End-to-end solution: Power Virtual Server with VPC landing zone including Power Virtual Server for SAP HANA instances
The end-to-end solution automates the following tasks:
-
A VPC Infrastructure with the following components:
- One VSI for one management (jump/bastion) VSI,
- One VSI for network-services configured as squid proxy, NTP and DNS servers(using Ansible Galaxy collection roles ibm.power_linux_sap collection. This VSI also acts as central ansible execution node.
- Client to site VPN server
- File storage share
- Application load balancer
- IBM Cloud Object storage(COS) Virtual Private endpoint gateway(VPE)
- IBM Cloud Object storage(COS) Instance and buckets
- VPC flow logs
- KMS keys
- Activity tracker
-
A local transit gateway
-
A Power Virtual Server workspace with the following network topology:
- Creates two private networks: a management network and a backup network.
- Attaches the PowerVS workspace to transit gateway.
- Creates an SSH key.
- Imports catalog stock images.
-
Finally, interconnects both VPC and PowerVS infrastructure.
-
Power Virtual Server Instances
- Creates a new private subnet for SAP communication for the entire landscape.
- Creates and configures one PowerVS instance for SAP HANA based on best practices.
- Creates and configures multiple PowerVS instances for SAP NetWeaver based on best practices.
- Creates and configures one optional PowerVS instance for sharing SAP files between other system instances.
- Connects all created PowerVS instances to a proxy server specified by IP address or hostname.
- Optionally connects all created PowerVS instances to an NTP server and DNS forwarder specified by IP address or hostname.
- Optionally configures a shared NFS directory on all created PowerVS instances.
- Post-instance provisioning, Ansible Galaxy collection roles from IBM are executed:
power_linux_sap
. - Tested with RHEL8.4,/8.6/8.8/9.2, SLES15-SP3/SP5 images.
- Does not install any SAP softwares or solutions.
- Filesystem sizes for HANA data and HANA log are calculated automatically based on the memory size. Custom storage configuration is also supported.
- If sharefs instance is enabled, then all filesystems provisioned for sharefs instance will be NFS exported and mounted on all NetWeaver Instances.
- Do not specify a filesystem
/sapmnt
explicitly for NetWeaver instance as, it is created internally when sharefs instance is not enabled.
Variation | Available on IBM Catalog | Requires Schematics Workspace ID | Creates PowerVS with VPC landing zone | Creates PowerVS HANA Instance | Creates PowerVS NW Instances | Performs PowerVS OS Config | Performs PowerVS SAP Tuning | Install SAP software |
---|---|---|---|---|---|---|---|---|
End-to-End | N/A | N/A | ✔️ | 1 | 0 to N | ✔️ | ✔️ | N/A |
Name | Version |
---|---|
terraform | >= 1.9.0 |
ibm | 1.74.0 |
time | 0.12.1 |
Name | Source | Version |
---|---|---|
powervs_infra | terraform-ibm-modules/powervs-infrastructure/ibm//modules/powervs-vpc-landing-zone | 8.1.1 |
sap_system | ../../modules/pi-sap-system-type1 | n/a |
Name | Type |
---|---|
time_sleep.wait_15_mins | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
configure_dns_forwarder | Specify if DNS forwarder will be configured. This will allow you to use central DNS servers (e.g. IBM Cloud DNS servers) sitting outside of the created IBM PowerVS infrastructure. If yes, ensure 'dns_forwarder_config' optional variable is set properly. DNS forwarder will be installed on the network-services vsi. | bool |
true |
no |
configure_nfs_server | Specify if NFS server will be configured. This will allow you easily to share files between PowerVS instances (e.g., SAP installation files). NFS server will be installed on the network-services vsi. If yes, ensure 'nfs_server_config' optional variable is set properly below. Default value is 200GB which will be mounted on /nfs. | bool |
true |
no |
configure_ntp_forwarder | Specify if NTP forwarder will be configured. This will allow you to synchronize time between IBM PowerVS instances. NTP forwarder will be installed on the network-services vsi. | bool |
true |
no |
external_access_ip | Specify the IP address or CIDR to login through SSH to the environment after deployment. Access to this environment will be allowed only from this IP address. | string |
n/a | yes |
ibmcloud_api_key | The IBM Cloud platform API key needed to deploy IAM enabled resources. | string |
n/a | yes |
os_image_distro | Image distribution to use for all instances(Shared, HANA, NetWeaver). OS release versions may be specified in 'var.powervs_default_images' optional parameters below. | string |
n/a | yes |
powervs_create_separate_sharefs_instance | Deploy separate IBM PowerVS instance as central file system share. All filesystems defined in 'powervs_sharefs_instance_storage_config' variable will be NFS exported and mounted on NetWeaver PowerVS instances if enabled. Optional parameter 'powervs_share_fs_instance' can be configured if enabled. | bool |
