feat: append nfs

Author: sean-freeman

ibmcloud_vs/host_nfs/data_network_vpc_target_subnet.tf

@@ -0,0 +1,21 @@
+
+# Select Subnet on the VPC in a specific Zone
+### Also identifies target VPC and target Resource Group
+
+data "ibm_is_subnet" "vpc_subnet" {
+  name = var.module_var_ibmcloud_vpc_subnet_name
+}
+
+data "ibm_is_vpc" "vpc" {
+  name = data.ibm_is_subnet.vpc_subnet.vpc_name
+}
+
+locals {
+  target_resource_group_id     = data.ibm_is_subnet.vpc_subnet.resource_group
+  target_vpc_id                = data.ibm_is_subnet.vpc_subnet.vpc
+  target_vpc_crn               = data.ibm_is_vpc.vpc.crn
+  target_vpc_availability_zone = data.ibm_is_subnet.vpc_subnet.zone
+  target_vpc_subnet_range      = data.ibm_is_subnet.vpc_subnet.ipv4_cidr_block
+  target_region                = replace(data.ibm_is_subnet.vpc_subnet.zone, "/-[^-]*$/", "")
+  target_subnet_id             = data.ibm_is_subnet.vpc_subnet.id
+}

ibmcloud_vs/host_nfs/host_file_storage.tf

@@ -0,0 +1,19 @@
+
+resource "ibm_is_share" "file_storage_sapmnt" {
+  count = var.module_var_nfs_boolean_sapmnt ? 1 : 0
+  name = "${var.module_var_resource_prefix}-nfs-sapmnt"
+
+  zone = local.target_vpc_availability_zone
+
+  size = 2048
+  profile = "tier-3iops"
+
+}
+
+resource "ibm_is_share_target" "file_storage_attach_sapmnt" {
+  count = var.module_var_nfs_boolean_sapmnt ? 1 : 0
+  name = "${var.module_var_resource_prefix}-nfs-sapmnt-attach"
+
+  share = ibm_is_share.file_storage_sapmnt[0].id
+  vpc   = local.target_vpc_id
+}

ibmcloud_vs/host_nfs/module_outputs.tf

@@ -0,0 +1,5 @@
+
+# Mount path
+output "output_nfs_fqdn" {
+  value = ibm_is_share_target.file_storage_attach_sapmnt[0].mount_path
+}

ibmcloud_vs/host_nfs/module_variables.tf

@@ -0,0 +1,8 @@
+
+variable "module_var_resource_prefix" {}
+
+variable "module_var_ibmcloud_vpc_subnet_name" {}
+
+variable "module_var_host_security_group_id" {}
+
+variable "module_var_nfs_boolean_sapmnt" {}

ibmcloud_vs/host_nfs/module_versions.tf

@@ -0,0 +1,40 @@
+# Terraform declaration
+
+terraform {
+  required_version = ">= 1.0"
+  required_providers {
+    ibm = {
+      #source  = "localdomain/provider/ibm" // Local, on macOS path to place files would be $HOME/.terraform.d/plugins/localdomain/provider/ibm/1.xx.xx/darwin_amd6
+      source  = "IBM-Cloud/ibm" // Terraform Registry
+      version = ">=1.45.0"
+    }
+  }
+}
+
+
+# Terraform Provider declaration
+#
+# Nested provider configurations cannot be used with depends_on meta-argument between modules
+#
+# The calling module block can use either:
+# - "providers" argument in the module block
+# - none, inherit default (un-aliased) provider configuration
+#
+# Therefore the below is blank and is only for reference if this module needs to be executed manually
+
+#provider "ibm" {
+#
+# Define Provider inputs manually
+#  ibmcloud_api_key = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+#
+# Define Provider inputs from given Terraform Variables
+#  ibmcloud_api_key = var.ibmcloud_api_key
+#
+# If using IBM Cloud Automation Manager, the Provider declaration values are populated automatically
+# from the Cloud Connection credentials (by using Environment Variables)
+#
+# If using IBM Cloud Schematics, the Provider declaration values are populated automatically
+#
+#  region = var.ibmcloud_region
+#
+#}

