Skip to content

README.md

Latest commit

 

History

History
executable file
·
105 lines (88 loc) · 11.3 KB

README.md

File metadata and controls

executable file
·
105 lines (88 loc) · 11.3 KB

IBM Cloud solution for Power Virtual Server with VPC landing zone Import Variation

This solution helps to install the deployable architecture 'Power Virtual Server for SAP HANA' on top of a pre-existing Power Virtual Server(PowerVS) landscape. 'Power Virtual Server for SAP HANA' automation requires a schematics workspace id for installation. The 'Import' solution creates a schematics workspace by taking pre-existing VPC and PowerVS infrastructure resource details as inputs. The ID of this schematics workspace will be the pre-requisite workspace id required by 'Power Virtual Server for SAP HANA' to create and configure the PowerVS instances for SAP on top of the existing infrastructure.

Pre-requisites:

The pre-existing infrastructure must meet the following conditions to use the 'Import' solution to create a schematics workspace:

  • Virtual Private Cloud(VPC) side
    • Existing VPC or VPCs with virtual servers instances, ACL/ACLs, and Security Groups.
    • Existing access host(jump server) which is an intel based virtual server instance that can access Power virtual server instances.
    • Existing Transit Gateway.
    • The VPC in which the jump host exists must be attached to the Transit Gateway.
    • The necessary ACLs and security group rules for VPC in which the access host(jump server) exists must allow SSH login to the Power virtual server instances which would be created using 'Power Virtual Server for SAP HANA' automation.
  • Power Virtual Server Workspace side
    • Existing Power Virtual Server Workspace with at-least two private subnets.
    • Power Virtual Server Workspace/Cloud Connections must be attached to above Transit Gateway.
    • SSH key pairs used to login to access host/jump host(intel based virtual server instance) on VPC side should match to the existing SSH key used in PowerVS Workspace.
  • Mandatory Management Network Services
    • Existing Proxy server ip and port required to configure the internet access required for PowerVS instances.
  • Optional Management Network Services
    • Existing DNS server ip for the PowerVS instances.
    • Existing NTP server ip for the PowerVS instances.
    • Existing NFS server ip and path for the PowerVS instances.
    • If the above parameters are provided, then it must be made sure IPs are reachable on Power virtual server instances which would be created using 'Power Virtual Server for SAP HANA' automation.

NOTE: IBM Cloud has a quota of 100 ACL rules per ACL. The 'Import' variation will create 52 new ACL rules for providing schematics servers access to the access host(this access is required for 'Power Virtual Server for SAP HANA' automation). Please ensure the concerned ACL can take in new ACL rules without exceeding the quota of 100 so the deployment will be successful.

Resources Created:

  1. ACL rules for IBM Cloud Schematics are created for the VPC subnets in which access host(jump server) exists.
  2. Schematics workspace required by 'Power Virtual Server for SAP HANA' to create and configure the PowerVS instances for SAP on top of the existing infrastructure.

Notes:

Variation Available on IBM Catalog Requires Schematics Workspace ID Imports VPC Landing Zone Imports VPC VSI OS Config Imports PowerVS Infrastructure Imports PowerVS Instance Performs PowerVS OS Config
Import ✔️ N/A N/A N/A N/A N/A N/A

Architecture diagram

import Variation

Requirements

Name Version
terraform >= 1.9
ibm 1.76.1

Modules

Name Source Version
access_host ../../modules/import-powervs-vpc/vpc n/a
management_sg_rules ../../modules/import-powervs-vpc/security-group n/a
management_vpc_acl_rules ../../modules/import-powervs-vpc/acl n/a
powervs_workspace_ds ../../modules/import-powervs-vpc/powervs n/a

Resources

Name Type
ibm_is_network_acl.management_acls_ds data source
ibm_is_subnet.management_subnets_ds data source
ibm_tg_gateway.tgw_ds data source

Inputs

Name Description Type Default Required
IC_SCHEMATICS_WORKSPACE_ID leave blank if running locally. This variable will be automatically populated if running from an IBM Cloud Schematics workspace. string "" no
access_host Name of the existing access host VSI and its floating ip. Acls will be added to allow schematics IPs to the corresponding VPC. 
object({
    vsi_name    = string
    floating_ip = string
  })
 n/a yes
dns_server_ip DNS server IP address. string "" no
ibmcloud_api_key The IBM Cloud platform API key needed to deploy IAM enabled resources. string n/a yes
nfs_server_ip_path NFS server IP address and Path. If the NFS server VSI name is provided, the nfs path should not be empty and must begin with '/' character. For example: nfs_server_ip_path = {"ip" = "10.20.10.4", "nfs_path" = "/nfs"} 
object({
    ip       = string
    nfs_path = string
  })
 
{
  "ip": "",
  "nfs_path": ""
}
 no
ntp_server_ip NTP server IP address. string "" no
powervs_backup_network_name Name of the existing subnet used for backup network in existing PowerVS workspace. string n/a yes
powervs_management_network_name Name of the existing subnet used for management network in existing PowerVS workspace. string n/a yes
powervs_sshkey_name SSH public key name used for the existing PowerVS workspace. string n/a yes
powervs_workspace_guid GUID of the existing PowerVS workspace. string n/a yes
powervs_zone IBM Cloud data center location where IBM PowerVS workspace exists. string n/a yes
proxy_server_ip_port Existing Proxy Server IP and port. This will be required to configure internet access for PowerVS instances. 
object({
    ip   = string
    port = number
  })
 n/a yes
transit_gateway_name The name of the existing transit gateway that has VPCs and PowerVS workspace connected to it. string n/a yes

Outputs

Name Description
access_host_or_ip Access host(jump/bastion) for existing PowerVS infrastructure.
dns_host_or_ip DNS forwarder host for existing PowerVS infrastructure.
nfs_host_or_ip_path NFS host for existing PowerVS infrastructure.
ntp_host_or_ip NTP host for existing PowerVS infrastructure.
powervs_backup_subnet Name, ID and CIDR of backup private network in existing PowerVS infrastructure.
powervs_images Object containing imported PowerVS image names and image ids.
powervs_management_subnet Name, ID and CIDR of management private network in existing PowerVS infrastructure.
powervs_ssh_public_key SSH public key name and value used in existing PowerVS infrastructure.
powervs_workspace_guid PowerVS infrastructure workspace guid. The GUID of the resource instance.
powervs_workspace_id PowerVS infrastructure workspace CRN.
powervs_workspace_name PowerVS infrastructure workspace name.
powervs_zone Zone of existing PowerVS infrastructure.
prefix The prefix that is associated with all resources
proxy_host_or_ip_port Proxy host:port for existing PowerVS infrastructure.
schematics_workspace_id ID of the IBM Cloud Schematics workspace. Returns null if not ran in Schematics.
ssh_public_key The string value of the ssh public key used when deploying VPC
transit_gateway_id The ID of transit gateway.
transit_gateway_name The name of the transit gateway.