SAP® on Microsoft Azure osa 2

www.connmove.de

SAP on Microsoft Azure

Architect Workshop for Partners

Timing (Part I)

08.30 – 09.00

Registration

09.00 – 09.15

Welcome and Introduction, organizational tasks

09.15 – 10.30

Microsoft Azure

Cloud Computing

Access to Azure

Azure Management Portal

Network services

10.30 – 10.45

Coffee Break

1/13/2015 2

Timing (Part II)

10.45 – 12.15

Microsoft Azure

Virtual Machines

Storage concept

Scripting on Azure

SQL Database

12.15 – 13.15

Lunch

13.15 – 14.30

SAP on Azure

SAP Support for Microsoft Azure

VM and VHD configurations for SAP

Performance Considerations

1/13/2015 3

Timing (Part III)

14.30 – 14.45

Coffee Break

14.45 – 15.45

SAP om Azure

HA/DR for SAP on Azure

Migration to Azure

Use Cases

Automation

15.45 – 16.15

Demo

References

Q&A

1/13/2015 4


System types

(Small) production systems

Development systems

Testing systems

Prototype systems

Learning / Demonstration systems

Support

The SAP supported VM types of Azure and

The SAP supported products/releases on Azure and

The supported OS and DBMS releases for the specific SAP releases in Azure

Azure Resource capabilities

CPU and memory resources of different VM types and

IOPS bandwidth of different VM types and

Network capabilities of different VM types

Possible Scenarios

Azure Only

Hybrid-IT

High Availability

1/13/2015 5

Deployment considerations

SAP on Microsoft Azure – Support

Guest OS releases:

Windows Server 2008 R2

Windows Server 2012


DBMS releases:

SQL Server 2008 R2

SQL Server 2012

SQL Server 2014 (soon)

Microsoft OS / DB combinations for SAP Business Suite


1/13/2015 7

Other OS/DB combinations for SAP Business Suite

Guest OS releases:


Windows Server 2012


DBMS releases:

SAP ASE 16.0

PL02 or higher

Oracle Database 11g

Release 2 Patchset 3 (11.2.0.4)

Single Instance on NTFS Filesystem; no Oracle Real Application Clusters (RAC); no Oracle ASM

All database related files must be stored on filesystem; no Windows Shares for database related files


HANA Developer Edition

Smallest HANA SKU

Can’t be used for productive applications

Cant be used in conjunction with NetWeaver based applications

Is deployed through SAP Cloud Appliance Library (CAL)

Please see:

http://scn.sap.com/community/cloud-appliance-library/blog/2014/05/20/sap-cloud-appliance-library-now-

supports-microsoft-azure

Support for HANA products

http://scn.sap.com/community/cloud-appliance-library/blog/2014/05/20/sap-cloud-appliance-library-now-supports-microsoft-azure


All SAP Applications running on Application Server(s) ABAP and/or Java as part of SAP NetWeaver

7.0 or higher

SAP Kernel 7.20 (PL #218), 7.21 (PL #23) or higher

2tier or 3tier SAP system configurations

DB-Application layer split between on-Premise / on-Demand not allowed!

Detailed information in SAP note #1928533

1/13/2015 9

Support details

http://service.sap.com/sap/support/notes/1928533


SAP products

Certify products like Business Objects and SMP

OS

Enable SUSE Linux

DBMS

Add other DBMS as supported platforms for SAP

HANA

Add HANA One and HANA Enterprise Edition

VM types

Certify other (larger) VM types

Next Steps/waves (12-15 months)


SAPs technical prerequisites for Monitoring, Network and Storage are mentioned in SAP installation guides

http://msdn.microsoft.com/library/dn745892.aspx

Valid Microsoft Premier Support contract

Azure Monitoring Extension for SAP is deployed and configured

Monitoring data is visible in the NetWeaver stack

3-tier-systems with DB stack and NetWeaver Appserver VMs in one Affinity Group

Azure Standard Tier mandatory, no support for Basic Tier

Data VHDs attached to a VM must be located in the same Storage Account as the Image VHD of the VM

VM shutdown & restart due to Azure infrastructure maintenance is possible

Non-core business hours

Large potential downtime window

Current technical support conditions mentioned in SAP note #2015553

1/13/2015 11

Support prerequisites

http://msdn.microsoft.com/library/dn745892.aspx



Full SAP and Microsoft support for:

