_when: yes ++ tags: sap_hana_install_configure_firewall ++ ++- name: SAP HANA Post Install - Get the current firewall configuration of the default zone ++ ansible.builtin.command: firewall-cmd --list-all ++ changed_when: no ++ register: __sap_hana_install_register_current_firewall_ports ++ tags: sap_hana_install_configure_firewall ++ ++- name: SAP HANA Post Install - Display the current firewall configuration of the default zone ++ ansible.builtin.debug: ++ var: __sap_hana_install_register_current_firewall_ports.stdout_lines ++ tags: sap_hana_install_configure_firewall ++ ++# No matter if the ports have already been enabled or not, the changed state ++# of the command is always true. For avoiding ansible-lint to report a violation ++# of the no-changed-when rule, we just set changed_when to true here. ++- name: SAP HANA Post Install - Enable the required ports permanently ++ ansible.builtin.command: "{{ __sap_hana_install_fact_firewall_cmd_command }} --permanent" ++ changed_when: yes ++ tags: sap_hana_install_configure_firewall ++ ++- name: SAP HANA Post Install - Get the permanent firewall configuration of the default zone ++ ansible.builtin.command: firewall-cmd --list-all ++ changed_when: no ++ register: __sap_hana_install_register_permanent_firewall_ports ++ tags: sap_hana_install_configure_firewall ++ ++- name: SAP HANA Post Install - Display the permanent firewall configuration of the default zone ++ ansible.builtin.debug: ++ var: __sap_hana_install_register_permanent_firewall_ports.stdout_lines ++ tags: sap_hana_install_configure_firewall +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/hdbuserstore.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/hdbuserstore.yml +new file mode 100644 +index 0000000..fc97dc9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/hdbuserstore.yml +@@ -0,0 +1,21 @@ ++--- ++ ++- name: SAP HANA Post Install - Create and Store Connection Info in hdbuserstore ++ ansible.builtin.shell: | ++ /usr/sap/{{ sap_hana_install_sid }}/SYS/exe/hdb/hdbuserstore \ ++ SET {{ sap_hana_install_hdbuserstore_key }} \ ++ {{ ansible_hostname }}:3{{ sap_hana_install_number }}13 \ ++ SYSTEM '{{ sap_hana_install_db_system_password | d(sap_hana_install_master_password) }}' ++ args: ++ executable: /bin/bash ++ become: true ++ become_user: "{{ sap_hana_install_sid | lower }}adm" ++ when: not ansible_check_mode ++ changed_when: no ++ register: __sap_hana_install_store_connection_information ++ tags: sap_hana_install_store_connection_information ++ ++- name: SAP HANA Post Install - Display the output of hdbuserstore ++ ansible.builtin.debug: ++ var: __sap_hana_install_store_connection_information.stdout_lines ++ tags: sap_hana_install_store_connection_information +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/license.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/license.yml +new file mode 100644 +index 0000000..cb1dd8c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/post_install/license.yml +@@ -0,0 +1,17 @@ ++--- ++ ++- name: SAP HANA Post Install - Apply the SAP HANA license ++ ansible.builtin.shell: | ++ /usr/sap/{{ sap_hana_install_sid | upper }}/HDB{{ sap_hana_install_number }}/exe/hdbsql \ ++ -i {{ sap_hana_install_number }} -u SYSTEM ++ -p {{ sap_hana_install_db_system_password | d(sap_hana_install_master_password) }} -m <- ++ {{ sap_hana_install_software_extract_directory }}/sapcar/{{ __sap_hana_install_fact_selected_sapcar_filename }} \ ++ -R {{ __sap_hana_install_tmp_software_extract_directory }} \ ++ -xvf {{ __sap_hana_install_fact_sar_dir }}/{{ __sap_hana_install_passed_sarfile }} \ ++ -manifest SIGNATURE.SMF ++ register: __sap_hana_install_register_extract ++ args: ++ chdir: "{{ sap_hana_install_software_extract_directory }}" ++ changed_when: "'SAPCAR: processing archive' in __sap_hana_install_register_extract.stdout" ++ ++- name: SAP HANA hdblcm prepare - Move files into the correct place, default ++ ansible.builtin.shell: | ++ extracted_dir=$(ls -d */) ++ mv SIGNATURE.SMF ${extracted_dir} ++ mv ${extracted_dir} .. ++ args: ++ chdir: "{{ __sap_hana_install_tmp_software_extract_directory }}" ++ changed_when: true ++ when: "'SAPHOST' not in __sap_hana_install_passed_sarfile" ++ ++- name: SAP HANA hdblcm prepare - Move files into the correct place, SAP Host Agent ++ ansible.builtin.command: mv ./tmp/SAP_HOST_AGENT . ++ args: ++ chdir: "{{ sap_hana_install_software_extract_directory }}" ++ changed_when: true ++ when: "'SAPHOST' in __sap_hana_install_passed_sarfile" ++ ++- name: SAP HANA hdblcm prepare - Remove temporary extraction directory '{{ sap_hana_install_software_extract_directory }}/tmp' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/tmp/" ++ state: absent +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/hdblcm_configfile.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/hdblcm_configfile.yml +new file mode 100644 +index 0000000..6e807c6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/hdblcm_configfile.yml +@@ -0,0 +1,92 @@ ++--- ++ ++- name: SAP HANA Pre Install - Create the hdblcm configfile directory '{{ sap_hana_install_configfile_directory }}' if it does not exist ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_configfile_directory }}" ++ state: directory ++ mode: '0755' ++ ++- name: SAP HANA Pre Install - Check if file '{{ sap_hana_install_configfile_directory }}/configfile.cfg' exists ++ ansible.builtin.stat: ++ path: "{{ sap_hana_install_configfile_directory }}/configfile.cfg" ++ check_mode: no ++ register: __sap_hana_install_register_stat_hdblcm_configfile ++ ++- name: SAP HANA Pre Install - Notify about existing hdblcm configfile ++ ansible.builtin.debug: ++ msg: "INFO: Using existing static hdblcm configfile '{{ sap_hana_install_configfile_directory }}/configfile.cfg'." ++ when: __sap_hana_install_register_stat_hdblcm_configfile.stat.exists ++ ++- name: SAP HANA Pre Install - Make the existing static hdblcm configfile available for the SAP HANA installation ++ ansible.builtin.copy: ++ src: "{{ sap_hana_install_configfile_directory }}/configfile.cfg" ++ dest: "{{ __sap_hana_install_register_tmpdir.path }}/configfile.cfg" ++ remote_src: true ++ owner: 'root' ++ group: 'root' ++ mode: '0755' ++ when: __sap_hana_install_register_stat_hdblcm_configfile.stat.exists ++ ++- name: Create the hdblcm configfile dynamically ++ when: not __sap_hana_install_register_stat_hdblcm_configfile.stat.exists ++ block: ++ ++ - name: SAP HANA Pre Install - Create the hdblcm configfile template '{{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.cfg' ++ ansible.builtin.command: "{{ __sap_hana_install_fact_hdblcm_path }}/hdblcm --dump_configfile_template={{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.cfg" ++ register: __sap_hana_install_register_hdblcm_output ++ changed_when: no ++ ++ - name: SAP HANA Pre Install - Display the output of the hdblcm command ++ ansible.builtin.debug: ++ msg: "Output of hdblcm command: {{ __sap_hana_install_register_hdblcm_output.stdout_lines }}" ++ ++# The following task creates a Jinja2 template from the hdblcm configfile template. This Jinja2 template is later used to ++# create the final hdblcm configfile. The task below works as follows: ++# - At the beginning, some header lines are created so that it is easy to identify how the template, and later the hdblcm configfile, ++# had been created. ++# - Each line from the hdblcm configfile template not starting with [a-z], that is each empty line and each line starting with a comment, ++# is just put into the Jinja2 template unmodified. ++# - Each line from the hdblcm configfile template starting with [a-z], that is each line containing an hdblcm variable, is processed ++# as follows: ++# - The original hdblbm parameter is printed, followed by the string "={{ sap_hana_install_", followed by the hdblcm parameter again, ++# then followed by " | d('" (meaning the Jinja2 'default' filter), followed by any default which might be present in the ++# hdblcm configfile template, followed by "') }}". By this, we achieve the following: ++# 1) If a role variable for the hdblcm configfile is set in the playbook or inventory (e.g. "sap_hana_install_max_mem"), its value ++# will be used to override the corresponding hdblcm configfile parameter (e.g. "max_mem"). ++# 2) If a role variable for the hdblcm configfile is not set in the playbook or inventory, either the default value which is set ++# in the hdblcm configfile template will be used, or an empty string. ++ - name: SAP HANA Pre Install - Create a Jinja2 template from the hdblcm configfile template ++ ansible.builtin.shell: | ++ set -o pipefail && ++ awk 'BEGIN{FS="="; printf ("\{\{ ansible_managed | comment \}\}\n# File created on: \{\{ template_host \}\}\n# Template file: \{\{ template_path \}\}\n#\n")} ++ !/^[a-z]/{print} ++ /^[a-z]/{printf ("%s=\{\{ sap_hana_install_%s | d(\047%s\047) \}\}\n", $1, $1, $2)}' {{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.cfg > {{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.j2 ++ register: __sap_hana_install_create_jinja2_template ++ changed_when: no ++ ++ - name: SAP HANA Pre Install - Display the location of the remote Jinja2 template ++ ansible.builtin.debug: ++ msg: "The Jinja2 template for creating the hdblcm configfile has been saved to '{{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.j2'." ++ ++ - name: SAP HANA Pre Install - Download the Jinja2 template ++ ansible.builtin.fetch: ++ src: "{{ sap_hana_install_configfile_directory }}/{{ sap_hana_install_configfile_template_prefix }}.j2" ++ dest: "{{ sap_hana_install_local_configfile_directory }}" ++ register: __sap_hana_install_register_fetch_hdblcm_configfile_jinja2_template ++ ++ - name: SAP HANA Pre Install - Display the location of the local Jinja2 template ++ ansible.builtin.debug: ++ msg: "The Jinja2 template has been downloaded to '{{ __sap_hana_install_register_fetch_hdblcm_configfile_jinja2_template.dest }}'." ++ when: not ansible_check_mode ++ ++ - name: SAP HANA Pre Install - Process the Jinja2 template to create the hdblcm configfile ++ ansible.builtin.template: ++ src: "{{ __sap_hana_install_register_fetch_hdblcm_configfile_jinja2_template.dest }}" ++ dest: "{{ __sap_hana_install_register_tmpdir.path }}/configfile.cfg" ++ mode: '0644' ++ register: __sap_hana_install_register_cftemplate ++ when: not ansible_check_mode ++ ++- name: SAP HANA Pre Install - Display the path name of the hdblcm configfile ++ ansible.builtin.debug: ++ msg: "The hdblcm configfile is: '{{ __sap_hana_install_register_tmpdir.path }}/configfile.cfg'" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/hdblcm_prepare.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/hdblcm_prepare.yml +new file mode 100644 +index 0000000..c5b59bb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/hdblcm_prepare.yml +@@ -0,0 +1,65 @@ ++--- ++# hdblcm prepare ++ ++# Create directory {{ sap_hana_install_software_extract_directory }} ++# This is where all extracted .SAR files will be stored ++ ++- name: SAP HANA hdblcm prepare - Remove directory '{{ sap_hana_install_software_extract_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}" ++ state: absent ++ tags: ++ - sap_hana_install_prepare_sapcar ++ - sap_hana_install_prepare_sarfiles ++ ++- name: SAP HANA hdblcm prepare - Create directory '{{ sap_hana_install_software_extract_directory }}' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}" ++ state: directory ++ mode: '0755' ++ tags: ++ - sap_hana_install_prepare_sapcar ++ - sap_hana_install_prepare_sarfiles ++ ++- name: SAP HANA hdblcm prepare - Create SAPCAR directory '{{ sap_hana_install_software_extract_directory }}/sapcar' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/sapcar" ++ state: directory ++ mode: '0755' ++ tags: ++ - sap_hana_install_prepare_sapcar ++ - sap_hana_install_prepare_sarfiles ++ ++- name: SAP HANA hdblcm prepare - Create status file '{{ sap_hana_install_software_extract_directory }}/__EXTRACTION_ONGOING__' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/__EXTRACTION_ONGOING__" ++ state: touch ++ mode: '0755' ++ ++- name: SAP HANA hdblcm prepare - Prepare SAPCAR ++ ansible.builtin.import_tasks: prepare_sapcar.yml ++ tags: ++ - sap_hana_install_prepare_sapcar ++ - sap_hana_install_prepare_sarfiles ++ ++- name: SAP HANA hdblcm prepare - Prepare SAR files ++ ansible.builtin.import_tasks: prepare_sarfiles.yml ++ tags: sap_hana_install_prepare_sarfiles ++ ++- name: SAP HANA hdblcm prepare - Remove status file '{{ sap_hana_install_software_extract_directory }}/__EXTRACTION_ONGOING__' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/__EXTRACTION_ONGOING__" ++ state: absent ++ ++- name: SAP HANA hdblcm prepare - Find 'SAP_HANA_DATABASE' in '{{ sap_hana_install_software_extract_directory }}' ++ ansible.builtin.find: ++ paths: "{{ sap_hana_install_software_extract_directory }}" ++ recurse: yes ++ file_type: directory ++ patterns: 'SAP_HANA_DATABASE' ++ register: __sap_hana_install_register_find_directory_sap_hana_database ++ ++- name: SAP HANA hdblcm prepare - Set fact for 'hdblcm' installer path ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_hdblcm_path: "{{ __sap_hana_install_register_find_directory_sap_hana_database.files[0].path }}" ++ when: not ansible_check_mode +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/prepare_sapcar.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/prepare_sapcar.yml +new file mode 100644 +index 0000000..be123f5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/prepare_sapcar.yml +@@ -0,0 +1,198 @@ ++--- ++# hdblcm prepare SAPCAR ++ ++- name: SAP HANA hdblcm prepare - SAPCAR defined - Prepare the SAPCAR executable if 'sap_hana_install_sapcar_filename' is defined ++ when: sap_hana_install_sapcar_filename is defined ++ block: ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR defined - Check if the SAPCAR executable exists ++ ansible.builtin.stat: ++ path: "{{ __sap_hana_install_fact_software_directory }}/{{ sap_hana_install_sapcar_filename }}" ++ register: __sap_hana_install_register_sapcar_stat ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR defined - Fail if the SAPCAR executable does not exist ++ ansible.builtin.fail: ++ msg: "FAIL: The SAPCAR EXE file '{{ __sap_hana_install_fact_software_directory }}/{{ sap_hana_install_sapcar_filename }}' does not exist!" ++ when: not __sap_hana_install_register_sapcar_stat.stat.exists ++ ++# We cannot always use the SAPCAR executable in __sap_hana_install_fact_software_directory because there are ++# some configurations in which executing files in this directory is not possible. So we always copy SAPCAR ++# to directory 'sapcar' in sap_hana_install_software_extract_directory. We do not copy the SAPCAR checksum file. ++ - name: SAP HANA hdblcm prepare - SAPCAR defined - Copy the SAPCAR executable to '{{ sap_hana_install_software_extract_directory }}/sapcar' ++ ansible.builtin.copy: ++ src: "{{ __sap_hana_install_fact_software_directory }}/{{ sap_hana_install_sapcar_filename }}" ++ dest: "{{ sap_hana_install_software_extract_directory }}/sapcar/{{ sap_hana_install_sapcar_filename }}" ++ remote_src: true ++ owner: 'root' ++ group: 'root' ++ mode: '0755' ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR defined - Separate file from directory names and add the global checksum file path ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sapcar_dict_tmp: {dir: "{{ sap_hana_install_software_extract_directory }}/sapcar", file: "{{ sap_hana_install_sapcar_filename }}", checksum_file: "{{ sap_hana_install_global_checksum_file }}"} ++ when: sap_hana_install_global_checksum_file is defined ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR defined - Separate file from directory names and add the specific checksum file path ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sapcar_dict_tmp: {dir: "{{ sap_hana_install_software_extract_directory }}/sapcar", file: "{{ sap_hana_install_sapcar_filename }}", checksum_file: "{{ __sap_hana_install_fact_software_directory }}/{{ sap_hana_install_sapcar_filename }}.sha256"} ++ when: sap_hana_install_global_checksum_file is not defined ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR defined - Create a list of one dict for checksum verification ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sapcar_dict: "{{ __sap_hana_install_fact_sapcar_dict | d([]) + [__sap_hana_install_fact_sapcar_dict_tmp] }}" ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR defined - Verify checksum for the SAPCAR executable ++ ansible.builtin.include_tasks: verify_checksum.yml ++ loop: "{{ __sap_hana_install_fact_sapcar_dict }}" ++ loop_control: ++ loop_var: __sap_hana_install_passed_file_dict ++ when: ++ - __sap_hana_install_fact_sapcar_dict | length > 0 ++ - sap_hana_install_verify_checksums ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR defined - Set fact for the SAPCAR executable from variable ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_selected_sapcar_filename: "{{ sap_hana_install_sapcar_filename }}" ++ ++- name: SAP HANA hdblcm prepare - SAPCAR autodetection - Prepare the SAPCAR executable if 'sap_hana_install_sapcar_filename' is not defined ++ when: sap_hana_install_sapcar_filename is not defined ++ block: ++ ++# We need the 'file' package for the 'file' command, which we need in the next task. ++# RHEL: The 'file' package is contained in the Base software group, which should be installed already. ++ ++# In the first step, we execute the file command for each of the SAPCAR EXE files. It displays the ++# hardware architecture in the second output field, using a string which is different from the output ++# of the 'uname -m' command. So we replace those strings by the "correct" ones. For ppc64 and ppc64le, ++# the second output field is identical. So in this case, we also look at the third and forth output field, ++# to handle cases where a ppc64 SAPCAR executable is present in the software directory. ++# After selecting the SAPCAR EXE files for the current architecture, we copy them to a temporary ++# directory sapcar_tmp in the software extract directory and then perform a checksum verification ++# for these files if the corresponding variable is set. ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Create directory '{{ sap_hana_install_software_extract_directory }}/sapcar_tmp' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/sapcar_tmp" ++ state: directory ++ mode: '0755' ++ ++# Reason for noqa: There are pipe symbols - as part of an or statement - in an awk command sequence. ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Identify matching SAR executables in '{{ __sap_hana_install_fact_software_directory }}' # noqa jinja[spacing] ++ ansible.builtin.shell: | ++ set -o pipefail && ++ for sapcar_any in SAPCAR*EXE; do ++ file ${sapcar_any} | awk '{ ++ split ($0, a, ":"); split (a[2], b, ","); sub ("^ ", "", b[2]); ++ sub ("x86-64", "x86_64", b[2]); ++ if (index (b[2], "64-bit PowerPC") > 0) { ++ if ((index (b[3], "GNU/Linux") > 0)||(index (b[4], "GNU/Linux") > 0)) {sub ("64-bit PowerPC", "ppc64le", b[2])}; ++ if ((index (b[3], "SYSV") > 0)||(index (b[4], "SYSV") > 0)) {sub ("64-bit PowerPC", "ppc64", b[2])}; ++ } ++ sub ("IBM S/390", "s390x", b[2]); ++ printf ("%s %s %s\n", a[1], b[2], b[3])}' ++ done | awk '$2=="{{ ansible_architecture }}"{printf ("%s\n", $1)}' ++ args: ++ chdir: "{{ __sap_hana_install_fact_software_directory }}" ++ register: __sap_hana_install_register_sapcar_matching_arch ++ changed_when: no ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Fail if no matching SAPCAR executable could be found ++ ansible.builtin.fail: ++ msg: "FAIL: No SAPCAR EXE file for architecture '{{ ansible_architecture }}' was found in {{ __sap_hana_install_fact_software_directory }}!" ++ when: __sap_hana_install_register_sapcar_matching_arch.stdout | length == 0 ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Create a list of files from SAPCAR executables of the matching architecture ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sapcar_filenames_matching_arch: "{{ __sap_hana_install_fact_sapcar_filenames_matching_arch | d([]) + [item] }}" ++ loop: "{{ __sap_hana_install_register_sapcar_matching_arch.stdout_lines }}" ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Copy matching SAPCAR executables to '{{ sap_hana_install_software_extract_directory }}/sapcar_tmp/' ++ ansible.builtin.copy: ++ src: "{{ __sap_hana_install_fact_software_directory }}/{{ item }}" ++ dest: "{{ sap_hana_install_software_extract_directory }}/sapcar_tmp/{{ item }}" ++ remote_src: true ++ owner: 'root' ++ group: 'root' ++ mode: '0755' ++ with_items: "{{ __sap_hana_install_fact_sapcar_filenames_matching_arch }}" ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Fill list of dicts containing dir, file, and global checksum file ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sapcar_dict: "{{ __sap_hana_install_fact_sapcar_dict | d([]) + [__sap_hana_install_tmp_sapcar_dict] }}" ++ with_items: "{{ __sap_hana_install_fact_sapcar_filenames_matching_arch }}" ++ vars: ++ __sap_hana_install_tmp_sapcar_dict: ++ dir: "{{ sap_hana_install_software_extract_directory }}/sapcar_tmp" ++ file: "{{ item }}" ++ checksum_file: "{{ sap_hana_install_global_checksum_file }}" ++ when: sap_hana_install_global_checksum_file is defined ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Fill list of dicts containing dir, file, and specific checksum file ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sapcar_dict: "{{ __sap_hana_install_fact_sapcar_dict | d([]) + [__sap_hana_install_tmp_sapcar_dict] }}" ++ with_items: "{{ __sap_hana_install_fact_sapcar_filenames_matching_arch }}" ++ vars: ++ __sap_hana_install_tmp_sapcar_dict: ++ dir: "{{ sap_hana_install_software_extract_directory }}/sapcar_tmp" ++ file: "{{ item }}" ++ checksum_file: "{{ __sap_hana_install_fact_software_directory }}/{{ item }}.sha256" ++ when: sap_hana_install_global_checksum_file is not defined ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Display __sap_hana_install_fact_sapcar_dict ++ ansible.builtin.debug: ++ var: __sap_hana_install_fact_sapcar_dict ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Verify checksum for SAPCAR executables ++ ansible.builtin.include_tasks: verify_checksum.yml ++ loop: "{{ __sap_hana_install_fact_sapcar_dict }}" ++ loop_control: ++ loop_var: __sap_hana_install_passed_file_dict ++ when: ++ - __sap_hana_install_fact_sapcar_dict | length > 0 ++ - sap_hana_install_verify_checksums ++ ++# For each file in temporary directory sapcar_tmp in the software extract directory, we run it with option ++# --version and then identify the most recent one, which is then copied to directory sapcar. ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Identify the SAPCAR executable with the latest version ++ ansible.builtin.shell: | ++ set -o pipefail && ++ for sapcar_matching_arch in "{{ __sap_hana_install_fact_sapcar_filenames_matching_arch | map('quote') | join(' ') }}"; do ++ ( printf "%s " $(basename ${sapcar_matching_arch}) ++ {{ sap_hana_install_software_extract_directory }}/sapcar_tmp/$(basename ${sapcar_matching_arch}) --version | ++ awk '/kernel release/{rel=$NF}/patch number/{printf ("%s %s\n", rel, $NF)}' ++ ) ++ done | sort -k 2 -nr -k 3 -nr | awk 'NR==1{printf ("%s - SAP kernel: %s; Patch number: %s\n", $1, $2, $3)}' ++ args: ++ chdir: "{{ sap_hana_install_software_extract_directory }}/sapcar_tmp" ++ register: __sap_hana_install_register_latest_sapcar_file ++ changed_when: no ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Display SAPCAR executable file name, SAP kernel release, and patch number ++ ansible.builtin.debug: ++ msg: "Using SAPCAR executable: {{ __sap_hana_install_register_latest_sapcar_file.stdout }}" ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Set fact for SAPCAR executable from autodetection ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_selected_sapcar_filename: "{{ __sap_hana_install_register_latest_sapcar_file.stdout.split(' ').0 }}" ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Copy the autodetected SAPCAR executable to '{{ sap_hana_install_software_extract_directory }}/sapcar' ++ ansible.builtin.copy: ++ src: "{{ sap_hana_install_software_extract_directory }}/sapcar_tmp/{{ __sap_hana_install_fact_selected_sapcar_filename }}" ++ dest: "{{ sap_hana_install_software_extract_directory }}/sapcar/{{ __sap_hana_install_fact_selected_sapcar_filename }}" ++ remote_src: true ++ owner: 'root' ++ group: 'root' ++ mode: '0755' ++ when: not ansible_check_mode ++ ++ - name: SAP HANA hdblcm prepare - SAPCAR autodetection - Remove directory '{{ sap_hana_install_software_extract_directory }}/sapcar_tmp' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/sapcar_tmp" ++ state: absent ++ ++- name: SAP HANA hdblcm prepare - Make sure the SAPCAR executable has execute permissions and is owned by root ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/sapcar/{{ __sap_hana_install_fact_selected_sapcar_filename }}" ++ mode: '0755' ++ owner: root ++ group: root ++ when: not ansible_check_mode +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/prepare_sarfiles.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/prepare_sarfiles.yml +new file mode 100644 +index 0000000..a77c50e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/prepare_sarfiles.yml +@@ -0,0 +1,111 @@ ++--- ++# hdblcm prepare sarfiles ++ ++- name: SAP HANA hdblcm prepare - Set fact for final location of SAR files, default ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sar_dir: "{{ __sap_hana_install_fact_software_directory }}" ++ ++- name: SAP HANA hdblcm prepare - Set fact list of SAR files if 'sap_hana_install_sarfiles' is defined ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sarfiles: "{{ sap_hana_install_sarfiles }}" ++ when: sap_hana_install_sarfiles is defined ++ ++- name: Display the resulting list of file names from variable ++ ansible.builtin.debug: ++ var: __sap_hana_install_fact_sarfiles ++ when: sap_hana_install_sarfiles is defined ++ ++- name: SAP HANA hdblcm prepare - Find all SAR files if 'sap_hana_install_sarfiles' is undefined ++ when: sap_hana_install_sarfiles is not defined ++ block: ++ ++ - name: SAP HANA hdblcm prepare - Find all SAR files in '{{ __sap_hana_install_fact_software_directory }}' ++ ansible.builtin.find: ++ paths: "{{ __sap_hana_install_fact_software_directory }}" ++ recurse: no ++ file_type: file ++ patterns: '*.SAR' ++ register: __sap_hana_install_register_find_sarfiles ++ ++ - name: SAP HANA hdblcm prepare - Create list of file names from the find result ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sarfiles: "{{ __sap_hana_install_fact_sarfiles | d([]) + [item.path | basename] }}" ++ loop: "{{ __sap_hana_install_register_find_sarfiles.files }}" ++ ++ - name: Display the resulting list of file names after find ++ ansible.builtin.debug: ++ var: __sap_hana_install_fact_sarfiles ++ ++- name: Copy SAR files to final destination if 'sap_hana_install_copy_sarfiles' is 'yes' ++ when: sap_hana_install_copy_sarfiles ++ block: ++ ++ - name: SAP HANA hdblcm prepare - Create directory '{{ sap_hana_install_software_extract_directory }}/sarfiles' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/sarfiles" ++ state: directory ++ mode: '0755' ++ ++ - name: SAP HANA hdblcm prepare - Copy SAR files to '{{ sap_hana_install_software_extract_directory }}/sarfiles' ++ ansible.builtin.copy: ++ src: "{{ __sap_hana_install_fact_software_directory }}/{{ item }}" ++ dest: "{{ sap_hana_install_software_extract_directory }}/sarfiles/{{ item }}" ++ remote_src: true ++ mode: 0755 ++ owner: root ++ group: root ++ with_items: "{{ __sap_hana_install_fact_sarfiles }}" ++ ++ - name: SAP HANA hdblcm prepare - Set fact for final location of SAR files, copy_sarfiles ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sar_dir: "{{ sap_hana_install_software_extract_directory }}/sarfiles" ++ ++- name: SAP HANA hdblcm prepare - Fill list of dicts containing dir, file, and global checksum file ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sarfiles_dict: "{{ __sap_hana_install_fact_sarfiles_dict | d([]) + [__sap_hana_install_tmp_sarfiles_dict] }}" ++ with_items: "{{ __sap_hana_install_fact_sarfiles }}" ++ vars: ++ __sap_hana_install_tmp_sarfiles_dict: ++ dir: "{{ __sap_hana_install_fact_sar_dir }}" ++ file: "{{ item }}" ++ checksum_file: "{{ sap_hana_install_global_checksum_file }}" ++ when: sap_hana_install_global_checksum_file is defined ++ ++- name: SAP HANA hdblcm prepare - Fill list of dicts containing dir, file, and specific checksum file ++ ansible.builtin.set_fact: ++ __sap_hana_install_fact_sarfiles_dict: "{{ __sap_hana_install_fact_sarfiles_dict | d([]) + [__sap_hana_install_tmp_sarfiles_dict] }}" ++ with_items: "{{ __sap_hana_install_fact_sarfiles }}" ++ vars: ++ __sap_hana_install_tmp_sarfiles_dict: ++ dir: "{{ __sap_hana_install_fact_sar_dir }}" ++ file: "{{ item }}" ++ checksum_file: "{{ __sap_hana_install_fact_software_directory }}/{{ item }}.sha256" ++ when: sap_hana_install_global_checksum_file is not defined ++ ++- name: SAP HANA hdblcm prepare - Verify checksums for all SAR files in folder '{{ __sap_hana_install_fact_sar_dir }}' ++ ansible.builtin.include_tasks: verify_checksum.yml ++ loop: "{{ __sap_hana_install_fact_sarfiles_dict }}" ++ loop_control: ++ loop_var: __sap_hana_install_passed_file_dict ++ when: ++ - __sap_hana_install_fact_sarfiles | length > 0 ++ - not ansible_check_mode ++ - sap_hana_install_verify_checksums ++ ++- name: SAP HANA hdblcm prepare - Extract all SAR files in folder '{{ __sap_hana_install_fact_software_directory }}' ++ ansible.builtin.include_tasks: extract_sarfile.yml ++ loop: "{{ __sap_hana_install_fact_sarfiles }}" ++ loop_control: ++ loop_var: __sap_hana_install_passed_sarfile ++ when: ++ - __sap_hana_install_fact_sarfiles | length > 0 ++ - not ansible_check_mode ++ tags: sap_hana_install_extract_sarfiles ++ ++- name: SAP HANA hdblcm prepare - Remove temporary SAR file directory '{{ sap_hana_install_software_extract_directory }}/sarfiles' ++ ansible.builtin.file: ++ path: "{{ sap_hana_install_software_extract_directory }}/sarfiles/" ++ state: absent ++ when: ++ - sap_hana_install_copy_sarfiles ++ - not sap_hana_install_keep_copied_sarfiles +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/verify_checksum.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/verify_checksum.yml +new file mode 100644 +index 0000000..c9c1feb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/tasks/pre_install/verify_checksum.yml +@@ -0,0 +1,43 @@ ++--- ++ ++- name: SAP HANA hdblcm prepare - Check if checksum file exists ++ ansible.builtin.stat: ++ path: "{{ __sap_hana_install_passed_file_dict.checksum_file }}" ++ register: __sap_hana_install_register_stat_checksum_file ++ ++- name: SAP HANA hdblcm prepare - Fail if the checksum file is missing ++ ansible.builtin.fail: ++ msg: "FAIL: Missing checksum file '{{ __sap_hana_install_passed_file_dict.checksum_file }}'!" ++ when: not __sap_hana_install_register_stat_checksum_file.stat.exists ++ ++- name: Continue if checksum file exists ++ when: __sap_hana_install_register_stat_checksum_file.stat.exists ++ block: ++ ++# We are using awk to search for the file name in the checksum file. If there is no entry for the file, instead of ++# displaying the checksum for the file, we display the string 'Missing entry' on stdout. ++# Reason for noqa: A double brace might also occur in an awk command sequence. ++ - name: SAP HANA hdblcm prepare - Get expected checksum from file # noqa jinja[spacing] ++ ansible.builtin.command: "awk 'BEGIN{a=0}/{{ __sap_hana_install_passed_file_dict.file }}/{a++; print $1}END{if (a==0){print \"Missing entry\"}}' {{ __sap_hana_install_passed_file_dict.checksum_file }}" ++ check_mode: no ++ register: __sap_hana_install_register_checksum_from_file ++ changed_when: no ++ ++ - name: SAP HANA hdblcm prepare - Fail if an entry for file '{{ __sap_hana_install_passed_file_dict.file }}' is missing in '{{ __sap_hana_install_passed_file_dict.checksum_file }}' ++ ansible.builtin.fail: ++ msg: "FAIL: Missing entry for file '{{ __sap_hana_install_passed_file_dict.file }}' in '{{ __sap_hana_install_passed_file_dict.checksum_file }}'!" ++ when: __sap_hana_install_register_checksum_from_file.stdout == 'Missing entry' ++ ++ - name: SAP HANA hdblcm prepare - Calculate checksum of '{{ __sap_hana_install_passed_file_dict.file }}' ++ ansible.builtin.stat: ++ path: "{{ __sap_hana_install_passed_file_dict.dir }}/{{ __sap_hana_install_passed_file_dict.file }}" ++ checksum_algorithm: "{{ sap_hana_install_checksum_algorithm }}" ++ register: __sap_hana_install_register_stat_file ++ when: __sap_hana_install_register_checksum_from_file.stdout != 'Missing entry' ++ ++ - name: SAP HANA hdblcm prepare - Assert that the checksum of the SAR file is correct ++ ansible.builtin.assert: ++ that: __sap_hana_install_register_stat_file.stat.checksum == __sap_hana_install_register_checksum_from_file.stdout.split(' ').0 ++ fail_msg: "FAIL: The checksum of file '{{ __sap_hana_install_passed_file_dict.dir }}/{{ __sap_hana_install_passed_file_dict.file }}' does not match the checksum stored in file '{{ __sap_hana_install_passed_file_dict.checksum_file }}'!" ++ success_msg: "PASS: The checksum of file '{{ __sap_hana_install_passed_file_dict.dir }}/{{ __sap_hana_install_passed_file_dict.file }}' matches the checksum stored in file '{{ __sap_hana_install_passed_file_dict.checksum_file }}'." ++ when: __sap_hana_install_register_checksum_from_file.stdout != 'Missing entry' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/templates/sap-nw-input.j2 b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/templates/sap-nw-input.j2 +new file mode 100644 +index 0000000..3b79e16 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/templates/sap-nw-input.j2 +@@ -0,0 +1,16 @@ ++{{ ansible_managed | comment }} ++# File created on: {{ template_host }} ++# Template file: {{ template_path }} ++# ++ ++# SAP HANA Instance Parameters ++sap_swpm_db_ip: '{{ ansible_default_ipv4.address|default(ansible_all_ipv4_addresses[0]) }}' ++sap_swpm_db_fqdn: '{{ ansible_fqdn }}' ++sap_swpm_db_host: '{{ ansible_hostname }}' ++sap_swpm_db_sid: '{{ sap_hana_install_sid }}' ++sap_swpm_db_instance_nr: '{{ sap_hana_install_number }}' ++ ++# SAP HANA Passwords ++sap_swpm_db_system_password: '{{ sap_hana_install_db_system_password|d(sap_hana_install_master_password) }}' ++sap_swpm_db_systemdb_password: '{{ sap_hana_install_db_system_password|d(sap_hana_install_master_password) }}' ++sap_swpm_db_sidadm_password: '{{ sap_hana_install_sidadm_password|d(sap_hana_install_master_password) }}' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/vars/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/vars/main.yml +new file mode 100644 +index 0000000..b01f0a7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_install/vars/main.yml +@@ -0,0 +1,7 @@ ++--- ++ ++# SAP System IDs that are reserved and must not be used ++# Reference: SAP Note 1979280 ++__sap_hana_install_sid_prohibited: ['ADD', 'ADM', 'ALL', 'AMD', 'AND', 'ANY', 'ARE', 'ASC', 'AUX', 'AVG', 'BIN', 'BIT', 'CDC', 'COM', 'CON', 'DAA', 'DBA', 'DBM', 'DBO', 'DTD', 'ECO', 'END', 'EPS', 'EXE', 'FOR', 'GET', 'GID', 'IBM', 'INT', 'KEY', 'LIB', 'LOG', 'LPT', 'MAP', 'MAX', 'MEM', 'MIG', 'MIN', 'MON', 'NET', 'NIX', 'NOT', 'NUL', 'OFF', 'OLD', 'OMS', 'OUT', 'PAD', 'PRN', 'RAW', 'REF', 'ROW', 'SAP', 'SET', 'SGA', 'SHG', 'SID', 'SQL', 'SUM', 'SYS', 'TMP', 'TOP', 'TRC', 'UID', 'USE', 'USR', 'VAR'] ++ ++__sap_hana_install_fact_tmp_dirname: '' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/.ansible-lint b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/.ansible-lint +new file mode 100644 +index 0000000..32a8b58 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/.ansible-lint +@@ -0,0 +1,16 @@ ++--- ++exclude_paths: ++ - tests/sap_hana_preconfigure/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/README.md b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/README.md +new file mode 100644 +index 0000000..1830c32 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/README.md +@@ -0,0 +1,514 @@ ++# sap_hana_preconfigure Ansible Role ++ ++This role installs additional required packages and performs additional configuration steps for installing and running SAP HANA. ++If you want to configure a RHEL system for the installation and later usage of SAP HANA, you have to first run role sap_general_preconfigure ++and then role sap_hana_preconfigure. However, if we wish to run SLES for HANA, you may run only this role. ++ ++## Support Status ++ ++The support status of this role is: "Fully supported for RHEL managed nodes" ++ ++## Requirements ++ ++The role requires additional collections which are specified in `meta/collection-requirements.yml`. Before using this role, ++make sure that the required collections are installed, for example by using the following command: ++ ++`ansible-galaxy install -vv -r meta/collection-requirements.yml` ++ ++To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). ++ ++It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP HANA, to maintain an identical system time, before or after running role sap_hana_preconfigure. ++ ++Managed nodes need to be properly registered to a repository source and have at least the following Red Hat repositories accessible (see also example playbook): ++ ++for RHEL 7.x: ++- rhel-7-[server|for-power-le]-e4s-rpms ++- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms ++ ++for RHEL 8.x: ++- rhel-8-for-[x86_64|ppc64le]-baseos-e4s-rpms ++- rhel-8-for-[x86_64|ppc64le]-appstream-e4s-rpms ++- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms ++ ++for RHEL 9.x: ++- rhel-9-for-[x86_64|ppc64le]-baseos-e4s-rpms ++- rhel-9-for-[x86_64|ppc64le]-appstream-e4s-rpms ++- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms ++ ++for SLES 15.x: ++- SLE-Module-SAP-Applications15-[SP number]-Pool ++- SLE-Module-SAP-Applications15-[SP number]-Updates ++- SLE-Product-SLES_SAP15-[SP number]-Pool ++- SLE-Product-SLES_SAP15-[SP number]-Updates ++ ++For details on configuring Red Hat, see the knowledge base article: [How to subscribe SAP HANA systems to the Update Services for SAP Solutions](https://access.redhat.com/solutions/3075991)). If you set role parameter sap_hana_preconfigure_enable_sap_hana_repos to `yes`, the role can enable these repos. ++ ++To install HANA on Red Hat Enterprise Linux 7, 8, or 9, you need some additional packages which are contained in the ++- rhel-sap-hana-for-rhel-7-[server|for-power-le]-e4s-rpms, ++- rhel-8-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms, or ++- rhel-9-for-[x86_64|ppc64le]-sap-solutions-e4s-rpms ++ ++repository. ++ ++To get this repository you need to have one of the following products: ++ ++- [RHEL for SAP Solutions](https://access.redhat.com/solutions/3082481) (premium, standard) ++- RHEL for Business Partner NFRs ++- [RHEL Developer Subscription](https://developers.redhat.com/products/sap/download/) ++ ++To get a personal developer edition of RHEL for SAP solutions, please register as a developer and download the developer edition. ++ ++- [Registration Link](http://developers.redhat.com/register) : ++ Here you can either register a new personal account or link it to an already existing ++ **personal** Red Hat Network account. ++- [Download Link](https://access.redhat.com/downloads/content/69/ver=/rhel---7/7.2/x86_64/product-software): ++ Here you can download the Installation DVD for RHEL with your previously registered ++ account ++ ++*NOTE:* This is a regular RHEL installation DVD as RHEL for SAP Solutions is no additional ++ product but only a special bundling. The subscription grants you access to the additional ++ packages through our content delivery network (CDN) after installation. ++ ++For supported RHEL releases [click here](https://access.redhat.com/solutions/2479121). ++ ++Details on configuring SLES repositories can be found on the following articles for [on-premise systems](https://www.suse.com/support/kb/doc/?id=000018564) or [BYOS cloud images](https://www.suse.com/c/byos-instances-and-the-suse-public-cloud-update-infrastructure/) ++ ++ ++It is also important that your disks are setup according to the [SAP storage requirements for SAP HANA](https://www.sap.com/documents/2015/03/74cdb554-5a7c-0010-8F2c7-eda71af511fa.html). This [BLOG](https://blogs.sap.com/2017/03/07/the-ultimate-guide-to-effective-sizing-of-sap-hana/) is also quite helpful when sizing HANA systems. ++You can use the [storage](https://galaxy.ansible.com/linux-system-roles/storage) role to automate this process ++ ++If you want to use this system in production, make sure that the time service is configured correctly. You can use [rhel-system-roles](https://access.redhat.com/articles/3050101) to automate this. ++ ++Note ++---- ++For finding out which SAP notes will be used by this role for Red Hat systems, please check the contents of variable `__sap_hana_preconfigure_sapnotes` in files `vars/*.yml` (choose the file which matches your OS distribution and version). ++ ++For SLES, notes are applied using the saptune service. Saptune supports a number of solutions. A solution implements several SAP notes. The default solution for this role is 'HANA'. To see a list of supported solutions and the notes that they implement, you can run `saptune solution list` on the command line. ++ ++Do not run this role against an SAP HANA or other production system. The role will enforce a certain configuration on the managed node(s), which might not be intended. ++ ++Changes ++------- ++1) Previous versions of this role used the variable sap_hana_preconfigure_use_tuned_where_possible to switch between either tuned settings ++or kernel command line settings (where applicable). ++The current version modifies this behavior: ++- The variable sap_hana_preconfigure_use_tuned_where_possible has been renamed to sap_hana_preconfigure_use_tuned ++- The variable sap_hana_preconfigure_switch_to_tuned_profile_sap_hana has been removed. ++- If sap_hana_preconfigure_use_tuned is set to `yes`, which is also the default, the role will configure the system for using tuned and also switch to tuned profile sap-hana. ++ If sap_hana_preconfigure_use_tuned is set to `no`, the role will perform a static configuration, including the modification of the linux command line in grub. ++- The role can use tuned, or configure the kernel command line, or both. ++ ++2) Previous versions of this role used variable sap_hana_preconfigure_selinux_state to set the SELinux state to disabled. ++As the role sap_general_preconfigure already allows to specify the desired SELinux state, and as sap_general_preconfigure ++is always run before sap_hana_preconfigure, there is no need any more to let sap_hana_preconfigure configure the SELinux state. ++The same applies to the assertion of the SELinux state. ++ ++3) SLES systems are now configured using saptune rather than the ansible implementation of the notes. ++ ++ ++## Role Input Parameters ++ ++#### Minimum required parameters: ++ ++This role does not require any parameter to be set in the playbook or inventory. ++ ++ ++### sap_hana_preconfigure_config_all ++- _Type:_ `bool` ++ ++If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
++Default is to perform installation and configuration steps.
++ ++### sap_hana_preconfigure_installation ++- _Type:_ `bool` ++ ++If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++installation steps of SAP notes.
++ ++### sap_hana_preconfigure_configuration ++- _Type:_ `bool` ++ ++If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`.
++ ++Example: ++ ++```yaml ++sap_hana_preconfigure_config_all: false ++sap_hana_preconfigure_configuration: true ++sap_hana_preconfigure_2772999_04: true ++sap_hana_preconfigure_2382421: true ++``` ++ ++### sap_hana_preconfigure_assert ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If set to `true`, the role will run in assertion mode instead of the default configuration mode.
++ ++### sap_hana_preconfigure_assert_all_config ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++In assertion mode, the role will check either tuned or static settings.
++If this parameter is set to to `true`, the role will check both tuned and static settings.
++ ++### sap_hana_preconfigure_assert_ignore_errors ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++In assertion mode, the role will abort when encountering any assertion error.
++If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
++This is useful if the role is used for reporting a system's SAP notes compliance.
++ ++### sap_hana_preconfigure_system_roles_collection ++- _Type:_ `str` ++- _Default:_ `'fedora.linux_system_roles'` ++- _Possible Values:_
++ - `fedora.linux_system_roles` ++ - `redhat.rhel_system_roles` ++ ++Set which Ansible Collection to use for the Linux System Roles.
++For community/upstream, use 'fedora.linux_system_roles'
++For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles'
++ ++### sap_hana_preconfigure_min_rhel_release_check ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of
++known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if
++the RHEL release is not part of that list. If set to `true`, the role will fail in such a case.
++ ++### sap_hana_preconfigure_supported_rhel_minor_releases ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA supported RHEL minor releases.
++ ++### sap_hana_preconfigure_enable_sap_hana_repos ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to 'true' to enable the SAP HANA required RHEL repos.
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_7_x86_64 ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_7_ppc64le ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_8_x86_64 ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_8_ppc64le ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_9_x86_64 ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_req_repos_redhat_9_ppc64le ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le'
++This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose.
++The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`.
++ ++### sap_hana_preconfigure_set_minor_release ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Use this parameter to set the RHEL minor release, which is required for SAP HANA.
++The related parameter is `sap_general_preconfigure_set_minor_release`.
++ ++### sap_hana_preconfigure_create_directories ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set to `false` if you do not want the SAP HANA directories to be created by the role.
++The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels`
++(see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set.
++ ++### sap_hana_preconfigure_hana_directories ++- _Type:_ `list` with elements of type `str` ++- _Default:_ ++ - /hana ++ - /lss/shared ++ ++List of SAP HANA directories to be created.
++ ++### sap_hana_preconfigure_modify_selinux_labels ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add
++the `usr_t` label to directories and files in the directories where HANA is installed.
++If relabeling not desired, set this parameter `false`.
++If the variable is set to `true`, the SAP HANA directories will be created no matter
++how the variable `sap_hana_preconfigure_create_directories` (see above) is set.
++ ++### sap_hana_preconfigure_packages ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list
++or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`).
++ ++### sap_hana_preconfigure_min_package_check ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
++Set this parameter to `false` if you want to ignore these requirements.
++ ++### sap_hana_preconfigure_update ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set this parameter to `true` to update the system to the latest package levels.
++By setting the parameter `sap_general_preconfigure_set_minor_release` of the
++role `sap_general_preconfigure` to `true`, you can install the most recent package updates
++without updating to a more recent RHEL minor release.
++ ++### sap_hana_preconfigure_reboot_ok ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` if you want to perform a reboot at the end of the role, if necessary.
++ ++### sap_hana_preconfigure_fail_if_reboot_required ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not
++remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior.
++Can be useful if you want to implement your own reboot handling.
++ ++### sap_hana_preconfigure_kernel_parameters ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Network related linux kernel parameter settings for SAP HANA on all hardware platforms.
++ ++### sap_hana_preconfigure_kernel_parameters_ppc64le ++- _Type:_ `list` with elements of type `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++Network related linux kernel parameter settings for platform ppc64le.
++ ++### sap_hana_preconfigure_use_netapp_settings_nfs ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set to `true` to also set NetApp NFS required kernel parameters.
++ ++### sap_hana_preconfigure_use_netapp_settings_nfsv3 ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If `sap_hana_preconfigure_use_netapp_settings_nfs` is set to `true` and NFS Version 3 is to be used,
++this parameter must be set to `true` as well.
++ ++### sap_hana_preconfigure_install_ibm_power_tools ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set this parameter to `false` to not install the IBM Power Systems service and productivity tools.
++ ++### sap_hana_preconfigure_add_ibm_power_repo ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages
++are already available on the local network). The IBM Power Systems service and productivity tools will only
++be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default.
++ ++### sap_hana_preconfigure_ibm_power_repo_url ++- _Type:_ `str` ++- _Default:_ (set by platform/environment specific variables) ++ ++URL of the IBM Power tools repository.
++ ++### sap_hana_preconfigure_ppcle_mtu9000_if ++- _Type:_ `str` ++- _Default:_ `''` ++ ++List of interfaces for which the MTU size will be set to `9000`.
++ ++### sap_hana_preconfigure_ppcle_tso_if ++- _Type:_ `list` with elements of type `str` ++- _Default:_ ++ '{{ ansible_interfaces | difference([''lo'']) }}' ++ ++List of interfaces for which the tso flag will be set.
++ ++### sap_hana_preconfigure_use_tuned ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++Use tuned for configuring most of the kernel settings for SAP HANA
++Set this parameter to `false` to use static kernel settings
++ ++### sap_hana_preconfigure_tuned_profile ++- _Type:_ `str` ++- _Default:_ `'sap-hana'` ++ ++Name of the SAP HANA tuned tuned profile to enable (RHEL).
++ ++### sap_hana_preconfigure_modify_grub_cmdline_linux ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set this parameter to `true` to modify the Grub boot command line.
++ ++### sap_hana_preconfigure_run_grub2_mkconfig ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary.
++Set this parameter to `false` if this is not desired.
++ ++### sap_hana_preconfigure_db_group_name ++- _Type:_ `str` ++ ++Use this parameter to specify the name of the RHEL group which is used for the database processes.
++It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999.
++ ++Example: ++ ++```yaml ++sap_hana_preconfigure_db_group_name: dba ++``` ++ ++### sap_hana_preconfigure_saptune_version ++- _Type:_ `str` ++- _Default:_ `'3.0.2'` ++ ++Version of saptune to install (SLES for SAP Applications).
++This will replace the current installed version if present, even downgrade if necessary.
++ ++### sap_hana_preconfigure_saptune_solution ++- _Type:_ `str` ++- _Default:_ `'HANA'` ++- _Possible Values:_
++ - `HANA` ++ - `NETWEAVER+HANA` ++ - `S4HANA-APP+DB` ++ - `S4HANA-DBSERVER` ++ ++The saptune solution to apply (SLES for SAP Applications).
++ ++### sap_hana_preconfigure_saptune_azure ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications).
++Set this parameter to `true` on Azure.
++ ++ ++ ++## Example Playbook ++ ++Simple playbook, named sap+hana.yml: ++```yaml ++--- ++- hosts: all ++ roles: ++ - role: sap_general_preconfigure ++ - role: sap_hana_preconfigure ++``` ++ ++Simple playbook for an extended check (assert) run, named sap+hana-assert.yml: ++```yaml ++--- ++- hosts: all ++ vars: ++ sap_general_preconfigure_assert: yes ++ sap_general_preconfigure_assert_ignore_errors: yes ++ sap_hana_preconfigure_assert: yes ++ sap_hana_preconfigure_assert_ignore_errors: yes ++ roles: ++ - role: sap_general_preconfigure ++ - role: sap_hana_preconfigure ++``` ++ ++## Example Usage ++ ++Normal run, for configuring server host_1 for SAP HANA: ++```yaml ++ansible-playbook sap+hana.yml -l host_1 ++``` ++ ++Extended Check (assert) run, not aborting if an error has been found: ++```yaml ++ansible-playbook sap+hana-assert.yml -l host_1 ++``` ++ ++Same as above, with a nice compact and colored output, this time for two hosts: ++```yaml ++ansible-playbook sap+hana-assert.yml -l host_1,host_2 | ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033[30m[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033[30m[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' ++``` ++Note: For terminals with dark background, replace the color code `30m` by `37m`. ++In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: ++```yaml ++printf "\033[37mreadable font\n" ++``` ++In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: ++```yaml ++printf "\033[30mreadable font\n" ++``` ++ ++## Contribution ++ ++Please read the [developer guidelines](./README.DEV.md) if you want to contribute ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/defaults/main.yml +new file mode 100644 +index 0000000..c807f01 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/defaults/main.yml +@@ -0,0 +1,186 @@ ++--- ++# BEGIN: Default Variables for sap_hana_preconfigure ++ ++# sap_hana_preconfigure_config_all: (not defined by default) ++# If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes. ++# Default is to perform installation and configuration steps. ++ ++# sap_hana_preconfigure_installation: (not defined by default) ++# If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++# installation steps of SAP notes. ++ ++# sap_hana_preconfigure_configuration: (not defined by default) ++# If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++# configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`. ++# Example: See README.md ++ ++sap_hana_preconfigure_assert: false ++# If set to `true`, the role will run in assertion mode instead of the default configuration mode. ++ ++sap_hana_preconfigure_assert_all_config: false ++# In assertion mode, the role will check either tuned or static settings. ++# If this parameter is set to to `true`, the role will check both tuned and static settings. ++ ++sap_hana_preconfigure_assert_ignore_errors: false ++# In assertion mode, the role will abort when encountering any assertion error. ++# If this parameter is set to `false`, the role will *not* abort when encountering an assertion error. ++# This is useful if the role is used for reporting a system's SAP notes compliance. ++ ++sap_hana_preconfigure_system_roles_collection: 'redhat.rhel_system_roles' ++# Set which Ansible Collection to use for the Linux System Roles. ++# For community/upstream, use 'fedora.linux_system_roles' ++# For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles' ++# Possible Values: ++# - fedora.linux_system_roles ++# - redhat.rhel_system_roles ++ ++sap_hana_preconfigure_min_rhel_release_check: false ++# Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of ++# known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if ++# the RHEL release is not part of that list. If set to `true`, the role will fail in such a case. ++ ++sap_hana_preconfigure_supported_rhel_minor_releases: "{{ __sap_hana_preconfigure_supported_rhel_minor_releases }}" ++# Use this parameter to set your own list of SAP HANA supported RHEL minor releases. ++ ++sap_hana_preconfigure_enable_sap_hana_repos: false ++# Set to 'true' to enable the SAP HANA required RHEL repos. ++# This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++# The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`. ++ ++sap_hana_preconfigure_req_repos_redhat_7_x86_64: "{{ __sap_hana_preconfigure_req_repos_redhat_7_x86_64 }}" ++# Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64' ++# This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++# The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ ++sap_hana_preconfigure_req_repos_redhat_7_ppc64le: "{{ __sap_hana_preconfigure_req_repos_redhat_7_ppc64le }}" ++# Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le' ++# This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++# The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ ++sap_hana_preconfigure_req_repos_redhat_8_x86_64: "{{ __sap_hana_preconfigure_req_repos_redhat_8_x86_64 }}" ++# Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64' ++# This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++# The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ ++sap_hana_preconfigure_req_repos_redhat_8_ppc64le: "{{ __sap_hana_preconfigure_req_repos_redhat_8_ppc64le }}" ++# Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le' ++# This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++# The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ ++sap_hana_preconfigure_req_repos_redhat_9_x86_64: "{{ __sap_hana_preconfigure_req_repos_redhat_9_x86_64 }}" ++# Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64' ++# This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++# The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ ++sap_hana_preconfigure_req_repos_redhat_9_ppc64le: "{{ __sap_hana_preconfigure_req_repos_redhat_9_ppc64le }}" ++# Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le' ++# This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++# The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ ++sap_hana_preconfigure_set_minor_release: false ++# Use this parameter to set the RHEL minor release, which is required for SAP HANA. ++# The related parameter is `sap_general_preconfigure_set_minor_release`. ++ ++sap_hana_preconfigure_create_directories: true ++# Set to `false` if you do not want the SAP HANA directories to be created by the role. ++# The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels` ++# (see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set. ++ ++sap_hana_preconfigure_hana_directories: ++ - /hana ++ - /lss/shared ++# List of SAP HANA directories to be created. ++ ++sap_hana_preconfigure_modify_selinux_labels: true ++# For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add ++# the `usr_t` label to directories and files in the directories where HANA is installed. ++# If relabeling not desired, set this parameter `false`. ++# If the variable is set to `true`, the SAP HANA directories will be created no matter ++# how the variable `sap_hana_preconfigure_create_directories` (see above) is set. ++ ++sap_hana_preconfigure_packages: "{{ __sap_hana_preconfigure_packages }}" ++# List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list ++# or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`). ++ ++sap_hana_preconfigure_min_package_check: true ++# SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581. ++# Set this parameter to `false` if you want to ignore these requirements. ++ ++sap_hana_preconfigure_update: false ++# Set this parameter to `true` to update the system to the latest package levels. ++# By setting the parameter `sap_general_preconfigure_set_minor_release` of the ++# role `sap_general_preconfigure` to `true`, you can install the most recent package updates ++# without updating to a more recent RHEL minor release. ++ ++sap_hana_preconfigure_reboot_ok: false ++# Set to `true` if you want to perform a reboot at the end of the role, if necessary. ++ ++sap_hana_preconfigure_fail_if_reboot_required: true ++# If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not ++# remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior. ++# Can be useful if you want to implement your own reboot handling. ++ ++sap_hana_preconfigure_kernel_parameters: "{{ __sap_hana_preconfigure_kernel_parameters_default }}" ++# Network related linux kernel parameter settings for SAP HANA on all hardware platforms. ++ ++sap_hana_preconfigure_kernel_parameters_ppc64le: "{{ __sap_hana_preconfigure_kernel_parameters_default_ppc64le }}" ++# Network related linux kernel parameter settings for platform ppc64le. ++ ++sap_hana_preconfigure_use_netapp_settings_nfs: false ++# Set to `true` to also set NetApp NFS required kernel parameters. ++ ++sap_hana_preconfigure_use_netapp_settings_nfsv3: false ++# If `sap_hana_preconfigure_use_netapp_settings_nfs` is set to `true` and NFS Version 3 is to be used, ++# this parameter must be set to `true` as well. ++ ++sap_hana_preconfigure_install_ibm_power_tools: true ++# Set this parameter to `false` to not install the IBM Power Systems service and productivity tools. ++ ++sap_hana_preconfigure_add_ibm_power_repo: true ++# Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages ++# are already available on the local network). The IBM Power Systems service and productivity tools will only ++# be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default. ++ ++sap_hana_preconfigure_ibm_power_repo_url: "{{ __sap_hana_preconfigure_ibm_power_repo_url }}" ++# URL of the IBM Power tools repository. ++ ++sap_hana_preconfigure_ppcle_mtu9000_if: '' ++# List of interfaces for which the MTU size will be set to `9000`. ++ ++sap_hana_preconfigure_ppcle_tso_if: "{{ ansible_interfaces | difference(['lo']) }}" ++# List of interfaces for which the tso flag will be set. ++ ++sap_hana_preconfigure_use_tuned: true ++# Use tuned for configuring most of the kernel settings for SAP HANA ++# Set this parameter to `false` to use static kernel settings ++ ++sap_hana_preconfigure_tuned_profile: 'sap-hana' ++# Name of the SAP HANA tuned tuned profile to enable (RHEL). ++ ++sap_hana_preconfigure_modify_grub_cmdline_linux: false ++# Set this parameter to `true` to modify the Grub boot command line. ++ ++sap_hana_preconfigure_run_grub2_mkconfig: true ++# By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary. ++# Set this parameter to `false` if this is not desired. ++ ++# sap_hana_preconfigure_db_group_name: (not defined by default) ++# Use this parameter to specify the name of the RHEL group which is used for the database processes. ++# It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999. ++# Example: See README.md ++ ++sap_hana_preconfigure_saptune_version: '3.0.2' ++# Version of saptune to install (SLES for SAP Applications). ++# This will replace the current installed version if present, even downgrade if necessary. ++ ++sap_hana_preconfigure_saptune_solution: 'HANA' ++# The saptune solution to apply (SLES for SAP Applications). ++# Possible Values: ++# - HANA ++# - NETWEAVER+HANA ++# - S4HANA-APP+DB ++# - S4HANA-DBSERVER ++ ++sap_hana_preconfigure_saptune_azure: false ++# On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications). ++# Set this parameter to `true` on Azure. +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/files/etc/tuned/sap-hana-ppc64le/tuned.conf b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/files/etc/tuned/sap-hana-ppc64le/tuned.conf +new file mode 100644 +index 0000000..490f5d7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/files/etc/tuned/sap-hana-ppc64le/tuned.conf +@@ -0,0 +1,7 @@ ++[main] ++summary=Adjustments for SAP HANA on RHEL 8.0 on ppc64le ++[sysctl] ++kernel.sched_min_granularity_ns=3000000 ++kernel.sched_wakeup_granularity_ns=4000000 ++[disk] ++replace=true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/handlers/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/handlers/main.yml +new file mode 100644 +index 0000000..5dea0c4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/handlers/main.yml +@@ -0,0 +1,97 @@ ++--- ++ ++- name: "Check if server is booted in BIOS or UEFI mode" ++ ansible.builtin.stat: ++ path: /sys/firmware/efi ++ get_checksum: false ++ register: __sap_hana_preconfigure_register_stat_sys_firmware_efi ++ listen: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - sap_hana_preconfigure_run_grub2_mkconfig | d(true) ++ ++- name: Debug BIOS or UEFI ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ listen: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - sap_hana_preconfigure_run_grub2_mkconfig | d(true) ++ ++- name: "Run grub-mkconfig (BIOS mode)" ++ ansible.builtin.command: grub2-mkconfig -o /boot/grub2/grub.cfg ++ register: __sap_hana_preconfigure_register_grub2_mkconfig_bios_mode ++ changed_when: true ++ listen: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ notify: __sap_hana_preconfigure_reboot_handler ++ when: ++ - not __sap_hana_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_hana_preconfigure_run_grub2_mkconfig | d(true) ++ ++- name: "Debug grub-mkconfig BIOS mode" ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_grub2_mkconfig_bios_mode.stdout_lines, __sap_hana_preconfigure_register_grub2_mkconfig_bios_mode.stderr_lines ++ listen: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - not __sap_hana_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_hana_preconfigure_run_grub2_mkconfig | d(true) ++ ++- name: "Set the grub.cfg location RHEL" ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_uefi_boot_dir: /boot/efi/EFI/redhat/grub.cfg ++ listen: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - ansible_distribution == 'RedHat' ++ ++- name: "Set the grub.cfg location SLES" ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_uefi_boot_dir: /boot/efi/EFI/BOOT/grub.cfg ++ listen: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - ansible_distribution == 'SLES' or ansible_distribution == 'SLES_SAP' ++ ++- name: "Run grub-mkconfig (UEFI mode)" ++ ansible.builtin.command: "grub2-mkconfig -o {{ __sap_hana_preconfigure_uefi_boot_dir }}" ++ register: __sap_hana_preconfigure_register_grub2_mkconfig_uefi_mode ++ changed_when: true ++ listen: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ notify: __sap_hana_preconfigure_reboot_handler ++ when: ++ - __sap_hana_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_hana_preconfigure_run_grub2_mkconfig | d(true) ++ ++- name: "Debug grub-mkconfig UEFI" ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_grub2_mkconfig_uefi_mode.stdout_lines, __sap_hana_preconfigure_register_grub2_mkconfig_uefi_mode.stderr_lines ++ listen: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - __sap_hana_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_hana_preconfigure_run_grub2_mkconfig | d(true) ++ ++- name: "Run grubby for enabling TSX" ++ ansible.builtin.command: grubby --args="tsx=on" --update-kernel=ALL ++ register: __sap_hana_preconfigure_register_grubby_update ++ changed_when: true ++ listen: __sap_hana_preconfigure_grubby_update_handler ++ notify: __sap_hana_preconfigure_reboot_handler ++ ++- name: Reboot the managed node ++ ansible.builtin.reboot: ++ test_command: /bin/true ++ listen: __sap_hana_preconfigure_reboot_handler ++ when: ++ - sap_hana_preconfigure_reboot_ok | d(false) ++ ++- name: Let the role fail if a reboot is required ++ ansible.builtin.fail: ++ msg: Reboot is required! ++ listen: __sap_hana_preconfigure_reboot_handler ++ when: ++ - sap_hana_preconfigure_fail_if_reboot_required | d(true) ++ - not sap_hana_preconfigure_reboot_ok | d(false) ++ ++- name: Show a warning message if a reboot is required ++ ansible.builtin.debug: ++ msg: "WARN: Reboot is required!" ++ listen: __sap_hana_preconfigure_reboot_handler ++ when: ++ - not sap_hana_preconfigure_fail_if_reboot_required | d(true) ++ - not sap_hana_preconfigure_reboot_ok | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/argument_specs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/argument_specs.yml +new file mode 100644 +index 0000000..c1b59e3 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/argument_specs.yml +@@ -0,0 +1,386 @@ ++--- ++# Requires: ansible 2.11 ++# Argument specifications in this separate file maintain backwards compatibility. ++argument_specs: ++ ++ main: ++ short_description: Variables for SAP HANA preconfiguration ++ options: ++ ++# sap_hana_preconfigure_... ++# default: ++# description: ++# - ++# example: ++# ++# required: false ++# type: ++# options: # additional options for lists and dicts ++# : ++# description: ++# ... ++ ++ sap_hana_preconfigure_config_all: ++ description: ++ - If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes. ++ - Default is to perform installation and configuration steps. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_installation: ++ description: ++ - If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++ - installation steps of SAP notes. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_configuration: ++ description: ++ - If `sap_hana_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++ - configuration steps of SAP notes for which the corresponding SAP notes parameters have been set to `true`. ++ example: ++ sap_hana_preconfigure_config_all: false ++ sap_hana_preconfigure_configuration: true ++ sap_hana_preconfigure_2772999_04: true ++ sap_hana_preconfigure_2382421: true ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_assert: ++ default: false ++ description: ++ - If set to `true`, the role will run in assertion mode instead of the default configuration mode. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_assert_all_config: ++ default: false ++ description: ++ - In assertion mode, the role will check either tuned or static settings. ++ - If this parameter is set to to `true`, the role will check both tuned and static settings. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_assert_ignore_errors: ++ default: false ++ description: ++ - In assertion mode, the role will abort when encountering any assertion error. ++ - If this parameter is set to `false`, the role will *not* abort when encountering an assertion error. ++ - This is useful if the role is used for reporting a system's SAP notes compliance. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_system_roles_collection: ++ default: 'fedora.linux_system_roles' ++ description: ++ - Set which Ansible Collection to use for the Linux System Roles. ++ - For community/upstream, use 'fedora.linux_system_roles' ++ - For the RHEL System Roles for SAP, or for Red Hat Automation Hub, use 'redhat.rhel_system_roles' ++ choices: ++ - 'fedora.linux_system_roles' ++ - 'redhat.rhel_system_roles' ++ required: false ++ type: str ++ ++ sap_hana_preconfigure_min_rhel_release_check: ++ default: false ++ description: ++ - Check the RHEL release against parameter `sap_hana_preconfigure_supported_rhel_minor_releases`, which is a list of ++ - known SAP HANA supported RHEL minor releases. By default, the role will display a message and continue running if ++ - the RHEL release is not part of that list. If set to `true`, the role will fail in such a case. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_supported_rhel_minor_releases: ++ default: "{{ __sap_hana_preconfigure_supported_rhel_minor_releases }}" ++ description: ++ - Use this parameter to set your own list of SAP HANA supported RHEL minor releases. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_enable_sap_hana_repos: ++ default: false ++ description: ++ - Set to 'true' to enable the SAP HANA required RHEL repos. ++ - This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++ - The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_use_hana_repos`. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_req_repos_redhat_7_x86_64: ++ default: "{{ __sap_hana_preconfigure_req_repos_redhat_7_x86_64 }}" ++ description: ++ - Use this parameter to set your own list of SAP HANA required RHEL 7 repos on x86_64' ++ - This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++ - The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_req_repos_redhat_7_ppc64le: ++ default: "{{ __sap_hana_preconfigure_req_repos_redhat_7_ppc64le }}" ++ description: ++ - Use this parameter to set your own list of SAP HANA required RHEL 7 repos on ppc64le' ++ - This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++ - The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_req_repos_redhat_8_x86_64: ++ default: "{{ __sap_hana_preconfigure_req_repos_redhat_8_x86_64 }}" ++ description: ++ - Use this parameter to set your own list of SAP HANA required RHEL 8 repos on x86_64' ++ - This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++ - The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_req_repos_redhat_8_ppc64le: ++ default: "{{ __sap_hana_preconfigure_req_repos_redhat_8_ppc64le }}" ++ description: ++ - Use this parameter to set your own list of SAP HANA required RHEL 8 repos on ppc64le' ++ - This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++ - The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_req_repos_redhat_9_x86_64: ++ default: "{{ __sap_hana_preconfigure_req_repos_redhat_9_x86_64 }}" ++ description: ++ - Use this parameter to set your own list of SAP HANA required RHEL 9 repos on x86_64' ++ - This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++ - The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_req_repos_redhat_9_ppc64le: ++ default: "{{ __sap_hana_preconfigure_req_repos_redhat_9_ppc64le }}" ++ description: ++ - Use this parameter to set your own list of SAP HANA required RHEL 9 repos on ppc64le' ++ - This parameter is deprecated because the role sap_general_preconfigure can be used for this purpose. ++ - The related parameters are `sap_general_preconfigure_enable_repos` and `sap_general_preconfigure_req_repos`. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_set_minor_release: ++ default: false ++ description: ++ - Use this parameter to set the RHEL minor release, which is required for SAP HANA. ++ - The related parameter is `sap_general_preconfigure_set_minor_release`. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_create_directories: ++ default: true ++ description: ++ - Set to `false` if you do not want the SAP HANA directories to be created by the role. ++ - The SAP HANA directories will always be created if `sap_hana_preconfigure_modify_selinux_labels` ++ - (see below) is set to `true`, no matter how `sap_hana_preconfigure_create_directories` is set. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_hana_directories: ++ default: ++ - '/hana' ++ - '/lss/shared' ++ description: ++ - List of SAP HANA directories to be created. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_modify_selinux_labels: ++ default: true ++ description: ++ - For compatibility of SAP HANA with SELinux in enforcing mode, the role will recursively add ++ - the `usr_t` label to directories and files in the directories where HANA is installed. ++ - If relabeling not desired, set this parameter `false`. ++ - If the variable is set to `true`, the SAP HANA directories will be created no matter ++ - how the variable `sap_hana_preconfigure_create_directories` (see above) is set. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_packages: ++ default: "{{ __sap_hana_preconfigure_packages }}" ++ description: ++ - List of RHEL packages to be installed for SAP HANA. For RHEL 8 and later, you can choose to install either the default list ++ - or a list of the minimum required packages for SAP HANA server (parameter `__sap_hana_preconfigure_packages_min_install`). ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_min_package_check: ++ default: 'true' ++ description: ++ - SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581. ++ - Set this parameter to `false` if you want to ignore these requirements. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_update: ++ default: 'false' ++ description: ++ - Set this parameter to `true` to update the system to the latest package levels. ++ - By setting the parameter `sap_general_preconfigure_set_minor_release` of the ++ - role `sap_general_preconfigure` to `true`, you can install the most recent package updates ++ - without updating to a more recent RHEL minor release. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_reboot_ok: ++ default: false ++ description: ++ - Set to `true` if you want to perform a reboot at the end of the role, if necessary. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_fail_if_reboot_required: ++ default: true ++ description: ++ - If `sap_hana_preconfigure_reboot_ok` is set to `false`, which is the default, a reboot requirement should not ++ - remain unnoticed. For this reason, we let the role fail. Set this parameter to `false` to override this behavior. ++ - Can be useful if you want to implement your own reboot handling. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_kernel_parameters: ++ default: "{{ __sap_hana_preconfigure_kernel_parameters_default }}" ++ description: ++ - Network related linux kernel parameter settings for SAP HANA on all hardware platforms. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_kernel_parameters_ppc64le: ++ default: "{{ __sap_hana_preconfigure_kernel_parameters_default_ppc64le }}" ++ description: ++ - Network related linux kernel parameter settings for platform ppc64le. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_use_netapp_settings_nfs: ++ default: false ++ description: ++ - Set to `true` to also set NetApp NFS required kernel parameters. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_use_netapp_settings_nfsv3: ++ default: false ++ description: ++ - If `sap_hana_preconfigure_use_netapp_settings_nfs` is set to `true` and NFS Version 3 is to be used, ++ - this parameter must be set to `true` as well. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_install_ibm_power_tools: ++ default: true ++ description: ++ - Set this parameter to `false` to not install the IBM Power Systems service and productivity tools. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_add_ibm_power_repo: ++ default: true ++ description: ++ - Set this parameter to `false` if you do not want to add the IBM Power tools repository (e.g. because the packages ++ - are already available on the local network). The IBM Power Systems service and productivity tools will only ++ - be installed if the variable `sap_hana_preconfigure_install_ibm_power_tools` is set to `true`, which is the default. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_ibm_power_repo_url: ++ default: "{{ __sap_hana_preconfigure_ibm_power_repo_url }}" ++ description: ++ - URL of the IBM Power tools repository. ++ required: false ++ type: str ++ ++ sap_hana_preconfigure_ppcle_mtu9000_if: ++ default: '' ++ description: ++ - List of interfaces for which the MTU size will be set to `9000`. ++ required: false ++ type: str ++ ++ sap_hana_preconfigure_ppcle_tso_if: ++ default: "{{ ansible_interfaces | difference(['lo']) }}" ++ description: ++ - List of interfaces for which the tso flag will be set. ++ required: false ++ type: list ++ elements: str ++ ++ sap_hana_preconfigure_use_tuned: ++ default: true ++ description: ++ - Use tuned for configuring most of the kernel settings for SAP HANA ++ - Set this parameter to `false` to use static kernel settings ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_tuned_profile: ++ default: 'sap-hana' ++ description: ++ - Name of the SAP HANA tuned tuned profile to enable (RHEL). ++ required: false ++ type: str ++ ++ sap_hana_preconfigure_modify_grub_cmdline_linux: ++ default: false ++ description: ++ - Set this parameter to `true` to modify the Grub boot command line. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_run_grub2_mkconfig: ++ default: true ++ description: ++ - By default, the role will run `grub2-mkconfig` to update the Grub configuration if necessary. ++ - Set this parameter to `false` if this is not desired. ++ required: false ++ type: bool ++ ++ sap_hana_preconfigure_db_group_name: ++ description: ++ - Use this parameter to specify the name of the RHEL group which is used for the database processes. ++ - It will be used to configure process limits as per step "Configuring Process Resource Limits" of SAP note 2772999. ++ example: ++ sap_hana_preconfigure_db_group_name: 'dba' ++ required: false ++ type: str ++ ++ sap_hana_preconfigure_saptune_version: ++ default: '3.0.2' ++ description: ++ - Version of saptune to install (SLES for SAP Applications). ++ - This will replace the current installed version if present, even downgrade if necessary. ++ required: false ++ type: str ++ ++ sap_hana_preconfigure_saptune_solution: ++ default: HANA ++ description: ++ - The saptune solution to apply (SLES for SAP Applications). ++ choices: ++ - 'HANA' ++ - 'NETWEAVER+HANA' ++ - 'S4HANA-APP+DB' ++ - 'S4HANA-DBSERVER' ++ required: false ++ type: str ++ ++ sap_hana_preconfigure_saptune_azure: ++ default: false ++ description: ++ - On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications). ++ - Set this parameter to `true` on Azure. ++ required: false ++ type: bool +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/collection-requirements.