diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 000000000..b2a76a893 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.yml linguist-detectable \ No newline at end of file diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 0faee4901..18d417464 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -6,6 +6,16 @@ community.sap_install Release Notes +v1.2.1 +====== + +Release Summary +--------------- + +| Release Date: 2022-01-26 +| A few minor fixes + + v1.2.0 ====== diff --git a/docs/developer_notes/sap_swmp_dev.md b/docs/developer_notes/sap_swmp_dev.md index 69d33d211..3386af300 100644 --- a/docs/developer_notes/sap_swmp_dev.md +++ b/docs/developer_notes/sap_swmp_dev.md @@ -1,5 +1,22 @@ # sap_swpm Ansible Role DEVELOPER NOTES +## Errors with missing signature files for installation media + +After SWPM 1.0 SP22 and SAP SWPM 2.0 SP00, all SAP Software installation media requires a seperate signature file (SIGNATURE.SMF). The signature file is missing in older installation media. + +For example, IDES for SAP ECC 6.0 EhP8. See the following error message and SAP Note 2622019 - "EXPORT_1 is not signed" error during IDES installation. +```shell +INFO +DU at '/software_path/51052029_1/EXP1' is not signed. + +WARNING +Data unit '/software_path/51052029_1/EXP1' is not signed. +DETAILS: The found data unit must not be used. +SOLUTION: Ensure that you use the latest available version of Installation Export 1 ECC 6.0 EhP8 downloaded from the SAP Support Portal and ensure that its content is unchanged. +Not accepted +``` + + ## SAP SWPM for SAP NWAS JAVA installations There are two deployment methods executed for SAP SWPM for SAP NWAS JAVA, which uses two sequential executions: diff --git a/galaxy.yml b/galaxy.yml index d7a551bee..ed8fc8a63 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ namespace: community name: sap_install # The version of the collection. Must be compatible with semantic versioning -version: 1.2.0 +version: 1.2.1 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md diff --git a/roles/sap_general_preconfigure/tasks/RedHat/installation.yml b/roles/sap_general_preconfigure/tasks/RedHat/installation.yml index 2429de9ce..60789c18f 100644 --- a/roles/sap_general_preconfigure/tasks/RedHat/installation.yml +++ b/roles/sap_general_preconfigure/tasks/RedHat/installation.yml @@ -109,16 +109,24 @@ state: present when: ansible_distribution_major_version == '7' -# Note: We do not want package updates, see Red Hat bug 1983749. -- name: Ensure that the required package groups are installed, RHEL 8 and RHEL 9 - ansible.builtin.dnf: - name: "{{ sap_general_preconfigure_packagegroups }}" - state: present - exclude: kernel* - nobest: true +# Note: We do not want package updates, see also Red Hat bug 1983749. +# Because the installation of an environment or package group is not guaranteed to avoid package updates, +# and because of bug 2011426 (for which the fix is not available in the RHEL 8.1 ISO image), a RHEL 8.1 +# system might not boot after installing environment group Server. +- name: Ensure that the required package groups are installed, RHEL 8 and RHEL 9 # noqa command-instead-of-module + ansible.builtin.command: "yum install {{ sap_general_preconfigure_packagegroups | join(' ') }} --nobest --exclude=kernel* -y" register: __sap_general_preconfigure_register_yum_group_install when: ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' +# possible replacement once we no longer need Ansible 2.9 compatibility: +#- name: Ensure that the required package groups are installed, RHEL 8 and 9 +# ansible.builtin.package: +# name: "{{ sap_general_preconfigure_packagegroups }}" +# state: present +# nobest: true # supported from Ansible 2.11 +# register: __sap_general_preconfigure_register_yum_group_install +# when: ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9' + - name: Ensure that the required packages are installed ansible.builtin.package: name: "{{ sap_general_preconfigure_packages }}" diff --git a/roles/sap_install_media_detect/defaults/main.yml b/roles/sap_install_media_detect/defaults/main.yml index 