Skip to Content
Technical Articles

Automating your SAP HANA and S/4HANA by SAP deployments using Ansible – Part 3

The goal for this blog post series is to show how we can make SAP Solutions deployments easy and reliable using Ansible automation.

In the previous blog post, we explained what ‘Red Hat Enterprise Linux System Roles for SAP’ are and how we can use those to prepare the RHEL hosts where to run SAP workloads and cover all the required SAP Notes automatically and supported by Red Hat.

In this blog post, we are going to focus on the ‘Community Roles for SAP’. These are community maintained Ansible Roles to cover SAP HANA or SAP NetWeaver software lifecycle in Red Hat Enterprise Linux.

These roles live under Red Hat’s CoP (Communities of Practices) for SAP GitHub Organization and they are available in Ansible Galaxy as well. If you want to learn more about Red Hat’s Communities of Practice check the following blogs posted by Tracy Buckner, Project Manager for Communities of Practice at Red Hat.

We are working continuously on improving these Roles, taking requirements and best practices from the field. We have focused initially on the deployment aspect for both SAP HANA or SAP NetWeaver software in order to be able to give an end to end deployment experience while using these roles, but we are targeting different scopes in the future to cover things like ‘Day 2 Operations’ and others.

With this in mind, I am going to explain here which Roles can be used to automatically deploy both SAP HANA or SAP NetWeaver software on Red Hat Enterprise Linux.

Existing Ansible Roles and what they solve

If you are interested in using these Ansible Roles, a detailed explanation of how they should be used can be found in the ‘README.md’ file for each Role’s GitHub repository. During this post, I am going to briefly explain what these Roles do and identify which ones are the required Roles to create an end to end deployment pipeline for both SAP HANA and SAP NetWeaver software.

Role ‘redhat_sap.sap_rhsm’

This Ansible Role will ensure that your Red Hat Enterprise Linux Server is properly registered to the Red Hat Network or your internal Red Hat Satellite Server. It will also ensure that required repositories for ‘RHEL for SAP Solutions’ are attached to the Red Hat Enterprise Linux Host, and finally, it will ensure the Host has been registered with Red Hat Insights.

You should use this Role as the first Role in your end to end pipeline to ensure the system is registered and all the required repositories are attached to install any required package in the system.

Role ‘redhat_sap.sap_hostagent’

This Ansible Role will ensure that SAP Host Agent is installed and running in your Host. The role supports selecting from different source types while deploying the agent. This role is meant to be used just before both SAP HANA and SAP Netweaver software is installed.

Role ‘redhat_sap.sap_hana_deployment’

This Ansible Role will ensure SAP HANA is installed in the target host(s). Despite of the “standard” way of installing SAP HANA where a user manually adds information to multiple GUI dialogues from the installer, this role will generate the required responses from your Ansible inventory variables to create an unattended and automated installation of SAP HANA.

This role can be used as part of your end to end pipeline as the last stage for the SAP HANA hots(s) where the hots(s) has been already preconfigured to follow all the specific SAP Notes required for installing the SAP HANA software.

Role ‘redhat_sap.sap_s4hana_deployment’

This Ansible Role will ensure S/4HANA by SAP is installed in the target host(s). Despite of the “standard” way of installing S/4HANA by SAP where a user manually adds information to multiple GUI dialogues from the installer, this role will generate the required responses from your Ansible inventory variables to create an unattended and automated installation of S/4HANA by SAP.

This role can be used as part of your end to end pipeline as the last stage for the S/4HANA by SAP host(s) where the host(s) has been already preconfigured to follow all the specific SAP Notes required for installing the SAP Netweaver software, and just after the SAP HANA software has been deployed as a running SAP HANA instance is required in order to deploy S/4HANA by SAP.

An example of an Ansible Inventory to be used with these Roles

Once we are familiar with these community Ansible Roles, I am going to put an example of an Ansible Inventory that can be used with these Ansible Roles to automatically deploy SAP HANA and S/4HANA by SAP in our RHEL hosts.

