From c92e4724371a2d7974a1d4269b22fa8a4a213a8a Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Wed, 9 Oct 2024 11:20:38 +0100 Subject: [PATCH 01/66] sap_swpm: New functionality to push SUM through the manual steps --- roles/sap_swpm/tasks/post_install.yml | 8 + .../tasks/post_install/sum_push_to_finish.yml | 163 ++++++++++++++++++ 2 files changed, 171 insertions(+) create mode 100644 roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml diff --git a/roles/sap_swpm/tasks/post_install.yml b/roles/sap_swpm/tasks/post_install.yml index 935ed0571..c0ded279f 100644 --- a/roles/sap_swpm/tasks/post_install.yml +++ b/roles/sap_swpm/tasks/post_install.yml @@ -57,3 +57,11 @@ - __sap_swpm_post_install_register_hdbuserstore_exists.stat.exists register: __sap_swpm_post_install_register_hdbuserstore_connection changed_when: __sap_swpm_post_install_register_hdbuserstore_connection is succeeded + +# Now that SWPM finished we may need to deal with SUM before continuing when sap_swpm_sum_start: 'true' +# If observer mode is enabled, SWPM will wait for SUM to finish before continuing so we don't need to do anything here +- name: SAP SWPM Post Install - Control SUM if required + ansible.builtin.include_tasks: post_install/sum_push_to_finish.yml + when: + - sap_swpm_sum_start == 'true' + - not sap_swpm_swpm_observer_mode diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml new file mode 100644 index 000000000..6d852cb29 --- /dev/null +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -0,0 +1,163 @@ +--- +# Will keep pushing SUM through the two key stopping points until it finishes +# This allows to fully automate the SWPM+SUM installation process +# Based on research by @sean-freeman + +# Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until we are in BIND_PATCH phase +- name: Checking the status of SUM + uri: + url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|CONFIGURE|PREP_EXTENSION|BIND_PATCH|PatchSelection' in _sap_swpm_sum_push.content + retries: 60 + delay: 60 + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|CONFIGURE|PREP_EXTENSION|BIND_PATCH|PatchSelection' not in _sap_swpm_sum_push.content + +# Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly +- name: Get the config XML from SUM + uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + # headers: + # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" + register: _sap_swpm_sum_push_config + until: _sap_swpm_sum_push_config.status == 200 + retries: 3 + delay: 60 + failed_when: _sap_swpm_sum_push_config.status != 200 + +# Get the CSRF token from SUM by calling config +- name: Get the CSRF token from SUM + uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: false + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: Fetch + # X-Requested-With: XMLHttpRequest + register: _sap_swpm_sum_push + failed_when: _sap_swpm_sum_push.status != 200 + +# Post the config XML back to SUM unchanged as we want to keep the default patch levels as per the XML file. This will move SUM to the next step. +- name: Move SUM to the next step + uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: POST + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" + body_format: raw + body: "{{ _sap_swpm_sum_push_config.content }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 + failed_when: _sap_swpm_sum_push.status != 200 + +# At this point SUM should be running. This will take anything between 6-12 hours to complete. +# Patiently check every 10 minutes to see if SUM has completed all the steps and is now in the SPAUINFO step. +# Check the SUM status via SUMOBSEVER.XML +- name: Checking the status of SUM + uri: + url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' in _sap_swpm_sum_push.content + retries: 72 # 12 hours + delay: 600 # 10 minutes + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content + +# Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly +# Need to get config XML even through we are not going to use it. This is to get the diagtime cookie. +- name: Get the config XML from SUM + uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + # headers: + # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" + register: _sap_swpm_sum_push_config + until: _sap_swpm_sum_push_config.status == 200 + retries: 3 + delay: 60 + failed_when: _sap_swpm_sum_push_config.status != 200 + +# Get the CSRF token from SUM by calling config +- name: Get the CSRF token from SUM + uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: false + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: Fetch + # X-Requested-With: XMLHttpRequest + register: _sap_swpm_sum_push + failed_when: _sap_swpm_sum_push.status != 200 + +# Post confirmation to SUM that no SPAU is required. This will move SUM to the next step. +- name: Move SUM to the next step + uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: POST + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" + body_format: raw + body: 'DialogueValueslp.parameter.type.SCALAR10yes' + register: _sap_swpm_sum_push + failed_when: _sap_swpm_sum_push.status != 200 + +# Finally wait for SUM to finish the final steps. This shouldn't take more than 1 hour. +# Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until the status is 'MAIN_POSTCLEAN|EXIT' +- name: Checking the status of SUM and making sure it has finished + uri: + url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content + retries: 60 + delay: 60 + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content \ No newline at end of file From 546d97dcf9e3cd3c3cc97e6da69f9a3546dc05c9 Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Wed, 9 Oct 2024 11:48:39 +0100 Subject: [PATCH 02/66] sap_swpm: New functionality to push SUM through the manual steps --- .../tasks/post_install/sum_push_to_finish.yml | 39 ++++++++++--------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index 6d852cb29..41c266d91 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -5,7 +5,7 @@ # Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until we are in BIND_PATCH phase - name: Checking the status of SUM - uri: + ansible.builtin.uri: url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" method: GET validate_certs: false @@ -21,7 +21,7 @@ # Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly - name: Get the config XML from SUM - uri: + ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: GET validate_certs: false @@ -38,8 +38,8 @@ failed_when: _sap_swpm_sum_push_config.status != 200 # Get the CSRF token from SUM by calling config -- name: Get the CSRF token from SUM - uri: +- name: Get the CSRF token from SUM + ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: GET validate_certs: false @@ -50,13 +50,13 @@ headers: Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" X-CSRF-Token: Fetch - # X-Requested-With: XMLHttpRequest - register: _sap_swpm_sum_push + # X-Requested-With: XMLHttpRequest + register: _sap_swpm_sum_push failed_when: _sap_swpm_sum_push.status != 200 # Post the config XML back to SUM unchanged as we want to keep the default patch levels as per the XML file. This will move SUM to the next step. -- name: Move SUM to the next step - uri: +- name: Move SUM to the next step + ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: POST validate_certs: false @@ -77,7 +77,7 @@ # Patiently check every 10 minutes to see if SUM has completed all the steps and is now in the SPAUINFO step. # Check the SUM status via SUMOBSEVER.XML - name: Checking the status of SUM - uri: + ansible.builtin.uri: url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" method: GET validate_certs: false @@ -94,7 +94,7 @@ # Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly # Need to get config XML even through we are not going to use it. This is to get the diagtime cookie. - name: Get the config XML from SUM - uri: + ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: GET validate_certs: false @@ -111,8 +111,8 @@ failed_when: _sap_swpm_sum_push_config.status != 200 # Get the CSRF token from SUM by calling config -- name: Get the CSRF token from SUM - uri: +- name: Get the CSRF token from SUM + ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: GET validate_certs: false @@ -123,13 +123,13 @@ headers: Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" X-CSRF-Token: Fetch - # X-Requested-With: XMLHttpRequest - register: _sap_swpm_sum_push + # X-Requested-With: XMLHttpRequest + register: _sap_swpm_sum_push failed_when: _sap_swpm_sum_push.status != 200 # Post confirmation to SUM that no SPAU is required. This will move SUM to the next step. -- name: Move SUM to the next step - uri: +- name: Move SUM to the next step + ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: POST validate_certs: false @@ -142,13 +142,13 @@ X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" body_format: raw body: 'DialogueValueslp.parameter.type.SCALAR10yes' - register: _sap_swpm_sum_push + register: _sap_swpm_sum_push failed_when: _sap_swpm_sum_push.status != 200 # Finally wait for SUM to finish the final steps. This shouldn't take more than 1 hour. # Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until the status is 'MAIN_POSTCLEAN|EXIT' - name: Checking the status of SUM and making sure it has finished - uri: + ansible.builtin.uri: url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" method: GET validate_certs: false @@ -160,4 +160,5 @@ until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content retries: 60 delay: 60 - failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content \ No newline at end of file + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content + \ No newline at end of file From 0e9867cea924eb519af0972bff2cd3c63b93819d Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Wed, 9 Oct 2024 12:01:07 +0100 Subject: [PATCH 03/66] sap_swpm: New functionality to push SUM through the manual steps --- roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index 41c266d91..fda6720af 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -1,5 +1,5 @@ --- -# Will keep pushing SUM through the two key stopping points until it finishes +# Will keep pushing SUM through the two key manual steps until it finishes # This allows to fully automate the SWPM+SUM installation process # Based on research by @sean-freeman @@ -126,7 +126,7 @@ # X-Requested-With: XMLHttpRequest register: _sap_swpm_sum_push failed_when: _sap_swpm_sum_push.status != 200 - + # Post confirmation to SUM that no SPAU is required. This will move SUM to the next step. - name: Move SUM to the next step ansible.builtin.uri: @@ -161,4 +161,3 @@ retries: 60 delay: 60 failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content - \ No newline at end of file From bca86cd3061df72931d1d6fc7ddff2f2d5de792e Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Fri, 22 Nov 2024 17:29:21 +0000 Subject: [PATCH 04/66] sap_swpm: improved detection of running SUM and more accurate starting conditions --- roles/sap_swpm/tasks/post_install.yml | 135 +++++++++--------- .../tasks/post_install/sum_push_to_finish.yml | 9 ++ 2 files changed, 77 insertions(+), 67 deletions(-) diff --git a/roles/sap_swpm/tasks/post_install.yml b/roles/sap_swpm/tasks/post_install.yml index c0ded279f..cd5a107f1 100644 --- a/roles/sap_swpm/tasks/post_install.yml +++ b/roles/sap_swpm/tasks/post_install.yml @@ -1,67 +1,68 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# Reason for noqa: The command might change things but we do not yet attempt to find out -- name: SAP SWPM Post Install - ensure password expiry disabled {{ sap_swpm_sid | lower + 'adm' }} - ansible.builtin.shell: | - chage -m 0 -M 99999 -I -1 -E -1 {{ sap_swpm_sid | lower }}adm - chage -m 0 -M 99999 -I -1 -E -1 sapadm - args: - executable: /bin/bash - become: true - register: __sap_swpm_post_install_register_sidadm_noexpire - changed_when: __sap_swpm_post_install_register_sidadm_noexpire is succeeded - -# Firewall - -- name: SAP SWPM Post Install - Firewall Setup - ansible.builtin.include_tasks: post_install/firewall.yml - when: - - "sap_swpm_setup_firewall | bool" - -######################################################################################################################## - -- name: SAP SWPM Deployment - Finished - ansible.builtin.debug: - msg: - - ' SAP SWPM deployment successfully completed ' - - ' ' - - ' SAP Product - {{ sap_swpm_product_catalog_id }} ' - - ' SID - {{ sap_swpm_sid | d("") }} ' - - ' Primary Instance - {{ sap_swpm_pas_instance_nr | d("") }} ' - - ' Host - {{ ansible_hostname }} ' - - ' FQDN - {{ ansible_fqdn }} ' - - ' IP - {{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }} ' -# - ' Master Password - {{ sap_swpm_master_password }} ' -# - ' DDIC 000 Password - {{ sap_swpm_ddic_000_password }} ' - -# SAP HANA Client will not be installed for any installation with SAP AnyDB -# and will only be installed alongside SAP NWAS PAS or AAS (not NWAS ASCS) -- name: SAP SWPM Post Install - Check for SAP HANA Client hdbuserstore - ansible.builtin.stat: - path: /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore - register: __sap_swpm_post_install_register_hdbuserstore_exists - -- name: SAP SWPM Post Install - Enforce Connection Info in SAP HANA Client hdbuserstore - ansible.builtin.shell: | - /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore \ - SET DEFAULT \ - {{ sap_swpm_db_host }}:3{{ sap_swpm_db_instance_nr }}13@{{ sap_swpm_db_sid }} \ - {{ sap_swpm_db_schema_abap }} '{{ sap_swpm_db_schema_abap_password }}' - args: - executable: /bin/bash - become: true - become_user: "{{ sap_swpm_sid | lower }}adm" - when: - - sap_swpm_install_saphostagent is defined and sap_swpm_install_saphostagent - - __sap_swpm_post_install_register_hdbuserstore_exists.stat.exists - register: __sap_swpm_post_install_register_hdbuserstore_connection - changed_when: __sap_swpm_post_install_register_hdbuserstore_connection is succeeded - -# Now that SWPM finished we may need to deal with SUM before continuing when sap_swpm_sum_start: 'true' -# If observer mode is enabled, SWPM will wait for SUM to finish before continuing so we don't need to do anything here -- name: SAP SWPM Post Install - Control SUM if required - ansible.builtin.include_tasks: post_install/sum_push_to_finish.yml - when: - - sap_swpm_sum_start == 'true' - - not sap_swpm_swpm_observer_mode +--- + +# Reason for noqa: The command might change things but we do not yet attempt to find out +- name: SAP SWPM Post Install - ensure password expiry disabled {{ sap_swpm_sid | lower + 'adm' }} + ansible.builtin.shell: | + chage -m 0 -M 99999 -I -1 -E -1 {{ sap_swpm_sid | lower }}adm + chage -m 0 -M 99999 -I -1 -E -1 sapadm + args: + executable: /bin/bash + become: true + register: __sap_swpm_post_install_register_sidadm_noexpire + changed_when: __sap_swpm_post_install_register_sidadm_noexpire is succeeded + +# Firewall + +- name: SAP SWPM Post Install - Firewall Setup + ansible.builtin.include_tasks: post_install/firewall.yml + when: + - "sap_swpm_setup_firewall | bool" + +######################################################################################################################## + +- name: SAP SWPM Deployment - Finished + ansible.builtin.debug: + msg: + - ' SAP SWPM deployment successfully completed ' + - ' ' + - ' SAP Product - {{ sap_swpm_product_catalog_id }} ' + - ' SID - {{ sap_swpm_sid | d("") }} ' + - ' Primary Instance - {{ sap_swpm_pas_instance_nr | d("") }} ' + - ' Host - {{ ansible_hostname }} ' + - ' FQDN - {{ ansible_fqdn }} ' + - ' IP - {{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }} ' +# - ' Master Password - {{ sap_swpm_master_password }} ' +# - ' DDIC 000 Password - {{ sap_swpm_ddic_000_password }} ' + +# SAP HANA Client will not be installed for any installation with SAP AnyDB +# and will only be installed alongside SAP NWAS PAS or AAS (not NWAS ASCS) +- name: SAP SWPM Post Install - Check for SAP HANA Client hdbuserstore + ansible.builtin.stat: + path: /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore + register: __sap_swpm_post_install_register_hdbuserstore_exists + +- name: SAP SWPM Post Install - Enforce Connection Info in SAP HANA Client hdbuserstore + ansible.builtin.shell: | + /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore \ + SET DEFAULT \ + {{ sap_swpm_db_host }}:3{{ sap_swpm_db_instance_nr }}13@{{ sap_swpm_db_sid }} \ + {{ sap_swpm_db_schema_abap }} '{{ sap_swpm_db_schema_abap_password }}' + args: + executable: /bin/bash + become: true + become_user: "{{ sap_swpm_sid | lower }}adm" + when: + - sap_swpm_install_saphostagent is defined and sap_swpm_install_saphostagent + - __sap_swpm_post_install_register_hdbuserstore_exists.stat.exists + register: __sap_swpm_post_install_register_hdbuserstore_connection + changed_when: __sap_swpm_post_install_register_hdbuserstore_connection is succeeded + +# Now that SWPM finished we may need to deal with SUM before continuing when sap_swpm_sum_start: 'true' +# and if we are doing OneHost or CI/PAS installation +# If observer mode is enabled, SWPM will wait for SUM to finish before continuing so we can't do anything here +- name: SAP SWPM Post Install - Control SUM if required + ansible.builtin.include_tasks: post_install/sum_push_to_finish.yml + when: + - sap_swpm_sum_start == 'true' + - not sap_swpm_swpm_observer_mode + - "'NW_ABAP_CI:' in sap_swpm_product_catalog_id or 'NW_ABAP_OneHost:' in sap_swpm_product_catalog_id" diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index fda6720af..139675c68 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -3,6 +3,15 @@ # This allows to fully automate the SWPM+SUM installation process # Based on research by @sean-freeman +# Check if the SUMup process is running, give it 5 minutes to start +- name: Check if SAPup_real process is running (wait for 5 minutes until it starts) + ansible.builtin.shell: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real + register: _sapup_process + retries: 5 + delay: 60 + until: _sapup_process.rc == 0 and _sapup_process.stdout|int > 0 + failed_when: _sapup_process.rc != 0 + # Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until we are in BIND_PATCH phase - name: Checking the status of SUM ansible.builtin.uri: From d99880fa1f45f2a5ae5610059ff6b290afcf66e0 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 19 Dec 2024 15:26:41 +0100 Subject: [PATCH 05/66] sap_swpm: Fix wrong merge conflict resolution Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/post_install.yml | 198 +++++++++----------------- 1 file changed, 69 insertions(+), 129 deletions(-) diff --git a/roles/sap_swpm/tasks/post_install.yml b/roles/sap_swpm/tasks/post_install.yml index 5fcb0d960..964d8e8b6 100644 --- a/roles/sap_swpm/tasks/post_install.yml +++ b/roles/sap_swpm/tasks/post_install.yml @@ -1,129 +1,69 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -# Reason for noqa: The command might change things but we do not yet attempt to find out -- name: SAP SWPM Post Install - ensure password expiry disabled {{ sap_swpm_sid | lower + 'adm' }} - ansible.builtin.shell: | - chage -m 0 -M 99999 -I -1 -E -1 {{ sap_swpm_sid | lower }}adm - chage -m 0 -M 99999 -I -1 -E -1 sapadm - args: - executable: /bin/bash - become: true - register: __sap_swpm_post_install_register_sidadm_noexpire - changed_when: __sap_swpm_post_install_register_sidadm_noexpire is succeeded - -# Firewall - -- name: SAP SWPM Post Install - Firewall Setup - ansible.builtin.include_tasks: post_install/firewall.yml - when: - - sap_swpm_setup_firewall - -######################################################################################################################## - -- name: SAP SWPM Deployment - Finished - ansible.builtin.debug: - msg: - - ' SAP SWPM deployment successfully completed ' - - ' ' - - ' SAP Product - {{ sap_swpm_product_catalog_id }} ' - - ' SID - {{ sap_swpm_sid | d("") }} ' - - ' Primary Instance - {{ sap_swpm_pas_instance_nr | d("") }} ' - - ' Host - {{ ansible_hostname }} ' - - ' FQDN - {{ ansible_fqdn }} ' - - ' IP - {{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }} ' -# - ' Master Password - {{ sap_swpm_master_password }} ' -# - ' DDIC 000 Password - {{ sap_swpm_ddic_000_password }} ' - -# SAP HANA Client will not be installed for any installation with SAP AnyDB -# and will only be installed alongside SAP NWAS PAS or AAS (not NWAS ASCS) -- name: SAP SWPM Post Install - Check for SAP HANA Client hdbuserstore - ansible.builtin.stat: - path: /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore - register: __sap_swpm_post_install_register_hdbuserstore_exists - -- name: SAP SWPM Post Install - Enforce Connection Info in SAP HANA Client hdbuserstore - ansible.builtin.shell: | - /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore \ - SET DEFAULT \ - {{ sap_swpm_db_host }}:3{{ sap_swpm_db_instance_nr }}13@{{ sap_swpm_db_sid }} \ - {{ sap_swpm_db_schema_abap }} '{{ sap_swpm_db_schema_abap_password }}' - args: - executable: /bin/bash - become: true - become_user: "{{ sap_swpm_sid | lower }}adm" - when: - - sap_swpm_install_saphostagent is defined and sap_swpm_install_saphostagent - - __sap_swpm_post_install_register_hdbuserstore_exists.stat.exists - register: __sap_swpm_post_install_register_hdbuserstore_connection - changed_when: __sap_swpm_post_install_register_hdbuserstore_connection is succeeded - -# Now that SWPM finished we may need to deal with SUM before continuing when sap_swpm_sum_start: 'true' -# and if we are doing OneHost or CI/PAS installation -# If observer mode is enabled, SWPM will wait for SUM to finish before continuing so we can't do anything here -- name: SAP SWPM Post Install - Control SUM if required - ansible.builtin.include_tasks: post_install/sum_push_to_finish.yml - when: - - sap_swpm_sum_start == 'true' - - not sap_swpm_swpm_observer_mode - - "'NW_ABAP_CI:' in sap_swpm_product_catalog_id or 'NW_ABAP_OneHost:' in sap_swpm_product_catalog_id" -======= -# SPDX-License-Identifier: Apache-2.0 ---- - -# Reason for noqa: The command might change things but we do not yet attempt to find out -- name: SAP SWPM Post Install - ensure password expiry disabled {{ sap_swpm_sid | lower + 'adm' }} - ansible.builtin.shell: | - chage -m 0 -M 99999 -I -1 -E -1 {{ sap_swpm_sid | lower }}adm - chage -m 0 -M 99999 -I -1 -E -1 sapadm - args: - executable: /bin/bash - become: true - register: __sap_swpm_post_install_register_sidadm_noexpire - changed_when: __sap_swpm_post_install_register_sidadm_noexpire is succeeded - -# Firewall - -- name: SAP SWPM Post Install - Firewall Setup - ansible.builtin.include_tasks: post_install/firewall.yml - when: - - sap_swpm_setup_firewall - -######################################################################################################################## - -- name: SAP SWPM Deployment - Finished - ansible.builtin.debug: - msg: - - ' SAP SWPM deployment successfully completed ' - - ' ' - - ' SAP Product - {{ sap_swpm_product_catalog_id }} ' - - ' SID - {{ sap_swpm_sid | d("") }} ' - - ' Primary Instance - {{ sap_swpm_pas_instance_nr | d("") }} ' - - ' Host - {{ ansible_hostname }} ' - - ' FQDN - {{ ansible_fqdn }} ' - - ' IP - {{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }} ' -# - ' Master Password - {{ sap_swpm_master_password }} ' -# - ' DDIC 000 Password - {{ sap_swpm_ddic_000_password }} ' - -# SAP HANA Client will not be installed for any installation with SAP AnyDB -# and will only be installed alongside SAP NWAS PAS or AAS (not NWAS ASCS) -- name: SAP SWPM Post Install - Check for SAP HANA Client hdbuserstore - ansible.builtin.stat: - path: /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore - register: __sap_swpm_post_install_register_hdbuserstore_exists - -- name: SAP SWPM Post Install - Enforce Connection Info in SAP HANA Client hdbuserstore - ansible.builtin.shell: | - /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore \ - SET DEFAULT \ - {{ sap_swpm_db_host }}:3{{ sap_swpm_db_instance_nr }}13@{{ sap_swpm_db_sid }} \ - {{ sap_swpm_db_schema_abap }} '{{ sap_swpm_db_schema_abap_password }}' - args: - executable: /bin/bash - become: true - become_user: "{{ sap_swpm_sid | lower }}adm" - when: - - sap_swpm_install_saphostagent is defined and sap_swpm_install_saphostagent - - __sap_swpm_post_install_register_hdbuserstore_exists.stat.exists - register: __sap_swpm_post_install_register_hdbuserstore_connection - changed_when: __sap_swpm_post_install_register_hdbuserstore_connection is succeeded \ No newline at end of file +# SPDX-License-Identifier: Apache-2.0 +--- + +# Reason for noqa: The command might change things but we do not yet attempt to find out +- name: SAP SWPM Post Install - ensure password expiry disabled {{ sap_swpm_sid | lower + 'adm' }} + ansible.builtin.shell: | + chage -m 0 -M 99999 -I -1 -E -1 {{ sap_swpm_sid | lower }}adm + chage -m 0 -M 99999 -I -1 -E -1 sapadm + args: + executable: /bin/bash + become: true + register: __sap_swpm_post_install_register_sidadm_noexpire + changed_when: __sap_swpm_post_install_register_sidadm_noexpire is succeeded + +# Firewall + +- name: SAP SWPM Post Install - Firewall Setup + ansible.builtin.include_tasks: post_install/firewall.yml + when: + - sap_swpm_setup_firewall + +######################################################################################################################## + +- name: SAP SWPM Deployment - Finished + ansible.builtin.debug: + msg: + - ' SAP SWPM deployment successfully completed ' + - ' ' + - ' SAP Product - {{ sap_swpm_product_catalog_id }} ' + - ' SID - {{ sap_swpm_sid | d("") }} ' + - ' Primary Instance - {{ sap_swpm_pas_instance_nr | d("") }} ' + - ' Host - {{ ansible_hostname }} ' + - ' FQDN - {{ ansible_fqdn }} ' + - ' IP - {{ ansible_default_ipv4.address | d(ansible_all_ipv4_addresses[0]) }} ' +# - ' Master Password - {{ sap_swpm_master_password }} ' +# - ' DDIC 000 Password - {{ sap_swpm_ddic_000_password }} ' + +# SAP HANA Client will not be installed for any installation with SAP AnyDB +# and will only be installed alongside SAP NWAS PAS or AAS (not NWAS ASCS) +- name: SAP SWPM Post Install - Check for SAP HANA Client hdbuserstore + ansible.builtin.stat: + path: /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore + register: __sap_swpm_post_install_register_hdbuserstore_exists + +- name: SAP SWPM Post Install - Enforce Connection Info in SAP HANA Client hdbuserstore + ansible.builtin.shell: | + /usr/sap/{{ sap_swpm_sid }}/hdbclient/hdbuserstore \ + SET DEFAULT \ + {{ sap_swpm_db_host }}:3{{ sap_swpm_db_instance_nr }}13@{{ sap_swpm_db_sid }} \ + {{ sap_swpm_db_schema_abap }} '{{ sap_swpm_db_schema_abap_password }}' + args: + executable: /bin/bash + become: true + become_user: "{{ sap_swpm_sid | lower }}adm" + when: + - sap_swpm_install_saphostagent is defined and sap_swpm_install_saphostagent + - __sap_swpm_post_install_register_hdbuserstore_exists.stat.exists + register: __sap_swpm_post_install_register_hdbuserstore_connection + changed_when: __sap_swpm_post_install_register_hdbuserstore_connection is succeeded + +# Now that SWPM finished we may need to deal with SUM before continuing when sap_swpm_sum_start: 'true' +# and if we are doing OneHost or CI/PAS installation +# If observer mode is enabled, SWPM will wait for SUM to finish before continuing so we can't do anything here +- name: SAP SWPM Post Install - Control SUM if required + ansible.builtin.include_tasks: post_install/sum_push_to_finish.yml + when: + - sap_swpm_sum_start == 'true' + - not sap_swpm_swpm_observer_mode + - "'NW_ABAP_CI:' in sap_swpm_product_catalog_id or 'NW_ABAP_OneHost:' in sap_swpm_product_catalog_id" From b34bdad624e2056670789877712184cca57d7994 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 19 Dec 2024 15:28:41 +0100 Subject: [PATCH 06/66] sap_swpm: Add missing SPDX itentifier ... to new file tasks/post_install/sum_push_to_finish.yml Signed-off-by: Bernd Finger --- roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index 139675c68..4942fc1e6 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: Apache-2.0 --- # Will keep pushing SUM through the two key manual steps until it finishes # This allows to fully automate the SWPM+SUM installation process From 10330ebc90fdab5781594e05dc56259629df38ed Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Thu, 19 Dec 2024 15:47:01 +0100 Subject: [PATCH 07/66] sap_swpm: Fix ansible-test sanity line-endings errors Signed-off-by: Bernd Finger --- .../tasks/post_install/sum_push_to_finish.yml | 346 +++++++++--------- 1 file changed, 173 insertions(+), 173 deletions(-) diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index 4942fc1e6..3240ef5fb 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -1,173 +1,173 @@ -# SPDX-License-Identifier: Apache-2.0 ---- -# Will keep pushing SUM through the two key manual steps until it finishes -# This allows to fully automate the SWPM+SUM installation process -# Based on research by @sean-freeman - -# Check if the SUMup process is running, give it 5 minutes to start -- name: Check if SAPup_real process is running (wait for 5 minutes until it starts) - ansible.builtin.shell: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real - register: _sapup_process - retries: 5 - delay: 60 - until: _sapup_process.rc == 0 and _sapup_process.stdout|int > 0 - failed_when: _sapup_process.rc != 0 - -# Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until we are in BIND_PATCH phase -- name: Checking the status of SUM - ansible.builtin.uri: - url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" - method: GET - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - register: _sap_swpm_sum_push - until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|CONFIGURE|PREP_EXTENSION|BIND_PATCH|PatchSelection' in _sap_swpm_sum_push.content - retries: 60 - delay: 60 - failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|CONFIGURE|PREP_EXTENSION|BIND_PATCH|PatchSelection' not in _sap_swpm_sum_push.content - -# Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly -- name: Get the config XML from SUM - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: GET - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - # headers: - # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" - register: _sap_swpm_sum_push_config - until: _sap_swpm_sum_push_config.status == 200 - retries: 3 - delay: 60 - failed_when: _sap_swpm_sum_push_config.status != 200 - -# Get the CSRF token from SUM by calling config -- name: Get the CSRF token from SUM - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: GET - validate_certs: false - return_content: false - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - headers: - Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" - X-CSRF-Token: Fetch - # X-Requested-With: XMLHttpRequest - register: _sap_swpm_sum_push - failed_when: _sap_swpm_sum_push.status != 200 - -# Post the config XML back to SUM unchanged as we want to keep the default patch levels as per the XML file. This will move SUM to the next step. -- name: Move SUM to the next step - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: POST - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - headers: - Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" - X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" - body_format: raw - body: "{{ _sap_swpm_sum_push_config.content }}" - register: _sap_swpm_sum_push - until: _sap_swpm_sum_push.status == 200 - failed_when: _sap_swpm_sum_push.status != 200 - -# At this point SUM should be running. This will take anything between 6-12 hours to complete. -# Patiently check every 10 minutes to see if SUM has completed all the steps and is now in the SPAUINFO step. -# Check the SUM status via SUMOBSEVER.XML -- name: Checking the status of SUM - ansible.builtin.uri: - url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" - method: GET - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - register: _sap_swpm_sum_push - until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' in _sap_swpm_sum_push.content - retries: 72 # 12 hours - delay: 600 # 10 minutes - failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content - -# Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly -# Need to get config XML even through we are not going to use it. This is to get the diagtime cookie. -- name: Get the config XML from SUM - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: GET - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - # headers: - # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" - register: _sap_swpm_sum_push_config - until: _sap_swpm_sum_push_config.status == 200 - retries: 3 - delay: 60 - failed_when: _sap_swpm_sum_push_config.status != 200 - -# Get the CSRF token from SUM by calling config -- name: Get the CSRF token from SUM - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: GET - validate_certs: false - return_content: false - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - headers: - Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" - X-CSRF-Token: Fetch - # X-Requested-With: XMLHttpRequest - register: _sap_swpm_sum_push - failed_when: _sap_swpm_sum_push.status != 200 - -# Post confirmation to SUM that no SPAU is required. This will move SUM to the next step. -- name: Move SUM to the next step - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: POST - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - headers: - Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" - X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" - body_format: raw - body: 'DialogueValueslp.parameter.type.SCALAR10yes' - register: _sap_swpm_sum_push - failed_when: _sap_swpm_sum_push.status != 200 - -# Finally wait for SUM to finish the final steps. This shouldn't take more than 1 hour. -# Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until the status is 'MAIN_POSTCLEAN|EXIT' -- name: Checking the status of SUM and making sure it has finished - ansible.builtin.uri: - url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" - method: GET - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - register: _sap_swpm_sum_push - until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content - retries: 60 - delay: 60 - failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content +# SPDX-License-Identifier: Apache-2.0 +--- +# Will keep pushing SUM through the two key manual steps until it finishes +# This allows to fully automate the SWPM+SUM installation process +# Based on research by @sean-freeman + +# Check if the SUMup process is running, give it 5 minutes to start +- name: Check if SAPup_real process is running (wait for 5 minutes until it starts) + ansible.builtin.shell: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real + register: _sapup_process + retries: 5 + delay: 60 + until: _sapup_process.rc == 0 and _sapup_process.stdout|int > 0 + failed_when: _sapup_process.rc != 0 + +# Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until we are in BIND_PATCH phase +- name: Checking the status of SUM + ansible.builtin.uri: + url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|CONFIGURE|PREP_EXTENSION|BIND_PATCH|PatchSelection' in _sap_swpm_sum_push.content + retries: 60 + delay: 60 + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|CONFIGURE|PREP_EXTENSION|BIND_PATCH|PatchSelection' not in _sap_swpm_sum_push.content + +# Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly +- name: Get the config XML from SUM + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + # headers: + # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" + register: _sap_swpm_sum_push_config + until: _sap_swpm_sum_push_config.status == 200 + retries: 3 + delay: 60 + failed_when: _sap_swpm_sum_push_config.status != 200 + +# Get the CSRF token from SUM by calling config +- name: Get the CSRF token from SUM + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: false + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: Fetch + # X-Requested-With: XMLHttpRequest + register: _sap_swpm_sum_push + failed_when: _sap_swpm_sum_push.status != 200 + +# Post the config XML back to SUM unchanged as we want to keep the default patch levels as per the XML file. This will move SUM to the next step. +- name: Move SUM to the next step + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: POST + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" + body_format: raw + body: "{{ _sap_swpm_sum_push_config.content }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 + failed_when: _sap_swpm_sum_push.status != 200 + +# At this point SUM should be running. This will take anything between 6-12 hours to complete. +# Patiently check every 10 minutes to see if SUM has completed all the steps and is now in the SPAUINFO step. +# Check the SUM status via SUMOBSEVER.XML +- name: Checking the status of SUM + ansible.builtin.uri: + url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' in _sap_swpm_sum_push.content + retries: 72 # 12 hours + delay: 600 # 10 minutes + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content + +# Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly +# Need to get config XML even through we are not going to use it. This is to get the diagtime cookie. +- name: Get the config XML from SUM + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + # headers: + # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" + register: _sap_swpm_sum_push_config + until: _sap_swpm_sum_push_config.status == 200 + retries: 3 + delay: 60 + failed_when: _sap_swpm_sum_push_config.status != 200 + +# Get the CSRF token from SUM by calling config +- name: Get the CSRF token from SUM + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: false + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: Fetch + # X-Requested-With: XMLHttpRequest + register: _sap_swpm_sum_push + failed_when: _sap_swpm_sum_push.status != 200 + +# Post confirmation to SUM that no SPAU is required. This will move SUM to the next step. +- name: Move SUM to the next step + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: POST + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" + body_format: raw + body: 'DialogueValueslp.parameter.type.SCALAR10yes' + register: _sap_swpm_sum_push + failed_when: _sap_swpm_sum_push.status != 200 + +# Finally wait for SUM to finish the final steps. This shouldn't take more than 1 hour. +# Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until the status is 'MAIN_POSTCLEAN|EXIT' +- name: Checking the status of SUM and making sure it has finished + ansible.builtin.uri: + url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content + retries: 60 + delay: 60 + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content From 489bdac88ec23e00d828a4b5e32a7490f4821d9b Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Fri, 3 Jan 2025 15:13:06 +0000 Subject: [PATCH 08/66] sap_swpm: Improved SUM handling and lint fixes --- .../tasks/post_install/sum_push_to_finish.yml | 158 +++++++++--------- 1 file changed, 83 insertions(+), 75 deletions(-) diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index 3240ef5fb..4389e60b4 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -6,15 +6,16 @@ # Check if the SUMup process is running, give it 5 minutes to start - name: Check if SAPup_real process is running (wait for 5 minutes until it starts) - ansible.builtin.shell: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real + ansible.builtin.command: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real register: _sapup_process retries: 5 delay: 60 until: _sapup_process.rc == 0 and _sapup_process.stdout|int > 0 failed_when: _sapup_process.rc != 0 + changed_when: false # Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until we are in BIND_PATCH phase -- name: Checking the status of SUM +- name: Checking the status of SUM (BIND_PATCH) ansible.builtin.uri: url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" method: GET @@ -30,7 +31,7 @@ failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|CONFIGURE|PREP_EXTENSION|BIND_PATCH|PatchSelection' not in _sap_swpm_sum_push.content # Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly -- name: Get the config XML from SUM +- name: Get the config XML from SUM (BIND_PATCH) ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: GET @@ -48,7 +49,7 @@ failed_when: _sap_swpm_sum_push_config.status != 200 # Get the CSRF token from SUM by calling config -- name: Get the CSRF token from SUM +- name: Get the CSRF token from SUM (BIND_PATCH) ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: GET @@ -65,7 +66,7 @@ failed_when: _sap_swpm_sum_push.status != 200 # Post the config XML back to SUM unchanged as we want to keep the default patch levels as per the XML file. This will move SUM to the next step. -- name: Move SUM to the next step +- name: Move SUM to the next step (SPAUINFO) ansible.builtin.uri: url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" method: POST @@ -86,7 +87,7 @@ # At this point SUM should be running. This will take anything between 6-12 hours to complete. # Patiently check every 10 minutes to see if SUM has completed all the steps and is now in the SPAUINFO step. # Check the SUM status via SUMOBSEVER.XML -- name: Checking the status of SUM +- name: Checking the status of SUM (SPAUINFO) ansible.builtin.uri: url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" method: GET @@ -96,78 +97,85 @@ user: "{{ sap_swpm_sid | lower }}adm" password: "{{ sap_swpm_sap_sidadm_password }}" register: _sap_swpm_sum_push - until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' in _sap_swpm_sum_push.content + until: _sap_swpm_sum_push.status == 200 and ('SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' in _sap_swpm_sum_push.content or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content) retries: 72 # 12 hours delay: 600 # 10 minutes - failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content + failed_when: _sap_swpm_sum_push.status != 200 or + ('SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content and + 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content) -# Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly -# Need to get config XML even through we are not going to use it. This is to get the diagtime cookie. -- name: Get the config XML from SUM - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: GET - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - # headers: - # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" - register: _sap_swpm_sum_push_config - until: _sap_swpm_sum_push_config.status == 200 - retries: 3 - delay: 60 - failed_when: _sap_swpm_sum_push_config.status != 200 +# If SUM is already in MAIN_POSTCLEAN|EXIT phase it has skipped SPAUINFO and has finished +# No need to do anything else +- name: Check if SUM has skipped SPAUINFO and has finished + block: + # Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly + # Need to get config XML even through we are not going to use it. This is to get the diagtime cookie. + - name: Get the config XML from SUM (SPAUINFO) + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + # headers: + # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" + register: _sap_swpm_sum_push_config + until: _sap_swpm_sum_push_config.status == 200 + retries: 3 + delay: 60 + failed_when: _sap_swpm_sum_push_config.status != 200 -# Get the CSRF token from SUM by calling config -- name: Get the CSRF token from SUM - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: GET - validate_certs: false - return_content: false - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - headers: - Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" - X-CSRF-Token: Fetch - # X-Requested-With: XMLHttpRequest - register: _sap_swpm_sum_push - failed_when: _sap_swpm_sum_push.status != 200 + # Get the CSRF token from SUM by calling config + - name: Get the CSRF token from SUM (SPAUINFO) + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: GET + validate_certs: false + return_content: false + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: Fetch + # X-Requested-With: XMLHttpRequest + register: _sap_swpm_sum_push + failed_when: _sap_swpm_sum_push.status != 200 -# Post confirmation to SUM that no SPAU is required. This will move SUM to the next step. -- name: Move SUM to the next step - ansible.builtin.uri: - url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" - method: POST - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - headers: - Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" - X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" - body_format: raw - body: 'DialogueValueslp.parameter.type.SCALAR10yes' - register: _sap_swpm_sum_push - failed_when: _sap_swpm_sum_push.status != 200 + # Post confirmation to SUM that no SPAU is required. This will move SUM to the next step. + - name: Move SUM to the next step (Past SPAUINFO) + ansible.builtin.uri: + url: "https://localhost:1129/slp/sumabap/{{ sap_swpm_sid | upper }}/config" + method: POST + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + headers: + Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" + body_format: raw + body: 'DialogueValueslp.parameter.type.SCALAR10yes' + register: _sap_swpm_sum_push + failed_when: _sap_swpm_sum_push.status != 200 -# Finally wait for SUM to finish the final steps. This shouldn't take more than 1 hour. -# Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until the status is 'MAIN_POSTCLEAN|EXIT' -- name: Checking the status of SUM and making sure it has finished - ansible.builtin.uri: - url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" - method: GET - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - register: _sap_swpm_sum_push - until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content - retries: 60 - delay: 60 - failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content + # Finally wait for SUM to finish the final steps. This shouldn't take more than 1 hour. + # Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until the status is 'MAIN_POSTCLEAN|EXIT' + - name: Checking the status of SUM and making sure it has finished (MAIN_POSTCLEAN|EXIT) + ansible.builtin.uri: + url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content + retries: 60 + delay: 60 + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content + when: "'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content" From a43cb7f333b4742bed66552850bb32198f002686 Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Fri, 3 Jan 2025 15:19:07 +0000 Subject: [PATCH 09/66] sap_swpm: Improved SUM handling and lint fixes --- roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index 4389e60b4..10114e877 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -107,6 +107,7 @@ # If SUM is already in MAIN_POSTCLEAN|EXIT phase it has skipped SPAUINFO and has finished # No need to do anything else - name: Check if SUM has skipped SPAUINFO and has finished + when: "'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content" block: # Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly # Need to get config XML even through we are not going to use it. This is to get the diagtime cookie. @@ -178,4 +179,3 @@ retries: 60 delay: 60 failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content - when: "'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content" From 08b39931e41bcdd65c2a0575a2c9de2cecaf13fe Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Fri, 3 Jan 2025 19:02:36 +0000 Subject: [PATCH 10/66] sap_ha_pacemaker_cluster: To prevent errors when __sap_ha_pacemaker_cluster_fence_agent_packages_platform not defined (this is case for on-prem/bare metal) --- roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml index 33dbe95d3..8b9abf95e 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml @@ -67,7 +67,7 @@ ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_fence_agent_packages: "{{ (__sap_ha_pacemaker_cluster_fence_agent_packages_minimal_combined - + __sap_ha_pacemaker_cluster_fence_agent_packages_platform + + __sap_ha_pacemaker_cluster_fence_agent_packages_platform | d([]) + sap_ha_pacemaker_cluster_fence_agent_packages) | unique }}" vars: From dff226e0bce4b284a8ce8a2fc9452d220d048294 Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Fri, 3 Jan 2025 19:07:07 +0000 Subject: [PATCH 11/66] sap_ha_pacemaker_cluster: Variable incorrectly defined as list. Fix to prevent errors when setting corosync totem errors on bare metal RHEL --- roles/sap_ha_pacemaker_cluster/vars/RedHat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_ha_pacemaker_cluster/vars/RedHat.yml b/roles/sap_ha_pacemaker_cluster/vars/RedHat.yml index e9dd9762d..c4bd138c8 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/RedHat.