Production systems

Only supported in Hybrid-IT scenarios

Development systems

Testing systems

Prototype systems

Learning / Demonstration systems

1/13/2015 12

Supported SAP system types

SAP on Microsoft Azure – Performance –

1/13/2015 13

Sizing

VM Type CPU RAM SAPS

A5 2 14 1.500

A6 4 28 3.000

A7 8 56 6.000

A8 8 56 11.000

A9 16 112 22.000

D11 2 14 2.325

D12 4 28 4.650

D13 8 56 9.300

D14 16 112 18.600

SAP on Microsoft Azure – Performance –

1/13/2015 14

Benchmarks

http://global.sap.com/campaigns/benchmark/appbm_cloud.epx

D14

16 vCPUs

112 GB RAM

18.770 SAPS

A9

16 vCPUs

112 GB RAM

22.570 SAPS

http://global.sap.com/campaigns/benchmark/appbm_cloud.epx

SAP on Microsoft Azure – Scenarios

1/13/2015 15

Possible Scenarios

Azure Only Hyprid-IT

Virtual Machine deployments into Azure without dependencies into on-Premise customer network

e.g. Training or demo environment

Productive SAP systems are not supported in this deployment scenario

VMs themselves are accessible over public network.

Direct network connectivity for the applications running

within the VMs to the on-premise network of the customer

is not necessary.

If multiple VMs form the trainings or demo scenario, network

communication and name resolution needs to work between the VMs.

But communications between the VMs need to be isolated, so, that several

of sets of VMs can be deployed side by side without interferences.

Terminal Services/RDS is used to access the VM to either fulfill the trainings tasks or the demos.

The SAP system(s) (and VM(s)) represent a standalone scenario in Azure which only requires public internet connectivity for end user

access and does not require a connection to other VMs in Azure.

SAPGUI and Internet Explorer are installed and run directly on the VM.

A fast reset of a VM to the original state and new deployment of that original state again is rquired.

In case of demo and trainings scenarios which are realized in multiple VMs, an Active Directory and/or DNS service is required for each

set of VMs.


1/13/2015 16

Scenario: Azure only


Remote Access to SAP systems

Configure Endpoints

Configure SAP System

Change parameters

rdisp/keepalive_timeout and rdisp/keepalive

Changing Firewall Settings within VM

Configuring the SAP GUI

The same is possible to connect with

SQL Server Graphical User Interface Tool (SSMS) in Azure VMs

http://www.windowsazure.com/en-us/manage/windows/common-tasks/install-sql-server/

1/13/2015 17

Connection to SAP system in Azure only Scenarios

http://www.windowsazure.com/en-us/manage/windows/common-tasks/install-sql-server/


Single VM with SAP Netweaver demo/training scenario

SAP is installed as central system in one VM

Deployment via VM image templates

Multiple deployment of the same system

All hostnames are identical

All SAP SIDs are identical

Define one Cloud Service for each System

Access over the DNS name of the Cloud Service

(Unique)

1/13/2015 18

Scenario: Azure Only


Set of VMs which need to communicate within Azure

Network communication between the different VMs necessary

Option 1:

Azure network

Create Cloud Service

All VMs in the same CS

No virtual network or DNS server setup

IP will via Azure DHCP

Outside Communication over Gateway

Access to VMs inside CS via port forwarding (Endpoints)

1/13/2015 19





Option 2:

Virtual Private network

Create Virtual Private Network

(one for each Cloud Service)

DNS via Azure or own DNS server

Own AD/Domain possible

Fixed IP Addresses possible

Access over the DNS name of the Cloud Service

1/13/2015 20





Option 3:

Virtual Private network with subnets

Create Virtual Private Network with subnets

(one subnet for each Cloud Service)

DNS via Azure or own DNS server

Own AD/Domain possible

Fixed IP Addresses possible

Different Access points (Cloud Services) for the

different subnets

1/13/2015 21



Hybrid-IT

Deployment of single or multiple SAP VMs into Azure with the requirement of being fully integrated into

on-Premise network

Requirement for productive used SAP systems

Not supported:

Running different layers of SAP applications in different deployment methods.

e.g. running the DBMS layer on-premise,

but the SAP application layer in VMs deployed as Azure VMs.

Some components of a SAP layer in Azure and some on-premise.

e.g. splitting Instances of the SAP application layer between on-premise

and Azure VMs.

Distribution of VMs running SAP instances of one system over multiple Azure regions is not supported.