In the following example, I am going to cover the specific Inventory variables required for the mentioned Ansible Roles, and not variables required to be used with the supported ‘System Roles’. In the next blog post of these series, I will use a full end to end example, using both community-supported and Red Hat supported Ansible Roles for SAP.

Inventory layout and variables

As explained during the ‘Part 1’ of this post series, the Inventory structure for Ansible is very flexible, this is one example of a valid Ansible Inventory. This is a very opinionated example where I am keeping variables on different scopes depending on which elements of the Inventory are going to consume those, but you can easily adapt this to your preferred layout and strategy while defining inventories for Ansible.

The Ansible Inventory layout looks like this:

$ tree
.
├── group_vars
│   └── sapservers.yml
├── host_vars
│   ├── rhel01.yml
│   └── rhel02.yml
└── hosts

Where the ‘hosts’ file will group different host groups and will have the required information for both the HANA host (rhel02) and the S/4HANA host (rhel01):

[sapservers:children]
hana
netweaver

[hana]
rhel02

[netweaver]
rhel01

Using the ‘sapservers’ group I am defining the variables that are common to ‘hana’ and ‘netweaver’ groups. These variables will be used whenever an Ansible Playbook executes Plays in ‘rhel02’ or ‘rhel01’ hosts, for example, the ‘redhat_sap.sap_hostagent’ Ansible Role, to ensure the SAP Host Agent is installed in both hosts:

$ cat group_vars/sapservers.yml
sap_hostagent_installation_type: "rpm"
sap_hostagent_rpm_remote_path: "/software/SAPHOSTAGENT"
sap_hostagent_rpm_file_name: "saphostagentrpm_44-20009394.rpm"
sap_rhsm_username: "myrhsmuser"
sap_rhsm_password: "myrhsmpassword"
sap_rhsm_pools_ids:
  - “mypoolidinfo”

Next, I am defining specific variables to be used for SAP HANA deployment in ‘rhel02’ which is the host selected to deploy SAP HANA in this example:

$ cat host_vars/rhel02.yml
sap_hana_deployment_bundle_path: /software/HANA_installation
sap_hana_deployment_bundle_sar_file_name: IMDB_SERVER20_046_0-80002031.SAR
sap_hana_deployment_sapcar_path: /software/SAPCAR
sap_hana_deployment_sapcar_file_name: SAPCAR_1311-80000935.EXE
sap_hana_deployment_root_password: "mysecretpassword"
sap_hana_deployment_sapadm_password: "mysecretpassword"
sap_hana_deployment_hana_sid: RHE
sap_hana_deployment_hana_instance_number: "00"
sap_hana_deployment_hana_env_type: development
sap_hana_deployment_hana_mem_restrict: "n"
sap_hana_deployment_common_master_password: "mysecretpassword"
sap_hana_deployment_sidadm_password: "mysecretpassword"
sap_hana_deployment_hana_db_system_password: "mysecretpassword"
sap_hana_deployment_ase_user_password: "mysecretpassword"
sap_hana_deployment_apply_license: false

And finally, variables to be used for S/4HANA deployment in ‘rhel01’ which is the host selected to deploy S/4HANA by SAP in this example:

$ cat host_vars/rhel01.yml
sap_s4hana_deployment_product_id: "NW_ABAP_OneHost:S4HANA1909.CORE.HDB.ABAP"
sap_s4hana_deployment_sapcar_path: "/software/SAPCAR"
sap_s4hana_deployment_sapcar_file_name: "SAPCAR_1311-80000935.EXE"
sap_s4hana_deployment_swpm_path: "/software/S4HANA_installation"
sap_s4hana_deployment_swpm_sar_file_name: "SWPM20SP04_6-80003424.SAR"
sap_s4hana_deployment_db_schema_password: "mysecretpassword"
sap_s4hana_deployment_db_schema_abap_password: "mysecretpassword"
sap_s4hana_deployment_master_password: "mysecretpassword"
sap_s4hana_deployment_hana_systemdb_password: "mysecretpassword"
sap_s4hana_deployment_sid: "RHE"
sap_s4hana_deployment_db_host: "rhel02"
sap_s4hana_deployment_db_sid: "RHE"
sap_s4hana_deployment_hana_instance_nr: "00"
sap_s4hana_deployment_hana_system_password: "mysecretpassword"
sap_s4hana_deployment_parallel_jobs_nr: "30"
sap_s4hana_deployment_db_sidadm_password: "mysecretpassword"
sap_s4hana_deployment_igs_path: "/software/S4HANA_installation"
sap_s4hana_deployment_igs_file_name: "igsexe_9-80003187.sar"
sap_s4hana_deployment_igs_helper_path: "/software/S4HANA_installation"
sap_s4hana_deployment_igs_helper_file_name: "igshelper_17-10010245.sar"
sap_s4hana_deployment_kernel_dependent_path: "/software/S4HANA_installation"
sap_s4hana_deployment_kernel_dependent_file_name: "SAPEXEDB_201-80003385.SAR"
sap_s4hana_deployment_kernel_independent_path: "/software/S4HANA_installation"
sap_s4hana_deployment_kernel_independent_file_name: "SAPEXE_201-80003386.SAR"
sap_s4hana_deployment_software_path: "/software/S4HANA_installation"
sap_s4hana_deployment_sapadm_password: "mysecretpassword"
sap_s4hana_deployment_sap_sidadm_password: "mysecretpassword"

 

Ansible Playbook

Once we have the Ansible Inventory ready, we can create our Ansible Playbook to use these Ansible Roles with the Inventory.

As mentioned before, this is a subset of the final “picture” to cover an end to end pipeline deployment which will be fully covered in the next blog post of these post series.

If you have followed previous posts, you know at this point we are using a ‘requirements’ file for our Playbook to satisfy all the Ansible Role dependencies to be used on the Playbook. Similar to the previous post example, we define this ‘requirements’ file as follows:

$ cat requirements.yml
# From Ansible Galaxy
- name: redhat_sap.sap_rhsm
- name: redhat_sap.sap_hostagent
- name: redhat_sap.sap_hana_deployment
- name: redhat_sap.sap_s4hana_deployment

And using ‘ansible-galaxy’ CLI we will pull all the required Roles locally:

$ ansible-galaxy install -r requirements.yml -p roles
- downloading role 'sap_rhsm', owned by redhat_sap
- downloading role from https://github.com/redhat-sap/sap-rhsm/archive/master.tar.gz
- extracting redhat_sap.sap_rhsm to /Users/mak/GIT/sap-blog-iii/roles/redhat_sap.sap_rhsm
- redhat_sap.sap_rhsm (master) was installed successfully
- downloading role 'sap_hostagent', owned by redhat_sap
- downloading role from https://github.com/redhat-sap/sap-hostagent/archive/master.tar.gz
- extracting redhat_sap.sap_hostagent to /Users/mak/GIT/sap-blog-iii/roles/redhat_sap.sap_hostagent
- redhat_sap.sap_hostagent (master) was installed successfully
- downloading role 'sap_hana_deployment', owned by redhat_sap
- downloading role from https://github.com/redhat-sap/sap-hana-deployment/archive/master.tar.gz
- extracting redhat_sap.sap_hana_deployment to /Users/mak/GIT/sap-blog-iii/roles/redhat_sap.sap_hana_deployment
- redhat_sap.sap_hana_deployment (master) was installed successfully
- downloading role 'sap_s4hana_deployment', owned by redhat_sap
- downloading role from https://github.com/redhat-sap/sap-s4hana-deployment/archive/master.tar.gz
- extracting redhat_sap.sap_s4hana_deployment to /Users/mak/GIT/sap-blog-iii/roles/redhat_sap.sap_s4hana_deployment
- redhat_sap.sap_s4hana_deployment (master) was installed successfully

And validate that required Roles have been pulled:

$ tree -L 1 roles
roles
├── redhat_sap.sap_hana_deployment
├── redhat_sap.sap_hostagent
├── redhat_sap.sap_rhsm
└── redhat_sap.sap_s4hana_deployment

