diff --git a/Webapp/SDAF/Models/EnvironmentModel.cs b/Webapp/SDAF/Models/EnvironmentModel.cs
index b6588125ec..2fd83a75ed 100644
--- a/Webapp/SDAF/Models/EnvironmentModel.cs
+++ b/Webapp/SDAF/Models/EnvironmentModel.cs
@@ -42,7 +42,7 @@ public class Variables
public class Variable
{
- public string? value { get; set; }
+ public string value { get; set; }
[JsonIgnore]
public bool? isSecret { get; set; }
[JsonIgnore]
diff --git a/Webapp/SDAF/SDAFWebApp.csproj b/Webapp/SDAF/SDAFWebApp.csproj
index 8e64b487b3..75e4b08868 100644
--- a/Webapp/SDAF/SDAFWebApp.csproj
+++ b/Webapp/SDAF/SDAFWebApp.csproj
@@ -20,7 +20,7 @@
-
+
diff --git a/deploy/ansible/playbook_04_00_00_db_install.yaml b/deploy/ansible/playbook_04_00_00_db_install.yaml
index cc2eec14ee..ea498a1fd4 100644
--- a/deploy/ansible/playbook_04_00_00_db_install.yaml
+++ b/deploy/ansible/playbook_04_00_00_db_install.yaml
@@ -356,7 +356,7 @@
ansible.builtin.include_role:
name: roles-db/4.0.0-hdb-install
when:
- - not db_scale_out
+ - not database_scale_out
- name: "Database Installation Playbook: - Clear the failed state of hosts"
ansible.builtin.meta: clear_host_errors
@@ -365,7 +365,7 @@
# ansible.builtin.include_role:
# name: roles-sap-os/2.6-sap-mounts
# when:
- # - db_scale_out | default(false) == true
+ # - database_scale_out | default(false) == true
- name: "Database Installation Playbook: - run HANA Scale-Out installation"
ansible.builtin.include_role:
diff --git a/deploy/ansible/playbook_05_01_sap_dbload.yaml b/deploy/ansible/playbook_05_01_sap_dbload.yaml
index 0f6c844a75..bfbf23d2f7 100644
--- a/deploy/ansible/playbook_05_01_sap_dbload.yaml
+++ b/deploy/ansible/playbook_05_01_sap_dbload.yaml
@@ -78,6 +78,10 @@
- name: "DBLoad Playbook: - Perform DB Load on HANA"
become: true
become_user: root
+ when:
+ - platform == 'HANA'
+ - "'pas' in supported_tiers"
+ - ansible_os_family != "Windows"
block:
- name: "DBLoad Playbook: - Setting the dbload facts"
ansible.builtin.set_fact:
@@ -97,13 +101,6 @@
tags:
- always
-
- - name: "DBLoad Playbook: - Mounting"
- ansible.builtin.include_role:
- name: roles-sap-os/2.6-sap-mounts
- tags:
- - 2.6-sap-mounts
-
- name: "DBLoad Playbook: Define this SID"
ansible.builtin.set_fact:
this_sid:
@@ -120,6 +117,28 @@
ansible.builtin.set_fact:
all_sids: "{% if MULTI_SIDS is defined %}{{ MULTI_SIDS }}{% else %}{{ all_sids | default([]) + [this_sid] }}{% endif %}"
+ - name: Generic Users and Groups for SAP Installation
+ ansible.builtin.include_role:
+ name: roles-sap-os/2.5-sap-users
+ tasks_from: user_nw.yaml
+ vars:
+ scs_instance_number: "{{ sid_to_be_deployed.ascs_inst_no }}"
+ tier: generic
+ main_password: "{{ hostvars.localhost.sap_password }}"
+ sapbits_location_base_path: "{{ hostvars.localhost.sapbits_location_base_path }}"
+ sapbits_sas_token: "{{ hostvars.localhost.sapbits_sas_token }}"
+ loop: "{{ all_sids }}"
+ loop_control:
+ loop_var: sid_to_be_deployed
+ tags:
+ - 2.5-sap-users
+
+ - name: "DBLoad Playbook: - Mounting"
+ ansible.builtin.include_role:
+ name: roles-sap-os/2.6-sap-mounts
+ tags:
+ - 2.6-sap-mounts
+
- name: Run the DBLoad Playbook
block:
- name: "DBLoad Playbook: - Run DBLoad"
@@ -170,11 +189,6 @@
tags:
- 5.1-dbload
- when:
- - platform == 'HANA'
- - "'pas' in supported_tiers"
- - ansible_os_family != "Windows"
-
# /*----------------------------------------------------------------------------8
# | |
# | Playbook for Oracle DB Load |
diff --git a/deploy/ansible/roles-sap-os/2.6-sap-mounts/tasks/2.6.1-anf-mounts.yaml b/deploy/ansible/roles-sap-os/2.6-sap-mounts/tasks/2.6.1-anf-mounts.yaml
index 8cd6cdac43..088d0734a6 100644
--- a/deploy/ansible/roles-sap-os/2.6-sap-mounts/tasks/2.6.1-anf-mounts.yaml
+++ b/deploy/ansible/roles-sap-os/2.6-sap-mounts/tasks/2.6.1-anf-mounts.yaml
@@ -386,6 +386,14 @@
- node_tier != 'hana'
- sap_mnt is defined
+- name: "ANF Mount: Set Permissons on /sapmnt directory"
+ ansible.builtin.file:
+ owner: '{{ sidadm_uid }}'
+ group: sapsys
+ path: "/sapmnt/{{ sap_sid | upper }}"
+ state: directory
+ recurse: true
+
- name: "ANF Mount: usr/sap/{{ sap_sid | upper }}/SYS"
ansible.posix.mount:
src: "{{ item.src }}"
diff --git a/deploy/ansible/vars/ansible-input-api.yaml b/deploy/ansible/vars/ansible-input-api.yaml
index 85df0c5291..aad2619ee0 100644
--- a/deploy/ansible/vars/ansible-input-api.yaml
+++ b/deploy/ansible/vars/ansible-input-api.yaml
@@ -5,7 +5,7 @@ become_user_name: root
oracle_user_name: oracle
orchestration_ansible_user: azureadm
# ------------------- Begin - SDAF Ansible Version ---------------------------8
-SDAF_Version: "3.12.0.0"
+SDAF_Version: "3.13.0.0"
# ------------------- End - SDAF Ansible Version ---------------------------8
diff --git a/deploy/configs/version.txt b/deploy/configs/version.txt
index a57eb4c686..c21c6f6867 100644
--- a/deploy/configs/version.txt
+++ b/deploy/configs/version.txt
@@ -1 +1 @@
-3.12.0.0
+3.13.0.0
diff --git a/deploy/scripts/New-SDAFDevopsProject.ps1 b/deploy/scripts/New-SDAFDevopsProject.ps1
index e6bf7d4a31..e23ad4f650 100644
--- a/deploy/scripts/New-SDAFDevopsProject.ps1
+++ b/deploy/scripts/New-SDAFDevopsProject.ps1
@@ -25,7 +25,7 @@ $ControlPlaneSubscriptionName = $Env:SDAF_ControlPlaneSubscriptionName
if ($IsWindows) { $pathSeparator = "\" } else { $pathSeparator = "/" }
#endregion
-$versionLabel = "v3.12.0.0"
+$versionLabel = "v3.13.0.0"
# az logout
@@ -1131,4 +1131,4 @@ else {
}
-Write-Host "The script has completed" -ForegroundColor Green
\ No newline at end of file
+Write-Host "The script has completed" -ForegroundColor Green
diff --git a/deploy/terraform/bootstrap/sap_deployer/module.tf b/deploy/terraform/bootstrap/sap_deployer/module.tf
index 9beee66193..e464508dd2 100644
--- a/deploy/terraform/bootstrap/sap_deployer/module.tf
+++ b/deploy/terraform/bootstrap/sap_deployer/module.tf
@@ -52,7 +52,7 @@ module "sap_deployer" {
use_service_endpoint = var.use_service_endpoint
use_webapp = var.use_webapp
webapp_client_secret = var.webapp_client_secret
- dns_settings = local.dns_settings
+
}
module "sap_namegenerator" {
diff --git a/deploy/terraform/bootstrap/sap_deployer/providers.tf b/deploy/terraform/bootstrap/sap_deployer/providers.tf
index c0b52989cf..ddfa4e92b7 100644
--- a/deploy/terraform/bootstrap/sap_deployer/providers.tf
+++ b/deploy/terraform/bootstrap/sap_deployer/providers.tf
@@ -29,7 +29,7 @@ provider "azurerm" {
purge_soft_deleted_certificates_on_destroy = !var.enable_purge_control_for_keyvaults
}
}
- skip_provider_registration = true
+
}
provider "azurerm" {
@@ -44,7 +44,7 @@ provider "azurerm" {
purge_soft_deleted_certificates_on_destroy = !var.enable_purge_control_for_keyvaults
}
}
- skip_provider_registration = true
+
partner_id = "f94f50f2-2539-42f8-9c8e-c65b28c681f7"
alias = "main"
}
@@ -52,7 +52,7 @@ provider "azurerm" {
provider "azurerm" {
features {}
subscription_id = try(var.management_dns_subscription_id, null)
- skip_provider_registration = true
+
partner_id = "f94f50f2-2539-42f8-9c8e-c65b28c681f7"
alias = "dnsmanagement"
}
@@ -61,7 +61,6 @@ provider "azurerm" {
features {}