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/RedHat.yml @@ -57,7 +57,7 @@ __sap_ha_pacemaker_cluster_command: # Default corosync options - OS specific __sap_ha_pacemaker_cluster_corosync_totem_default: - options: [] + options: {} # Make sure that there is always the minimal default fed into the included role. # This is combined with the custom list 'sap_ha_pacemaker_cluster_fence_agent_packages'. From 984957c45c417c87ffee1020cf3d696372b220fa Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Wed, 8 Jan 2025 15:04:36 +0000 Subject: [PATCH 12/66] sap_ha_pacemaker_cluster: Fix variable definition for fence agent packages platform to prevent errors --- roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml | 2 +- roles/sap_ha_pacemaker_cluster/vars/main.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml index 8b9abf95e..33dbe95d3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml @@ -67,7 +67,7 @@ ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_fence_agent_packages: "{{ (__sap_ha_pacemaker_cluster_fence_agent_packages_minimal_combined - + __sap_ha_pacemaker_cluster_fence_agent_packages_platform | d([]) + + __sap_ha_pacemaker_cluster_fence_agent_packages_platform + sap_ha_pacemaker_cluster_fence_agent_packages) | unique }}" vars: diff --git a/roles/sap_ha_pacemaker_cluster/vars/main.yml b/roles/sap_ha_pacemaker_cluster/vars/main.yml index 3ea75301e..7bc19eef0 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/main.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/main.yml @@ -93,6 +93,7 @@ __sap_ha_pacemaker_cluster_pcmk_host_map: '' # Pre-define internal optional parameters to avoid defaults in the code: __sap_ha_pacemaker_cluster_sap_extra_packages: [] __sap_ha_pacemaker_cluster_platform_extra_packages: [] +__sap_ha_pacemaker_cluster_fence_agent_packages_platform: [] __sap_ha_pacemaker_cluster_cluster_properties: [] __sap_ha_pacemaker_cluster_resource_defaults: From 44151af69a0da267a5f8e3df895f02ba672f8c33 Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Mon, 13 Jan 2025 21:34:24 +0000 Subject: [PATCH 13/66] sap_swpm: Fixes and minor enhancements + alignment of check interval --- roles/sap_swpm/tasks/post_install.yml | 2 +- .../tasks/post_install/sum_push_to_finish.yml | 80 ++++++++++--------- 2 files changed, 44 insertions(+), 38 deletions(-) diff --git a/roles/sap_swpm/tasks/post_install.yml b/roles/sap_swpm/tasks/post_install.yml index 964d8e8b6..33fdc96f9 100644 --- a/roles/sap_swpm/tasks/post_install.yml +++ b/roles/sap_swpm/tasks/post_install.yml @@ -64,6 +64,6 @@ - name: SAP SWPM Post Install - Control SUM if required ansible.builtin.include_tasks: post_install/sum_push_to_finish.yml when: - - sap_swpm_sum_start == 'true' + - sap_swpm_sum_start - not sap_swpm_swpm_observer_mode - "'NW_ABAP_CI:' in sap_swpm_product_catalog_id or 'NW_ABAP_OneHost:' in sap_swpm_product_catalog_id" diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index 10114e877..20f963bd0 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -6,13 +6,21 @@ # Check if the SUMup process is running, give it 5 minutes to start - name: Check if SAPup_real process is running (wait for 5 minutes until it starts) - ansible.builtin.command: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real + ansible.builtin.shell: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real register: _sapup_process retries: 5 delay: 60 until: _sapup_process.rc == 0 and _sapup_process.stdout|int > 0 failed_when: _sapup_process.rc != 0 - changed_when: false + +- name: Print SUM monitoring and action URLs + ansible.builtin.debug: + msg: + - "Check the following URLs for SAP Software Update Manager (SUM) monitoring or actions:" + - "Note: If these URLs don't work, check the sapinst.log file for the correct URLs." + - "SUM Monitor - https://{{ ansible_fqdn }}:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/monitor/index.html" + - "SUM Admin - https://{{ ansible_fqdn }}:1129/lmsl/sumabap/{{ sap_swpm_sid | upper }}/slui/" + - "SUM Admin Utilities - https://{{ ansible_fqdn }}:1129/lmsl/sumabap/{{ sap_swpm_sid | upper }}/slui_ext/" # Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until we are in BIND_PATCH phase - name: Checking the status of SUM (BIND_PATCH) @@ -87,7 +95,7 @@ # At this point SUM should be running. This will take anything between 6-12 hours to complete. # Patiently check every 10 minutes to see if SUM has completed all the steps and is now in the SPAUINFO step. # Check the SUM status via SUMOBSEVER.XML -- name: Checking the status of SUM (SPAUINFO) +- name: Checking the status of SUM (SPAUINFO) every 5 minutes ansible.builtin.uri: url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" method: GET @@ -98,16 +106,14 @@ password: "{{ sap_swpm_sap_sidadm_password }}" register: _sap_swpm_sum_push until: _sap_swpm_sum_push.status == 200 and ('SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' in _sap_swpm_sum_push.content or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content) - retries: 72 # 12 hours - delay: 600 # 10 minutes - failed_when: _sap_swpm_sum_push.status != 200 or - ('SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content and - 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content) + retries: 144 # 12 hours + delay: 300 # 5 minutes + failed_when: _sap_swpm_sum_push.status != 200 or ('SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content) # If SUM is already in MAIN_POSTCLEAN|EXIT phase it has skipped SPAUINFO and has finished -# No need to do anything else -- name: Check if SUM has skipped SPAUINFO and has finished - when: "'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' not in _sap_swpm_sum_push.content" +# Process SPAUINFO if required +- name: Check if SUM is still in SPAUINFO or has finished + when: "'SUM4ABAP|POST-EXECUTE|MAIN_POSTPROC|SPAUINFO|FinishSPAU' in _sap_swpm_sum_push.content" block: # Get the config XML from SUM, repeat 3 times in case SUM is still busy and doesn't respond promptly # Need to get config XML even through we are not going to use it. This is to get the diagtime cookie. @@ -122,11 +128,11 @@ password: "{{ sap_swpm_sap_sidadm_password }}" # headers: # Cookie: "{{ _sap_swpm_sum_push.cookies_string }}" - register: _sap_swpm_sum_push_config - until: _sap_swpm_sum_push_config.status == 200 + register: _sap_swpm_sum_push_config2 + until: _sap_swpm_sum_push_config2.status == 200 retries: 3 delay: 60 - failed_when: _sap_swpm_sum_push_config.status != 200 + failed_when: _sap_swpm_sum_push_config2.status != 200 # Get the CSRF token from SUM by calling config - name: Get the CSRF token from SUM (SPAUINFO) @@ -139,11 +145,11 @@ user: "{{ sap_swpm_sid | lower }}adm" password: "{{ sap_swpm_sap_sidadm_password }}" headers: - Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" + Cookie: "{{ _sap_swpm_sum_push_config2.cookies_string }}" X-CSRF-Token: Fetch # X-Requested-With: XMLHttpRequest - register: _sap_swpm_sum_push - failed_when: _sap_swpm_sum_push.status != 200 + register: _sap_swpm_sum_push2 + failed_when: _sap_swpm_sum_push2.status != 200 # Post confirmation to SUM that no SPAU is required. This will move SUM to the next step. - name: Move SUM to the next step (Past SPAUINFO) @@ -156,26 +162,26 @@ user: "{{ sap_swpm_sid | lower }}adm" password: "{{ sap_swpm_sap_sidadm_password }}" headers: - Cookie: "{{ _sap_swpm_sum_push_config.cookies_string }}" - X-CSRF-Token: "{{ _sap_swpm_sum_push.x_csrf_token }}" + Cookie: "{{ _sap_swpm_sum_push_config2.cookies_string }}" + X-CSRF-Token: "{{ _sap_swpm_sum_push2.x_csrf_token }}" body_format: raw body: 'DialogueValueslp.parameter.type.SCALAR10yes' - register: _sap_swpm_sum_push - failed_when: _sap_swpm_sum_push.status != 200 + register: _sap_swpm_sum_push2 + failed_when: _sap_swpm_sum_push2.status != 200 - # Finally wait for SUM to finish the final steps. This shouldn't take more than 1 hour. - # Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until the status is 'MAIN_POSTCLEAN|EXIT' - - name: Checking the status of SUM and making sure it has finished (MAIN_POSTCLEAN|EXIT) - ansible.builtin.uri: - url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" - method: GET - validate_certs: false - return_content: true - status_code: 200 - user: "{{ sap_swpm_sid | lower }}adm" - password: "{{ sap_swpm_sap_sidadm_password }}" - register: _sap_swpm_sum_push - until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content - retries: 60 - delay: 60 - failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content +# Finally wait for SUM to finish the final steps. This shouldn't take more than 1 hour. +# Check the SUM status via SUMOBSEVER.XML, wait for 60 minutes until the status is 'MAIN_POSTCLEAN|EXIT' +- name: Checking the status of SUM and making sure it has finished (MAIN_POSTCLEAN|EXIT) + ansible.builtin.uri: + url: "https://localhost:1129/lmsl/sumobserver/{{ sap_swpm_sid | upper }}/analysis/SUMOBSERVER.XML" + method: GET + validate_certs: false + return_content: true + status_code: 200 + user: "{{ sap_swpm_sid | lower }}adm" + password: "{{ sap_swpm_sap_sidadm_password }}" + register: _sap_swpm_sum_push + until: _sap_swpm_sum_push.status == 200 and 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' in _sap_swpm_sum_push.content + retries: 60 + delay: 60 + failed_when: _sap_swpm_sum_push.status != 200 or 'SUM4ABAP|MAIN_POSTCLEAN|EXIT|UnitWizard' not in _sap_swpm_sum_push.content From 1520919b5b4aeac0b7bd5933739435739b8168b2 Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Tue, 14 Jan 2025 11:38:38 +0000 Subject: [PATCH 14/66] sap_swpm: Change shell to command module for process check and set changed_when to false to fix lint errors --- roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml index 20f963bd0..24e416a2c 100644 --- a/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml +++ b/roles/sap_swpm/tasks/post_install/sum_push_to_finish.yml @@ -6,12 +6,13 @@ # Check if the SUMup process is running, give it 5 minutes to start - name: Check if SAPup_real process is running (wait for 5 minutes until it starts) - ansible.builtin.shell: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real + ansible.builtin.command: pgrep -c -u "{{ sap_swpm_sid | lower }}adm" -f SAPup_real register: _sapup_process retries: 5 delay: 60 until: _sapup_process.rc == 0 and _sapup_process.stdout|int > 0 failed_when: _sapup_process.rc != 0 + changed_when: false - name: Print SUM monitoring and action URLs ansible.builtin.debug: From d91a75ecba32bdfcbb8a471ee3721d628fe31900 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 29 Jan 2025 19:03:04 +0100 Subject: [PATCH 15/66] sap_ha_pacemaker_cluster: fix package detection on RHEL The task return code was incorrect due to disabling `failed_when` entirely. The new conditions should fix that. --- .../tasks/RedHat/pre_steps_hana.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml index 52aeff021..d29a7ed21 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml @@ -16,7 +16,9 @@ cmd: dnf provides sap-hana-ha changed_when: false register: __sap_ha_pacemaker_cluster_saphanasr_angi_check - failed_when: false + failed_when: + - __sap_ha_pacemaker_cluster_saphanasr_angi_check.rc != 0 + - __sap_ha_pacemaker_cluster_saphanasr_angi_check.rc != 1 # The provision role should not fix packages if run against systems that # were previously installed with the conflicting packages. System state is @@ -42,6 +44,9 @@ Alternatively: Disable the package detection (sap_ha_pacemaker_cluster_saphanasr_angi_detection = false) to continue the setup using the installed resource agents. + when: + - __sap_ha_pacemaker_cluster_saphanasr_angi_check is defined + - __sap_ha_pacemaker_cluster_saphanasr_angi_check.rc == 0 - name: "SAP HA Prepare Pacemaker - Set fact angi_available" ansible.builtin.set_fact: From e3cfab7174d392644b713aec73cb369392af1e28 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 29 Jan 2025 19:16:19 +0100 Subject: [PATCH 16/66] sap_general_preconfigure: fix var role prefix ansible-lint complained about this: ``` var-naming[no-role-prefix]: Variables names from within roles should use sap_general_preconfigure_ as a prefix. (vars: __sap_hana_preconfigure_use_saptune) roles/sap_general_preconfigure/vars/SLES_SAP_16.yml:32 ``` --- roles/sap_general_preconfigure/vars/SLES_SAP_16.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_general_preconfigure/vars/SLES_SAP_16.yml b/roles/sap_general_preconfigure/vars/SLES_SAP_16.yml index 9b97b66c7..c36a953f7 100644 --- a/roles/sap_general_preconfigure/vars/SLES_SAP_16.yml +++ b/roles/sap_general_preconfigure/vars/SLES_SAP_16.yml @@ -29,4 +29,4 @@ __sap_general_preconfigure_envgroups: __sap_general_preconfigure_kernel_parameters_default: [] # SLES_SAP is using saptune, but SLES is using sapconf. -__sap_hana_preconfigure_use_saptune: true +__sap_general_preconfigure_use_saptune: true From 174301830ebaceec2fc4c6fbcf852ef7801e2e88 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 31 Jan 2025 10:36:06 +0100 Subject: [PATCH 17/66] sap_general_preconfigure: Fix check mode for sysctl Fixes issue #949. Signed-off-by: Bernd Finger --- .../tasks/RedHat/generic/configure-kernel-parameters.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml index 449899606..f0c9f7049 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml @@ -19,6 +19,7 @@ - name: Construct the command for getting all current parameters of file '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" register: __sap_general_preconfigure_register_sap_conf_sysctl_command + check_mode: false changed_when: false # Reason for noqa: The command module tries to run the complete string as a single command From 8d41de3cbc377ef5457c42cd2ab355aba0ff5e35 Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Fri, 31 Jan 2025 16:52:18 +0000 Subject: [PATCH 18/66] sap_swpm: Updated README.md to include info regarding SUM execution handling for up-to-date installations --- roles/sap_swpm/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index aafa3f751..f5148f53c 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -110,6 +110,8 @@ It is also possible to use method 1 for creating the inifile and then replace or - Set expiry of Linux created users to 'never' - (Optional) Apply firewall rules for SAP Netweaver if `sap_swpm_setup_firewall` is set to `true` (Default: `false`). + +- (Optional) Handle the execution of SUM if SWPM started it (See Up-To-Date Installation below). ### Example @@ -181,6 +183,16 @@ With the following tags, the role can be called to perform certain activities on - tag `sap_swpm_update_etchosts`: Only update file `/etc/hosts` (but only if variable `sap_swpm_update_etchosts` is set to `true`). +## Additional information + +### Up-To-Date Installation (UDI) +The Software Update Manager can run on any host with an Application Server instance (e.g. NWAS ABAP PAS/AAS, NWAS JAVA CI/AAS) with correct permissions to access /usr/sap/ and /sapmnt/ directories. + +When using the Software Provisioning Manager (SWPM) with a Maintenance Planner Stack XML file to perform an "up-to-date installation" (UDI) - it will start the Software Update Manager (SUM) automatically at the end of the installation process. This UDI feature applies only to SAP ABAP Platform / SAP NetWeaver, and must be performed from the Primary Application Server instance (i.e. NWAS ABAP PAS, or a OneHost installation). + +Furthermore, during SWPM variable selection the enabling of Transport Management System (TMS) is required, see SAP Note 2522253 - SWPM can not call SUM automatically when doing the up-to-date installation. + + ## License Apache 2.0 From 917e899e8f8609cc9b4e88de8549957402343830 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Mon, 3 Feb 2025 13:22:12 +0100 Subject: [PATCH 19/66] feat: saptune latest --- .../tasks/SLES/generic/saptune_install.yml | 5 +++-- .../tasks/SLES/generic/saptune_install.yml | 3 ++- .../tasks/SLES/generic/saptune_install.yml | 3 ++- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/roles/sap_general_preconfigure/tasks/SLES/generic/saptune_install.yml b/roles/sap_general_preconfigure/tasks/SLES/generic/saptune_install.yml index ac87da3fa..d7e88ae35 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/generic/saptune_install.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/generic/saptune_install.yml @@ -20,10 +20,11 @@ - name: Block to ensure saptune is installed when: __sap_general_preconfigure_use_saptune | d(true) block: - - name: Ensure latest saptune is installed + # Reason for noqa: Zypper supports "state: latest" + - name: Ensure latest saptune is installed # noqa package-latest ansible.builtin.package: name: saptune - state: present + state: latest when: - sap_general_preconfigure_saptune_version is undefined or sap_general_preconfigure_saptune_version | length == 0 diff --git a/roles/sap_hana_preconfigure/tasks/SLES/generic/saptune_install.yml b/roles/sap_hana_preconfigure/tasks/SLES/generic/saptune_install.yml index 09495de02..de0fcbcaa 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/generic/saptune_install.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/generic/saptune_install.yml @@ -20,7 +20,8 @@ - name: Block to ensure saptune is installed when: __sap_hana_preconfigure_use_saptune | d(true) block: - - name: Ensure latest saptune is installed + # Reason for noqa: Zypper supports "state: latest" + - name: Ensure latest saptune is installed # noqa package-latest ansible.builtin.package: name: saptune state: present diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/generic/saptune_install.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/generic/saptune_install.yml index 7ba569cc2..1b2bb0ce8 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/generic/saptune_install.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/generic/saptune_install.yml @@ -20,7 +20,8 @@ - name: Block to ensure saptune is installed when: __sap_netweaver_preconfigure_use_saptune | d(true) block: - - name: Ensure latest saptune is installed + # Reason for noqa: Zypper supports "state: latest" + - name: Ensure latest saptune is installed # noqa package-latest ansible.builtin.package: name: saptune state: present From bcd40fbc672222f95781922f5d77c482e116d401 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 3 Feb 2025 15:18:12 +0100 Subject: [PATCH 20/66] sap_hana_preconfigure: fix check mode in two tasks Fixes issue #941. Signed-off-by: Bernd Finger --- .../tasks/RedHat/generic/configure-thp.yml | 4 +++- roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml index 79542cea8..6f6d24d1d 100644 --- a/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml +++ b/roles/sap_hana_preconfigure/tasks/RedHat/generic/configure-thp.yml @@ -48,7 +48,9 @@ - name: Set THP to '{{ __sap_hana_preconfigure_fact_thp }}' on the running system ansible.builtin.shell: echo '{{ __sap_hana_preconfigure_fact_thp }}' > /sys/kernel/mm/transparent_hugepage/enabled changed_when: true - when: __sap_hana_preconfigure_register_thp_status_before.stdout.split('[')[1].split(']')[0] != __sap_hana_preconfigure_fact_thp + when: + - not ansible_check_mode + - __sap_hana_preconfigure_register_thp_status_before.stdout.split('[')[1].split(']')[0] != __sap_hana_preconfigure_fact_thp - name: Configure - Get the status of THP ansible.builtin.command: cat /sys/kernel/mm/transparent_hugepage/enabled diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml index 32ee24ad1..a502c570f 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml @@ -73,6 +73,7 @@ - name: Construct the command for getting all current parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" register: __sap_hana_preconfigure_register_saphana_conf_sysctl_command + check_mode: false changed_when: false - name: Get all currently active values of the parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' From f5f4d0cb0f2555adc3cfaa7d4b4127bdb607b8ae Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Tue, 4 Feb 2025 18:31:57 +0100 Subject: [PATCH 21/66] sap_ha_pacemaker_cluster: stonith default block - Moved default stonith setup into block to share conditionals. - New: Default location constraints when fence resources are defined per host - prevent per-host-fence resources from running on the targeted node. --- .../tasks/construct_vars_stonith.yml | 54 +++++++++++++++---- 1 file changed, 43 insertions(+), 11 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml index ba47aae02..8c9cf12db 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml @@ -92,22 +92,52 @@ # Prepare default stonith method based on __sap_ha_pacemaker_cluster_stonith_default loaded # from platform __sap_ha_pacemaker_cluster_stonith_default_dict dictionary. -- name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resource definition from platform default" +- name: "SAP HA Prepare Pacemaker - (STONITH) Default configuration" when: - __sap_ha_pacemaker_cluster_stonith_default is defined - __sap_ha_pacemaker_cluster_stonith_default | length > 0 - sap_ha_pacemaker_cluster_stonith_custom is not defined or sap_ha_pacemaker_cluster_stonith_custom | length == 0 - - (hostvars[stonith_host_item].__sap_ha_pacemaker_cluster_stonith_default).id - not in (__sap_ha_pacemaker_cluster_stonith_resource | d([])| map(attribute='id')) - ansible.builtin.set_fact: - __sap_ha_pacemaker_cluster_stonith_resource: - "{{ __sap_ha_pacemaker_cluster_stonith_resource | d([]) - + [hostvars[stonith_host_item].__sap_ha_pacemaker_cluster_stonith_default] }}" - loop: "{{ ansible_play_hosts_all }}" - loop_control: - loop_var: stonith_host_item - label: "{{ stonith_host_item }}" + block: + + - name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resource definition from platform default" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_stonith_resource: + "{{ __sap_ha_pacemaker_cluster_stonith_resource | d([]) + + [hostvars[stonith_host_item].__sap_ha_pacemaker_cluster_stonith_default] }}" + loop: "{{ ansible_play_hosts_all }}" + loop_control: + loop_var: stonith_host_item + label: "{{ stonith_host_item }}" + + # The location constraints are needed, when the fence resource is configured + # per host and must not run on the host it targets. + - name: "SAP HA Prepare Pacemaker - (STONITH) Add location constraints" + ansible.builtin.set_fact: + __sap_ha_pacemaker_cluster_constraints_location: "{{ __sap_ha_pacemaker_cluster_constraints_location + [__constraint_location_stonith] }}" + vars: + # get host name from port definition + __port_name: "{{ (stonith_item.instance_attrs[0].attrs | selectattr('name', 'equalto', 'port'))[0].value }}" + __constraint_location_stonith: + resource: + id: "{{ stonith_item.id }}" + node: "{{ __port_name }}" + options: + - name: score + value: "-INFINITY" + loop: "{{ __sap_ha_pacemaker_cluster_stonith_resource }}" + loop_control: + loop_var: stonith_item + label: "{{ stonith_item.id }}" + when: + # Only apply when a port attribute is defined and contains a name of ansible play hosts. + # This is true e.g. for fence_gce. + - __port_name is defined + - __port_name | length > 0 + - __port_name in ansible_play_hosts_all + +### End of default stonith configuration block + # Requirements to run SBD block: # sap_ha_pacemaker_cluster_sbd_enabled is true @@ -203,6 +233,8 @@ ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_sbd_enabled: true +### End of SBD configuration block. + # sap_ha_pacemaker_cluster_stonith_custom input was redesigned to use ha_cluster structure. # Following task will remain until next release to ensure compatibility with previous structure. From 092f668b98e45bbc75c0f59a53b2f0fb40c7ea1e Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Wed, 5 Feb 2025 09:37:28 +0100 Subject: [PATCH 22/66] sap_hana_preconfigure: Fix check mode for largesend.conf - ppc64le Fixes issue #955. Signed-off-by: Bernd Finger --- roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml index b3ba7a819..04d9b7265 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml @@ -69,16 +69,19 @@ # Note: The sole purpose of the following two tasks is to collect the current value(s) of the kernel parameters # in '/etc/sysctl.d/ibm_largesend.conf' so that the "Reload kernel parameters from file ..." task # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . + - name: Construct the command for getting all current parameters of file '/etc/sysctl.d/ibm_largesend.conf' ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' /etc/sysctl.d/ibm_largesend.conf register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_command changed_when: false + when: not ansible_check_mode # Reason for noqa: The command module tries to run the complete string as a single command - name: Get all currently active values of the parameters of file '/etc/sysctl.d/ibm_largesend.conf' # noqa command-instead-of-shell ansible.builtin.shell: "{{ __sap_hana_preconfigure_register_ibm_largesend_sysctl_command.stdout }}" register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_p_output_old changed_when: false + when: not ansible_check_mode - name: Reload kernel parameters from file '/etc/sysctl.d/ibm_largesend.conf' ansible.builtin.command: sysctl -p /etc/sysctl.d/ibm_largesend.conf From 40c5cf0679fe3a44e10b955f1ce680210b5ad0f3 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Wed, 5 Feb 2025 10:36:33 +0100 Subject: [PATCH 23/66] sap_hana_preconfigure: Update the package name of the RHEL 10 Power tools Relates to #957. Signed-off-by: Bernd Finger --- roles/sap_hana_preconfigure/vars/RedHat_10.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_hana_preconfigure/vars/RedHat_10.yml b/roles/sap_hana_preconfigure/vars/RedHat_10.yml index 555896e8d..98775f209 100644 --- a/roles/sap_hana_preconfigure/vars/RedHat_10.yml +++ b/roles/sap_hana_preconfigure/vars/RedHat_10.yml @@ -99,7 +99,7 @@ __sap_hana_preconfigure_packages_min_install: __sap_hana_preconfigure_ibm_power_repo_url: 'https://public.dhe.ibm.com/software/server/POWER/Linux/yum/download/ibm-power-repo-latest.noarch.rpm' __sap_hana_preconfigure_required_ppc64le: - - ibm-power-managed-rhel9 + - ibm-power-managed-rhel10 # Network related kernel parameters as set in SAP Note 2382421: __sap_hana_preconfigure_kernel_parameters_default: From 96840e4f0b7bb11563104da9999c3d428a8f2e66 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 5 Feb 2025 11:08:15 +0100 Subject: [PATCH 24/66] sap_ha_pacemaker_cluster: fix ASCS constraint Start order when ASCS and ERS are down does not matter. After an ASCS failover, however, ERS should stay until ASCS has been started. ASCS needs to read enqueue data from ERS at start. --- .../tasks/construct_vars_nwas_abap_ascs_ers.yml | 11 ++++++----- ...construct_vars_nwas_abap_ascs_ers_simple_mount.yml | 11 ++++++----- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml index 8a77aa38b..aa5d135e6 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers.yml @@ -304,8 +304,10 @@ when: - __constraint_colo_ers.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) -# Optional: ASCS should be started before ERS -- name: "SAP HA Prepare Pacemaker - Add order constraint: first start ASCS group, then ERS group" +# Order: ERS should be stopped after ASCS started. +# After a failover, ASCS must start and read replication data from ERS, before ERS should be stopped +# to fail over to the other node following the colocation constraint. +- name: "SAP HA Prepare Pacemaker - Add order constraint: first start ASCS group, then stop ERS group" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_ascs_ers] }}" vars: @@ -313,16 +315,15 @@ id: "{{ __sap_ha_pacemaker_cluster_nwas_order_ascs_first_name }}" resource_first: id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" - role: started + action: start resource_then: id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" + action: stop options: - name: symmetrical value: "false" - name: kind value: Optional -# when: -# - __constraint_order_ascs_ers.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) # ENSA1 only: location rule for ASCS to follow ERS - name: "SAP HA Prepare Pacemaker - Add location constraint: ASCS follows ERS in ENSA1 setup" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml index 22b0878e2..37ac30fff 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml @@ -189,8 +189,10 @@ when: - __constraint_colo_ers.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) -# Optional: ASCS should be started before ERS -- name: "SAP HA Prepare Pacemaker - Add order constraint: first start ASCS group, then ERS group" +# Order: ERS should be stopped after ASCS started. +# After a failover, ASCS must start and read replication data from ERS, before ERS should be stopped +# to fail over to the other node following the colocation constraint. +- name: "SAP HA Prepare Pacemaker - Add order constraint: first start ASCS group, then stop ERS group" ansible.builtin.set_fact: __sap_ha_pacemaker_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order + [__constraint_order_ascs_ers] }}" vars: @@ -198,13 +200,12 @@ id: "{{ __sap_ha_pacemaker_cluster_nwas_order_ascs_first_name }}" resource_first: id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ascs_resource_group_name }}" - role: started + action: start resource_then: id: "{{ __sap_ha_pacemaker_cluster_vip_nwas_ers_resource_group_name }}" + action: stop options: - name: symmetrical value: "false" - name: kind value: Optional - when: - - __constraint_order_ascs_ers.resource_then not in (__sap_ha_pacemaker_cluster_constraints_order | map(attribute='resource_then')) From 40a04f543eaa1872beff3c9b76cbadb2da651f0b Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Thu, 6 Feb 2025 10:56:55 +0100 Subject: [PATCH 25/66] sap_ha_pacemaker_cluster: fix ASCS/ERS systemd 1. When using the systemd start framework for SAP instances, the instance services must be registered on all nodes they are going to run on. This creates the systemd units consistently. 2. When using the SAPStartSrv resource, the related systemd units 'sapping' and 'sappong' must be enabled. + For convenience: tags added to enable role execution just for the NWAS post-installation tasks. --- .../tasks/ascertain_sap_landscape.yml | 3 + ...figure_nwas_abap_ascs_ers_post_install.yml | 60 ++++++++++++++++--- roles/sap_ha_pacemaker_cluster/tasks/main.yml | 3 + 3 files changed, 58 insertions(+), 8 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml b/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml index 26cdb2be4..a7a303b4f 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml @@ -39,7 +39,10 @@ - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 - name: "SAP HA Prepare Pacemaker - Include NETWEAVER specific variables" + tags: nwas_postinst ansible.builtin.include_tasks: file: include_vars_nwas.yml + apply: + tags: nwas_postinst when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas') | length > 0 diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index e4c9158ed..4c9f53e54 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -29,6 +29,7 @@ # Comment out lines in /usr/sap/sapservices, which # - contain the target instance profile names # - are not commented out yet +# TODO: This is not matching systemd services. To be clarified if needed. - name: "SAP HA Pacemaker - Update /usr/sap/sapservices" ansible.builtin.replace: path: /usr/sap/sapservices @@ -40,6 +41,8 @@ - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" loop_control: loop_var: sapserv_item + when: + - ansible_os_family == 'RedHat' - name: "SAP HA Pacemaker - (systemd) Check for ASCS/ERS services" ansible.builtin.stat: @@ -54,27 +57,55 @@ - name: "SAP HA Pacemaker - (systemd) Save found ASCS/ERS services" ansible.builtin.set_fact: - sap_ha_pacemaker_cluster_instance_services_fact: "{{ + sap_ha_pacemaker_cluster_instance_service_node_fact: "{{ __sap_ha_pacemaker_cluster_register_instance_service.results | selectattr('stat.exists') | map(attribute='stat.path') | regex_replace('/etc/systemd/system/', '') }}" +- name: "SAP HA Pacemaker - (systemd) Combine instance services from all nodes" + ansible.builtin.set_fact: + sap_ha_pacemaker_cluster_instance_service_all_fact: "{{ + (sap_ha_pacemaker_cluster_instance_service_all_fact | d([]) + + hostvars[task_host_item].sap_ha_pacemaker_cluster_instance_service_node_fact) + | unique + }}" + loop: "{{ ansible_play_hosts }}" + loop_control: + loop_var: task_host_item + + # BLOCK: -# When the systemd based SAP startup framework is used, make sure that the +# 1. When the systemd based SAP startup framework is used, make sure that the # instance services do not auto-start. -- name: "SAP HA Pacemaker - Block to disable systemd auto-start of instances" +# 2. Make sure that the SAP instance service units are registered and present on all hosts. +- name: "SAP HA Pacemaker - Block to handle SAP service systemd configuration" when: - - sap_ha_pacemaker_cluster_instance_services_fact is defined - - sap_ha_pacemaker_cluster_instance_services_fact | length > 0 + # At least one systemd service should be found per node, to consider the setup + # "systemd enabled" and proceed with the related configuration. + - sap_ha_pacemaker_cluster_instance_service_node_fact is defined + - sap_ha_pacemaker_cluster_instance_service_node_fact | length > 0 block: + # After the installation, the systemd units are only configured on the node + # they were first installed on. + # The registration ensures that + # - systemd units for both instances are configured + # - the 'sapstartsrv' file contains both start commands + - name: "SAP HA Pacemaker - (systemd) Register ASCS/ERS instances on all nodes" + ansible.builtin.shell: | + export LD_LIBRARY_PATH=/usr/sap/hostctrl/exe:$LD_LIBRARY_PATH + /usr/sap/hostctrl/exe/sapstartsrv pf={{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }} -reg + /usr/sap/hostctrl/exe/sapstartsrv pf={{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }} -reg + register: __sap_ha_pacemaker_cluster_register_instance_reg + changed_when: true + - name: "SAP HA Pacemaker - (systemd) Disable ASCS/ERS instance service" ansible.builtin.service: name: "{{ instance_srv_item }}" enabled: false - loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: instance_srv_item @@ -88,7 +119,7 @@ owner: root group: root mode: '0644' - loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: dropfile_item @@ -101,12 +132,25 @@ owner: root group: root mode: '0644' - loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: dropfile_item ### END of BLOCK for systemd setup. +# SAPStartSrv resource agent / Simple Mount +- name: "SAP HA Pacemaker - Make sure SAPStartSrv systemd units are enabled" + ansible.builtin.service: + name: "{{ sapstartsrv_srv_item }}" + enabled: true + loop: + - sapping + - sappong + loop_control: + loop_var: sapstartsrv_srv_item + when: + - __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + # Block for configuring the SAP HA Interface (sap_cluster_connector). # diff --git a/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/roles/sap_ha_pacemaker_cluster/tasks/main.yml index bdc3b3b14..bc58a7aea 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/main.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/main.yml @@ -21,13 +21,16 @@ # supports. - name: "SAP HA Prepare Pacemaker - Include tasks from 'ha_cluster' role definitions" ansible.builtin.import_tasks: import_hacluster_vars_from_inventory.yml + tags: always - name: "SAP HA Prepare Pacemaker - Include facts and common variables" ansible.builtin.import_tasks: include_vars_common.yml + tags: always # Determine which SAP landscape we are going to configure in the cluster. - name: "SAP HA Prepare Pacemaker - Include tasks for SAP landscape calculation" ansible.builtin.import_tasks: ascertain_sap_landscape.yml + tags: always # Validate input variables after processing in include_vars_ tasks. - name: "SAP HA Prepare Pacemaker - Include parameter validation tasks" From 04d7c2b69c7c538f6584530c5982101020f5c61b Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Tue, 11 Feb 2025 13:55:36 +0100 Subject: [PATCH 26/66] sap_ha_pacemaker_cluster: fix SCS/ERS systemd - Applies the same changes as for ASCS/ERS. - Moved task for sapservices file comments to after systemd unit registration to catch new entries too. --- ...figure_nwas_abap_ascs_ers_post_install.yml | 35 ++++---- ...nfigure_nwas_java_scs_ers_post_install.yml | 89 ++++++++++++++----- 2 files changed, 83 insertions(+), 41 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index 4c9f53e54..972c3c238 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -26,24 +26,6 @@ retries: 30 delay: 10 -# Comment out lines in /usr/sap/sapservices, which -# - contain the target instance profile names -# - are not commented out yet -# TODO: This is not matching systemd services. To be clarified if needed. -- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" - ansible.builtin.replace: - path: /usr/sap/sapservices - backup: true - regexp: '^([^#\n].+{{ sapserv_item }}.+)$' - replace: '# \1' - loop: - - "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name }}" - - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" - loop_control: - loop_var: sapserv_item - when: - - ansible_os_family == 'RedHat' - - name: "SAP HA Pacemaker - (systemd) Check for ASCS/ERS services" ansible.builtin.stat: path: "/etc/systemd/system/SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" @@ -138,6 +120,23 @@ ### END of BLOCK for systemd setup. +# Comment out lines in /usr/sap/sapservices, which +# - contain the target instance profile names +# - are not commented out yet +- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" + ansible.builtin.replace: + path: /usr/sap/sapservices + backup: true + regexp: '^(?!#)(.*{{ sapserv_item }}.*)$' + replace: '# \1' + loop: + - "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + loop_control: + loop_var: sapserv_item + when: + - ansible_os_family == 'RedHat' + # SAPStartSrv resource agent / Simple Mount - name: "SAP HA Pacemaker - Make sure SAPStartSrv systemd units are enabled" ansible.builtin.service: diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml index ea36f162d..8f04df3f0 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml @@ -26,21 +26,6 @@ retries: 30 delay: 10 -# Comment out lines in /usr/sap/sapservices, which -# - contain the target instance profile names -# - are not commented out yet -- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" - ansible.builtin.replace: - path: /usr/sap/sapservices - backup: true - regexp: '^([^#\n].+{{ sapserv_item }}.+)$' - replace: '# \1' - loop: - - "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name }}" - - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" - loop_control: - loop_var: sapserv_item - - name: "SAP HA Pacemaker - (systemd) Check for SCS/ERS services" ansible.builtin.stat: path: "/etc/systemd/system/SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" @@ -54,27 +39,55 @@ - name: "SAP HA Pacemaker - (systemd) Save found SCS/ERS services" ansible.builtin.set_fact: - sap_ha_pacemaker_cluster_instance_services_fact: "{{ + sap_ha_pacemaker_cluster_instance_service_node_fact: "{{ __sap_ha_pacemaker_cluster_register_instance_service.results | selectattr('stat.exists') | map(attribute='stat.path') | regex_replace('/etc/systemd/system/', '') }}" +- name: "SAP HA Pacemaker - (systemd) Combine instance services from all nodes" + ansible.builtin.set_fact: + sap_ha_pacemaker_cluster_instance_service_all_fact: "{{ + (sap_ha_pacemaker_cluster_instance_service_all_fact | d([]) + + hostvars[task_host_item].sap_ha_pacemaker_cluster_instance_service_node_fact) + | unique + }}" + loop: "{{ ansible_play_hosts }}" + loop_control: + loop_var: task_host_item + + # BLOCK: -# When the systemd based SAP startup framework is used, make sure that the +# 1. When the systemd based SAP startup framework is used, make sure that the # instance services do not auto-start. -- name: "SAP HA Pacemaker - Block to disable systemd auto-start of instances" +# 2. Make sure that the SAP instance service units are registered and present on all hosts. +- name: "SAP HA Pacemaker - Block to handle SAP service systemd configuration" when: - - sap_ha_pacemaker_cluster_instance_services_fact is defined - - sap_ha_pacemaker_cluster_instance_services_fact | length > 0 + # At least one systemd service should be found per node, to consider the setup + # "systemd enabled" and proceed with the related configuration. + - sap_ha_pacemaker_cluster_instance_service_node_fact is defined + - sap_ha_pacemaker_cluster_instance_service_node_fact | length > 0 block: + # After the installation, the systemd units are only configured on the node + # they were first installed on. + # The registration ensures that + # - systemd units for both instances are configured + # - the 'sapstartsrv' file contains both start commands + - name: "SAP HA Pacemaker - (systemd) Register SCS/ERS instances on all nodes" + ansible.builtin.shell: | + export LD_LIBRARY_PATH=/usr/sap/hostctrl/exe:$LD_LIBRARY_PATH + /usr/sap/hostctrl/exe/sapstartsrv pf={{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string }} -reg + /usr/sap/hostctrl/exe/sapstartsrv pf={{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }} -reg + register: __sap_ha_pacemaker_cluster_register_instance_reg + changed_when: true + - name: "SAP HA Pacemaker - (systemd) Disable SCS/ERS instance service" ansible.builtin.service: name: "{{ instance_srv_item }}" enabled: false - loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: instance_srv_item @@ -88,7 +101,7 @@ owner: root group: root mode: '0644' - loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: dropfile_item @@ -101,12 +114,42 @@ owner: root group: root mode: '0644' - loop: "{{ sap_ha_pacemaker_cluster_instance_services_fact }}" + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: dropfile_item ### END of BLOCK for systemd setup. +# Comment out lines in /usr/sap/sapservices, which +# - contain the target instance profile names +# - are not commented out yet +- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" + ansible.builtin.replace: + path: /usr/sap/sapservices + backup: true + regexp: '^(?!#)(.*{{ sapserv_item }}.*)$' + replace: '# \1' + loop: + - "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + loop_control: + loop_var: sapserv_item + when: + - ansible_os_family == 'RedHat' + +# SAPStartSrv resource agent / Simple Mount +- name: "SAP HA Pacemaker - Make sure SAPStartSrv systemd units are enabled" + ansible.builtin.service: + name: "{{ sapstartsrv_srv_item }}" + enabled: true + loop: + - sapping + - sappong + loop_control: + loop_var: sapstartsrv_srv_item + when: + - __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + # Block for configuring the SAP HA Interface (sap_cluster_connector). # From 44281caafb1a435b3f84c1be05bb4f8435cfdfd0 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 12 Feb 2025 12:04:05 +0100 Subject: [PATCH 27/66] sap_ha_pacemaker_cluster: fix for check mode - fixed a conditional that failed in check-mode - added tag to allow running in check-mode without executing ha_cluster --- .../tasks/RedHat/pre_steps_nwas_ascs_ers.yml | 1 + roles/sap_ha_pacemaker_cluster/tasks/main.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_nwas_ascs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_nwas_ascs_ers.yml index cd8cab36d..00fc8df40 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_nwas_ascs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_nwas_ascs_ers.yml @@ -20,4 +20,5 @@ when: - sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount | bool - __sap_ha_pacemaker_cluster_sapstartsrv_check.stdout is defined + - __sap_ha_pacemaker_cluster_sapstartsrv_check.stdout | length > 0 - "(__sap_ha_pacemaker_cluster_sapstartsrv_check.stdout) is version(__sap_ha_pacemaker_cluster_nwas_simple_mount_version, '<')" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/roles/sap_ha_pacemaker_cluster/tasks/main.yml index bc58a7aea..206bc3835 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/main.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/main.yml @@ -214,6 +214,7 @@ ansible.builtin.import_role: name: "{{ sap_ha_pacemaker_cluster_system_roles_collection }}.ha_cluster" no_log: "{{ __sap_ha_pacemaker_cluster_no_log }}" # some parameters contain secrets + tags: run_ha_cluster # Corosync post-inst From 378feb6d8875d6ffd034e358925be2c8dd160fb1 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 12 Feb 2025 17:10:16 +0100 Subject: [PATCH 28/66] sap_ha_pacemaker_cluster: fix stonith resource dup During the previous change of the stonith code a conditional was removed that did not apply to the GCP default, but is required for other platform default stonith resources that use host maps. --- .../sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml index 8c9cf12db..fae1d4cef 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml @@ -109,6 +109,9 @@ loop_control: loop_var: stonith_host_item label: "{{ stonith_host_item }}" + when: + - (hostvars[stonith_host_item].