Skip to content

Commit

Permalink
feat: upgrade terraform-ibm-modules/powervs-instance/ibm version to 1…
Browse files Browse the repository at this point in the history
….0.2 (#534)

---------

Co-authored-by: stafaniasaju <[email protected]>
  • Loading branch information
surajsbharadwaj and stafaniasaju authored Nov 3, 2023
1 parent ba225b6 commit 9eb9e48
Show file tree
Hide file tree
Showing 74 changed files with 2,078 additions and 1,798 deletions.
24 changes: 17 additions & 7 deletions .secrets.baseline
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"files": "go.sum|^.secrets.baseline$",
"lines": null
},
"generated_at": "2023-11-02T14:24:11Z",
"generated_at": "2023-11-02T15:28:02Z",
"plugins_used": [
{
"name": "AWSKeyDetector"
Expand Down Expand Up @@ -87,22 +87,32 @@
"verified_result": null
}
],
"modules/powervs_attach_private_network/README.md": [
"modules/pi-sap-system-type1/README.md": [
{
"hashed_secret": "91199272d5d6a574a51722ca6f3d1148edb1a0e7",
"hashed_secret": "3bd02b996f65f3548c1a0b5d93b00bfa7c88341a",
"is_secret": false,
"is_verified": false,
"line_number": 9,
"line_number": 56,
"type": "Secret Keyword",
"verified_result": null
}
],
"modules/powervs_create_private_network/README.md": [
"solutions/sap-ready-to-go/README.md": [
{
"hashed_secret": "91199272d5d6a574a51722ca6f3d1148edb1a0e7",
"hashed_secret": "3bd02b996f65f3548c1a0b5d93b00bfa7c88341a",
"is_secret": false,
"is_verified": false,
"line_number": 9,
"line_number": 61,
"type": "Secret Keyword",
"verified_result": null
}
],
"solutions/sap-ready-to-go/input.tfvars": [
{
"hashed_secret": "4d82fc4e8ef3a90cebdf3a1fc0e4abab79a41391",
"is_secret": false,
"is_verified": false,
"line_number": 19,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down
80 changes: 40 additions & 40 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<!-- BEGIN MODULE HOOK -->

# SAP on secure Power Virtual Servers Solutions
# IBM Power Virtual Server for SAP HANA solutions

<!-- UPDATE BADGE: Update the link for the badge below-->
[![Graduated (Supported)](https://img.shields.io/badge/status-Graduated%20(Supported)-brightgreen?style=plastic)](https://terraform-ibm-modules.github.io/documentation/#/badge-status)
Expand All @@ -9,10 +9,45 @@
[![latest release](https://img.shields.io/github/v/release/terraform-ibm-modules/terraform-ibm-powervs-sap?logo=GitHub&sort=semver)](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-sap/releases/latest)
[![Renovate enabled](https://img.shields.io/badge/renovate-enabled-brightgreen.svg)](https://renovatebot.com/)

# Table of Contents
1. [Required IAM access policies](#required-iam-access-policies)
2. [Reference architectures](#reference-architectures)
3. [Solutions](#solutions)
## Summary
This repository contains deployable architecture solutions which helps in deploying Power Virtual Server for SAP HANA solutions. The solutions are available in IBM Cloud Catalog and also can be deployed without catalog as well except few solutions.

