-
Notifications
You must be signed in to change notification settings - Fork 88
/
main.tf
309 lines (294 loc) · 19.1 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
module "local_execution" {
source = "../generic_modules/local_exec"
enabled = var.pre_deployment
}
# This locals entry is used to store the IP addresses of all the machines.
# Autogenerated addresses example based in 10.74.0.0/24
# Iscsi server: 10.74.0.4
# Monitoring: 10.74.0.5
# Hana ips: 10.74.0.10, 10.74.0.11
# Majority Maker ip: 10.74.0.9
# Hana cluster vip: 10.74.0.12
# Hana cluster vip secondary: 10.74.0.13
# DRBD ips: 10.74.0.6, 10.74.0.7
# DRBD cluster vip: 10.74.0.8
# Netweaver ips: 10.74.0.60, 10.74.0.61, 10.74.0.62, 10.74.0.63
# Netweaver virtual ips: 10.74.0.64, 10.74.0.65, 10.74.0.66, 10.74.0.67
# If the addresses are provided by the user will always have preference
locals {
iscsi_ip = var.iscsi_srv_ip != "" ? var.iscsi_srv_ip : cidrhost(local.subnet_address_range, 4)
monitoring_ip = var.monitoring_srv_ip != "" ? var.monitoring_srv_ip : cidrhost(local.subnet_address_range, 5)
hana_ip_start = 10
hana_ips = length(var.hana_ips) != 0 ? var.hana_ips : [for ip_index in range(local.hana_ip_start, var.hana_count + local.hana_ip_start) : cidrhost(local.subnet_address_range, ip_index)]
hana_majority_maker_ip = var.hana_majority_maker_ip != "" ? var.hana_majority_maker_ip : cidrhost(local.subnet_address_range, local.hana_ip_start - 1)
hana_cluster_vip = var.hana_cluster_vip != "" ? var.hana_cluster_vip : cidrhost(local.subnet_address_range, var.hana_count + local.hana_ip_start)
hana_cluster_vip_secondary = var.hana_cluster_vip_secondary != "" ? var.hana_cluster_vip_secondary : cidrhost(local.subnet_address_range, var.hana_count + local.hana_ip_start + 1)
drbd_ip_start = 6
drbd_ips = length(var.drbd_ips) != 0 ? var.drbd_ips : [for ip_index in range(local.drbd_ip_start, local.drbd_ip_start + 2) : cidrhost(local.subnet_address_range, ip_index)]
drbd_cluster_vip = var.drbd_cluster_vip != "" ? var.drbd_cluster_vip : cidrhost(local.subnet_address_range, local.drbd_ip_start + 2)
netweaver_xscs_server_count = var.netweaver_enabled ? (var.netweaver_ha_enabled ? 2 : 1) : 0
netweaver_count = var.netweaver_enabled ? local.netweaver_xscs_server_count + var.netweaver_app_server_count : 0
netweaver_virtual_ips_count = var.netweaver_ha_enabled ? max(local.netweaver_count, 3) : max(local.netweaver_count, 2) # We need at least 2 virtual ips, if ASCS and PAS are in the same machine
netweaver_ip_start = 60
netweaver_ips = length(var.netweaver_ips) != 0 ? var.netweaver_ips : [for ip_index in range(local.netweaver_ip_start, local.netweaver_ip_start + local.netweaver_count) : cidrhost(local.subnet_address_range, ip_index)]
netweaver_virtual_ips = length(var.netweaver_virtual_ips) != 0 ? var.netweaver_virtual_ips : [for ip_index in range(local.netweaver_ip_start + local.netweaver_virtual_ips_count, local.netweaver_ip_start + (local.netweaver_virtual_ips_count * 2)) : cidrhost(local.subnet_address_range, ip_index)]
# Check if iscsi server has to be created
use_sbd = var.hana_cluster_fencing_mechanism == "sbd" || var.drbd_cluster_fencing_mechanism == "sbd" || var.netweaver_cluster_fencing_mechanism == "sbd"
iscsi_enabled = var.sbd_storage_type == "iscsi" && ((var.hana_count > 1 && var.hana_ha_enabled) || var.drbd_enabled || (local.netweaver_count > 1 && var.netweaver_ha_enabled)) && local.use_sbd ? true : false
# Obtain machines os_image value
hana_os_image = var.hana_os_image != "" ? var.hana_os_image : var.os_image
iscsi_os_image = var.iscsi_os_image != "" ? var.iscsi_os_image : var.os_image
monitoring_os_image = var.monitoring_os_image != "" ? var.monitoring_os_image : var.os_image
drbd_os_image = var.drbd_os_image != "" ? var.drbd_os_image : var.os_image
netweaver_os_image = var.netweaver_os_image != "" ? var.netweaver_os_image : var.os_image
bastion_os_image = var.bastion_os_image != "" ? var.bastion_os_image : var.os_image
# Netweaver password checking
# If Netweaver is not enabled, a dummy password is passed to pass the variable validation and not require
# a password in this case
# Otherwise, the validation will fail unless a correct password is provided
netweaver_master_password = var.netweaver_enabled ? var.netweaver_master_password : "DummyPass1234"