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/collection-requirements.yml +new file mode 100644 +index 0000000..58177a7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/collection-requirements.yml +@@ -0,0 +1,4 @@ ++--- ++ ++collections: ++ - name: redhat.rhel_system_roles +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/main.yml +new file mode 100644 +index 0000000..0921f25 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/meta/main.yml +@@ -0,0 +1,15 @@ ++--- ++galaxy_info: ++ namespace: community ++ author: Red Hat for SAP Community of Practice, Markus Koch, Thomas Bludau, Bernd Finger, Than Ngo, Rainer Leber ++ description: Prepare Linux OS (RHEL, SLES) with specific configurations required for SAP HANA installation ++ company: Red Hat, Inc. ++ license: Apache-2.0 ++ min_ansible_version: 2.9 ++ platforms: ++ - name: EL ++ versions: [7, 8, 9] ++ - name: SLES ++ versions: [15SP3] ++ galaxy_tags: ['sap', 'hana', 'rhel', 'redhat', 'sles', 'suse'] ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/assert-configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/assert-configuration.yml +new file mode 100644 +index 0000000..c98be6d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/assert-configuration.yml +@@ -0,0 +1,14 @@ ++--- ++ ++- name: Assert - List required SAP Notes ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_sapnotes_versions | difference(['']) ++ ++- name: Gather service facts ++ ansible.builtin.service_facts: ++ ++- name: Assert - Include configuration actions for required sapnotes ++ ansible.builtin.include_tasks: "sapnote/assert-{{ sap_note_line_item.number }}.yml" ++ with_items: "{{ __sap_hana_preconfigure_sapnotes_versions | difference(['']) }}" ++ loop_control: ++ loop_var: sap_note_line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/assert-installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/assert-installation.yml +new file mode 100644 +index 0000000..21893e4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/assert-installation.yml +@@ -0,0 +1,238 @@ ++--- ++ ++- name: Assert that the system is running a RHEL release which is supported for SAP HANA ++ ansible.builtin.assert: ++ that: ansible_distribution_version in sap_hana_preconfigure_supported_rhel_minor_releases ++ fail_msg: ++ - "FAIL: The RHEL release '{{ ansible_distribution_version }}' may not (yet) be supported for SAP HANA. Please check SAP note 2235581!" ++ - "NOTE: If necessary, adapt role parameter `sap_hana_preconfigure_supported_rhel_minor_releases` accordingly." ++ success_msg: "PASS: The RHEL release {{ ansible_distribution_version }} is supported for SAP HANA." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: sap_hana_preconfigure_min_rhel_release_check ++ ++- name: Report if the RHEL release is supported for SAP HANA ++ ansible.builtin.assert: ++ that: ansible_distribution_version in sap_hana_preconfigure_supported_rhel_minor_releases ++ fail_msg: ++ - "WARN: The RHEL release '{{ ansible_distribution_version }}' may not (yet) be supported for SAP HANA. Please check SAP note 2235581!" ++ - "NOTE: If necessary, adapt role parameter `sap_hana_preconfigure_supported_rhel_minor_releases` accordingly." ++ success_msg: "INFO: The RHEL release {{ ansible_distribution_version }} is supported for SAP HANA." ++ ignore_errors: yes ++ when: not sap_hana_preconfigure_min_rhel_release_check ++ ++# repos required for SAP HANA on RHEL 7 and RHEL 8: ++- name: Fill the variable for the generic list of required repos ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_required_repos: "{{ lookup('vars', '__sap_hana_preconfigure_req_repos_redhat_' + ansible_distribution_version | string | replace(\".\", \"_\") + '_' + ansible_architecture | string) }}" ++ ++- name: Get info about enabled repos ++ ansible.builtin.shell: set -o pipefail && subscription-manager repos --list-enabled | awk '/Repo ID:/{print $NF}' ++ register: __sap_hana_preconfigure_register_enabled_repos_assert ++ changed_when: no ++ ++- name: Assert that all required repos are enabled ++ ansible.builtin.assert: ++ that: line_item in __sap_hana_preconfigure_register_enabled_repos_assert.stdout_lines ++ fail_msg: "FAIL: Repository '{{ line_item }}' is not enabled!" ++ success_msg: "PASS: Repository '{{ line_item }}' is enabled." ++ with_items: ++ - "{{ __sap_hana_preconfigure_required_repos }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Detect if and how the minor RHEL release is set ++ ansible.builtin.shell: set -o pipefail && subscription-manager release | awk 'NF==2{printf $NF}NF!=2{print}' ++ register: __sap_hana_preconfigure_register_subscription_manager_release_assert ++ changed_when: no ++ ignore_errors: yes ++ ++- name: Display the output of the subscription-manager release command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_subscription_manager_release_assert ++ ++- name: Assert that the RHEL release is locked correctly ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_subscription_manager_release_assert.stdout == ansible_distribution_version ++ fail_msg: "FAIL: The RHEL release lock status is '{{ __sap_hana_preconfigure_register_subscription_manager_release_assert.stdout }}' but the expected value is '{{ ansible_distribution_version }}'!" ++ success_msg: "PASS: The RHEL release is correctly locked to '{{ ansible_distribution_version }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: "ansible_distribution_version != '7.9'" ++ ++- name: Report that checking the release lock is not necessary if the system is on RHEL 7.9 ++ ansible.builtin.debug: ++ msg: "INFO: No need to check the release lock setting as the RHEL release {{ ansible_distribution_version }} is the last RHEL {{ ansible_distribution_major_version }} minor release" ++ when: "ansible_distribution_version == '7.9'" ++ ++- name: Assert that all required packages are installed ++ ansible.builtin.assert: ++ that: line_item in ansible_facts.packages ++ fail_msg: "FAIL: Package '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Package '{{ line_item }}' is installed." ++ with_items: ++ - "{{ sap_hana_preconfigure_packages }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++### If this task fails, you need to enable the IBM PowerTools repository ++### see https://www14.software.ibm.com/support/customercare/sas/f/lopdiags/home.html for details ++## ++### # yum -y install http://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm ++### # /opt/ibm/lop/configure ++### # yum -y install ibm-power-managed-rhel7 ++### ++# Reasons for noqa: ++# command-instead-of-module: I need to examine the output of the yum info command. ++# risky-shell-pipe: If a package is not installed, the shell command will fail. But I want the command to ++# succeed so that the awk command can examine the result. ++- name: Get install status of required IBM packages # noqa command-instead-of-module risky-shell-pipe ++ ansible.builtin.shell: | ++ yum info installed {{ __sap_hana_preconfigure_required_ppc64le | map('quote') | join(' ') }} | ++ awk '/Name/{n=$NF}/Version/{v=$NF}/Release/{r=$NF}/Description/{printf ("%s\n", n)}' ++ register: __sap_hana_preconfigure_register_required_ppc64le_packages_assert ++ changed_when: no ++ when: ansible_architecture == "ppc64le" ++ ++- name: Assert that all required IBM packages are installed ++ ansible.builtin.assert: ++ that: line_item in __sap_hana_preconfigure_register_required_ppc64le_packages_assert.stdout_lines ++ fail_msg: "FAIL: Package '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Package '{{ line_item }}' is installed." ++ with_items: ++ - "{{ __sap_hana_preconfigure_required_ppc64le }}" ++ loop_control: ++ loop_var: line_item ++ when: ansible_architecture == "ppc64le" ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Minimum required package version check ++ when: ++ - sap_hana_preconfigure_min_package_check | bool ++ - __sap_hana_preconfigure_min_pkgs | d([]) ++ - sap_hana_preconfigure_assert_ignore_errors | d(false) ++ block: ++ ++# Reason for noqa: We can safely fail at the last command in the pipeline. ++ - name: Assert - Create a list of minimum required package versions to be installed # noqa risky-shell-pipe ++# How does it work? ++# 1 - Print the required package name and version with a prefix "1" followed by a space. ++# 2 - In the same output sequence, list all installed versions of this package with a prefix "2" followed by a space. ++# 3 - Replace all occurrences of ".el" by ".0.0" so that the sort -V correctly sorts packages with ".el" in its name ++# 4 - Sort the list by the name and version. ++# 5 - Replace ".0.0" by ".el" again to get back the original names. ++# 6 - Store the last installed version of the package in variable latestpkg. ++# 7 - Store the last content of column 1 in variable col1, the last content of column 2 in variable col2, ++# and the last number of fields in variable _nf. ++# 8 - case 1: If the last number of output fields is greater than 2, it indicates that the package is not installed ++# because the output of "rpm -q" will be similar to "package XXX is not installed". ++# 8 - case 2a: If the first column of the last line of the output is "1", it means that the required package is ++# the latest of all required and installed versions of the package, so it means that the package needs ++# to be updated. ++# 8 - case 2b: If the first column of the last line of the output is "2", it means that at least of the installed ++# versions the package is equal to or greater than the required package version. ++ ansible.builtin.shell: | ++ (echo "1 {{ pkg[0] }}-{{ pkg[1] }}";rpm -q --qf "%{NAME}-%{VERSION}-%{RELEASE}\n" {{ pkg[0] }} | ++ awk '{printf ("2 %s\n", $0)}') | ++ awk '{gsub ("\\.el", ".0.0"); print}' | ++ sort -k 2 -k 1 -V | ++ awk '{gsub ("\\.0\\.0", ".el"); col1=$1; col2=$2; _nf=NF} ++ $1==2{latestpkg=$2} ++ END { ++ if (_nf>2) { ++ printf ("Package '\''{{ pkg[0] }}'\'' needs to be installed as {{ pkg[0] }}-{{ pkg[1] }}!\n") ++ } else { ++ if (col1==1) { ++ printf ("Package '\''{{ pkg[0] }}'\'' needs to be updated to %s! Currently installed latest version: %s.\n", $2, latestpkg) ++ } ++ if (col1==2) { ++ printf ("Package '\''{{ pkg[0] }}'\'' is already installed as {{ pkg[0] }}-{{ pkg[1] }} or later. Currently installed latest version: %s.\n", latestpkg) ++ } ++ } ++ }' ++ with_list: "{{ __sap_hana_preconfigure_min_pkgs }}" ++ loop_control: ++ loop_var: pkg ++ check_mode: no ++ register: __sap_hana_preconfigure_register_minpkglist_assert ++ changed_when: no ++ ++ - name: Assert that minimum required package versions are installed ++# If the output includes the string "is already installed" (case 2b), we have a PASS. Otherwise, it's a FAIL. ++ ansible.builtin.assert: ++ that: "'is already installed' in line_item.stdout" ++ fail_msg: "FAIL: {{ line_item.stdout }}" ++ success_msg: "PASS: {{ line_item.stdout }}" ++ with_items: "{{ __sap_hana_preconfigure_register_minpkglist_assert.results }}" ++ loop_control: ++ loop_var: line_item ++ label: "" ++ ignore_errors: yes ++ ++- name: Report if no minimum required package version is defined for this RHEL release ++ ansible.builtin.debug: ++ msg: "INFO: No minimum required package version defined (variable __sap_hana_preconfigure_min_pkgs)." ++ when: not __sap_hana_preconfigure_min_pkgs | d([]) ++ ++# Reason for noqa: The yum module appears to not support the check-update option ++- name: Get info about possible package updates # noqa command-instead-of-module ++ ansible.builtin.command: yum check-update ++ register: __sap_hana_preconfigure_register_yum_check_update_assert ++ changed_when: false ++ no_log: true ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: sap_hana_preconfigure_update ++ ++- name: Assert that there are no more possible package updates ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_yum_check_update_assert is success ++ fail_msg: "FAIL: System needs to be updated!" ++ success_msg: "PASS: There are no more outstanding package updates." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: sap_hana_preconfigure_update ++ ++- name: Report if checking for possible package updates is not requested ++ ansible.builtin.debug: ++ msg: "INFO: Not checking for possible package updates (variable sap_hana_preconfigure_update)." ++ when: not sap_hana_preconfigure_update ++ ++- name: "Assert - Set needs-restarting command in case of RHEL 7" ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_needs_restarting_command_assert: "needs-restarting -r" ++ when: ++ - ansible_os_family == 'RedHat' ++ - ansible_distribution_major_version == '7' ++ ++- name: "Assert - Set needs-restarting command in case of RHEL 8 or RHEL 9, except RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_needs_restarting_command_assert: "yum needs-restarting -r" ++ when: ++ - ansible_os_family == 'RedHat' ++ - (ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' ) ++ - ansible_distribution_version != '8.0' ++ ++- name: "Assert - Set customized needs-restarting command in case of RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_needs_restarting_command_assert: "_IKRNL=$(rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,\"\"); print $1}'); _CKRNL=$(uname -r); if [ ${_IKRNL} != ${_CKRNL} ]; then exit 1; else exit 0; fi" ++ when: ++ - ansible_os_family == 'RedHat' ++ - ansible_distribution_version == '8.0' ++ ++- name: Assert - Display the command for checking a reboot requirement ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_fact_needs_restarting_command_assert ++ ++# Reason for noqa: The command to be executed might contain pipes ++- name: Assert - Determine if system needs to be restarted # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_hana_preconfigure_fact_needs_restarting_command_assert }}" ++ register: __sap_hana_preconfigure_register_needs_restarting_assert ++ changed_when: false ++ check_mode: false ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that system needs no restart ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_needs_restarting_assert is success ++ fail_msg: "FAIL: System needs to be restarted!" ++ success_msg: "PASS: System needs no restart." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/configuration.yml +new file mode 100644 +index 0000000..9149283 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/configuration.yml +@@ -0,0 +1,40 @@ ++--- ++ ++- name: Configure - List required SAP Notes ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_sapnotes_versions | difference(['']) ++ ++- name: Configure - Set directory variables for setting SELinux file contexts ++ ansible.builtin.set_fact: ++ sap_hana_preconfigure_fact_targets_setypes: "{{ sap_hana_preconfigure_fact_targets_setypes | d([]) + [__sap_hana_preconfigure_tmp_dict_target_setype] }}" ++ loop: "{{ sap_hana_preconfigure_hana_directories }}" ++ loop_control: ++ loop_var: line_item ++ vars: ++ __sap_hana_preconfigure_tmp_dict_target_setype: ++ target: "{{ line_item }}(/.*)?" ++ setype: 'usr_t' ++ when: sap_hana_preconfigure_modify_selinux_labels ++ ++- name: Configure - Display directory variable ++ ansible.builtin.debug: ++ var: sap_hana_preconfigure_fact_targets_setypes ++ when: sap_hana_preconfigure_modify_selinux_labels ++ ++- name: Configure - Create directories ++ ansible.builtin.file: ++ path: "{{ line_item }}" ++ state: directory ++ mode: '0755' ++ owner: root ++ group: root ++ loop: "{{ sap_hana_preconfigure_hana_directories }}" ++ loop_control: ++ loop_var: line_item ++ when: sap_hana_preconfigure_create_directories or sap_hana_preconfigure_modify_selinux_labels ++ ++- name: Configure - Include configuration actions for required sapnotes ++ ansible.builtin.include_tasks: "sapnote/{{ sap_note_line_item.number }}.yml" ++ with_items: "{{ __sap_hana_preconfigure_sapnotes_versions | difference(['']) }}" ++ loop_control: ++ loop_var: sap_note_line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2055470-loop-block.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2055470-loop-block.yml +new file mode 100644 +index 0000000..dc46546 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2055470-loop-block.yml +@@ -0,0 +1,36 @@ ++--- ++ ++# loop block for sapnote/assert-2055470.yml ++ ++- name: 2055470 - Get {{ line_item.name }} from /etc/sysctl.d/ibm_largesend.conf ++ ansible.builtin.command: awk 'BEGIN{FS="="}/{{ line_item.name }}/{print $NF}' /etc/sysctl.d/ibm_largesend.conf ++ register: __sap_hana_preconfigure_register_sysctl_ibm_largesend_conf_parameter_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_stat_sysctl_ibm_largesend_conf_assert.stat.exists ++ ++# needed because line_item.value is not evaluated correctly in the that: statement ++- name: 2055470 - Set fact for line_item.value ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_sysctl_value_2055470: "{{ line_item.value }}" ++ ++- name: 2055470 - Assert that {{ line_item.name }} is set correctly in /etc/sysctl.d/ibm_largesend.conf ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_ibm_largesend_conf_parameter_assert.stdout == __sap_hana_preconfigure_sysctl_value_2055470 ++ fail_msg: "FAIL: The value of '{{ line_item.name }}' in /etc/sysctl.d/ibm_largesend.conf is '{{ __sap_hana_preconfigure_register_sysctl_ibm_largesend_conf_parameter_assert.stdout }}' but the expected value is 'line_item.value'!" ++ success_msg: "PASS: The value of '{{ line_item.name }}' in /etc/sysctl.d/ibm_largesend.conf is '{{ __sap_hana_preconfigure_register_sysctl_ibm_largesend_conf_parameter_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_sysctl_ibm_largesend_conf_assert.stat.exists ++ ++- name: 2055470 - Get {{ line_item.name }} from sysctl ++ ansible.builtin.shell: sysctl -n {{ line_item.name }} | awk '{gsub ("\t", " "); print}' ++ register: __sap_hana_preconfigure_register_sysctl_ibm_parameter_assert ++ changed_when: no ++ ignore_errors: yes ++ ++- name: 2055470 - Assert that {{ line_item.name }} is set correctly as per sysctl ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_ibm_parameter_assert.stdout == __sap_hana_preconfigure_sysctl_value_2055470 ++ fail_msg: "FAIL: The current value of '{{ line_item.name }}' as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_ibm_parameter_assert.stdout }}' but the expected value is '{{ line_item.value }}'!" ++ success_msg: "PASS: The current value of '{{ line_item.name }}' as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_ibm_parameter_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2382421-loop-block.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2382421-loop-block.yml +new file mode 100644 +index 0000000..43271e2 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2382421-loop-block.yml +@@ -0,0 +1,36 @@ ++--- ++ ++# loop block for sapnote/assert-2382421.yml ++ ++- name: 2382421 - Get {{ line_item.name }} from {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ ansible.builtin.command: awk 'BEGIN{FS="="}/{{ line_item.name }}/{print $NF}' {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ register: __sap_hana_preconfigure_register_sysctl_saphana_conf_network_parameter_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.exists ++ ++# needed because line_item.value is not evaluated correctly in the that: statement ++- name: 2382421 - Set fact for line_item.value ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_sysctl_value_2382421: "{{ line_item.value }}" ++ ++- name: 2382421 - Assert that {{ line_item.name }} is set correctly in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_saphana_conf_network_parameter_assert.stdout == __sap_hana_preconfigure_sysctl_value_2382421 ++ fail_msg: "FAIL: The value of '{{ line_item.name }}' in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is '{{ __sap_hana_preconfigure_register_sysctl_saphana_conf_network_parameter_assert.stdout }}' but the expected value is 'line_item.value'!" ++ success_msg: "PASS: The value of '{{ line_item.name }}' in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is '{{ __sap_hana_preconfigure_register_sysctl_saphana_conf_network_parameter_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.exists ++ ++- name: 2382421 - Get {{ line_item.name }} from sysctl ++ ansible.builtin.shell: sysctl -n {{ line_item.name }} | awk '{gsub ("\t", " "); print}' ++ register: __sap_hana_preconfigure_register_sysctl_network_parameter_assert ++ changed_when: no ++ ignore_errors: yes ++ ++- name: 2382421 - Assert that {{ line_item.name }} is set correctly as per sysctl ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_network_parameter_assert.stdout == __sap_hana_preconfigure_sysctl_value_2382421 ++ fail_msg: "FAIL: The current value of '{{ line_item.name }}' as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_network_parameter_assert.stdout }}' but the expected value is '{{ line_item.value }}'!" ++ success_msg: "PASS: The current value of '{{ line_item.name }}' as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_network_parameter_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2777782-01-loop-block.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2777782-01-loop-block.yml +new file mode 100644 +index 0000000..4e3e2dd +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-2777782-01-loop-block.yml +@@ -0,0 +1,40 @@ ++--- ++ ++- name: 2777782-01 - Check if the directory '{{ line_item }}' exists ++ ansible.builtin.stat: ++ path: "{{ line_item }}" ++ register: __sap_hana_preconfigure_register_stat_hana ++ failed_when: false ++ ++- name: Report that SELinux checking will not be performed if the directory '{{ line_item }}' does not exist ++ ansible.builtin.debug: ++ msg: "INFO: SELinux checks will not be run because the directory '{{ line_item }}' does not exist." ++ when: not __sap_hana_preconfigure_register_stat_hana.stat.exists or (__sap_hana_preconfigure_register_stat_hana.stat.isdir is defined and not __sap_hana_preconfigure_register_stat_hana.stat.isdir) ++ ++- name: Count SELinux configuration database entries for '{{ line_item }}' ++ ansible.builtin.shell: set -o pipefail && semanage fcontext -l | awk 'BEGIN{a=0}$1=="{{ line_item }}(/.*)?"&&$NF~/usr_t/{a++}END{print a}' ++ register: __sap_hana_preconfigure_register_semanage_fcontext_hana ++ changed_when: false ++ when: __sap_hana_preconfigure_register_stat_hana.stat.isdir is defined and __sap_hana_preconfigure_register_stat_hana.stat.isdir ++ ++- name: Assert that there is an entry for '{{ line_item }}' in the SELinux configuration database ++ ansible.builtin.assert: ++ that: (__sap_hana_preconfigure_register_semanage_fcontext_hana.stdout | int) != 0 ++ fail_msg: "FAIL: There is no entry for '{{ line_item }}' in the SELinux configuration database!" ++ success_msg: "PASS: There is an entry for '{{ line_item }}' in the SELinux configuration database." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_hana.stat.isdir is defined and __sap_hana_preconfigure_register_stat_hana.stat.isdir ++ ++- name: Count files in '{{ line_item }}' and below without SELinux 'usr_t' file context ++ ansible.builtin.shell: "set -o pipefail && ls -1RZ {{ line_item }} | awk 'BEGIN{a=0}!/^$/&&NF>1&&$1!~/usr_t/{a++}END{print a}'" ++ register: __sap_hana_preconfigure_register_ls_z_hana ++ changed_when: false ++ when: __sap_hana_preconfigure_register_stat_hana.stat.isdir is defined and __sap_hana_preconfigure_register_stat_hana.stat.isdir ++ ++- name: Assert that all files in '{{ line_item }}' and below have the 'usr_t' file context ++ ansible.builtin.assert: ++ that: (__sap_hana_preconfigure_register_ls_z_hana.stdout | int) == 0 ++ fail_msg: "FAIL: There is at least one file in '{{ line_item }}' or below without the 'usr_t' file context!" ++ success_msg: "PASS: All files in '{{ line_item }}' and below have the 'usr_t' file context." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_hana.stat.isdir is defined and __sap_hana_preconfigure_register_stat_hana.stat.isdir +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-3024346-loop-block.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-3024346-loop-block.yml +new file mode 100644 +index 0000000..a4a9324 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-3024346-loop-block.yml +@@ -0,0 +1,36 @@ ++--- ++ ++# loop block for sapnote/assert-3024346.yml ++ ++- name: 3024346 - Get {{ line_item.name }} from {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} ++ ansible.builtin.command: awk 'BEGIN{FS="="}/{{ line_item.name }}/{print $NF}' {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} ++ register: __sap_hana_preconfigure_register_sysctl_netapp_hana_conf_network_parameter_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_etc_sysctl_netapp_hana_conf_assert.stat.exists ++ ++# needed because line_item.value is not evaluated correctly in the that: statement ++- name: 3024346 - Set fact for line_item.value ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_sysctl_value_3024346: "{{ line_item.value }}" ++ ++- name: 3024346 - Assert that {{ line_item.name }} is set correctly in {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_netapp_hana_conf_network_parameter_assert.stdout == __sap_hana_preconfigure_sysctl_value_3024346 ++ fail_msg: "FAIL: The value of '{{ line_item.name }}' in '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' is '{{ __sap_hana_preconfigure_register_sysctl_netapp_hana_conf_network_parameter_assert.stdout }}' but the expected value is 'line_item.value'!" ++ success_msg: "PASS: The value of '{{ line_item.name }}' in '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' is '{{ __sap_hana_preconfigure_register_sysctl_netapp_hana_conf_network_parameter_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_etc_sysctl_netapp_hana_conf_assert.stat.exists ++ ++- name: 3024346 - Get {{ line_item.name }} from sysctl ++ ansible.builtin.shell: sysctl -n {{ line_item.name }} | awk '{gsub ("\t", " "); print}' ++ register: __sap_hana_preconfigure_register_sysctl_netapp_hana_network_parameter_assert ++ changed_when: no ++ ignore_errors: yes ++ ++- name: 3024346 - Assert that {{ line_item.name }} is set correctly as per sysctl ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_netapp_hana_network_parameter_assert.stdout == __sap_hana_preconfigure_sysctl_value_3024346 ++ fail_msg: "FAIL: The current value of '{{ line_item.name }}' as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_netapp_hana_network_parameter_assert.stdout }}' but the expected value is '{{ line_item.value }}'!" ++ success_msg: "PASS: The current value of '{{ line_item.name }}' as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_netapp_hana_network_parameter_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrt-ccpp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrt-ccpp.yml +new file mode 100644 +index 0000000..fc96e83 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrt-ccpp.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: Assert that service abrt-ccpp is disabled, and inactive or stopped ++ ansible.builtin.include_tasks: assert-services.yml ++ vars: ++ __sap_hana_preconfigure_service_status: "{{ ansible_facts.services['abrt-ccpp.service'].status }}" ++ __sap_hana_preconfigure_service_state: "{{ ansible_facts.services['abrt-ccpp.service'].state }}" ++ __sap_hana_preconfigure_packages_and_services_pkg: "{{ __sap_hana_preconfigure_packages_and_services['abrt-ccpp']['pkg'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc: "{{ __sap_hana_preconfigure_packages_and_services['abrt-ccpp']['svc'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_status: "{{ __sap_hana_preconfigure_packages_and_services['abrt-ccpp']['svc_status'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_state: "{{ __sap_hana_preconfigure_packages_and_services['abrt-ccpp']['svc_state'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_enabled: "{{ __sap_hana_preconfigure_packages_and_services['abrt-ccpp']['systemd_enabled'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_state: "{{ __sap_hana_preconfigure_packages_and_services['abrt-ccpp']['systemd_state'] }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrtd.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrtd.yml +new file mode 100644 +index 0000000..36a6379 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-abrtd.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: Assert that service abrtd is disabled, and inactive or stopped ++ ansible.builtin.include_tasks: assert-services.yml ++ vars: ++ __sap_hana_preconfigure_service_status: "{{ ansible_facts.services['abrtd.service'].status }}" ++ __sap_hana_preconfigure_service_state: "{{ ansible_facts.services['abrtd.service'].state }}" ++ __sap_hana_preconfigure_packages_and_services_pkg: "{{ __sap_hana_preconfigure_packages_and_services['abrtd']['pkg'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc: "{{ __sap_hana_preconfigure_packages_and_services['abrtd']['svc'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_status: "{{ __sap_hana_preconfigure_packages_and_services['abrtd']['svc_status'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_state: "{{ __sap_hana_preconfigure_packages_and_services['abrtd']['svc_state'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_enabled: "{{ __sap_hana_preconfigure_packages_and_services['abrtd']['systemd_enabled'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_state: "{{ __sap_hana_preconfigure_packages_and_services['abrtd']['systemd_state'] }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-auto-numa-balancing.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-auto-numa-balancing.yml +new file mode 100644 +index 0000000..4730807 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-auto-numa-balancing.yml +@@ -0,0 +1,16 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" ++- name: Assert that service numad is disabled, and inactive or stopped, if tuned is not to be used ++ ansible.builtin.include_tasks: assert-services.yml ++ vars: ++ __sap_hana_preconfigure_service_status: "{{ ansible_facts.services['numad.service'].status }}" ++ __sap_hana_preconfigure_service_state: "{{ ansible_facts.services['numad.service'].state }}" ++ __sap_hana_preconfigure_packages_and_services_pkg: "{{ __sap_hana_preconfigure_packages_and_services['numad']['pkg'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc: "{{ __sap_hana_preconfigure_packages_and_services['numad']['svc'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_status: "{{ __sap_hana_preconfigure_packages_and_services['numad']['svc_status'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_state: "{{ __sap_hana_preconfigure_packages_and_services['numad']['svc_state'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_enabled: "{{ __sap_hana_preconfigure_packages_and_services['numad']['systemd_enabled'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_state: "{{ __sap_hana_preconfigure_packages_and_services['numad']['systemd_state'] }}" ++ ++ when: not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_assert_all_config|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-c-states-for-lower-latency.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-c-states-for-lower-latency.yml +new file mode 100644 +index 0000000..96e5832 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-c-states-for-lower-latency.yml +@@ -0,0 +1,44 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "force_latency=70" ++- name: Assert - Perform steps for checking the required C-State configuration ++ when: ansible_architecture == 'x86_64' and (not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_modify_grub_cmdline_linux or sap_hana_preconfigure_assert_all_config) ++ block: ++ ++ - name: C-States - Get contents of GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.command: grep GRUB_CMDLINE_LINUX /etc/default/grub ++ register: __sap_hana_preconfigure_register_default_grub_cmdline_cstate_assert ++ changed_when: no ++ ++ - name: Assert that processor.max_cstate=1 is in GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.assert: ++ that: "'processor.max_cstate=1' in __sap_hana_preconfigure_register_default_grub_cmdline_cstate_assert.stdout" ++ fail_msg: "FAIL: 'processor.max_cstate=1' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" ++ success_msg: "PASS: 'processor.max_cstate=1' is in GRUB_CMDLINE_LINUX in /etc/default/grub." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that intel_idle.max_cstate=1 is in GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.assert: ++ that: "'intel_idle.max_cstate=1' in __sap_hana_preconfigure_register_default_grub_cmdline_cstate_assert.stdout" ++ fail_msg: "FAIL: 'intel_idle.max_cstate=1' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" ++ success_msg: "PASS: 'intel_idle.max_cstate=1' is in GRUB_CMDLINE_LINUX in /etc/default/grub." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: C-States - Get contents of /proc/cmdline ++ ansible.builtin.command: cat /proc/cmdline ++ register: __sap_hana_preconfigure_register_proc_cmdline_cstate_assert ++ changed_when: no ++ ++ - name: Assert that processor.max_cstate=1 is in /proc/cmdline ++ ansible.builtin.assert: ++ that: "'processor.max_cstate=1' in __sap_hana_preconfigure_register_proc_cmdline_cstate_assert.stdout" ++ fail_msg: "FAIL: 'processor.max_cstate=1' is not in /proc/cmdline!" ++ success_msg: "PASS: 'processor.max_cstate=1' is in /proc/cmdline." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that intel_idle.max_cstate=1 is in /proc/cmdline ++ ansible.builtin.assert: ++ that: "'intel_idle.max_cstate=1' in __sap_hana_preconfigure_register_proc_cmdline_cstate_assert.stdout" ++ fail_msg: "FAIL: 'intel_idle.max_cstate=1' is not in /proc/cmdline!" ++ success_msg: "PASS: 'intel_idle.max_cstate=1' is in /proc/cmdline." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-coredumps.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-coredumps.yml +new file mode 100644 +index 0000000..b7f4ba7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-coredumps.yml +@@ -0,0 +1,51 @@ ++--- ++ ++- name: Get info about file /etc/security/limits.d/99-sap.conf ++ ansible.builtin.stat: ++ path: /etc/security/limits.d/99-sap.conf ++ register: __sap_hana_preconfigure_register_stat_limits_sap_conf_assert ++ ++- name: Assert that file /etc/security/limits.d/99-sap.conf exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ fail_msg: "FAIL: File /etc/security/limits.d/99-sap.conf does not exist!" ++ success_msg: "PASS: File /etc/security/limits.d/99-sap.conf exist." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that file /etc/security/limits.d/99-sap.conf is a regular file ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg ++ fail_msg: "FAIL: File /etc/security/limits.d/99-sap.conf is not a regular file!" ++ success_msg: "PASS: File /etc/security/limits.d/99-sap.conf is a regular file." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ ++- name: Check if the hard limit of core file creation is 0 for all users ++ ansible.builtin.command: awk '$1=="*"&&/core/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_hana_preconfigure_register_limits_sap_conf_core_hard_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ ++- name: Assert that the hard limit of core file creation is 0 for all users ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_limits_sap_conf_core_hard_assert.stdout == '0' ++ fail_msg: "FAIL: The hard limit of core file creation for all users in /etc/security/limits.d/99-sap.conf is '{{ __sap_hana_preconfigure_register_limits_sap_conf_core_hard_assert.stdout }}' but the expected value is 0!" ++ success_msg: "PASS: The hard limit of core file creation for all users in /etc/security/limits.d/99-sap.conf is '{{ __sap_hana_preconfigure_register_limits_sap_conf_core_hard_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ ++- name: Check if the soft limit of core file creation is 0 for all users ++ ansible.builtin.command: awk '$1=="*"&&/core/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf ++ register: __sap_hana_preconfigure_register_limits_sap_conf_core_soft_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_stat_limits_sap_conf_assert.stat.exists ++ ++- name: Assert that the soft limit of core file creation is 0 for all users ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_limits_sap_conf_core_soft_assert.stdout == '0' ++ fail_msg: "FAIL: The soft limit of core file creation for all users in /etc/security/limits.d/99-sap.conf is '{{ __sap_hana_preconfigure_register_limits_sap_conf_core_soft_assert.stdout }}' but the expected value is 0!" ++ success_msg: "PASS: The soft limit of core file creation for all users in /etc/security/limits.d/99-sap.conf is '{{ __sap_hana_preconfigure_register_limits_sap_conf_core_soft_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_limits_sap_conf_assert.stat.exists +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-cpu-governor-for-performance.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-cpu-governor-for-performance.yml +new file mode 100644 +index 0000000..26bb566 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-cpu-governor-for-performance.yml +@@ -0,0 +1,86 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "governor=performance" ++# in included tuned profile throughput-performance ++- name: Assert - Perform steps for checking the CPU Governor for performance ++ when: ansible_architecture == 'x86_64' and (not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_assert_all_config) ++ block: ++ ++ - name: Check if system is able to set CPU Governor for performance (x86_64 platform only) ++ ansible.builtin.shell: LC_ALL=C cpupower frequency-info -g | awk '/available cpufreq governors/{print $(NF-1), $NF}' ++ check_mode: no ++ register: __sap_hana_preconfigure_register_cpupower_frequency_info_supported_assert ++ ignore_errors: true ++ changed_when: no ++ ++ - name: Assert - Display the output of the cpupower frequency-info -g command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_frequency_info_supported_assert.stdout_lines, __sap_hana_preconfigure_register_cpupower_frequency_info_supported_assert.stderr_lines ++ ++ - name: Check that the CPU Governor for performance is configured (x86_64 platform only) ++ when: "__sap_hana_preconfigure_register_cpupower_frequency_info_supported_assert.stdout != 'Not Available'" ++ block: ++ ++ - name: Get info about file /etc/rc.d/rc.local ++ ansible.builtin.stat: ++ path: /etc/rc.d/rc.local ++ register: __sap_hana_preconfigure_register_stat_rc_local_assert ++ ++ - name: Assert that file /etc/rc.d/rc.local exists (x86_64 platform only) ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_rc_local_assert.stat.exists ++ fail_msg: "FAIL: File /etc/rc.d/rc.local does not exist!" ++ success_msg: "PASS: File /etc/rc.d/rc.local exist." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that file /etc/rc.d/rc.local is a regular file (x86_64 platform only) ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_rc_local_assert.stat.isreg ++ fail_msg: "FAIL: File /etc/rc.d/rc.local is not a regular file!" ++ success_msg: "PASS: File /etc/rc.d/rc.local is a regular file." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_rc_local_assert.stat.exists ++ ++ - name: Assert that the mode of file /etc/rc.d/rc.local is 0644 (x86_64 platform only) ++ ansible.builtin.assert: ++ that: "__sap_hana_preconfigure_register_stat_rc_local_assert.stat.mode == '0644'" ++ fail_msg: "FAIL: File /etc/rc.d/rc.local has mode '{{ __sap_hana_preconfigure_register_stat_rc_local_assert.stat.mode }}' but the expected mode is '0644'!" ++ success_msg: "PASS: File /etc/rc.d/rc.local has mode 0644." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_rc_local_assert.stat.exists ++ ++ - name: Get the contents of file /etc/rc.d/rc.local (x86_64 platform only) ++ ansible.builtin.command: grep cpupower /etc/rc.d/rc.local ++ register: __sap_hana_preconfigure_register_rc_local_cpupower_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_stat_rc_local_assert.stat.exists ++ ++ - name: Assert that CPU Governor for performance is configured at boot time (x86_64 platform only) ++ ansible.builtin.assert: ++ that: "__sap_hana_preconfigure_register_rc_local_cpupower_assert.stdout == 'cpupower frequency-set -g performance'" ++ fail_msg: "FAIL: The CPU Governor for performance is not configured at boot time!" ++ success_msg: "PASS: CPU Governor for performance is configured at boot time." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Get the current status of the CPU Governor for performance (x86_64 platform only) ++ ansible.builtin.command: cpupower frequency-info -g ++ register: __sap_hana_preconfigure_register_cpupower_frequency_info_assert ++ changed_when: no ++ ignore_errors: yes ++ ++ - name: Display the output of the command 'cpupower frequency-info -g' ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_frequency_info_assert.stdout_lines ++ ++ - name: Assert that the current status of the CPU Governor for performance is performance (x86_64 platform only) ++ ansible.builtin.assert: ++ that: "'performance' in __sap_hana_preconfigure_register_cpupower_frequency_info_assert.stdout" ++ fail_msg: "FAIL: The current status of the CPU Governor for performance is not 'performance'!" ++ success_msg: "PASS: The current status of the CPU Governor for performance is 'performance'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Report if the system does not support setting the CPU Governor for performance ++ ansible.builtin.debug: ++ msg: "INFO: The system is not capable of setting the CPU Governor for 'performance'." ++ when: "__sap_hana_preconfigure_register_cpupower_frequency_info_supported_assert.stdout == 'Not Available'" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-epb.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-epb.yml +new file mode 100644 +index 0000000..0454783 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-epb.yml +@@ -0,0 +1,88 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" ++# in included tuned profile throughput-performance ++# More details on EPB are in: https://github.com/torvalds/linux/blob/be1fcde604e429691771ce70230668af8097e29b/arch/x86/kernel/cpu/intel_epb.c ++- name: Assert - Perform steps for checking EPB ++ when: ansible_architecture == 'x86_64' and (not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_assert_all_config) ++ block: ++ ++ - name: Check if system supports Intel's performance bias setting (x86_64 platform only) ++ ansible.builtin.shell: LC_ALL=C cpupower info | head -1 | awk '{print $2, $3, $4}' ++ check_mode: no ++ register: __sap_hana_preconfigure_register_cpupower_info_epb_supported_assert ++ ignore_errors: true ++ changed_when: no ++ ++ - name: Assert - Display the output of the cpupower info command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_info_epb_supported_assert.stdout_lines, __sap_hana_preconfigure_register_cpupower_info_epb_supported_assert.stderr_lines ++ ++ - name: Check EPB if possible (x86_64 platform only) ++ when: "__sap_hana_preconfigure_register_cpupower_info_epb_supported_assert.stdout != 'does not support'" ++ block: ++ ++ - name: Get info about file /etc/init.d/boot.local ++ ansible.builtin.stat: ++ path: /etc/init.d/boot.local ++ register: __sap_hana_preconfigure_register_stat_boot_local_epb_assert ++ ++ - name: Assert that file /etc/init.d/boot.local exists (x86_64 platform only) ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_boot_local_epb_assert.stat.exists ++ fail_msg: "FAIL: File /etc/init.d/boot.local does not exist!" ++ success_msg: "PASS: File /etc/init.d/boot.local exist." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that file /etc/init.d/boot.local is a regular file (x86_64 platform only) ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_boot_local_epb_assert.stat.isreg ++ fail_msg: "FAIL: File /etc/init.d/boot.local is not a regular file!" ++ success_msg: "PASS: File /etc/init.d/boot.local is a regular file." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_boot_local_epb_assert.stat.exists ++ ++ - name: Assert that the mode of file /etc/init.d/boot.local is 0755 (x86_64 platform only) ++ ansible.builtin.assert: ++ that: "__sap_hana_preconfigure_register_stat_boot_local_epb_assert.stat.mode == '0755'" ++ fail_msg: "FAIL: File /etc/init.d/boot.local has mode '{{ __sap_hana_preconfigure_register_stat_boot_local_epb_assert.stat.mode }}' but the expected mode is '0755'!" ++ success_msg: "PASS: File /etc/init.d/boot.local has mode '0755'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_boot_local_epb_assert.stat.exists ++ ++ - name: Get the contents of file /etc/init.d/boot.local (x86_64 platform only) ++ ansible.builtin.command: grep cpupower /etc/init.d/boot.local ++ register: __sap_hana_preconfigure_register_boot_local_cpupower_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_stat_boot_local_epb_assert.stat.exists ++ ++ - name: Assert that EPB is configured at boot time (x86_64 platform only) ++ ansible.builtin.assert: ++ that: "__sap_hana_preconfigure_register_boot_local_cpupower_assert.stdout == 'cpupower set -b 0'" ++ fail_msg: "FAIL: EPB is not configured to bet set to '0' ('performance') at boot time!" ++ success_msg: "PASS: EPB is configured to bet set to '0' ('performance') at boot time." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_boot_local_epb_assert.stat.exists ++ ++ - name: Get the current setting of EPB (x86_64 platform only) ++ ansible.builtin.shell: cpupower info -b | awk '/perf-bias/{print $NF}' ++ register: __sap_hana_preconfigure_register_cpupower_info_epb_assert ++ changed_when: no ++ ignore_errors: yes ++ ++ - name: Assert - Display the output of the cpupower info command again ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_info_epb_assert ++ ++ - name: Assert that the current setting of EPB is '0' (x86_64 platform only) ++ ansible.builtin.assert: ++ that: "__sap_hana_preconfigure_register_cpupower_info_epb_assert.stdout == '0'" ++ fail_msg: "FAIL: EPB is currently not set to '0' ('performance')!" ++ success_msg: "PASS: EPB is currently set to '0' ('performance')." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Report if the system does not support EPB ++ ansible.builtin.debug: ++ msg: "INFO: The system does not support Intel's performance bias setting (EPB)." ++ when: "__sap_hana_preconfigure_register_cpupower_info_epb_supported_assert.stdout == 'does not support'" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-firewalld.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-firewalld.yml +new file mode 100644 +index 0000000..5cb1576 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-firewalld.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: Assert that service firewalld is disabled, and inactive or stopped ++ ansible.builtin.include_tasks: assert-services.yml ++ vars: ++ __sap_hana_preconfigure_service_status: "{{ ansible_facts.services['firewalld.service'].status }}" ++ __sap_hana_preconfigure_service_state: "{{ ansible_facts.services['firewalld.service'].state }}" ++ __sap_hana_preconfigure_packages_and_services_pkg: "{{ __sap_hana_preconfigure_packages_and_services['firewalld']['pkg'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc: "{{ __sap_hana_preconfigure_packages_and_services['firewalld']['svc'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_status: "{{ __sap_hana_preconfigure_packages_and_services['firewalld']['svc_status'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_state: "{{ __sap_hana_preconfigure_packages_and_services['firewalld']['svc_state'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_enabled: "{{ __sap_hana_preconfigure_packages_and_services['firewalld']['systemd_enabled'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_state: "{{ __sap_hana_preconfigure_packages_and_services['firewalld']['systemd_state'] }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-kdump.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-kdump.yml +new file mode 100644 +index 0000000..de5c370 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-kdump.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: Assert that service kdump is disabled, and inactive or stopped ++ ansible.builtin.include_tasks: assert-services.yml ++ vars: ++ __sap_hana_preconfigure_service_status: "{{ ansible_facts.services['kdump.service'].status }}" ++ __sap_hana_preconfigure_service_state: "{{ ansible_facts.services['kdump.service'].state }}" ++ __sap_hana_preconfigure_packages_and_services_pkg: "{{ __sap_hana_preconfigure_packages_and_services['kdump']['pkg'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc: "{{ __sap_hana_preconfigure_packages_and_services['kdump']['svc'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_status: "{{ __sap_hana_preconfigure_packages_and_services['kdump']['svc_status'] }}" ++ __sap_hana_preconfigure_packages_and_services_svc_state: "{{ __sap_hana_preconfigure_packages_and_services['kdump']['svc_state'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_enabled: "{{ __sap_hana_preconfigure_packages_and_services['kdump']['systemd_enabled'] }}" ++ __sap_hana_preconfigure_packages_and_services_systemd_state: "{{ __sap_hana_preconfigure_packages_and_services['kdump']['systemd_state'] }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-ksm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-ksm.yml +new file mode 100644 +index 0000000..c57ea72 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-ksm.yml +@@ -0,0 +1,57 @@ ++--- ++ ++- name: Assert - Get info about file /etc/init.d/boot.local ++ ansible.builtin.stat: ++ path: /etc/init.d/boot.local ++ register: __sap_hana_preconfigure_register_stat_boot_local_ksm_assert ++ ++- name: Assert that file /etc/init.d/boot.local exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_boot_local_ksm_assert.stat.exists ++ fail_msg: "FAIL: File /etc/init.d/boot.local does not exist!" ++ success_msg: "PASS: File /etc/init.d/boot.local exist." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that file /etc/init.d/boot.local is a regular file ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_boot_local_ksm_assert.stat.isreg ++ fail_msg: "FAIL: File /etc/init.d/boot.local is not a regular file!" ++ success_msg: "PASS: File /etc/init.d/boot.local is a regular file." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_boot_local_ksm_assert.stat.exists ++ ++- name: Assert that the mode of file /etc/init.d/boot.local is 0755 ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_boot_local_ksm_assert.stat.mode == '0755' ++ fail_msg: "FAIL: File /etc/init.d/boot.local has mode '{{ __sap_hana_preconfigure_register_stat_boot_local_ksm_assert.stat.mode }}' but the expected mode is '0755'!" ++ success_msg: "PASS: File /etc/init.d/boot.local has mode 0755." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_boot_local_ksm_assert.stat.exists ++ ++- name: Get KSM setting in /etc/init.d/boot.local ++ ansible.builtin.command: awk '/ksm/{print}' /etc/init.d/boot.local ++ register: __sap_hana_preconfigure_register_boot_local_ksm_assert ++ ignore_errors: true ++ changed_when: no ++ when: __sap_hana_preconfigure_register_stat_boot_local_ksm_assert.stat.exists ++ ++- name: Assert that ksm is disabled in /etc/init.d/boot.local ++ ansible.builtin.assert: ++ that: "'echo 0 > /sys/kernel/mm/ksm/run' in __sap_hana_preconfigure_register_boot_local_ksm_assert.stdout" ++ fail_msg: "FAIL: The line 'echo 0 > /sys/kernel/mm/ksm/run' is not in file /etc/init.d/boot.local!" ++ success_msg: "PASS: The line 'echo 0 > /sys/kernel/mm/ksm/run' is in file /etc/init.d/boot.local." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_boot_local_ksm_assert.stat.exists ++ ++- name: Assert - Get status of KSM ++ ansible.builtin.command: cat /sys/kernel/mm/ksm/run ++ register: __sap_hana_preconfigure_register_ksm_active_assert ++ ignore_errors: true ++ changed_when: no ++ ++- name: Assert that ksm is currently disabled ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_ksm_active_assert.stdout == '0' ++ fail_msg: "FAIL: KSM is currently enabled but it needs to be disabled!" ++ success_msg: "PASS: KSM is disabled currently." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-selinux.yml +new file mode 100644 +index 0000000..f1ecf86 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-selinux.yml +@@ -0,0 +1,14 @@ ++--- ++ ++# Reason for noqa: Both yum and dnf support "state: latest" ++- name: Install the package which provides the semanage command # noqa package-latest ++ ansible.builtin.package: ++ state: latest ++ name: policycoreutils-python-utils ++ ++- name: Assert SELinux directory settings ++ ansible.builtin.include_tasks: assert-2777782-01-loop-block.yml ++ loop: "{{ sap_hana_preconfigure_hana_directories }}" ++ loop_control: ++ loop_var: line_item ++ when: sap_hana_preconfigure_modify_selinux_labels +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-services.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-services.yml +new file mode 100644 +index 0000000..7115593 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-services.yml +@@ -0,0 +1,28 @@ ++--- ++ ++- name: Assert that service {{ __sap_hana_preconfigure_packages_and_services_svc }} is disabled if package {{ __sap_hana_preconfigure_packages_and_services_pkg }} is installed ++ when: "__sap_hana_preconfigure_packages_and_services_pkg in ansible_facts.packages" ++ block: ++ ++ - name: "Report that package {{ __sap_hana_preconfigure_packages_and_services_pkg }} is installed" ++ ansible.builtin.debug: ++ msg: "INFO: Package '{{ __sap_hana_preconfigure_packages_and_services_pkg }}' is installed." ++ ++ - name: Assert that service {{ __sap_hana_preconfigure_packages_and_services_svc }} is {{ __sap_hana_preconfigure_packages_and_services_svc_status }} ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_service_status == __sap_hana_preconfigure_packages_and_services_svc_status ++ fail_msg: "FAIL: Service '{{ __sap_hana_preconfigure_packages_and_services_svc }}' is not {{ __sap_hana_preconfigure_packages_and_services_svc_status }}!" ++ success_msg: "PASS: Service '{{ __sap_hana_preconfigure_packages_and_services_svc }}' is {{ __sap_hana_preconfigure_packages_and_services_svc_status }}." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that service {{ __sap_hana_preconfigure_packages_and_services_svc }} is {{ __sap_hana_preconfigure_packages_and_services_svc_state }} or {{ __sap_hana_preconfigure_packages_and_services_systemd_state }} ++ ansible.builtin.assert: ++ that: (__sap_hana_preconfigure_service_state == __sap_hana_preconfigure_packages_and_services_svc_state) or (__sap_hana_preconfigure_service_state == __sap_hana_preconfigure_packages_and_services_systemd_state) ++ fail_msg: "FAIL: Service '{{ __sap_hana_preconfigure_packages_and_services_svc }}' is not {{ __sap_hana_preconfigure_packages_and_services_svc_state }}!" ++ success_msg: "PASS: Service '{{ __sap_hana_preconfigure_packages_and_services_svc }}' is {{ __sap_hana_preconfigure_packages_and_services_svc_state }} or {{ __sap_hana_preconfigure_packages_and_services_systemd_state }}." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: "Report that package {{ __sap_hana_preconfigure_packages_and_services_pkg }} is not installed" ++ ansible.builtin.debug: ++ msg: "PASS: Package '{{ __sap_hana_preconfigure_packages_and_services_pkg }}' is not installed." ++ when: "__sap_hana_preconfigure_packages_and_services_pkg not in ansible_facts.packages" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml +new file mode 100644 +index 0000000..4ebc486 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-thp.yml +@@ -0,0 +1,30 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" ++- name: Perform steps for setting transparent_hugepage=never ++ when: not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_modify_grub_cmdline_linux or sap_hana_preconfigure_assert_all_config | d(false) ++ block: ++ ++ - name: THP - Get contents of GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.command: grep GRUB_CMDLINE_LINUX /etc/default/grub ++ register: __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert ++ changed_when: no ++ ++ - name: Assert that transparent_hugepage=never is in GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.assert: ++ that: "'transparent_hugepage=never' in __sap_hana_preconfigure_register_default_grub_cmdline_thp_assert.stdout" ++ fail_msg: "FAIL: 'transparent_hugepage=never' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" ++ success_msg: "PASS: 'transparent_hugepage=never' is in GRUB_CMDLINE_LINUX in /etc/default/grub." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: THP - Get contents of /proc/cmdline ++ ansible.builtin.command: cat /proc/cmdline ++ register: __sap_hana_preconfigure_register_proc_cmdline_thp_assert ++ changed_when: no ++ ++ - name: Assert that transparent_hugepage=never is in /proc/cmdline ++ ansible.builtin.assert: ++ that: "'transparent_hugepage=never' in __sap_hana_preconfigure_register_proc_cmdline_thp_assert.stdout" ++ fail_msg: "FAIL: 'transparent_hugepage=never' is not in /proc/cmdline!" ++ success_msg: "PASS: 'transparent_hugepage=never' is in /proc/cmdline." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tsx.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tsx.yml +new file mode 100644 +index 0000000..3a64d2d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tsx.yml +@@ -0,0 +1,81 @@ ++--- ++ ++- name: Assert - Perform steps for checking TSX ++ when: ++ - ansible_architecture == 'x86_64' ++ - ansible_distribution == 'RedHat' ++ - ansible_distribution_major_version == '8' ++ - __sap_hana_preconfigure_fact_ansible_distribution_minor_version | int >= 3 ++ block: ++ ++# There are CPUs which are not capable of enabling the rtm flag, so we just report the status: ++ - name: Get all CPU flags ++ ansible.builtin.shell: set -o pipefail && lscpu | grep "^Flags:" ++ register: __sap_hana_preconfigure_register_lscpu_flags ++ changed_when: no ++ ++ - name: Report that the rtm CPU flag exists ++ ansible.builtin.debug: ++ msg: "INFO: The CPU flags contain 'rtm'." ++ when: __sap_hana_preconfigure_register_lscpu_flags.stdout is regex("^Flags:.*\s*rtm\s*.*") ++ ++ - name: Report that the rtm CPU flag does not exist ++ ansible.builtin.debug: ++ msg: "INFO: The CPU flags do not contain 'rtm'." ++ when: __sap_hana_preconfigure_register_lscpu_flags.stdout is not regex("^Flags:.*\s*rtm\s*.*") ++ ++# Note: Assertions are only necessary if rtm is not in the CPU flags. ++# If rtm is present, we just print an INFO message. ++ - name: TSX - Get contents of GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.command: grep GRUB_CMDLINE_LINUX /etc/default/grub ++ register: __sap_hana_preconfigure_register_default_grub_cmdline_tsx_assert ++ changed_when: no ++ ++ - name: Assert that tsx=on is in GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.assert: ++ that: "'tsx=on' in __sap_hana_preconfigure_register_default_grub_cmdline_tsx_assert.stdout" ++ fail_msg: "FAIL: 'tsx=on' is not in GRUB_CMDLINE_LINUX in /etc/default/grub!" ++ success_msg: "PASS: 'tsx=on' is in GRUB_CMDLINE_LINUX in /etc/default/grub." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_lscpu_flags.stdout is not regex("^Flags:.*\s*rtm\s*.*") ++ ++ - name: Report if tsx=on is in GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.debug: ++ msg: "INFO: 'tsx=on' is in GRUB_CMDLINE_LINUX in /etc/default/grub." ++ when: ++ - "'tsx=on' in __sap_hana_preconfigure_register_default_grub_cmdline_tsx_assert.stdout" ++ - __sap_hana_preconfigure_register_lscpu_flags.stdout is regex("^Flags:.*\s*rtm\s*.*") ++ ++ - name: Report if tsx=on is not in GRUB_CMDLINE_LINUX in /etc/default/grub ++ ansible.builtin.debug: ++ msg: "INFO: 'tsx=on' is not in GRUB_CMDLINE_LINUX in /etc/default/grub." ++ when: ++ - "'tsx=on' not in __sap_hana_preconfigure_register_default_grub_cmdline_tsx_assert.stdout" ++ - __sap_hana_preconfigure_register_lscpu_flags.stdout is regex("^Flags:.*\s*rtm\s*.*") ++ ++ - name: TSX - Get contents of /proc/cmdline ++ ansible.builtin.command: cat /proc/cmdline ++ register: __sap_hana_preconfigure_register_proc_cmdline_tsx_assert ++ changed_when: no ++ ++ - name: Assert that tsx=on is in /proc/cmdline ++ ansible.builtin.assert: ++ that: "'tsx=on' in __sap_hana_preconfigure_register_proc_cmdline_tsx_assert.stdout" ++ fail_msg: "FAIL: 'tsx=on' is not in /proc/cmdline!" ++ success_msg: "PASS: 'tsx=on' is in /proc/cmdline." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_lscpu_flags.stdout is not regex("^Flags:.*\s*rtm\s*.*") ++ ++ - name: Report if tsx=on is in /proc/cmdline ++ ansible.builtin.debug: ++ msg: "INFO: 'tsx=on' is in /proc/cmdline." ++ when: ++ - "'tsx=on' in __sap_hana_preconfigure_register_proc_cmdline_tsx_assert.stdout" ++ - __sap_hana_preconfigure_register_lscpu_flags.stdout is regex("^Flags:.*\s*rtm\s*.*") ++ ++ - name: Report if tsx=on is not in /proc/cmdline ++ ansible.builtin.debug: ++ msg: "INFO: 'tsx=on' is not in /proc/cmdline." ++ when: ++ - "'tsx=on' not in __sap_hana_preconfigure_register_proc_cmdline_tsx_assert.stdout" ++ - __sap_hana_preconfigure_register_lscpu_flags.stdout is regex("^Flags:.*\s*rtm\s*.*") +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tuned.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tuned.yml +new file mode 100644 +index 0000000..210c9d5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/assert-tuned.yml +@@ -0,0 +1,88 @@ ++--- ++ ++- name: Display the version of tuned ++ ansible.builtin.debug: ++ msg: "INFO: The installed version of package tuned is: {{ ansible_facts.packages['tuned'][0].version }}" ++ when: "'tuned' in ansible_facts.packages and (sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_assert_all_config)" ++ ++- name: "Assert that tuned.service exists - use_tuned: yes" ++ ansible.builtin.assert: ++ that: "'tuned.service' in ansible_facts.services" ++ fail_msg: "FAIL: Service 'tuned' could not be found!" ++ success_msg: "PASS: Service 'tuned' is available." ++ when: sap_hana_preconfigure_use_tuned ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: "Assert that tuned is enabled - use_tuned: yes" ++ ansible.builtin.assert: ++ that: ansible_facts.services['tuned.service']['status'] == 'enabled' ++ fail_msg: "FAIL: Service 'tuned' is not enabled!" ++ success_msg: "PASS: Service 'tuned' is enabled." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - "'tuned.service' in ansible_facts.services" ++ - sap_hana_preconfigure_use_tuned ++ ++- name: "Assert that tuned is active - use_tuned: yes" ++ ansible.builtin.assert: ++ that: ansible_facts.services['tuned.service']['state'] == 'running' ++ fail_msg: "FAIL: Service 'tuned' is not active!" ++ success_msg: "PASS: Service 'tuned' is active." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - "'tuned.service' in ansible_facts.services" ++ - sap_hana_preconfigure_use_tuned ++ ++- name: "Report if tuned.service does not exist - use_tuned: no" ++ ansible.builtin.debug: ++ msg: "PASS: Service 'tuned' could not be found." ++ when: ++ - "'tuned.service' not in ansible_facts.services" ++ - not sap_hana_preconfigure_use_tuned ++ ++- name: "Assert that tuned is disabled - use_tuned: no" ++ ansible.builtin.assert: ++ that: ansible_facts.services['tuned.service']['status'] == 'disabled' ++ fail_msg: "FAIL: Service 'tuned' is not disabled!" ++ success_msg: "PASS: Service 'tuned' is disabled." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - "'tuned.service' in ansible_facts.services" ++ - not sap_hana_preconfigure_use_tuned ++ ++- name: "Assert that tuned is inactive - use_tuned: no" ++ ansible.builtin.assert: ++ that: ansible_facts.services['tuned.service']['state'] == 'inactive' ++ fail_msg: "FAIL: Service 'tuned' is not inactive!" ++ success_msg: "PASS: Service 'tuned' is inactive." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - "'tuned.service' in ansible_facts.services" ++ - not sap_hana_preconfigure_use_tuned ++ ++- name: Display the version of package tuned-profiles-sap-hana ++ ansible.builtin.debug: ++ msg: "INFO: The installed version of package 'tuned-profiles-sap-hana' is: {{ ansible_facts.packages['tuned-profiles-sap-hana'][0].version }}" ++ when: "'tuned-profiles-sap-hana' in ansible_facts.packages and (sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_assert_all_config)" ++ ++- name: Get active tuned profile ++ ansible.builtin.shell: set -o pipefail && /usr/sbin/tuned-adm active | awk '/:/{print $NF}' ++ check_mode: no ++ register: __sap_hana_preconfigure_register_current_tuned_profile_assert ++ ignore_errors: yes ++ changed_when: false ++ when: sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_assert_all_config ++ ++- name: Assert - Display the output of the tuned-adm active command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_current_tuned_profile_assert.stdout_lines, __sap_hana_preconfigure_register_current_tuned_profile_assert.stderr_lines ++ ignore_errors: yes ++ when: sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_assert_all_config ++ ++- name: Assert that tuned profile '{{ sap_hana_preconfigure_tuned_profile }}' is currently active ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_current_tuned_profile_assert.stdout == sap_hana_preconfigure_tuned_profile ++ fail_msg: "FAIL: The tuned profile '{{ sap_hana_preconfigure_tuned_profile }}' is currently not active! Currently active profile: '{{ __sap_hana_preconfigure_register_current_tuned_profile_assert.stdout }}'." ++ success_msg: "PASS: The tuned profile '{{ sap_hana_preconfigure_tuned_profile }}' is currently active." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_assert_all_config +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-c-states-for-lower-latency.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-c-states-for-lower-latency.yml +new file mode 100644 +index 0000000..ba33a01 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-c-states-for-lower-latency.yml +@@ -0,0 +1,19 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "force_latency=70" ++- name: Configure C-States for lower latency ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX=(?!.* {{ line_item }}).*). *$' ++ line: "\\1 {{ line_item }}\"" ++ with_items: ++ - "processor.max_cstate=1" ++ - "intel_idle.max_cstate=1" ++ notify: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ansible_architecture == 'x86_64' and (not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_modify_grub_cmdline_linux) ++ tags: grubconfig ++ loop_control: ++ loop_var: line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-cpu-governor-for-performance.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-cpu-governor-for-performance.yml +new file mode 100644 +index 0000000..8b9f450 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-cpu-governor-for-performance.yml +@@ -0,0 +1,55 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "governor=performance" ++# in included tuned profile throughput-performance ++- name: Perform steps for configuring the CPU Governor for performance ++ when: ++ - ansible_architecture == 'x86_64' ++ - not sap_hana_preconfigure_use_tuned ++ block: ++ ++ - name: Check if system is able to set CPU Governor for performance ++ ansible.builtin.shell: LC_ALL=C cpupower frequency-info -g | awk '/available cpufreq governors/{print $(NF-1), $NF}' ++ check_mode: no ++ register: __sap_hana_preconfigure_register_cpupower_frequency_info_supported ++ ignore_errors: true ++ changed_when: false ++ ++ - name: Display the output of the cpupower frequency-info -g command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_frequency_info_supported.stdout_lines, __sap_hana_preconfigure_register_cpupower_frequency_info_supported.stderr_lines ++ ++ - name: Configure CPU Governor for performance if possible ++ when: __sap_hana_preconfigure_register_cpupower_frequency_info_supported.stdout != 'Not Available' ++ block: ++ ++ - name: Create file /etc/rc.d/rc.local if it does not exist ++ ansible.builtin.file: ++ path: /etc/rc.d/rc.local ++ state: touch ++ mode: 0644 ++ ++ - name: Configure CPU Governor for performance at boot time (x86_64 platform only) ++ ansible.builtin.lineinfile: ++ dest: /etc/rc.d/rc.local ++ line: "cpupower frequency-set -g performance" ++ ++# Reason for changed_when being set to yes: Avoid calling one more command for getting the current CPU Governor setting ++ - name: Configure CPU Governor for performance on the running system (x86_64 platform only) ++ ansible.builtin.command: cpupower frequency-set -g performance ++ register: __sap_hana_preconfigure_register_cpupower_frequency_set ++ changed_when: yes ++ ++ - name: Display the output of the cpupower frequency-set command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_frequency_set.stdout_lines, __sap_hana_preconfigure_register_cpupower_frequency_set.stderr_lines ++ ++ - name: Get status of CPU Governor ++ ansible.builtin.command: cpupower frequency-info -g ++ register: __sap_hana_preconfigure_register_cpupower_frequency_info ++ ignore_errors: true ++ changed_when: false ++ ++ - name: Display the output of the cpupower frequency-info -g command again ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_frequency_info.stdout_lines, __sap_hana_preconfigure_register_cpupower_frequency_info.stderr_lines +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-epb.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-epb.yml +new file mode 100644 +index 0000000..b7e500d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-epb.yml +@@ -0,0 +1,57 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" ++# in included tuned profile throughput-performance ++# More details on EPB are in: https://github.com/torvalds/linux/blob/be1fcde604e429691771ce70230668af8097e29b/arch/x86/kernel/cpu/intel_epb.c ++- name: Perform steps for configuring EPB ++ when: ++ - ansible_architecture == 'x86_64' ++ - not sap_hana_preconfigure_use_tuned ++ block: ++ ++ - name: Check if system supports Intel's performance bias setting ++ ansible.builtin.shell: set -o pipefail && LC_ALL=C cpupower info | head -1 | awk '{print $2, $3, $4}' ++ check_mode: no ++ register: __sap_hana_preconfigure_register_cpupower_info_epb_supported ++ ignore_errors: true ++ changed_when: false ++ ++ - name: Display the output of the cpupower info command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_info_epb_supported.stdout_lines, __sap_hana_preconfigure_register_cpupower_info_epb_supported.stderr_lines ++ ++ - name: Change EPB if possible ++ when: __sap_hana_preconfigure_register_cpupower_info_epb_supported.stdout != 'does not support' ++ block: ++ ++ - name: Create file /etc/init.d/boot.local if it does not exist ++ ansible.builtin.file: ++ path: /etc/init.d/boot.local ++ state: touch ++ mode: 0755 ++ ++ - name: Configure EPB at boot time ++ ansible.builtin.lineinfile: ++ dest: /etc/init.d/boot.local ++ line: "cpupower set -b 0" ++ ++# Reason for changed_when being set to yes: We unconditionally configure EPB without first determining ++# the current state ++ - name: Configure EPB on the running system ++ ansible.builtin.command: cpupower set -b 0 ++ register: __sap_hana_preconfigure_register_cpupower_set ++ changed_when: yes ++ ++ - name: Display the output of the cpupower set command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_set.stdout_lines, __sap_hana_preconfigure_register_cpupower_set.stderr_lines ++ ++ - name: Get status of EPB ++ ansible.builtin.command: cpupower info -b ++ register: __sap_hana_preconfigure_register_cpupower_info ++ ignore_errors: true ++ changed_when: false ++ ++ - name: Display the output of the cpupower info -b command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_cpupower_info.stdout_lines, __sap_hana_preconfigure_register_cpupower_info.stderr_lines +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-selinux.yml +new file mode 100644 +index 0000000..124b66c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-selinux.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: SELinux - Configure SELinux file contexts ++ ansible.builtin.include_role: ++ name: '{{ sap_hana_preconfigure_system_roles_collection }}.selinux' ++ vars: ++ selinux_booleans: ++ - {name: 'selinuxuser_execmod', state: 'on'} ++ selinux_fcontexts: ++ - "{{ sap_hana_preconfigure_fact_targets_setypes }}" ++ selinux_restore_dirs: ++ - "{{ sap_hana_preconfigure_hana_directories }}" ++ when: sap_hana_preconfigure_modify_selinux_labels +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-tuned.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-tuned.yml +new file mode 100644 +index 0000000..152d6d0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-tuned.yml +@@ -0,0 +1,63 @@ ++--- ++ ++- name: Perform specific steps for tuned profile on RHEL 8.0 ppc64le ++ when: ++ - sap_hana_preconfigure_use_tuned ++ - ansible_architecture == "ppc64le" ++ - ansible_distribution_version == "8.0" ++ block: ++ ++ - name: RHEL 8.0 ppc64le - Create directory /etc/tuned/sap-hana-ppc64le ++ ansible.builtin.file: ++ path: /etc/tuned/sap-hana-ppc64le ++ state: directory ++ owner: root ++ group: root ++ mode: '0755' ++ ++ - name: RHEL 8.0 ppc64le - Copy file /etc/tuned/sap-hana-ppc64le/tuned.conf ++ ansible.builtin.copy: ++ src: etc/tuned/sap-hana-ppc64le/tuned.conf ++ dest: /etc/tuned/sap-hana-ppc64le/tuned.conf ++ owner: root ++ group: root ++ mode: '0644' ++ backup: true ++ ++- name: Perform steps for setting tuned profile ++ when: sap_hana_preconfigure_use_tuned ++ block: ++ ++ - name: Enable and start tuned ++ ansible.builtin.service: ++ name: tuned ++ state: started ++ enabled: true ++ ++ - name: Get currently active tuned profile ++ ansible.builtin.shell: set -o pipefail && /usr/sbin/tuned-adm active | awk '/:/{print $NF}' ++ check_mode: false ++ register: __sap_hana_preconfigure_register_current_tuned_profile ++ changed_when: false ++ ++ - name: Display the output of the tuned-adm active command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_current_tuned_profile.stdout_lines, __sap_hana_preconfigure_register_current_tuned_profile.stderr_lines ++ ++ - name: Switch to tuned profile '{{ sap_hana_preconfigure_tuned_profile }}' if not currently active ++ when: __sap_hana_preconfigure_register_current_tuned_profile.stdout != sap_hana_preconfigure_tuned_profile ++ block: ++ ++ - name: Switch to tuned profile '{{ sap_hana_preconfigure_tuned_profile }}' ++ ansible.builtin.command: /usr/sbin/tuned-adm profile '{{ sap_hana_preconfigure_tuned_profile }}' ++ changed_when: true ++ ++ - name: Show new active tuned profile ++ ansible.builtin.shell: set -o pipefail && /usr/sbin/tuned-adm active | awk '/:/{print $NF}' ++ check_mode: false ++ register: __sap_hana_preconfigure_register_new_tuned_profile ++ changed_when: false ++ ++ - name: Display the output of the tuned-adm active command after switching to profile '{{ sap_hana_preconfigure_tuned_profile }}' ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_new_tuned_profile.stdout_lines, __sap_hana_preconfigure_register_new_tuned_profile.stderr_lines +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrt-ccpp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrt-ccpp.yml +new file mode 100644 +index 0000000..0f54d0b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrt-ccpp.yml +@@ -0,0 +1,6 @@ ++--- ++ ++- name: Disable abrt-ccpp ++ ansible.builtin.include_tasks: disable-services.yml ++ vars: ++ line_item: abrt-ccpp +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrtd.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrtd.yml +new file mode 100644 +index 0000000..6d4f5e0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-abrtd.yml +@@ -0,0 +1,6 @@ ++--- ++ ++- name: Disable abrtd ++ ansible.builtin.include_tasks: disable-services.yml ++ vars: ++ line_item: abrtd +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-coredumps.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-coredumps.yml +new file mode 100644 +index 0000000..a82bb1a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-coredumps.yml +@@ -0,0 +1,17 @@ ++--- ++ ++# Reasons for noqa: 1. Tabs can increase readability; ++# 2. The example in man limits.conf is tab formatted; ++# 3. It is difficult to replace tabs by spaces for entries for which their lengths are not known ++- name: Disable core file creation for all users # noqa no-tabs ++ ansible.builtin.lineinfile: ++ path: /etc/security/limits.d/99-sap.conf ++ create: yes ++ mode: 0644 ++ regexp: '^\*\s+{{ line_item }}\s+core\s.*' ++ line: "*\t{{ line_item }}\tcore\t0" ++ with_items: ++ - hard ++ - soft ++ loop_control: ++ loop_var: line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-firewalld.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-firewalld.yml +new file mode 100644 +index 0000000..76c8c8a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-firewalld.yml +@@ -0,0 +1,6 @@ ++--- ++ ++- name: Disable firewalld ++ ansible.builtin.include_tasks: disable-services.yml ++ vars: ++ line_item: firewalld +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-kdump.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-kdump.yml +new file mode 100644 +index 0000000..b9728bc +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-kdump.yml +@@ -0,0 +1,6 @@ ++--- ++ ++- name: Disable kdump ++ ansible.builtin.include_tasks: disable-services.yml ++ vars: ++ line_item: kdump +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-ksm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-ksm.yml +new file mode 100644 +index 0000000..2e9f64c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-ksm.yml +@@ -0,0 +1,41 @@ ++--- ++ ++- name: Configure - Get info about file /etc/init.d/boot.local ++ ansible.builtin.stat: ++ path: /etc/init.d/boot.local ++ register: __sap_hana_preconfigure_register_stat_boot_local_ksm ++ ++- name: Create file /etc/init.d/boot.local if it does not exist ++ ansible.builtin.file: ++ path: /etc/init.d/boot.local ++ state: touch ++ mode: 0755 ++ when: not __sap_hana_preconfigure_register_stat_boot_local_ksm.stat.exists ++ ++- name: Disable KSM at boot time ++ ansible.builtin.lineinfile: ++ dest: /etc/init.d/boot.local ++ line: "echo 0 > /sys/kernel/mm/ksm/run" ++ ++- name: Configure - Get initial status of KSM ++ ansible.builtin.command: cat /sys/kernel/mm/ksm/run ++ check_mode: false ++ register: __sap_hana_preconfigure_register_ksm_status_before ++ ignore_errors: true ++ changed_when: false ++ ++- name: Disable KSM on the running system ++ ansible.builtin.shell: echo 0 > /sys/kernel/mm/ksm/run ++ register: __sap_hana_preconfigure_register_disable_ksm ++ changed_when: true ++ when: __sap_hana_preconfigure_register_ksm_status_before.stdout != '0' ++ ++- name: Configure - Get status of KSM ++ ansible.builtin.command: cat /sys/kernel/mm/ksm/run ++ register: __sap_hana_preconfigure_register_ksm_status ++ ignore_errors: true ++ changed_when: false ++ ++- name: Display the status of KSM ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_ksm_status.stdout_lines, __sap_hana_preconfigure_register_ksm_status.stderr_lines +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-services.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-services.yml +new file mode 100644 +index 0000000..694bd83 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-services.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Disable service {{ __sap_hana_preconfigure_packages_and_services[line_item].svc }} if package {{ __sap_hana_preconfigure_packages_and_services[line_item].pkg }} is installed ++ ansible.builtin.systemd: ++ name: "{{ __sap_hana_preconfigure_packages_and_services[line_item].svc }}" ++ state: "{{ __sap_hana_preconfigure_packages_and_services[line_item].systemd_state }}" ++ enabled: "{{ __sap_hana_preconfigure_packages_and_services[line_item].systemd_enabled }}" ++ when: "__sap_hana_preconfigure_packages_and_services[line_item].pkg in ansible_facts.packages" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-thp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-thp.yml +new file mode 100644 +index 0000000..d1d4f8d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/disable-thp.yml +@@ -0,0 +1,18 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" ++- name: Disable transparent hugepages at boot time ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX=(?!.* {{ line_item }}).*). *$' ++ line: "\\1 {{ line_item }}\"" ++ with_items: ++ - "transparent_hugepage=never" ++ notify: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: not sap_hana_preconfigure_use_tuned or sap_hana_preconfigure_modify_grub_cmdline_linux ++ tags: grubconfig ++ loop_control: ++ loop_var: line_item +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/enable-tsx.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/enable-tsx.yml +new file mode 100644 +index 0000000..4566cd7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/enable-tsx.yml +@@ -0,0 +1,18 @@ ++--- ++ ++- name: Get boot command line ++ ansible.builtin.slurp: ++ src: /proc/cmdline ++ register: __sap_hana_preconfigure_register_proc_cmdline ++ ++- name: Enable TSX at boot time ++ ansible.builtin.command: /bin/true ++ notify: __sap_hana_preconfigure_grubby_update_handler ++ changed_when: true ++ when: ++ - ansible_architecture == 'x86_64' ++ - ansible_distribution == 'RedHat' ++ - ansible_distribution_major_version == '8' ++ - __sap_hana_preconfigure_fact_ansible_distribution_minor_version|int >= 3 ++ - not ( __sap_hana_preconfigure_register_proc_cmdline['content'] | b64decode | regex_findall('tsx=on') ) ++ tags: grubconfig +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/turn-off-auto-numa-balancing.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/turn-off-auto-numa-balancing.yml +new file mode 100644 +index 0000000..ff15dec +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/generic/turn-off-auto-numa-balancing.yml +@@ -0,0 +1,8 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" ++- name: Disable numad ++ ansible.builtin.include_tasks: disable-services.yml ++ vars: ++ line_item: numad ++ when: not sap_hana_preconfigure_use_tuned +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/installation.yml +new file mode 100644 +index 0000000..e39849b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/RedHat/installation.yml +@@ -0,0 +1,247 @@ ++--- ++ ++- name: Get the current RHEL release ++ ansible.builtin.setup: ++ gather_subset: distribution_version ++ ++- name: Report if the system is running a RHEL release which is supported for SAP HANA ++ ansible.builtin.debug: ++ msg: ++ - "WARN: The RHEL release '{{ ansible_distribution_version }}' may not (yet) be supported for SAP HANA. Please check SAP note 2235581!" ++ - " If necessary, adapt role parameter `sap_hana_preconfigure_supported_rhel_minor_releases` accordingly." ++ when: ++ - not sap_hana_preconfigure_min_rhel_release_check ++ - ansible_distribution_version not in sap_hana_preconfigure_supported_rhel_minor_releases ++ ++- name: Fail if the system is running a RHEL release which may not be supported for SAP HANA ++ ansible.builtin.assert: ++ that: ansible_distribution_version in sap_hana_preconfigure_supported_rhel_minor_releases ++ fail_msg: ++ - "The RHEL release '{{ ansible_distribution_version }}' may not (yet) be supported for SAP HANA. Please check SAP note 2235581!" ++ - "If necessary, adapt role parameter `sap_hana_preconfigure_supported_rhel_minor_releases` accordingly." ++ success_msg: "The RHEL release '{{ ansible_distribution_version }}' is supported for SAP HANA." ++ when: sap_hana_preconfigure_min_rhel_release_check ++ ++- name: Perform steps for enabling repos for SAP HANA ++ when: sap_hana_preconfigure_enable_sap_hana_repos ++ block: ++ ++# repos required for SAP HANA on RHEL 7 and RHEL 8: ++ - name: Fill the variable for the generic list of required repos ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_required_repos: "{{ lookup('vars', '__sap_hana_preconfigure_req_repos_redhat_' + ansible_distribution_version | string | replace(\".