7b4c15a68..fb587f511 100644 --- a/roles/sap_install_media_detect/defaults/main.yml +++ b/roles/sap_install_media_detect/defaults/main.yml @@ -15,7 +15,7 @@ sap_install_media_detect_igs: true sap_install_media_detect_kernel: true sap_install_media_detect_webdisp: false -# saps4hana, sapecc, sapbw4hana, sapnwas_abap, sapnwas_java +# saps4hana, sapecc, sapecc_ides, sapbw4hana, sapnwas_abap, sapnwas_java sap_install_media_detect_export: # e.g. /db_backup diff --git a/roles/sap_install_media_detect/tasks/detect_export_sapecc_ides.yml b/roles/sap_install_media_detect/tasks/detect_export_sapecc_ides.yml new file mode 100644 index 000000000..e9ebf3421 --- /dev/null +++ b/roles/sap_install_media_detect/tasks/detect_export_sapecc_ides.yml @@ -0,0 +1,134 @@ +--- + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Create Directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + mode: '0755' + owner: root + group: root + with_items: + - "{{ sap_install_media_detect_directory }}/sapecc_ides_export/" + - "{{ sap_install_media_detect_directory }}/sapecc_ides_export_extracted/" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - List files in directory + ansible.builtin.shell: ls -1 + register: detect_directory_files + args: + chdir: "{{ sap_install_media_detect_directory }}" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Detect ZIP files (including no file extensions), ignore errors + ansible.builtin.shell: if [ ! -z "$(file {{ item }} | grep 'Zip archive data')" ]; then echo {{ item }}; fi + register: detect_directory_files_zip +# changed_when: "item.stdout | length > 0" + with_items: + - "{{ detect_directory_files.stdout_lines }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + ignore_errors: true + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Detect RAR files (including no file extensions), ignore errors + ansible.builtin.shell: if [ ! -z "$(file {{ item }} | grep 'RAR')" ]; then echo {{ item }}; fi + register: detect_directory_files_rar +# changed_when: "item.stdout | length > 0" + with_items: + - "{{ detect_directory_files.stdout_lines }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + ignore_errors: true + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Identify SAP ECC IDES EXPORT files + ansible.builtin.shell: | + if [ ! -z "$(file {{ item }} | grep 'Zip archive data')" ]; then if zipinfo -1 {{ item }} | grep -Eq '*EXP[0-9]' ; then echo '{{ item }}' ; fi ; + elif [ ! -z "$(file {{ item }} | grep 'RAR')" ]; then if "{{ sap_install_media_detect_unrar_binary }}" lb {{ item }} | grep -Eq '*EXP[0-9]' ; then echo '{{ item }}' ; fi ; fi + register: detect_directory_files_ecc_export + changed_when: "item | length > 0" + with_items: + - "{{ detect_directory_files_zip.results | map(attribute='stdout') | select() }}" + - "{{ detect_directory_files_rar.results | map(attribute='stdout') | select() }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - If any ZIP, then extract the SAP ECC Installation Export file (unzip) + ansible.builtin.shell: if [ ! -z "$(file {{ item }} | grep 'Zip archive data')" ]; then unzip {{ item }} -d ./sapecc_ides_export_extracted ; fi + with_items: + - "{{ detect_directory_files_ecc_export.results | map(attribute='stdout') | select() }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - If any RAR without file extension, then add file extension (for use with unrar binary) + ansible.builtin.shell: if [ ! -z "$(file {{ item }} | grep 'RAR archive data')" ]; then filename="{{ item }}" && if [ "${filename##*.}" != "rar" ]; then mv {{ item }} {{ item }}.rar ; fi ; fi + with_items: + - "{{ detect_directory_files_ecc_export.results | map(attribute='stdout') | select() }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Find self-extracting RAR EXE (parent RAR file) and extract SAP ECC Installation Export files (unrar x) + ansible.builtin.shell: if [ ! -z "$(file {{ item }} | grep 'RAR self-extracting archive')" ]; then "{{ sap_install_media_detect_unrar_binary }}" x "{{ item }}" sapecc_ides_export_extracted/ ; fi + with_items: + - "{{ detect_directory_files_ecc_export.results | map(attribute='stdout') | select() }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Identify SAP ECC IDES EXPORT extracted + ansible.builtin.find: + paths: "{{ sap_install_media_detect_directory }}/sapecc_ides_export_extracted" + recurse: yes + file_type: directory +# contains: "*EXP" + patterns: '.