__sap_ha_pacemaker_cluster_stonith_default).id + not in (__sap_ha_pacemaker_cluster_stonith_resource | d([])| map(attribute='id')) # The location constraints are needed, when the fence resource is configured # per host and must not run on the host it targets. From c6935e43b29a601bd38342423043d2f3b4dea3e0 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 12 Feb 2025 17:11:10 +0100 Subject: [PATCH 29/66] sap_ha_pacemaker_cluster: fix vip colo score This fixes the HANA VIP colocation constraint conditional to always apply the base score and recalculate only when HANA-VIP resource groups are present in the definition. Assigning new values inside blocks/loops does not work (anymore) and and a namespace object has to be used instead. Reference: https://jinja.palletsprojects.com/en/latest/templates/#assignments --- .../tasks/construct_vars_vip_constraints_hana.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml index a7fabc31b..0e296d65b 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml @@ -128,17 +128,17 @@ {%- endif -%} ## When in a group, increase the default base score by adding 1000 per resource in the group. - __colo_score: >- + __colo_score: |- + {% set score = namespace(value=sap_ha_pacemaker_cluster_constraint_colo_base_score) %} {% if __sap_ha_pacemaker_cluster_resource_groups | length > 0 -%} {% for group in __sap_ha_pacemaker_cluster_resource_groups -%} {% if group.id == (sap_ha_pacemaker_cluster_vip_group_prefix + __sap_ha_pacemaker_cluster_vip_hana_primary_resource_name) -%} - {{ (group.resource_ids | length * 1000) + sap_ha_pacemaker_cluster_constraint_colo_base_score }} + {% set score.value = (group.resource_ids | length * 1000) + sap_ha_pacemaker_cluster_constraint_colo_base_score %} {%- endif %} {%- endfor %} - {%- else -%} - {{ sap_ha_pacemaker_cluster_constraint_colo_base_score }} {%- endif %} + {{ score.value }} when: - __constraint_colo_vip.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) From 44b02ff70aee907aacfce4b44593535db4c7ca3b Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Thu, 13 Feb 2025 10:37:08 +0100 Subject: [PATCH 30/66] sap_ha_pacemaker_cluster: fix ro vip colo score Same as in commit c6935e43, but for the task about the read-only VIP. --- .../tasks/construct_vars_vip_constraints_hana.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml index 0e296d65b..1220d750b 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_vip_constraints_hana.yml @@ -188,17 +188,17 @@ {%- endif -%} ## When in a group, increase the default base score by adding 1000 per resource in the group. - __colo_score: >- + __colo_score: |- + {% set score = namespace(value=sap_ha_pacemaker_cluster_constraint_colo_base_score) %} {% if __sap_ha_pacemaker_cluster_resource_groups | length > 0 -%} {% for group in __sap_ha_pacemaker_cluster_resource_groups -%} {% if group.id == (sap_ha_pacemaker_cluster_vip_group_prefix + __sap_ha_pacemaker_cluster_vip_hana_secondary_resource_name) -%} - {{ (group.resource_ids | length * 1000) + sap_ha_pacemaker_cluster_constraint_colo_base_score }} + {% set score.value = (group.resource_ids | length * 1000) + sap_ha_pacemaker_cluster_constraint_colo_base_score %} {%- endif %} {%- endfor %} - {%- else -%} - {{ sap_ha_pacemaker_cluster_constraint_colo_base_score }} {%- endif %} + {{ score.value }} when: - __constraint_colo_vip.resource_follower not in (__sap_ha_pacemaker_cluster_constraints_colocation | map(attribute='resource_follower')) From e247d556e7afd227e363345375e356fd53962564 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Thu, 13 Feb 2025 11:46:12 +0100 Subject: [PATCH 31/66] sap_ha_pacemaker_cluster: (enh) optimize host type - fixes the hook dict definition for mixed setups - adds a check to prevent invalid host type combinations --- .../tasks/ascertain_sap_landscape.yml | 14 ++++++++++++++ .../vars/hana_scaleup_perf.yml | 3 ++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml b/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml index a7a303b4f..c5aa9e643 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/ascertain_sap_landscape.yml @@ -32,6 +32,20 @@ when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 +# Host type rules: +# - there can only be 0 or 1 HANA type in the list +# - there can only be 0 or 1 NW (A)SCS/ERS type in the list +- name: "SAP HA Prepare Pacemaker - Make sure that the host_type combination is valid" + ansible.builtin.assert: + that: + - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length < 2 + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_.*_ers') | length < 2 + fail_msg: | + Host type = {{ sap_ha_pacemaker_cluster_host_type }} + + Conflicting host types found! + There can only be max. 1 HANA and/or 1 NWAS (A)SCS/ERS type in the same definition. + - name: "SAP HA Prepare Pacemaker - Include HANA specific variables" ansible.builtin.include_tasks: file: include_vars_hana.yml diff --git a/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_perf.yml b/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_perf.yml index 1801b2fbe..413e344e7 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_perf.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/hana_scaleup_perf.yml @@ -15,7 +15,8 @@ __sap_ha_pacemaker_cluster_sap_extra_packages: "{{ # Set variable with dictionary name based on angi availability __sap_ha_pacemaker_cluster_hana_hook_dictionary: - "{{ '__sap_ha_pacemaker_cluster_hook_' + sap_ha_pacemaker_cluster_host_type[0] + "{{ '__sap_ha_pacemaker_cluster_hook_' + + (sap_ha_pacemaker_cluster_host_type | select('search', 'hana'))[0] + ('_angi' if __sap_ha_pacemaker_cluster_saphanasr_angi_available else '') }}" # Recommended srhooks are set to true only if default dictionary is populated From ab8c9f855a01ec89fe27dc8c8877b53e4ebd15c2 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Thu, 13 Feb 2025 18:53:12 +0100 Subject: [PATCH 32/66] sap_ha_pacemaker_cluster: fix internal-error For some reason the LSR collection variable is in the way of the ansible syntax-check of some tools, when the task that calls the ha_cluster LSR uses `import_role`. The same syntax works without errors when the task uses `include_role` instead. Fixes galaxy-importer error "internal-error: Unexpected error code 1". --- roles/sap_ha_pacemaker_cluster/tasks/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/roles/sap_ha_pacemaker_cluster/tasks/main.yml index 206bc3835..1c2ad75d3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/main.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/main.yml @@ -211,8 +211,10 @@ # Cluster installation and configuration through the dedicated # linux system role 'ha_cluster' - name: "SAP HA Install Pacemaker - Include System Role 'ha_cluster'" - ansible.builtin.import_role: + ansible.builtin.include_role: name: "{{ sap_ha_pacemaker_cluster_system_roles_collection }}.ha_cluster" + apply: + tags: run_ha_cluster no_log: "{{ __sap_ha_pacemaker_cluster_no_log }}" # some parameters contain secrets tags: run_ha_cluster From 5f72d47dffbb754cdfe21b3aea18a14a330bafbc Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 14 Feb 2025 09:34:31 +0100 Subject: [PATCH 33/66] sap_swpm: Fix link in README.md Fixes #969. Signed-off-by: Bernd Finger --- roles/sap_swpm/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index f5148f53c..7fa683c3b 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -51,7 +51,7 @@ Alternatively, you can place all the files mentioned above into a single directo ### Recommended It is recommended to execute this role together with other roles in this collection, in the following order:
1. [sap_general_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_general_preconfigure) -2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_hana_preconfigure) +2. [sap_netweaver_preconfigure](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_netweaver_preconfigure) 3. [sap_install_media_detect](https://github.com/sap-linuxlab/community.sap_install/tree/main/roles/sap_install_media_detect) 4. *`sap_swpm`* From dbeb69836dadd4d444b0bf3ab819ee69f2d914f8 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Fri, 14 Feb 2025 13:03:37 +0100 Subject: [PATCH 34/66] collection: ansible-lint excludes - added .ansible/ to excludes, this is auto-created by pre-commit and contains the collection, on which the role excludes do not work - sap_hostagent: removed `ansible_become` from defaults, it does not belong in the role but in the playbook, and it triggers the no-role-prefix rule - sap_hostagent: changed some truthy values for consistency - sap_hostagent linting is fine now, it is commented out in the exclude list --- .ansible-lint | 4 +++- roles/sap_hostagent/defaults/main.yml | 3 --- roles/sap_hostagent/tasks/config_ssl.yml | 6 +++--- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 386378042..ee1640923 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -2,6 +2,7 @@ # Collection wide lint-file # DO NOT CHANGE exclude_paths: + - .ansible/ - .cache/ - .github/ #- docs/ @@ -9,11 +10,12 @@ exclude_paths: - playbooks/ - roles/sap_anydb_install_oracle #- roles/sap_general_preconfigure + #- roles/sap_ha_install_anydb_ibmdb2 #- roles/sap_ha_install_hana_hsr #- roles/sap_ha_pacemaker_cluster #- roles/sap_hana_install #- roles/sap_hana_preconfigure - - roles/sap_hostagent + #- roles/sap_hostagent #- roles/sap_install_media_detect #- roles/sap_netweaver_preconfigure #- roles/sap_storage_setup diff --git a/roles/sap_hostagent/defaults/main.yml b/roles/sap_hostagent/defaults/main.yml index ed1d754d9..da249e802 100644 --- a/roles/sap_hostagent/defaults/main.yml +++ b/roles/sap_hostagent/defaults/main.yml @@ -12,8 +12,5 @@ sap_hostagent_agent_tmp_directory: "/tmp/hostagent" # Remove the temporary directory after the installation has been done sap_hostagent_clean_tmp_directory: false -# This role must be run as ROOT user -ansible_become: true - # SSL Variables sap_hostagent_config_ssl: False diff --git a/roles/sap_hostagent/tasks/config_ssl.yml b/roles/sap_hostagent/tasks/config_ssl.yml index f20506a48..edeb9c530 100644 --- a/roles/sap_hostagent/tasks/config_ssl.yml +++ b/roles/sap_hostagent/tasks/config_ssl.yml @@ -32,7 +32,7 @@ -x "{{ sap_hostagent_ssl_passwd }}" -r /tmp/myhost-csr.p10 "CN={{ ansible_fqdn }}, O={{ sap_hostagent_ssl_org }}, C={{ sap_hostagent_ssl_country }}" - become: yes + become: true become_user: sapadm args: chdir: /usr/sap/hostctrl/exe/ @@ -48,7 +48,7 @@ -p SAPSSLS.pse -x "{{ sap_hostagent_ssl_passwd }}" -O sapadm - become: yes + become: true become_user: sapadm args: chdir: /usr/sap/hostctrl/exe/ @@ -79,7 +79,7 @@ /usr/sap/hostctrl/exe/sapgenpse get_my_name -x "{{ sap_hostagent_ssl_passwd }}" -v - become: yes + become: true become_user: sapadm args: chdir: /usr/sap/hostctrl/exe/ From a968d1fa42196cae828e2ca1cd53dbb89b761688 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Fri, 14 Feb 2025 11:26:56 +0100 Subject: [PATCH 35/66] sap_ha_pacemaker_cluster: fix SAPStartSrv monitor The SAPStartSrv monitor operation should not run on an interval, only for a probe once at start. The added operation parameters will make sure that the monitor operation is disabled. To make it very clear that the interval=0 is not a mistake, the `enabled` parameter is set to `false` as well. --- ...t_vars_nwas_abap_ascs_ers_simple_mount.yml | 18 ++++ ...ct_vars_nwas_java_scs_ers_simple_mount.yml | 18 ++++ roles/sap_ha_pacemaker_cluster/tasks/main.yml | 82 +++++++++++++++++-- 3 files changed, 112 insertions(+), 6 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml index 37ac30fff..b9d682bbe 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_abap_ascs_ers_simple_mount.yml @@ -15,6 +15,15 @@ - attrs: - name: InstanceName value: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name }}" + operations: + - action: monitor + attrs: + - name: timeout + value: 20s + - name: interval + value: "{{ '120s' if ansible_os_family == 'Suse' else '0s' }}" + - name: enabled + value: 'false' when: - __resource_sapstartsrv.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) @@ -30,6 +39,15 @@ - attrs: - name: InstanceName value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + operations: + - action: monitor + attrs: + - name: timeout + value: 20s + - name: interval + value: "{{ '120s' if ansible_os_family == 'Suse' else '0s' }}" + - name: enabled + value: 'false' when: - __resource_sapstartsrv.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers_simple_mount.yml b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers_simple_mount.yml index 7b95d59f0..01cc13123 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers_simple_mount.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/construct_vars_nwas_java_scs_ers_simple_mount.yml @@ -15,6 +15,15 @@ - attrs: - name: InstanceName value: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name }}" + operations: + - action: monitor + attrs: + - name: timeout + value: 20s + - name: interval + value: "{{ '120s' if ansible_os_family == 'Suse' else '0s' }}" + - name: enabled + value: 'false' when: - __resource_sapstartsrv.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) @@ -30,6 +39,15 @@ - attrs: - name: InstanceName value: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + operations: + - action: monitor + attrs: + - name: timeout + value: 20s + - name: interval + value: "{{ '120s' if ansible_os_family == 'Suse' else '0s' }}" + - name: enabled + value: 'false' when: - __resource_sapstartsrv.id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id')) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/roles/sap_ha_pacemaker_cluster/tasks/main.yml index 1c2ad75d3..b144a76b3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/main.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/main.yml @@ -35,122 +35,161 @@ # Validate input variables after processing in include_vars_ tasks. - name: "SAP HA Prepare Pacemaker - Include parameter validation tasks" ansible.builtin.import_tasks: validate_input_parameters.yml + tags: pre_ha_cluster # Determine if we are on a cloud platform. - name: "SAP HA Prepare Pacemaker - Include tasks for platform detection" ansible.builtin.import_tasks: platform/ascertain_platform_type.yml + tags: pre_ha_cluster - name: "SAP HA Prepare Pacemaker - Include platform specific variables" ansible.builtin.import_tasks: platform/include_vars_platform.yml + tags: pre_ha_cluster - name: "SAP HA Prepare Pacemaker - Include common variable construction tasks" ansible.builtin.import_tasks: construct_vars_common.yml + tags: pre_ha_cluster - name: "SAP HA Prepare Pacemaker - Include variable construction for STONITH resources" ansible.builtin.import_tasks: construct_vars_stonith.yml + tags: pre_ha_cluster - name: "SAP HA Prepare Pacemaker - Include variable construction for VIP resources" ansible.builtin.import_tasks: include_construct_vip_resources.yml + tags: pre_ha_cluster # SAP HANA Scenarios - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP HANA common" ansible.builtin.include_tasks: file: construct_vars_hana_common.yml + apply: + tags: pre_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 + tags: pre_ha_cluster - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP HANA Scale-up" ansible.builtin.include_tasks: file: construct_vars_hana_scaleup.yml + apply: + tags: pre_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 - not __sap_ha_pacemaker_cluster_saphanasr_angi_available + tags: pre_ha_cluster - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP HANA Scale-up - Angi" ansible.builtin.include_tasks: file: construct_vars_hana_scaleup_angi.yml + apply: + tags: pre_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 - __sap_ha_pacemaker_cluster_saphanasr_angi_available + tags: pre_ha_cluster # Common variables for Netweaver scenarios - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver common" ansible.builtin.include_tasks: file: construct_vars_nwas_common.yml + apply: + tags: pre_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap') | length > 0 or sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java') | length > 0 + tags: pre_ha_cluster # SAP ASCS/ERS Scenarios - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ASCS/ERS" ansible.builtin.include_tasks: file: construct_vars_nwas_abap_ascs_ers.yml + apply: + tags: pre_ha_cluster loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - "'nwas_abap_ascs_ers' in nwas_build_item" - not __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + tags: pre_ha_cluster - name: SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ASCS/ERS Simple Mount ansible.builtin.include_tasks: file: construct_vars_nwas_abap_ascs_ers_simple_mount.yml + apply: + tags: pre_ha_cluster loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - "'nwas_abap_ascs_ers' in nwas_build_item" - __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + tags: pre_ha_cluster # SAP SCS/ERS Scenarios - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver SCS/ERS" ansible.builtin.include_tasks: file: construct_vars_nwas_java_scs_ers.yml + apply: + tags: pre_ha_cluster loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - "'nwas_java_scs_ers' in nwas_build_item" - not __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + tags: pre_ha_cluster - name: SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver SCS/ERS Simple Mount ansible.builtin.include_tasks: file: construct_vars_nwas_java_scs_ers_simple_mount.yml + apply: + tags: pre_ha_cluster loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - "'nwas_java_scs_ers' in nwas_build_item" - __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + tags: pre_ha_cluster # SAP PAS/AAS Scenarios - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP NetWeaver ABAP PAS/AAS" ansible.builtin.include_tasks: file: construct_vars_nwas_abap_pas_aas.yml + apply: + tags: pre_ha_cluster loop: "{{ sap_ha_pacemaker_cluster_host_type }}" loop_control: loop_var: nwas_build_item when: - "'nwas_abap_pas' in nwas_build_item" + tags: pre_ha_cluster # Include constraints construction after the related resources were constructed. - name: "SAP HA Prepare Pacemaker - Include variable construction for SAP Hana VIP constraints" ansible.builtin.include_tasks: file: construct_vars_vip_constraints_hana.yml + apply: + tags: pre_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 + tags: pre_ha_cluster # All of the SAP HA role constructed parameters must be translated to # 'ha_cluster' Linux System Role parameters. - name: "SAP HA Prepare Pacemaker - Translate all parameters to 'ha_cluster' input variables" ansible.builtin.include_tasks: file: construct_final_hacluster_vars.yml + apply: + tags: pre_ha_cluster + tags: pre_ha_cluster ########################################################## @@ -165,10 +204,13 @@ when: __sap_ha_pacemaker_cluster_platform_file is file ansible.builtin.include_tasks: file: "{{ item }}" + apply: + tags: pre_ha_cluster loop: - "platform/preconfigure_{{ __sap_ha_pacemaker_cluster_platform }}.yml" vars: __sap_ha_pacemaker_cluster_platform_file: "{{ role_path }}/tasks/{{ item }}" + tags: pre_ha_cluster # Stop and disable services that conflict with cluster setups, # for instance cloud-init services on cloud platforms @@ -186,6 +228,7 @@ failed_when: - __sap_ha_pacemaker_cluster_disable_services.failed - '"Could not find the requested service" not in __sap_ha_pacemaker_cluster_disable_services.msg' + tags: pre_ha_cluster - name: "SAP HA Install Pacemaker - Query if CIB already exists" ansible.builtin.command: @@ -194,6 +237,7 @@ check_mode: false changed_when: false failed_when: false + tags: pre_ha_cluster - name: "SAP HA Install Pacemaker - Create backup of existing CIB" when: @@ -206,6 +250,7 @@ group: root owner: root mode: "0600" + tags: pre_ha_cluster # Cluster installation and configuration through the dedicated @@ -227,6 +272,7 @@ mode: '0755' when: - __sap_ha_pacemaker_cluster_platform == 'cloud_gcp_ce_vm' + tags: post_ha_cluster - name: "SAP HA Install Pacemaker - Corosync systemd configuration" ansible.builtin.copy: @@ -242,13 +288,18 @@ when: - __sap_ha_pacemaker_cluster_platform == 'cloud_gcp_ce_vm' notify: "Reload systemd daemon" + tags: post_ha_cluster - name: "SAP HA Install Pacemaker - Include srHook configuration" ansible.builtin.include_tasks: file: configure_srhook.yml apply: - tags: srhook - tags: srhook + tags: + - srhook + - post_ha_cluster + tags: + - srhook + - post_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana') | length > 0 @@ -256,36 +307,49 @@ - name: "SAP HA Install Pacemaker - Gracefully start SAP HANA cluster" ansible.builtin.include_tasks: file: "{{ ansible_facts['os_family'] }}/post_steps_hana_scaleup.yml" + apply: + tags: post_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 run_once: true + tags: post_ha_cluster # Post steps for ASCS/ERS crmsh cluster to remove unsupported operations - name: "SAP HA Install Pacemaker - Include NetWeaver ASCS/ERS post steps OS specific" ansible.builtin.include_tasks: file: "{{ ansible_facts['os_family'] }}/post_steps_nwas_abap_ascs_ers.yml" + apply: + tags: post_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 - ansible_os_family == 'Suse' run_once: true + tags: post_ha_cluster # Post steps for SCS/ERS crmsh cluster to remove unsupported operations - name: "SAP HA Install Pacemaker - Include NetWeaver SCS/ERS post steps OS specific" ansible.builtin.include_tasks: file: "{{ ansible_facts['os_family'] }}/post_steps_nwas_java_scs_ers.yml" + apply: + tags: post_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 - ansible_os_family == 'Suse' run_once: true + tags: post_ha_cluster - name: "SAP HA Install Pacemaker - Include NetWeaver ASCS/ERS post steps" ansible.builtin.include_tasks: file: configure_nwas_abap_ascs_ers_post_install.yml apply: - tags: nwas_postinst - tags: nwas_postinst + tags: + - nwas_postinst + - post_ha_cluster + tags: + - nwas_postinst + - post_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 @@ -293,8 +357,12 @@ ansible.builtin.include_tasks: file: configure_nwas_java_scs_ers_post_install.yml apply: - tags: nwas_postinst - tags: nwas_postinst + tags: + - nwas_postinst + - post_ha_cluster + tags: + - nwas_postinst + - post_ha_cluster when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 @@ -327,6 +395,7 @@ run_once: true become: false check_mode: false + tags: post_ha_cluster - name: "SAP HA Install Pacemaker - Display configuration parameters SAVE FILE location" when: @@ -341,3 +410,4 @@ linux system role separately. !! Secret values of resources may be included in this output !! run_once: true + tags: post_ha_cluster From abd91bac6f5ca468d3679194ae68c8cd99796c32 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 17 Feb 2025 10:43:57 +0100 Subject: [PATCH 36/66] sap*preconfigure: Use correct RHEL versions in task names Solves issue #944. Signed-off-by: Bernd Finger --- roles/sap_general_preconfigure/tasks/sapnote/3562909.yml | 2 +- roles/sap_general_preconfigure/tasks/sapnote/assert-3562909.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/3562919.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/assert-3562919.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/sap_general_preconfigure/tasks/sapnote/3562909.yml b/roles/sap_general_preconfigure/tasks/sapnote/3562909.yml index b671d6399..805395061 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/3562909.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/3562909.yml @@ -4,7 +4,7 @@ - name: Configure - Display SAP note number 3562909 and its version ansible.builtin.debug: msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562909$') | first).number }} - (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562909$') | first).version }}): Configure RHEL 9" + (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562909$') | first).version }}): Configure RHEL 10" tags: - always diff --git a/roles/sap_general_preconfigure/tasks/sapnote/assert-3562909.yml b/roles/sap_general_preconfigure/tasks/sapnote/assert-3562909.yml index 5237ed50a..6c9eebb9b 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/assert-3562909.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/assert-3562909.yml @@ -4,7 +4,7 @@ - name: Assert - Display SAP note number 3562909 and its version ansible.builtin.debug: msg: "SAP note {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562909$') | first).number }} - (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562909$') | first).version }}): Configure RHEL 9" + (version {{ (__sap_general_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562909$') | first).version }}): Configure RHEL 10" tags: - always diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml index f2cf27499..2061a6f89 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3108302.yml @@ -3,7 +3,7 @@ - name: Configure - Display SAP note number 3108302 and its version ansible.builtin.debug: msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).number }} - (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).version }}): SAP HANA settings for RHEL 8" + (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).version }}): SAP HANA settings for RHEL 9" - name: Import tasks from '3108302/01-configure-selinux.yml' ansible.builtin.import_tasks: 3108302/01-configure-selinux.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3562919.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3562919.yml index 78dec9ec3..2ad051be4 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3562919.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3562919.yml @@ -3,7 +3,7 @@ - name: Configure - Display SAP note number 3562919 and its version ansible.builtin.debug: msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562919$') | first).number }} - (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562919$') | first).version }}): SAP HANA settings for RHEL 8" + (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562919$') | first).version }}): SAP HANA settings for RHEL 10" - name: Import tasks from '3562919/01-configure-selinux.yml' ansible.builtin.import_tasks: 3562919/01-configure-selinux.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml index 972a11a61..62220f026 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-3108302.yml @@ -3,7 +3,7 @@ - name: Assert - Display SAP note number 3108302 and its version ansible.builtin.debug: msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).number }} - (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).version }}): SAP HANA settings for RHEL 8" + (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3108302$') | first).version }}): SAP HANA settings for RHEL 9" - name: Import tasks from '3108302/01-assert-selinux.yml' ansible.builtin.import_tasks: 3108302/01-assert-selinux.yml diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/assert-3562919.yml b/roles/sap_hana_preconfigure/tasks/sapnote/assert-3562919.yml index f651bf786..44567974b 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/assert-3562919.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/assert-3562919.yml @@ -3,7 +3,7 @@ - name: Assert - Display SAP note number 3562919 and its version ansible.builtin.debug: msg: "SAP note {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562919$') | first).number }} - (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562919$') | first).version }}): SAP HANA settings for RHEL 8" + (version {{ (__sap_hana_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3562919$') | first).version }}): SAP HANA settings for RHEL 10" - name: Import tasks from '3562919/01-assert-selinux.yml' ansible.builtin.import_tasks: 3562919/01-assert-selinux.yml From 149af2161ed084d271c1837102456d5fe96211bb Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 17 Feb 2025 11:22:52 +0100 Subject: [PATCH 37/66] collection: Use the correct ansible-galaxy option in README.md files Fixes #775. Signed-off-by: Bernd Finger --- roles/sap_general_preconfigure/README.md | 4 ++-- roles/sap_ha_pacemaker_cluster/README.md | 2 +- roles/sap_hana_install/README.md | 2 +- roles/sap_hana_preconfigure/README.md | 2 +- roles/sap_storage_setup/README.md | 4 ++-- roles/sap_swpm/README.md | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/sap_general_preconfigure/README.md b/roles/sap_general_preconfigure/README.md index 46622bebf..4558b70d0 100644 --- a/roles/sap_general_preconfigure/README.md +++ b/roles/sap_general_preconfigure/README.md @@ -19,7 +19,7 @@ Specific installation and configuration steps then have to be performed with the - Roles: - `sap_maintain_etc_hosts` -Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. +Install required collections by `ansible-galaxy collection install -vv -r meta/collection-requirements.yml`. @@ -441,4 +441,4 @@ Example: ```yaml sap_general_preconfigure_db_group_name: dba ``` - \ No newline at end of file + diff --git a/roles/sap_ha_pacemaker_cluster/README.md b/roles/sap_ha_pacemaker_cluster/README.md index c85964e20..b214afbdb 100644 --- a/roles/sap_ha_pacemaker_cluster/README.md +++ b/roles/sap_ha_pacemaker_cluster/README.md @@ -14,7 +14,7 @@ The Ansible Role `sap_ha_pacemaker_cluster` is used to install and configure Lin - Roles: - `ha_cluster` -Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. +Install required collections by `ansible-galaxy collection install -vv -r meta/collection-requirements.yml`. diff --git a/roles/sap_hana_install/README.md b/roles/sap_hana_install/README.md index 636b21623..0f6922113 100644 --- a/roles/sap_hana_install/README.md +++ b/roles/sap_hana_install/README.md @@ -14,7 +14,7 @@ The Ansible role `sap_hana_install` installs SAP HANA using the SAP HANA databas - Roles: - `selinux` -Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. +Install required collections by `ansible-galaxy collection install -vv -r meta/collection-requirements.yml`. ## Prerequisites diff --git a/roles/sap_hana_preconfigure/README.md b/roles/sap_hana_preconfigure/README.md index 64b4bacdc..299672dca 100644 --- a/roles/sap_hana_preconfigure/README.md +++ b/roles/sap_hana_preconfigure/README.md @@ -14,7 +14,7 @@ The Ansible role `sap_hana_preconfigure` installs additional required packages a - Roles: - `selinux` -Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. +Install required collections by `ansible-galaxy collection install -vv -r meta/collection-requirements.yml`. diff --git a/roles/sap_storage_setup/README.md b/roles/sap_storage_setup/README.md index 7105d1454..dfc9c0da2 100644 --- a/roles/sap_storage_setup/README.md +++ b/roles/sap_storage_setup/README.md @@ -22,7 +22,7 @@ This Ansible Role is agnostic, and will run on any Infrastructure Platform. Only - `lvg` - `lvol` - `filesystem` -Install required collection by `ansible-galaxy install community.general`. +Install required collection by `ansible-galaxy collection install community.general`. @@ -259,4 +259,4 @@ Define if multipathing should be enabled and dynamic multipath devices detected SID of the SAP service.
If not defined, the default will be inherited from the global parameter `sap_system_sid`. One of these parameters must be defined.
- \ No newline at end of file + diff --git a/roles/sap_swpm/README.md b/roles/sap_swpm/README.md index 7fa683c3b..38346d57d 100644 --- a/roles/sap_swpm/README.md +++ b/roles/sap_swpm/README.md @@ -14,7 +14,7 @@ The Ansible role `sap_swpm` installs various SAP Systems installable by SAP Soft - Roles: - `selinux` -Install required collections by `ansible-galaxy install -vv -r meta/collection-requirements.yml`. +Install required collections by `ansible-galaxy collection install -vv -r meta/collection-requirements.yml`. ## Prerequisites From 03b2e679d393a8290b1c1266c8ee5994dafd2864 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 17 Feb 2025 19:25:30 +0100 Subject: [PATCH 38/66] collection: Cleanup the changelog(s) In this commit, the file changelogs/changelog.yml is being reformatted to comply with the standards as published in https://github.com/ansible-community/antsibull-changelog/blob/main/docs/changelogs.md and https://github.com/ansible-community/antsibull-changelog/blob/main/docs/changelog.yaml-format.md . The command: ``` antsibull-changelog lint-changelog-yaml changelogs/changelog.yaml ``` returns with return code 0. The command: ``` antsibull-changelog generate ``` generates the file CHANGELOG.rst from file changelogs/changelog.yaml. The file CHANGELOG.rst is also part of this commit. Signed-off-by: Bernd Finger --- CHANGELOG.rst | 477 +++++++++++++++++++----------------- changelogs/changelog.yaml | 502 ++++++++++++++++++-------------------- 2 files changed, 493 insertions(+), 486 deletions(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 87c0ef79e..ab9b6ce47 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,128 +1,120 @@ -=================================== -community.sap_install Release Notes -=================================== +==================================== +community.sap\_install Release Notes +==================================== .. contents:: Topics +v1.5.2 +====== -1.5.2 Release Summary --------------- -- Release Date: 2025-01-24 - -This is a bugfix release of the `community.sap_install` collection. -Changes -------------- -- sap_*_preconfigure: Add code for RHEL 10 support (https://github.com/sap-linuxlab/community.sap_install/pull/938) -- sap_*_preconfigure/Suse: Rework of preconfigure roles for Suse, add missing notes. (https://github.com/sap-linuxlab/community.sap_install/pull/930) +Various enhancements and bug fixes Bugfixes -------- -- sap_netweaver_preconfigure: fix argument_specs validation error (https://github.com/sap-linuxlab/community.sap_install/pull/940) -- sap_general_preconfigure: No longer install locale packages in RHEL 7 (https://github.com/sap-linuxlab/community.sap_install/pull/937) -- sap_general_preconfigure: Fix check mode (https://github.com/sap-linuxlab/community.sap_install/pull/935) +- sap_*_preconfigure - Add code for RHEL 10 support (https://github.com/sap-linuxlab/community.sap_install/pull/938) +- sap_*_preconfigure/Suse - Rework of preconfigure roles for Suse, add missing notes. (https://github.com/sap-linuxlab/community.sap_install/pull/930) +- sap_general_preconfigure - Fix check mode (https://github.com/sap-linuxlab/community.sap_install/pull/935) +- sap_general_preconfigure - No longer install locale packages in RHEL 7 (https://github.com/sap-linuxlab/community.sap_install/pull/937) +- sap_netweaver_preconfigure - fix argument_specs validation error (https://github.com/sap-linuxlab/community.sap_install/pull/940) + +v1.5.1 +====== -1.5.1 Release Summary --------------- -- Release Date: 2025-01-15 - -This is a bugfix release of the `community.sap_install` collection. -Minor Changes -------------- -- sap_ha_pacemaker_cluster: enable Simple Mount on RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/931) -- sap_ha_pacemaker_cluster/SUSE: Rework SAPHanaSR-angi pre-steps and add SLES 16 vars (https://github.com/sap-linuxlab/community.sap_install/pull/928) -- sap_swpm, sap_general_preconfigure: Add variables for sap_install FQCN collection name for calling roles (https://github.com/sap-linuxlab/community.sap_install/pull/925) -- sap_general_preconfigure: Implement SAP note 2369910 (https://github.com/sap-linuxlab/community.sap_install/pull/914) -- sap_ha_pacemaker_cluster: ANGI on RHEL and small improvements (https://github.com/sap-linuxlab/community.sap_install/pull/911) -- sap_*_preconfigure, sap_ha_pacemaker_cluster: Reworked loading vars (https://github.com/sap-linuxlab/community.sap_install/pull/910) +Various enhancements and bug fixes Bugfixes -------- -- sap_swpm: Use master password only when necessary (https://github.com/sap-linuxlab/community.sap_install/pull/920) -- sap_swpm: Fix error when using tag sap_swpm_generate_inifile (https://github.com/sap-linuxlab/community.sap_install/pull/918) -- sap_swpm: Fix error when installing SAP NW750 JAVA or SOLMAN72SR2 JAVA instances (https://github.com/sap-linuxlab/community.sap_install/pull/916) -- sap_install_media_detect: Fix wrong sap_export_solman_java detection (https://github.com/sap-linuxlab/community.sap_install/pull/913) +- sap_*_preconfigure, sap_ha_pacemaker_cluster - Reworked loading vars (https://github.com/sap-linuxlab/community.sap_install/pull/910) +- sap_general_preconfigure - Implement SAP note 2369910 (https://github.com/sap-linuxlab/community.sap_install/pull/914) +- sap_ha_pacemaker_cluster - ANGI on RHEL and small improvements (https://github.com/sap-linuxlab/community.sap_install/pull/911) +- sap_ha_pacemaker_cluster - enable Simple Mount on RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/931) +- sap_ha_pacemaker_cluster/SUSE - Rework SAPHanaSR-angi pre-steps and add SLES 16 vars (https://github.com/sap-linuxlab/community.sap_install/pull/928) +- sap_install_media_detect - Fix wrong sap_export_solman_java detection (https://github.com/sap-linuxlab/community.sap_install/pull/913) +- sap_swpm - Fix error when installing SAP NW750 JAVA or SOLMAN72SR2 JAVA instances (https://github.com/sap-linuxlab/community.sap_install/pull/916) +- sap_swpm - Fix error when using tag sap_swpm_generate_inifile (https://github.com/sap-linuxlab/community.sap_install/pull/918) +- sap_swpm - Use master password only when necessary (https://github.com/sap-linuxlab/community.sap_install/pull/920) +- sap_swpm, sap_general_preconfigure - Add variables for sap_install FQCN collection name for calling roles (https://github.com/sap-linuxlab/community.sap_install/pull/925) v1.5.0 ====== Release Summary --------------- -- Release Date: 2024-11-29 -This is a minor release of the `community.sap_install` collection. - -Major Changes -------------- -- feat: collection: Readme overhaul for all roles in collection (https://github.com/sap-linuxlab/community.sap_install/pull/873) -- feat: sap_ha_pacemaker_cluster: JAVA HA scenarios and complete refactor of role (https://github.com/sap-linuxlab/community.sap_install/pull/882) -- feat: sap_ha_pacemaker_cluster: Stonith SBD enablement (https://github.com/sap-linuxlab/community.sap_install/pull/829) -- feat: sap_swpm: New improved and simplified version (https://github.com/sap-linuxlab/community.sap_install/pull/840) +Various minor changes Minor Changes ------------- -- feat: collection: Add playbook for direct execution (https://github.com/sap-linuxlab/community.sap_install/pull/842) -- feat: sap_ha_pacemaker_cluster: New azure fence agent package for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/837) -- feat: sap_ha_pacemaker_cluster: Enhance corosync totem handling with new dictionaries (https://github.com/sap-linuxlab/community.sap_install/pull/834) -- feat: sap_ha_pacemaker_cluster: GCP VIP reworked, Health check names updated (https://github.com/sap-linuxlab/community.sap_install/pull/863) -- feat: sap_swpm: Option to enable SWPM observer mode (https://github.com/sap-linuxlab/community.sap_install/pull/749) -- feat: sap_storage_setup: Add support for HANA Scaleout NFS filesystems (https://github.com/sap-linuxlab/community.sap_install/pull/800) -- feat: sap_storage_setup: Add exact size disk check on top of approximate check (https://github.com/sap-linuxlab/community.sap_install/pull/839) -- feat: sap_hana_install: Implement an SAP HANA installation check only feature (https://github.com/sap-linuxlab/community.sap_install/pull/849) -- collection: Add collection dependency for community.general (https://github.com/sap-linuxlab/community.sap_install/pull/808) -- collection: Modify for yamllint requirements (https://github.com/sap-linuxlab/community.sap_install/pull/811) -- sap_ha_pacemaker_cluster: Add override to use Classic SAPHanaSR agents (https://github.com/sap-linuxlab/community.sap_install/pull/806) -- sap_ha_pacemaker_cluster: Packages on AWS for RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/857) -- sap_ha_pacemaker_cluster: GCP haproxy handling and new platform VIP dictionary (https://github.com/sap-linuxlab/community.sap_install/pull/862) -- sap_ha_pacemaker_cluster: vip resources must be first in ASCS/ERS resource groups (https://github.com/sap-linuxlab/community.sap_install/pull/872) -- sap_swpm: Remove the pids module (https://github.com/sap-linuxlab/community.sap_install/pull/786) -- sap_swpm: sap_swpm_db_schema_password must be set explicitly for AAS (https://github.com/sap-linuxlab/community.sap_install/pull/760) -- sap_swpm: hdbuserstore default connection should use sap_swpm_db_schema_abap_password (https://github.com/sap-linuxlab/community.sap_install/pull/748) -- sap_swpm: Add default value for sap_swpm_java_scs_instance_hostname (https://github.com/sap-linuxlab/community.sap_install/pull/801) -- sap_swpm: Reduce the amount of empty lines in inifile.params (https://github.com/sap-linuxlab/community.sap_install/pull/822) -- sap_storage_setup: Defaults and documentation (https://github.com/sap-linuxlab/community.sap_install/pull/825) -- sap_general_preconfigure: Use the package module in most cases (https://github.com/sap-linuxlab/community.sap_install/pull/758) -- sap_general_preconfigure: Use FQCN for import_role (https://github.com/sap-linuxlab/community.sap_install/pull/827) -- sap_hana_preconfigure: Add RHEL 8.10 and 9.4 requirements (https://github.com/sap-linuxlab/community.sap_install/pull/869) -- sap_hana_preconfigure: Zypper lock handler for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/796) -- sap_hana_preconfigure: Enable TSX also for RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/797) -- sap_hana_preconfigure: Sync with SAP note 3024346 v.10 for RHEL/NetApp (https://github.com/sap-linuxlab/community.sap_install/pull/816) -- sap_hana_preconfigure: Refactor remove default saptune version (https://github.com/sap-linuxlab/community.sap_install/pull/818) -- sap_hana_preconfigure: Update azure override readme (https://github.com/sap-linuxlab/community.sap_install/pull/820) -- sap_hana_preconfigure: Set THP to madvise from RHEL 9.2 onwards (https://github.com/sap-linuxlab/community.sap_install/pull/880) -- sap_hana_preconfigure: Allow setting THP to any possible value (https://github.com/sap-linuxlab/community.sap_install/pull/886) -- sap_hana_preconfigure: No longer set net.core.somaxconn in RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/887) -- sap_hana_preconfigure: Add compat-sap-c++-13 (https://github.com/sap-linuxlab/community.sap_install/pull/895) -- sap_netweaver_preconfigure: Rename package libcpupower1 for SLES4SAP 15 SP6 (https://github.com/sap-linuxlab/community.sap_install/pull/876) -- sap_netweaver_preconfigure: Sync with applicable SAP notes for Adobe DS (https://github.com/sap-linuxlab/community.sap_install/pull/888) -- sap_hana_install: Use polling for hdblcm (https://github.com/sap-linuxlab/community.sap_install/pull/805) -- sap_hana_install: Set the install execution mode to 'optimized' (https://github.com/sap-linuxlab/community.sap_install/pull/896) -- sap_install_media_detect: AWS IGW slow impacts gpg key (https://github.com/sap-linuxlab/community.sap_install/pull/772) -- sap_install_media_detect: Search known subdirs on re-run (https://github.com/sap-linuxlab/community.sap_install/pull/773) -- sap_install_media_detect: Append loop labels (https://github.com/sap-linuxlab/community.sap_install/pull/781) -- sap_install_media_detect: Allow disabling RAR handling (https://github.com/sap-linuxlab/community.sap_install/pull/856) -- sap_ha_install_anydb_ibmdb2: Append ibmcloud_vs (https://github.com/sap-linuxlab/community.sap_install/pull/815) + +- collection - Add collection dependency for community.general (https://github.com/sap-linuxlab/community.sap_install/pull/808) +- collection - Modify for yamllint requirements (https://github.com/sap-linuxlab/community.sap_install/pull/811) +- feat - collection - Add playbook for direct execution (https://github.com/sap-linuxlab/community.sap_install/pull/842) +- feat - collection - Readme overhaul for all roles in collection (https://github.com/sap-linuxlab/community.sap_install/pull/873) +- feat - sap_ha_pacemaker_cluster - Enhance corosync totem handling with new dictionaries (https://github.com/sap-linuxlab/community.sap_install/pull/834) +- feat - sap_ha_pacemaker_cluster - GCP VIP reworked, Health check names updated (https://github.com/sap-linuxlab/community.sap_install/pull/863) +- feat - sap_ha_pacemaker_cluster - JAVA HA scenarios and complete refactor of role (https://github.com/sap-linuxlab/community.sap_install/pull/882) +- feat - sap_ha_pacemaker_cluster - New azure fence agent package for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/837) +- feat - sap_ha_pacemaker_cluster - Stonith SBD enablement (https://github.com/sap-linuxlab/community.sap_install/pull/829) +- feat - sap_hana_install - Implement an SAP HANA installation check only feature (https://github.com/sap-linuxlab/community.sap_install/pull/849) +- feat - sap_storage_setup - Add exact size disk check on top of approximate check (https://github.com/sap-linuxlab/community.sap_install/pull/839) +- feat - sap_storage_setup - Add support for HANA Scaleout NFS filesystems (https://github.com/sap-linuxlab/community.sap_install/pull/800) +- feat - sap_swpm - New improved and simplified version (https://github.com/sap-linuxlab/community.sap_install/pull/840) +- feat - sap_swpm - Option to enable SWPM observer mode (https://github.com/sap-linuxlab/community.sap_install/pull/749) +- sap_general_preconfigure - Use FQCN for import_role (https://github.com/sap-linuxlab/community.sap_install/pull/827) +- sap_general_preconfigure - Use the package module in most cases (https://github.com/sap-linuxlab/community.sap_install/pull/758) +- sap_ha_install_anydb_ibmdb2 - Append ibmcloud_vs (https://github.com/sap-linuxlab/community.sap_install/pull/815) +- sap_ha_pacemaker_cluster - Add override to use Classic SAPHanaSR agents (https://github.com/sap-linuxlab/community.sap_install/pull/806) +- sap_ha_pacemaker_cluster - GCP haproxy handling and new platform VIP dictionary (https://github.com/sap-linuxlab/community.sap_install/pull/862) +- sap_ha_pacemaker_cluster - Packages on AWS for RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/857) +- sap_ha_pacemaker_cluster - vip resources must be first in ASCS/ERS resource groups (https://github.com/sap-linuxlab/community.sap_install/pull/872) +- sap_hana_install - Set the install execution mode to "optimized" (https://github.com/sap-linuxlab/community.sap_install/pull/896) +- sap_hana_install - Use polling for hdblcm (https://github.com/sap-linuxlab/community.sap_install/pull/805) +- sap_hana_preconfigure - Add RHEL 8.10 and 9.4 requirements (https://github.com/sap-linuxlab/community.sap_install/pull/869) +- sap_hana_preconfigure - Add compat-sap-c++-13 (https://github.com/sap-linuxlab/community.sap_install/pull/895) +- sap_hana_preconfigure - Allow setting THP to any possible value (https://github.com/sap-linuxlab/community.sap_install/pull/886) +- sap_hana_preconfigure - Enable TSX also for RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/797) +- sap_hana_preconfigure - No longer set net.core.somaxconn in RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/887) +- sap_hana_preconfigure - Refactor remove default saptune version (https://github.com/sap-linuxlab/community.sap_install/pull/818) +- sap_hana_preconfigure - Set THP to madvise from RHEL 9.2 onwards (https://github.com/sap-linuxlab/community.sap_install/pull/880) +- sap_hana_preconfigure - Sync with SAP note 3024346 v.10 for RHEL/NetApp (https://github.com/sap-linuxlab/community.sap_install/pull/816) +- sap_hana_preconfigure - Update azure override readme (https://github.com/sap-linuxlab/community.sap_install/pull/820) +- sap_hana_preconfigure - Zypper lock handler for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/796) +- sap_install_media_detect - AWS IGW slow impacts gpg key (https://github.com/sap-linuxlab/community.sap_install/pull/772) +- sap_install_media_detect - Allow disabling RAR handling (https://github.com/sap-linuxlab/community.sap_install/pull/856) +- sap_install_media_detect - Append loop labels (https://github.com/sap-linuxlab/community.sap_install/pull/781) +- sap_install_media_detect - Search known subdirs on re-run (https://github.com/sap-linuxlab/community.sap_install/pull/773) +- sap_netweaver_preconfigure - Rename package libcpupower1 for SLES4SAP 15 SP6 (https://github.com/sap-linuxlab/community.sap_install/pull/876) +- sap_netweaver_preconfigure - Sync with applicable SAP notes for Adobe DS (https://github.com/sap-linuxlab/community.sap_install/pull/888) +- sap_storage_setup - Defaults and documentation (https://github.com/sap-linuxlab/community.sap_install/pull/825) +- sap_swpm - Add default value for sap_swpm_java_scs_instance_hostname (https://github.com/sap-linuxlab/community.sap_install/pull/801) +- sap_swpm - Reduce the amount of empty lines in inifile.params (https://github.com/sap-linuxlab/community.sap_install/pull/822) +- sap_swpm - Remove the pids module (https://github.com/sap-linuxlab/community.sap_install/pull/786) +- sap_swpm - hdbuserstore default connection should use sap_swpm_db_schema_abap_password (https://github.com/sap-linuxlab/community.sap_install/pull/748) +- sap_swpm - sap_swpm_db_schema_password must be set explicitly for AAS (https://github.com/sap-linuxlab/community.sap_install/pull/760) Bugfixes -------- -- sap_ha_pacemaker_cluster: Add python3-pip and NFS fix for Azure (https://github.com/sap-linuxlab/community.sap_install/pull/754) -- sap_ha_pacemaker_cluster: Fix pcs resource restart (https://github.com/sap-linuxlab/community.sap_install/pull/769) -- sap_ha_pacemaker_cluster: Fix haproxy and minor lint issues (https://github.com/sap-linuxlab/community.sap_install/pull/898) -- sap_ha_pacemaker_cluster: Fix UUID discovery for IBM Cloud VS (https://github.com/sap-linuxlab/community.sap_install/pull/903) -- sap_swpm: Add error notes to dev doc (https://github.com/sap-linuxlab/community.sap_install/pull/795) -- sap_swpm: Fix error when observer user defined, but empty and observer mode is on (https://github.com/sap-linuxlab/community.sap_install/pull/850) -- sap_swpm: Fix issues with localhost delegation on certain control nodes (https://github.com/sap-linuxlab/community.sap_install/pull/891) -- sap_*_preconfigure: Fixes for testing with molecule (https://github.com/sap-linuxlab/community.sap_install/pull/807) -- sap_*_preconfigure: Edge case handling for SUSE packages -- sap_general_preconfigure: Reboot fix in handler (https://github.com/sap-linuxlab/community.sap_install/pull/892) -- sap_ha_install_hana_hsr: Fixes to work for multiple secondaries (https://github.com/sap-linuxlab/community.sap_install/pull/866) -- sap_ha_install_anydb_ibmdb2: Linting and sles bug fixes (https://github.com/sap-linuxlab/community.sap_install/pull/803) +- sap_*_preconfigure - Edge case handling for SUSE packages +- sap_*_preconfigure - Fixes for testing with molecule (https://github.com/sap-linuxlab/community.sap_install/pull/807) +- sap_general_preconfigure - Reboot fix in handler (https://github.com/sap-linuxlab/community.sap_install/pull/892) +- sap_ha_install_anydb_ibmdb2 - Linting and sles bug fixes (https://github.com/sap-linuxlab/community.sap_install/pull/803) +- sap_ha_install_hana_hsr - Fixes to work for multiple secondaries (https://github.com/sap-linuxlab/community.sap_install/pull/866) +- sap_ha_pacemaker_cluster - Add python3-pip and NFS fix for Azure (https://github.com/sap-linuxlab/community.sap_install/pull/754) +- sap_ha_pacemaker_cluster - Fix UUID discovery for IBM Cloud VS (https://github.com/sap-linuxlab/community.sap_install/pull/903) +- sap_ha_pacemaker_cluster - Fix haproxy and minor lint issues (https://github.com/sap-linuxlab/community.sap_install/pull/898) +- sap_ha_pacemaker_cluster - Fix pcs resource restart (https://github.com/sap-linuxlab/community.sap_install/pull/769) +- sap_swpm - Add error notes to dev doc (https://github.com/sap-linuxlab/community.sap_install/pull/795) +- sap_swpm - Fix error when observer user defined, but empty and observer mode is on (https://github.com/sap-linuxlab/community.sap_install/pull/850) +- sap_swpm - Fix issues with localhost delegation on certain control nodes (https://github.com/sap-linuxlab/community.sap_install/pull/891) v1.4.1 ====== @@ -130,44 +122,48 @@ v1.4.1 Release Summary --------------- -| Release Date: 2024-06-21 -| feat: sap_hana_install: add compatibility for fapolicyd -| feat: sap_swpm: append generate options for s4hana java -| feat: sap_ha_pacemaker_cluster: upgrade to ha_cluster Ansible Role with SLES compatibility -| feat: sap_ha_pacemaker_cluster: compatibility enhancement for SLES -| feat: sap_ha_pacemaker_cluster: improved handling of custom SAP HANA srHooks -| feat: sap_ha_pacemaker_cluster: handling for future merged Resource Agent package (SAPHanaSR-angi) -| feat: sap_ha_pacemaker_cluster: graceful SAP HANA start after PCMK Cluster start -| feat: sap_ha_pacemaker_cluster: ASCS ERS Simple Mount -| collection: add sample AAS installation var file -| collection: fix ansible-test sanity errors -| collection: for package_facts Ansible Module add python3-rpm requirement for SLES -| collection: use -i instead of -l test scripts -| sap_*_preconfigure: disable and stop sapconf when saptune run -| sap_general_preconfigure: fix /etc/hosts check in assert mode -| sap_general_preconfigure: revert to awk for asserting /etc/hosts -| sap_general_preconfigure: use tags for limiting the role scope -| sap_general_preconfigure: use the package module in most cases -| sap_general_preconfigure: use the role sap_maintain_etc_hosts - RHEL systems -| sap_hana_preconfigure: move handlers to the correct location -| sap_hana_preconfigure: catch SELinux disabled -| sap_hana_preconfigure: update kernel parameters for SLES -| sap_netweaver_preconfigure: sync with SAP note 3119751 v.13 for RHEL -| sap_anydb_install_oracle: fix temp directory removal -| sap_ha_pacemaker_cluster: use expect Ansible Module and add python3-pip requirement -| sap_ha_pacemaker_cluster: add retry for Azure Files (NFS) to avoid locks -| sap_ha_pacemaker_cluster: variable changes for different os and platforms -| sap_ha_pacemaker_cluster: fix pcs resource restart -| sap_hana_install: update documentation for parameter sap_hana_install_force -| sap_install_media_detect: detection of SAP Kernel Part I only -| sap_install_media_detect: duplicate SAR file handling for SAP Kernel, IGS, WebDisp -| sap_install_media_detect: directory handling fix for SAP SWPM -| sap_maintain_etc_hosts: fix wrong assert messages -| sap_maintain_etc_hosts: remove use ansible.utils.ip -| sap_storage_setup: fix for TB disks -| sap_swpm: directory handling fix for SAP SWPM -| sap_swpm: align execution and monitoring timeouts to 24hrs (86400s) -| sap_swpm: optionally skip setting file permissions +Various enhancements and bug fixes + +Minor Changes +------------- + +- collection - add sample AAS installation var file +- collection - fix ansible-test sanity errors +- collection - for package_facts Ansible Module add python3-rpm requirement for SLES +- collection - use -i instead of -l test scripts +- feat - sap_ha_pacemaker_cluster - ASCS ERS Simple Mount +- feat - sap_ha_pacemaker_cluster - compatibility enhancement for SLES +- feat - sap_ha_pacemaker_cluster - graceful SAP HANA start after PCMK Cluster start +- feat - sap_ha_pacemaker_cluster - handling for future merged Resource Agent package (SAPHanaSR-angi) +- feat - sap_ha_pacemaker_cluster - improved handling of custom SAP HANA srHooks +- feat - sap_ha_pacemaker_cluster - upgrade to ha_cluster Ansible Role with SLES compatibility +- feat - sap_hana_install - add compatibility for fapolicyd +- feat - sap_swpm - append generate options for s4hana java +- sap_*_preconfigure - disable and stop sapconf when saptune run +- sap_anydb_install_oracle - fix temp directory removal +- sap_general_preconfigure - fix /etc/hosts check in assert mode +- sap_general_preconfigure - revert to awk for asserting /etc/hosts +- sap_general_preconfigure - use tags for limiting the role scope +- sap_general_preconfigure - use the package module in most cases +- sap_general_preconfigure - use the role sap_maintain_etc_hosts - RHEL systems +- sap_ha_pacemaker_cluster - add retry for Azure Files (NFS) to avoid locks +- sap_ha_pacemaker_cluster - fix pcs resource restart +- sap_ha_pacemaker_cluster - use expect Ansible Module and add python3-pip requirement +- sap_ha_pacemaker_cluster - variable changes for different os and platforms +- sap_hana_install - update documentation for parameter sap_hana_install_force +- sap_hana_preconfigure - catch SELinux disabled +- sap_hana_preconfigure - move handlers to the correct location +- sap_hana_preconfigure - update kernel parameters for SLES +- sap_install_media_detect - detection of SAP Kernel Part I only +- sap_install_media_detect - directory handling fix for SAP SWPM +- sap_install_media_detect - duplicate SAR file handling for SAP Kernel, IGS, WebDisp +- sap_maintain_etc_hosts - fix wrong assert messages +- sap_maintain_etc_hosts - remove use ansible.utils.ip +- sap_netweaver_preconfigure - sync with SAP note 3119751 v.13 for RHEL +- sap_storage_setup - fix for TB disks +- sap_swpm - align execution and monitoring timeouts to 24hrs (86400s) +- sap_swpm - directory handling fix for SAP SWPM +- sap_swpm - optionally skip setting file permissions v1.4.0 ====== @@ -175,10 +171,14 @@ v1.4.0 Release Summary --------------- -| Release Date: 2024-02-02 -| collection: Move sap_hypervisor_node_preconfigure Role to sap_infrastructure Collection -| collection: Move sap_vm_preconfigure Role to sap_infrastructure Collection -| sap_anydb_install_oracle: Feature add for Oracle DB install with patch +Various minor changes + +Minor Changes +------------- + +- collection - Move sap_hypervisor_node_preconfigure Role to sap_infrastructure Collection +- collection - Move sap_vm_preconfigure Role to sap_infrastructure Collection +- sap_anydb_install_oracle - Feature add for Oracle DB install with patch v1.3.5 ====== @@ -186,8 +186,12 @@ v1.3.5 Release Summary --------------- -| Release Date: 2024-01-31 -| sap_hypervisor_node_preconfigure: Bug fix for role name and path for included tasks +Various enhancements and bug fixes + +Bugfixes +-------- + +- sap_hypervisor_node_preconfigure - Bug fix for role name and path for included tasks v1.3.4 ====== @@ -195,23 +199,27 @@ v1.3.4 Release Summary --------------- -| Release Date: 2024-01-15 -| collection: Feature add for CodeSpell in git repository -| collection: Bug fix for ansible-lint of each Ansible Role within Ansible Collection -| collection: Bug Fix for Ansible Core minimum version update to 2.12.0 for import compliance with Ansible Galaxy -| collection: Bug Fix for Ansible CVE-2023-5764 -| sap_general_preconfigure: Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility -| sap_hana_preconfigure: Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune -| sap_hana_preconfigure: Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility -| sap_hana_preconfigure: Feature add to reduce restrictions on new OS versions which are not yet supported by SAP -| sap_netweaver_preconfigure: Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune -| sap_ha_pacemaker_cluster: Feature add for Virtual IP and Constraints logic with Cloud Hyperscaler vendors -| sap_hypervisor_node_preconfigure: Feature add for preconfiguration of KubeVirt (OpenShift Virtualization) hypervisor nodes -| sap_hypervisor_node_preconfigure: Bug fix for preconfiguration code structure of KVM (Red Hat Enterprise Virtualization) hypervisor nodes -| sap_install_media_detect: Bug Fix for existing files -| sap_maintain_etc_hosts: Feature add for maintaining the /etc/hosts file of an SAP software host -| sap_swpm: Bug fix for runtime missing dependency python3-pip and advanced execution mode skipped tasks during certain installations -| sap_swpm: Feature add for basic System Copy executions in default mode +Various enhancements and bug fixes + +Bugfixes +-------- + +- collection - Bug Fix for Ansible CVE-2023-5764 +- collection - Bug Fix for Ansible Core minimum version update to 2.12.0 for import compliance with Ansible Galaxy +- collection - Bug fix for ansible-lint of each Ansible Role within Ansible Collection +- collection - Feature add for CodeSpell in git repository +- sap_general_preconfigure - Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility +- sap_ha_pacemaker_cluster - Feature add for Virtual IP and Constraints logic with Cloud Hyperscaler vendors +- sap_hana_preconfigure - Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility +- sap_hana_preconfigure - Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune +- sap_hana_preconfigure - Feature add to reduce restrictions on new OS versions which are not yet supported by SAP +- sap_hypervisor_node_preconfigure - Bug fix for preconfiguration code structure of KVM (Red Hat Enterprise Virtualization) hypervisor nodes +- sap_hypervisor_node_preconfigure - Feature add for preconfiguration of KubeVirt (OpenShift Virtualization) hypervisor nodes +- sap_install_media_detect - Bug Fix for existing files +- sap_maintain_etc_hosts - Feature add for maintaining the /etc/hosts file of an SAP software host +- sap_netweaver_preconfigure - Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune +- sap_swpm - Bug fix for runtime missing dependency python3-pip and advanced execution mode skipped tasks during certain installations +- sap_swpm - Feature add for basic System Copy executions in default mode v1.3.3 ====== @@ -219,8 +227,12 @@ v1.3.3 Release Summary --------------- -| Release Date: 2023-12-22 -| collection: Make the preconfigure and sap_hana_install roles compatible with CVE-2023-5764 +Various enhancements and bug fixes + +Bugfixes +-------- + +- collection - Make the preconfigure and sap_hana_install roles compatible with CVE-2023-5764 v1.3.2 ====== @@ -228,27 +240,31 @@ v1.3.2 Release Summary --------------- -| Release Date: 2023-09-29 -| sap_general_preconfigure: Update to latest SAP documentation for RHEL 9 package libxcrypt-compat -| sap_general_preconfigure: Bug fix for directory creation and SELinux Labels -| sap_ha_pacemaker_cluster: Bug fix for AWS EC2 Virtual Servers -| sap_ha_pacemaker_cluster: Bug fix for Google Cloud Compute Engine VM netmask lock on Virtual IP -| sap_ha_pacemaker_cluster: Feature add for improved SAP NetWeaver HA compatibility -| sap_ha_pacemaker_cluster: Feature add for ENSA1 compatibility -| sap_ha_pacemaker_cluster: Feature add for SAP HA Interface Cluster Connector after cluster init -| sap_ha_pacemaker_cluster: Feature add for IBM PowerVM hypervisor -| sap_ha_pacemaker_cluster: Feature add for multiple network interfaces with Virtual IP -| sap_hana_install: Bug fix for SELinux disable when SLES4SAP -| sap_install_media_detect: Feature add for NFS compatibility -| sap_install_media_detect: Feature add for idempotency -| sap_install_media_detect: Feature add for new file detection after code restructure -| sap_install_media_detect: Bug fix for setting SAP Maintenance Planner Stack XML path -| sap_storage_setup: Feature add for Multipathing detection -| sap_storage_setup: Bug fix for NFS throttle from customer test on MS Azure -| sap_storage_setup: Bug fix for packages on SLES and Google Cloud -| sap_swpm: Bug fix for RDBMS var name -| sap_swpm: Bug fix for SAP HANA Client hdbuserstore connection -| sap_swpm: Bug fix for SAP Maintenance Planner Stack XML path +Various enhancements and bug fixes + +Bugfixes +-------- + +- sap_general_preconfigure - Bug fix for directory creation and SELinux Labels +- sap_general_preconfigure - Update to latest SAP documentation for RHEL 9 package libxcrypt-compat +- sap_ha_pacemaker_cluster - Bug fix for AWS EC2 Virtual Servers +- sap_ha_pacemaker_cluster - Bug fix for Google Cloud Compute Engine VM netmask lock on Virtual IP +- sap_ha_pacemaker_cluster - Feature add for ENSA1 compatibility +- sap_ha_pacemaker_cluster - Feature add for IBM PowerVM hypervisor +- sap_ha_pacemaker_cluster - Feature add for SAP HA Interface Cluster Connector after cluster init +- sap_ha_pacemaker_cluster - Feature add for improved SAP NetWeaver HA compatibility +- sap_ha_pacemaker_cluster - Feature add for multiple network interfaces with Virtual IP +- sap_hana_install - Bug fix for SELinux disable when SLES4SAP +- sap_install_media_detect - Bug fix for setting SAP Maintenance Planner Stack XML path +- sap_install_media_detect - Feature add for NFS compatibility +- sap_install_media_detect - Feature add for idempotency +- sap_install_media_detect - Feature add for new file detection after code restructure +- sap_storage_setup - Bug fix for NFS throttle from customer test on MS Azure +- sap_storage_setup - Bug fix for packages on SLES and Google Cloud +- sap_storage_setup - Feature add for Multipathing detection +- sap_swpm - Bug fix for RDBMS var name +- sap_swpm - Bug fix for SAP HANA Client hdbuserstore connection +- sap_swpm - Bug fix for SAP Maintenance Planner Stack XML path v1.3.1 ====== @@ -256,15 +272,19 @@ v1.3.1 Release Summary --------------- -| Release Date: 2023-08-14 -| sap_ha_pacemaker_cluster: Improved AWS constructs based on feedback -| sap_ha_pacemaker_cluster: Improved no STONITH resource definition handling -| sap_hana_install: Bug fix for arg spec on deprecated vars -| sap_hostagent: Bug fix for media handling -| sap_install_media_detect: Improved handling based on feedback -| sap_storage_setup: Bug fix for existing storage devices -| sap_swpm: Make full log output optional and replace with sapcontrol log final status -| collection: Bug fix for sample Ansible Playbooks +Various enhancements and bug fixes + +Bugfixes +-------- + +- collection - Bug fix for sample Ansible Playbooks +- sap_ha_pacemaker_cluster - Improved AWS constructs based on feedback +- sap_ha_pacemaker_cluster - Improved no STONITH resource definition handling +- sap_hana_install - Bug fix for arg spec on deprecated vars +- sap_hostagent - Bug fix for media handling +- sap_install_media_detect - Improved handling based on feedback +- sap_storage_setup - Bug fix for existing storage devices +- sap_swpm - Make full log output optional and replace with sapcontrol log final status v1.3.0 ====== @@ -272,17 +292,21 @@ v1.3.0 Release Summary --------------- -| Release Date: 2023-07-21 -| sap_general_preconfigure: Updates for new IBM Power packages with RHEL -| sap_hana_preconfigure: Updates for new IBM Power packages with RHEL -| sap_hana_install: Default Log Mode to normal and not Overwrite -| sap_ha_pacemaker_cluster: Detection of and compatibility for additional Infrastructure Platforms -| sap_ha_pacemaker_cluster: SAP NetWeaver compatibility added -| sap_install_media_detect: Restructure and add execution controls -| sap_storage_setup: Overhaul/Rewrite with breaking changes -| sap_storage_setup: SAP NetWeaver and NFS compatibility added -| sap_swpm: Minor alterations from High Availability test scenarios -| collection: Sample Playbooks updated +Various minor changes + +Minor Changes +------------- + +- collection - Sample Playbooks updated +- sap_general_preconfigure - Updates for new IBM Power packages with RHEL +- sap_ha_pacemaker_cluster - Detection of and compatibility for additional Infrastructure Platforms +- sap_ha_pacemaker_cluster - SAP NetWeaver compatibility added +- sap_hana_install - Default Log Mode to normal and not Overwrite +- sap_hana_preconfigure - Updates for new IBM Power packages with RHEL +- sap_install_media_detect - Restructure and add execution controls +- sap_storage_setup - Overhaul/Rewrite with breaking changes +- sap_storage_setup - SAP NetWeaver and NFS compatibility added +- sap_swpm - Minor alterations from High Availability test scenarios v1.2.3 ====== @@ -290,11 +314,14 @@ v1.2.3 Release Summary --------------- -| Release Date: 2023-04-25 -| sap_hana_preconfigure: Some modifications for HANA on RHEL 9 -| sap_ha_pacemaker_cluster: Compatibility for custom stonith resource definitions containing more than one element -| sap_hana_preconfigure: Be more flexible with IBM service and productivity tools +Various enhancements + +Bugfixes +-------- +- sap_ha_pacemaker_cluster - Compatibility for custom stonith resource definitions containing more than one element +- sap_hana_preconfigure - Be more flexible with IBM service and productivity tools +- sap_hana_preconfigure - Some modifications for HANA on RHEL 9 v1.2.2 ====== @@ -302,9 +329,12 @@ v1.2.2 Release Summary --------------- -| Release Date: 2023-02-01 -| Fix for sap_hana_preconfigure on SLES when tuned is not installed +Fix for sap_hana_preconfigure +Bugfixes +-------- + +- Fix for sap_hana_preconfigure on SLES when tuned is not installed v1.2.1 ====== @@ -312,9 +342,12 @@ v1.2.1 Release Summary --------------- -| Release Date: 2023-01-26 -| A few minor fixes +A few minor fixes + +Bugfixes +-------- +- Various fixes v1.2.0 ====== @@ -322,16 +355,23 @@ v1.2.0 Release Summary --------------- -| Release Date: 2022-12-20 -| Consolidate sap_ha_install_pacemaker, sap_ha_prepare_pacemaker, and sap_ha_set_hana into new sap_ha_pacemaker_cluster role -| Use the ha_cluster Linux System Role and its enhanced features in the new role sap_ha_pacemaker_cluster -| Improve SID and instance checking in role sap_hana_install -| Enable modifying SELinux file labels for SAP directories -| Upgrade SAP SWPM handling for compatibility with more scenarios when generating inifile.params -| Add Ansible Role for basic Oracle DB installations for SAP -| Various minor enhancements -| Various fixes +Various minor changes +Minor Changes +------------- + +- Add Ansible Role for basic Oracle DB installations for SAP +- Consolidate sap_ha_install_pacemaker, sap_ha_prepare_pacemaker, and sap_ha_set_hana into new sap_ha_pacemaker_cluster role +- Enable modifying SELinux file labels for SAP directories +- Improve SID and instance checking in role sap_hana_install +- Upgrade SAP SWPM handling for compatibility with more scenarios when generating inifile.params +- Use the ha_cluster Linux System Role and its enhanced features in the new role sap_ha_pacemaker_cluster +- Various other minor enhancements + +Bugfixes +-------- + +- Various fixes v1.1.0 ====== @@ -339,9 +379,12 @@ v1.1.0 Release Summary --------------- -| Release Date: 2022-06-30 -| Add SAP HANA Two-Node Scale-Up Cluster Installation +New role for SAP HANA Two-Node Scale-Up Cluster Installation +Minor Changes +------------- + +- Add SAP HANA Two-Node Scale-Up Cluster Installation v1.0.3 ====== @@ -349,6 +392,4 @@ v1.0.3 Release Summary --------------- -| Release Date: 2022-05-13 -| Initial Release on Galaxy - +Initial Release on Galaxy diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 4671a3027..24dc1c27d 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -1,304 +1,270 @@ ancestor: null releases: 1.0.3: - changes: - release_summary: '| Release Date: 2022-05-13 - - | Initial Release on Galaxy - - ' - fragments: - - v1.0.3_summary.yaml release_date: '2022-05-13' - 1.1.0: changes: - release_summary: '| Release Date: 2022-06-30 - - | Add SAP HANA Two-Node Scale-Up Cluster Installation - - ' + release_summary: Initial Release on Galaxy + 1.1.0: release_date: '2022-06-30' - 1.2.0: changes: - release_summary: '| Release Date: 2022-12-20 - - | Consolidate sap_ha_install_pacemaker, sap_ha_prepare_pacemaker, and sap_ha_set_hana into new sap_ha_pacemaker_cluster role - | Use the ha_cluster Linux System Role and its enhanced features in the new role sap_ha_pacemaker_cluster - | Improve SID and instance checking in role sap_hana_install - | Enable modifying SELinux file labels for SAP directories - | Upgrade SAP SWPM handling for compatibility with more scenarios when generating inifile.params - | Add Ansible Role for basic Oracle DB installations for SAP - | Various minor enhancements - | Various fixes - - ' + release_summary: New role for SAP HANA Two-Node Scale-Up Cluster Installation + minor_changes: + - Add SAP HANA Two-Node Scale-Up Cluster Installation + 1.2.0: release_date: '2022-12-20' - 1.2.1: changes: - release_summary: '| Release Date: 2023-01-26 - - | A few minor fixes - - ' + release_summary: Various minor changes + minor_changes: + - Consolidate sap_ha_install_pacemaker, sap_ha_prepare_pacemaker, and sap_ha_set_hana into new sap_ha_pacemaker_cluster role + - Use the ha_cluster Linux System Role and its enhanced features in the new role sap_ha_pacemaker_cluster + - Improve SID and instance checking in role sap_hana_install + - Enable modifying SELinux file labels for SAP directories + - Upgrade SAP SWPM handling for compatibility with more scenarios when generating inifile.params + - Add Ansible Role for basic Oracle DB installations for SAP + - Various other minor enhancements + bugfixes: + - Various fixes + 1.2.1: release_date: '2023-01-26' - 1.2.2: changes: - release_summary: '| Release Date: 2023-02-01 - - | Fix for sap_hana_preconfigure on SLES when tuned is not installed - - ' + release_summary: A few minor fixes + bugfixes: + - Various fixes + 1.2.2: release_date: '2023-02-01' - 1.2.3: changes: - release_summary: '| Release Date: 2023-04-25 - - | sap_hana_preconfigure: Some modifications for HANA on RHEL 9 - | sap_ha_pacemaker_cluster: Compatibility for custom stonith resource definitions containing more than one element - | sap_hana_preconfigure: Be more flexible with IBM service and productivity tools - - ' + release_summary: Fix for sap_hana_preconfigure + bugfixes: + - Fix for sap_hana_preconfigure on SLES when tuned is not installed + 1.2.3: release_date: '2023-04-25' - 1.3.0: changes: - release_summary: '| Release Date: 2023-07-21 - - | sap_general_preconfigure: Updates for new IBM Power packages with RHEL - | sap_hana_preconfigure: Updates for new IBM Power packages with RHEL - | sap_hana_install: Default Log Mode to normal and not Overwrite - | sap_ha_pacemaker_cluster: Detection of and compatibility for additional Infrastructure Platforms - | sap_ha_pacemaker_cluster: SAP NetWeaver compatibility added - | sap_install_media_detect: Restructure and add execution controls - | sap_storage_setup: Overhaul/Rewrite with breaking changes - | sap_storage_setup: SAP NetWeaver and NFS compatibility added - | sap_swpm: Minor alterations from High Availability test scenarios - | collection: Sample Playbooks updated - - ' + release_summary: Various enhancements + bugfixes: + - sap_hana_preconfigure - Some modifications for HANA on RHEL 9 + - sap_ha_pacemaker_cluster - Compatibility for custom stonith resource definitions containing more than one element + - sap_hana_preconfigure - Be more flexible with IBM service and productivity tools + 1.3.0: release_date: '2023-07-21' - 1.3.1: changes: - release_summary: '| Release Date: 2023-08-14 - - | sap_ha_pacemaker_cluster: Improved AWS constructs based on feedback - | sap_ha_pacemaker_cluster: Improved no STONITH resource definition handling - | sap_hana_install: Bug fix for arg spec on deprecated vars - | sap_hostagent: Bug fix for media handling - | sap_install_media_detect: Improved handling based on feedback - | sap_storage_setup: Bug fix for existing storage devices - | sap_swpm: Make full log output optional and replace with sapcontrol log final status - | collection: Bug fix for sample Ansible Playbooks - - ' + release_summary: Various minor changes + minor_changes: + - sap_general_preconfigure - Updates for new IBM Power packages with RHEL + - sap_hana_preconfigure - Updates for new IBM Power packages with RHEL + - sap_hana_install - Default Log Mode to normal and not Overwrite + - sap_ha_pacemaker_cluster - Detection of and compatibility for additional Infrastructure Platforms + - sap_ha_pacemaker_cluster - SAP NetWeaver compatibility added + - sap_install_media_detect - Restructure and add execution controls + - sap_storage_setup - Overhaul/Rewrite with breaking changes + - sap_storage_setup - SAP NetWeaver and NFS compatibility added + - sap_swpm - Minor alterations from High Availability test scenarios + - collection - Sample Playbooks updated + 1.3.1: release_date: '2023-08-14' - 1.3.2: changes: - release_summary: '| Release Date: 2023-09-29 - - | sap_general_preconfigure: Update to latest SAP documentation for RHEL 9 package libxcrypt-compat - | sap_general_preconfigure: Bug fix for directory creation and SELinux Labels - | sap_ha_pacemaker_cluster: Bug fix for AWS EC2 Virtual Servers - | sap_ha_pacemaker_cluster: Bug fix for Google Cloud Compute Engine VM netmask lock on Virtual IP - | sap_ha_pacemaker_cluster: Feature add for improved SAP NetWeaver HA compatibility - | sap_ha_pacemaker_cluster: Feature add for ENSA1 compatibility - | sap_ha_pacemaker_cluster: Feature add for SAP HA Interface Cluster Connector after cluster init - | sap_ha_pacemaker_cluster: Feature add for IBM PowerVM hypervisor - | sap_ha_pacemaker_cluster: Feature add for multiple network interfaces with Virtual IP - | sap_hana_install: Bug fix for SELinux disable when SLES4SAP - | sap_install_media_detect: Feature add for NFS compatibility - | sap_install_media_detect: Feature add for idempotency - | sap_install_media_detect: Feature add for new file detection after code restructure - | sap_install_media_detect: Bug fix for setting SAP Maintenance Planner Stack XML path - | sap_storage_setup: Feature add for Multipathing detection - | sap_storage_setup: Bug fix for NFS throttle from customer test on MS Azure - | sap_storage_setup: Bug fix for packages on SLES and Google Cloud - | sap_swpm: Bug fix for RDBMS var name - | sap_swpm: Bug fix for SAP HANA Client hdbuserstore connection - | sap_swpm: Bug fix for SAP Maintenance Planner Stack XML path - - ' + release_summary: Various enhancements and bug fixes + bugfixes: + - sap_ha_pacemaker_cluster - Improved AWS constructs based on feedback + - sap_ha_pacemaker_cluster - Improved no STONITH resource definition handling + - sap_hana_install - Bug fix for arg spec on deprecated vars + - sap_hostagent - Bug fix for media handling + - sap_install_media_detect - Improved handling based on feedback + - sap_storage_setup - Bug fix for existing storage devices + - sap_swpm - Make full log output optional and replace with sapcontrol log final status + - collection - Bug fix for sample Ansible Playbooks + 1.3.2: release_date: '2023-09-29' - 1.3.3: changes: - release_summary: '| Release Date: 2023-12-22 - - | collection: Make the preconfigure and sap_hana_install roles compatible with CVE-2023-5764 - - ' + release_summary: Various enhancements and bug fixes + bugfixes: + - sap_general_preconfigure - Update to latest SAP documentation for RHEL 9 package libxcrypt-compat + - sap_general_preconfigure - Bug fix for directory creation and SELinux Labels + - sap_ha_pacemaker_cluster - Bug fix for AWS EC2 Virtual Servers + - sap_ha_pacemaker_cluster - Bug fix for Google Cloud Compute Engine VM netmask lock on Virtual IP + - sap_ha_pacemaker_cluster - Feature add for improved SAP NetWeaver HA compatibility + - sap_ha_pacemaker_cluster - Feature add for ENSA1 compatibility + - sap_ha_pacemaker_cluster - Feature add for SAP HA Interface Cluster Connector after cluster init + - sap_ha_pacemaker_cluster - Feature add for IBM PowerVM hypervisor + - sap_ha_pacemaker_cluster - Feature add for multiple network interfaces with Virtual IP + - sap_hana_install - Bug fix for SELinux disable when SLES4SAP + - sap_install_media_detect - Feature add for NFS compatibility + - sap_install_media_detect - Feature add for idempotency + - sap_install_media_detect - Feature add for new file detection after code restructure + - sap_install_media_detect - Bug fix for setting SAP Maintenance Planner Stack XML path + - sap_storage_setup - Feature add for Multipathing detection + - sap_storage_setup - Bug fix for NFS throttle from customer test on MS Azure + - sap_storage_setup - Bug fix for packages on SLES and Google Cloud + - sap_swpm - Bug fix for RDBMS var name + - sap_swpm - Bug fix for SAP HANA Client hdbuserstore connection + - sap_swpm - Bug fix for SAP Maintenance Planner Stack XML path + 1.3.3: release_date: '2023-12-22' - 1.3.4: changes: - release_summary: '| Release Date: 2024-01-15 - - | collection: Feature add for CodeSpell in git repository - | collection: Bug fix for ansible-lint of each Ansible Role within Ansible Collection - | collection: Bug Fix for Ansible Core minimum version update to 2.12.0 for import compliance with Ansible Galaxy - | collection: Bug Fix for Ansible CVE-2023-5764 - | sap_general_preconfigure: Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility - | sap_hana_preconfigure: Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune - | sap_hana_preconfigure: Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility - | sap_hana_preconfigure: Feature add to reduce restrictions on new OS versions which are not yet supported by SAP - | sap_netweaver_preconfigure: Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune - | sap_ha_pacemaker_cluster: Feature add for Virtual IP and Constraints logic with Cloud Hyperscaler vendors - | sap_hypervisor_node_preconfigure: Feature add for preconfiguration of KubeVirt (OpenShift Virtualization) hypervisor nodes - | sap_hypervisor_node_preconfigure: Bug fix for preconfiguration code structure of KVM (Red Hat Enterprise Virtualization) hypervisor nodes - | sap_install_media_detect: Bug Fix for existing files - | sap_maintain_etc_hosts: Feature add for maintaining the /etc/hosts file of an SAP software host - | sap_swpm: Bug fix for runtime missing dependency python3-pip and advanced execution mode skipped tasks during certain installations - | sap_swpm: Feature add for basic System Copy executions in default mode - - ' + release_summary: Various enhancements and bug fixes + bugfixes: + - collection - Make the preconfigure and sap_hana_install roles compatible with CVE-2023-5764 + 1.3.4: release_date: '2024-01-15' - 1.3.5: changes: - release_summary: '| Release Date: 2024-01-31 - - | sap_hypervisor_node_preconfigure: Bug fix for role name and path for included tasks - ' + release_summary: Various enhancements and bug fixes + bugfixes: + - collection - Feature add for CodeSpell in git repository + - collection - Bug fix for ansible-lint of each Ansible Role within Ansible Collection + - collection - Bug Fix for Ansible Core minimum version update to 2.12.0 for import compliance with Ansible Galaxy + - collection - Bug Fix for Ansible CVE-2023-5764 + - sap_general_preconfigure - Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility + - sap_hana_preconfigure - Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune + - sap_hana_preconfigure - Feature add for additional RHEL for SAP 8.8 and 9.2 release compatibility + - sap_hana_preconfigure - Feature add to reduce restrictions on new OS versions which are not yet supported by SAP + - sap_netweaver_preconfigure - Feature add for compatibility with SLES using sapconf and SLES for SAP using saptune + - sap_ha_pacemaker_cluster - Feature add for Virtual IP and Constraints logic with Cloud Hyperscaler vendors + - sap_hypervisor_node_preconfigure - Feature add for preconfiguration of KubeVirt (OpenShift Virtualization) hypervisor nodes + - sap_hypervisor_node_preconfigure - Bug fix for preconfiguration code structure of KVM (Red Hat Enterprise Virtualization) hypervisor nodes + - sap_install_media_detect - Bug Fix for existing files + - sap_maintain_etc_hosts - Feature add for maintaining the /etc/hosts file of an SAP software host + - sap_swpm - Bug fix for runtime missing dependency python3-pip and advanced execution mode skipped tasks during certain installations + - sap_swpm - Feature add for basic System Copy executions in default mode + 1.3.5: release_date: '2024-01-31' - 1.4.0: changes: - release_summary: '| Release Date: 2024-02-02 - - | collection: Move sap_hypervisor_node_preconfigure Role to sap_infrastructure Collection - | collection: Move sap_vm_preconfigure Role to sap_infrastructure Collection - | sap_anydb_install_oracle: Feature add for Oracle DB install with patch - ' + release_summary: Various enhancements and bug fixes + bugfixes: + - sap_hypervisor_node_preconfigure - Bug fix for role name and path for included tasks + 1.4.0: release_date: '2024-02-02' - 1.4.1: changes: - release_summary: '| Release Date: 2024-06-20 - - | feat: sap_hana_install: add compatibility for fapolicyd - | feat: sap_swpm: append generate options for s4hana java - | feat: sap_ha_pacemaker_cluster: upgrade to ha_cluster Ansible Role with SLES compatibility - | feat: sap_ha_pacemaker_cluster: compatibility enhancement for SLES - | feat: sap_ha_pacemaker_cluster: improved handling of custom SAP HANA srHooks - | feat: sap_ha_pacemaker_cluster: handling for future merged Resource Agent package (SAPHanaSR-angi) - | feat: sap_ha_pacemaker_cluster: graceful SAP HANA start after PCMK Cluster start - | feat: sap_ha_pacemaker_cluster: ASCS ERS Simple Mount - | collection: add sample AAS installation var file - | collection: fix ansible-test sanity errors - | collection: for package_facts Ansible Module add python3-rpm requirement for SLES - | collection: use -i instead of -l test scripts - | sap_*_preconfigure: disable and stop sapconf when saptune run - | sap_general_preconfigure: fix /etc/hosts check in assert mode - | sap_general_preconfigure: revert to awk for asserting /etc/hosts - | sap_general_preconfigure: use tags for limiting the role scope - | sap_general_preconfigure: use the package module in most cases - | sap_general_preconfigure: use the role sap_maintain_etc_hosts - RHEL systems - | sap_hana_preconfigure: move handlers to the correct location - | sap_hana_preconfigure: catch SELinux disabled - | sap_hana_preconfigure: update kernel parameters for SLES - | sap_netweaver_preconfigure: sync with SAP note 3119751 v.13 for RHEL - | sap_anydb_install_oracle: fix temp directory removal - | sap_ha_pacemaker_cluster: use expect Ansible Module and add python3-pip requirement - | sap_ha_pacemaker_cluster: add retry for Azure Files (NFS) to avoid locks - | sap_ha_pacemaker_cluster: variable changes for different os and platforms - | sap_ha_pacemaker_cluster: fix pcs resource restart - | sap_hana_install: update documentation for parameter sap_hana_install_force - | sap_install_media_detect: detection of SAP Kernel Part I only - | sap_install_media_detect: duplicate SAR file handling for SAP Kernel, IGS, WebDisp - | sap_install_media_detect: directory handling fix for SAP SWPM - | sap_maintain_etc_hosts: fix wrong assert messages - | sap_maintain_etc_hosts: remove use ansible.utils.ip - | sap_storage_setup: fix for TB disks - | sap_swpm: directory handling fix for SAP SWPM - | sap_swpm: align execution and monitoring timeouts to 24hrs (86400s) - | sap_swpm: optionally skip setting file permissions - ' + release_summary: Various minor changes + minor_changes: + - collection - Move sap_hypervisor_node_preconfigure Role to sap_infrastructure Collection + - collection - Move sap_vm_preconfigure Role to sap_infrastructure Collection + - sap_anydb_install_oracle - Feature add for Oracle DB install with patch + 1.4.1: release_date: '2024-06-20' - 1.5.0: changes: - release_summary: '| Release Date: 2024-11-29 - major_changes: - - feat: collection: Readme overhaul for all roles in collection (https://github.com/sap-linuxlab/community.sap_install/pull/873) - - feat: sap_ha_pacemaker_cluster: JAVA HA scenarios and complete refactor of role (https://github.com/sap-linuxlab/community.sap_install/pull/882) - - feat: sap_ha_pacemaker_cluster: Stonith SBD enablement (https://github.com/sap-linuxlab/community.sap_install/pull/829) - - feat: sap_swpm: New improved and simplified version (https://github.com/sap-linuxlab/community.sap_install/pull/840) - minor_changes: - - feat: collection: Add playbook for direct execution (https://github.com/sap-linuxlab/community.sap_install/pull/842) - - feat: sap_ha_pacemaker_cluster: New azure fence agent package for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/837) - - feat: sap_ha_pacemaker_cluster: Enhance corosync totem handling with new dictionaries (https://github.com/sap-linuxlab/community.sap_install/pull/834) - - feat: sap_ha_pacemaker_cluster: GCP VIP reworked, Health check names updated (https://github.com/sap-linuxlab/community.sap_install/pull/863) - - feat: sap_swpm: Option to enable SWPM observer mode (https://github.com/sap-linuxlab/community.sap_install/pull/749) - - feat: sap_storage_setup: Add support for HANA Scaleout NFS filesystems (https://github.com/sap-linuxlab/community.sap_install/pull/800) - - feat: sap_storage_setup: Add exact size disk check on top of approximate check (https://github.com/sap-linuxlab/community.sap_install/pull/839) - - feat: sap_hana_install: Implement an SAP HANA installation check only feature (https://github.com/sap-linuxlab/community.sap_install/pull/849) - - collection: Add collection dependency for community.general (https://github.com/sap-linuxlab/community.sap_install/pull/808) - - collection: Modify for yamllint requirements (https://github.com/sap-linuxlab/community.sap_install/pull/811) - - sap_ha_pacemaker_cluster: Add override to use Classic SAPHanaSR agents (https://github.com/sap-linuxlab/community.sap_install/pull/806) - - sap_ha_pacemaker_cluster: Packages on AWS for RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/857) - - sap_ha_pacemaker_cluster: GCP haproxy handling and new platform VIP dictionary (https://github.com/sap-linuxlab/community.sap_install/pull/862) - - sap_ha_pacemaker_cluster: vip resources must be first in ASCS/ERS resource groups (https://github.com/sap-linuxlab/community.sap_install/pull/872) - - sap_swpm: Remove the pids module (https://github.com/sap-linuxlab/community.sap_install/pull/786) - - sap_swpm: sap_swpm_db_schema_password must be set explicitly for AAS (https://github.com/sap-linuxlab/community.sap_install/pull/760) - - sap_swpm: hdbuserstore default connection should use sap_swpm_db_schema_abap_password (https://github.com/sap-linuxlab/community.sap_install/pull/748) - - sap_swpm: Add default value for sap_swpm_java_scs_instance_hostname (https://github.com/sap-linuxlab/community.sap_install/pull/801) - - sap_swpm: Reduce the amount of empty lines in inifile.params (https://github.com/sap-linuxlab/community.sap_install/pull/822) - - sap_storage_setup: Defaults and documentation (https://github.com/sap-linuxlab/community.sap_install/pull/825) - - sap_general_preconfigure: Use the package module in most cases (https://github.com/sap-linuxlab/community.sap_install/pull/758) - - sap_general_preconfigure: Use FQCN for import_role (https://github.com/sap-linuxlab/community.sap_install/pull/827) - - sap_hana_preconfigure: Add RHEL 8.10 and 9.4 requirements (https://github.com/sap-linuxlab/community.sap_install/pull/869) - - sap_hana_preconfigure: Zypper lock handler for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/796) - - sap_hana_preconfigure: Enable TSX also for RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/797) - - sap_hana_preconfigure: Sync with SAP note 3024346 v.10 for RHEL/NetApp (https://github.com/sap-linuxlab/community.sap_install/pull/816) - - sap_hana_preconfigure: Refactor remove default saptune version (https://github.com/sap-linuxlab/community.sap_install/pull/818) - - sap_hana_preconfigure: Update azure override readme (https://github.com/sap-linuxlab/community.sap_install/pull/820) - - sap_hana_preconfigure: Set THP to madvise from RHEL 9.2 onwards (https://github.com/sap-linuxlab/community.sap_install/pull/880) - - sap_hana_preconfigure: Allow setting THP to any possible value (https://github.com/sap-linuxlab/community.sap_install/pull/886) - - sap_hana_preconfigure: No longer set net.core.somaxconn in RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/887) - - sap_hana_preconfigure: Add compat-sap-c++-13 (https://github.com/sap-linuxlab/community.sap_install/pull/895) - - sap_netweaver_preconfigure: Rename package libcpupower1 for SLES4SAP 15 SP6 (https://github.com/sap-linuxlab/community.sap_install/pull/876) - - sap_netweaver_preconfigure: Sync with applicable SAP notes for Adobe DS (https://github.com/sap-linuxlab/community.sap_install/pull/888) - - sap_hana_install: Use polling for hdblcm (https://github.com/sap-linuxlab/community.sap_install/pull/805) - - sap_hana_install: Set the install execution mode to "optimized" (https://github.com/sap-linuxlab/community.sap_install/pull/896) - - sap_install_media_detect: AWS IGW slow impacts gpg key (https://github.com/sap-linuxlab/community.sap_install/pull/772) - - sap_install_media_detect: Search known subdirs on re-run (https://github.com/sap-linuxlab/community.sap_install/pull/773) - - sap_install_media_detect: Append loop labels (https://github.com/sap-linuxlab/community.sap_install/pull/781) - - sap_install_media_detect: Allow disabling RAR handling (https://github.com/sap-linuxlab/community.sap_install/pull/856) - - sap_ha_install_anydb_ibmdb2: Append ibmcloud_vs (https://github.com/sap-linuxlab/community.sap_install/pull/815) - bugfixes: - - sap_ha_pacemaker_cluster: Add python3-pip and NFS fix for Azure (https://github.com/sap-linuxlab/community.sap_install/pull/754) - - sap_ha_pacemaker_cluster: Fix pcs resource restart (https://github.com/sap-linuxlab/community.sap_install/pull/769) - - sap_ha_pacemaker_cluster: Fix haproxy and minor lint issues (https://github.com/sap-linuxlab/community.sap_install/pull/898) - - sap_ha_pacemaker_cluster: Fix UUID discovery for IBM Cloud VS (https://github.com/sap-linuxlab/community.sap_install/pull/903) - - sap_swpm: Add error notes to dev doc (https://github.com/sap-linuxlab/community.sap_install/pull/795) - - sap_swpm: Fix error when observer user defined, but empty and observer mode is on (https://github.com/sap-linuxlab/community.sap_install/pull/850) - - sap_swpm: Fix issues with localhost delegation on certain control nodes (https://github.com/sap-linuxlab/community.sap_install/pull/891) - - sap_*_preconfigure: Fixes for testing with molecule (https://github.com/sap-linuxlab/community.sap_install/pull/807) - - sap_*_preconfigure: Edge case handling for SUSE packages - - sap_general_preconfigure: Reboot fix in handler (https://github.com/sap-linuxlab/community.sap_install/pull/892) - - sap_ha_install_hana_hsr: Fixes to work for multiple secondaries (https://github.com/sap-linuxlab/community.sap_install/pull/866) - - sap_ha_install_anydb_ibmdb2: Linting and sles bug fixes (https://github.com/sap-linuxlab/community.sap_install/pull/803) - ' + release_summary: Various enhancements and bug fixes + minor_changes: + - feat - sap_hana_install - add compatibility for fapolicyd + - feat - sap_swpm - append generate options for s4hana java + - feat - sap_ha_pacemaker_cluster - upgrade to ha_cluster Ansible Role with SLES compatibility + - feat - sap_ha_pacemaker_cluster - compatibility enhancement for SLES + - feat - sap_ha_pacemaker_cluster - improved handling of custom SAP HANA srHooks + - feat - sap_ha_pacemaker_cluster - handling for future merged Resource Agent package (SAPHanaSR-angi) + - feat - sap_ha_pacemaker_cluster - graceful SAP HANA start after PCMK Cluster start + - feat - sap_ha_pacemaker_cluster - ASCS ERS Simple Mount + - collection - add sample AAS installation var file + - collection - fix ansible-test sanity errors + - collection - for package_facts Ansible Module add python3-rpm requirement for SLES + - collection - use -i instead of -l test scripts + - sap_*_preconfigure - disable and stop sapconf when saptune run + - sap_general_preconfigure - fix /etc/hosts check in assert mode + - sap_general_preconfigure - revert to awk for asserting /etc/hosts + - sap_general_preconfigure - use tags for limiting the role scope + - sap_general_preconfigure - use the package module in most cases + - sap_general_preconfigure - use the role sap_maintain_etc_hosts - RHEL systems + - sap_hana_preconfigure - move handlers to the correct location + - sap_hana_preconfigure - catch SELinux disabled + - sap_hana_preconfigure - update kernel parameters for SLES + - sap_netweaver_preconfigure - sync with SAP note 3119751 v.13 for RHEL + - sap_anydb_install_oracle - fix temp directory removal + - sap_ha_pacemaker_cluster - use expect Ansible Module and add python3-pip requirement + - sap_ha_pacemaker_cluster - add retry for Azure Files (NFS) to avoid locks + - sap_ha_pacemaker_cluster - variable changes for different os and platforms + - sap_ha_pacemaker_cluster - fix pcs resource restart + - sap_hana_install - update documentation for parameter sap_hana_install_force + - sap_install_media_detect - detection of SAP Kernel Part I only + - sap_install_media_detect - duplicate SAR file handling for SAP Kernel, IGS, WebDisp + - sap_install_media_detect - directory handling fix for SAP SWPM + - sap_maintain_etc_hosts - fix wrong assert messages + - sap_maintain_etc_hosts - remove use ansible.utils.ip + - sap_storage_setup - fix for TB disks + - sap_swpm - directory handling fix for SAP SWPM + - sap_swpm - align execution and monitoring timeouts to 24hrs (86400s) + - sap_swpm - optionally skip setting file permissions + 1.5.0: release_date: '2024-11-29' - 1.5.1: changes: - release_summary: '| Release Date: 2025-01-15 - minor_changes: - - sap_ha_pacemaker_cluster: enable Simple Mount on RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/931) - - sap_ha_pacemaker_cluster/SUSE: Rework SAPHanaSR-angi pre-steps and add SLES 16 vars (https://github.com/sap-linuxlab/community.sap_install/pull/928) - - sap_swpm, sap_general_preconfigure: Add variables for sap_install FQCN collection name for calling roles (https://github.com/sap-linuxlab/community.sap_install/pull/925) - - sap_general_preconfigure: Implement SAP note 2369910 (https://github.com/sap-linuxlab/community.sap_install/pull/914) - - sap_ha_pacemaker_cluster: ANGI on RHEL and small improvements (https://github.com/sap-linuxlab/community.sap_install/pull/911) - - sap_*_preconfigure, sap_ha_pacemaker_cluster: Reworked loading vars (https://github.com/sap-linuxlab/community.sap_install/pull/910) - bugfixes: - - sap_swpm: Use master password only when necessary (https://github.com/sap-linuxlab/community.sap_install/pull/920) - - sap_swpm: Fix error when using tag sap_swpm_generate_inifile (https://github.com/sap-linuxlab/community.sap_install/pull/918) - - sap_swpm: Fix error when installing SAP NW750 JAVA or SOLMAN72SR2 JAVA instances (https://github.com/sap-linuxlab/community.sap_install/pull/916) - - sap_install_media_detect: Fix wrong sap_export_solman_java detection (https://github.com/sap-linuxlab/community.sap_install/pull/913) - ' + release_summary: Various minor changes + minor_changes: + - feat - collection - Readme overhaul for all roles in collection (https://github.com/sap-linuxlab/community.sap_install/pull/873) + - feat - sap_ha_pacemaker_cluster - JAVA HA scenarios and complete refactor of role (https://github.com/sap-linuxlab/community.sap_install/pull/882) + - feat - sap_ha_pacemaker_cluster - Stonith SBD enablement (https://github.com/sap-linuxlab/community.sap_install/pull/829) + - feat - sap_swpm - New improved and simplified version (https://github.com/sap-linuxlab/community.sap_install/pull/840) + - feat - collection - Add playbook for direct execution (https://github.com/sap-linuxlab/community.sap_install/pull/842) + - feat - sap_ha_pacemaker_cluster - New azure fence agent package for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/837) + - feat - sap_ha_pacemaker_cluster - Enhance corosync totem handling with new dictionaries (https://github.com/sap-linuxlab/community.sap_install/pull/834) + - feat - sap_ha_pacemaker_cluster - GCP VIP reworked, Health check names updated (https://github.com/sap-linuxlab/community.sap_install/pull/863) + - feat - sap_swpm - Option to enable SWPM observer mode (https://github.com/sap-linuxlab/community.sap_install/pull/749) + - feat - sap_storage_setup - Add support for HANA Scaleout NFS filesystems (https://github.com/sap-linuxlab/community.sap_install/pull/800) + - feat - sap_storage_setup - Add exact size disk check on top of approximate check (https://github.com/sap-linuxlab/community.sap_install/pull/839) + - feat - sap_hana_install - Implement an SAP HANA installation check only feature (https://github.com/sap-linuxlab/community.sap_install/pull/849) + - collection - Add collection dependency for community.general (https://github.com/sap-linuxlab/community.sap_install/pull/808) + - collection - Modify for yamllint requirements (https://github.com/sap-linuxlab/community.sap_install/pull/811) + - sap_ha_pacemaker_cluster - Add override to use Classic SAPHanaSR agents (https://github.com/sap-linuxlab/community.sap_install/pull/806) + - sap_ha_pacemaker_cluster - Packages on AWS for RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/857) + - sap_ha_pacemaker_cluster - GCP haproxy handling and new platform VIP dictionary (https://github.com/sap-linuxlab/community.sap_install/pull/862) + - sap_ha_pacemaker_cluster - vip resources must be first in ASCS/ERS resource groups (https://github.com/sap-linuxlab/community.sap_install/pull/872) + - sap_swpm - Remove the pids module (https://github.com/sap-linuxlab/community.sap_install/pull/786) + - sap_swpm - sap_swpm_db_schema_password must be set explicitly for AAS (https://github.com/sap-linuxlab/community.sap_install/pull/760) + - sap_swpm - hdbuserstore default connection should use sap_swpm_db_schema_abap_password (https://github.com/sap-linuxlab/community.sap_install/pull/748) + - sap_swpm - Add default value for sap_swpm_java_scs_instance_hostname (https://github.com/sap-linuxlab/community.sap_install/pull/801) + - sap_swpm - Reduce the amount of empty lines in inifile.params (https://github.com/sap-linuxlab/community.sap_install/pull/822) + - sap_storage_setup - Defaults and documentation (https://github.com/sap-linuxlab/community.sap_install/pull/825) + - sap_general_preconfigure - Use the package module in most cases (https://github.com/sap-linuxlab/community.sap_install/pull/758) + - sap_general_preconfigure - Use FQCN for import_role (https://github.com/sap-linuxlab/community.sap_install/pull/827) + - sap_hana_preconfigure - Add RHEL 8.10 and 9.4 requirements (https://github.com/sap-linuxlab/community.sap_install/pull/869) + - sap_hana_preconfigure - Zypper lock handler for SUSE (https://github.com/sap-linuxlab/community.sap_install/pull/796) + - sap_hana_preconfigure - Enable TSX also for RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/797) + - sap_hana_preconfigure - Sync with SAP note 3024346 v.10 for RHEL/NetApp (https://github.com/sap-linuxlab/community.sap_install/pull/816) + - sap_hana_preconfigure - Refactor remove default saptune version (https://github.com/sap-linuxlab/community.sap_install/pull/818) + - sap_hana_preconfigure - Update azure override readme (https://github.com/sap-linuxlab/community.sap_install/pull/820) + - sap_hana_preconfigure - Set THP to madvise from RHEL 9.2 onwards (https://github.com/sap-linuxlab/community.sap_install/pull/880) + - sap_hana_preconfigure - Allow setting THP to any possible value (https://github.com/sap-linuxlab/community.sap_install/pull/886) + - sap_hana_preconfigure - No longer set net.core.somaxconn in RHEL 9 (https://github.com/sap-linuxlab/community.sap_install/pull/887) + - sap_hana_preconfigure - Add compat-sap-c++-13 (https://github.com/sap-linuxlab/community.sap_install/pull/895) + - sap_netweaver_preconfigure - Rename package libcpupower1 for SLES4SAP 15 SP6 (https://github.com/sap-linuxlab/community.sap_install/pull/876) + - sap_netweaver_preconfigure - Sync with applicable SAP notes for Adobe DS (https://github.com/sap-linuxlab/community.sap_install/pull/888) + - sap_hana_install - Use polling for hdblcm (https://github.com/sap-linuxlab/community.sap_install/pull/805) + - sap_hana_install - Set the install execution mode to "optimized" (https://github.com/sap-linuxlab/community.sap_install/pull/896) + - sap_install_media_detect - AWS IGW slow impacts gpg key (https://github.com/sap-linuxlab/community.sap_install/pull/772) + - sap_install_media_detect - Search known subdirs on re-run (https://github.com/sap-linuxlab/community.sap_install/pull/773) + - sap_install_media_detect - Append loop labels (https://github.com/sap-linuxlab/community.sap_install/pull/781) + - sap_install_media_detect - Allow disabling RAR handling (https://github.com/sap-linuxlab/community.sap_install/pull/856) + - sap_ha_install_anydb_ibmdb2 - Append ibmcloud_vs (https://github.com/sap-linuxlab/community.sap_install/pull/815) + bugfixes: + - sap_ha_pacemaker_cluster - Add python3-pip and NFS fix for Azure (https://github.com/sap-linuxlab/community.sap_install/pull/754) + - sap_ha_pacemaker_cluster - Fix pcs resource restart (https://github.com/sap-linuxlab/community.sap_install/pull/769) + - sap_ha_pacemaker_cluster - Fix haproxy and minor lint issues (https://github.com/sap-linuxlab/community.sap_install/pull/898) + - sap_ha_pacemaker_cluster - Fix UUID discovery for IBM Cloud VS (https://github.com/sap-linuxlab/community.sap_install/pull/903) + - sap_swpm - Add error notes to dev doc (https://github.com/sap-linuxlab/community.sap_install/pull/795) + - sap_swpm - Fix error when observer user defined, but empty and observer mode is on (https://github.com/sap-linuxlab/community.sap_install/pull/850) + - sap_swpm - Fix issues with localhost delegation on certain control nodes (https://github.com/sap-linuxlab/community.sap_install/pull/891) + - sap_*_preconfigure - Fixes for testing with molecule (https://github.com/sap-linuxlab/community.sap_install/pull/807) + - sap_*_preconfigure - Edge case handling for SUSE packages + - sap_general_preconfigure - Reboot fix in handler (https://github.com/sap-linuxlab/community.sap_install/pull/892) + - sap_ha_install_hana_hsr - Fixes to work for multiple secondaries (https://github.com/sap-linuxlab/community.sap_install/pull/866) + - sap_ha_install_anydb_ibmdb2 - Linting and sles bug fixes (https://github.com/sap-linuxlab/community.sap_install/pull/803) + 1.5.1: release_date: '2025-01-15' - 1.5.2: changes: - release_summary: '| Release Date: 2025-01-24 - changes: - - sap_*_preconfigure: Add code for RHEL 10 support (https://github.com/sap-linuxlab/community.sap_install/pull/938) - - sap_*_preconfigure/Suse: Rework of preconfigure roles for Suse, add missing notes. (https://github.com/sap-linuxlab/community.sap_install/pull/930) - bugfixes: - - sap_netweaver_preconfigure: fix argument_specs validation error (https://github.com/sap-linuxlab/community.sap_install/pull/940) - - sap_general_preconfigure: No longer install locale packages in RHEL 7 (https://github.com/sap-linuxlab/community.sap_install/pull/937) - - sap_general_preconfigure: Fix check mode (https://github.com/sap-linuxlab/community.sap_install/pull/935) - ' + release_summary: Various enhancements and bug fixes + bugfixes: + - sap_ha_pacemaker_cluster - enable Simple Mount on RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/931) + - sap_ha_pacemaker_cluster/SUSE - Rework SAPHanaSR-angi pre-steps and add SLES 16 vars (https://github.com/sap-linuxlab/community.sap_install/pull/928) + - sap_swpm, sap_general_preconfigure - Add variables for sap_install FQCN collection name for calling roles (https://github.com/sap-linuxlab/community.sap_install/pull/925) + - sap_general_preconfigure - Implement SAP note 2369910 (https://github.com/sap-linuxlab/community.sap_install/pull/914) + - sap_ha_pacemaker_cluster - ANGI on RHEL and small improvements (https://github.com/sap-linuxlab/community.sap_install/pull/911) + - sap_*_preconfigure, sap_ha_pacemaker_cluster - Reworked loading vars (https://github.com/sap-linuxlab/community.sap_install/pull/910) + - sap_swpm - Use master password only when necessary (https://github.com/sap-linuxlab/community.sap_install/pull/920) + - sap_swpm - Fix error when using tag sap_swpm_generate_inifile (https://github.com/sap-linuxlab/community.sap_install/pull/918) + - sap_swpm - Fix error when installing SAP NW750 JAVA or SOLMAN72SR2 JAVA instances (https://github.com/sap-linuxlab/community.sap_install/pull/916) + - sap_install_media_detect - Fix wrong sap_export_solman_java detection (https://github.com/sap-linuxlab/community.sap_install/pull/913) + 1.5.2: release_date: '2025-01-24' + changes: + release_summary: Various enhancements and bug fixes + bugfixes: + - sap_*_preconfigure - Add code for RHEL 10 support (https://github.com/sap-linuxlab/community.sap_install/pull/938) + - sap_*_preconfigure/Suse - Rework of preconfigure roles for Suse, add missing notes. (https://github.com/sap-linuxlab/community.sap_install/pull/930) + - sap_netweaver_preconfigure - fix argument_specs validation error (https://github.com/sap-linuxlab/community.sap_install/pull/940) + - sap_general_preconfigure - No longer install locale packages in RHEL 7 (https://github.com/sap-linuxlab/community.sap_install/pull/937) + - sap_general_preconfigure - Fix check mode (https://github.com/sap-linuxlab/community.sap_install/pull/935) From 71876df42dc7fdceedf8bfd6181228ecfbbd32ac Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Tue, 18 Feb 2025 13:42:20 +0100 Subject: [PATCH 39/66] sap_ha_pacemaker_cluster: fix NW systemd workflow - Instance systemd registration is now only run when the systemd service does not exist yet. This prevents unnecessary re-registration. - Some tasks were moved from post-installation to pre-installation, to safely run them before the cluster is installed. This prevents some conflicts that occur after the cluster already has control over the instances. --- ...figure_nwas_abap_ascs_ers_post_install.yml | 137 +------------ ...nfigure_nwas_java_scs_ers_post_install.yml | 137 +------------ roles/sap_ha_pacemaker_cluster/tasks/main.yml | 14 ++ .../tasks/pre_steps_nwas_cs_ers.yml | 192 ++++++++++++++++++ 4 files changed, 208 insertions(+), 272 deletions(-) create mode 100644 roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index 972c3c238..0302fe3bd 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -1,141 +1,6 @@ # SPDX-License-Identifier: Apache-2.0 --- -# After NetWeaver ASCS/ERS instances were configured in the cluster, -# they must be disabled from automatically (re)starting outside of -# cluster control. - -- name: "SAP HA Pacemaker - (ASCS profile) Prevent automatic restart of enqueue server" - ansible.builtin.replace: - path: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }}" - backup: true - regexp: 'Restart_Program_01' - replace: 'Start_Program_01' - # Throttle and retry loop was added to combat NFS write lockups on Azure NFS - throttle: 1 - retries: 30 - delay: 10 - -- name: "SAP HA Pacemaker - (ERS profile) Prevent automatic restart" - ansible.builtin.replace: - path: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" - backup: true - regexp: 'Restart_Program_00' - replace: 'Start_Program_00' - # Throttle and retry loop was added to combat NFS write lockups on Azure NFS - throttle: 1 - retries: 30 - delay: 10 - -- name: "SAP HA Pacemaker - (systemd) Check for ASCS/ERS services" - ansible.builtin.stat: - path: "/etc/systemd/system/SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" - loop: - - "{{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }}" - - "{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" - loop_control: - loop_var: systemd_item - label: "SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" - register: __sap_ha_pacemaker_cluster_register_instance_service - -- name: "SAP HA Pacemaker - (systemd) Save found ASCS/ERS services" - ansible.builtin.set_fact: - sap_ha_pacemaker_cluster_instance_service_node_fact: "{{ - __sap_ha_pacemaker_cluster_register_instance_service.results - | selectattr('stat.exists') - | map(attribute='stat.path') - | regex_replace('/etc/systemd/system/', '') - }}" - -- name: "SAP HA Pacemaker - (systemd) Combine instance services from all nodes" - ansible.builtin.set_fact: - sap_ha_pacemaker_cluster_instance_service_all_fact: "{{ - (sap_ha_pacemaker_cluster_instance_service_all_fact | d([]) - + hostvars[task_host_item].sap_ha_pacemaker_cluster_instance_service_node_fact) - | unique - }}" - loop: "{{ ansible_play_hosts }}" - loop_control: - loop_var: task_host_item - - -# BLOCK: -# 1. When the systemd based SAP startup framework is used, make sure that the -# instance services do not auto-start. -# 2. Make sure that the SAP instance service units are registered and present on all hosts. -- name: "SAP HA Pacemaker - Block to handle SAP service systemd configuration" - when: - # At least one systemd service should be found per node, to consider the setup - # "systemd enabled" and proceed with the related configuration. - - sap_ha_pacemaker_cluster_instance_service_node_fact is defined - - sap_ha_pacemaker_cluster_instance_service_node_fact | length > 0 - block: - - # After the installation, the systemd units are only configured on the node - # they were first installed on. - # The registration ensures that - # - systemd units for both instances are configured - # - the 'sapstartsrv' file contains both start commands - - name: "SAP HA Pacemaker - (systemd) Register ASCS/ERS instances on all nodes" - ansible.builtin.shell: | - export LD_LIBRARY_PATH=/usr/sap/hostctrl/exe:$LD_LIBRARY_PATH - /usr/sap/hostctrl/exe/sapstartsrv pf={{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }} -reg - /usr/sap/hostctrl/exe/sapstartsrv pf={{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }} -reg - register: __sap_ha_pacemaker_cluster_register_instance_reg - changed_when: true - - - name: "SAP HA Pacemaker - (systemd) Disable ASCS/ERS instance service" - ansible.builtin.service: - name: "{{ instance_srv_item }}" - enabled: false - loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" - loop_control: - loop_var: instance_srv_item - - # Creates a config file for the services. - # Parent directories will be created when missing. - - name: "SAP HA Pacemaker - (systemd) Create ASCS/ERS instance unit config file" - ansible.builtin.lineinfile: - create: true - path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" - line: "[Service]" - owner: root - group: root - mode: '0644' - loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" - loop_control: - loop_var: dropfile_item - - - name: "SAP HA Pacemaker - (systemd) Disable ASCS/ERS instance unit auto-restart" - ansible.builtin.lineinfile: - path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" - regex: '^Restart\s*=\s*no' - insertafter: '^[Service]$' - line: "Restart=no" - owner: root - group: root - mode: '0644' - loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" - loop_control: - loop_var: dropfile_item - -### END of BLOCK for systemd setup. - -# Comment out lines in /usr/sap/sapservices, which -# - contain the target instance profile names -# - are not commented out yet -- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" - ansible.builtin.replace: - path: /usr/sap/sapservices - backup: true - regexp: '^(?!#)(.*{{ sapserv_item }}.*)$' - replace: '# \1' - loop: - - "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name }}" - - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" - loop_control: - loop_var: sapserv_item - when: - - ansible_os_family == 'RedHat' +# Common NWAS ASCS/ERS post-installation steps AFTER the cluster setup. # SAPStartSrv resource agent / Simple Mount - name: "SAP HA Pacemaker - Make sure SAPStartSrv systemd units are enabled" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml index 8f04df3f0..95d671b73 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml @@ -1,141 +1,6 @@ # SPDX-License-Identifier: Apache-2.0 --- -# After NetWeaver SCS/ERS instances were configured in the cluster, -# they must be disabled from automatically (re)starting outside of -# cluster control. - -- name: "SAP HA Pacemaker - (SCS profile) Prevent automatic restart of enqueue server" - ansible.builtin.replace: - path: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string }}" - backup: true - regexp: 'Restart_Program_01' - replace: 'Start_Program_01' - # Throttle and retry loop was added to combat NFS write lockups on Azure NFS - throttle: 1 - retries: 30 - delay: 10 - -- name: "SAP HA Pacemaker - (ERS profile) Prevent automatic restart" - ansible.builtin.replace: - path: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" - backup: true - regexp: 'Restart_Program_00' - replace: 'Start_Program_00' - # Throttle and retry loop was added to combat NFS write lockups on Azure NFS - throttle: 1 - retries: 30 - delay: 10 - -- name: "SAP HA Pacemaker - (systemd) Check for SCS/ERS services" - ansible.builtin.stat: - path: "/etc/systemd/system/SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" - loop: - - "{{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }}" - - "{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" - loop_control: - loop_var: systemd_item - label: "SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" - register: __sap_ha_pacemaker_cluster_register_instance_service - -- name: "SAP HA Pacemaker - (systemd) Save found SCS/ERS services" - ansible.builtin.set_fact: - sap_ha_pacemaker_cluster_instance_service_node_fact: "{{ - __sap_ha_pacemaker_cluster_register_instance_service.results - | selectattr('stat.exists') - | map(attribute='stat.path') - | regex_replace('/etc/systemd/system/', '') - }}" - -- name: "SAP HA Pacemaker - (systemd) Combine instance services from all nodes" - ansible.builtin.set_fact: - sap_ha_pacemaker_cluster_instance_service_all_fact: "{{ - (sap_ha_pacemaker_cluster_instance_service_all_fact | d([]) - + hostvars[task_host_item].sap_ha_pacemaker_cluster_instance_service_node_fact) - | unique - }}" - loop: "{{ ansible_play_hosts }}" - loop_control: - loop_var: task_host_item - - -# BLOCK: -# 1. When the systemd based SAP startup framework is used, make sure that the -# instance services do not auto-start. -# 2. Make sure that the SAP instance service units are registered and present on all hosts. -- name: "SAP HA Pacemaker - Block to handle SAP service systemd configuration" - when: - # At least one systemd service should be found per node, to consider the setup - # "systemd enabled" and proceed with the related configuration. - - sap_ha_pacemaker_cluster_instance_service_node_fact is defined - - sap_ha_pacemaker_cluster_instance_service_node_fact | length > 0 - block: - - # After the installation, the systemd units are only configured on the node - # they were first installed on. - # The registration ensures that - # - systemd units for both instances are configured - # - the 'sapstartsrv' file contains both start commands - - name: "SAP HA Pacemaker - (systemd) Register SCS/ERS instances on all nodes" - ansible.builtin.shell: | - export LD_LIBRARY_PATH=/usr/sap/hostctrl/exe:$LD_LIBRARY_PATH - /usr/sap/hostctrl/exe/sapstartsrv pf={{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string }} -reg - /usr/sap/hostctrl/exe/sapstartsrv pf={{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }} -reg - register: __sap_ha_pacemaker_cluster_register_instance_reg - changed_when: true - - - name: "SAP HA Pacemaker - (systemd) Disable SCS/ERS instance service" - ansible.builtin.service: - name: "{{ instance_srv_item }}" - enabled: false - loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" - loop_control: - loop_var: instance_srv_item - - # Creates a config file for the services. - # Parent directories will be created when missing. - - name: "SAP HA Pacemaker - (systemd) Create SCS/ERS instance unit config file" - ansible.builtin.lineinfile: - create: true - path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" - line: "[Service]" - owner: root - group: root - mode: '0644' - loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" - loop_control: - loop_var: dropfile_item - - - name: "SAP HA Pacemaker - (systemd) Disable SCS/ERS instance unit auto-restart" - ansible.builtin.lineinfile: - path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" - regex: '^Restart\s*=\s*no' - insertafter: '^[Service]$' - line: "Restart=no" - owner: root - group: root - mode: '0644' - loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" - loop_control: - loop_var: dropfile_item - -### END of BLOCK for systemd setup. - -# Comment out lines in /usr/sap/sapservices, which -# - contain the target instance profile names -# - are not commented out yet -- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" - ansible.builtin.replace: - path: /usr/sap/sapservices - backup: true - regexp: '^(?!#)(.*{{ sapserv_item }}.*)$' - replace: '# \1' - loop: - - "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name }}" - - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" - loop_control: - loop_var: sapserv_item - when: - - ansible_os_family == 'RedHat' +# Common NWAS ASCS/ERS post-installation steps AFTER the cluster setup. # SAPStartSrv resource agent / Simple Mount - name: "SAP HA Pacemaker - Make sure SAPStartSrv systemd units are enabled" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/roles/sap_ha_pacemaker_cluster/tasks/main.yml index b144a76b3..75e5cf89c 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/main.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/main.yml @@ -212,6 +212,20 @@ __sap_ha_pacemaker_cluster_platform_file: "{{ role_path }}/tasks/{{ item }}" tags: pre_ha_cluster + # Prerequisite changes for certain scenarios, if applicable + - name: "SAP HA Install Pacemaker - Include scenario specific prerequisites" + ansible.builtin.include_tasks: + file: "{{ pre_item }}" + apply: + tags: pre_ha_cluster + loop: + - pre_steps_nwas_cs_ers.yml + loop_control: + loop_var: pre_item + when: + - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_.*_ers') | length > 0 + tags: pre_ha_cluster + # Stop and disable services that conflict with cluster setups, # for instance cloud-init services on cloud platforms - name: "SAP HA Install Pacemaker - Stop and disable services" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml new file mode 100644 index 000000000..99f4cd6a4 --- /dev/null +++ b/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml @@ -0,0 +1,192 @@ +# SPDX-License-Identifier: Apache-2.0 +--- +# Preconfiguration tasks for NWAS (A)SCS/ERS servers. +# These tasks are run before the cluster setup. + +- name: "SAP HA Pacemaker - ((A)SCS profile) Prevent automatic restart of enqueue server" + ansible.builtin.replace: + path: "{{ __task_cs_sapinstance_start_profile_string }}" + backup: true + regexp: 'Restart_Program_01' + replace: 'Start_Program_01' + # Throttle and retry loop was added to combat NFS write lockups on Azure NFS + vars: + __task_cs_sapinstance_start_profile_string: "{{ + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string + if 'nwas_java_scs_ers' in sap_ha_pacemaker_cluster_host_type + else __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string + }}" + throttle: 1 + retries: 30 + delay: 10 + +- name: "SAP HA Pacemaker - (ERS profile) Prevent automatic restart" + ansible.builtin.replace: + path: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" + backup: true + regexp: 'Restart_Program_00' + replace: 'Start_Program_00' + # Throttle and retry loop was added to combat NFS write lockups on Azure NFS + throttle: 1 + retries: 30 + delay: 10 + +- name: "SAP HA Pacemaker - (systemd) Check for (A)SCS/ERS services" + ansible.builtin.stat: + path: "/etc/systemd/system/SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" + loop: + - "{{ __task_cs_instance_nr }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }}" + loop_control: + loop_var: systemd_item + label: "SAP{{ __sap_ha_pacemaker_cluster_nwas_sid }}_{{ systemd_item }}.service" + vars: + __task_cs_instance_nr: "{{ + __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + if 'nwas_java_scs_ers' in sap_ha_pacemaker_cluster_host_type + else __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr + }}" + register: __sap_ha_pacemaker_cluster_register_instance_service + +- name: "SAP HA Pacemaker - (systemd) Save found (A)SCS/ERS services" + ansible.builtin.set_fact: + sap_ha_pacemaker_cluster_instance_service_node_fact: "{{ + __sap_ha_pacemaker_cluster_register_instance_service.results + | selectattr('stat.exists') + | map(attribute='stat.path') + | regex_replace('/etc/systemd/system/', '') + }}" + +- name: "SAP HA Pacemaker - (systemd) Combine instance services from all nodes" + ansible.builtin.set_fact: + sap_ha_pacemaker_cluster_instance_service_all_fact: "{{ + (sap_ha_pacemaker_cluster_instance_service_all_fact | d([]) + + hostvars[task_host_item].sap_ha_pacemaker_cluster_instance_service_node_fact) + | unique + }}" + loop: "{{ ansible_play_hosts }}" + loop_control: + loop_var: task_host_item + + +# BLOCK: +# When the systemd based SAP startup framework is used, make sure that +# 1. the instance services do not auto-start +# 2. the SAP instance service units are registered and present on all hosts +- name: "SAP HA Pacemaker - Block to handle SAP service systemd configuration" + when: + # At least one systemd service should be found across all nodes, + # to consider the setup "systemd enabled" and proceed with the + # systemd related configuration. + - sap_ha_pacemaker_cluster_instance_service_all_fact is defined + - sap_ha_pacemaker_cluster_instance_service_all_fact | length > 0 + block: + + # After the installation, the systemd units are only configured on the node + # they were first installed on. + # The registration ensures that + # - systemd units for both instances are configured + # - the 'sapstartsrv' file contains both start commands + + - name: "SAP HA Pacemaker - (systemd) Register (A)SCS/ERS instances on partner node" + ansible.builtin.shell: | + export LD_LIBRARY_PATH=/usr/sap/hostctrl/exe:$LD_LIBRARY_PATH + /usr/sap/hostctrl/exe/sapstartsrv pf={{ reg_item }} -reg + vars: + __task_cs_sapinstance_start_profile_string: "{{ + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_start_profile_string + if 'nwas_java_scs_ers' in sap_ha_pacemaker_cluster_host_type + else __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string + }}" + __task_cs_instance_nr: "{{ + __sap_ha_pacemaker_cluster_nwas_scs_instance_nr + if 'nwas_java_scs_ers' in sap_ha_pacemaker_cluster_host_type + else __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr + }}" + loop: + - "{{ __task_cs_sapinstance_start_profile_string }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_start_profile_string }}" + loop_control: + loop_var: reg_item + when: + # and CS are both in the looped profile (reg_item) + # and "SAP_.service" (CS) are missing in local systemd services list + # or + # and ERS are both in the looped profile (reg_item) + # and "SAP_.service" (ERS) are missing in the local systemd services list + - (__sap_ha_pacemaker_cluster_nwas_sid in reg_item + and __task_cs_instance_nr in reg_item + and ('SAP' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_' ~ __task_cs_instance_nr ~ '.service') + in + (sap_ha_pacemaker_cluster_instance_service_all_fact + | difference(sap_ha_pacemaker_cluster_instance_service_node_fact))) + or + (__sap_ha_pacemaker_cluster_nwas_sid in reg_item + and __sap_ha_pacemaker_cluster_nwas_ers_instance_nr in reg_item + and ('SAP' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_' ~ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr ~ '.service') + in + (sap_ha_pacemaker_cluster_instance_service_all_fact + | difference(sap_ha_pacemaker_cluster_instance_service_node_fact))) + changed_when: true + + + - name: "SAP HA Pacemaker - (systemd) Disable (A)SCS/ERS instance service" + ansible.builtin.service: + name: "{{ instance_srv_item }}" + enabled: false + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" + loop_control: + loop_var: instance_srv_item + + # Creates a config file for the services. + # Parent directories will be created when missing. + - name: "SAP HA Pacemaker - (systemd) Create (A)SCS/ERS instance unit config file" + ansible.builtin.lineinfile: + create: true + path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" + line: "[Service]" + owner: root + group: root + mode: '0644' + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" + loop_control: + loop_var: dropfile_item + + - name: "SAP HA Pacemaker - (systemd) Disable (A)SCS/ERS instance unit auto-restart" + ansible.builtin.lineinfile: + path: "/etc/systemd/system/{{ dropfile_item }}.d/HA.conf" + regex: '^Restart\s*=\s*no' + insertafter: '^[Service]$' + line: "Restart=no" + owner: root + group: root + mode: '0644' + loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" + loop_control: + loop_var: dropfile_item + +### END of BLOCK for systemd setup. + + +# Comment out lines in /usr/sap/sapservices, which +# - contain the target instance profile names +# - are not commented out yet +- name: "SAP HA Pacemaker - Update /usr/sap/sapservices" + ansible.builtin.replace: + path: /usr/sap/sapservices + backup: true + regexp: '^(?!#)(.*{{ sapserv_item }}.*)$' + replace: '# \1' + loop: + - "{{ __task_cs_instance_name }}" + - "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_instance_name }}" + loop_control: + loop_var: sapserv_item + vars: + __task_cs_instance_name: "{{ + __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_instance_name + if 'nwas_java_scs_ers' in sap_ha_pacemaker_cluster_host_type + else __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_instance_name + }}" + when: + - ansible_os_family == 'RedHat' From abfa16f4ffbe093a7f28cde25fd77967b5c75a74 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Wed, 19 Feb 2025 11:29:47 +0100 Subject: [PATCH 40/66] sap_general_preconfigure, sap_maintain_etc_hosts: Ignore comments ... in column 1 of /etc/hosts lines. Solves issue #132. Signed-off-by: Bernd Finger --- .../tasks/RedHat/generic/assert-etc-hosts.yml | 8 ++++---- .../sap_maintain_etc_hosts/tasks/update_host_present.yml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml index cd8771b94..71405afd9 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml @@ -36,9 +36,9 @@ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" - name: Check for duplicate or missing entries of {{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }} in /etc/hosts - ansible.builtin.command: awk 'BEGIN{a=0}/^{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}\s/|| + ansible.builtin.command: awk 'BEGIN{a=0}!/^#/&&(/^{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}\s/|| /\s{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}\s/|| - /\s{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}$/{a++}END{print a}' /etc/hosts + /\s{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}$/){a++}END{print a}' /etc/hosts register: __sap_general_preconfigure_register_fqdn_once_assert ignore_errors: true changed_when: false @@ -51,9 +51,9 @@ ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" - name: Check for duplicate or missing entries of {{ sap_general_preconfigure_hostname }} in /etc/hosts - ansible.builtin.command: awk 'BEGIN{a=0}/^{{ sap_general_preconfigure_hostname }}\s/|| + ansible.builtin.command: awk 'BEGIN{a=0}!/^#/&&(/^{{ sap_general_preconfigure_hostname }}\s/|| /\s{{ sap_general_preconfigure_hostname }}\s/|| - /\s{{ sap_general_preconfigure_hostname }}$/{a++}END{print a}' /etc/hosts + /\s{{ sap_general_preconfigure_hostname }}$/){a++}END{print a}' /etc/hosts register: __sap_general_preconfigure_register_sap_hostname_once_assert ignore_errors: true changed_when: false diff --git a/roles/sap_maintain_etc_hosts/tasks/update_host_present.yml b/roles/sap_maintain_etc_hosts/tasks/update_host_present.yml index 000ab6707..28bd52011 100644 --- a/roles/sap_maintain_etc_hosts/tasks/update_host_present.yml +++ b/roles/sap_maintain_etc_hosts/tasks/update_host_present.yml @@ -154,7 +154,7 @@ # After all nodes are added or deleted, run the consistency check against the hosts file - name: Check for duplicate or missing entries of hostname and fqdn in {{ __sap_maintain_etc_hosts_file }} ansible.builtin.shell: | - n=$(awk 'BEGIN{a=0}/^{{ line_item }}\s/||/\s{{ line_item }}\s/||/\s{{ line_item }}$/{a++}END{print a}' {{ __sap_maintain_etc_hosts_file }}) + n=$(awk 'BEGIN{a=0}!/^#/&&(/^{{ line_item }}\s/||/\s{{ line_item }}\s/||/\s{{ line_item }}$/){a++}END{print a}' {{ __sap_maintain_etc_hosts_file }}) if [ $n -eq 1 ]; then exit 0 else @@ -169,7 +169,7 @@ when: not ansible_check_mode - name: Perform the hosts file completeness check - ansible.builtin.command: awk 'BEGIN{a=0}/{{ thishost.node_ip }}/&&/{{ thishost.node_name }}.{{ __sap_maintain_etc_hosts_domain }}/&&/{{ thishost.node_name }}/{a++}END{print a}' {{ __sap_maintain_etc_hosts_file }} + ansible.builtin.command: awk 'BEGIN{a=0}!/^#/&&(/{{ thishost.node_ip }}/&&/{{ thishost.node_name }}.{{ __sap_maintain_etc_hosts_domain }}/&&/{{ thishost.node_name }}/){a++}END{print a}' {{ __sap_maintain_etc_hosts_file }} register: __sap_maintain_etc_hosts_register_ipv4_fqdn_sap_hostname_once_check changed_when: false From 2790338a5eeed2dcefdf260099e2847aa0b259bf Mon Sep 17 00:00:00 2001 From: SunnyCrockett <153714968+SunnyCrockett@users.noreply.github.com> Date: Wed, 19 Feb 2025 14:37:45 +0100 Subject: [PATCH 41/66] removed duplicates of credentials_hana --- roles/sap_swpm/templates/inifile_params.j2 | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/sap_swpm/templates/inifile_params.j2 b/roles/sap_swpm/templates/inifile_params.j2 index 94f0cb8f4..6b105193e 100644 --- a/roles/sap_swpm/templates/inifile_params.j2 +++ b/roles/sap_swpm/templates/inifile_params.j2 @@ -229,8 +229,6 @@ storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} # # # END section credentials_hana # ################################################################### -HDB_Schema_Check_Dialogs.schemaPassword = {{ sap_swpm_db_schema_password }} -storageBasedCopy.hdb.systemPassword = {{ sap_swpm_db_system_password }} {% endif %} {% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} From 8392c433e9e0ac185a9562e22afcafef07471e57 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 19 Feb 2025 15:06:49 +0100 Subject: [PATCH 42/66] sap_ha_pacemaker_cluster: improve task order Creating the (optional) ha_cluster parameter config file is now part of the steps run before the actual cluster installation and included in the "pre_ha_cluster" tag. Previously it was run at the very end and if a post-step failed the config review file would be missing. --- roles/sap_ha_pacemaker_cluster/tasks/main.yml | 90 +++++++++---------- 1 file changed, 45 insertions(+), 45 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/roles/sap_ha_pacemaker_cluster/tasks/main.yml index 75e5cf89c..2abcd67ff 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/main.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/main.yml @@ -192,6 +192,49 @@ tags: pre_ha_cluster +# Save all the constructed cluster parameters into a vars file. +# +# This will help reusing ha_cluster afterwards without losing the already +# configured resources and constraints. +# The ha_cluster role will otherwise remove configuration that is not part +# of the parameters provided during any subsequent run outside of the current +# SAP system role. +# +# TODO: Deal with secrets in output. They should be masked, maybe with +# their user provided variables? + +- name: "SAP HA Install Pacemaker - Create cluster configuration parameters file" + when: + - sap_ha_pacemaker_cluster_create_config_varfile + - sap_ha_pacemaker_cluster_create_config_dest | length + ansible.builtin.template: + backup: true + dest: "{{ sap_ha_pacemaker_cluster_create_config_dest }}" + mode: "0600" + src: cluster_create_config.j2 + trim_blocks: true + lstrip_blocks: true + delegate_to: localhost + run_once: true + become: false + check_mode: false + tags: pre_ha_cluster + +- name: "SAP HA Install Pacemaker - Display configuration parameters SAVE FILE location" + when: + - sap_ha_pacemaker_cluster_create_config_varfile + - sap_ha_pacemaker_cluster_create_config_dest | length + ansible.builtin.debug: + msg: | + The cluster resource configuration parameters have been saved here: + >>>>> {{ sap_ha_pacemaker_cluster_create_config_dest }} <<<<< + + Please include these variable definitions if you run the 'ha_cluster' + linux system role separately. + !! Secret values of resources may be included in this output !! + run_once: true + tags: pre_ha_cluster + ########################################################## # BLOCK which covers actual changes on the target systems ########################################################## @@ -353,7 +396,7 @@ run_once: true tags: post_ha_cluster - + # General post-steps - name: "SAP HA Install Pacemaker - Include NetWeaver ASCS/ERS post steps" ansible.builtin.include_tasks: file: configure_nwas_abap_ascs_ers_post_install.yml @@ -367,6 +410,7 @@ when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + # General post-steps - name: "SAP HA Install Pacemaker - Include NetWeaver SCS/ERS post steps" ansible.builtin.include_tasks: file: configure_nwas_java_scs_ers_post_install.yml @@ -380,48 +424,4 @@ when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_java_scs_ers') | length > 0 - ### END OF BLOCK: prerequisite changes and cluster setup - -# Save all the constructed cluster parameters into a vars file. -# -# This will help reusing ha_cluster afterwards without losing the already -# configured resources and constraints. -# The ha_cluster role will otherwise remove configuration that is not part -# of the parameters provided during any subsequent run outside of the current -# SAP system role. -# -# TODO: Deal with secrets in output. They should be masked, maybe with -# their user provided variables? - -- name: "SAP HA Install Pacemaker - Create cluster configuration parameters file" - when: - - sap_ha_pacemaker_cluster_create_config_varfile - - sap_ha_pacemaker_cluster_create_config_dest | length - ansible.builtin.template: - backup: true - dest: "{{ sap_ha_pacemaker_cluster_create_config_dest }}" - mode: "0600" - src: cluster_create_config.j2 - trim_blocks: true - lstrip_blocks: true - delegate_to: localhost - run_once: true - become: false - check_mode: false - tags: post_ha_cluster - -- name: "SAP HA Install Pacemaker - Display configuration parameters SAVE FILE location" - when: - - sap_ha_pacemaker_cluster_create_config_varfile - - sap_ha_pacemaker_cluster_create_config_dest | length - ansible.builtin.debug: - msg: | - The cluster resource configuration parameters have been saved here: - >>>>> {{ sap_ha_pacemaker_cluster_create_config_dest }} <<<<< - - Please include these variable definitions if you run the 'ha_cluster' - linux system role separately. - !! Secret values of resources may be included in this output !! - run_once: true - tags: post_ha_cluster From e4e8627aa3b8db900be94e2880c5f47fe95f9f62 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 19 Feb 2025 17:15:30 +0100 Subject: [PATCH 43/66] sap_ha_pacemaker_cluster: limit include to nwas Previously, if the host_type contained a HANA type it would also include the vars file here. This change limits the scope to NWAS types. --- roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml b/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml index 0e43e5c5b..71337f0a3 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/include_vars_nwas.yml @@ -9,10 +9,11 @@ vars: __host_type_list: - nwas_common - - "{{ sap_ha_pacemaker_cluster_host_type }}" + - "{{ sap_ha_pacemaker_cluster_host_type | select('match', 'nwas_.*_ers') }}" when: - "(role_path + '/vars/' + include_item + '.yml') is file" + # Private variables are assigned following logic: # 1. Use backwards compatible var if new var is empty # 2. Use user input if new var is not empty From aff9750216bb5d2eebbc6d5cf0337664284a14f5 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 19 Feb 2025 17:18:33 +0100 Subject: [PATCH 44/66] sap_ha_pacemaker_cluster: fix(RHEL) connector package The connector package is now added with a conditional to the 'nwas' package dictionary key. It did not work in the nwas vars combination task. --- roles/sap_ha_pacemaker_cluster/vars/RedHat.yml | 1 + roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/vars/RedHat.yml b/roles/sap_ha_pacemaker_cluster/vars/RedHat.yml index 0c2b56d8b..d95291045 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/RedHat.