# check if scale-out is enabled and if "data/log" are local disks (not shared)
hana_basepath_shared = var.hana_scale_out_enabled && contains(split("#", lookup(var.hana_data_disks_configuration, "names", "")), "data") && contains(split("#", lookup(var.hana_data_disks_configuration, "names", "")), "log") ? false : true
}
module "common_variables" {
source = "../generic_modules/common_variables"
provider_type = "azure"
deployment_name = local.deployment_name
deployment_name_in_hostname = var.deployment_name_in_hostname
reg_code = var.reg_code
reg_email = var.reg_email
reg_additional_modules = var.reg_additional_modules
ha_sap_deployment_repo = var.ha_sap_deployment_repo
additional_packages = var.additional_packages
public_key = var.public_key
private_key = var.private_key
authorized_keys = var.authorized_keys
authorized_user = var.admin_user
bastion_enabled = var.bastion_enabled
bastion_public_key = var.bastion_public_key
bastion_private_key = var.bastion_private_key
provisioner = var.provisioner
provisioning_log_level = var.provisioning_log_level
provisioning_output_colored = var.provisioning_output_colored
background = var.background
monitoring_enabled = var.monitoring_enabled
monitoring_srv_ip = var.monitoring_enabled ? local.monitoring_ip : ""
offline_mode = var.offline_mode
cleanup_secrets = var.cleanup_secrets
hana_hwcct = var.hwcct
hana_sid = var.hana_sid
hana_instance_number = var.hana_instance_number
hana_cost_optimized_sid = var.hana_cost_optimized_sid
hana_cost_optimized_instance_number = var.hana_cost_optimized_instance_number
hana_master_password = var.hana_master_password
hana_cost_optimized_master_password = var.hana_cost_optimized_master_password == "" ? var.hana_master_password : var.hana_cost_optimized_master_password
hana_primary_site = var.hana_primary_site
hana_secondary_site = var.hana_secondary_site
hana_inst_master = var.hana_inst_master
hana_inst_folder = var.hana_inst_folder
hana_fstype = var.hana_fstype
hana_platform_folder = var.hana_platform_folder
hana_sapcar_exe = var.hana_sapcar_exe
hana_archive_file = var.hana_archive_file
hana_extract_dir = var.hana_extract_dir
hana_client_folder = var.hana_client_folder
hana_client_archive_file = var.hana_client_archive_file
hana_client_extract_dir = var.hana_client_extract_dir
hana_scenario_type = var.scenario_type
hana_cluster_vip_mechanism = "load-balancer"
hana_cluster_vip = var.hana_ha_enabled ? local.hana_cluster_vip : ""
hana_cluster_vip_secondary = var.hana_active_active ? local.hana_cluster_vip_secondary : ""
hana_ha_enabled = var.hana_ha_enabled
hana_extra_parameters = var.hana_extra_parameters
hana_cluster_fencing_mechanism = var.hana_cluster_fencing_mechanism
hana_sbd_storage_type = var.sbd_storage_type
hana_scale_out_enabled = var.hana_scale_out_enabled
hana_scale_out_shared_storage_type = var.hana_scale_out_shared_storage_type
hana_scale_out_addhosts = var.hana_scale_out_addhosts
hana_scale_out_standby_count = var.hana_scale_out_standby_count
hana_basepath_shared = local.hana_basepath_shared
hana_ha_dr_sustkover_enabled = var.hana_ha_dr_sustkover_enabled
hana_ha_dr_suschksrv_enabled = var.hana_ha_dr_suschksrv_enabled
hana_ha_dr_suschksrv_action_on_lost = var.hana_ha_dr_suschksrv_action_on_lost
netweaver_sid = var.netweaver_sid
netweaver_ascs_instance_number = var.netweaver_ascs_instance_number
netweaver_ers_instance_number = var.netweaver_ers_instance_number
netweaver_pas_instance_number = var.netweaver_pas_instance_number
netweaver_master_password = local.netweaver_master_password
netweaver_product_id = var.netweaver_product_id
netweaver_inst_folder = var.netweaver_inst_folder
netweaver_extract_dir = var.netweaver_extract_dir
netweaver_swpm_folder = var.netweaver_swpm_folder
netweaver_sapcar_exe = var.netweaver_sapcar_exe
netweaver_swpm_sar = var.netweaver_swpm_sar
netweaver_sapexe_folder = var.netweaver_sapexe_folder
netweaver_additional_dvds = var.netweaver_additional_dvds
netweaver_nfs_share = var.drbd_enabled ? "${local.drbd_cluster_vip}:/${var.netweaver_sid}" : var.netweaver_nfs_share