\", \"_\") + '_' + ansible_architecture) }}" ++ ++ - name: Construct valid argument list to the subscription-manager repos command ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_required_repos_args: "{{ ['--enable='] | product(__sap_hana_preconfigure_fact_required_repos) | map('join') | list }}" ++ ++# Reason for noqa: Avoid calling one more command for getting the currently enabled repos ++# and then having to compare the output against the list of required repos ++ - name: Enable required repositories # noqa no-changed-when ++ ansible.builtin.command: "subscription-manager repos {{ __sap_hana_preconfigure_fact_required_repos_args | map('quote') | join(' ') }}" ++ register: __sap_hana_preconfigure_register_subscription_enable_repos ++ ++ - name: Display the output of the subscription-manager repos --enable command ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_subscription_enable_repos ++ ++- name: Detect if the minor RHEL release is set ++ ansible.builtin.shell: set -o pipefail && subscription-manager release --show | awk '{print $NF}' ++ register: __sap_hana_preconfigure_register_subscription_manager_release ++ changed_when: false ++ when: ++ - sap_hana_preconfigure_set_minor_release ++ ++- name: Set the minor RHEL release ++ ansible.builtin.command: subscription-manager release --set="{{ ansible_distribution_version }}" ++ changed_when: true ++ when: ++ - sap_hana_preconfigure_set_minor_release ++ - __sap_hana_preconfigure_register_subscription_manager_release.stdout != ansible_distribution_version ++ ++- name: Ensure required packages are installed ++ ansible.builtin.package: ++ state: present ++ name: "{{ sap_hana_preconfigure_packages }}" ++ ++# The package module is sufficient to guarantee that the required packages are installed. ++# So there is no need to display the installed packages. ++# This information can be displayed with an assert run or by running the role with an appropriate verbosity level ++# ++# - name: Get status of installed packages ++# yum: ++# name: "{{ sap_hana_preconfigure_packages }}" ++# register: __sap_hana_preconfigure_register_required_packages ++# ignore_errors: True ++# changed_when: false ++# ++# - name: Display the list of required packages which are installed ++# debug: ++# var: __sap_hana_preconfigure_register_required_packages.results ++ ++### If this task fails, you need to enable the IBM PowerTools repository ++### see https://www14.software.ibm.com/support/customercare/sas/f/lopdiags/home.html for details ++ ++- name: Install the ibm-power-repo package ++ ansible.builtin.package: ++ name: "{{ sap_hana_preconfigure_ibm_power_repo_url }}" ++ state: present ++ disable_gpg_check: true ++ when: ++ - ansible_architecture == "ppc64le" ++ - sap_hana_preconfigure_install_ibm_power_tools | d(true) ++ - sap_hana_preconfigure_add_ibm_power_repo | d(true) ++ ++- name: Accept the license for the IBM Service and Productivity Tools ++ ansible.builtin.shell: LESS=+q /opt/ibm/lop/configure <<<'y' ++ changed_when: true ++ when: ++ - ansible_architecture == "ppc64le" ++ - sap_hana_preconfigure_install_ibm_power_tools | d(true) ++ - sap_hana_preconfigure_add_ibm_power_repo | d(true) ++ ++# Reason for noqa: Both yum and dnf support "state: latest" ++- name: Install the IBM Service and Productivity Tools # noqa package-latest ++ ansible.builtin.package: ++ state: latest ++ name: "{{ __sap_hana_preconfigure_required_ppc64le }}" ++ when: ++ - ansible_architecture == "ppc64le" ++ - sap_hana_preconfigure_install_ibm_power_tools | d(true) ++ ++# The package module is sufficient to guarantee that the required packages are installed. ++# So there is no need to display the installed packages. ++# This information can be displayed with an assert run or by running the role with an appropriate verbosity level ++# ++#- name: Get the status of installed IBM Service and Productivity Tools ++# yum: ++# name: "{{ __sap_hana_preconfigure_required_ppc64le }}" ++# register: __sap_hana_preconfigure_register_required_ppc64le_packages ++# ignore_errors: True ++# changed_when: false ++# when: ansible_architecture == "ppc64le" ++# ++# - name: ppc64le - Get status of installed packages ++# debug: ++# var: __sap_hana_preconfigure_register_required_ppc64le_packages.results ++# when: ansible_architecture == "ppc64le" ++ ++- name: Ensure that the minimum required package versions are installed ++ when: ++ - sap_hana_preconfigure_min_package_check | bool ++ - __sap_hana_preconfigure_min_pkgs | d([]) ++ block: ++ ++# Reason for noqa: We can safely fail at the last command in the pipeline. ++ - name: Create a list of minimum required package versions to be installed # noqa risky-shell-pipe ++# How does it work? ++# 1 - Print the required package name and version with a prefix "1" followed by a space. ++# 2 - In the same output sequence, list all installed versions of this package with a prefix "2" followed by a space. ++# 3 - Replace all occurrences of ".el" by ".0.0" so that the sort -V correctly sorts packages with ".el" in its name ++# 4 - Sort the list by the name and version. ++# 5 - Replace ".0.0" by ".el" again to get back the original names. ++# 6 - Store the last installed version of the package in variable latestpkg. ++# 7 - Store the last content of column 1 in variable col1, the last content of column 2 in variable col2, ++# and the last number of fields in variable _nf. ++# 8 - case 1: If the last number of output fields is greater than 2, it indicates that the package is not installed ++# because the output of "rpm -q" will be similar to "package XXX is not installed". ++# 8 - case 2a: If the first column of the last line of the output is "1", it means that the required package is ++# the latest of all required and installed versions of the package, so it means that the package needs ++# to be updated. ++# 8 - case 2b: If the first column of the last line of the output is "2", it means that at least of the installed ++# versions the package is equal to or greater than the required package version. ++ ansible.builtin.shell: | ++ (echo "1 {{ pkg[0] }}-{{ pkg[1] }}";rpm -q --qf "%{NAME}-%{VERSION}-%{RELEASE}\n" {{ pkg[0] }} | ++ awk '{printf ("2 %s\n", $0)}') | ++ awk '{gsub ("\\.el", ".0.0"); print}' | ++ sort -k 2 -k 1 -V | ++ awk '{gsub ("\\.0\\.0", ".el"); col1=$1; col2=$2; _nf=NF} ++ $1==2{latestpkg=$2} ++ END { ++ if (_nf>2) { ++ printf ("{{ pkg[0] }}-{{ pkg[1] }}\n") ++ } else { ++ if (col1==1) { ++ printf ("{{ pkg[0] }}-{{ pkg[1] }}\n") ++ } ++ } ++ }' ++ with_list: "{{ __sap_hana_preconfigure_min_pkgs }}" ++ loop_control: ++ loop_var: pkg ++ check_mode: no ++ register: __sap_hana_preconfigure_register_minpkglist ++ changed_when: no ++ ++ - name: Display the content of the minimum package list variable ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_minpkglist ++ ++ - name: Install minimum packages if required ++ ansible.builtin.package: ++ name: "{{ line_item.stdout }}" ++ state: present ++ with_items: "{{ __sap_hana_preconfigure_register_minpkglist.results }}" ++ loop_control: ++ loop_var: line_item ++ ++# Reason for noqa: Both yum and dnf support "state: latest" ++- name: Ensure that the system is updated to the latest patchlevel # noqa package-latest ++ ansible.builtin.package: ++ state: latest ++ name: "*" ++ when: sap_hana_preconfigure_update | bool ++ ++- name: "Set needs-restarting command in case of RHEL 7" ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_needs_restarting_command: "needs-restarting -r" ++ when: ++ - ansible_os_family == 'RedHat' ++ - ansible_distribution_major_version == '7' ++ ++- name: "Set needs-restarting command in case of RHEL 8 or RHEL 9, except RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_needs_restarting_command: "yum needs-restarting -r" ++ when: ++ - ansible_os_family == 'RedHat' ++ - (ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' ) ++ - ansible_distribution_version != '8.0' ++ ++- name: "Set customized needs-restarting command in case of RHEL 8.0" ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_needs_restarting_command: "_IKRNL=$(rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,\"\"); print $1}'); _CKRNL=$(uname -r); if [ ${_IKRNL} != ${_CKRNL} ]; then exit 1; else exit 0; fi" ++ when: ++ - ansible_os_family == 'RedHat' ++ - ansible_distribution_version == '8.0' ++ ++- name: Display the command for checking a reboot requirement ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_fact_needs_restarting_command ++ ++# Reason for noqa: The command to be executed might contain pipes ++- name: Determine if system needs to be restarted # noqa command-instead-of-shell ++ ansible.builtin.shell: "{{ __sap_hana_preconfigure_fact_needs_restarting_command }}" ++ register: __sap_hana_preconfigure_register_needs_restarting ++ ignore_errors: true ++ changed_when: false ++ check_mode: false ++ ++- name: Display the output of the reboot requirement check ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_needs_restarting ++ ++# Role sap_general_preconfigure is typically run right before this role, in the same playbook. ++# We can avoid a second reboot by setting sap_general_preconfigure_fail_if_reboot_required ++# to 'no' and notifying the reboot handler of the current role about the reboot requirement ++# of role sap_general_preconfigure. ++- name: Call reboot handler if necessary as per role sap_general_preconfigure ++ ansible.builtin.command: /bin/true ++ notify: __sap_hana_preconfigure_reboot_handler ++ changed_when: true ++ when: sap_general_preconfigure_fact_reboot_required | d(false) ++ ++- name: Call reboot handler if necessary as per this role ++ ansible.builtin.command: /bin/true ++ notify: __sap_hana_preconfigure_reboot_handler ++ changed_when: true ++ when: __sap_hana_preconfigure_register_needs_restarting is failed +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/assert-configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/assert-configuration.yml +new file mode 100644 +index 0000000..6aee014 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/assert-configuration.yml +@@ -0,0 +1,64 @@ ++--- ++#- name: Enable Debugging ++# debug: ++# verbosity: "{{ debuglevel }}" ++# ++ ++- name: Populate service facts ++ ansible.builtin.service_facts: ++ ++- name: Assert that saptune is running and enabled ++ ansible.builtin.assert: ++ that: ++ - "ansible_facts.services['saptune.service'].state == 'running'" ++ - "ansible_facts.services['saptune.service'].status == 'enabled'" ++ fail_msg: "FAIL: the service 'saptune' is not configured as expected" ++ success_msg: "PASS: the service 'saptune' is configured as expected" ++ ++- name: Run saptune_check ++ ansible.builtin.command: saptune_check ++ register: __sap_hana_preconfigure_register_saptune_check ++ changed_when: false ++ failed_when: false ++ ++- name: Assert that saptune_check executed correctly ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_saptune_check.rc == 0 ++ fail_msg: "FAIL: the command saptune_check fails" ++ success_msg: "PASS: the command saptune_check executes as expected" ++ ++- name: Discover active solution ++ ansible.builtin.command: saptune solution enabled ++ register: __sap_hana_preconfigure_register_saptune_status ++ changed_when: false ++ ++- name: Set solution fact ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_saptune_configured_solution: "{{ (__sap_hana_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" ++ ++- name: Assert that active solution is the expected solution ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_saptune_configured_solution == sap_hana_preconfigure_saptune_solution ++ fail_msg: "FAIL: the configured saptune solution is '{{ __sap_hana_preconfigure_saptune_configured_solution }}'' and does not match the expected solution '{{ sap_hana_preconfigure_saptune_solution }}'" ++ success_msg: "PASS: the configured saptune solution matches the expected solution '{{ sap_hana_preconfigure_saptune_solution }}'" ++ ++# If this is a cluster node on Azure, we need to override to disable tcp timestamps, reuse and recycle. ++# This can be done by copying the sapnote file 2382421 from /usr/share/saptune/notes to /etc/saptune/override ++# The value can then override in the in the new file ++ ++#- name: Disable TCP timestamps, recycle & reuse ++# ansible.builtin.blockinfile: ++# path: /etc/saptune/override/2382421 ++# create: yes ++# backup: yes ++# owner: root ++# group: root ++# mode: '0640' ++# marker: "" ++# block: | ++# [sysctl] ++# net.ipv4.tcp_timestamps = 0 ++# net.ipv4.tcp_tw_reuse = 0 ++# net.ipv4.tcp_tw_recycle = 0 ++# when: ++# - sap_hana_preconfigure_saptune_azure +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml +new file mode 100644 +index 0000000..c54bb61 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml +@@ -0,0 +1,25 @@ ++--- ++#- name: Enable Debugging ++# debug: ++# verbosity: "{{ debuglevel }}" ++# ++ ++#Capture all patterns along with their install status ++- name: Get zypper pattern information ++ ansible.builtin.command: zypper patterns ++ register: __sap_hana_preconfigure_zypper_patterns ++ changed_when: false ++ ++# Count the number of times the sap-hana pattern appears to be installed in the output. ++# It is OK for it to appear more than once ++- name: Assert the sap-hana pattern is installed ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_zypper_patterns.stdout_lines | select('match', 'i.*sap-hana.*') | length != 0 ++ fail_msg: "FAIL: the sap-hana pattern is not installed" ++ success_msg: "PASS: the sap-hana pattern is installed" ++ ++- name: Assert saptune is at requested version ++ ansible.builtin.assert: ++ that: ansible_facts.packages['saptune'][0]['version'] == sap_hana_preconfigure_saptune_version ++ fail_msg: "FAIL: saptune version installed is {{ ansible_facts.packages['saptune'][0]['version'] }} but the version {{ sap_hana_preconfigure_saptune_version }} was expected" ++ success_msg: "PASS: the installed version of saptune meets the expected version: {{ sap_hana_preconfigure_saptune_version }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml +new file mode 100644 +index 0000000..cdfcede +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml +@@ -0,0 +1,93 @@ ++--- ++- name: Takover saptune and enable ++ when: __sap_hana_preconfigure_run_saptune ++ block: ++ - name: Make sure that sapconf and tuned are stopped and disabled ++ ansible.builtin.command: "saptune service takeover" ++ register: __sap_saptune_takeover ++ changed_when: __sap_saptune_takeover.rc == 0 ++ ++ - name: Ensure saptune is running and enabled ++ ansible.builtin.systemd: ++ name: saptune ++ state: started ++ enabled: true ++ ++ - name: Ensure saptune_check executes correctly ++ ansible.builtin.command: saptune_check ++ changed_when: false ++ ++ - name: Discover active solution ++ ansible.builtin.command: saptune solution enabled ++ register: __sap_hana_preconfigure_register_saptune_status ++ changed_when: false ++ ++ - name: Set fact for active solution ++ ansible.builtin.set_fact: ++ # Capture the first block on none whitespace ++ __sap_hana_preconfigure_fact_solution_configured: "{{ (__sap_hana_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" ++ ++ - name: Show configured solution ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_fact_solution_configured ++ ++- name: Enable sapconf ++ when: not __sap_hana_preconfigure_run_saptune ++ block: ++ - name: Enable sapconf service ++ ansible.builtin.systemd: ++ name: sapconf ++ state: started ++ enabled: true ++ ++ - name: Restart sapconf service ++ ansible.builtin.systemd: ++ name: sapconf ++ state: restarted ++ ++# If this is a cluster node on Azure, we need to override to disable tcp timestamps, reuse and recycle. ++# This can be done by copying the sapnote file 2382421 from /usr/share/saptune/notes to /etc/saptune/override ++# The value can then override in the in the new file ++ ++- name: Disable TCP timestamps, recycle & reuse ++ ansible.builtin.blockinfile: ++ path: /etc/saptune/override/2382421 ++ create: true ++ backup: true ++ owner: root ++ group: root ++ mode: '0640' ++ marker: "" ++ block: | ++ [sysctl] ++ net.ipv4.tcp_timestamps = 0 ++ net.ipv4.tcp_tw_reuse = 0 ++ net.ipv4.tcp_tw_recycle = 0 ++ when: ++ - sap_hana_preconfigure_saptune_azure ++ ++- name: Apply saptune solution ++ when: __sap_hana_preconfigure_run_saptune ++ block: ++ - name: Check if saptune solution needs to be applied ++ ansible.builtin.command: "saptune solution verify {{ sap_hana_preconfigure_saptune_solution }}" ++ register: __sap_hana_preconfigure_register_saptune_verify ++ changed_when: false # We're only checking, not changing! ++ failed_when: false # We expect this to fail if it has not previously been applied ++ ++ - name: Ensure no solution is currently applied ++ ansible.builtin.command: "saptune solution revert {{ __sap_hana_preconfigure_fact_solution_configured }}" ++ changed_when: true ++ when: ++ - __sap_hana_preconfigure_fact_solution_configured != 'NONE' ++ - __sap_hana_preconfigure_register_saptune_verify.rc != 0 ++ ++ - name: Ensure saptune solution is applied ++ ansible.builtin.command: "saptune solution apply {{ sap_hana_preconfigure_saptune_solution }}" ++ changed_when: true ++ when: ++ - __sap_hana_preconfigure_register_saptune_verify.rc != 0 ++ ++ - name: Ensure solution was successful ++ ansible.builtin.command: "saptune solution verify {{ sap_hana_preconfigure_saptune_solution }}" ++ changed_when: false # We're only checking, not changing! +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/installation.yml +new file mode 100644 +index 0000000..3788ec5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/SLES/installation.yml +@@ -0,0 +1,62 @@ ++--- ++#- name: Enable Debugging ++# debug: ++# verbosity: "{{ debuglevel }}" ++# ++# Reason for noqa: Both yum and dnf support "state: latest" ++- name: Ensure that the system is updated to the latest patchlevel # noqa package-latest ++ ansible.builtin.package: ++ state: latest ++ name: "*" ++ when: sap_hana_preconfigure_update | bool ++ ++# ----------- ++- name: Get contents of /etc/products.d/baseproduct ++ ansible.builtin.stat: ++ path: /etc/products.d/baseproduct ++ register: sles_baseproduct ++ when: ansible_os_family == 'Suse' ++ ++- name: Set fact if baseproduct contains SLES without SLES_SAP ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_run_saptune: false ++ when: ++ - '"SLES_SAP" not in sles_baseproduct.stat.lnk_target' ++ - '"SLES" in sles_baseproduct.stat.lnk_target' ++ - ansible_os_family == 'Suse' ++ ++- name: Output ++ ansible.builtin.debug: ++ msg: ++ - "OS Family: {{ ansible_os_family }}" ++ - "saptune: {{ __sap_hana_preconfigure_run_saptune }}" ++ - "link: {{ sles_baseproduct.stat.lnk_target }}" ++# ----------- ++ ++- name: Prepare saptune ++ when: ++ - __sap_hana_preconfigure_run_saptune ++ block: ++ ++ - name: Ensure saphana pattern is installed ++ community.general.zypper: ++ type: pattern ++ name: sap-hana ++ state: present ++ force: true ++ ++ - name: Ensure saptune is installed ++ community.general.zypper: ++ type: package ++ name: "saptune={{ sap_hana_preconfigure_saptune_version }}" ++ state: present ++ force: true ++ ++- name: Ensure sapconf is installed ++ community.general.zypper: ++ type: package ++ name: "sapconf" ++ state: present ++ force: true ++ when: ++ - not __sap_hana_preconfigure_run_saptune +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/main.yml +new file mode 100644 +index 0000000..0878036 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/main.yml +@@ -0,0 +1,57 @@ ++--- ++ ++- name: Display the role path ++ ansible.builtin.debug: ++ var: role_path ++ ++- name: Include OS specific vars ++ ansible.builtin.include_vars: '{{ item }}' ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' ++ - '{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml' ++ - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' ++ - '{{ ansible_os_family }}.yml' ++ ++- name: Set filename prefix to empty string if role is run in normal mode ++ ansible.builtin.set_fact: ++ assert_prefix: "" ++ when: not sap_hana_preconfigure_assert | d(false) ++ ++- name: Prepend filename with assert string if role is run in assert mode ++ ansible.builtin.set_fact: ++ assert_prefix: "assert-" ++ when: sap_hana_preconfigure_assert | d(false) ++ ++- name: Examine the OS minor version ++ ansible.builtin.set_fact: ++ __sap_hana_preconfigure_fact_ansible_distribution_minor_version: '{{ ansible_distribution_version.split(".")[1] }}' ++ when: ansible_distribution == 'RedHat' ++ ++# required for installation and configuration tasks: ++- name: Gather package facts ++ ansible.builtin.package_facts: ++ ++- name: Display the content of sap_general_preconfigure_fact_reboot_required ++ ansible.builtin.debug: ++ var: sap_general_preconfigure_fact_reboot_required ++ ++- name: Include installation.yml ++ ansible.builtin.include_tasks: '{{ item }}/{{ assert_prefix }}installation.yml' ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_installation | d(false) ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}' ++ - '{{ ansible_distribution }}' ++ ++- name: Gather package facts again after the installation phase ++ ansible.builtin.package_facts: ++ ++- name: Include configuration.yml ++ ansible.builtin.include_tasks: '{{ item }}/{{ assert_prefix }}configuration.yml' ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_configuration | d(false) ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}' ++ - '{{ ansible_distribution }}' ++ ++# allow a reboot at the end of the preconfigure role ++- name: Flush handlers ++ ansible.builtin.meta: flush_handlers +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1275776/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1275776/configuration.yml +new file mode 100644 +index 0000000..8676472 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1275776/configuration.yml +@@ -0,0 +1,32 @@ ++--- ++ ++# - name: "1275776 - Tips & Advice (start sapconf)" ++# ansible.builtin.service: ++# name: sapconf ++# enabled: true ++# state: started ++ ++- name: "1275776 - Configuration saptune" ++ ansible.builtin.command: "saptune daemon start" ++ register: __sap_hana_preconfigure_register_saptune_daemon ++ changed_when: __sap_hana_preconfigure_register_saptune_daemon.rc == 0 ++ ++- name: "1275776 - Configuration saptune sap note 2382421" ++ ansible.builtin.command: "saptune note apply 2382421" ++ register: __sap_hana_preconfigure_register_saptune_2382421 ++ changed_when: __sap_hana_preconfigure_register_saptune_2382421.rc == 0 ++ ++- name: "1275776 - Configuration saptune sap note 2578899" ++ ansible.builtin.command: "saptune note apply 2578899" ++ register: __sap_hana_preconfigure_register_saptune_2578899 ++ changed_when: __sap_hana_preconfigure_register_saptune_2578899.rc == 0 ++ ++- name: "1275776 - Configuration saptune sap note 2684254" ++ ansible.builtin.command: "saptune note apply 2684254" ++ register: __sap_hana_preconfigure_register_saptune_2684254 ++ changed_when: __sap_hana_preconfigure_register_saptune_2684254.rc == 0 ++ ++- name: "1275776 - Configuration saptune sap note 941735" ++ ansible.builtin.command: "saptune note apply 941735" ++ register: __sap_hana_preconfigure_register_saptune_941735 ++ changed_when: __sap_hana_preconfigure_register_saptune_941735.rc == 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1275776/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1275776/installation.yml +new file mode 100644 +index 0000000..4a6ef5b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1275776/installation.yml +@@ -0,0 +1,4 @@ ++--- ++- name: 1275776 - Installation saptune ++ ansible.builtin.package: ++ name: "saptune" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1944799/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1944799/configuration.yml +new file mode 100644 +index 0000000..ed97d53 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1944799/configuration.yml +@@ -0,0 +1 @@ ++--- +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1944799/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1944799/installation.yml +new file mode 100644 +index 0000000..6288c9f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/1944799/installation.yml +@@ -0,0 +1,48 @@ ++--- ++# base pattern defined in installation pdf ++# sap-hana and sap_server added by SVA (Thomas Bludau) ++ ++# show zypper patterns ++- name: "1944799 - PDF 8.1 Package List Pattern Also 3.5 Software selection" ++ ansible.builtin.package: ++ name: "{{ packages }}" ++ type: pattern ++ vars: ++ packages: ++ - gnome_basic ++ - base ++ - enhanced_base ++ - apparmor ++ - 32bit ++ - yast2_basis ++ - sw_management ++ - fonts ++ - x11 ++ - sap-hana ++ - sap_server ++ ++# Requires SLE-Module-Legacy15 Module ++- name: "1944799 - PDF 8.1 Package List Packages (SLE-Module-Legacy15)" ++ ansible.builtin.package: ++ name: "{{ packages }}" ++ type: package ++ vars: ++ packages: ++ - libssh2-1 ++ - libopenssl1_1 ++ - libstdc++6 ++ - libatomic1 ++ - libgcc_s1 ++ - libltdl7 ++ - insserv ++ - numactl ++ - system-user-uuidd ++ - unzip ++ ++- name: 1944799 - Install recommended packages ++ ansible.builtin.package: ++ name: "{{ packages }}" ++ type: package ++ vars: ++ packages: ++ - tcsh +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2009879.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2009879.yml +new file mode 100644 +index 0000000..e2d4732 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2009879.yml +@@ -0,0 +1,36 @@ ++--- ++# OS RELEASE: RHEL 6.x, 7.x ++# Check EUS Channels ++# https://launchpad.support.sap.com/#/notes/2009879 ++# ++# This SAP Note Contains the general installation guides for all RHEL systems in PDF format ++# We include the release specific stuff here ++# ++ ++# Todo: move repo checking to RedHat/installation.yml ++# Disable for now, as there is no support for ppc64le ++#- name: Check for EUS or E4S repository ++# shell: | ++# yum repolist | awk ' ++# BEGIN {a=0} ++# /rhel-{{ ansible_distribution_major_version }}-server-e[4u]s-rpms/ {a++} ++# /rhel-sap-hana-for-rhel-{{ ansible_distribution_major_version }}-server-e[4u]s-rpms/ {a++} ++# END {print a}' ++# register: sap_hana_preconfigure_register_eus ++# changed_when: false ++ ++#- name: Output warning ++# debug: ++# msg: "We could not recognize the correct RHEL repositories for SAP HANA. Please make sure you the proper EUS or E4S repositories available" ++# when: ++# - sap_hana_preconfigure_register_eus.stdout != "2" ++# ignore_errors: true ++ ++### Package installation is done in installation.yml ++ ++- name: Configure - Display SAP note number 2009879 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2009879$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2009879$') | first).version }}): SAP HANA Guidelines for RHEL 7 (pdf)" ++ ++- name: Include 2009879_X.yml ++ ansible.builtin.include_tasks: 2009879_{{ ansible_distribution_major_version }}.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2009879_7.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2009879_7.yml +new file mode 100644 +index 0000000..3c26765 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2009879_7.yml +@@ -0,0 +1,143 @@ ++--- ++# OS RELEASE: RHEL 7.x ++# Check EUS Channels ++# https://launchpad.support.sap.com/#/notes/2009879 ++# ++# This SAP Note Contains the general installation guides for all RHEL 7.x systems in PDF format ++# ++# Some of these tasks are documented already in SAP NOTE 2292690 ++# See comments ++# ++ ++### 3.1 - Basic OS installation is a prerequisite ++### 3.2 - Additional Package installation is done in the installation.yml file ++### 3.3 - Hostname - is an SAP generic setting, already done with SAP Note 2002167 (sap_general_preconfigure) ++### 3.4 - NTP/Chrony - is a generic SAP requirement, needs to be done by linux-system-roles.timesync ++### 3.5 - Configure Storage - out of scooe, have a look at linux-system-roles.storage ++### 3.6 - Activate SAP HANA specific tuned profile -> SAP Note 2292690 ++### 3.7 - Disable SE Linux -> SAP Note 2292690, SAP NOTE 2002167 ++### 3.8 - Disable Numa Balancing -> SAP Note 2292690 ++ ++### 3.9 - Create the compatibility links for HANA ++- name: Create compatibility links ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_9 | d(false) ++ block: ++ ++ - name: 3.9 create compatibility links for RHEL 7.2 ++ ansible.builtin.file: ++ src: /usr/lib64/{{ line_item.src }} ++ dest: /usr/lib64/{{ line_item.dest }} ++ state: link ++ with_items: ++ - {src: 'libssl.so.1.0.1e', dest: 'libssl.so.1.0.1'} ++ - {src: 'libcrypto.so.1.0.1e', dest: 'libcrypto.so.1.0.1'} ++ when: (ansible_distribution_version == '7.2') ++ loop_control: ++ loop_var: line_item ++ ++ - name: 3.9 create compatibility links for RHEL 7.3+ ++ ansible.builtin.file: ++ src: /usr/lib64/{{ line_item.src }} ++ dest: /usr/lib64/{{ line_item.dest }} ++ state: link ++ with_items: ++ - {src: 'libssl.so.10', dest: 'libssl.so.1.0.1'} ++ - {src: 'libcrypto.so.10', dest: 'libcrypto.so.1.0.1'} ++ when: (ansible_distribution_version != '7.2') ++ loop_control: ++ loop_var: line_item ++ ++### 3.10 - THP -> SAP Note 2292690 ++### 3.11 - CPU Governor for performance -> TunedProfile -> SAP Note 2292690 ++### 3.12 - Processor C-States for x86_64 -> SAP Note 2292690 ++ ++### Set by HANA installer ++#- name: Configure - Increase file handles to 32800 for sapsys group ++# pam_limits: ++# dest: /etc/security/limits.d/99-sapsys.conf ++# domain: "@sapsys" ++# limit_item: nofile ++# limit_type: "{{ line_item }}" ++# value: 32800 ++# with_items: ++# - soft ++# - hard ++# loop_control: ++# loop_var: line_item ++ ++### 3.13 - set number of process to unlimited for sapsys group ++# now in role sap_general_preconfigure ++#- name: 3.13 Set the hard and soft limit for the max number of processes per user (nproc) to unlimited for group sapsys ++# pam_limits: ++# dest: /etc/security/limits.d/99-sap.conf ++# domain: "@sapsys" ++# limit_item: nproc ++# limit_type: "{{ line_item }}" ++# value: unlimited ++# with_items: ++# - hard ++# - soft ++# loop_control: ++# loop_var: line_item ++# when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2009879_3_13|d(false) ++ ++### 3.14 - Disable abrt ++- name: Step 3.14 - Disable abrt ++ ansible.builtin.include_tasks: ../RedHat/generic/disable-abrtd.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_14_1 | d(false) ++ ++- name: Step 3.14 - Disable abrt-ccpp ++ ansible.builtin.include_tasks: ../RedHat/generic/disable-abrt-ccpp.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_14_2 | d(false) ++ ++### 3.14 - Disable core dumps ++- name: Step 3.14 - Disable core dumps ++ ansible.builtin.include_tasks: ../RedHat/generic/disable-coredumps.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_14_3 | d(false) ++ ++### 3.14 - Disable kdump ++- name: Step 3.14 - Disable kdump ++ ansible.builtin.include_tasks: ../RedHat/generic/disable-kdump.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_14_4 | d(false) ++ ++### 3.15 - Disable Firewalld ++### Firewall Settings can only be done if SAP instance ID is known, ++### otherwise disable firewall ++### NYI: Set proper firewall rules if SID/instance number is known ++### ++- name: Step 3.15 - Disable firewalld ++ ansible.builtin.include_tasks: ../RedHat/generic/disable-firewalld.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_15 | d(false) ++ ++### Firewall Calculation for SID=xx ++################################################################## ++# Schema | Description ++# ---------------------------+------------------------------------ ++# 3xx09 | Administration port for SAP HANA ++# 1128 - 1129, 5xx13 - 5xx14 | SAP HANA Studio ++# 43xx, 80xx | Company Network ++# 3xx15, 3xx17 | SAP HANA Studio + Replication ++# ++# NYI: Create this service in case SID is defined ++# ++# example file for SID=99, but what to replace for destination ?? ++# Maybe this could be moved to hana-deploy ! ++# ++# ++# ++# SAP HANA ++# Firewall rules for SAP HANA ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml +new file mode 100644 +index 0000000..5050ac3 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml +@@ -0,0 +1,70 @@ ++--- ++# OS RELEASE: RHEL 7 ++# Platform: PPC64LE ++# SAP Note: 2055470 ++# https://launchpad.support.sap.com/#/notes/2055470 ++# The SAP Note points to http://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP102502 ++ ++# On the above page you will find more PDF documents, the following is used in this config file: ++# Configuring your Network for SAP HANA (Ethernet connectivity): ++# http://www-03.ibm.com/support/techdocs/atsmastr.nsf/5cb5ed706d254a8186256c71006d2e0a/c32b40501f4f76c886257de0004fa1d4/$FILE/ ++# Network_Configuration_for_HANA_Workloads_on_IBM_Power_Servers_V4.pdf ++ ++- name: Perform configuration changes for ppc64le ++ when: ansible_architecture == 'ppc64le' ++ block: ++ ++ - name: Configure - Display SAP note number 2055470 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2055470$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2055470$') | first).version }}): SAP HANA on POWER settings" ++ ++# Reason for noqa: Failing early can cause unpredictable outputs. ++ - name: Ensure MTU size is 9000 on all interfaces # noqa risky-shell-pipe ++ ansible.builtin.shell: | ++ mtu=$(nmcli conn show {{ line_item }} | grep 802-3-ethernet.mtu | awk -F: '{printf("%d", $2)}') ++ if [ "$mtu" != "9000" ]; then ++ nmcli conn mod {{ line_item }} 802-3-ethernet.mtu "9000" ++ ip link set mtu 9000 dev {{ line_item }} ++ else ++ exit 90 ++ fi ++ register: __sap_hana_preconfigure_register_ibm_mtusize ++ changed_when: __sap_hana_preconfigure_register_ibm_mtusize is success ++ failed_when: __sap_hana_preconfigure_register_ibm_mtusize.rc > 0 and __sap_hana_preconfigure_register_ibm_mtusize.rc != 90 ++ with_items: "{{ sap_hana_preconfigure_ppcle_mtu9000_if }}" ++ when: not ((sap_hana_preconfigure_ppcle_mtu9000_if is undefined) or (sap_hana_preconfigure_ppcle_mtu9000_if is none) or (sap_hana_preconfigure_ppcle_mtu9000_if | trim | length == 0)) ++ loop_control: ++ loop_var: line_item ++ ++# This only works if interfacename=device name, otherwise it fails ++ - name: Add largesend options to interfaces ++ ansible.builtin.lineinfile: ++ path: /etc/sysconfig/network-scripts/ifcfg-{{ line_item }} ++ regexp: '^ETHTOOL_OPTIONS_tso=' ++ line: ETHTOOL_OPTIONS_tso='-K iface tso on' ++ with_items: "{{ sap_hana_preconfigure_ppcle_tso_if }}" ++ when: not ((sap_hana_preconfigure_ppcle_tso_if is undefined) or (sap_hana_preconfigure_ppcle_tso_if is none) or (sap_hana_preconfigure_ppcle_tso_if | trim | length == 0)) ++ loop_control: ++ loop_var: line_item ++ ignore_errors: true ++ ++ - name: Add largesend kernel parameters for ppc64le ++ ansible.builtin.lineinfile: ++ path: /etc/sysctl.d/ibm_largesend.conf ++ create: yes ++ mode: 0644 ++ regexp: ^{{ line_item.name }}.* ++ line: "{{ line_item.name }}={{ line_item.value }}" ++ state: present ++ with_items: "{{ sap_hana_preconfigure_kernel_parameters_ppc64le }}" ++ loop_control: ++ loop_var: line_item ++ ++# Reason for noqa: We unconditionally reload the kernel parameters without first checking the current values ++ - name: Reload kernel parameters from file '/etc/sysctl.d/ibm_largesend.conf' # noqa no-changed-when ++ ansible.builtin.command: sysctl -p /etc/sysctl.d/ibm_largesend.conf ++ register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output ++ ++ - name: Display largesend kernel parameters ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output.stdout_lines +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690.yml +new file mode 100644 +index 0000000..6a11dd0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690.yml +@@ -0,0 +1,42 @@ ++--- ++- name: Configure - Display SAP note number 2292690 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2292690$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2292690$') | first).version }}): SAP HANA settings for RHEL 7" ++ ++- name: Import tasks from '2292690/01-configure-tuned.yml' ++ ansible.builtin.import_tasks: 2292690/01-configure-tuned.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_01|d(false) ++ ++- name: Import tasks from '2292690/02-turn-off-auto-numa-balancing.yml' ++ ansible.builtin.import_tasks: 2292690/02-turn-off-auto-numa-balancing.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_02|d(false) ++ ++- name: Import tasks from '2292690/03-disable-thp.yml' ++ ansible.builtin.import_tasks: 2292690/03-disable-thp.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_03|d(false) ++ ++- name: Import tasks from '2292690/04-configure-c-states-for-lower-latency.yml' ++ ansible.builtin.import_tasks: 2292690/04-configure-c-states-for-lower-latency.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_04|d(false) ++ ++- name: Import tasks from '2292690/05-configure-cpu-governor.yml' ++ ansible.builtin.import_tasks: 2292690/05-configure-cpu-governor.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_05|d(false) ++ ++- name: Import tasks from '2292690/06-configure-epb.yml' ++ ansible.builtin.import_tasks: 2292690/06-configure-epb.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_06|d(false) ++ ++- name: Import tasks from '2292690/07-disable-ksm.yml' ++ ansible.builtin.import_tasks: 2292690/07-disable-ksm.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_07|d(false) ++ ++# Step 8: SELinux is already configured in role sap_general_preconfigure. ++ ++- name: Import tasks from '2292690/09-check-etc-sudoers.yml' ++ ansible.builtin.import_tasks: 2292690/09-check-etc-sudoers.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_09|d(false) ++ ++- name: Import tasks from '2292690/10-ibm-energyscale.yml' ++ ansible.builtin.import_tasks: 2292690/10-ibm-energyscale.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_10|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-assert-tuned.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-assert-tuned.yml +new file mode 100644 +index 0000000..a83b902 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-assert-tuned.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2292690-1 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 1: Configure tuned to use profile sap-hana" ++ ++- name: Import ../../RedHat/generic/assert-tuned.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-tuned.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-configure-tuned.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-configure-tuned.yml +new file mode 100644 +index 0000000..cd1a6d9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/01-configure-tuned.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2292690-1 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 1: Configure tuned to use profile sap-hana" ++ ++- name: Import ../../RedHat/generic/configure-tuned.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-tuned.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-assert-auto-numa-balancing.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-assert-auto-numa-balancing.yml +new file mode 100644 +index 0000000..e3296d0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-assert-auto-numa-balancing.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" ++- name: Assert 2292690-2 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 2: Turn off auto-numa balancing" ++ ++- name: Import ../../RedHat/generic/assert-auto-numa-balancing.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-auto-numa-balancing.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-turn-off-auto-numa-balancing.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-turn-off-auto-numa-balancing.yml +new file mode 100644 +index 0000000..aabf98d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/02-turn-off-auto-numa-balancing.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" ++- name: Configure 2292690-2 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 2: Turn off auto-numa balancing" ++ ++- name: Import ../../RedHat/generic/turn-off-auto-numa-balancing.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/turn-off-auto-numa-balancing.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-assert-thp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-assert-thp.yml +new file mode 100644 +index 0000000..9935ea6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-assert-thp.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" ++- name: Assert 2292690-3 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 3: Disable Transparent Hugepages (THP)" ++ ++- name: Import ../../RedHat/generic/assert-thp.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-thp.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-disable-thp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-disable-thp.yml +new file mode 100644 +index 0000000..7f4e24d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/03-disable-thp.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" ++- name: Configure 2292690-3 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 3: Disable Transparent Hugepages (THP)" ++ ++- name: Import ../../RedHat/generic/disable-thp.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-thp.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-assert-c-states-for-lower-latency.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-assert-c-states-for-lower-latency.yml +new file mode 100644 +index 0000000..5481358 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-assert-c-states-for-lower-latency.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "force_latency=70" ++- name: Assert 2292690-4 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 4: Configure C-States for lower latency (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-c-states-for-lower-latency.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-c-states-for-lower-latency.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-configure-c-states-for-lower-latency.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-configure-c-states-for-lower-latency.yml +new file mode 100644 +index 0000000..fb3b5f7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/04-configure-c-states-for-lower-latency.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "force_latency=70" ++- name: Configure 2292690-4 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 4: Configure C-States for lower latency (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-c-states-for-lower-latency.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-c-states-for-lower-latency.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-assert-cpu-governor.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-assert-cpu-governor.yml +new file mode 100644 +index 0000000..e2549b6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-assert-cpu-governor.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "governor=performance" ++# in included tuned profile throughput-performance ++- name: Assert 2292690-5 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 5: Configure CPU Governor for performance (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-cpu-governor-for-performance.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-cpu-governor-for-performance.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-configure-cpu-governor.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-configure-cpu-governor.yml +new file mode 100644 +index 0000000..8728d41 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/05-configure-cpu-governor.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "governor=performance" ++# in included tuned profile throughput-performance ++- name: Configure 2292690-5 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 5: Configure CPU Governor for performance (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-cpu-governor-for-performance.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-cpu-governor-for-performance.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-assert-epb.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-assert-epb.yml +new file mode 100644 +index 0000000..032b463 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-assert-epb.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" ++# in included tuned profile throughput-performance ++- name: Assert 2292690-6 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 6: Configure Energy Performance Bias (EPB, x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-epb.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-epb.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-configure-epb.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-configure-epb.yml +new file mode 100644 +index 0000000..a02b2aa +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/06-configure-epb.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" ++# in included tuned profile throughput-performance ++- name: Configure 2292690-6 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 6: Configure Energy Performance Bias (EPB, x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-epb.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-epb.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-assert-ksm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-assert-ksm.yml +new file mode 100644 +index 0000000..886a8af +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-assert-ksm.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2292690-7 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 7: Disable Kernel samepage merging (KSM)" ++ ++- name: Import ../../RedHat/generic/assert-ksm.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-ksm.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-disable-ksm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-disable-ksm.yml +new file mode 100644 +index 0000000..e96f623 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/07-disable-ksm.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2292690-7 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 7: Disable Kernel samepage merging (KSM)" ++ ++- name: Import ../../RedHat/generic/disable-ksm.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-ksm.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-assert-etc-sudoers.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-assert-etc-sudoers.yml +new file mode 100644 +index 0000000..8311241 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-assert-etc-sudoers.yml +@@ -0,0 +1,18 @@ ++--- ++ ++- name: Assert 2292690-9 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 9: Database startup fails with an error message - /etc/sudoers" ++ ++- name: Get contents of /etc/sudoers ++ ansible.builtin.command: grep '^Defaults[ \s]*requiretty' /etc/sudoers ++ register: __sap_hana_preconfigure_register_etc_sudoers_requiretty_assert ++ changed_when: no ++ ignore_errors: yes ++ ++- name: Assert that "Defaults requiretty" is not set in /etc/sudoers ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_etc_sudoers_requiretty_assert is failed ++ fail_msg: "FAIL: The string 'Defaults requiretty' was found in /etc/sudoers!" ++ success_msg: "PASS: The string 'Defaults requiretty' was not found in /etc/sudoers!" ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-check-etc-sudoers.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-check-etc-sudoers.yml +new file mode 100644 +index 0000000..23750c1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/09-check-etc-sudoers.yml +@@ -0,0 +1,12 @@ ++--- ++ ++- name: Configure 2292690-9 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 9: Database startup fails with an error message - /etc/sudoers" ++ ++- name: Ensure "Defaults requiretty" is not set in /etc/sudoers ++ ansible.builtin.lineinfile: ++ path: /etc/sudoers ++ state: absent ++ regexp: '^Defaults[ \s]*requiretty' ++ validate: '/usr/sbin/visudo -cf %s' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-assert-ibm-energyscale.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-assert-ibm-energyscale.yml +new file mode 100644 +index 0000000..e2bec31 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-assert-ibm-energyscale.yml +@@ -0,0 +1,23 @@ ++--- ++ ++#### Special recommendations for Power 8 ++- name: Assert 2292690-10 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 10: IBM EnergyScale for POWER8 Processor-Based Systems" ++ ++- name: Check of package pseries-energy ++ when: ansible_architecture == "ppc64le" ++ block: ++ ++# Reason for noqa: In assert mode, we do not enforce a certain configuration. ++ - name: Check if package pseries-energy is not installed # noqa command-instead-of-module ++ ansible.builtin.command: yum info installed pseries-energy ++ register: __sap_hana_preconfigure_register_yum_pseries_energy_assert ++ changed_when: no ++ ignore_errors: yes ++ ++ - name: Assert that package pseries-energy is not installed ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_yum_pseries_energy_assert is failed ++ fail_msg: "FAIL: Package 'pseries-energy' is installed!" ++ success_msg: "PASS: Package 'pseries-energy' is not installed." +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-ibm-energyscale.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-ibm-energyscale.yml +new file mode 100644 +index 0000000..d6f9dfa +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2292690/10-ibm-energyscale.yml +@@ -0,0 +1,12 @@ ++--- ++ ++#### Special recommendations for Power 8 ++- name: Configure 2292690-10 ++ ansible.builtin.debug: ++ msg: "SAP note 2292690 Step 10: IBM EnergyScale for POWER8 Processor-Based Systems" ++ ++- name: Ensure pseries-energy package is not installed ++ ansible.builtin.package: ++ name: pseries-energy ++ state: absent ++ when: ansible_architecture == "ppc64le" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml +new file mode 100644 +index 0000000..e382100 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml +@@ -0,0 +1,75 @@ ++--- ++# SAP Note: 2382421 - Optimizing the Network Configuration on HANA- and OS-Level ++# ++- name: Configure - Display SAP note number 2382421 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2382421$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2382421$') | first).version }}): Recommended network settings for SAP HANA" ++ ++- name: Set kernel tunables as per SAP note 2382421 ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2382421 | d(false) ++ block: ++ ++ - name: Modify entries in file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' ++ ansible.builtin.lineinfile: ++ path: "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" ++ create: yes ++ mode: 0644 ++ regexp: ^{{ line_item.name }}.* ++ line: "{{ line_item.name }}={{ line_item.value }}" ++ state: present ++ with_items: "{{ sap_hana_preconfigure_kernel_parameters }}" ++ loop_control: ++ loop_var: line_item ++ ++ - name: Set net.core.wmem_max and net.core.rmem_max if necessary ++ when: ++ - not sap_hana_preconfigure_use_netapp_settings_nfs | d(false) ++ - not ansible_architecture == 'ppc64le' ++ block: ++ ++ - name: Get the value of net.ipv4.tcp_wmem ++ ansible.builtin.command: sysctl net.ipv4.tcp_wmem ++ check_mode: no ++ register: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem ++ changed_when: no ++ ++ - name: Display the maximum value of net.ipv4.tcp_wmem ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem.stdout.split()[-1] ++ ++ - name: Get the value of net.ipv4.tcp_rmem ++ ansible.builtin.command: sysctl net.ipv4.tcp_rmem ++ check_mode: no ++ register: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem ++ changed_when: no ++ ++ - name: Display the maximum value of net.ipv4.tcp_rmem ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem.stdout.split()[-1] ++ ++ - name: Set net.core.wmem_max to the maximum value of net.ipv4.tcp_wmem if necessary ++ ansible.builtin.lineinfile: ++ path: "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" ++ create: yes ++ mode: 0644 ++ regexp: ^net.core.wmem_max.* ++ line: "net.core.wmem_max={{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem.stdout.split()[-1] }}" ++ state: present ++ ++ - name: Set net.core.rmem_max to the maximum value of net.ipv4.tcp_rmem if necessary ++ ansible.builtin.lineinfile: ++ path: "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" ++ create: yes ++ mode: 0644 ++ regexp: ^net.core.rmem_max.* ++ line: "net.core.rmem_max={{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem.stdout.split()[-1] }}" ++ state: present ++ ++# Reason for noqa: We unconditionally reload the kernel parameters without first checking the current values ++ - name: Reload kernel parameters from file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' # noqa no-changed-when ++ ansible.builtin.command: sysctl -p "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" ++ register: __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output ++ ++ - name: Display kernel parameters for network tuning ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_saphana_conf_sysctl_p_output.stdout_lines +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2578899/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2578899/configuration.yml +new file mode 100644 +index 0000000..fe77ea0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2578899/configuration.yml +@@ -0,0 +1,29 @@ ++--- ++ ++- name: 2588899 - I/O scheduler ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=(?!.* {{ line_item }}).*). *$' ++ line: "\\1 {{ line_item }}\"" ++ with_items: ++ - "elevator=noop" ++ notify: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ansible_architecture == "x86_64" and ansible_os_family == 'Suse' and ansible_distribution_major_version == '15' ++ tags: grubconfig ++ loop_control: ++ loop_var: line_item ++ ++- name: 2578899 - sysstat - monitoring data ++ ansible.builtin.service: ++ name: sysstat ++ enabled: true ++ state: started ++ ++- name: 2578899 - UUID daemon ++ ansible.builtin.service: ++ name: uuidd ++ enabled: true ++ state: started +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2578899/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2578899/installation.yml +new file mode 100644 +index 0000000..11508c4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2578899/installation.yml +@@ -0,0 +1,23 @@ ++--- ++# Requires SLE-Module-Legacy15 Module ++- name: "2578899 - SAP HANA database" ++ ansible.builtin.package: ++ name: "{{ packages }}" ++ type: package ++ vars: ++ packages: ++ - libssh2-1 ++ - libopenssl1_1 ++ ++ ++- name: 2578899 - sysstat - monitoring data ++ ansible.builtin.package: ++ name: "sysstat" ++ ++- name: 2578899 - UUID daemon ++ ansible.builtin.package: ++ name: "uuidd" ++ ++- name: 2578899 - insserv-compat package ++ ansible.builtin.package: ++ name: "insserv-compat" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml +new file mode 100644 +index 0000000..9347d10 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml +@@ -0,0 +1,73 @@ ++--- ++ ++- name: Disable numa_balancing at boot ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=(?!.* {{ line_item }}).*). *$' ++ line: "\\1 {{ line_item }}\"" ++ with_items: ++ - "numa_balancing=disable" ++ notify: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ansible_architecture == "x86_64" and ansible_os_family == 'Suse' and ansible_distribution_major_version == '15' ++ tags: grubconfig ++ loop_control: ++ loop_var: line_item ++ ++- name: Disable transparent hugepages at boot ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=(?!.* {{ line_item }}).*). *$' ++ line: "\\1 {{ line_item }}\"" ++ with_items: ++ - "transparent_hugepage=never" ++ notify: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ansible_architecture == "x86_64" and ansible_os_family == 'Suse' and ansible_distribution_major_version == '15' ++ tags: grubconfig ++ loop_control: ++ loop_var: line_item ++ ++- name: Disable intel c states in grub config ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=(?!.* {{ line_item }}).*). *$' ++ line: "\\1 {{ line_item }}\"" ++ with_items: ++ - "processor.max_cstate=1" ++ - "intel_idle.max_cstate=1" ++ notify: __sap_hana_preconfigure_regenerate_grub2_conf_handler ++ when: ansible_architecture == "x86_64" and ansible_os_family == 'Suse' and ansible_distribution_major_version == '15' ++ tags: grubconfig ++ loop_control: ++ loop_var: line_item ++ ++ ++# Intel Systems only ++# - name: "Configure CPU Governor for Performance now" ++# command: cpupower frequency-set -g performance ++# register: __sap_hana_preconfigure_register_sles15_cpupower_frequency_set ++# ignore_errors: True ++ ++- name: "Energy Performance Bias (EPB, applies to Intel-based systems only)" ++ ansible.builtin.lineinfile: ++ path: /etc/init.d/boot.local ++ mode: 0744 ++ line: 'cpupower set -b 0' ++ state: present ++ create: yes ++ ++- name: Kernel samepage merging (KSM) ++ ansible.builtin.lineinfile: ++ dest: /etc/init.d/boot.local ++ mode: 0744 ++ line: echo 0 > /sys/kernel/mm/ksm/run ++ state: present ++ create: yes +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2684254/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2684254/installation.yml +new file mode 100644 +index 0000000..d2b7ed8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2684254/installation.yml +@@ -0,0 +1,9 @@ ++--- ++# Additional notes for the installation of HANA 1.0 SPS12 and HANA 2.0 SPS03 ++- name: 2777782 - Additional notes for the installation of HANA 1.0 SPS12 and HANA 2.0 SPS03 ++ ansible.builtin.package: ++ name: "{{ packages }}" ++ vars: ++ packages: ++ - libopenssl1_1 ++ - libssh2-1 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml +new file mode 100644 +index 0000000..d504430 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782.yml +@@ -0,0 +1,50 @@ ++--- ++- name: Configure - Display SAP note number 2777782 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2777782$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2777782$') | first).version }}): SAP HANA settings for RHEL 8" ++ ++- name: Import tasks from '2777782/01-configure-selinux.yml' ++ ansible.builtin.import_tasks: 2777782/01-configure-selinux.yml ++ when: ++ - sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_01|d(false) ++ - sap_hana_preconfigure_modify_selinux_labels ++ ++- name: Import tasks from '2777782/02-configure-tuned.yml' ++ ansible.builtin.import_tasks: 2777782/02-configure-tuned.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_02|d(false) ++ ++- name: Import tasks from '2777782/03-disable-abrt-coredumps-kdump.yml' ++ ansible.builtin.import_tasks: 2777782/03-disable-abrt-coredumps-kdump.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_03|d(false) ++ ++- name: Import tasks from '2777782/04-turn-off-auto-numa-balancing.yml' ++ ansible.builtin.import_tasks: 2777782/04-turn-off-auto-numa-balancing.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_04|d(false) ++ ++- name: Import tasks from '2777782/05-disable-thp.yml' ++ ansible.builtin.import_tasks: 2777782/05-disable-thp.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_05|d(false) ++ ++- name: Import tasks from '2777782/06-configure-c-states-for-lower-latency.yml' ++ ansible.builtin.import_tasks: 2777782/06-configure-c-states-for-lower-latency.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_06|d(false) ++ ++- name: Import tasks from '2777782/07-configure-cpu-governor.yml' ++ ansible.builtin.import_tasks: 2777782/07-configure-cpu-governor.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_07|d(false) ++ ++- name: Import tasks from '2777782/08-configure-epb.yml' ++ ansible.builtin.import_tasks: 2777782/08-configure-epb.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_08|d(false) ++ ++- name: Import tasks from '2777782/09-disable-ksm.yml' ++ ansible.builtin.import_tasks: 2777782/09-disable-ksm.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_09|d(false) ++ ++- name: Import tasks from '2777782/10-increase-pidmax.yml' ++ ansible.builtin.import_tasks: 2777782/10-increase-pidmax.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_10|d(false) ++ ++- name: Import tasks from '2777782/11-enable-tsx.yml' ++ ansible.builtin.import_tasks: 2777782/11-enable-tsx.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_11|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-assert-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-assert-selinux.yml +new file mode 100644 +index 0000000..715819c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-assert-selinux.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2777782-1 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 1: Configure SELinux" ++ ++- name: Import ../../RedHat/generic/assert-selinux.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-configure-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-configure-selinux.yml +new file mode 100644 +index 0000000..0aead6a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/01-configure-selinux.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2777782-1 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 1: Configure SELinux" ++ ++- name: Import ../../RedHat/generic/configure-selinux.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-assert-tuned.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-assert-tuned.yml +new file mode 100644 +index 0000000..b61b61b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-assert-tuned.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2777782-2 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 2: Configure tuned to use profile sap-hana" ++ ++- name: Import ../../RedHat/generic/assert-tuned.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-tuned.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-configure-tuned.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-configure-tuned.yml +new file mode 100644 +index 0000000..3cc3f7a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/02-configure-tuned.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2777782-2 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 2: Configure tuned to use profile for SAP HANA" ++ ++- name: Import ../../RedHat/generic/configure-tuned.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-tuned.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-assert-abrt-coredumps-kdump.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-assert-abrt-coredumps-kdump.yml +new file mode 100644 +index 0000000..f995add +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-assert-abrt-coredumps-kdump.yml +@@ -0,0 +1,17 @@ ++--- ++ ++- name: Assert 2777782-3 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 3: Disable ABRT, core dumps, and kdump" ++ ++- name: Import ../../RedHat/generic/assert-abrtd.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-abrtd.yml ++ ++- name: Import ../../RedHat/generic/assert-abrt-ccpp.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-abrt-ccpp.yml ++ ++- name: Import ../../RedHat/generic/assert-coredumps.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-coredumps.yml ++ ++- name: Import ../../RedHat/generic/assert-kdump.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-kdump.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-disable-abrt-coredumps-kdump.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-disable-abrt-coredumps-kdump.yml +new file mode 100644 +index 0000000..738e06f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/03-disable-abrt-coredumps-kdump.yml +@@ -0,0 +1,17 @@ ++--- ++ ++- name: Configure 2777782-3 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 3: Disable ABRT, core dumps, and kdump" ++ ++- name: Import ../../RedHat/generic/disable-abrtd.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-abrtd.yml ++ ++- name: Import ../../RedHat/generic/disable-abrt-ccpp.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-abrt-ccpp.yml ++ ++- name: Import ../../RedHat/generic/disable-coredumps.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-coredumps.yml ++ ++- name: Import ../../RedHat/generic/disable-kdump.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-kdump.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-assert-auto-numa-balancing.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-assert-auto-numa-balancing.yml +new file mode 100644 +index 0000000..e685c46 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-assert-auto-numa-balancing.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" ++- name: Assert 2777782-4 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 4: Turn off auto-numa balancing" ++ ++- name: Import ../../RedHat/generic/assert-auto-numa-balancing.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-auto-numa-balancing.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-turn-off-auto-numa-balancing.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-turn-off-auto-numa-balancing.yml +new file mode 100644 +index 0000000..81d95a4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/04-turn-off-auto-numa-balancing.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" ++- name: Configure 2777782-4 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 4: Turn off auto-numa balancing" ++ ++- name: Import ../../RedHat/generic/turn-off-auto-numa-balancing.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/turn-off-auto-numa-balancing.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-assert-thp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-assert-thp.yml +new file mode 100644 +index 0000000..a7000dd +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-assert-thp.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" ++- name: Assert 2777782-5 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 5: Disable Transparent Hugepages (THP)" ++ ++- name: Import ../../RedHat/generic/assert-thp.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-thp.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml +new file mode 100644 +index 0000000..5ee9178 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/05-disable-thp.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" ++- name: Configure 2777782-5 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 5: Disable Transparent Hugepages (THP)" ++ ++- name: Import ../../RedHat/generic/disable-thp.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-thp.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-assert-c-states-for-lower-latency.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-assert-c-states-for-lower-latency.yml +new file mode 100644 +index 0000000..9ed6cc0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-assert-c-states-for-lower-latency.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "force_latency=70" ++- name: Assert 2777782-6 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 6: Configure C-States for lower latency (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-c-states-for-lower-latency.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-c-states-for-lower-latency.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-configure-c-states-for-lower-latency.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-configure-c-states-for-lower-latency.yml +new file mode 100644 +index 0000000..445a436 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/06-configure-c-states-for-lower-latency.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "force_latency=70" ++- name: Configure 2777782-6 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 6: Configure C-States for lower latency (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-c-states-for-lower-latency.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-c-states-for-lower-latency.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-assert-cpu-governor.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-assert-cpu-governor.yml +new file mode 100644 +index 0000000..8a600b0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-assert-cpu-governor.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "governor=performance" ++# in included tuned profile throughput-performance ++- name: Assert 2777782-7 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 7: Configure CPU Governor for performance (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-cpu-governor-for-performance.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-cpu-governor-for-performance.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-configure-cpu-governor.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-configure-cpu-governor.yml +new file mode 100644 +index 0000000..40d22dc +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/07-configure-cpu-governor.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "governor=performance" ++# in included tuned profile throughput-performance ++- name: Configure 2777782-7 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 7: Configure CPU Governor for performance (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-cpu-governor-for-performance.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-cpu-governor-for-performance.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-assert-epb.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-assert-epb.yml +new file mode 100644 +index 0000000..d7fb09e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-assert-epb.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" ++# in included tuned profile throughput-performance ++- name: Assert 2777782-8 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 8: Configure Energy Performance Bias (EPB, x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-epb.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-epb.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-configure-epb.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-configure-epb.yml +new file mode 100644 +index 0000000..0d6c3a2 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/08-configure-epb.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" ++# in included tuned profile throughput-performance ++- name: Configure 2777782-8 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 8: Configure Energy Performance Bias (EPB, x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-epb.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-epb.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-assert-ksm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-assert-ksm.yml +new file mode 100644 +index 0000000..3393445 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-assert-ksm.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2777782-9 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 9: Disable Kernel samepage merging (KSM)" ++ ++- name: Import ../../RedHat/generic/assert-ksm.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-ksm.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-disable-ksm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-disable-ksm.yml +new file mode 100644 +index 0000000..a9cde0c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/09-disable-ksm.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2777782-9 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 9: Disable Kernel samepage merging (KSM)" ++ ++- name: Import ../../RedHat/generic/disable-ksm.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-ksm.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-assert-pidmax.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-assert-pidmax.yml +new file mode 100644 +index 0000000..3239fb7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-assert-pidmax.yml +@@ -0,0 +1,9 @@ ++--- ++ ++- name: Assert 2777782-10 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 10: Increase kernel.pidmax" ++ ++- name: Notify about where 'kernel.pidmax' is asserted ++ ansible.builtin.debug: ++ msg: "INFO: Kernel parameter 'kernel.pid_max' is already asserted by role 'sap_general_preconfigure' if necessary." +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-increase-pidmax.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-increase-pidmax.yml +new file mode 100644 +index 0000000..9099120 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/10-increase-pidmax.yml +@@ -0,0 +1,9 @@ ++--- ++ ++- name: Configure 2777782-10 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 10: Increase kernel.pidmax" ++ ++- name: Notify about where 'kernel.pid_max' is set ++ ansible.builtin.debug: ++ msg: "Kernel parameter 'kernel.pid_max' is already set by role 'sap_general_preconfigure' if necessary." +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-assert-tsx.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-assert-tsx.yml +new file mode 100644 +index 0000000..bf8e695 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-assert-tsx.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 2777782-11 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 11: Enable TSX (Intel Transactional Synchronization Extensions)" ++ ++- name: Import ../../RedHat/generic/assert-tsx.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-tsx.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-enable-tsx.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-enable-tsx.yml +new file mode 100644 +index 0000000..509e152 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/2777782/11-enable-tsx.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 2777782-11 ++ ansible.builtin.debug: ++ msg: "SAP note 2777782 Step 11: Enable TSX (Intel Transactional Synchronization Extensions)" ++ ++- name: Import ../../RedHat/generic/enable-tsx.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/enable-tsx.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml +new file mode 100644 +index 0000000..c1c3c24 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml +@@ -0,0 +1,42 @@ ++--- ++# SAP Note: 3024346 - Linux Kernel Settings for NetApp NFS ++# ++- name: Configure - Display SAP note number 3024346 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3024346$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3024346$') | first).version }}): Linux kernel settings for NetApp NFS" ++ ++- name: Set kernel tunables for NetApp NFS as per SAP note 3024346 ++ when: ++ - sap_hana_preconfigure_use_netapp_settings_nfs|d(false) ++ - sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3024346|d(false) ++ block: ++ ++ - name: Modify entries in file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' ++ ansible.builtin.lineinfile: ++ path: "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" ++ create: yes ++ mode: 0644 ++ regexp: ^{{ line_item.name }}.* ++ line: "{{ line_item.name }}={{ line_item.value }}" ++ state: present ++ with_items: "{{ __sap_hana_preconfigure_kernel_parameters_netapp_nfs }}" ++ loop_control: ++ loop_var: line_item ++ ++# Reason for noqa: We unconditionally reload the kernel parameters without first checking the current values ++ - name: Reload kernel parameters from file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' # noqa no-changed-when ++ ansible.builtin.command: sysctl -p "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" ++ register: __sap_hana_preconfigure_register_netapp_sysctl_p_output ++ ++ - name: Display kernel parameters for NetApp NFS ++ ansible.builtin.debug: ++ var: __sap_hana_preconfigure_register_netapp_sysctl_p_output.stdout_lines ++ ++ - name: Set kernel tunable for NFSv3 as per SAP note 3024346 ++ ansible.builtin.lineinfile: ++ path: /etc/modprobe.d/sunrpc.conf ++ create: yes ++ mode: 0644 ++ regexp: '^options sunrpc tcp_max_slot_table_entries' ++ line: options sunrpc tcp_max_slot_table_entries=128 ++ when: sap_hana_preconfigure_use_netapp_settings_nfsv3 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml +new file mode 100644 +index 0000000..a8a33b7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml +@@ -0,0 +1,50 @@ ++--- ++- name: Configure - Display SAP note number 3108302 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).version }}): SAP HANA settings for RHEL 8" ++ ++- name: Import tasks from '3108302/01-configure-selinux.yml' ++ ansible.builtin.import_tasks: 3108302/01-configure-selinux.yml ++ when: ++ - sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_01|d(false) ++ - sap_hana_preconfigure_modify_selinux_labels ++ ++- name: Import tasks from '3108302/02-configure-tuned.yml' ++ ansible.builtin.import_tasks: 3108302/02-configure-tuned.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_02|d(false) ++ ++- name: Import tasks from '3108302/03-disable-abrt-coredumps-kdump.yml' ++ ansible.builtin.import_tasks: 3108302/03-disable-abrt-coredumps-kdump.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_03|d(false) ++ ++- name: Import tasks from '3108302/04-turn-off-auto-numa-balancing.yml' ++ ansible.builtin.import_tasks: 3108302/04-turn-off-auto-numa-balancing.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_04|d(false) ++ ++- name: Import tasks from '3108302/05-disable-thp.yml' ++ ansible.builtin.import_tasks: 3108302/05-disable-thp.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_05|d(false) ++ ++- name: Import tasks from '3108302/06-configure-c-states-for-lower-latency.yml' ++ ansible.builtin.import_tasks: 3108302/06-configure-c-states-for-lower-latency.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_06|d(false) ++ ++- name: Import tasks from '3108302/07-configure-cpu-governor.yml' ++ ansible.builtin.import_tasks: 3108302/07-configure-cpu-governor.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_07|d(false) ++ ++- name: Import tasks from '3108302/08-configure-epb.yml' ++ ansible.builtin.import_tasks: 3108302/08-configure-epb.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_08|d(false) ++ ++- name: Import tasks from '3108302/09-disable-ksm.yml' ++ ansible.builtin.import_tasks: 3108302/09-disable-ksm.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_09|d(false) ++ ++- name: Import tasks from '3108302/10-increase-pidmax.yml' ++ ansible.builtin.import_tasks: 3108302/10-increase-pidmax.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_10|d(false) ++ ++- name: Import tasks from '3108302/11-enable-tsx.yml' ++ ansible.builtin.import_tasks: 3108302/11-enable-tsx.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_11|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-assert-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-assert-selinux.yml +new file mode 100644 +index 0000000..7113eef +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-assert-selinux.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108302-1 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 1: Configure SELinux" ++ ++- name: Import ../../RedHat/generic/assert-selinux.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-configure-selinux.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-configure-selinux.yml +new file mode 100644 +index 0000000..ec98129 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/01-configure-selinux.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108302-1 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 1: Configure SELinux" ++ ++- name: Import ../../RedHat/generic/configure-selinux.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-selinux.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-assert-tuned.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-assert-tuned.yml +new file mode 100644 +index 0000000..ba91289 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-assert-tuned.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108302-2 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 2: Configure tuned to use profile sap-hana" ++ ++- name: Import ../../RedHat/generic/assert-tuned.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-tuned.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-configure-tuned.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-configure-tuned.yml +new file mode 100644 +index 0000000..e766b63 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/02-configure-tuned.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108302-2 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 2: Configure tuned to use profile for SAP HANA" ++ ++- name: Import ../../RedHat/generic/configure-tuned.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-tuned.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-assert-abrt-coredumps-kdump.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-assert-abrt-coredumps-kdump.yml +new file mode 100644 +index 0000000..86ba780 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-assert-abrt-coredumps-kdump.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108302-3 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 3: Disable kdump" ++ ++- name: Import ../../RedHat/generic/assert-kdump.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-kdump.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-disable-abrt-coredumps-kdump.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-disable-abrt-coredumps-kdump.yml +new file mode 100644 +index 0000000..228a327 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/03-disable-abrt-coredumps-kdump.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108302-3 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 3: Disable kdump" ++ ++- name: Import ../../RedHat/generic/disable-kdump.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-kdump.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-assert-auto-numa-balancing.