*EXP.*' + use_regex: yes + register: detect_directory_export_extracted + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Local Directory source - re-list files in directory + ansible.builtin.shell: ls -1 + register: detect_directory_files + args: + chdir: "{{ sap_install_media_detect_directory }}" + when: + - sap_install_media_detect_source == "local_dir" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Local Directory source - re-detect ZIP files (including no file extensions), ignore errors + ansible.builtin.shell: if [ ! -z "$(file {{ item }} | grep 'Zip archive data')" ]; then echo {{ item }}; fi + register: detect_directory_files_zip_repeated +# changed_when: "item.stdout | length > 0" + with_items: + - "{{ detect_directory_files.stdout_lines }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + ignore_errors: true + when: + - sap_install_media_detect_source == "local_dir" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Local Directory source - re-detect RAR files (including no file extensions), ignore errors + ansible.builtin.shell: if [ ! -z "$(file {{ item }} | grep 'RAR')" ]; then echo {{ item }}; fi + register: detect_directory_files_rar_repeated +# changed_when: "item.stdout | length > 0" + with_items: + - "{{ detect_directory_files.stdout_lines }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + ignore_errors: true + when: + - sap_install_media_detect_source == "local_dir" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Local Directory source - re-identify SAP ECC IDES EXPORT files + ansible.builtin.shell: | + if [ ! -z "$(file {{ item }} | grep 'Zip archive data')" ]; then if zipinfo -1 {{ item }} | grep -Eq '*EXP[0-9]' ; then echo '{{ item }}' ; fi ; + elif [ ! -z "$(file {{ item }} | grep 'RAR')" ]; then if "{{ sap_install_media_detect_unrar_binary }}" lb {{ item }} | grep -Eq '*EXP[0-9]' ; then echo '{{ item }}' ; fi ; fi + register: detect_directory_files_ecc_export_repeated + changed_when: "item | length > 0" + with_items: + - "{{ detect_directory_files_zip_repeated.results | map(attribute='stdout') | select() }}" + - "{{ detect_directory_files_rar_repeated.results | map(attribute='stdout') | select() }}" + args: + chdir: "{{ sap_install_media_detect_directory }}" + when: + - sap_install_media_detect_source == "local_dir" + +- name: SAP Install Media Detect - SAP ECC IDES EXPORT - Local Directory source - move SAP ECC IDES EXPORT compressed archive files + command: mv "{{ sap_install_media_detect_directory }}/{{ item }}" "{{ sap_install_media_detect_directory }}/sapecc_ides_export/{{ item }}" + with_items: + - "{{ detect_directory_files_ecc_export_repeated.results | map(attribute='stdout') | select() }}" + when: + - sap_install_media_detect_source == "local_dir" diff --git a/roles/sap_install_media_detect/tasks/main.yml b/roles/sap_install_media_detect/tasks/main.yml index c2780a4fe..9d36ede2a 100644 --- a/roles/sap_install_media_detect/tasks/main.yml +++ b/roles/sap_install_media_detect/tasks/main.yml @@ -71,6 +71,11 @@ when: - sap_install_media_detect_export == "sapecc" +- name: SAP Install Media Detect - EXPORT files for SAP ECC IDES + include_tasks: "detect_export_sapecc_ides.yml" + when: + - sap_install_media_detect_export == "sapecc_ides" + - name: SAP Install Media Detect - EXPORT files for SAP S/4HANA include_tasks: "detect_export_saps4hana.yml" when: diff --git a/roles/sap_install_media_detect/tasks/set_global_vars.yml b/roles/sap_install_media_detect/tasks/set_global_vars.yml index 9e6c3b538..a9c592c48 100644 --- a/roles/sap_install_media_detect/tasks/set_global_vars.yml +++ b/roles/sap_install_media_detect/tasks/set_global_vars.yml @@ -46,7 +46,7 @@ sap_swpm_cd_export_path: "{{ detect_directory_export_extracted.files[0].path }}" # for sap_swpm Ansible Role ignore_errors: true when: - - sap_install_media_detect_export == "sapecc" + - sap_install_media_detect_export == "sapecc" or sap_install_media_detect_export == "sapecc_ides" - name: SAP Install Media Detection Completed - set facts for Export of SAP S/4HANA ansible.builtin.set_fact: diff --git a/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml b/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml index b922d1f2e..6abf886cd 100644 --- a/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml +++ b/roles/sap_netweaver_preconfigure/tasks/sapnote/3119751.yml @@ -5,16 +5,23 @@ msg: "SAP note {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3119751$') | first).number }} (version {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3119751$') | first).version }}): Linux Requirements for SAP Kernel 754 and for SAP Kernel 788 and higher" -- name: Create directory "{{ sap_netweaver_preconfigure_rpath }}" +- name: Get info about the compat-sap-c++-10.so file + ansible.builtin.stat: + path: /opt/rh/SAP/lib64/compat-sap-c++-10.so + register: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp + +- name: Create directory '{{ sap_netweaver_preconfigure_rpath }}' ansible.builtin.file: path: "{{ sap_netweaver_preconfigure_rpath }}" state: directory owner: root group: root mode: '0755' + when: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists -- name: Create a link to libstdc++.so.6 +- name: Create a link to '{{ sap_netweaver_preconfigure_rpath }}libstdc++.so.6' ansible.builtin.file: src: /opt/rh/SAP/lib64/compat-sap-c++-10.so dest: "{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6" state: link + when: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists diff --git a/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml b/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml index 62ad88166..afe510cdd 100644 --- a/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml +++ b/roles/sap_netweaver_preconfigure/tasks/sapnote/assert-3119751.yml @@ -5,30 +5,46 @@ msg: "SAP note {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3119751$') | first).number }} (version {{ (__sap_netweaver_preconfigure_sapnotes_versions | selectattr('number', 'match', '^3119751$') | first).version }}): Linux Requirements for SAP Kernel 754 and for SAP Kernel 788 and higher" -- name: Get info about file "{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6" +- name: Get info about the compat-sap-c++-10.so file + ansible.builtin.stat: + path: /opt/rh/SAP/lib64/compat-sap-c++-10.so + register: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp + +- name: Report if checking for a link from libstdc++.so.6 to compat-sap-c++-10.so is skipped + ansible.builtin.debug: + msg: "INFO: Not checking for link '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' - file '/opt/rh/SAP/lib64/compat-sap-c++-10.so' does not exist on this system." + when: not __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists + +- name: Get info about file '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' ansible.builtin.stat: path: "{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6" register: __sap_netweaver_preconfigure_register_stat_libstdc_assert + when: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists -- name: Assert that file "{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6" exists +- name: Assert that file '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' exists ansible.builtin.assert: that: __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.exists - fail_msg: "FAIL: File {{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6 does not exist!" - success_msg: "PASS: File {{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6 exists." + fail_msg: "FAIL: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' does not exist!" + success_msg: "PASS: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' exists." ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" + when: __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists -- name: Assert that file "{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6" is a link +- name: Assert that file '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is a link ansible.builtin.assert: that: __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.islnk - fail_msg: "FAIL: File {{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6 is not a link!" - success_msg: "PASS: File {{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6 is a link." + fail_msg: "FAIL: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is not a link!" + success_msg: "PASS: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is a link." ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" - when: __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.exists + when: + - __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists + - __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.exists -- name: Assert that file "{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6" is a link to /opt/rh/SAP/lib64/compat-sap-c++-10.so +- name: Assert that file '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is a link to '/opt/rh/SAP/lib64/compat-sap-c++-10.so' ansible.builtin.assert: that: __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.lnk_target == '/opt/rh/SAP/lib64/compat-sap-c++-10.so' - fail_msg: "FAIL: File {{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6 is not a link to /opt/rh/SAP/lib64/compat-sap-c++-10.so!" - success_msg: "PASS: File {{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6 is a link to /opt/rh/SAP/lib64/compat-sap-c++-10.so." + fail_msg: "FAIL: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is not a link to '/opt/rh/SAP/lib64/compat-sap-c++-10.so!'" + success_msg: "PASS: File '{{ sap_netweaver_preconfigure_rpath }}/libstdc++.so.6' is a link to '/opt/rh/SAP/lib64/compat-sap-c++-10.so.'" ignore_errors: "{{ sap_netweaver_preconfigure_assert_ignore_errors | d(false) }}" - when: __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.exists + when: + - __sap_netweaver_preconfigure_register_stat_compat_sap_cpp.stat.exists + - __sap_netweaver_preconfigure_register_stat_libstdc_assert.stat.exists diff --git a/roles/sap_swpm/defaults/main.yml b/roles/sap_swpm/defaults/main.yml index 396f546ad..f0d7a758f 100644 --- a/roles/sap_swpm/defaults/main.yml +++ b/roles/sap_swpm/defaults/main.yml @@ -79,6 +79,7 @@ sap_swpm_inifile_list: - nw_config_central_services_abap # - nw_config_central_services_java - nw_config_primary_application_server_instance + - nw_config_additional_application_server_instance # - nw_config_ers - nw_config_ports # - nw_config_java_ume @@ -86,7 +87,10 @@ sap_swpm_inifile_list: # - nw_config_webdisp_generic # - nw_config_webdisp_gateway - nw_config_host_agent -# - nw_config_post_abap_reports +# - nw_config_post_load_abap_reports +# - nw_config_livecache +# - nw_config_sld +# - nw_config_abap_language_packages - sap_os_linux_user ## Not in use diff --git a/roles/sap_swpm/tasks/post_install/firewall.yml b/roles/sap_swpm/tasks/post_install/firewall.yml index 524b3023a..e8c5b3904 100644 --- a/roles/sap_swpm/tasks/post_install/firewall.yml +++ b/roles/sap_swpm/tasks/post_install/firewall.yml @@ -4,45 +4,45 @@ when: ansible_virtualization_role != "guest" or ansible_virtualization_type != "docker" block: - - name: SAP SWPM Post Install - Gathering Firewall Facts - ansible.builtin.package_facts: - manager: auto + - name: SAP SWPM Post Install - Gathering Firewall Facts + ansible.builtin.package_facts: + manager: auto - - name: SAP SWPM Post Install - Setup Firewall if included in packages - when: '"firewalld" in ansible_facts.packages' - block: + - name: SAP SWPM Post Install - Setup Firewall if included in packages + when: '"firewalld" in ansible_facts.packages' + block: - - name: SAP SWPM Post Install - Enable and start the firewalld service - ansible.builtin.systemd: - name: firewalld - state: started - enabled: yes - tags: sap_swpm_configure_firewall + - name: SAP SWPM Post Install - Enable and start the firewalld service + ansible.builtin.systemd: + name: firewalld + state: started + enabled: yes + tags: sap_swpm_configure_firewall - - name: SAP SWPM Post Install - Firewall