netweaver_sapmnt_path = var.netweaver_sapmnt_path
netweaver_hana_ip = var.hana_ha_enabled ? local.hana_cluster_vip : element(local.hana_ips, 0)
netweaver_hana_sid = var.hana_sid
netweaver_hana_instance_number = var.hana_instance_number
netweaver_hana_master_password = var.hana_master_password
netweaver_ha_enabled = var.netweaver_ha_enabled
netweaver_cluster_vip_mechanism = "load-balancer"
netweaver_cluster_fencing_mechanism = var.netweaver_cluster_fencing_mechanism
netweaver_sbd_storage_type = var.sbd_storage_type
netweaver_shared_storage_type = var.netweaver_shared_storage_type
monitoring_hana_targets = var.hana_scale_out_enabled ? concat(local.hana_ips, [local.hana_majority_maker_ip]) : local.hana_ips
monitoring_hana_targets_ha = var.hana_ha_enabled ? (var.hana_scale_out_enabled ? concat(local.hana_ips, [local.hana_majority_maker_ip]) : local.hana_ips) : []
monitoring_hana_targets_vip = var.hana_ha_enabled ? [local.hana_cluster_vip] : [local.hana_ips[0]] # we use the vip for HA scenario and 1st hana machine for non HA to target the active hana instance
monitoring_drbd_targets = var.drbd_enabled ? local.drbd_ips : []
monitoring_drbd_targets_ha = var.drbd_enabled ? local.drbd_ips : []
monitoring_drbd_targets_vip = var.drbd_enabled ? [local.drbd_cluster_vip] : []
monitoring_netweaver_targets = var.netweaver_enabled ? local.netweaver_ips : []
monitoring_netweaver_targets_ha = var.netweaver_enabled && var.netweaver_ha_enabled ? [local.netweaver_ips[0], local.netweaver_ips[1]] : []
monitoring_netweaver_targets_vip = var.netweaver_enabled ? local.netweaver_virtual_ips : []
drbd_cluster_vip = local.drbd_cluster_vip
drbd_cluster_vip_mechanism = "load-balancer"
drbd_cluster_fencing_mechanism = var.drbd_cluster_fencing_mechanism
drbd_sbd_storage_type = var.sbd_storage_type
}
module "drbd_node" {
source = "./modules/drbd_node"
common_variables = module.common_variables.configuration
name = var.drbd_name
network_domain = var.drbd_network_domain == "" ? var.network_domain : var.drbd_network_domain
bastion_host = module.bastion.public_ip
az_region = var.az_region
drbd_count = var.drbd_enabled == true ? 2 : 0
vm_size = var.drbd_vm_size
drbd_image_uri = var.drbd_image_uri
os_image = local.drbd_os_image
resource_group_name = local.resource_group_name
network_subnet_id = local.subnet_id
storage_account = azurerm_storage_account.mytfstorageacc.primary_blob_endpoint
cluster_ssh_pub = var.cluster_ssh_pub
cluster_ssh_key = var.cluster_ssh_key
host_ips = local.drbd_ips
iscsi_srv_ip = join("", module.iscsi_server.iscsi_ip)
nfs_mounting_point = var.drbd_nfs_mounting_point
nfs_export_name = var.netweaver_sid
# only used by azure fence agent (native fencing)
subscription_id = data.azurerm_subscription.current.subscription_id
tenant_id = data.azurerm_subscription.current.tenant_id
fence_agent_app_id = var.fence_agent_app_id
fence_agent_client_secret = var.fence_agent_client_secret
}
module "netweaver_node" {
source = "./modules/netweaver_node"
common_variables = module.common_variables.configuration
name = var.netweaver_name
network_domain = var.netweaver_network_domain == "" ? var.network_domain : var.netweaver_network_domain
bastion_host = module.bastion.public_ip
az_region = var.az_region
xscs_server_count = local.netweaver_xscs_server_count
app_server_count = var.netweaver_enabled ? var.netweaver_app_server_count : 0
xscs_vm_size = var.netweaver_xscs_vm_size
app_vm_size = var.netweaver_app_vm_size
xscs_accelerated_networking = var.netweaver_xscs_accelerated_networking
app_accelerated_networking = var.netweaver_app_accelerated_networking
data_disk_caching = var.netweaver_data_disk_caching
data_disk_size = var.netweaver_data_disk_size
data_disk_type = var.netweaver_data_disk_type
netweaver_image_uri = var.netweaver_image_uri
os_image = local.netweaver_os_image
resource_group_name = local.resource_group_name
network_subnet_id = local.subnet_id
network_subnet_netapp_id = local.subnet_netapp_id
storage_account = azurerm_storage_account.mytfstorageacc.primary_blob_endpoint
cluster_ssh_pub = var.cluster_ssh_pub
cluster_ssh_key = var.cluster_ssh_key
