The goal for these blog post series is to show how we can make SAP Solutions deployments easy and reliable using Ansible automation.
In the previous blog post, we explained what Ansible is, some best practices while using Ansible, benefits of using it and a quick introduction to Ansible Tower.
In this blog post, we are going to focus on the ‘Red Hat Enterprise Linux System Roles for SAP’. These are Red Hat supported (Tech Preview at the time this blog post was written) Ansible Roles to assist with the OS-specific configuration required while installing SAP HANA or SAP NetWeaver software.
Host preparation is a complex and long task when it comes to SAP Solutions deployments. There is not a unique document we can follow in order to get the system configured in the way SAP installers are expecting. SAP uses ‘SAP Notes’ to capture all these prerequisites and specific configurations that need to be done prior HANA and NetWeaver software could be installed.
As explained in the previous post, Ansible can help us to achieve these states in a solid and reliable way. ‘Red Hat Enterprise Linux System Roles for SAP’ is a collection of Ansible Roles developed by SAP and Ansible experts and supported by Red Hat.
Instead of spending much time explaining what these Ansible Roles do in detail, let’s see how we can use those in a real environment.
These Ansible Roles are included as part of the ‘rhel-system-roles-sap’ package (yum install -y rhel-system-roles-sap) coming with the ‘RHEL for SAP Solutions’ subscription, and these are the ones that must be used for Production environments.
The first thing we are doing is to create an Ansible Inventory that will be used later with the Roles. The Ansible Inventory will content the Hosts information as well any required variables we want to pass to the Roles later.
For this scenario we are deploying S/4 HANA by SAP in a host called ‘rhel-01’, and SAP HANA in a host called ‘rhel-02’. The Ansible Inventory will look like this:
$ tree
.
├── group_vars
│ ├── hana.yml
│ ├── netweaver.yml
│ └── sapservers.yml
└── hosts
Ansible inventories are very flexible in terms of how you want to implement and use those. For this scenario, the ‘hosts’ file contains a list of hosts and groups, and the ‘group_vars’ directory contains the variables for each group and groups containing other groups like ‘sapservers’ in this case. For this scenario, it is not mandatory to define all these files as some are empty, but for consistency with later posts where these will be used, we are just creating preparing these forehand.
$ cat hosts
[sapservers:children]
hana
netweaver
[hana]
rhel-02
[netweaver]
rhel-01
$ cat group_vars/sapservers.yml
---
# Common variables for hosts in 'sapservers' group
ansible_user: cloud-user
ansible_ssh_private_key_file: ~/.ssh/blog-servers-key.pem
Ansible_become: true
## Variables for sap-preconfigure Role
sap_preconfigure_modify_etc_hosts: yes
The ‘sapservers’ group is used in this case for all the common variables that apply for hosts both in ‘hana’ and ‘netweaver’ groups.
Once we have the Inventory defined, the next thing we need to do is to create an Ansible Playbook that will use the Inventory and put the hosts in the desired state using the ‘Linux System Roles for SAP’.
Before doing this, we are going to introduce a new concept here, which is Ansible Galaxy, an Ansible’s official hub for sharing Ansible content. This is the place where you will put your Roles to be shared with the Community. In addition to this, there is a CLI called ‘ansible-galaxy’ you can use to pull Roles from Ansible Galaxy.
The ‘requirements’ file, will have the information of the Roles we want to pull locally to be used in our new Playbook.
$ cat requirements.yml
# From upstream 'sap-preconfigure' GitHub repository
- src: https://github.com/linux-system-roles/sap-preconfigure.git
# From upstream 'sap-hana-preconfigure' GitHub repository
- src: https://github.com/linux-system-roles/sap-hana-preconfigure.git
# From upstream 'sap-netweaver-preconfigure' GitHub repository
- src: https://github.com/linux-system-roles/sap-netweaver-preconfigure.git
The ‘sap-prepare’ Playbook, will use those Roles with specific subsets from our Inventory. As we can see, ‘sap-preconfigure’ Role will be applied to the ‘sapservers’ group, as this Role is common for all the hosts from our Inventory, while ‘sap-netweaver-preconfigure’ Role will be applied only to the ‘netweaver’ group, as we don’t want to apply this Role to the hosts targeted for SAP HANA and only for S/4 HANA by SAP.
$ cat sap-prepare.yml
---
- hosts: sapservers
roles:
- { role: sap-preconfigure }
- hosts: netweaver
roles:
- { role: sap-netweaver-preconfigure }
- hosts: hana
roles:
- { role: sap-hana-preconfigure }
We could create 3 different Playbooks here, one per Inventory group, so we don’t duplicate “hosts” entry in this Playbook, but this is just implementation details we want to keep simple for this demo purpose.