n/a | yes |
powervs_default_sap_images | Default SUSE and Red Hat Linux images to use for SAP HANA and SAP NetWeaver PowerVS instances. | object({ |
{ |
no |
powervs_hana_instance | SAP HANA hostname (non FQDN) will get the form of <var.prefix>-<var.pi_hana_instance_name>. SAP HANA profile to use. Must be one of the supported profiles. See here. File system sizes are automatically calculated. Override automatic calculation by setting values in optional 'pi_hana_instance_custom_storage_config' parameter. 'additional_storage_config' additional file systems to be created and attached to PowerVS instance for SAP HANA. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | object({ |
{ |
no |
powervs_hana_instance_custom_storage_config | Custom File systems to be created and attached to PowerVS instance for SAP HANA. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | list(object({ |
[ |
no |
powervs_netweaver_instance | 'instance_count' is number of SAP NetWeaver instances that should be created. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | object({ |
{ |
no |
powervs_resource_group_name | Existing IBM Cloud resource group name. | string |
n/a | yes |
powervs_sap_network_cidr | Additional private subnet for SAP communication which will be created. CIDR for SAP network. E.g., '10.53.0.0/24' | string |
"10.53.0.0/24" |
no |
powervs_sharefs_instance | Share fs instance. This parameter is effective if 'powervs_create_separate_sharefs_instance' is set to true. size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | object({ |
{ |
no |
powervs_zone | IBM Cloud data center location where IBM PowerVS infrastructure will be created. | string |
n/a | yes |
prefix | A unique identifier for resources. Must begin with a lowercase letter and end with a lowercase letter or number. This prefix will be prepended to any resources provisioned by this template. | string |
n/a | yes |
sap_domain | SAP domain to be set for entire landscape. | string |
"sap.com" |
no |
ssh_private_key | Private SSH key (RSA format) used to login to IBM PowerVS instances. Should match to the public SSH key referenced by 'ssh_public_key' which was created previously. The key is temporarily stored and deleted. For more information about SSH keys, see SSH keys. | string |
n/a | yes |
ssh_public_key | Public SSH Key for VSI creation. Must be an RSA key with a key size of either 2048 bits or 4096 bits (recommended). Must be a valid SSH key that does not already exist in the deployment region. | string |
n/a | yes |
Name | Description |
---|---|
access_host_or_ip | Access host(jump/bastion) for created PowerVS infrastructure. |
dns_host_or_ip | DNS forwarder host for created PowerVS infrastructure. |
nfs_host_or_ip_path | NFS host for created PowerVS infrastructure. |
ntp_host_or_ip | NTP host for created PowerVS infrastructure. |
powervs_backup_subnet | Name, ID and CIDR of backup private network in created PowerVS infrastructure. |
powervs_hana_instance_ips | All private IPS of HANA instance |
powervs_hana_instance_management_ip | Management IP of HANA Instance |
powervs_images | Object containing imported PowerVS image names and image ids. |
powervs_lpars_data | All private IPS of PowerVS instances and Jump IP to access the host. |
powervs_management_subnet | Name, ID and CIDR of management private network in created PowerVS infrastructure. |
powervs_netweaver_instance_ips | All private IPS of NetWeaver instances |
powervs_netweaver_instance_management_ips | Management IPS of NetWeaver instances |
powervs_resource_group_name | IBM Cloud resource group where PowerVS infrastructure is created. |
powervs_share_fs_ips | Private IPs of the Share FS instance. |
powervs_ssh_public_key | SSH public key name and value in created PowerVS infrastructure. |
powervs_workspace_guid | PowerVS infrastructure workspace guid. The GUID of the resource instance. |
powervs_workspace_id | PowerVS infrastructure workspace id. The unique identifier of the new resource instance. |
powervs_workspace_name | PowerVS infrastructure workspace name. |
powervs_zone | Zone where PowerVS infrastructure is created. |
prefix | The prefix that is associated with all resources |
proxy_host_or_ip_port | Proxy host:port for created PowerVS infrastructure. |
ssh_public_key | The string value of the ssh public key used when deploying VPC |
transit_gateway_id | The ID of transit gateway. |
transit_gateway_name | The name of the transit gateway. |
vpc_names | A list of the names of the VPC. |
vsi_list | A list of VSI with name, id, zone, and primary ipv4 address, VPC Name, and floating IP. |
vsi_names | A list of the vsis names provisioned within the VPCs. |