SAP HANA for RedHat 8.4 – Bypass installer compatibility

Red hat provides a playbook that can be used for SAP HANA configuration on RHEL. This ansible script sets environment variables and kernel values in order to optimize the environment for SAP workloads.

https://www.redhat.com/en/blog/getting-started-your-sap-hana-journey-rhel-8-sap-solutions

However you may encounter errors during the installation procedure. This article explains how to bypass them in order to run it on a RHEL 8.4 environment.

The first error you will notice is the sap_domain. This occurs if you have not set a value for this variable on vars.

In order to resolve this issue run the playbook using sap_domain variable.

ansible-playbook site.yml --extra-vars sap_domain=yourdomain

The second issue you will notice is that RHEL 8.4 does not belong to the supported distributions.

The compatibility is stored on the ansible collection vars section and you should edit that.

vi /usr/share/ansible/roles/sap-hana-preconfigure/vars/RedHat_8.yml

Add 8.3 or 8.4 version and save the file.

The last error you may notice would be about required packages.

Add the below repositories:

subscription-manager repos --enable=rhel-8-for-x86_64-appstream-rpms \
--enable=rhel-8-for-x86_64-baseos-rpms \
--enable=rhel-8-for-x86_64-sap-solutions-rpms \
--enable=ansible-2-for-rhel-8-x86_64-rpms

Rerun the ansible playbook.

Verify the changed states of various tasks and check active tuned profile

Extend swap size on Redhat – Installer up to 128GB

If you try to allocate more than 128GB on swap partition for a Redhat installation you will notice that is not possible through installer. This is a known bug on Redhat bugzilla that is mentioned as resolved. However I tried to allocate 256GB swap with a RedHat 8.2 installer and I got the maximum size which is 128GB. In this article you will learn how to increase swap size manually.

First validate that there is available space on the volume group. (140g available on my case)

Then extend the swap logical volume

Deactivate swap file

format swap

Reactivate swap partition.

You can verify swap space with

free -g

Log commands for all users on Linux – Redhat auditd

As security is one of the most important things on your infrastructure, you should enable logging for all commands and actions that a user performs (logins included).

In this article I will explain the procedure using auditd which comes preinstalled with many Linux distributions.

First things first, check if auditd is already installed and started on your system.

Then go to the rules file and open it with your favorite editor.

vi /etc/audit/rules.d/audit.rules

Add the below two rules to the end of the file.

-a exit,always -F arch=b32 -S execve -k auditcmd
-a exit,always -F arch=b64 -S execve -k auditcmd

Then execute on terminal:

augenrules 

You should then restart the service. Trying to do so with systemctl you may encounter the below error:

Execute auditd stop and start using the below commands:

service auditd stop
service auditd start

Verify existing rules:

auditctl -l

You are now ready and you can test the logging functionality. Perform a sudo action with a non root user.

Locate the action from logs.