From f49e3d300844f2e3a9ace8846b525c88c00c6731 Mon Sep 17 00:00:00 2001 From: surajsbharadwaj Date: Thu, 23 Oct 2025 00:26:01 +0200 Subject: [PATCH 1/4] fix: upgrade tf version --- ibm_catalog.json | 416 +++++++++++------- .../deploy-arch-ibm-pvs-sap-ready-to-go.md | 16 +- .../deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md | 16 +- .../ibm-catalog/sap-ready-to-go/README.md | 2 +- .../ibm-catalog/sap-ready-to-go/variables.tf | 3 +- .../ibm-catalog/sap-s4hana-bw4hana/README.md | 14 +- .../ibm-catalog/sap-s4hana-bw4hana/main.tf | 28 +- .../sap-s4hana-bw4hana/variables.tf | 126 +++--- .../ibm-catalog/sap-s4hana-bw4hana/version.tf | 2 +- 9 files changed, 338 insertions(+), 285 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 10f7d894..ab816ba5 100755 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -36,13 +36,25 @@ "single_system" ], "short_description": "Deploy SAP systems on Power Virtual Server with VPC landing zone", - "long_description": "This deployable architecture is designed to assist you in deploying SAP ERP software landscapes into IBM Cloud on the IBM Power Virtual Server infrastructure. This is the second step in the deployment process for creating a full environment. Before starting this step, you should first deploy 'Power Virtual Server with VPC landing zone'. Once this is completed, you are prepared to start this step.\n\nSAP on Power Virtual Server creates and prepares Power Virtual Server instances for SAP HANA and SAP NetWeaver workloads. After deployment completes, you may (depending on the framework you chose) begin installing SAP on the configured instances or login to your newly created SAP instances directly.", + "long_description": "This deployable architecture is designed to assist you in deploying SAP ERP software landscapes into IBM Cloud on the IBM Power Virtual Server infrastructure.\n\nSAP on Power Virtual Server creates and prepares Power Virtual Server instances for SAP HANA and SAP NetWeaver workloads. After deployment completes, you may (depending on the framework you chose) begin installing SAP on the configured instances or login to your newly created SAP instances directly.", "offering_docs_url": "https://cloud.ibm.com/docs/sap-powervs", "offering_icon_url": "data:image/svg+xml;base64,PHN2ZyBpZD0iU0FQb25Qb3dlciIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgdmlld0JveD0iMCAwIDMyIDMyIj48ZGVmcz48bGluZWFyR3JhZGllbnQgaWQ9IjB3cG82d2txd2EiIHgxPSItMTg1NS4yMDgiIHkxPSItMjUwMi41NjMiIHgyPSItMTg1NS4yMDgiIHkyPSItMjUyMi4xNzkiIGdyYWRpZW50VHJhbnNmb3JtPSJtYXRyaXgoMS4wNiAwIDAgLS40OTEgMTk3My42NzYgLTEyMjcuMjkzKSIgZ3JhZGllbnRVbml0cz0idXNlclNwYWNlT25Vc2UiPjxzdG9wIG9mZnNldD0iMCIvPjxzdG9wIG9mZnNldD0iLjgiIHN0b3Atb3BhY2l0eT0iMCIvPjwvbGluZWFyR3JhZGllbnQ+PGxpbmVhckdyYWRpZW50IGlkPSJwODB2MGMwMnZiIiB4MT0iMzI4LjUwMiIgeTE9Ii02NzY1LjY0NyIgeDI9IjMyOC41MDIiIHkyPSItNjc4NS4yNjMiIGdyYWRpZW50VHJhbnNmb3JtPSJtYXRyaXgoMS4wNiAwIDAgLjUxNSAtMzM5Ljk2NyAzNTEzLjI1KSIgeGxpbms6aHJlZj0iIzB3cG82d2txd2EiLz48bGluZWFyR3JhZGllbnQgaWQ9ImRrMDJ3NXQweWMiIHgxPSItOTUzLjI2NiIgeTE9Ii0yODI4LjY1OSIgeDI9Ii05NTMuMjY2IiB5Mj0iLTI4MzguNTMzIiBncmFkaWVudFRyYW5zZm9ybT0ibWF0cml4KDEuMDYgMCAwIC0uNjY5IDEwMzcuMjE4IC0xODc2LjQzOSkiIHhsaW5rOmhyZWY9IiMwd3BvNndrcXdhIi8+PGxpbmVhckdyYWRpZW50IGlkPSJvbjF6NG9xNmVkIiB4MT0iLTE5MjMuMjUiIHkxPSItMjYyMC4yOSIgeDI9Ii0xOTIzLjI1IiB5Mj0iLTI2MjcuODg1IiBncmFkaWVudFRyYW5zZm9ybT0ibWF0cml4KDEuMDYgMCAwIC42NjkgMjA0OC4wOTEgMTc4Mi4zNjQpIiB4bGluazpocmVmPSIjMHdwbzZ3a3F3YSIvPjxsaW5lYXJHcmFkaWVudCBpZD0iZGw0OXc5YXdnZSIgeDE9Ii0xOTE1LjgwMiIgeTE9Ii0zMTkxLjI5NSIgeDI9Ii0xOTE1LjgwMiIgeTI9Ii0zMTk4Ljg4OSIgZ3JhZGllbnRUcmFuc2Zvcm09Im1hdHJpeCgxLjA2IDAgMCAuNjY5IDIwNDMuNDggMjE0MS4xMjgpIiB4bGluazpocmVmPSIjMHdwbzZ3a3F3YSIvPjxsaW5lYXJHcmFkaWVudCBpZD0iemI2Y3VlbnRsZyIgeDE9IjAiIHkxPSIzMiIgeDI9IjMyIiB5Mj0iMCIgZ3JhZGllbnRVbml0cz0idXNlclNwYWNlT25Vc2UiPjxzdG9wIG9mZnNldD0iLjEiIHN0b3AtY29sb3I9IiMwOGJkYmEiLz48c3RvcCBvZmZzZXQ9Ii45IiBzdG9wLWNvbG9yPSIjMGY2MmZlIi8+PC9saW5lYXJHcmFkaWVudD48bWFzayBpZD0iOG5zZ3FxYnBjZiIgeD0iMCIgeT0iMCIgd2lkdGg9IjMyIiBoZWlnaHQ9IjMyIiBtYXNrVW5pdHM9InVzZXJTcGFjZU9uVXNlIj48cGF0aCBkPSJNMTUuOTgyIDMwYy03LjcyIDAtMTQtNi4yOC0xNC0xNHM2LjI4MS0xNCAxNC0xNCAxNCA2LjI4IDE0IDE0LTYuMjggMTQtMTQgMTR6bTAtMjZjLTYuNjE3IDAtMTIgNS4zODMtMTIgMTJzNS4zODMgMTIgMTIgMTIgMTItNS4zODMgMTItMTItNS4zODMtMTItMTItMTJ6IiBzdHlsZT0iZmlsbDojZmZmIi8+PHBhdGggZD0iTTMwLjY5MSAzMC43MDhIMTEuNzI5bDMtOC43MDggMTAuNDY1LjAxMSA1LjU3Ny0uMDIxLS4wOCA4LjcxOHpNNi45ODIgMjBsLTYgNS40OTRWNi44MDdsNiA1LjAxNVYyMHpNMTYuMDAzIDFoMTQuOTk5djEzLjAzMkgxNi4wMDN6Ii8+PHBhdGggdHJhbnNmb3JtPSJyb3RhdGUoLTEzNSA3Ljk0MyA2Ljc4NykiIHN0eWxlPSJmaWxsOnVybCgjMHdwbzZ3a3F3YSkiIGQ9Ik00Ljc2NCAxLjk3aDYuMzU3djkuNjM1SDQuNzY0eiIvPjxwYXRoIHRyYW5zZm9ybT0icm90YXRlKDEzNSA4LjEwNiAyNS4zNDQpIiBzdHlsZT0iZmlsbDp1cmwoI3A4MHYwYzAydmIpIiBkPSJNNC45MjggMjAuMjk1aDYuMzU3djEwLjA5OEg0LjkyOHoiLz48cGF0aCB0cmFuc2Zvcm09InJvdGF0ZSgxODAgMjcuMTYxIDE4Ljg2MykiIHN0eWxlPSJmaWxsOnVybCgjZGswMnc1dDB5YykiIGQ9Ik0yMy45ODIgMTUuNTYxaDYuMzU3djYuNjA0aC02LjM1N3oiLz48cGF0aCB0cmFuc2Zvcm09InJvdGF0ZSgtNzAuNzkgMTAuMjYyIDI3LjE5NSkiIHN0eWxlPSJmaWxsOnVybCgjb24xejRvcTZlZCkiIGQ9Ik03LjA4NCAyNC42NTVoNi4zNTd2NS4wOEg3LjA4NHoiLz48cGF0aCBkPSJNOC45ODIgMjAuOThoLTZjLTEuMTAzIDAtMi0uODk3LTItMnYtNmMwLTEuMTAzLjg5Ny0yIDItMmg2YzEuMTAzIDAgMiAuODk3IDIgMnY2YzAgMS4xMDMtLjg5NyAyLTIgMnptLTYtOHY2aDYuMDAxdi02SDIuOTgyek0yOS4wMDIgMzFoLTEzYy0xLjEwMyAwLTItLjg5Ny0yLTJ2LTRjMC0xLjEwMy44OTctMiAyLTJoMTNjMS4xMDMgMCAyIC44OTcgMiAydjRjMCAxLjEwMy0uODk3IDItMiAyem0tMTMtNnY0aDEzLjAwMXYtNEgxNi4wMDJ6IiBzdHlsZT0iZmlsbDojZmZmIi8+PGNpcmNsZSBjeD0iMTkuMDAyIiBjeT0iMjciIHI9IjEiIHN0eWxlPSJmaWxsOiNmZmYiLz48cGF0aCB0cmFuc2Zvcm09InJvdGF0ZSgtOTAgMTMuNTQzIDQuMDMyKSIgc3R5bGU9ImZpbGw6dXJsKCNkbDQ5dzlhd2dlKSIgZD0iTTEwLjM2NCAxLjQ5Mmg2LjM1N3Y1LjA4aC02LjM1N3oiLz48L21hc2s+PC9kZWZzPjxnIHN0eWxlPSJtYXNrOnVybCgjOG5zZ3FxYnBjZikiPjxwYXRoIHN0eWxlPSJmaWxsOnVybCgjemI2Y3VlbnRsZykiIGQ9Ik0wIDBoMzJ2MzJIMHoiLz48L2c+PHBhdGggZD0iTTI1LjQ2MiAxMkgxOWExIDEgMCAwIDEtMS0xVjQuMDM1YTEgMSAwIDAgMSAuOTk3LTFsMTItLjAzNUgzMWExIDEgMCAwIDEgLjc4NCAxLjYyMWwtNS41MzggN2EuOTk4Ljk5OCAwIDAgMS0uNzg0LjM3OXpNMjAgMTBoNC45NzhsMy45NTEtNC45OTRMMjAgNS4wMzJWMTB6IiBzdHlsZT0iZmlsbDojMDAxZDZjIi8+PC9zdmc+", "features": [ { "description": "Power Virtual Server instances are created for you, containing prepared instances for SAP HANA and SAP NetWeaver.", "title": "Create Power Virtual Server instances" + }, + { + "description": "VPC services (landing zone)", + "title": "Edge VPC services are created using VSI on VPC landing zone presets." + }, + { + "description": "Power Virtual Server workspaces", + "title": "One PowerVS workspace is created by initial deployment. Additional PowerVS workspaces may be deployed as extension." + }, + { + "description": "Network management services", + "title": "Bastion host, internet proxy based on SQUID, NTP forwarder, DNS forwarder & NFS as a service." } ], "flavors": [ @@ -197,6 +209,15 @@ "key": "powervs_sap_network_cidr", "required": true }, + { + "key": "vpc_subnet_cidrs", + "required": true, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "type": "code_editor" + } + }, { "key": "ssh_public_key", "type": "multiline_secure_value", @@ -231,36 +252,35 @@ } }, { - "key": "client_to_site_vpn", - "required": true + "key": "ansible_vault_password", + "type": "multiline_secure_value", + "required": true, + "default_value": "__NULL__", + "display_name": "ansible_vault_password", + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "type": "multiline_secure_value" + } }, { "key": "sap_domain", "required": true }, { - "key": "enable_monitoring", + "key": "client_to_site_vpn", "required": true }, { - "key": "enable_scc_wp", + "key": "enable_monitoring", "required": true }, { - "key": "nfs_server_config", + "key": "enable_scc_wp", "required": true }, { - "key": "ansible_vault_password", - "type": "multiline_secure_value", - "required": true, - "default_value": "__NULL__", - "display_name": "ansible_vault_password", - "custom_config": { - "grouping": "deployment", - "original_grouping": "deployment", - "type": "multiline_secure_value" - } + "key": "nfs_server_config" }, { "key": "powervs_hana_instance_custom_storage_config", @@ -401,14 +421,6 @@ } ], "custom_config": {} - }, - { - "key": "vpc_subnet_cidrs", - "custom_config": { - "grouping": "deployment", - "original_grouping": "deployment", - "type": "code_editor" - } } ], "iam_permissions": [ @@ -433,10 +445,6 @@ ], "architecture": { "features": [ - { - "title": "Power Virtual Server with VPC landing zone Standard Variation", - "description": "Pre Requisite" - }, { "title": "SAP Solution", "description": "Not installed" @@ -448,16 +456,56 @@ { "title": "SAP Monitoring Dashboard", "description": "Not Installed" + }, + { + "title": "Number of Intel Virtual Server Instance", + "description": "2" + }, + { + "title": "Number of VPCs", + "description": "1" + }, + { + "title": "Number of Power Virtual Server Workspace", + "description": "1" + }, + { + "title": "Increases security with Key Management", + "description": "Yes" + }, + { + "title": "Internet proxy on VPC", + "description": "Proxy service to reach public internet from PowerVS Workspace" + }, + { + "title": "Additional management configurations on VPC", + "description": "NFS as service, NTP forwarder, and DNS forwarder reachable from PowerVS Workspace" + }, + { + "title": "Client to site VPN with new or existing Secrets Manager instance", + "description": "Optional" + }, + { + "title": "SCC Workload Protection instance", + "description": "Optional" + }, + { + "title": "Monitoring Instance and Monitoring Intel VSI Host", + "description": "Optional" + }, + { + "title": "Bring your own image to PowerVS", + "description": "Optional" } ], "diagrams": [ { "diagram": { "caption": "Full SAP environment provisioned on a 'Power Virtual Server with VPC landing zone'", - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-sap/refs/tags/v4.2.2/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.svg", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-sap/refs/tags/v5.0.0/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.svg", "type": "image/svg+xml" }, - "description": "'SAP ready PowerVS' variation of 'Power Virtual Server for SAP HANA' creates a basic and expandable SAP system landscape builds on the foundation of the 'Power Virtual Server with VPC landing zone'. PowerVS instances for SAP HANA and SAP NetWeaver are deployed and preconfigured for SAP installation.\n\nServices such as DNS, NTP and NFS running in VPC and provided by 'Power Virtual Server with VPC landing zone' are leveraged.\n\nThe resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management and the network connectivity configuration provided by 'Power Virtual Server with VPC landing zone'." + "description": "'SAP ready PowerVS' variation of 'Power Virtual Server for SAP HANA' creates a basic and expandable SAP system landscape builds on the foundation of the 'Power Virtual Server with VPC landing zone'. PowerVS instances for SAP HANA and SAP NetWeaver are deployed and preconfigured for SAP installation.\n\nServices such as DNS, NTP and NFS running in VPC and provided by 'Power Virtual Server with VPC landing zone' are leveraged.