At this point we have defined the Playbook we are going to use and the reference to the Roles to be used for this Playbook. We need to pull those Roles before using the Playbook, and for that, we can use the ‘ansible-galaxy’ CLI with the ‘requirements’ file we have defined previously.
$ ansible-galaxy install -r requirements.yml -p roles
- extracting sap-preconfigure to /home/mak/GIT/sap-automation-blog/roles/sap-preconfigure
- sap-preconfigure was installed successfully
- extracting sap-hana-preconfigure to /home/mak/GIT/sap-automation-blog/roles/sap-hana-preconfigure
- sap-hana-preconfigure was installed successfully
- extracting sap-netweaver-preconfigure to /home/mak/GIT/sap-automation-blog/roles/sap-netweaver-preconfigure
- sap-netweaver-preconfigure was installed successfully
After executing the above command, we can see the Ansible Roles under the ‘roles’ directory we have specified to be pulled to.
$ tree -L 1 roles
roles
├── sap-hana-preconfigure
├── sap-netweaver-preconfigure
└── sap-preconfigure
We are in the position now to run the Playbook. Before doing this, to validate that the inventory is correct and we can connect with every host, we are going to run a quick ‘play’ with Ansible, using the ‘ping’ Ansible module that will check the connection with Ansible with the provided variables from the Inventory.
$ ansible -i inventory sapservers -m ping
rhel-02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
rhel-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
Once we have checked the connection with all the hosts in the Inventory, we can run the Playbook we have just created which will use the ‘Red Hat Enterprise Linux System Roles for SAP’ to prepare the hosts in the way they need to be prepared to deploy SAP HANA and S/4HANA by SAP.
In the previous blog post, we explained what Ansible is, some best practices while using Ansible, benefits of using it and a quick introduction to Ansible Tower.
In this blog post, we are going to focus on the ‘Red Hat Enterprise Linux System Roles for SAP’. These are Red Hat supported (Tech Preview at the time this blog post was written) Ansible Roles to assist with the OS-specific configuration required while installing SAP HANA or SAP NetWeaver software.
Host preparation is a complex and long task when it comes to SAP Solutions deployments. There is not a unique document we can follow in order to get the system configured in the way SAP installers are expecting. SAP uses ‘SAP Notes’ to capture all these prerequisites and specific configurations that need to be done prior HANA and NetWeaver software could be installed.
As explained in the previous post, Ansible can help us to achieve these states in a solid and reliable way. ‘Red Hat Enterprise Linux System Roles for SAP’ is a collection of Ansible Roles developed by SAP and Ansible experts and supported by Red Hat.
Show rather than tell
Instead of spending much time explaining what these Ansible Roles do in detail, let’s see how we can use those in a real environment.
These Ansible Roles are included as part of the ‘rhel-system-roles-sap’ package (yum install -y rhel-system-roles-sap) coming with the ‘RHEL for SAP Solutions’ subscription, and these are the ones that must be used for Production environments.
Create the Ansible Inventory
The first thing we are doing is to create an Ansible Inventory that will be used later with the Roles. The Ansible Inventory will content the Hosts information as well any required variables we want to pass to the Roles later.
For this scenario we are deploying S/4 HANA by SAP in a host called ‘rhel-01’, and SAP HANA in a host called ‘rhel-02’. The Ansible Inventory will look like this:
$ tree
.
├── group_vars
│ ├── hana.yml
│ ├── netweaver.yml
│ └── sapservers.yml
└── hosts
Ansible inventories are very flexible in terms of how you want to implement and use those. For this scenario, the ‘hosts’ file contains a list of hosts and groups, and the ‘group_vars’ directory contains the variables for each group and groups containing other groups like ‘sapservers’ in this case. For this scenario, it is not mandatory to define all these files as some are empty, but for consistency with later posts where these will be used, we are just creating preparing these forehand.
$ cat hosts
[sapservers:children]
hana
netweaver
[hana]
rhel-02
[netweaver]
rhel-01
$ cat group_vars/sapservers.yml
---
# Common variables for hosts in 'sapservers' group
ansible_user: cloud-user
ansible_ssh_private_key_file: ~/.ssh/blog-servers-key.pem
Ansible_become: true
## Variables for sap-preconfigure Role
sap_preconfigure_modify_etc_hosts: yes
The ‘sapservers’ group is used in this case for all the common variables that apply for hosts both in ‘hana’ and ‘netweaver’ groups.
Create the Ansible Playbook
Once we have the Inventory defined, the next thing we need to do is to create an Ansible Playbook that will use the Inventory and put the hosts in the desired state using the ‘Linux System Roles for SAP’.