subscription_id = try(coalesce(var.privatelink_dns_subscription_id, var.management_dns_subscription_id), null)
alias = "privatelinkdnsmanagement"
- skip_provider_registration = true
storage_use_azuread = true
}
@@ -87,7 +86,7 @@ terraform {
}
azurerm = {
source = "hashicorp/azurerm"
- version = ">=3.3"
+ version = ">=4.0"
}
}
}
diff --git a/deploy/terraform/bootstrap/sap_library/providers.tf b/deploy/terraform/bootstrap/sap_library/providers.tf
index 688be3bf6c..0c8737b0b0 100644
--- a/deploy/terraform/bootstrap/sap_library/providers.tf
+++ b/deploy/terraform/bootstrap/sap_library/providers.tf
@@ -24,7 +24,7 @@ provider "azurerm" {
}
}
- skip_provider_registration = true
+
storage_use_azuread = true
}
@@ -42,7 +42,7 @@ provider "azurerm" {
tenant_id = local.use_spn ? local.spn.tenant_id : null
alias = "main"
- skip_provider_registration = true
+
storage_use_azuread = true
}
@@ -51,7 +51,7 @@ provider "azurerm" {
features {
}
alias = "deployer"
- skip_provider_registration = true
+
storage_use_azuread = true
}
@@ -62,7 +62,7 @@ provider "azurerm" {
client_secret = local.use_spn ? local.spn.client_secret : null
tenant_id = local.use_spn ? local.spn.tenant_id : null
alias = "dnsmanagement"
- skip_provider_registration = true
+
storage_use_azuread = true
}
@@ -73,7 +73,7 @@ provider "azurerm" {
client_secret = local.use_spn ? local.spn.client_secret : null
tenant_id = local.use_spn ? local.spn.tenant_id : null
alias = "privatelinkdnsmanagement"
- skip_provider_registration = true
+
storage_use_azuread = true
}
@@ -104,7 +104,7 @@ terraform {
}
azurerm = {
source = "hashicorp/azurerm"
- version = ">=3.3"
+ version = ">=4.0"
}
}
}
diff --git a/deploy/terraform/run/sap_deployer/providers.tf b/deploy/terraform/run/sap_deployer/providers.tf
index 4588670d4b..3c0f7e4e89 100644
--- a/deploy/terraform/run/sap_deployer/providers.tf
+++ b/deploy/terraform/run/sap_deployer/providers.tf
@@ -26,7 +26,6 @@ provider "azurerm" {
}
}
partner_id = "f94f50f2-2539-42f8-9c8e-c65b28c681f7"
- skip_provider_registration = true
storage_use_azuread = !var.shared_access_key_enabled
use_msi = var.use_spn ? false : true
}
@@ -44,7 +43,6 @@ provider "azurerm" {
}
}
partner_id = "f94f50f2-2539-42f8-9c8e-c65b28c681f7"
- skip_provider_registration = true
subscription_id = local.spn.subscription_id
client_id = var.use_spn ? local.spn.client_id : null
@@ -62,7 +60,6 @@ provider "azurerm" {
client_id = var.use_spn ? local.spn.client_id : null
client_secret = var.use_spn ? local.spn.client_secret: null
tenant_id = var.use_spn ? local.spn.tenant_id: null
- skip_provider_registration = true
storage_use_azuread = !var.shared_access_key_enabled
use_msi = var.use_spn ? false : true
}
@@ -88,7 +85,7 @@ terraform {
}
azurerm = {
source = "hashicorp/azurerm"
- version = "~> 3.3"
+ version = "~> 4.0"
}
}
}
diff --git a/deploy/terraform/run/sap_landscape/providers.tf b/deploy/terraform/run/sap_landscape/providers.tf
index 5838805ab4..cbb2b418a4 100644
--- a/deploy/terraform/run/sap_landscape/providers.tf
+++ b/deploy/terraform/run/sap_landscape/providers.tf
@@ -16,7 +16,6 @@ provider "azurerm" {
features {}
subscription_id = length(local.deployer_subscription_id) > 0 ? local.deployer_subscription_id : null
use_msi = var.use_spn ? false : true
- skip_provider_registration = true
storage_use_azuread = true
}
@@ -41,7 +40,7 @@ provider "azurerm" {
partner_id = "25c87b5f-716a-4067-bcd8-116956916dd6"
alias = "workload"
- skip_provider_registration = true
+
}
provider "azurerm" {
@@ -52,7 +51,7 @@ provider "azurerm" {
client_secret = var.use_spn ? local.cp_spn.client_secret : null
tenant_id = var.use_spn ? local.cp_spn.tenant_id : null
use_msi = var.use_spn ? false : true
- skip_provider_registration = true
+
}
@@ -68,7 +67,7 @@ provider "azurerm" {
client_secret = var.use_spn ? local.cp_spn.client_secret : null
tenant_id = var.use_spn ? local.cp_spn.tenant_id : null
use_msi = var.use_spn ? false : true
- skip_provider_registration = true
+
}
provider "azurerm" {
@@ -79,7 +78,7 @@ provider "azurerm" {
client_secret = var.use_spn ? local.cp_spn.client_secret : null
tenant_id = var.use_spn ? local.cp_spn.tenant_id : null
alias = "peering"
- skip_provider_registration = true
+
}
provider "azuread" {
@@ -90,11 +89,12 @@ provider "azuread" {
}
provider "azapi" {
- alias = "api"
- subscription_id = local.spn.subscription_id
- client_id = local.spn.client_id
- client_secret = local.spn.client_secret
- tenant_id = local.spn.tenant_id
+ alias = "api"
+ subscription_id = local.spn.subscription_id
+ client_id = var.use_spn ? local.spn.client_id : null
+ client_secret = var.use_spn ? local.spn.client_secret : null
+ tenant_id = local.spn.tenant_id
+ use_msi = var.use_spn ? false : true
}
terraform {
@@ -118,7 +118,7 @@ terraform {
}
azurerm = {
source = "hashicorp/azurerm"
- version = "~> 3.3"
+ version = ">= 4.0"
}
azapi = {
source = "Azure/azapi"
diff --git a/deploy/terraform/run/sap_library/providers.tf b/deploy/terraform/run/sap_library/providers.tf
index 7e6a6a8edd..6760605ed5 100644
--- a/deploy/terraform/run/sap_library/providers.tf
+++ b/deploy/terraform/run/sap_library/providers.tf
@@ -20,7 +20,7 @@ data "azurerm_client_config" "current" {
provider "azurerm" {
features {
}
- skip_provider_registration = true
+
use_msi = var.use_spn ? false : true
storage_use_azuread = !var.shared_access_key_enabled
@@ -42,13 +42,11 @@ provider "azurerm" {
use_msi = var.use_spn ? false : true
alias = "main"
- skip_provider_registration = true
}
provider "azurerm" {
features {
}
- skip_provider_registration = true
alias = "deployer"
storage_use_azuread = !var.shared_access_key_enabled
use_msi = var.use_spn ? false : true
@@ -63,7 +61,6 @@ provider "azurerm" {
client_id = local.use_spn ? local.spn.client_id : null
client_secret = local.use_spn ? local.spn.client_secret : null
tenant_id = local.use_spn ? local.spn.tenant_id : null
- skip_provider_registration = true
storage_use_azuread = !var.shared_access_key_enabled
use_msi = var.use_spn ? false : true
}
@@ -75,7 +72,6 @@ provider "azurerm" {
client_secret = local.use_spn ? local.spn.client_secret : null
tenant_id = local.use_spn ? local.spn.tenant_id : null
alias = "privatelinkdnsmanagement"
- skip_provider_registration = true
storage_use_azuread = true
}
@@ -108,7 +104,7 @@ terraform {
}
azurerm = {
source = "hashicorp/azurerm"
- version = "~> 3.3"
+ version = "~> 4.0"
}
}
}
diff --git a/deploy/terraform/run/sap_system/module.tf b/deploy/terraform/run/sap_system/module.tf
index a30e70a745..2dc0df308c 100644
--- a/deploy/terraform/run/sap_system/module.tf
+++ b/deploy/terraform/run/sap_system/module.tf
@@ -460,4 +460,6 @@ module "output_files" {
enable_sap_cal = var.enable_sap_cal
calapi_kv = var.calapi_kv
sap_cal_product_name = var.sap_cal_product_name
+
+ site_information = module.hdb_node.site_information
}
diff --git a/deploy/terraform/run/sap_system/providers.tf b/deploy/terraform/run/sap_system/providers.tf
index 656fbaf18b..726bc0ded8 100644
--- a/deploy/terraform/run/sap_system/providers.tf
+++ b/deploy/terraform/run/sap_system/providers.tf