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-assert-auto-numa-balancing.yml +new file mode 100644 +index 0000000..d3abd86 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-assert-auto-numa-balancing.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" ++- name: Assert 3108302-4 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 4: Turn off auto-numa balancing" ++ ++- name: Import ../../RedHat/generic/assert-auto-numa-balancing.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-auto-numa-balancing.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-turn-off-auto-numa-balancing.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-turn-off-auto-numa-balancing.yml +new file mode 100644 +index 0000000..3250fa0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/04-turn-off-auto-numa-balancing.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "kernel.numa_balancing = 0" ++- name: Configure 3108302-4 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 4: Turn off auto-numa balancing" ++ ++- name: Import ../../RedHat/generic/turn-off-auto-numa-balancing.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/turn-off-auto-numa-balancing.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml +new file mode 100644 +index 0000000..a2d0f88 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-assert-thp.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" ++- name: Assert 3108302-5 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 5: Disable Transparent Hugepages (THP)" ++ ++- name: Import ../../RedHat/generic/assert-thp.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-thp.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml +new file mode 100644 +index 0000000..d280bac +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/05-disable-thp.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "transparent_hugepages=never" ++- name: Configure 3108302-5 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 5: Disable Transparent Hugepages (THP)" ++ ++- name: Import ../../RedHat/generic/disable-thp.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-thp.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-assert-c-states-for-lower-latency.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-assert-c-states-for-lower-latency.yml +new file mode 100644 +index 0000000..fd9171f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-assert-c-states-for-lower-latency.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "force_latency=70" ++- name: Assert 3108302-6 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 6: Configure C-States for lower latency (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-c-states-for-lower-latency.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-c-states-for-lower-latency.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-configure-c-states-for-lower-latency.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-configure-c-states-for-lower-latency.yml +new file mode 100644 +index 0000000..53de721 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/06-configure-c-states-for-lower-latency.yml +@@ -0,0 +1,9 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "force_latency=70" ++- name: Configure 3108302-6 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 6: Configure C-States for lower latency (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-c-states-for-lower-latency.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-c-states-for-lower-latency.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-assert-cpu-governor.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-assert-cpu-governor.yml +new file mode 100644 +index 0000000..5e1c131 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-assert-cpu-governor.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "governor=performance" ++# in included tuned profile throughput-performance ++- name: Assert 3108302-7 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 7: Configure CPU Governor for performance (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-cpu-governor-for-performance.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-cpu-governor-for-performance.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-configure-cpu-governor.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-configure-cpu-governor.yml +new file mode 100644 +index 0000000..ad1fddf +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/07-configure-cpu-governor.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "governor=performance" ++# in included tuned profile throughput-performance ++- name: Configure 3108302-7 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 7: Configure CPU Governor for performance (x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-cpu-governor-for-performance.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-cpu-governor-for-performance.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-assert-epb.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-assert-epb.yml +new file mode 100644 +index 0000000..9263613 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-assert-epb.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" ++# in included tuned profile throughput-performance ++- name: Assert 3108302-8 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 8: Configure Energy Performance Bias (EPB, x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/assert-epb.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-epb.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-configure-epb.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-configure-epb.yml +new file mode 100644 +index 0000000..cfad92a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/08-configure-epb.yml +@@ -0,0 +1,10 @@ ++--- ++ ++# can be configured by tuned profile sap-hana, entry "energy_perf_bias=performance" ++# in included tuned profile throughput-performance ++- name: Configure 3108302-8 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 8: Configure Energy Performance Bias (EPB, x86_64 platform only)" ++ ++- name: Import ../../RedHat/generic/configure-epb.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/configure-epb.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-assert-ksm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-assert-ksm.yml +new file mode 100644 +index 0000000..114b551 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-assert-ksm.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108302-9 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 9: Disable Kernel samepage merging (KSM)" ++ ++- name: Import ../../RedHat/generic/assert-ksm.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-ksm.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-disable-ksm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-disable-ksm.yml +new file mode 100644 +index 0000000..a8416b8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/09-disable-ksm.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108302-9 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 9: Disable Kernel samepage merging (KSM)" ++ ++- name: Import ../../RedHat/generic/disable-ksm.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/disable-ksm.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-assert-pidmax.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-assert-pidmax.yml +new file mode 100644 +index 0000000..6fa9f56 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-assert-pidmax.yml +@@ -0,0 +1,9 @@ ++--- ++ ++- name: Assert 3108302-10 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 10: Increase kernel.pidmax" ++ ++- name: Notify about where 'kernel.pidmax' is asserted ++ ansible.builtin.debug: ++ msg: "INFO: Kernel parameter 'kernel.pid_max' is already asserted by role 'sap_general_preconfigure' if necessary." +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-increase-pidmax.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-increase-pidmax.yml +new file mode 100644 +index 0000000..d4962ae +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/10-increase-pidmax.yml +@@ -0,0 +1,9 @@ ++--- ++ ++- name: Configure 3108302-10 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 10: Increase kernel.pidmax" ++ ++- name: Notify about where 'kernel.pid_max' is set ++ ansible.builtin.debug: ++ msg: "Kernel parameter 'kernel.pid_max' is already set by role 'sap_general_preconfigure' if necessary." +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-assert-tsx.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-assert-tsx.yml +new file mode 100644 +index 0000000..2210cc4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-assert-tsx.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Assert 3108302-11 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 11: Enable TSX (Intel Transactional Synchronization Extensions)" ++ ++- name: Import ../../RedHat/generic/assert-tsx.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/assert-tsx.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-enable-tsx.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-enable-tsx.yml +new file mode 100644 +index 0000000..55ec853 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/3108302/11-enable-tsx.yml +@@ -0,0 +1,8 @@ ++--- ++ ++- name: Configure 3108302-11 ++ ansible.builtin.debug: ++ msg: "SAP note 3108302 Step 11: Enable TSX (Intel Transactional Synchronization Extensions)" ++ ++- name: Import ../../RedHat/generic/enable-tsx.yml ++ ansible.builtin.import_tasks: ../../RedHat/generic/enable-tsx.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879.yml +new file mode 100644 +index 0000000..f57687b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879.yml +@@ -0,0 +1,17 @@ ++--- ++# OS RELEASE: RHEL 6.x, 7.x ++# Check EUS Channels ++# https://launchpad.support.sap.com/#/notes/2009879 ++# ++# This SAP Note Contains the general installation guides for all RHEL systems in PDF format ++# We include the release specific stuff here ++# ++ ++- name: Assert - Display SAP note number 2009879 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2009879$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2009879$') | first).version }}): SAP HANA Guidelines for RHEL 7 (pdf)" ++ ++### Package installation is done in installation.yml ++ ++- name: Import tasks from 'assert-2009879_X.yml' ++ ansible.builtin.include_tasks: assert-2009879_{{ ansible_distribution_major_version }}.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879_7.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879_7.yml +new file mode 100644 +index 0000000..5fe51ca +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2009879_7.yml +@@ -0,0 +1,259 @@ ++--- ++# OS RELEASE: RHEL 7.x ++# Check EUS Channels ++# https://launchpad.support.sap.com/#/notes/2009879 ++# ++# This SAP Note Contains the general installation guides for all RHEL 7.x systems in PDF format ++# ++# Some of these tasks are documented already in SAP NOTE 2292690 ++# See comments ++# ++ ++### 3.1 - Basic OS installation is a prerequisite ++### 3.2 - Additional Package installation is done in the installation.yml file ++### 3.3 - Hostname - is an SAP generic setting, already done with SAP Note 2002167 (sap_general_preconfigure) ++### 3.4 - NTP/Chrony - is a generic SAP requirement, needs to be done by linux-system-roles.timesync ++### 3.5 - Configure Storage - out of scooe, have a look at linux-system-roles.storage ++### 3.6 - Activate SAP HANA specific tuned profile -> SAP Note 2292690 ++### 3.7 - Disable SE Linux -> SAP Note 2292690, SAP NOTE 2002167 ++### 3.8 - Disable Numa Balancing -> SAP Note 2292690 ++ ++### 3.9 - Create the compatibility links for HANA ++- name: Check if required links exist ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_9 | d(false) ++ block: ++ ++ - name: '... in case of RHEL 7.2' ++ when: "ansible_distribution_version == '7.2'" ++ block: ++ ++ - name: RHEL 7.2 - Get info about file /usr/lib64/libssl.so.1.0.1 ++ ansible.builtin.stat: ++ path: /usr/lib64/libssl.so.1.0.1 ++ register: __sap_hana_preconfigure_register_stat_libssl_rhel_72_assert ++ ++ - name: RHEL 7.2 - Assert that file /usr/lib64/libssl.so.1.0.1 exists ++ ansible.builtin.assert: ++ that: __stat_lpbldap.stat.exists ++ fail_msg: "FAIL: File /usr/lib64/libssl.so.1.0.1 does not exist!" ++ success_msg: "PASS: File /usr/lib64/libssl.so.1.0.1 exist." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: RHEL 7.2 - Assert that file /usr/lib64/libssl.so.1.0.1 is a link ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libssl_rhel_72_assert.stat.islnk ++ fail_msg: "FAIL: File /usr/lib64/libssl.so.1.0.1 is not a link!" ++ success_msg: "PASS: File /usr/lib64/libssl.so.1.0.1 is a link." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_libssl_rhel_72_assert.stat.exists ++ ++ - name: RHEL 7.2 - Assert that file /usr/lib64/libssl.so.1.0.1 is a link to /usr/lib64/libssl.so.1.0.1e ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libssl_rhel_72_assert.stat.lnk_target == '/usr/lib64/libssl.so.1.0.1e' ++ fail_msg: "FAIL: File /usr/lib64/libssl.so.1.0.1 is not a link to /usr/lib64/libssl.so.1.0.1e!" ++ success_msg: "PASS: File /usr/lib64/libssl.so.1.0.1 is a link to /usr/lib64/libssl.so.1.0.1e." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_libssl_rhel_72_assert.stat.exists ++ ++ - name: RHEL 7.2 - Get info about file /usr/lib64/libcrypto.so.1.0.1 ++ ansible.builtin.stat: ++ path: /usr/lib64/libcrypto.so.1.0.1 ++ register: __sap_hana_preconfigure_register_stat_libcrypto_rhel_72_assert ++ ++ - name: RHEL 7.2 - Assert that file /usr/lib64/libcrypto.so.1.0.1 exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libcrypto_rhel_72_assert.stat.exists ++ fail_msg: "FAIL: File /usr/lib64/libcrypto.so.1.0.1 does not exist!" ++ success_msg: "PASS: File /usr/lib64/libcrypto.so.1.0.1 exist." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: RHEL 7.2 - Assert that file /usr/lib64/libcrypto.so.1.0.1 exists and is a link ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libcrypto_rhel_72_assert.stat.islnk ++ fail_msg: "FAIL: File /usr/lib64/libcrypto.so.1.0.1 is not a link!" ++ success_msg: "PASS: File /usr/lib64/libcrypto.so.1.0.1 is a link." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_libcrypto_rhel_72_assert.stat.exists ++ ++ - name: RHEL 7.2 - Assert that file /usr/lib64/libcrypto.so.1.0.1 is a link to /usr/lib64/libcrypto.so.1.0.1e ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libcrypto_rhel_72_assert.stat.lnk_target == '/usr/lib64/libcrypto.so.1.0.1e' ++ fail_msg: "FAIL: File /usr/lib64/libcrypto.so.1.0.1 is not a link to /usr/lib64/libcrypto.so.1.0.1e!" ++ success_msg: "PASS: File /usr/lib64/libcrypto.so.1.0.1 is a link to /usr/lib64/libcrypto.so.1.0.1e." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_libcrypto_rhel_72_assert.stat.exists ++ ++ - name: '... in case of RHEL 7.3 and above' ++ when: "ansible_distribution_version != '7.2'" ++ block: ++ ++ - name: Get info about file /usr/lib64/libssl.so.1.0.1 ++ ansible.builtin.stat: ++ path: /usr/lib64/libssl.so.1.0.1 ++ register: __sap_hana_preconfigure_register_stat_libssl_rhel_7_assert ++ ++ - name: Assert that file /usr/lib64/libssl.so.1.0.1 exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libssl_rhel_7_assert.stat.exists ++ fail_msg: "FAIL: File /usr/lib64/libssl.so.1.0.1 does not exist!" ++ success_msg: "PASS: File /usr/lib64/libssl.so.1.0.1 exist." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that file /usr/lib64/libssl.so.1.0.1 is a link ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libssl_rhel_7_assert.stat.islnk ++ fail_msg: "FAIL: File /usr/lib64/libssl.so.1.0.1 is not a link!" ++ success_msg: "PASS: File /usr/lib64/libssl.so.1.0.1 is a link." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_libssl_rhel_7_assert.stat.exists ++ ++ - name: Assert that file /usr/lib64/libssl.so.1.0.1 is a link to /usr/lib64/libssl.so.10 ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libssl_rhel_7_assert.stat.lnk_target == '/usr/lib64/libssl.so.10' ++ fail_msg: "FAIL: File /usr/lib64/libssl.so.1.0.1 is not a link to /usr/lib64/libssl.so.10!" ++ success_msg: "PASS: File /usr/lib64/libssl.so.1.0.1 is a link to /usr/lib64/libssl.so.10." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_libssl_rhel_7_assert.stat.exists ++ ++ - name: Get info about file /usr/lib64/libcrypto.so.1.0.1 ++ ansible.builtin.stat: ++ path: /usr/lib64/libcrypto.so.1.0.1 ++ register: __sap_hana_preconfigure_register_stat_libcrypto_rhel_7_assert ++ ++ - name: Assert that file /usr/lib64/libcrypto.so.1.0.1 exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libcrypto_rhel_7_assert.stat.exists ++ fail_msg: "FAIL: File /usr/lib64/libcrypto.so.1.0.1 does not exist!" ++ success_msg: "PASS: File /usr/lib64/libcrypto.so.1.0.1 exist." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that file /usr/lib64/libcrypto.so.1.0.1 is a link ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libcrypto_rhel_7_assert.stat.islnk ++ fail_msg: "FAIL: File /usr/lib64/libcrypto.so.1.0.1 is not a link!" ++ success_msg: "PASS: File /usr/lib64/libcrypto.so.1.0.1 is a link." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_libcrypto_rhel_7_assert.stat.exists ++ ++ - name: Assert that file /usr/lib64/libcrypto.so.1.0.1 is a link to /usr/lib64/libcrypto.so.10 ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_libcrypto_rhel_7_assert.stat.lnk_target == '/usr/lib64/libcrypto.so.10' ++ fail_msg: "FAIL: File /usr/lib64/libcrypto.so.1.0.1 is not a link to /usr/lib64/libcrypto.so.10!" ++ success_msg: "PASS: File /usr/lib64/libcrypto.so.1.0.1 is a link to /usr/lib64/libcrypto.so.10." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_libcrypto_rhel_7_assert.stat.exists ++ ++### 3.10 - THP -> SAP Note 2292690 ++### 3.11 - CPU Governor for performance -> TunedProfile -> SAP Note 2292690 ++### 3.12 - Processor C-States for x86_64 -> SAP Note 2292690 ++ ++### Set by HANA installer ++#- name: Assert - increase file handles to 32800 for sapsys group ++# pam_limits: ++# dest: /etc/security/limits.d/99-sapsys.conf ++# domain: "@sapsys" ++# limit_item: nofile ++# limit_type: "{{ line_item }}" ++# value: 32800 ++# with_items: ++# - soft ++# - hard ++# loop_control: ++# loop_var: line_item ++ ++### 3.13 - set number of process to unlimited for sapsys group ++# now in role sap_general_preconfigure ++#- name: Assert - 3.13 Set the hard and soft limit for the max number of processes per user (nproc) to unlimited for group sapsys ++# block: ++# - name: Get the hard limit of nproc for group sapsys ++# command: awk '/sapsys/&&/nproc/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf ++# register: awk_nofile_hard_result ++# changed_when: no ++# ++# - name: Assert that the hard limit of nproc is unlimited for group sapsys ++# assert: ++# that: ++# - "awk_nofile_hard_result.stdout == 'unlimited'" ++# fail_msg: "FAIL: The hard limit of nproc is not set to 'unlimited' in /etc/security/limits.d/99-sap.conf!" ++# success_msg: "PASS: The hard limit of nproc is set to 'unlimited' in /etc/security/limits.d/99-sap.conf." ++# ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++# ++# - name: Get the soft limit of nproc for group sapsys ++# command: awk '/sapsys/&&/nproc/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf ++# register: awk_nofile_soft_result ++# changed_when: no ++# ++# - name: Assert that the soft limit of nproc is unlimited for group sapsys ++# assert: ++# that: ++# - "awk_nofile_soft_result.stdout == 'unlimited'" ++# fail_msg: "FAIL: The soft limit of nproc is not set to 'unlimited' in /etc/security/limits.d/99-sap.conf!" ++# success_msg: "PASS: The soft limit of nproc is set to 'unlimited' in /etc/security/limits.d/99-sap.conf." ++# ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++# ++# when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_13 | d(false) ++ ++### 3.14 - Disable abrt ++- name: Step 3.14 - Assert abrt being disabled ++ ansible.builtin.include_tasks: ../RedHat/generic/assert-abrtd.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_14_1 | d(false) ++ ++- name: Step 3.14 - Assert abrt-ccpp being disabled ++ ansible.builtin.include_tasks: ../RedHat/generic/assert-abrt-ccpp.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_14_2 | d(false) ++ ++### 3.14 - Disable core dumps ++- name: Step 3.14 - Assert core dumps being disabled ++ ansible.builtin.include_tasks: ../RedHat/generic/assert-coredumps.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_14_3 | d(false) ++ ++### 3.14 - Disable kdump ++- name: Step 3.14 - Assert kdump being disabled ++ ansible.builtin.include_tasks: ../RedHat/generic/assert-kdump.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_14_4 | d(false) ++ ++### 3.15 - Disable Firewalld ++### Firewall Settings can only be done if SAP instance ID is known, ++### otherwise disable firewall ++### NYI: Set proper firewall rules if SID/instance number is known ++### ++- name: Step 3.15 - Assert firewalld being disabled ++ ansible.builtin.include_tasks: ../RedHat/generic/assert-firewalld.yml ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2009879_3_15 | d(false) ++# - name: 3.15 Ensure firewall is disabled when instance ID unknown ++# service: name=firewalld state=stopped enabled=no ++# ignore_errors: True ++ ++ ++### Firewall Calculation for SID=xx ++################################################################## ++# Schema | Description ++# ---------------------------+------------------------------------ ++# 3xx09 | Administration port for SAP HANA ++# 1128 - 1129, 5xx13 - 5xx14 | SAP HANA Studio ++# 43xx, 80xx | Company Network ++# 3xx15, 3xx17 | SAP HANA Studio + Replication ++# ++# NYI: Create this service in case SID is defined ++# ++# example file for SID=99, but what to replace for destination ?? ++# Maybe this could be moved to hana-deploy ! ++# ++# ++# ++# SAP HANA ++# Firewall rules for SAP HANA ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# ++# +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2055470.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2055470.yml +new file mode 100644 +index 0000000..e160d49 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2055470.yml +@@ -0,0 +1,89 @@ ++--- ++# OS RELEASE: RHEL 7 ++# Platform: PPC64LE ++# SAP Note: 2055470 ++# https://launchpad.support.sap.com/#/notes/2055470 ++# The SAP Note points to http://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP102502 ++ ++# On the above page you will find more PDF documents, the following is used in this config file: ++# Configuring your Network for SAP HANA (Ethernet connectivity): ++# http://www-03.ibm.com/support/techdocs/atsmastr.nsf/5cb5ed706d254a8186256c71006d2e0a/c32b40501f4f76c886257de0004fa1d4/$FILE/ ++# Network_Configuration_for_HANA_Workloads_on_IBM_Power_Servers_V4.pdf ++ ++- name: Assert ppc64le specific settings ++ when: ansible_architecture == 'ppc64le' ++ block: ++ ++ - name: Assert - Display SAP note number 2055470 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2055470$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2055470$') | first).version }}): SAP HANA on POWER settings" ++ ++ - name: Display an info about checking the MTU size ++ ansible.builtin.debug: ++ msg: "WARN: Checking of MTU size==9000 on all interfaces not yet implemented. Please check manually!" ++ ++#- name: ensure MTU size is 9000 on all interfaces ++# shell: | ++# mtu=$(nmcli conn show {{ line_item }} | grep 802-3-ethernet.mtu | awk -F: '{printf("%d", $2)}') ++# if [ "$mtu" != "9000" ]; then ++# nmcli conn mod {{ line_item }} 802-3-ethernet.mtu "9000" ++# ip link set mtu 9000 dev {{ line_item }} ++# else ++# exit 90 ++# fi ++# register: __sap_hana_preconfigure_register_ibm_mtusize_assert ++# changed_when: __sap_hana_preconfigure_register_ibm_mtusize_assert is success ++# failed_when: __sap_hana_preconfigure_register_ibm_mtusize_assert.rc > 0 and __sap_hana_preconfigure_register_ibm_mtusize_assert.rc != 90 ++# with_items: "{{ sap_hana_preconfigure_ppcle_mtu9000_if }}" ++# when: not( (sap_hana_preconfigure_ppcle_mtu9000_if) or ++# ( sap_hana_preconfigure_ppcle_mtu9000_if is none) or ++# (sap_hana_preconfigure_ppcle_mtu9000_if | trim == '') ++# ) ++# loop_control: ++# loop_var: line_item ++ ++# This only works if interfacename=device name, otherwise it fails ++ - name: Display an info about checking largesend options ++ ansible.builtin.debug: ++ msg: "WARN: Checking of largesend options of interface {{ sap_hana_preconfigure_ppcle_tso_if }} not yet implemented. Please check manually!" ++ ++#- name: add largesend options to interface ++# lineinfile: ++# regexp: '^ETHTOOL_OPTIONS_tso=' ++# line: ETHTOOL_OPTIONS_tso='-K iface tso on' ++# path: /etc/sysconfig/network-scripts/ifcfg-{{ line_item }} ++# with_items: "{{ sap_hana_preconfigure_ppcle_tso_if }}" ++# when: not( (sap_hana_preconfigure_ppcle_tso_if) or ( sap_hana_preconfigure_ppcle_tso_if is none) or (sap_hana_preconfigure_ppcle_tso_if | trim == '') ) ++# loop_control: ++# loop_var: line_item ++ ++ - name: Check /etc/sysctl.d/ibm_largesend.conf ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2055470 | d(false) ++ block: ++ ++ - name: Get info about file /etc/sysctl.d/ibm_largesend.conf ++ ansible.builtin.stat: ++ path: /etc/sysctl.d/ibm_largesend.conf ++ register: __sap_hana_preconfigure_register_stat_sysctl_ibm_largesend_conf_assert ++ ++ - name: Assert that file /etc/sysctl.d/ibm_largesend.conf exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_sysctl_ibm_largesend_conf_assert.stat.exists ++ fail_msg: "FAIL: File /etc/sysctl.d/ibm_largesend.conf does not exist!" ++ success_msg: "PASS: File /etc/sysctl.d/ibm_largesend.conf exists." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that file /etc/sysctl.d/ibm_largesend.conf is a regular file ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_sysctl_ibm_largesend_conf_assert.stat.isreg ++ fail_msg: "FAIL: File /etc/sysctl.d/ibm_largesend.conf is not a regular file!" ++ success_msg: "PASS: File /etc/sysctl.d/ibm_largesend.conf is a regular file." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_sysctl_ibm_largesend_conf_assert.stat.exists ++ ++ - name: Get and assert kernel tunables for ppc64le ++ ansible.builtin.include_tasks: ../RedHat/generic/assert-2055470-loop-block.yml ++ loop: "{{ sap_hana_preconfigure_kernel_parameters_ppc64le }}" ++ loop_control: ++ loop_var: line_item ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2055470 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2292690.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2292690.yml +new file mode 100644 +index 0000000..ee14cfd +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2292690.yml +@@ -0,0 +1,42 @@ ++--- ++- name: Assert - Display SAP note number 2292690 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2292690$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2292690$') | first).version }}): SAP HANA settings for RHEL 7" ++ ++- name: Import tasks from '2292690/01-assert-tuned.yml' ++ ansible.builtin.import_tasks: 2292690/01-assert-tuned.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_01|d(false) ++ ++- name: Import tasks from '2292690/02-assert-auto-numa-balancing.yml' ++ ansible.builtin.import_tasks: 2292690/02-assert-auto-numa-balancing.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_02|d(false) ++ ++- name: Import tasks from '2292690/03-assert-thp.yml' ++ ansible.builtin.import_tasks: 2292690/03-assert-thp.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_03|d(false) ++ ++- name: Import tasks from '2292690/04-assert-c-states-for-lower-latency.yml' ++ ansible.builtin.import_tasks: 2292690/04-assert-c-states-for-lower-latency.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_04|d(false) ++ ++- name: Import tasks from '2292690/05-assert-cpu-governor.yml' ++ ansible.builtin.import_tasks: 2292690/05-assert-cpu-governor.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_05|d(false) ++ ++- name: Import tasks from '2292690/06-assert-epb.yml' ++ ansible.builtin.import_tasks: 2292690/06-assert-epb.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_06|d(false) ++ ++- name: Import tasks from '2292690/07-assert-ksm.yml' ++ ansible.builtin.import_tasks: 2292690/07-assert-ksm.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_07|d(false) ++ ++# Step 8: SELinux is already asserted in role sap_general_preconfigure. ++ ++- name: Import tasks from '2292690/09-assert-etc-sudoers.yml' ++ ansible.builtin.import_tasks: 2292690/09-assert-etc-sudoers.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_09|d(false) ++ ++- name: Import tasks from '2292690/10-assert-ibm-energyscale.yml' ++ ansible.builtin.import_tasks: 2292690/10-assert-ibm-energyscale.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2292690_10|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2382421.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2382421.yml +new file mode 100644 +index 0000000..c80adca +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2382421.yml +@@ -0,0 +1,122 @@ ++--- ++# OS RELEASE: RHEL 7 ++# SAP Note: 2382421 - Optimizing the Network Configuration on HANA- and OS-Level ++# ++ ++- name: Assert - Display SAP note number 2382421 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2382421$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2382421$') | first).version }}): Recommended network settings for SAP HANA" ++ ++- name: Check SAP HANA sysctl conf file ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2382421 | d(false) ++ block: ++ ++ - name: Get info about file {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ ansible.builtin.stat: ++ path: "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" ++ register: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert ++ ++ - name: Assert that file {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.exists ++ fail_msg: "FAIL: File {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} does not exist!" ++ success_msg: "PASS: File {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} exists." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that file {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is a regular file ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.isreg ++ fail_msg: "FAIL: File {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is not a regular file!" ++ success_msg: "PASS: File {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is a regular file." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.exists ++ ++- name: Get and assert kernel tunables ++ ansible.builtin.include_tasks: ../RedHat/generic/assert-2382421-loop-block.yml ++ loop: "{{ __sap_hana_preconfigure_kernel_parameters_default }}" ++ loop_control: ++ loop_var: line_item ++ when: sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2382421 | d(false) ++ ++- name: Check net.core.wmem_max and net.core.rmem_max if necessary ++ when: ++ - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_2382421 | d(false) ++ - not sap_hana_preconfigure_use_netapp_settings_nfs | d(false) ++ - not ansible_architecture == 'ppc64le' ++ block: ++ ++ - name: 2382421 - Get the maximum value of net.ipv4.tcp_wmem ++ ansible.builtin.command: sysctl net.ipv4.tcp_wmem ++ register: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_assert ++ changed_when: no ++ ignore_errors: yes ++ ++ - name: Display the maximum value of net.ipv4.tcp_wmem ++ ansible.builtin.debug: ++ msg: "INFO: The maximum value of net.ipv4.tcp_wmem is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_assert.stdout.split()[-1] }}'" ++ ++ - name: 2382421 - Get net.core.wmem_max from {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ ansible.builtin.command: awk 'BEGIN{FS="="}/net.core.wmem_max/{print $NF}' {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ register: __sap_hana_preconfigure_register_sysctl_saphana_conf_wmem_max_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.exists ++ ++ - name: 2382421 - Assert that net.core.wmem_max is set correctly in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_saphana_conf_wmem_max_assert.stdout == __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_assert.stdout.split()[-1] ++ fail_msg: "FAIL: The value of 'net.core.wmem_max' in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is '{{ __sap_hana_preconfigure_register_sysctl_saphana_conf_wmem_max_assert.stdout }}' but the expected value is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_assert.stdout.split()[-1] }}'!" ++ success_msg: "PASS: The value of 'net.core.wmem_max' in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is '{{ __sap_hana_preconfigure_register_sysctl_saphana_conf_wmem_max_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.exists ++ ++ - name: 2382421 - Get the current value of net.core.wmem_max from sysctl ++ ansible.builtin.command: sysctl net.core.wmem_max ++ register: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_max_assert ++ changed_when: no ++ ignore_errors: yes ++ ++ - name: 2382421 - Assert that net.core.wmem_max is set correctly as per sysctl ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_max_assert.stdout.split()[-1] == __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_assert.stdout.split()[-1] ++ fail_msg: "FAIL: The current value of 'net.core.wmem_max as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_max_assert.stdout.split()[-1] }}' but the expected value is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_assert.stdout.split()[-1] }}'!" ++ success_msg: "PASS: The current value of 'net.core.wmem_max' as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_wmem_assert.stdout.split()[-1] }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: 2382421 - Get the maximum value of net.ipv4.tcp_rmem ++ ansible.builtin.command: sysctl net.ipv4.tcp_rmem ++ register: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_assert ++ changed_when: no ++ ignore_errors: yes ++ ++ - name: 2382421 - Display the maximum value of net.ipv4.tcp_rmem ++ ansible.builtin.debug: ++ msg: "INFO: The maximum value of net.ipv4.tcp_rmem is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_assert.stdout.split()[-1] }}'" ++ ++ - name: 2382421 - Get net.core.rmem_max from {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ ansible.builtin.command: awk 'BEGIN{FS="="}/net.core.rmem_max/{print $NF}' {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ register: __sap_hana_preconfigure_register_sysctl_saphana_conf_rmem_max_assert ++ changed_when: no ++ ignore_errors: yes ++ when: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.exists ++ ++ - name: 2382421 - Assert that net.core.rmem_max is set correctly in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_saphana_conf_rmem_max_assert.stdout == __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_assert.stdout.split()[-1] ++ fail_msg: "FAIL: The value of 'net.core.rmem_max' in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is '{{ __sap_hana_preconfigure_register_sysctl_saphana_conf_rmem_max_assert.stdout }}' but the expected value is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_assert.stdout.split()[-1] }}'!" ++ success_msg: "PASS: The value of 'net.core.rmem_max' in {{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }} is '{{ __sap_hana_preconfigure_register_sysctl_saphana_conf_rmem_max_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_stat_sysctl_saphana_conf_assert.stat.exists ++ ++ - name: 2382421 - Get the current value of net.core.rmem_max from sysctl ++ ansible.builtin.command: sysctl net.core.rmem_max ++ register: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_max_assert ++ changed_when: no ++ ignore_errors: yes ++ ++ - name: 2382421 - Assert that net.core.rmem_max is set correctly as per sysctl ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_max_assert.stdout.split()[-1] == __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_assert.stdout.split()[-1] ++ fail_msg: "FAIL: The current value of 'net.core.rmem_max as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_max_assert.stdout.split()[-1] }}' but the expected value is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_assert.stdout.split()[-1] }}'!" ++ success_msg: "PASS: The current value of 'net.core.rmem_max' as per sysctl is '{{ __sap_hana_preconfigure_register_sysctl_ipv4_tcp_rmem_assert.stdout.split()[-1] }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2777782.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2777782.yml +new file mode 100644 +index 0000000..f94d267 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-2777782.yml +@@ -0,0 +1,50 @@ ++--- ++- name: Assert - Display SAP note number 2777782 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2777782$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2777782$') | first).version }}): SAP HANA settings for RHEL 8" ++ ++- name: Import tasks from '2777782/01-assert-selinux.yml' ++ ansible.builtin.import_tasks: 2777782/01-assert-selinux.yml ++ when: ++ - sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_01|d(false) ++ - sap_hana_preconfigure_modify_selinux_labels ++ ++- name: Import tasks from '2777782/02-assert-tuned.yml' ++ ansible.builtin.import_tasks: 2777782/02-assert-tuned.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_02|d(false) ++ ++- name: Import tasks from '2777782/03-assert-abrt-coredumps-kdump.yml' ++ ansible.builtin.import_tasks: 2777782/03-assert-abrt-coredumps-kdump.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_03|d(false) ++ ++- name: Import tasks from '2777782/04-assert-auto-numa-balancing.yml' ++ ansible.builtin.import_tasks: 2777782/04-assert-auto-numa-balancing.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_04|d(false) ++ ++- name: Import tasks from '2777782/05-assert-thp.yml' ++ ansible.builtin.import_tasks: 2777782/05-assert-thp.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_05|d(false) ++ ++- name: Import tasks from '2777782/06-assert-c-states-for-lower-latency.yml' ++ ansible.builtin.import_tasks: 2777782/06-assert-c-states-for-lower-latency.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_06|d(false) ++ ++- name: Import tasks from '2777782/07-assert-cpu-governor.yml' ++ ansible.builtin.import_tasks: 2777782/07-assert-cpu-governor.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_07|d(false) ++ ++- name: Import tasks from '2777782/08-assert-epb.yml' ++ ansible.builtin.import_tasks: 2777782/08-assert-epb.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_08|d(false) ++ ++- name: Import tasks from '2777782/09-assert-ksm.yml' ++ ansible.builtin.import_tasks: 2777782/09-assert-ksm.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_09|d(false) ++ ++- name: Import tasks from '2777782/10-assert-pidmax.yml' ++ ansible.builtin.import_tasks: 2777782/10-assert-pidmax.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_10|d(false) ++ ++- name: Import tasks from '2777782/11-assert-tsx.yml' ++ ansible.builtin.import_tasks: 2777782/11-assert-tsx.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_2777782_11|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-3024346.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-3024346.yml +new file mode 100644 +index 0000000..2ef45b7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-3024346.yml +@@ -0,0 +1,89 @@ ++--- ++# SAP Note: 3024346 - Linux Kernel Settings for NetApp NFS ++# ++ ++- name: Assert - Display SAP note number 3024346 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3024346$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3024346$') | first).version }}): Linux kernel settings for NetApp NFS" ++ ++- name: Check NetApp sysctl conf file for SAP HANA ++ when: ++ - sap_hana_preconfigure_use_netapp_settings_nfs | d(false) ++ - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) ++ block: ++ ++ - name: Get info about file {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} ++ ansible.builtin.stat: ++ path: "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" ++ register: __sap_hana_preconfigure_register_etc_sysctl_netapp_hana_conf_assert ++ ++ - name: Assert that file {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_etc_sysctl_netapp_hana_conf_assert.stat.exists ++ fail_msg: "FAIL: File {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} does not exist!" ++ success_msg: "PASS: File {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} exists." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that file {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} is a regular file ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_etc_sysctl_netapp_hana_conf_assert.stat.isreg ++ fail_msg: "FAIL: File {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} is not a regular file!" ++ success_msg: "PASS: File {{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }} is a regular file." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_etc_sysctl_netapp_hana_conf_assert.stat.exists ++ ++- name: Get and assert kernel tunables for NetApp NFS ++ ansible.builtin.include_tasks: ../RedHat/generic/assert-3024346-loop-block.yml ++ loop: "{{ __sap_hana_preconfigure_kernel_parameters_netapp_nfs }}" ++ loop_control: ++ loop_var: line_item ++ when: ++ - sap_hana_preconfigure_use_netapp_settings_nfs | d(false) ++ - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) ++ ++- name: Check NetApp modprobe conf file for SAP HANA with NFSv3 ++ when: ++ - sap_hana_preconfigure_use_netapp_settings_nfsv3 | d(false) ++ - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) ++ block: ++ ++ - name: Get info about file /etc/modprobe.d/sunrpc.conf ++ ansible.builtin.stat: ++ path: /etc/modprobe.d/sunrpc.conf ++ register: __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert ++ ++ - name: Assert that file /etc/modprobe.d/sunrpc.conf exists ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.exists ++ fail_msg: "FAIL: File /etc/modprobe.d/sunrpc.conf does not exist!" ++ success_msg: "PASS: File /etc/modprobe.d/sunrpc.conf exists." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ ++ - name: Assert that file /etc/modprobe.d/sunrpc.conf is a regular file ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.isreg ++ fail_msg: "FAIL: File /etc/modprobe.d/sunrpc.conf is not a regular file!" ++ success_msg: "PASS: File /etc/modprobe.d/sunrpc.conf is a regular file." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.exists ++ ++- name: Get value of 'options sunrpc tcp_max_slot_table_entries' from /etc/modprobe.d/sunrpc.conf ++ ansible.builtin.command: awk 'BEGIN{FS="="}/options sunrpc tcp_max_slot_table_entries/{print $NF}' /etc/modprobe.d/sunrpc.conf ++ register: __sap_hana_preconfigure_register_tcp_max_slot_table_entries_assert ++ changed_when: no ++ ignore_errors: yes ++ when: ++ - sap_hana_preconfigure_use_netapp_settings_nfsv3 | d(false) ++ - __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.exists ++ - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) ++ ++- name: Assert that 'options sunrpc tcp_max_slot_table_entries' is set correctly in /etc/modprobe.d/sunrpc.conf ++ ansible.builtin.assert: ++ that: __sap_hana_preconfigure_register_tcp_max_slot_table_entries_assert.stdout == '128' ++ fail_msg: "FAIL: The value of 'options sunrpc tcp_max_slot_table_entries' in '/etc/modprobe.d/sunrpc.conf' is '{{ __sap_hana_preconfigure_register_tcp_max_slot_table_entries_assert.stdout }}' but the expected value is '128'!" ++ success_msg: "PASS: The value of 'options sunrpc tcp_max_slot_table_entries' in '/etc/modprobe.d/sunrpc.conf' is '{{ __sap_hana_preconfigure_register_tcp_max_slot_table_entries_assert.stdout }}'." ++ ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - sap_hana_preconfigure_use_netapp_settings_nfsv3 | d(false) ++ - __sap_hana_preconfigure_register_etc_modprobe_sunrpc_conf_assert.stat.exists ++ - sap_hana_preconfigure_config_all | d(true) or sap_hana_preconfigure_3024346 | d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml +new file mode 100644 +index 0000000..770218a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml +@@ -0,0 +1,50 @@ ++--- ++- name: Assert - Display SAP note number 3108302 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).number }} (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).version }}): SAP HANA settings for RHEL 8" ++ ++- name: Import tasks from '3108302/01-assert-selinux.yml' ++ ansible.builtin.import_tasks: 3108302/01-assert-selinux.yml ++ when: ++ - sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_01|d(false) ++ - sap_hana_preconfigure_modify_selinux_labels ++ ++- name: Import tasks from '3108302/02-assert-tuned.yml' ++ ansible.builtin.import_tasks: 3108302/02-assert-tuned.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_02|d(false) ++ ++- name: Import tasks from '3108302/03-assert-abrt-coredumps-kdump.yml' ++ ansible.builtin.import_tasks: 3108302/03-assert-abrt-coredumps-kdump.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_03|d(false) ++ ++- name: Import tasks from '3108302/04-assert-auto-numa-balancing.yml' ++ ansible.builtin.import_tasks: 3108302/04-assert-auto-numa-balancing.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_04|d(false) ++ ++- name: Import tasks from '3108302/05-assert-thp.yml' ++ ansible.builtin.import_tasks: 3108302/05-assert-thp.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_05|d(false) ++ ++- name: Import tasks from '3108302/06-assert-c-states-for-lower-latency.yml' ++ ansible.builtin.import_tasks: 3108302/06-assert-c-states-for-lower-latency.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_06|d(false) ++ ++- name: Import tasks from '3108302/07-assert-cpu-governor.yml' ++ ansible.builtin.import_tasks: 3108302/07-assert-cpu-governor.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_07|d(false) ++ ++- name: Import tasks from '3108302/08-assert-epb.yml' ++ ansible.builtin.import_tasks: 3108302/08-assert-epb.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_08|d(false) ++ ++- name: Import tasks from '3108302/09-assert-ksm.yml' ++ ansible.builtin.import_tasks: 3108302/09-assert-ksm.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_09|d(false) ++ ++- name: Import tasks from '3108302/10-assert-pidmax.yml' ++ ansible.builtin.import_tasks: 3108302/10-assert-pidmax.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_10|d(false) ++ ++- name: Import tasks from '3108302/11-assert-tsx.yml' ++ ansible.builtin.import_tasks: 3108302/11-assert-tsx.yml ++ when: sap_hana_preconfigure_config_all|d(true) or sap_hana_preconfigure_3108302_11|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_7.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_7.yml +new file mode 100644 +index 0000000..3964014 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_7.yml +@@ -0,0 +1,251 @@ ++--- ++ ++# supported RHEL 7 minor releases for SAP HANA: ++__sap_hana_preconfigure_supported_rhel_minor_releases: ++ - "7.6" ++ - "7.7" ++ - "7.9" ++ ++# required repos for RHEL 7: ++__sap_hana_preconfigure_req_repos_redhat_7_6_x86_64: ++ - "rhel-7-server-e4s-rpms" ++ - "rhel-sap-hana-for-rhel-7-server-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_7_6_ppc64le: ++ - "rhel-7-for-power-le-e4s-rpms" ++ - "rhel-sap-hana-for-rhel-7-for-power-le-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_7_7_x86_64: ++ - "rhel-7-server-e4s-rpms" ++ - "rhel-sap-hana-for-rhel-7-server-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_7_7_ppc64le: ++ - "rhel-7-for-power-le-e4s-rpms" ++ - "rhel-sap-hana-for-rhel-7-for-power-le-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_7_8_x86_64: ++ - "rhel-7-server-rpms" ++ - "rhel-sap-hana-for-rhel-7-server-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_7_8_ppc64le: ++ - "rhel-7-for-power-le-rpms" ++ - "rhel-sap-hana-for-rhel-7-for-power-le-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_7_9_x86_64: ++ - "rhel-7-server-rpms" ++ - "rhel-sap-hana-for-rhel-7-server-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_7_9_ppc64le: ++ - "rhel-7-for-power-le-rpms" ++ - "rhel-sap-hana-for-rhel-7-for-power-le-rpms" ++ ++# required SAP notes for RHEL 7: ++__sap_hana_preconfigure_sapnotes_versions_x86_64: ++ - {number: '2009879', version: '28'} ++ - {number: '2292690', version: '38'} ++ - {number: '2382421', version: '40'} ++ - {number: '3024346', version: '3'} ++ ++__sap_hana_preconfigure_sapnotes_versions_ppc64le: ++ - {number: '2009879', version: '28'} ++ - {number: '2055470', version: '85'} ++ - {number: '2292690', version: '38'} ++ - {number: '2382421', version: '40'} ++ - {number: '3024346', version: '3'} ++ ++__sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" ++ ++# In SAP Note 2235581, certain minimal required packages for the different RHEL 7 minor releases are listed. ++# The following will assign them properly to __sap_hana_preconfigure_min_pkgs. ++# If variable __sap_hana_preconfigure_min_packages_VERSION is not defined, ++# variable __sap_hana_preconfigure_min_pkgs will be undefined as well. ++ ++__sap_hana_preconfigure_min_packages_7_2_x86_64: ++ - ['kernel', '3.10.0-327.62.4.el7'] ++ - ['systemd', '219-19.el7_2.4'] ++ ++__sap_hana_preconfigure_min_packages_7_2_ppc64le: ++ - ['kernel', '3.10.0-327.62.4.el7'] ++ - ['systemd', '219-19.el7_2.4'] ++ ++__sap_hana_preconfigure_min_packages_7_3_x86_64: ++ - ['kernel', '3.10.0-514.36.5.el7'] ++ - ['glibc', '2.17-157.el7_3.5'] ++ - ['tuned-profiles-sap-hana', '2.7.1-3.el7_3.3'] ++ ++__sap_hana_preconfigure_min_packages_7_3_ppc64le: ++ - ['kernel', '3.10.0-514.36.5.el7'] ++ - ['glibc', '2.17-157.el7_3.5'] ++ - ['tuned-profiles-sap-hana', '2.7.1-3.el7_3.3'] ++ ++# Attention: SAP note 2812427 requires more recent package kernel-3.10.0-693.58.1, covered by role sap_general_preconfigure ++__sap_hana_preconfigure_min_packages_7_4_x86_64: ++ - ['kernel', '3.10.0-693.11.6.el7'] ++ - ['tuned-profiles-sap-hana', '2.8.0-5.el7_4.2'] ++ ++__sap_hana_preconfigure_min_packages_7_4_ppc64le: ++ - ['kernel', '3.10.0-693.11.6.el7'] ++ - ['tuned-profiles-sap-hana', '2.8.0-5.el7_4.2'] ++ ++__sap_hana_preconfigure_min_packages_7_5_x86_64: ++ ++__sap_hana_preconfigure_min_packages_7_5_ppc64le: ++ ++# Attention: SAP note 2812427 requires more recent package kernel-3.10.0-957.35.1, covered by role sap_general_preconfigure ++__sap_hana_preconfigure_min_packages_7_6_x86_64: ++ - ['kernel', '3.10.0-957.1.3.el7'] ++ ++__sap_hana_preconfigure_min_packages_7_6_ppc64le: ++ - ['kernel', '3.10.0-957.1.3.el7'] ++ ++# SAP note 2292690: ++__sap_hana_preconfigure_min_packages_7_7_x86_64: ++ - ['kernel', '3.10.0-1062.21.1.el7'] ++ ++__sap_hana_preconfigure_min_packages_7_7_ppc64le: ++ - ['kernel', '3.10.0-1062.26.1.el7'] ++ ++__sap_hana_preconfigure_min_packages_7_8_x86_64: ++ ++__sap_hana_preconfigure_min_packages_7_8_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_7_9_x86_64: ++ - ['kernel', '3.10.0-1160.11.1.el7'] ++ ++__sap_hana_preconfigure_min_packages_7_9_ppc64le: ++ - ['kernel', '3.10.0-1160.11.1.el7'] ++ ++__sap_hana_preconfigure_min_pkgs: "{{ lookup('vars', '__sap_hana_preconfigure_min_packages_' + ansible_distribution_version | string | replace(\".\", \"_\") + '_' + ansible_architecture | string) }}" ++ ++__sap_hana_preconfigure_packages: ++# SAP note 2009879: ++ - chrony ++ - xfsprogs ++ - libaio ++ - net-tools ++ - bind-utils ++ - gtk2 ++ - libicu ++ - xulrunner ++ - tcsh ++ - sudo ++ - libssh2 ++ - expect ++ - cairo ++ - graphviz ++ - iptraf-ng ++ - krb5-workstation ++ - krb5-libs ++ - libpng12 ++ - nfs-utils ++ - lm_sensors ++ - rsyslog ++ - openssl ++ - PackageKit-gtk3-module ++ - libcanberra-gtk2 ++ - libtool-ltdl ++ - xorg-x11-xauth ++ - numactl ++ - tuned ++# SAP note 2292690: ++ - tuned-profiles-sap-hana ++ - compat-sap-c++-5 ++# SAP note 2455582: ++ - compat-sap-c++-6 ++# SAP note 2593824: ++ - compat-sap-c++-7 ++ - libatomic ++# Likely required for future HANA 2.0 versions: ++ - compat-sap-c++-9 ++ ++# libtool-ltdl: See https://answers.sap.com/questions/476177/hana-db-installation-ended-with-exit-code-127.html ++# This is required since HANA 2 SPS 03, and so we always install it. ++ ++# URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools ++__sap_hana_preconfigure_ibm_power_repo_url: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' ++ ++# As per https://www14.software.ibm.com/support/customercare/sas/f/lopdiags/home.html : ++__sap_hana_preconfigure_required_ppc64le: ++ - librtas ++ - src ++ - rsct.core.utils ++ - rsct.core ++ - rsct.basic ++ - rsct.opt.storagerm ++ - devices.chrp.base.ServiceRM ++ - DynamicRM ++ - ncurses-libs ++ - readline ++ - sqlite ++ - sg3_utils ++ - libgcc ++ - libstdc++ ++ - zlib ++ - iprutils ++ - lsvpd ++ - libvpd ++ - libservicelog ++ - servicelog ++ - powerpc-utils ++ - powerpc-utils-python ++ - ppc64-diag ++ - IBMinvscout ++ ++# Network related kernel parameters as set in SAP Note 2382421: ++__sap_hana_preconfigure_kernel_parameters_default: ++# The following two parameter should always be set: ++ - {name: net.core.somaxconn, value: 4096} ++ - {name: net.ipv4.tcp_max_syn_backlog, value: 8192} ++# The following two parameters are automatically set by SAP Host Agent ++# - { name: net.ipv4.ip_local_port_range, value: "40000 61000" } ++# - { name: net.ipv4.ip_local_reserved_ports, value: -> SAP NOTE 2477204 } ++# The following two parameters do not work when communicating with hosts behind NAT firewall: ++# - { name: net.ipv4.tcp_tw_reuse, value: 1 } ++# - { name: net.ipv4.tcp_tw_recycle, value: 1 } ++# The following parameter should always be set but might not work on Azure (see SAP Note 2382421): ++ - {name: net.ipv4.tcp_timestamps, value: 1} ++# The following parameter should always be set: ++ - {name: net.ipv4.tcp_slow_start_after_idle, value: 0} ++# Tune the next four parameters for low latency system replication: ++# - { net.ipv4.tcp_wmem, value } ++# - { net.ipv4.tcp_rmem, value } ++# - { net.core.wmem_max, value } ++# - { net.core.rmem_max, value } ++# Should be set correctly already on most systems, according to SAP Note 2382421: ++# - { net.ipv4.tcp_window_scaling, 1 } ++# The following only applies to HANA 1 <= 122.14 and HANA 2 SPS00. ++# So we do not change the default. ++# - { name: net.ipv4.tcp_syn_retries, value: 8 } ++ ++# Network related kernel parameters for ppc64le: ++__sap_hana_preconfigure_kernel_parameters_default_ppc64le: ++ - {name: net.core.rmem_max, value: 56623104} ++ - {name: net.core.wmem_max, value: 56623104} ++ - {name: net.ipv4.tcp_rmem, value: "65536 262088 56623104"} ++ - {name: net.ipv4.tcp_wmem, value: "65536 262088 56623104"} ++ - {name: net.ipv4.tcp_mem, value: "56623104 56623104 56623104"} ++ ++# Network related kernel parameters for NetApp NFS, as set in SAP Note 3024346: ++__sap_hana_preconfigure_kernel_parameters_netapp_nfs: ++ - {name: net.core.rmem_max, value: 16777216} ++ - {name: net.core.wmem_max, value: 16777216} ++ - {name: net.ipv4.tcp_rmem, value: "4096 131072 16777216"} ++ - {name: net.ipv4.tcp_wmem, value: "4096 16384 16777216"} ++ - {name: net.core.netdev_max_backlog, value: 300000} ++# already set in SAP note 2382421: ++# - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 } ++ - {name: net.ipv4.tcp_no_metrics_save, value: 1} ++ - {name: net.ipv4.tcp_moderate_rcvbuf, value: 1} ++ - {name: net.ipv4.tcp_window_scaling, value: 1} ++# already set in SAP note 2382421: ++# - { name: net.ipv4.tcp_timestamps, value: 1 } ++ - {name: net.ipv4.tcp_sack, value: 1} ++ ++# yamllint disable rule:commas rule:colons ++__sap_hana_preconfigure_packages_and_services: ++ abrtd: {pkg: 'abrt', svc: 'abrtd', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ abrt-ccpp: {pkg: 'abrt-addon-ccpp', svc: 'abrt-ccpp', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ numad: {pkg: 'numad', svc: 'numad', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ kdump: {pkg: 'kexec-tools', svc: 'kdump', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ firewalld: {pkg: 'firewalld', svc: 'firewalld', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++# yamllint enable rule:commas rule:colons +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_8.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_8.yml +new file mode 100644 +index 0000000..e878fa1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_8.yml +@@ -0,0 +1,333 @@ ++--- ++ ++# supported RHEL 8 minor releases for SAP HANA: ++__sap_hana_preconfigure_supported_rhel_minor_releases: ++ - "8.0" ++ - "8.1" ++ - "8.2" ++ - "8.4" ++ - "8.6" ++ - "8.8" ++ ++# required repos for RHEL 8: ++__sap_hana_preconfigure_req_repos_redhat_8_0_x86_64: ++ - "rhel-8-for-x86_64-baseos-e4s-rpms" ++ - "rhel-8-for-x86_64-appstream-e4s-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_0_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-8-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_1_x86_64: ++ - "rhel-8-for-x86_64-baseos-e4s-rpms" ++ - "rhel-8-for-x86_64-appstream-e4s-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_1_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-8-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_2_x86_64: ++ - "rhel-8-for-x86_64-baseos-e4s-rpms" ++ - "rhel-8-for-x86_64-appstream-e4s-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_2_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-8-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_3_x86_64: ++ - "rhel-8-for-x86_64-baseos-rpms" ++ - "rhel-8-for-x86_64-appstream-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_3_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-rpms" ++ - "rhel-8-for-ppc64le-appstream-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_4_x86_64: ++ - "rhel-8-for-x86_64-baseos-e4s-rpms" ++ - "rhel-8-for-x86_64-appstream-e4s-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_4_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-8-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_5_x86_64: ++ - "rhel-8-for-x86_64-baseos-rpms" ++ - "rhel-8-for-x86_64-appstream-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_5_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-rpms" ++ - "rhel-8-for-ppc64le-appstream-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_6_x86_64: ++ - "rhel-8-for-x86_64-baseos-e4s-rpms" ++ - "rhel-8-for-x86_64-appstream-e4s-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_6_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-8-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_7_x86_64: ++ - "rhel-8-for-x86_64-baseos-rpms" ++ - "rhel-8-for-x86_64-appstream-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_7_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-rpms" ++ - "rhel-8-for-ppc64le-appstream-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_8_x86_64: ++ - "rhel-8-for-x86_64-baseos-e4s-rpms" ++ - "rhel-8-for-x86_64-appstream-e4s-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_8_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-8-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_9_x86_64: ++ - "rhel-8-for-x86_64-baseos-rpms" ++ - "rhel-8-for-x86_64-appstream-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_9_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-rpms" ++ - "rhel-8-for-ppc64le-appstream-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_10_x86_64: ++ - "rhel-8-for-x86_64-baseos-rpms" ++ - "rhel-8-for-x86_64-appstream-rpms" ++ - "rhel-8-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_8_10_ppc64le: ++ - "rhel-8-for-ppc64le-baseos-rpms" ++ - "rhel-8-for-ppc64le-appstream-rpms" ++ - "rhel-8-for-ppc64le-sap-solutions-rpms" ++ ++# required SAP notes for RHEL 8: ++__sap_hana_preconfigure_sapnotes_versions_x86_64: ++ - {number: '2777782', version: '40'} ++ - {number: '2382421', version: '40'} ++ - {number: '3024346', version: '3'} ++ ++__sap_hana_preconfigure_sapnotes_versions_ppc64le: ++ - {number: '2055470', version: '87'} ++ - {number: '2777782', version: '40'} ++ - {number: '2382421', version: '40'} ++ - {number: '3024346', version: '3'} ++ ++__sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" ++ ++# In SAP Note 2777782, certain minimal required packages for the different RHEL 8 minor releases are listed. ++# The following will assign them properly to __sap_hana_preconfigure_min_pkgs. ++# If variable __sap_hana_preconfigure_min_packages_VERSION_ARCH is not defined, ++# variable __sap_hana_preconfigure_min_pkgs will be undefined as well. ++ ++# Minimum required package levels for RHEL 8.0: ++# Attention: SAP note 2812427 requires more recent package kernel-4.18.0-80.15.1.el8_0 also for x86_64, covered by role sap_general_preconfigure ++__sap_hana_preconfigure_min_packages_8_0_x86_64: ++ ++__sap_hana_preconfigure_min_packages_8_0_ppc64le: ++ - ['kernel', '4.18.0-80.15.1.el8_0'] ++ ++__sap_hana_preconfigure_min_packages_8_1_x86_64: ++ - ['kernel', '4.18.0-147.5.1.el8_1'] ++ ++__sap_hana_preconfigure_min_packages_8_1_ppc64le: ++ - ['kernel', '4.18.0-147.5.1.el8_1'] ++ ++__sap_hana_preconfigure_min_packages_8_2_x86_64: ++ - ['kernel', '4.18.0-193.40.1.el8_2'] ++ ++__sap_hana_preconfigure_min_packages_8_2_ppc64le: ++ - ['kernel', '4.18.0-193.40.1.el8_2'] ++ ++__sap_hana_preconfigure_min_packages_8_3_x86_64: ++ ++__sap_hana_preconfigure_min_packages_8_3_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_8_4_x86_64: ++ - ['kernel', '4.18.0-305.3.1.el8_4'] ++ ++__sap_hana_preconfigure_min_packages_8_4_ppc64le: ++ - ['kernel', '4.18.0-305.17.1.el8_4'] ++ ++__sap_hana_preconfigure_min_packages_8_5_x86_64: ++ ++__sap_hana_preconfigure_min_packages_8_5_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_8_6_x86_64: ++ ++__sap_hana_preconfigure_min_packages_8_6_ppc64le: ++ - ['kernel', '4.18.0-372.32.1.el8_6'] ++ ++__sap_hana_preconfigure_min_packages_8_7_x86_64: ++ ++__sap_hana_preconfigure_min_packages_8_7_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_8_8_x86_64: ++ - ['kernel', '4.18.0-477.13.1.el8_8'] ++ ++__sap_hana_preconfigure_min_packages_8_8_ppc64le: ++ - ['kernel', '4.18.0-477.13.1.el8_8'] ++ ++__sap_hana_preconfigure_min_pkgs: "{{ lookup('vars', '__sap_hana_preconfigure_min_packages_' + ansible_distribution_version | string | replace(\".\", \"_\") + '_' + ansible_architecture) }}" ++ ++__sap_hana_preconfigure_packages: ++# SAP NOTE 2772999: ++ - expect ++# package graphwiz: graph visualization tools, for supportability) ++ - graphviz ++# package iptraf-ng: TCP/IP network monitor, for supportability) ++ - iptraf-ng ++ - krb5-workstation ++ - libatomic ++ - libcanberra-gtk2 ++ - libibverbs ++ - libicu ++# package libpng12: only needed by the SAP HANA 1 installer ++# - libpng12 ++# package libssh2: only needed for scaleout installation of SAP HANA 2.0 before SPS04 rev 48.02 or before SPS05 rev 51 ++# - libssh2 ++# package lm-sensors: TCP/IP network monitor, for supportability) ++ - lm_sensors ++# package nfs-utils: support utilities for NFS, for supportability) ++ - nfs-utils ++ - numactl ++ - PackageKit-gtk3-module ++ - xorg-x11-xauth ++ - bind-utils ++ - cairo ++ - libaio ++ - krb5-libs ++# package net-tools: contains deprecated command line network interface management tools ++ - net-tools ++ - openssl ++ - rsyslog ++ - sudo ++ - xfsprogs ++# package gtk2: only needed if the SAP HANA installation tools hdblcmgui and hdbsetup are used ++ - gtk2 ++ - libtool-ltdl ++# SAP NOTE 2777782: ++ - tuned-profiles-sap-hana ++ ++__sap_hana_preconfigure_packages_min_install: ++# SAP NOTE 2772999: ++ - expect ++# package graphwiz: graph visualization tools, for supportability) ++# - graphviz ++# package iptraf-ng: TCP/IP network monitor, for supportability) ++# - iptraf-ng ++ - krb5-workstation ++ - libatomic ++ - libcanberra-gtk2 ++ - libibverbs ++ - libicu ++# package libpng12: only needed by the SAP HANA 1 installer ++# - libpng12 ++# package libssh2: only needed for scaleout installation of SAP HANA 2.0 before SPS04 rev 48.02 or before SPS05 rev 51 ++# - libssh2 ++# package lm-sensors: TCP/IP network monitor, for supportability) ++# - lm_sensors ++# package nfs-utils: support utilities for NFS, for supportability) ++# - nfs-utils ++ - numactl ++ - PackageKit-gtk3-module ++ - xorg-x11-xauth ++ - bind-utils ++ - cairo ++ - libaio ++ - krb5-libs ++# package net-tools: contains deprecated command line network interface management tools ++# - net-tools ++ - openssl ++ - rsyslog ++ - sudo ++ - xfsprogs ++# package gtk2: only needed if the SAP HANA installation tools hdblcmgui and hdbsetup are used ++# - gtk2 ++ - libtool-ltdl ++# SAP NOTE 2777782: ++ - tuned-profiles-sap-hana ++ ++# URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools ++__sap_hana_preconfigure_ibm_power_repo_url: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' ++ ++__sap_hana_preconfigure_required_ppc64le: ++ - ibm-power-managed-rhel8 ++ ++# Network related kernel parameters as set in SAP Note 2382421: ++__sap_hana_preconfigure_kernel_parameters_default: ++# The following two parameter should always be set: ++ - {name: net.core.somaxconn, value: 4096} ++ - {name: net.ipv4.tcp_max_syn_backlog, value: 8192} ++# The following two parameters are automatically set by SAP Host Agent ++# - { name: net.ipv4.ip_local_port_range, value: "40000 61000" } ++# - { name: net.ipv4.ip_local_reserved_ports, value: -> SAP NOTE 2477204 } ++# The following two parameters do not work when communicating with hosts behind NAT firewall: ++# - { name: net.ipv4.tcp_tw_reuse, value: 1 } ++# - { name: net.ipv4.tcp_tw_recycle, value: 1 } ++# The following parameter should always be set but might not work on Azure (see SAP Note 2382421): ++ - {name: net.ipv4.tcp_timestamps, value: 1} ++# The following parameter should always be set: ++ - {name: net.ipv4.tcp_slow_start_after_idle, value: 0} ++# Tune the next four parameters for low latency system replication: ++# - { net.ipv4.tcp_wmem, value } ++# - { net.ipv4.tcp_rmem, value } ++# - { net.core.wmem_max, value } ++# - { net.core.rmem_max, value } ++# Should be set correctly already on most systems, according to SAP Note 2382421: ++# - { net.ipv4.tcp_window_scaling, 1 } ++# The following only applies to HANA 1 <= 122.14 and HANA 2 SPS00. ++# So we do not change the default. ++# - { name: net.ipv4.tcp_syn_retries, value: 8 } ++ ++# Network related kernel parameters for ppc64le: ++__sap_hana_preconfigure_kernel_parameters_default_ppc64le: ++ - {name: net.core.rmem_max, value: 56623104} ++ - {name: net.core.wmem_max, value: 56623104} ++ - {name: net.ipv4.tcp_rmem, value: "65536 262088 56623104"} ++ - {name: net.ipv4.tcp_wmem, value: "65536 262088 56623104"} ++ - {name: net.ipv4.tcp_mem, value: "56623104 56623104 56623104"} ++ ++# Network related kernel parameters for NetApp NFS, as set in SAP Note 3024346: ++__sap_hana_preconfigure_kernel_parameters_netapp_nfs: ++ - {name: net.core.rmem_max, value: 16777216} ++ - {name: net.core.wmem_max, value: 16777216} ++ - {name: net.ipv4.tcp_rmem, value: "4096 131072 16777216"} ++ - {name: net.ipv4.tcp_wmem, value: "4096 16384 16777216"} ++ - {name: net.core.netdev_max_backlog, value: 300000} ++# already set in SAP note 2382421: ++# - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 } ++ - {name: net.ipv4.tcp_no_metrics_save, value: 1} ++ - {name: net.ipv4.tcp_moderate_rcvbuf, value: 1} ++ - {name: net.ipv4.tcp_window_scaling, value: 1} ++# already set in SAP note 2382421: ++# - { name: net.ipv4.tcp_timestamps, value: 1 } ++ - {name: net.ipv4.tcp_sack, value: 1} ++ ++# yamllint disable rule:commas rule:colons ++__sap_hana_preconfigure_packages_and_services: ++ abrtd: {pkg: 'abrt', svc: 'abrtd', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ abrt-ccpp: {pkg: 'abrt-addon-ccpp', svc: 'abrt-ccpp', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ numad: {pkg: 'numad', svc: 'numad', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ kdump: {pkg: 'kexec-tools', svc: 'kdump', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ firewalld: {pkg: 'firewalld', svc: 'firewalld', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++# yamllint enable rule:commas rule:colons +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_9.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_9.yml +new file mode 100644 +index 0000000..16dc5c7 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/RedHat_9.yml +@@ -0,0 +1,303 @@ ++--- ++ ++# supported RHEL 9 minor releases for SAP HANA: ++__sap_hana_preconfigure_supported_rhel_minor_releases: ++ - "9.0" ++ - "9.2" ++ ++# required repos for RHEL 9: ++__sap_hana_preconfigure_req_repos_redhat_9_0_x86_64: ++ - "rhel-9-for-x86_64-baseos-e4s-rpms" ++ - "rhel-9-for-x86_64-appstream-e4s-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_0_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-9-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_1_x86_64: ++ - "rhel-9-for-x86_64-baseos-rpms" ++ - "rhel-9-for-x86_64-appstream-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_1_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-rpms" ++ - "rhel-9-for-ppc64le-appstream-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_2_x86_64: ++ - "rhel-9-for-x86_64-baseos-e4s-rpms" ++ - "rhel-9-for-x86_64-appstream-e4s-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_2_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-9-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_3_x86_64: ++ - "rhel-9-for-x86_64-baseos-rpms" ++ - "rhel-9-for-x86_64-appstream-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_3_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-rpms" ++ - "rhel-9-for-ppc64le-appstream-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_4_x86_64: ++ - "rhel-9-for-x86_64-baseos-e4s-rpms" ++ - "rhel-9-for-x86_64-appstream-e4s-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_4_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-9-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_5_x86_64: ++ - "rhel-9-for-x86_64-baseos-rpms" ++ - "rhel-9-for-x86_64-appstream-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_5_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-rpms" ++ - "rhel-9-for-ppc64le-appstream-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_6_x86_64: ++ - "rhel-9-for-x86_64-baseos-e4s-rpms" ++ - "rhel-9-for-x86_64-appstream-e4s-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_6_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-9-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_7_x86_64: ++ - "rhel-9-for-x86_64-baseos-rpms" ++ - "rhel-9-for-x86_64-appstream-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_7_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-rpms" ++ - "rhel-9-for-ppc64le-appstream-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_8_x86_64: ++ - "rhel-9-for-x86_64-baseos-e4s-rpms" ++ - "rhel-9-for-x86_64-appstream-e4s-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_8_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-e4s-rpms" ++ - "rhel-9-for-ppc64le-appstream-e4s-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-e4s-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_9_x86_64: ++ - "rhel-9-for-x86_64-baseos-rpms" ++ - "rhel-9-for-x86_64-appstream-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_9_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-rpms" ++ - "rhel-9-for-ppc64le-appstream-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_10_x86_64: ++ - "rhel-9-for-x86_64-baseos-rpms" ++ - "rhel-9-for-x86_64-appstream-rpms" ++ - "rhel-9-for-x86_64-sap-solutions-rpms" ++ ++__sap_hana_preconfigure_req_repos_redhat_9_10_ppc64le: ++ - "rhel-9-for-ppc64le-baseos-rpms" ++ - "rhel-9-for-ppc64le-appstream-rpms" ++ - "rhel-9-for-ppc64le-sap-solutions-rpms" ++ ++# required SAP notes for RHEL 9: ++__sap_hana_preconfigure_sapnotes_versions_x86_64: ++ - {number: '3108302', version: '8'} ++ - {number: '2382421', version: '45'} ++ - {number: '3024346', version: '3'} ++ ++__sap_hana_preconfigure_sapnotes_versions_ppc64le: ++ - {number: '2055470', version: '90'} ++ - {number: '3108302', version: '8'} ++ - {number: '2382421', version: '45'} ++ - {number: '3024346', version: '3'} ++ ++__sap_hana_preconfigure_sapnotes_versions: "{{ lookup('vars', '__sap_hana_preconfigure_sapnotes_versions_' + ansible_architecture) }}" ++ ++# In SAP Note XXX, certain minimal required packages for the different RHEL 9 minor releases are listed. ++# The following will assign them properly to __sap_hana_preconfigure_min_pkgs. ++# If variable __sap_hana_preconfigure_min_packages_VERSION_ARCH is not defined, ++# variable __sap_hana_preconfigure_min_pkgs will be undefined as well. ++ ++# Minimum required package levels for RHEL 9.0: ++__sap_hana_preconfigure_min_packages_9_0_x86_64: ++ - ['kernel', '5.14.0-70.22.1.el9_0'] ++ ++__sap_hana_preconfigure_min_packages_9_0_ppc64le: ++ - ['kernel', '5.14.0-70.43.1.el9_0'] ++ - ['glibc', '2.34-28.el9_0.3'] ++ ++__sap_hana_preconfigure_min_packages_9_1_x86_64: ++ ++__sap_hana_preconfigure_min_packages_9_1_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_9_2_x86_64: ++ - ['kernel', '5.14.0-284.25.1.el9_2'] ++ ++__sap_hana_preconfigure_min_packages_9_2_ppc64le: ++ - ['kernel', '5.14.0-284.25.1.el9_2'] ++ ++__sap_hana_preconfigure_min_packages_9_3_x86_64: ++ ++__sap_hana_preconfigure_min_packages_9_3_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_9_4_x86_64: ++ ++__sap_hana_preconfigure_min_packages_9_4_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_9_5_x86_64: ++ ++__sap_hana_preconfigure_min_packages_9_5_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_9_6_x86_64: ++ ++__sap_hana_preconfigure_min_packages_9_6_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_9_7_x86_64: ++ ++__sap_hana_preconfigure_min_packages_9_7_ppc64le: ++ ++__sap_hana_preconfigure_min_packages_9_8_x86_64: ++ ++__sap_hana_preconfigure_min_packages_9_8_ppc64le: ++ ++__sap_hana_preconfigure_min_pkgs: "{{ lookup('vars', '__sap_hana_preconfigure_min_packages_' + ansible_distribution_version | string | replace(\".\", \"_\") + '_' + ansible_architecture) }}" ++ ++__sap_hana_preconfigure_packages: ++# SAP NOTE 3108316: ++ - expect ++# package gtk2: only needed if the SAP HANA installation tools hdblcmgui and hdbsetup are used ++ - gtk2 ++ - krb5-workstation ++ - libatomic ++ - libcanberra-gtk2 ++ - libtool-ltdl ++ - numactl ++ - PackageKit-gtk3-module ++ - xorg-x11-xauth ++# package chkconfig: needed by hdblcm to be able to access /etc/init.d ++ - chkconfig ++# package compat-openssl11: needed for HANA scale-out and when configuring HANA backup on Azure ++ - compat-openssl11 ++# package libxcrypt-compat: needed SAP HANA and also by sapstartsrv on RHEL 9: ++# - libxcrypt-compat # now installed by role sap_general_preconfigure, see also SAP note 3108316, version 4. ++# For support purposes: ++# package graphwiz: graph visualization tools, for supportability) ++ - graphviz ++# package iptraf-ng: TCP/IP network monitor, for supportability) ++ - iptraf-ng ++# package lm-sensors: TCP/IP network monitor, for supportability) ++ - lm_sensors ++# package nfs-utils: support utilities for NFS, for supportability) ++ - nfs-utils ++# SAP NOTE 3108302: ++ - tuned-profiles-sap-hana ++ ++__sap_hana_preconfigure_packages_min_install: ++# SAP NOTE 3108316: ++ - expect ++# package gtk2: only needed if the SAP HANA installation tools hdblcmgui and hdbsetup are used ++# - gtk2 ++ - krb5-workstation ++ - libatomic ++ - libcanberra-gtk2 ++ - libtool-ltdl ++ - numactl ++ - PackageKit-gtk3-module ++ - xorg-x11-xauth ++# package compat-openssl11: needed for HANA scale-out and when configuring HANA backup on Azure ++ - compat-openssl11 ++# required for SAP HANA on RHEL 9: ++ - libxcrypt-compat ++# For support purposes: ++# package graphwiz: graph visualization tools, for supportability) ++# - graphviz ++# package iptraf-ng: TCP/IP network monitor, for supportability) ++# - iptraf-ng ++# package lm-sensors: TCP/IP network monitor, for supportability) ++# - lm_sensors ++# package nfs-utils: support utilities for NFS, for supportability) ++# - nfs-utils ++# SAP NOTE 3108302: ++ - tuned-profiles-sap-hana ++ ++# URL for the IBM Power Systems service and productivity tools, see https://www.ibm.com/support/pages/service-and-productivity-tools ++__sap_hana_preconfigure_ibm_power_repo_url: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' ++ ++__sap_hana_preconfigure_required_ppc64le: ++ - ibm-power-managed-rhel9 ++ ++# Network related kernel parameters as set in SAP Note 2382421: ++__sap_hana_preconfigure_kernel_parameters_default: ++# The following two parameter should always be set: ++ - {name: net.core.somaxconn, value: 4096} ++ - {name: net.ipv4.tcp_max_syn_backlog, value: 8192} ++# The following two parameters are automatically set by SAP Host Agent ++# - { name: net.ipv4.ip_local_port_range, value: "40000 61000" } ++# - { name: net.ipv4.ip_local_reserved_ports, value: -> SAP NOTE 2477204 } ++# The following two parameters do not work when communicating with hosts behind NAT firewall: ++# - { name: net.ipv4.tcp_tw_reuse, value: 1 } ++# - { name: net.ipv4.tcp_tw_recycle, value: 1 } ++# The following parameter should always be set but might not work on Azure (see SAP Note 2382421): ++ - {name: net.ipv4.tcp_timestamps, value: 1} ++# The following parameter should always be set: ++ - {name: net.ipv4.tcp_slow_start_after_idle, value: 0} ++# Tune the next four parameters for low latency system replication: ++# - { net.ipv4.tcp_wmem, value } ++# - { net.ipv4.tcp_rmem, value } ++# - { net.core.wmem_max, value } ++# - { net.core.rmem_max, value } ++# Should be set correctly already on most systems, according to SAP Note 2382421: ++# - { net.ipv4.tcp_window_scaling, 1 } ++# The following only applies to HANA 1 <= 122.14 and HANA 2 SPS00. ++# So we do not change the default. ++# - { name: net.ipv4.tcp_syn_retries, value: 8 } ++ ++# Network related kernel parameters for ppc64le: ++__sap_hana_preconfigure_kernel_parameters_default_ppc64le: ++ - {name: net.core.rmem_max, value: 56623104} ++ - {name: net.core.wmem_max, value: 56623104} ++ - {name: net.ipv4.tcp_rmem, value: "65536 262088 56623104"} ++ - {name: net.ipv4.tcp_wmem, value: "65536 262088 56623104"} ++ - {name: net.ipv4.tcp_mem, value: "56623104 56623104 56623104"} ++ ++# Network related kernel parameters for NetApp NFS, as set in SAP Note 3024346: ++__sap_hana_preconfigure_kernel_parameters_netapp_nfs: ++ - {name: net.core.rmem_max, value: 16777216} ++ - {name: net.core.wmem_max, value: 16777216} ++ - {name: net.ipv4.tcp_rmem, value: "4096 131072 16777216"} ++ - {name: net.ipv4.tcp_wmem, value: "4096 16384 16777216"} ++ - {name: net.core.netdev_max_backlog, value: 300000} ++# already set in SAP note 2382421: ++# - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 } ++ - {name: net.ipv4.tcp_no_metrics_save, value: 1} ++ - {name: net.ipv4.tcp_moderate_rcvbuf, value: 1} ++ - {name: net.ipv4.tcp_window_scaling, value: 1} ++# already set in SAP note 2382421: ++# - { name: net.ipv4.tcp_timestamps, value: 1 } ++ - {name: net.ipv4.tcp_sack, value: 1} ++ ++# yamllint disable rule:commas rule:colons ++__sap_hana_preconfigure_packages_and_services: ++ abrtd: {pkg: 'abrt', svc: 'abrtd', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ abrt-ccpp: {pkg: 'abrt-addon-ccpp', svc: 'abrt-ccpp', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ numad: {pkg: 'numad', svc: 'numad', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ kdump: {pkg: 'kexec-tools', svc: 'kdump', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++ firewalld: {pkg: 'firewalld', svc: 'firewalld', systemd_enabled: 'no', systemd_state: 'stopped', svc_status: 'disabled', svc_state: 'inactive'} ++# yamllint enable rule:commas rule:colons +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/SLES_15.