Three solutions are offered:
1. [IBM catalog PowerVS sap-ready-to-go variation](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-sap/tree/main/solutions/ibm-catalog/sap-ready-to-go)
- Creates and configures 1 HANA instance, 0 to N Netweaver Instances and 1 Optional ShareFS with RHEL or SLES Os distribution. Creates a new private subnet for SAP communication for entire landscape and attaches it to cloud connections(in Non PER DC).
- Optionally configures os network management services(NTP, NFS, and DNS services) using ansible galaxy collection roles [ibm.power_linux_sap collection](https://galaxy.ansible.com/ui/repo/published/ibm/power_linux_sap/).
- Additionally tunes the instances according to SAPs best practices which is fully ready for hosting SAP applications.
2. [PowerVS sap-ready-to-go variation](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-sap/tree/main/solutions/sap-ready-to-go)
- Creates and configures 1 HANA instance, 0 to N Netweaver Instances and 1 Optional ShareFS with RHEL or SLES Os distribution. Creates a new private subnet for SAP communication for entire landscape and attaches it to cloud connections(in Non PER DC).
- Optionally configures os network management services(NTP, NFS, and DNS services) using ansible galaxy collection roles [ibm.power_linux_sap collection](https://galaxy.ansible.com/ui/repo/published/ibm/power_linux_sap/).
- Additionally tunes the instances according to SAPs best practices which is fully ready for hosting SAP applications.
3. [End to End Solution](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-sap/tree/main/solutions/e2e)
- Creates a [Power Virtual Server with vpc landing zone](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/modules/powervs-vpc-landing-zone) which creates a VPC Infrastructure and PowerVS infrastructure. Installs and configures the Squid Proxy, DNS Forwarder, NTP forwarder and NFS on hosts, and sets the host as the server for the NTP, NFS, and DNS services by using ansible galaxy collection roles [ibm.power_linux_sap collection](https://galaxy.ansible.com/ui/repo/published/ibm/power_linux_sap/).
- Creates and configures 1 HANA instance, 0 to N Netweaver Instances and 1 Optional ShareFS with RHEL or SLES Os distribution. Creates a new private subnet for SAP communication for entire landscape and attaches it to cloud connections(in Non PER DC).
- Optionally configures os network management services(NTP, NFS, and DNS services) using ansible galaxy collection roles [ibm.power_linux_sap collection](https://galaxy.ansible.com/ui/repo/published/ibm/power_linux_sap/).
- Additionally tunes the instances according to SAPs best practices which is fully ready for hosting SAP applications.

## Reference architectures
- [IBM catalog PowerVS sap-ready-to-go variation](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-sap/blob/main/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.svg)
- [Power Virtual Server with vpc landing zone](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/blob/main/reference-architectures/full-stack/deploy-arch-ibm-pvs-inf-full-stack.svg)


## Solutions
| Variation | Available on IBM Catalog | Requires Schematics Workspace ID | Creates PowerVS with VPC landing zone | Creates PowerVS HANA Instance | Creates PowerVS NW Instances | Performs PowerVS OS Config | Performs PowerVS SAP Tuning | Install SAP software |
|:---------------------------------------------------------------------------:|:------------------------:|:--------------------------------:|:-------------------------------------:|:-----------------------------:|:----------------------------:|:--------------------------:|:---------------------------:|:--------------------:|
| [ IBM Catalog sap-ready-to-go ]( ./solutions/ibm-catalog/sap-ready-to-go/ ) | :heavy_check_mark: | :heavy_check_mark: | N/A | 1 | 0 to N | :heavy_check_mark: | :heavy_check_mark: | N/A |
| [ sap-ready-to-go ]( ./solutions/sap-ready-to-go/ ) | N/A | N/A | N/A | 1 | 0 to N | :heavy_check_mark: | :heavy_check_mark: | N/A |
| [ End-to-End ]( ./solutions/e2e/ ) | N/A | N/A | :heavy_check_mark: | 1 | 0 to N | :heavy_check_mark: | :heavy_check_mark: | N/A |


<!-- BEGIN OVERVIEW HOOK -->
## Overview
* [terraform-ibm-powervs-sap](#terraform-ibm-powervs-sap)
* [Submodules](./modules)
* [pi-sap-system-type1](./modules/pi-sap-system-type1)
* [Contributing](#contributing)
<!-- END OVERVIEW HOOK -->


## Required IAM access policies

Expand All @@ -34,19 +69,6 @@ You need the following permissions to run this module.

<!-- END MODULE HOOK -->

## Reference architectures

- [SAP Ready to go PowerVS](reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md)


## Solutions

| Variation | Available on IBM Catalog | Requires Schematics Workspace ID | Creates PowerVS HANA Instance | Creates PowerVS NW Instances | Performs PowerVS OS Config | Performs PowerVS SAP Tuning | Install SAP software |
| ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- |
| [sap-ready-to-go](./solutions/ibm-catalog/sap-ready-to-go/) | :heavy_check_mark: | :heavy_check_mark: | 1 | 0 to N | :heavy_check_mark: | :heavy_check_mark: | N/A |
| [sap-ready-to-go](./solutions/sap-ready-to-go/) | N/A | N/A | 1 | 0 to N | :heavy_check_mark: | :heavy_check_mark: | N/A |



<!-- BEGIN CONTRIBUTING HOOK -->
## Contributing
Expand All @@ -55,25 +77,3 @@ You can report issues and request features for this module in GitHub issues in t

To set up your local development environment, see [Local development setup](https://terraform-ibm-modules.github.io/documentation/#/local-dev-setup) in the project documentation.
<!-- END CONTRIBUTING HOOK -->

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
### Requirements

No requirements.