@@ -37,7 +37,7 @@ provider "azurerm" {
partner_id = "3179cd51-f54b-4c73-ac10-8e99417efce7"
alias = "system"
- skip_provider_registration = true
+
}
provider "azurerm" {
@@ -48,7 +48,6 @@ provider "azurerm" {
client_secret = try(data.terraform_remote_state.landscape.outputs.use_spn, true) && var.use_spn ? local.cp_spn.client_secret : null
tenant_id = try(data.terraform_remote_state.landscape.outputs.use_spn, true) && var.use_spn ? local.cp_spn.tenant_id : null
use_msi = try(data.terraform_remote_state.landscape.outputs.use_spn, true) && var.use_spn ? false : true
- skip_provider_registration = true
}
@@ -80,7 +79,7 @@ terraform {
}
azurerm = {
source = "hashicorp/azurerm"
- version = ">=3.3"
+ version = ">=4.0"
}
}
}
diff --git a/deploy/terraform/terraform-units/modules/sap_deployer/app_service.tf b/deploy/terraform/terraform-units/modules/sap_deployer/app_service.tf
index 4913fc0c71..22a6969178 100644
--- a/deploy/terraform/terraform-units/modules/sap_deployer/app_service.tf
+++ b/deploy/terraform/terraform-units/modules/sap_deployer/app_service.tf
@@ -22,7 +22,7 @@ resource "azurerm_subnet" "webapp" {
address_prefixes = [local.webapp_subnet_prefix]
- private_endpoint_network_policies_enabled = var.use_private_endpoint
+ private_endpoint_network_policies = var.use_private_endpoint ? "Enabled" : "Disabled"
service_endpoints = var.use_service_endpoint ? (
var.use_webapp ? (
diff --git a/deploy/terraform/terraform-units/modules/sap_deployer/bastion.tf b/deploy/terraform/terraform-units/modules/sap_deployer/bastion.tf
index 8d01b6b089..68a228860d 100644
--- a/deploy/terraform/terraform-units/modules/sap_deployer/bastion.tf
+++ b/deploy/terraform/terraform-units/modules/sap_deployer/bastion.tf
@@ -23,7 +23,7 @@ resource "azurerm_subnet" "bastion" {
)
address_prefixes = [var.infrastructure.vnets.management.subnet_bastion.prefix]
- private_endpoint_network_policies_enabled = var.use_private_endpoint
+ private_endpoint_network_policies = var.use_private_endpoint ? "Enabled" : "Disabled"
service_endpoints = var.use_service_endpoint ? (
["Microsoft.Storage", "Microsoft.KeyVault"]) : (
diff --git a/deploy/terraform/terraform-units/modules/sap_deployer/firewall.tf b/deploy/terraform/terraform-units/modules/sap_deployer/firewall.tf
index f507c1fc04..fcd25cafa1 100644
--- a/deploy/terraform/terraform-units/modules/sap_deployer/firewall.tf
+++ b/deploy/terraform/terraform-units/modules/sap_deployer/firewall.tf
@@ -85,7 +85,7 @@ resource "azurerm_route_table" "rt" {
var.naming.separator,
var.naming.resource_suffixes.routetable
)
- disable_bgp_route_propagation = false
+ bgp_route_propagation_enabled = false
resource_group_name = local.resource_group_exists ? (
data.azurerm_resource_group.deployer[0].name) : (
azurerm_resource_group.deployer[0].name
diff --git a/deploy/terraform/terraform-units/modules/sap_deployer/infrastructure.tf b/deploy/terraform/terraform-units/modules/sap_deployer/infrastructure.tf
index 25b7fa72c7..63c72150b9 100644
--- a/deploy/terraform/terraform-units/modules/sap_deployer/infrastructure.tf
+++ b/deploy/terraform/terraform-units/modules/sap_deployer/infrastructure.tf
@@ -58,7 +58,7 @@ resource "azurerm_subnet" "subnet_mgmt" {
virtual_network_name = local.vnet_mgmt_exists ? data.azurerm_virtual_network.vnet_mgmt[0].name : azurerm_virtual_network.vnet_mgmt[0].name
address_prefixes = [local.management_subnet_prefix]
- private_endpoint_network_policies_enabled = !var.use_private_endpoint
+ private_endpoint_network_policies = !var.use_private_endpoint ? "Enabled" : "Disabled"
service_endpoints = var.use_service_endpoint ? (
var.use_webapp ? (
@@ -84,7 +84,7 @@ resource "azurerm_storage_account" "deployer" {
location = local.resource_group_exists ? data.azurerm_resource_group.deployer[0].location : azurerm_resource_group.deployer[0].location
account_replication_type = "LRS"
account_tier = "Standard"
- enable_https_traffic_only = local.enable_secure_transfer
+ https_traffic_only_enabled = local.enable_secure_transfer
min_tls_version = "TLS1_2"
allow_nested_items_to_be_public = false
shared_access_key_enabled = var.deployer.shared_access_key_enabled
diff --git a/deploy/terraform/terraform-units/modules/sap_deployer/providers.tf b/deploy/terraform/terraform-units/modules/sap_deployer/providers.tf
index 78b8d1baba..468dfe55bb 100644
--- a/deploy/terraform/terraform-units/modules/sap_deployer/providers.tf
+++ b/deploy/terraform/terraform-units/modules/sap_deployer/providers.tf
@@ -3,7 +3,7 @@ terraform {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.dnsmanagement, azurerm.main]
- version = "~> 3.0"
+ version = "~> 4.0"
}
}
}
diff --git a/deploy/terraform/terraform-units/modules/sap_landscape/iscsi.tf b/deploy/terraform/terraform-units/modules/sap_landscape/iscsi.tf
index 6b58678af4..4d1786032b 100644
--- a/deploy/terraform/terraform-units/modules/sap_landscape/iscsi.tf
+++ b/deploy/terraform/terraform-units/modules/sap_landscape/iscsi.tf
@@ -139,8 +139,8 @@ resource "azurerm_network_security_rule" "nsr_controlplane_iscsi" {
var.deployer_tfstate.subnet_mgmt_address_prefixes,
var.deployer_tfstate.subnet_bastion_address_prefixes,
local.SAP_virtualnetwork_exists ? (
- data.azurerm_virtual_network.vnet_sap[0].address_space) : (
- azurerm_virtual_network.vnet_sap[0].address_space
+ flatten(data.azurerm_virtual_network.vnet_sap[0].address_space)) : (
+ flatten(azurerm_virtual_network.vnet_sap[0].address_space)
)))
destination_address_prefixes = local.sub_iscsi_exists ? data.azurerm_subnet.iscsi[0].address_prefixes : azurerm_subnet.iscsi[0].address_prefixes
}
diff --git a/deploy/terraform/terraform-units/modules/sap_landscape/nsg.tf b/deploy/terraform/terraform-units/modules/sap_landscape/nsg.tf
index 6c593b21ae..aae8fd6bc3 100644
--- a/deploy/terraform/terraform-units/modules/sap_landscape/nsg.tf
+++ b/deploy/terraform/terraform-units/modules/sap_landscape/nsg.tf
@@ -175,8 +175,8 @@ resource "azurerm_network_security_rule" "nsr_controlplane_app" {
var.deployer_tfstate.subnet_mgmt_address_prefixes,
var.deployer_tfstate.subnet_bastion_address_prefixes,
local.SAP_virtualnetwork_exists ? (
- data.azurerm_virtual_network.vnet_sap[0].address_space) : (
- azurerm_virtual_network.vnet_sap[0].address_space
+ flatten(data.azurerm_virtual_network.vnet_sap[0].address_space)) : (
+ flatten(azurerm_virtual_network.vnet_sap[0].address_space)
)))
destination_address_prefixes = local.application_subnet_existing ? data.azurerm_subnet.app[0].address_prefixes : azurerm_subnet.app[0].address_prefixes
}
@@ -205,8 +205,8 @@ resource "azurerm_network_security_rule" "nsr_controlplane_web" {
var.deployer_tfstate.subnet_mgmt_address_prefixes,
var.deployer_tfstate.subnet_bastion_address_prefixes,
local.SAP_virtualnetwork_exists ? (
- data.azurerm_virtual_network.vnet_sap[0].address_space) : (
- azurerm_virtual_network.vnet_sap[0].address_space
+ flatten(data.azurerm_virtual_network.vnet_sap[0].address_space)) : (
+ flatten(azurerm_virtual_network.vnet_sap[0].address_space)
)))