\n\nThe resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management and the network connectivity configuration." } ] }, @@ -473,24 +521,6 @@ "profiles": [] }, "configuration": [ - { - "key": "prefix", - "required": true, - "default_value": "" - }, - { - "key": "powervs_resource_group_name", - "required": true, - "default_value": "", - "custom_config": { - "config_constraints": { - "identifier": "rg_name" - }, - "grouping": "deployment", - "original_grouping": "deployment", - "type": "resource_group" - } - }, { "key": "powervs_zone", "type": "string", @@ -572,11 +602,54 @@ ], "custom_config": {} }, + { + "key": "powervs_resource_group_name", + "required": true, + "default_value": "", + "custom_config": { + "config_constraints": { + "identifier": "rg_name" + }, + "grouping": "deployment", + "original_grouping": "deployment", + "type": "resource_group" + } + }, + { + "key": "prefix", + "required": true, + "default_value": "" + }, + { + "key": "powervs_hana_instance_sap_profile_id", + "required": true + }, + { + "key": "powervs_netweaver_cpu_number", + "required": true + }, + { + "key": "powervs_netweaver_memory_size", + "required": true + }, { "key": "external_access_ip", "default_value": "__NULL__", "required": true }, + { + "key": "powervs_sap_network_cidr", + "required": true + }, + { + "key": "vpc_subnet_cidrs", + "required": true, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "type": "code_editor" + } + }, { "key": "ssh_public_key", "type": "multiline_secure_value", @@ -611,28 +684,45 @@ } }, { - "key": "vpc_subnet_cidrs", + "key": "ansible_vault_password", + "type": "multiline_secure_value", + "required": true, + "default_value": "__NULL__", + "display_name": "ansible_vault_password", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", - "type": "code_editor" + "type": "multiline_secure_value" } }, { - "key": "powervs_hana_instance_sap_profile_id", - "required": true - }, - { - "key": "powervs_netweaver_cpu_number", - "required": true - }, - { - "key": "powervs_netweaver_memory_size", - "required": true - }, - { - "key": "powervs_sap_network_cidr", - "required": true + "key": "sap_solution", + "type": "string", + "default_value": "", + "required": true, + "options": [ + { + "displayname": "S/4HANA 2023", + "value": "s4hana-2023" + }, + { + "displayname": "S/4HANA 2022", + "value": "s4hana-2022" + }, + { + "displayname": "S/4HANA 2021", + "value": "s4hana-2021" + }, + { + "displayname": "S/4HANA 2020", + "value": "s4hana-2020" + }, + { + "displayname": "BW/4HANA 2021", + "value": "bw4hana-2021" + } + ], + "custom_config": {} }, { "key": "ibmcloud_cos_service_credentials", @@ -655,29 +745,19 @@ } }, { - "key": "client_to_site_vpn", - "required": true - }, - { - "key": "enable_monitoring", - "required": true - }, - { - "key": "enable_scc_wp", - "required": true - }, - { - "key": "nfs_server_config", - "required": true - }, - { - "key": "powervs_hana_instance_name" - }, - { - "key": "powervs_netweaver_instance_name" + "key": "sap_hana_master_password", + "type": "multiline_secure_value", + "display_name": "sap_hana_master_password", + "required": true, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "type": "multiline_secure_value" + } }, { - "key": "powervs_hana_instance_custom_storage_config", + "key": "sap_hana_vars", + "required": true, "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -685,15 +765,19 @@ } }, { - "key": "powervs_hana_instance_additional_storage_config", + "key": "sap_swpm_master_password", + "type": "multiline_secure_value", + "display_name": "sap_swpm_master_password", + "required": true, "custom_config": { "grouping": "deployment", "original_grouping": "deployment", - "type": "code_editor" + "type": "multiline_secure_value" } }, { - "key": "powervs_netweaver_instance_storage_config", + "key": "sap_solution_vars", + "required": true, "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -701,7 +785,8 @@ } }, { - "key": "powervs_default_sap_images", + "key": "sap_monitoring_vars", + "required": true, "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -709,20 +794,34 @@ } }, { - "key": "powervs_os_registration_username" + "key": "sap_domain", + "required": true }, { - "key": "powervs_os_registration_password", - "type": "multiline_secure_value", - "display_name": "powervs_os_registration_password", + "key": "client_to_site_vpn", + "required": true + }, + { + "key": "enable_monitoring", + "required": true + }, + { + "key": "enable_scc_wp", + "required": true + }, + { + "key": "nfs_server_config" + }, + { + "key": "powervs_hana_instance_custom_storage_config", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", - "type": "multiline_secure_value" + "type": "code_editor" } }, { - "key": "powervs_custom_images", + "key": "powervs_hana_instance_additional_storage_config", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -730,7 +829,7 @@ } }, { - "key": "powervs_custom_image_cos_configuration", + "key": "powervs_netweaver_instance_storage_config", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -738,16 +837,15 @@ } }, { - "key": "powervs_custom_image_cos_service_credentials", - "type": "multiline_secure_value", + "key": "vpc_intel_images", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", - "type": "multiline_secure_value" + "type": "code_editor" } }, { - "key": "vpc_intel_images", + "key": "powervs_default_sap_images", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -755,39 +853,12 @@ } }, { - "key": "sap_solution", - "type": "string", - "default_value": "", - "required": true, - "options": [ - { - "displayname": "S/4HANA 2023", - "value": "s4hana-2023" - }, - { - "displayname": "S/4HANA 2022", - "value": "s4hana-2022" - }, - { - "displayname": "S/4HANA 2021", - "value": "s4hana-2021" - }, - { - "displayname": "S/4HANA 2020", - "value": "s4hana-2020" - }, - { - "displayname": "BW/4HANA 2021", - "value": "bw4hana-2021" - } - ], - "custom_config": {} + "key": "powervs_os_registration_username" }, { - "key": "sap_hana_master_password", + "key": "powervs_os_registration_password", "type": "multiline_secure_value", - "display_name": "sap_hana_master_password", - "required": true, + "display_name": "powervs_os_registration_password", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -795,8 +866,7 @@ } }, { - "key": "sap_hana_vars", - "required": true, + "key": "powervs_custom_images", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -804,19 +874,7 @@ } }, { - "key": "sap_swpm_master_password", - "type": "multiline_secure_value", - "display_name": "sap_swpm_master_password", - "required": true, - "custom_config": { - "grouping": "deployment", - "original_grouping": "deployment", - "type": "multiline_secure_value" - } - }, - { - "key": "sap_solution_vars", - "required": true, + "key": "powervs_custom_image_cos_configuration", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", @@ -824,18 +882,14 @@ } }, { - "key": "sap_monitoring_vars", - "required": true, + "key": "powervs_custom_image_cos_service_credentials", + "type": "multiline_secure_value", "custom_config": { "grouping": "deployment", "original_grouping": "deployment", - "type": "code_editor" + "type": "multiline_secure_value" } }, - { - "key": "sap_domain", - "required": true - }, { "key": "tags", "custom_config": { @@ -897,26 +951,10 @@ } ], "custom_config": {} - }, - { - "key": "ansible_vault_password", - "type": "multiline_secure_value", - "required": true, - "default_value": "__NULL__", - "display_name": "ansible_vault_password", - "custom_config": { - "grouping": "deployment", - "original_grouping": "deployment", - "type": "multiline_secure_value" - } } ], "architecture": { "features": [ - { - "title": "VPC and PowerVS are created along with network management services such as Bastion host, internet proxy based on SQUID, NTP forwarder, DNS forwarder, and NFS as a service.", - "description": "Installed: VPC and powerVS with network management services" - }, { "title": "SAP Solution", "description": "Installed: SAP S/4HANA or BW/4HANA" @@ -928,6 +966,46 @@ { "title": "SAP Monitoring Dashboard", "description": "Installed and enabled" + }, + { + "title": "Number of Intel Virtual Server Instance", + "description": "2" + }, + { + "title": "Number of VPCs", + "description": "1" + }, + { + "title": "Number of Power Virtual Server Workspace", + "description": "1" + }, + { + "title": "Increases security with Key Management", + "description": "Yes" + }, + { + "title": "Internet proxy on VPC", + "description": "Proxy service to reach public internet from PowerVS Workspace" + }, + { + "title": "Additional management configurations on VPC", + "description": "NFS as service, NTP forwarder, and DNS forwarder reachable from PowerVS Workspace" + }, + { + "title": "Client to site VPN with new or existing Secrets Manager instance", + "description": "Optional" + }, + { + "title": "SCC Workload Protection instance", + "description": "Optional" + }, + { + "title": "Monitoring Instance and Monitoring Intel VSI Host", + "description": "Optional" + }, + { + "title": "Bring your own image to PowerVS", + "description": "Optional" } ], "diagrams": [ @@ -937,7 +1015,7 @@ "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-sap/refs/tags/v5.0.0/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.svg", "type": "image/svg+xml" }, - "description": "'SAP S/4HANA or BW/4HANA' variation of 'Power Virtual Server for SAP HANA' creates a basic and expandable SAP system landscape builds on the foundation of 'Power Virtual Server with VPC landing zone'. PowerVS instances for SAP HANA and SAP NetWeaver are deployed and preconfigured for SAP installation. S/4HANA or BW/4HANA solution is installed based on selected version. \n\nServices such as DNS, NTP and NFS running in VPC and provided by 'Power Virtual Server with VPC landing zone' are leveraged.\n\nThe resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management and the network connectivity configuration provided by the 'Power Virtual Server with VPC landing zone'. Additionally if a Monitoring Instance was configured in the 'Power Virtual Server with VPC landing zone' deployment, this solution will then install and enable SAP monitoring Dashboard." + "description": "'SAP S/4HANA or BW/4HANA' variation of 'Power Virtual Server for SAP HANA' creates a basic and expandable SAP system landscape builds on the foundation of 'Power Virtual Server with VPC landing zone'. PowerVS instances for SAP HANA and SAP NetWeaver are deployed and preconfigured for SAP installation. S/4HANA or BW/4HANA solution is installed based on selected version. \n\nServices such as DNS, NTP and NFS runs in VPC.\n\nThe resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management and the network connectivity configuration. Additionally if a Monitoring Instance is enabled, this solution will then install and enable SAP monitoring Dashboard if binaries are provided." } ] }, diff --git a/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md b/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md index 8493de93..d114b073 100644 --- a/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md +++ b/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md @@ -2,7 +2,7 @@ copyright: years: 2024, 2025 -lastupdated: "2025-09-05" +lastupdated: "2025-25-10" keywords: subcollection: deployable-reference-architectures authors: @@ -18,17 +18,11 @@ use-case: ITServiceManagement industry: Technology compliance: SAPCertified content-type: reference-architecture -version: v4.2.2 +version: v5.0.0 related_links: - title: 'SAP in IBM Cloud documentation' url: 'https://cloud.ibm.com/docs/sap' description: 'SAP in IBM Cloud documentation.' - - title: 'Reference architecture for "Power Virtual Server with VPC landing zone" as full stack deployment' - url: 'https://cloud.ibm.com/docs/deployable-reference-architectures?topic=deployable-reference-architectures-deploy-arch-ibm-pvs-inf-full-stack' - description: 'Reference architecture for "Power Virtual Server with VPC landing zone" as full stack deployment' - - title: 'Reference architecture for "Power Virtual Server with VPC landing zone" as extension of existing deployment' - url: 'https://cloud.ibm.com/docs/deployable-reference-architectures?topic=deployable-reference-architectures-deploy-arch-ibm-pvs-inf-extension' - description: 'Reference architecture for "Power Virtual Server with VPC landing zone" as extension of existing deployment' --- @@ -40,15 +34,15 @@ related_links: {: toc-industry="Technology"} {: toc-use-case="ITServiceManagement"} {: toc-compliance="SAPCertified"} -{: toc-version="v4.2.2"} +{: toc-version="v5.0.0"} The SAP-ready PowerVS variation of the Power