View
218
Download
2
Category
Preview:
Citation preview
Solution Guide
EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition Foundation for SAP Solution Guide
EMC Solutions
Abstract
This Solution Guide details how to deploy an SAP environment on an EMC® Enterprise Hybrid Cloud with VMware vCloud® Automation Center™ as its core. The solution addresses provisioning, key security, migration, and operational efficiency challenges specific to an SAP infrastructure.
April 2015
2
Copyright © 2015 EMC Corporation. All rights reserved. Published in the USA.
Published April 2015
EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED AS IS. EMC CORPORATION MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license.
EMC2, EMC, VMAX, VNX, XtremIO, VPLEX, ViPR, PowerPath, Data Domain, Avamar, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks used herein are the property of their respective owners.
For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com.
EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition Foundation for SAP Solution Guide
Part Number H14046
Contents
3
Contents
Chapter 1 Executive Summary 8
Business case ............................................................................................................ 9
Solution overview ....................................................................................................... 9
Chapter 2 Introduction 11
Purpose .................................................................................................................... 12
Scope ....................................................................................................................... 12
Audience .................................................................................................................. 12
Terminology ............................................................................................................. 13
Chapter 3 Technology Overview 14
Overview .................................................................................................................. 15
Architecture .............................................................................................................. 15
Key components ....................................................................................................... 17
Overview ............................................................................................................. 17
Blue Medora vCenter Operations Management Pack for SAP CCMS ...................... 18
SAP Business Suite 7.0 ........................................................................................ 18
Technology resources ............................................................................................... 19
Chapter 4 Solution Architecture and Design 20
EMC Enterprise Hybrid Cloud solution delivery strategy ............................................ 21
Foundation infrastructure solution ........................................................................... 21
Automation and self-service provisioning ............................................................ 22
Multitenancy and secure separation .................................................................... 24
Security ............................................................................................................... 24
Networking .......................................................................................................... 25
Workload-optimized storage ................................................................................ 25
Elasticity and service assurance .......................................................................... 25
Operational monitoring and management ........................................................... 26
Metering and chargeback .................................................................................... 27
Modular add-on services .......................................................................................... 28
Application Services ............................................................................................ 28
Data protection: Backup ...................................................................................... 28
Data protection: Continuous availability .............................................................. 29
Contents
4
Data protection: Disaster recovery ....................................................................... 29
Platform as a service ............................................................................................ 29
Public cloud services ................................................................................................ 29
Why use a hybrid cloud for SAP? ............................................................................... 29
EMC Enterprise Hybrid Cloud solution for SAP .......................................................... 30
Chapter 5 Migration 32
Overview .................................................................................................................. 33
Scenarios and procedures ........................................................................................ 33
Scenario 1: Virtual machines under the vCenter Server instance used by EMC Enterprise Hybrid Cloud ................................................................................ 33
Scenario 2: Virtual machines in a non-EMC Enterprise Hybrid Cloud vCenter that will be connected as an endpoint .................................................................. 34
Validation use case .................................................................................................. 35
Step 1: Creating the blueprint .............................................................................. 35
Step 2: Importing existing virtual machines ......................................................... 36
Step 3: Verifying EMC Enterprise Hybrid Cloud compliance .................................. 37
Test results .......................................................................................................... 38
Chapter 6 Self-Service SAP Provisioning 39
Overview .................................................................................................................. 40
Automating a standard SAP installation ............................................................... 40
Automating a distributed installation ................................................................... 41
Elasticity: Automating an SAP AAS installation..................................................... 43
How autoprovisioning works .................................................................................... 43
Self-service provisioning .......................................................................................... 44
Verifying prerequisites ......................................................................................... 44
Creating an SAP-ready virtual machine template .................................................. 45
Setting up silent installation scripts ..................................................................... 46
Creating vCloud Automation Center Application blueprints .................................. 46
Deploying the automation workflow ..................................................................... 46
Validation use case .................................................................................................. 47
Test scenario ....................................................................................................... 47
Test objective ...................................................................................................... 48
Test procedure ..................................................................................................... 48
Test results .......................................................................................................... 48
Chapter 7 Networking and Security 49
Overview .................................................................................................................. 50
Contents
5
Multitenant security ................................................................................................. 50
Solution architecture ................................................................................................ 50
Logical network topology ..................................................................................... 51
Validation use case .................................................................................................. 52
Test scenario ....................................................................................................... 52
Test objectives..................................................................................................... 53
Test procedure ..................................................................................................... 53
Test results .......................................................................................................... 54
Chapter 8 Cloud Monitoring and Root Cause Analysis 56
Overview of EMC Enterprise Hybrid Cloud monitoring ............................................... 57
SAP monitoring ........................................................................................................ 57
ViPR SRM and vCenter Operations Manager-Blue Medora configuration ................... 58
Customized monitoring dashboard........................................................................... 58
Validation use case .................................................................................................. 60
Test scenario ....................................................................................................... 60
Test objective ...................................................................................................... 60
Test procedure and results .................................................................................. 60
Chapter 9 Conclusion 64
Conclusion ............................................................................................................... 65
Contents
6
Figures Figure 1. EMC Enterprise Hybrid Cloud solution architecture .............................. 16
Figure 2. EMC Enterprise Hybrid Cloud key components ..................................... 17
Figure 3. EMC Enterprise Hybrid Cloud features and functionality ...................... 22
Figure 4. Self-service provisioning through the vCloud Automation Center portal23
Figure 5. EMC ViPR Analytics with VMware vCenter Operations Manager ............ 26
Figure 6. IT Business Management Suite overview dashboard for hybrid cloud .. 28
Figure 7. Creating a blueprint for importing existing virtual machines ................ 36
Figure 8. Importing existing virtual machines ..................................................... 36
Figure 9. Assigning a business group to the imported virtual machines ............. 37
Figure 10. Applying a blueprint to the imported virtual machines ......................... 37
Figure 11. Managing virtual machines using the Actions menu ............................ 37
Figure 12. Detailed information on the virtual machines ...................................... 38
Figure 13. Process flow of a standard SAP installation ......................................... 41
Figure 14. Distributed SAP installation workflow .................................................. 42
Figure 15. User workflow for self-provisioning an SAP system using vCloud Automation Center .............................................................................. 43
Figure 16. SAP Blueprint interface in vCloud Automation Center Application services ............................................................................................... 47
Figure 17. Install new SAP system ........................................................................ 48
Figure 18. Result of SAP provisioning ................................................................... 48
Figure 19. Security logical infrastructure .............................................................. 52
Figure 21. Firewall rules ....................................................................................... 54
Figure 22. Firewall rules from PIP to EP1 ............................................................... 54
Figure 23. Test results for firewall rules ................................................................ 55
Figure 24. vCenter Operations Manager performance dashboard for SAP tenant administrator ...................................................................................... 59
Figure 25. Tenant A’s SAP system DX1 and EP1 performance dashboard ............. 61
Figure 26. End-to-end view from the virtual machine to storage ........................... 61
Figure 27. Performance dashboard on EMC ViPR SRM .......................................... 62
Tables Table 1. Terminology ........................................................................................ 13
Table 2. Solution resources .............................................................................. 19
Table 3. Virtual machine specification and installation media .......................... 45
Table 4. Detailed information on tested SAP systems ....................................... 53
Table 5. Use case test result ............................................................................. 55
Contents
7
Table 6. Virtual machine-to-array performance analysis in EMC ViPR SRM ......... 63
Chapter 1: Executive Summary
8
Chapter 1 Executive Summary
This chapter presents the following topics:
Business case ............................................................................................................ 9
Solution overview ...................................................................................................... 9
Chapter 1: Executive Summary
9
Business case
From the perspective of both SAP and its customers, the key focus today is on simplifying the deployment and operation of SAP systems. This simplification has become increasingly important as SAP system landscapes have grown over the last decade to include ever more components, interconnected and interdependent, making the setup, operation and, most of all, the evolution of these systems a massive effort.
This scenario clashes with today’s business environment which, being increasingly global and “real time” through web connections for information, people, and goods, forces companies to be more agile than ever to survive.
In terms of IT, these challenges translate into additional demands on CIOs and IT organizations:
To respond faster to new business initiatives and change requests
To provide a simpler, cost-effective, just-in-time, self-service experience to internal IT customers
To be a technology broker for their organizations, facilitating technology adoption as a business innovation driver for their business units, both in relation to internal IT resources as well as public cloud capabilities
The increased business pace of change and the need to simplify SAP landscapes, together with the increased maturity of cloud offerings and the still existing demands for data control and confidentiality, makes the hybrid cloud-computing environment an option that many organizations really need.