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/RedHat.yml @@ -100,6 +100,7 @@ __sap_ha_pacemaker_cluster_sap_extra_packages_dict: - resource-agents-sap-hana nwas: - resource-agents-sap + - "{{ 'sap-cluster-connector' if sap_ha_pacemaker_cluster_enable_cluster_connector else '' }}" # Dictionary with preferred platform specific VIP method that differs from default # __sap_ha_pacemaker_cluster_vip_method_dict: diff --git a/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml b/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml index 4523021b6..27ca8792c 100644 --- a/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml +++ b/roles/sap_ha_pacemaker_cluster/vars/nwas_common.yml @@ -10,6 +10,4 @@ # halib package if selected __sap_ha_pacemaker_cluster_sap_extra_packages: "{{ __sap_ha_pacemaker_cluster_sap_extra_packages_dict.minimal | d([]) - + ([__sap_ha_pacemaker_cluster_halib_package] - if sap_ha_pacemaker_cluster_enable_cluster_connector else []) + __sap_ha_pacemaker_cluster_sap_extra_packages_dict.nwas | unique }}" From 134674d9d873207b34712f3aba7db04ffd464507 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 19 Feb 2025 17:21:54 +0100 Subject: [PATCH 45/66] sap_ha_pacemaker_cluster: fix(RHEL) remove maintenance Not a real issue, but it is cleaner to remove the maintenance attribute when it is disabled and not display it anymore. --- .../tasks/RedHat/post_steps_hana_scaleup.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/post_steps_hana_scaleup.yml b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/post_steps_hana_scaleup.yml index 9ed648b2e..cc2d20a1c 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/post_steps_hana_scaleup.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/post_steps_hana_scaleup.yml @@ -7,14 +7,14 @@ # TODO: # Add RedHat specific steps to mitigate issues with abrupt start of cluster. -- name: "SAP HA Install Pacemaker - SAPHana pcs resource cleanup" +- name: "SAP HA Install Pacemaker - (SAPHana) pcs resource cleanup" ansible.builtin.command: cmd: pcs resource cleanup {{ __sap_ha_pacemaker_cluster_hana_resource_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available else __sap_ha_pacemaker_cluster_hanacontroller_resource_name }} changed_when: true -- name: "SAP HA Install Pacemaker - SAPHana clone pcs resource refresh" +- name: "SAP HA Install Pacemaker - (SAPHana clone) pcs resource refresh" ansible.builtin.command: cmd: pcs resource refresh {{ __sap_ha_pacemaker_cluster_hana_resource_clone_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available @@ -28,9 +28,9 @@ cmd: sleep 30 changed_when: false -- name: "SAP HA Install Pacemaker - SAPHana clone pcs resource meta maintenance=false" +- name: "SAP HA Install Pacemaker - (SAPHana clone) Remove resource maintenance" ansible.builtin.command: cmd: pcs resource meta {{ __sap_ha_pacemaker_cluster_hana_resource_clone_name if not __sap_ha_pacemaker_cluster_saphanasr_angi_available - else __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} maintenance=false + else __sap_ha_pacemaker_cluster_hanacontroller_resource_clone_name }} maintenance= changed_when: true From 0415a3ee987efa8968dd70b56d0d6c5696e4000b Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 19 Feb 2025 17:42:50 +0100 Subject: [PATCH 46/66] sap_ha_pacemaker_cluster: fix NW instance restart - additional resource cleanup task before the restarts take place - restart SAPInstance resource, not SAPStartSrv, unrelated to simple mount --- .../configure_nwas_abap_ascs_ers_post_install.yml | 14 ++++++++------ .../configure_nwas_java_scs_ers_post_install.yml | 14 ++++++++------ 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index 0302fe3bd..fea358eeb 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -142,6 +142,12 @@ {{ __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout_lines }} + # Ensure there are no errors before resources get restarted + - name: "SAP HA Install Pacemaker - Cluster resource cleanup before restart" + ansible.builtin.shell: | + {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} + changed_when: true + # Block to restart cluster resources if RestartService is not enough. # This is required for SUSE, where SAP needs full restart to load HAlib. - name: "SAP HA Pacemaker - (SAP HA Interface) Block for ASCS ERS restart" @@ -153,12 +159,8 @@ or (__sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout is defined and 'ERROR' in __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout)" vars: - __rsc_ascs: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapstartsrv_resource_name - if __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount - else __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name }}" - __rsc_ers: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name - if __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount - else __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" + __rsc_ascs: "{{ __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_resource_name }}" + __rsc_ers: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" block: - name: "SAP HA Pacemaker - (SAP HA Interface) Restart ASCS ERS resources" ansible.builtin.shell: | diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml index 95d671b73..58f830acf 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml @@ -142,6 +142,12 @@ {{ __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines }} + # Ensure there are no errors before resources get restarted + - name: "SAP HA Install Pacemaker - Cluster resource cleanup before restart" + ansible.builtin.shell: | + {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} + changed_when: true + # Block to restart cluster resources if RestartService is not enough. # This is required for SUSE, where SAP needs full restart to load HAlib. - name: "SAP HA Pacemaker - (SAP HA Interface) Block for SCS ERS restart" @@ -153,12 +159,8 @@ or (__sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout is defined and 'ERROR' in __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout)" vars: - __rsc_scs: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapstartsrv_resource_name - if __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount - else __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name }}" - __rsc_ers: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapstartsrv_resource_name - if __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount - else __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" + __rsc_scs: "{{ __sap_ha_pacemaker_cluster_nwas_scs_sapinstance_resource_name }}" + __rsc_ers: "{{ __sap_ha_pacemaker_cluster_nwas_ers_sapinstance_resource_name }}" block: - name: "SAP HA Pacemaker - (SAP HA Interface) Restart SCS ERS resources" ansible.builtin.shell: | From 9be2c1501c62434dd5d812beaae418d3564b9895 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Thu, 20 Feb 2025 15:18:46 +0100 Subject: [PATCH 47/66] feat: Enhance saptune revert logic --- .../tasks/sapnote/2578899/configuration.yml | 31 +++++++--- .../tasks/SLES/configuration.yml | 61 ++++++++----------- .../tasks/sapnote/2684254/configuration.yml | 31 +++++++--- .../tasks/SLES/configuration.yml | 61 ++++++++----------- 4 files changed, 96 insertions(+), 88 deletions(-) diff --git a/roles/sap_general_preconfigure/tasks/sapnote/2578899/configuration.yml b/roles/sap_general_preconfigure/tasks/sapnote/2578899/configuration.yml index c8fea7a86..cc6e724e2 100644 --- a/roles/sap_general_preconfigure/tasks/sapnote/2578899/configuration.yml +++ b/roles/sap_general_preconfigure/tasks/sapnote/2578899/configuration.yml @@ -17,29 +17,44 @@ when: __sap_general_preconfigure_grub_cmdline | length > 0 -- name: Apply SAP note 2578899 using saptune +# Verify SAP Note before block and revert if found invalid +- name: Verify SAP note 2578899 before changes + ansible.builtin.command: + cmd: saptune note verify 2578899 + register: __sap_general_preconfigure_verify_2578899_before + changed_when: false + ignore_errors: true when: __sap_general_preconfigure_use_saptune | d(true) + +- name: Apply SAP note 2578899 using saptune + when: + - __sap_general_preconfigure_use_saptune | d(true) + - __sap_general_preconfigure_verify_2578899_before.rc != 0 block: + - name: Revert SAP note 2578899 + ansible.builtin.command: + cmd: saptune note revert 2578899 + changed_when: true - - name: Apply SAP note 2578899 using saptune + - name: Apply SAP note 2578899 ansible.builtin.command: cmd: saptune note apply 2578899 changed_when: true - - name: Verify SAP note 2578899 using saptune + - name: Verify SAP note 2578899 after changes ansible.builtin.command: - cmd: saptune note verify 2578899 - register: __sap_general_preconfigure_saptune_verify_2578899 + cmd: saptune note verify --show-non-compliant 2578899 + register: __sap_general_preconfigure_verify_2578899_after changed_when: false ignore_errors: true - name: Display error if saptune verify failed ansible.builtin.debug: msg: | - {{ __sap_general_preconfigure_saptune_verify_2578899.stdout_lines }} - {{ __sap_general_preconfigure_saptune_verify_2578899.stderr_lines }} + {{ __sap_general_preconfigure_verify_2578899_after.stdout_lines }} + {{ __sap_general_preconfigure_verify_2578899_after.stderr_lines }} when: - __sap_general_preconfigure_saptune_verify_2578899.rc != 0 + __sap_general_preconfigure_verify_2578899_after.rc != 0 - name: Configuration changes without saptune diff --git a/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml b/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml index d2f6da83c..257c1e9fa 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml @@ -24,54 +24,43 @@ - __sap_hana_preconfigure_use_saptune -- name: Apply saptune solution +# Verify SAP Solution before block and revert if found invalid +- name: Verify saptune solution before changes + ansible.builtin.command: + cmd: "saptune solution verify {{ sap_hana_preconfigure_saptune_solution }}" + register: __sap_hana_preconfigure_register_solution_verify_before + changed_when: false + failed_when: false when: __sap_hana_preconfigure_use_saptune - block: - - name: Discover active solution - ansible.builtin.command: - cmd: saptune solution enabled - register: __sap_hana_preconfigure_register_saptune_status - changed_when: false - - - name: Set fact for active solution - ansible.builtin.set_fact: - # Capture the first block on none whitespace - __sap_hana_preconfigure_register_solution_configured: - "{{ (__sap_hana_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" - - - name: Revert solution when different to sap_hana_preconfigure_saptune_solution +- name: Apply saptune solution + when: + - __sap_hana_preconfigure_use_saptune + - __sap_hana_preconfigure_register_solution_verify_before.rc != 0 + block: + - name: Revert saptune configuration ansible.builtin.command: - cmd: "saptune solution revert {{ __sap_hana_preconfigure_register_solution_configured }}" + cmd: "saptune revert all" changed_when: true - when: - - __sap_hana_preconfigure_register_solution_configured != 'NONE' - - __sap_hana_preconfigure_register_solution_configured != sap_hana_preconfigure_saptune_solution - - - - name: Verify saptune solution - ansible.builtin.command: - cmd: "saptune solution verify {{ sap_hana_preconfigure_saptune_solution }}" - register: __sap_hana_preconfigure_register_saptune_verify - changed_when: false - failed_when: false - when: - - __sap_hana_preconfigure_register_solution_configured == sap_hana_preconfigure_saptune_solution - - name: Ensure saptune solution is applied ansible.builtin.command: cmd: "saptune solution apply {{ sap_hana_preconfigure_saptune_solution }}" changed_when: true - when: - - __sap_hana_preconfigure_register_solution_configured != sap_hana_preconfigure_saptune_solution - or __sap_hana_preconfigure_register_saptune_verify.rc != 0 - - - name: Ensure solution was successful + - name: Verify saptune solution after changes ansible.builtin.command: - cmd: "saptune solution verify {{ sap_hana_preconfigure_saptune_solution }}" + cmd: "saptune solution verify --show-non-compliant {{ sap_hana_preconfigure_saptune_solution }}" changed_when: false + failed_when: false + register: __sap_hana_preconfigure_register_solution_verify_after + + - name: Display error if saptune verify failed + ansible.builtin.fail: + msg: | + {{ __sap_hana_preconfigure_register_solution_verify_after.stdout_lines }} + {{ __sap_hana_preconfigure_register_solution_verify_after.stderr_lines }} + when: __sap_hana_preconfigure_register_solution_verify_after.rc != 0 - name: Configure - Include configuration actions for required sapnotes diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml index 38b44d6a5..bd8bc9e54 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml @@ -9,29 +9,44 @@ when: __sap_hana_preconfigure_grub_cmdline | length > 0 -- name: Apply SAP note 2684254 using saptune +# Verify SAP Note before block and revert if found invalid +- name: Verify SAP note 2684254 before changes + ansible.builtin.command: + cmd: saptune note verify 2684254 + register: __sap_hana_preconfigure_verify_2684254_before + changed_when: false + ignore_errors: true when: __sap_hana_preconfigure_use_saptune | d(true) + +- name: Apply SAP note 2684254 using saptune + when: + -__sap_hana_preconfigure_use_saptune | d(true) + - __sap_hana_preconfigure_verify_2684254_before.rc != 0 block: + - name: Revert SAP note 2684254 + ansible.builtin.command: + cmd: saptune note revert 2684254 + changed_when: true - - name: Apply SAP note 2684254 using saptune + - name: Apply SAP note 2684254 ansible.builtin.command: cmd: saptune note apply 2684254 changed_when: true - - name: Verify SAP note 2684254 using saptune + - name: Verify SAP note 2684254 after changes ansible.builtin.command: - cmd: saptune note verify 2684254 - register: __sap_hana_preconfigure_saptune_verify_2684254 + cmd: saptune note verify --show-non-compliant 2684254 + register: __sap_hana_preconfigure_verify_2684254_after changed_when: false ignore_errors: true - name: Display error if saptune verify failed ansible.builtin.debug: msg: | - {{ __sap_hana_preconfigure_saptune_verify_2684254.stdout_lines }} - {{ __sap_hana_preconfigure_saptune_verify_2684254.stderr_lines }} + {{ __sap_hana_preconfigure_verify_2684254_after.stdout_lines }} + {{ __sap_hana_preconfigure_verify_2684254_after.stderr_lines }} when: - __sap_hana_preconfigure_saptune_verify_2684254.rc != 0 + __sap_hana_preconfigure_verify_2684254_after.rc != 0 - name: Configuration changes without saptune diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml index 5c7bf7ce6..9ebf64db8 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml @@ -1,54 +1,43 @@ # SPDX-License-Identifier: Apache-2.0 --- -- name: Apply saptune solution +# Verify SAP Solution before block and revert if found invalid +- name: Verify saptune solution before changes + ansible.builtin.command: + cmd: "saptune solution verify {{ sap_netweaver_preconfigure_saptune_solution }}" + register: __sap_netweaver_preconfigure_register_solution_verify_before + changed_when: false + failed_when: false when: __sap_netweaver_preconfigure_use_saptune - block: - - name: Discover active solution - ansible.builtin.command: - cmd: saptune solution enabled - register: __sap_netweaver_preconfigure_register_saptune_status - changed_when: false - - - name: Set fact for active solution - ansible.builtin.set_fact: - # Capture the first block on none whitespace - __sap_netweaver_preconfigure_register_solution_configured: - "{{ (__sap_netweaver_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" - - - name: Revert solution when different to sap_netweaver_preconfigure_saptune_solution +- name: Apply saptune solution + when: + - __sap_netweaver_preconfigure_use_saptune + - __sap_netweaver_preconfigure_register_solution_verify_before.rc != 0 + block: + - name: Revert saptune configuration ansible.builtin.command: - cmd: "saptune solution revert {{ __sap_netweaver_preconfigure_register_solution_configured }}" + cmd: "saptune revert all" changed_when: true - when: - - __sap_netweaver_preconfigure_register_solution_configured != 'NONE' - - __sap_netweaver_preconfigure_register_solution_configured != sap_netweaver_preconfigure_saptune_solution - - - - name: Verify saptune solution - ansible.builtin.command: - cmd: "saptune solution verify {{ sap_netweaver_preconfigure_saptune_solution }}" - register: __sap_netweaver_preconfigure_register_saptune_verify - changed_when: false - failed_when: false - when: - - __sap_netweaver_preconfigure_register_solution_configured == sap_netweaver_preconfigure_saptune_solution - - name: Ensure saptune solution is applied ansible.builtin.command: cmd: "saptune solution apply {{ sap_netweaver_preconfigure_saptune_solution }}" changed_when: true - when: - - __sap_netweaver_preconfigure_register_solution_configured != sap_netweaver_preconfigure_saptune_solution - or __sap_netweaver_preconfigure_register_saptune_verify.rc != 0 - - - name: Ensure solution was successful + - name: Ensure solution was successful after changes ansible.builtin.command: - cmd: "saptune solution verify {{ sap_netweaver_preconfigure_saptune_solution }}" + cmd: "saptune solution verify --show-non-compliant {{ sap_netweaver_preconfigure_saptune_solution }}" changed_when: false + failed_when: false + register: __sap_netweaver_preconfigure_register_solution_verify_after + + - name: Display error if saptune verify failed + ansible.builtin.fail: + msg: | + {{ __sap_netweaver_preconfigure_register_solution_verify_after.stdout_lines }} + {{ __sap_netweaver_preconfigure_register_solution_verify_after.stderr_lines }} + when: __sap_netweaver_preconfigure_register_solution_verify_after.rc != 0 - name: Warn if not enough swap space is configured From 40039368602f7c8a3ecf7f940968f1f3ec655f48 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Tue, 25 Feb 2025 13:21:43 +0100 Subject: [PATCH 48/66] sap_general_preconfigure: Update the package name of the RHEL 10 Power tools Solves issue #984. Signed-off-by: Bernd Finger --- roles/sap_general_preconfigure/vars/RedHat_10.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sap_general_preconfigure/vars/RedHat_10.yml b/roles/sap_general_preconfigure/vars/RedHat_10.yml index ef1a5803f..0d915e67b 100644 --- a/roles/sap_general_preconfigure/vars/RedHat_10.yml +++ b/roles/sap_general_preconfigure/vars/RedHat_10.yml @@ -98,7 +98,7 @@ __sap_general_preconfigure_packages_s390x: __sap_general_preconfigure_packages: "{{ lookup('vars', '__sap_general_preconfigure_packages_' + ansible_architecture) }}" __sap_general_preconfigure_required_ppc64le: - - ibm-power-managed-rhel9 + - ibm-power-managed-rhel10 __sap_general_preconfigure_kernel_parameters_default: - { name: vm.max_map_count, value: '2147483647' } From 31aed60ef86d9cd98c2bab418adcf3edd60d8412 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Tue, 25 Feb 2025 11:55:42 +0100 Subject: [PATCH 49/66] sap_ha_pacemaker_cluster: fix(check-mode) --- .../tasks/RedHat/pre_steps_hana.yml | 1 + .../tasks/RedHat/pre_steps_nwas_ascs_ers.yml | 1 + ...nfigure_nwas_abap_ascs_ers_post_install.yml | 18 ++++++++++++++++++ ...onfigure_nwas_java_scs_ers_post_install.yml | 18 ++++++++++++++++++ .../tasks/configure_srhook.yml | 1 + roles/sap_ha_pacemaker_cluster/tasks/main.yml | 1 + .../tasks/platform/ascertain_platform_type.yml | 2 ++ .../platform/preconfigure_cloud_gcp_ce_vm.yml | 6 ++++++ .../tasks/pre_steps_nwas_cs_ers.yml | 1 + 9 files changed, 49 insertions(+) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml index d29a7ed21..ac5f90234 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_hana.yml @@ -15,6 +15,7 @@ ansible.builtin.command: cmd: dnf provides sap-hana-ha changed_when: false + check_mode: false register: __sap_ha_pacemaker_cluster_saphanasr_angi_check failed_when: - __sap_ha_pacemaker_cluster_saphanasr_angi_check.rc != 0 diff --git a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_nwas_ascs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_nwas_ascs_ers.yml index 00fc8df40..c48ffd802 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_nwas_ascs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/RedHat/pre_steps_nwas_ascs_ers.yml @@ -12,6 +12,7 @@ dnf info resource-agents-sap | awk '/^Version/ {print $3}' | sort | tail -n1 register: __sap_ha_pacemaker_cluster_sapstartsrv_check changed_when: false + check_mode: false failed_when: false - name: "SAP HA Prepare Pacemaker - Disable Simple Mount when min. package version is not available" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index fea358eeb..dad4a6651 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -59,6 +59,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false + when: not ansible_check_mode - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" become: true @@ -68,12 +69,14 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false + when: not ansible_check_mode # NOTE: RestartService can cause fencing lockup and hang forever, # it might be good to remove them in future and leave reload to "ASCS ERS restart" block. - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ASCS service" when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_ascs @@ -84,6 +87,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_ers @@ -102,6 +106,7 @@ sleep 10 /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function HAGetFailoverConfig changed_when: false + check_mode: false - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: @@ -112,6 +117,7 @@ ansible.builtin.shell: | /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig changed_when: false + check_mode: false - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results" when: @@ -132,6 +138,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function HACheckConfig changed_when: false failed_when: false + check_mode: false - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" when: @@ -147,11 +154,13 @@ ansible.builtin.shell: | {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} changed_when: true + when: not ansible_check_mode # Block to restart cluster resources if RestartService is not enough. # This is required for SUSE, where SAP needs full restart to load HAlib. - name: "SAP HA Pacemaker - (SAP HA Interface) Block for ASCS ERS restart" when: + - not ansible_check_mode - "(__sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout is defined and 'FALSE' in __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout) or (__sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined @@ -198,10 +207,13 @@ {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} changed_when: true + ### END of BLOCK for instance restarts. + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ASCS" when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ascs_ha_check_config @@ -215,6 +227,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_check_config @@ -228,6 +241,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ASCS" when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config @@ -241,6 +255,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_failover_config @@ -257,6 +272,7 @@ when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout_lines is defined + - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout_lines }} @@ -266,6 +282,7 @@ when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines is defined + - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines }} @@ -275,6 +292,7 @@ when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout_lines is defined + - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout_lines }} diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml index 58f830acf..c65b7a99e 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml @@ -59,6 +59,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false + when: not ansible_check_mode - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" become: true @@ -68,12 +69,14 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false + when: not ansible_check_mode # NOTE: RestartService can cause fencing lockup and hang forever, # it might be good to remove them in future and leave reload to "SCS ERS restart" block. - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the SCS service" when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_scs @@ -84,6 +87,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_ers @@ -102,6 +106,7 @@ sleep 10 /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function HAGetFailoverConfig changed_when: false + check_mode: false - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: @@ -112,6 +117,7 @@ ansible.builtin.shell: | /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig changed_when: false + check_mode: false - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results" when: @@ -132,6 +138,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function HACheckConfig changed_when: false failed_when: false + check_mode: false - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" when: @@ -147,11 +154,13 @@ ansible.builtin.shell: | {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} changed_when: true + when: not ansible_check_mode # Block to restart cluster resources if RestartService is not enough. # This is required for SUSE, where SAP needs full restart to load HAlib. - name: "SAP HA Pacemaker - (SAP HA Interface) Block for SCS ERS restart" when: + - not ansible_check_mode - "(__sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout is defined and 'FALSE' in __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout) or (__sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined @@ -198,10 +207,13 @@ {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} changed_when: true + ### END of BLOCK for instance restarts. + - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for SCS" when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_scs_ha_check_config @@ -215,6 +227,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_check_config @@ -228,6 +241,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for SCS" when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_scs_ha_failover_config @@ -241,6 +255,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 + - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_failover_config @@ -257,6 +272,7 @@ when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines is defined + - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines }} @@ -266,6 +282,7 @@ when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines is defined + - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines }} @@ -275,6 +292,7 @@ when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines is defined + - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines }} diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml index 9acfe096d..54ea2285f 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_srhook.yml @@ -11,6 +11,7 @@ cmd: cat "{{ __sap_ha_pacemaker_cluster_hana_global_ini_path }}" register: __sap_ha_pacemaker_cluster_global_ini_contents changed_when: false + check_mode: false # Following tasks will prepare srhook list if user input is detected - name: "SAP HA Pacemaker srHook - Block for user provided hooks" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/main.yml b/roles/sap_ha_pacemaker_cluster/tasks/main.yml index 2abcd67ff..185a789be 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/main.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/main.yml @@ -317,6 +317,7 @@ name: "{{ sap_ha_pacemaker_cluster_system_roles_collection }}.ha_cluster" apply: tags: run_ha_cluster + ignore_errors: "{{ ansible_check_mode }}" no_log: "{{ __sap_ha_pacemaker_cluster_no_log }}" # some parameters contain secrets tags: run_ha_cluster diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml index 4cf7b2ef2..463a56449 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/ascertain_platform_type.yml @@ -79,6 +79,7 @@ set -o pipefail && rpm -qa | grep -E -e "rsct.basic" register: __sap_ha_pacemaker_cluster_power_rsct_check changed_when: false + check_mode: false when: ansible_architecture == "ppc64le" - name: "SAP HA Prepare Pacemaker - Check if platform is IBM Power - Fail if RSCT binary is missing" @@ -93,6 +94,7 @@ /opt/rsct/bin/ctgethscid register: __sap_ha_pacemaker_cluster_power_rsct_hscid changed_when: false + check_mode: false when: - ansible_architecture == "ppc64le" - __sap_ha_pacemaker_cluster_power_rsct_check.stdout != "" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml index e961fdca3..ea16e8043 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml @@ -22,6 +22,7 @@ mode: '0644' when: - not __sap_ha_pacemaker_cluster_register_haproxy_template.stat.exists + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - GCP CE VM - Update haproxy service template description" ansible.builtin.lineinfile: @@ -32,6 +33,7 @@ state: present insertafter: '^[Unit]$' notify: "systemd daemon-reload" + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - GCP CE VM - Update haproxy service template" ansible.builtin.replace: @@ -54,6 +56,7 @@ loop_var: replace_item label: "{{ replace_item.label }}" notify: "systemd daemon-reload" + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - GCP CE VM - Define healthcheck details for HANA" ansible.builtin.set_fact: @@ -121,6 +124,7 @@ when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 - haproxy_item.port | length > 4 + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for NWAS ASCS/ERS instances" @@ -161,6 +165,7 @@ label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - GCP CE VM - Ensure that haproxy service is running" @@ -168,3 +173,4 @@ name: haproxy enabled: false state: started + ignore_errors: "{{ ansible_check_mode }}" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml index 99f4cd6a4..dd9d129d4 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml @@ -114,6 +114,7 @@ # or # and ERS are both in the looped profile (reg_item) # and "SAP_.service" (ERS) are missing in the local systemd services list + - not ansible_check_mode - (__sap_ha_pacemaker_cluster_nwas_sid in reg_item and __task_cs_instance_nr in reg_item and ('SAP' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_' ~ __task_cs_instance_nr ~ '.service') From 2495c5a9edf543d1d80aa99f4da3ca79307f4f78 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Wed, 26 Feb 2025 18:04:00 +0100 Subject: [PATCH 50/66] sap_ha_pacemaker_cluster: fix(check-mode): adjustments - Suse tasks fixes - removed check-mode conditionals from shell/command tasks, they will be skipped anyway by default - added more check-mode logic to NW post tasks --- .../Suse/post_steps_nwas_abap_ascs_ers.yml | 6 +--- .../Suse/post_steps_nwas_java_scs_ers.yml | 6 +--- ...figure_nwas_abap_ascs_ers_post_install.yml | 30 +++++++++---------- ...nfigure_nwas_java_scs_ers_post_install.yml | 29 +++++++++--------- .../platform/preconfigure_cloud_gcp_ce_vm.yml | 2 -- .../preconfigure_cloud_ibmcloud_vs.yml | 4 +++ .../tasks/pre_steps_nwas_cs_ers.yml | 15 ++++++---- 7 files changed, 45 insertions(+), 47 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml index d1e876f99..50d03ec98 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml @@ -20,7 +20,6 @@ - name: "SAP HA Install Pacemaker - Put cluster in maintenance mode" ansible.builtin.command: cmd: crm --force configure property maintenance-mode=true - check_mode: false changed_when: true - name: "SAP HA Install Pacemaker - Verify that maintenance-mode is true" @@ -31,7 +30,6 @@ delay: 5 until: '"Resource management is DISABLED" in __sap_ha_pacemaker_cluster_crm_status_maint.stdout' - check_mode: false changed_when: false run_once: true # noqa: run_once[task] @@ -39,7 +37,6 @@ ansible.builtin.command: cmd: cibadmin --query register: __sap_ha_pacemaker_cluster_cib_query - check_mode: false changed_when: false - name: "SAP HA Install Pacemaker - Save CIB configuration" @@ -49,7 +46,7 @@ owner: root group: root mode: '0600' - check_mode: false + ignore_errors: "{{ ansible_check_mode }}" # SAPStartSrv - Remove monitor, start, stop operations from SAPStartSrv # These operations are not supported and not recommended. @@ -74,5 +71,4 @@ - name: "SAP HA Install Pacemaker - Disable maintenance mode" ansible.builtin.command: cmd: crm --force configure property maintenance-mode=false - check_mode: false changed_when: true diff --git a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml index d1e876f99..50d03ec98 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml @@ -20,7 +20,6 @@ - name: "SAP HA Install Pacemaker - Put cluster in maintenance mode" ansible.builtin.command: cmd: crm --force configure property maintenance-mode=true - check_mode: false changed_when: true - name: "SAP HA Install Pacemaker - Verify that maintenance-mode is true" @@ -31,7 +30,6 @@ delay: 5 until: '"Resource management is DISABLED" in __sap_ha_pacemaker_cluster_crm_status_maint.stdout' - check_mode: false changed_when: false run_once: true # noqa: run_once[task] @@ -39,7 +37,6 @@ ansible.builtin.command: cmd: cibadmin --query register: __sap_ha_pacemaker_cluster_cib_query - check_mode: false changed_when: false - name: "SAP HA Install Pacemaker - Save CIB configuration" @@ -49,7 +46,7 @@ owner: root group: root mode: '0600' - check_mode: false + ignore_errors: "{{ ansible_check_mode }}" # SAPStartSrv - Remove monitor, start, stop operations from SAPStartSrv # These operations are not supported and not recommended. @@ -74,5 +71,4 @@ - name: "SAP HA Install Pacemaker - Disable maintenance mode" ansible.builtin.command: cmd: crm --force configure property maintenance-mode=false - check_mode: false changed_when: true diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index dad4a6651..406aeb853 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -14,6 +14,7 @@ loop_var: sapstartsrv_srv_item when: - __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + ignore_errors: "{{ ansible_check_mode }}" # Block for configuring the SAP HA Interface (sap_cluster_connector). @@ -47,8 +48,9 @@ label: "{{ nwas_profile_item.0 }} -> {{ nwas_profile_item.1 }}" # Throttle and retry loop was added to combat NFS write lockups on Azure NFS throttle: 1 - retries: 30 - delay: 10 + retries: "{{ 1 if ansible_check_mode else 30 }}" + delay: "{{ 1 if ansible_check_mode else 10 }}" + ignore_errors: "{{ ansible_check_mode }}" # Sleep added to resolve issue with WaitforStarted finishing before resources are available. - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ASCS to be up and running" @@ -59,7 +61,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false - when: not ansible_check_mode + check_mode: false - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" become: true @@ -69,14 +71,13 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false - when: not ansible_check_mode + check_mode: false # NOTE: RestartService can cause fencing lockup and hang forever, # it might be good to remove them in future and leave reload to "ASCS ERS restart" block. - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ASCS service" when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_ascs @@ -87,7 +88,6 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_ers @@ -154,13 +154,11 @@ ansible.builtin.shell: | {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} changed_when: true - when: not ansible_check_mode # Block to restart cluster resources if RestartService is not enough. # This is required for SUSE, where SAP needs full restart to load HAlib. - name: "SAP HA Pacemaker - (SAP HA Interface) Block for ASCS ERS restart" when: - - not ansible_check_mode - "(__sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout is defined and 'FALSE' in __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout) or (__sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined @@ -213,7 +211,6 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ASCS" when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ascs_ha_check_config @@ -223,11 +220,12 @@ changed_when: false failed_when: - "'ERROR' in __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout" + check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_check_config @@ -236,18 +234,21 @@ changed_when: false failed_when: - "'ERROR' in __sap_ha_pacemaker_cluster_register_ers_ha_check_config.stdout" + check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ASCS" when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config ansible.builtin.shell: | /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function HAGetFailoverConfig changed_when: false + check_mode: false + ignore_errors: "{{ ansible_check_mode }}" # failed_when: # - __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout is defined # and 'FALSE' in __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout @@ -255,13 +256,14 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_failover_config ansible.builtin.shell: | /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig changed_when: false + check_mode: false + ignore_errors: "{{ ansible_check_mode }}" # failed_when: # - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined # and 'FALSE' in __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout @@ -272,17 +274,16 @@ when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout_lines is defined - - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout_lines }} + # HAGetFailoverConfig is not consistent and it can show FALSE on one of nodes - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results on ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines is defined - - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines }} @@ -292,7 +293,6 @@ when: - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout_lines is defined - - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout_lines }} diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml index c65b7a99e..03a8fa326 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml @@ -14,6 +14,7 @@ loop_var: sapstartsrv_srv_item when: - __sap_ha_pacemaker_cluster_nwas_cs_ers_simple_mount + ignore_errors: "{{ ansible_check_mode }}" # Block for configuring the SAP HA Interface (sap_cluster_connector). @@ -47,8 +48,9 @@ label: "{{ nwas_profile_item.0 }} -> {{ nwas_profile_item.1 }}" # Throttle and retry loop was added to combat NFS write lockups on Azure NFS throttle: 1 - retries: 30 - delay: 10 + retries: "{{ 1 if ansible_check_mode else 30 }}" + delay: "{{ 1 if ansible_check_mode else 10 }}" + ignore_errors: "{{ ansible_check_mode }}" # Sleep added to resolve issue with WaitforStarted finishing before resources are available. - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for SCS to be up and running" @@ -59,7 +61,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false - when: not ansible_check_mode + check_mode: false - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" become: true @@ -69,14 +71,13 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function WaitforStarted 600 30 changed_when: false failed_when: false - when: not ansible_check_mode + check_mode: false # NOTE: RestartService can cause fencing lockup and hang forever, # it might be good to remove them in future and leave reload to "SCS ERS restart" block. - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the SCS service" when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_scs @@ -87,7 +88,6 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_restart_ers @@ -154,13 +154,11 @@ ansible.builtin.shell: | {{ __sap_ha_pacemaker_cluster_command.resource_cleanup }} changed_when: true - when: not ansible_check_mode # Block to restart cluster resources if RestartService is not enough. # This is required for SUSE, where SAP needs full restart to load HAlib. - name: "SAP HA Pacemaker - (SAP HA Interface) Block for SCS ERS restart" when: - - not ansible_check_mode - "(__sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout is defined and 'FALSE' in __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout) or (__sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined @@ -213,7 +211,6 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for SCS" when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_scs_ha_check_config @@ -223,11 +220,12 @@ changed_when: false failed_when: - "'ERROR' in __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout" + check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_check_config @@ -236,18 +234,21 @@ changed_when: false failed_when: - "'ERROR' in __sap_ha_pacemaker_cluster_register_ers_ha_check_config.stdout" + check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for SCS" when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_scs_ha_failover_config ansible.builtin.shell: | /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function HAGetFailoverConfig changed_when: false + check_mode: false + ignore_errors: "{{ ansible_check_mode }}" # failed_when: # - __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout is defined # and 'FALSE' in __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout @@ -255,13 +256,14 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - - not ansible_check_mode become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" register: __sap_ha_pacemaker_cluster_register_ers_ha_failover_config ansible.builtin.shell: | /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig changed_when: false + check_mode: false + ignore_errors: "{{ ansible_check_mode }}" # failed_when: # - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout is defined # and 'FALSE' in __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout @@ -272,7 +274,6 @@ when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines is defined - - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines }} @@ -282,7 +283,6 @@ when: - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines is defined - - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines }} @@ -292,7 +292,6 @@ when: - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines is defined - - not ansible_check_mode ansible.builtin.debug: msg: | {{ __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines }} diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml index ea16e8043..8e92896d0 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_gcp_ce_vm.yml @@ -124,7 +124,6 @@ when: - sap_ha_pacemaker_cluster_host_type | select('search', 'hana_scaleup') | length > 0 - haproxy_item.port | length > 4 - ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - GCP CE VM - Create haproxy config for NWAS ASCS/ERS instances" @@ -165,7 +164,6 @@ label: "{{ haproxy_item.name }}: {{ haproxy_item.port }}" when: - sap_ha_pacemaker_cluster_host_type | select('search', 'nwas_abap_ascs_ers') | length > 0 - ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - GCP CE VM - Ensure that haproxy service is running" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml index 55e467aa3..b7ce5a1cc 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/platform/preconfigure_cloud_ibmcloud_vs.yml @@ -44,6 +44,7 @@ mode: '0644' when: - not __sap_ha_pacemaker_cluster_register_haproxy_template.stat.exists + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - IBM Cloud VS - Update haproxy service template description" ansible.builtin.lineinfile: @@ -54,6 +55,7 @@ state: present insertafter: '^[Unit]$' notify: "systemd daemon-reload" + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - IBM Cloud VS - Update haproxy service template" ansible.builtin.replace: @@ -76,6 +78,7 @@ loop_var: replace_item label: "{{ replace_item.label }}" notify: "systemd daemon-reload" + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - IBM Cloud VS - Define healthcheck details for HANA" ansible.builtin.set_fact: @@ -199,3 +202,4 @@ name: haproxy state: started enabled: false # Do not start on boot + ignore_errors: "{{ ansible_check_mode }}" diff --git a/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml index dd9d129d4..08fef84a5 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/pre_steps_nwas_cs_ers.yml @@ -17,8 +17,9 @@ else __sap_ha_pacemaker_cluster_nwas_ascs_sapinstance_start_profile_string }}" throttle: 1 - retries: 30 - delay: 10 + retries: "{{ 1 if ansible_check_mode else 30 }}" + delay: "{{ 1 if ansible_check_mode else 10 }}" + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (ERS profile) Prevent automatic restart" ansible.builtin.replace: @@ -28,8 +29,9 @@ replace: 'Start_Program_00' # Throttle and retry loop was added to combat NFS write lockups on Azure NFS throttle: 1 - retries: 30 - delay: 10 + retries: "{{ 1 if ansible_check_mode else 30 }}" + delay: "{{ 1 if ansible_check_mode else 10 }}" + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (systemd) Check for (A)SCS/ERS services" ansible.builtin.stat: @@ -114,7 +116,6 @@ # or # and ERS are both in the looped profile (reg_item) # and "SAP_.service" (ERS) are missing in the local systemd services list - - not ansible_check_mode - (__sap_ha_pacemaker_cluster_nwas_sid in reg_item and __task_cs_instance_nr in reg_item and ('SAP' ~ __sap_ha_pacemaker_cluster_nwas_sid ~ '_' ~ __task_cs_instance_nr ~ '.service') @@ -138,6 +139,7 @@ loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: instance_srv_item + ignore_errors: "{{ ansible_check_mode }}" # Creates a config file for the services. # Parent directories will be created when missing. @@ -152,6 +154,7 @@ loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: dropfile_item + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (systemd) Disable (A)SCS/ERS instance unit auto-restart" ansible.builtin.lineinfile: @@ -165,6 +168,7 @@ loop: "{{ sap_ha_pacemaker_cluster_instance_service_all_fact }}" loop_control: loop_var: dropfile_item + ignore_errors: "{{ ansible_check_mode }}" ### END of BLOCK for systemd setup. @@ -191,3 +195,4 @@ }}" when: - ansible_os_family == 'RedHat' + ignore_errors: "{{ ansible_check_mode }}" From 50b5cf037b121bdf9f4839bb60985f836ce6c540 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Thu, 27 Feb 2025 13:51:28 +0100 Subject: [PATCH 51/66] sap_ha_pacemaker_cluster: fix(check-mode): retry logic `command` tasks are skipped in check-mode. However, the retry logic is executed nonetheless and needs to be covered too. --- .../tasks/Suse/post_steps_nwas_abap_ascs_ers.yml | 3 ++- .../tasks/Suse/post_steps_nwas_java_scs_ers.