Virtual Server for SAP HANA creates a basic and expandable SAP system landscape. The variation builds on the foundation of the VPC landing zone and Power Virtual Server with VPC landing zone. PowerVS instances for SAP HANA and SAP NetWeaver are deployed and pre-configured for SAP installation. -Services such as DNS, NTP, and NFS running in VPC and provided by Power Virtual Server with VPC landing zone are leveraged. +Services such as DNS, NTP, and NFS runs in VPC. The transit gateway provides the network bridge between the IBM Power infrastructure and the IBM Cloud® VPC and public internet. -The resulting SAP landscape leverages services such as Activity Tracker, Cloud Object Storage, Key Management from the VPC landing zone and the network connectivity configuration provided by Power Virtual Server with VPC landing zone. Additionally, it will also setup SCC Workload Protection if the feature was enabled during the landing zone deployment. +The resulting SAP landscape leverages services such as Activity Tracker, Cloud Object Storage, Key Management from the VPC landing zone and the network connectivity configuration. Additionally, it will also setup SCC Workload Protection if the feature was enabled during the landing zone deployment. ## Architecture diagram {: #sap-ready-to-go-architecture-diagram} diff --git a/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md b/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md index b9186ea8..9cf4e62a 100644 --- a/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md +++ b/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md @@ -2,7 +2,7 @@ copyright: years: 2024, 2025 -lastupdated: "2025-09-05" +lastupdated: "2025-25-10" keywords: subcollection: deployable-reference-architectures authors: @@ -18,17 +18,11 @@ use-case: ITServiceManagement industry: Technology compliance: SAPCertified content-type: reference-architecture -version: v4.2.2 +version: v5.0.0 related_links: - title: 'SAP in IBM Cloud documentation' url: 'https://cloud.ibm.com/docs/sap' description: 'SAP in IBM Cloud documentation.' - - title: 'Reference architecture for "Power Virtual Server with VPC landing zone" as full stack deployment' - url: 'https://cloud.ibm.com/docs/deployable-reference-architectures?topic=deployable-reference-architectures-deploy-arch-ibm-pvs-inf-full-stack' - description: 'Reference architecture for "Power Virtual Server with VPC landing zone" as full stack deployment' - - title: 'Reference architecture for "Power Virtual Server with VPC landing zone" as extension of existing deployment' - url: 'https://cloud.ibm.com/docs/deployable-reference-architectures?topic=deployable-reference-architectures-deploy-arch-ibm-pvs-inf-extension' - description: 'Reference architecture for "Power Virtual Server with VPC landing zone" as extension of existing deployment' --- @@ -40,15 +34,15 @@ related_links: {: toc-industry="Technology"} {: toc-use-case="ITServiceManagement"} {: toc-compliance="SAPCertified"} -{: toc-version="v4.2.2"} +{: toc-version="v5.0.0"} 'SAP S/4HANA or BW/4HANA' variation of 'Power Virtual Server for SAP HANA' creates a basic and expandable SAP system landscape built on the foundation of 'Power Virtual Server with VPC landing zone'. PowerVS instances for SAP HANA and SAP NetWeaver are deployed and pre-configured for SAP installation. The S/4HANA or BW/4HANA solution is installed based on the selected version. -Services such as DNS, NTP, and NFS running in VPC and provided by Power Virtual Server with VPC landing zone are leveraged. +Services such as DNS, NTP, and NFS runs in VPC. Transit gateway connections provide the network bridge between the IBM Power infrastructure and the IBM Cloud® VPC and public internet. -The resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management from the VPC landing zone and the network connectivity configuration provided by Power Virtual Server with VPC landing zone. Additionally, it will also setup Monitoring and SCC Workload Protection if the features were enabled during the landing zone deployment. +The resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management from the VPC landing zone and the network connectivity configuration. Additionally, it will also setup Monitoring and SCC Workload Protection if the features were enabled during the landing zone deployment. ## Architecture diagram {: #sap-s4hana-bw4hana-architecture-diagram} diff --git a/solutions/ibm-catalog/sap-ready-to-go/README.md b/solutions/ibm-catalog/sap-ready-to-go/README.md index 76e5609f..13ba8c9f 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/README.md +++ b/solutions/ibm-catalog/sap-ready-to-go/README.md @@ -118,7 +118,7 @@ | [sm\_service\_plan](#input\_sm\_service\_plan) | The service/pricing plan to use when provisioning a new Secrets Manager instance. Allowed values: `standard` and `trial`. Only used if `existing_sm_instance_guid` is set to null. | `string` | `"standard"` | no | | [ssh\_private\_key](#input\_ssh\_private\_key) | Private SSH key (RSA format) used to login to IBM PowerVS instances. Should match to uploaded public SSH key referenced by 'ssh\_public\_key' which was created previously. The key is temporarily stored and deleted. For more information about SSH keys, see [SSH keys](https://cloud.ibm.com/docs/vpc?topic=vpc-ssh-keys). | `string` | n/a | yes | | [ssh\_public\_key](#input\_ssh\_public\_key) | Public SSH Key for VSI creation. Must be an RSA key with a key size of either 2048 bits or 4096 bits (recommended). Must be a valid SSH key that does not already exist in the deployment region. | `string` | n/a | yes | -| [tags](#input\_tags) | List of tag names for the IBM Cloud PowerVS workspace | `list(string)` | `[]` | no | +| [tags](#input\_tags) | List of tag names for the IBM Cloud resources created. | `list(string)` | `[]` | no | | [vpc\_intel\_images](#input\_vpc\_intel\_images) | Stock OS image names for creating VPC landing zone VSI instances: RHEL (management and network services) and SLES (monitoring). | 
object({
    rhel_image = string
    sles_image = string
  })
| 
{
  "rhel_image": "ibm-redhat-9-6-amd64-sap-applications-1",
  "sles_image": "ibm-sles-15-7-amd64-sap-applications-1"
}
| no | | [vpc\_subnet\_cidrs](#input\_vpc\_subnet\_cidrs) | CIDR values for the VPC subnets to be created. It's customer responsibility that none of the defined networks collide, including the PowerVS subnets and VPN client pool. | 
object({
    vpn  = string
    mgmt = string
    vpe  = string
    edge = string
  })
| 
{
  "edge": "10.30.40.0/24",
  "mgmt": "10.30.20.0/24",
  "vpe": "10.30.30.0/24",
  "vpn": "10.30.10.0/24"
}
| no | diff --git a/solutions/ibm-catalog/sap-ready-to-go/variables.tf b/solutions/ibm-catalog/sap-ready-to-go/variables.tf index 4b1efb70..85735609 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/variables.tf +++ b/solutions/ibm-catalog/sap-ready-to-go/variables.tf @@ -180,6 +180,7 @@ variable "nfs_server_config" { ##################################################### # Parameters for Image ##################################################### + variable "vpc_intel_images" { description = "Stock OS image names for creating VPC landing zone VSI instances: RHEL (management and network services) and SLES (monitoring)." type = object({ @@ -350,7 +351,7 @@ variable "ansible_vault_password" { } variable "tags" { - description = "List of tag names for the IBM Cloud PowerVS workspace" + description = "List of tag names for the IBM Cloud resources created." type = list(string) default = [] } diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md b/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md index 8ca32ba9..25470b30 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md @@ -106,7 +106,7 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.9.0 | -| [ibm](#requirement\_ibm) | 1.83.3 | +| [ibm](#requirement\_ibm) | 1.84.1 | | [restapi](#requirement\_restapi) | 2.0.1 | ### Modules @@ -126,9 +126,9 @@ | Name | Type | |------|------| -| [ibm_iam_auth_token.auth_token](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.83.3/docs/data-sources/iam_auth_token) | data source | -| [ibm_pi_catalog_images.catalog_images_ds](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.83.3/docs/data-sources/pi_catalog_images) | data source | -| [ibm_pi_image.custom_images](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.83.3/docs/data-sources/pi_image) | data source | +| [ibm_iam_auth_token.auth_token](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.84.1/docs/data-sources/iam_auth_token) | data source | +| [ibm_pi_catalog_images.catalog_images_ds](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.84.1/docs/data-sources/pi_catalog_images) | data source | +| [ibm_pi_image.custom_images](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.84.1/docs/data-sources/pi_image) | data source | ### Inputs @@ -150,11 +150,9 @@ | [powervs\_custom\_images](#input\_powervs\_custom\_images) | Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs\_custom\_image\_cos\_configuration' to be set. image\_name: string, must be unique. Name of image inside PowerVS workspace. file\_name: string, object key of image inside COS bucket. storage\_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap\_type: optional string, Supported values: null, Hana, Netweaver, use null for non-SAP image. | 
object({
    powervs_custom_image1 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    }),
    powervs_custom_image2 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    }),
    powervs_custom_image3 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    })
  })
| 
{
  "powervs_custom_image1": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  },
  "powervs_custom_image2": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  },
  "powervs_custom_image3": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  }
}
| no | | [powervs\_default\_sap\_images](#input\_powervs\_default\_sap\_images) | Default Red Hat Linux Full Linux subscription images to use for PowerVS SAP HANA and SAP NetWeaver instances. If you're using a byol or a custom RHEL image, additionally specify the optional values for 'powervs\_os\_registration\_username', 'powervs\_os\_registration\_password' and 'ansible\_vault\_password' | 
object({
    rhel_hana_image = string
    rhel_nw_image   = string
  })
| 
{
  "rhel_hana_image": "RHEL9-SP4-SAP",
  "rhel_nw_image": "RHEL9-SP4-SAP-NETWEAVER"
}
| no | | [powervs\_hana\_instance\_additional\_storage\_config](#input\_powervs\_hana\_instance\_additional\_storage\_config) | Additional File systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | 
list(object({
    name  = string
    size  = string
    count = string
    tier  = string
    mount = string
  }))
| 
[
  {
    "count": "1",
    "mount": "/usr/sap",
    "name": "usrsap",
    "size": "50",
    "tier": "tier3"
  }
]
| no | -| [powervs\_hana\_instance\_custom\_storage\_config](#input\_powervs\_hana\_instance\_custom\_storage\_config) | Custom file systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | 
list(object({
    name  = string
    size  = string
    count = string
    tier  = string
    mount = string
    pool  = optional(string)
  }))
| 
[
  {
    "count": "",
    "mount": "",
    "name": "",
    "size": "",
    "tier": ""
  }
]
| no | -| [powervs\_hana\_instance\_name](#input\_powervs\_hana\_instance\_name) | PowerVS SAP HANA instance hostname (non FQDN). Will get the form of -. Max length of final hostname must be <= 13 characters. | `string` | `"hana"` | no | +| [powervs\_hana\_instance\_custom\_storage\_config](#input\_powervs\_hana\_instance\_custom\_storage\_config) | Custom file systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. If not specified, volumes for '/hana/data', '/hana/log', '/hana/shared' are automatically calculated and created. | 
list(object({