EMC® Enterprise Hybrid Cloud for SAP transforms hybrid cloud challenges into advantages. The solution includes SAP-specific functionalities that are designed to improve efficiency and reduce total cost of ownership (TCO) by balancing the cost of the resources with the criticality of the SAP system.
Solution overview
This EMC Enterprise Hybrid Cloud solution integrates the best of EMC and VMware products and services, and empowers IT organizations to accelerate implementation and adoption of hybrid cloud infrastructure for SAP system landscapes, while still enabling customer choice for the compute and networking infrastructure within the data center. The solution caters to customers who want to preserve their investment and make better use of their existing infrastructure, as well as to those who want to build out new infrastructures dedicated to a hybrid cloud.
This solution takes into consideration the unique requirements of deployment, operations, and evolution of SAP system landscapes. It takes advantage of the strong integration between EMC technologies and the VMware® vCloud Suite® to deliver a hybrid cloud foundation that is simple to deploy and operate. The solution, developed by EMC and VMware product and services teams, includes EMC scalable
Chapter 1: Executive Summary
10
storage arrays, integrated EMC and VMware monitoring, and data protection suites to provide the foundation for enabling cloud services within the customer environment.
Chapter 2: Introduction
11
Chapter 2 Introduction
This chapter presents the following topics:
Purpose.................................................................................................................... 12
Scope ....................................................................................................................... 12
Audience .................................................................................................................. 12
Terminology ............................................................................................................. 13
Chapter 2: Introduction
12
Purpose
This Solution Guide, which describes the foundation solution for EMC Enterprise Hybrid Cloud for SAP, is the first of a series of guides that describe in detail the design and specific configurations needed for an SAP environment to maximize the capabilities of the EMC Enterprise Hybrid Cloud.
This solution is a direct application of the EMC Enterprise Hybrid Cloud to an SAP environment. This document serves as an enablement reference for SAP customers who plan to deploy their SAP environment on EMC Enterprise Hybrid Cloud.
Scope
This Solution Guide focuses on the SAP-related architecture, design, and implementation best practices for deploying an SAP environment on an existing, fully functional EMC Enterprise Hybrid Cloud solution. Why use a hybrid cloud for SAP? summarizes the SAP use cases.
While this document includes some content from the EMC Enterprise Hybrid Cloud Solution Guide, it does not include detailed information about products and functionalities specific to EMC Enterprise Hybrid Cloud.
For all EMC Enterprise Hybrid Cloud topics beyond the scope of this document, refer to EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Foundation Infrastructure Solution Guide.
Audience
This document is intended for technical architects and cloud solution engineers who are considering adopting a private cloud or hybrid cloud model for their data center infrastructure and business processes. Readers are expected to have basic competency in the implementation and operation of EMC, VMware, and SAP products and environments.
Readers must have a clear understanding of the current implementations and operational processes within their own environments. When implementing a hybrid-cloud computing environment, the target audience must have a reasonable understanding of cloud computing and be fully aware of what their end users expect. These considerations include security, monitoring, resource management, multitenancy, and service metering.
Chapter 2: Introduction
13
Terminology
Table 1 defines the terms used in this document.
Table 1. Terminology
Term Definition
BAPI Business Application Programming Interface. A precisely defined interface that provides access to processes and data in SAP business application systems such as R/3.
DEV SAP development system. An SAP system built for SAP programmers and consultants to develop programs and configurations.
Off premises The application or service is running on resources (hardware, software, locations) that are owned by a third party and are not under the full control of the enterprise in question.
On premises The application or service is running on resources (hardware, software, locations) that are owned by and in the full control of the enterprise in question.
PRD SAP production system. The system used by end users in live deployments.
QAS SAP Quality Assurance system. A replica of the PRD system, QAS serves as the test environment for configurations and programs designed in DEV.
Chapter 3: Technology Overview
14
Chapter 3 Technology Overview
This chapter presents the following topics:
Overview .................................................................................................................. 15
Architecture ............................................................................................................. 15
Key components ...................................................................................................... 17
Technology resources .............................................................................................. 19
Chapter 3: Technology Overview
15
Overview
This solution takes advantage of the strong integration between EMC technologies and the VMware vCloud Suite. The solution, developed by EMC and VMware product and services teams, includes EMC scalable storage arrays, integrated EMC and VMware monitoring, and data protection suites to provide the foundation for enabling cloud services within the customer environment.
Architecture
This section describes the environment and supporting infrastructure for this EMC Enterprise Hybrid Cloud for SAP solution. Figure 1 shows the overall architecture of the solution.
Chapter 3: Technology Overview
16
Figure 1. EMC Enterprise Hybrid Cloud solution architecture
The cloud management platform supports the entire management infrastructure for this solution. The infrastructure is divided into pods, which consist of one or more ESXi clusters. The EMC Enterprise Hybrid Cloud solution includes several pods, which perform solution-specific functions and provide high availability and load balancing.
The VMware vSphere® ESXi™ clusters configured in High Availability mode provide virtual machine protection. Increased levels of fault tolerance are provided through application and operating system cluster services, such as Windows Failover Clustering, PostgreSQL clustering, load-balancer clustering, or farms of machines that work together natively, to provide a resilient architecture.
Chapter 3: Technology Overview
17
For detailed discussion of the architecture, and specific information on its hardware components, refer to the EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Foundation Infrastructure Solution Guide.
Key components
Figure 2 shows the key components of the EMC Enterprise Hybrid Cloud solution, including the VMware vCloud Suite Enterprise components. VMware vCloud Suite combines multiple components into a single product to address the complete set of cloud infrastructure capabilities. When used together, the vCloud Suite components provide virtualization, software-defined data center services, policy-based provisioning, disaster recovery, application management, and operations management.
EMC VPLEX, VMAX, EMC VNX and EMC XtremIO
VMware vSphereEMC VSI
EMC PowerPath/VE
VMware vCenter Server
VAAI
VASA
VMware vCenter Operations Manager
VMware vCloud Automation Center
VMware vCenter Orchestrator
EMC ViPR
VMware vCloud Networking and SecurityVMware NSX for vSphere
VMware IT Business Management SuiteEMC Storage
AnalyticsVMware vCenter
Log Insight
SecurityManagement
CentralizedAuthentication
PublicKey
Infrastructure
EMC ViPR Analytics
EMC ViPR Storage
Resource Management
Data Protection
Backup
Continuous Availability
Disaster Recovery
Application Services
SAP Applications
Figure 2. EMC Enterprise Hybrid Cloud key components
This EMC Enterprise Hybrid Cloud for SAP solution includes the following key technology components:
VMware vCloud® Automation Center™
VMware vCloud Application Director™
VMware vCenter™ Operations Manager™
VMware vCenter Orchestrator™
VMware NSX™
VMware IT Business Management Suite™
EMC VNX® storage
Overview
Chapter 3: Technology Overview
18
EMC VMAX® storage
EMC ViPR® storage resource management (SRM)
EMC ViPR Controller
EMC PowerPath®/VE
For detailed information on the solution components, refer to the EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Foundation Infrastructure Solution Guide for detailed information on the components of the modular add-on solutions (such as Data Protection), refer to the relevant solution guides.
The Blue Medora vCenter Operations Management Pack for SAP CCMS1 is an embedded adapter that uses SAP BAPI calls to collect metrics from an SAP server. The management pack enhances vCenter Operations Manager by adding the following capabilities:
Out-of-the-box dashboards
Workload details view
Proactive smart alerts
Automated correlation of changed events
Heat map views
Capacity and trending analysis
vCenter Operations Manager provides a comprehensive monitoring solution for SAP in a virtualized environment, while the management pack makes the data more consumable, especially in complex SAP cloud environments.
SAP ERP 6.0, powered by the SAP NetWeaver technology platform, is a fully integrated enterprise resource planning (ERP) application that fulfills the core business needs of midsize and large enterprises across all industries and market sectors. SAP ERP 6.0 delivers a comprehensive set of integrated, cross-functional business processes and can serve as a solid business-process platform that supports continued growth, innovation, and operational excellence.
1 The SAP adapter delivered with this solution is third-party software available from Blue Medora, and is available to customers through EMC Select.
Blue Medora vCenter Operations Management Pack for SAP CCMS
SAP Business Suite 7.0
Chapter 3: Technology Overview
19
Technology resources
Table 2 details the hardware and software resources used in the solution.
