saltext.sap_xsa._states.sap_xsa#

SaltStack extension for SAP HANA XSA Copyright (C) 2022 SAP UCC Magdeburg

SAP HANA XSA state module#

SaltStack module that implements SAP HANA XSA states.

maintainer

Benjamin Wegener, Alexander Wilke

maturity

new

depends

dateutil

platform

Linux

This module implements SAP HANA XSA states based on the xs command line tools that SAP provides for managing the XS Advanced Engine.

Note

This module can only run on linux platforms.

saltext.sap_xsa._states.sap_xsa.trusted_certificate_present(name, certfile, api_url, password, org, sid, username='XSA_ADMIN', bin_path='/hana/shared/{SID}/xs/bin/', space='SAP', verify=True, **kwargs)[source]#

Ensure that a certificate is trusted.

name

Alias name of the certificate.

certfile

Certificate file that should be trusted.

api_url

URL to the API, e.g. https://api.hdb.my.domain:443

password

Password for the provided user.

org

Organisation to use for logon.

username

Username to logon to XSA, default is XSA_ADMIN.

sid

SID of the system.

bin_path

Path to the XSA executables, default is /hana/shared/{SID}/xs/bin/

space

SPACE to use, default is SAP

verify

False if SSL validation should be skipped, default is True.

Example:

CA certificate is present in XSA HDB:
  sap_xsa.trusted_certificate_present:
    - name: MY_CA
    - certfile: /etc/pki/trust/anchors/ca.crt
    - api_url: https://api.hdb.my.domain:443
    - password: __slot__:salt:vault.read_secret(path="xsa/HDB", key="XSA_ADMIN")
    - username: XSA_ADMIN
    - sid: HDB
    - org: SAP
    - bin: /hana/shared/HDB/xs/bin/xs
    - space: SAP
    - verify: False
saltext.sap_xsa._states.sap_xsa.trusted_certificate_absent(name, api_url, password, org, sid, username='XSA_ADMIN', bin_path='/hana/shared/{SID}/xs/bin/', space='SAP', verify=True, auth_required=True, **kwargs)[source]#

Ensure that a certificate is absent.

name

Alias name of the certificate.

api_url

URL to the API, e.g. https://api.hdb.my.domain:443

password

Password for the provided user.

org

Organisation to use for logon.

username

Username to logon to XSA, default is XSA_ADMIN.

sid

SID of the system.

bin_path

Path to the XSA executables, default is /hana/shared/{SID}/xs/bin/

space

SPACE to use, default is SAP

verify

False if SSL validation should be skipped, default is True.

auth_required

False if system should not login/logout, default is True.

Example:

CA certificate is present in XSA HDB:
  sap_xsa.trusted_certificate_absent:
    - name: MY_CA
    - api_url: https://api.hdb.my.domain:443
    - password: __slot__:salt:vault.read_secret(path="xsa/HDB", key="XSA_ADMIN")
    - username: XSA_ADMIN
    - sid: HDB
    - org: SAP
saltext.sap_xsa._states.sap_xsa.certificate_present(name, keyfile, certfile, api_url, password, org, sid, username='XSA_ADMIN', bin_path='/hana/shared/{SID}/xs/bin/', space='SAP', verify=True, **kwargs)[source]#

Ensure that a certificate is present for a domain.

name

Name of domain

keyfile

Filepath of the *.key file.

certfile

Filepath of the *.crt file.

api_url

URL to the API, e.g. https://api.hdb.my.domain:443

password

Password for the provided user.

org

Organisation to use for logon.

username

Username to logon to XSA, default is XSA_ADMIN.

sid

SID of the system.

bin_path

Path to the XSA executables, default is /hana/shared/{SID}/xs/bin/

space

SPACE to use, default is SAP

verify

False if SSL validation should be skipped, default is True.

Example:

Certificate is present in XSA S4H:
  sap_xsa.certificate_present:
    - name: hdb.my.domain
    - keyfile: /etc/pki/hdb.my.domain.key
    - certfile: /etc/pki/hdb.my.domain.crt
    - api_url: https://api.hdb.my.domain:443
    - password: __slot__:salt:vault.read_secret(path="xsa/HDB", key="XSA_ADMIN")
    - username: XSA_ADMIN
    - sid: HDB
    - org: SAP
saltext.sap_xsa._states.sap_xsa.certificate_absent(name, api_url, password, org, sid, username='XSA_ADMIN', bin_path='/hana/shared/{SID}/xs/bin/', space='SAP', verify=True, auth_required=True, **kwargs)[source]#

Ensure that a certificate is absent for a domain.

name

Name of domain

api_url

URL to the API, e.g. https://api.hdb.my.domain:443

password

Password for the provided user.

org

Organisation to use for logon.

username

Username to logon to XSA, default is XSA_ADMIN.

sid

SID of the system.

bin_path

Path to the XSA executables, default is /hana/shared/{SID}/xs/bin/

space

SPACE to use, default is SAP

verify

False if SSL validation should be skipped, default is True.

auth_required

False if system should not login/logout, default is True.

Example:

Certificate is absent in XSA S4H:
  sap_xsa.certificate_absent:
    - name: hdb.my.domain
    - api_url: https://api.hdb.my.domain:443
    - password: __slot__:salt:vault.read_secret(path="xsa/HDB", key="XSA_ADMIN")
    - username: XSA_ADMIN
    - sid: HDB
    - org: SAP
saltext.sap_xsa._states.sap_xsa.restarted(name, bin_path='/hana/shared/{SID}/xs/bin/', **kwargs)[source]#

Restart XSA.

name

SID of the system.

bin_path

Path to the XSA executables, default is /hana/shared/{SID}/xs/bin/.

Example:

XSA HDB is restarted:
  sap_xsa.restarted:
    - name: HDB
    - bin_path: /hana/shared/HDB/xs/bin/