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/SLES_15.yml +new file mode 100644 +index 0000000..32dac1d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/SLES_15.yml +@@ -0,0 +1,30 @@ ++--- ++ ++# required SAP Notes for SLES 15 ++ ++__sap_hana_preconfigure_sapnotes: ++# - "{% if ansible_architecture == 'ppc64le' %}2055470{% endif %}" ++ - "1944799" ++ - "2578899" ++ - "1275776" ++ - "2684254" ++ ++__sap_hana_preconfigure_min_pkgs: ++ ++__sap_hana_preconfigure_packages: ++ # SAP NOTE 2772999 ++ # SAP NOTE 2292690 ++ # SAP NOTE 22455582 ++# ++# libtool ltdl: https://answers.sap.com/questions/476177/hana-db-installation-ended-with-exit-code-127.html ++# it is required since HANA 2 SPS 03, and as such installed in general ++ ++# ++# Intel needs additional packages over x86_64 ++# ++ ++__sap_hana_preconfigure_grub_file: /tmp/grub ++ ++# SLES_SAP is using saptune, but SLES is using sapconf. ++# Default value true runs saptune, but installation.yml auto-detects base product and adjusts. ++__sap_hana_preconfigure_run_saptune: true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/main.yml +new file mode 100644 +index 0000000..4800318 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hana_preconfigure/vars/main.yml +@@ -0,0 +1,24 @@ ++--- ++ ++# define variables here that will not change ++# Those are valid for all OS ++# ++ ++# Default parameter file for sysctl settings according to SAP NOTE 2382421 ++__sap_hana_preconfigure_etc_sysctl_saphana_conf: '/etc/sysctl.d/sap_hana.conf' ++ ++# Default parameter file for sysctl settings according to SAP NOTE 3024346 ++__sap_hana_preconfigure_etc_sysctl_netapp_hana_conf: '/etc/sysctl.d/91-NetApp-HANA.conf' ++ ++# dummy entries for passing the arg spec validation: ++__sap_hana_preconfigure_supported_rhel_minor_releases: [] ++__sap_hana_preconfigure_req_repos_redhat_7_x86_64: [] ++__sap_hana_preconfigure_req_repos_redhat_7_ppc64le: [] ++__sap_hana_preconfigure_req_repos_redhat_8_x86_64: [] ++__sap_hana_preconfigure_req_repos_redhat_8_ppc64le: [] ++__sap_hana_preconfigure_req_repos_redhat_9_x86_64: [] ++__sap_hana_preconfigure_req_repos_redhat_9_ppc64le: [] ++__sap_hana_preconfigure_packages: [] ++__sap_hana_preconfigure_kernel_parameters_default: [] ++__sap_hana_preconfigure_kernel_parameters_default_ppc64le: [] ++__sap_hana_preconfigure_ibm_power_repo_url: '' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/.ansible-lint b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/.ansible-lint +new file mode 100644 +index 0000000..84062f5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/.ansible-lint +@@ -0,0 +1,16 @@ ++--- ++exclude_paths: ++ - tests/sap_hypervisor_node_preconfigure/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/README.md b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/README.md +new file mode 100644 +index 0000000..596a3f8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/README.md +@@ -0,0 +1,241 @@ ++# sap_hypervisor_node_preconfigure ++ ++This role will configure the following hypervisors in order to run SAP workloads: ++* Red Hat OpenShift Virtualization (OCPV) ++* Red Hat Enterprise Virtualization (RHV) ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview" ++ ++## Platform: Red Hat OpenShift Virtualization ++ ++Will configure a plain vanilla OpenShift cluster so it can be used for SAP workloads. ++ ++### Requirements ++* An OpenShift cluster, best without any previous customization. ++* The worker nodes should have > 96GB of memory. ++* Worker nodes need to have Intel CPUs that provide TSX feature. ++* Storage is required, e.g. via NFS, OpenShift Data Foundation or local storage. This role can setup access to a Netapp Filer via Trident storage connector. ++Local storage will be configures using host path provisioner. ++* Point the `KUBECONFIG` environment variable to your `kubeconfig`. ++* Make the role available in case you didn't install it already in an ansible roles directory, e.g. ++* Make sure to install the dependencies mentioned below are installed. ++* To ensure your local checkout it found by ansible: ++``` ++mkdir -p ~/.ansible/roles/ ++ln -sf ~/community.sap_install/roles/sap_hypervisor_node_preconfigure ~/.ansible/roles/ ++``` ++### Dependencies ++ ++Needs the ansible kubernetes module and the python3 kubernetes binding. On a RHEL based system the are named ++* python3-kubernetes ++* ansible-collection-kubernetes-core ++ ++Needs `oc` binary available in path. ++ ++### Role Variables ++General variables are defined in sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_ocp_virt.yml ++``` ++# Install the trident NFS storage provider. If yes, expects configuration details under ++# sap_hypervisor_node_preconfigure_cluster_config.trident, see example config. ++sap_hypervisor_node_preconfigure_install_trident: True|False ++# URL of the trident installer package to use ++sap_hypervisor_node_preconfigure_install_trident_url: https://github.com/NetApp/trident/releases/download/v23.01.0/trident-installer-23.01.0.tar.gz ++ ++# should SRIOV be enabled for unsupported NICs ++sap_hypervisor_node_preconfigure_sriov_enable_unsupported_nics: True|False ++ ++# Amount of memory [GB] to be reserved for the hypervisor on hosts >= 512GB ++sap_hypervisor_node_preconfigure_hypervisor_reserved_ram_host_ge_512: 64 #GB ++# Amount of memory [GB] to be reserved for the hypervisor on hosts < 512GB ++sap_hypervisor_node_preconfigure_hypervisor_reserved_ram_host_lt_512: 32 #GB ++ ++# Should the check for the minimal amount of memory be ignored? Minimal amount is 96 GB ++# If ignored, the amount of $hostmemory - $reserved is allocated with a lower bound of 0 in case $reserved > $hostmemory ++sap_hypervisor_node_preconfigure_ignore_minimal_memory_check: True|False ++ ++# Define if the host path provisioner should be installed in order to use a local disk as storage device. ++# Uses the following variable to be set to the storage device to be used, e.g.: ++# sap_hypervisor_node_preconfigure_cluster_config.worker_localstorage_device: /dev/sdb ++sap_hypervisor_node_preconfigure_install_hpp: True|False ++``` ++The following variables are describing the nodes and networks to be used. It can make sense to have them in a separate file, e.g. see `playbooks/vars/sample-variables-sap-hypervisor-node-preconfigure-rh_ocp_virt.yml` for an example. ++``` ++sap_hypervisor_node_preconfigure_cluster_config: ++ # URL under which the OCP cluster is reachable ++ cluster_url: ocpcluster.domain.org ++ ++ # namespace under which the VMs are created, note this has to be ++ # openshift-sriov-network-operator in case of using SRIOV network ++ # devices ++ vm_namespace: sap ++ ++ # Optional, configuration for trident driver for Netapp NFS filer ++ trident: ++ management: management.domain.org ++ data: datalif.netapp.domain.org ++ svm: sap_svm ++ backend: nas_backend ++ aggregate: aggregate_Name ++ username: admin ++ password: xxxxx ++ storage_driver: ontap-nas ++ storage_prefix: ocpv_sap_ ++ ++ # CPU cores which will be reserved for kubernetes ++ worker_kubernetes_reserved_cpus: "0,1" ++ ++ # Storage device used for host path provisioner as local storage. ++ worker_localstorage_device: /dev/vdb ++ ++ # detailed configuration for every worker that should be configured ++ workers: ++ - name: worker-0 # name must match the node name ++ networks: # Example network config ++ - name: sapbridge # using a bridge ++ description: SAP bridge ++ state: up ++ type: linux-bridge ++ ipv4: ++ enabled: false ++ auto-gateway: false ++ auto-dns: false ++ bridge: ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens1f0 # network IF name ++ - name: storage # an SRIOV device ++ interface: ens2f0 # network IF name ++ type: sriov ++ ++ - bridge: # another bridge ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens2f0 # network IF name ++ description: storage ++ mtu: 9000 ++ ipv4: ++ address: ++ - ip: 192.168.1.51 # IP config ++ prefix-length: 24 ++ auto-dns: false ++ auto-gateway: false ++ enabled: true ++ name: storagebridge ++ state: up ++ type: linux-bridge ++ - name: multi # another SRIOV device ++ interface: ens2f1 # network IF name ++ type: sriov ++ ++ - name: worker-1 # second worker configuration ++ networks: # Example network config ++ - name: sapbridge # using a bridge ++ description: SAP bridge ++ state: up ++ type: linux-bridge ++ ipv4: ++ enabled: false ++ auto-gateway: false ++ auto-dns: false ++ bridge: ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens1f0 # network IF name ++ - name: storage # an SRIOV device ++ interface: ens2f0 # network IF name ++ type: sriov ++``` ++### Example Playbook ++See `playbooks/sample-sap-hypervisor-redhat_ocp_virt-preconfigure.yml` for an example. ++ ++### Example Usage ++Make sure to set the `KUBECONFIG` environment variable, e.g. ++``` ++export KUBECONFIG=~/.kubeconfig ++``` ++To invoke the example playbook with the example configuration using your localhost as ansible host use the following command line: ++``` ++ansible-playbook --connection=local -i localhost, playbooks/sample-sap-hypervisor-redhat_ocp_virt-preconfigure.yml -e @s/sample-sap-hypervisor-redhat_ocp_virt-preconfigure.yml ++``` ++ ++## Platform: RHEL KVM ++This Ansible Role allows preconfigure of Red Hat Virtualization (RHV), formerly called Red Hat Enterprise Virtualization (RHEV) prior to version 4.4 release. Red Hat Virtualization (RHV) consists of 'Red Hat Virtualization Manager (RHV-M)' and the 'Red Hat Virtualization Host (RHV-H)' hypervisor nodes that this Ansible Role preconfigures. Please note, Red Hat Virtualization is discontinued and maintenance support will end mid-2024. Extended life support for RHV ends mid-2026. ++This Ansible Role does not preconfigure RHEL KVM (RHEL-KVM) hypervisor nodes. Please note that RHEL KVM is standalone, and does not have Management tooling (previously provided by RHV-M). ++ ++### Requirements ++* A RHV hypervisor. ++ ++### Role Variables ++`sap_hypervisor_node_preconfigure_reserved_ram (default: 100)` Reserve memory [GB] for hypervisor host. Depending in the use case should be at least 50-100GB. ++ ++`sap_hypervisor_node_preconfigure_reserve_hugepages (default: static)` Hugepage allocation method: {static|runtime}. ++static: done at kernel command line which is slow, but safe ++runtime: done with hugeadm which is faster, but can in some cases not ensure all HPs are allocated. ++ ++`sap_hypervisor_node_preconfigure_kvm_nx_huge_pages (default: "auto")` Setting for the huge page shattering kvm.nx_huge_pages: {"auto"|"on"|"off"}. Note the importance of the quotes, otherwise off will be mapped to false. See https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html for additional information: ++``` ++ kvm.nx_huge_pages= ++ [KVM] Controls the software workaround for the ++ X86_BUG_ITLB_MULTIHIT bug. ++ force : Always deploy workaround. ++ off : Never deploy workaround. ++ auto : Deploy workaround based on the presence of ++ X86_BUG_ITLB_MULTIHIT. ++ ++ Default is 'auto'. ++ ++ If the software workaround is enabled for the host, ++ guests do need not to enable it for nested guests. ++``` ++ ++`sap_hypervisor_node_preconfigure_tsx (default: "off")` Intel Transactional Synchronization Extensions (TSX): {"on"|"off"}. Note the importance of the quotes, otherwise off will be mapped to false. ++ ++`sap_hypervisor_node_preconfigure_assert (default: false)` In assert mode, the parameters on the system are checked if the confirm with what this role would set. ++ ++`sap_hypervisor_node_preconfigure_ignore_failed_assertion (default: no)` Fail if assertion is invalid. ++ ++`sap_hypervisor_node_preconfigure_run_grub2_mkconfig (default: yes)` Update the grub2 config. ++ ++ ++### Example Playbook ++Simple example that just sets the parameters. ++``` ++--- ++- hosts: all ++ gather_facts: true ++ serial: 1 ++ vars: ++ sap_hypervisor_node_platform: redhat_rhel_kvm ++ tasks: ++ - name: Include Role ++ ansible.builtin.include_role: ++ name: sap_hypervisor_node_preconfigure ++``` ++ ++Run in assert mode to verify that parameters have been set. ++``` ++--- ++- hosts: all ++ gather_facts: true ++ serial: 1 ++ vars: ++ sap_hypervisor_node_platform: redhat_rhel_kvm ++ sap_hypervisor_node_preconfigure_assert: yes ++ tasks: ++ - name: Include Role ++ ansible.builtin.include_role: ++ name: sap_hypervisor_node_preconfigure ++``` ++### License ++Apache 2.0 ++ ++### Author Information ++Nils Koenig (nkoenig@redhat.com) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/defaults/main.yml +new file mode 100644 +index 0000000..741dfca +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/defaults/main.yml +@@ -0,0 +1,115 @@ ++--- ++ ++# ibmpower_phyp, redhat_ocp_virt, redhat_rhel_kvm, vmware_vsphere ++sap_hypervisor_node_platform: ++ ++# Example configuration ++sap_hypervisor_node_preconfigure_cluster_config: ++ ++ # URL under which the OCP cluster is reachable ++ cluster_url: ocpcluster.domain.org ++ ++ # namespace under which the VMs are created, note this has to be ++ # openshift-sriov-network-operator in case of using SRIOV network ++ # devices ++ vm_namespace: sap ++ ++ # Optional, configuration for trident driver for Netapp NFS filer ++ trident: ++ management: management.domain.org ++ data: datalif.netapp.domain.org ++ svm: sap_svm ++ backend: nas_backend ++ aggregate: aggregate_Name ++ username: admin ++ password: xxxxx ++ storage_driver: ontap-nas ++ storage_prefix: ocpv_sap_ ++ ++ # CPU cores reserved for kubernetes on worker node ++ worker_kubernetes_reserved_cpus: "0,1" ++ ++ # Storage device which should be used if host path provisioner is used ++ worker_localstorage_device: /dev/vdb ++ ++ # detailed configuration for every worker that should be configured ++ workers: ++ - name: worker-0 # name must match the node name ++ networks: # Example network config ++ - name: sapbridge # using a bridge ++ description: SAP bridge ++ state: up ++ type: linux-bridge ++ ipv4: ++ enabled: false ++ auto-gateway: false ++ auto-dns: false ++ bridge: ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens1f0 # network IF name ++ - name: storage # an SRIOV device ++ interface: ens2f0 # network IF name ++ type: sriov ++ ++ - bridge: # another bridge ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens2f0 # network IF name ++ description: storage ++ mtu: 9000 ++ ipv4: ++ address: ++ - ip: 192.168.1.40 # IP config ++ prefix-length: 24 ++ auto-dns: false ++ auto-gateway: false ++ enabled: true ++ name: storagebridge ++ state: up ++ type: linux-bridge ++ - name: multi # another SRIOV device ++ interface: ens2f1 # network IF name ++ type: sriov ++ ++ - name: worker-1 # second worker configuration ++ networks: # Example network config ++ - name: sapbridge # using a bridge ++ description: SAP bridge ++ state: up ++ type: linux-bridge ++ ipv4: ++ enabled: false ++ auto-gateway: false ++ auto-dns: false ++ bridge: ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens1f0 # network IF name ++ - name: storagebridge ++ description: storage ++ state: up ++ type: linux-bridge ++ bridge: # another bridge ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: ens2f0 # network IF name ++ mtu: 9000 ++ ipv4: ++ address: ++ - ip: 192.168.1.41 # IP config ++ prefix-length: 24 ++ auto-dns: false ++ auto-gateway: false ++ enabled: true ++ - name: storage # an SRIOV device ++ interface: ens2f0 # network IF name ++ type: sriov +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/files/platform/ibmpower_phyp/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/files/platform/ibmpower_phyp/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/files/platform/redhat_ocp_virt/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/files/platform/redhat_ocp_virt/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/files/platform/vmware_vsphere/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/files/platform/vmware_vsphere/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/main.yml +new file mode 100644 +index 0000000..d943640 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/main.yml +@@ -0,0 +1,3 @@ ++--- ++- name: Hypervisor node preconfigure - Include Handler Tasks for {{ sap_hypervisor_node_platform }} ++ ansible.builtin.import_tasks: "platform/{{ sap_hypervisor_node_platform }}/main.yml" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/ibmpower_phyp/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/ibmpower_phyp/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_ocp_virt/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_ocp_virt/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_rhel_kvm/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_rhel_kvm/main.yml +new file mode 100644 +index 0000000..b978cd1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/redhat_rhel_kvm/main.yml +@@ -0,0 +1,91 @@ ++--- ++- name: "Check if server is booted in BIOS or UEFI mode" ++ ansible.builtin.stat: ++ path: /sys/firmware/efi ++ get_checksum: no ++ register: __sap_hypervisor_node_preconfigure_register_stat_sys_firmware_efi ++ listen: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - sap_hypervisor_node_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: Debug BIOS or UEFI ++ ansible.builtin.debug: ++ var: __sap_hypervisor_node_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ listen: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - sap_hypervisor_node_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: "Run grub-mkconfig (BIOS mode)" ++ ansible.builtin.command: grub2-mkconfig -o /boot/grub2/grub.cfg ++ register: __sap_hypervisor_node_preconfigure_register_grub2_mkconfig_bios_mode ++ listen: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ notify: __sap_hypervisor_node_preconfigure_reboot_handler ++ when: ++ - not __sap_hypervisor_node_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_hypervisor_node_preconfigure_run_grub2_mkconfig|d(true) ++ become: true ++ become_user: root ++ ++- name: "Debug grub-mkconfig BIOS mode" ++ ansible.builtin.debug: ++ var: __sap_hypervisor_node_preconfigure_register_grub2_mkconfig_bios_mode.stdout_lines, __sap_hypervisor_node_preconfigure_register_grub2_mkconfig_bios_mode.stderr_lines ++ listen: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - not __sap_hypervisor_node_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_hypervisor_node_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: "Set the grub.cfg location RHEL" ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_uefi_boot_dir: /boot/efi/EFI/redhat/grub.cfg ++ listen: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - ansible_distribution == 'RedHat' ++ ++- name: "Set the grub.cfg location SLES" ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_uefi_boot_dir: /boot/efi/EFI/BOOT/grub.cfg ++ listen: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - ansible_distribution == 'SLES' or ansible_distribution == 'SLES_SAP' ++ ++- name: "Run grub-mkconfig (UEFI mode)" ++ ansible.builtin.command: "grub2-mkconfig -o {{ __sap_hypervisor_node_preconfigure_uefi_boot_dir }}" ++ register: __sap_hypervisor_node_preconfigure_register_grub2_mkconfig_uefi_mode ++ listen: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ notify: __sap_hypervisor_node_preconfigure_reboot_handler ++ when: ++ - __sap_hypervisor_node_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_hypervisor_node_preconfigure_run_grub2_mkconfig|d(true) ++ become: true ++ become_user: root ++ ++- name: "Debug grub-mkconfig UEFI" ++ ansible.builtin.debug: ++ var: __sap_hypervisor_node_preconfigure_register_grub2_mkconfig_uefi_mode.stdout_lines, __sap_hypervisor_node_preconfigure_register_grub2_mkconfig_uefi_mode.stderr_lines ++ listen: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - __sap_hypervisor_node_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_hypervisor_node_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: Reboot the managed node ++ ansible.builtin.reboot: ++ test_command: /bin/true ++ listen: __sap_hypervisor_node_preconfigure_reboot_handler ++ when: ++ - sap_hypervisor_node_preconfigure_reboot_ok|d(false) ++ ++- name: Let the role fail if a reboot is required ++ ansible.builtin.fail: ++ msg: Reboot is required! ++ listen: __sap_hypervisor_node_preconfigure_reboot_handler ++ when: ++ - sap_hypervisor_node_preconfigure_fail_if_reboot_required|d(true) ++ - not sap_hypervisor_node_preconfigure_reboot_ok|d(false) ++ ++- name: Show a warning message if a reboot is required ++ ansible.builtin.debug: ++ msg: "WARN: Reboot is required!" ++ listen: __sap_hypervisor_node_preconfigure_reboot_handler ++ when: ++ - not sap_hypervisor_node_preconfigure_fail_if_reboot_required|d(true) ++ - not sap_hypervisor_node_preconfigure_reboot_ok|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/vmware_vsphere/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/handlers/platform/vmware_vsphere/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/meta/main.yml +new file mode 100644 +index 0000000..9940421 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/meta/main.yml +@@ -0,0 +1,13 @@ ++--- ++galaxy_info: ++ namespace: community ++ role_name: sap_hypervisor_node_preconfigure ++ author: Nils Koenig ++ description: Provide the configuration of hypervisors for SAP workloads ++ license: Apache-2.0 ++ min_ansible_version: "2.9" ++ galaxy_tags: ['sap', 'hana', 'rhel', 'redhat', 'openshift'] ++ platforms: ++ - name: RHEL ++ versions: 8 ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/main.yml +new file mode 100644 +index 0000000..1736339 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/main.yml +@@ -0,0 +1,6 @@ ++--- ++- name: SAP certified hypervisor node preconfigure - Include Vars for {{ sap_hypervisor_node_platform }} ++ ansible.builtin.include_vars: "platform_defaults_{{ sap_hypervisor_node_platform }}.yml" ++ ++- name: SAP certified hypervisor node preconfigure - Include Tasks for {{ sap_hypervisor_node_platform }} ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/main.yml" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/ibmpower_phyp/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/ibmpower_phyp/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/99-kargs-worker.yml.j2 b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/99-kargs-worker.yml.j2 +new file mode 100644 +index 0000000..32064a8 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/99-kargs-worker.yml.j2 +@@ -0,0 +1,17 @@ ++apiVersion: machineconfiguration.openshift.io/v1 ++kind: MachineConfig ++metadata: ++ labels: ++ machineconfiguration.openshift.io/role: worker ++ name: 99-kargs-worker ++spec: ++ config: ++ ignition: ++ version: 3.2.0 ++ kernelArguments: ++ - intel_iommu=on ++ - iommu=pt ++ - default_hugepagesz=1GB ++ - hugepagesz=1GB ++ - hugepages={{ __sap_hypervisor_node_preconfigure_register_worker_reserved_hugepages }} ++ - tsx=on +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/configure-worker-node.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/configure-worker-node.yml +new file mode 100644 +index 0000000..3af1dcf +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/configure-worker-node.yml +@@ -0,0 +1,19 @@ ++--- ++- name: Label nodes ++ ansible.builtin.command: "oc label node {{ __sap_hypervisor_node_preconfigure_register_worker.name }} cpumanager=true --overwrite=true" ++ register: __sap_hypervisor_node_preconfigure_label_node_result ++ changed_when: __sap_hypervisor_node_preconfigure_label_node_result.rc != 0 ++ ++- name: Include node network ++ ansible.builtin.include_tasks: node-network.yml ++ with_items: "{{ __sap_hypervisor_node_preconfigure_register_worker.networks }}" ++ loop_control: ++ loop_var: __sap_hypervisor_node_preconfigure_register_worker_network ++ index_var: __sap_hypervisor_node_preconfigure_register_worker_network_nr ++ when: __sap_hypervisor_node_preconfigure_register_worker.networks is defined ++ ++# How to wait for node to be scheduleable? (NodeSchedulable) ++- name: Wait for all k8s nodes to be ready ++ ansible.builtin.command: oc wait --for=condition=Ready nodes --all --timeout=3600s ++ register: __sap_hypervisor_node_preconfigure_register_nodes_ready ++ changed_when: __sap_hypervisor_node_preconfigure_register_nodes_ready.rc != 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/create-sap-bridge.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/create-sap-bridge.yml +new file mode 100644 +index 0000000..bf70f8f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/create-sap-bridge.yml +@@ -0,0 +1,43 @@ ++--- ++- name: Create SAP bridge NodeNetworkConfigurationPolicy ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: nmstate.io/v1 ++ kind: NodeNetworkConfigurationPolicy ++ metadata: ++ name: "sap-bridge-policy-{{ worker.name }}" ++ spec: ++ nodeSelector: ++ kubernetes.io/hostname: "{{ worker.name }}" ++ desiredState: ++ interfaces: ++ - name: sapbridge ++ description: "Linux bridge with {{ worker.sap_bridge_interface }} as physical port to access SAP network" ++ type: linux-bridge ++ state: up ++ ipv4: ++ enabled: false ++ bridge: ++ options: ++ stp: ++ enabled: false ++ port: ++ - name: "{{ worker.sap_bridge_interface }}" ++ ++ ++- name: Create SAP bridge NetworkAttachmentDefinition ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: "k8s.cni.cncf.io/v1" ++ kind: NetworkAttachmentDefinition ++ metadata: ++ kubernetes.io/hostname: "{{ worker.name }}" ++ machineconfiguration.openshift.io/role: "{{ worker.name }}" ++ namespace: "{{ vm_namespace }}" ++ name: sap-bridge-network-definition ++ annotations: ++ k8s.v1.cni.cncf.io/resourceName: bridge.network.kubevirt.io/sapbridge ++ spec: ++ config: '{ "cniVersion": "0.3.1", "name": "sap-bridge-network-definition", "type": "cnv-bridge", "bridge": "sapbridge", "macspoofchk": true }' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-cnv-operator.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-cnv-operator.yml +new file mode 100644 +index 0000000..e9a830e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-cnv-operator.yml +@@ -0,0 +1,73 @@ ++--- ++- name: Create the CNV Operator namespace ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: v1 ++ kind: Namespace ++ metadata: ++ name: openshift-cnv ++ ++- name: Create CNV OperatorGroup kubevirt-hyperconverged-group ++ kubernetes.core.k8s: ++ state: present ++ ++ definition: ++ apiVersion: operators.coreos.com/v1 ++ kind: OperatorGroup ++ metadata: ++ name: kubevirt-hyperconverged-group ++ namespace: openshift-cnv ++ spec: ++ targetNamespaces: ++ - openshift-cnv ++ ++- name: Create CNV Subscription ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: operators.coreos.com/v1alpha1 ++ kind: Subscription ++ metadata: ++ name: hco-operatorhub ++ namespace: openshift-cnv ++ spec: ++ source: redhat-operators ++ sourceNamespace: openshift-marketplace ++ name: kubevirt-hyperconverged ++ ++- name: Wait ++ ansible.builtin.pause: ++ seconds: 300 ++ ++- name: Get Install Plan Name ++ retries: 10 ++ delay: 10 ++ ansible.builtin.command: oc get subscriptions/hco-operatorhub --namespace openshift-cnv --output=jsonpath='{$.status.installplan.name}' ++ register: __sap_hypervisor_node_preconfigure_register_cnv_subscription_install_plan_name ++ until: __sap_hypervisor_node_preconfigure_register_cnv_subscription_install_plan_name.stdout != "" ++ changed_when: __sap_hypervisor_node_preconfigure_register_cnv_subscription_install_plan_name.stdout != "" ++ ++- name: Wait for Install Plan to finish ++ ansible.builtin.command: "oc wait installplan {{ __sap_hypervisor_node_preconfigure_register_cnv_subscription_install_plan_name.stdout }} --namespace openshift-cnv --for=condition='Installed' --timeout='5m'" ++ register: __sap_hypervisor_node_preconfigure_register_wait_for_installplan ++ changed_when: __sap_hypervisor_node_preconfigure_register_wait_for_installplan.rc != 0 ++ ++- name: Wait ++ ansible.builtin.pause: ++ seconds: 300 ++ ++- name: Create CNV HyperConverged ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: hco.kubevirt.io/v1beta1 ++ kind: HyperConverged ++ metadata: ++ name: kubevirt-hyperconverged ++ namespace: openshift-cnv ++ spec: ++ ++- name: Wait ++ ansible.builtin.pause: ++ seconds: 300 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-hpp.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-hpp.yml +new file mode 100644 +index 0000000..daa713a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-hpp.yml +@@ -0,0 +1,89 @@ ++--- ++- name: Create systemd files for local storage handling ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: machineconfiguration.openshift.io/v1 ++ kind: MachineConfig ++ metadata: ++ annotations: ++ labels: ++ machineconfiguration.openshift.io/role: worker ++ name: 50-hpp-local ++ spec: ++ config: ++ ignition: ++ version: 2.2.0 ++ systemd: ++ units: ++ - contents: | ++ [Unit] ++ Description=Create mountpoint /var/localstorage and initialize filesystem ++ Before=var-localstorage.mount ++ [Service] ++ Type=oneshot ++ ExecStart=/bin/bash -c "if [[ $(lsblk -o FSTYPE {{ sap_hypervisor_node_preconfigure_cluster_config.worker_localstorage_device }} --noheadings) != 'xfs' ]]; then mkfs.xfs -f {{ sap_hypervisor_node_preconfigure_cluster_config.worker_localstorage_device }}; fi" ++ ExecStart=/bin/mkdir -p /var/localstorage ++ enabled: true ++ name: create-mountpoint-var-localstorage.service ++ - contents: | ++ [Unit] ++ After=create-mountpoint-var-localstorage.service ++ Requires=create-mountpoint-var-localstorage.service ++ [Mount] ++ What={{ sap_hypervisor_node_preconfigure_cluster_config.worker_localstorage_device }} ++ Where=/var/localstorage ++ Type=xfs ++ [Install] ++ WantedBy=local-fs.target ++ enabled: true ++ name: var-localstorage.mount ++ - contents: | ++ [Unit] ++ Description=Set SELinux chcon for hostpath provisioner ++ Before=kubelet.service ++ After=var-localstorage.mount ++ [Service] ++ ExecStart=/usr/bin/chcon -Rt container_file_t /var/localstorage ++ [Install] ++ WantedBy=multi-user.target ++ enabled: true ++ name: hostpath-provisioner.service ++ ++- name: Wait for mountpoint to be ready ++ ansible.builtin.pause: ++ minutes: 3 ++ ++- name: Create hostpath provisioner (HPP) ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: hostpathprovisioner.kubevirt.io/v1beta1 ++ kind: HostPathProvisioner ++ metadata: ++ name: hostpath-provisioner ++ spec: ++ imagePullPolicy: IfNotPresent ++ storagePools: ++ - name: localstorage ++ path: /var/localstorage ++ workload: ++ nodeSelector: ++ kubernetes.io/os: linux ++ machineconfiguration.openshift.io/role: worker ++ ++- name: Create storage class for HPP ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: storage.k8s.io/v1 ++ kind: StorageClass ++ metadata: ++ name: local ++ annotations: ++ storageclass.kubernetes.io/is-default-class: "true" ++ provisioner: kubevirt.io.hostpath-provisioner ++ reclaimPolicy: Delete ++ volumeBindingMode: WaitForFirstConsumer ++ parameters: ++ storagePool: localstorage +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-nmstate-operator.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-nmstate-operator.yml +new file mode 100644 +index 0000000..5e1e4f4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-nmstate-operator.yml +@@ -0,0 +1,70 @@ ++--- ++- name: Create the nmstate operator namespace ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: v1 ++ kind: Namespace ++ metadata: ++ labels: ++ kubernetes.io/metadata.name: openshift-nmstate ++ name: openshift-nmstate ++ name: openshift-nmstate ++ spec: ++ finalizers: ++ - kubernetes ++ ++- name: Create the OperatorGroup ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: operators.coreos.com/v1 ++ kind: OperatorGroup ++ metadata: ++ annotations: ++ olm.providedAPIs: NMState.v1.nmstate.io ++ generateName: openshift-nmstate- ++ name: openshift-nmstate-tn6k8 ++ namespace: openshift-nmstate ++ spec: ++ targetNamespaces: ++ - openshift-nmstate ++ ++- name: Pause to give operator a chance to install ++ ansible.builtin.pause: ++ minutes: 2 ++ ++- name: Subscribe to the nmstate Operator ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: operators.coreos.com/v1alpha1 ++ kind: Subscription ++ metadata: ++ labels: ++ operators.coreos.com/kubernetes-nmstate-operator.openshift-nmstate: "" ++ name: kubernetes-nmstate-operator ++ namespace: openshift-nmstate ++ spec: ++ channel: stable ++ installPlanApproval: Automatic ++ name: kubernetes-nmstate-operator ++ source: redhat-operators ++ sourceNamespace: openshift-marketplace ++ ++- name: Pause to give operator a chance to install ++ ansible.builtin.pause: ++ minutes: 5 ++ ++- name: Create instance of the nmstate operator ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: nmstate.io/v1 ++ kind: NMState ++ metadata: ++ name: nmstate ++ ++- name: Pause to give instance a chance to come up ++ ansible.builtin.pause: ++ minutes: 5 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-sriov-operator.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-sriov-operator.yml +new file mode 100644 +index 0000000..5fcb437 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-sriov-operator.yml +@@ -0,0 +1,54 @@ ++--- ++- name: Create the SRIOV Operator namespace ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: v1 ++ kind: Namespace ++ metadata: ++ name: openshift-sriov-network-operator ++ ++- name: Create the SRIOV Operator namespace ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: operators.coreos.com/v1 ++ kind: OperatorGroup ++ metadata: ++ name: sriov-network-operators ++ namespace: openshift-sriov-network-operator ++ spec: ++ targetNamespaces: ++ - openshift-sriov-network-operator ++ ++- name: Create the SRIOV Operator namespace ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: operators.coreos.com/v1alpha1 ++ kind: Subscription ++ metadata: ++ name: sriov-network-operator-subscription ++ namespace: openshift-sriov-network-operator ++ spec: ++ source: redhat-operators ++ sourceNamespace: openshift-marketplace ++ name: sriov-network-operator ++ channel: "stable" ++ ++- name: Pause to give operator a chance to install ++ ansible.builtin.pause: ++ minutes: 3 ++ ++- name: Copy patch to enable unsupported NICs ++ ansible.builtin.copy: ++ src: sriov-enabled-unsupported-nics.sh ++ dest: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/sriov-enabled-unsupported-nics.sh" ++ mode: "0755" ++ when: sap_hypervisor_node_preconfigure_sriov_enable_unsupported_nics ++ ++- name: Enable unsupported NICs ++ ansible.builtin.command: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/sriov-enabled-unsupported-nics.sh" ++ when: sap_hypervisor_node_preconfigure_sriov_enable_unsupported_nics ++ register: __sap_hypervisor_node_preconfigure_register_enable_unsupported_nics ++ changed_when: __sap_hypervisor_node_preconfigure_register_enable_unsupported_nics.rc != 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-trident.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-trident.yml +new file mode 100644 +index 0000000..9f734ea +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-trident.yml +@@ -0,0 +1,45 @@ ++--- ++- name: Download trident ++ ansible.builtin.unarchive: ++ remote_src: true ++ src: "{{ sap_hypervisor_node_preconfigure_install_trident_url }}" ++ dest: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/" ++ ++- name: Uninstall trident ++ ansible.builtin.command: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/trident-installer/tridentctl uninstall -n trident" ++ ignore_errors: true ++ register: __sap_hypervisor_node_preconfigure_register_uninstall_trident ++ changed_when: __sap_hypervisor_node_preconfigure_register_uninstall_trident.rc != 0 ++ ++- name: Install trident ++ ansible.builtin.command: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/trident-installer/tridentctl install -n trident" ++ register: __sap_hypervisor_node_preconfigure_register_install_trident ++ changed_when: __sap_hypervisor_node_preconfigure_register_install_trident.rc != 0 ++ ++- name: Copy backend file ++ ansible.builtin.template: ++ src: "trident-backend.json.j2" ++ dest: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/trident-backend.json" ++ mode: "0644" ++ ++- name: Create trident backend ++ ansible.builtin.command: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/trident-installer/tridentctl -n trident create backend -f{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/trident-backend.json" ++ register: __sap_hypervisor_node_preconfigure_register_create_trident_backend ++ changed_when: __sap_hypervisor_node_preconfigure_register_create_trident_backend.rc != 0 ++ ++- name: Create storage class ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: storage.k8s.io/v1 ++ kind: StorageClass ++ metadata: ++ name: nas ++ annotations: ++ storageclass.kubernetes.io/is-default-class: "true" ++ provisioner: csi.trident.netapp.io ++ parameters: ++ backendType: "{{ sap_hypervisor_node_preconfigure_cluster_config.trident.storage_driver }}" ++ snapshots: "true" ++ provisioningType: "thin" ++ encryption: "false" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-virtctl.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-virtctl.yml +new file mode 100644 +index 0000000..48c5a06 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-virtctl.yml +@@ -0,0 +1,14 @@ ++--- ++- name: Create ~/bin ++ ansible.builtin.file: ++ path: ~/bin ++ state: directory ++ mode: "0700" ++ ++- name: Get and extract virtctl ++# become: yes ++ ansible.builtin.unarchive: ++ validate_certs: false ++ remote_src: true ++ src: "https://hyperconverged-cluster-cli-download-openshift-cnv.apps.{{ sap_hypervisor_node_preconfigure_cluster_config.cluster_url }}/amd64/linux/virtctl.tar.gz" ++ dest: ~/bin +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/kargs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/kargs.yml +new file mode 100644 +index 0000000..bd28ea5 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/kargs.yml +@@ -0,0 +1,11 @@ ++--- ++- name: Personalize template ++ ansible.builtin.template: ++ src: 99-kargs-worker.yml.j2 ++ dest: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/99-kargs-{{ __sap_hypervisor_node_preconfigure_register_worker_name }}.yml.j2" ++ mode: "0644" ++ ++- name: Enable hugepages ++ kubernetes.core.k8s: ++ state: present ++ src: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/99-kargs-{{ __sap_hypervisor_node_preconfigure_register_worker_name }}.yml.j2" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/label-worker-invtsc.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/label-worker-invtsc.yml +new file mode 100644 +index 0000000..57a52da +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/label-worker-invtsc.yml +@@ -0,0 +1,11 @@ ++--- ++- name: Label worker with invtsc flag ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: v1 ++ kind: Namespace ++ metadata: ++ name: default ++ labels: ++ 'feature.node.kubernetes.io/cpu-feature-invtsc': enabled +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/main.yml +new file mode 100644 +index 0000000..cd04804 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/main.yml +@@ -0,0 +1,92 @@ ++--- ++- name: Get a list of all nodes from any namespace ++ kubernetes.core.k8s_info: ++ kind: Node ++ register: __sap_hypervisor_node_preconfigure_register_node_list ++ ++- name: Generate list with worker node names ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_register_worker_node_name_list: "{{ __sap_hypervisor_node_preconfigure_register_worker_node_name_list | d([]) + [__sap_hypervisor_node_preconfigure_register_worker_node.name] }}" ++ with_items: "{{ sap_hypervisor_node_preconfigure_cluster_config.workers }}" ++ loop_control: ++ loop_var: __sap_hypervisor_node_preconfigure_register_worker_node ++ ++- name: Filter hosts ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_register_nodes: "{{ __sap_hypervisor_node_preconfigure_register_nodes | d([]) + [__sap_hypervisor_node_preconfigure_register_host] }}" ++ with_items: "{{ __sap_hypervisor_node_preconfigure_register_node_list['resources'] }}" ++ loop_control: ++ loop_var: __sap_hypervisor_node_preconfigure_register_host ++ when: __sap_hypervisor_node_preconfigure_register_host.metadata.name in __sap_hypervisor_node_preconfigure_register_worker_node_name_list ++ ++- name: Assert that configured nodes are found ++ ansible.builtin.assert: ++ that: __sap_hypervisor_node_preconfigure_register_nodes is defined ++ fail_msg: No nodes found that match configuration provided in sap_hypervisor_node_preconfigure_cluster_config ++ success_msg: Configured nodes found ++ ++# Determine available memory on first worker node. ++# This amount will be used for all nodes, so make sure all have an identical amount. ++- name: Get worker name ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_register_worker_name: "{{ __sap_hypervisor_node_preconfigure_register_nodes[0]['metadata']['labels']['kubernetes.io/hostname'] }}" ++ ++- name: Get memory of first worker node (will be used for all worker nodes later on) ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_register_worker_memory_gib: "{{ (__sap_hypervisor_node_preconfigure_register_nodes[0]['status']['capacity']['memory'] | replace('Ki', '') | int / 1048576) }}" ++ ++- name: Check if host has minimal amount of memory (96GiB) ++ ansible.builtin.assert: ++ that: __sap_hypervisor_node_preconfigure_register_worker_memory_gib | int >= 96 ++ fail_msg: "Not enough memory on node {{ __sap_hypervisor_node_preconfigure_register_worker_name }}" ++ success_msg: "Enough memory on node {{ __sap_hypervisor_node_preconfigure_register_worker_name }}" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_minimal_memory_check }}" ++ ++# calculate memory to be allocated as hugepages ++# if system < 512GiB memory use 32GiB as upper boundary, 64GB otherwise as upper boundary ++- name: Calculate amount of hugepages to reserve (host memory < 512 GiB) ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_register_worker_reserved_hugepages: "{{ __sap_hypervisor_node_preconfigure_register_worker_memory_gib | int - sap_hypervisor_node_preconfigure_hypervisor_reserved_ram_host_lt_512 }}" ++ when: __sap_hypervisor_node_preconfigure_register_worker_memory_gib | int < 512 ++ ++- name: Calculate amount of hugepages to reserve (host memory >= 512 GiB) ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_register_worker_reserved_hugepages: "{{ __sap_hypervisor_node_preconfigure_register_worker_memory_gib | int - sap_hypervisor_node_preconfigure_hypervisor_reserved_ram_host_ge_512 }}" ++ when: __sap_hypervisor_node_preconfigure_register_worker_memory_gib | int >= 512 ++ ++- name: Include prepare ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/prepare.yml" ++- name: Include tuned virtual host ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/tuned-virtual-host.yml" ++- name: Include install CNV operator ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/install-cnv-operator.yml" ++ when: sap_hypervisor_node_preconfigure_install_operators ++- name: Include install sriov operator ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/install-sriov-operator.yml" ++ when: sap_hypervisor_node_preconfigure_install_operators ++- name: Include install nmstate operator ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/install-nmstate-operator.yml" ++ when: sap_hypervisor_node_preconfigure_install_operators ++- name: Include install virtctl ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/install-virtctl.yml" ++- name: Include setup worker nodes ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/setup-worker-nodes.yml" ++ when: sap_hypervisor_node_preconfigure_setup_workers ++ ++# How to wait for node to be scheduleable? (NodeSchedulable) ++- name: Wait for all k8s nodes to be ready ++ ansible.builtin.command: oc wait --for=condition=Ready nodes --all --timeout=3600s ++ register: __sap_hypervisor_node_preconfigure_register_nodes_ready ++ changed_when: __sap_hypervisor_node_preconfigure_register_nodes_ready.rc != 0 ++ ++- name: Print nodes ++ ansible.builtin.debug: ++ var: __sap_hypervisor_node_preconfigure_register_nodes_ready.stdout_lines ++ ++- name: Include Trident installation ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/install-trident.yml" ++ when: sap_hypervisor_node_preconfigure_install_trident ++ ++- name: Include local storage creation (HPP) ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/install-hpp.yml" ++ when: sap_hypervisor_node_preconfigure_install_hpp +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/node-network.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/node-network.yml +new file mode 100644 +index 0000000..3f9922b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/node-network.yml +@@ -0,0 +1,93 @@ ++--- ++- name: Print network ++ ansible.builtin.debug: ++ var: __sap_hypervisor_node_preconfigure_register_worker_network ++ ++- name: "Create NodeNetworkConfigurationPolicy{{ __sap_hypervisor_node_preconfigure_register_worker_network.name }} on {{ __sap_hypervisor_node_preconfigure_register_worker.name }}" ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: nmstate.io/v1 ++ kind: NodeNetworkConfigurationPolicy ++ metadata: ++ name: "{{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}-{{ __sap_hypervisor_node_preconfigure_register_worker.name }}" ++ spec: ++ nodeSelector: ++ kubernetes.io/hostname: "{{ __sap_hypervisor_node_preconfigure_register_worker.name }}" ++ desiredState: ++ interfaces: ++ - "{{ __sap_hypervisor_node_preconfigure_register_worker_network }}" ++ when: __sap_hypervisor_node_preconfigure_register_worker_network.type == 'linux-bridge' ++ ++- name: "Create NetworkAttachmentDefinition {{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}" ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: "k8s.cni.cncf.io/v1" ++ kind: NetworkAttachmentDefinition ++ metadata: ++ namespace: "{{ sap_hypervisor_node_preconfigure_cluster_config.vm_namespace }}" ++ name: "{{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}-network-definition" ++ annotations: ++ k8s.v1.cni.cncf.io/resourceName: "bridge.network.kubevirt.io/{{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}" ++ spec: ++ config: '{ "cniVersion": "0.3.1", "name": "sapbridge-network-definition", "type": "cnv-bridge", "bridge": "sapbridge", "macspoofchk": true }' ++ when: __sap_hypervisor_node_preconfigure_register_worker_network.type == 'linux-bridge' ++ ++- name: Label the node with feature.node.kubernetes.io/network-sriov.capable=true ++ kubernetes.core.k8s: ++ definition: ++ apiVersion: v1 ++ kind: Node ++ metadata: ++ name: "{{ __sap_hypervisor_node_preconfigure_register_worker.name }}" ++ labels: ++ feature.node.kubernetes.io/network-sriov.capable: "true" ++ state: present ++ when: __sap_hypervisor_node_preconfigure_register_worker_network.type == 'sriov' ++ ++- name: "Create SRIOV NodeNetworkConfigurationPolicy {{ __sap_hypervisor_node_preconfigure_register_worker_network.name }} on {{ __sap_hypervisor_node_preconfigure_register_worker.name }}" ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: sriovnetwork.openshift.io/v1 ++ kind: SriovNetworkNodePolicy ++ metadata: ++ name: "iface-{{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}-sriov-{{ __sap_hypervisor_node_preconfigure_register_worker.name }}" ++ namespace: openshift-sriov-network-operator ++ spec: ++ resourceName: "iface{{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}sriov" ++ nodeSelector: ++ feature.node.kubernetes.io/network-sriov.capable: "true" ++ kubernetes.io/hostname: "{{ __sap_hypervisor_node_preconfigure_register_worker.name }}" ++ priority: 5 ++ mtu: 9000 ++ numVfs: 8 ++ nicSelector: ++ pfNames: ['{{ __sap_hypervisor_node_preconfigure_register_worker_network.interface }}#0-7'] ++ deviceType: vfio-pci ++ isRdma: false ++ when: __sap_hypervisor_node_preconfigure_register_worker_network.type == "sriov" ++ ++- name: "Create SriovNetwork Attachment Definition {{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}" ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: sriovnetwork.openshift.io/v1 ++ kind: SriovNetwork ++ metadata: ++ name: "iface-{{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}-sriov" ++ namespace: openshift-sriov-network-operator ++ spec: ++ ipam: | ++ { ++ "type": "host-local", ++ "subnet": "192.168.1.0/24", ++ "rangeStart": "192.168.1.200", ++ "rangeEnd": "192.168.1.210" ++ } ++ networkNamespace: openshift-sriov-network-operator ++ resourceName: "iface{{ __sap_hypervisor_node_preconfigure_register_worker_network.name }}sriov" ++ spoofChk: "off" ++ trust: "on" ++ when: __sap_hypervisor_node_preconfigure_register_worker_network.type == "sriov" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/prepare.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/prepare.yml +new file mode 100644 +index 0000000..0dfbfa1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/prepare.yml +@@ -0,0 +1,16 @@ ++--- ++- name: Gather Facts ++ ansible.builtin.gather_facts: ++ ++- name: Create Tempdir ++ ansible.builtin.tempfile: ++ state: directory ++ suffix: "_sap_hypervisor_node_preconfigure" ++ register: __sap_hypervisor_node_preconfigure_register_tmpdir ++ ++- name: "Create VM namespace {{ sap_hypervisor_node_preconfigure_cluster_config.vm_namespace }}" ++ kubernetes.core.k8s: ++ name: "{{ sap_hypervisor_node_preconfigure_cluster_config.vm_namespace }}" ++ api_version: v1 ++ kind: Namespace ++ state: present +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/setup-worker-nodes.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/setup-worker-nodes.yml +new file mode 100644 +index 0000000..29420be +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/setup-worker-nodes.yml +@@ -0,0 +1,81 @@ ++--- ++- name: Include configure worker ++ ansible.builtin.include_tasks: "platform/{{ sap_hypervisor_node_platform }}/configure-worker-node.yml" ++ with_items: "{{ sap_hypervisor_node_preconfigure_cluster_config.workers }}" ++ loop_control: ++ loop_var: __sap_hypervisor_node_preconfigure_register_worker ++ index_var: __sap_hypervisor_node_preconfigure_register_worker_nr ++ ++- name: Enable CPU Manager by patching MCP worker ++ kubernetes.core.k8s: ++ state: patched ++ definition: ++ apiVersion: machineconfiguration.openshift.io/v1 ++ kind: MachineConfigPool ++ metadata: ++ name: worker ++ labels: ++ custom-kubelet: cpumanager-enabled ++ ++- name: Delete kubletconfig for cpumanager ++ kubernetes.core.k8s: ++ state: absent ++ definition: ++ apiVersion: machineconfiguration.openshift.io/v1 ++ kind: KubeletConfig ++ metadata: ++ name: cpumanager-enabled ++ spec: ++ machineConfigPoolSelector: ++ matchLabels: ++ custom-kubelet: cpumanager-enabled ++ kubeletConfig: ++ cpuManagerPolicy: static ++ cpuManagerReconcilePeriod: 5s ++ ++- name: Create kubletconfig for cpumanager worker with CPUs reserved for kubernetes ++ when: sap_hypervisor_node_preconfigure_cluster_config.worker_kubernetes_reserved_cpus is defined ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: machineconfiguration.openshift.io/v1 ++ kind: KubeletConfig ++ metadata: ++ name: cpumanager-enabled ++ spec: ++ machineConfigPoolSelector: ++ matchLabels: ++ custom-kubelet: cpumanager-enabled ++ kubeletConfig: ++ cpuManagerPolicy: static ++ cpuManagerReconcilePeriod: 5s ++ reservedSystemCPUs: "{{ sap_hypervisor_node_preconfigure_cluster_config.worker_kubernetes_reserved_cpus }}" ++ ++- name: Create kubletconfig for cpumanager worker ++ when: sap_hypervisor_node_preconfigure_cluster_config.worker_kubernetes_reserved_cpus is not defined ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: machineconfiguration.openshift.io/v1 ++ kind: KubeletConfig ++ metadata: ++ name: cpumanager-enabled ++ machineconfiguration.openshift.io/role: worker ++ spec: ++ machineConfigPoolSelector: ++ matchLabels: ++ custom-kubelet: cpumanager-enabled ++ kubeletConfig: ++ cpuManagerPolicy: static ++ cpuManagerReconcilePeriod: 5s ++ ++- name: Render template ++ ansible.builtin.template: ++ src: 99-kargs-worker.yml.j2 ++ dest: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/99-kargs-worker.yml" ++ mode: "0644" ++ ++- name: Enable hugepages ++ kubernetes.core.k8s: ++ state: present ++ src: "{{ __sap_hypervisor_node_preconfigure_register_tmpdir.path }}/99-kargs-worker.yml" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/sriov-enabled-unsupported-nics.sh b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/sriov-enabled-unsupported-nics.sh +new file mode 100644 +index 0000000..6cec1a6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/sriov-enabled-unsupported-nics.sh +@@ -0,0 +1,3 @@ ++#!/bin/bash ++# in order to allow unsupported SRIOV nics such as Mellanox ++oc patch sriovoperatorconfig default --type=merge -n openshift-sriov-network-operator --patch '{ "spec": { "enableOperatorWebhook": false } }' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/trident-backend.json.j2 b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/trident-backend.json.j2 +new file mode 100644 +index 0000000..e422aab +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/trident-backend.json.j2 +@@ -0,0 +1,18 @@ ++{ ++ "nfsMountOptions": "nfsvers=3", ++ "defaults": { ++ "exportPolicy": "default" ++ }, ++ "debug":false, ++ "managementLIF":"{{ sap_hypervisor_node_preconfigure_cluster_config.trident.management }}", ++ "dataLIF":"{{ sap_hypervisor_node_preconfigure_cluster_config.trident.data }}", ++ "svm":"{{ sap_hypervisor_node_preconfigure_cluster_config.trident.svm }}", ++ "backendName": "{{ sap_hypervisor_node_preconfigure_cluster_config.trident.backend }}", ++ "aggregate":"{{ sap_hypervisor_node_preconfigure_cluster_config.trident.aggregate }}", ++ "username":"{{ sap_hypervisor_node_preconfigure_cluster_config.trident.username }}", ++ "password":"{{ sap_hypervisor_node_preconfigure_cluster_config.trident.password }}", ++ "storageDriverName":"{{ sap_hypervisor_node_preconfigure_cluster_config.trident.storage_driver }}", ++ "storagePrefix":"{{ sap_hypervisor_node_preconfigure_cluster_config.trident.storage_prefix }}", ++ "version":1 ++} ++ +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/tuned-virtual-host.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/tuned-virtual-host.yml +new file mode 100644 +index 0000000..642c05e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/tuned-virtual-host.yml +@@ -0,0 +1,21 @@ ++--- ++- name: Set virtual-host for worker nodes ++ kubernetes.core.k8s: ++ state: present ++ definition: ++ apiVersion: tuned.openshift.io/v1 ++ kind: Tuned ++ metadata: ++ name: virtual-host ++ namespace: openshift-cluster-node-tuning-operator ++ spec: ++ profile: ++ - data: | ++ [main] ++ include=virtual-host ++ name: virtual-host ++ recommend: ++ - match: ++ - label: "node-role.kubernetes.io/worker" ++ priority: 10 ++ profile: virtual-host +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/50_hana b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/50_hana +new file mode 100644 +index 0000000..23f550e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/50_hana +@@ -0,0 +1,65 @@ ++#!/usr/bin/python3 ++ ++import os ++import sys ++import traceback ++ ++import hooking ++ ++''' ++Syntax: ++hana=1 (value doesn't matter) ++ ++The VM must be configured as High Performance with 1GB hugepages. ++For that the following kernel boot line is required for the hypervisor: ++ ++"default_hugepagesz=1GB hugepagesz=1GB hugepages=[# hugepages needed]" ++ ++In addition the "hugepages" custom property needs to be set to 1048576. ++''' ++ ++ ++if 'hana' in os.environ: ++ try: ++ domxml = hooking.read_domxml() ++ domain = domxml.getElementsByTagName('domain')[0] ++ if not len(domain.getElementsByTagName('memoryBacking')): ++ sys.stderr.write('hugepages: VM is no High Performance VM\n') ++ sys.exit(0) ++ ++ if len(domain.getElementsByTagName('cpu')): ++ cpu = domain.getElementsByTagName('cpu')[0] ++ feature_tsc = domxml.createElement('feature') ++ feature_tsc.setAttribute('policy', 'require') ++ feature_tsc.setAttribute('name', 'invtsc') ++ feature_rdt = domxml.createElement('feature') ++ feature_rdt.setAttribute('policy', 'require') ++ feature_rdt.setAttribute('name', 'rdtscp') ++ feature_x2apic = domxml.createElement('feature') ++ feature_x2apic.setAttribute('policy', 'require') ++ feature_x2apic.setAttribute('name', 'x2apic') ++ feature_lvl3 = domxml.createElement('cache') ++ feature_lvl3.setAttribute('level','3') ++ feature_lvl3.setAttribute('mode','emulate') ++ cpu.appendChild(feature_tsc) ++ cpu.appendChild(feature_rdt) ++ cpu.appendChild(feature_lvl3) ++ cpu.appendChild(feature_x2apic) ++ ++ if len(domain.getElementsByTagName('clock')): ++ clock = domain.getElementsByTagName('clock')[0] ++ tscClock = domxml.createElement('clock') ++ tscClock.setAttribute('offset', 'utc') ++ timer = domxml.createElement('timer') ++ timer.setAttribute('name','tsc') ++ # Uncomment and adjust for live migration (adjust frequency to match the lowest value in your cluster) ++ #timer.setAttribute('frequency','2494140000') ++ tscClock.appendChild(timer) ++ domain.removeChild(clock) ++ domain.appendChild(tscClock) ++ ++ hooking.write_domxml(domxml) ++ except Exception: ++ sys.stderr.write('highperf hook: [unexpected error]: %s\n' % ++ traceback.format_exc()) ++ sys.exit(2) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/50_iothread_pinning b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/50_iothread_pinning +new file mode 100644 +index 0000000..1a7d70d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/50_iothread_pinning +@@ -0,0 +1,65 @@ ++#!/usr/bin/python3 ++ ++import os ++import sys ++import traceback ++ ++import hooking ++ ++''' ++Syntax: ++iothread=, ++ ++This hook will bind the iothread in RHV to the named core(s). ++A maximum of 2 Cores is allowed, ideally pinned to the core (plus its hyperthread) that is bound to the Interrupt ++Allowed syntax is also a range - as well as a mix. ++engine-config -s UserDefinedVMProperties='iothread=^[0-9,-]+$' --cver=4.2 ++''' ++ ++ ++if 'iothread' in os.environ: ++ try: ++ iopin = os.environ['iothread']; ++ domxml = hooking.read_domxml() ++ domain = domxml.getElementsByTagName('domain')[0] ++ if len(domain.getElementsByTagName('iothreads')): ++ if len(domain.getElementsByTagName('iothreadids')): ++ iothreadids = domain.getElementsByTagName('iothreadids')[0] ++ else: ++ iothreadids = domxml.createElement('iothreadids') ++ domain.appendChild(iothreadids) ++ ++ if len(iothreadids.getElementsByTagName('iothread')): ++ ids = iothreadids.getElementsByTagName('iothread')[0] ++ else: ++ ids = domxml.createElement('iothread') ++ iothreadids.appendChild(ids) ++ ids.setAttribute('id', '1') ++ ++ if len(domain.getElementsByTagName('cputune')): ++ cputune = domain.getElementsByTagName('cputune')[0] ++ else: ++ cputune = domxml.createElement('cputune') ++ domain.appendChile(cputune) ++ ++ if len(cputune.getElementsByTagName('iothreadpin')): ++ iothreadpin = cputune.getElementsByTagName('iothreadpin')[0] ++ else: ++ iothreadpin = domxml.createElement('iothreadpin') ++ cputune.appendChild(iothreadpin) ++ iothreadpin.setAttribute('iothread', '1') ++ iothreadpin.setAttribute('cpuset', iopin) ++ ++ if len(cputune.getElementsByTagName('emulatorpin')): ++ emulatorpin = cputune.getElementsByTagName('emulatorpin')[0] ++ else: ++ emulatorpin = domxml.createElement('emulatorpin') ++ cputune.appendChild(emulatorpin) ++ emulatorpin.setAttribute('cpuset', iopin) ++ ++ hooking.write_domxml(domxml) ++ except Exception: ++ sys.stderr.write('iothreads hook: [unexpected error]: %s\n' % ++ traceback.format_exc()) ++ sys.exit(2) ++ +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/allocate-hugepages-at-runtime.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/allocate-hugepages-at-runtime.yml +new file mode 100644 +index 0000000..97a9c72 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/allocate-hugepages-at-runtime.yml +@@ -0,0 +1,27 @@ ++--- ++- name: Install libhugetlbfs ++ ansible.builtin.yum: ++ name: libhugetlbfs, libhugetlbfs-utils ++ state: present ++ ++#XXX better location than rc.local? ++- name: Add hugepage allocation to /etc/rc.local ++ ansible.builtin.blockinfile: ++ path: /etc/rc.local ++ marker: "" ++ block: | ++ hugeadm --create-mounts --pool-pages-min 1G:$(free -g | grep "Mem:" | awk '{print $2-"{{ sap_hypervisor_node_preconfigure_reserved_ram }}"}') ++ ++- name: Set default hugepage size ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX=(?!.* {{ item }}).*). *$' ++ line: "\\1 {{ item }}\"" ++ with_items: ++ - default_hugepagesz=1GB ++ - hugepagesz=1GB ++ notify: "Regenerate grub2 conf handler" ++ tags: grubconfig +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-configuration.yml +new file mode 100644 +index 0000000..f4ddb25 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-configuration.yml +@@ -0,0 +1,135 @@ ++--- ++# tasks file for sap_hypervisor_node_preconfigure ++ ++- name: Get kernel command line ++ ansible.builtin.command: cat /proc/cmdline ++ register: __sap_hypervisor_node_preconfigure_kernelcmdline_assert ++ changed_when: __sap_hypervisor_node_preconfigure_kernelcmdline_assert.rc != 0 ++ ++- name: "Assert - Kernel same page merging (KSM): Get status" ++ ansible.builtin.command: systemctl status ksm ++ register: __sap_hypervisor_node_preconfigure_ksmstatus_assert ++ ignore_errors: yes ++ changed_when: __sap_hypervisor_node_preconfigure_ksmstatus_assert.rc != 0 ++ ++- name: "Assert - Kernel same page merging (KSM): Check if stopped" ++ ansible.builtin.assert: ++ that: "'Active: inactive (dead)' in __sap_hypervisor_node_preconfigure_ksmstatus_assert.stdout" ++ fail_msg: "FAIL: ksm is running" ++ success_msg: "PASS: ksm not running" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++- name: "Assert - Kernel same page merging (KSM) Tuning Daemon: Get status" ++ ansible.builtin.command: systemctl status ksmtuned ++ register: __sap_hypervisor_node_preconfigure_ksmtunedstatus_assert ++ ignore_errors: yes ++ changed_when: __sap_hypervisor_node_preconfigure_ksmtunedstatus_assert.rc != 0 ++ ++- name: "Assert - Kernel same page merging (KSM) Tuning Daemon: Check if stopped" ++ ansible.builtin.assert: ++ that: "'Active: inactive (dead)' in __sap_hypervisor_node_preconfigure_ksmtunedstatus_assert.stdout" ++ fail_msg: "FAIL: ksmtuned is running" ++ success_msg: "PASS: ksmtuned not running" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++- name: Check CPU Stepping ++ ansible.builtin.shell: set -o pipefail && lscpu | awk '/Stepping/{print $2}' ++ register: __sap_hypervisor_node_preconfigure_cpu_stepping_output_assert ++ changed_when: __sap_hypervisor_node_preconfigure_cpu_stepping_output_assert.rc != 0 ++ ++- name: Register stepping as fact ++ ansible.builtin.set_fact: ++ __sap_hypervisor_node_preconfigure_cpu_stepping_assert: "{{ __sap_hypervisor_node_preconfigure_cpu_stepping_output_assert.stdout }}" ++ ++- name: Print CPU Stepping ++ ansible.builtin.debug: ++ var: __sap_hypervisor_node_preconfigure_cpu_stepping_assert ++ ++# skylake: ++- name: Assert - Check Intel Skylake CPU Platform ++ when: __sap_hypervisor_node_preconfigure_cpu_stepping_assert == "4" ++ block: ++ - name: Get ple_gap ++ ansible.builtin.command: grep -E '^options\s+kvm_intel.*?ple_gap\s*=\s*0.*$' /etc/modprobe.d/kvm.conf ++ register: __sap_hypervisor_node_preconfigure_skylake_plegap_assert ++ ignore_errors: yes ++ changed_when: __sap_hypervisor_node_preconfigure_skylake_plegap_assert.rc != 0 ++ ++ - name: Assert - Check if ple_gap=0 ++ ansible.builtin.assert: ++ that: "__sap_hypervisor_node_preconfigure_skylake_plegap_assert.rc == 0" ++ fail_msg: "FAIL: ple_gap is not set to 0" ++ success_msg: "PASS: ple_gap is set to 0" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++ - name: Assert - Check for spectre_v2=retpoline ++ ansible.builtin.assert: ++ that: "'spectre_v2=retpoline' in __sap_hypervisor_node_preconfigure_kernelcmdline_assert.stdout" ++ fail_msg: "FAIL: spectre_v2=retpoline is not on Kernel command line" ++ success_msg: "PASS: spectre_v2=retpoline is on Kernel command line" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++- name: Assert - check sap_hypervisor_node_preconfigure_nx_huge_pages ++ when: sap_hypervisor_node_preconfigure_kvm_nx_huge_pages is defined ++ block: ++ - name: Set fact for sap_hypervisor_node_preconfigure_register_assert_nx_huge_pages ++ ansible.builtin.set_fact: ++ sap_hypervisor_node_preconfigure_register_assert_nx_huge_pages: "{{ __sap_hypervisor_node_preconfigure_kernelcmdline_assert.stdout | regex_search('kvm.nx_huge_pages=(.+)', '\\1') | first }}" ++ - name: "Assert - Check kvm.nx_huge_pages is {{ sap_hypervisor_node_preconfigure_kvm_nx_huge_pages }}" ++ ansible.builtin.assert: ++ that: sap_hypervisor_node_preconfigure_register_assert_nx_huge_pages == sap_hypervisor_node_preconfigure_kvm_nx_huge_pages ++ fail_msg: "FAIL: kvm.nx_huge_pages is not {{ sap_hypervisor_node_preconfigure_kvm_nx_huge_pages }}" ++ success_msg: "PASS: kvm.nx_huge_pages is {{ sap_hypervisor_node_preconfigure_kvm_nx_huge_pages }}" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++- name: Assert - check seccomp_sandbox=0 ++ block: ++ - name: Get seccomp setting ++ ansible.builtin.command: grep -E '^seccomp_sandbox\s+=\s+0.*$' /etc/libvirt/qemu.conf ++ register: __sap_hypervisor_node_preconfigure_seccomp_assert ++ ignore_errors: yes ++ changed_when: __sap_hypervisor_node_preconfigure_seccomp_assert.rc != 0 ++ ++ - name: "Assert - Check seccomp_sandbox=0 is in /etc/libvirt/qemu.conf" ++ ansible.builtin.assert: ++ that: __sap_hypervisor_node_preconfigure_seccomp_assert is success ++ fail_msg: "FAIL: seccomp_sandbox != 0" ++ success_msg: "PASS: seccomp_sanbox == 0" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++- name: Assert - check amount of 1G hugepages ++ block: ++ - name: Get amount of 1G hugepages ++ ansible.builtin.shell: set -o pipefail && hugeadm --pool-list | grep 1073741824 | awk '{print $3}' ++ register: __sap_hypervisor_node_preconfigure_1g_hugepages_assert ++ changed_when: __sap_hypervisor_node_preconfigure_1g_hugepages_assert.rc != 0 ++ ++ - name: "Check that at least {{ sap_hypervisor_node_preconfigure_reserved_ram }} GB are available for the hypervisor and the rest are 1G hugepages" ++ ansible.builtin.assert: ++ that: ((ansible_memtotal_mb / 1024) | int - sap_hypervisor_node_preconfigure_reserved_ram | int) >= (__sap_hypervisor_node_preconfigure_1g_hugepages_assert.stdout | int) ++ fail_msg: "FAIL: Not enough memory reserved for hypervisor" ++ success_msg: "PASS: Enough memory reserved for hypervisor" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++- name: Assert - check Kernel command line ++ block: ++ - name: Ensure iommu is enabled ++ ansible.builtin.assert: ++ that: "'intel_iommu=on' in __sap_hypervisor_node_preconfigure_kernelcmdline_assert.stdout" ++ fail_msg: "FAIL: intel_iommu=on not on Kernel command line" ++ success_msg: "PASS: intel_iommu=on on Kernel command line" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++ - name: Ensure iommu passthrough is enabled ++ ansible.builtin.assert: ++ that: "'iommu=pt' in __sap_hypervisor_node_preconfigure_kernelcmdline_assert.stdout" ++ fail_msg: "FAIL: iommu=pt not on Kernel command line" ++ success_msg: "PASS: iommu=pt on Kernel command line" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++ - name: Ensure tsx is on ++ ansible.builtin.assert: ++ that: "'tsx=on' in __sap_hypervisor_node_preconfigure_kernelcmdline_assert.stdout" ++ fail_msg: "FAIL: tsx=on not in Kernel command line" ++ success_msg: "PASS: tsx=on in Kernel command line" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-installation.yml +new file mode 100644 +index 0000000..34aa301 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-installation.yml +@@ -0,0 +1,14 @@ ++--- ++- name: Gather package facts ++ ansible.builtin.package_facts: ++ ++- name: Assert that all required packages are installed ++ ansible.builtin.assert: ++ that: line_item in ansible_facts.packages ++ fail_msg: "FAIL: Package '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Package '{{ line_item }}' is installed." ++ with_items: ++ - "{{ sap_hypervisor_node_preconfigure_packages }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-rhv-hooks.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-rhv-hooks.yml +new file mode 100644 +index 0000000..4838f18 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-rhv-hooks.yml +@@ -0,0 +1,37 @@ ++--- ++- name: Check file permissions ++ ansible.builtin.command: "stat -c%a /usr/libexec/vdsm/hooks/before_vm_start/{{ item }}" ++ register: __sap_hypervisor_node_preconfigure_register_file_permissions_assert ++ changed_when: __sap_hypervisor_node_preconfigure_register_file_permissions_assert.rc != 0 ++ ++- name: Assert hook file permissions ++ ansible.builtin.assert: ++ that: "__sap_hypervisor_node_preconfigure_register_file_permissions_assert.stdout == '755'" ++ fail_msg: "FAIL: Hook {{ item }} does not have the correct file permissions (!= 755)." ++ success_msg: "PASS: Hook {{ item }} does have the correct file permissions (755)." ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" ++ ++- name: Create tmp dir ++ ansible.builtin.file: ++ path: /tmp/sap_hypervisor_node_preconfigure ++ state: directory ++ mode: "0755" ++ ++- name: Copy hook for checking ++ ansible.builtin.copy: ++ dest: "/tmp/sap_hypervisor_node_preconfigure/{{ item }}" ++ src: "{{ item }}" ++ mode: "0755" ++ ++- name: Diff hook ++ ansible.builtin.command: "diff -uw /tmp/sap_hypervisor_node_preconfigure/{{ item }} /usr/libexec/vdsm/hooks/before_vm_start/{{ item }}" ++ register: __sap_hypervisor_node_preconfigure_register_hook_diff_assert ++ ignore_errors: yes ++ changed_when: __sap_hypervisor_node_preconfigure_register_hook_diff_assert.rc != 0 ++ ++- name: Assert hook content ++ ansible.builtin.assert: ++ that: "__sap_hypervisor_node_preconfigure_register_hook_diff_assert.rc == 0" ++ fail_msg: "FAIL: Hook {{ item }} has been modified, please investigate manually." ++ success_msg: "PASS: Hook {{ item }} not modified" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-set-tuned-profile.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-set-tuned-profile.yml +new file mode 100644 +index 0000000..ab0d0c9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-set-tuned-profile.yml +@@ -0,0 +1,14 @@ ++--- ++- name: Assert - Check tuned profile ++ block: ++ - name: Get tuned profile ++ ansible.builtin.command: tuned-adm active ++ register: __sap_hypervisor_node_preconfigure_tuned_profile_assert ++ changed_when: __sap_hypervisor_node_preconfigure_tuned_profile_assert.rc != 0 ++ ++ - name: Verify tuned profile ++ ansible.builtin.assert: ++ that: "'Current active profile: sap-hana-kvm-host' in __sap_hypervisor_node_preconfigure_tuned_profile_assert.stdout" ++ fail_msg: "FAIL: tuned profile is not sap-hana-kvm-host" ++ success_msg: "PASS: tuned profile is sap-hana-kvm-host" ++ ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/configuration.yml +new file mode 100644 +index 0000000..b49399e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/configuration.yml +@@ -0,0 +1,131 @@ ++--- ++# tasks file for sap_hypervisor_node_preconfigure ++ ++- name: Stop and disable kernel same page merging (KSM) ++ ansible.builtin.systemd: ++ name: ksm ++ state: stopped ++ enabled: false ++ ++- name: Stop and disable kernel same page merging (KSM) tuning daemon ++ ansible.builtin.systemd: ++ name: ksmtuned ++ state: stopped ++ enabled: false ++ ++- name: Check CPU Stepping ++ ansible.builtin.shell: set -o pipefail && lscpu | awk '/Stepping/{print $2}' ++ register: cpu_stepping_output ++ changed_when: cpu_stepping_output.rc != 0 ++ ++- name: Register CPU stepping as fact ++ ansible.builtin.set_fact: ++ cpu_stepping: "{{ cpu_stepping_output.stdout }}" ++ become: true ++ become_user: root ++ ++# skylake: ++- name: Set ple_gap=0 on Intel Skylake CPU Platform ++ ansible.builtin.lineinfile: ++ path: /etc/modprobe.d/kvm.conf ++ line: options kvm_intel ple_gap=0 ++ when: cpu_stepping == "4" ++ become: true ++ become_user: root ++ ++# skylake ++- name: Set spectre_v2=retpoline on Intel Skylake CPU Platform ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX=(?!.* {{ item }}).*). *$' ++ line: "\\1 {{ item }}\"" ++ with_items: ++ - "spectre_v2=retpoline" ++ notify: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ tags: grubconfig ++ when: cpu_stepping == "4" ++ become: true ++ become_user: root ++ ++- name: "Set kvm.nx_huge_pages to {{ sap_hypervisor_node_preconfigure_kvm_nx_huge_pages }}" ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX=(?!.* {{ item }}).*). *$' ++ line: "\\1 {{ item }}\"" ++ with_items: ++ - "kvm.nx_huge_pages={{ sap_hypervisor_node_preconfigure_kvm_nx_huge_pages }}" ++ notify: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ tags: grubconfig ++ when: sap_hypervisor_node_preconfigure_kvm_nx_huge_pages is defined ++ become: true ++ become_user: root ++ ++- name: Set seccomp_sanbox=0 ++ ansible.builtin.lineinfile: ++ path: /etc/libvirt/qemu.conf ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: 'seccomp_sandbox' ++ line: "seccomp_sandbox = 0" ++ become: true ++ become_user: root ++ ++- name: Include allocate hughepages at runtime ++ ansible.builtin.include_tasks: allocate-hugepages-at-runtime.yml ++ when: sap_hypervisor_node_preconfigure_reserve_hugepages == "runtime" ++ ++- name: Reserve Hugepages statically ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX=(?!.* {{ item }}).*). *$' ++ line: "\\1 {{ item }}\"" ++ with_items: ++ - default_hugepagesz=1GB ++ - hugepagesz=1GB ++ - hugepages={{ (ansible_memtotal_mb / 1024) | int - sap_hypervisor_node_preconfigure_reserved_ram }} ++ notify: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ tags: grubconfig ++ when: sap_hypervisor_node_preconfigure_reserve_hugepages == "static" ++ become: true ++ become_user: root ++ ++- name: Enable IOMMU PT ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX=(?!.* {{ item }}).*). *$' ++ line: "\\1 {{ item }}\"" ++ with_items: ++ - intel_iommu=on ++ - iommu=pt ++ notify: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ tags: grubconfig ++ become: true ++ become_user: root ++ ++- name: Enable TSX ++ ansible.builtin.lineinfile: ++ path: /etc/default/grub ++ backup: yes ++ backrefs: yes ++ state: present ++ regexp: '^(GRUB_CMDLINE_LINUX=(?!.* {{ item }}).*). *$' ++ line: "\\1 {{ item }}\"" ++ with_items: ++ - "tsx={{ sap_hypervisor_node_preconfigure_tsx }}" ++ notify: __sap_hypervisor_node_preconfigure_regenerate_grub2_conf_handler ++ tags: grubconfig ++ become: true ++ become_user: root +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/installation.yml +new file mode 100644 +index 0000000..c38cf3a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/installation.yml +@@ -0,0 +1,7 @@ ++--- ++- name: Ensure required packages are installed ++ ansible.builtin.package: ++ state: present ++ name: "{{ sap_hypervisor_node_preconfigure_packages }}" ++ become: true ++ become_user: root +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/main.yml +new file mode 100644 +index 0000000..dd405a4 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/main.yml +@@ -0,0 +1,28 @@ ++--- ++- name: Display sap_hypervisor_node_preconfigure_assert ++ ansible.builtin.debug: ++ var: sap_hypervisor_node_preconfigure_assert ++ ++- name: Set filename prefix to empty string if role is run in normal mode ++ ansible.builtin.set_fact: ++ assert_prefix: "" ++ ++- name: Prepend filename with assert string if role is run in assert mode ++ ansible.builtin.set_fact: ++ assert_prefix: "assert-" ++ when: sap_hypervisor_node_preconfigure_assert ++ ++- name: Include "{{ assert_prefix }}installation.yml" ++ ansible.builtin.include_tasks: '{{ assert_prefix }}installation.yml' ++ ++- name: Include "{{ assert_prefix }}configuration.yml" ++ ansible.builtin.include_tasks: '{{ assert_prefix }}configuration.yml' ++ ++- name: Include "{{ assert_prefix }}set-tuned-profile.yml" ++ ansible.builtin.include_tasks: '{{ assert_prefix }}set-tuned-profile.yml' ++ ++- name: Include "{{ assert_prefix }}rhv-hooks.yml" ++ ansible.builtin.include_tasks: "{{ assert_prefix }}rhv-hooks.yml" ++ loop: ++ - 50_hana ++ - 50_iothread_pinning +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/rhv-hooks.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/rhv-hooks.yml +new file mode 100644 +index 0000000..ee0d63a +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/rhv-hooks.yml +@@ -0,0 +1,16 @@ ++--- ++- name: Create hook dir ++ ansible.builtin.file: ++ path: /usr/libexec/vdsm/hooks/before_vm_start ++ state: directory ++ mode: "0755" ++ become: true ++ become_user: root ++ ++- name: Copy hook ++ ansible.builtin.copy: ++ dest: "/usr/libexec/vdsm/hooks/before_vm_start/{{ item }}" ++ src: "{{ item }}" ++ mode: "0755" ++ become: true ++ become_user: root +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/set-tuned-profile.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/set-tuned-profile.yml +new file mode 100644 +index 0000000..e7bee53 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/set-tuned-profile.yml +@@ -0,0 +1,44 @@ ++--- ++- name: Create tuned profile directory /usr/lib/tuned/sap-hana-kvm-host ++ ansible.builtin.file: ++ path: /usr/lib/tuned/sap-hana-kvm-host ++ state: directory ++ mode: "0755" ++ become: true ++ become_user: root ++ ++- name: Create sap-hana-kvm-host tuned profile ++ ansible.builtin.copy: ++ dest: "/usr/lib/tuned/sap-hana-kvm-host/tuned.conf" ++ mode: "0644" ++ content: | ++ # ++ # tuned configuration ++ # ++ [main] ++ summary=Optimize for running as KVM host for SAP HANA as virtual guest ++ include=throughput-performance ++ ++ [sysctl] ++ # Start background writeback (via writeback threads) at this percentage (system ++ # default is 10%) ++ vm.dirty_background_ratio = 5 ++ ++ # The total time the scheduler will consider a migrated process ++ # "cache hot" and thus less likely to be re-migrated ++ # (system default is 500000, i.e. 0.5 ms) ++ kernel.sched_migration_cost_ns = 5000000 ++ ++ [cpu] ++ # Setting C3 state sleep mode/power savings on X86 ++ # and force_latency=70 on Power ++ force_latency=cstate.id:3|70 ++ become: true ++ become_user: root ++ ++- name: Activate tuned profile ++ ansible.builtin.command: tuned-adm profile sap-hana-kvm-host ++ register: __sap_hypervisor_node_preconfigre_register_tuned_activation_output ++ become: true ++ become_user: root ++ changed_when: __sap_hypervisor_node_preconfigre_register_tuned_activation_output.rc != 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/vmware_vsphere/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/tasks/platform/vmware_vsphere/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/main.yml +new file mode 100644 +index 0000000..ed97d53 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/main.yml +@@ -0,0 +1 @@ ++--- +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_ocp_virt.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_ocp_virt.yml +new file mode 100644 +index 0000000..db8e674 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_ocp_virt.yml +@@ -0,0 +1,28 @@ ++--- ++# vars file for sap_hypervisor_node_preconfigure ++# ++ ++# Install and configure the host path provisioner (hpp) for a local storage disk ++sap_hypervisor_node_preconfigure_install_hpp: false ++ ++# Install the trident NFS storage provider ++sap_hypervisor_node_preconfigure_install_trident: false ++# URL of the trident installer package to use ++sap_hypervisor_node_preconfigure_install_trident_url: https://github.com/NetApp/trident/releases/download/v23.01.0/trident-installer-23.01.0.tar.gz ++ ++# should SRIOV be enabled for unsupported NICs ++sap_hypervisor_node_preconfigure_sriov_enable_unsupported_nics: true ++ ++# Amount of memory [GiB] to be reserved for the hypervisor on hosts >= 512GiB ++sap_hypervisor_node_preconfigure_hypervisor_reserved_ram_host_ge_512: 64 #GiB ++# Amount of memory [GiB] to be reserved for the hypervisor on hosts < 512GiB ++sap_hypervisor_node_preconfigure_hypervisor_reserved_ram_host_lt_512: 32 #GiB ++ ++# Should the check for the minimal amount of be ignored? Minimal amount is 96 GiB ++sap_hypervisor_node_preconfigure_ignore_minimal_memory_check: false ++ ++# Should the operators be installed ++sap_hypervisor_node_preconfigure_install_operators: true ++ ++# Configure the workers? ++sap_hypervisor_node_preconfigure_setup_workers: true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_rhel_kvm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_rhel_kvm.yml +new file mode 100644 +index 0000000..fb02f0b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_hypervisor_node_preconfigure/vars/platform_defaults_redhat_rhel_kvm.yml +@@ -0,0 +1,38 @@ ++--- ++ ++# defaults file for sap_hypervisor_node_preconfigure ++ ++# packages to install ++sap_hypervisor_node_preconfigure_packages: ++ - libhugetlbfs-utils ++ - qemu-kvm ++ - libvirt ++ - tuned ++ ++# is it okay to reboot host? ++sap_hypervisor_node_preconfigure_reboot_ok: true ++ ++# should the role fail if a reboot is required ++sap_hypervisor_node_preconfigure_fail_if_reboot_required: false ++ ++# recreate kernel command line with grub2-mkconfig ++sap_hypervisor_node_preconfigure_run_grub2_mkconfig: yes ++ ++# Reserve memory [GB] for hypervisor host ++sap_hypervisor_node_preconfigure_reserved_ram: 100 ++ ++# allocate hugepages: {static|runtime} ++# static: done at kernel command line which is slow, but safe ++# runtime: done through tuned-profile ++sap_hypervisor_node_preconfigure_reserve_hugepages: static ++ ++# kvm.nx_huge_pages: {"auto"|"on"|"off"} ++# Note the importance of the quotes, otherwise off will be mapped to false ++sap_hypervisor_node_preconfigure_kvm_nx_huge_pages: "auto" ++ ++# Intel Transactional Synchronization Extensions (TSX): {"on"|"off"} ++# Note the importance of the quotes, otherwise off will be mapped to false ++sap_hypervisor_node_preconfigure_tsx: "on" ++ ++# fail if assertion is invalid ++sap_hypervisor_node_preconfigure_ignore_failed_assertion: no +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/.ansible-lint b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/.ansible-lint +new file mode 100644 +index 0000000..51ae52e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/.ansible-lint +@@ -0,0 +1,16 @@ ++--- ++exclude_paths: ++ - tests/sap_netweaver_preconfigure/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/README.md b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/README.md +new file mode 100644 +index 0000000..306d438 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/README.md +@@ -0,0 +1,195 @@ ++# sap_netweaver_preconfigure Ansible Role ++ ++This role installs additional required packages and performs additional configuration steps for installing and running SAP NetWeaver. ++If you want to configure a RHEL system for the installation and later usage of SAP NetWeaver, you have to first run role `sap_general_preconfigure` and then role sap_netweaver_preconfigure. ++For SLES, running the `sap_general_preconfigure` role is not necessary. ++ ++## Support Status ++ ++The support status of this role is: "Fully supported for RHEL managed nodes" ++ ++## Requirements ++ ++To use this role, your system needs to be configured with the basic requirements for SAP NetWeaver or SAP HANA. This is typically done by ++running role sap_general_preconfigure (for RHEL managed nodes before RHEL 7.6, community maintained role sap-base-settings can be used). ++It is also strongly recommended to run role linux-system-roles.timesync for all systems running SAP NetWeaver, to maintain an identical ++system time, before or after running role sap_netweaver_preconfigure. ++ ++Note ++---- ++On RHEL, as per SAP notes 2002167, 2772999, and 3108316, the role will switch to tuned profile sap-netweaver no matter if another tuned profile ++(e.g. virtual-guest) had been active before or not. ++ ++On SLES, this role will switch the saptune solution to the one specified by the configuration and will override any previously set solution. ++The default solution is `NETWEAVER`. ++ ++The role can check if enough swap space - as per the prerequisite checker in sapinst - has been configured on the managed node. ++Please check the SAP NetWeaver installation guide for swap space requirements. ++ ++Do not run this role against an SAP NetWeaver or other production system. The role will enforce a certain configuration on the managed ++node(s), which might not be intended. ++ ++ ++## Role Input Parameters ++ ++Minimum required parameters: ++This role does not require any parameter to be set in the playbook or inventory. ++ ++ ++### sap_netweaver_preconfigure_config_all ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes.