ascs_instance_number = var.netweaver_ascs_instance_number
ers_instance_number = var.netweaver_ers_instance_number
storage_account_name = var.netweaver_storage_account_name
storage_account_key = var.netweaver_storage_account_key
storage_account_path = var.netweaver_storage_account
host_ips = local.netweaver_ips
virtual_host_ips = local.netweaver_virtual_ips
iscsi_srv_ip = join("", module.iscsi_server.iscsi_ip)
# ANF specific
anf_account_name = local.anf_account_name
anf_pool_name = local.anf_pool_name
anf_pool_service_level = var.anf_pool_service_level
netweaver_anf_quota_sapmnt = var.netweaver_anf_quota_sapmnt
# only used by azure fence agent (native fencing)
subscription_id = data.azurerm_subscription.current.subscription_id
tenant_id = data.azurerm_subscription.current.tenant_id
fence_agent_app_id = var.fence_agent_app_id
fence_agent_client_secret = var.fence_agent_client_secret
}
module "hana_node" {
source = "./modules/hana_node"
common_variables = module.common_variables.configuration
name = var.hana_name
network_domain = var.hana_network_domain == "" ? var.network_domain : var.hana_network_domain
bastion_host = module.bastion.public_ip
az_region = var.az_region
hana_count = var.hana_count
vm_size = var.hana_vm_size
host_ips = local.hana_ips
resource_group_name = local.resource_group_name
network_subnet_id = local.subnet_id
network_subnet_netapp_id = local.subnet_netapp_id
storage_account = azurerm_storage_account.mytfstorageacc.primary_blob_endpoint
storage_account_name = var.storage_account_name
storage_account_key = var.storage_account_key
enable_accelerated_networking = var.hana_enable_accelerated_networking
sles4sap_uri = var.sles4sap_uri
hana_instance_number = var.hana_instance_number
cluster_ssh_pub = var.cluster_ssh_pub
cluster_ssh_key = var.cluster_ssh_key
hana_data_disks_configuration = var.hana_data_disks_configuration
os_image = local.hana_os_image
iscsi_srv_ip = join("", module.iscsi_server.iscsi_ip)
# ANF specific
anf_account_name = local.anf_account_name
anf_pool_name = local.anf_pool_name
anf_pool_service_level = var.anf_pool_service_level
hana_scale_out_anf_quota_data = var.hana_scale_out_anf_quota_data
hana_scale_out_anf_quota_log = var.hana_scale_out_anf_quota_log
hana_scale_out_anf_quota_backup = var.hana_scale_out_anf_quota_backup
hana_scale_out_anf_quota_shared = var.hana_scale_out_anf_quota_shared
# only used by azure fence agent (native fencing)
subscription_id = data.azurerm_subscription.current.subscription_id
tenant_id = data.azurerm_subscription.current.tenant_id
fence_agent_app_id = var.fence_agent_app_id
fence_agent_client_secret = var.fence_agent_client_secret
# passed to majority_maker module
majority_maker_vm_size = var.hana_majority_maker_vm_size
majority_maker_ip = local.hana_majority_maker_ip
}
module "monitoring" {
source = "./modules/monitoring"
common_variables = module.common_variables.configuration
name = var.monitoring_name
network_domain = var.monitoring_network_domain == "" ? var.network_domain : var.monitoring_network_domain
bastion_host = module.bastion.public_ip
monitoring_enabled = var.monitoring_enabled
az_region = var.az_region
vm_size = var.monitoring_vm_size
resource_group_name = local.resource_group_name
network_subnet_id = local.subnet_id
storage_account = azurerm_storage_account.mytfstorageacc.primary_blob_endpoint
monitoring_uri = var.monitoring_uri
os_image = local.monitoring_os_image
monitoring_srv_ip = local.monitoring_ip
}
module "iscsi_server" {
source = "./modules/iscsi_server"
common_variables = module.common_variables.configuration
name = var.iscsi_name
network_domain = var.iscsi_network_domain == "" ? var.network_domain : var.iscsi_network_domain
bastion_host = module.bastion.public_ip
iscsi_count = local.iscsi_enabled ? 1 : 0
az_region = var.az_region
vm_size = var.iscsi_vm_size
resource_group_name = local.resource_group_name
network_subnet_id = local.subnet_id
storage_account = azurerm_storage_account.mytfstorageacc.primary_blob_endpoint
iscsi_srv_uri = var.iscsi_srv_uri
os_image = local.iscsi_os_image
host_ips = [local.iscsi_ip]
lun_count = var.iscsi_lun_count
iscsi_disk_size = var.iscsi_disk_size
}