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml index 50d03ec98..8d4e75f9f 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_abap_ascs_ers.yml @@ -26,12 +26,13 @@ ansible.builtin.command: cmd: crm status register: __sap_ha_pacemaker_cluster_crm_status_maint - retries: 10 + retries: "{{ 1 if ansible_check_mode else 10 }}" delay: 5 until: '"Resource management is DISABLED" in __sap_ha_pacemaker_cluster_crm_status_maint.stdout' changed_when: false run_once: true # noqa: run_once[task] + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - Fetch CIB configuration" ansible.builtin.command: diff --git a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml index 50d03ec98..8d4e75f9f 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/Suse/post_steps_nwas_java_scs_ers.yml @@ -26,12 +26,13 @@ ansible.builtin.command: cmd: crm status register: __sap_ha_pacemaker_cluster_crm_status_maint - retries: 10 + retries: "{{ 1 if ansible_check_mode else 10 }}" delay: 5 until: '"Resource management is DISABLED" in __sap_ha_pacemaker_cluster_crm_status_maint.stdout' changed_when: false run_once: true # noqa: run_once[task] + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Install Pacemaker - Fetch CIB configuration" ansible.builtin.command: From a4286b4b31d67dbac1605db84bd97bac2eb9ff18 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Thu, 27 Feb 2025 15:47:04 +0100 Subject: [PATCH 52/66] sap_ha_pacemaker_cluster: fix(check-mode): add ignore - ignore errors in tasks with become_user that may not exist --- .../tasks/configure_nwas_abap_ascs_ers_post_install.yml | 5 +++++ .../tasks/configure_nwas_java_scs_ers_post_install.yml | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index 406aeb853..af0f0cebd 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -62,6 +62,7 @@ changed_when: false failed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" become: true @@ -72,6 +73,7 @@ changed_when: false failed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" # NOTE: RestartService can cause fencing lockup and hang forever, # it might be good to remove them in future and leave reload to "ASCS ERS restart" block. @@ -107,6 +109,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ascs_instance_nr }} -function HAGetFailoverConfig changed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: @@ -118,6 +121,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig changed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results" when: @@ -139,6 +143,7 @@ changed_when: false failed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" when: diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml index 03a8fa326..926b67a19 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml @@ -62,6 +62,7 @@ changed_when: false failed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Wait for ERS to be up and running" become: true @@ -72,6 +73,7 @@ changed_when: false failed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" # NOTE: RestartService can cause fencing lockup and hang forever, # it might be good to remove them in future and leave reload to "SCS ERS restart" block. @@ -107,6 +109,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_scs_instance_nr }} -function HAGetFailoverConfig changed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: @@ -118,6 +121,7 @@ /usr/sap/hostctrl/exe/sapcontrol -nr {{ __sap_ha_pacemaker_cluster_nwas_ers_instance_nr }} -function HAGetFailoverConfig changed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results" when: @@ -139,6 +143,7 @@ changed_when: false failed_when: false check_mode: false + ignore_errors: "{{ ansible_check_mode }}" - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" when: From 2bc2718f4c95a5b75ea43bdd8d847ccfd171b979 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Thu, 27 Feb 2025 16:19:05 +0100 Subject: [PATCH 53/66] sap_ha_pacemaker_cluster: fix(check-mode): improve conditionals --- .../configure_nwas_java_scs_ers_post_install.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml index 926b67a19..46a876ab0 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_java_scs_ers_post_install.yml @@ -79,6 +79,7 @@ # it might be good to remove them in future and leave reload to "SCS ERS restart" block. - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the SCS service" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -89,6 +90,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -100,6 +102,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for SCS" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -113,6 +116,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -125,6 +129,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines is defined ansible.builtin.debug: @@ -134,6 +139,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for SCS" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -147,6 +153,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines is defined ansible.builtin.debug: @@ -215,6 +222,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for SCS" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -230,6 +238,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ERS" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -245,6 +254,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for SCS" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -260,6 +270,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -277,6 +288,7 @@ # HAGetFailoverConfig is not consistent and it can show FALSE on one of nodes - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results on SCS" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - __sap_ha_pacemaker_cluster_register_scs_ha_failover_config.stdout_lines is defined ansible.builtin.debug: @@ -286,6 +298,7 @@ # HAGetFailoverConfig is not consistent and it can show FALSE on one of nodes - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results on ERS" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines is defined ansible.builtin.debug: @@ -295,6 +308,7 @@ # HACheckConfig shows same statues on both nodes, therefore only SCS is shown - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" when: + - __sap_ha_pacemaker_cluster_register_where_scs.rc is defined - __sap_ha_pacemaker_cluster_register_where_scs.rc == 0 - __sap_ha_pacemaker_cluster_register_scs_ha_check_config.stdout_lines is defined ansible.builtin.debug: From ef162d7af4b84d1a3f9660c52bbc18ab2fe9c4e2 Mon Sep 17 00:00:00 2001 From: Janine Fuchs Date: Thu, 27 Feb 2025 16:47:06 +0100 Subject: [PATCH 54/66] sap_ha_pacemaker_cluster: fix(check-mode): conditionals 2 --- .../configure_nwas_abap_ascs_ers_post_install.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml index af0f0cebd..76882c3e1 100644 --- a/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml +++ b/roles/sap_ha_pacemaker_cluster/tasks/configure_nwas_abap_ascs_ers_post_install.yml @@ -79,6 +79,7 @@ # it might be good to remove them in future and leave reload to "ASCS ERS restart" block. - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ASCS service" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -89,6 +90,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Restart the ERS service" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -100,6 +102,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ASCS" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -113,6 +116,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -125,6 +129,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout_lines is defined ansible.builtin.debug: @@ -134,6 +139,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ASCS" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -147,6 +153,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout_lines is defined ansible.builtin.debug: @@ -183,6 +190,7 @@ loop_control: loop_var: restart_item when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 changed_when: true @@ -215,6 +223,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ASCS" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -230,6 +239,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HACheckConfig for ERS" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -245,6 +255,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ASCS" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -260,6 +271,7 @@ - name: "SAP HA Pacemaker - (SAP HA Interface) Get HAGetFailoverConfig for ERS" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 become: true become_user: "{{ __sap_ha_pacemaker_cluster_nwas_sid | lower }}adm" @@ -277,6 +289,7 @@ # HAGetFailoverConfig is not consistent and it can show FALSE on one of nodes - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results on ASCS" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - __sap_ha_pacemaker_cluster_register_ascs_ha_failover_config.stdout_lines is defined ansible.builtin.debug: @@ -287,6 +300,7 @@ # HAGetFailoverConfig is not consistent and it can show FALSE on one of nodes - name: "SAP HA Pacemaker - (SAP HA Interface) Display HAGetFailoverConfig results on ERS" when: + - __sap_ha_pacemaker_cluster_register_where_ers.rc is defined - __sap_ha_pacemaker_cluster_register_where_ers.rc == 0 - __sap_ha_pacemaker_cluster_register_ers_ha_failover_config.stdout_lines is defined ansible.builtin.debug: @@ -296,6 +310,7 @@ # HACheckConfig shows same statues on both nodes, therefore only ASCS is shown - name: "SAP HA Pacemaker - (SAP HA Interface) Display HACheckConfig results" when: + - __sap_ha_pacemaker_cluster_register_where_ascs.rc is defined - __sap_ha_pacemaker_cluster_register_where_ascs.rc == 0 - __sap_ha_pacemaker_cluster_register_ascs_ha_check_config.stdout_lines is defined ansible.builtin.debug: From 71d563b7972ea3fe9a1a060b3918631fe7c8ed74 Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Fri, 28 Feb 2025 10:11:07 +0100 Subject: [PATCH 55/66] sap_swpm: remove duplicate section credentials_anydb_ibmdb2 ... from templates/inifile_params.j2 Solves #985. See also PR #982. Signed-off-by: Bernd Finger --- roles/sap_swpm/templates/inifile_params.j2 | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/roles/sap_swpm/templates/inifile_params.j2 b/roles/sap_swpm/templates/inifile_params.j2 index 6b105193e..9412b71d4 100644 --- a/roles/sap_swpm/templates/inifile_params.j2 +++ b/roles/sap_swpm/templates/inifile_params.j2 @@ -258,17 +258,6 @@ ora.SystemPassword = {{ sap_swpm_db_system_password }} # END section credentials_anydb_oracledb # ################################################################### {% endif %} -{% if 'credentials_anydb_ibmdb2' in sap_swpm_inifile_sections_list %} - -################################################################### -# BEGIN section credentials_anydb_ibmdb2 # -# # -nwUsers.db6.db2sidPassword = {{ sap_swpm_sap_sidadm_password }} -# nwUsers.db6.db2sidUid = -# # -# END section credentials_anydb_ibmdb2 # -################################################################### -{% endif %} {% if 'credentials_anydb_sapase' in sap_swpm_inifile_sections_list %} ################################################################### From ecac80e71004ee8781be5c77cab8d1907884726e Mon Sep 17 00:00:00 2001 From: sean-freeman <1815807+sean-freeman@users.noreply.github.com> Date: Fri, 28 Feb 2025 10:17:57 +0000 Subject: [PATCH 56/66] collection: gh issue templates --- .github/ISSUE_TEMPLATE/bug_report.yml | 113 +++++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.yml | 96 +++++++++++++++++ 2 files changed, 209 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 000000000..5a1a3e636 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,113 @@ +--- +name: Bug report +description: Report an unexpected error, a crash, or an incorrect behavior +title: "ansible_role_name_here: short_desc_here" +labels: [bug] +body: + - type: markdown + attributes: + value: | + :wave: + + Thank you for taking the time to fill out this bug/issue report! + + Before raising a bug/issue, please read the documentation of the Ansible Role where the feature or enhancement is requested; such as [community.sap_install/roles/sap_hana_install/README](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hana_install/README.md) + + - type: dropdown + id: role + attributes: + label: Ansible Role + description: Which Ansible Role are you proposing a feature or enhancement for? + options: + - All + - sap_anydb_install_oracle + - sap_general_preconfigure + - sap_ha_install_anydb_ibmdb2 + - sap_ha_install_hana_hsr + - sap_ha_pacemaker_cluster + - sap_hana_install + - sap_hana_preconfigure + - sap_hostagent + - sap_install_media_detect + - sap_maintain_etc_hosts + - sap_netweaver_preconfigure + - sap_storage_setup + - sap_swpm + - None of them (or I don't know) + default: 0 + validations: + required: true + + - type: dropdown + id: os-family + attributes: + label: OS Family + description: Which OS are experiencing the issue with? + options: + - N/A + - RHEL + - SLES + default: 0 + validations: + required: true + + - type: textarea + id: python-version + attributes: + label: Ansible Controller - Python version + description: From wherever you execute Ansible, please provide the Python version being used + placeholder: | + python --version + Python 3.12.0 + validations: + required: true + + - type: textarea + id: ansible-version + attributes: + label: Ansible-core version + description: From wherever you execute Ansible, please provide the Ansible Core version being used + placeholder: | + ansible --version + ansible [core 2.16.0] + validations: + required: true + + - type: textarea + id: description + attributes: + label: Bug Description + description: Please provide a clear and concise description of the bug. You can attach images (drag-and-drop) or log files as required. + validations: + required: true + + - type: textarea + id: reproduction + attributes: + label: Bug reproduction + description: Please provide the steps you performed, so we can try to reproduce the problem you ran into + validations: + required: true + + - type: dropdown + id: participation + attributes: + label: Community participation + description: Do you want to join our community and contribute/implement a bug fix yourself? + options: + - Happy to implement this bug fix + - Happy to help with this bug fix, but may need help (e.g. first time contributing to open-source using git) + - Unfortunately I am not in a position to help with the bug fix + validations: + required: true + + - type: markdown + attributes: + value: | +
+ + **Before submitting this report, I confirm:** + + - :white_check_mark: Yes, I read the documentation + + - :white_check_mark: Yes, I checked if there was already a previous [GitHub Issue](https://github.com/sap-linuxlab/community.sap_install/issues?q=is%3Aissue%20) about this bug diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 000000000..33fef5c15 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,96 @@ +--- +name: Feature request +description: Request a feature or enhancement to the Ansible Collection +title: "feat: ansible_role_name_here short_desc_here" +labels: [enhancement] +body: + - type: markdown + attributes: + value: | + :wave: + + Thank you for taking the time to fill out this feature request! + + Before raising a feature request, please read the documentation of the Ansible Role where the feature or enhancement is requested; such as [community.sap_install/roles/sap_hana_install/README](https://github.com/sap-linuxlab/community.sap_install/blob/main/roles/sap_hana_install/README.md) + + - type: dropdown + id: role + attributes: + label: Ansible Role + description: Which Ansible Role are you proposing a feature or enhancement for? + options: + - All + - sap_anydb_install_oracle + - sap_general_preconfigure + - sap_ha_install_anydb_ibmdb2 + - sap_ha_install_hana_hsr + - sap_ha_pacemaker_cluster + - sap_hana_install + - sap_hana_preconfigure + - sap_hostagent + - sap_install_media_detect + - sap_maintain_etc_hosts + - sap_netweaver_preconfigure + - sap_storage_setup + - sap_swpm + default: 0 + validations: + required: true + + - type: dropdown + id: os-family + attributes: + label: OS Family + description: Is feature or enhancement OS specific? + options: + - All + - RHEL + - SLES + default: 0 + validations: + required: true + + - type: textarea + id: description + attributes: + label: Feature/Enhancement request + description: A clear and concise description of what will improve the Ansible Role; please include use cases for the desired final outcome. + placeholder: | + e.g. I believe [...] would help clarity to end-users during execution. + + e.g. I believe [...] is required to avoid [...] problem/s occuring. + + e.g. I believe [...] is missing according to [citation] SAP documentation. + validations: + required: true + + - type: dropdown + id: participation + attributes: + label: Community participation + description: Do you want to join our community and contribute/implement this feature yourself? + options: + - Happy to implement this feature + - Happy to help with this feature, but may need help (e.g. first time contributing to open-source using git) + - Unfortunately I am not in a position to help with the feature + validations: + required: true + + - type: textarea + id: attempted-solution + attributes: + label: Optional - Attempted solutions or manual steps + description: If you already have some Ansible code or manual steps (shell commands), please paste these below + placeholder: | + + validations: + required: false + + - type: markdown + attributes: + value: | +
+ + **Before submitting this request, I confirm:** + + - :white_check_mark: Yes, I read the documentation From 0298a9c35a35226971bc410afb9ebea392f85f23 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Mon, 3 Mar 2025 13:05:06 +0100 Subject: [PATCH 57/66] feat: update fapolicyd conditionals for RedHat --- roles/sap_hana_install/tasks/post_install.yml | 2 ++ roles/sap_hana_install/tasks/pre_install.yml | 24 +++++++++++-------- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/roles/sap_hana_install/tasks/post_install.yml b/roles/sap_hana_install/tasks/post_install.yml index b774b3716..2b9aaacb8 100644 --- a/roles/sap_hana_install/tasks/post_install.yml +++ b/roles/sap_hana_install/tasks/post_install.yml @@ -209,6 +209,8 @@ - name: SAP HANA Post Install, fapolicyd - Update config for desired integrity level and revert if validation fails when: + # Ensure fapolicyd is checked only on supported systems. + - ansible_os_family == "RedHat" - sap_hana_install_use_fapolicyd - '"fapolicyd" in ansible_facts.packages' tags: sap_hana_install_use_fapolicyd diff --git a/roles/sap_hana_install/tasks/pre_install.yml b/roles/sap_hana_install/tasks/pre_install.yml index d0c576020..94aaef6fc 100644 --- a/roles/sap_hana_install/tasks/pre_install.yml +++ b/roles/sap_hana_install/tasks/pre_install.yml @@ -34,18 +34,22 @@ # Otherwise, the installation of SAP HANA will fail ################ -- name: SAP HANA Pre Install, fapolicyd - Gather package facts - ansible.builtin.package_facts: - tags: sap_hana_install_use_fapolicyd - -- name: SAP HANA Pre Install, fapolicyd - Disable fapolicyd - ansible.builtin.service: - name: fapolicyd - enabled: false - state: stopped +- name: SAP HANA Pre Install, fapolicyd - Block to disable fapolicyd when: - - '"fapolicyd" in ansible_facts.packages' + # Ensure fapolicyd is checked only on supported systems. + - ansible_os_family == "RedHat" tags: sap_hana_install_use_fapolicyd + block: + - name: SAP HANA Pre Install, fapolicyd - Gather package facts + ansible.builtin.package_facts: + + - name: SAP HANA Pre Install, fapolicyd - Disable fapolicyd + ansible.builtin.service: + name: fapolicyd + enabled: false + state: stopped + when: + - '"fapolicyd" in ansible_facts.packages' ################ # Prepare software path From 90f223618c67a52a6875b6a9f29b1c44c31592eb Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 3 Mar 2025 18:11:12 +0100 Subject: [PATCH 58/66] sap_general_preconfigure: Remove unused fileconfigure-etc-hosts.yml Solves issue #990. Signed-off-by: Bernd Finger --- .../RedHat/generic/configure-etc-hosts.yml | 117 ------------------ 1 file changed, 117 deletions(-) delete mode 100644 roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml deleted file mode 100644 index 306a8e043..000000000 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml +++ /dev/null @@ -1,117 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 ---- - -- name: Display host and domain name, and IP address before the modification - ansible.builtin.debug: - msg: - - "sap_general_preconfigure_hostname = {{ sap_general_preconfigure_hostname }}" - - "sap_general_preconfigure_domain = {{ sap_general_preconfigure_domain }}" - - "sap_general_preconfigure_ip = {{ sap_general_preconfigure_ip }}" - -- name: Get all hostname aliases of {{ sap_general_preconfigure_ip }} - ansible.builtin.shell: | - awk '( $1 == "{{ sap_general_preconfigure_ip }}" ) { - for (i=2; i<=NF; ++i) { - if (( $i != "{{ sap_general_preconfigure_hostname }}" ) && - ( $i != "{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}" )) { printf " "$i } - } - }' /etc/hosts - register: __sap_general_preconfigure_register_sap_hostname_aliases - changed_when: false - -- name: Display hostname aliases - ansible.builtin.debug: - var: __sap_general_preconfigure_register_sap_hostname_aliases - -- name: Check if ipv4 address, FQDN, and hostname are in /etc/hosts - when: not sap_general_preconfigure_modify_etc_hosts | bool - block: - - - name: Perform the /etc/hosts completeness check - ansible.builtin.command: awk 'BEGIN{a=0}/{{ sap_general_preconfigure_ip }}/&&/{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}/&&/{{ sap_general_preconfigure_hostname }}/{a++}END{print a}' /etc/hosts - register: __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check - changed_when: false - - - name: Display the output of the /etc/hosts completeness check - ansible.builtin.debug: - var: __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check.stdout_lines, - __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check.stderr_lines - - - name: Display the expected output of the /etc/hosts completeness check - ansible.builtin.debug: - msg: - - "Expected:" - - "{{ sap_general_preconfigure_ip }} {{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }} {{ sap_general_preconfigure_hostname }}" - when: - - __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check.stdout != "1" - - - name: Fail if ip4 address, FQDN, or hostname are not in /etc/hosts - ansible.builtin.fail: - msg: - - "Server's ip4 address, FQDN, or hostname are not in /etc/hosts!" - - "Expected:" - - "{{ sap_general_preconfigure_ip }} {{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }} {{ sap_general_preconfigure_hostname }}" - when: - - __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_check.stdout != "1" - ignore_errors: "{{ ansible_check_mode }}" - -# We allow more than one line containing sap_general_preconfigure_ip: -- name: Check for duplicate entries of {{ sap_general_preconfigure_ip }} in /etc/hosts - ansible.builtin.shell: | - n=$(grep "^{{ sap_general_preconfigure_ip }}\s" /etc/hosts | wc -l) - if [ $n -gt 1 ]; then - echo "Duplicate IP entry in /etc/hosts!" - exit 1 - else - exit 0 - fi - register: __sap_general_preconfigure_register_duplicate_ip_check - changed_when: false - ignore_errors: true - when: not ansible_check_mode - -- name: Verify that variable sap_general_preconfigure_domain is set - ansible.builtin.assert: - that: not( (sap_general_preconfigure_domain is undefined) or (sap_general_preconfigure_domain is none) or (sap_general_preconfigure_domain | trim == '') ) - msg: "Variable 'sap_general_preconfigure_domain' is undefined or empty. Please set it in your playbook or inventory!" - -- name: Report if there is more than one line with the IP address - ansible.builtin.debug: - msg: - - "More than one line containing {{ sap_general_preconfigure_ip }}. File /etc/hosts will not be modified." - when: - - not ansible_check_mode - - __sap_general_preconfigure_register_duplicate_ip_check.stdout == 'Duplicate IP entry in /etc/hosts!' - - sap_general_preconfigure_modify_etc_hosts | bool - -- name: Ensure that the entry in /etc/hosts is correct - ansible.builtin.lineinfile: - path: /etc/hosts - regexp: '^{{ sap_general_preconfigure_ip }}\s' - line: "{{ sap_general_preconfigure_ip }} {{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }} {{ sap_general_preconfigure_hostname }}{{ __sap_general_preconfigure_register_sap_hostname_aliases.stdout }}" - backup: true - when: - - not ansible_check_mode - - sap_general_preconfigure_domain | length > 0 - - __sap_general_preconfigure_register_duplicate_ip_check.stdout != 'Duplicate IP entry in /etc/hosts!' - - sap_general_preconfigure_modify_etc_hosts | bool - -- name: Check for duplicate or missing entries of hostname and fqdn in /etc/hosts - ansible.builtin.shell: | - n=$(awk 'BEGIN{a=0}/^{{ line_item }}\s/||/\s{{ line_item }}\s/||/\s{{ line_item }}$/{a++}END{print a}' /etc/hosts) - if [ $n -eq 1 ]; then - exit 0 - else - exit 1 - fi - with_items: - - '{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}' - - '{{ sap_general_preconfigure_hostname }}' - changed_when: false - loop_control: - loop_var: line_item - when: not ansible_check_mode - -- name: Check hostname -s and hostname -f settings - ansible.builtin.shell: test "$(hostname -s)" = "$(hostname)" -a "$(hostname -f)" = "$(hostname).$(hostname -d)" - changed_when: false From c701d6ce20449f24d463a4034b58a3b6184626c3 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Tue, 4 Mar 2025 11:31:22 +0100 Subject: [PATCH 59/66] feat: Add etc hosts setup to Suse configure steps --- roles/sap_general_preconfigure/README.md | 7 ++++--- roles/sap_general_preconfigure/defaults/main.yml | 1 + .../meta/argument_specs.yml | 1 + .../tasks/SLES/configuration.yml | 14 ++++++++++++++ 4 files changed, 20 insertions(+), 3 deletions(-) diff --git a/roles/sap_general_preconfigure/README.md b/roles/sap_general_preconfigure/README.md index 4558b70d0..5e5da23c5 100644 --- a/roles/sap_general_preconfigure/README.md +++ b/roles/sap_general_preconfigure/README.md @@ -411,19 +411,20 @@ sap_general_preconfigure_kernel_parameters: The maximum length of the hostname. See SAP note 611361.
-### sap_hostname +### sap_general_preconfigure_hostname - _Type:_ `str` - _Default:_ `"{{ ansible_hostname }}"` The hostname to be used for updating or checking `/etc/hosts` entries.
-### sap_domain +### sap_general_preconfigure_domain - _Type:_ `str` - _Default:_ `"{{ ansible_domain }}"` The DNS domain name to be used for updating or checking `/etc/hosts` entries.
+Mandatory parameter when sap_general_preconfigure_modify_etc_hosts is set to true.
-### sap_ip +### sap_general_preconfigure_ip - _Type:_ `str` - _Default:_ `"{{ ansible_default_ipv4.address }}"` diff --git a/roles/sap_general_preconfigure/defaults/main.yml b/roles/sap_general_preconfigure/defaults/main.yml index e8db802c6..4e217eaa6 100644 --- a/roles/sap_general_preconfigure/defaults/main.yml +++ b/roles/sap_general_preconfigure/defaults/main.yml @@ -162,6 +162,7 @@ sap_general_preconfigure_hostname: "{{ sap_hostname | d(ansible_hostname) }}" sap_general_preconfigure_domain: "{{ sap_domain | d(ansible_domain) }}" # The DNS domain name to be used for updating or checking `/etc/hosts` entries. +# Mandatory parameter when sap_general_preconfigure_modify_etc_hosts is set to true. # sap_general_preconfigure_db_group_name: (not defined by default) # (RedHat specific) Use this variable to specify the name of the RHEL group which is used for the database processes. diff --git a/roles/sap_general_preconfigure/meta/argument_specs.yml b/roles/sap_general_preconfigure/meta/argument_specs.yml index 11e2bc0b3..182e2a6b2 100644 --- a/roles/sap_general_preconfigure/meta/argument_specs.yml +++ b/roles/sap_general_preconfigure/meta/argument_specs.yml @@ -328,6 +328,7 @@ argument_specs: default: "{{ ansible_domain }}" description: - The DNS domain name to be used for updating or checking `/etc/hosts` entries. + - Mandatory parameter when `sap_general_preconfigure_modify_etc_hosts` is set to true. required: false type: str diff --git a/roles/sap_general_preconfigure/tasks/SLES/configuration.yml b/roles/sap_general_preconfigure/tasks/SLES/configuration.yml index dfcf3ef4f..60a2802be 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/configuration.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/configuration.yml @@ -5,6 +5,20 @@ ansible.builtin.debug: var: __sap_general_preconfigure_sapnotes_versions | difference(['']) +# Configure /etc/hosts +- name: Import role sap_maintain_etc_hosts + ansible.builtin.import_role: + name: '{{ sap_general_preconfigure_sap_install_collection }}.sap_maintain_etc_hosts' + vars: + sap_maintain_etc_hosts_list: + - node_ip: "{{ sap_general_preconfigure_ip }}" + node_name: "{{ sap_general_preconfigure_hostname }}" + node_domain: "{{ sap_general_preconfigure_domain }}" + state: present + when: sap_general_preconfigure_modify_etc_hosts + tags: + - sap_general_preconfigure_etc_hosts + - name: Configure - Include configuration actions for required sapnotes ansible.builtin.include_tasks: "sapnote/{{ sap_note_line_item.number }}.yml" loop: "{{ __sap_general_preconfigure_sapnotes_versions | difference(['']) }}" From 0dc982c2704b5a5c657c9432d9fb6a779fc73134 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Tue, 4 Mar 2025 13:58:10 +0100 Subject: [PATCH 60/66] feat: add package libltdl7 to SLES vars --- roles/sap_hana_preconfigure/vars/SLES_15.yml | 4 ++++ roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml | 4 ++++ roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/roles/sap_hana_preconfigure/vars/SLES_15.yml b/roles/sap_hana_preconfigure/vars/SLES_15.yml index 0bf33eec7..a3f584c36 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_15.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_15.yml @@ -35,6 +35,10 @@ __sap_hana_preconfigure_packages: # 3139184 - Linux: systemd integration for sapstartsrv and SAP Host Agent - polkit + # 2998886 - SAP HANA DB installation fails with "hdbnsutil: error while loading shared libraries" + # 3029056 - Error while loading shared libraries: libltdl.so.7: cannot open shared object file + - libltdl7 + # Recommended for System monitoring - cpupower # - "{{ 'libcpupower0' if ansible_distribution_version.split('.')[1] | int < 6 else 'libcpupower1' }}" diff --git a/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml b/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml index 096a081f0..7f63c34b0 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml @@ -35,6 +35,10 @@ __sap_hana_preconfigure_packages: # 3139184 - Linux: systemd integration for sapstartsrv and SAP Host Agent - polkit + # 2998886 - SAP HANA DB installation fails with "hdbnsutil: error while loading shared libraries" + # 3029056 - Error while loading shared libraries: libltdl.so.7: cannot open shared object file + - libltdl7 + # Recommended for System monitoring - cpupower # - "{{ 'libcpupower0' if ansible_distribution_version.split('.')[1] | int < 6 else 'libcpupower1' }}" diff --git a/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml b/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml index b0678a8e6..00200c7f3 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml @@ -23,6 +23,10 @@ __sap_hana_preconfigure_packages: # 3139184 - Linux: systemd integration for sapstartsrv and SAP Host Agent - polkit + # 2998886 - SAP HANA DB installation fails with "hdbnsutil: error while loading shared libraries" + # 3029056 - Error while loading shared libraries: libltdl.so.7: cannot open shared object file + - libltdl7 + # Recommended for System monitoring - cpupower - libcpupower1 From 8389a03e902dea0ec28c25d64684429107ba801e Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Wed, 5 Mar 2025 17:23:23 +0100 Subject: [PATCH 61/66] Revert "feat: add package libltdl7 to SLES vars" This reverts commit 0dc982c2704b5a5c657c9432d9fb6a779fc73134. --- roles/sap_hana_preconfigure/vars/SLES_15.yml | 4 ---- roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml | 4 ---- roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml | 4 ---- 3 files changed, 12 deletions(-) diff --git a/roles/sap_hana_preconfigure/vars/SLES_15.yml b/roles/sap_hana_preconfigure/vars/SLES_15.yml index a3f584c36..0bf33eec7 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_15.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_15.yml @@ -35,10 +35,6 @@ __sap_hana_preconfigure_packages: # 3139184 - Linux: systemd integration for sapstartsrv and SAP Host Agent - polkit - # 2998886 - SAP HANA DB installation fails with "hdbnsutil: error while loading shared libraries" - # 3029056 - Error while loading shared libraries: libltdl.so.7: cannot open shared object file - - libltdl7 - # Recommended for System monitoring - cpupower # - "{{ 'libcpupower0' if ansible_distribution_version.split('.')[1] | int < 6 else 'libcpupower1' }}" diff --git a/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml b/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml index 7f63c34b0..096a081f0 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml @@ -35,10 +35,6 @@ __sap_hana_preconfigure_packages: # 3139184 - Linux: systemd integration for sapstartsrv and SAP Host Agent - polkit - # 2998886 - SAP HANA DB installation fails with "hdbnsutil: error while loading shared libraries" - # 3029056 - Error while loading shared libraries: libltdl.so.7: cannot open shared object file - - libltdl7 - # Recommended for System monitoring - cpupower # - "{{ 'libcpupower0' if ansible_distribution_version.split('.')[1] | int < 6 else 'libcpupower1' }}" diff --git a/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml b/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml index 00200c7f3..b0678a8e6 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml @@ -23,10 +23,6 @@ __sap_hana_preconfigure_packages: # 3139184 - Linux: systemd integration for sapstartsrv and SAP Host Agent - polkit - # 2998886 - SAP HANA DB installation fails with "hdbnsutil: error while loading shared libraries" - # 3029056 - Error while loading shared libraries: libltdl.so.7: cannot open shared object file - - libltdl7 - # Recommended for System monitoring - cpupower - libcpupower1 From 19c7e93c3951c9d809b0b2cced30bc35b3b5474e Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Thu, 6 Mar 2025 13:07:54 +0100 Subject: [PATCH 62/66] feat: saptune enhancements --- roles/sap_general_preconfigure/README.md | 11 +++++-- .../defaults/main.yml | 8 +++-- .../meta/argument_specs.yml | 13 ++++++-- .../tasks/SLES/assert-installation.yml | 16 ++++++++++ .../tasks/SLES/generic/saptune_takeover.yml | 20 ++++++------ .../tasks/SLES/installation.yml | 5 +++ .../sap_general_preconfigure/vars/SLES_15.yml | 6 ++++ .../vars/SLES_SAP_15.yml | 7 ++-- .../vars/SLES_SAP_16.yml | 7 ++-- roles/sap_general_preconfigure/vars/main.yml | 1 + roles/sap_hana_preconfigure/README.md | 13 ++++++++ roles/sap_hana_preconfigure/defaults/main.yml | 6 ++++ .../meta/argument_specs.yml | 16 ++++++++++ .../tasks/SLES/assert-installation.yml | 16 ++++++++++ .../tasks/SLES/configuration.yml | 32 +++++++++++++++++-- .../tasks/SLES/generic/saptune_takeover.yml | 23 ------------- .../tasks/SLES/installation.yml | 5 +++ .../tasks/sapnote/2684254/configuration.yml | 2 +- roles/sap_hana_preconfigure/vars/SLES_15.yml | 7 ++-- .../vars/SLES_SAP_15.yml | 8 +++-- .../vars/SLES_SAP_16.yml | 8 +++-- roles/sap_hana_preconfigure/vars/main.yml | 1 + roles/sap_netweaver_preconfigure/README.md | 13 ++++++++ .../defaults/main.yml | 7 ++++ .../meta/argument_specs.yml | 16 ++++++++++ .../tasks/SLES/assert-installation.yml | 15 +++++++++ .../tasks/SLES/configuration.yml | 32 +++++++++++++++++-- .../tasks/SLES/generic/saptune_takeover.yml | 23 ------------- .../tasks/SLES/installation.yml | 5 +++ .../vars/SLES_15.yml | 8 +++-- .../vars/SLES_SAP_15.yml | 9 +++--- .../vars/SLES_SAP_16.yml | 9 ++++-- .../sap_netweaver_preconfigure/vars/main.yml | 1 + 33 files changed, 282 insertions(+), 87 deletions(-) diff --git a/roles/sap_general_preconfigure/README.md b/roles/sap_general_preconfigure/README.md index 4558b70d0..7c8582680 100644 --- a/roles/sap_general_preconfigure/README.md +++ b/roles/sap_general_preconfigure/README.md @@ -258,7 +258,7 @@ If you set the RHEL minor release, then you must also use the `eus` or `e4s` rep - _Type:_ `str` - _Default:_ (set by platform/environment specific variables) -The name of the software package group to install.
+(RedHat specific) The name of the software package group to install.
The default for this parameter is set in the vars file which corresponds to the detected OS version.
Example: @@ -271,7 +271,7 @@ Example: - _Type:_ `str` - _Default:_ (set by platform/environment specific variables) -The name of the software environment group to check.
+(RedHat specific) The name of the software environment group to check.
The default for this parameter is set in the vars file which corresponds to the detected OS version.
Example: @@ -280,6 +280,13 @@ Example: '@minimal-environment' ``` +### sap_general_preconfigure_patterns +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +(SUSE specific) The list of the zypper patterns to install.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ ### sap_general_preconfigure_packages - _Type:_ `list` with elements of type `str` - _Default:_ (set by platform/environment specific variables) diff --git a/roles/sap_general_preconfigure/defaults/main.yml b/roles/sap_general_preconfigure/defaults/main.yml index e8db802c6..4505c3665 100644 --- a/roles/sap_general_preconfigure/defaults/main.yml +++ b/roles/sap_general_preconfigure/defaults/main.yml @@ -69,15 +69,19 @@ sap_general_preconfigure_set_minor_release: false # If you set the RHEL minor release, then you must also use the `eus` or `e4s` repos. sap_general_preconfigure_packagegroups: "{{ __sap_general_preconfigure_packagegroups }}" -# The name of the software package group to install. +# (RedHat specific) The name of the software package group to install. # The default for this parameter is set in the vars file which corresponds to the detected OS version. # Example: See README.md sap_general_preconfigure_envgroups: "{{ __sap_general_preconfigure_envgroups }}" -# The name of the software environment group to check. +# (RedHat specific) The name of the software environment group to check. # The default for this parameter is set in the vars file which corresponds to the detected OS version. # Example: See README.md +sap_general_preconfigure_patterns: "{{ __sap_general_preconfigure_patterns }}" +# (SUSE specific) The list of the zypper patterns to install. +# The default for this parameter is set in the vars file which corresponds to the detected OS version. + sap_general_preconfigure_packages: "{{ __sap_general_preconfigure_packages }}" # The list of packages to be installed. # The default for this variable is set in the vars file which corresponds to the detected OS version. diff --git a/roles/sap_general_preconfigure/meta/argument_specs.yml b/roles/sap_general_preconfigure/meta/argument_specs.yml index 11e2bc0b3..fb23e6c05 100644 --- a/roles/sap_general_preconfigure/meta/argument_specs.yml +++ b/roles/sap_general_preconfigure/meta/argument_specs.yml @@ -152,7 +152,7 @@ argument_specs: sap_general_preconfigure_packagegroups: default: "{{ __sap_general_preconfigure_packagegroups }}" description: - - The name of the software package group to install. + - (RedHat specific) The name of the software package group to install. - The default for this parameter is set in the vars file which corresponds to the detected OS version. example: '@minimal-environment' @@ -162,13 +162,22 @@ argument_specs: sap_general_preconfigure_envgroups: default: "{{ __sap_general_preconfigure_envgroups }}" description: - - The name of the software environment group to check. + - (RedHat specific) The name of the software environment group to check. - The default for this parameter is set in the vars file which corresponds to the detected OS version. example: '@minimal-environment' required: false type: str + sap_general_preconfigure_patterns: + default: "{{ __sap_general_preconfigure_patterns }}" + description: + - (SUSE specific) The list of the zypper patterns to install. + - The default for this parameter is set in the vars file which corresponds to the detected OS version. + required: false + type: list + elements: str + sap_general_preconfigure_packages: default: "{{ __sap_general_preconfigure_packages }}" description: diff --git a/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml b/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml index bfa790577..920522d7e 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/assert-installation.yml @@ -1,6 +1,22 @@ # SPDX-License-Identifier: Apache-2.0 --- +- name: Query installed zypper patterns + ansible.builtin.command: + cmd: zypper patterns --installed-only + register: __sap_general_preconfigure_register_patterns + changed_when: false + ignore_errors: true + +- name: Assert that all required zypper patterns are installed + ansible.builtin.assert: + that: "'{{ item }}' in __sap_general_preconfigure_register_patterns.stdout" + fail_msg: "FAIL: Pattern '{{ item }}' is not installed!" + success_msg: "PASS: Pattern '{{ item }}' is installed." + loop: "{{ sap_general_preconfigure_patterns }}" + ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}" + + # Both sap_general_preconfigure_packages and __sap_general_preconfigure_min_pkgs are checked at same time. # Check rpm --whatprovides only if package cannot be found directly. - name: Query RPM packages diff --git a/roles/sap_general_preconfigure/tasks/SLES/generic/saptune_takeover.yml b/roles/sap_general_preconfigure/tasks/SLES/generic/saptune_takeover.yml index 56089c7e0..1e6a77601 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/generic/saptune_takeover.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/generic/saptune_takeover.yml @@ -62,27 +62,29 @@ changed_when: false -- name: Check active saptune solution +- name: Block to show current enabled saptune solution when: - __sap_general_preconfigure_use_saptune - __sap_general_preconfigure_register_saptune_check_before.rc == 0 or (__sap_general_preconfigure_register_saptune_check_after.rc == 0) block: - - name: Discover active solution + - name: Get current enabled saptune solution ansible.builtin.command: cmd: saptune solution enabled - register: __sap_general_preconfigure_register_saptune_status + register: __sap_general_preconfigure_register_saptune_enabled changed_when: false + failed_when: false - - name: Set fact for active solution + # Enabled solution contains newline, which has to be removed + - name: Cleanup saptune solution enabled output ansible.builtin.set_fact: - # Capture the first block on none whitespace - __sap_general_preconfigure_register_solution_configured: - "{{ (__sap_general_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" + __sap_general_preconfigure_register_saptune_enabled_trim: + "{{ __sap_general_preconfigure_register_saptune_enabled.stdout | trim | replace('\n', '') }}" - - name: Show configured solution + - name: Show current enabled saptune solution ansible.builtin.debug: - var: __sap_general_preconfigure_register_solution_configured + msg: "{{ __sap_general_preconfigure_register_saptune_enabled_trim }}" + when: __sap_general_preconfigure_register_saptune_enabled_trim != '' - name: Enable sapconf diff --git a/roles/sap_general_preconfigure/tasks/SLES/installation.yml b/roles/sap_general_preconfigure/tasks/SLES/installation.yml index a6d992494..35533d663 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/installation.yml @@ -29,6 +29,11 @@ when: "'packagekit.service' in ansible_facts.services" +- name: Ensure that the required zypper patterns are installed + ansible.builtin.command: + cmd: zypper install -y -t pattern {{ item }} + loop: "{{ sap_general_preconfigure_patterns }}" + - name: Ensure that the required packages are installed ansible.builtin.package: state: present diff --git a/roles/sap_general_preconfigure/vars/SLES_15.yml b/roles/sap_general_preconfigure/vars/SLES_15.yml index f6e474787..03343a834 100644 --- a/roles/sap_general_preconfigure/vars/SLES_15.yml +++ b/roles/sap_general_preconfigure/vars/SLES_15.yml @@ -9,7 +9,13 @@ __sap_general_preconfigure_sapnotes_versions: # 2369910 - SAP Software on Linux: General information - { number: '2369910', version: '18' } +__sap_general_preconfigure_patterns: + - sap_server + __sap_general_preconfigure_packages: + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. + - uuidd - tcsh - psmisc diff --git a/roles/sap_general_preconfigure/vars/SLES_SAP_15.yml b/roles/sap_general_preconfigure/vars/SLES_SAP_15.yml index 1f2dcb57a..8d10fe428 100644 --- a/roles/sap_general_preconfigure/vars/SLES_SAP_15.yml +++ b/roles/sap_general_preconfigure/vars/SLES_SAP_15.yml @@ -9,9 +9,12 @@ __sap_general_preconfigure_sapnotes_versions: # 2369910 - SAP Software on Linux: General information - { number: '2369910', version: '18' } +__sap_general_preconfigure_patterns: + - sap_server + __sap_general_preconfigure_packages: - # Mandatory patterns - - patterns-server-enterprise-sap_server + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. # Recommended packages - tcsh diff --git a/roles/sap_general_preconfigure/vars/SLES_SAP_16.yml b/roles/sap_general_preconfigure/vars/SLES_SAP_16.yml index c36a953f7..8b5d5def9 100644 --- a/roles/sap_general_preconfigure/vars/SLES_SAP_16.yml +++ b/roles/sap_general_preconfigure/vars/SLES_SAP_16.yml @@ -5,9 +5,12 @@ __sap_general_preconfigure_sapnotes_versions: [] +__sap_general_preconfigure_patterns: + - sles_minimal_sap + __sap_general_preconfigure_packages: - # Mandatory patterns - - patterns-sap-base_sap_server + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. # Recommended packages - tcsh diff --git a/roles/sap_general_preconfigure/vars/main.yml b/roles/sap_general_preconfigure/vars/main.yml index b0c25a8ec..17ea933b1 100644 --- a/roles/sap_general_preconfigure/vars/main.yml +++ b/roles/sap_general_preconfigure/vars/main.yml @@ -4,6 +4,7 @@ # dummy entries for passing the arg spec validation: __sap_general_preconfigure_packagegroups: '' __sap_general_preconfigure_envgroups: '' +__sap_general_preconfigure_patterns: [] __sap_general_preconfigure_packages: [] __sap_general_preconfigure_size_of_tmpfs_gb: '' __sap_general_preconfigure_kernel_parameters_default: [] diff --git a/roles/sap_hana_preconfigure/README.md b/roles/sap_hana_preconfigure/README.md index 299672dca..aff3f943d 100644 --- a/roles/sap_hana_preconfigure/README.md +++ b/roles/sap_hana_preconfigure/README.md @@ -317,6 +317,13 @@ or a list of the minimum required packages for SAP HANA server (parameter `__sap SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581.