++Default is to perform installation and configuration steps.
++ ++### sap_netweaver_preconfigure_installation ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++installation steps of SAP notes.
++ ++### sap_netweaver_preconfigure_configuration ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the
++configuration steps of SAP notes.
++ ++### sap_netweaver_preconfigure_assert ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++If set to `true`, the role will run in assertion mode instead of the default configuration mode.
++ ++### sap_netweaver_preconfigure_assert_ignore_errors ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++In assertion mode, the role will abort when encountering any assertion error.
++If this parameter is set to `false`, the role will *not* abort when encountering an assertion error.
++This is useful if the role is used for reporting a system's SAP notes compliance.
++ ++### sap_netweaver_preconfigure_min_swap_space_mb ++- _Type:_ `str` ++- _Default:_ `20480` ++ ++Specifies the minimum amount of swap space on the system required by SAP NetWeaver.
++If this requirement is not met, the role will abort.
++Set your own value to override the default of `20480`.
++ ++### sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured ++- _Type:_ `bool` ++- _Default:_ `true` ++ ++If the system does not have the minimum amount of swap space configured as defined
++in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort.
++By setting this parameter to `false`, the role will not abort in such cases.
++ ++### sap_netweaver_preconfigure_rpath ++- _Type:_ `str` ++- _Default:_ `/usr/sap/lib` ++ ++Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role
++is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`,
++so that newer SAP kernels which are built with GCC10 can find the required symbols.
++ ++### sap_netweaver_preconfigure_use_adobe_doc_services ++- _Type:_ `bool` ++- _Default:_ `false` ++ ++Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed.
++ ++### sap_netweaver_preconfigure_saptune_version ++- _Type:_ `str` ++- _Default:_ `3.0.2` ++ ++On SLES systems, specifies the saptune version
++ ++### sap_netweaver_preconfigure_saptune_solution ++- _Type:_ `str` ++- _Default:_ `NETWEAVER` ++- _Possible Values:_
++ - `NETWEAVER` ++ - `NETWEAVER+HANA` ++ - `S4HANA-APP+DB` ++ - `S4HANA-APPSERVER` ++ - `S4HANA-DBSERVER` ++ ++On SLES systems, specifies the saptune solution to apply.
++ ++ ++ ++## Example Playbook ++ ++Simple playbook, named sap+netweaver.yml: ++```yaml ++--- ++- hosts: all ++ roles: ++ - role: sap_general_preconfigure ++ - role: sap_netweaver_preconfigure ++``` ++ ++Simple playbook for an extended check (assert) run, named sap+netweaver-assert.yml: ++```yaml ++--- ++- hosts: all ++ vars: ++ sap_preconfigure_assert: yes ++ sap_preconfigure_assert_ignore_errors: yes ++ sap_netweaver_preconfigure_assert: yes ++ sap_netweaver_preconfigure_assert_ignore_errors: yes ++ roles: ++ - role: sap_general_preconfigure ++ - role: sap_netweaver_preconfigure ++``` ++ ++## Example Usage ++Normal run, for configuring server host_1 for SAP NetWeaver: ++```yaml ++ansible-playbook sap+netweaver.yml -l host_1 ++``` ++ ++Extended Check (assert) run, not aborting if an error has been found: ++```yaml ++ansible-playbook sap+netweaver-assert.yml -l host_1 ++``` ++ ++Same as above, with a nice compact and colored output, this time for two hosts: ++```yaml ++ansible-playbook sap+netweaver-assert.yml -l host_1,host_2 | ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033[30m[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033[30m[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033[30m Last TASK and fatal output:\n"); print task_line, fatal_line ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033[30m\n", nfail[var], nwarn[var], npass[var])}}' ++``` ++Note: For terminals with dark background, replace the color code `30m` by `37m`. ++In case you need to make an invisible font readable on a terminal with dark background, run the following command in the terminal: ++```yaml ++printf "\033[37mreadable font\n" ++``` ++In case you need to make an invisible font readable on a terminal with bright background, run the following command in the terminal: ++```yaml ++printf "\033[30mreadable font\n" ++``` ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++Red Hat for SAP Community of Practice, Bernd Finger, Rainer Leber +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/defaults/main.yml +new file mode 100644 +index 0000000..b49137d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/defaults/main.yml +@@ -0,0 +1,31 @@ ++--- ++# defaults file for sap_netweaver_preconfigure ++ ++# Perform an assertion run: ++sap_netweaver_preconfigure_assert: no ++ ++# In case of an assertion run, if set to "yes", the role will abort for any assertion error: ++sap_netweaver_preconfigure_assert_ignore_errors: no ++ ++sap_netweaver_preconfigure_min_swap_space_mb: '20480' ++ ++sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured: yes ++ ++sap_netweaver_preconfigure_rpath: '/usr/sap/lib' ++ ++sap_netweaver_preconfigure_use_adobe_doc_services: no ++ ++#SLES Only ++sap_netweaver_preconfigure_saptune_version: '3.0.2' ++ ++## The following variables control aspects of saptune and are only relevant for SLES for SAP Application ++ ++# The saptune solution to apply. For netweaver, the only appropriate options are: ++#NETWEAVER ++#NETWEAVER+HANA ++#S4HANA-APP+DB ++#S4HANA-APPSERVER ++#S4HANA-DBSERVER ++# The default value is NETWEAVER ++ ++sap_netweaver_preconfigure_saptune_solution: NETWEAVER +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/handlers/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/handlers/main.yml +new file mode 100644 +index 0000000..dacebbb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/handlers/main.yml +@@ -0,0 +1,2 @@ ++--- ++# handlers file for sap_netweaver_preconfigure +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/meta/argument_specs.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/meta/argument_specs.yml +new file mode 100644 +index 0000000..595c9e0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/meta/argument_specs.yml +@@ -0,0 +1,115 @@ ++--- ++# Requires: ansible 2.11 ++# Argument specifications in this separate file maintain backwards compatibility. ++argument_specs: ++ ++ main: ++ short_description: Variables for SAP NetWeaver preconfiguration ++ options: ++ ++# sap_netweaver_preconfigure_... ++# default: ++# description: ++# - ++# example: ++# ++# required: false ++# type: ++# options: # additional options for lists and dicts ++# : ++# description: ++# ... ++ ++ sap_netweaver_preconfigure_config_all: ++ default: true ++ description: ++ - If set to `false`, the role will only execute or verify the installation or configuration steps of SAP notes. ++ - Default is to perform installation and configuration steps. ++ required: false ++ type: bool ++ ++ sap_netweaver_preconfigure_installation: ++ default: false ++ description: ++ - If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++ - installation steps of SAP notes. ++ required: false ++ type: bool ++ ++ sap_netweaver_preconfigure_configuration: ++ default: false ++ description: ++ - If `sap_netweaver_preconfigure_config_all` is set to `false`, set this variable to `true` to perform only the ++ - configuration steps of SAP notes. ++ required: false ++ type: bool ++ ++ sap_netweaver_preconfigure_assert: ++ default: false ++ description: ++ - If set to `true`, the role will run in assertion mode instead of the default configuration mode. ++ required: false ++ type: bool ++ ++ sap_netweaver_preconfigure_assert_ignore_errors: ++ default: false ++ description: ++ - In assertion mode, the role will abort when encountering any assertion error. ++ - If this parameter is set to `false`, the role will *not* abort when encountering an assertion error. ++ - This is useful if the role is used for reporting a system's SAP notes compliance. ++ required: false ++ type: bool ++ ++ sap_netweaver_preconfigure_min_swap_space_mb: ++ default: '20480' ++ description: ++ - Specifies the minimum amount of swap space on the system required by SAP NetWeaver. ++ - If this requirement is not met, the role will abort. ++ - Set your own value to override the default of `20480`. ++ required: false ++ type: str ++ ++ sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured: ++ default: true ++ description: ++ - If the system does not have the minimum amount of swap space configured as defined ++ - in parameter `sap_netweaver_preconfigure_min_swap_space_mb`, the role will abort. ++ - By setting this parameter to `false`, the role will not abort in such cases. ++ required: false ++ type: bool ++ ++ sap_netweaver_preconfigure_rpath: ++ default: '/usr/sap/lib' ++ description: ++ - Specifies the SAP kernel's `RPATH`. This is where the SAP kernel is searching for libraries, and where the role ++ - is creating a link named `libstdc++.so.6` pointing to `/opt/rh/SAP/lib64/compat-sap-c++-10.so`, ++ - so that newer SAP kernels which are built with GCC10 can find the required symbols. ++ required: false ++ type: str ++ ++ sap_netweaver_preconfigure_use_adobe_doc_services: ++ default: false ++ description: ++ - Set this parameter to `true` when using Adobe Document Services, to ensure all required packages are installed. ++ required: false ++ type: bool ++ ++ sap_netweaver_preconfigure_saptune_version: ++ default: '3.0.2' ++ description: ++ - On SLES systems, specifies the saptune version ++ required: false ++ type: str ++ ++ sap_netweaver_preconfigure_saptune_solution: ++ default: 'NETWEAVER' ++ description: ++ - On SLES systems, specifies the saptune solution to apply. ++ choices: ++ - 'NETWEAVER' ++ - 'NETWEAVER+HANA' ++ - 'S4HANA-APP+DB' ++ - 'S4HANA-APPSERVER' ++ - 'S4HANA-DBSERVER' ++ required: false ++ type: str +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/meta/main.yml +new file mode 100644 +index 0000000..ff3afbf +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/meta/main.yml +@@ -0,0 +1,13 @@ ++--- ++galaxy_info: ++ namespace: community ++ author: Red Hat for SAP Community of Practice, Bernd Finger, Rainer Leber ++ description: Prepare Linux OS (RHEL, SLES) with specific configurations required for SAP NetWeaver installation ++ company: Red Hat, Inc. ++ license: Apache-2.0 ++ min_ansible_version: 2.9 ++ platforms: ++ - name: EL ++ versions: [7, 8, 9] ++ galaxy_tags: ['sap', 'netweaver', 'rhel', 'redhat', 'sles', 'suse'] ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-configuration.yml +new file mode 100644 +index 0000000..5406c1d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-configuration.yml +@@ -0,0 +1,28 @@ ++--- ++ ++- name: Assert - List required SAP Notes ++ ansible.builtin.debug: ++ var: __sap_netweaver_preconfigure_sapnotes_versions | difference(['']) ++ ++- name: Gather service facts ++ ansible.builtin.service_facts: ++ ++- name: Assert - Include configuration actions for required sapnotes ++ ansible.builtin.include_tasks: "sapnote/assert-{{ sap_note_line_item.number }}.yml" ++ with_items: "{{ __sap_netweaver_preconfigure_sapnotes_versions | difference(['']) }}" ++ loop_control: ++ loop_var: sap_note_line_item ++ ++- name: Report if checking for the minimum size of the swap space is skipped ++ ansible.builtin.debug: ++ msg: "INFO: Not checking for the minimum size of the swap space (variable sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured)." ++ when: not sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured ++ ++- name: Assert that enough swap space is configured ++ ansible.builtin.assert: ++ that: ++ - (ansible_swaptotal_mb | int) >= (sap_netweaver_preconfigure_min_swap_space_mb | int) ++ fail_msg: "FAIL: The system has only {{ ansible_swaptotal_mb }} MB of swap space configured, which is less than the minimum required amount of {{ sap_netweaver_preconfigure_min_swap_space_mb }} MB for SAP NetWeaver!" ++ success_msg: "PASS: The system has {{ ansible_swaptotal_mb }} MB of swap space configured, which is equal to or more than the minimum required amount of {{ sap_netweaver_preconfigure_min_swap_space_mb }} MB for SAP NetWeaver." ++ when: sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-installation.yml +new file mode 100644 +index 0000000..14fd4eb +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/assert-installation.yml +@@ -0,0 +1,31 @@ ++--- ++ ++- name: Assert that all required packages are installed ++ ansible.builtin.assert: ++ that: line_item in ansible_facts.packages ++ fail_msg: "FAIL: Package '{{ line_item }}' is not installed!" ++ success_msg: "PASS: Package '{{ line_item }}' is installed." ++ with_items: ++ - "{{ __sap_netweaver_preconfigure_packages }}" ++ loop_control: ++ loop_var: line_item ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" ++ ++# Reason for noqa: We want a list of packages which are not installed ++- name: Check if required packages for Adobe Document Services are installed # noqa command-instead-of-module ++ ansible.builtin.shell: rpm -q --qf "%{NAME}.%{ARCH}\n" {{ __sap_netweaver_preconfigure_adobe_doc_services_packages | map('quote') | join(' ') }} ++ register: __sap_netweaver_preconfigure_register_rpm_q_ads_packages ++ changed_when: no ++ when: sap_netweaver_preconfigure_use_adobe_doc_services | d(false) ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that all required packages for Adobe Document Services are installed ++ ansible.builtin.assert: ++ that: "'is not installed' not in line_item" ++ fail_msg: "FAIL: Package '{{ line_item }}'!" ++ success_msg: "PASS: Package '{{ line_item }}' is installed." ++ with_items: "{{ __sap_netweaver_preconfigure_register_rpm_q_ads_packages.stdout_lines }}" ++ loop_control: ++ loop_var: line_item ++ when: sap_netweaver_preconfigure_use_adobe_doc_services | d(false) ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/configuration.yml +new file mode 100644 +index 0000000..d8a2603 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/configuration.yml +@@ -0,0 +1,27 @@ ++--- ++ ++- name: Configure - List required SAP Notes ++ ansible.builtin.debug: ++ var: __sap_netweaver_preconfigure_sapnotes_versions | difference(['']) ++ ++- name: Include configuration actions for required sapnotes ++ ansible.builtin.include_tasks: "sapnote/{{ sap_note_line_item.number }}.yml" ++ with_items: "{{ __sap_netweaver_preconfigure_sapnotes_versions | difference(['']) }}" ++ loop_control: ++ loop_var: sap_note_line_item ++ when: __sap_netweaver_preconfigure_sapnotes_versions is defined ++ ++- name: Warn if not enough swap space is configured ++ ansible.builtin.fail: ++ msg: "The system has only {{ ansible_swaptotal_mb }} MB of swap space configured, which is less than the minimum required amount of {{ sap_netweaver_preconfigure_min_swap_space_mb }} MB for SAP NetWeaver!" ++ ignore_errors: yes ++ when: ++ - ansible_swaptotal_mb < sap_netweaver_preconfigure_min_swap_space_mb|int ++ - not sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured|d(true) ++ ++- name: Fail if not enough swap space is configured ++ ansible.builtin.fail: ++ msg: "The system has only {{ ansible_swaptotal_mb }} MB of swap space configured, which is less than the minimum required amount of {{ sap_netweaver_preconfigure_min_swap_space_mb }} MB for SAP NetWeaver!" ++ when: ++ - ansible_swaptotal_mb < sap_netweaver_preconfigure_min_swap_space_mb|int ++ - sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured|d(true) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml +new file mode 100644 +index 0000000..08610f9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/RedHat/installation.yml +@@ -0,0 +1,12 @@ ++--- ++ ++- name: Ensure required packages for SAP NetWeaver are installed ++ ansible.builtin.package: ++ state: present ++ name: "{{ __sap_netweaver_preconfigure_packages }}" ++ ++- name: Ensure required packages for Adobe Document Services are installed ++ ansible.builtin.package: ++ state: present ++ name: "{{ __sap_netweaver_preconfigure_adobe_doc_services_packages }}" ++ when: sap_netweaver_preconfigure_use_adobe_doc_services +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/assert-configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/assert-configuration.yml +new file mode 100644 +index 0000000..a3a4a87 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/assert-configuration.yml +@@ -0,0 +1,53 @@ ++--- ++- name: Populate service facts ++ ansible.builtin.service_facts: ++ ++- name: Assert that saptune is running and enabled ++ ansible.builtin.assert: ++ that: ++ - "ansible_facts.services['saptune.service'].state == 'running'" ++ - "ansible_facts.services['saptune.service'].status == 'enabled'" ++ fail_msg: "FAIL: the service 'saptune' is not configured as expected" ++ success_msg: "PASS: the service 'saptune' is configured as expected" ++ ++- name: Run saptune_check ++ ansible.builtin.command: saptune_check ++ register: __sap_netweaver_preconfigure_register_saptune_check ++ changed_when: false ++ failed_when: false ++ ++- name: Assert that saptune_check executed correctly ++ ansible.builtin.assert: ++ that: "__sap_netweaver_preconfigure_register_saptune_check.rc == 0" ++ fail_msg: "FAIL: the command saptune_check fails" ++ success_msg: "PASS: the command saptune_check executes as expected" ++ ++- name: Discover active solution ++ ansible.builtin.command: saptune solution enabled ++ register: __sap_netweaver_preconfigure_register_saptune_status ++ changed_when: false ++ ++- name: Set solution fact ++ ansible.builtin.set_fact: ++ __sap_netweaver_preconfigure_saptune_configured_solution: "{{ (__sap_netweaver_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" ++ ++- name: Discover active solution ++ ansible.builtin.command: saptune solution enabled ++ register: __sap_netweaver_preconfigure_register_saptune_status ++ changed_when: false ++ ++- name: Set fact for active solution ++ ansible.builtin.set_fact: ++ __sap_netweaver_preconfigure_fact_solution_configured: "{{ (__sap_netweaver_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" # Capture the first block on none whitespace ++ ++- name: Assert that active solution is the expected solution ++ ansible.builtin.assert: ++ that: __sap_netweaver_preconfigure_fact_solution_configured == sap_netweaver_preconfigure_saptune_solution ++ fail_msg: "FAIL: the configured saptune solution is '{{ __sap_netweaver_preconfigure_saptune_configured_solution }}'' and does not match the expected solution '{{ sap_netweaver_preconfigure_saptune_solution }}'" ++ success_msg: "PASS: the configured saptune solution matches the expected solution '{{ sap_netweaver_preconfigure_saptune_solution }}'" ++ ++- name: Assert that adequate swap is configured ++ ansible.builtin.assert: ++ that: ansible_swaptotal_mb > sap_netweaver_preconfigure_min_swap_space_mb|int ++ fail_msg: "FAIL: A minimum of {{ sap_netweaver_preconfigure_min_swap_space_mb }}MiB is required but only {{ ansible_swaptotal_mb }}MiB was discovered" ++ success_msg: "PASS: the system has at least {{ sap_netweaver_preconfigure_min_swap_space_mb }}MiB of swap configured" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml +new file mode 100644 +index 0000000..b4e5160 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml +@@ -0,0 +1,19 @@ ++--- ++#- name: Enable Debugging ++# debug: ++# verbosity: "{{ debuglevel }}" ++# ++#Capture all patterns along with their install status ++ ++- name: Ensure required packages for SAP NetWeaver are installed ++ ansible.builtin.assert: ++ that: package in ansible_facts.packages ++ loop: "{{ __sap_netweaver_preconfigure_packages }}" ++ loop_control: ++ loop_var: package ++ ++- name: Assert saptune is at requested version ++ ansible.builtin.assert: ++ that: ansible_facts.packages['saptune'][0]['version'] == sap_netweaver_preconfigure_saptune_version ++ fail_msg: "FAIL: saptune version installed is {{ ansible_facts.packages['saptune'][0]['version'] }} but the version {{ sap_netweaver_preconfigure_saptune_version }} was expected" ++ success_msg: "PASS: the installed version of saptune meets the expected version: {{ sap_netweaver_preconfigure_saptune_version }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml +new file mode 100644 +index 0000000..d7c686c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml +@@ -0,0 +1,80 @@ ++--- ++- name: Takover saptune and enable ++ when: __sap_netweaver_preconfigure_run_saptune ++ block: ++ - name: Make sure that sapconf and tuned are stopped and disabled ++ ansible.builtin.command: "saptune service takeover" ++ register: __sap_saptune_takeover ++ changed_when: __sap_saptune_takeover.rc == 0 ++ ++ - name: Ensure saptune is running and enabled ++ ansible.builtin.systemd: ++ name: saptune ++ state: started ++ enabled: true ++ ++ - name: Ensure saptune_check executes correctly ++ ansible.builtin.command: saptune_check ++ changed_when: false ++ ++ - name: Discover active solution ++ ansible.builtin.command: saptune solution enabled ++ register: __sap_netweaver_preconfigure_register_saptune_status ++ changed_when: false ++ ++ - name: Set fact for active solution ++ ansible.builtin.set_fact: ++ # Capture the first block on none whitespace ++ __sap_netweaver_preconfigure_fact_solution_configured: "{{ (__sap_netweaver_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" ++ ++ - name: Check if saptune solution needs to be applied ++ ansible.builtin.command: "saptune solution verify {{ sap_netweaver_preconfigure_saptune_solution }}" ++ register: __sap_netweaver_preconfigure_register_saptune_verify ++ changed_when: false # We're only checking, not changing! ++ failed_when: false # We expect this to fail if it has not previously been applied ++ ++ - name: Ensure no solution is currently applied ++ ansible.builtin.command: "saptune solution revert {{ __sap_netweaver_preconfigure_fact_solution_configured }}" ++ changed_when: true ++ when: ++ - __sap_netweaver_preconfigure_fact_solution_configured != 'NONE' ++ - __sap_netweaver_preconfigure_register_saptune_verify.rc != 0 ++ ++ - name: Ensure saptune solution is applied ++ ansible.builtin.command: "saptune solution apply {{ sap_netweaver_preconfigure_saptune_solution }}" ++ changed_when: true ++ when: ++ - __sap_netweaver_preconfigure_register_saptune_verify.rc != 0 ++ ++ - name: Ensure solution was successful ++ ansible.builtin.command: "saptune solution verify {{ sap_netweaver_preconfigure_saptune_solution }}" ++ changed_when: false # We're only checking, not changing! ++ ++- name: Enable sapconf ++ when: not __sap_netweaver_preconfigure_run_saptune ++ block: ++ - name: Enable sapconf service ++ ansible.builtin.systemd: ++ name: sapconf ++ state: started ++ enabled: true ++ ++ - name: Restart sapconf service ++ ansible.builtin.systemd: ++ name: sapconf ++ state: restarted ++ ++- name: Warn if not enough swap space is configured ++ ansible.builtin.fail: ++ msg: "The system has only {{ ansible_swaptotal_mb }} MB of swap space configured, which is less than the minimum required amount of {{ sap_netweaver_preconfigure_min_swap_space_mb }} MB for SAP NetWeaver!" ++ ignore_errors: true ++ when: ++ - ansible_swaptotal_mb < sap_netweaver_preconfigure_min_swap_space_mb|int ++ - not sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured|d(true) ++ ++- name: Fail if not enough swap space is configured ++ ansible.builtin.fail: ++ msg: "The system has only {{ ansible_swaptotal_mb }} MB of swap space configured, which is less than the minimum required amount of {{ sap_netweaver_preconfigure_min_swap_space_mb }} MB for SAP NetWeaver!" ++ when: ++ - ansible_swaptotal_mb < sap_netweaver_preconfigure_min_swap_space_mb|int ++ - sap_netweaver_preconfigure_fail_if_not_enough_swap_space_configured|d(true) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml +new file mode 100644 +index 0000000..feef1ae +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml +@@ -0,0 +1,39 @@ ++--- ++ ++- name: Ensure required packages for SAP NetWeaver are installed ++ ansible.builtin.package: ++ state: present ++ name: "{{ __sap_netweaver_preconfigure_packages }}" ++ ++- name: Get contents of /etc/products.d/baseproduct ++ ansible.builtin.stat: ++ path: /etc/products.d/baseproduct ++ register: sles_baseproduct ++ when: ansible_os_family == 'Suse' ++ ++- name: Setfact if baseproduct contains SLES without SLES_SAP ++ ansible.builtin.set_fact: ++ __sap_netweaver_preconfigure_run_saptune: false ++ when: ++ - '"SLES_SAP" not in sles_baseproduct.stat.lnk_target' ++ - '"SLES" in sles_baseproduct.stat.lnk_target' ++ - ansible_os_family == 'Suse' ++ ++# The use of zypper here allows exact saptune version to be declared and used. ++- name: Ensure saptune is installed ++ community.general.zypper: ++ type: package ++ name: "saptune={{ sap_netweaver_preconfigure_saptune_version }}" ++ state: present ++ force: true ++ when: ++ - __sap_netweaver_preconfigure_run_saptune ++ ++- name: Ensure sapconf is installed ++ community.general.zypper: ++ type: package ++ name: "sapconf" ++ state: present ++ force: true ++ when: ++ - not __sap_netweaver_preconfigure_run_saptune +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/main.yml +new file mode 100644 +index 0000000..f0720b0 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/main.yml +@@ -0,0 +1,41 @@ ++--- ++ ++- name: Display the role path ++ ansible.builtin.debug: ++ var: role_path ++ ++- name: Include OS specific vars ++ ansible.builtin.include_vars: '{{ item }}' ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}_{{ ansible_distribution_major_version }}.yml' ++ - '{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml' ++ - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' ++ - '{{ ansible_os_family }}.yml' ++ ++- name: Set filename prefix to empty string if role is run in normal mode ++ ansible.builtin.set_fact: ++ assert_prefix: "" ++ when: not sap_netweaver_preconfigure_assert | d(false) ++ ++- name: Prepend filename with assert string if role is run in assert mode ++ ansible.builtin.set_fact: ++ assert_prefix: "assert-" ++ when: sap_netweaver_preconfigure_assert | d(false) ++ ++# required for installation and configuration tasks: ++- name: Gather package facts ++ ansible.builtin.package_facts: ++ ++- name: Include tasks from 'installation.yml' ++ ansible.builtin.include_tasks: '{{ item }}/{{ assert_prefix }}installation.yml' ++ when: sap_netweaver_preconfigure_config_all|d(true) or sap_netweaver_preconfigure_installation|d(false) ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}' ++ - '{{ ansible_distribution }}' ++ ++- name: Include tasks from 'configuration.yml' ++ ansible.builtin.include_tasks: '{{ item }}/{{ assert_prefix }}configuration.yml' ++ when: sap_netweaver_preconfigure_config_all|d(true) or sap_netweaver_preconfigure_configuration|d(false) ++ with_first_found: ++ - '{{ ansible_distribution.split("_")[0] }}' ++ - '{{ ansible_distribution }}' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/configuration.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/configuration.yml +new file mode 100644 +index 0000000..ccdf2be +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/configuration.yml +@@ -0,0 +1,17 @@ ++--- ++ ++# - name: "1275776 - Tips & Advice (start sapconf)" ++# ansible.builtin.service: ++# name: sapconf ++# enabled: true ++# state: started ++ ++- name: "1275776 - Configuration saptune" ++ ansible.builtin.command: "saptune daemon start" ++ register: __sap_hana_preconfigure_register_saptune_daemon ++ changed_when: __sap_hana_preconfigure_register_saptune_daemon.rc == 0 ++ ++# - name: "1275776 - Configuration saptune sap note 2382421" ++# ansible.builtin.command: "saptune note apply 2382421" ++# register: __sap_hana_preconfigure_register_saptune_2382421 ++# changed_when: __sap_hana_preconfigure_register_saptune_2382421.rc == 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/installation.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/installation.yml +new file mode 100644 +index 0000000..f149aca +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/1275776/installation.yml +@@ -0,0 +1,5 @@ ++--- ++ ++- name: 1275776 - Installation saptune ++ ansible.builtin.package: ++ name: "saptune" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/2526952.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/2526952.yml +new file mode 100644 +index 0000000..f8cfeed +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/2526952.yml +@@ -0,0 +1,52 @@ ++--- ++# OS RELEASE: RHEL 7 and RHEL 8 ++# SAP Note: 2526952 - Red Hat Enterprise Linux for SAP Solutions ++# prerequisite: package tuned-profiles-sap is installed (see vars/RedHat.yml) ++ ++# Configure tuned to use profile "sap-netweaver" ++ ++- name: Configure - Display SAP note number 2526952 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2526952$') | first).number }} (version {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2526952$') | first).version }}): RHEL for SAP packages" ++ ++- name: Enable and start tuned ++ ansible.builtin.service: ++ name: tuned ++ state: started ++ enabled: true ++ ++- name: Show currently active tuned profile ++ ansible.builtin.shell: set -o pipefail && /usr/sbin/tuned-adm active | awk '/:/{print $NF}' ++ check_mode: false ++ register: __sap_netweaver_preconfigure_register_current_tuned_profile ++ changed_when: false ++ ++- name: Display the output of the tuned-adm active command ++ ansible.builtin.debug: ++ var: __sap_netweaver_preconfigure_register_current_tuned_profile.stdout_lines, __sap_netweaver_preconfigure_register_current_tuned_profile.stderr_lines ++ ++#- name: Set a variable which contains the name of the currently active tuned profile ++# set_fact: ++# __sap_netweaver_preconfigure_register_active_tuned_profile: "{{ __sap_netweaver_preconfigure_register_current_tuned_profile.stdout }}" ++ ++- name: Switch to tuned profile sap-netweaver if not currently active ++ when: __sap_netweaver_preconfigure_register_current_tuned_profile.stdout != 'sap-netweaver' ++ block: ++ ++ - name: Switch to tuned profile sap-netweaver ++ ansible.builtin.command: /usr/sbin/tuned-adm profile sap-netweaver ++ changed_when: true ++ ++ - name: Show new active tuned profile ++ ansible.builtin.shell: set -o pipefail && /usr/sbin/tuned-adm active | awk '/:/{print $NF}' ++ check_mode: false ++ register: __sap_netweaver_preconfigure_register_new_tuned_profile ++ changed_when: false ++ ++ - name: Display the output of the tuned-adm active command after switching to profile sap-netweaver ++ ansible.builtin.debug: ++ var: __sap_netweaver_preconfigure_register_new_tuned_profile.stdout_lines, __sap_netweaver_preconfigure_register_new_tuned_profile.stderr_lines ++ ++# - name: Set a variable which contains the name of the now active tuned profile ++# set_fact: ++# __sap_netweaver_preconfigure_register_active_tuned_profile: "{{ __sap_netweaver_preconfigure_register_new_tuned_profile.stdout }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml +new file mode 100644 +index 0000000..190ee76 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml +@@ -0,0 +1,26 @@ ++--- ++ ++- name: Configure - Display SAP note number 3119751 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3119751$') | first).number }} (version {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3119751$') | first).version }}): Linux Requirements for SAP Kernel 754 and for SAP Kernel 788 and higher" ++ ++- name: Get info about the compat-sap-c++-10.so file ++ ansible.builtin.stat: ++ path: /opt/rh/SAP/lib64/compat-sap-c++-10.so ++ register: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp ++ ++- name: Create directory '{{ sap_netweaver_preconfigure_rpath }}' ++ ansible.builtin.file: ++ path: "{{ sap_netweaver_preconfigure_rpath }}" ++ state: directory ++ owner: root ++ group: root ++ mode: '0755' ++ when: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists ++ ++- name: Create a link to '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' ++ ansible.builtin.file: ++ src: /opt/rh/SAP/lib64/compat-sap-c++-10.so ++ dest: "{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6" ++ state: link ++ when: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-2526952.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-2526952.yml +new file mode 100644 +index 0000000..6309068 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-2526952.yml +@@ -0,0 +1,57 @@ ++--- ++ ++- name: Assert - Display SAP note number 2526952 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2526952$') | first).number }} (version {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^2526952$') | first).version }}): RHEL for SAP packages" ++ ++- name: Display the version of tuned ++ ansible.builtin.debug: ++ msg: "INFO: The installed version of package tuned is: {{ ansible_facts.packages['tuned'][0].version }}" ++ when: "'tuned' in ansible_facts.packages" ++ ++- name: Assert that tuned.service exists ++ ansible.builtin.assert: ++ that: "'tuned.service' in ansible_facts.services" ++ fail_msg: "FAIL: Service tuned could not be found!" ++ success_msg: "PASS: Service tuned is available." ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that tuned is enabled ++ ansible.builtin.assert: ++ that: "ansible_facts.services['tuned.service']['status'] == 'enabled'" ++ fail_msg: "FAIL: Service tuned is not enabled!" ++ success_msg: "PASS: Service tuned is enabled." ++ when: "'tuned.service' in ansible_facts.services" ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Assert that tuned is active ++ ansible.builtin.assert: ++ that: "ansible_facts.services['tuned.service']['state'] == 'running'" ++ fail_msg: "FAIL: Service tuned is not active!" ++ success_msg: "PASS: Service tuned is active." ++ when: "'tuned.service' in ansible_facts.services" ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" ++ ++- name: Display the version of tuned-profiles-sap ++ ansible.builtin.debug: ++ msg: "INFO: The installed version of package tuned-profiles-sap is: {{ ansible_facts.packages['tuned-profiles-sap'][0].version }}" ++ when: "'tuned-profiles-sap' in ansible_facts.packages" ++ ++- name: Get active tuned profile ++ ansible.builtin.shell: set -o pipefail && /usr/sbin/tuned-adm active | awk '/:/{print $NF}' ++ check_mode: false ++ register: __sap_netweaver_preconfigure_register_current_tuned_profile ++ ignore_errors: true ++ changed_when: false ++ ++- name: Assert - Display the output of the tuned-adm active command ++ ansible.builtin.debug: ++ var: __sap_netweaver_preconfigure_register_current_tuned_profile.stdout_lines, __sap_netweaver_preconfigure_register_current_tuned_profile.stderr_lines ++ ignore_errors: true ++ ++- name: Assert that tuned profile 'sap-netweaver' is currently active ++ ansible.builtin.assert: ++ that: __sap_netweaver_preconfigure_register_current_tuned_profile.stdout == 'sap-netweaver' ++ fail_msg: "FAIL: The tuned profile 'sap-netweaver' is currently not active! Currently active profile: '{{ __sap_netweaver_preconfigure_register_current_tuned_profile.stdout }}'." ++ success_msg: "PASS: The tuned profile 'sap-netweaver' is currently active." ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml +new file mode 100644 +index 0000000..0f12200 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml +@@ -0,0 +1,49 @@ ++--- ++ ++- name: Configure - Display SAP note number 3119751 and its version ++ ansible.builtin.debug: ++ msg: "SAP note {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3119751$') | first).number }} (version {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3119751$') | first).version }}): Linux Requirements for SAP Kernel 754 and for SAP Kernel 788 and higher" ++ ++- name: Get info about the compat-sap-c++-10.so file ++ ansible.builtin.stat: ++ path: /opt/rh/SAP/lib64/compat-sap-c++-10.so ++ register: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp ++ ++- name: Report if checking for a link from libstdc++.so.6 to compat-sap-c++-10.so is skipped ++ ansible.builtin.debug: ++ msg: "INFO: Not checking for link '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' - file '/opt/rh/SAP/lib64/compat-sap-c++-10.so' does not exist on this system." ++ when: not __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists ++ ++- name: Get info about file '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' ++ ansible.builtin.stat: ++ path: "{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6" ++ register: __sap_netweaver_preconfigure_register_stat_libstdc_assert ++ when: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists ++ ++- name: Assert that file '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' exists ++ ansible.builtin.assert: ++ that: __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.exists ++ fail_msg: "FAIL: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' does not exist!" ++ success_msg: "PASS: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' exists." ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" ++ when: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists ++ ++- name: Assert that file '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is a link ++ ansible.builtin.assert: ++ that: __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.islnk ++ fail_msg: "FAIL: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is not a link!" ++ success_msg: "PASS: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is a link." ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists ++ - __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.exists ++ ++- name: Assert that file '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is a link to '/opt/rh/SAP/lib64/compat-sap-c++-10.so' ++ ansible.builtin.assert: ++ that: __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.lnk_target == '/opt/rh/SAP/lib64/compat-sap-c++-10.so' ++ fail_msg: "FAIL: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is not a link to '/opt/rh/SAP/lib64/compat-sap-c++-10.so!'" ++ success_msg: "PASS: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is a link to '/opt/rh/SAP/lib64/compat-sap-c++-10.so.'" ++ ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" ++ when: ++ - __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists ++ - __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.exists +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml +new file mode 100644 +index 0000000..fcaa1ee +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_7.yml +@@ -0,0 +1,43 @@ ++--- ++ ++# vars file for sap_netweaver_preconfigure ++ ++__sap_netweaver_preconfigure_sapnotes: ++ - "2526952" ++ ++__sap_netweaver_preconfigure_sapnotes_versions: ++ - {number: '2526952', version: '5'} ++ ++__sap_netweaver_preconfigure_packages: ++ - tuned-profiles-sap ++ ++__sap_netweaver_preconfigure_adobe_doc_services_packages: ++ - autoconf.noarch ++ - automake.noarch ++ - cyrus-sasl.x86_64 ++ - expat.x86_64 ++ - fontconfig.x86_64 ++ - freetype.x86_64 ++ - glibc.x86_64 ++ - glibc-devel.x86_64 ++ - keyutils-libs.x86_64 ++ - krb5-libs.x86_64 ++ - libcom_err.x86_64 ++ - libgcc.x86_64 ++ - libidn.x86_64 ++ - libidn-devel.x86_64 ++ - libselinux.x86_64 ++ - libssh2.x86_64 ++ - libX11.x86_64 ++ - libXau.x86_64 ++ - libxcb.x86_64 ++ - nspr.x86_64 ++ - nss.x86_64 ++ - nss-softokn.x86_64 ++ - nss-softokn-freebl.x86_64 ++ - nss-util.x86_64 ++ - openldap.x86_64 ++ - openssl.x86_64 ++ - transfig.x86_64 ++ - zlib.x86_64 ++ - libuuid.x86_64 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml +new file mode 100644 +index 0000000..90a1fab +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_8.yml +@@ -0,0 +1,44 @@ ++--- ++ ++# vars file for sap_netweaver_preconfigure ++ ++__sap_netweaver_preconfigure_sapnotes: ++ - "2526952" ++ - "3119751" ++ ++__sap_netweaver_preconfigure_sapnotes_versions: ++ - {number: '2526952', version: '5'} ++ - {number: '3119751', version: '4'} ++ ++__sap_netweaver_preconfigure_packages: ++ - tuned-profiles-sap ++ ++__sap_netweaver_preconfigure_adobe_doc_services_packages: ++ - autoconf.noarch ++ - automake.noarch ++ - cyrus-sasl.x86_64 ++ - expat.x86_64 ++ - fontconfig.x86_64 ++ - glibc-devel.i686 ++ - keyutils-libs.x86_64 ++ - krb5-libs.x86_64 ++ - libcom_err.x86_64 ++ - libidn2.x86_64 ++ - libselinux.x86_64 ++ - libssh2.x86_64 ++ - libxcb.i686 ++ - nspr.x86_64 ++ - nss.x86_64 ++ - nss-softokn.x86_64 ++ - nss-softokn-freebl.x86_64 ++ - nss-util.x86_64 ++ - openldap.x86_64 ++ - openssl.x86_64 ++ - zlib.x86_64 ++ - libstdc++.i686 ++ - libX11.i686 ++ - libXau.i686 ++ - glibc.i686 ++ - libstdc++.i686 ++ - libgcc.i686 ++ - libuuid.i686 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml +new file mode 100644 +index 0000000..02ea17d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/RedHat_9.yml +@@ -0,0 +1,42 @@ ++--- ++ ++# vars file for sap_netweaver_preconfigure ++ ++__sap_netweaver_preconfigure_sapnotes: ++ - "2526952" ++ ++__sap_netweaver_preconfigure_sapnotes_versions: ++ - {number: '2526952', version: '5'} ++ ++__sap_netweaver_preconfigure_packages: ++ - tuned-profiles-sap ++ ++__sap_netweaver_preconfigure_adobe_doc_services_packages: ++ - autoconf.noarch ++ - automake.noarch ++ - cyrus-sasl.x86_64 ++ - expat.x86_64 ++ - fontconfig.x86_64 ++ - glibc-devel.i686 ++ - keyutils-libs.x86_64 ++ - krb5-libs.x86_64 ++ - libcom_err.x86_64 ++ - libidn2.x86_64 ++ - libselinux.x86_64 ++ - libssh2.x86_64 ++ - libxcb.i686 ++ - nspr.x86_64 ++ - nss.x86_64 ++ - nss-softokn.x86_64 ++ - nss-softokn-freebl.x86_64 ++ - nss-util.x86_64 ++ - openldap.x86_64 ++ - openssl.x86_64 ++ - zlib.x86_64 ++ - libstdc++.i686 ++ - libX11.i686 ++ - libXau.i686 ++ - glibc.i686 ++ - libstdc++.i686 ++ - libgcc.i686 ++ - libuuid.i686 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/SLES_15.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/SLES_15.yml +new file mode 100644 +index 0000000..86ce492 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/SLES_15.yml +@@ -0,0 +1,33 @@ ++--- ++# required SAP Notes for SLES 15 ++ ++__sap_netweaver_preconfigure_sapnotes: ++ - "1275776" ++ ++__sap_netweaver_preconfigure_packages: ++ - libstdc++6 ++ - libatomic1 ++ - libgcc_s1 ++ - libltdl7 ++ - insserv-compat ++ - cpupower ++ - hicolor-icon-theme ++ - libcpupower0 ++ - libsensors4 ++ - patterns-base-basesystem ++ - patterns-server-enterprise-sap_server ++ - patterns-yast-yast2_basis ++ - procmail ++ - sysstat ++ - system-user-uuidd ++ - uuidd ++ - yast2-auth-client ++ - yast2-auth-server ++ - yast2-theme ++ - yast2-vpn ++ - tcsh ++ - acl ++ ++# SLES_SAP is using saptune, but SLES is using sapconf. ++# Default value true runs saptune, but installation.yml auto-detects base product and adjusts. ++__sap_netweaver_preconfigure_run_saptune: true +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/main.yml +new file mode 100644 +index 0000000..5684d51 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_netweaver_preconfigure/vars/main.yml +@@ -0,0 +1,5 @@ ++--- ++ ++# define variables here that will not change ++# Those are valid for all OS ++# +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/.ansible-lint b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/.ansible-lint +new file mode 100644 +index 0000000..56704f2 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/.ansible-lint +@@ -0,0 +1,16 @@ ++--- ++exclude_paths: ++ - tests/sap_swpm/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/README.md b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/README.md +new file mode 100644 +index 0000000..479c303 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/README.md +@@ -0,0 +1,131 @@ ++# sap_swpm Ansible Role ++ ++Ansible role for SAP software installation using SWPM ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview for certain deployment scenarios only" ++ ++## Requirements ++ ++The dependencies of this role should be automatically installed when installing the collection with ansible-galaxy. ++ ++For installing the dependencies manually, use the following command: ++ ++`ansible-galaxy install -vv -r meta/collection-requirements.yml` ++ ++## Scope ++ ++*NOTE*: This Ansible role is delivered by Red Hat with a support scope of *Technology Preview* only for the following deployment scenarios: ++S/4HANA 2021 and S/4HANA 2022 single-host installation on x86_64: RHEL 8.4, 8.6, 9.0 and ppc64le: RHEL 8.4 and 8.6. ++ ++Only the `default` role mode is supported. ++ ++All other functionality of this role is currently not supported by Red Hat. ++ ++### SAP Preconfigure ++ ++- Ensure the required volumes and filesystems are configured in the host. You can use the role `sap_storage_setup` to configure this. More info [here](/roles/sap_storage_setup) ++ ++- Please run the RHEL SAP System Role `sap_general_preconfigure` for initial host configuration; as necessary, also use `sap_netweaver_preconfigure` and `sap_hana_preconfigure` ++ ++- For further guidance on using SAP SWPM for different SAP Software installations, please see System Provisioning with Software Provisioning Manager (SWPM) - [User Guides for SAP SWPM 1.0](30839dda13b2485889466316ce5b39e9/c8ed609927fa4e45988200b153ac63d1.html?locale=en-US) and [User Guides for SAP SWPM 2.0](https://help.sap.com/docs/SOFTWARE_PROVISIONING_MANAGER/30839dda13b2485889466316ce5b39e9/6865029dacbe473fadd8eff339bfa568.html?locale=en-US) ++ ++### SAP Software Installation .SAR Files ++ ++1. SAPCAR executable ++ ++2. Software Provisioning Manager .SAR file ++ - `SWPM*.SAR` ++ ++3. SAP Installation files ++ - For New Installation ++ - Download appropriate software from SAP Software Download Center, Maintenance Planner, etc ++ - SAP IGS - `igs*.sar` ++ - SAP IGS HELPER - `igshelper*sar` ++ - SAP Host Agent - `SAPHOSTAGENT*SAR` ++ - SAP Kernel DB - `SAPEXEDB_*SAR` ++ - SAP Kernel DB Independent - `SAPEXE_*SAR` ++ - SAP HANA Client - `IMDB_CLIENT*SAR` ++ ++## Variables and Parameters ++ ++### Input Parameters ++ ++The inputs are critical for running this role ++ - Determines the installation type ++ - Incomplete parameters will result to failure ++ - Wrong parameters will result to failure ++ ++### Default Parameters ++ ++Please check the default parameters file for more information on other parameters that can be used as an input: ++- [**sap_swpm** default parameters](defaults/main.yml) ++ ++Red Hat KB article [6857351](https://access.redhat.com/articles/6857351) contains instructions for installing an S/4HANA single host system ++including a sample playbook. ++ ++Further examples can be found [here](https://github.com/sap-linuxlab/community.sap_install/tree/main/playbooks). ++ ++## Execution ++ ++Sample Ansible Playbook Execution ++ ++- Local Host Installation ++ - `ansible-playbook --connection=local --limit localhost -i "localhost," sap-swpm.yml -e "@inputs/S4H.install"` ++ ++- Target Host Installation ++ - `ansible-playbook -i "" sap-swpm.yml -e "@inputs/S4H.install"` ++ ++### Sample Playbook ++ ++```yaml ++--- ++- hosts: all ++ become: true ++ roles: ++ - sap_swpm ++``` ++ ++## Execution Flow ++ ++### Pre-Install ++ ++- Get SAPCAR executable filename from `sap_swpm_sapcar_path` ++ ++- Get SWPM executable filename from `sap_swpm_swpm_path` ++ ++- Get all .SAR filenames from `sap_swpm_software_path` ++ ++- Update `/etc/hosts` (optional - yes by default) ++ ++- Apply firewall rules for SAP HANA (optional - no by default) ++ ++- Process SAP SWPM `inifile.params` based on inputs ++ ++### SAP SWPM ++ ++- Execute SWPM ++ ++### Post-Install ++ ++- Set expiry of Unix created users to 'never' ++ ++- Apply firewall rules for SAP NW (optional - no by default) ++ ++## Tags ++ ++With the following tags, the role can be called to perform certain activities only: ++- tag `sap_swpm_generate_inifile`: Only create the sapinst inifile. This can be useful for checking if the inifile is created as desired. ++- tag `sap_swpm_sapinst_commandline`: Only show the sapinst command line. ++- tag `sap_swpm_pre_install`: Perform all preinstallation steps, then exit. ++- tag `sap_swpm_setup_firewall`: Only perform the firewall preinstallation settings (but only if variable `sap_swpm_setup_firewall` is set to `true`). ++- tag `sap_swpm_update_etchosts`: Only update file `/etc/hosts` (but only if variable `sap_swpm_update_etchosts` is set to `true`). ++ ++## License ++ ++Apache license 2.0 ++ ++## Author Information ++ ++IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Jason Masipiquena, Sean Freeman, Bernd Finger, Markus Koch +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/defaults/main.yml +new file mode 100644 +index 0000000..f1e1467 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/defaults/main.yml +@@ -0,0 +1,391 @@ ++--- ++ ++######################################## ++# SWPM Ansible Role variables ++######################################## ++ ++sap_swpm_ansible_role_mode: "default" ++# default ++# default_templates ++# advanced ++# advanced_templates ++# inifile_reuse ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Inifile Reuse, Advanced, and Defaults/Advanced Templates Mode ++######################################## ++ ++# Inifile Reuse Mode ++sap_swpm_inifile_reuse_source: ++sap_swpm_inifile_reuse_destination: ++ ++# Advanced Mode ++#sap_swpm_inifile_custom_values_dictionary: ++# archives.downloadBasket: /software/download_basket ++# NW_getFQDN.FQDN: poc.cloud ++## add.additional.parameters: '' ++ ++# Default/Advanced Templates Mode ++#sap_swpm_templates_product_input: "" ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - List of inifile parameters to generate ++######################################## ++ ++sap_swpm_inifile_list: ++ - swpm_installation_media ++ - swpm_installation_media_swpm2_hana ++# - swpm_installation_media_swpm1 ++# - swpm_installation_media_swpm1_exportfiles ++# - swpm_installation_media_swpm1_ibmdb2 ++# - swpm_installation_media_swpm1_oracledb_121 ++# - swpm_installation_media_swpm1_oracledb_122 ++# - swpm_installation_media_swpm1_oracledb_19 ++# - swpm_installation_media_swpm1_sapase ++# - swpm_installation_media_swpm1_sapmaxdb ++# - maintenance_plan_stack_tms_config ++# - maintenance_plan_stack_tms_transports ++# - maintenance_plan_stack_spam_config ++# - maintenance_plan_stack_sum_config ++# - maintenance_plan_stack_sum_10_batch_mode ++ - credentials ++ - credentials_hana ++# - credentials_anydb_ibmdb2 ++# - credentials_anydb_oracledb ++# - credentials_anydb_sapase ++# - credentials_anydb_sapmaxdb ++# - credentials_nwas_ssfs ++# - credentials_hdbuserstore ++ - db_config_hana ++# - db_config_anydb_all ++# - db_config_anydb_ibmdb2 ++# - db_config_anydb_oracledb ++# - db_config_anydb_oracledb_121 ++# - db_config_anydb_oracledb_122 ++# - db_config_anydb_oracledb_19 ++# - db_config_anydb_sapase ++# - db_config_anydb_sapmaxdb ++ - db_connection_nw_hana ++# - db_connection_nw_anydb_ibmdb2 ++# - db_connection_nw_anydb_oracledb ++# - db_connection_nw_anydb_sapase ++ - db_restore_hana ++# - nw_config_anydb ++ - nw_config_other ++ - nw_config_central_services_abap ++# - nw_config_central_services_java ++ - nw_config_primary_application_server_instance ++# - nw_config_additional_application_server_instance ++# - nw_config_ers ++ - nw_config_ports ++# - nw_config_java_ume ++# - nw_config_java_feature_template_ids ++# - nw_config_webdisp_generic ++# - nw_config_webdisp_gateway ++ - nw_config_host_agent ++# - nw_config_post_load_abap_reports ++# - nw_config_livecache ++# - nw_config_sld ++# - nw_config_abap_language_packages ++ - sap_os_linux_user ++ ++## Not in use ++# - swpm_installation_media_download_service ++# - solman_credentials_swpm1 ++# - solman_abap_swpm1 ++# - solman_daa_swpm1 ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - SWPM variables ++######################################## ++ ++# SAP product that will be installed and passed as argument to the sapinst installer, example 'NW_ABAP_OneHost:S4HANA2020.CORE.HDB.ABAP' ++sap_swpm_product_catalog_id: ++ ++# SAPCAR path and file name, only path is mandatory. The script will automatically get file_name ++sap_swpm_sapcar_path: ++sap_swpm_sapcar_file_name: ++ ++# SWPM path and file name, only path is mandatory. The script will automatically get file_name ++sap_swpm_swpm_path: ++sap_swpm_swpm_sar_file_name: ++ ++# Note: ++# When using SWPM2 (for modern SAP products such as S/4 B/4), using .SAR files is recommended - param value should be false ++# When using SWPM1 (for older SAP products), using CD Media is the only choice - param value should be true ++sap_swpm_software_use_media: 'false' ++ ++# Main path that this role will look for .SAR files ++sap_swpm_software_path: ++## This directory path should include these files: ++## - igs*sar ++## - igshelper*sar ++## - SAPEXEDB_*SAR ++## - SAPEXE_*SAR ++## - IMDB_CLIENT*SAR ++## - SAPHOSTAGENT*SAR ++ ++# SWPM1 - paths that this role will look for CD Media software ++sap_swpm_cd_export_pt1_path: ++sap_swpm_cd_export_pt2_path: ++sap_swpm_cd_language_path: ++sap_swpm_cd_java_path: ++sap_swpm_cd_rdbms_path: ++sap_swpm_cd_export_path: ++sap_swpm_cd_ibmdb2_path: ++sap_swpm_cd_ibmdb2_client_path: ++sap_swpm_cd_oracle121_path: ++sap_swpm_cd_oracle121_client_path: ++sap_swpm_cd_sapase_path: ++sap_swpm_cd_sapmaxdb_path: ++sap_swpm_ibmdb2_unpack_path: "/db2/db2{{ sap_swpm_db_sid | lower }}/db2_software" ++ ++# --- Experimental --- # ++# MP Stack ++sap_swpm_mp_stack_path: ++sap_swpm_mp_stack_file_name: ++# SUM ++sap_swpm_sum_prepare: 'false' ++sap_swpm_sum_start: 'false' ++sap_swpm_sum_batch_file: ++sap_swpm_spam_update: 'false' ++sap_swpm_spam_update_sar: ++sap_swpm_configure_tms: 'true' ++sap_swpm_tmsadm_password: ++sap_swpm_tms_tr_files_path: ++# --- Experimental --- # ++ ++sap_swpm_install_saphostagent: 'true' ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - SAP NetWeaver ++######################################## ++ ++sap_swpm_sid: "" ++sap_swpm_ascs_instance_nr: "" ++sap_swpm_ascs_instance_hostname: "" ++sap_swpm_ers_instance_nr: "" ++sap_swpm_ers_instance_hostname: "" ++sap_swpm_pas_instance_nr: "" ++sap_swpm_pas_instance_hostname: "" ++sap_swpm_aas_instance_nr: "" ++sap_swpm_aas_instance_hostname: "" ++ ++sap_swpm_java_scs_instance_nr: "" ++ ++# Password used for all users created during SWPM installation ++sap_swpm_master_password: ++ ++# New Install - define DDIC 000 password ++# Restore - DDIC 000 password from backup ++sap_swpm_ddic_000_password: ++ ++# initial = not an HA setup ++# set this in the input file when installing ascs, ers to indicate an HA setup ++sap_swpm_virtual_hostname: "initial" ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - Lookup list of Feature Template IDs ++######################################## ++ ++sap_swpm_java_template_id_selected_list: ++ - java_engine_ee ++ ++sap_swpm_java_template_id_lookup_dictionary: ++ java_nwas_as: ++ - 01200615324800000135 # Application Server Java ++# - 01200615324800002844 # !!! Ignore, SAP NWAS 7.40 JAVA only ++ java_engine_se: ++ - 01200615324800000125 # Adapter Engine (Java SE) ++ java_engine_ee: ++ - 01200615324800000165 # Adapter Engine (Java EE), includes java_nwas_as (01200615324800000135) ++ java_nwdi: ++ - 01200615324800000129 # Development Infrastructure ++ - 01200615324800003960 # Developer Studio ++ java_composition_environment: ++ - 01200615324800002968 # Composition Platform ++ - 01200615324800002888 # Guided Procedures ++# - 01200615324800002884 # !!! Ignore, SAP NWAS 7.40 JAVA only ++ java_enterprise_portal: ++ - 01200615324800000164 # EP Core - Application Portal ++ - 01200615324800000174 # Enterprise Portal ++ java_enterprise_service_repository: ++ - 01200615324800002887 # Enterprise Services Repository ++ - 01200615324800000149 # ESR Content ++ java_adobe_document_services: ++ - 01200615324800000128 # Adobe Document Services, includes java_nwas_as (01200615324800000135) and java_engine_ee (01200615324800000125) ++ - 01200314694800005225 # PDF Export ++ java_pi_aex: ++ - 01200615324800003841 # Advanced Adapter Engine Extnd ++ java_bi_bpm: ++ - 01200615324800000150 # BI Java ++ - 01200615324800002897 # BPM ++ java_scheduling_cps: ++ - 01200615324800000153 # Central Process Scheduling ++ java_solman: ++ - 01200615324800001035 # Solution Manager, includes java_nwas_as (01200615324800000135) and java_engine_ee (01200615324800000125) ++ java_demo: ++ - 01200615324800002898 # Demo Applications ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - DB Connection (existing SAP HANA) ++######################################## ++ ++sap_swpm_db_ip: ++sap_swpm_db_fqdn: ++sap_swpm_db_host: ++sap_swpm_db_sid: ++sap_swpm_db_instance_nr: ++ ++sap_swpm_db_system_password: ++sap_swpm_db_systemdb_password: ++sap_swpm_db_sidadm_password: ++ ++# New Install - define schema (ABAP), e.g. SAP HANA = SAPHANADB, SAP on IBM Db2 = ABAP or SAPABAP1, SAP on Oracle DB = SAPSR3 (6 characters) ++# Restore - schema details from backup (ABAP) ++sap_swpm_db_schema_abap: "SAPHANADB" ++sap_swpm_db_schema_abap_password: ++ ++# New Install - define schema password (Java) ++# Restore - schema details from backup (Java) ++sap_swpm_db_schema_java: ++sap_swpm_db_schema_java_password: ++ ++sap_swpm_db_schema: ++sap_swpm_db_schema_password: ++ ++# JAVA UME ++sap_swpm_ume_client_nr: '000' ++sap_swpm_ume_type: ++sap_swpm_ume_instance_nr: '{{ sap_swpm_pas_instance_nr }}' ++sap_swpm_ume_j2ee_admin_password: ++sap_swpm_ume_j2ee_guest_password: ++sap_swpm_ume_sapjsf_password: ++sap_swpm_ume_instance_hostname: ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - DB Restore (backup of SAP HANA) ++######################################## ++ ++# Location of the database backup files. ++sap_swpm_backup_location: ++ ++# Backup prefix ++sap_swpm_backup_prefix: ++ ++# SYSTEM password of the backup ++sap_swpm_backup_system_password: ++ ++# ASCS Install Gateway ++sap_swpm_ascs_install_gateway: "true" ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - Web Dispatcher ++######################################## ++ ++sap_swpm_wd_instance_nr: ++ ++sap_swpm_wd_system_connectivity: 'false' ++sap_swpm_wd_activate_icf: 'false' ++sap_swpm_wd_backend_sid: ++sap_swpm_wd_backend_ms_http_port: ++sap_swpm_wd_backend_ms_host: ++sap_swpm_wd_backend_rfc_host: ++sap_swpm_wd_backend_rfc_instance_nr: ++sap_swpm_wd_backend_rfc_client_nr: # 000 default ++sap_swpm_wd_backend_rfc_user: # DDIC default ++sap_swpm_wd_backend_rfc_user_password: ++sap_swpm_wd_backend_scenario_size: ++sap_swpm_wd_virtual_host: ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - Unix user ++######################################## ++ ++sap_swpm_sapadm_password: ++sap_swpm_sap_sidadm_password: ++ ++sap_swpm_sapadm_uid: ++sap_swpm_sapsys_gid: ++sap_swpm_sidadm_uid: ++ ++ ++######################################## ++# SWPM Ansible Role variables ++# for Default Mode ++# - Misc ++######################################## ++ ++sap_swpm_parallel_jobs_nr: '23' ++ ++sap_swpm_diagnostics_agent_password: ++ ++ ++## --- Individual Software Paths --- ## ++# will follow sap_swpm_software_path ++# alternatively, can be detected and set with sap_install_media_detect Ansible Role ++ ++sap_swpm_igs_path: ++sap_swpm_igs_file_name: ++sap_swpm_igs_helper_path: ++sap_swpm_igs_helper_file_name: ++sap_swpm_kernel_dependent_path: ++sap_swpm_kernel_dependent_file_name: ++sap_swpm_kernel_independent_path: ++sap_swpm_kernel_independent_file_name: ++sap_swpm_web_dispatcher_path: ++sap_swpm_web_dispatcher_file_name: ++sap_swpm_fqdn: ++sap_swpm_set_fqdn: "true" ++ ++# If the template to use already has the passwords and they are encrypted the password file must be in the same path as the parameter file ++sap_swpm_use_password_file: "n" ++sap_swpm_password_file_path: ++ ++sap_swpm_use_livecache: "false" ++sap_swpm_ddic_001_password: ++sap_swpm_load_type: 'SAP' ++ ++ ++sap_swpm_generic: 'false' ++ ++# SWPM ++sap_swpm_swpm_installation_type: "" ++sap_swpm_swpm_installation_header: "" ++sap_swpm_swpm_command_virtual_hostname: "" ++sap_swpm_swpm_command_mp_stack: "" ++ ++# Firewall setup ++sap_swpm_setup_firewall: 'false' ++ ++# Update /etc/hosts ++sap_swpm_update_etchosts: 'false' ++ ++# Display SAP SWPM Unattended Mode output (sapinst stdout) ++sap_swpm_display_unattended_output: false +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/meta/collection-requirements.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/meta/collection-requirements.yml +new file mode 100644 +index 0000000..a6d0e83 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/meta/collection-requirements.yml +@@ -0,0 +1,5 @@ ++--- ++ ++collections: ++ - name: ansible.posix ++ - name: community.general +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/meta/main.yml +new file mode 100644 +index 0000000..e9b4730 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/meta/main.yml +@@ -0,0 +1,14 @@ ++--- ++galaxy_info: ++ namespace: community ++ author: IBM Lab for SAP Solutions, Red Hat for SAP Community of Practice, Jason Masipiquena, Sean Freeman ++ description: Installation of SAP Software using the SAP Software Provisioning Manager (SWPM) on Linux OS (RHEL, SLES) ++ license: Apache-2.0 ++ min_ansible_version: 2.9 ++ platforms: ++ - name: EL ++ versions: [7, 8, 9] ++ - name: SLES ++ versions: [15SP3] ++ galaxy_tags: ['sap', 'swpm', 'sapinst', 'rhel', 'redhat', 'sles', 'suse'] ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/main.yml +new file mode 100644 +index 0000000..aa16a77 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/main.yml +@@ -0,0 +1,15 @@ ++--- ++ ++- name: SAP SWPM - run pre_install tasks ++ ansible.builtin.import_tasks: pre_install.yml ++ tags: ++ - sap_swpm_pre_install ++ - sap_swpm_install ++ ++- name: SAP SWPM - run swpm ++ ansible.builtin.import_tasks: swpm.yml ++ tags: ++ - sap_swpm_install ++ ++- name: SAP SWPM - run postinstall task ++ ansible.builtin.import_tasks: post_install.