Table 2. Solution resources
Software Version Purpose
EMC Enterprise Hybrid Cloud: Federation Software-Defined Data Center Edition (OE)
2.5.1 Foundation
Blue Medora vCenter Operations Management Pack for SAP CCMS
5.8.1 SAP adapter for vCenter Operations Manager
SAP ERP 6.0 EhP 7 SAP application software
For a complete, up-to-date list of all software requirements for EMC Enterprise Hybrid Cloud, refer to the following resources:
EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Foundation Infrastructure Solution Guide
Latest EMC Simple Support Matrix for EMC Enterprise Hybrid Cloud 2.5.1 at elabnavigator.emc.com (requires login)
Chapter 4: Solution Architecture and Design
20
Chapter 4 Solution Architecture and Design
This chapter presents the following topics:
EMC Enterprise Hybrid Cloud solution delivery strategy .......................................... 21
Foundation infrastructure solution ........................................................................... 21
Modular add-on services .......................................................................................... 28
Public cloud services................................................................................................ 29
Why use a hybrid cloud for SAP? .............................................................................. 29
EMC Enterprise Hybrid Cloud solution for SAP ......................................................... 30
Chapter 4: Solution Architecture and Design
21
EMC Enterprise Hybrid Cloud solution delivery strategy
The EMC Enterprise Hybrid Cloud is an engineered solution that offers a simplified approach to IT functionality for IT organizations, developers, end users, and line-of-business owners. In addition to delivering baseline infrastructure as a service (IaaS), built on the software-defined data center architecture, the EMC Enterprise Hybrid Cloud also delivers feature-rich capabilities to expand from IaaS to business enabling IT as a service (ITaaS).
The full EMC Enterprise Hybrid Cloud solution has the following elements:
Foundation infrastructure—The essential component of the solution
Modular add-ons—Enabling features that are optional but highly recommended
Foundation infrastructure solution
This section describes the following features and functionality of the foundation infrastructure:
Automation and self-service provisioning
Multitenancy and secure separation
Security
Networking
Workload-optimized storage
Elasticity and service assurance
Operational monitoring and management
Metering and chargeback
Figure 3 depicts the foundation infrastructure features and functionality.
Chapter 4: Solution Architecture and Design
22
Figure 3. EMC Enterprise Hybrid Cloud features and functionality
The EMC Enterprise Hybrid Cloud solution provides self-service provisioning of automated cloud services to end users and infrastructure administrators. The EMC Enterprise Hybrid Cloud uses VMware vCloud Automation Center, integrated with EMC ViPR Controller and VMware NSX, to provide the compute, storage, network, and security virtualization services for the software-defined data center. These services enable rapid deployment of business-relevant cloud services across your hybrid cloud and physical infrastructure.
Cloud users can request and manage applications and compute resources within established operational policies. This can reduce IT service delivery times from days or weeks to minutes. Self-service provisioning features include the following:
Self-service portal: Provides a cross-cloud storefront that delivers a catalog of custom-defined services for provisioning applications based on business and IT policies
Role-based entitlements: Ensure that the self-service portal presents only the virtual machine, application, or service blueprints appropriate to a user’s role within the business
Resource reservations: Enable resources to be allocated to a specific group and ensures that access is limited to that group
Automation and self-service provisioning
Chapter 4: Solution Architecture and Design
23
Service levels: Define the amount and type of resources a specific service can receive either during the initial provisioning or as part of any configuration changes
Build specifications: Contain the automation policies that specify the process for building or reconfiguring compute resources
In this solution, vCloud Automation Center provides lines of business with the ability to rapidly deploy cloud applications and services to meet the demands of the business. vCloud Automation Center provides the ability to divide a shared infrastructure into logical partitions that can be assigned to different business units. Using role-based entitlements, business users can manage resources from their own self-service catalog of custom-defined services and blueprints. Each user’s catalog presents the virtual machines, applications, and service blueprints they are entitled to, based on their assigned role within the business.
Service blueprints enable cloud infrastructure administrators to deploy new EMC services supported by ViPR Controller for automated storage services and by EMC Avamar®
and EMC Data Domain® for backup and restore services.
Virtual machine and application blueprints can be single machine or multimachine, covering both bare-metal server and virtual machine deployments. Multitier enterprise applications requiring multiple components (application, database, and web) and service levels can be deployed easily from predefined blueprints.
Figure 4 shows the EMC Enterprise Hybrid Cloud self-service portal in vCloud Automation Center.
Figure 4. Self-service provisioning through the vCloud Automation Center portal
Data protection policies can be applied to virtual machine resources at provisioning time, which later enables users to request on-demand backups and restores of their
Chapter 4: Solution Architecture and Design
24
virtual machines, and generate backup reports from the vCloud Automation Center self-service portal.
Multitenancy access requirements in a cloud environment range from shared, open resource access to completely isolated resources. The EMC Enterprise Hybrid Cloud solution provides the ability to enforce physical and virtual separation for multitenancy, offering different levels of security to meet business requirements. This separation can encompass network, compute, and storage resources, to ensure appropriate security and performance for each tenant.
The solution supports secure multitenancy through vCloud Automation Center role-based access control (RBAC), which enables vCloud Automation Center roles to be mapped to Active Directory groups. vCloud Automation Center uses existing authentication and business groupings. User access to the self-service portal is governed by the user’s business role.
Physical segmentation of resources can be achieved in vCloud Automation Center to isolate tenant resources or to isolate and contain compute resources for licensing purposes. For example, Oracle licensing costs can be managed by limiting the amount of CPU resources assigned to a particular resource group.
Virtualized compute resources within the software-defined data center are objects inherited from the vSphere endpoint, most commonly representing VMware vSphere ESXi hosts, host clusters, or resource pools. Compute resources can be configured at the vSphere layer to ensure physical and logical separation of resources between functional areas such as Production and Testing/Development (Test/Dev).
For more details, refer to Multitenant security and the EMC Enterprise Hybrid Cloud 2.5, Federation Software-Defined Data Center: Security Management Solution Guide.
The EMC Enterprise Hybrid Cloud solution enables customers to enhance security by establishing a hardened security baseline across the hardware and software stacks supporting their EMC Enterprise Hybrid Cloud infrastructure. The solution helps to reduce concerns around the complexities of the underlying infrastructure by demonstrating how to tightly integrate an as-a-service solution stack with public key infrastructure (PKI) and a common authentication directory to provide centralized administration and tighter control over security.
The solution addresses the challenges of securing authentication and configuration management to comply with industry and regulatory standards through the following features:
Secured infrastructure with PKI support for authenticity, non-repudiation, and encryption
Authentication sources converged into a single directory to enable a centralized point of administration and policy enforcement
Configuration management tools that generate infrastructure reports for audit and compliance purposes
Multitenancy and secure separation
Security
Chapter 4: Solution Architecture and Design
25
The EMC Enterprise Hybrid Cloud can employ NSX for vSphere to offer significant advancements over the VMware vCloud Networking and Security™ (vCNS) feature set. Enhanced networking and security features in NSX include the following:
NSX logical routing and firewalls: Provide line-rate performance distributed across many hosts instead of being limited to a single virtual machine or physical host.
Distributed logical routers: Contain east-west traffic within the hypervisor when the source and target virtual machines reside on the same host.
Logical load balancer: Enables load sharing across a pool of virtual machines with configurable health check monitoring and application-specific rules for service high availability, URL rewriting, and advanced Secure Sockets Layer (SSL) handling. A distributed firewall enables consistent data-center-wide security policies.
Security policies: Can be applied directly to security groups, enabling greater flexibility in enforcing security policies.
The EMC Enterprise Hybrid Cloud solution enables customers to take advantage of the proven benefits of EMC storage in an EMC Enterprise Hybrid Cloud environment. Using EMC ViPR Controller storage services and EMC XtremIO™, VNX, and VMAX capabilities, the solution provides policy-based, software-defined storage management of EMC block and file storage.
With a scalable storage architecture that uses the latest flash and tiering technologies, XtremIO, VNX, and VMAX storage arrays enable customers to satisfy any workload requirements with maximum efficiency and performance, in the most cost-effective way. With ViPR Controller, the storage configuration is abstracted and presented as a single storage control point, enabling cloud administrators to access all heterogeneous storage resources within a data center as if they were a single large array.
Storage administrators maintain control of storage resources and policies while enabling the cloud administrator to automatically provision storage resources into the cloud infrastructure.
The solution uses a combination of tools to provide the environmental visibility and alerts required to proactively ensure service levels in virtual and cloud environments. Using vCloud Automation Center and tools provided by EMC, administrators and end users can dynamically add resources as needed, based on their performance requirements.
Infrastructure administrators manage storage, compute, and network resources within resource pools, while end users manage those resources at a virtual machine level to achieve the service levels required by their application workloads.
Networking
Workload-optimized storage
Elasticity and service assurance
Chapter 4: Solution Architecture and Design
26
Cloud users can select from a range of service levels for compute, storage, and data protection for their applications to achieve the most efficient use of the resources within their software-defined data center environment.