    name  = string
    size  = string
    count = string
    tier  = string
    mount = string
    pool  = optional(string)
  }))
| 
[
  {
    "count": "",
    "mount": "",
    "name": "",
    "size": "",
    "tier": ""
  }
]
| no | | [powervs\_hana\_instance\_sap\_profile\_id](#input\_powervs\_hana\_instance\_sap\_profile\_id) | PowerVS SAP HANA instance profile to use. Must be one of the supported profiles. See [here](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-power-vs). File system sizes are automatically calculated. Override automatic calculation by setting values in optional parameter 'powervs\_hana\_instance\_custom\_storage\_config'. | `string` | `"sh2-4x256"` | no | | [powervs\_netweaver\_cpu\_number](#input\_powervs\_netweaver\_cpu\_number) | Number of CPUs for PowerVS SAP NetWeaver instance. | `string` | `"3"` | no | -| [powervs\_netweaver\_instance\_name](#input\_powervs\_netweaver\_instance\_name) | PowerVS SAP NetWeaver instance hostname (non FQDN). Will get the form of --. Max length of final hostname must be <= 13 characters. | `string` | `"nw"` | no | | [powervs\_netweaver\_instance\_storage\_config](#input\_powervs\_netweaver\_instance\_storage\_config) | File systems to be created and attached to PowerVS SAP NetWeaver instance. 'size' is in GB. 'count' specifies over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | 
list(object({
    name  = string
    size  = string
    count = string
    tier  = string
    mount = string
    pool  = optional(string)
  }))
| 
[
  {
    "count": "1",
    "mount": "/usr/sap",
    "name": "usrsap",
    "size": "50",
    "tier": "tier3"
  }
]
| no | | [powervs\_netweaver\_memory\_size](#input\_powervs\_netweaver\_memory\_size) | Memory size for PowerVS SAP NetWeaver instance. | `string` | `"32"` | no | | [powervs\_os\_registration\_password](#input\_powervs\_os\_registration\_password) | If you're using a byol or a custom RHEL image for SAP HANA and Netweaver you need to provide your OS registration credentials here. Leave empty if you're using an IBM provided subscription (FLS). | `string` | `""` | no | @@ -173,7 +171,7 @@ | [sm\_service\_plan](#input\_sm\_service\_plan) | The service/pricing plan to use when provisioning a new Secrets Manager instance. Allowed values: `standard` and `trial`. Only used if `existing_sm_instance_guid` is set to null. | `string` | `"standard"` | no | | [ssh\_private\_key](#input\_ssh\_private\_key) | Private SSH key (RSA format) used to login to IBM PowerVS instances. Should match to uploaded public SSH key referenced by 'ssh\_public\_key' which was created previously. The key is temporarily stored and deleted. For more information about SSH keys, see [SSH keys](https://cloud.ibm.com/docs/vpc?topic=vpc-ssh-keys). | `string` | n/a | yes | | [ssh\_public\_key](#input\_ssh\_public\_key) | Public SSH Key for VSI creation. Must be an RSA key with a key size of either 2048 bits or 4096 bits (recommended). Must be a valid SSH key that does not already exist in the deployment region. | `string` | n/a | yes | -| [tags](#input\_tags) | List of tag names for the IBM Cloud PowerVS workspace | `list(string)` | `[]` | no | +| [tags](#input\_tags) | List of tag names for the IBM Cloud resources created. | `list(string)` | `[]` | no | | [vpc\_intel\_images](#input\_vpc\_intel\_images) | Stock OS image names for creating VPC landing zone VSI instances: RHEL (management and network services) and SLES (monitoring). | 
object({
    rhel_image = string
    sles_image = string
  })
| 
{
  "rhel_image": "ibm-redhat-9-6-amd64-sap-applications-1",
  "sles_image": "ibm-sles-15-7-amd64-sap-applications-1"
}
| no | | [vpc\_subnet\_cidrs](#input\_vpc\_subnet\_cidrs) | CIDR values for the VPC subnets to be created. It's customer responsibility that none of the defined networks collide, including the PowerVS subnets and VPN client pool. | 
object({
    vpn  = string
    mgmt = string
    vpe  = string
    edge = string
  })
| 
{
  "edge": "10.30.40.0/24",
  "mgmt": "10.30.20.0/24",
  "vpe": "10.30.30.0/24",
  "vpn": "10.30.10.0/24"
}
| no | diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf b/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf index 7354f745..8f41e37d 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf @@ -114,9 +114,9 @@ locals { } module "ibmcloud_cos_download_hana_binaries" { - source = "../../../modules/ibmcloud-cos" - depends_on = [module.standard] - count = module.standard.network_services_config.nfs.enable ? 1 : 0 + source = "../../../modules/ibmcloud-cos" + depends_on = [module.standard] + access_host_or_ip = module.standard.access_host_or_ip target_server_ip = module.standard.ansible_host_or_ip ssh_private_key = var.ssh_private_key @@ -124,8 +124,7 @@ module "ibmcloud_cos_download_hana_binaries" { } module "ibmcloud_cos_download_netweaver_binaries" { - source = "../../../modules/ibmcloud-cos" - + source = "../../../modules/ibmcloud-cos" depends_on = [module.ibmcloud_cos_download_hana_binaries] access_host_or_ip = module.standard.access_host_or_ip @@ -175,14 +174,14 @@ module "ansible_sap_install_hana" { ansible_vault_password = var.ansible_vault_password src_script_template_name = "hanadb/install_hana.sh.tftpl" - dst_script_file_name = "${var.prefix}-${var.powervs_hana_instance_name}_install_hana.sh" + dst_script_file_name = "${var.prefix}-${local.powervs_hana_instance.name}_install_hana.sh" src_playbook_template_name = "hanadb/playbook-sap-hana-install.yml.tftpl" - dst_playbook_file_name = "${var.prefix}-${var.powervs_hana_instance_name}-playbook-sap-hana-install.yml" + dst_playbook_file_name = "${var.prefix}-${local.powervs_hana_instance.name}-playbook-sap-hana-install.yml" playbook_template_vars = local.ansible_sap_hana_playbook_vars src_inventory_template_name = "pi-instance-inventory.tftpl" - dst_inventory_file_name = "${var.prefix}-${var.powervs_hana_instance_name}-instance-inventory" + dst_inventory_file_name = "${var.prefix}-${local.powervs_hana_instance.name}-instance-inventory" inventory_template_vars = { "pi_instance_management_ip" : module.sap_system.pi_hana_instance_management_ip } } @@ -205,9 +204,9 @@ locals { sap_install_media_detect_directory = "${var.nfs_server_config.mount_path}/${var.ibmcloud_cos_configuration.cos_solution_software_path}" sap_swpm_mp_stack_file_name = var.ibmcloud_cos_configuration.cos_swpm_mp_stack_file_name sap_swpm_master_password = var.sap_swpm_master_password - sap_swpm_ascs_instance_hostname = "${var.prefix}-${var.powervs_netweaver_instance_name}-1" + sap_swpm_ascs_instance_hostname = "${var.prefix}-${local.powervs_netweaver_instance.name}-1" sap_domain = var.sap_domain - sap_swpm_db_host = "${var.prefix}-${var.powervs_hana_instance_name}" + sap_swpm_db_host = "${var.prefix}-${local.powervs_hana_instance.name}" sap_swpm_db_ip = module.sap_system.pi_hana_instance_management_ip sap_swpm_db_sid = var.sap_hana_vars.sap_hana_install_sid sap_swpm_db_instance_nr = var.sap_hana_vars.sap_hana_install_number @@ -228,14 +227,14 @@ module "ansible_sap_install_solution" { ansible_vault_password = var.ansible_vault_password src_script_template_name = "s4hanab4hana-solution/install_swpm.sh.tftpl" - dst_script_file_name = "${var.prefix}-${var.powervs_netweaver_instance_name}_install_swpm.sh" + dst_script_file_name = "${var.prefix}-${local.powervs_netweaver_instance.name}_install_swpm.sh" src_playbook_template_name = "s4hanab4hana-solution/playbook-sap-swpm-install.yml.tftpl" - dst_playbook_file_name = "${var.prefix}-${var.powervs_netweaver_instance_name}-playbook-sap-swpm-install.yml" + dst_playbook_file_name = "${var.prefix}-${local.powervs_netweaver_instance.name}-playbook-sap-swpm-install.yml" playbook_template_vars = local.ansible_sap_solution_playbook_vars src_inventory_template_name = "pi-instance-inventory.tftpl" - dst_inventory_file_name = "${var.prefix}-${var.powervs_netweaver_instance_name}-instance-inventory" + dst_inventory_file_name = "${var.prefix}-${local.powervs_netweaver_instance.name}-instance-inventory" inventory_template_vars = { "pi_instance_management_ip" : module.sap_system.pi_netweaver_instance_management_ips } } @@ -272,10 +271,9 @@ locals { module "ansible_monitoring_sap_install_solution" { - source = "../../../modules/ansible" - depends_on = [module.ibmcloud_cos_download_monitoring_binaries, module.ansible_sap_install_hana, module.ansible_sap_install_solution] count = local.monitoring_instance.enable ? 1 : 0 + depends_on = [module.ibmcloud_cos_download_monitoring_binaries, module.ansible_sap_install_hana, module.ansible_sap_install_solution] bastion_host_ip = module.standard.access_host_or_ip ansible_host_or_ip = module.standard.ansible_host_or_ip diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/variables.tf b/solutions/ibm-catalog/sap-s4hana-bw4hana/variables.tf index 11e6eabb..d8722e67 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/variables.tf +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/variables.tf @@ -43,12 +43,6 @@ variable "external_access_ip" { # PowerVS HANA Instance parameters ##################################################### -variable "powervs_hana_instance_name" { - description = "PowerVS SAP HANA instance hostname (non FQDN). Will get the form of -. Max length of final hostname must be <= 13 characters." - type = string - default = "hana" -} - variable "powervs_hana_instance_sap_profile_id" { description = "PowerVS SAP HANA instance profile to use. Must be one of the supported profiles. See [here](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-power-vs). File system sizes are automatically calculated. Override automatic calculation by setting values in optional parameter 'powervs_hana_instance_custom_storage_config'." type = string @@ -56,7 +50,7 @@ variable "powervs_hana_instance_sap_profile_id" { } variable "powervs_hana_instance_custom_storage_config" { - description = "Custom file systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS." + description = "Custom file systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. If not specified, volumes for '/hana/data', '/hana/log', '/hana/shared' are automatically calculated and created." type = list(object({ name = string size = string @@ -97,12 +91,6 @@ variable "powervs_hana_instance_additional_storage_config" { # PowerVS NetWeaver Instance parameters ##################################################### -variable "powervs_netweaver_instance_name" { - description = "PowerVS SAP NetWeaver instance hostname (non FQDN). Will get the form of --. Max length of final hostname must be <= 13 characters." - type = string - default = "nw" -} - variable "powervs_netweaver_cpu_number" { description = "Number of CPUs for PowerVS SAP NetWeaver instance." type = string @@ -151,6 +139,12 @@ variable "ssh_private_key" { sensitive = true } +variable "sap_domain" { + description = "SAP network domain name." + type = string + default = "sap.com" +} + variable "nfs_server_config" { description = "Configuration for the NFS server. 