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install.yml +new file mode 100644 +index 0000000..4e0d399 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install.yml +@@ -0,0 +1,58 @@ ++--- ++ ++# Reason for noqa: The command might change things but we do not yet attempt to find out ++- name: SAP SWPM Post Install - ensure password expiry disabled {{ sap_swpm_sid | lower + 'adm' }} ++ ansible.builtin.shell: | ++ chage -m 0 -M 99999 -I -1 -E -1 {{ sap_swpm_sid | lower }}adm ++ chage -m 0 -M 99999 -I -1 -E -1 sapadm ++ args: ++ executable: /bin/bash ++ become: true ++ register: __sap_swpm_post_install_register_sidadm_noexpire ++ changed_when: __sap_swpm_post_install_register_sidadm_noexpire is succeeded ++ ++# Firewall ++ ++- name: SAP SWPM Post Install - Firewall Setup ++ ansible.builtin.include_tasks: post_install/firewall.yml ++ when: ++ - "sap_swpm_setup_firewall | bool" ++ ++######################################################################################################################## ++ ++- name: SAP SWPM Deployment - Finished ++ ansible.builtin.debug: ++ msg: ++ - ' SAP SWPM deployment successfully completed ' ++ - ' ' ++ - ' SAP Product - {{ sap_swpm_product_catalog_id }} ' ++ - ' SID - {{ sap_swpm_sid }} ' ++ - ' Primary Instance - {{ sap_swpm_pas_instance_nr }} ' ++ - ' Host - {{ ansible_hostname }} ' ++ - ' FQDN - {{ ansible_fqdn }} ' ++ - ' IP - {{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }} ' ++# - ' Master Password - {{ sap_swpm_master_password }} ' ++# - ' DDIC 000 Password - {{ sap_swpm_ddic_000_password }} ' ++ ++# SAP HANA Client will not be installed for any installation with SAP AnyDB ++# and will only be installed alongside SAP NWAS PAS or AAS (not NWAS ASCS) ++- name: SAP SWPM Post Install - Check for SAP HANA Client hdbuserstore ++ ansible.builtin.stat: ++ path: /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore ++ register: __sap_swpm_post_install_register_hdbuserstore_exists ++ ++- name: SAP SWPM Post Install - Enforce Connection Info in SAP HANA Client hdbuserstore ++ ansible.builtin.shell: | ++ /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore \ ++ SET DEFAULT \ ++ {{ sap_swpm_db_host }}:3{{ sap_swpm_db_instance_nr }}13@{{ sap_swpm_db_sid }} \ ++ {{ sap_swpm_db_schema_abap }} '{{ sap_swpm_db_system_password }}' ++ args: ++ executable: /bin/bash ++ become: true ++ become_user: "{{ sap_swpm_sid | lower }}adm" ++ when: ++ - sap_swpm_install_saphostagent is defined and sap_swpm_install_saphostagent ++ - __sap_swpm_post_install_register_hdbuserstore_exists.stat.exists ++ register: __sap_swpm_post_install_register_hdbuserstore_connection ++ changed_when: __sap_swpm_post_install_register_hdbuserstore_connection is succeeded +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install/firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install/firewall.yml +new file mode 100644 +index 0000000..2b6d521 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install/firewall.yml +@@ -0,0 +1,48 @@ ++--- ++ ++- name: SAP SWPM Post Install - Firewall Setup ++ when: ansible_virtualization_role != "guest" or ansible_virtualization_type != "docker" ++ block: ++ ++ - name: SAP SWPM Post Install - Gathering Firewall Facts ++ ansible.builtin.package_facts: ++ manager: auto ++ ++ - name: SAP SWPM Post Install - Setup Firewall if included in packages ++ when: '"firewalld" in ansible_facts.packages' ++ block: ++ ++ - name: SAP SWPM Post Install - Enable and start the firewalld service ++ ansible.builtin.systemd: ++ name: firewalld ++ state: started ++ enabled: yes ++ tags: sap_swpm_configure_firewall ++ ++ - name: SAP SWPM Post Install - Firewall Setup ++ when: ++ - sap_swpm_wd_instance_nr is defined ++ - sap_swpm_wd_instance_nr | length ++ ansible.builtin.set_fact: ++ sap_nw_firewall_ports: ++ - "3200-3399" ++ - "36{{ sap_swpm_pas_instance_nr }}" ++ - "80{{ sap_swpm_pas_instance_nr }}" ++ - "443{{ sap_swpm_pas_instance_nr }}" ++ - "36{{ sap_swpm_ascs_instance_nr }}" ++ - "80{{ sap_swpm_ascs_instance_nr }}" ++ - "443{{ sap_swpm_ascs_instance_nr }}" ++ - "8090" ++ - "44390" ++ - "443{{ sap_swpm_wd_instance_nr }}" ++ ++ - name: SAP SWPM Post Install - Add Ports Based on NR - {{ sap_swpm_pas_instance_nr }} ++ ansible.builtin.include_tasks: update_firewall.yml ++ loop: "{{ sap_nw_firewall_ports }}" ++ loop_control: ++ loop_var: passed_port ++ ++# Reason for noqa: We currently do not determine if reloading the firewall changes anything ++ - name: SAP SWPM Post Install - Reload Firewall # noqa no-changed-when ++ ansible.builtin.shell: | ++ firewall-cmd --reload +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install/update_firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install/update_firewall.yml +new file mode 100644 +index 0000000..bf77074 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/post_install/update_firewall.yml +@@ -0,0 +1,10 @@ ++--- ++# This task requires the variable passed_port ++ ++- name: Update Firewall - {{ passed_port + '/tcp' }} ++ ansible.posix.firewalld: ++ zone: public ++ port: "{{ passed_port }}/tcp" ++ permanent: yes ++ immediate: yes ++ state: enabled +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install.yml +new file mode 100644 +index 0000000..6149fbd +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install.yml +@@ -0,0 +1,79 @@ ++--- ++ ++################ ++# Run Preinstallation Steps Based on Run Mode ++################ ++ ++- name: SAP SWPM Pre Install - Run Preinstallation Steps ++ ansible.builtin.include_tasks: swpm/swpm_pre_install.yml ++ tags: ++ - sap_swpm_generate_inifile ++ - sap_swpm_sapinst_commandline ++ ++################ ++# Set sapinst command ++################ ++ ++- name: SAP SWPM Pre Install - Set sapinst command ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_command_inifile: "SAPINST_INPUT_PARAMETERS_URL={{ sap_swpm_tmpdir.path }}/inifile.params" ++ sap_swpm_swpm_command_product_id: "SAPINST_EXECUTE_PRODUCT_ID={{ sap_swpm_product_catalog_id }}" ++ # If SWPM is running a normal install Ansible Variable sap_swpm_swpm_command_virtual_hostname is blank ++ # IF SWPM is running a HA installation, Ansible Variable sap_swpm_swpm_command_virtual_hostname is set and contains "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" ++ # If SWPM is running a MP Stack XML installation, Ansible Variable sap_swpm_swpm_command_mp_stack is set and contains "SAPINST_STACK_XML={{ sap_swpm_mp_stack_path }} + '/' (if needed) + {{ sap_swpm_mp_stack_file_name }}" ++ sap_swpm_swpm_command_extra_args: "SAPINST_SKIP_DIALOGS=true SAPINST_START_GUISERVER=false {{ sap_swpm_swpm_command_virtual_hostname }} {{ sap_swpm_swpm_command_mp_stack }}" ++ tags: sap_swpm_sapinst_commandline ++ ++################ ++# Pre Install Optional Tasks ++################ ++ ++# Firewall ++ ++- name: SAP SWPM Pre Install - Firewall Setup ++ ansible.builtin.include_tasks: ++ file: pre_install/firewall.yml ++ apply: ++ tags: sap_swpm_setup_firewall ++ when: "sap_swpm_setup_firewall | bool" ++ tags: sap_swpm_setup_firewall ++ ++# /etc/hosts ++ ++- name: SAP SWPM Pre Install - Update /etc/hosts ++ ansible.builtin.include_tasks: ++ file: pre_install/update_etchosts.yml ++ apply: ++ tags: sap_swpm_update_etchosts ++ when: "sap_swpm_update_etchosts | bool" ++ tags: sap_swpm_update_etchosts ++ ++################ ++# Display Parameters ++################ ++ ++- name: SAP SWPM - Display Software ++ ansible.builtin.debug: ++ msg: ++ - " SAPEXEDB - {{ sap_swpm_kernel_dependent_path }}/{{ sap_swpm_kernel_dependent_file_name }} " ++ - " SAPEXE - {{ sap_swpm_kernel_independent_path }}/{{ sap_swpm_kernel_independent_file_name }} " ++ - " IGS Helper - {{ sap_swpm_igs_helper_path }}/{{ sap_swpm_igs_helper_file_name }} " ++ - " IGS - {{ sap_swpm_igs_path }}/{{ sap_swpm_igs_file_name }} " ++ - " WEBDISP - {{ sap_swpm_web_dispatcher_path }}/{{ sap_swpm_web_dispatcher_file_name }} " ++ - " SAPCAR - {{ sap_swpm_sapcar_path }}/{{ sap_swpm_sapcar_file_name }} " ++ - " SWPM - {{ sap_swpm_swpm_path }}/{{ sap_swpm_swpm_sar_file_name }} " ++ - " MP Stack - {{ (sap_swpm_mp_stack_path | d('', true) + '/' + sap_swpm_mp_stack_file_name | d('', true)) | regex_replace('//*', '/') }}" ++ - " Backup - {{ sap_swpm_backup_location }} " ++ ++- name: SAP SWPM - Installation Process ++ ansible.builtin.debug: ++ msg: ++ - ' Ready to run SWPM for SAP Software Installation ' ++ - ' ' ++ - ' SAP Product - {{ sap_swpm_product_catalog_id }} ' ++ - ' SID - {{ sap_swpm_sid }} ' ++ - ' Host - {{ ansible_hostname }} ' ++ - ' ' ++ - ' The installation can take up to 3 hours. Run the following command as root' ++ - ' on {{ ansible_hostname }} to display the installation logs:' ++ - ' # tail -f $(cat /tmp/sapinst_instdir/.lastInstallationLocation)/sapinst.log' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/create_os_user.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/create_os_user.yml +new file mode 100644 +index 0000000..397f81f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/create_os_user.yml +@@ -0,0 +1,51 @@ ++--- ++ ++- name: SAP SWPM Pre Install - Remove existing {{ sap_swpm_sid | lower + 'adm' }} ++ block: ++ ++# Reason for noqa: We currently do not determine if there are processes to be killed ++ - name: SAP SWPM Pre Install - Kill all processes under {{ sap_swpm_sid | lower + 'adm' }} ++ ansible.builtin.shell: | ++ killall -u {{ sap_swpm_sid | lower }}adm ++ ignore_errors: yes ++ changed_when: true ++ ++ - name: SAP SWPM Pre Install - Remove user {{ sap_swpm_sid | lower + 'adm' }} ++ ansible.builtin.user: ++ name: '{{ sap_swpm_sid | lower }}adm' ++ state: absent ++ remove: yes ++ force: yes ++ ++ - name: SAP SWPM Pre Install - Remove group {{ sap_swpm_sid | lower + 'adm' }} ++ ansible.builtin.group: ++ name: '{{ sap_swpm_sid | lower }}adm' ++ state: absent ++ ++- name: SAP SWPM Pre Install - Create sapsys group ++ ansible.builtin.group: ++ name: 'sapsys' ++ gid: '{{ sap_swpm_sapsys_gid }}' ++ state: present ++ ++- name: SAP SWPM Pre Install - Create {{ sap_swpm_sid | lower + 'adm' }} ++ ansible.builtin.user: ++ name: '{{ sap_swpm_sid | lower }}adm' ++ comment: "SAP User - {{ sap_swpm_sid }}" ++ uid: '{{ sap_swpm_sidadm_uid }}' ++ group: '{{ sap_swpm_sapsys_gid }}' ++ ++- name: SAP SWPM Pre Install - Create a /usr/sap/{{ sap_swpm_sid }} ++ ansible.builtin.file: ++ path: /usr/sap/{{ sap_swpm_sid }} ++ state: directory ++ owner: '{{ sap_swpm_sid | lower }}adm' ++ group: sapsys ++ recurse: yes ++ mode: '0755' ++ ++# - name: SAP SWPM Pre Install - Purge parameters so it will not populate inifile.params to prevent SWPM from crashing ++# ansible.builtin.set_facts: ++# sap_swpm_sapadm_uid: "" ++# sap_swpm_sapsys_gid: "" ++# sap_swpm_sidadm_uid: "" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/firewall.yml +new file mode 100644 +index 0000000..87c89bd +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/firewall.yml +@@ -0,0 +1,62 @@ ++--- ++ ++- name: SAP SWPM Pre Install - Firewall Setup ++ when: ansible_virtualization_role != "guest" or ansible_virtualization_type != "docker" ++ block: ++ ++ - name: SAP SWPM Pre Install - Gathering Firewall Facts ++ ansible.builtin.package_facts: ++ manager: auto ++ ++ - name: SAP SWPM Pre Install - Setup Firewall if included in packages ++ when: '"firewalld" in ansible_facts.packages' ++ block: ++ ++ - name: SAP SWPM Pre Install - Enable and start the firewalld service ++ ansible.builtin.systemd: ++ name: firewalld ++ state: started ++ enabled: yes ++ tags: sap_swpm_configure_firewall ++ ++ - name: SAP SWPM Pre Install - Generate SAP HANA Ports Based on NR - {{ sap_swpm_db_instance_nr }} ++ ansible.builtin.set_fact: ++ sap_hana_firewall_ports: ++ - "1128" ++ - "1129" ++ - "43{{ sap_swpm_db_instance_nr }}" ++ - "5050" ++ - "9090" ++ - "9091" ++ - "9092" ++ - "9093" ++ - "3{{ sap_swpm_db_instance_nr }}00-3{{ sap_swpm_db_instance_nr }}90" ++ - "30105" ++ - "30107" ++ - "30140" ++ - "4{{ sap_swpm_db_instance_nr }}01" ++ - "4{{ sap_swpm_db_instance_nr }}02" ++ - "4{{ sap_swpm_db_instance_nr }}06" ++ - "4{{ sap_swpm_db_instance_nr }}12" ++ - "4{{ sap_swpm_db_instance_nr }}14" ++ - "4{{ sap_swpm_db_instance_nr }}40" ++ - "5{{ sap_swpm_db_instance_nr }}00" ++ - "5{{ sap_swpm_db_instance_nr }}13" ++ - "5{{ sap_swpm_db_instance_nr }}14" ++ - "51000" ++ - "64997" ++ when: ++ - not sap_swpm_generic | bool ++ ++ - name: SAP SWPM Pre Install - Add Ports Based on NR - {{ sap_swpm_db_instance_nr }} ++ ansible.builtin.include_tasks: update_firewall.yml ++ loop: "{{ sap_hana_firewall_ports }}" ++ loop_control: ++ loop_var: passed_port ++ when: ++ - not sap_swpm_generic | bool ++ ++# Reason for noqa: We currently do not determine if reloading the firewall changes anything ++ - name: SAP SWPM Pre Install - Reload Firewall # noqa no-changed-when ++ ansible.builtin.shell: | ++ firewall-cmd --reload +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type.yml +new file mode 100644 +index 0000000..1eabb21 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type.yml +@@ -0,0 +1,66 @@ ++--- ++ ++- name: SAP SWPM Pre Install - Determine Installation Type ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_installation_type: "" ++ sap_swpm_swpm_installation_header: "" ++ sap_swpm_swpm_command_virtual_hostname: "" ++ sap_swpm_swpm_command_mp_stack: "" ++ ++################ ++# Determine Installation Type ++################ ++ ++# Ignore Product IDs for SAP NetWeaver 7.5 Java standalone: ++# - Advanced Adapter Engine (AE) with .AE .AEHA ++# - Advanced Adapter Engine Extended (AEX) with .AEX .AEXHA ++# - Process Integration / Process Orchestration (PI/PO) with .PI .PIHA .PIABAP .PIABAPHA .PIJAVA .PIJAVAHA ++ ++#- name: SAP SWPM Pre Install - Check if general SAP Software installation ++# ansible.builtin.set_fact: ++# sap_swpm_swpm_installation_type: "general" ++# sap_swpm_swpm_installation_header: "General installation of SAP Software" ++# when: ++# - "not '.ABAPHA' in sap_swpm_product_catalog_id" ++# - "not '.CP' in sap_swpm_product_catalog_id" ++ ++- name: SAP SWPM Pre Install - Check if System Copy (Backup/Restore) ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_installation_type: "restore" ++ sap_swpm_swpm_installation_header: "System Copy restore from backup" ++ when: ++ - "'.CP' in sap_swpm_product_catalog_id" ++ ++- name: SAP SWPM Pre Install - Check if SAP High Availability installation ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_installation_type: "ha" ++ sap_swpm_swpm_installation_header: "High Availability Installation using virtual hostname" ++ when: ++ - "'.ABAPHA' in sap_swpm_product_catalog_id or '.HA' in sap_swpm_product_catalog_id or '.HACP' in sap_swpm_product_catalog_id" ++ ++- name: SAP SWPM Pre Install - Check if installation using SAP Maintenance Planner ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_installation_type: "maint_plan_stack" ++ sap_swpm_swpm_installation_header: "Installing using SAP Maintenance Planner Stack XML" ++ when: ++ - sap_swpm_mp_stack_path is defined and not sap_swpm_mp_stack_path is none ++ ++- name: SAP SWPM Pre Install - Check if SAP High Availability installation and using SAP Maintenance Planner ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_installation_type: "ha_maint_plan_stack" ++ sap_swpm_swpm_installation_header: "High Availability Installation using virtual hostname and SAP Maintenance Planner Stack XML" ++ when: ++ - "'.ABAPHA' in sap_swpm_product_catalog_id" ++ - sap_swpm_mp_stack_path is defined and not sap_swpm_mp_stack_path is none ++ ++################ ++# Run Installation Type Steps ++################ ++ ++- name: SAP SWPM Pre Install - Display the Installation Type ++ ansible.builtin.debug: ++ var: sap_swpm_swpm_installation_type ++ ++- name: SAP SWPM Pre Install - Run Installation Type Steps ++ ansible.builtin.include_tasks: "install_type/{{ sap_swpm_swpm_installation_type }}_install.yml" ++ when: "sap_swpm_swpm_installation_type | length > 0" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/general_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/general_install.yml +new file mode 100644 +index 0000000..9a31c6e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/general_install.yml +@@ -0,0 +1,3 @@ ++--- ++ ++# Placeholder for future if required +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/ha_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/ha_install.yml +new file mode 100644 +index 0000000..91ce10f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/ha_install.yml +@@ -0,0 +1,15 @@ ++--- ++ ++# High Availability installation ++ ++# See virtual hostname information in SAP Note 2279110 and 962955 ++# Avoid "host with the name is not a valid virtual host on the local host" by using SAP SWPM property IS_HOST_LOCAL_USING_STRING_COMPARE=true ++- name: SAP SWPM Pre Install - HA Installation - Add virtual hostname in sapinst command ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_command_virtual_hostname: "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" ++ ++# Create sidadm and sapsys when HA setup ++- name: SAP SWPM Pre Install - HA Installation - Create User when ASCS (initial HA setup) ++ ansible.builtin.include_tasks: ../create_os_user.yml ++ when: ++ - "'_ASCS' in sap_swpm_product_catalog_id" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/ha_maint_plan_stack_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/ha_maint_plan_stack_install.yml +new file mode 100644 +index 0000000..65c632b +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/ha_maint_plan_stack_install.yml +@@ -0,0 +1,55 @@ ++--- ++ ++# High Availability installation ++ ++# See virtual hostname information in SAP Note 2279110 and 962955 ++# Avoid "host with the name is not a valid virtual host on the local host" by using SAP SWPM property IS_HOST_LOCAL_USING_STRING_COMPARE=true ++- name: SAP SWPM Pre Install - HA Installation - Add virtual hostname in sapinst command ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_command_virtual_hostname: "SAPINST_USE_HOSTNAME={{ sap_swpm_virtual_hostname }} IS_HOST_LOCAL_USING_STRING_COMPARE=true" ++ ++# Create sidadm and sapsys when HA setup ++- name: SAP SWPM Pre Install - HA Installation - Create User when ASCS (initial HA setup) ++ ansible.builtin.include_tasks: ../create_os_user.yml ++ when: ++ - "'_ASCS' in sap_swpm_product_catalog_id" ++ ++ ++# Install using SAP Maintenance Planner Stack XML ++ ++# Check for MP Stack XML if filename not given ++- name: SAP SWPM Pre Install - MP Stack XML - Search for MP_*.xml file in {{ sap_swpm_mp_stack_path }} ++ ansible.builtin.shell: | ++ ls MP*.xml ++ args: ++ chdir: "{{ sap_swpm_mp_stack_path }}" ++ register: sap_swpm_mp_stack_file_get ++ changed_when: false ++# Test if variable string is not defined or None / blank ++ when: (sap_swpm_mp_stack_file_name is not defined) or (sap_swpm_mp_stack_file_name | type_debug == 'NoneType') or (sap_swpm_mp_stack_file_name is none) or (sap_swpm_mp_stack_file_name | length == 0) ++ ++- name: SAP SWPM Pre Install - MP Stack XML - Set fact for filename ++ ansible.builtin.set_fact: ++ sap_swpm_mp_stack_file_name: "{{ sap_swpm_mp_stack_file_get.stdout }}" ++# Test if variable string is not defined or None / blank ++ when: (sap_swpm_mp_stack_file_name is not defined) or (sap_swpm_mp_stack_file_name | type_debug == 'NoneType') or (sap_swpm_mp_stack_file_name is none) or (sap_swpm_mp_stack_file_name | length == 0) ++ ++- name: SAP SWPM Pre Install - MP Stack XML - Show File and Path ++ ansible.builtin.debug: ++ msg: "SAP Maintenance Planner Stack XML is {{ (sap_swpm_mp_stack_path + '/' + sap_swpm_mp_stack_file_name) | regex_replace('//*', '/') }}" ++ ++- name: SAP SWPM Pre Install - MP Stack XML - Set fact for SWPM injection ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_command_mp_stack: "SAPINST_STACK_XML={{ (sap_swpm_mp_stack_path + '/' + sap_swpm_mp_stack_file_name) | regex_replace('//*', '/') }}" ++ ++- name: SAP SWPM Pre Install - MP Stack XML - Ensure (1 of 2) SAP System ID is correct inside SAP Maintenance Plan Stack XML ++ ansible.builtin.replace: ++ path: "{{ (sap_swpm_mp_stack_path + '/' + sap_swpm_mp_stack_file_name) | regex_replace('//*', '/') }}" ++ regexp: '([A-Z][0-9])\w' ++ replace: '{{ sap_swpm_sid | upper }}' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml +new file mode 100644 +index 0000000..095f736 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml +@@ -0,0 +1,40 @@ ++--- ++ ++# Install using SAP Maintenance Planner Stack XML ++ ++# Check for MP Stack XML if filename not given ++- name: SAP SWPM Pre Install - MP Stack XML - Search for MP_*.xml file in {{ sap_swpm_mp_stack_path }} ++ ansible.builtin.shell: | ++ ls MP*.xml ++ args: ++ chdir: "{{ sap_swpm_mp_stack_path }}" ++ register: sap_swpm_mp_stack_file_get ++ changed_when: false ++# Test if variable string is not defined or None / blank ++ when: (sap_swpm_mp_stack_file_name is not defined) or (sap_swpm_mp_stack_file_name | type_debug == 'NoneType') or (sap_swpm_mp_stack_file_name is none) or (sap_swpm_mp_stack_file_name | length == 0) ++ ++- name: SAP SWPM Pre Install - MP Stack XML - Set fact for filename ++ ansible.builtin.set_fact: ++ sap_swpm_mp_stack_file_name: "{{ sap_swpm_mp_stack_file_get.stdout }}" ++# Test if variable string is not defined or None / blank ++ when: (sap_swpm_mp_stack_file_name is not defined) or (sap_swpm_mp_stack_file_name | type_debug == 'NoneType') or (sap_swpm_mp_stack_file_name is none) or (sap_swpm_mp_stack_file_name | length == 0) ++ ++- name: SAP SWPM Pre Install - MP Stack XML - Show File and Path ++ ansible.builtin.debug: ++ msg: "SAP Maintenance Planner Stack XML is {{ (sap_swpm_mp_stack_path + '/' + sap_swpm_mp_stack_file_name) | regex_replace('//*', '/') }}" ++ ++- name: SAP SWPM Pre Install - MP Stack XML - Set fact for SWPM injection ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_command_mp_stack: "SAPINST_STACK_XML={{ (sap_swpm_mp_stack_path + '/' + sap_swpm_mp_stack_file_name) | regex_replace('//*', '/') }}" ++ ++- name: SAP SWPM Pre Install - MP Stack XML - Ensure (1 of 2) SAP System ID is correct inside SAP Maintenance Plan Stack XML ++ ansible.builtin.replace: ++ path: "{{ (sap_swpm_mp_stack_path + '/' + sap_swpm_mp_stack_file_name) | regex_replace('//*', '/') }}" ++ regexp: '([A-Z][0-9])\w' ++ replace: '{{ sap_swpm_sid | upper }}' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/restore_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/restore_install.yml +new file mode 100644 +index 0000000..6dcd133 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/install_type/restore_install.yml +@@ -0,0 +1,20 @@ ++--- ++ ++# System Copy restore installation ++ ++- name: SAP SWPM Pre Install - Check availability backup location - {{ sap_swpm_backup_location }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_backup_location }}" ++ register: sap_swpm_backup_location_stat ++ failed_when: not sap_swpm_backup_location_stat.stat.exists and '.CP' in sap_swpm_product_catalog_id ++ ++- name: SAP SWPM Pre Install - Change ownership of backup location - {{ sap_swpm_backup_location }} ++ ansible.builtin.file: ++ path: "{{ sap_swpm_backup_location }}" ++ state: directory ++ recurse: yes ++ mode: '0755' ++ owner: root ++ group: root ++ when: ++ - sap_swpm_backup_location_stat.stat.exists and sap_swpm_backup_location_stat.stat.isdir +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/password_facts.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/password_facts.yml +new file mode 100644 +index 0000000..aa74a59 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/password_facts.yml +@@ -0,0 +1,21 @@ ++--- ++ ++- name: SAP SWPM Pre Install - Set password facts when ABAP ++ ansible.builtin.set_fact: ++ sap_swpm_db_schema: "{{ sap_swpm_db_schema_abap }}" ++ sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_abap_password }}" ++ when: ++ - "'ABAP' in sap_swpm_product_catalog_id" ++ ++- name: SAP SWPM Pre Install - Set password facts when Java ++ ansible.builtin.set_fact: ++ sap_swpm_db_schema: "{{ sap_swpm_db_schema_java }}" ++ sap_swpm_db_schema_password: "{{ sap_swpm_db_schema_java_password }}" ++ when: ++ - "'Java' in sap_swpm_product_catalog_id" ++ ++- name: SAP SWPM Pre Install - Set other user passwords using master password ++ ansible.builtin.set_fact: ++ sap_swpm_sapadm_password: "{{ sap_swpm_master_password }}" ++ sap_swpm_sap_sidadm_password: "{{ sap_swpm_master_password }}" ++ sap_swpm_diagnostics_agent_password: "{{ sap_swpm_master_password }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/update_etchosts.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/update_etchosts.yml +new file mode 100644 +index 0000000..607be08 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/update_etchosts.yml +@@ -0,0 +1,68 @@ ++--- ++ ++# Update etc hosts for NW ++ ++- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for NW due to missing 'sap_swpm_fqdn' ++ ansible.builtin.debug: ++ msg: "WARN: Not configuring NW entries in '/etc/hosts' because 'sap_swpm_fqdn' is not defined!" ++ when: (sap_swpm_fqdn | type_debug == 'NoneType') or (sap_swpm_fqdn | length == 0) ++ ++# Update etc hosts for HANA ++ ++- name: SAP SWPM Pre Install - Update '/etc/hosts' for NW ++ when: ++ - "sap_swpm_fqdn | type_debug != 'NoneType'" ++ - "sap_swpm_fqdn | length > 0" ++ block: ++ ++ - name: SAP SWPM Pre Install - Deduplicate values from '/etc/hosts' ++ ansible.builtin.lineinfile: ++ path: /etc/hosts ++ create: false ++ regexp: (?i)^\s*{{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }}\s+ ++ state: absent ++ ++# Reason for noqa: 1. Tabs can increase readability; ++# 2. Tabs are allowed for /etc/hosts ++ - name: SAP SWPM Pre Install - Update '/etc/hosts' with NW entry # noqa no-tabs ++ ansible.builtin.lineinfile: ++ path: /etc/hosts ++ line: "{{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }}\t{{ ansible_hostname }}.{{ sap_swpm_fqdn }}\t{{ ansible_hostname }}" ++ ++- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA due to missing 'sap_swpm_db_ip' ++ ansible.builtin.debug: ++ msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_ip' is not defined!" ++ when: (sap_swpm_db_ip | type_debug == 'NoneType') or (sap_swpm_db_ip | length == 0) ++ ++- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA due to missing 'sap_swpm_db_host' ++ ansible.builtin.debug: ++ msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_host' is not defined!" ++ when: (sap_swpm_db_host | type_debug == 'NoneType') or (sap_swpm_db_host | length == 0) ++ ++- name: SAP SWPM Pre Install - Display warning message if '/etc/hosts' is not configured for HANA because 'sap_swpm_db_host' is the current host ++ ansible.builtin.debug: ++ msg: "WARN: Not configuring HANA entries in '/etc/hosts' because 'sap_swpm_db_host' is the current host!" ++ when: sap_swpm_db_host == ansible_hostname ++ ++- name: SAP SWPM Pre Install - Update '/etc/hosts' for HANA ++ when: ++ - "sap_swpm_db_ip | type_debug != 'NoneType'" ++ - "sap_swpm_db_ip | length > 0" ++ - "sap_swpm_db_host | type_debug != 'NoneType'" ++ - "sap_swpm_db_host | length > 0" ++ - "sap_swpm_db_host != ansible_hostname" ++ block: ++ ++ - name: SAP SWPM Pre Install - Deduplicate values from '/etc/hosts' ++ ansible.builtin.lineinfile: ++ path: /etc/hosts ++ create: false ++ regexp: (?i)^\s*{{ sap_swpm_db_ip }}\s+ ++ state: absent ++ ++# Reason for noqa: 1. Tabs can increase readability; ++# 2. Tabs are allowed for /etc/hosts ++ - name: SAP SWPM Pre Install - Update '/etc/hosts' with HANA entry # noqa no-tabs ++ ansible.builtin.lineinfile: ++ path: /etc/hosts ++ line: "{{ sap_swpm_db_ip }}\t{{ sap_swpm_db_host }}.{{ sap_swpm_fqdn }}\t{{ sap_swpm_db_host }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/update_firewall.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/update_firewall.yml +new file mode 100644 +index 0000000..bf77074 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/pre_install/update_firewall.yml +@@ -0,0 +1,10 @@ ++--- ++# This task requires the variable passed_port ++ ++- name: Update Firewall - {{ passed_port + '/tcp' }} ++ ansible.posix.firewalld: ++ zone: public ++ port: "{{ passed_port }}/tcp" ++ permanent: yes ++ immediate: yes ++ state: enabled +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm.yml +new file mode 100644 +index 0000000..34d9860 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm.yml +@@ -0,0 +1,142 @@ ++--- ++ ++### Deprecated standard method, can fail to detect process exit (e.g. hang errors with SAP SWPM 2.0 SP11) ++### Detect changed when using 'SAPinst build information' from beginning of stdout ++### Or detect changed when using instslana.xml at end of stdout (this is the Process XML file aka. SAPInst Software Logistics Toolset Analytics XML file, which records the installation information) ++### Execute SAP SWPM, instead of command module use the shell module to allow use of umask according to SAP SWPM recommendations ++### Use of umask will enforce permissions 755 in /usr/sap etc (thereby resolving any shared NFS mount points initially attached with permissions 777) ++#- name: SAP SWPM - {{ sap_swpm_swpm_installation_header }} ++# ansible.builtin.shell: >- ++# umask {{ sap_swpm_umask | default('022') }}; ++# ./sapinst \ ++# {{ sap_swpm_swpm_command_inifile }} \ ++# {{ sap_swpm_swpm_command_product_id }} \ ++# {{ sap_swpm_swpm_command_extra_args }} ++# register: __sap_swpm_register_sapinst ++# args: ++# chdir: "{{ sap_swpm_sapinst_path }}" ++# failed_when: __sap_swpm_register_sapinst is failed ++# changed_when: "'SAPinst build information' in __sap_swpm_register_sapinst.stdout" ++## changed_when: "'instslana' in __sap_swpm_register_sapinst.stdout" ++ ++ ++### Async method ++ ++# Required for Ansible Module pids ++- name: Install Python devel, Python pip and gcc to system Python ++ ansible.builtin.package: ++ name: ++ - python3-devel ++ - python3-pip ++ - gcc ++ state: present ++ ++# Required for Ansible Module pids ++- name: Install Python dependency psutil to system Python ++ ansible.builtin.pip: ++ name: ++ - psutil ++# executable: pip3.6 ++ ++- name: Set fact for the sapinst command line ++ ansible.builtin.set_fact: ++ __sap_swpm_sapinst_command: "umask {{ sap_swpm_umask | default('022') }} ; ./sapinst {{ sap_swpm_swpm_command_inifile }} {{ sap_swpm_swpm_command_product_id }} {{ sap_swpm_swpm_command_extra_args }}" ++ tags: sap_swpm_sapinst_commandline ++ ++- name: Display the sapinst command line ++ ansible.builtin.debug: ++ msg: "SAP SWPM install command: '{{ __sap_swpm_sapinst_command }}'" ++ tags: sap_swpm_sapinst_commandline ++ ++# Call sapinst synchronously ++# Reason for noqa: This command installs software, so it will change things ++# - name: SAP SWPM - {{ sap_swpm_swpm_installation_header }} # noqa no-changed-when ++# ansible.builtin.command: "{{ __sap_swpm_sapinst_command }}" ++# register: __sap_swpm_register_sapinst ++# args: ++# chdir: "{{ sap_swpm_sapinst_path }}" ++ ++# Execute SAP SWPM, instead of command module use the shell module to allow use of umask according to SAP SWPM recommendations ++# Use of umask will enforce permissions 755 in /usr/sap etc (thereby resolving any shared NFS mount points initially attached with permissions 777) ++# Reason for noqa: This command installs software, so it will change things ++- name: SAP SWPM - {{ sap_swpm_swpm_installation_header }} # noqa no-changed-when ++ ansible.builtin.shell: | ++ {{ __sap_swpm_sapinst_command }} ++ register: __sap_swpm_register_sapinst_async_job ++ args: ++ chdir: "{{ sap_swpm_sapinst_path }}" ++ async: 32400 # Seconds for maximum runtime, set to 9 hours ++ poll: 0 # Seconds between polls, use 0 to run Ansible Tasks concurrently ++ ++# Monitor sapinst process (i.e. ps aux | grep sapinst) and wait for exit ++- name: SAP SWPM - Wait for sapinst process to exit, poll every 60 seconds ++ community.general.pids: ++ name: sapinst ++# shell: ps -ef | awk '/sapinst/&&!/awk/&&!/ansible/{print}' ++ register: pids_sapinst ++ until: "pids_sapinst.pids | length == 0" ++# until: "pids_sapinst.stdout | length == 0" ++ retries: 1000 ++ delay: 60 ++ ++- name: SAP SWPM - Verify if sapinst process finished successfully ++ ansible.builtin.async_status: ++ jid: "{{ __sap_swpm_register_sapinst_async_job.ansible_job_id }}" ++ register: __sap_swpm_register_sapinst ++ failed_when: __sap_swpm_register_sapinst.finished != 1 or __sap_swpm_register_sapinst.rc != 0 ++# #until: __sap_swpm_register_sapinst.finished ++# #retries: 1000 ++# #delay: 60 ++ ++- name: SAP SWPM - Display the sapinst return code ++ ansible.builtin.debug: ++ msg: "{{ __sap_swpm_register_sapinst.rc }}" ++ ++- name: SAP SWPM - Display the sapinst output ++ ansible.builtin.debug: ++ msg: "{{ __sap_swpm_register_sapinst.stdout_lines }}" ++ when: sap_swpm_display_unattended_output ++ ++- name: SAP SWPM - Find last installation location ++ ansible.builtin.command: cat /tmp/sapinst_instdir/.lastInstallationLocation ++ register: swpm_last_install_path ++ changed_when: false ++ ++- name: SAP SWPM - Verify if SWPM success file exists ++ ansible.builtin.stat: ++ path: "{{ swpm_last_install_path.stdout }}/installationSuccesfullyFinished.dat" ++ register: swpm_success_file ++ failed_when: swpm_success_file.stat.exists == false ++ ++# Equivalent to running: cat $(cat /tmp/sapinst_instdir/.lastInstallationLocation)/installationSuccesfullyFinished.dat ++- name: SAP SWPM - Get success file ++ ansible.builtin.command: "cat {{ swpm_last_install_path.stdout }}/installationSuccesfullyFinished.dat" ++ register: swpm_success_file_contents ++ changed_when: false ++ ++- name: SAP SWPM - Find sapcontrol log file/s ++ ansible.builtin.find: ++ paths: "{{ swpm_last_install_path.stdout }}" ++ recurse: false ++ file_type: file ++ patterns: '.*sapcontrol.*log' ++ use_regex: true ++ register: swpm_output_sapcontrol_files ++ ++- name: SAP SWPM - Get sapcontrol file/s ++ ansible.builtin.command: awk -v RS='(^|\n)GetInstanceProperties\n' 'END{printf "%s", $0}' {{ item }} ++ register: swpm_sapcontrol_file_contents ++ changed_when: false ++ loop: "{{ swpm_output_sapcontrol_files.files | map(attribute='path') | list | unique }}" ++ ++- name: SAP SWPM - Display installation finished from success file ++ ansible.builtin.debug: ++ msg: "{{ swpm_success_file_contents.stdout_lines }}" ++ ++- name: SAP SWPM - Display status from sapcontrol file/s ++ ansible.builtin.debug: ++ msg: "{{ ['GetInstanceProperties'] + file_output.stdout_lines }}" ++ loop: "{{ swpm_sapcontrol_file_contents.results }}" ++ loop_control: ++ loop_var: file_output ++ label: "{{ file_output.item }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/detect_variables.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/detect_variables.yml +new file mode 100644 +index 0000000..7b1d299 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/detect_variables.yml +@@ -0,0 +1,79 @@ ++--- ++ ++# Detect Product ID ++- name: SAP SWPM - Detect Product ID ++ ansible.builtin.command: | ++ awk 'BEGIN{IGNORECASE=1;a=0} ++ /Product ID/&&a==0{a=1; gsub ("#", ""); gsub ("\047", ""); product_id=$NF} ++ END{print product_id}' {{ sap_swpm_tmpdir.path }}/inifile.params ++ register: sap_swpm_inifile_product_id_detect ++ changed_when: false ++ when: not sap_swpm_product_catalog_id is defined ++ ++# Set fact for product id ++- name: SAP SWPM - Set SAP product ID ++ ansible.builtin.set_fact: ++ sap_swpm_product_catalog_id: "{{ sap_swpm_inifile_product_id_detect.stdout }}" ++ when: not sap_swpm_product_catalog_id is defined ++ ++- name: SAP SWPM - Display SAP product ID ++ ansible.builtin.debug: ++ msg: ++ - "Product ID is {{ sap_swpm_product_catalog_id }}" ++ ++# Detect Software Path ++- name: SAP SWPM - Detect Software Path ++ ansible.builtin.command: | ++ awk '!/^#/&&/archives.downloadBasket/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params ++ register: sap_swpm_inifile_software_path ++ changed_when: false ++ when: not sap_swpm_software_path is defined ++ ++# Set fact for software path ++- name: SAP SWPM - Set Software Path ++ ansible.builtin.set_fact: ++ sap_swpm_software_path: "{{ sap_swpm_inifile_software_path.stdout }}" ++ when: not sap_swpm_software_path is defined ++ ++- name: SAP SWPM - Display Software Path ++ ansible.builtin.debug: ++ msg: ++ - "Software path is {{ sap_swpm_software_path }}" ++ ++# Detect SID ++- name: SAP SWPM - Detect SID ++ ansible.builtin.command: | ++ awk '!/^#/&&/NW_GetSidNoProfiles.sid/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params ++ register: sap_swpm_inifile_sid ++ changed_when: false ++ when: not sap_swpm_sid is defined ++ ++# Set fact for SID ++- name: SAP SWPM - Set SID ++ ansible.builtin.set_fact: ++ sap_swpm_sid: "{{ sap_swpm_inifile_sid.stdout }}" ++ when: not sap_swpm_sid is defined ++ ++- name: SAP SWPM - Display SAP SID ++ ansible.builtin.debug: ++ msg: ++ - "SAP SID {{ sap_swpm_sid }}" ++ ++# Detect FQDN ++- name: SAP SWPM - Detect FQDN ++ ansible.builtin.command: | ++ awk '!/^#/&&/NW_getFQDN.FQDN/{print $3}' {{ sap_swpm_tmpdir.path }}/inifile.params ++ register: sap_swpm_inifile_fqdn ++ changed_when: false ++ when: not sap_swpm_fqdn is defined ++ ++# Set fact for FQDN ++- name: SAP SWPM - Set FQDN ++ ansible.builtin.set_fact: ++ sap_swpm_fqdn: "{{ sap_swpm_inifile_fqdn.stdout }}" ++ when: not sap_swpm_fqdn is defined ++ ++- name: SAP SWPM - Display FQDN ++ ansible.builtin.debug: ++ msg: ++ - "SAP fqdn {{ sap_swpm_fqdn }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/prepare_software.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/prepare_software.yml +new file mode 100644 +index 0000000..2914d35 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/prepare_software.yml +@@ -0,0 +1,216 @@ ++--- ++ ++################ ++# Prepare software path ++################ ++ ++# Software Path ++ ++- name: SAP SWPM Pre Install - Check availability of software path - {{ sap_swpm_software_path }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_software_path }}" ++ register: sap_swpm_software_path_stat ++ failed_when: not sap_swpm_software_path_stat.stat.exists ++ ++- name: SAP SWPM Pre Install - Change ownership of software path - {{ sap_swpm_software_path }} ++ ansible.builtin.file: ++ path: "{{ sap_swpm_software_path }}" ++ state: directory ++ recurse: yes ++ mode: '0755' ++ owner: root ++ group: root ++ ++ ++# SAPCAR Path ++ ++- name: SAP SWPM Pre Install - Check availability of SAPCAR path - {{ sap_swpm_sapcar_path }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_sapcar_path }}" ++ register: sap_swpm_sapcar_path_stat ++ failed_when: not sap_swpm_sapcar_path_stat.stat.exists ++ ++- name: SAP SWPM Pre Install - Change ownership of SAPCAR path - {{ sap_swpm_sapcar_path }} ++ ansible.builtin.file: ++ path: "{{ sap_swpm_sapcar_path }}" ++ state: directory ++ recurse: yes ++ mode: '0755' ++ owner: root ++ group: root ++ ++# SWPM Path ++ ++- name: SAP SWPM Pre Install - Check availability of SWPM path - {{ sap_swpm_swpm_path }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_swpm_path }}" ++ register: sap_swpm_swpm_path_stat ++ failed_when: not sap_swpm_swpm_path_stat.stat.exists ++ ++- name: SAP SWPM Pre Install - Change ownership of SWPM path - {{ sap_swpm_swpm_path }} ++ ansible.builtin.file: ++ path: "{{ sap_swpm_swpm_path }}" ++ state: directory ++ recurse: yes ++ mode: '0755' ++ owner: root ++ group: root ++ ++ ++################ ++# Get software files from software paths ++################ ++ ++# 1. SAPCAR ++ ++- name: SAP SWPM Pre Install - Get SAPCAR from {{ sap_swpm_sapcar_path }} ++ ansible.builtin.shell: | ++ ls SAPCAR*.EXE ++ args: ++ chdir: "{{ sap_swpm_sapcar_path }}" ++ register: sap_swpm_sapcar_file_name_get ++ changed_when: false ++ ++- name: SAP SWPM Pre Install - Set fact for SAPCAR ++ ansible.builtin.set_fact: ++ sap_swpm_sapcar_file_name: "{{ sap_swpm_sapcar_file_name_get.stdout }}" ++ ++- name: SAP SWPM Pre Install - Check availability of SAPCAR - {{ sap_swpm_sapcar_path + '/' + sap_swpm_sapcar_file_name }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_sapcar_path }}/{{ sap_swpm_sapcar_file_name }}" ++ register: sap_swpm_sapcar_file_name_stat ++ failed_when: not sap_swpm_sapcar_file_name_stat.stat.exists ++ ++# 2. SWPM ++ ++- name: SAP SWPM Pre Install - Get SWPM from {{ sap_swpm_swpm_path }} ++ ansible.builtin.shell: | ++ ls SWPM*.SAR ++ args: ++ chdir: "{{ sap_swpm_swpm_path }}" ++ register: sap_swpm_swpm_sar_file_name_get ++ changed_when: false ++ ++- name: SAP SWPM Pre Install - Set fact for SWPM ++ ansible.builtin.set_fact: ++ sap_swpm_swpm_sar_file_name: "{{ sap_swpm_swpm_sar_file_name_get.stdout }}" ++ ++- name: SAP SWPM Pre Install - Check availability of SWPM - {{ sap_swpm_swpm_path + '/' + sap_swpm_swpm_sar_file_name }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_swpm_path }}/{{ sap_swpm_swpm_sar_file_name }}" ++ register: sap_swpm_swpm_sar_file_name_stat ++ failed_when: not sap_swpm_swpm_sar_file_name_stat.stat.exists ++ ++ ++- name: SAP SWPM Pre Install - Full SAP System ++ when: not sap_swpm_generic | bool ++ block: ++ ++# 3. IGS ++ ++ - name: SAP SWPM Pre Install - Get IGS from software path ++ ansible.builtin.shell: | ++ ls igsexe*.sar ++ args: ++ chdir: "{{ sap_swpm_software_path }}" ++ register: sap_swpm_igs_file_name_get ++ changed_when: false ++ ++ - name: SAP SWPM Pre Install - Set fact for IGS ++ ansible.builtin.set_fact: ++ sap_swpm_igs_path: "{{ sap_swpm_software_path }}" ++ sap_swpm_igs_file_name: "{{ sap_swpm_igs_file_name_get.stdout }}" ++ ++ - name: SAP SWPM Pre Install - Check availability of IGS - {{ sap_swpm_igs_path + '/' + sap_swpm_igs_file_name }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_igs_path }}/{{ sap_swpm_igs_file_name }}" ++ register: sap_swpm_igs_file_name_stat ++ failed_when: not sap_swpm_igs_file_name_stat.stat.exists ++ ++# 4. IGS Helper ++ ++ - name: SAP SWPM Pre Install - Get IGS Helper from software path ++ ansible.builtin.shell: | ++ ls igshelper*.sar ++ args: ++ chdir: "{{ sap_swpm_software_path }}" ++ register: sap_swpm_igs_helper_file_name_get ++ changed_when: false ++ ++ - name: SAP SWPM Pre Install - Set fact for IGS ++ ansible.builtin.set_fact: ++ sap_swpm_igs_helper_path: "{{ sap_swpm_software_path }}" ++ sap_swpm_igs_helper_file_name: "{{ sap_swpm_igs_helper_file_name_get.stdout }}" ++ ++ - name: SAP SWPM Pre Install - Check availability of IGS Helper - {{ sap_swpm_igs_helper_path + '/' + sap_swpm_igs_helper_file_name }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_igs_helper_path }}/{{ sap_swpm_igs_helper_file_name }}" ++ register: sap_swpm_igs_helper_file_name_stat ++ failed_when: not sap_swpm_igs_helper_file_name_stat.stat.exists ++ ++# 5. SAPEXEDB ++ ++ - name: SAP SWPM Pre Install - Get SAPEXEDB from software path ++ ansible.builtin.shell: | ++ ls SAPEXEDB_*.SAR ++ args: ++ chdir: "{{ sap_swpm_software_path }}" ++ register: sap_swpm_kernel_dependent_file_name_get ++ changed_when: false ++ ++ - name: SAP SWPM Pre Install - Set fact for SAPEXEDB ++ ansible.builtin.set_fact: ++ sap_swpm_kernel_dependent_path: "{{ sap_swpm_software_path }}" ++ sap_swpm_kernel_dependent_file_name: "{{ sap_swpm_kernel_dependent_file_name_get.stdout }}" ++ ++ - name: SAP SWPM Pre Install - Check availability of SAPEXEDB - {{ sap_swpm_kernel_dependent_path + '/' + sap_swpm_kernel_dependent_file_name }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_kernel_dependent_path }}/{{ sap_swpm_kernel_dependent_file_name }}" ++ register: sap_swpm_kernel_dependent_file_name_stat ++ failed_when: not sap_swpm_kernel_dependent_file_name_stat.stat.exists ++ ++# 6. SAPEXE ++ ++ - name: SAP SWPM Pre Install - Get SAPEXE from software path ++ ansible.builtin.shell: | ++ ls SAPEXE_*.SAR ++ args: ++ chdir: "{{ sap_swpm_software_path }}" ++ register: sap_swpm_kernel_independent_file_name_get ++ changed_when: false ++ ++ - name: SAP SWPM Pre Install - Set fact for SAPEXE ++ ansible.builtin.set_fact: ++ sap_swpm_kernel_independent_path: "{{ sap_swpm_software_path }}" ++ sap_swpm_kernel_independent_file_name: "{{ sap_swpm_kernel_independent_file_name_get.stdout }}" ++ ++ - name: SAP SWPM Pre Install - Check availability of SAPEXE - {{ sap_swpm_kernel_independent_path + '/' + sap_swpm_kernel_independent_file_name }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_kernel_independent_path }}/{{ sap_swpm_kernel_independent_file_name }}" ++ register: sap_swpm_kernel_independent_file_name_stat ++ failed_when: not sap_swpm_kernel_independent_file_name_stat.stat.exists ++ ++- name: SAP SWPM Pre Install - Webdispatcher ++ when: "'Webdispatcher' in sap_swpm_product_catalog_id" ++ block: ++ ++# 7. Web Dispatcher ++ ++ - name: SAP SWPM Pre Install - Get WEBDISP from software path ++ ansible.builtin.shell: | ++ ls SAPWEBDISP_*.SAR ++ args: ++ chdir: "{{ sap_swpm_software_path }}" ++ register: sap_swpm_web_dispatcher_file_name_get ++ changed_when: false ++ ++ - name: SAP SWPM Pre Install - Set fact for WEBDISP ++ ansible.builtin.set_fact: ++ sap_swpm_web_dispatcher_path: "{{ sap_swpm_software_path }}" ++ sap_swpm_web_dispatcher_file_name: "{{ sap_swpm_web_dispatcher_file_name_get.stdout }}" ++ ++ - name: SAP SWPM Pre Install - Check availability of WEBDISP - {{ sap_swpm_web_dispatcher_path + '/' + sap_swpm_web_dispatcher_file_name }} ++ ansible.builtin.stat: ++ path: "{{ sap_swpm_web_dispatcher_path }}/{{ sap_swpm_web_dispatcher_file_name }}" ++ register: sap_swpm_web_dispatcher_file_name_stat ++ failed_when: not sap_swpm_web_dispatcher_file_name_stat.stat.exists +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml +new file mode 100644 +index 0000000..3228f97 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced.yml +@@ -0,0 +1,34 @@ ++--- ++ ++# Remove Existing inifile.params ++- name: SAP SWPM advanced mode - Ensure 'inifile.params' exists ++ ansible.builtin.copy: ++ dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++ mode: '0640' ++ content: | ++ ### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} ++ tags: sap_swpm_generate_inifile ++ ++- name: SAP SWPM advanced mode - Loop over the dictionary and output to file ++ ansible.builtin.lineinfile: ++ path: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++ state: present ++ insertafter: EOF ++ line: "{{ item.key }} = {{ item.value }}" ++ with_dict: "{{ sap_swpm_inifile_custom_values_dictionary }}" ++ tags: sap_swpm_generate_inifile ++ ++# NOTE: Values in Dictionary Keys for instance numbers must be string using '01' single quote, otherwise SAP SWPM will crash ++ ++# Detect variables from generated inifile ++- name: SAP SWPM advanced mode - Detect Variables ++ ansible.builtin.include_tasks: ++ file: detect_variables.yml ++ apply: ++ tags: sap_swpm_generate_inifile ++ tags: sap_swpm_generate_inifile ++ ++# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) ++# Prepare Software ++- name: SAP SWPM advanced mode - Prepare Software ++ ansible.builtin.include_tasks: prepare_software.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml +new file mode 100644 +index 0000000..efeeab6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_advanced_templates.yml +@@ -0,0 +1,63 @@ ++--- ++ ++# Set facts based on the install dictionary ++- name: SAP SWPM advanced_templates mode - Set product_catalog_id ++ ansible.builtin.set_fact: ++ sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" ++ tags: sap_swpm_generate_inifile ++ ++- name: SAP SWPM advanced_templates mode - Create temporary directory ++ ansible.builtin.tempfile: ++ state: directory ++ suffix: swpmconfig ++ register: sap_swpm_tmpdir ++ tags: sap_swpm_generate_inifile ++ ++# Remove Existing inifile.params ++- name: SAP SWPM advanced_templates mode - Ensure 'inifile.params' exists ++ ansible.builtin.copy: ++ dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++ mode: '0640' ++ content: | ++ ### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} ++ tags: sap_swpm_generate_inifile ++ ++- name: SAP SWPM advanced_templates mode - Loop over the dictionary and output to file ++ ansible.builtin.lineinfile: ++ path: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++ state: present ++ insertafter: EOF ++ line: "{{ item.key }} = {{ item.value }}" ++ with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] }}" ++ tags: sap_swpm_generate_inifile ++ ++# NOTE: Values in Dictionary Keys for instance numbers must be string using '01' single quote, otherwise SAP SWPM will crash ++ ++ ++# Detect variables from generated inifile ++- name: SAP SWPM advanced_templates mode - Detect Variables ++ ansible.builtin.include_tasks: ++ file: detect_variables.yml ++ apply: ++ tags: sap_swpm_generate_inifile ++ tags: sap_swpm_generate_inifile ++ ++# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) ++# Prepare Software ++- name: SAP SWPM advanced_templates mode - Prepare Software ++ ansible.builtin.include_tasks: prepare_software.yml ++ ++# ALT: Generate complete inifile.params with all parameters from control.xml, for every SAP software product ++#- name: ALT: SAP SWPM advanced_templates mode - Generate complete inifile.params ++# script: ./plugins/module_utils/swpm2_parameters_inifile_generate.py '/path/to/controlxml/' ++# args: ++# executable: /bin/python3 ++ ++# ALT: Replace values of generated inifile with custom values ++#- name: ALT: SAP SWPM advanced_templates mode - Replace values of generated inifile with custom values ++# replace: ++# path: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++# regexp: '^{{ item.key }}.*$' ++# replace: '{{ item.key }}={{ item.value }}' ++# backup: yes ++# with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_custom_values_dictionary'] }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml +new file mode 100644 +index 0000000..cc4357f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default.yml +@@ -0,0 +1,30 @@ ++--- ++ ++# Determine Installation Type ++- name: SAP SWPM default mode - Determine Installation Type ++ ansible.builtin.include_tasks: ++ file: ../pre_install/install_type.yml ++ apply: ++ tags: sap_swpm_generate_inifile ++ tags: sap_swpm_generate_inifile ++ ++# Password Facts ++- name: SAP SWPM default mode - Password Facts ++ ansible.builtin.include_tasks: ++ file: ../pre_install/password_facts.yml ++ apply: ++ tags: sap_swpm_generate_inifile ++ tags: sap_swpm_generate_inifile ++ ++# Prepare Software ++- name: SAP SWPM default mode - Prepare Software ++ ansible.builtin.include_tasks: prepare_software.yml ++ ++# Process SWPM Configfile Template ++- name: SAP SWPM default mode - Process SWPM Configfile Template ++ ansible.builtin.template: ++ src: "{{ role_path }}/templates/configfile.j2" ++ dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++ mode: '0640' ++ register: sap_swpm_cftemplate ++ tags: sap_swpm_generate_inifile +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml +new file mode 100644 +index 0000000..68abe9d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_default_templates.yml +@@ -0,0 +1,50 @@ ++--- ++ ++# Set facts based on the install dictionary ++- name: SAP SWPM default_templates mode - Set product_catalog_id and inifile_list ++ ansible.builtin.set_fact: ++ sap_swpm_product_catalog_id: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] }}" ++ sap_swpm_inifile_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_list'] }}" ++ tags: sap_swpm_generate_inifile ++ ++- name: SAP SWPM default_templates mode - Set product_catalog_id and inifile_list ++ ansible.builtin.set_fact: ++ sap_swpm_java_template_id_selected_list: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_java_template_id_selected_list'] }}" ++ when: "'java' in sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_product_catalog_id'] | lower" ++ tags: sap_swpm_generate_inifile ++ ++# Reason for noqa: We want to define variable names based on what is in the dictionary. ++- name: SAP SWPM default_templates mode - If not already defined, use the default variable for the template # noqa var-naming[no-jinja] ++ ansible.builtin.set_fact: ++ "{{ item.key }}": "{{ item.value }}" ++ with_dict: "{{ sap_swpm_templates_install_dictionary[sap_swpm_templates_product_input]['sap_swpm_inifile_dictionary'] }}" ++ tags: sap_swpm_generate_inifile ++ ++# Determine Installation Type ++- name: SAP SWPM default_templates mode - Determine Installation Type ++ ansible.builtin.include_tasks: ++ file: ../pre_install/install_type.yml ++ apply: ++ tags: sap_swpm_generate_inifile ++ tags: sap_swpm_generate_inifile ++ ++# Password Facts ++- name: SAP SWPM default_templates mode - Password Facts ++ ansible.builtin.include_tasks: ++ file: ../pre_install/password_facts.yml ++ apply: ++ tags: sap_swpm_generate_inifile ++ tags: sap_swpm_generate_inifile ++ ++# Prepare Software ++- name: SAP SWPM default_templates mode - Prepare Software ++ ansible.builtin.include_tasks: prepare_software.yml ++ ++# Process SWPM Configfile Template ++- name: SAP SWPM default_templates mode - Process SWPM Configfile Template ++ ansible.builtin.template: ++ src: "{{ role_path }}/templates/configfile.j2" ++ dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++ mode: '0640' ++ register: sap_swpm_cftemplate ++ tags: sap_swpm_generate_inifile +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml +new file mode 100644 +index 0000000..2513a79 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_inifile_generate_inifile_reuse.yml +@@ -0,0 +1,38 @@ ++--- ++ ++# Copy reused inifile ++- name: SAP SWPM inifile_reuse mode - Copy reused inifile ++ ansible.builtin.copy: ++ src: "{{ sap_swpm_inifile_reuse_source }}" ++ dest: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++ mode: '0640' ++ tags: sap_swpm_generate_inifile ++ ++# Check inifile for the presence of a line containing "des25(" ++- name: SAP SWPM inifile_reuse mode - Check inifile for des25 ++ ansible.builtin.shell: | ++ set -o pipefail && cat "{{ sap_swpm_tmpdir.path }}/inifile.params" | ++ awk 'BEGIN{a=0}!/^#/&&/des25\(/{a++}END{print a}' ++ register: sap_swpm_inifile_read_file ++ changed_when: false ++ tags: sap_swpm_generate_inifile ++ ++# Check if inifile is reusable - function des25 must not be present in inifile ++- name: SAP SWPM inifile_reuse mode - Check if inifile is reusable, meaning function des25 is not present ++ ansible.builtin.fail: ++ msg: "{{ sap_swpm_inifile_reuse_source }} is not reusable" ++ when: sap_swpm_inifile_read_file.stdout != '0' ++ tags: sap_swpm_generate_inifile ++ ++# Detect variables from generated inifile ++- name: SAP SWPM inifile_reuse mode - Detect Variables ++ ansible.builtin.include_tasks: ++ file: detect_variables.yml ++ apply: ++ tags: sap_swpm_generate_inifile ++ tags: sap_swpm_generate_inifile ++ ++# Requires variables - sap_swpm_software_path (e.g. /software/download_basket), sap_swpm_sapcar_path (e.g. /software/sapcar), sap_swpm_swpm_path (e.g. /software/swpm) ++# Prepare Software ++- name: SAP SWPM inifile_reuse mode - Prepare Software ++ ansible.builtin.include_tasks: prepare_software.yml +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml +new file mode 100644 +index 0000000..bf0afcc +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/tasks/swpm/swpm_pre_install.yml +@@ -0,0 +1,53 @@ ++--- ++ ++# Create temporary directory ++- name: SAP SWPM Pre Install - Create temporary directory ++ ansible.builtin.tempfile: ++ state: directory ++ suffix: swpmconfig ++ register: sap_swpm_tmpdir ++ tags: ++ - sap_swpm_generate_inifile ++ - sap_swpm_sapinst_commandline ++ ++# Copy password file to the same location as inifile.params ++- name: SAP SWPM Pre Install - Copy password file to the same location as inifile.params ++ ansible.builtin.copy: ++ src: "{{ sap_swpm_password_file_path }}/instkey.pkey" ++ dest: "{{ sap_swpm_tmpdir.path }}/instkey.pkey" ++ remote_src: yes ++ mode: '0640' ++ when: sap_swpm_use_password_file == "y" ++ tags: sap_swpm_generate_inifile ++ ++# Run SWPM inifile generation based on ansible role mode ++- name: SAP SWPM Pre Install - generate swpm inifile ++ ansible.builtin.include_tasks: "swpm_inifile_generate_{{ sap_swpm_ansible_role_mode }}.yml" ++ tags: sap_swpm_generate_inifile ++ ++- name: SAP SWPM Pre Install - Display the location of file 'inifile.params' ++ ansible.builtin.debug: ++ msg: "{{ sap_swpm_tmpdir.path }}/inifile.params" ++ tags: sap_swpm_generate_inifile ++ ++# Set fact for SWPM path ++- name: SAP SWPM Pre Install - Set fact for SWPM path ++ ansible.builtin.set_fact: ++ sap_swpm_sapinst_path: "{{ sap_swpm_swpm_path }}/sap_swpm_extracted" ++ ++- name: SAP SWPM Pre Install - Ensure directory '{{ sap_swpm_sapinst_path }}' exists ++ ansible.builtin.file: ++ path: "{{ sap_swpm_sapinst_path }}" ++ state: directory ++ mode: '0755' ++ ++# Extract SWPM ++- name: SAP SWPM Pre Install - Extract SWPM ++ ansible.builtin.command: >- ++ {{ sap_swpm_sapcar_path }}/{{ sap_swpm_sapcar_file_name }} \ ++ -xvf {{ sap_swpm_swpm_path }}/{{ sap_swpm_swpm_sar_file_name }} \ ++ -manifest SIGNATURE.SMF ++ register: sap_swpm_extractswpm ++ args: ++ chdir: "{{ sap_swpm_sapinst_path }}" ++ changed_when: "'SAPCAR: processing archive' in sap_swpm_extractswpm.stdout" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/templates/configfile.j2 b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/templates/configfile.j2 +new file mode 100644 +index 0000000..4e0d841 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_swpm/templates/configfile.j2 +@@ -0,0 +1,959 @@ ++### inifile.params generated for SWPM Catalog Product ID is {{ sap_swpm_product_catalog_id }} ++ ++{% if 'swpm_installation_media' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media ++###### ++archives.downloadBasket = {{ sap_swpm_software_path }} ++ ++# installation_export.archivesFolder = {{ sap_swpm_cd_export_path }} ++ ++# NOTE: Specific media requirements will use format ++# SAPINST.CD.PACKAGE. = ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm2_hana' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm2_hana ++###### ++HDB_Software_Dialogs.useMediaCD = {{ sap_swpm_software_use_media }} ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm1' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm1 ++###### ++SAPINST.CD.PACKAGE.LANGUAGE = {{ sap_swpm_cd_language_path }} ++SAPINST.CD.PACKAGE.JAVA = {{ sap_swpm_cd_java_path }} ++SAPINST.CD.PACKAGE.RDBMS = {{ sap_swpm_cd_rdbms_path }} ++# SAPINST.CD.PACKAGE.KERNEL = ++# SAPINST.CD.PACKAGE.KERNEL2 = ++# SAPINST.CD.PACKAGE.KERNEL3 = ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm1_exportfiles' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm1_exportfiles ++###### ++SAPINST.CD.PACKAGE.EXPORT = {{ sap_swpm_cd_export_path }} ++# SAPINST.CD.PACKAGE.LOAD = ++SAPINST.CD.PACKAGE.LOAD1 = {{ sap_swpm_cd_export_pt1_path }} ++SAPINST.CD.PACKAGE.LOAD2 = {{ sap_swpm_cd_export_pt2_path }} ++# SAPINST.CD.PACKAGE.JMIG = ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm1_ibmdb2' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm1_ibmdb2 ++###### ++# Requested package : RDBMS-DB6 ++SAPINST.CD.PACKAGE.DB2 = {{ sap_swpm_cd_ibmdb2_path }} ++ ++# Requested package : RDBMS-DB6 CLIENT ++SAPINST.CD.PACKAGE.DB2CLIENT = {{ sap_swpm_cd_ibmdb2_client_path }} ++ ++# IBM DB2 software unpack path e.g. /db2/db2x01/db2_software ++db6.DB2SoftwarePath = {{ sap_swpm_ibmdb2_unpack_path }} ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm1_oracledb_121' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm1_oracledb_121 ++###### ++# Requested package : RDBMS-ORA ++SAPINST.CD.PACKAGE.RDBMS-ORA121 = {{ sap_swpm_cd_oracle_path }} ++ ++# Requested package : RDBMS-ORA CLIENT ++SAPINST.CD.PACKAGE.ORACLI121 = {{ sap_swpm_cd_oracle_client_path }} ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm1_oracledb_122' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm1_oracledb_122 ++###### ++# Requested package : RDBMS-ORA ++SAPINST.CD.PACKAGE.RDBMS-ORA122 = {{ sap_swpm_cd_oracle_path }} ++ ++# Requested package : RDBMS-ORA CLIENT ++SAPINST.CD.PACKAGE.ORACLI122 = {{ sap_swpm_cd_oracle_client_path }} ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm1_oracledb_19' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm1_oracledb_19 ++###### ++# Requested package : RDBMS-ORA ++SAPINST.CD.PACKAGE.RDBMS-ORA19 = {{ sap_swpm_cd_oracle_path }} ++ ++# Requested package : RDBMS-ORA CLIENT ++SAPINST.CD.PACKAGE.ORACLI19 = {{ sap_swpm_cd_oracle_client_path }} ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm1_sapase' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm1_sapase ++###### ++# Requested package : RDBMS-SYB ++SAPINST.CD.PACKAGE.RDBMS-SYB = {{ sap_swpm_cd_sapase_path }} ++SAPINST.CD.PACKAGE.RDBMS-SYB-CLIENT = {{ sap_swpm_cd_sapase_client_path }} ++ ++{% endif %} ++ ++{% if 'swpm_installation_media_swpm1_sapmaxdb' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_swpm1_sapmaxdb ++###### ++# Requested package : RDBMS-ADA ++SAPINST.CD.PACKAGE.RDBMS-ADA = {{ sap_swpm_cd_sapmaxdb_path }} ++{% endif %} ++ ++{% if 'maintenance_plan_stack_tms_config' in sap_swpm_inifile_list %} ++###### ++# maintenance_plan_stack_tms_config ++###### ++NW_ABAP_TMSConfig.configureTMS = {{ sap_swpm_configure_tms | lower }} ++NW_ABAP_TMSConfig.transportPassword = {{ sap_swpm_tmsadm_password }} ++{% endif %} ++ ++{% if 'maintenance_plan_stack_tms_transports' in sap_swpm_inifile_list %} ++###### ++# maintenance_plan_stack_tms_transports ++###### ++NW_ABAP_Include_Corrections.includeTransports = true ++NW_ABAP_Include_Corrections.transportFilesLocations = {{ sap_swpm_tms_tr_files_path }} ++{% endif %} ++ ++{% if 'maintenance_plan_stack_spam_config' in sap_swpm_inifile_list %} ++###### ++# maintenance_plan_stack_spam_config ++###### ++NW_ABAP_SPAM_Update.SPAMUpdateDecision = {{ sap_swpm_spam_update | lower }} ++{% if sap_swpm_spam_update %} ++NW_ABAP_SPAM_Update.SPAMUpdateArchive = {{ sap_swpm_spam_update_sar }} ++{% else %} ++#NW_ABAP_SPAM_Update.SPAMUpdateArchive = ++{% endif %} ++{% endif %} ++ ++{% if 'maintenance_plan_stack_sum_config' in sap_swpm_inifile_list %} ++###### ++# maintenance_plan_stack_sum_config ++###### ++NW_ABAP_Prepare_SUM.prepareSUM = {{ sap_swpm_sum_prepare | lower }} ++NW_ABAP_Prepare_SUM.startSUM = {{ sap_swpm_sum_start | lower }} ++ ++# Password for SUM must be for 'adm' user ++NW_ABAP_Prepare_SUM.Password = {{ sap_swpm_sap_sidadm_password }} ++{% endif %} ++ ++{% if 'maintenance_plan_stack_sum_10_batch_mode' in sap_swpm_inifile_list %} ++###### ++# maintenance_plan_stack_sum_10_batch_mode ++###### ++# Re-run of existing BatchModeInputFile.xml for NWAS JAVA (generated by SUM 1.0 on previous host into the /sdt/param/ subdirectory) ++NW_ABAP_Prepare_SUM.SUMBatchFile = {{ sap_swpm_sum_batch_file }} ++{% endif %} ++ ++{% if 'credentials' in sap_swpm_inifile_list %} ++###### ++# credentials ++###### ++# Master password ++NW_GetMasterPassword.masterPwd = {{ sap_swpm_master_password }} ++ ++# 'adm' user ++nwUsers.sidadmPassword = {{ sap_swpm_sap_sidadm_password }} ++ ++DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} ++ ++# 'sapadm' user of the SAP Host Agent ++hostAgent.sapAdmPassword = {{ sap_swpm_sapadm_password }} ++{% endif %} ++ ++{% if 'credentials_hana' in sap_swpm_inifile_list %} ++###### ++# credentials_hana ++###### ++HDB_Schema_Check_Dialogs.schemaPassword = {{ sap_swpm_db_schema_password }} ++storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} ++{% endif %} ++ ++{% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_list %} ++###### ++# credentials_anydb_ibmdb2 ++###### ++nwUsers.db6.db2sidPassword = {{ sap_swpm_sap_sidadm_password }} ++# nwUsers.db6.db2sidUid = ++{% endif %} ++ ++{% if 'credentials_anydb_oracledb' in sap_swpm_inifile_list %} ++###### ++# credentials_anydb_oracledb ++###### ++# Oracle database software owner ++ora.oraclePassword = {{ sap_swpm_sap_sidadm_password }} ++ ++# 'ora' user ++ora.orasidPassword = {{ sap_swpm_sap_sidadm_password }} ++ ++# Oracle 'SYS' password ++ora.SysPassword = {{ sap_swpm_db_system_password }} ++ ++# Oracle 'SYSTEM' password ++ora.SystemPassword = {{ sap_swpm_db_system_password }} ++{% endif %} ++ ++{% if 'credentials_anydb_sapase' in sap_swpm_inifile_list %} ++###### ++# credentials_anydb_sapase ++###### ++nwUsers.syb.sybsidPassword = {{ sap_swpm_sap_sidadm_password }} ++SYB.NW_DB.sa_pass = {{ sap_swpm_master_password }} ++SYB.NW_DB.sapsa_pass = {{ sap_swpm_master_password }} ++SYB.NW_DB.sapsr3_pass = {{ sap_swpm_master_password }} ++SYB.NW_DB.sapsr3db_pass = {{ sap_swpm_db_system_password }} ++# SYB.NW_DB.encryptionMasterKeyPassword = ++# SYB.NW_DB.sapsso_pass = ++# SYB.NW_DB.sslPassword = ++{% endif %} ++ ++{% if 'credentials_anydb_sapmaxdb' in sap_swpm_inifile_list %} ++###### ++# credentials_anydb_sapmaxdb ++# ++# The password of user DBUser may only consist of alphanumeric characters and the special characters #, $, @ and _ ++###### ++nwUsers.ada.sqdsidPassword = {{ sap_swpm_sap_sidadm_password }} ++Sdb_DBUser.dbaPassword = {{ sap_swpm_db_system_password }} ++Sdb_DBUser.dbmPassword = {{ sap_swpm_db_system_password }} ++Sdb_Schema_Dialogs.dbSchemaPassword = {{ sap_swpm_db_schema_password }} ++{% endif %} ++ ++{% if 'credentials_nwas_ssfs' in sap_swpm_inifile_list %} ++###### ++# credentials_nwas_ssfs ++###### ++HDB_Userstore.useABAPSSFS = true ++# NW_ABAP_SSFS_CustomKey.ssfsKeyInputFile = ++{% endif %} ++ ++{% if 'credentials_hdbuserstore' in sap_swpm_inifile_list %} ++###### ++# credentials_hdbuserstore ++###### ++HDB_Userstore.useABAPSSFS = false ++# HDB_Userstore.doNotResolveHostnames = ++# HDB_Userstore.HDB_USE_IDENT = ++# HDB_Userstore.systemDBPort = ++# NW_HDB_DBClient.checkCreateUserstore = true ++# NW_HDB_DBClient.clientPathStrategy = LOCAL ++{% endif %} ++ ++{% if 'credentials_syscopy' in sap_swpm_inifile_list %} ++###### ++# credentials_syscopy ++###### ++# Are the passwords for the DDIC users different from the default value? ++NW_DDIC_Password.needDDICPasswords = true ++NW_DDIC_Password.ddic000Password = {{ sap_swpm_ddic_000_password }} ++#NW_DDIC_Password.ddic001Password = ++{% endif %} ++ ++{% if 'db_config_hana' in sap_swpm_inifile_list %} ++###### ++# db_config_hana ++###### ++storageBasedCopy.hdb.instanceNumber = {{ sap_swpm_db_instance_nr }} ++HDB_Schema_Check_Dialogs.schemaName = {{ sap_swpm_db_schema }} ++ ++{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} ++HDB_Schema_Check_Dialogs.validateSchemaName = true ++{% else %} ++HDB_Schema_Check_Dialogs.validateSchemaName = false ++{% endif %} ++ ++# HDB_Schema_Check_Dialogs.dropSchema = false ++# hdb.create.dbacockpit.user = false ++{% endif %} ++ ++{% if 'db_config_anydb_all' in sap_swpm_inifile_list %} ++###### ++# db_config_anydb_all ++###### ++NW_ABAP_Import_Dialog.dbCodepage = 4103 ++{% endif %} ++ ++{% if 'db_config_anydb_ibmdb2' in sap_swpm_inifile_list %} ++###### ++# db_config_anydb_ibmdb2 ++###### ++NW_ABAP_Import_Dialog.migmonJobNum = 3 ++NW_ABAP_Import_Dialog.migmonLoadArgs = -stop_on_error -loadprocedure fast LOAD:COMPRESS_ALL:DEF_CRT ++NW_getDBInfoGeneric.dbhost = {{ sap_swpm_db_host }} ++NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} ++NW_getUnicode.isUnicode = true ++# db6.useMcod = true ++# db6.useBluSettings = false ++# db6.gid_sysadm = ++# db6.gid_sysctrl = ++# db6.gid_sysmaint = ++# db6.gid_sysmon = ++db6.allowUnsignedDatabaseSoftware = true ++db6.cluster.ClusterType = HADR (High Availability Disaster Recovery) ++db6.createTablespacesUsingSapinst = true ++db6.minimizeDatabaseSizeCompression = true ++db6.TablespacePoolSizes = SAPSID#DATA{20} ++db6.useAutoStorage = true ++db6.useExtraSapdataSaptmpDirLayout = false ++db6.UseStandardTablespacePool = true ++db6.usesLDAP = false ++storageBasedCopy.db6.CommunicationPortNumber = 5912 ++storageBasedCopy.db6.PortRangeEnd = 5917 ++storageBasedCopy.db6.PortRangeStart = 5914 ++{% endif %} ++ ++{% if 'db_config_anydb_oracledb' in sap_swpm_inifile_list %} ++###### ++# db_config_anydb_oracledb ++###### ++NW_ABAP_Import_Dialog.migmonJobNum = 3 ++NW_ABAP_Import_Dialog.migmonLoadArgs = -stop_on_error -loadprocedure fast ++NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} ++storageBasedCopy.ora.listenerName = SAPORALISTENER ++# storageBasedCopy.ora.listenerPort = ++storageBasedCopy.ora.ABAPSchema = {{ sap_swpm_db_schema_abap }} ++# storageBasedCopy.ora.JavaSchema = {{ sap_swpm_db_schema_java }} ++# storageBasedCopy.ora.swowner = oracle ++ora.createStatisticsCodeABAP = SKIP ++ora.createStatisticsCodeJAVA = SKIP ++ora.multitenant.pdbsid = {{ sap_swpm_sid | upper }} ++ora.whatInstallation = isSingle ++# ora.IgnoreClientVersion = false ++# ora.maxDatafileSize = 2000 ++ ++#### Oracle Multitenant Pluggable DB: #### ++#### a single Oracle Container Database (CDB) can host multiple Oracle Pluggable Databases (PDB) #### ++## FALSE: no pluggable installation (default value) ++## CDB_PDB: install CDB and PDB ++## PDB_ONLY: install PDB only in an existing CDB. ++## CDB_ONLY: install CDB only. ++ora.multitenant.installMT = FALSE ++{% endif %} ++ ++{% if 'db_config_anydb_oracledb_121' in sap_swpm_inifile_list %} ++###### ++# db_config_anydb_oracledb_121 ++# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) ++###### ++ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/121 ++storageBasedCopy.ora.clientVersion = 121 ++storageBasedCopy.ora.serverVersion = 121 ++{% endif %} ++ ++{% if 'db_config_anydb_oracledb_122' in sap_swpm_inifile_list %} ++###### ++# db_config_anydb_oracledb_122 ++# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) ++###### ++ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/122 ++storageBasedCopy.ora.clientVersion = 122 ++storageBasedCopy.ora.serverVersion = 122 ++{% endif %} ++ ++{% if 'db_config_anydb_oracledb_19' in sap_swpm_inifile_list %} ++###### ++# db_config_anydb_oracledb_19 ++# Use path to Oracle Home - Runtime (i.e. $OHRDBMS env var) ++###### ++ora.dbhome = /oracle/{{ sap_swpm_db_sid }}/19 ++storageBasedCopy.ora.clientVersion = 19 ++storageBasedCopy.ora.serverVersion = 19 ++{% endif %} ++ ++{% if 'db_config_anydb_sapase' in sap_swpm_inifile_list %} ++###### ++# db_config_anydb_sapase ++###### ++NW_ABAP_Import_Dialog.migmonJobNum = 3 ++NW_ABAP_Import_Dialog.migmonLoadArgs = -c 100000 -loadprocedure fast ++NW_SYB_DBPostload.numberParallelStatisticJobs = 0 ++SYB.NW_DB.aseSortOrder = binaryalt ++SYB.NW_DB.databaseDevices = data device for SAP,/sybase/{{ sap_swpm_sid | upper }}/sapdata_1,88,,,{{ sap_swpm_sid | upper }}_data_001,log device for SAP,/sybase/{{ sap_swpm_sid | upper }}/saplog_1,10,,,{{ sap_swpm_sid | upper }}_log_001,data device for saptools,/sybase/{{ sap_swpm_sid | upper }}/sapdiag,2,,,saptools_data_001,log device for saptools,/sybase/{{ sap_swpm_sid | upper }}/sapdiag,2,,,saptools_log_001,data device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,1,,,sybsecurity_data_001,data device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,1,,,sybsecurity_data_002,log device for sybsecurity,/sybase/{{ sap_swpm_sid | upper }}/sybsecurity,0.5,,,sybsecurity_log_001,temp device for SAP,/sybase/{{ sap_swpm_sid | upper }}/saptemp,8,,,saptempdb_data_001, ++SYB.NW_DB.databaseType = ase ++SYB.NW_DB.enableGranularPermissions = true ++SYB.NW_DB.enableStrongCipherSuitesForSSL = false ++SYB.NW_DB.folderDatabaseSoftware = /sybase/{{ sap_swpm_sid | upper }} ++SYB.NW_DB.folderDiagDevice = /sybase/{{ sap_swpm_sid | upper }}/sapdiag ++SYB.NW_DB.folderSAPTempdbDevice = /sybase/{{ sap_swpm_sid | upper }}/saptemp ++SYB.NW_DB.folderSecurityDevices = /sybase/{{ sap_swpm_sid | upper }}/sybsecurity ++SYB.NW_DB.folderSystemDevices = /sybase/{{ sap_swpm_sid | upper }}/sybsystem ++SYB.NW_DB.folderTempdbDevice = /sybase/{{ sap_swpm_sid | upper }}/sybtemp ++SYB.NW_DB.indexConsumers = 3 ++SYB.NW_DB.initializeDefaultSystemEncryptionPassword = false ++SYB.NW_DB.maxIndexParallelDegree = 10 ++SYB.NW_DB.maxQueryParallelDegree = 10 ++SYB.NW_DB.numberWorkerProcesses = 50 ++SYB.NW_DB.sqlServerConnections = 200 ++SYB.NW_DB.sqlServerHostname = {{ sap_swpm_db_host }} ++SYB.NW_DB.sybmgmtdbDataDeviceFolder = /sybase/{{ sap_swpm_sid | upper }}/sybsystem ++SYB.NW_DB.sybmgmtdbLogDeviceFolder = /sybase/{{ sap_swpm_sid | upper }}/sybsystem ++SYB.NW_DB.userstore_hostname = {{ sap_swpm_ascs_instance_hostname }} ++ ++# To avoid conflicts, leave all Ports blank and SAP SWPM will auto-assign ++# Ports by default are in order 4901, 4902, 4903, 4904. For each new ASE DB Server instance on the host, each port number is incremented by 4 ++SYB.NW_DB.portDatabaseServer = ++SYB.NW_DB.portBackupServer = ++SYB.NW_DB.portJobScheduler = ++SYB.NW_DB.portXPServer = ++{% endif %} ++ ++{% if 'db_config_anydb_sapmaxdb' in sap_swpm_inifile_list %} ++###### ++# db_config_anydb_sapmaxdb ++###### ++NW_ABAP_Import_Dialog.migmonJobNum = 90 ++NW_ABAP_Import_Dialog.migmonLoadArgs = -para_cnt 90 ++NW_ADA_getDBInfo.dbsid = {{ sap_swpm_db_sid }} ++SdbInstanceDialogs.DB_sessions = 100 ++SdbInstanceDialogs.minlogsize = 4000 ++SdbInstanceDialogs.sapdataFolder = sapdata ++SdbInstanceDialogs.saplogFolder = saplog ++{% endif %} ++ ++{% if 'db_connection_nw_hana' in sap_swpm_inifile_list %} ++###### ++# db_connection_nw_hana ++###### ++NW_HDB_getDBInfo.dbhost = {{ sap_swpm_db_host }} ++NW_HDB_getDBInfo.dbsid = {{ sap_swpm_db_sid }} ++NW_HDB_getDBInfo.instanceNumber = {{ sap_swpm_db_instance_nr }} ++NW_HDB_getDBInfo.systemid = {{ sap_swpm_db_sid }} ++NW_HDB_getDBInfo.systemPassword = {{ sap_swpm_db_system_password }} ++# NW_HDB_getDBInfo.systemDbSid = SystemDB ++NW_HDB_getDBInfo.systemDbPassword = {{ sap_swpm_db_systemdb_password }} ++NW_HDB_DB.abapSchemaName = {{ sap_swpm_db_schema_abap }} ++NW_HDB_DB.