Setup - when: - - sap_swpm_wd_instance_nr is defined - - sap_swpm_wd_instance_nr | length - ansible.builtin.set_fact: - sap_nw_firewall_ports: - - "3200-3399" - - "36{{ sap_swpm_pas_instance_nr }}" - - "80{{ sap_swpm_pas_instance_nr }}" - - "443{{ sap_swpm_pas_instance_nr }}" - - "36{{ sap_swpm_ascs_instance_nr }}" - - "80{{ sap_swpm_ascs_instance_nr }}" - - "443{{ sap_swpm_ascs_instance_nr }}" - - "8090" - - "44390" - - "443{{ sap_swpm_wd_instance_nr }}" + - name: SAP SWPM Post Install - Firewall Setup + when: + - sap_swpm_wd_instance_nr is defined + - sap_swpm_wd_instance_nr | length + ansible.builtin.set_fact: + sap_nw_firewall_ports: + - "3200-3399" + - "36{{ sap_swpm_pas_instance_nr }}" + - "80{{ sap_swpm_pas_instance_nr }}" + - "443{{ sap_swpm_pas_instance_nr }}" + - "36{{ sap_swpm_ascs_instance_nr }}" + - "80{{ sap_swpm_ascs_instance_nr }}" + - "443{{ sap_swpm_ascs_instance_nr }}" + - "8090" + - "44390" + - "443{{ sap_swpm_wd_instance_nr }}" - - name: SAP SWPM Post Install - Add Ports Based on NR - {{ sap_swpm_pas_instance_nr }} - ansible.builtin.include_tasks: update_firewall.yml - loop: "{{ sap_nw_firewall_ports }}" - loop_control: - loop_var: passed_port + - name: SAP SWPM Post Install - Add Ports Based on NR - {{ sap_swpm_pas_instance_nr }} + ansible.builtin.include_tasks: update_firewall.yml + loop: "{{ sap_nw_firewall_ports }}" + loop_control: + loop_var: passed_port -# Reason for noqa: We currently do not determine if reloading the firewall changes anything - - name: SAP SWPM Post Install - Reload Firewall # noqa no-changed-when - ansible.builtin.shell: | - firewall-cmd --reload + # Reason for noqa: We currently do not determine if reloading the firewall changes anything + - name: SAP SWPM Post Install - Reload Firewall # noqa no-changed-when + ansible.builtin.shell: | + firewall-cmd --reload diff --git a/roles/sap_swpm/tasks/pre_install/firewall.yml b/roles/sap_swpm/tasks/pre_install/firewall.yml index 80d1cee95..18675bdf7 100644 --- a/roles/sap_swpm/tasks/pre_install/firewall.yml +++ b/roles/sap_swpm/tasks/pre_install/firewall.yml @@ -4,59 +4,59 @@ when: ansible_virtualization_role != "guest" or ansible_virtualization_type != "docker" block: - - name: SAP SWPM Pre Install - Gathering Firewall Facts - ansible.builtin.package_facts: - manager: auto + - name: SAP SWPM Pre Install - Gathering Firewall Facts + ansible.builtin.package_facts: + manager: auto - - name: SAP SWPM Pre Install - Setup Firewall if included in packages - when: '"firewalld" in ansible_facts.packages' - block: + - name: SAP SWPM Pre Install - Setup Firewall if included in packages + when: '"firewalld" in ansible_facts.packages' + block: - - name: SAP SWPM Pre Install - Enable and start the firewalld service - ansible.builtin.systemd: - name: firewalld - state: started - enabled: yes - tags: sap_swpm_configure_firewall + - name: SAP SWPM Pre Install - Enable and start the firewalld service + ansible.builtin.systemd: + name: firewalld + state: started + enabled: yes + tags: sap_swpm_configure_firewall - - name: SAP SWPM Pre Install - Generate SAP HANA Ports Based on NR - {{ sap_swpm_db_instance_nr }} - ansible.builtin.set_fact: - sap_hana_firewall_ports: - - "1128" - - "1129" - - "43{{ sap_swpm_db_instance_nr }}" - - "5050" - - "9090" - - "9091" - - "9092" - - "9093" - - "3{{ sap_swpm_db_instance_nr }}00-3{{ sap_swpm_db_instance_nr }}90" - - "30105" - - "30107" - - "30140" - - "4{{ sap_swpm_db_instance_nr }}01" - - "4{{ sap_swpm_db_instance_nr }}02" - - "4{{ sap_swpm_db_instance_nr }}06" - - "4{{ sap_swpm_db_instance_nr }}12" - - "4{{ sap_swpm_db_instance_nr }}14" - - "4{{ sap_swpm_db_instance_nr }}40" - - "5{{ sap_swpm_db_instance_nr }}00" - - "5{{ sap_swpm_db_instance_nr }}13" - - "5{{ sap_swpm_db_instance_nr }}14" - - "51000" - - "64997" - when: - - not sap_swpm_generic | bool + - name: SAP SWPM Pre Install - Generate SAP HANA Ports Based on NR - {{ sap_swpm_db_instance_nr }} + ansible.builtin.set_fact: + sap_hana_firewall_ports: + - "1128" + - "1129" + - "43{{ sap_swpm_db_instance_nr }}" + - "5050" + - "9090" + - "9091" + - "9092" + - "9093" + - "3{{ sap_swpm_db_instance_nr }}00-3{{ sap_swpm_db_instance_nr }}90" + - "30105" + - "30107" + - "30140" + - "4{{ sap_swpm_db_instance_nr }}01" + - "4{{ sap_swpm_db_instance_nr }}02" + - "4{{ sap_swpm_db_instance_nr }}06" + - "4{{ sap_swpm_db_instance_nr }}12" + - "4{{ sap_swpm_db_instance_nr }}14" + - "4{{ sap_swpm_db_instance_nr }}40" + - "5{{ sap_swpm_db_instance_nr }}00" + - "5{{ sap_swpm_db_instance_nr }}13" + - "5{{ sap_swpm_db_instance_nr }}14" + - "51000" + - "64997" + when: + - not sap_swpm_generic | bool - - name: SAP SWPM Pre Install - Add Ports Based on NR - {{ sap_swpm_db_instance_nr }} - ansible.builtin.include_tasks: update_firewall.yml - loop: "{{ sap_hana_firewall_ports }}" - loop_control: - loop_var: passed_port - when: - - not sap_swpm_generic | bool + - name: SAP SWPM Pre Install - Add Ports Based on NR - {{ sap_swpm_db_instance_nr }} + ansible.builtin.include_tasks: update_firewall.yml + loop: "{{ sap_hana_firewall_ports }}" + loop_control: + loop_var: passed_port + when: + - not sap_swpm_generic | bool -# Reason for noqa: We currently do not determine if reloading the firewall changes anything - - name: SAP SWPM Pre Install - Reload Firewall # noqa no-changed-when - ansible.builtin.shell: | - firewall-cmd --reload + # Reason for noqa: We currently do not determine if reloading the firewall changes anything + - name: SAP SWPM Pre Install - Reload Firewall # noqa no-changed-when + ansible.builtin.shell: | + firewall-cmd --reload diff --git a/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml b/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml index 76ef5db10..ee5dd79f3 100644 --- a/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml +++ b/roles/sap_swpm/tasks/pre_install/install_type/maint_plan_stack_install.yml @@ -9,12 +9,22 @@ args: chdir: "{{ sap_swpm_mp_stack_path }}" register: sap_swpm_mp_stack_file_get - when: (sap_swpm_mp_stack_file_name is not defined) or (sap_swpm_mp_stack_file_name | default(None)) # Test if variable string is not defined or None / blank + # Test if variable string is not defined or None / blank + when: + (sap_swpm_mp_stack_file_name is not defined) or + (sap_swpm_mp_stack_file_name | type_debug == 'NoneType') or + (sap_swpm_mp_stack_file_name is none) or + (sap_swpm_mp_stack_file_name | length == 0) - name: SAP SWPM Pre Install - MP Stack XML - Set fact ansible.builtin.set_fact: sap_swpm_mp_stack_file_name: "{{ sap_swpm_mp_stack_file_get.stdout }}" - when: (sap_swpm_mp_stack_file_name is not defined) or (sap_swpm_mp_stack_file_name | default(None)) # Test if variable string is not defined or None / blank + # Test if variable string is not defined or None / blank + when: + (sap_swpm_mp_stack_file_name is not defined) or + (sap_swpm_mp_stack_file_name | type_debug == 'NoneType') or + (sap_swpm_mp_stack_file_name is none) or + (sap_swpm_mp_stack_file_name | length == 0) - name: SAP SWPM Pre Install - MP Stack XML - Set fact ansible.builtin.debug: diff --git a/roles/sap_swpm/templates/configfile.j2 b/roles/sap_swpm/templates/configfile.j2 index cc0fccc38..f20c2d14c 100644 --- a/roles/sap_swpm/templates/configfile.j2 +++ b/roles/sap_swpm/templates/configfile.j2 @@ -107,22 +107,6 @@ SAPINST.CD.PACKAGE.RDBMS-SYB-CLIENT = {{ sap_swpm_cd_sapase_client_path }} SAPINST.CD.PACKAGE.RDBMS-ADA = {{ sap_swpm_cd_sapmaxdb_path }} {% endif %} -{% if 'swpm_installation_media_download_service' in sap_swpm_inifile_list %} -###### -# swpm_installation_media_download_service -# Not in use by sap_swpm Ansible Role -###### -# nwUsers.sapServiceSIDPassword = -# download_service.directory = -# DownloadService.EnableProxy = -# DownloadService.HostName = -# DownloadService.Password = -# DownloadService.Port = -# DownloadService.ProvideAuthentication = -# DownloadService.Username = -# DownloadService.planNumber = -{% endif %} - {% if 'maintenance_plan_stack_tms_config' in sap_swpm_inifile_list %} ###### # maintenance_plan_stack_tms_config @@ -258,6 +242,7 @@ Sdb_Schema_Dialogs.dbSchemaPassword = {{ sap_swpm_db_schema_password }} ###### # db_config_hana ###### +storageBasedCopy.hdb.instanceNumber = {{ sap_swpm_db_instance_nr }} # HDB_Schema_Check_Dialogs.dropSchema = false HDB_Schema_Check_Dialogs.schemaName = {{ sap_swpm_db_schema }} HDB_Schema_Check_Dialogs.validateSchemaName = false @@ -461,7 +446,6 @@ storageBasedCopy.javaSchemaPassword = {{ sap_swpm_db_schema_java_password }} ###### # db_restore_hana ###### -storageBasedCopy.hdb.instanceNumber = {{ sap_swpm_db_instance_nr }} NW_HDB_getDBInfo.systemPasswordBackup = {{ sap_swpm_backup_system_password }} HDB_Recovery_Dialogs.backupLocation = {{ sap_swpm_backup_location }} HDB_Recovery_Dialogs.backupName = {{ sap_swpm_backup_prefix }} @@ -550,6 +534,25 @@ NW_CI_Instance.ciInstanceNumber = {{ sap_swpm_pas_instance_nr }} # NW_CI_Instance.nodesNumber = defNodes {% endif %} +{% if 'nw_config_additional_application_server_instance' in sap_swpm_inifile_list %} +###### +# nw_config_additional_application_server_instance +# Additional Application Server (AAS) contains ABAP Dispatcher (DI/WP) work processes. +# Formerly called the Dialog Instance (DI). +###### +# Instance number of SAP NetWeaver Application Server. Leave empty for default. +NW_AS.instanceNumber = {{ sap_swpm_pas_instance_nr }} + +# Do not skip unpacking archives if adding the SAP NetWeaver Application Server to another operating system / host. Default is 'false'. +# NW_AS.skipUnpacking = false + +# Start the SAP NetWeaver Application Server at the end of the installation. Default is 'true'. +# NW_AS.start = true + +# Virtual host name of the SAP NetWeaver Application Server instance. Leave empty to use the existing host name +NW_DI_Instance.virtualHostname = {{ ansible_hostname }} +{% endif %} + {% if 'nw_config_ers' in sap_swpm_inifile_list %} ###### # nw_config_ers @@ -640,8 +643,8 @@ NW_webdispatcher_Instance.rfcPassword = {{ sap_swpm_wd_backend_rfc_ddic_000_pass # It is recommended to install gateway as part of ASCS # It is NOT recommended to install webdispatcher as part of ASCS. A separate Web Dispatcher instance must be installed ###### -NW_SCS_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} -# NW_CI_Instance.ascsInstallGateway = false +NW_CI_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} +# NW_SCS_Instance.ascsInstallGateway = {{ sap_swpm_ascs_install_gateway | lower }} # NW_CI_Instance.ascsInstallWebDispatcher = false # NW_SCS_Instance.ascsInstallWebDispatcher = false {% endif %} @@ -655,7 +658,7 @@ NW_System.installSAPHostAgent = {{ sap_swpm_install_saphostagent | lower }} {% if 'nw_config_post_load_abap_reports' in sap_swpm_inifile_list %} ###### -# nw_config_post_abap_reports +# nw_config_post_load_abap_reports ###### # Activate ICF node '/SAP/BC/REST/SLPROTOCOL' NW_CI_Instance_ABAP_Reports.enableActivateICFService = true @@ -706,6 +709,17 @@ NW_SLD_Configuration.sldUser = NW_SLD_Configuration.sldUserPassword = {% endif %} +{% if 'nw_config_abap_language_packages' in sap_swpm_inifile_list %} +###### +# nw_config_abap_language_packages +###### +NW_Language_Inst_Dialogs.install = true +# Path to language archive files (e.g. S4HANAOP***_LANG_EN.SAR) +NW_Language_Inst_Dialogs.folders = /software +# Selected languages comma-separated list (by default DE,EN are installed) +NW_Language_Inst_Dialogs.languages = AR,BG,CA,CS,DA,EL,ES,ET,FI,FR,HE,HI,HR,HU,IT,JA,KK,KO,LT,LV,MS,NL,NO,PL,PT,RO,RU,SH,SK,SL,SV,TH,TR,UK,VI,ZF,ZH +{% endif %} + {% if 'sap_os_linux_user' in sap_swpm_inifile_list %} ###### # sap_os_linux_user @@ -716,6 +730,22 @@ nwUsers.sidAdmUID = {{ sap_swpm_sidadm_uid }} # NW_GetSidNoProfiles.sapmnt = /sapmnt {% endif %} +{% if 'swpm_installation_media_download_service' in sap_swpm_inifile_list %} +###### +# swpm_installation_media_download_service +# Not in use by sap_swpm Ansible Role +###### +# nwUsers.sapServiceSIDPassword = +# download_service.directory = +# DownloadService.EnableProxy = +# DownloadService.HostName = +# DownloadService.Password = +# DownloadService.Port = +# DownloadService.ProvideAuthentication = +# DownloadService.Username = +# DownloadService.planNumber = +{% endif %} + {% if 'solman_daa_swpm1' in sap_swpm_inifile_list %} ###### # solman_daa_swpm1