destination_address_prefixes = local.web_subnet_existing ? data.azurerm_subnet.web[0].address_prefixes : azurerm_subnet.web[0].address_prefixes
}
@@ -236,8 +236,8 @@ resource "azurerm_network_security_rule" "nsr_controlplane_storage" {
var.deployer_tfstate.subnet_mgmt_address_prefixes,
var.deployer_tfstate.subnet_bastion_address_prefixes,
local.SAP_virtualnetwork_exists ? (
- data.azurerm_virtual_network.vnet_sap[0].address_space) : (
- azurerm_virtual_network.vnet_sap[0].address_space
+ flatten(data.azurerm_virtual_network.vnet_sap[0].address_space)) : (
+ flatten(azurerm_virtual_network.vnet_sap[0].address_space)
)))
destination_address_prefixes = local.storage_subnet_existing ? data.azurerm_subnet.storage[0].address_prefixes : azurerm_subnet.storage[0].address_prefixes
}
@@ -266,8 +266,8 @@ resource "azurerm_network_security_rule" "nsr_controlplane_db" {
var.deployer_tfstate.subnet_mgmt_address_prefixes,
var.deployer_tfstate.subnet_bastion_address_prefixes,
local.SAP_virtualnetwork_exists ? (
- data.azurerm_virtual_network.vnet_sap[0].address_space) : (
- azurerm_virtual_network.vnet_sap[0].address_space
+ flatten(data.azurerm_virtual_network.vnet_sap[0].address_space)) : (
+ flatten(azurerm_virtual_network.vnet_sap[0].address_space)
)))
destination_address_prefixes = local.database_subnet_existing ? data.azurerm_subnet.db[0].address_prefixes : azurerm_subnet.db[0].address_prefixes
}
@@ -296,8 +296,8 @@ resource "azurerm_network_security_rule" "nsr_controlplane_admin" {
var.deployer_tfstate.subnet_mgmt_address_prefixes,
var.deployer_tfstate.subnet_bastion_address_prefixes,
local.SAP_virtualnetwork_exists ? (
- data.azurerm_virtual_network.vnet_sap[0].address_space) : (
- azurerm_virtual_network.vnet_sap[0].address_space
+ flatten(data.azurerm_virtual_network.vnet_sap[0].address_space)) : (
+ flatten(azurerm_virtual_network.vnet_sap[0].address_space)
)))
destination_address_prefixes = local.admin_subnet_existing ? data.azurerm_subnet.admin[0].address_prefixes : azurerm_subnet.admin[0].address_prefixes
}
diff --git a/deploy/terraform/terraform-units/modules/sap_landscape/providers.tf b/deploy/terraform/terraform-units/modules/sap_landscape/providers.tf
index 35722baebe..5b6fda3f0d 100644
--- a/deploy/terraform/terraform-units/modules/sap_landscape/providers.tf
+++ b/deploy/terraform/terraform-units/modules/sap_landscape/providers.tf
@@ -3,7 +3,7 @@ terraform {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.main, azurerm.deployer, azurerm.dnsmanagement, azurerm.peering]
- version = "~> 3.23"
+ version = "~> 4.0"
}
azapi = {
diff --git a/deploy/terraform/terraform-units/modules/sap_landscape/storage_accounts.tf b/deploy/terraform/terraform-units/modules/sap_landscape/storage_accounts.tf
index 331d4d139e..15c181384f 100644
--- a/deploy/terraform/terraform-units/modules/sap_landscape/storage_accounts.tf
+++ b/deploy/terraform/terraform-units/modules/sap_landscape/storage_accounts.tf
@@ -25,7 +25,7 @@ resource "azurerm_storage_account" "storage_bootdiag" {
account_replication_type = "LRS"
account_tier = "Standard"
- enable_https_traffic_only = true
+ https_traffic_only_enabled = true
min_tls_version = "TLS1_2"
allow_nested_items_to_be_public = false
cross_tenant_replication_enabled = false
@@ -142,7 +142,7 @@ resource "azurerm_storage_account" "witness_storage" {
account_replication_type = "LRS"
account_tier = "Standard"
- enable_https_traffic_only = true
+ https_traffic_only_enabled = true
min_tls_version = "TLS1_2"
allow_nested_items_to_be_public = false
cross_tenant_replication_enabled = false
@@ -289,7 +289,7 @@ resource "azurerm_storage_account" "transport" {
account_tier = "Premium"
account_replication_type = "ZRS"
account_kind = "FileStorage"
- enable_https_traffic_only = false
+ https_traffic_only_enabled = false
min_tls_version = "TLS1_2"
allow_nested_items_to_be_public = false
# shared_access_key_enabled = false
@@ -511,7 +511,7 @@ resource "azurerm_storage_account" "install" {
account_replication_type = var.storage_account_replication_type
account_tier = "Premium"
allow_nested_items_to_be_public = false
- enable_https_traffic_only = false
+ https_traffic_only_enabled = false
min_tls_version = "TLS1_2"
cross_tenant_replication_enabled = false
public_network_access_enabled = var.public_network_access_enabled
diff --git a/deploy/terraform/terraform-units/modules/sap_landscape/subnets.tf b/deploy/terraform/terraform-units/modules/sap_landscape/subnets.tf
index 956b0f1b19..91fd40c415 100644
--- a/deploy/terraform/terraform-units/modules/sap_landscape/subnets.tf
+++ b/deploy/terraform/terraform-units/modules/sap_landscape/subnets.tf
@@ -7,7 +7,7 @@ resource "azurerm_subnet" "admin" {
virtual_network_name = local.SAP_virtualnetwork_exists ? data.azurerm_virtual_network.vnet_sap[0].name : azurerm_virtual_network.vnet_sap[0].name
address_prefixes = [local.admin_subnet_prefix]
- enforce_private_link_endpoint_network_policies = var.use_private_endpoint
+ private_endpoint_network_policies = var.use_private_endpoint ? "Enabled" : "Disabled"
service_endpoints = var.use_service_endpoint ? (
["Microsoft.Storage", "Microsoft.KeyVault"]
@@ -34,7 +34,7 @@ resource "azurerm_subnet" "db" {
virtual_network_name = local.SAP_virtualnetwork_exists ? data.azurerm_virtual_network.vnet_sap[0].name : azurerm_virtual_network.vnet_sap[0].name
address_prefixes = [local.database_subnet_prefix]
- enforce_private_link_endpoint_network_policies = var.use_private_endpoint
+ private_endpoint_network_policies = var.use_private_endpoint ? "Enabled" : "Disabled"
service_endpoints = var.use_service_endpoint ? (
["Microsoft.Storage", "Microsoft.KeyVault"]
) : (
@@ -59,7 +59,7 @@ resource "azurerm_subnet" "app" {
virtual_network_name = local.SAP_virtualnetwork_exists ? data.azurerm_virtual_network.vnet_sap[0].name : azurerm_virtual_network.vnet_sap[0].name
address_prefixes = [local.application_subnet_prefix]
- enforce_private_link_endpoint_network_policies = var.use_private_endpoint
+ private_endpoint_network_policies = var.use_private_endpoint ? "Enabled" : "Disabled"
service_endpoints = var.use_service_endpoint ? (
["Microsoft.Storage", "Microsoft.KeyVault"]
@@ -86,7 +86,7 @@ resource "azurerm_subnet" "web" {
virtual_network_name = local.SAP_virtualnetwork_exists ? data.azurerm_virtual_network.vnet_sap[0].name : azurerm_virtual_network.vnet_sap[0].name
address_prefixes = [local.web_subnet_prefix]
- enforce_private_link_endpoint_network_policies = var.use_private_endpoint
+ private_endpoint_network_policies = var.use_private_endpoint ? "Enabled" : "Disabled"
service_endpoints = var.use_service_endpoint ? (
["Microsoft.Storage", "Microsoft.KeyVault"]
@@ -114,7 +114,7 @@ resource "azurerm_subnet" "storage" {
virtual_network_name = local.SAP_virtualnetwork_exists ? data.azurerm_virtual_network.vnet_sap[0].name : azurerm_virtual_network.vnet_sap[0].name
address_prefixes = [local.subnet_cidr_storage]
- enforce_private_link_endpoint_network_policies = var.use_private_endpoint
+ private_endpoint_network_policies = var.use_private_endpoint ? "Enabled" : "Disabled"