### Modules

No modules.

### Resources

No resources.

### Inputs

No inputs.

### Outputs

No outputs.
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
12 changes: 10 additions & 2 deletions cra-config.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,15 @@
version: "v1"
CRA_TARGETS:
- CRA_TARGET: "solutions/basic"
- CRA_TARGET: "solutions/e2e"
PROFILE_ID: "0e6e7b5a-817d-4344-ab6f-e5d7a9c49520" # SCC profile ID (currently set to the FSCloud 1.4.0 profile).
CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json"
CRA_ENVIRONMENT_VARIABLES:
TF_VAR_prefix: "cra-infra"
TF_VAR_prefix: "cra-sap"
TF_VAR_powervs_zone: "syd05"
TF_VAR_powervs_resource_group_name: "Default"
TF_VAR_landing_zone_configuration: "3VPC_RHEL"
TF_VAR_external_access_ip: "0.0.0.0/0"
TF_VAR_powervs_create_separate_sharefs_instance: false
TF_VAR_os_image_distro: "RHEL"
TF_VAR_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDb8qoH4U47+79ssT6FdsOIxxZY8/oxWc66WPwqHfpjCgDRP3Rc1uq2YEKIRJba2DzNFnf+byinH0O9hwjKZ/3l7HxNtvQZXdCnT79TOT/wGbcHBV8ZUTBkUOx67ryS0F5bKDdMDWdsWkMXkRb8AAsJWLAeuFsfMYQjMBLmvrMsRRB6GG+97jF18ghqHjuBTX1FNF9fcytEaz7WfP8KrgSYRcQOauIVlMJyOmh3gZl84u14SXwQKhQrdvqt47ZErKH+fbsgxfOvvmYgr5RktKjbmi+lyBkxRM7//BaKcPw5saThf1MiEesJxIqyL16DW9LXdWei74xHNuF65K03y975Qr9CtPkr1rGgxwU2ksqLy1NN5TnF4erd1VSuLZ5BLov7JRJ2K17ttt0agp9VmkjRFIivOek= some-user@testing-box"
TF_VAR_ssh_private_key: "some_key"
6 changes: 6 additions & 0 deletions cra-tf-validate-ignore-rules.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
"description": "Check whether Cloud Object Storage network access is restricted to a specific IP range",
"ignore_reason": "In order for this rule to pass, Context Based Restrictions (CBRs) support needs to be added to the module (tracking in https://github.ibm.com/GoldenEye/issues/issues/5626). Even after that is added, there is still a dependency on SCC to support scanning for CBR rules. SCC CBR support is being tracked in https://github.ibm.com/project-fortress/pm/issues/11800.",
"is_valid": true
},
{
"scc_rule_id": "rule-216e2449-27d7-4afc-929a-b66e196a9cf9",
"description": "Check whether Flow Logs for VPC are enabled",
"ignore_reason": "In order for this rule to pass, Context Based Restrictions (CBRs) support needs to be added to the module (tracking in https://github.ibm.com/GoldenEye/issues/issues/5626). Even after that is added, there is still a dependency on SCC to support scanning for CBR rules. SCC CBR support is being tracked in https://github.ibm.com/project-fortress/pm/issues/11800.",
"is_valid": true
}
]
}
58 changes: 40 additions & 18 deletions ibm_catalog.json
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@
"id": "2dd486c7-b317-4aaa-907b-42671485ad96-global",
"name": "deploy-arch-ibm-pvs-inf",
"install_type": "fullstack",
"version": ">=1.0.0"
"version": ">=3.0.0"
}
],
"configuration": [
Expand All @@ -67,7 +67,7 @@
"catalogID": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc",
"flavorConstraint": "powervs-workspace",
"offeringID": "2dd486c7-b317-4aaa-907b-42671485ad96-global",
"versionConstraint": ">=1.0.0"
"versionConstraint": ">=3.0.0"
},
"grouping": "deployment",
"original_grouping": "deployment",
Expand Down Expand Up @@ -129,7 +129,7 @@
"value": "us-south"
},
{
"displayname": "Dallas 10 (dal10)",
"displayname": "Dallas 10 (dal10) PER",
"value": "dal10"
},
{
Expand Down Expand Up @@ -169,15 +169,16 @@
"custom_config": {}
},
{
"key": "powervs_create_separate_fs_share",
"required": true
"key": "powervs_create_separate_sharefs_instance",
"required": true,
"default_value": ""
},
{
"key": "powervs_hana_instance_name",
"required": true
},
{
"key": "powervs_hana_sap_profile_id",
"key": "powervs_hana_instance_sap_profile_id",
