Configuration steps for running terraform/ansible through tenant's gateway

Owned by Dinesh Amatya
Last updated: Jun 05, 2024 by Paulina Jaramillo
3 min read

Onboarding an S4 HANA system onto an Azure tenant can be a complex process involving multiple stages of setup and configuration. IT-Conductor simplifies this process by leveraging the automation capabilities of Terraform and Ansible scripts. Terraform, an infrastructure as code tool, efficiently provisions and manages Azure resources, while Ansible automates the configuration and deployment of the S4 HANA system.


Pre-Requisites

Before provisioning the infrastructure on IT-Conductor, please follow the steps below.

  1. Set up the IT-Conductor Gateway. See Gateway Setup for more details.

  2. Set up Azure Monitoring in IT-Conductor by following the instructions in our Azure Monitoring

  3. Create a user dedicated to running the automation on the server where the gateway was installed by using the following script.

sudo useradd -m -d /home/itc_automation itc_automation passwd itc_automation For all IT-Conductor Gateways on Ubuntu, make sure to update /etc/sudoers file with the following itc_automation ALL=(ALL) NOPASSWD: ALL

 

 

 

 

 

 

 

 

Make github access for tenant

 

For accessing the terraform and ansible scripts, we need to have tenant’s user access to github repo. For this we need to do following

 

  1. Need to generate ITC email for tenant

  2. Invite tenant IT mail for accessing repoisotry

  3. Register tenant ITC mail to github

  4. Generate the personal access token for ITC mail

 

Sync github project to ITC

 

Configure the github and git project in ITC for the tenant.

 

  1. Navigate to repos

    image-20240513-153327.png

  2. Click “+“ to configure new repo

    image-20240513-153450.png

  3. Fill up the form and then click “+“

  4. After the project is created, we can view the synced files by clicking on the repo itself

  5.  

 

Configure user in tenant’s gateway specifically to run automation

 

Run following command to add user

sudo useradd -m -d /home/itc_automation itc_automation passwd itc_automation

For ITC gateway with Ubuntu, make sure to update /etc/sudoers file with following

itc_automation ALL=(ALL) NOPASSWD: ALL

 

Configure Ansible and Terraform Application

 

This configures the parameters needed to run ansible and terraform through tenant’s gateway.

For this

  1. Make Cloud object provider ( in case of azure its AzureTenant containing tenant id and subscription id)

  2. Make Account object for Cloud ( in case of azure its AzureAccount containing client id and key)

  3. Make TerraformBackend object for terraform job

  4. Make AnsibleExecConfig object for ansible job

  5. Make Terraform and Ansible object

  6. Configure Account for terraform and ansible with user added in automation gateway

 

Copy process definitions from OZSoft tenant and configure

 

Copy the automation process definition that we want to test.

Â