Set this parameter to `false` if you want to ignore these requirements.
+### sap_hana_preconfigure_patterns +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +(SUSE specific) The list of the zypper patterns to install.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ ### sap_hana_preconfigure_update - _Type:_ `bool` - _Default:_ `false` @@ -449,6 +456,12 @@ This will replace the current installed version if present, even downgrade if ne (SUSE specific) Specifies the saptune solution to apply.
Available values: `HANA`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-DBSERVER` +### sap_hana_preconfigure_saptune_solution_force +- _Type:_ `bool` +- _Default:_ `false` + +(SUSE specific) Apply saptune solution regardless if it is already enabled and verified.
+ ### sap_hana_preconfigure_saptune_azure - _Type:_ `bool` - _Default:_ `false` diff --git a/roles/sap_hana_preconfigure/defaults/main.yml b/roles/sap_hana_preconfigure/defaults/main.yml index 61f97cc0e..bdbc54856 100644 --- a/roles/sap_hana_preconfigure/defaults/main.yml +++ b/roles/sap_hana_preconfigure/defaults/main.yml @@ -109,6 +109,10 @@ sap_hana_preconfigure_min_package_check: true # SAP HANA requires certain minimum package versions to be supported. These minimum levels are listed in SAP Note 2235581. # Set this parameter to `false` if you want to ignore these requirements. +sap_hana_preconfigure_patterns: "{{ __sap_hana_preconfigure_patterns }}" +# (SUSE specific) The list of the zypper patterns to install. +# The default for this parameter is set in the vars file which corresponds to the detected OS version. + sap_hana_preconfigure_update: false # Set this parameter to `true` to update the system to the latest package levels. # By setting the parameter `sap_general_preconfigure_set_minor_release` of the @@ -181,6 +185,8 @@ sap_hana_preconfigure_saptune_version: '' # Available options for HANA are: HANA, NETWEAVER+HANA, S4HANA-APP+DB, S4HANA-DBSERVER sap_hana_preconfigure_saptune_solution: 'HANA' +# (SUSE specific) Apply saptune solution regardless if it is already enabled and verified. +sap_hana_preconfigure_saptune_solution_force: false sap_hana_preconfigure_saptune_azure: false # On Azure, TCP timestamps, reuse and recycle should be disabled (SLES for SAP Applications). diff --git a/roles/sap_hana_preconfigure/meta/argument_specs.yml b/roles/sap_hana_preconfigure/meta/argument_specs.yml index 32902df64..8830e8b2c 100644 --- a/roles/sap_hana_preconfigure/meta/argument_specs.yml +++ b/roles/sap_hana_preconfigure/meta/argument_specs.yml @@ -225,6 +225,15 @@ argument_specs: required: false type: bool + sap_hana_preconfigure_patterns: + default: "{{ __sap_hana_preconfigure_patterns }}" + description: + - (SUSE specific) The list of the zypper patterns to install. + - The default for this parameter is set in the vars file which corresponds to the detected OS version. + required: false + type: list + elements: str + sap_hana_preconfigure_update: default: 'false' description: @@ -383,6 +392,13 @@ argument_specs: required: false type: str + sap_hana_preconfigure_saptune_solution_force: + default: false + description: + - (SUSE specific) Apply saptune solution regardless if it is already enabled and verified. + required: false + type: bool + sap_hana_preconfigure_saptune_azure: default: false description: diff --git a/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml b/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml index b1a643d7d..0da7605e0 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/assert-installation.yml @@ -1,6 +1,22 @@ # SPDX-License-Identifier: Apache-2.0 --- +- name: Query installed zypper patterns + ansible.builtin.command: + cmd: zypper patterns --installed-only + register: __sap_hana_preconfigure_register_patterns + changed_when: false + ignore_errors: true + +- name: Assert that all required zypper patterns are installed + ansible.builtin.assert: + that: "'{{ item }}' in __sap_hana_preconfigure_register_patterns.stdout" + fail_msg: "FAIL: Pattern '{{ item }}' is not installed!" + success_msg: "PASS: Pattern '{{ item }}' is installed." + loop: "{{ sap_hana_preconfigure_patterns }}" + ignore_errors: "{{ sap_hana_preconfigure_assert_ignore_errors | d(false) }}" + + # Check rpm --whatprovides only if package cannot be found directly. - name: Query RPM packages ansible.builtin.shell: diff --git a/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml b/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml index 257c1e9fa..b876f2cb4 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/configuration.yml @@ -24,6 +24,21 @@ - __sap_hana_preconfigure_use_saptune +- name: Get current enabled saptune solution + ansible.builtin.command: + cmd: "saptune solution enabled" + register: __sap_hana_preconfigure_register_solution_enabled + changed_when: false + failed_when: false + when: __sap_hana_preconfigure_use_saptune + +# Enabled solution contains newline, which has to be removed +- name: Cleanup saptune solution enabled output + ansible.builtin.set_fact: + __sap_hana_preconfigure_register_solution_enabled_trim: + "{{ __sap_hana_preconfigure_register_solution_enabled.stdout | trim | replace('\n', '') }}" + when: __sap_hana_preconfigure_use_saptune + # Verify SAP Solution before block and revert if found invalid - name: Verify saptune solution before changes ansible.builtin.command: @@ -31,13 +46,22 @@ register: __sap_hana_preconfigure_register_solution_verify_before changed_when: false failed_when: false - when: __sap_hana_preconfigure_use_saptune + when: + - __sap_hana_preconfigure_use_saptune + - __sap_hana_preconfigure_register_solution_enabled_trim == sap_hana_preconfigure_saptune_solution - name: Apply saptune solution when: - __sap_hana_preconfigure_use_saptune - - __sap_hana_preconfigure_register_solution_verify_before.rc != 0 + - sap_hana_preconfigure_saptune_solution_force + or __sap_hana_preconfigure_register_solution_enabled_trim != sap_hana_preconfigure_saptune_solution + or __sap_hana_preconfigure_register_solution_verify_before.rc != 0 block: + - name: Show current enabled saptune solution + ansible.builtin.debug: + msg: "{{ __sap_hana_preconfigure_register_solution_enabled_trim }}" + when: __sap_hana_preconfigure_register_solution_enabled_trim != '' + - name: Revert saptune configuration ansible.builtin.command: cmd: "saptune revert all" @@ -62,6 +86,10 @@ {{ __sap_hana_preconfigure_register_solution_verify_after.stderr_lines }} when: __sap_hana_preconfigure_register_solution_verify_after.rc != 0 + - name: Show applied saptune solution + ansible.builtin.debug: + msg: "{{ sap_hana_preconfigure_saptune_solution }}" + - name: Configure - Include configuration actions for required sapnotes ansible.builtin.include_tasks: "sapnote/{{ sap_note_line_item.number }}.yml" diff --git a/roles/sap_hana_preconfigure/tasks/SLES/generic/saptune_takeover.yml b/roles/sap_hana_preconfigure/tasks/SLES/generic/saptune_takeover.yml index 53a38b69e..204ff53ec 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/generic/saptune_takeover.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/generic/saptune_takeover.yml @@ -62,29 +62,6 @@ changed_when: false -- name: Check active saptune solution - when: - - __sap_hana_preconfigure_use_saptune - - __sap_hana_preconfigure_register_saptune_check_before.rc == 0 - or (__sap_hana_preconfigure_register_saptune_check_after.rc == 0) - block: - - name: Discover active solution - ansible.builtin.command: - cmd: saptune solution enabled - register: __sap_hana_preconfigure_register_saptune_status - changed_when: false - - - name: Set fact for active solution - ansible.builtin.set_fact: - # Capture the first block on none whitespace - __sap_hana_preconfigure_register_solution_configured: - "{{ (__sap_hana_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" - - - name: Show configured solution - ansible.builtin.debug: - var: __sap_hana_preconfigure_register_solution_configured - - - name: Enable sapconf when: not __sap_hana_preconfigure_use_saptune block: diff --git a/roles/sap_hana_preconfigure/tasks/SLES/installation.yml b/roles/sap_hana_preconfigure/tasks/SLES/installation.yml index d358844d6..be15ad5e4 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/installation.yml @@ -29,6 +29,11 @@ when: "'packagekit.service' in ansible_facts.services" +- name: Ensure that the required zypper patterns are installed + ansible.builtin.command: + cmd: zypper install -y -t pattern {{ item }} + loop: "{{ sap_hana_preconfigure_patterns }}" + - name: Ensure that the required packages are installed ansible.builtin.package: state: present diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml index bd8bc9e54..ebffe6351 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2684254/configuration.yml @@ -20,7 +20,7 @@ - name: Apply SAP note 2684254 using saptune when: - -__sap_hana_preconfigure_use_saptune | d(true) + - __sap_hana_preconfigure_use_saptune | d(true) - __sap_hana_preconfigure_verify_2684254_before.rc != 0 block: - name: Revert SAP note 2684254 diff --git a/roles/sap_hana_preconfigure/vars/SLES_15.yml b/roles/sap_hana_preconfigure/vars/SLES_15.yml index 0bf33eec7..7f0fcf8cd 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_15.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_15.yml @@ -23,10 +23,13 @@ __sap_hana_preconfigure_sapnotes_versions: # 1771258 - Linux: User and system resource limits # Limits are created by applying saptune solution or predefined in sapconf. +__sap_hana_preconfigure_patterns: + - sap_server + # sap-hana pattern is not part of SLES, but SLES_SAP __sap_hana_preconfigure_packages: - # Mandatory patterns - - patterns-server-enterprise-sap_server + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. # Recommended packages - tcsh diff --git a/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml b/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml index 096a081f0..b0975154d 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_SAP_15.yml @@ -22,11 +22,13 @@ __sap_hana_preconfigure_sapnotes_versions: # 1771258 - Linux: User and system resource limits # Limits are created by applying saptune solution or predefined in sapconf. +__sap_hana_preconfigure_patterns: + - sap_server + - sap-hana __sap_hana_preconfigure_packages: - # Mandatory patterns - - patterns-server-enterprise-sap_server - - patterns-sap-hana + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. # Recommended packages - tcsh diff --git a/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml b/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml index b0678a8e6..76414ee46 100644 --- a/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml +++ b/roles/sap_hana_preconfigure/vars/SLES_SAP_16.yml @@ -7,9 +7,13 @@ __sap_hana_preconfigure_sapnotes_versions: [] __sap_hana_preconfigure_min_pkgs: +__sap_hana_preconfigure_patterns: + - sles_minimal_sap + - sles_sap_DB + __sap_hana_preconfigure_packages: - # Mandatory patterns - - patterns-sap-DB + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. # Recommended packages - tcsh diff --git a/roles/sap_hana_preconfigure/vars/main.yml b/roles/sap_hana_preconfigure/vars/main.yml index ab2df93c4..9020718ba 100644 --- a/roles/sap_hana_preconfigure/vars/main.yml +++ b/roles/sap_hana_preconfigure/vars/main.yml @@ -20,6 +20,7 @@ __sap_hana_preconfigure_req_repos_redhat_8_ppc64le: [] __sap_hana_preconfigure_req_repos_redhat_9_x86_64: [] __sap_hana_preconfigure_req_repos_redhat_9_ppc64le: [] __sap_hana_preconfigure_packages: [] +__sap_hana_preconfigure_patterns: [] __sap_hana_preconfigure_kernel_parameters_default: [] __sap_hana_preconfigure_kernel_parameters_default_ppc64le: [] __sap_hana_preconfigure_ibm_power_repo_url: '' diff --git a/roles/sap_netweaver_preconfigure/README.md b/roles/sap_netweaver_preconfigure/README.md index 668ff3a9f..3d13b7b81 100644 --- a/roles/sap_netweaver_preconfigure/README.md +++ b/roles/sap_netweaver_preconfigure/README.md @@ -122,6 +122,13 @@ This is useful if the role is used for reporting a system's SAP notes compliance The list of packages to be installed for SAP NETWEAVER.
The default for this variable is set in the vars file which corresponds to the detected OS version.
+### sap_netweaver_preconfigure_patterns +- _Type:_ `list` with elements of type `str` +- _Default:_ (set by platform/environment specific variables) + +(SUSE specific) The list of the zypper patterns to install.
+The default for this parameter is set in the vars file which corresponds to the detected OS version.
+ ### sap_netweaver_preconfigure_min_swap_space_mb - _Type:_ `str` - _Default:_ `20480` @@ -163,4 +170,10 @@ Set this parameter to `true` when using Adobe Document Services, to ensure all r (SUSE specific) Specifies the saptune solution to apply.
Available values: `NETWEAVER`, `NETWEAVER+HANA`, `S4HANA-APP+DB`, `S4HANA-APPSERVER`, `S4HANA-DBSERVER` + +### sap_netweaver_preconfigure_saptune_solution_force +- _Type:_ `bool` +- _Default:_ `false` + +(SUSE specific) Apply saptune solution regardless if it is already enabled and verified.
diff --git a/roles/sap_netweaver_preconfigure/defaults/main.yml b/roles/sap_netweaver_preconfigure/defaults/main.yml index 9e0b5affc..52209ed40 100644 --- a/roles/sap_netweaver_preconfigure/defaults/main.yml +++ b/roles/sap_netweaver_preconfigure/defaults/main.yml @@ -20,6 +20,10 @@ sap_netweaver_preconfigure_packages: "{{ __sap_netweaver_preconfigure_packages } # The list of packages to be installed for SAP NETWEAVER. # The default for this variable is set in the vars file which corresponds to the detected OS version. +sap_netweaver_preconfigure_patterns: "{{ __sap_netweaver_preconfigure_patterns }}" +# (SUSE specific) The list of the zypper patterns to install. +# The default for this parameter is set in the vars file which corresponds to the detected OS version. + # Set this parameter to `true` to update the system to the latest package levels. sap_netweaver_preconfigure_update: false @@ -43,3 +47,6 @@ sap_netweaver_preconfigure_saptune_version: '' # (SUSE specific) Saptune solution to be applied. # Available options for Netweaver are: NETWEAVER, NETWEAVER+HANA, S4HANA-APP+DB, S4HANA-APPSERVER, S4HANA-DBSERVER sap_netweaver_preconfigure_saptune_solution: NETWEAVER + +# (SUSE specific) Apply saptune solution regardless if it is already enabled and verified. +sap_netweaver_preconfigure_saptune_solution_force: false diff --git a/roles/sap_netweaver_preconfigure/meta/argument_specs.yml b/roles/sap_netweaver_preconfigure/meta/argument_specs.yml index 9b1eddf45..3cf6c9116 100644 --- a/roles/sap_netweaver_preconfigure/meta/argument_specs.yml +++ b/roles/sap_netweaver_preconfigure/meta/argument_specs.yml @@ -57,6 +57,15 @@ argument_specs: type: list elements: str + sap_netweaver_preconfigure_patterns: + default: "{{ __sap_netweaver_preconfigure_patterns }}" + description: + - (SUSE specific) The list of the zypper patterns to install. + - The default for this parameter is set in the vars file which corresponds to the detected OS version. + required: false + type: list + elements: str + sap_netweaver_preconfigure_min_swap_space_mb: default: '20480' description: @@ -111,3 +120,10 @@ argument_specs: - 'S4HANA-DBSERVER' required: false type: str + + sap_netweaver_preconfigure_saptune_solution_force: + default: false + description: + - (SUSE specific) Apply saptune solution regardless if it is already enabled and verified. + required: false + type: bool diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml index dfb934121..9b9b22a34 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/assert-installation.yml @@ -1,6 +1,21 @@ # SPDX-License-Identifier: Apache-2.0 --- +- name: Query installed zypper patterns + ansible.builtin.command: + cmd: zypper patterns --installed-only + register: __sap_netweaver_preconfigure_register_patterns + changed_when: false + ignore_errors: true + +- name: Assert that all required zypper patterns are installed + ansible.builtin.assert: + that: "'{{ item }}' in __sap_netweaver_preconfigure_register_patterns.stdout" + fail_msg: "FAIL: Pattern '{{ item }}' is not installed!" + success_msg: "PASS: Pattern '{{ item }}' is installed." + loop: "{{ sap_netweaver_preconfigure_patterns }}" + ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" + # Check rpm --whatprovides only if package cannot be found directly. - name: Query RPM packages ansible.builtin.shell: diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml index 9ebf64db8..abdcbe2ad 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/configuration.yml @@ -1,6 +1,21 @@ # SPDX-License-Identifier: Apache-2.0 --- +- name: Get current enabled saptune solution + ansible.builtin.command: + cmd: "saptune solution enabled" + register: __sap_netweaver_preconfigure_register_solution_enabled + changed_when: false + failed_when: false + when: __sap_netweaver_preconfigure_use_saptune + +# Enabled solution contains newline, which has to be removed +- name: Cleanup saptune solution enabled output + ansible.builtin.set_fact: + __sap_netweaver_preconfigure_register_solution_enabled_trim: + "{{ __sap_netweaver_preconfigure_register_solution_enabled.stdout | trim | replace('\n', '') }}" + when: __sap_netweaver_preconfigure_use_saptune + # Verify SAP Solution before block and revert if found invalid - name: Verify saptune solution before changes ansible.builtin.command: @@ -8,13 +23,22 @@ register: __sap_netweaver_preconfigure_register_solution_verify_before changed_when: false failed_when: false - when: __sap_netweaver_preconfigure_use_saptune + when: + - __sap_netweaver_preconfigure_use_saptune + - __sap_netweaver_preconfigure_register_solution_enabled_trim == sap_netweaver_preconfigure_saptune_solution - name: Apply saptune solution when: - __sap_netweaver_preconfigure_use_saptune - - __sap_netweaver_preconfigure_register_solution_verify_before.rc != 0 + - sap_netweaver_preconfigure_saptune_solution_force + or __sap_netweaver_preconfigure_register_solution_enabled_trim != sap_netweaver_preconfigure_saptune_solution + or __sap_netweaver_preconfigure_register_solution_verify_before.rc != 0 block: + - name: Show current enabled saptune solution + ansible.builtin.debug: + msg: "{{ __sap_netweaver_preconfigure_register_solution_enabled_trim }}" + when: __sap_netweaver_preconfigure_register_solution_enabled_trim != '' + - name: Revert saptune configuration ansible.builtin.command: cmd: "saptune revert all" @@ -39,6 +63,10 @@ {{ __sap_netweaver_preconfigure_register_solution_verify_after.stderr_lines }} when: __sap_netweaver_preconfigure_register_solution_verify_after.rc != 0 + - name: Show applied saptune solution + ansible.builtin.debug: + msg: "{{ sap_netweaver_preconfigure_saptune_solution }}" + - name: Warn if not enough swap space is configured ansible.builtin.fail: diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/generic/saptune_takeover.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/generic/saptune_takeover.yml index 17f0047a6..f71689c39 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/generic/saptune_takeover.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/generic/saptune_takeover.yml @@ -62,29 +62,6 @@ changed_when: false -- name: Check active saptune solution - when: - - __sap_netweaver_preconfigure_use_saptune - - __sap_netweaver_preconfigure_register_saptune_check_before.rc == 0 - or (__sap_netweaver_preconfigure_register_saptune_check_after.rc == 0) - block: - - name: Discover active solution - ansible.builtin.command: - cmd: saptune solution enabled - register: __sap_netweaver_preconfigure_register_saptune_status - changed_when: false - - - name: Set fact for active solution - ansible.builtin.set_fact: - # Capture the first block on none whitespace - __sap_netweaver_preconfigure_register_solution_configured: - "{{ (__sap_netweaver_preconfigure_register_saptune_status.stdout | regex_search('(\\S+)', '\\1'))[0] | default('NONE') }}" - - - name: Show configured solution - ansible.builtin.debug: - var: __sap_netweaver_preconfigure_register_solution_configured - - - name: Enable sapconf when: not __sap_netweaver_preconfigure_use_saptune block: diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml index 49807a05e..c2611b8d7 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml @@ -29,6 +29,11 @@ when: "'packagekit.service' in ansible_facts.services" +- name: Ensure that the required zypper patterns are installed + ansible.builtin.command: + cmd: zypper install -y -t pattern {{ item }} + loop: "{{ sap_netweaver_preconfigure_patterns }}" + - name: Ensure that the required packages are installed ansible.builtin.package: state: present diff --git a/roles/sap_netweaver_preconfigure/vars/SLES_15.yml b/roles/sap_netweaver_preconfigure/vars/SLES_15.yml index d69afdd9a..a55158988 100644 --- a/roles/sap_netweaver_preconfigure/vars/SLES_15.yml +++ b/roles/sap_netweaver_preconfigure/vars/SLES_15.yml @@ -20,10 +20,13 @@ __sap_netweaver_preconfigure_sapnotes_versions: [] # 900929 - Linux: STORAGE_PARAMETERS_WRONG_SET and "mmap() failed" # Parameter vm.max_map_count=2147483647 is already default value. +__sap_netweaver_preconfigure_patterns: + - sap_server + # sap-nw pattern is not part of SLES, but SLES_SAP __sap_netweaver_preconfigure_packages: - # Mandatory patterns - - patterns-server-enterprise-sap_server + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. # Recommended packages - tcsh @@ -42,7 +45,6 @@ __sap_netweaver_preconfigure_packages: - nfs-utils - bind-utils - procmail - - libltdl7 # SLES_SAP is using saptune, but SLES is using sapconf. diff --git a/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.yml b/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.yml index 013b5854e..73692ff80 100644 --- a/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.yml +++ b/roles/sap_netweaver_preconfigure/vars/SLES_SAP_15.yml @@ -20,11 +20,13 @@ __sap_netweaver_preconfigure_sapnotes_versions: [] # 900929 - Linux: STORAGE_PARAMETERS_WRONG_SET and "mmap() failed" # Parameter vm.max_map_count=2147483647 is already default value. +__sap_netweaver_preconfigure_patterns: + - sap_server + - sap-nw __sap_netweaver_preconfigure_packages: - # Mandatory patterns - - patterns-server-enterprise-sap_server - - patterns-sap-nw + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. # Recommended packages - tcsh @@ -43,7 +45,6 @@ __sap_netweaver_preconfigure_packages: - nfs-utils - bind-utils - procmail - - libltdl7 # SLES_SAP is using saptune, but SLES is using sapconf. diff --git a/roles/sap_netweaver_preconfigure/vars/SLES_SAP_16.yml b/roles/sap_netweaver_preconfigure/vars/SLES_SAP_16.yml index 542988519..f1a9b6a88 100644 --- a/roles/sap_netweaver_preconfigure/vars/SLES_SAP_16.yml +++ b/roles/sap_netweaver_preconfigure/vars/SLES_SAP_16.yml @@ -5,9 +5,13 @@ __sap_netweaver_preconfigure_sapnotes_versions: [] +__sap_netweaver_preconfigure_patterns: + - sles_minimal_sap + - sles_sap_APP + __sap_netweaver_preconfigure_packages: - # Mandatory patterns - - patterns-sap-APP + # Patterns are not included in package list + # Ansible package module skips recommended packages resulting in discrepancies. # Recommended packages - tcsh @@ -32,7 +36,6 @@ __sap_netweaver_preconfigure_packages: - nfs-utils - bind-utils - procmail - - libltdl7 # SLES_SAP is using saptune, but SLES is using sapconf. diff --git a/roles/sap_netweaver_preconfigure/vars/main.yml b/roles/sap_netweaver_preconfigure/vars/main.yml index 4a7026287..ea3933c8d 100644 --- a/roles/sap_netweaver_preconfigure/vars/main.yml +++ b/roles/sap_netweaver_preconfigure/vars/main.yml @@ -7,3 +7,4 @@ # dummy entry for passing the arg spec validation: __sap_netweaver_preconfigure_packages: [] +__sap_netweaver_preconfigure_patterns: [] From 2295e514c1c1b9b858fca9c175c54bef10997d36 Mon Sep 17 00:00:00 2001 From: Marcel Mamula Date: Thu, 6 Mar 2025 13:51:43 +0100 Subject: [PATCH 63/66] fix: linting patterns command module changed_when --- .../tasks/SLES/installation.yml | 11 +++++++++++ .../sap_hana_preconfigure/tasks/SLES/installation.yml | 11 +++++++++++ .../tasks/SLES/installation.yml | 11 +++++++++++ 3 files changed, 33 insertions(+) diff --git a/roles/sap_general_preconfigure/tasks/SLES/installation.yml b/roles/sap_general_preconfigure/tasks/SLES/installation.yml index 35533d663..c6627b852 100644 --- a/roles/sap_general_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_general_preconfigure/tasks/SLES/installation.yml @@ -29,10 +29,21 @@ when: "'packagekit.service' in ansible_facts.services" +# Pattern installation will run only if pattern is not installed +# This ensures that command module shows correct changed status +- name: Query installed zypper patterns + ansible.builtin.command: + cmd: zypper patterns --installed-only + register: __sap_general_preconfigure_register_patterns + changed_when: false + ignore_errors: true + - name: Ensure that the required zypper patterns are installed ansible.builtin.command: cmd: zypper install -y -t pattern {{ item }} loop: "{{ sap_general_preconfigure_patterns }}" + when: item not in __sap_general_preconfigure_register_patterns.stdout + changed_when: item not in __sap_general_preconfigure_register_patterns.stdout - name: Ensure that the required packages are installed ansible.builtin.package: diff --git a/roles/sap_hana_preconfigure/tasks/SLES/installation.yml b/roles/sap_hana_preconfigure/tasks/SLES/installation.yml index be15ad5e4..83f25e055 100644 --- a/roles/sap_hana_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_hana_preconfigure/tasks/SLES/installation.yml @@ -29,10 +29,21 @@ when: "'packagekit.service' in ansible_facts.services" +# Pattern installation will run only if pattern is not installed +# This ensures that command module shows correct changed status +- name: Query installed zypper patterns + ansible.builtin.command: + cmd: zypper patterns --installed-only + register: __sap_hana_preconfigure_register_patterns + changed_when: false + ignore_errors: true + - name: Ensure that the required zypper patterns are installed ansible.builtin.command: cmd: zypper install -y -t pattern {{ item }} loop: "{{ sap_hana_preconfigure_patterns }}" + when: item not in __sap_hana_preconfigure_register_patterns.stdout + changed_when: item not in __sap_hana_preconfigure_register_patterns.stdout - name: Ensure that the required packages are installed ansible.builtin.package: diff --git a/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml b/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml index c2611b8d7..189afe7ad 100644 --- a/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml +++ b/roles/sap_netweaver_preconfigure/tasks/SLES/installation.yml @@ -29,10 +29,21 @@ when: "'packagekit.service' in ansible_facts.services" +# Pattern installation will run only if pattern is not installed +# This ensures that command module shows correct changed status +- name: Query installed zypper patterns + ansible.builtin.command: + cmd: zypper patterns --installed-only + register: __sap_netweaver_preconfigure_register_patterns + changed_when: false + ignore_errors: true + - name: Ensure that the required zypper patterns are installed ansible.builtin.command: cmd: zypper install -y -t pattern {{ item }} loop: "{{ sap_netweaver_preconfigure_patterns }}" + when: item not in __sap_netweaver_preconfigure_register_patterns.stdout + changed_when: item not in __sap_netweaver_preconfigure_register_patterns.stdout - name: Ensure that the required packages are installed ansible.builtin.package: From 9686265e16590cf379f5d677a233baa7d38c332d Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Wed, 12 Mar 2025 16:22:05 +0000 Subject: [PATCH 64/66] sap*preconfigure: update awk command to exclude commented lines when constructing sysctl parameters --- .../tasks/RedHat/generic/configure-kernel-parameters.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml index f0c9f7049..151687044 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml @@ -17,7 +17,7 @@ # in sap_general_preconfigure_etc_sysctl_sap_conf so that the "Reload kernel parameters from file ..." task # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . - name: Construct the command for getting all current parameters of file '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' - ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")} !/^#/{printf ("%s ", $1)}' "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" register: __sap_general_preconfigure_register_sap_conf_sysctl_command check_mode: false changed_when: false diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml index 04d9b7265..c8a023f56 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml @@ -71,7 +71,7 @@ # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . - name: Construct the command for getting all current parameters of file '/etc/sysctl.d/ibm_largesend.conf' - ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' /etc/sysctl.d/ibm_largesend.conf + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")} !/^#/{printf ("%s ", $1)}' /etc/sysctl.d/ibm_largesend.conf register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_command changed_when: false when: not ansible_check_mode diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml index a502c570f..3021fc4e8 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml @@ -71,7 +71,7 @@ # in __sap_hana_preconfigure_etc_sysctl_saphana_conf so that the "Reload kernel parameters from file ..." task # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . - name: Construct the command for getting all current parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' - ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")} !/^#/{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" register: __sap_hana_preconfigure_register_saphana_conf_sysctl_command check_mode: false changed_when: false diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml index 795bbfcb2..ff551e760 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml @@ -45,7 +45,7 @@ # in __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf so that the "Reload kernel parameters from file ..." task # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . - name: Construct the command for getting all current parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' - ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")} !/^#/{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" register: __sap_hana_preconfigure_register_netapp_sysctl_command changed_when: false From 50a7df0f77376f31c9e2980429a04a685e11085b Mon Sep 17 00:00:00 2001 From: Rob Dobozy Date: Thu, 13 Mar 2025 12:20:58 +0000 Subject: [PATCH 65/66] sap*preconfigure: update awk command to exclude commented lines in sysctl parameter construction - improved version from Bernd --- .../tasks/RedHat/generic/configure-kernel-parameters.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml | 2 +- roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml index 151687044..435f85647 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml @@ -17,7 +17,7 @@ # in sap_general_preconfigure_etc_sysctl_sap_conf so that the "Reload kernel parameters from file ..." task # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . - name: Construct the command for getting all current parameters of file '{{ sap_general_preconfigure_etc_sysctl_sap_conf }}' - ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")} !/^#/{printf ("%s ", $1)}' "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}NF>1&&!/^\s*[#;]/{printf ("%s ", $1)}' "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}" register: __sap_general_preconfigure_register_sap_conf_sysctl_command check_mode: false changed_when: false diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml index c8a023f56..7f5043dad 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2055470.yml @@ -71,7 +71,7 @@ # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . - name: Construct the command for getting all current parameters of file '/etc/sysctl.d/ibm_largesend.conf' - ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")} !/^#/{printf ("%s ", $1)}' /etc/sysctl.d/ibm_largesend.conf + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}NF>1&&!/^\s*[#;]/{printf ("%s ", $1)}' /etc/sysctl.d/ibm_largesend.conf register: __sap_hana_preconfigure_register_ibm_largesend_sysctl_command changed_when: false when: not ansible_check_mode diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml b/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml index 3021fc4e8..f1039f835 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/2382421.yml @@ -71,7 +71,7 @@ # in __sap_hana_preconfigure_etc_sysctl_saphana_conf so that the "Reload kernel parameters from file ..." task # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . - name: Construct the command for getting all current parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}' - ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")} !/^#/{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}NF>1&&!/^\s*[#;]/{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_saphana_conf }}" register: __sap_hana_preconfigure_register_saphana_conf_sysctl_command check_mode: false changed_when: false diff --git a/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml b/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml index ff551e760..be9b40a8f 100644 --- a/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml +++ b/roles/sap_hana_preconfigure/tasks/sapnote/3024346.yml @@ -45,7 +45,7 @@ # in __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf so that the "Reload kernel parameters from file ..." task # can correctly report its 'changed' state. See also https://github.com/sap-linuxlab/community.sap_install/issues/752 . - name: Construct the command for getting all current parameters of file '{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}' - ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")} !/^#/{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" + ansible.builtin.command: awk 'BEGIN{FS="="; printf ("sysctl ")}NF>1&&!/^\s*[#;]/{printf ("%s ", $1)}' "{{ __sap_hana_preconfigure_etc_sysctl_netapp_hana_conf }}" register: __sap_hana_preconfigure_register_netapp_sysctl_command changed_when: false From 91633386d2436594249cb3551b12f93daaf14b3b Mon Sep 17 00:00:00 2001 From: Bernd Finger Date: Mon, 24 Mar 2025 11:43:51 +0100 Subject: [PATCH 66/66] collection: prepare for v1.5.3 Signed-off-by: Bernd Finger --- CHANGELOG.rst | 43 +++++++++++++++++++++++++++++++++++++++ changelogs/changelog.yaml | 37 +++++++++++++++++++++++++++++++++ galaxy.yml | 2 +- 3 files changed, 81 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index ab9b6ce47..38047008b 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,49 @@ community.sap\_install Release Notes .. contents:: Topics +v1.5.3 +====== + +Release Summary +--------------- + +Various enhancements and bug fixes + +Bugfixes +-------- + +- collection - Cleanup the changelog(s) (https://github.com/sap-linuxlab/community.sap_install/pull/980) +- collection - Use the correct ansible-galaxy option in README.md files (https://github.com/sap-linuxlab/community.sap_install/pull/978) +- collection - gh issue templates (https://github.com/sap-linuxlab/community.sap_install/pull/987) +- collection and sap_hostagent - ansible-lint fixes (https://github.com/sap-linuxlab/community.sap_install/pull/973) +- sap*preconfigure - Use correct RHEL versions in task names (https://github.com/sap-linuxlab/community.sap_install/pull/976) +- sap*preconfigure - sysctl checks fail when config file has comments (https://github.com/sap-linuxlab/community.sap_install/pull/996) +- sap_*_preconfigure/SLES - Enhance saptune handling and detection (https://github.com/sap-linuxlab/community.sap_install/pull/994) +- sap_*_preconfigure/Suse - Enhance saptune revert logic (https://github.com/sap-linuxlab/community.sap_install/pull/983) +- sap_*_preconfigure/Suse - Switch saptune from present to latest (https://github.com/sap-linuxlab/community.sap_install/pull/952) +- sap_general_preconfigure - Fix check mode for sysctl (https://github.com/sap-linuxlab/community.sap_install/pull/950) +- sap_general_preconfigure - Remove unused file configure-etc-hosts.yml (https://github.com/sap-linuxlab/community.sap_install/pull/991) +- sap_general_preconfigure - Update the package name of the IBM Power tools for RHEL 10 (https://github.com/sap-linuxlab/community.sap_install/pull/998) +- sap_general_preconfigure - fix var role prefix (https://github.com/sap-linuxlab/community.sap_install/pull/948) +- sap_general_preconfigure, sap_maintain_etc_hosts - Ignore comments (https://github.com/sap-linuxlab/community.sap_install/pull/981) +- sap_general_preconfigure/SLES - Add etc hosts setup to configure steps (https://github.com/sap-linuxlab/community.sap_install/pull/992) +- sap_ha_pacemaker_cluster - fix ASCS constraint (https://github.com/sap-linuxlab/community.sap_install/pull/959) +- sap_ha_pacemaker_cluster - fix ASCS/ERS systemd (https://github.com/sap-linuxlab/community.sap_install/pull/963) +- sap_ha_pacemaker_cluster - fix NWAS (https://github.com/sap-linuxlab/community.sap_install/pull/972) +- sap_ha_pacemaker_cluster - fix internal-error (https://github.com/sap-linuxlab/community.sap_install/pull/966) +- sap_ha_pacemaker_cluster - fix package detection on RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/947) +- sap_ha_pacemaker_cluster - fix(check-mode) (https://github.com/sap-linuxlab/community.sap_install/pull/986) +- sap_ha_pacemaker_cluster - several bug fixes (https://github.com/sap-linuxlab/community.sap_install/pull/965) +- sap_ha_pacemaker_cluster - stonith location constraints (https://github.com/sap-linuxlab/community.sap_install/pull/954) +- sap_hana_install - Update fapolicyd conditionals (https://github.com/sap-linuxlab/community.sap_install/pull/989) +- sap_hana_preconfigure - Fix check mode for largesend.conf - ppc64le (https://github.com/sap-linuxlab/community.sap_install/pull/956) +- sap_hana_preconfigure - Update the package name of the RHEL 10 Power tools (https://github.com/sap-linuxlab/community.sap_install/pull/958) +- sap_hana_preconfigure - fix check mode in two tasks (https://github.com/sap-linuxlab/community.sap_install/pull/953) +- sap_hana_preconfigure/SLES - Add package libltdl7 to vars (https://github.com/sap-linuxlab/community.sap_install/pull/993) +- sap_swpm - Fix link in README.md (https://github.com/sap-linuxlab/community.sap_install/pull/970) +- sap_swpm - remove duplicate section credentials_anydb_ibmdb2 (https://github.com/sap-linuxlab/community.sap_install/pull/995) +- sap_swpm - removed duplicates from credentials_hana section (https://github.com/sap-linuxlab/community.sap_install/pull/982) + v1.5.2 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 24dc1c27d..df46a9d63 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -268,3 +268,40 @@ releases: - sap_netweaver_preconfigure - fix argument_specs validation error (https://github.com/sap-linuxlab/community.sap_install/pull/940) - sap_general_preconfigure - No longer install locale packages in RHEL 7 (https://github.com/sap-linuxlab/community.sap_install/pull/937) - sap_general_preconfigure - Fix check mode (https://github.com/sap-linuxlab/community.sap_install/pull/935) + 1.5.3: + release_date: '2025-03-24' + changes: + release_summary: Various enhancements and bug fixes + bugfixes: + - collection - Cleanup the changelog(s) (https://github.com/sap-linuxlab/community.sap_install/pull/980) + - collection - gh issue templates (https://github.com/sap-linuxlab/community.sap_install/pull/987) + - sap_*_preconfigure/Suse - Enhance saptune revert logic (https://github.com/sap-linuxlab/community.sap_install/pull/983) + - sap_*_preconfigure/SLES - Enhance saptune handling and detection (https://github.com/sap-linuxlab/community.sap_install/pull/994) + - sap_general_preconfigure - Remove unused file configure-etc-hosts.yml (https://github.com/sap-linuxlab/community.sap_install/pull/991) + - sap_general_preconfigure/SLES - Add etc hosts setup to configure steps (https://github.com/sap-linuxlab/community.sap_install/pull/992) + - sap_hana_preconfigure/SLES - Add package libltdl7 to vars (https://github.com/sap-linuxlab/community.sap_install/pull/993) + - sap_hana_install - Update fapolicyd conditionals (https://github.com/sap-linuxlab/community.sap_install/pull/989) + - sap_ha_pacemaker_cluster - stonith location constraints (https://github.com/sap-linuxlab/community.sap_install/pull/954) + + - collection and sap_hostagent - ansible-lint fixes (https://github.com/sap-linuxlab/community.sap_install/pull/973) + - collection - Use the correct ansible-galaxy option in README.md files (https://github.com/sap-linuxlab/community.sap_install/pull/978) + - sap_*_preconfigure/Suse - Switch saptune from present to latest (https://github.com/sap-linuxlab/community.sap_install/pull/952) + - sap*preconfigure - Use correct RHEL versions in task names (https://github.com/sap-linuxlab/community.sap_install/pull/976) + - sap*preconfigure - sysctl checks fail when config file has comments (https://github.com/sap-linuxlab/community.sap_install/pull/996) + - sap_general_preconfigure - fix var role prefix (https://github.com/sap-linuxlab/community.sap_install/pull/948) + - sap_general_preconfigure - Fix check mode for sysctl (https://github.com/sap-linuxlab/community.sap_install/pull/950) + - sap_general_preconfigure, sap_maintain_etc_hosts - Ignore comments (https://github.com/sap-linuxlab/community.sap_install/pull/981) + - sap_general_preconfigure - Update the package name of the IBM Power tools for RHEL 10 (https://github.com/sap-linuxlab/community.sap_install/pull/998) + - sap_hana_preconfigure - fix check mode in two tasks (https://github.com/sap-linuxlab/community.sap_install/pull/953) + - sap_hana_preconfigure - Fix check mode for largesend.conf - ppc64le (https://github.com/sap-linuxlab/community.sap_install/pull/956) + - sap_hana_preconfigure - Update the package name of the RHEL 10 Power tools (https://github.com/sap-linuxlab/community.sap_install/pull/958) + - sap_ha_pacemaker_cluster - fix package detection on RHEL (https://github.com/sap-linuxlab/community.sap_install/pull/947) + - sap_ha_pacemaker_cluster - fix ASCS constraint (https://github.com/sap-linuxlab/community.sap_install/pull/959) + - sap_ha_pacemaker_cluster - fix ASCS/ERS systemd (https://github.com/sap-linuxlab/community.sap_install/pull/963) + - sap_ha_pacemaker_cluster - several bug fixes (https://github.com/sap-linuxlab/community.sap_install/pull/965) + - sap_ha_pacemaker_cluster - fix internal-error (https://github.com/sap-linuxlab/community.sap_install/pull/966) + - sap_ha_pacemaker_cluster - fix NWAS (https://github.com/sap-linuxlab/community.sap_install/pull/972) + - sap_ha_pacemaker_cluster - fix(check-mode) (https://github.com/sap-linuxlab/community.sap_install/pull/986) + - sap_swpm - Fix link in README.md (https://github.com/sap-linuxlab/community.sap_install/pull/970) + - sap_swpm - removed duplicates from credentials_hana section (https://github.com/sap-linuxlab/community.sap_install/pull/982) + - sap_swpm - remove duplicate section credentials_anydb_ibmdb2 (https://github.com/sap-linuxlab/community.sap_install/pull/995) diff --git a/galaxy.yml b/galaxy.yml index 1162dd11b..efb6c40df 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -11,7 +11,7 @@ namespace: community name: sap_install # The version of the collection. Must be compatible with semantic versioning -version: 1.5.2 +version: 1.5.3 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md