Skip to content

Commit

Permalink
Make VMAgent Platform updates variable
Browse files Browse the repository at this point in the history
  • Loading branch information
Marges, RSY (Rick) committed Mar 10, 2025
1 parent cf8d050 commit dc28f8e
Show file tree
Hide file tree
Showing 11 changed files with 22 additions and 17 deletions.
7 changes: 6 additions & 1 deletion deploy/terraform/run/sap_system/tfvar_variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1171,7 +1171,7 @@ variable "register_storage_accounts_keyvaults_with_dns" {

#########################################################################################
# #
# NFS and Shared Filed settings #
# NFS and Shared Files settings #
# #
#########################################################################################

Expand Down Expand Up @@ -1493,6 +1493,11 @@ variable "patch_assessment_mode" {
default = "ImageDefault"
}

variable "platform_updates" {
description = "Specifies whether VMAgent Platform Updates is enabled"
default = "true"
}

#########################################################################################
# #
# Scaleout variables #
Expand Down
1 change: 1 addition & 0 deletions deploy/terraform/run/sap_system/transform.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ locals {
deploy_defender_extension = var.deploy_defender_extension
patch_mode = var.patch_mode
patch_assessment_mode = var.patch_assessment_mode
platform_updates = var.platform_updates
shared_access_key_enabled = var.shared_access_key_enabled
shared_access_key_enabled_nfs = var.shared_access_key_enabled_nfs

Expand Down
3 changes: 1 addition & 2 deletions deploy/terraform/terraform-units/modules/sap_landscape/iscsi.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,7 @@ resource "azurerm_linux_virtual_machine" "iscsi" {
patch_mode = var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = true
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

os_disk {
name = format("%s%s%s%s%s",
Expand Down Expand Up @@ -433,4 +433,3 @@ resource "azurerm_virtual_machine_extension" "monitoring_defender_iscsi_lnx" {
}
)
}

4 changes: 2 additions & 2 deletions deploy/terraform/terraform-units/modules/sap_landscape/vm.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ resource "azurerm_windows_virtual_machine" "utility_vm" {
patch_mode = var.infrastructure.patch_mode == "ImageDefault" ? "Manual" : var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = true
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates
enable_automatic_updates = !(var.infrastructure.patch_mode == "ImageDefault")

os_disk {
Expand Down Expand Up @@ -144,7 +144,7 @@ resource "azurerm_linux_virtual_machine" "utility_vm" {
patch_mode = var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = true
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

dynamic "admin_ssh_key" {
for_each = range(1)
Expand Down
4 changes: 2 additions & 2 deletions deploy/terraform/terraform-units/modules/sap_system/anydb_node/vm-anydb.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,7 @@ resource "azurerm_linux_virtual_machine" "dbserver" {
patch_mode = var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

tags = merge(local.tags, var.tags)

Expand Down Expand Up @@ -313,7 +313,7 @@ resource "azurerm_windows_virtual_machine" "dbserver" {
patch_mode = var.infrastructure.patch_mode == "ImageDefault" ? "Manual" : var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates
enable_automatic_updates = !(var.infrastructure.patch_mode == "ImageDefault")

admin_username = var.sid_username
Expand Down
4 changes: 2 additions & 2 deletions deploy/terraform/terraform-units/modules/sap_system/app_tier/vm-app.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ resource "azurerm_linux_virtual_machine" "app" {

patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

//If length of zones > 1 distribute servers evenly across zones
zone = var.application_tier.app_use_avset ? null : try(local.app_zones[count.index % max(local.app_zone_count, 1)], null)
Expand Down Expand Up @@ -305,7 +305,7 @@ resource "azurerm_windows_virtual_machine" "app" {
enable_automatic_updates = !(var.infrastructure.patch_mode == "ImageDefault")
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

//If length of zones > 1 distribute servers evenly across zones
zone = var.application_tier.app_use_avset ? null : try(local.app_zones[count.index % max(local.app_zone_count, 1)], null)
Expand Down
4 changes: 2 additions & 2 deletions deploy/terraform/terraform-units/modules/sap_system/app_tier/vm-scs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,7 @@ resource "azurerm_linux_virtual_machine" "scs" {

patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates
//If length of zones > 1 distribute servers evenly across zones
zone = local.use_scs_avset ? null : try(local.scs_zones[count.index % max(local.scs_zone_count, 1)], null)
network_interface_ids = var.application_tier.dual_nics ? (
Expand Down Expand Up @@ -340,7 +340,7 @@ resource "azurerm_windows_virtual_machine" "scs" {
patch_mode = var.infrastructure.patch_mode == "ImageDefault" ? "Manual" : var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates
enable_automatic_updates = !(var.infrastructure.patch_mode == "ImageDefault")
//If length of zones > 1 distribute servers evenly across zones
zone = local.use_scs_avset ? (
Expand Down
4 changes: 2 additions & 2 deletions deploy/terraform/terraform-units/modules/sap_system/app_tier/vm-webdisp.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ resource "azurerm_linux_virtual_machine" "web" {

patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates
//If length of zones > 1 distribute servers evenly across zones
zone = local.use_web_avset ? null : try(local.web_zones[count.index % max(local.web_zone_count, 1)], null)

Expand Down Expand Up @@ -297,7 +297,7 @@ resource "azurerm_windows_virtual_machine" "web" {
patch_mode = var.infrastructure.patch_mode == "ImageDefault" ? "Manual" : var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates
enable_automatic_updates = !(var.infrastructure.patch_mode == "ImageDefault")

//If length of zones > 1 distribute servers evenly across zones
Expand Down
4 changes: 2 additions & 2 deletions deploy/terraform/terraform-units/modules/sap_system/common_infrastructure/vm-anchor.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ resource "azurerm_linux_virtual_machine" "anchor" {

patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

zone = local.zones[count.index]

Expand Down Expand Up @@ -149,7 +149,7 @@ resource "azurerm_windows_virtual_machine" "anchor" {
patch_mode = var.infrastructure.patch_mode == "ImageDefault" ? "Manual" : var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

network_interface_ids = [
azurerm_network_interface.anchor[count.index].id
Expand Down
2 changes: 1 addition & 1 deletion deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-hdb.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,7 +197,7 @@ resource "azurerm_linux_virtual_machine" "vm_dbnode" {
patch_mode = var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

zone = local.use_avset ? null : try(local.zones[count.index % max(local.db_zone_count, 1)], null)

Expand Down
2 changes: 1 addition & 1 deletion deploy/terraform/terraform-units/modules/sap_system/hdb_node/vm-observer.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ resource "azurerm_linux_virtual_machine" "observer" {
patch_mode = var.infrastructure.patch_mode
patch_assessment_mode = var.infrastructure.patch_assessment_mode
bypass_platform_safety_checks_on_user_schedule_enabled = var.infrastructure.patch_mode != "AutomaticByPlatform" ? false : true
vm_agent_platform_updates_enabled = false
vm_agent_platform_updates_enabled = var.infrastructure.platform_updates

dynamic "admin_ssh_key" {
for_each = range(var.deployment == "new" ? 1 : (local.enable_auth_password ? 0 : 1))
Expand Down

0 comments on commit dc28f8e

Please sign in to comment.