This repository contains code for deploying SAP products in GCP using Ansible and Terraform.
The Terraform modules build machines and other infrastructure required. Ansible is used to configure the machines and install SAP products.
The provided Ansible can be used in two different ways: the first is to run Terraform to create the machines before configuring them, and the second is to run it against existing machines.
-
Available Stacks
SAP installation media must be stored in a bucket according to the provided instructions.
Machines need outbound internet access to download packages and register for licensing. Typically this is done by creating a Cloud Nat instance in each region where machines are located.
Note, although it is possible to deploy SAP without outbound internet access, it requires additional work and the creation of custom images.
A service account must be created with credentials that enable downloading files from the storage bucket where installation media is located. Machines that are clustered with Pacemaker also need credentials to access compute APIs for STONITH to work. Clustered machines include HANA HA primary and secondary, ASCS, and ERS.
The name of the service account must be passed as a variable and it is attached to the machines automatically when they are created.
The firewall must enable traffic between machines and load balancers as required. For example, PAS and AAS machines need access to the HANA load balancer if you are running HA, or to the HANA machine directly if not running HA. Clustered machines will need access to each other for pacemaker to work.
The firewall rules need to be created beforehand, but can be controlled using tags that are configurable through the variables sap_hana_network_tags and sap_nw_network_tags. Machines will be created with the tags defined in these variables.
To enable getting started quickly, a stack SAP-Prerequisites is provided that creates a service account sap-common-sa and open firewall rules for machines tagged sap-allow-all. The other stacks in this repository default to using that service account and network tag. The playbook in the SAP-Prerequisites stack only needs to be run one time before building any other stack.
The fastest way to start is to use Ansible and Terraform together to build a full stack.
-
Upload your SAP Install Media to a bucket according to the provided instructions
-
Choose a stack, for example
NetWeaver-HA. Define a file containing the variables for the stack by copyingstacks/NetWeaver-HA/vars/deploy-vars.ymland modifying it to work in your GCP project. Check the documentation for your stack for more details about the available variables. -
Assuming your variables file is called
vars.yml, run the playbook from the root of the repository using the providedansible-wrapperscript:
./ansible-wrapper stacks/NetWeaver-HA/playbook.yml -e @vars.yml
See Running Playbooks for more details on running playbooks.
ansible.cfg - This file contains Ansible configuration settings.
ansible-wrapper - This script is a wrapper around the ansible-playbook command. It first ensures a Python virtual environment exist and then installs all of the dependencies from requirements.txt into it before finally running ansible-playbook from the virtualenv. All arguments to this script will be passed to ansible-playbook.
ansible/roles/ - This directory contains all Ansible roles.
requirements.txt - This file contains all Python dependencies, including Ansible, with their versions pinned. Code changes are tested only against these exact versions.
stacks/ - This directory contains a subdirectory per supported stack, for example HANA-HA or NetWeaver-HA.
stacks/<stack>/playbook.yml - This is the playbook to run Ansible together with Terraform to create the infrastructure and configure the stack.
stacks/<stack>/playbook-notf.yml - This is the playbook to run Ansible without Terraform to configure the stack with existing infrastructure.
stacks/<stack>/tf/ - This directory contains a root Terraform module used as the Terraform entry point for the stack.
stacks/<stack>/vars/ - This directory contains example variables used to configure the stack.
terraform/modules/ - This directory contains all of the Terraform modules called by the root modules.
third_party/ - This directory contains vendored third party dependencies.