The solution features automated monitoring and management capabilities that provide IT administrators with a comprehensive view of the cloud environment to enable smart decision-making for resource provisioning and allocation. These automated capabilities are based on a combination of EMC ViPR Storage Resource Management (ViPR SRM), VMware vCenter Log Insight™, and VMware vCenter Operations Manager, and use EMC plug-ins for ViPR Controller, VNX, VMAX, and XtremIO to provide extensive additional storage detail.
VMware vCenter Operations provides pre-built and configurable dashboards for real-time performance, capacity, and configuration management. Performance data is interpreted and assigned a health risk value and efficiency metrics that enable IT administrators to easily identify evolving performance problems. Integrating vCenter Operations Manager with EMC ViPR Analytics enables full end-to-end visibility of the infrastructure, from virtual machine to LUN and every point in between.
The ViPR Analytics and EMC Storage Analytics (ESA) packs are presented through the vCenter Operations Manager custom interface. This enables administrators to quickly identify the health of ViPR Controller virtual arrays and physical VMAX, VNX, and EMC VPLEX® arrays using customized EMC dashboards for vCenter Operations Manager, such as the EMC ViPR dashboard shown in Figure 5.
Figure 5. EMC ViPR Analytics with VMware vCenter Operations Manager
Operational monitoring and management
Chapter 4: Solution Architecture and Design
27
Capacity analytics in vCenter Operations Manager identify over-provisioned resources so they can be right-sized for the most efficient use of virtualized resources. What-if scenarios eliminate the need for separate performance and capacity modeling.
EMC ViPR SRM offers comprehensive monitoring and reporting for the EMC Enterprise Hybrid Cloud solution. This helps IT visualize, analyze, and optimize their software-defined storage infrastructure. Cloud administrators can use ViPR SRM to understand and manage the impact that storage has on their applications and view the topologies of their hybrid cloud from application to storage. Capacity and consumption of EMC ViPR software-defined storage and SLA issues can be identified through real-time dashboards or reports in order to meet the needs of the wide range of hybrid cloud consumers.
In addition, VMware vCenter Log Insight provides the ability to centralize and aggregate system and application logs. Each system in the hybrid cloud solution can be configured to forward logs to the Log Insight system for event analytics and reporting. When configured with vCenter Log Insight, EMC content packs for Avamar, VNX, and VMAX provide customizable dashboards and user-defined fields specifically for those EMC products, which enables administrators to conduct problem analysis and analytics on the storage array and backup infrastructure.
The solution uses VMware IT Business Management Suite™ (ITBM) to provide cloud administrators with metering and cost information across all business groups in the enterprise. ITBM reports the virtual machine and blueprint costs based on business units and application groups across the hybrid cloud environment.
VMware ITBM Standard Edition uses its own reference database, which has been preloaded with industry-standard and vendor-specific cost data, to compute the cost of virtual CPU (vCPU), RAM, and storage. These prices, which default to cost of CPU, RAM, and storage, are automatically consumed by vCloud Automation Center, where the cloud administrator can change them as appropriate. This eliminates the need to manually configure cost profiles in vCloud Automation Center and assign them to compute resources.
ITBM is integrated into the vCloud Automation Center portal for the cloud administrator and presents a dashboard overview of the hybrid cloud infrastructure, as shown in Figure 6.
Metering and chargeback
Chapter 4: Solution Architecture and Design
28
Figure 6. IT Business Management Suite overview dashboard for hybrid cloud
ITBM is also integrated with VMware vCenter and can import existing resource hierarchies, folder structures, and vCenter tags to associate hybrid cloud resource usage with business units, departments, and projects.
Modular add-on services
The EMC Enterprise Hybrid Cloud solution provides modular add-on components for the services listed below, as explained in the following sections:
Application Services
Data protection: Backup
Data protection: Continuous availability
Data protection: Disaster recovery
Platform as a service
This add-on solution uses VMware vCloud Automation Center Application Services to optimize application deployment and release management through logical application blueprints in vCloud Automation Center. Users can quickly and easily deploy blueprints for applications and databases such as Microsoft Exchange, Microsoft SQL Server, Microsoft SharePoint, Oracle, and SAP.
Avamar and EMC Data Domain systems provide a backup infrastructure that offers features such as deduplication, compression, and VMware integration. By using VMware vCenter Orchestrator workflows customized by EMC, administrators can
Application Services
Data protection: Backup
Chapter 4: Solution Architecture and Design
29
quickly and easily set up multitier data protection policies and enable users to select an appropriate policy when they provision their virtual machines.
A combination of EMC VPLEX virtual storage and VMware vSphere High Availability (vSphere HA) provides the ability to federate information across multiple data centers over synchronous distances. With virtual storage and virtual servers working together over distance, the infrastructure can transparently provide load balancing, real-time remote data access, and improved application protection.
This add-on solution enables cloud administrators to select disaster recovery (DR) protection for their applications and virtual machines when they provision their hybrid cloud environment. ViPR Controller automatically places these systems on storage that is protected remotely by EMC RecoverPoint® technology. VMware vCenter Site Recovery Manager automates the recovery of all virtual storage and virtual machines.
The EMC Enterprise Hybrid Cloud solution provides an elastic and scalable IaaS foundation for platform-as-a-service (PaaS) and software-as-a-service (SaaS) services. Pivotal CF provides a highly available platform that enables application owners to easily deliver and manage applications over the application lifecycle. The EMC Enterprise Hybrid Cloud service offerings enable PaaS administrators to easily provision compute and storage resources on demand to support scalability and growth in their Pivotal CF enterprise PaaS environments.
Public cloud services
The EMC Enterprise Hybrid Cloud solution enables IT organizations to broker public cloud services. The public cloud solution has been validated with VMware vCloud
Air™ as a public cloud option that administrators and users can access directly from the solution's self-service portal. End users can provision virtual machines while IT administrators can use VMware vCloud Connector® to perform virtual machine migration (offline) to vCloud Air from the on-premises component of their hybrid cloud.
Why use a hybrid cloud for SAP?
Regardless of deployment, all cloud solutions should improve operational efficiency, scale resources up and down as needed, and reduce the TCO over time. Why would a company that already uses either a private or public cloud need to use the other?
To answer this, you must compare and understand the key strengths of both types of cloud from an architecture perspective.
Public clouds are large implementations. The cost of maintaining systems at this level can be very expensive and difficult to maintain. Because of the economies of scale, however, as more companies share the overhead expenditures, the cost of
Data protection: Continuous availability
Data protection: Disaster recovery
Platform as a service
Chapter 4: Solution Architecture and Design
30
leased resources becomes cheaper for each tenant. In addition, your company does not have to assign resources to maintain the cloud. Using a public cloud reduces the TCO, but you will have limited control over your systems.
Private clouds reside within your own company. Internal IT maintains these systems, which enables you to have full ownership of your critical data and complete control of every part of the infrastructure. You can customize and protect your cloud environment precisely for your business needs. You can deploy the latest technologies that are not offered in other cloud environments, and respond to incidents more quickly.
A hybrid cloud enables you to balance the TCO against the criticality of the systems, so that you can keep critical SAP and non-SAP systems in your on-premises EMC Enterprise Hybrid Cloud solution, while maintaining the rest in a cheaper, remote cloud.
A private-to-public integration is a popular hybrid deployment for a variety of reasons:
Lower TCO: An organization can save money by keeping all its critical production (PRD) SAP systems in a private cloud while deploying all development (DEV) and quality assurance (QAS) systems on a typically cheaper public cloud. Due to the economies of scale, the TCO in deploying and maintaining a DEV or QAS system in a public cloud is invariably lower than deploying them in a private cloud.
Resource expansion: A hybrid cloud removes the hardware limits of a private cloud by extending several of its workload and functionalities to a public cloud's much larger resource pool.
Testing cloud options: An organization that has yet to build its own cloud can opt to try it on a public cloud until they are comfortable enough to invest, build, and manage their own private cloud.
A public-private cloud architecture ensures that the company maintains absolute control over all privately-owned resources dedicated to the most business-critical systems, while deploying the less critical systems on more cost-effective alternatives.
EMC Enterprise Hybrid Cloud solution for SAP
EMC Enterprise Hybrid Cloud 2.5.1 is an application-flexible architecture. EMC enables you to customize this solution based on your application landscape, requiring minimal SAP-specific configuration to host SAP environments.
This document focuses on the SAP-specific details of the foundation infrastructure that are not found in the EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Foundation Infrastructure Solution Guide:
Migration of SAP systems into the EMC Enterprise Hybrid Cloud
Self-service SAP provisioning
Networking and security for SAP landscapes
Chapter 4: Solution Architecture and Design
31
SAP cloud monitoring and root-cause analysis
The other functionalities and services introduced in this chapter are present and, for the most part, common across other enterprise applications, but will not be discussed further in this document.