Before doing this, we are going to introduce a new concept here, which is Ansible Galaxy, an Ansible’s official hub for sharing Ansible content. This is the place where you will put your Roles to be shared with the Community. In addition to this, there is a CLI called ‘ansible-galaxy’ you can use to pull Roles from Ansible Galaxy.
The ‘requirements’ file, will have the information of the Roles we want to pull locally to be used in our new Playbook.
$ cat requirements.yml
# From upstream 'sap-preconfigure' GitHub repository
- src: https://github.com/linux-system-roles/sap-preconfigure.git
# From upstream 'sap-hana-preconfigure' GitHub repository
- src: https://github.com/linux-system-roles/sap-hana-preconfigure.git
# From upstream 'sap-netweaver-preconfigure' GitHub repository
- src: https://github.com/linux-system-roles/sap-netweaver-preconfigure.git
The ‘sap-prepare’ Playbook, will use those Roles with specific subsets from our Inventory. As we can see, ‘sap-preconfigure’ Role will be applied to the ‘sapservers’ group, as this Role is common for all the hosts from our Inventory, while ‘sap-netweaver-preconfigure’ Role will be applied only to the ‘netweaver’ group, as we don’t want to apply this Role to the hosts targeted for SAP HANA and only for S/4 HANA by SAP.
$ cat sap-prepare.yml
---
- hosts: sapservers
roles:
- { role: sap-preconfigure }
- hosts: netweaver
roles:
- { role: sap-netweaver-preconfigure }
- hosts: hana
roles:
- { role: sap-hana-preconfigure }
We could create 3 different Playbooks here, one per Inventory group, so we don’t duplicate “hosts” entry in this Playbook, but this is just implementation details we want to keep simple for this demo purpose.
At this point we have defined the Playbook we are going to use and the reference to the Roles to be used for this Playbook. We need to pull those Roles before using the Playbook, and for that, we can use the ‘ansible-galaxy’ CLI with the ‘requirements’ file we have defined previously.
$ ansible-galaxy install -r requirements.yml -p roles
- extracting sap-preconfigure to /home/mak/GIT/sap-automation-blog/roles/sap-preconfigure
- sap-preconfigure was installed successfully
- extracting sap-hana-preconfigure to /home/mak/GIT/sap-automation-blog/roles/sap-hana-preconfigure
- sap-hana-preconfigure was installed successfully
- extracting sap-netweaver-preconfigure to /home/mak/GIT/sap-automation-blog/roles/sap-netweaver-preconfigure
- sap-netweaver-preconfigure was installed successfully
After executing the above command, we can see the Ansible Roles under the ‘roles’ directory we have specified to be pulled to.
$ tree -L 1 roles
roles
├── sap-hana-preconfigure
├── sap-netweaver-preconfigure
└── sap-preconfigure
Running the Playbook
We are in the position now to run the Playbook. Before doing this, to validate that the inventory is correct and we can connect with every host, we are going to run a quick ‘play’ with Ansible, using the ‘ping’ Ansible module that will check the connection with Ansible with the provided variables from the Inventory.
$ ansible -i inventory sapservers -m ping
rhel-02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
rhel-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
Once we have checked the connection with all the hosts in the Inventory, we can run the Playbook we have just created which will use the ‘Red Hat Enterprise Linux System Roles for SAP’ to prepare the hosts in the way they need to be prepared to deploy SAP HANA and S/4HANA by SAP.
At this point, both ‘rhel-01’ and ‘rhel-02’ are prepared to install S/4HANA by SAP and SAP HANA respectively.
If you are familiar with SAP deployments, you may notice that another requirement has not been completed, and this is the specific mount points for the SAP software. There is a supported role as part of the ‘Red Hat Enterprise Linux System Roles’ that is not specific for SAP than can be used to cover this.
As a quick example, these are Inventory examples that can be used with that particular Role in order to configure the systems with the required file systems and mount points.
storage_pools:
- name: sap
disks:
- vdb
volumes:
- name: sap
size: "50 GiB"
mount_point: "/usr/sap"
state: present
- name: sapmnt
size: "20 GiB"
mount_point: "/usr/sapmnt"
state: present
storage_pools:
- name: sap
disks:
- vdb
volumes:
- name: data
size: "128 GiB"
mount_point: "/hana/data"
state: present
- name: log
size: "64 GiB"
mount_point: "/hana/log"
state: present
- name: shared
size: "128 GiB"
mount_point: "/hana/shared"
state: present
- name: sap
size: "50 GiB"
mount_point: "/usr/sap"
state: present
No comments:
Post a Comment