'size' is in GB, 'iops' is maximum input/output operation performance bandwidth per second, 'mount_path' defines the target mount point on os. Set 'configure_nfs_server' to false to ignore creating file storage share." type = object({ @@ -166,12 +160,6 @@ variable "nfs_server_config" { } } -variable "sap_domain" { - description = "SAP network domain name." - type = string - default = "sap.com" -} - ##################################################### # Parameters for Image ##################################################### @@ -187,6 +175,7 @@ variable "vpc_intel_images" { "sles_image" : "ibm-sles-15-7-amd64-sap-applications-1" } } + variable "powervs_default_sap_images" { description = "Default Red Hat Linux Full Linux subscription images to use for PowerVS SAP HANA and SAP NetWeaver instances. If you're using a byol or a custom RHEL image, additionally specify the optional values for 'powervs_os_registration_username', 'powervs_os_registration_password' and 'ansible_vault_password'" type = object({ @@ -279,54 +268,6 @@ variable "powervs_custom_image_cos_service_credentials" { default = null } - -##################################################### -# Optional Parameters VPN and Secrets Manager -##################################################### - -variable "client_to_site_vpn" { - description = "VPN configuration - the client ip pool and list of users email ids to access the environment. If enabled, then a Secret Manager instance is also provisioned with certificates generated. See optional parameters to reuse an existing Secrets manager instance." - type = object({ - enable = bool - client_ip_pool = string - vpn_client_access_group_users = list(string) - }) - - default = { - "enable" : true, - "client_ip_pool" : "192.168.0.0/16", - "vpn_client_access_group_users" : [] - } -} - -variable "sm_service_plan" { - type = string - description = "The service/pricing plan to use when provisioning a new Secrets Manager instance. Allowed values: `standard` and `trial`. Only used if `existing_sm_instance_guid` is set to null." - default = "standard" -} - -variable "existing_sm_instance_guid" { - type = string - description = "An existing Secrets Manager GUID. If not provided a new instance will be provisioned." - default = null -} - -variable "existing_sm_instance_region" { - type = string - description = "Required if value is passed into `var.existing_sm_instance_guid`." - default = null - -} - -################################################# -# Parameters SCC Workload Protection -################################################# - -variable "enable_scc_wp" { - description = "Set to true to enable SCC Workload Protection and install and configure the SCC Workload Protection agent on all VSIs and PowerVS instances in this deployment." - type = bool -} - ##################################################### # Parameters for SAP Installation ##################################################### @@ -405,6 +346,7 @@ variable "sap_hana_vars" { error_message = "HANA (sap_hana_install_number), ASCS (sap_swpm_ascs_instance_nr), and PAS (sap_swpm_pas_instance_nr) instance numbers must not be the same." } } + variable "sap_swpm_master_password" { description = "SAP SWPM master password." type = string @@ -436,6 +378,44 @@ variable "sap_solution_vars" { } } +##################################################### +# Optional Parameters VPN and Secrets Manager +##################################################### + +variable "client_to_site_vpn" { + description = "VPN configuration - the client ip pool and list of users email ids to access the environment. If enabled, then a Secret Manager instance is also provisioned with certificates generated. See optional parameters to reuse an existing Secrets manager instance." + type = object({ + enable = bool + client_ip_pool = string + vpn_client_access_group_users = list(string) + }) + + default = { + "enable" : true, + "client_ip_pool" : "192.168.0.0/16", + "vpn_client_access_group_users" : [] + } +} + +variable "sm_service_plan" { + type = string + description = "The service/pricing plan to use when provisioning a new Secrets Manager instance. Allowed values: `standard` and `trial`. Only used if `existing_sm_instance_guid` is set to null." + default = "standard" +} + +variable "existing_sm_instance_guid" { + type = string + description = "An existing Secrets Manager GUID. If not provided a new instance will be provisioned." + default = null +} + +variable "existing_sm_instance_region" { + type = string + description = "Required if value is passed into `var.existing_sm_instance_guid`." + default = null + +} + ##################################################### # Parameters for Monitoring ##################################################### @@ -462,6 +442,16 @@ variable "sap_monitoring_vars" { error_message = "sap_monitoring_nr should be a 2-digit number between 00 and 99. or empty" } } + +################################################# +# Parameters SCC Workload Protection +################################################# + +variable "enable_scc_wp" { + description = "Set to true to enable SCC Workload Protection and install and configure the SCC Workload Protection agent on all VSIs and PowerVS instances in this deployment." + type = bool +} + ##################################################### # Other Parameters ##################################################### @@ -477,7 +467,7 @@ variable "ansible_vault_password" { } variable "tags" { - description = "List of tag names for the IBM Cloud PowerVS workspace" + description = "List of tag names for the IBM Cloud resources created." type = list(string) default = [] } diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/version.tf b/solutions/ibm-catalog/sap-s4hana-bw4hana/version.tf index d753a02a..8173ec85 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/version.tf +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/version.tf @@ -7,7 +7,7 @@ terraform { required_providers { ibm = { source = "IBM-Cloud/ibm" - version = "1.83.3" + version = "1.84.1" } restapi = { source = "Mastercard/restapi" From 58733d0326ae11b764f66e0a59ad4e1440a9549b Mon Sep 17 00:00:00 2001 From: surajsbharadwaj Date: Thu, 23 Oct 2025 21:54:46 +0200 Subject: [PATCH 2/4] fix: custom image usage --- ibm_catalog.json | 18 ++- .../ibm-catalog/sap-ready-to-go/README.md | 4 +- .../catalogValidationValues.json.template | 2 +- .../ibm-catalog/sap-ready-to-go/images.tf | 142 +++++++++++++----- solutions/ibm-catalog/sap-ready-to-go/main.tf | 37 +++-- .../ibm-catalog/sap-ready-to-go/variables.tf | 18 +-- .../ibm-catalog/sap-s4hana-bw4hana/README.md | 4 +- .../ibm-catalog/sap-s4hana-bw4hana/images.tf | 134 ++++++++++++----- .../ibm-catalog/sap-s4hana-bw4hana/main.tf | 37 +++-- .../sap-s4hana-bw4hana/variables.tf | 21 +-- 10 files changed, 268 insertions(+), 149 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index ab816ba5..953a96a5 100755 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -64,8 +64,13 @@ "install_type": "fullstack", "working_directory": "solutions/ibm-catalog/sap-ready-to-go", "compliance": { - "authority": "", - "profiles": [] + "authority": "scc-v3", + "profiles": [ + { + "profile_name": "IBM Cloud Framework for Financial Services", + "profile_version": "1.7.0" + } + ] }, "configuration": [ { @@ -517,8 +522,13 @@ "install_type": "fullstack", "working_directory": "solutions/ibm-catalog/sap-s4hana-bw4hana", "compliance": { - "authority": "", - "profiles": [] + "authority": "scc-v3", + "profiles": [ + { + "profile_name": "IBM Cloud Framework for Financial Services", + "profile_version": "1.7.0" + } + ] }, "configuration": [ { diff --git a/solutions/ibm-catalog/sap-ready-to-go/README.md b/solutions/ibm-catalog/sap-ready-to-go/README.md index 13ba8c9f..ff49d1f1 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/README.md +++ b/solutions/ibm-catalog/sap-ready-to-go/README.md @@ -29,7 +29,7 @@ - Creates a new private subnet for SAP communication for the entire landscape. - Attaches the PowerVS workspace to transit gateway. - Creates an SSH key. - - Optionally imports up to three custom images from Cloud Object Storage. + - Optionally imports up to two custom images from Cloud Object Storage. - Creates and configures one PowerVS instance for SAP HANA based on best practices. @@ -99,7 +99,7 @@ | [os\_image\_distro](#input\_os\_image\_distro) | Image distribution to use for all instances(HANA, NetWeaver). OS release versions may be specified in 'powervs\_sap\_default\_images' optional parameters below. | `string` | n/a | yes | | [powervs\_custom\_image\_cos\_configuration](#input\_powervs\_custom\_image\_cos\_configuration) | Cloud Object Storage bucket containing custom PowerVS images. bucket\_name: string, name of the COS bucket. bucket\_access: string, possible values: public, private (private requires powervs\_custom\_image\_cos\_service\_credentials). bucket\_region: string, COS bucket region | 
object({
    bucket_name   = string
    bucket_access = string
    bucket_region = string
  })
| 
{
  "bucket_access": "",
  "bucket_name": "",
  "bucket_region": ""
}
| no | | [powervs\_custom\_image\_cos\_service\_credentials](#input\_powervs\_custom\_image\_cos\_service\_credentials) | Service credentials for the Cloud Object Storage bucket containing the custom PowerVS images. The bucket must have HMAC credentials enabled. Click [here](https://cloud.ibm.com/docs/cloud-object-storage?topic=cloud-object-storage-service-credentials) for a json example of a service credential. | `string` | `null` | no | -| [powervs\_custom\_images](#input\_powervs\_custom\_images) | Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs\_custom\_image\_cos\_configuration' to be set. image\_name: string, must be unique. Name of image inside PowerVS workspace. file\_name: string, object key of image inside COS bucket. storage\_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap\_type: optional string, Supported values: null, Hana, Netweaver, use null for non-SAP image. | 
object({
    powervs_custom_image1 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    }),
    powervs_custom_image2 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    }),
    powervs_custom_image3 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    })
  })
| 
{
  "powervs_custom_image1": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  },
  "powervs_custom_image2": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  },
  "powervs_custom_image3": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  }
}
| no | +| [powervs\_custom\_images](#input\_powervs\_custom\_images) | Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs\_custom\_image\_cos\_configuration' to be set. image\_name: string, must be unique. Name of image inside PowerVS workspace. file\_name: string, object key of image inside COS bucket. storage\_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap\_type: optional string, Supported values: null, Hana and Netweaver | 
object({
    powervs_custom_image1 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    }),
    powervs_custom_image2 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    })
  })
| 
{
  "powervs_custom_image1": {
    "file_name": "",
    "image_name": "",
    "sap_type": "Hana",
    "storage_tier": ""
  },
  "powervs_custom_image2": {
    "file_name": "",
    "image_name": "",
    "sap_type": "Netweaver",
    "storage_tier": ""
  }
}
| no | | [powervs\_default\_sap\_images](#input\_powervs\_default\_sap\_images) | Default SUSE and Red Hat Linux Full Linux subscription images to use for PowerVS SAP HANA and SAP NetWeaver instances. If you're using a byol or a custom RHEL/SLES image, additionally specify the optional values for 'powervs\_os\_registration\_username', 'powervs\_os\_registration\_password' and 'ansible\_vault\_password' | 
object({
    sles_hana_image = string
    sles_nw_image   = string
    rhel_hana_image = string
    rhel_nw_image   = string
  })
| 
{
  "rhel_hana_image": "RHEL9-SP4-SAP",
  "rhel_nw_image": "RHEL9-SP4-SAP-NETWEAVER",
  "sles_hana_image": "SLES15-SP6-SAP",
  "sles_nw_image": "SLES15-SP6-SAP-NETWEAVER"
}
| no | | [powervs\_hana\_instance\_additional\_storage\_config](#input\_powervs\_hana\_instance\_additional\_storage\_config) | Additional File systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | 
list(object({
    name  = string
    size  = string
    count = string
    tier  = string
    mount = string
  }))
| 
[
  {
    "count": "1",
    "mount": "/usr/sap",
    "name": "usrsap",
    "size": "50",
    "tier": "tier3"
  }
]