"required": true
},
{
Expand Down Expand Up @@ -221,19 +222,44 @@
"required": true
},
{
"key": "powervs_share_storage_config"
"key": "powervs_hana_instance_custom_storage_config",
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
"type": "json_editor"
}
},
{
"key": "powervs_hana_custom_storage_config"
"key": "powervs_hana_instance_additional_storage_config",
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
"type": "json_editor"
}
},
{
"key": "powervs_hana_additional_storage_config"
"key": "powervs_netweaver_instance_storage_config",
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
"type": "json_editor"
}
},
{
"key": "powervs_netweaver_storage_config"
"key": "powervs_sharefs_instance",
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
"type": "json_editor"
}
},
{
"key": "powervs_default_images"
"key": "powervs_default_sap_images",
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
"type": "json_editor"
}
}
],
"outputs": [
Expand All @@ -256,7 +282,7 @@
"key": "powervs_netweaver_instance_management_ips"
},
{
"key": "powervs_share_fs_ips"
"key": "powervs_sharefs_instance_ips"
},
{
"key": "powervs_lpars_data"
Expand Down Expand Up @@ -296,15 +322,11 @@
},
{
"title": "PowerVS instances",
"description": "SAP HANA Instance: One\n\nSAP NetWeaver Instances: 0,1..N\n\nShared SAP Instance: 0 or 1"
"description": "SAP HANA Instance: 1\n\nSAP NetWeaver Instances: 0,1..N\n\nShared SAP Instance: 0 or 1"
},
{
"title": "Power Virtual Server with VPC landing zone",
"description": "Available"
},
{
"title": "Secure infrastructure on VPC for regulated industries",
"description": "Available"
}
],
"diagrams": [
Expand All @@ -314,7 +336,7 @@
"url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-sap/main/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.svg",
"type": "image/svg+xml"
},
"description": "'SAP ready PowerVS' variation of 'SAP on secure Power Virtual Servers' creates a basic and expandable SAP system landscape builds on the foundation of the 'Secure infrastructure on VPC for regulated industries' and 'Power Virtual Server with VPC landing zone'. PowerVS instances for SAP HANA, SAP NetWeaver and optionally for shared SAP files are deployed and preconfigured for SAP installation.\n\nServices such as DNS, NTP and NFS running in VPC and provided by 'Power Virtual Server with VPC landing zone' are leveraged.\n\nRedundant IBM Cloud Connections provide the network bridge between the IBM Power infrastructure and the IBM VPC and public internet.\n\nThe resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management from the 'Secure infrastructure on VPC for regulated industries' and the network connectivity configuration provided by 'Power Virtual Server with VPC landing zone'."
"description": "'SAP ready PowerVS' variation of 'SAP on secure Power Virtual Servers' creates a basic and expandable SAP system landscape builds on the foundation of the 'Power Virtual Server with VPC landing zone'. PowerVS instances for SAP HANA, SAP NetWeaver and optionally for shared SAP files are deployed and preconfigured for SAP installation.\n\nServices such as DNS, NTP and NFS running in VPC and provided by 'Power Virtual Server with VPC landing zone' are leveraged.\n\nRedundant IBM Cloud Connections provide the network bridge between the IBM Power infrastructure and the IBM VPC and public internet.\n\nThe resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management from the 'Secure infrastructure on VPC for regulated industries' and the network connectivity configuration provided by 'Power Virtual Server with VPC landing zone'."
}
]
}
Expand Down
Loading

0 comments on commit 9eb9e48

Please sign in to comment.