Skip to content

Latest commit

 

History

History
217 lines (134 loc) · 17.6 KB

cloud_iaas_aws.md

File metadata and controls

217 lines (134 loc) · 17.6 KB

Platform Specific Architecture for AWS (Amazon Web Services)

AWS: Overall Architecture

Following diagram is illustrating complete version of Reference Architecture for SAP HANA tailored for AWS (Amazon Web Services).

For detailed explanation of individual modules please see individual sections in Generic SAP HANA Architecture.

AWS: Overall Architecture

You can also review official AWS Reference Architecture and other documentation:

AWS: Basic Architecture

Link to generic content: Module: Basic Architecture

AWS: Supported Instance Types for SAP HANA

Not every instance type is supported for productive SAP HANA usage.

Official list of SAP certified instance types is available at SAP: The SAP HANA Hardware Directory. This should always be used to decide whether the particular instance type is supported for SAP HANA or not.

AWS specific list of certified instances with additional details can be found in AWS: SAP HANA on AWS Quick Start Guide: AWS Instance Types for SAP HANA

AWS: Storage Setup for SAP HANA Implementation

SAP HANA Storage Configuration is coming in two flavors:

  • General Purpose SSD (gp2) storage - cheaper storage that meets SAP KPI requirements for most of the SAP HANA workloads
  • Provisioned IOPS SSD (io1) storage - high-performance storage intended for most demanding SAP HANA workloads

Following disk setup is recommended:

AWS: Storage Architecture

Filesystem Name Device type Comment
/ Root volume gp2
/hana/data SAP HANA data gp2 / io1
/hana/log SAP HANA logs gp2 / io1
/hana/shared SAP HANA shared gp2 Provisioned to the master, NFS-mounted on other nodes
/usr/sap SAP binaries gp2
/backups SAP HANA backup st1 Provisioned to the master, NFS-mounted on other nodes
/backups SAP HANA backup Amazon EFS Alternative option for SAP HANA backup filesystem

Instance specific sizing recommendations are available at AWS: SAP HANA on AWS Quick Start Guide: Storage Configuration for SAP HANA.

AWS: Networking specifics for AWS Availability Zones

As visualized on the Overall Architecture diagram - in AWS each Availability Zone is having its own subnet. It is not possible to stretch one subnet across multiple Availability Zones. This needs to be taken into consideration during deployment planning.

Impact on implementation of Cluster IP in AWS is described in AWS: High Availability.

AWS: Virtual Hostname/IP

Link to generic content: Module: Virtual Hostname/IP

This chapter describes recommended implementation of Virtual Hostname and Virtual IP for an SAP HANA installation on the AWS cloud.

The implementation is based on assigning a Secondary private IP address to an existing network interface of the AWS instance. A Secondary private IP address can be easily reassigned to another AWS instance and so it can follow SAP HANA instance relocation. For more details see AWS: Multiple IP Addresses. This Secondary private IP address is associated with the Virtual Hostname which is used during SAP HANA instance installation.

AWS: Generic implementation steps

Note: Virtual IP can be be reassigned to another AWS instance thanks to option "Allow reassignment" of the network interface (see AWS: assign a secondary private IPv4 address)

AWS: Additional comments

AWS: SAP HANA inbound network communication

A network communication initiated from a remote system to the Virtual IP of SAP HANA instance is established and takes place between remote system IP and the Virtual IP (Secondary private IP address). The Primary private IP address on the same interface is not involved in this communication.

AWS: SAP HANA outbound network communication

In contrast to an inbound connection, when SAP HANA instance initiates a network connection to a remote system the Primary private IP address is used as source IP instead of Virtual IP (Secondary private IP address).
If there is requirement to use Virtual IP as the source IP, it could be achieved by means of linux routing. The core of the idea is to add route specifying source address like ip route add <network/mask> via <gateway> src <virtual_ip> (see Routing for multiple uplinks/providers).

AWS: High Availability

Link to generic content: Module: High Availability

AWS: High Availability across Availability Zones

Best practice for deploying SAP HANA is to stretch High Availability cluster across Availability Zones. Each AWS Availability Zone is physically separate infrastructure, therefore deploying High Availability across Availability Zones ensures that there is no shared single-point-of-failure (SPOF) between primary and secondary SAP HANA system. This approach is significantly increasing overall resiliency of the High Availability of the solution.

List of existing Availability Zones for individual AWS Regions is available here: AWS: Regions and Availability Zones.