For detailed information on these functionalities and services, refer to the EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Foundation Infrastructure Solution Guide. For detailed information on the modular add-on solutions, refer to the individual Solution Guides for those solutions.
Chapter 5: Migration
32
Chapter 5 Migration
This chapter presents the following topics:
Overview .................................................................................................................. 33
Scenarios and procedures ........................................................................................ 33
Validation use case .................................................................................................. 35
Chapter 5: Migration
33
Overview
For organizations that intend to migrate to the EMC Enterprise Hybrid Cloud platform, a simple migration is not enough—the virtual machines must be standardized on migration. EMC Enterprise Hybrid Cloud standard virtual machines are provisioned with monitoring and chargeback mechanisms to enable central management. EMC Enterprise Hybrid Cloud can automate this standardization procedure, bringing the virtual machines under the full control of the cloud.
This chapter outlines the steps for importing virtual machines into an EMC Enterprise Hybrid Cloud.
Scenarios and procedures
Full migration and standardization of virtual machines that were not provisioned by EMC Enterprise Hybrid Cloud require EMC Enterprise Hybrid Cloud-based customization of the virtual machine and storage migration to EMC Enterprise Hybrid Cloud ViPR. A virtual machine that is managed by EMC Enterprise Hybrid Cloud has the following characteristics:
Virtual machine lease and expiration policies
ITBM chargeback compliance
EMC Enterprise Hybrid Cloud monitoring compliance
Data stores completely managed by ViPR Controller in EMC Enterprise Hybrid Cloud
Because of the variety of cloud provider environments, the preconfigurations before migrating virtual machines must be performed on a case-by-case basis. This solution is one example. EMC recommends employing EMC professional services to complete these tasks.
Virtual machines that are not managed by EMC Enterprise Hybrid Cloud fall into one of the following scenarios:
Scenario 1: Virtual machines that are under the same vCenter Server instance used by the EMC Enterprise Hybrid Cloud solution
Scenario 2: Virtual machines that are under a different vCenter Server instance than the EMC Enterprise Hybrid Cloud solution—this instance will be connected as an endpoint
In this scenario, consider an existing virtual data center managed by vCenter Server. You can reuse this vCenter Server to implement a hybrid cloud environment. All new virtual machines created after implementation of the hybrid cloud are automatically registered in the new cloud, but all virtual machines present before the cloud implementation must first be migrated to the new environment.
Scenario 1: Virtual machines under the vCenter Server instance used by EMC Enterprise Hybrid Cloud
Chapter 5: Migration
34
Solution (online migration):
1. In vCenter Server, perform a vSphere Storage vMotion migration to the EMC Enterprise Hybrid Cloud ViPR storage under the planned business group.
2. Use Infrastructure Organizer to import the virtual machines to the planned business group.
3. Migrate the network to the planned VXLAN port group during a maintenance window.
In this scenario, consider a customer with two different environments: one is an existing virtual data center, and the other is an environment where they have implemented the EMC Enterprise Hybrid cloud. Each environment has its own vCenter Server instance. The customer wishes to join the two vCenter Server environments together.
Solution (offline migration)
The first possible solution is to migrate the virtual machines at the storage level and then switch from one vCenter Server instance to the other, as follows:
1. Offline export the virtual machines to the vCenter Server instance managed by the EMC Enterprise Hybrid Cloud. Select the appropriate ViPR storage under the planned business group. Reconfigure the network to a VXLAN port group.
2. Use Infrastructure Organizer to import the virtual machines to the designated business group.
3. After all virtual machines are exported, disconnect the ESXi hosts from the original vCenter Server instance and connect them to the vCenter Server instance managed by EMC Enterprise Hybrid Cloud.
4. Perform EMC Enterprise Hybrid Cloud customizations for the ESXi hosts according to the EMC Enterprise Hybrid Cloud build guide.
Alternate solution (online migration)
Another solution is to connect the non-cloud environment as an endpoint to the hybrid cloud, and do the following:
1. Create a new endpoint in vCloud Automation Center that connects to the vCenter Server instance that is not managed by EMC Enterprise Hybrid Cloud.
2. Reconfigure that vCenter Server instance to make it compliant with EMC Enterprise Hybrid Cloud, according to the EMC Enterprise Hybrid Cloud Build Guide.
3. Use Infrastructure Organizer to import the virtual machines to the designated business group.
4. Migrate the network to the planned VXLAN port group during the maintenance window.
Scenario 2: Virtual machines in a non-EMC Enterprise Hybrid Cloud vCenter that will be connected as an endpoint
Chapter 5: Migration
35
Validation use case
This section describes how to configure the workflow in EMC Enterprise Hybrid Cloud.
We focused on Scenario 1. Migrate the storage to the ViPR Controller in EMC Enterprise Hybrid Cloud using vSphere Storage vMotion, and follow these steps to import the virtual machines to the correct business group, using Infrastructure Organizer:
1. Create a blueprint to automate the import of virtual machines.
2. Import the existing virtual machines.
3. Verify that the imported virtual machines can be managed by EMC Enterprise Hybrid Cloud management applications such as chargeback and monitoring agents.
We created a new blueprint from the vCloud Automation Center console to import virtual machines. The blueprint defines how long the virtual machines will be leased or archived, whether you want the virtual machines to be reconfigured, and what the blueprint will cost. In this case, we set the following values, as shown in Figure 7:
Lease (days): 30
Archive (days): 2
Allow reconfigure: Yes
Note: The value for daily cost specified in the machine blueprint is added to the total cost of the virtual machine. This value can represent a markup for using the virtual machine and for the resources consumed by the virtual machine.
Step 1: Creating the blueprint
Chapter 5: Migration
36
Figure 7. Creating a blueprint for importing existing virtual machines
After creating the endpoint and fabric group, and organizing the compute resources for the existing virtual SAP systems, you can import the existing virtual machines to an EMC Enterprise Hybrid Cloud platform through the Infrastructure Organizer Wizard in vCloud Automation Center. In this case, we had two unmanaged existing virtual machines to be imported, as shown in Figure 8.
Figure 8. Importing existing virtual machines
We assigned the two virtual machines to the Finance Business Group, as shown in Figure 9.
Step 2: Importing existing virtual machines
Chapter 5: Migration
37
Figure 9. Assigning a business group to the imported virtual machines
We then selected the blueprint for the virtual machines, as shown in Figure 10.
Figure 10. Applying a blueprint to the imported virtual machines
After importing the virtual machines under the Finance business group, we used the Actions menu to manage them, as shown in Figure 11.
Figure 11. Managing virtual machines using the Actions menu
We selected Actions > View Details to get the detailed machine configuration, as shown in Figure 12.
Step 3: Verifying EMC Enterprise Hybrid Cloud compliance
Chapter 5: Migration
38
Figure 12. Detailed information on the virtual machines
As defined in the blueprint, the virtual machine lease period is 30 days. When the lease expires, the virtual machines are destroyed after two days (archive days). You can change the lease period, receive expiration reminders, and expire them immediately through the Actions menu.
You can import the existing virtual machines to an EMC Enterprise Hybrid Cloud platform. Through the Infrastructure Organizer Wizard in vCloud Automation Center, you can register the existing VMware virtual SAP systems, enable cloud, and import into the EMC Enterprise Hybrid Cloud platform. Virtual machines can be migrated, standardized, and managed through the EMC Enterprise Hybrid Cloud platform.
Test results
Chapter 6: Self-Service SAP Provisioning
39
Chapter 6 Self-Service SAP Provisioning
This chapter presents the following topics:
Overview .................................................................................................................. 40
How autoprovisioning works .................................................................................... 43
Self-service provisioning ......................................................................................... 44
Validation use case .................................................................................................. 47
Chapter 6: Self-Service SAP Provisioning
40
Overview
EMC Enterprise Hybrid Cloud, through vCloud Automation Center, offers many templates and tools to automate tasks within the cloud environment. This chapter explores two powerful applications of its automation features:
Self-service SAP provisioning, which enables a fully automated installation of an SAP central system
Elasticity, which enables autoprovisioning of new AAS instances and integration of those instances into an existing SAP system
Regardless of what you want to automate, the core procedure is the same.
EMC Enterprise Hybrid Cloud uses vCloud Automation Center Application Services scripts to orchestrate processes across several virtual machines. vCloud Automation Center Application Services can run these scripts from both the VMware environment and the guest operating system (OS) level. You can predefine values that can be passed on later as environment variables, and write flexible and portable scripts, with as many variables as you need.
EMC Managed Services can customize the scripts for your needs, or you can make your own scripts based on SAP note 950619.
vCloud Automation Center Application services can also import catalogs from another cloud (VMware vCloud Director®, for example) and map these catalogs to the Application Services service catalog, to trigger remote cloud operations from the same EMC Enterprise Hybrid Cloud interface.