1/13/2015 22

Scenario: Hybrid-IT


Communications through VPN tunnel

On-Premise AD/DNS extended into

Azure

Communication between SAP

systems in Azure and on-premise

transparent

RFC

STMS

Printing

Access to file shares

Supported for Hybrid and productive

SAP landscapes in Azure

1/13/2015 23

Scenario: Hybrid IT

SAP on Microsoft Azure – Storage

Two different Azure storage types

Persistent VHD storage located in Azure Storage Accounts as BLOB

Used by OS images and data disks

VHD can be uploaded from on-Premise

Create an empty VHD within Azure to attach them to VMs

Copy existing, unmounted VHD containers in an Azure Storage Account

All storage traffic between VM and storage account is network based

Non-Persistent, temporary storage

Drive D:\ - typically used for Page File requirements

Initialized by instance restart on different Azure hardware

Azure Storage Account limits the number of IOPS

Distribute high IOPS DBMS VMs between multiple Azure Storage Accounts

In June 2014, max. 50 Azure Storage Accounts per subscription possible

1/13/2015 24

Storage options


As always, DB log files should be stored on different volumes than the DB data files

Move the primary tempdb data file(s) to the same logical drive as the primary data file(s) of the SAP database

Add any additional tempdb data files to each of the other logical drives containing a data file of the SAP user database

Add the tempdb logfile to the logical drive which contains the user database’s log file

To increase the total number of IOPS per volume, multiple Azure VHDs can be striped

RAID-0 is sufficient, because Azure Storage holds 3 synchronous copies of each VHD

at every time

Do NOT use Azure storage caching for VHDs used by database files (TLog, Data)

Caching for the VM can remain with the default “ReadWrite”

Geo-Replication will have a severe impact on the sequential write throughput

DBMS does not benefit from Geo-Replication

Base VHD of a VM and additional VHDs should be stored in the same Storage Account

Detailed information can be found in the “SAP DBMS in Azure Deployment Guide”

http://go.microsoft.com/fwlink/p/?LinkId=397965

1/13/2015 25

Storage design for SAP Databases



1/13/2015 26

Example storage design for SAP Databases

Azure Base VHD

Azure Base VM <=127GBContains OS, DBMS and SAP

binaries

Azure Base VHD

Azure compute node running IaaS

VM

Local Disk used for buffering Base VHD Image

Image of base VHD, copied during boot process to

compute node for buffering Changes get persisted

D:\ drive on local nodeNon persisted Don t use,

except for page file

Azure VHD DBMS Logfile

Azure VHD DBMS

Datafiles

Azure VHD DBMS

Datafiles

Azure VHD DBMS

Datafiles

Azure VHD DBMS

Datafiles ...

DBMS Log and Data file VHDsMultiple for IOPS scaling

Eventually holding tempdb as well

Azure BLOB Storage

SAP on Microsoft Azure – Deployment Ways

Use Windows/SQL Server Image in Azure Gallery

Up to date Windows and SQL Server images available

Careful using Windows/SQL Server image will cost more and should not be used when bringing own SQL Server

licenses

Usually customers are using Windows image only

Upload VHDs with data to Azure and map Azure disks to deployed VMs

Install SAP software plus additional required software in those deployed VMs

Disadvantage:

A lot of post-deployment work and configurations

Patch state of Windows OS changes over time in gallery images

Azure Image Gallery

Build a Private Image with all necessary software components on-premise

Build one or several VMs with the necessary patch state of Windows, auxilliary software, eventually SAP and DBMS

software

Generalize VM image on-premise

Upload VHD with image into Azure

Add as private Azure Image to private Azure Image Gallery

Deploy systems many times from that private image

Rename pre-installed SAP instances with ‘Rename’ functionality of SWPM

Advantage:

Less post-deployment work

State of OS image constant over time

Azure Private Image Gallery


Configure SAP VM and VHDs on-premise in way that it fits into Azure IaaS and upload VHDs

Make sure that requirements of VHDs for Azure are fulfilled

Upload VHDs representing VM and data VHDs

Declare VHDs as Azure Disks

Deploy from Azure VM Disk once only

Keep VM name and SAP system name the same

Advantage:

Easiest way to move system to Azure

Move from Azure to on-premise works the same way

Move SAP system to Azure


SAP on Microsoft Azure - Monitoring

SAP NetWeaver requires additional monitoring of the hardware layer of Microsoft Azure as it is the

requirement for every other virtualization solution

Azure VM Agent and Extension framework is used

Every Azure VM deployed through the Portal has

the “Azure VM Agent” running

Manual VM Agent download & installation possible

for non-sysprepped VMs

Azure Extension Gallery is a globally replicated repository

Deployment of Azure & SAPonAzure PowerShell cmdlets

1/13/2015 30

End-to-End Monitoring Setup for SAP on Azure

SAP on Microsoft Azure - Monitoring

Monitoring is based on the “Virtualization on Windows: Enhanced monitoring stack” implemented in SAP

HostControl and SAPOSCol

Run cmdlet to enable: Update-VMConfigForSAP_GUI

Configuration details & troubleshooting guidance in

SAP NetWeaver on Microsoft Azure

Virtual Machine Services – Deployment Guide

SAP note #1409604 and #1999351

1/13/2015 31

End-to-End Monitoring Setup for SAP on Azure



SAP on Microsoft Azure – SLAs

No single-VM SLA available on Azure Virtual Machines right now

Azure SLAs:

Cloud service 99.95 %

21,6 min

Virtual Network 99.9 %

43,2 min

Storage 99.9%

43,2 min

Single VM „estimation“ 99.9%

43,2 min

Basis for the calculation is 30 days per month -> 43200 min. Therefore 0.05% downtime corresponds to 21.6 minutes.

1/13/2015 32

SLA availability

SAP on Microsoft Azure - HA

No standard SAP NetWeaver High Availability installation possible

Microsoft Azure doesn’t support Windows Shared Disk Failover Cluster which is necessary for SAP

Install multiple SAP application server in the same Azure Availability Set

No Azure update at the same time for this group of VMs

SAP (A)SCS is the Single Point of Failure Azure SLA is 99,65%

Using SQL Server Database HA Features is possible

SQL Server Log Shipping with DNS-enabled VMs

Database Mirroring with AD integration or certificates

AlwaysOn based on Windows Server Failover Cluster and AD integration

SQL Server Availability Group Listener only usable with Windows Server 2012 or newer as guest OS

Database VMs need to be in an separated Cloud Service to be isolated by the SAP application layer

Use static IPs for SQL Server VMs and the AlwaysOn Listener to be able to use etc\hosts on SAP VMs

Secure the Azure endpoints for SQL Server Database access using ACLs

1/13/2015 33

High Availability

SAP on Microsoft Azure - HA

1/13/2015 34

High Availability

1/13/2015 35

SAP on Microsoft Azure – Backup/Restore

In general, SQL Azure storage keeps VHD images 3 times, in addition geo-replication

Although, DBMS backups are necessary (point-in-time restore, Full Recovery model)

DBMS methods should be used to perform backups of databases

With SQL Server 2012 SP1 CU4 or newer backups against Azure Storage directly possible

In conjunction with SAP we would recommend at least SQL Server 2012 SP1 CU7

SAP instance VMs:

Simple Dialog Instances do not hold any important files. Customer usually re-install if necessary

VM that contains ‘central’ SAP instance does have data which eventually needs to be preserved. Use

Windows backup to backup SAP directory tree

Windows Server 2008 R2: Use local backup against VHD mounted to VM. Eventually un-mount and mount to other

system to backup

Windows Server 2012 (R2): Use Windows backup to backup against Windows Azure backup vault

1/13/2015 36

Backup/Restore and Disaster Recovery

SAP on Microsoft Azure - Use Cases

Non-productive SAP systems

Training environments

Development & sandbox system

Satellite components

Disaster recovery in Azure

1/13/2015 37

SAP on Microsoft Azure – Use Cases

E.g. Deploy Portal Environment on Microsoft Azure

Access via Endpoints

1/13/2015 38

Satellite Systems


Build a disaster recovery infrastructure in Azure instead in an own third data center

Install & prepare SAP VMs

If the VMs are stopped, only Azure Storage is billed

Use database technology to create a hot-standby database in Azure

Asynchronous SQL Server AlwaysOn

Transaction Log Shipping

Important: validate and test the DR infrastructure carefully

To-Do list if your infrastructure fails:

Stop everything on-Premise

Change access path (DNS, SAPLogon.ini) to Azure VMs

Open the hot standby database in Azure

Start the SAP VMs in Azure

1/13/2015 39

Disaster recovery landscape in Azure


Customer wants to “outsource” SAP environment

Hyprid-IT

Customer owns Azure subscription, software licneses (SAP and SQL Server)

