-
Notifications
You must be signed in to change notification settings - Fork 13
Expand file tree
/
Copy pathsap-hana-system-replication-hooks.yaml
More file actions
149 lines (138 loc) · 7.68 KB
/
sap-hana-system-replication-hooks.yaml
File metadata and controls
149 lines (138 loc) · 7.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
---
- name: SAP Hana System Replication Hooks
hosts: hana
remote_user: cloudadmin
become: true
become_user: root
pre_tasks:
- name: Source hana install variables
ansible.builtin.include_vars: ./vars/hana_vars.yaml
vars:
is_primary: "{{ ansible_play_hosts[0] == inventory_hostname }}"
# All hook scripts should be used directly from the SAPHanaSR package.
# If the scripts are moved or copied, regular SUSE package updates will not work.
# https://documentation.suse.com/sbp/sap-15/html/SLES4SAP-hana-sr-guide-PerfOpt-15/index.html#cha.s4s.hana-hook
__hooks_dir: "/usr/share/SAPHanaSR/"
__sapcontrol: "/usr/sap/hostctrl/exe/sapcontrol"
# SAPHahaSR-angi
use_hana_sr_angi: "{{ use_sap_hana_sr_angi | default(false) }}"
__hooks_dir_angi: "/usr/share/SAPHanaSR-angi/"
handlers:
- name: Stop HANA
ansible.builtin.command: # Stopwait will timeout after 600 seconds.
cmd: >-
{{ __sapcontrol }}
-nr {{ sap_hana_install_instance_number }}
-function StopWait 600 10
register: stopwait
changed_when: stopwait.rc == 0 # Sucessfull output is like "\n24.06.2025 23:38:21\nStop\nOK\n\n24.06.2025 23:38:41\nStopWait\nOK"
- name: Start HANA
ansible.builtin.command: # StartWait will timeout after 600 seconds.
cmd: >-
{{ __sapcontrol }}
-nr {{ sap_hana_install_instance_number }}
-function StartWait 600 10
register: startwait
changed_when: startwait.rc == 0 # Sucessfull output is like "\n24.06.2025 23:38:42\nStart\nOK\n\n24.06.2025 23:39:52\nStartWait\nOK"
tasks:
- name: Assert that required variables are defined
ansible.builtin.assert:
that: "{{ item }} is defined"
fail_msg: >-
The required variable '{{ item }}' is not defined. This variable must be
defined when using this role.
success_msg: >-
The variable '{{ item }}' is defined.
loop:
- 'sap_hana_install_sid'
- 'sap_hana_install_instance_number'
- name: Ensure SAPHanaSR hooks directory exists
ansible.builtin.file:
path: "{{ __hooks_dir }}"
owner: "{{ sap_hana_install_sid | lower }}adm"
group: sapsys
state: directory
mode: '0775'
when: not use_hana_sr_angi | bool
- name: Ensure SAPHanaSR-angi hooks directory exists
ansible.builtin.file:
path: "{{ __hooks_dir_angi }}"
owner: "{{ sap_hana_install_sid | lower }}adm"
group: sapsys
state: directory
mode: '0775'
when: use_hana_sr_angi | bool
- name: Ensure System Replication hooks are installed and configured
notify:
- Stop HANA
- Start HANA Primary
- Start HANA Secondary
block:
# https://documentation.suse.com/sbp/sap-15/html/SLES4SAP-hana-sr-guide-PerfOpt-15/index.html#id-implementing-saphanasr-hook-for-srconnectionchanged
- name: Ensure ha_dr_provider_SAPHanaSR section exists in global.ini
community.general.ini_file:
path: /usr/sap/{{ sap_hana_install_sid }}/SYS/global/hdb/custom/config/global.ini
section: "{{ item.section }}"
option: "{{ item.key }}"
value: "{{ item.value }}"
mode: '0644'
backup: true
loop:
- {'section': 'ha_dr_provider_SAPHanaSR', 'key': 'provider', 'value': 'SAPHanaSR'}
- {'section': 'ha_dr_provider_SAPHanaSR', 'key': 'path', 'value': '{{ __hooks_dir }}'}
- {'section': 'ha_dr_provider_SAPHanaSR', 'key': 'execution_order', 'value': '1'}
- {'section': 'trace', 'key': 'ha_dr_saphanasr', 'value': 'info'}
when: not use_hana_sr_angi | bool