The SAP Software Provisioning Manager (SWPM) uses the same SAPINST executable to run an unattended installation. However, to run this successfully, you must manually preconfigure each virtual machine on which SAP is to be installed, as follows:
1. Properly configure the file systems, including RAID.
2. Set hostnames and create SID-specific mount points.
3. Install the OS.
4. Set the environment variables.
5. Install Java, SAP locales, and SAP cryptographic libraries.
6. Install the database instance.
vCloud Automation Center Application services fills this preconfiguration gap by allowing the use of custom scripts. By using a combination of out-of-the-box workflows, prebuilt templates, and user scripts, vCloud Automation Center fully automates and coordinates the tasks that SAPINST is not able to do, such as:
Provisioning storage and virtual machines from a virtual machine template preconfigured for SAP
Automating a standard SAP installation
Chapter 6: Self-Service SAP Provisioning
41
Allowing you to customize the hostname, SID, and so on directly before the SAP provisioning process
Installing the database instance accordingly
Performing an unattended SAP installation using pre-defined, customizable SAPINST parameters
Figure 13 illustrates the basic process flow.
Figure 13. Process flow of a standard SAP installation
The result is a self-service interface, requiring minimal initial input, and a full-fledged SAP system ready for logon.
A standard installation is essentially a distributed installation where all of the components are in a single host, as shown in Figure 14.
Automating a distributed installation
Chapter 6: Self-Service SAP Provisioning
42
Figure 14. Distributed SAP installation workflow
Therefore, in automating a distributed installation, we use the same deployment strategy as for a standard SAP installation, except that the workflow appears as follows:
1. Create an ASCS virtual machine and use a script to install the instance.
2. Connect to ASCS and update the hosts file or DNS server with the new virtual machine.
3. Create a DB virtual machine and use a script to install the DB instance.
4. Create a PAS virtual machine, connect to the ASCS shared folders, and use a script to install an instance.
The scripts are adjusted as follows:
The file systems of SAP instances must be different from that of the DB instance
The group IDs (GID) and user IDs (UID) of the SAP and database users must be the same on all instances
The SAP product IDs must be changed according to what type of SAP instance is installed
There must be a command that mounts the SAP shared folders, such as /sapmnt/<SID>/exe, /sapmnt/<SID>/profile, and /sapmnt/<SID>/global
The /etc/hosts files of every virtual machine must be updated accordingly
Chapter 6: Self-Service SAP Provisioning
43
If there is a need to scale out the SAP workload, you can now provision an AAS and automatically attach it to an existing ASCS. Configuring autoprovisioning of an AAS is mostly similar to that of a PAS, but a few differences must be considered when writing the script:
The ASCS details (hostname, SID) must be requested as user input so that the workflow knows where the provisioned AAS is to be attached
The DB details (hostname) must be requested
How autoprovisioning works
Figure 15 depicts the general automation workflow and shows the components that must be configured in vCloud Automation Center Application Services.
Figure 15. User workflow for self-provisioning an SAP system using vCloud Automation Center
The configuration workflow is encapsulated in a container called Application (A). The Application consists of the following:
An application blueprint (B), which contains all parameters and orchestrates the whole process
Deployment profiles (C), which serve as the blueprint’s customization
In the case of autoprovisioning, the Small deployment profile is used to implement a blueprint with minimal resources, while the Large profile deploys the same blueprint but with larger allocations.
Each Application services blueprint has two components, a Logical Template and a Service. The Logical Template contains information on the Cloud Provider (D) and the OS version. The Service contains the information needed to provision the virtual machine, including the script that we want to run against the virtual machine, and the
Elasticity: Automating an SAP AAS installation
Chapter 6: Self-Service SAP Provisioning
44
OS that the script is compatible with. This script is the main script that triggers the SAP installation, as described earlier.
The Cloud Provider contains information about which cloud the application is working on. Application Services extracts templates from the Cloud Provider depending on the type required: a vCloud Automation Center blueprint (E), a catalog, or even another public cloud template. For this solution, we used a blueprint that clones the virtual machine template.
The Application container can be accessed through a service catalog in vCloud Automation Center. The service catalog is mapped to an application’s deployment profile in Application Services.
The following sections show detailed procedures on how to enable these functionalities.
Self-service provisioning
This section describes how to enable full self-service provisioning of an SAP system in vCloud Automation Center. The top-level steps are as follows:
1. Check the prerequisites.
2. Create an SAP-ready guest virtual machine template.
3. Set up an SAP unattended installation script.
4. Create a vCloud Automation Center blueprint to automate cloning from the virtual machine template.
5. Create an Application blueprint to automate SAP installation.
6. Create a vCloud Automation Center Service Catalog Item to serve as a user input screen.
7. Deploy an SAP system.
For validation, we provisioned an SAP system running on SLES/Oracle.
Note: The procedure described in the next section is applicable to all standard installations, distributed installations, and AAS installations, unless otherwise specified.
The following must be present before configuring the solution:
vCenter Server and vCloud Automation Center, configured according to the EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Foundation Infrastructure Solution Guide
vCloud Automation Center application services, properly configured
The component IDs of the SAP systems that you want to include in the self-service portal; see SAP note 950619
Verifying prerequisites
Chapter 6: Self-Service SAP Provisioning
45
SAP installation media downloaded from the SAP service marketplace; SAP S-user and authorization to download required
A mountable NFS file system that contains the SAP installation media. The automation script will mount this file system to the newly created virtual machines.
This section describes the specifications needed for an SAP-ready virtual machine template.
Note: The amounts of resources specified are initial values only. You must observe proper sizing based on business requirements when provisioning.
Table 3 shows the virtual machine specifications used for testing.
Table 3. Virtual machine specification and installation media
Hardware Software SAP Installation media (SAP ECC 6.0 EhP7 SR1)
4-core CPU (1 socket x 4 cores/socket)
8 GB RAM
1 SCSI controller
150 GB disk space
SUSE Linux 11 SP3
Oracle 11.2
SAP ERP 6.0 EhP 7
SAP Software Provisioning Manager (SWPM) 1.0 for Linux X86_64
SAP UC Kernel 741 (D51047455_6)
SAP ECC 6.0 EhP7 SR1 Installation export DVD 1 and 2
Oracle RDBMS 11.2.0.3 for Linux X86_64 (D51041939)
Oracle CLIENT 11.2.0.3 (CD51041940)
1. Ensure that the following packages are installed (check using RPM or YaST)
during SUSE Linux Enterprise (SLES) installation:
SAP Application Server Base (sapconf)
C/C++ compiler and tools
gcc (x86_64)
gcc-c++ (x86_64)
glibc-devel
libaio-devel
libstdc++
SAP locales (see SAP note 171356)
Java Developer Kit 1.4.2 (See SAP note 709140)
Bourne Again Shell (bash) and C Shell (csh)
Public Domain Korn Shell (ksh)
Creating an SAP-ready virtual machine template
Chapter 6: Self-Service SAP Provisioning
46
2. Change the soft and hard limit for SAP and Oracle users to 65536 in /etc/sysconfig/sapconf:
LIMIT_1=”@sapsys soft nofile 65536”
LIMIT_2=”@sapsys hard nofile 65536”
LIMIT_3=”@sdba soft nofile 65536”
LIMIT_4=”@sdba hard nofile 65536”
LIMIT_5=”@dba soft nofile 65536”
LIMIT_6=”@dba hard nofile 65536”
3. Reload the sapconf file by executing the command /etc/init.d/boot.sapconf reload.
4. Save the virtual machine to a template when all the adjustments are completed. This will be imported later.
The automation is enabled using the following executables:
vCAD MAIN SCRIPT, which you need to write. EMC recommends that EMC Services customize this main script for you to ensure reliability.
RUNINSTALLER to run an unattended Oracle installation. This command is incorporated into the main script.
SAPINST to run the SAP silent installation. The executed command is relatively simple, but the initial preparation takes some time to set up. SAP note 950619 guides you through the process. There may be some solution-specific customizations not covered by the SAP note, therefore EMC recommends deploying this through EMC Managed Services.
Once the scripts are prepared, create blueprints that will incorporate the scripts and workflows to automate the process.
When the templates, scripts, and NFS media server are ready, you can combine all these in vCloud Automation Center Application services. Figure 16 shows the interface.
Setting up silent installation scripts
Creating vCloud Automation Center Application blueprints
Deploying the automation workflow
Chapter 6: Self-Service SAP Provisioning
47
Figure 16. SAP Blueprint interface in vCloud Automation Center Application services
Deploy the automation workflow as follows:
1. Log in to vCloud Automation Center. Under Catalog, select the deployment profile/catalog item that you configured in the previous section.