service_endpoints = var.use_service_endpoint ? (
["Microsoft.Storage", "Microsoft.KeyVault"]
diff --git a/deploy/terraform/terraform-units/modules/sap_library/providers.tf b/deploy/terraform/terraform-units/modules/sap_library/providers.tf
index e08192b874..9c16a761ca 100644
--- a/deploy/terraform/terraform-units/modules/sap_library/providers.tf
+++ b/deploy/terraform/terraform-units/modules/sap_library/providers.tf
@@ -3,7 +3,7 @@ terraform {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.main, azurerm.deployer, azurerm.dnsmanagement, azurerm.privatelinkdnsmanagement]
- version = "~> 3.0"
+ version = "~> 4.0"
}
}
}
diff --git a/deploy/terraform/terraform-units/modules/sap_namegenerator/output.tf b/deploy/terraform/terraform-units/modules/sap_namegenerator/output.tf
index 5e18b73318..1f7c95456d 100644
--- a/deploy/terraform/terraform-units/modules/sap_namegenerator/output.tf
+++ b/deploy/terraform/terraform-units/modules/sap_namegenerator/output.tf
@@ -61,13 +61,13 @@ output "naming" {
ANCHOR_COMPUTERNAME = local.anchor_computer_names
ANCHOR_SECONDARY_DNSNAME = local.anchor_secondary_dnsnames
ANCHOR_VMNAME = local.anchor_vm_names
- ANYDB_COMPUTERNAME = var.database_high_availability ? concat(local.anydb_computer_names, local.anydb_computer_names_ha) : local.anydb_computer_names
- ANYDB_SECONDARY_DNSNAME = concat(local.anydb_secondary_dnsnames, local.anydb_secondary_dnsnames_ha)
- ANYDB_VMNAME = var.database_high_availability ? concat(local.anydb_vm_names, local.anydb_vm_names_ha) : local.anydb_vm_names
+ ANYDB_COMPUTERNAME = var.database_high_availability ? local.anydb_computer_names_ha : local.anydb_computer_names
+ ANYDB_SECONDARY_DNSNAME = var.database_high_availability ? local.anydb_secondary_dnsnames_ha : local.anydb_secondary_dnsnames
+ ANYDB_VMNAME = var.database_high_availability ? local.anydb_vm_names_ha : local.anydb_vm_names
DEPLOYER = local.deployer_vm_names
- HANA_COMPUTERNAME = var.database_high_availability ? concat(local.hana_computer_names, local.hana_computer_names_ha) : local.hana_computer_names
- HANA_SECONDARY_DNSNAME = var.database_high_availability ? concat(local.hana_secondary_dnsnames, local.hana_secondary_dnsnames_ha) : local.hana_secondary_dnsnames
- HANA_VMNAME = var.database_high_availability ? concat(local.hana_server_vm_names, local.hana_server_vm_names_ha) : local.hana_server_vm_names
+ HANA_COMPUTERNAME = var.database_high_availability ? local.hana_computer_names_ha : local.hana_computer_names
+ HANA_SECONDARY_DNSNAME = var.database_high_availability ? local.hana_secondary_dnsnames_ha : local.hana_secondary_dnsnames
+ HANA_VMNAME = var.database_high_availability ? local.hana_server_vm_names_ha : local.hana_server_vm_names
ISCSI_COMPUTERNAME = local.iscsi_server_names
OBSERVER_COMPUTERNAME = local.observer_computer_names
OBSERVER_VMNAME = local.observer_vm_names
diff --git a/deploy/terraform/terraform-units/modules/sap_namegenerator/vm.tf b/deploy/terraform/terraform-units/modules/sap_namegenerator/vm.tf
index 6bf26bb34b..d3b9fd170f 100644
--- a/deploy/terraform/terraform-units/modules/sap_namegenerator/vm.tf
+++ b/deploy/terraform/terraform-units/modules/sap_namegenerator/vm.tf
@@ -22,8 +22,8 @@ locals {
format("%sdb%02d%s%d%s", lower(var.sap_sid), idx + var.resource_offset, local.db_oscode, 0, local.random_id_vm_verified)
]
- anydb_computer_names_ha = [for idx in range(var.db_server_count) :
- format("%sdb%02d%s%d%s", lower(var.sap_sid), idx + var.resource_offset, local.db_oscode, 1, local.random_id_vm_verified)
+ anydb_computer_names_ha = [for idx in range(var.db_server_count * 2) :
+ format("%sdb%02d%s%01d%s", lower(var.sap_sid), floor(idx/2) + var.resource_offset, local.db_oscode, tonumber((idx % 2)), local.random_id_vm_verified)
]
anydb_vm_names = [for idx in range(var.db_server_count) :
@@ -33,10 +33,10 @@ locals {
)
]
- anydb_vm_names_ha = [for idx in range(var.db_server_count) :
+ anydb_vm_names_ha = [for idx in range(var.db_server_count * 2) :
length(var.db_zones) > 0 && var.use_zonal_markers ? (
- format("%sdb%sz%s%s%02d%s%d%s", lower(var.sap_sid), local.separator, local.ha_zones[idx % max(length(local.ha_zones), 1)], local.separator, idx + var.resource_offset, local.db_oscode, 1, local.random_id_vm_verified)) : (
- format("%sdb%02d%s%d%s", lower(var.sap_sid), idx + var.resource_offset, local.db_oscode, 1, local.random_id_vm_verified)
+ format("%sdb%sz%s%s%02d%s%01d%s", lower(var.sap_sid), local.separator, local.ha_zones[idx % max(length(local.ha_zones), 1)], local.separator, floor(idx/2) + var.resource_offset, local.db_oscode, tonumber((idx % 2)), local.random_id_vm_verified)) : (
+ format("%sdb%02d%s%01d%s", lower(var.sap_sid), floor(idx/2) + var.resource_offset, local.db_oscode, tonumber((idx % 2)), local.random_id_vm_verified)
)
]
@@ -59,21 +59,21 @@ locals {
format("%sd%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), idx + var.resource_offset, 0, substr(local.random_id_vm_verified, 0, 2))
]
- hana_computer_names_ha = [for idx in range(var.db_server_count) :
- format("%sd%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), idx + var.resource_offset, 1, substr(local.random_id_vm_verified, 0, 2))
+ hana_computer_names_ha = [for idx in range(var.db_server_count * 2) :
+ format("%sd%s%02dl%01d%s", lower(var.sap_sid), lower(var.db_sid), floor(idx/2) + var.resource_offset + var.resource_offset, tonumber((idx % 2)), substr(local.random_id_vm_verified, 0, 2))
]
hana_server_vm_names = [for idx in range(var.db_server_count) :
length(var.db_zones) > 0 && var.use_zonal_markers ? (
- format("%sd%s%sz%s%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), local.separator, var.db_zones[idx % max(length(var.db_zones), 1)], local.separator, idx + var.resource_offset, 0, local.random_id_vm_verified)) : (
- format("%sd%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), idx + var.resource_offset, 0, local.random_id_vm_verified)
+ format("%sd%s%sz%s%s%02dl%01d%s", lower(var.sap_sid), lower(var.db_sid), local.separator, var.db_zones[idx % max(length(var.db_zones), 1)], local.separator, idx + var.resource_offset, 0, local.random_id_vm_verified)) : (
+ format("%sd%s%02dl%01d%s", lower(var.sap_sid), lower(var.db_sid), idx + var.resource_offset, 0, local.random_id_vm_verified)
)
]
- hana_server_vm_names_ha = [for idx in range(var.db_server_count) :
+ hana_server_vm_names_ha = [for idx in range(var.db_server_count * 2) :
length(var.db_zones) > 0 && var.use_zonal_markers ? (
- format("%sd%s%sz%s%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), local.separator, local.ha_zones[idx % max(length(local.ha_zones), 1)], local.separator, idx + var.resource_offset, 1, local.random_id_vm_verified)) : (
- format("%sd%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), idx + var.resource_offset, 1, local.random_id_vm_verified)
+ format("%sd%s%sz%s%s%02dl%01d%s", lower(var.sap_sid), lower(var.db_sid), local.separator, local.ha_zones[idx % max(length(local.ha_zones), 1)], local.separator, floor(idx/2) + var.resource_offset, tonumber((idx % 2)), local.random_id_vm_verified)) : (