| no | | [powervs\_hana\_instance\_custom\_storage\_config](#input\_powervs\_hana\_instance\_custom\_storage\_config) | Custom file systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. If not specified, volumes for '/hana/data', '/hana/log', '/hana/shared' are automatically calculated and created. | 
list(object({
    name  = string
    size  = string
    count = string
    tier  = string
    mount = string
    pool  = optional(string)
  }))
| 
[
  {
    "count": "",
    "mount": "",
    "name": "",
    "size": "",
    "tier": ""
  }
]
| no | diff --git a/solutions/ibm-catalog/sap-ready-to-go/catalogValidationValues.json.template b/solutions/ibm-catalog/sap-ready-to-go/catalogValidationValues.json.template index 158bab5c..5a5ea92f 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/catalogValidationValues.json.template +++ b/solutions/ibm-catalog/sap-ready-to-go/catalogValidationValues.json.template @@ -1,6 +1,6 @@ { "prefix": "sap", - "powervs_zone": "us-south", + "powervs_zone": "dal12", "powervs_resource_group_name": "Default", "external_access_ip": "0.0.0.0/0", "os_image_distro": "RHEL", diff --git a/solutions/ibm-catalog/sap-ready-to-go/images.tf b/solutions/ibm-catalog/sap-ready-to-go/images.tf index 345fc7a2..32f3eb73 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/images.tf +++ b/solutions/ibm-catalog/sap-ready-to-go/images.tf @@ -1,58 +1,123 @@ +############################################################################### +# PowerVS Custom / Stock Image Logic +############################################################################### + locals { - powervs_custom_images = module.standard.powervs_images - selected_hana_image = var.os_image_distro == "SLES" ? var.powervs_default_sap_images.sles_hana_image : var.powervs_default_sap_images.rhel_hana_image - selected_netweaver_image = var.os_image_distro == "SLES" ? var.powervs_default_sap_images.sles_nw_image : var.powervs_default_sap_images.rhel_nw_image + # -------------------------------------------------------------------------- + # Determine how many valid custom images exist + # -------------------------------------------------------------------------- + custom_image_count = length([ + for _, img in var.powervs_custom_images : + img if length(trim(img.image_name, " ")) > 0 && length(trim(img.file_name, " ")) > 0 && length(trim(img.storage_tier, " ")) > 0 + ]) - fls_image_types = ["stock-sap-fls", "stock-sap-netweaver-fls"] + use_custom_images = local.custom_image_count > 0 - use_custom_images = ( - length(local.powervs_custom_images) > 0 && - alltrue([ - for name in [local.selected_hana_image, local.selected_netweaver_image] : ( - contains(keys(local.powervs_custom_images), name) ? - local.powervs_custom_images[name].image_vendor == "SAP" : false - ) - ]) + # -------------------------------------------------------------------------- + # Set image names + # -------------------------------------------------------------------------- + selected_hana_image = local.use_custom_images ? ( + length(trim(var.powervs_custom_images.powervs_custom_image1.image_name, " ")) > 0 ? + var.powervs_custom_images.powervs_custom_image1.image_name : + "" + ) : ( + var.os_image_distro == "SLES" ? + var.powervs_default_sap_images.sles_hana_image : + var.powervs_default_sap_images.rhel_hana_image + ) + + selected_netweaver_image = local.use_custom_images ? ( + length(trim(var.powervs_custom_images.powervs_custom_image2.image_name, " ")) > 0 ? + var.powervs_custom_images.powervs_custom_image2.image_name : + var.powervs_custom_images.powervs_custom_image1.image_name + ) : ( + var.os_image_distro == "SLES" ? + var.powervs_default_sap_images.sles_nw_image : + var.powervs_default_sap_images.rhel_nw_image ) + + fls_image_types = ["stock-sap-fls", "stock-sap-netweaver-fls"] + + } -# Stock image data (only if not using custom) -data "ibm_pi_catalog_images" "catalog_images_ds" { - count = local.use_custom_images ? 0 : 1 - provider = ibm.ibm-pi +# -------------------------------------------------------------------------- +# Custom image data source (imported from COS) +# -------------------------------------------------------------------------- +data "ibm_pi_image" "custom_images" { + count = local.use_custom_images ? local.custom_image_count : 0 + provider = ibm.ibm-pi + depends_on = [module.standard] + + pi_image_name = element([ + for _, img in var.powervs_custom_images : + img.image_name if length(trim(img.image_name, " ")) > 0 && length(trim(img.file_name, " ")) > 0 + ], count.index) + pi_cloud_instance_id = module.standard.powervs_workspace_guid - sap = true } -# Custom image data (only if using custom) -data "ibm_pi_image" "custom_images" { - count = local.use_custom_images ? 2 : 0 - provider = ibm.ibm-pi - pi_image_name = element([local.selected_hana_image, local.selected_netweaver_image], count.index) +# -------------------------------------------------------------------------- +# Stock catalog images (used only when no custom images are provided) +# -------------------------------------------------------------------------- +data "ibm_pi_catalog_images" "catalog_images_ds" { + count = local.use_custom_images ? 0 : 1 + provider = ibm.ibm-pi + depends_on = [module.standard] + pi_cloud_instance_id = module.standard.powervs_workspace_guid + sap = true } +# -------------------------------------------------------------------------- +# Derived locals for image type, ID, and validation +# -------------------------------------------------------------------------- locals { - hana_image_type = local.use_custom_images ? data.ibm_pi_image.custom_images[0].image_type : one([ - for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : - img.image_type if img.name == local.selected_hana_image + + hana_image_type = local.use_custom_images ? ( + try( + data.ibm_pi_image.custom_images[0].image_type, + null + ) + ) : one([ + for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : img.image_type + if img.name == local.selected_hana_image ]) - netweaver_image_type = local.use_custom_images ? data.ibm_pi_image.custom_images[1].image_type : one([ - for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : - img.image_type if img.name == local.selected_netweaver_image + netweaver_image_type = local.use_custom_images ? ( + try( + data.ibm_pi_image.custom_images[1].image_type, + data.ibm_pi_image.custom_images[0].image_type + ) + ) : one([ + for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : img.image_type + if img.name == local.selected_netweaver_image ]) - hana_image_id = local.use_custom_images ? lookup(local.powervs_custom_images, local.selected_hana_image, null).image_id : one([ - for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : - img.image_id if img.name == local.selected_hana_image + # Resolve image IDs + hana_image_id = local.use_custom_images ? ( + one([ + for _, img in data.ibm_pi_image.custom_images : + img.id if img.pi_image_name == local.selected_hana_image + ]) + ) : one([ + for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : + img.image_id if img.name == local.selected_hana_image ]) - netweaver_image_id = local.use_custom_images ? lookup(local.powervs_custom_images, local.selected_netweaver_image, null).image_id : one([ - for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : - img.image_id if img.name == local.selected_netweaver_image + netweaver_image_id = local.use_custom_images ? ( + one([ + for _, img in data.ibm_pi_image.custom_images : + img.id if img.pi_image_name == local.selected_netweaver_image + ]) + ) : one([ + for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : + img.image_id if img.name == local.selected_netweaver_image ]) + # -------------------------------------------------------------------------- + # FLS and BYOL logic + # -------------------------------------------------------------------------- hana_is_fls = contains(local.fls_image_types, local.hana_image_type) netweaver_is_fls = contains(local.fls_image_types, local.netweaver_image_type) images_mixed = local.hana_is_fls != local.netweaver_is_fls @@ -61,17 +126,18 @@ locals { byol_and_fls = local.use_fls && local.has_byol_creds missing_byol_creds = !local.use_fls && !local.has_byol_creds + # -------------------------------------------------------------------------- # Validation messages - images_mixed_msg = "You've selected an fls image and a byol image for hana and netweaver. Using byol on one and fls on another is currently not supported." - + # -------------------------------------------------------------------------- + images_mixed_msg = "You've selected an FLS image and a BYOL image for HANA and NetWeaver. Using BYOL on one and FLS on another is not supported." # tflint-ignore: terraform_unused_declarations validate_images_mixed = regex("^${local.images_mixed_msg}$", (local.images_mixed ? "" : local.images_mixed_msg)) - missing_byol_msg = "Missing byol credentials for activation of linux subscription." + missing_byol_msg = "Missing BYOL credentials for activation of Linux subscription." # tflint-ignore: terraform_unused_declarations validate_byol_provided = regex("^${local.missing_byol_msg}$", (local.missing_byol_creds ? "" : local.missing_byol_msg)) - byol_and_fls_msg = "FLS images and user provided linux subscription detected. Can't use both at the same time." + byol_and_fls_msg = "FLS images and user-provided Linux subscription detected. Can't use both at the same time." # tflint-ignore: terraform_unused_declarations validate_byol_and_fls = regex("^${local.byol_and_fls_msg}$", (local.byol_and_fls ? "" : local.byol_and_fls_msg)) } diff --git a/solutions/ibm-catalog/sap-ready-to-go/main.tf b/solutions/ibm-catalog/sap-ready-to-go/main.tf index 57f93087..07ccc02f 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/main.tf +++ b/solutions/ibm-catalog/sap-ready-to-go/main.tf @@ -14,22 +14,27 @@ module "standard" { ibm.ibm-sm = ibm.ibm-sm } - powervs_zone = var.powervs_zone - powervs_resource_group_name = var.powervs_resource_group_name - prefix = var.prefix - external_access_ip = var.external_access_ip - vpc_intel_images = var.vpc_intel_images - ssh_public_key = var.ssh_public_key - ssh_private_key = var.ssh_private_key - powervs_management_network = { name = "${var.prefix}-sap-net", cidr = var.powervs_sap_network_cidr } - powervs_backup_network = null - configure_dns_forwarder = true - configure_ntp_forwarder = true - configure_nfs_server = true - nfs_server_config = var.nfs_server_config - dns_forwarder_config = { "dns_servers" : "161.26.0.7; 161.26.0.8; 9.9.9.9;" } - tags = var.tags - powervs_custom_images = var.powervs_custom_images + powervs_zone = var.powervs_zone + powervs_resource_group_name = var.powervs_resource_group_name + prefix = var.prefix + external_access_ip = var.external_access_ip + vpc_intel_images = var.vpc_intel_images + ssh_public_key = var.ssh_public_key + ssh_private_key = var.ssh_private_key + powervs_management_network = { name = "${var.prefix}-sap-net", cidr = var.powervs_sap_network_cidr } + powervs_backup_network = null + configure_dns_forwarder = true + configure_ntp_forwarder = true + configure_nfs_server = true + nfs_server_config = var.nfs_server_config + dns_forwarder_config = { "dns_servers" : "161.26.0.7; 161.26.0.8; 9.9.9.9;" } + tags = var.tags + powervs_custom_images = merge(var.powervs_custom_images, { powervs_custom_image3 = { + image_name = "", + file_name = "", + storage_tier = "", + sap_type = null + } }) powervs_custom_image_cos_configuration = var.powervs_custom_image_cos_configuration powervs_custom_image_cos_service_credentials = var.powervs_custom_image_cos_service_credentials client_to_site_vpn = var.client_to_site_vpn diff --git a/solutions/ibm-catalog/sap-ready-to-go/variables.tf b/solutions/ibm-catalog/sap-ready-to-go/variables.tf index 85735609..8bd57ebd 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/variables.tf +++ b/solutions/ibm-catalog/sap-ready-to-go/variables.tf @@ -223,7 +223,7 @@ variable "powervs_os_registration_password" { } variable "powervs_custom_images" { - description = "Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs_custom_image_cos_configuration' to be set. image_name: string, must be unique. Name of image inside PowerVS workspace. file_name: string, object key of image inside COS bucket. storage_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap_type: optional string, Supported values: null, Hana, Netweaver, use null for non-SAP image." + description = "Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs_custom_image_cos_configuration' to be set. image_name: string, must be unique. Name of image inside PowerVS workspace. file_name: string, object key of image inside COS bucket. storage_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap_type: optional string, Supported values: null, Hana and Netweaver" type = object({ powervs_custom_image1 = object({ image_name = string @@ -236,12 +236,6 @@ variable "powervs_custom_images" { file_name = string storage_tier = string sap_type = optional(string) - }), - powervs_custom_image3 = object({ - image_name = string - file_name = string - storage_tier = string - sap_type = optional(string) }) }) default = { @@ -249,19 +243,13 @@ variable "powervs_custom_images" { "image_name" : "", "file_name" : "", "storage_tier" : "", - "sap_type" : null + "sap_type" : "Hana" }, "powervs_custom_image2" : { "image_name" : "", "file_name" : "", "storage_tier" : "", - "sap_type" : null - }, - "powervs_custom_image3" : { - "image_name" : "", - "file_name" : "", - "storage_tier" : "", - "sap_type" : null + "sap_type" : "Netweaver" } } } diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md b/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md index 25470b30..86de6b92 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md @@ -42,7 +42,7 @@ - Creates a new private subnet for SAP communication for the entire landscape. - Attaches the PowerVS workspace to transit gateway. - Creates an SSH key. - - Optionally imports up to three custom images from Cloud Object Storage. + - Optionally imports up to two custom images from Cloud Object Storage. - Creates and configures one PowerVS instance for SAP HANA based on best practices for HANA database. - Creates and configures one PowerVS instance for SAP NetWeaver based on best practices, hosting the PAS and ASCS instances. - Optionally let's the user choose a byol or custom os image for the HANA and Netweaver PowerVS instances and activate it with user provided os registration credentials. @@ -147,7 +147,7 @@ | [nfs\_server\_config](#input\_nfs\_server\_config) | Configuration for the NFS server. 'size' is in GB, 'iops' is maximum input/output operation performance bandwidth per second, 'mount\_path' defines the target mount point on os. Set 'configure\_nfs\_server' to false to ignore creating file storage share. | 
object({
    size       = number
    iops       = number
    mount_path = string
  })
| 
{
  "iops": 600,
  "mount_path": "/nfs",
  "size": 200
}
| no | | [powervs\_custom\_image\_cos\_configuration](#input\_powervs\_custom\_image\_cos\_configuration) | Cloud Object Storage bucket containing custom PowerVS images. bucket\_name: string, name of the COS bucket. bucket\_access: string, possible values: public, private (private requires powervs\_custom\_image\_cos\_service\_credentials). bucket\_region: string, COS bucket region | 
object({
    bucket_name   = string
    bucket_access = string
    bucket_region = string
  })
| 
{
  "bucket_access": "",
  "bucket_name": "",
  "bucket_region": ""
}
| no | | [powervs\_custom\_image\_cos\_service\_credentials](#input\_powervs\_custom\_image\_cos\_service\_credentials) | Service credentials for the Cloud Object Storage bucket containing the custom PowerVS images. The bucket must have HMAC credentials enabled. Click [here](https://cloud.ibm.com/docs/cloud-object-storage?topic=cloud-object-storage-service-credentials) for a json example of a service credential. | `string` | `null` | no | -| [powervs\_custom\_images](#input\_powervs\_custom\_images) | Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs\_custom\_image\_cos\_configuration' to be set. image\_name: string, must be unique. Name of image inside PowerVS workspace. file\_name: string, object key of image inside COS bucket. storage\_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap\_type: optional string, Supported values: null, Hana, Netweaver, use null for non-SAP image. | 
object({
    powervs_custom_image1 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    }),
    powervs_custom_image2 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    }),
    powervs_custom_image3 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    })
  })
| 
{
  "powervs_custom_image1": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  },
  "powervs_custom_image2": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  },
  "powervs_custom_image3": {
    "file_name": "",
    "image_name": "",
    "sap_type": null,
    "storage_tier": ""
  }
}
| no | +| [powervs\_custom\_images](#input\_powervs\_custom\_images) | Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs\_custom\_image\_cos\_configuration' to be set. image\_name: string, must be unique. Name of image inside PowerVS workspace. file\_name: string, object key of image inside COS bucket. storage\_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap\_type: optional string, Supported values: Hana and Netweaver | 
object({
    powervs_custom_image1 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    }),
    powervs_custom_image2 = object({
      image_name   = string
      file_name    = string
      storage_tier = string
      sap_type     = optional(string)
    })
  })
| 
{
  "powervs_custom_image1": {
    "file_name": "",
    "image_name": "",
    "sap_type": "Hana",
    "storage_tier": ""
  },
  "powervs_custom_image2": {
    "file_name": "",
    "image_name": "",
    "sap_type": "Netweaver",
    "storage_tier": ""
  }
}
| no | | [powervs\_default\_sap\_images](#input\_powervs\_default\_sap\_images) | Default Red Hat Linux Full Linux subscription images to use for PowerVS SAP HANA and SAP NetWeaver instances. If you're using a byol or a custom RHEL image, additionally specify the optional values for 'powervs\_os\_registration\_username', 'powervs\_os\_registration\_password' and 'ansible\_vault\_password' | 
object({
    rhel_hana_image = string
    rhel_nw_image   = string
  })
| 
{
  "rhel_hana_image": "RHEL9-SP4-SAP",
  "rhel_nw_image": "RHEL9-SP4-SAP-NETWEAVER"
}
| no | | [powervs\_hana\_instance\_additional\_storage\_config](#input\_powervs\_hana\_instance\_additional\_storage\_config) | Additional File systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | 
list(object({
    name  = string
    size  = string
    count = string
    tier  = string
    mount = string
  }))
| 
[
  {
    "count": "1",
    "mount": "/usr/sap",
    "name": "usrsap",
    "size": "50",
    "tier": "tier3"
  }
]
| no | | [powervs\_hana\_instance\_custom\_storage\_config](#input\_powervs\_hana\_instance\_custom\_storage\_config) | Custom file systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. If not specified, volumes for '/hana/data', '/hana/log', '/hana/shared' are automatically calculated and created. | 
list(object({
    name  = string
    size  = string
    count = string
    tier  = string
    mount = string
    pool  = optional(string)
  }))
| 
[
  {
    "count": "",
    "mount": "",
    "name": "",
    "size": "",
    "tier": ""
  }
]
| no | diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/images.tf b/solutions/ibm-catalog/sap-s4hana-bw4hana/images.tf index 302ba14b..9666302a 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/images.tf +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/images.tf @@ -1,58 +1,115 @@ +############################################################################### +# PowerVS Custom / Stock Image Logic +############################################################################### + locals { - powervs_custom_images = module.standard.powervs_images - selected_hana_image = var.powervs_default_sap_images.rhel_hana_image - selected_netweaver_image = var.powervs_default_sap_images.rhel_nw_image + # -------------------------------------------------------------------------- + # Determine how many valid custom images exist + # -------------------------------------------------------------------------- + custom_image_count = length([ + for _, img in var.powervs_custom_images : + img if length(trim(img.image_name, " ")) > 0 && length(trim(img.file_name, " ")) > 0 && length(trim(img.storage_tier, " ")) > 0 + ]) + + use_custom_images = local.custom_image_count > 0 + + # -------------------------------------------------------------------------- + # Set image names + # -------------------------------------------------------------------------- + selected_hana_image = local.use_custom_images ? ( + length(trim(var.powervs_custom_images.powervs_custom_image1.image_name, " ")) > 0 ? + var.powervs_custom_images.powervs_custom_image1.image_name : + "" + ) : var.powervs_default_sap_images.rhel_hana_image + + selected_netweaver_image = local.use_custom_images ? ( + length(trim(var.powervs_custom_images.powervs_custom_image2.image_name, " ")) > 0 ? + var.powervs_custom_images.powervs_custom_image2.image_name : + var.powervs_custom_images.powervs_custom_image1.image_name + ) : var.powervs_default_sap_images.rhel_nw_image fls_image_types = ["stock-sap-fls", "stock-sap-netweaver-fls"] - use_custom_images = ( - length(local.powervs_custom_images) > 0 && - alltrue([ - for name in [local.selected_hana_image, local.selected_netweaver_image] : ( - contains(keys(local.powervs_custom_images), name) ? - local.powervs_custom_images[name].image_vendor == "SAP" : false - ) - ]) - ) + } -# Stock image data (only if not using custom) -data "ibm_pi_catalog_images" "catalog_images_ds" { - count = local.use_custom_images ? 0 : 1 - provider = ibm.ibm-pi +# -------------------------------------------------------------------------- +# Custom image data source (imported from COS) +# -------------------------------------------------------------------------- +data "ibm_pi_image" "custom_images" { + count = local.use_custom_images ? local.custom_image_count : 0 + provider = ibm.ibm-pi + depends_on = [module.standard] + + pi_image_name = element([ + for _, img in var.powervs_custom_images : + img.image_name if length(trim(img.image_name, " ")) > 0 && length(trim(img.file_name, " ")) > 0 + ], count.index) + pi_cloud_instance_id = module.standard.powervs_workspace_guid - sap = true } -# Custom image data (only if using custom) -data "ibm_pi_image" "custom_images" { - count = local.use_custom_images ? 2 : 0 - provider = ibm.ibm-pi - pi_image_name = element([local.selected_hana_image, local.selected_netweaver_image], count.index) +# -------------------------------------------------------------------------- +# Stock catalog images (used only when no custom images are provided) +# -------------------------------------------------------------------------- +data "ibm_pi_catalog_images" "catalog_images_ds" { + count = local.use_custom_images ? 