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} ++NW_HDB_DB.javaSchemaName = {{ sap_swpm_db_schema_java }} ++NW_HDB_DB.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} ++NW_Recovery_Install_HDB.extractLocation = /usr/sap/{{ sap_swpm_db_sid }}/HDB{{ sap_swpm_db_instance_nr }}/backup/data/DB_HDB ++NW_Recovery_Install_HDB.extractParallelJobs = {{ sap_swpm_parallel_jobs_nr }} ++NW_Recovery_Install_HDB.sidAdmName = {{ sap_swpm_db_sid | lower }}adm ++NW_Recovery_Install_HDB.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} ++# NW_HDB_getDBInfo.dbadmin = SYSTEM ++# NW_HDB_getDBInfo.tenantOsGroup = {{ sap_swpm_db_sid | lower }}grp ++# NW_HDB_getDBInfo.tenantOsUser = {{ sap_swpm_db_sid | lower }}usr ++# NW_HDB_getDBInfo.tenantPort = ++{% endif %} ++ ++{% if 'db_connection_nw_anydb_ibmdb2' in sap_swpm_inifile_list %} ++###### ++# db_connection_nw_anydb_ibmdb2 ++###### ++# db6.UseDb2SSLClientServerComm = false ++nwUsers.db6.sapsidPassword = {{ sap_swpm_sapadm_password }} ++# nwUsers.db6.sapsidUid = ++ ++# nwUsers.db6.sapsiddbPassword = ++# nwUsers.db6.sapsiddbUid = ++ ++# Database Schema and Database Connect User for ABAP (default is sap and not sap) ++NW_DB6_DB.db6.abap.connect.user = sap{{ sap_swpm_sid | lower }} ++NW_DB6_DB.db6.abap.schema = sap{{ sap_swpm_sid | lower }} ++# NW_DB6_DB.db6.java.connect.user = ++# NW_DB6_DB.db6.java.schema = ++{% endif %} ++ ++{% if 'db_connection_nw_anydb_oracledb' in sap_swpm_inifile_list %} ++###### ++# db_connection_nw_anydb_oracledb ++###### ++storageBasedCopy.abapSchemaPassword = {{ sap_swpm_db_schema_abap_password }} ++storageBasedCopy.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} ++{% endif %} ++ ++{% if 'db_connection_nw_anydb_sapase' in sap_swpm_inifile_list %} ++###### ++# db_connection_nw_anydb_sapase ++###### ++# NW_SYB_CIABAP.sapsaPassword = ++{% endif %} ++ ++{% if 'db_restore_hana' in sap_swpm_inifile_list %} ++###### ++# db_restore_hana ++###### ++NW_HDB_getDBInfo.systemPasswordBackup = {{ sap_swpm_backup_system_password }} ++HDB_Recovery_Dialogs.backupLocation = {{ sap_swpm_backup_location }} ++HDB_Recovery_Dialogs.backupName = {{ sap_swpm_backup_prefix }} ++HDB_Recovery_Dialogs.sapControlWsdlUrl = http://{{ sap_swpm_db_host }}:5{{ sap_swpm_db_instance_nr }}13/SAPControl?wsdl ++HDB_Recovery_Dialogs.sidAdmName = {{ sap_swpm_db_sid | lower }}adm ++HDB_Recovery_Dialogs.sidAdmPassword = {{ sap_swpm_db_sidadm_password }} ++# HDB_Recovery_Dialogs.backupDestinationType = File ++# HDB_Recovery_Dialogs.licenseFile = ++# HDB_Recovery_Dialogs.skipExistenceCheck = false ++# HDB_Recovery_Dialogs.sourceDatabaseSid = ++# HDB_Recovery_Dialogs.useLicenseFile = false ++# NW_Recovery_Install_HDB.checkIntegrity = false ++# NW_Recovery_Install_HDB.backupLocationHANA = ++# NW_Recovery_Install_HDB.backupLocationSAP = ++# NW_Recovery_Install_HDB.loadOrMount = load ++# HDB_System_Check_Dialogs.initTopology = false ++# NW_CreateDBandLoad.movePVCforUsagePiAndDi = ++{% endif %} ++ ++{% if 'nw_config_anydb' in sap_swpm_inifile_list %} ++###### ++# nw_config_anydb ++###### ++# Distributed installation or system copy with any database and SAP Basis release 740 or higher: ++# Execute ABAP program 'RUTPOADAPT' for depooling. Set it to 'true' if declustering / depooling is selected for the distributed database instance installation option ++NW_CI_Instance_ABAP_Reports.executeReportsForDepooling = false ++{% endif %} ++ ++{% if 'nw_config_other' in sap_swpm_inifile_list %} ++###### ++# nw_config_other ++###### ++# NW_Delete_Sapinst_Users.removeUsers = false ++NW_getFQDN.FQDN = {{ sap_swpm_fqdn }} ++NW_getFQDN.setFQDN = {{ sap_swpm_set_fqdn | lower }} ++# NW_getFQDN.resolve = true ++NW_GetSidNoProfiles.sid = {{ sap_swpm_sid }} ++# NW_GetSidNoProfiles.sapmnt = /sapmnt ++# NW_GetSidNoProfiles.strictSidCheck = true ++# NW_GetSidNoProfiles.unicode = true ++NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile ++# NW_readProfileDir.profilesAvailable = ++NW_getLoadType.loadType = {{ sap_swpm_load_type }} ++# NW_getUnicode.isUnicode = ++# MessageServer.configureAclInfo = false ++# NW_Exit_Before_Systemstart.exit = false ++# NW_adaptProfile.skipSecurityProfileSettings = false ++# OS4.DestinationASP = ++{% endif %} ++ ++{% if 'nw_config_central_services_abap' in sap_swpm_inifile_list %} ++###### ++# nw_config_central_services_abap ++# Central Services (ASCS) contains the Message server (MS) and Enqueue work processes (EN) for the ABAP Dispatcher. ++# Formerly the processes were contained in the Central Instance (CI). ++###### ++NW_CI_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} ++NW_CI_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} ++# NW_SCS_Instance.ascsVirtualHostname = {{ sap_swpm_ascs_instance_hostname }} ++NW_SCS_Instance.ascsInstanceNumber = {{ sap_swpm_ascs_instance_nr }} ++{% endif %} ++ ++{% if 'nw_config_central_services_java' in sap_swpm_inifile_list %} ++###### ++# nw_config_central_services_java ++# SAP Java Central Services Instance (SCS) contains the Java Message server (MS), Java Enqueue server (EN), Java Gateway (GW) and Java Internal Web Dispatcher (WD). ++###### ++NW_CI_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} ++NW_CI_Instance.scsInstanceNumber = {{ sap_swpm_java_scs_instance_nr }} ++NW_SCS_Instance.scsVirtualHostname = {{ sap_swpm_java_scs_instance_hostname }} ++# NW_SCS_Instance.scsInstanceNumber = ++NW_SCS_Instance.instanceNumber = {{ sap_swpm_java_scs_instance_nr }} ++NW_JAVA_Export.keyPhrase = {{ sap_swpm_master_password }} ++{% endif %} ++ ++{% if 'nw_config_primary_application_server_instance' in sap_swpm_inifile_list %} ++###### ++# nw_config_primary_application_server_instance ++# Primary Application Server (PAS) contains the Internet Communication Manager (ICM), Gateway (GW), and ABAP Dispatcher (DI/WP) work processes. ++# Formerly called the Central Instance (CI). ++###### ++NW_CI_Instance.ciVirtualHostname = {{ sap_swpm_pas_instance_hostname }} ++NW_CI_Instance.ciInstanceNumber = {{ sap_swpm_pas_instance_nr }} ++# NW_CI_Instance.nodesNum = ++# NW_CI_Instance.nodesNumber = defNodes ++# NW_WPConfiguration.ciBtcWPNumber = 6 ++# NW_WPConfiguration.ciDialogWPNumber = 10 ++{% endif %} ++ ++{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} ++###### ++# nw_config_additional_application_server_instance ++# Additional Application Server (AAS) contains ABAP Dispatcher (DI/WP) work processes. ++# Formerly called the Dialog Instance (DI). ++###### ++# Instance number of SAP NetWeaver Application Server. Leave empty for default. ++NW_AS.instanceNumber = {{ sap_swpm_aas_instance_nr }} ++ ++# Do not skip unpacking archives if adding the SAP NetWeaver Application Server to another operating system / host. Default is 'false'. ++# NW_AS.skipUnpacking = false ++ ++# Start the SAP NetWeaver Application Server at the end of the installation. Default is 'true'. ++# NW_AS.start = true ++ ++# Virtual host name of the SAP NetWeaver Application Server instance. Leave empty to use the existing host name ++NW_DI_Instance.virtualHostname = {{ sap_swpm_aas_instance_hostname }} ++{% endif %} ++ ++{% if 'nw_config_ers' in sap_swpm_inifile_list %} ++###### ++# nw_config_ers ++###### ++nw_instance_ers.ersVirtualHostname = {{ sap_swpm_ers_instance_hostname }} ++nw_instance_ers.ersInstanceNumber = {{ sap_swpm_ers_instance_nr }} ++ ++# Disable 'Automatic Instance and Service Restart' for SAP SWPM Unattended Mode, ++# otherwise by default SAP SWPM will use sapcontrol -queryuser -function Stop and will cause error ++# "User? Password? Stop. FAIL: Invalid Credentials" ++nw_instance_ers.restartSCS = false ++{% endif %} ++ ++{% if 'nw_config_ports' in sap_swpm_inifile_list %} ++###### ++# nw_config_ports ++###### ++NW_CI_Instance.ciMSPort = 36{{ sap_swpm_ascs_instance_nr }} ++NW_checkMsgServer.abapMSPort = 36{{ sap_swpm_ascs_instance_nr }} ++# NW_CI_Instance.ciMSPortInternal = ++# NW_CI_Instance.createGlobalProxyInfoFile = false ++# NW_CI_Instance.createGlobalRegInfoFile = false ++# NW_CI_Instance.scsMSPortInternal = ++# NW_SCS_Instance.scsMSPort = ++# NW_SCS_Instance.createGlobalProxyInfoFile = false ++# NW_SCS_Instance.createGlobalRegInfoFile = false ++{% endif %} ++ ++{% if 'nw_config_java_ume' in sap_swpm_inifile_list %} ++###### ++# nw_config_java_ume ++###### ++UmeConfiguration.adminName = J2EE_ADM_{{ sap_swpm_sid }} ++UmeConfiguration.adminPassword = {{ sap_swpm_ume_j2ee_admin_password }} ++UmeConfiguration.guestName = J2EE_GST_{{ sap_swpm_sid }} ++UmeConfiguration.sapjsfPassword = {{ sap_swpm_ume_sapjsf_password }} ++UmeConfiguration.umeClient = {{ sap_swpm_ume_client_nr }} ++UmeConfiguration.umeHost = {{ sap_swpm_pas_instance_hostname }} ++UmeConfiguration.umeInstance = {{ sap_swpm_ume_instance_nr }} ++UmeConfiguration.umeType = {{ sap_swpm_ume_type }} ++# UmeConfiguration.sapjsfName = SAPJSF ++{% endif %} ++ ++{% if 'nw_config_java_feature_template_ids' in sap_swpm_inifile_list %} ++###### ++# nw_config_java_feature_template_ids ++###### ++NW_internal.useProductVersionDescriptor = true ++nw_java_import.buildJEEusingExtraMileTool = true ++ ++# If use PV = true ++# SAP SWPM 1.0 for SAP NetWeaver AS (JAVA), Product Version Software Instance **Feature Template IDs** comma-separated list ++Select_PPMS_Instances.ListOfSelectedInstances = {% set selected_ids = [] %}{%- for item_selected in sap_swpm_java_template_id_selected_list %} ++{%- if item_selected in sap_swpm_java_template_id_lookup_dictionary -%} ++{{ selected_ids.append(sap_swpm_java_template_id_lookup_dictionary[item_selected]) }} ++{%- endif %} ++{%- endfor %}{{ selected_ids | flatten | join(',') }} ++ ++## If use PV = false [LEGACY for before NWAS JAVA 7.40] ++## Comma-separated value list containing which product instances (formerly known as usage types) are installed. Used for handling product instances in unattended mode. ++## SAP_Software_Features_Select.selectedInstancesForInstallation = AS,AAS,BASIC,NW-MODEL,ESR,PI,PI-AF ++{%- endif %} ++ ++{% if 'nw_config_webdisp_generic' in sap_swpm_inifile_list %} ++###### ++# nw_config_webdisp_generic ++###### ++NW_Webdispatcher_Instance.wdInstanceNumber = {{ sap_swpm_wd_instance_nr }} ++# NW_webdispatcher_Instance.encryptionMode = Always ++# NW_webdispatcher_Instance.useWdHTTPPort = false ++NW_webdispatcher_Instance.wdHTTPPort = 80{{ sap_swpm_wd_instance_nr }} ++NW_webdispatcher_Instance.wdHTTPSPort = 443{{ sap_swpm_wd_instance_nr }} ++NW_webdispatcher_Instance.wdVirtualHostname = {{ sap_swpm_wd_virtual_host }} ++ ++NW_Webdispatcher_Instance.configureSystemConnectivity = {{ sap_swpm_wd_system_connectivity | lower }} ++NW_webdispatcher_Instance.backEndSID = {{ sap_swpm_wd_backend_sid }} ++NW_webdispatcher_Instance.msHTTPPort = {{ sap_swpm_wd_backend_ms_http_port }} ++NW_webdispatcher_Instance.msHost = {{ sap_swpm_wd_backend_ms_host }} ++NW_webdispatcher_Instance.scenarioSize = {{ sap_swpm_wd_backend_scenario_size }} ++ ++NW_webdispatcher_Instance.activateICF = {{ sap_swpm_wd_activate_icf | lower }} ++NW_webdispatcher_Instance.rfcHost = {{ sap_swpm_wd_backend_rfc_host }} ++NW_webdispatcher_Instance.rfcInstance = {{ sap_swpm_wd_backend_rfc_instance_nr }} ++NW_webdispatcher_Instance.rfcClient = {{ sap_swpm_wd_backend_rfc_client_nr }} ++NW_webdispatcher_Instance.rfcUser = {{ sap_swpm_wd_backend_rfc_user }} ++NW_webdispatcher_Instance.rfcPassword = {{ sap_swpm_wd_backend_rfc_user_password }} ++{% endif %} ++ ++{% if 'nw_config_webdisp_gateway' in sap_swpm_inifile_list %} ++###### ++# nw_config_webdisp_gateway ++# ++# It is recommended to install gateway as part of ASCS ++# It is NOT recommended to install webdispatcher as part of ASCS. A separate Web Dispatcher instance should be installed (SAP Note 908097) ++###### ++NW_CI_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} ++# NW_SCS_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} ++ ++# Embedded SAP Web Dispatcher ++# NW_CI_Instance.ascsInstallWebDispatcher = false ++# NW_SCS_Instance.ascsInstallWebDispatcher = false ++{% endif %} ++ ++{% if 'nw_config_host_agent' in sap_swpm_inifile_list %} ++###### ++# nw_config_host_agent ++###### ++NW_System.installSAPHostAgent = {{ sap_swpm_install_saphostagent | lower }} ++{% endif %} ++ ++{% if 'nw_config_post_load_abap_reports' in sap_swpm_inifile_list %} ++###### ++# nw_config_post_load_abap_reports ++###### ++# Activate ICF node '/SAP/BC/REST/SLPROTOCOL' ++NW_CI_Instance_ABAP_Reports.enableActivateICFService = true ++ ++# SAP INTERNAL USE ONLY ++# NW_CI_Instance_ABAP_Reports.enableSPAMUpdateWithoutStackXml = false ++ ++# SAP INTERNAL USE ONLY ++# NW_CI_Instance_ABAP_Reports.enableTMSConfigWithoutStackXml = false ++ ++# SAP INTERNAL USE ONLY ++# NW_CI_Instance_ABAP_Reports.enableTransportsWithoutStackXml = false ++ ++# Need specific new password of the DDIC user in client 000, different from Master Password ++# NW_CI_Instance_ABAP_Reports.needNewDDIC000Password = false ++ ++# Need specific new password of the DDIC user in client 001, different from Master Password ++# NW_CI_Instance_ABAP_Reports.needNewDDIC001Password = false ++ ++# Need specific new password of the SAP* user in client 000, different from Master Password ++# NW_CI_Instance_ABAP_Reports.needNewSapStar000Password = false ++ ++# Need specific new password of the SAP* user in client 001, different from Master Password ++# NW_CI_Instance_ABAP_Reports.needNewSapStar001Password = false ++ ++# Specify new password of the DDIC user in client 000, different from Master Password ++# NW_CI_Instance_ABAP_Reports.ddic000Password = ++ ++# Specify new password of the DDIC user in client 001, different from Master Password ++# NW_CI_Instance_ABAP_Reports.ddic001Password = ++ ++# Specify new password of the SAP* user in client 000, different from Master Password ++# NW_CI_Instance_ABAP_Reports.sapStar000Password = ++ ++# Specify new password of the SAP* user in client 001, different from Master Password ++# NW_CI_Instance_ABAP_Reports.sapStar001Password = ++{% endif %} ++ ++{% if 'nw_config_livecache' in sap_swpm_inifile_list %} ++###### ++# nw_config_livecache ++###### ++NW_liveCache.controlUserPwd = ++NW_liveCache.liveCacheHost = ++NW_liveCache.liveCacheID = ++NW_liveCache.liveCacheUser = ++NW_liveCache.liveCacheUserPwd = ++NW_liveCache.useLiveCache = ++{% endif %} ++ ++{% if 'nw_config_sld' in sap_swpm_inifile_list %} ++###### ++# nw_config_sld ++###### ++NW_SLD_Configuration.configureSld = ++NW_SLD_Configuration.sldHost = ++NW_SLD_Configuration.sldPort = ++NW_SLD_Configuration.sldUseHttps = ++NW_SLD_Configuration.sldUser = ++NW_SLD_Configuration.sldUserPassword = ++{% endif %} ++ ++{% if 'nw_config_abap_language_packages' in sap_swpm_inifile_list %} ++###### ++# nw_config_abap_language_packages ++###### ++NW_Language_Inst_Dialogs.install = true ++# Path to language archive files (e.g. S4HANAOP***_LANG_EN.SAR) ++NW_Language_Inst_Dialogs.folders = /software ++# Selected languages comma-separated list (by default DE,EN are installed) ++NW_Language_Inst_Dialogs.languages = AR,BG,CA,CS,DA,EL,ES,ET,FI,FR,HE,HI,HR,HU,IT,JA,KK,KO,LT,LV,MS,NL,NO,PL,PT,RO,RU,SH,SK,SL,SV,TH,TR,UK,VI,ZF,ZH ++{% endif %} ++ ++{% if 'sap_os_linux_user' in sap_swpm_inifile_list %} ++###### ++# sap_os_linux_user ++###### ++nwUsers.sapadmUID = {{ sap_swpm_sapadm_uid }} ++nwUsers.sapsysGID = {{ sap_swpm_sapsys_gid }} ++nwUsers.sidAdmUID = {{ sap_swpm_sidadm_uid }} ++{% endif %} ++ ++{% if 'swpm_installation_media_download_service' in sap_swpm_inifile_list %} ++###### ++# swpm_installation_media_download_service ++# Not in use by sap_swpm Ansible Role ++###### ++# nwUsers.sapServiceSIDPassword = ++# download_service.directory = ++# DownloadService.EnableProxy = ++# DownloadService.HostName = ++# DownloadService.Password = ++# DownloadService.Port = ++# DownloadService.ProvideAuthentication = ++# DownloadService.Username = ++# DownloadService.planNumber = ++{% endif %} ++ ++ ++{% if 'solman_credentials_swpm1' in sap_swpm_inifile_list %} ++###### ++# solman_credentials_swpm1 ++# Not in use by sap_swpm Ansible Role ++###### ++NW_IcmAuth.webadmPassword = {{ sap_swpm_ume_j2ee_admin_password }} ++{% endif %} ++ ++ ++{% if 'solman_abap_swpm1' in sap_swpm_inifile_list %} ++###### ++# solman_abap_swpm1 ++# Not in use by sap_swpm Ansible Role ++###### ++InitDeclusteringForImport.decluster = false ++{% endif %} ++ ++ ++{% if 'solman_daa_swpm1' in sap_swpm_inifile_list %} ++###### ++# solman_daa_swpm1 ++# Not in use by sap_swpm Ansible Role ++###### ++# DiagnosticsAgent.dasidAdmPassword = {{ sap_swpm_diagnostics_agent_password }} ++# DiagnosticsAgent.installSAPHostAgent ++# DiagnosticsAgent.InstanceNumber ++# DiagnosticsAgent.LogicalHostName ++# DiagnosticsAgent.SAPJVMVersion ++# DiagnosticsAgent.SAProuter.Password ++# DiagnosticsAgent.SAProuter.RouteString ++# DiagnosticsAgent.SID ++# DiagnosticsAgent.SLD.Connection ++# DiagnosticsAgent.SLD.HostName ++# DiagnosticsAgent.SLD.Password ++# DiagnosticsAgent.SLD.PortNumber ++# DiagnosticsAgent.SLD.UseHTTPS ++# DiagnosticsAgent.SLD.UserName ++# DiagnosticsAgent.SolMan.Connection ++# DiagnosticsAgent.SolMan.HostName ++# DiagnosticsAgent.SolMan.Password ++# DiagnosticsAgent.SolMan.PortNumber ++# DiagnosticsAgent.SolMan.UserName ++# DiagnosticsAgent.SolMan.UseSSL ++{% endif %} ++ ++ ++{% if 'syscopy_export_anydb' in sap_swpm_inifile_list %} ++###### ++# syscopy_export_anydb ++# Not in use by sap_swpm Ansible Role ++###### ++# InitDeclusteringForExport.decluster = ++# NW_ABAP_Export_Dialog.customPackageOrder = ++# NW_ABAP_Export_Dialog.customSortOrderFile = ++# NW_ABAP_Export_Dialog.exportTimeFile = ++# NW_ABAP_Export_Dialog.importTimeFile = ++# NW_ABAP_Export_Dialog.jobNumberGroupLarge = 7 ++# NW_ABAP_Export_Dialog.jobNumberGroupSmall = 4 ++# NW_ABAP_Export_Dialog.migmonComHost = ++# NW_ABAP_Export_Dialog.migmonComPort = ++# NW_ABAP_Export_Dialog.migmonComType = EXCHANGE ++# NW_ABAP_Export_Dialog.migmonDataTransferType = NET ++# NW_ABAP_Export_Dialog.migmonFtpExchangeDir = ++# NW_ABAP_Export_Dialog.migmonFtpExportDir = ++# NW_ABAP_Export_Dialog.migmonFtpHost = ++# NW_ABAP_Export_Dialog.migmonFtpPassword = ++# NW_ABAP_Export_Dialog.migmonFtpUser = ++NW_ABAP_Export_Dialog.migmonJobNum = 3 ++NW_ABAP_Export_Dialog.migmonLoadArgs = -stop_on_error ++# NW_ABAP_Export_Dialog.migmonNetExchangeDir = ++# NW_ABAP_Export_Dialog.migmonTaskArgs = ++# NW_ABAP_Export_Dialog.nonStandardAbapObjectsHandlingSkip = false ++NW_ABAP_Export_Dialog.parallelR3szchkExecution = true ++NW_ABAP_Export_Dialog.r3szchkDetermineSizeValue = DB ++# NW_ABAP_Export_Dialog.r3szchkJobNum = 10 ++NW_ABAP_Export_Dialog.repeatExport = COMPLETE ++NW_ABAP_Export_Dialog.splitPackageLimitVal = 5000 ++# NW_ABAP_Export_Dialog.splitMaxTableNumVal = 1000 ++# NW_ABAP_Export_Dialog.splitTableFile = ++# NW_ABAP_Export_Dialog.splitTableLimitVal = 300 ++# NW_ABAP_Export_Dialog.splitTableNumVal = 10 ++# NW_ABAP_Export_Dialog.splitUseMaxTableNum = false ++# NW_ABAP_Export_Dialog.splitUsePackageLimit = true ++# NW_ABAP_Export_Dialog.splitUseTableFile = false ++# NW_ABAP_Export_Dialog.splitUseTableLimit = false ++# NW_ABAP_Export_Dialog.splitUseTableNum = true ++# NW_ABAP_Export_Dialog.sqlFileDir = ++NW_ABAP_Export_Dialog.targetHardwarePlatform = LITTLE_ENDIAN ++ ++## Target database types for Linux are ADA, HDB, DB6, ORA, SYB ++NW_ABAP_Export_Dialog.targetDbType = {{ sap_swpm_export_target_db_type }} ++ ++# NW_ABAP_Export_Dialog.useAdditionalExportHosts = false ++# NW_ABAP_Export_Dialog.useAdvancedUnloadConfig = false ++# NW_ABAP_Export_Dialog.useCustomPackageOrder = false ++# NW_ABAP_Export_Dialog.useCustomSortOrder = false ++# NW_ABAP_Export_Dialog.useMigMonConfig = false ++# NW_ABAP_Export_Dialog.useParallelExportImport = false ++# NW_ABAP_Export_Dialog.useSplit = true ++NW_ABAP_Export_Dialog.useSqlFiles = NOSQL ++# NW_ABAP_Export_Dialog.useUnicodeTargetSystem = ++NW_ABAP_Export_Dialog.useUnsortedUnload = true ++ ++NW_Export.accessLevel4ExportDir = DEFAULT ++NW_Export.choiceSepKernel = false ++NW_Export.mainExportDir = {{ sap_swpm_export_files_path }} ++ ++# Do not stop SAP System before data is unloaded ++# SAP SWPM is unable to automatically stop the SAP System (i.e. DB, ASCS, PAS instances), ++# if stop is true then SAP SWPM Unattended will fail on step mainExportParameters ++NW_Export.stopRunningSystem = true ++ ++NW_readProfileDir.profileDir = /sapmnt/{{ sap_swpm_sid | upper }}/profile ++ ++NW_getLoadType.loadType = {{ sap_swpm_load_type }} ++NW_getLoadType.importManuallyExecuted = false ++{% endif %} ++ ++ ++{% if 'syscopy_import_anydb_ibmdb2' in sap_swpm_inifile_list %} ++###### ++# syscopy_import_anydb_ibmdb2 ++# Not in use by sap_swpm Ansible Role ++###### ++# db6.Additional_DbServer = ++# db6.cluster.HADRPort1 = ++# db6.cluster.HADRPort2 = ++# db6.cluster.SyncMode = ++# db6.ConfigureCluster = false ++# db6.DropSchemaList = ++# db6.InstallPureScale = false ++# db6.InstallTSA = false ++# db6.minimizeDatabaseSizeCompression = ++# db6.minimizeDatabaseSizeCompressionJava = ++# db6.minimizeDatabaseSizeDeferredTable = true ++# db6.notuseMcod = ++# db6.NumAdditionalPartitions = ++# db6.useDB2ControlFiles = false ++# db6.UseDb2NativeEncryption = false ++# NW_adaptProfile.templateFiles = ++# NW_CreateDBandLoad.movePVCforUsagePiAndDi = ++db6.allowUnsignedDatabaseSoftware = true ++db6.cluster.ClusterType = HADR (High Availability Disaster Recovery) ++db6.usingSystemCopyBRforHADR = true ++NW_getDBInfoGeneric.dbhost = {{ sap_swpm_db_host }} ++NW_getDBInfoGeneric.dbsid = {{ sap_swpm_db_sid }} ++NW_getLoadType.loadType = {{ sap_swpm_load_type }} ++NW_getLoadType.importManuallyExecuted = false ++NW_getUnicode.isUnicode = true ++# NW_getDBInfoGeneric.strictDbSidCheck = true ++storageBasedCopy.db6.CommunicationPortNumber = 5912 ++storageBasedCopy.db6.PortRangeEnd = 5917 ++storageBasedCopy.db6.PortRangeStart = 5914 ++# storageBasedCopy.db6.db6updatedbpath = ++{% endif %} +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/.ansible-lint b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/.ansible-lint +new file mode 100644 +index 0000000..fcbf50d +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/.ansible-lint +@@ -0,0 +1,16 @@ ++--- ++exclude_paths: ++ - tests/sap_vm_preconfigure/ ++enable_list: ++ - yaml ++skip_list: ++ # We don't want to enforce new Ansible versions for Galaxy: ++ - meta-runtime[unsupported-version] ++ # We do not want to use checks which are marked as experimental: ++ - experimental ++ # We use ignore_errors for all the assert tasks, which should be acceptable: ++ - ignore-errors ++ # We want to allow single digit version numbers in a role's meta/main.yml file: ++ - schema ++ # Allow templating inside name because it creates more detailed output: ++ - name[template] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/README.md b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/README.md +new file mode 100644 +index 0000000..89be43e +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/README.md +@@ -0,0 +1,65 @@ ++sap_vm_preconfigure ++================== ++ ++This role will set and check the required settings and parameters for a guest (VM) running on RHV/KVM for SAP HANA. ++ ++## Support Status ++ ++The support status of this role is: "Technology Preview" ++ ++## Requirements ++ ++VM with at least RHEL 8.2 installed. ++The roles sap_general_preconfigure and sap_hana_preconfigure have been run on that system. ++ ++ ++## Role Variables ++ ++### Run the role in assert mode ++```yaml ++sap_vm_preconfigure_assert (default: no) ++``` ++If the following variable is set to `yes`, the role will only check if the configuration of the managed mmachines is according to this role. Default is `no`. ++ ++ ++### Behavior of the role in assert mode ++```yaml ++sap_vm_preconfigure_assert_ignore_errors (default: no) ++``` ++If the role is run in assert mode and the following variable is set to `yes`, assertion errors will not cause the role to fail. This can be useful for creating reports. ++Default is `no`, meaning that the role will fail for any assertion error which is discovered. This variable has no meaning if the role is not run in assert mode. ++ ++ ++ ++## Dependencies ++ ++The roles [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) and [sap_hana_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure). ++ ++ ++## Example Playbook ++ ++Simple example that just sets the parameters. ++``` ++- hosts: all ++ roles: ++ - sap_general_preconfigure ++ - sap_hana_preconfigure ++ - sap_vm_preconfigure ++``` ++ ++Run in assert mode to verify that parameters have been set. ++``` ++- hosts: all ++ roles: ++ - sap_vm_preconfigure ++ vars: ++ - sap_vm_preconfigure_assert: yes ++``` ++ ++## License ++ ++Apache-2.0 ++ ++## Author Information ++ ++Nils Koenig (nkoenig@redhat.com) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/defaults/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/defaults/main.yml +new file mode 100644 +index 0000000..45de6c6 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/defaults/main.yml +@@ -0,0 +1,11 @@ ++--- ++ ++# For setting Ansible Var sap_vm_platform, unless overridden ++sap_vm_platform_detect: false ++ ++# For reuse of this Ansible Role to establish which platform, without running any of the preconfigure Ansible Tasks for that platform ++sap_vm_platform_detect_only: false ++ ++# Static definition, required if detection boolean is set to false ++# cloud_aliyun_ecs_vm, cloud_aws_ec2_vs, cloud_gcp_ce_vm, cloud_ibmcloud_powervs, cloud_ibmcloud_vs, cloud_msazure_vm, hyp_ibmpower_lpar, hyp_redhat_ocp_virt_vm, hyp_redhat_rhel_kvm_vm, hyp_vmware_vsphere_vm ++sap_vm_platform: +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_aliyun_ecs_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_aliyun_ecs_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_aws_ec2_vs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_aws_ec2_vs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_gcp_ce_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_gcp_ce_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_ibmcloud_powervs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_ibmcloud_powervs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_ibmcloud_vs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_ibmcloud_vs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_msazure_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/cloud_msazure_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/ibmpower_lpar/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/ibmpower_lpar/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_ocp_virt_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_ocp_virt_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest/haltpoll.sh b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest/haltpoll.sh +new file mode 100644 +index 0000000..e2a14ed +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest/haltpoll.sh +@@ -0,0 +1,7 @@ ++#!/bin/bash ++ ++if [ "$1" == "start" ]; then ++ modprobe cpuidle-haltpoll force ++fi ++ ++## Question: Does this also need another "if" checking to see if $1 is "stop" to unload the module? +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest/tuned.conf b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest/tuned.conf +new file mode 100644 +index 0000000..82ad6af +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana-kvm-guest/tuned.conf +@@ -0,0 +1,24 @@ ++# ++# tuned configuration ++# ++[main] ++summary=Optimize for running SAP HANA on KVM inside a virtual guest ++include=sap-hana ++ ++[haltpoll] ++type=script ++script=${i:PROFILE_DIR}/haltpoll.sh ++ ++[sysfs] ++/sys/devices/system/clocksource/clocksource0/current_clocksource=tsc ++/sys/module/haltpoll/parameters/guest_halt_poll_ns=2400000 ++/sys/module/haltpoll/parameters/guest_halt_poll_grow_start=2400000 ++ ++[sysctl] ++kernel.sched_latency_ns=12000000 ++kernel.sched_migration_cost_ns=500000 ++kernel.sched_min_granularity_ns=12000000 ++kernel.sched_wakeup_granularity_ns=15000000 ++ ++[bootloader] ++cmdline_saphana=skew_tick=1 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana/tuned.conf b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana/tuned.conf +new file mode 100644 +index 0000000..ba688f9 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/redhat_rhel_kvm_vm/tuned/sap-hana/tuned.conf +@@ -0,0 +1,24 @@ ++# ++# tuned configuration ++# ++[main] ++summary=Optimize for SAP HANA ++ ++[cpu] ++force_latency=cstate.id:3|70 ++governor=performance ++energy_perf_bias=performance ++min_perf_pct=100 ++ ++[vm] ++transparent_hugepages=never ++ ++[sysctl] ++kernel.sem = 32000 1024000000 500 32000 ++kernel.numa_balancing = 0 ++kernel.sched_min_granularity_ns = 3000000 ++kernel.sched_wakeup_granularity_ns = 4000000 ++vm.dirty_ratio = 40 ++vm.dirty_background_ratio = 10 ++vm.swappiness = 10 ++ +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/vmware_vsphere_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/files/platform/vmware_vsphere_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/main.yml +new file mode 100644 +index 0000000..c3d3be1 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/main.yml +@@ -0,0 +1,4 @@ ++--- ++ ++- name: SAP virtual machine preconfigure - Include Handler Tasks for {{ sap_vm_platform }} ++ ansible.builtin.include_tasks: "{{ role_path }}/handlers/platform/{{ sap_vm_platform }}/main.yml" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_aliyun_ecs_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_aliyun_ecs_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_aws_ec2_vs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_aws_ec2_vs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_gcp_ce_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_gcp_ce_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_ibmcloud_powervs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_ibmcloud_powervs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_ibmcloud_vs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_ibmcloud_vs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_msazure_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/cloud_msazure_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/ibmpower_lpar/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/ibmpower_lpar/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/redhat_ocp_virt_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/redhat_ocp_virt_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/redhat_rhel_kvm_vm/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/redhat_rhel_kvm_vm/main.yml +new file mode 100644 +index 0000000..aadec4f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/redhat_rhel_kvm_vm/main.yml +@@ -0,0 +1,92 @@ ++--- ++ ++- name: "Check if server is booted in BIOS or UEFI mode" ++ stat: ++ path: /sys/firmware/efi ++ get_checksum: no ++ register: __sap_vm_preconfigure_register_stat_sys_firmware_efi ++ listen: __sap_vm_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - sap_vm_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: Debug BIOS or UEFI ++ debug: ++ var: __sap_vm_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ listen: __sap_vm_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - sap_vm_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: "Run grub-mkconfig (BIOS mode)" ++ command: grub2-mkconfig -o /boot/grub2/grub.cfg ++ register: __sap_vm_preconfigure_register_grub2_mkconfig_bios_mode ++ listen: __sap_vm_preconfigure_regenerate_grub2_conf_handler ++ notify: __sap_vm_preconfigure_reboot_handler ++ when: ++ - not __sap_vm_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_vm_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: "Debug grub-mkconfig BIOS mode" ++ debug: ++ var: __sap_vm_preconfigure_register_grub2_mkconfig_bios_mode.stdout_lines, __sap_vm_preconfigure_register_grub2_mkconfig_bios_mode.stderr_lines ++ listen: __sap_vm_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - not __sap_vm_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_vm_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: "Set the grub.cfg location RHEL" ++ set_fact: ++ __sap_vm_preconfigure_uefi_boot_dir: /boot/efi/EFI/redhat/grub.cfg ++ when: ++ - ansible_distribution == 'RedHat' ++ ++- name: "Set the grub.cfg location SLES" ++ set_fact: ++ __sap_vm_preconfigure_uefi_boot_dir: /boot/efi/EFI/BOOT/grub.cfg ++ when: ++ - ansible_distribution == 'SLES' or ansible_distribution == 'SLES_SAP' ++ ++- name: "Run grub-mkconfig (UEFI mode)" ++ command: "grub2-mkconfig -o {{ __sap_vm_preconfigure_uefi_boot_dir }}" ++ register: __sap_vm_preconfigure_register_grub2_mkconfig_uefi_mode ++ listen: __sap_vm_preconfigure_regenerate_grub2_conf_handler ++ notify: __sap_vm_preconfigure_reboot_handler ++ when: ++ - __sap_vm_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_vm_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: "Debug grub-mkconfig UEFI" ++ debug: ++ var: __sap_vm_preconfigure_register_grub2_mkconfig_uefi_mode.stdout_lines, __sap_vm_preconfigure_register_grub2_mkconfig_uefi_mode.stderr_lines ++ listen: __sap_vm_preconfigure_regenerate_grub2_conf_handler ++ when: ++ - __sap_vm_preconfigure_register_stat_sys_firmware_efi.stat.exists ++ - sap_vm_preconfigure_run_grub2_mkconfig|d(true) ++ ++- name: "Run grubby for enabling TSX" ++ command: grubby --args="tsx=on" --update-kernel=ALL ++ register: __sap_vm_preconfigure_register_grubby_update ++ listen: __sap_vm_preconfigure_grubby_update_handler ++ notify: __sap_vm_preconfigure_reboot_handler ++ ++- name: Reboot the managed node ++ reboot: ++ test_command: /bin/true ++ listen: __sap_vm_preconfigure_reboot_handler ++ when: ++ - sap_vm_preconfigure_reboot_ok|d(false) ++ ++- name: Let the role fail if a reboot is required ++ fail: ++ msg: Reboot is required! ++ listen: __sap_vm_preconfigure_reboot_handler ++ when: ++ - sap_vm_preconfigure_fail_if_reboot_required|d(true) ++ - not sap_vm_preconfigure_reboot_ok|d(false) ++ ++- name: Show a warning message if a reboot is required ++ debug: ++ msg: "WARN: Reboot is required!" ++ listen: __sap_vm_preconfigure_reboot_handler ++ when: ++ - not sap_vm_preconfigure_fail_if_reboot_required|d(true) ++ - not sap_vm_preconfigure_reboot_ok|d(false) +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/vmware_vsphere_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/handlers/platform/vmware_vsphere_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/meta/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/meta/main.yml +new file mode 100644 +index 0000000..0b7feee +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/meta/main.yml +@@ -0,0 +1,10 @@ ++--- ++galaxy_info: ++ namespace: community ++ role_name: sap_vm_preconfigure ++ author: Nils Koenig ++ description: Provide the configuration of Virtual Machines running on SAP certified Cloud IaaS or SAP certified Hypervisors ++ license: Apache-2.0 ++ min_ansible_version: 2.9 ++ galaxy_tags: ['sap', 'hana', 'rhel', 'redhat', 'sles', 'suse'] ++dependencies: [] +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/detect_platform/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/detect_platform/main.yml +new file mode 100644 +index 0000000..ee7161c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/detect_platform/main.yml +@@ -0,0 +1,131 @@ ++--- ++# Platform detection for cloud and other infrastructure platforms. ++ ++### Facts already available to Ansible ++# ++### Amazon Web Services EC2 Virtual Server. Not applicable for AWS Classic. ++# ansible_chassis_asset_tag: "Amazon EC2" # SMBIOS Chassis Asset Tag ++# ansible_board_asset_tag: "i-043d3c1a889ed9016" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform ++# ansible_chassis_vendor: "Amazon EC2" ++# ansible_product_name: "r5.8xlarge" # IaaS profile name ++# ansible_system_vendor: "Amazon EC2" ++# ++### Google Cloud Compute Engine Virtual Machine. ++# ansible_chassis_asset_tag: "NA" # SMBIOS Chassis Asset Tag ++# ansible_board_asset_tag: "9EAF3038-7EF5-3F1E-6620-FB3BDA7A3709" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform ++# ansible_chassis_vendor: "Google" ++# ansible_product_name: "Google Compute Engine" ++# ansible_system_vendor: "Google" ++# ++### IBM Cloud Virtual Server. Not applicable for IBM Cloud Classic Infrastructure. ++# ansible_chassis_asset_tag: "ibmcloud" # SMBIOS Chassis Asset Tag ++# ansible_board_asset_tag: "0c7d4459-xxxx-yyyy-zzzz-abcdefghijkl" # SMBIOS Baseboard Asset Tag, ID of virtual machine on platform ++# ansible_chassis_vendor: "IBM:Cloud Compute Server 1.0:mx2-16x128" # IaaS profile name ++# ansible_product_name: "Standard PC (i440FX + PIIX, 1996)" ++# ansible_system_vendor: "QEMU" ++# ++### Microsoft Azure Virtual Machine. Not applicable for MS Azure Classic/ASM. ++# ansible_chassis_asset_tag: "7783-xxxx-yyyy-zzzz-aaaa-bbbb-cc" # SMBIOS Chassis Asset Tag ++# ansible_board_asset_tag: "None" # SMBIOS Baseboard Asset Tag ++# ansible_chassis_vendor: "Virtual Machine" ++# ansible_product_name: "Microsoft Corporation" ++# ansible_system_vendor: "70f4a858-1eea-4c35-b9e1-e179c32fc6b5" # ID of virtual machine on platform ++# ++### VMware vSphere ++# ansible_product_name: "VMware7,1", ++# ansible_system_vendor: "VMware, Inc.", ++# ansible_virtualization_type: "VMware" ++# ++### End of comment ++ ++ ++# TODO: detection based on multiple facts and providing one standard ++# name for use as platform type in related include files ++# cloud_aliyun_ecs_vm, cloud_aws_ec2_vs, cloud_gcp_ce_vm, cloud_ibmcloud_powervs, cloud_ibmcloud_vs, cloud_msazure_vm, ++# hyp_ibmpower_lpar, hyp_redhat_ocp_virt_vm, hyp_redhat_rhel_kvm_vm, hyp_vmware_vsphere_vm ++ ++- name: "SAP VM Preconfigure - Check if platform is Amazon Web Services EC2 Virtual Server" ++ when: ++ - ansible_system_vendor == 'Amazon EC2' ++ ansible.builtin.set_fact: ++ sap_vm_platform: cloud_aws_ec2_vs ++ ++# - name: "SAP VM Preconfigure - Check if platform is Google Cloud Compute Engine Virtual Machine" ++# when: ++# - ansible_product_name == 'Google Compute Engine' ++# ansible.builtin.set_fact: ++# sap_vm_platform: cloud_gcp_ce_vm ++ ++- name: "SAP VM Preconfigure - Check if platform is IBM Cloud Virtual Server" ++ when: ++ - ansible_chassis_asset_tag == 'ibmcloud' ++ ansible.builtin.set_fact: ++ sap_vm_platform: cloud_ibmcloud_vs ++ ++# - name: "SAP VM Preconfigure - Check if platform is Microsoft Azure Virtual Machine" ++# when: ++# - ansible_chassis_vendor == 'Virtual Machine' ++# - ansible_product_name == 'Microsoft Corporation' ++# ansible.builtin.set_fact: ++# sap_vm_platform: cloud_msazure_vm ++ ++# - name: "SAP VM Preconfigure - Check if platform is VMware vSphere" ++# when: ++# - ansible_virtualization_type == 'VMware' ++# ansible.builtin.set_fact: ++# sap_vm_platform: hyp_vmware_vsphere_vm ++ ++ ++- name: SAP VM Preconfigure - confirm AWS EC2 Virtual Server ++ when: sap_vm_platform == cloud_aws_ec2_vs ++ block: ++ ++ - name: (AWS) Get instance metadata token ++ ansible.builtin.uri: ++ headers: ++ X-aws-ec2-metadata-token-ttl-seconds: 21600 ++ method: PUT ++ return_content: true ++ url: http://169.254.169.254/latest/api/token ++ register: detect_cloud_provider_aws_token ++ changed_when: false ++ ignore_errors: true ++ ++ - name: (AWS) Get instance metadata ami-id ++ ansible.builtin.uri: ++ headers: ++ X-aws-ec2-metadata-token: "{{ detect_cloud_provider_aws_token.content }}" ++ method: GET ++ return_content: true ++ url: http://169.254.169.254/latest/meta-data/ami-id ++ register: detect_cloud_provider_aws_ami_id ++ changed_when: false ++ ignore_errors: true ++ ++ - name: (AWS) Fail if cannot reach Instance Metadata Service ++ ansible.builtin.fail: ++ msg: Detected MS Azure, but could not confirm with the Instance Metadata Service ++ when: ++ - detect_cloud_provider_aws_ami_id.failed ++ ++ ++- name: SAP VM Preconfigure - confirm Microsoft Azure Virtual Machine ++ when: sap_vm_platform == cloud_msazure_vm ++ block: ++ ++ - name: (Azure) Get instance metadata ++ ansible.builtin.uri: ++ headers: ++ Metadata: true ++ method: GET ++ url: http://169.254.169.254/metadata/instance/compute?api-version=2021-10-01 ++ register: detect_cloud_provider_azure_instance_metadata ++ changed_when: false ++ ignore_errors: true ++ ++ - name: (Azure) Fail if cannot reach Instance Metadata Service ++ ansible.builtin.fail: ++ msg: Detected MS Azure, but could not confirm with the Instance Metadata Service ++ when: ++ - detect_cloud_provider_azure_instance_metadata.json.azEnvironment is not defined ++ - detect_cloud_provider_azure_instance_metadata.json.azEnvironment != "AzurePublicCloud" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/main.yml +new file mode 100644 +index 0000000..3beaf77 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/main.yml +@@ -0,0 +1,13 @@ ++--- ++ ++- name: SAP virtual machine detect platform ++ ansible.builtin.include_tasks: "{{ role_path }}/tasks/detect_platform/main.yml" ++ when: sap_vm_platform_detect or sap_vm_platform_detect_only ++ ++- name: SAP virtual machine preconfigure - Include Defaults Vars for {{ sap_vm_platform }} ++ ansible.builtin.include_vars: "{{ role_path }}/vars/platform_defaults_{{ sap_vm_platform }}.yml" ++ when: not sap_vm_platform_detect_only ++ ++- name: SAP virtual machine preconfigure - Include Tasks for {{ sap_vm_platform }} ++ ansible.builtin.include_tasks: "{{ role_path }}/tasks/platform/{{ sap_vm_platform }}/main.yml" ++ when: not sap_vm_platform_detect_only +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_aliyun_ecs_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_aliyun_ecs_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_aws_ec2_vs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_aws_ec2_vs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_gcp_ce_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_gcp_ce_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_ibmcloud_powervs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_ibmcloud_powervs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_ibmcloud_vs/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_ibmcloud_vs/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_msazure_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/cloud_msazure_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_ibmpower_lpar/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_ibmpower_lpar/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_ocp_virt_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_ocp_virt_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/assert-set-tuned-profile.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/assert-set-tuned-profile.yml +new file mode 100644 +index 0000000..720fa49 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/assert-set-tuned-profile.yml +@@ -0,0 +1,14 @@ ++--- ++- name: Assert - Check tuned profile ++ block: ++ - name: Get tuned profile ++ ansible.builtin.command: tuned-adm active ++ register: __sap_vm_preconfigure_register_tuned_profile_assert ++ changed_when: __sap_vm_preconfigure_register_tuned_profile_assert.rc != 0 ++ ++ - name: Verify tuned profile ++ ansible.builtin.assert: ++ that: "'Current active profile: sap-hana-kvm-host' in __sap_vm_preconfigure_register_tuned_profile_assert.stdout" ++ fail_msg: "FAIL: tuned profile is not sap-hana-kvm-guest" ++ success_msg: "PASS: tuned profile is sap-hana-kvm-guest" ++ ignore_errors: "{{ sap_vm_preconfigure_ignore_failed_assertion }}" +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/main.yml +new file mode 100644 +index 0000000..26a234f +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/main.yml +@@ -0,0 +1,18 @@ ++--- ++# tasks file for sap_vm_preconfigure ++ ++- name: Trigger tuned profile sap-hana-kvm-guest activation ++ ansible.builtin.include_tasks: set-tuned-profile.yml ++ ++- name: Set filename prefix to empty string if role is run in normal mode ++ ansible.builtin.set_fact: ++ __sap_vm_preconfigure_fact_assert_prefix: "" ++ when: not sap_vm_preconfigure_assert|d(false) ++ ++- name: Prepend filename with assert string if role is run in assert mode ++ ansible.builtin.set_fact: ++ __sap_vm_preconfigure_fact_assert_prefix: "assert-" ++ when: sap_hypervisor_node_preconfigure_assert|d(false) ++ ++- name: Include '{{ __sap_vm_preconfigure_fact_assert_prefix }}set-tuned-profile.yml' ++ ansible.builtin.include_tasks: '{{ __sap_vm_preconfigure_fact_assert_prefix }}set-tuned-profile.yml' +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/set-tuned-profile.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/set-tuned-profile.yml +new file mode 100644 +index 0000000..bc57aa3 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_redhat_rhel_kvm_vm/set-tuned-profile.yml +@@ -0,0 +1,91 @@ ++--- ++- name: Create tuned profile directory /usr/lib/tuned/sap-hana ++ ansible.builtin.file: ++ path: /usr/lib/tuned/sap-hana ++ state: directory ++ mode: "0755" ++ ++- name: Create sap-hana tuned profile ++ ansible.builtin.copy: ++ dest: "/usr/lib/tuned/sap-hana/tuned.conf" ++ mode: "0644" ++ content: | ++ # ++ # tuned configuration ++ # ++ [main] ++ summary=Optimize for SAP HANA ++ ++ [cpu] ++ force_latency=cstate.id:3|70 ++ governor=performance ++ energy_perf_bias=performance ++ min_perf_pct=100 ++ ++ [vm] ++ transparent_hugepages=never ++ ++ [sysctl] ++ kernel.sem = 32000 1024000000 500 32000 ++ kernel.numa_balancing = 0 ++ kernel.sched_min_granularity_ns = 3000000 ++ kernel.sched_wakeup_granularity_ns = 4000000 ++ vm.dirty_ratio = 40 ++ vm.dirty_background_ratio = 10 ++ vm.swappiness = 10 ++ ++ ++- name: Create tuned profile directory /usr/lib/tuned/sap-hana-kvm-guest ++ ansible.builtin.file: ++ path: /usr/lib/tuned/sap-hana-kvm-guest ++ mode: "0755" ++ state: directory ++ ++- name: Add haltpoll.sh for tuned sap-hana-kvm-guest ++ ansible.builtin.copy: ++ dest: "/usr/lib/tuned/sap-hana-kvm-guest/haltpoll.sh" ++ mode: "0744" ++ content: | ++ #!/bin/bash ++ ++ if [ "$1" == "start" ]; then ++ modprobe cpuidle-haltpoll force ++ fi ++ ++ ## Question: Does this also need another "if" checking to see if $1 is "stop" to unload the module? ++ ++ ++- name: Create sap-hana-kvm-guest tuned profile ++ ansible.builtin.copy: ++ dest: "/usr/lib/tuned/sap-hana-kvm-guest/tuned.conf" ++ mode: "0644" ++ content: | ++ # ++ # tuned configuration ++ # ++ [main] ++ summary=Optimize for running SAP HANA on KVM inside a virtual guest ++ include=sap-hana ++ ++ [haltpoll] ++ type=script ++ script=${i:PROFILE_DIR}/haltpoll.sh ++ ++ [sysfs] ++ /sys/devices/system/clocksource/clocksource0/current_clocksource=tsc ++ /sys/module/haltpoll/parameters/guest_halt_poll_ns=2400000 ++ /sys/module/haltpoll/parameters/guest_halt_poll_grow_start=2400000 ++ ++ [sysctl] ++ kernel.sched_latency_ns=12000000 ++ kernel.sched_migration_cost_ns=500000 ++ kernel.sched_min_granularity_ns=12000000 ++ kernel.sched_wakeup_granularity_ns=15000000 ++ ++ [bootloader] ++ cmdline_saphana=skew_tick=1 ++ ++- name: Activate tuned profile ++ ansible.builtin.command: tuned-adm profile sap-hana-kvm-guest ++ register: __sap_provision_vm_register_tuned_sap_hana_kvm_guest_status ++ changed_when: __sap_provision_vm_register_tuned_sap_hana_kvm_guest_status.rc != 0 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_vmware_vsphere_vm/.gitkeep b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/tasks/platform/hyp_vmware_vsphere_vm/.gitkeep +new file mode 100644 +index 0000000..e69de29 +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/vars/main.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/vars/main.yml +new file mode 100644 +index 0000000..ed97d53 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/vars/main.yml +@@ -0,0 +1 @@ ++--- +diff --git a/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/vars/platform_defaults_redhat_rhel_kvm.yml b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/vars/platform_defaults_redhat_rhel_kvm.yml +new file mode 100644 +index 0000000..db93406 +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/roles/sap_vm_preconfigure/vars/platform_defaults_redhat_rhel_kvm.yml +@@ -0,0 +1,11 @@ ++--- ++ ++# defaults file for sap_vm_preconfigure ++ ++sap_vm_preconfigure_run_grub2_mkconfig: yes ++ ++# run role in assert mode? ++sap_vm_preconfigure_assert: false ++ ++# fail if assertion is invalid ++sap_vm_preconfigure_ignore_failed_assertion: no +diff --git a/collections/ansible_collections/redhat/sap_install/tools/beautify-assert-output.sh b/collections/ansible_collections/redhat/sap_install/tools/beautify-assert-output.sh +new file mode 100755 +index 0000000..f48087c +--- /dev/null ++++ b/collections/ansible_collections/redhat/sap_install/tools/beautify-assert-output.sh +@@ -0,0 +1,34 @@ ++#!/bin/bash ++ ++# default font color: Light Cyan, which should be readable on both bright and dark background ++__FONT_COLOR=36m ++ ++if [[ ${1}. == "font_light_gray". ]]; then ++ __FONT_COLOR=37m ++elif [[ ${1}. == "font_no_color". ]]; then ++ __FONT_COLOR=30m ++fi ++ ++if [[ ${2}. == "reset." ]]; then ++ awk 'BEGIN{printf ("\033['${__FONT_COLOR}'Resetting font color\n")}' ++ exit ++fi ++ ++awk '{sub (" \"msg\": ", "")} ++ /TASK/{task_line=$0} ++ /fatal:/{fatal_line=$0; nfatal[host]++} ++ /...ignoring/{nfatal[host]--; if (nfatal[host]<0) nfatal[host]=0} ++ /^[a-z]/&&/: \[/{gsub ("\\[", ""); gsub ("]", ""); gsub (":", ""); host=$2} ++ /SAP note/{print "\033['${__FONT_COLOR}'[" host"] "$0} ++ /FAIL:/{nfail[host]++; print "\033[31m[" host"] "$0} ++ /WARN:/{nwarn[host]++; print "\033[33m[" host"] "$0} ++ /PASS:/{npass[host]++; print "\033[32m[" host"] "$0} ++ /INFO:/{print "\033[34m[" host"] "$0} ++ /changed/&&/unreachable/{print "\033['${__FONT_COLOR}'[" host"] "$0} ++ END{print ("---"); for (var in npass) {printf ("[%s] ", var); if (nfatal[var]>0) { ++ printf ("\033[31mFATAL ERROR!!! Playbook might have been aborted!!!\033['${__FONT_COLOR}' Last TASK and fatal output:\n"); print task_line, fatal_line ++ exit 199 ++ } ++ else printf ("\033[31mFAIL: %d \033[33mWARN: %d \033[32mPASS: %d\033['${__FONT_COLOR}'\n", nfail[var], nwarn[var], npass[var])} ++ if (nfail[var] != 0) exit (nfail[var]) ++ }' diff --git a/SPECS/rhel-system-roles-sap.spec b/SPECS/rhel-system-roles-sap.spec index a14fd5d..5641bd4 100644 --- a/SPECS/rhel-system-roles-sap.spec +++ b/SPECS/rhel-system-roles-sap.spec @@ -1,11 +1,9 @@ -%if 0%{?rhel} && ! 0%{?epel} -%bcond_with ansible -%else -%bcond_without ansible -%endif - +# disable collection_artifact by default %bcond_with collection_artifact +# disable collection by default since version 3.6.0 (1.3.4) +%bcond_with collection + %if 0%{?fedora} || 0%{?rhel} > 8 %bcond_without html %else @@ -26,45 +24,45 @@ # collection_version has to be increased by every rebuild # otherwise, it cannot be uploaded to Automation Hub and Galaxy # due to version conflict -%define collection_version 1.2.1 +%define collection_version 1.3.5 %global mainid e2a233f5a0cb68363798bf014b16552cca681bd0 -%global commit_id_sap_install f0deb287aaa0fb7d992b95a04b14e263b6690c23 +%global commit_id_sap_install %{collection_version} %global rolename1 sap_general_preconfigure -%global rolename2 sap_hana_preconfigure -%global rolename3 sap_netweaver_preconfigure -%global rolename4 sap_hana_install +%global rolename2 sap_ha_install_hana_hsr +%global rolename3 sap_hana_install +%global rolename4 sap_hana_preconfigure %global rolename5 sap_ha_pacemaker_cluster -%global rolename6 sap_ha_set_netweaver -%global rolename7 sap_hostagent -%global rolename8 sap_install_media_detect -%global rolename9 sap_storage -%global rolename10 sap_swpm -%global rolename11 sap_ha_install_hana_hsr +%global rolename6 sap_hypervisor_node_preconfigure +%global rolename7 sap_netweaver_preconfigure +%global rolename8 sap_swpm +%global rolename9 sap_vm_preconfigure %global src_owner linux-system-roles -%global github_repo_sap_install community.sap_install -%global rolename_rhel %{rolename1} %{rolename2} %{rolename3} %{rolename4} %{rolename5} %{rolename10} %{rolename11} -%global rolename_community %{rolename_rhel} %{rolename1} %{rolename6} %{rolename7} %{rolename8} %{rolename9} -%if 0%{?fedora} -%global rolenames %{rolename_community} -%else +%global github_repo_sap_install redhat.sap_install +%global rolename_rhel %{rolename1} %{rolename2} %{rolename3} %{rolename4} %{rolename5} %{rolename6} %{rolename7} %{rolename8} %{rolename9} %global rolenames %{rolename_rhel} -%endif Name: %{package_name} Summary: System Roles to configure RHEL for running SAP NetWeaver- or SAP HANA-based products -Version: 3.4.0 -Release: 3%{?dist} -License: GPLv3+ -Url: https://github.com/berndfinger/community.sap_install +Version: 3.6.0 +Release: 2%{?dist} +License: GPL-3.0-or-later +Url: https://github.com/redhat-sap/community.sap_install Source0: https://github.com/linux-system-roles/auto-maintenance/archive/%{mainid}/auto-maintenance-%{mainid}.tar.gz -Source1: https://github.com/berndfinger/%{github_repo_sap_install}/archive/%{commit_id_sap_install}/%{github_repo_sap_install}-%{commit_id_sap_install}.tar.gz -# files/README.md, files/roles/sap_swpm/README.md from https://gitlab.cee.redhat.com/sap-linuxlab/prepare-redhat.sap_install -Source2: prepare-redhat.sap_install-main.tar.bz2 -Patch1: community.sap_install-shebang.patch +Source1: https://github.com/redhat-sap/redhat.sap_install/archive/%{commit_id_sap_install}/%{github_repo_sap_install}-%{commit_id_sap_install}.tar.gz + +# add collection files +Patch1: redhat.sap_install-1.3.5-collections-files-324bfb8bab50d2baa1c4aacdb59e4e5c9e2ba74f.patch + +# add tests files +Patch2: redhat.sap_install-1.3.4-add_tests.patch + +# add tools files +Patch3: redhat.sap_install-1.3.4-add_tools.patch BuildArch: noarch +Requires: rhel-system-roles %if %{with html} # Requirements for md2html.sh to build the documentation @@ -89,8 +87,14 @@ Requires: python-jmespath Requires: python-netaddr %endif -%if %{with ansible} -BuildRequires: ansible-core >= 2.9.10 +# NOTE: ansible-core is in rhel-8.6 and newer, but not installable +# in buildroot as it depended on modular Python. +# It has been installable at buildtime in 8.8 and newer. +%if %{with collection} +%if 0%{?rhel} >= 8 +BuildRequires: ansible-core >= 2.11.0 +Requires: (ansible-core >= 2.11.0 or ansible >= 2.9.0) +%endif %endif %if %{undefined __ansible_provides} @@ -99,6 +103,10 @@ Provides: ansible-collection(%{collection_namespace}.%{collection_name}) = %{ver # be compatible with the usual Fedora Provides: Provides: ansible-collection-%{collection_namespace}-%{collection_name} = %{version}-%{release} +# ansible-galaxy is available by ansible-core on RHEL 8.6 and newer at buildtime. +%define ansible_collection_build() ansible-galaxy collection build +%define ansible_collection_install() ansible-galaxy collection install -n -p %{buildroot}%{_datadir}/ansible/collections %{collection_namespace}-%{collection_name}-%{collection_version}.tar.gz + %if 0%{?fedora} || 0%{?rhel} >= 8 %{!?ansible_collection_files:%define ansible_collection_files %{_datadir}/ansible/collections/ansible_collections/%{collection_namespace}/} %else @@ -107,13 +115,6 @@ Provides: ansible-collection-%{collection_namespace}-%{collection_name} = %{vers %endif %endif - -%if %{without ansible} -%define ansible_collection_build_install() tar -cf %{_tmppath}/%{collection_namespace}-%{collection_name}-%{collection_version}.tar.gz .; mkdir -p %{buildroot}%{ansible_collection_files}%{collection_name}; (cd %{buildroot}%{ansible_collection_files}%{collection_name}; tar -xf %{_tmppath}/%{collection_namespace}-%{collection_name}-%{collection_version}.tar.gz) -%else -%define ansible_collection_build_install() ansible-galaxy collection build; ansible-galaxy collection install -n -p %{buildroot}%{_datadir}/ansible/collections %{collection_namespace}-%{collection_name}-%{collection_version}.tar.gz -%endif - %description Collection of Ansible roles which configures a RHEL system according to applicable SAP notes so that any SAP software can be installed. @@ -127,55 +128,26 @@ Collection artifact for %{name}. This package contains %{collection_namespace}-% %endif %prep -%setup -q -a1 -a2 -n auto-maintenance-%{mainid} - -# add correct version and namespace for Automation Hub and Galaxy -cp %{github_repo_sap_install}-%{commit_id_sap_install}/galaxy.yml . -sed -i -e "s|^namespace: .*|namespace: %{collection_namespace}|" galaxy.yml -sed -i -e "s|^version: .*|version: %{collection_version}|" galaxy.yml - -# update README.md and roles/sap_swpm/README.md -cp prepare-redhat.sap_install-main/README.md %{github_repo_sap_install}-%{commit_id_sap_install}/ -cp prepare-redhat.sap_install-main/files/roles/sap_swpm/README.md %{github_repo_sap_install}-%{commit_id_sap_install}/roles/sap_swpm/README.md +%setup -q -a1 -n auto-maintenance-%{mainid} pushd %{github_repo_sap_install}-%{commit_id_sap_install}/ +%patch -P1 -p1 +%patch -P2 -p1 +%patch -P3 -p1 # workaround for md2html error sed -i -e "s|for POWER ||g" roles/sap_hana_preconfigure/README.md -%patch1 -p1 - -# modify collection-requirements.yml, fedora.linux_system_roles -> redhat.rhel_system_roles -for r in %{rolenames} ; do - yml=roles/${r}/meta/collection-requirements.yml - [ -f ${yml} ] && sed -i "s,fedora.linux_system_roles,redhat.rhel_system_roles," ${yml} -done - -# modify defaults/main.yml, fedora.linux_system_roles -> redhat.rhel_system_roles -for r in %{rolenames} ; do - yml=roles/${r}/defaults/main.yml - [ -f ${yml} ] && sed -i "s,system_roles_collection: 'fedora.linux_system_roles',system_roles_collection: 'redhat.rhel_system_roles'," ${yml} -done popd # remove zero file and symlinks find . -type f -size 0 -delete find . -type l -delete -pushd %{github_repo_sap_install}-%{commit_id_sap_install}/roles/ -# remove all SLES stuff and RHEL 6 stuff -rm -rf */tasks/SLES/ -rm -f */vars/SLES_15.yml -rm -rf sap_hana_preconfigure/tasks/sapnote/1275776 # SLES - sapconf, saptune, etc -rm -rf sap_hana_preconfigure/tasks/sapnote/1944799 # SLES - HANA install and config guidelines -rm -f sap_hana_preconfigure/tasks/sapnote/1944799.yml -rm -f sap_hana_preconfigure/tasks/sapnote/2013638.yml # RHEL 6.5 - OS settings -rm -f sap_hana_preconfigure/tasks/sapnote/2136965.yml # RHEL 6.6 - OS settings -rm -f sap_hana_preconfigure/tasks/sapnote/2247020.yml # RHEL 6.7 - OS settings -rm -rf sap_hana_preconfigure/tasks/sapnote/2578899 # SLES 15 - installation -rm -rf sap_hana_preconfigure/tasks/sapnote/2684254 # SLES 15 - OS settings for HANA -rm -f sap_hana_preconfigure/vars/RedHat_6.5.yml -rm -f sap_hana_preconfigure/vars/RedHat_6.6.yml -rm -f sap_hana_preconfigure/vars/RedHat_6.7.yml -popd +# fix python and bash shebangs +find -type f \( -iname "*.py" \) -exec sed -i '1s=^#! */usr/bin/\(python\|env python\)[23]\?=#!/usr/bin/python3=' {} + +find -type f \( -iname "*.sh" \) -exec sed -i '1s=^#! */bin/bash=#!/usr/bin/bash=' {} + + +# remove json files, these are already present in the collection subdirectory +rm -f FILES.json MANIFEST.json %build %if %{with html} @@ -186,6 +158,7 @@ done sh md2html.sh $readmes %{github_repo_sap_install}-%{commit_id_sap_install}/README.md %endif +%if %{with collection} # create dest-path mkdir .collections @@ -200,6 +173,15 @@ LANG=en_US.utf-8 LC_ALL=en_US.utf-8 python3 lsr_role2collection.py --role "$role done cp -p galaxy.yml .collections/ansible_collections/%{collection_namespace}/%{collection_name} +# update README.md +cp %{github_repo_sap_install}-%{commit_id_sap_install}/README.md .collections/ansible_collections/%{collection_namespace}/%{collection_name} + +# Build the collection +pushd .collections/ansible_collections/%{collection_namespace}/%{collection_name}/ +%ansible_collection_build +popd + +%endif %install mkdir -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles \ @@ -208,6 +190,7 @@ mkdir -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles \ # create file selection for documents echo "%dir %{_pkgdocdir}" > files_section.txt cp %{github_repo_sap_install}-%{commit_id_sap_install}/README.md $RPM_BUILD_ROOT%{_pkgdocdir}/ + %if %{with html} cp %{github_repo_sap_install}-%{commit_id_sap_install}/README.html $RPM_BUILD_ROOT%{_pkgdocdir}/ %endif @@ -227,9 +210,13 @@ install -m 644 %{github_repo_sap_install}-%{commit_id_sap_install}/roles/$role/R done # install collection files +%if %{with collection} pushd .collections/ansible_collections/%{collection_namespace}/%{collection_name}/ -%ansible_collection_build_install +%ansible_collection_install popd +%else +cp -pR %{github_repo_sap_install}-%{commit_id_sap_install}/collections $RPM_BUILD_ROOT%{_datadir}/ansible/ +%endif # install collection_artifact %if %{with collection_artifact} @@ -243,19 +230,44 @@ popd %dir %{_datadir}/ansible %dir %{_datadir}/ansible/roles %doc %{_pkgdocdir}/*/README.md +%license %{_pkgdocdir}/*/LICENSE +%{_datadir}/ansible/roles/* + %if %{with html} %{_pkgdocdir}/*/README.html %endif -%license %{_pkgdocdir}/*/LICENSE -%{_datadir}/ansible/roles/* +%if %{with collection} %{ansible_collection_files} - +%else +%{_datadir}/ansible/collections +%endif %if %{with collection_artifact} %files collection-artifact %{_datadir}/ansible/collections/%{collection_namespace}-%{collection_name}-%{collection_version}.tar.gz %endif %changelog +* Mon Feb 05 2024 Than Ngo - 3.6.0-2 +- sap_hypervisor_node_preconfigure: fix for role name and path for included tasks +- update collection files +Related: RHEL-16897 + +* Thu Jan 25 2024 Than Ngo - 3.6.0-1 +- rebase sap roles to version 1.3.4 +- add collection files +- update README files and add missing galaxy.yml, LICENSE +- fix syntax error for defining dependent collections in galaxy.yml +- add tools and tests +Resolves: RHEL-16897 + +* Mon May 08 2023 Than Ngo - 3.5.0-1 +- updated README.md files for sap and sap_swpm roles +- migrated to SPDX license +- converted patch macro use to the most compatible syntax +- rebased sap roles to version 1.2.3 +Resolves: #2185037 + + * Mon Jan 30 2023 Than Ngo - 3.4.0-3 - Related: #2155876, rebase sap roles to version 1.2.1