+ format("%sd%s%02dl%01d%s", lower(var.sap_sid), lower(var.db_sid), floor(idx/2) + var.resource_offset, tonumber((idx % 2)), local.random_id_vm_verified)
)
]
@@ -123,16 +123,16 @@ locals {
format("v%sd%02dl%d%s", lower(var.sap_sid), idx + var.resource_offset, 0, substr(local.random_id_vm_verified, 0, 2))
]
- anydb_secondary_dnsnames_ha = [for idx in range(var.db_server_count) :
- format("v%sd%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), idx + var.resource_offset, 1, substr(local.random_id_vm_verified, 0, 2))
+ anydb_secondary_dnsnames_ha = [for idx in range(var.db_server_count * 2) :
+ format("v%sd%s%02dl%01d%s", lower(var.sap_sid), lower(var.db_sid), floor(idx/2) + var.resource_offset, tonumber((idx % 2)), substr(local.random_id_vm_verified, 0, 2))
]
- hana_secondary_dnsnames = [for idx in range(var.db_server_count) :
+ hana_secondary_dnsnames = [for idx in range(var.db_server_count ) :
format("v%sd%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), idx + var.resource_offset, 0, substr(local.random_id_vm_verified, 0, 2))
]
- hana_secondary_dnsnames_ha = [for idx in range(var.db_server_count) :
- format("v%sd%s%02dl%d%s", lower(var.sap_sid), lower(var.db_sid), idx + var.resource_offset, 1, local.random_id_virt_vm_verified)
+ hana_secondary_dnsnames_ha = [for idx in range(var.db_server_count * 2) :
+ format("v%sd%s%02dl%01d%s", lower(var.sap_sid), lower(var.db_sid), floor(idx/2) + var.resource_offset, tonumber((idx % 2)), local.random_id_virt_vm_verified)
]
scs_secondary_dnsnames = [for idx in range(var.scs_server_count) :
diff --git a/deploy/terraform/terraform-units/modules/sap_system/anydb_node/providers.tf b/deploy/terraform/terraform-units/modules/sap_system/anydb_node/providers.tf
index 62f084307e..6305c9bcbb 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/anydb_node/providers.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/anydb_node/providers.tf
@@ -3,7 +3,7 @@ terraform {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.main, azurerm.deployer, azurerm.dnsmanagement] //
- version = "~> 3.2"
+ version = "~> 4.0"
}
}
}
diff --git a/deploy/terraform/terraform-units/modules/sap_system/app_tier/providers.tf b/deploy/terraform/terraform-units/modules/sap_system/app_tier/providers.tf
index 62f084307e..6305c9bcbb 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/app_tier/providers.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/app_tier/providers.tf
@@ -3,7 +3,7 @@ terraform {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.main, azurerm.deployer, azurerm.dnsmanagement] //
- version = "~> 3.2"
+ version = "~> 4.0"
}
}
}
diff --git a/deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/providers.tf b/deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/providers.tf
index 62f084307e..6305c9bcbb 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/providers.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/providers.tf
@@ -3,7 +3,7 @@ terraform {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.main, azurerm.deployer, azurerm.dnsmanagement] //
- version = "~> 3.2"
+ version = "~> 4.0"
}
}
}
diff --git a/deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/storage_accounts.tf b/deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/storage_accounts.tf
index c171193f51..6ac5e9fe6e 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/storage_accounts.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/storage_accounts.tf
@@ -34,7 +34,7 @@ resource "azurerm_storage_account" "sapmnt" {
account_tier = "Premium"
account_replication_type = "ZRS"
account_kind = "FileStorage"
- enable_https_traffic_only = false
+ https_traffic_only_enabled = false
min_tls_version = "TLS1_2"
allow_nested_items_to_be_public = false
cross_tenant_replication_enabled = false
diff --git a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/anf.tf b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/anf.tf
index d490c142ab..b1634f6cbe 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/anf.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/anf.tf
@@ -48,7 +48,7 @@ resource "azurerm_netapp_volume" "hanadata" {
data "azurerm_netapp_volume" "hanadata" {
provider = azurerm.main
- depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA]
+ depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA_full]
count = length(local.ANF_pool_settings.pool_name) > 0 ? var.hana_ANF_volumes.use_for_data ? (
var.hana_ANF_volumes.use_existing_data_volume || local.use_avg ? (
@@ -76,7 +76,7 @@ data "azurerm_netapp_volume" "hanadata" {
resource "azurerm_netapp_volume" "hanalog" {
provider = azurerm.main
- depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA]
+ depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA_full]
count = length(local.ANF_pool_settings.pool_name) > 0 ? var.hana_ANF_volumes.use_for_log && !local.use_avg ? (
var.hana_ANF_volumes.use_existing_log_volume ? (
@@ -124,7 +124,7 @@ resource "azurerm_netapp_volume" "hanalog" {
data "azurerm_netapp_volume" "hanalog" {
provider = azurerm.main
- depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA]
+ depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA_full]
count = length(local.ANF_pool_settings.pool_name) > 0 ? var.hana_ANF_volumes.use_for_log ? (
var.hana_ANF_volumes.use_existing_log_volume || local.use_avg ? (
@@ -151,13 +151,13 @@ data "azurerm_netapp_volume" "hanalog" {
resource "azurerm_netapp_volume" "hanashared" {
provider = azurerm.main
- depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA]
+ depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA_full]
count = length(local.ANF_pool_settings.pool_name) > 0 ? var.hana_ANF_volumes.use_for_shared && !local.use_avg ? (
var.hana_ANF_volumes.use_existing_shared_volume ? (
0
) : (
- var.database_server_count
+ local.db_zone_count
)) : (
0
) : 0
@@ -201,11 +201,11 @@ resource "azurerm_netapp_volume" "hanashared" {
data "azurerm_netapp_volume" "hanashared" {
provider = azurerm.main
- depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA]
+ depends_on = [azurerm_netapp_volume_group_sap_hana.avg_HANA_full]
count = length(local.ANF_pool_settings.pool_name) > 0 ? var.hana_ANF_volumes.use_for_shared ? (
var.hana_ANF_volumes.use_existing_shared_volume || local.use_avg ? (
- var.database_server_count
+ local.db_zone_count
) : (
0
)) : (
diff --git a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/avg.tf b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/avg.tf
index a1ecc74995..e6865cdf64 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/avg.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/avg.tf
@@ -4,9 +4,10 @@
# #
#######################################4#######################################8
-resource "azurerm_netapp_volume_group_sap_hana" "avg_HANA" {
+resource "azurerm_netapp_volume_group_sap_hana" "avg_HANA_full" {
provider = azurerm.main
- count = local.use_avg ? length(var.database.zones) * (var.database_server_count - var.database.stand_by_node_count) : 0
+ depends_on = [ azurerm_linux_virtual_machine.vm_dbnode ]