Managed Service partner provides operation service for SAP on Azure

Backup

Monitoring

Performance Analysis

Parameterization

Update OS/DB

Once per quarter

SAP Kernel Patching

STMS

Client copies

Four copies per system landscape per year

System Refresh

Four copies per system landscape per year

1/13/2015 40

Managed services

SAP on Microsoft Azure - Automation

EasyCloud is a flexible framework, based on Microsoft PowerShell

EasyCloud uses standard Interface for all connections

Use EasyCloud best way to your demands:

Use direct EasyCloud Functions

Write own PowerShell Functions

Use Global Repository

Use Orchestration Tools or

PowerShell Execution Script

1/13/2015 41

Connmove EasyCloud

Cu

sto

me

r o

r

Re

ad

y2

Use

Op

era

tin

g S

yste

m

DatabaseSAP Systems

SAP

GUI

SAP

Control

SAP

RFC

ADO

.NET

Remote

Runspace

Remote

WMI

Co

nn

mo

ve

Ea

syC

lou

dConnectors & Functions - CMDLets

GET-

CmSap

GuiCon

nect

Get-

CMSAP

HostCo

nnect

Get-

CMSAP

Connect

Get-

CmPSR

unspace

Get-

CmOs

Connect

Get-

CmSql

Connect

PowerShell Functions

for customer specific programming

PowerShell Execution Script Orchestration ToolGlobal

Repository

SAP on Microsoft Azure - Automation

1/13/2015 42

Connmove EasyCloud

Standard Components + EasyCloud Execution Plan Deploy & Execute

System Copy

System Copy

OS Patching

SAP Kernel Patch

SA

P P

rivate

Clo

ud

OS Patching

SAP Kernel Patch

EasyCloud Software Solution Execution Templates Deploy-Service


Guides:

SAP NetWeaver on Microsoft Azure Virtual Machine Services – Planning and Implementation Guide

SAP NetWeaver on Microsoft Azure Virtual Machine Services - Deployment Guide

DBMS Deployment Guide for SAP on Microsoft Azure Virtual Machine Services

Download from:


OSS Notes:

1928533 SAP Applications on Azure: Supported Products and Sizing

2015553 SAP on Microsoft Azure: Support Prerequisites

1999351 Enhanced Azure Monitoring for SAP

1409604 Virtualization on Windows: Enhanced Monitoring

1/13/2015 43

Resources and Links



1/13/2015 44

30+ enterprise customers use SAP on Microsoft Azure today as early-adopters!

Use Cases How Microsoft Azure Helps How organizations benefit

Make timely changes to SAP workloads

by development teams

200–300 times faster infrastructure

provisioning and rollout compared to on-

premises; faster changes by SAP

application teams.

Increased agility and the ability to

provision instances within 20 minutes

with the SAP Cloud Application Library.

Fund development and test infrastructure

for SAP workloads

Supports the ability to stop development

and test systems at the end of the

business day.

Savings of as much as 40–75 percent in

hosting costs by exercising the ability to

stop instances when not in use.

Increase data center capacity to serve

new SAP project requests

Frees on-premises data center capacity

by moving development and test for SAP

workloads to Microsoft Azure—without

up-front investments.

Flexibility to shift from capital to

operational expenditures

Provide consistent training environments

based on templates

Ability to store and use pre-defined

images of the training environment for

new virtual machines.

Cost savings by provisioning only the

instances needed for training, and then

deleting them when the event is

complete.

Archive historical systems for auditing

and governance

Supports migration of physical machines

to virtual machines that can be switched

on when needed.

Savings of as much as 60 percent due to

cheaper storage and the ability to quickly

spin up systems based on need.


Kordia Group, New Zealand

http://www.microsoft.com/casestudies/Microsoft-Azure/Kordia-Group-Limited/Telecommunications-Company-Gains-

Performance-and-Flexibility-in-the-Cloud/710000003118

SCT Logistics

Transportation Firm Ensures Business Continuity by Protecting SAP Systems in Cloud

https://customers.microsoft.com/Pages/CustomerStory.aspx?recid=7876

AGL

Innovation Spotlight: AGL puts energy into action with the Cloud


Zespri International

Kiwi Grower Prunes Costs, Defends Business from Disasters by Running SAP in the Cloud


1/13/2015 45

References

http://www.microsoft.com/casestudies/Microsoft-Azure/Kordia-Group-Limited/Telecommunications-Company-Gains-Performance-and-Flexibility-in-the-Cloud/710000003118




www.connmove.de

Demo

SAP on Azure

1/13/201546

Technology

SAP® on Microsoft Azure osa 2