AWS: Which Availability Zone to use

Most critical factor for selecting Availability Zones is network latency. Latency between individual Availability Zones can significantly differ and therefore it is important to measure network latency using SAP niping tool (see SAP Note 500235: Network Diagnosis with NIPING for additional information) and select Availability Zones with minimal latency.

Furthermore, it is important to note that internal numbering of Availability Zones is specific for each individual AWS account. Therefore, the network latency test must be performed in given account. For additional information please see AWS: Regions, Availability Zones, and Local Zones - Availability Zones.

Last thing to consider is whether desired instance types are available inside selected Availability Zones as not all Availability Zones are offering all instance types.

AWS: Available Fencing mechanism

AWS is using IPMI-like Fencing (see Module: High Availability - IPMI-like Fencing for additional details). SBD (Storage Based Death) Fencing is not available in AWS.

Fencing agent source code is available here: external/ec2. Behind the scenes it is using StopInstances API call with force option. This will hard stop EC2 instance without gracefully stopping the Operating System.

Following are most important prerequisites for external/ec2 fencing mechanism to work properly:

Please see SUSE: SAP HANA High Availability Cluster for the AWS Cloud - Setup Guide - Prerequisites for the AWS-Specific HA Installation for complete list of prerequisites.

Additional Information:

AWS: Implementation of Cluster IP

Traditional implementation of Cluster IP (not applicable to AWS) is covered in section Module: High Availability - Typical Cluster IP Implementation.

In AWS each Availability Zone is having its own separate subnet and it is not possible to stretch one subnet across multiple Availability Zones. Therefore, different mechanism is required. AWS implementation of Cluster IP address is based on "Overlay IP" address concept. It is defined as additional entry in VPC routing table entry that is managed directly by Pacemaker Cluster. This entry is forwarding all packets sent to Overlay IP (third IP address in its own separate subnet) to the IP address of either primary or secondary server. During cluster takeover this VPC routing table entry is updated by Pacemaker cluster via AWS Command Line Interface (CLI) utility to point to new primary server. This concept is more in detail explained here:

In order to ensure that Pacemaker cluster is able to properly manage the VPC route table adjustments, it needs proper IAM access to be assigned to given VM. Technical details are explained in following documentation:

Third requirement for this concept to work is to disable "Source/Destination Check" for given Network Interface as explained in above mentioned guides. This is to ensure that packets are not discarded based on using Cluster IP address. For additional information please see AWS: Disabling source/destination checks).

AWS: Disaster Recovery

Link to generic content: Module: Disaster Recovery

Disaster Recovery for SAP HANA via SAP HANA System Replication is not infrastructure dependent.

AWS: Data Tiering Options

Link to generic content: Module: Data Tiering Options

Following data tiering options are supposed on AWS:

Data Tiering Option Supported
Persistent Memory (NVRAM) No
SAP HANA Native Storage Extensions (NSE) Yes
SAP HANA Extension Nodes Yes
SAP HANA Dynamic Tiering (DT) Yes

Additional Information:

AWS: Persistent Memory (NVRAM)

Amazon Web Services platform does not offer any instance types having NVRAM that are supported for productive SAP HANA usage.

AWS: SAP HANA Native Storage Extensions (NSE)

SAP HANA Native Storage Extensions only need additional disk space compared to regular SAP HANA deployments. Amazon Web Services platform does allow to provision additional disks to SAP HANA VM and add capacity into existing filesystems. There is no change to the design of the storage layout.

AWS: SAP HANA Extension Nodes

SAP HANA Extension Node implementation is based on provisioning additional SAP HANA node (with increased storage capacity) to existing SAP HANA system. Result is SAP HANA Scale-Out system where one of the nodes is designated as SAP HANA Extension Node. Storage layout is same as for regular SAP HANA nodes and it is visualized above in section AWS: Storage Setup for SAP HANA Implementation.

Additional Information:

AWS: SAP HANA Dynamic Tiering (DT)

SAP HANA Dynamic Tiering (DT) implementation in Amazon Web Services platform is based on provisioning additional VM for Dynamic Tiering component and connecting it to VM hosting SAP HANA instance, thus forming two-node distributed setup. Storage layout is identical to SAP HANA Scale-out setup as illustrated above in section AWS: Storage Setup for SAP HANA Implementation.

Additional Information:

AWS: XSA

Link to generic content: Module: SAP XSA

SAP HANA extended application services, advanced model (XSA) component is not infrastructure dependent.