+ count = local.use_avg ? length(var.database.zones) : 0
name = format("%s%s%s%s%d",
var.naming.resource_prefixes.hana_avg,
local.prefix,
@@ -134,6 +135,192 @@ resource "azurerm_netapp_volume_group_sap_hana" "avg_HANA" {
}
+resource "azurerm_netapp_volume_group_sap_hana" "avg_HANA_data2" {
+ provider = azurerm.main
+ depends_on = [ azurerm_linux_virtual_machine.vm_dbnode ]
+ count = local.use_avg && var.database_server_count / length(var.database.zones) > 1 ? length(var.database.zones) : 0
+ name = format("%s%s%s%sdata2_%d",
+ var.naming.resource_prefixes.hana_avg,
+ local.prefix,
+ var.naming.separator,
+ local.resource_suffixes.hana_avg, count.index + 1
+ )
+ resource_group_name = local.ANF_pool_settings.resource_group_name
+ location = local.ANF_pool_settings.location
+
+ account_name = local.ANF_pool_settings.account_name
+ group_description = format("Application Volume %d group for %s", count.index + 1, var.sap_sid)
+ application_identifier = local.sid
+
+ volume {
+ name = format("%s%s%s%sdata_2%d",
+ var.naming.resource_prefixes.hanadata,
+ local.prefix,
+ var.naming.separator,
+ local.resource_suffixes.hanadata,
+ count.index + 1
+ )
+ volume_path = format("%s-%sdata2-%02d",
+ var.sap_sid,
+ local.resource_suffixes.hanadata,
+ count.index + 1
+ )
+ service_level = local.ANF_pool_settings.service_level
+ capacity_pool_id = data.azurerm_netapp_pool.workload_netapp_pool[0].id
+ subnet_id = try(local.ANF_pool_settings.subnet_id, "")
+ proximity_placement_group_id = var.ppg[count.index % max(length(var.database.zones), 1)]
+ volume_spec_name = "data"
+ storage_quota_in_gb = var.hana_ANF_volumes.data_volume_size
+ throughput_in_mibps = upper(try(local.ANF_pool_settings.qos_type, "MANUAL")) == "AUTO" ? null : var.hana_ANF_volumes.data_volume_throughput
+
+ protocols = ["NFSv4.1"]
+ security_style = "unix"
+ snapshot_directory_visible = false
+
+ export_policy_rule {
+ rule_index = 1
+ allowed_clients = "0.0.0.0/0"
+ nfsv3_enabled = false
+ nfsv41_enabled = true
+ unix_read_only = false
+ unix_read_write = true
+ root_access_enabled = true
+ }
+ }
+
+ volume {
+ name = format("%s%s%s%slog_2%d",
+ var.naming.resource_prefixes.hanadata,
+ local.prefix,
+ var.naming.separator,
+ local.resource_suffixes.hanalog,
+ count.index + 1
+ )
+ volume_path = format("%s-%s-log2%02d",
+ var.sap_sid,
+ local.resource_suffixes.hanalog,
+ count.index + 1
+ )
+ service_level = local.ANF_pool_settings.service_level
+ capacity_pool_id = data.azurerm_netapp_pool.workload_netapp_pool[0].id
+ subnet_id = try(local.ANF_pool_settings.subnet_id, "")
+ proximity_placement_group_id = var.ppg[count.index % max(length(var.database.zones), 1)]
+ volume_spec_name = "log"
+ storage_quota_in_gb = var.hana_ANF_volumes.log_volume_size
+ throughput_in_mibps = upper(try(local.ANF_pool_settings.qos_type, "MANUAL")) == "AUTO" ? null : var.hana_ANF_volumes.log_volume_throughput
+
+ protocols = ["NFSv4.1"]
+ security_style = "unix"
+ snapshot_directory_visible = false
+
+ export_policy_rule {
+ rule_index = 1
+ allowed_clients = "0.0.0.0/0"
+ nfsv3_enabled = false
+ nfsv41_enabled = true
+ unix_read_only = false
+ unix_read_write = true
+ root_access_enabled = true
+ }
+ }
+
+
+}
+
+
+resource "azurerm_netapp_volume_group_sap_hana" "avg_HANA_data3" {
+ provider = azurerm.main
+ depends_on = [ azurerm_linux_virtual_machine.vm_dbnode ]
+ count = local.use_avg && (var.database_server_count / length(var.database.zones) > 2) ? length(var.database.zones) : 0
+ name = format("%s%s%s%sdata3_%d",
+ var.naming.resource_prefixes.hana_avg,
+ local.prefix,
+ var.naming.separator,
+ local.resource_suffixes.hana_avg, count.index + 1
+ )
+ resource_group_name = local.ANF_pool_settings.resource_group_name
+ location = local.ANF_pool_settings.location
+
+ account_name = local.ANF_pool_settings.account_name
+ group_description = format("Application Volume %d group for %s", count.index + 1, var.sap_sid)
+ application_identifier = local.sid
+
+ volume {
+ name = format("%s%s%s%sdata_3%d",
+ var.naming.resource_prefixes.hanadata,
+ local.prefix,
+ var.naming.separator,
+ local.resource_suffixes.hanadata,
+ count.index + 1
+ )
+ volume_path = format("%s-%sdata3-%02d",
+ var.sap_sid,
+ local.resource_suffixes.hanadata,
+ count.index + 1
+ )
+ service_level = local.ANF_pool_settings.service_level
+ capacity_pool_id = data.azurerm_netapp_pool.workload_netapp_pool[0].id
+ subnet_id = try(local.ANF_pool_settings.subnet_id, "")
+ proximity_placement_group_id = var.ppg[count.index % max(length(var.database.zones), 1)]
+ volume_spec_name = "data"
+ storage_quota_in_gb = var.hana_ANF_volumes.data_volume_size
+ throughput_in_mibps = upper(try(local.ANF_pool_settings.qos_type, "MANUAL")) == "AUTO" ? null : var.hana_ANF_volumes.data_volume_throughput
+
+ protocols = ["NFSv4.1"]
+ security_style = "unix"
+ snapshot_directory_visible = false
+
+ export_policy_rule {
+ rule_index = 1
+ allowed_clients = "0.0.0.0/0"
+ nfsv3_enabled = false
+ nfsv41_enabled = true
+ unix_read_only = false
+ unix_read_write = true
+ root_access_enabled = true
+ }
+ }
+
+ volume {
+ name = format("%s%s%s%slog_32%d",
+ var.naming.resource_prefixes.hanadata,
+ local.prefix,
+ var.naming.separator,
+ local.resource_suffixes.hanalog,
+ count.index + 1
+ )
+ volume_path = format("%s-%s-log2%02d",
+ var.sap_sid,
+ local.resource_suffixes.hanalog,
+ count.index + 1
+ )
+ service_level = local.ANF_pool_settings.service_level
+ capacity_pool_id = data.azurerm_netapp_pool.workload_netapp_pool[0].id
+ subnet_id = try(local.ANF_pool_settings.subnet_id, "")
+ proximity_placement_group_id = var.ppg[count.index % max(length(var.database.zones), 1)]
+ volume_spec_name = "log"
+ storage_quota_in_gb = var.hana_ANF_volumes.log_volume_size
+ throughput_in_mibps = upper(try(local.ANF_pool_settings.qos_type, "MANUAL")) == "AUTO" ? null : var.hana_ANF_volumes.log_volume_throughput
+
+ protocols = ["NFSv4.1"]
+ security_style = "unix"
+ snapshot_directory_visible = false
+
+ export_policy_rule {
+ rule_index = 1
+ allowed_clients = "0.0.0.0/0"
+ nfsv3_enabled = false
+ nfsv41_enabled = true
+ unix_read_only = false
+ unix_read_write = true
+ root_access_enabled = true
+ }
+ }
+
+
+}
+
+
data "azurerm_netapp_pool" "workload_netapp_pool" {
provider = azurerm.main
count = length(local.ANF_pool_settings.pool_name) > 0 ? 1 : 0
diff --git a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/infrastructure.tf b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/infrastructure.tf
index bc2641fac9..e2b82bdb4f 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/infrastructure.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/infrastructure.tf
@@ -60,13 +60,13 @@ resource "azurerm_lb" "hdb" {
var.naming.separator,
local.resource_suffixes.db_alb_feip
)
- subnet_id = var.db_subnet.id
+ subnet_id = var.database.scale_out ? var.admin_subnet.id : var.db_subnet.id
private_ip_address = length(try(var.database.loadbalancer.frontend_ips[0], "")) > 0 ? (
var.database.loadbalancer.frontend_ips[0]) : (
var.database.use_DHCP ? (
null) : (