ibmcloud_vs/host_nfs/network_security_groups_sap.tf

@@ -0,0 +1,21 @@
+
+resource "ibm_is_security_group_rule" "vpc_sg_rule_sap_inbound_nfs" {
+  group      = var.module_var_host_security_group_id
+  direction  = "inbound"
+  remote     = local.target_vpc_subnet_range
+  tcp {
+    port_min = 2049
+    port_max = 2049
+  }
+}
+
+resource "ibm_is_security_group_rule" "vpc_sg_rule_sap_outbound_nfs" {
+  group      = var.module_var_host_security_group_id
+  direction  = "outbound"
+  remote     = local.target_vpc_subnet_range
+  tcp {
+    port_min = 2049
+    port_max = 2049
+  }
+}
+

ibmcloud_vs/host_provision/build_filesystem_setup.tf

@@ -541,9 +541,24 @@ function main() {
   fi
 
 
-  if [[ ${var.module_var_disk_volume_count_sapmnt} -gt 0 ]]
+  if [[ ${var.module_var_nfs_boolean_sapmnt} == "false" ]] && [[ ${var.module_var_disk_volume_count_sapmnt} -gt 0 ]]
   then
     physical_volume_partition_runner "/sapmnt" "${var.module_var_disk_volume_capacity_sapmnt}" "4k" "sapmnt" "${var.module_var_filesystem_sapmnt}"
+  elif [[ ${var.module_var_nfs_boolean_sapmnt} == "true" ]]
+  then
+    # Establish IBM Cloud File Share mount path (DNS name and ID e.g. fsf-abcdefg.domain.com:/123456)
+    ibmcloud_file_share_mount_fqdn_sapmnt='${var.module_var_nfs_boolean_sapmnt ? var.module_var_nfs_fqdn_sapmnt : "null"}'
+    # Recommend OS mount of the IBM Cloud File Share via the DNS FQDN, which resolves to the IP Address of the IBM Cloud File Share mount path target
+    # Usually to increase network latency performance for SAP NetWeaver read/write operations, IP Addresses should be used
+    # However, the NFS protocol performs DNS lookup at mount time, and stores into the local host DNS cache - based on the DNS TTL defined by the IBM Cloud Private DNS Name Server
+    # As this activity is infrequent, it should not impact performance to set to the FQDN of the IBM Cloud File Share mount path target
+    # Install NFS
+    if [ "$os_type" = "rhel" ] ; then yum --assumeyes --debuglevel=1 install nfs-utils ; elif [ "$os_type" = "sles" ] ; then zypper install --no-confirm nfs-client ; fi
+    # Mount IBM Cloud File Share via DNS FQDN
+    echo "Mounting NFS for /sapmnt to IBM Cloud File Share mount path target DNS Name: $ibmcloud_file_share_mount_fqdn_sapmnt"
+    #sudo mount -t nfs4 -o sec=sys,nfsvers=4.1 $ibmcloud_file_share_mount_fqdn_sapmnt /sapmnt
+    echo "# fstab entries for NFS"  >> /etc/fstab
+    echo "$ibmcloud_file_share_mount_fqdn_sapmnt    /sapmnt    nfs4    nfsvers=4.1,timeo=600,sec=sys,noatime,proto=tcp    0    0" >> /etc/fstab
   fi
 
 

ibmcloud_vs/host_provision/host_block_storage.tf

@@ -161,7 +161,7 @@ resource "ibm_is_volume" "block_volume_usr_sap_tiered" {
 }
 
 resource "ibm_is_volume" "block_volume_sapmnt_tiered" {
-  count = var.module_var_disk_volume_count_sapmnt
+  count = var.module_var_nfs_boolean_sapmnt ? 0 : var.module_var_disk_volume_count_sapmnt
 
   name           = "${var.module_var_virtual_server_hostname}-volume-sapmnt-${count.index}"
   resource_group = var.module_var_resource_group_id

ibmcloud_vs/host_provision/module_variables.tf

@@ -162,6 +162,8 @@ variable "module_var_disk_volume_capacity_sapmnt" {}
 variable "module_var_filesystem_sapmnt" {
   default = "xfs"
 }
+variable "module_var_nfs_boolean_sapmnt" {}
+variable "module_var_nfs_fqdn_sapmnt" {}
 
 variable "module_var_disk_swapfile_size_gb" {}
 variable "module_var_disk_volume_count_swap" {}