2. Type a description under Request Information.
3. Use the input screen under Properties to customize the details based on the Properties settings configured previously.
Quickly deploy and wait for the operations to finish. You can monitor the progress using vCenter Server.
Validation use case
This use case validates the effectiveness and efficiency of the automation features of EMC Enterprise Hybrid Cloud for SAP.
An EMC Enterprise Hybrid Cloud user intends to install a new distributed SAP system using the autoprovisioning capability of EMC Enterprise Hybrid Cloud.
Test scenario
Chapter 6: Self-Service SAP Provisioning
48
Our test objective was to fully provision a distributed SAP system in EMC Enterprise Hybrid Cloud using only vCloud Automation Center Application services, without doing any manual procedure except the initial input.
To conduct this test, we configured the automation and deployed a distributed SAP system. Figure 17 shows a sample self-service interface for a user who intends to create a new SAP system from scratch.
Figure 17. Install new SAP system
The average time to complete five SAP ERP 6 standard installation systems was 3 hours and 25 minutes. Figure 18 shows the result of SAP provisioning.
Figure 18. Result of SAP provisioning
Test objective
Test procedure
Test results
Chapter 7: Networking and Security
49
Chapter 7 Networking and Security
This chapter presents the following topics:
Overview .................................................................................................................. 50
Multitenant security................................................................................................. 50
Solution architecture ............................................................................................... 50
Validation use case .................................................................................................. 52
Chapter 7: Networking and Security
50
Overview
This chapter introduces the network and security design of the NSX platforms, and the network and security integration of an EMC Enterprise Hybrid Cloud solution for SAP.
Use this chapter as a reference to begin the networking, security planning, and design process for your hybrid cloud for SAP.
Note: Ensure that you have read the EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Federation Infrastructure Solution Guide to fully understand tenants, business groups, and other multitenancy concepts used in this chapter.
Multitenant security
Valid concerns exist around information leakage and unauthorized access to data (“nosy neighbors”) on a shared network infrastructure. Consumers of the provisioned resources need to operate in a dedicated environment and benefit from infrastructure standardization. To address these concerns, this solution was designed for multitenancy with a defense-in-depth perspective, which is demonstrated through the following:
Implementation of VLANs to enable isolation at Layer 2 in the cloud management pod, and where the solution intersects with the physical network
Use of VXLAN overlay networks to segment tenant and business group traffic flows
Integration with firewalls that are functioning at the hypervisor level to protect virtualized applications and enable security policy enforcement in a consistent fashion throughout the solution
Deployment of Edge firewalls to protect the business group and tenant perimeters
In this solution, we assigned subnets to predefined business groups on which the firewall rules can be based.
This chapter demonstrates how SAP application networks can address data security by isolating different tenants and business groups from each other inside a cloud environment.
Solution architecture
In designing the physical architecture, our main considerations were the following:
Security
High availability
Chapter 7: Networking and Security
51
Performance
Scalability
Each layer is fault tolerant with physically redundant connectivity throughout. The loss of any one infrastructure component or link does not result in a loss of service to the tenant. If the architecture is scaled appropriately, the loss of a component or link does not impact service performance.
The logical network topology is designed to address the requirements of enabling multitenancy and securing separation of tenants and business groups in EMC Enterprise Hybrid Cloud. The topology is also designed to align with security best practices to segment the networks according to the purpose or traffic type.
Figure 19 shows the logical topology of the physical and virtual networks defined in the EMC Enterprise Hybrid Cloud solution for SAP.
Logical network topology
Chapter 7: Networking and Security
52
Figure 19. Security logical infrastructure
Validation use case
The default configuration for our environment allowed only virtual machines belonging to the same business group. More detailed rules can always be set, depending on customer requirements.
In this test environment, we took a simple case of a customer with two tenants, each with one or more business units. Each business unit has a three-system SAP landscape.
Test scenario
Chapter 7: Networking and Security
53
Our objective was to achieve the segregation scheme shown in Figure 20, such that:
EMC Enterprise Hybrid Cloud can block all external connectivity outside its business group or tenant.
EMC Enterprise Hybrid Cloud is flexible enough to make exceptions to the rules
Figure 20. Sample scenario
We tested the systems shown in blue in Figure 20. Table 4 shows the detailed information about the SAP systems that we tested.
Table 4. Detailed information on tested SAP systems
SID IP Address
1. ED1 2. 192.168.170.100
3. EQ1 4. 192.168.170.101
5. EP1 6. 192.168.170.102
7. HRP 8. 192.168.171.103
9. PIP 10. 192.168.180.101
The test procedure is as follows:
1. Configure Edge in the EMC Enterprise Hybrid Cloud environment.
2. Configure the firewall rules on Edge as shown in Figure 21.
Test objectives
Test procedure
Chapter 7: Networking and Security
54
Figure 21. Firewall rules
We created firewall rules in the Edge to control the access to the SAP system. The rules enabled us to define each of the SAP systems’ access rules to enhance the network security and monitor firewall logs.
Figure 22 shows the firewall rules from PIP to EP1. The rules show that all traffic to EP1 is blocked from PIP, except the RFC protocol, which uses TCP port 3300. The default rules for the firewall deny all traffic between different subnets.
Figure 22. Firewall rules from PIP to EP1
We tested two RFC connections from PIP to EP1. As shown in Figure 22 and Figure 23, the connection between PIP and EP1 was blocked except for the RFC port 3300. The firewall also captured the network packet and logged the detailed connection information.
Test results
Chapter 7: Networking and Security
55
Figure 23. Test results for firewall rules
Table 5 summarizes the test results. EMC Enterprise Hybrid Cloud for SAP can secure your data at the level that is required across different clouds, without affecting productivity.
Table 5. Use case test result
From To Expected Result Assessment
11. EQ1 12. HRP 13. Blocked 14. Blocked 15. Passed
16. EP1 17. HRP 18. Blocked 19. Blocked 20. Passed
21. HRP 22. EP1 23. Blocked 24. Blocked 25. Passed
26. PIP 27. HRP 28. Blocked 29. Blocked 30. Passed
31. PIP 32. EP1 33. Blocked except port 3300
34. Blocked except port 3300
35. Passed
Chapter 8: Cloud Monitoring and Root Cause Analysis
56
Chapter 8 Cloud Monitoring and Root Cause Analysis
This chapter presents the following topics:
Overview of EMC Enterprise Hybrid Cloud monitoring .............................................. 57
SAP monitoring ........................................................................................................ 57
ViPR SRM and vCenter Operations Manager-Blue Medora configuration.................. 58
Customized monitoring dashboard .......................................................................... 58
Validation use case .................................................................................................. 60
Chapter 8: Cloud Monitoring and Root Cause Analysis
57
Overview of EMC Enterprise Hybrid Cloud monitoring
Using multiple management interfaces to gather performance and capacity information is not a practical solution when you maintain tens to hundreds of SAP systems. Using multiple management interfaces is time consuming and often results in mismanaged resources. These challenges require end-to-end visibility (from back-end storage to SAP application level) across the entire cloud.
This section shows how an integrated, automated management solution that is powered by EMC ViPR SRM and vCenter Operations Manager technologies provides service assurance so that the cloud or tenant administrator can do the following:
Obtain virtualized data center visibility (through ViPR SRM)
Enable system efficiency and maintain IT compliance to standards and best practices (through ViPR SRM)
Use customized and intelligent views and reports to get detailed information (through ViPR SRM and vCenter Operations Manager)
The EMC Enterprise Hybrid cloud monitoring solution provides the following capabilities:
Real-time performance monitoring and analysis
EMC ViPR integration
Reporting
Configuration validation and compliance
EMC ViPR SRM alerting
Scheduling and sending reports through emails
SAP monitoring using the Blue Medora vCenter Operations Management Pack for CCMS
In this chapter, we focus on the first item: real-time performance monitoring and analysis. For details on the remaining capabilities, refer to the EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Federation Infrastructure Solution Guide.
SAP monitoring
SAP tenant administrators can use role-based performance dashboards to analyze individual metric behaviors and determine the health of an enterprise, in part or as a whole.
Blue Medora vCenter Operations Management Pack for SAP CCMS enables vCenter Operations Manager to collect health and performance metrics taken from the SAP Computing Center Management System (transaction code RZ20). It provides a unified view of the health, risk, and efficiency of the infrastructure and the SAP applications.
Chapter 8: Cloud Monitoring and Root Cause Analysis
58
Real-time monitoring, displayed as widgets, improves the quality of service and provides early detection of issues related to performance, capacity, and configuration.