cidrhost(
- var.db_subnet.address_prefixes[0],
+ var.database.scale_out ? var.admin_subnet.address_prefixes[0] : var.db_subnet.address_prefixes[0],
tonumber(count.index) + local.hdb_ip_offsets.hdb_lb
))
)
diff --git a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/outputs.tf b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/outputs.tf
index c9f31af7ff..d28830b0bf 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/outputs.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/outputs.tf
@@ -189,7 +189,7 @@ output "hana_shared" {
output "application_volume_group" {
description = "Application volume group"
- value = azurerm_netapp_volume_group_sap_hana.avg_HANA
+ value = azurerm_netapp_volume_group_sap_hana.avg_HANA_full
}
@@ -245,3 +245,11 @@ output "observer_vms" {
[""]
)
}
+
+output "site_information" {
+ description = "Site information"
+ value = local.enable_deployment ? (
+ local.site_information) : (
+ null
+ )
+ }
diff --git a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/providers.tf b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/providers.tf
index 715c87cfa9..b0152df595 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/providers.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/providers.tf
@@ -3,7 +3,7 @@ terraform {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.main, azurerm.deployer, azurerm.dnsmanagement]
- version = ">= 3.54"
+ version = ">= 4.0"
}
# azapi = {
diff --git a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/variables_local.tf b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/variables_local.tf
index 0238e44b38..de326b9c1f 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/variables_local.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/variables_local.tf
@@ -428,5 +428,14 @@ locals {
observer_custom_image_id = local.enable_deployment ? local.hdb_os.source_image_id : ""
observer_os = local.enable_deployment ? local.hdb_os : null
+ site_information = flatten(
+ [
+ for idx, server_count in range(var.database_server_count) :
+ [
+ idx %2 == 0 ? "SITE1" : "SITE2"
+ ]
+ ]
+ )
+
}
diff --git a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-hdb.tf b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-hdb.tf
index e81afe012d..444624d787 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-hdb.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-hdb.tf
@@ -185,7 +185,7 @@ resource "azurerm_linux_virtual_machine" "vm_dbnode" {
admin_username = var.sid_username
admin_password = local.enable_auth_key ? null : var.sid_password
disable_password_authentication = !local.enable_auth_password
- tags = merge(var.tags, local.tags)
+ tags = merge(var.tags, local.tags, var.database.scale_out ? { "SITE" = count.index %2 == 0 ? "SITE1" : "SITE2" } : null)
patch_mode = var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
@@ -211,19 +211,12 @@ resource "azurerm_linux_virtual_machine" "vm_dbnode" {
) : null
network_interface_ids = local.enable_storage_subnet ? (
- var.options.legacy_nic_order ? (
- compact([
+ compact([
var.database_dual_nics ? azurerm_network_interface.nics_dbnodes_admin[count.index].id : null,
azurerm_network_interface.nics_dbnodes_db[count.index].id,
azurerm_network_interface.nics_dbnodes_storage[count.index].id
])
- ) : (
- compact([
- azurerm_network_interface.nics_dbnodes_db[count.index].id,
- var.database_dual_nics ? azurerm_network_interface.nics_dbnodes_admin[count.index].id : null,
- azurerm_network_interface.nics_dbnodes_storage[count.index].id
- ])
- )
+
) : (
var.database_dual_nics ? (
var.options.legacy_nic_order ? (
diff --git a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-observer.tf b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-observer.tf
index 422bc3d28a..9441c82f22 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-observer.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-observer.tf
@@ -17,7 +17,7 @@ resource "azurerm_network_interface" "observer" {
)
resource_group_name = var.resource_group[0].name
location = var.resource_group[0].location
- enable_accelerated_networking = false
+ accelerated_networking_enabled = true
tags = var.tags
ip_configuration {
diff --git a/deploy/terraform/terraform-units/modules/sap_system/output_files/ansible_inventory.tmpl b/deploy/terraform/terraform-units/modules/sap_system/output_files/ansible_inventory.tmpl
index d5232c1cbc..35fa441d58 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/output_files/ansible_inventory.tmpl
+++ b/deploy/terraform/terraform-units/modules/sap_system/output_files/ansible_inventory.tmpl
@@ -10,6 +10,10 @@ ${sid}_DB:
become_user : ${db_become_user}
os_type : ${db_os_type}
vm_name : ${db_vmnodes[idx]}
+%{~ if scale_out }
+ site : ${site[idx]}
+%{~ endif }
+
%{~ if db_connectiontype == "winrm" }
${winrm_cert_valid}
${winrm_timeout_sec}
diff --git a/deploy/terraform/terraform-units/modules/sap_system/output_files/inventory.tf b/deploy/terraform/terraform-units/modules/sap_system/output_files/inventory.tf
index 2780be48ec..95c1a5fe22 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/output_files/inventory.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/output_files/inventory.tf
@@ -6,7 +6,7 @@
resource "local_file" "ansible_inventory_new_yml" {
content = templatefile(format("%s%s", path.module, "/ansible_inventory.tmpl"), {
- ips_dbnodes = var.database_server_ips
+ ips_dbnodes = var.scale_out ? var.database_admin_ips : var.database_server_ips
dbnodes = var.platform == "HANA" ? var.naming.virtualmachine_names.HANA_COMPUTERNAME : var.naming.virtualmachine_names.ANYDB_COMPUTERNAME
db_vmnodes = var.database_server_vm_names
virt_dbnodes = var.use_secondary_ips ? (
@@ -158,6 +158,9 @@ resource "local_file" "ansible_inventory_new_yml" {
iscsi_servers = var.iSCSI_server_names
iscsi_server_list = var.iSCSI_servers
+ site = var.site_information
+ scale_out = var.scale_out
+
}
)
filename = format("%s/%s_hosts.yaml", path.cwd, var.sap_sid)
diff --git a/deploy/terraform/terraform-units/modules/sap_system/output_files/providers.tf b/deploy/terraform/terraform-units/modules/sap_system/output_files/providers.tf
index a56a9e470e..614916ff7d 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/output_files/providers.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/output_files/providers.tf
@@ -3,7 +3,7 @@ terraform {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.main, azurerm.dnsmanagement]
- version = "~> 3.3"
+ version = "~> 4.0"
}
}
}
diff --git a/deploy/terraform/terraform-units/modules/sap_system/output_files/variables_global.tf b/deploy/terraform/terraform-units/modules/sap_system/output_files/variables_global.tf
index b8bb496685..6f2e28e79f 100644
--- a/deploy/terraform/terraform-units/modules/sap_system/output_files/variables_global.tf
+++ b/deploy/terraform/terraform-units/modules/sap_system/output_files/variables_global.tf
@@ -225,3 +225,5 @@ variable "sap_cal_product_name" {
description = "Product name of SAP CAL"
default = ""
}
+
+variable "site_information" { description = "Site information" }