0 : 1 + provider = ibm.ibm-pi + depends_on = [module.standard] + pi_cloud_instance_id = module.standard.powervs_workspace_guid + sap = true } +# -------------------------------------------------------------------------- +# Derived locals for image type, ID, and validation +# -------------------------------------------------------------------------- locals { - hana_image_type = local.use_custom_images ? data.ibm_pi_image.custom_images[0].image_type : one([ - for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : - img.image_type if img.name == local.selected_hana_image + + hana_image_type = local.use_custom_images ? ( + try( + data.ibm_pi_image.custom_images[0].image_type, + null + ) + ) : one([ + for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : img.image_type + if img.name == local.selected_hana_image ]) - netweaver_image_type = local.use_custom_images ? data.ibm_pi_image.custom_images[1].image_type : one([ - for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : - img.image_type if img.name == local.selected_netweaver_image + netweaver_image_type = local.use_custom_images ? ( + try( + data.ibm_pi_image.custom_images[1].image_type, + data.ibm_pi_image.custom_images[0].image_type + ) + ) : one([ + for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : img.image_type + if img.name == local.selected_netweaver_image ]) - hana_image_id = local.use_custom_images ? lookup(local.powervs_custom_images, local.selected_hana_image, null).image_id : one([ - for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : - img.image_id if img.name == local.selected_hana_image + # Resolve image IDs + hana_image_id = local.use_custom_images ? ( + one([ + for _, img in data.ibm_pi_image.custom_images : + img.id if img.pi_image_name == local.selected_hana_image + ]) + ) : one([ + for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : + img.image_id if img.name == local.selected_hana_image ]) - netweaver_image_id = local.use_custom_images ? lookup(local.powervs_custom_images, local.selected_netweaver_image, null).image_id : one([ - for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : - img.image_id if img.name == local.selected_netweaver_image + netweaver_image_id = local.use_custom_images ? ( + one([ + for _, img in data.ibm_pi_image.custom_images : + img.id if img.pi_image_name == local.selected_netweaver_image + ]) + ) : one([ + for img in data.ibm_pi_catalog_images.catalog_images_ds[0].images : + img.image_id if img.name == local.selected_netweaver_image ]) + # -------------------------------------------------------------------------- + # FLS and BYOL logic + # -------------------------------------------------------------------------- hana_is_fls = contains(local.fls_image_types, local.hana_image_type) netweaver_is_fls = contains(local.fls_image_types, local.netweaver_image_type) images_mixed = local.hana_is_fls != local.netweaver_is_fls @@ -61,17 +118,18 @@ locals { byol_and_fls = local.use_fls && local.has_byol_creds missing_byol_creds = !local.use_fls && !local.has_byol_creds + # -------------------------------------------------------------------------- # Validation messages - images_mixed_msg = "You've selected an fls image and a byol image for hana and netweaver. Using byol on one and fls on another is currently not supported." - + # -------------------------------------------------------------------------- + images_mixed_msg = "You've selected an FLS image and a BYOL image for HANA and NetWeaver. Using BYOL on one and FLS on another is not supported." # tflint-ignore: terraform_unused_declarations validate_images_mixed = regex("^${local.images_mixed_msg}$", (local.images_mixed ? "" : local.images_mixed_msg)) - missing_byol_msg = "Missing byol credentials for activation of linux subscription." + missing_byol_msg = "Missing BYOL credentials for activation of Linux subscription." # tflint-ignore: terraform_unused_declarations validate_byol_provided = regex("^${local.missing_byol_msg}$", (local.missing_byol_creds ? "" : local.missing_byol_msg)) - byol_and_fls_msg = "FLS images and user provided linux subscription detected. Can't use both at the same time." + byol_and_fls_msg = "FLS images and user-provided Linux subscription detected. Can't use both at the same time." # tflint-ignore: terraform_unused_declarations validate_byol_and_fls = regex("^${local.byol_and_fls_msg}$", (local.byol_and_fls ? "" : local.byol_and_fls_msg)) } diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf b/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf index 8f41e37d..a355ec6c 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf @@ -14,22 +14,27 @@ module "standard" { ibm.ibm-sm = ibm.ibm-sm } - powervs_zone = var.powervs_zone - powervs_resource_group_name = var.powervs_resource_group_name - prefix = var.prefix - external_access_ip = var.external_access_ip - vpc_intel_images = var.vpc_intel_images - ssh_public_key = var.ssh_public_key - ssh_private_key = var.ssh_private_key - powervs_management_network = { name = "${var.prefix}-sap-net", cidr = var.powervs_sap_network_cidr } - powervs_backup_network = null - configure_dns_forwarder = true - configure_ntp_forwarder = true - configure_nfs_server = true - nfs_server_config = var.nfs_server_config - dns_forwarder_config = { "dns_servers" : "161.26.0.7; 161.26.0.8; 9.9.9.9;" } - tags = var.tags - powervs_custom_images = var.powervs_custom_images + powervs_zone = var.powervs_zone + powervs_resource_group_name = var.powervs_resource_group_name + prefix = var.prefix + external_access_ip = var.external_access_ip + vpc_intel_images = var.vpc_intel_images + ssh_public_key = var.ssh_public_key + ssh_private_key = var.ssh_private_key + powervs_management_network = { name = "${var.prefix}-sap-net", cidr = var.powervs_sap_network_cidr } + powervs_backup_network = null + configure_dns_forwarder = true + configure_ntp_forwarder = true + configure_nfs_server = true + nfs_server_config = var.nfs_server_config + dns_forwarder_config = { "dns_servers" : "161.26.0.7; 161.26.0.8; 9.9.9.9;" } + tags = var.tags + powervs_custom_images = merge(var.powervs_custom_images, { powervs_custom_image3 = { + image_name = "", + file_name = "", + storage_tier = "", + sap_type = null + } }) powervs_custom_image_cos_configuration = var.powervs_custom_image_cos_configuration powervs_custom_image_cos_service_credentials = var.powervs_custom_image_cos_service_credentials client_to_site_vpn = var.client_to_site_vpn diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/variables.tf b/solutions/ibm-catalog/sap-s4hana-bw4hana/variables.tf index d8722e67..df19c71f 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/variables.tf +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/variables.tf @@ -201,10 +201,8 @@ variable "powervs_os_registration_password" { default = "" } - - variable "powervs_custom_images" { - description = "Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs_custom_image_cos_configuration' to be set. image_name: string, must be unique. Name of image inside PowerVS workspace. file_name: string, object key of image inside COS bucket. storage_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap_type: optional string, Supported values: null, Hana, Netweaver, use null for non-SAP image." + description = "Optionally import up to three custom images from Cloud Object Storage into PowerVS workspace. Requires 'powervs_custom_image_cos_configuration' to be set. image_name: string, must be unique. Name of image inside PowerVS workspace. file_name: string, object key of image inside COS bucket. storage_tier: string, storage tier which image will be stored in after import. Supported values: tier0, tier1, tier3, tier5k. sap_type: optional string, Supported values: Hana and Netweaver" type = object({ powervs_custom_image1 = object({ image_name = string @@ -217,32 +215,21 @@ variable "powervs_custom_images" { file_name = string storage_tier = string sap_type = optional(string) - }), - powervs_custom_image3 = object({ - image_name = string - file_name = string - storage_tier = string - sap_type = optional(string) }) }) + default = { "powervs_custom_image1" : { "image_name" : "", "file_name" : "", "storage_tier" : "", - "sap_type" : null + "sap_type" : "Hana" }, "powervs_custom_image2" : { "image_name" : "", "file_name" : "", "storage_tier" : "", - "sap_type" : null - }, - "powervs_custom_image3" : { - "image_name" : "", - "file_name" : "", - "storage_tier" : "", - "sap_type" : null + "sap_type" : "Netweaver" } } } From 1b899736b4d27f660661c178a24770bbf4024413 Mon Sep 17 00:00:00 2001 From: surajsbharadwaj Date: Thu, 23 Oct 2025 21:57:25 +0200 Subject: [PATCH 3/4] chore: update last updated --- .../sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md | 2 +- .../deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md b/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md index d114b073..ba3b185b 100644 --- a/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md +++ b/reference-architectures/sap-ready-to-go/deploy-arch-ibm-pvs-sap-ready-to-go.md @@ -2,7 +2,7 @@ copyright: years: 2024, 2025 -lastupdated: "2025-25-10" +lastupdated: "2025-10-25" keywords: subcollection: deployable-reference-architectures authors: diff --git a/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md b/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md index 9cf4e62a..fe283692 100644 --- a/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md +++ b/reference-architectures/sap-s4hana-bw4hana/deploy-arch-ibm-pvs-sap-s4hana-bw4hana.md @@ -2,7 +2,7 @@ copyright: years: 2024, 2025 -lastupdated: "2025-25-10" +lastupdated: "2025-10-25" keywords: subcollection: deployable-reference-architectures authors: From 85eb4d021440d2e9a9843f6ed2306807801c7827 Mon Sep 17 00:00:00 2001 From: surajsbharadwaj Date: Thu, 23 Oct 2025 22:02:13 +0200 Subject: [PATCH 4/4] chore: upgrade landing zone version --- solutions/ibm-catalog/sap-ready-to-go/README.md | 2 +- solutions/ibm-catalog/sap-ready-to-go/main.tf | 2 +- solutions/ibm-catalog/sap-s4hana-bw4hana/README.md | 2 +- solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/solutions/ibm-catalog/sap-ready-to-go/README.md b/solutions/ibm-catalog/sap-ready-to-go/README.md index ff49d1f1..02c6a728 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/README.md +++ b/solutions/ibm-catalog/sap-ready-to-go/README.md @@ -73,7 +73,7 @@ | Name | Source | Version | |------|--------|---------| | [sap\_system](#module\_sap\_system) | ../../../modules/pi-sap-system-type1 | n/a | -| [standard](#module\_standard) | terraform-ibm-modules/powervs-infrastructure/ibm//modules/powervs-vpc-landing-zone | 10.2.0 | +| [standard](#module\_standard) | terraform-ibm-modules/powervs-infrastructure/ibm//modules/powervs-vpc-landing-zone | 10.2.1 | ### Resources diff --git a/solutions/ibm-catalog/sap-ready-to-go/main.tf b/solutions/ibm-catalog/sap-ready-to-go/main.tf index 07ccc02f..db5c540e 100644 --- a/solutions/ibm-catalog/sap-ready-to-go/main.tf +++ b/solutions/ibm-catalog/sap-ready-to-go/main.tf @@ -6,7 +6,7 @@ module "standard" { source = "terraform-ibm-modules/powervs-infrastructure/ibm//modules/powervs-vpc-landing-zone" - version = "10.2.0" + version = "10.2.1" providers = { ibm.ibm-is = ibm.ibm-is diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md b/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md index 86de6b92..8f45b165 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/README.md @@ -120,7 +120,7 @@ | [ibmcloud\_cos\_download\_monitoring\_binaries](#module\_ibmcloud\_cos\_download\_monitoring\_binaries) | ../../../modules/ibmcloud-cos | n/a | | [ibmcloud\_cos\_download\_netweaver\_binaries](#module\_ibmcloud\_cos\_download\_netweaver\_binaries) | ../../../modules/ibmcloud-cos | n/a | | [sap\_system](#module\_sap\_system) | ../../../modules/pi-sap-system-type1 | n/a | -| [standard](#module\_standard) | terraform-ibm-modules/powervs-infrastructure/ibm//modules/powervs-vpc-landing-zone | 10.2.0 | +| [standard](#module\_standard) | terraform-ibm-modules/powervs-infrastructure/ibm//modules/powervs-vpc-landing-zone | 10.2.1 | ### Resources diff --git a/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf b/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf index a355ec6c..47ebe16d 100644 --- a/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf +++ b/solutions/ibm-catalog/sap-s4hana-bw4hana/main.tf @@ -6,7 +6,7 @@ module "standard" { source = "terraform-ibm-modules/powervs-infrastructure/ibm//modules/powervs-vpc-landing-zone" - version = "10.2.0" + version = "10.2.1" providers = { ibm.ibm-is = ibm.ibm-is