- name: Ensure ha_dr_provider_SAPHanaSR-angi section exists in global.ini
community.general.ini_file:
path: /usr/sap/{{ sap_hana_install_sid }}/SYS/global/hdb/custom/config/global.ini
section: "{{ item.section }}"
option: "{{ item.key }}"
value: "{{ item.value }}"
mode: '0644'
backup: true
loop:
- {'section': 'ha_dr_provider_sushanasr', 'key': 'provider', 'value': 'susHanaSR'}
- {'section': 'ha_dr_provider_sushanasr', 'key': 'path', 'value': '{{ __hooks_dir_angi }}'}
- {'section': 'ha_dr_provider_sushanasr', 'key': 'execution_order', 'value': '1'}
- {'section': 'ha_dr_provider_sustkover', 'key': 'provider', 'value': 'susTkOver'}
- {'section': 'ha_dr_provider_sustkover', 'key': 'path', 'value': '{{ __hooks_dir_angi }}'}
- {'section': 'ha_dr_provider_sustkover', 'key': 'execution_order', 'value': '2'}
- {'section': 'ha_dr_provider_suschksrv', 'key': 'provider', 'value': 'susChkSrv'}
- {'section': 'ha_dr_provider_suschksrv', 'key': 'path', 'value': '{{ __hooks_dir_angi }}'}
- {'section': 'ha_dr_provider_suschksrv', 'key': 'execution_order', 'value': '3'}
- {'section': 'trace', 'key': 'ha_dr_sushanasr', 'value': 'info'}
- {'section': 'trace', 'key': 'ha_dr_suschksrv', 'value': 'info'}
- {'section': 'trace', 'key': 'ha_dr_sustkover', 'value': 'info'}
when: use_hana_sr_angi | bool
- name: Add hooks into sudoers
ansible.builtin.lineinfile:
path: /etc/sudoers.d/HanaSystemReplication
state: present
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
validate: /usr/sbin/visudo -cf %s
create: true
mode: '0440'
loop:
- {'regexp': '^#ANSIBLE MANAGED DOCUMENT', 'line': '#ANSIBLE MANAGED DOCUMENT - no manual edits!'}
- {'regexp': '^Cmnd_Alias SOK_SITEA', 'line': 'Cmnd_Alias SOK_SITEA = /usr/sbin/crm_attribute -n hana_{{ sap_hana_install_sid | lower }}_site_srHook_{{ primary_site }} -v SOK -t crm_config -s SAPHanaSR'}
- {'regexp': '^Cmnd_Alias SFAIL_SITEA ', 'line': 'Cmnd_Alias SFAIL_SITEA = /usr/sbin/crm_attribute -n hana_{{ sap_hana_install_sid | lower }}_site_srHook_{{ primary_site }} -v SFAIL -t crm_config -s SAPHanaSR'}
- {'regexp': '^Cmnd_Alias SOK_SITEB', 'line': 'Cmnd_Alias SOK_SITEB = /usr/sbin/crm_attribute -n hana_{{ sap_hana_install_sid | lower }}_site_srHook_{{ secondary_site }} -v SOK -t crm_config -s SAPHanaSR'}
- {'regexp': '^Cmnd_Alias SFAIL_SITEB', 'line': 'Cmnd_Alias SFAIL_SITEB = /usr/sbin/crm_attribute -n hana_{{ sap_hana_install_sid | lower }}_site_srHook_{{ secondary_site }} -v SFAIL -t crm_config -s SAPHanaSR'}
- {'regexp': '^{{ sap_hana_install_sid | lower }}adm ALL=(ALL) NOPASSWD', 'line': '{{ sap_hana_install_sid | lower }}adm ALL=(ALL) NOPASSWD: SOK_SITEA, SFAIL_SITEA, SOK_SITEB, SFAIL_SITEB'}
when: not use_hana_sr_angi | bool
- name: Add angi hooks into sudoers
ansible.builtin.lineinfile:
path: /etc/sudoers.d/HanaSystemReplication
state: present
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
validate: /usr/sbin/visudo -cf %s
create: true
mode: '0440'
loop:
- {'regexp': '^#ANSIBLE MANAGED DOCUMENT', 'line': '#ANSIBLE MANAGED DOCUMENT - no manual edits!'}
- {'regexp': '^{{ sap_hana_install_sid | lower }}adm ALL=(ALL) NOPASSWD', 'line': '{{ sap_hana_install_sid | lower }}adm ALL=(ALL) NOPASSWD: /usr/sbin/crm_attribute -n hana_{{ sap_hana_install_sid | lower }}_*'}
- {'regexp': '^{{ sap_hana_install_sid | lower }}adm ALL=(ALL) NOPASSWD', 'line': '{{ sap_hana_install_sid | lower }}adm ALL=(ALL) NOPASSWD: /usr/bin/SAPHanaSR-hookHelper --sid={{ sap_hana_install_sid | upper }} *'}
when: use_hana_sr_angi | bool