Enabling this solution requires configuration of ViPR SRM and vCenter Operations Manager, and customization of the Blue Medora interface. You can find the detailed procedures in the EMC Enterprise Hybrid Cloud 2.5.1, Federation Software-Defined Data Center Edition: Federation Infrastructure Solution Guide and in the corresponding product documentation. The next section provides a summary of the process.
ViPR SRM and vCenter Operations Manager-Blue Medora configuration
To deploy ViPR SRM to manage all data, perform the following steps:
1. Deploy ViPR SRM as a virtual appliance in a VMware environment or install the ViPR SRM core software on Linux or Windows Server.
2. Log into the ViPR SRM GUI and apply the core suite licenses.
3. Enable the SNMPv1 on the SAN switch to support switch discovery, data collection, and alert consolidation.
4. Install and configure EMC SMI-S to support EMC VMAX data collection.
5. Install and configure the required solution package for each of the following:
a. Solution Package for SAN Switch
b. Solution Package for EMC ViPR
c. Solution Package for EMC VMAX
d. Solution Package for EMC VNX
e. Solution Package for VMware vCenter
6. Install vCenter Operations Manager.
7. Install and configure the SAP adapter.
8. Customize the dashboard in vCenter Operations Manager.
Customized monitoring dashboard
The monitoring dashboard is easy to customize, providing you with a clear, uncluttered view of the cloud environment. You can find detailed procedures in the relevant product documentation. Figure 24 shows an example of a customized dashboard for the SAP tenant administrator.
Chapter 8: Cloud Monitoring and Root Cause Analysis
59
Figure 24. vCenter Operations Manager performance dashboard for SAP tenant administrator
This example shows statistics for two SAP systems, DX1 and EP1.
The widgets in Figure 24 are numbered 1 through 6 and display the following:
1. Health overview, which shows the health status of a tenant’s SAP
2. SAP system real-time KPIs, which include the following counters:
SAP Dialog response time
Database response time
Total online SAP users
Batch utilization
3. Tenant generic scoreboard, which shows the workload and read/write latency of the DX1 and EP1 systems
4. Metric graph of the DX1 and EP1 systems showing:
CPU utilization
Space usage under the /oracle folder
The blue line indicates that the file system of DX1 systems is full, and the tenant administrator can reclaim the space or assign more space to the /oracle folder.
Swap space usage
5. Health workload scorecard
Chapter 8: Cloud Monitoring and Root Cause Analysis
60
6. Health tree of Tenant A’s SAP application instances
To understand how all these elements work together, we formed a test scenario to see the monitoring tools in action.
Validation use case
In this use case, we simulated an SAP system that was experiencing an abnormally high workload. The simulation demonstrates how a tenant administrator can monitor the SAP systems in real-time and coordinate with the cloud administrator to perform an end-to-end root-cause analysis.
For this use case, our objective was to determine the root cause of a simulated performance bottleneck using the EMC Enterprise Hybrid Cloud SAP monitoring solution.
This section explains the monitoring and root-cause analysis procedures and the derived conclusion.
Monitoring the SAP application
We logged into vCenter Operations Manager to monitor Tenant A’s SAP systems to identify the affected area. As shown in Figure 25, EP1’s dialog response time reached 1,124 ms and its DB response time reached 785 ms, while DX1’s dialog response time reached 1,292 ms and its DB response time reached 986 ms. On the workload generic scoreboard, EP1’s workload reached 21,225 IOPS and the DX1 workload reached 20,609 IOPS. The EP1 and DX1 workloads had high disk latency, but CPU and memory utilization were acceptable.
Test scenario
Test objective
Test procedure and results
Chapter 8: Cloud Monitoring and Root Cause Analysis
61
Figure 25. Tenant A’s SAP system DX1 and EP1 performance dashboard
Identifying the topology path from virtual machine to storage
To efficiently locate the ESXi host and the storage of the affected virtual machine, we quickly retrieved an end-to-end view of the relationship between the virtual machine (saperp6-9V0YQYU) and the storage in ViPR SRM, as shown in Figure 26. The virtual machine on the C460-22 ESXi server was connected to the VNX storage (VNX2-2852) through two fabric switches.
Figure 26. End-to-end view from the virtual machine to storage
Chapter 8: Cloud Monitoring and Root Cause Analysis
62
End-to-end detailed performance analysis of the affected virtual machine
Next, we examined more details about the virtual machine, ESXi host, fabric switches, and array. By clicking each of these objects and selecting CPU, memory, and storage performance, we could detect performance irregularities through the trends that the KPI charts in Figure 27 show.
Figure 27. Performance dashboard on EMC ViPR SRM
The figure shows the performance dashboards that relate to the SAP system in EMC ViPR SRM. The widgets comprising the dashboard are numbered 1 through 3 and show the following:
1. CPU and memory usage on the ESXi server that hosts the SAP systems
2. FC port throughput on the SAN switch used by the ESXi server
3. Disk response time, utilization, and IOPS on the storage
We analyzed virtual machine-to-array end-to-end performance using ViPR SRM and observed the results shown in Table 6.
Chapter 8: Cloud Monitoring and Root Cause Analysis
63
Table 6. Virtual machine-to-array performance analysis in EMC ViPR SRM
Component Measure Value Normal values
Virtual machine (saperp6-9V0YQYU)
CPU utilization 71% < 80%
IOPS 20,609 (informational)
ESXi server CPU utilization 40%
Memory Utilization 53%
SAN switch Port throughput 750 MB/s
Port link status No link failure, no signal loss
No failure
Array Storage processor (SP) utilization
SPA: 50%
SPB: 54% < 70%
SP dirty page 80% < 100%
SP total throughput 42,665 IOPS (informational)
Disk IOPS 125 IOPS/disk < 80 for NL_SAS
Disk latency 14 ms < 10 ms
The virtual machine I/O reached 20,609 IOPS. However, the virtual machine CPU utilization was 71 percent. The virtual machine CPU did not cause the bottleneck, and we proceeded to the host level.
The ESXi host and SAN switch showed similar behavior to that of the virtual machine chart. The CPU and switch port utilization were both acceptable. Neither the ESXi host nor the switches caused the bottleneck, and we proceeded to the array level.
The array’s SPA and SPB utilization were 50 percent and 54 percent respectively, with no force flush (100 percent dirty page), so the array’s SPs were healthy. But when we looked at the disks in the storage pool used by this SAP system, we found that each NL_SAS disk I/O reached up to 125 IOPS, and the response time was about 14 ms. Therefore, we concluded that this is a storage-level issue.
Root cause
The root cause for the performance degradation is that the NL_SAS storage pool used is not sufficient to handle the workload of the two SAP systems. The average disk IOPS reached 125, which exceeds the prescribed workload of 80 IOPS for an NL_SAS disk. This resulted in high disk latency on the disk layer, leading to high SAP dialog response time.
EMC recommends that you add more SAS or flash disks in this pool, or migrate some SAP systems to a higher storage-service level (a VNX SAS tier, for example) to resolve this issue.
Chapter 9: Conclusion
64
Chapter 9 Conclusion
This chapter presents the following topic:
Conclusion ............................................................................................................... 65
Chapter 9: Conclusion
65
Conclusion
EMC Enterprise Hybrid Cloud enables an IT organization to balance the criticality requirements versus the TCO of each SAP virtual machine in the environment, while maintaining management autonomy and data privacy.
EMC Enterprise Hybrid Cloud for SAP demonstrates higher operational efficiency for the following:
Security—EMC Enterprise Hybrid Cloud offers an easy way to implement network and security rules that can be mapped to a two-tier multitenancy model.
Self-service provisioning—EMC Enterprise Hybrid Cloud provides tools that can automate virtual machine lifecycle processes, such as the creation of a virtual machine, up to installing a full SAP system, greatly reducing the manual effort required to do similar tasks.
Migration—EMC Enterprise Hybrid Cloud enables you to migrate and transform SAP systems into an EMC Enterprise Hybrid Cloud-ready virtual machine with a few clicks.
Cloud monitoring and root-cause analysis—EMC Enterprise Hybrid Cloud gives you full and user-friendly visibility across all components in the environment, from the storage level all the way up to SAP level.
The EMC Enterprise Hybrid Cloud provides a preconfigured, easy-to-deploy environment, with most of the characteristics that IT users expect when interacting with public cloud portals validated for SAP system landscape architectures and operational requirements. By providing full integration between public and private cloud environments, the EMC Enterprise Hybrid Cloud enables the implementation of a hybrid cloud-computing environment in a faster, simpler, and cheaper way.
To meet ever-evolving business scenarios and corresponding changing IT requirements, the EMC Enterprise Hybrid Cloud for SAP is a foundation based on industry standards with an open and flexible core. It provides the foundation to get enterprises ready for the unexpected, and is the right choice when uncertainty demands careful risk management in terms of IT investments.
Recommended