We are in a position to use these Roles with our Inventory now. To do this, we are going to create an Ansible Playbook as we have done on previous posts:

$ cat sap-deploy.yml
---
- hosts: sapservers
  roles:
    - { role: redhat_sap.sap_rhsm }
    - { role: redhat_sap.sap_hostagent }

- hosts: hana
  roles:
    - { role: redhat_sap.sap_hana_deployment }

- hosts: netweaver
  roles:
    - { role: redhat_sap.sap_s4hana_deployment }

Once we have created the required pieces (Ansible Inventory and Ansible Playbook) and the required Ansible Roles have been pulled locally, we can go ahead and use the ‘sap-deploy’ Ansible Playbook to deploy both SAP HANA and S/4HANA by SAP in our hosts:

$ tree -L 1
.
├── group_vars
├── host_vars
├── hosts
├── requirements.yml
├── roles
└── sap-deploy.yml
$ ansible-playbook -i hosts sap-deploy.yml

PLAY [sapservers] ****************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************************************************************************
ok: [rhel02]
ok: [rhel01]

TASK [redhat_sap.sap_rhsm : Unregister the system if already registered - if this is a force re-registration] ********************************************************************************************************************************
changed: [rhel01] => (item=subscription-manager clean)
changed: [rhel02] => (item=subscription-manager clean)
changed: [rhel01] => (item=subscription-manager remove --all)
changed: [rhel02] => (item=subscription-manager remove --all)
changed: [rhel02] => (item=yum remove -y "katello-ca-consumer-*")
changed: [rhel01] => (item=yum remove -y "katello-ca-consumer-*")

TASK [redhat_sap.sap_rhsm : Install Satellite certificate (if applicable)] *******************************************************************************************************************************************************************
changed: [rhel02]
changed: [rhel01]

TASK [redhat_sap.sap_rhsm : Register system using Red Hat Subscription Manager] **************************************************************************************************************************************************************
skipping: [rhel02]
skipping: [rhel01]
…
…
…

As I mentioned previously, this is just an extract of the end to end requirements while deploying SAP HANA and S/4HANA by SAP. In the next post of this series, a detailed example for an end to end Pipeline using both Ansible and Ansible Tower will be explained where we will use both ‘System Roles’ supported by Red Hat and the Community Roles together.

Conclusion

Everything as Code’ is a very powerful engineering practice while adopting DevOps in your organization. This is possible for teams looking after SAP landscapes as well, and Ansible is a very powerful Automation solution for this as we have explained in this blog post series.

Using Ansible for your SAP landscape will allow your team to deploy and manage your SAP workloads more efficiently and in a more reliable way, removing human errors and ensuring your SAP software is deployed in a consistent and repeatable way across DEV, QA and PROD environments.

Blog Post Series references

If you missed any previous posts from this series, check the following links:

3 Comments
You must be Logged on to comment or reply to a post.
    • Hi Jochen, the short answer is yes, they are, but let me elaborate on that. As explained during ‘Part 2’ and ‘Part 3’ of this blog post series there are 2 different Ansible Role “types”:

      1. Red Hat Enterprise Linux System Roles for SAP, which are supported by Red Hat and those cover all the host preparation required (following SAP Notes) to be done in order to deploy SAP HANA or SAP NetWeaver software. You can find these Ansible Roles to automatically do this here –> sap-preconfigure, sap-hana-preconfigure and sap-netweaver-preconfigure. These are the upstream repositories and any Customer can install those coming as packages as part of the ‘RHEL for SAP Solutions’ subscription.
      2. Red Hat Community Roles for SAP, which are community supported developed by Red Hat’s Community of Practice for SAP and other contributors. You can find these Ansible Roles to extend what the supported Roles can do here.

      Using these Roles we can achieve an end to end automation for SAP HANA and S/4HANA by SAP in RHEL. On my next post, I’ll showcase how to use all these together to create a Workflow in Ansible Tower.