Building upon our existing open-source Infrastructure as Code (IAC) deployment of a consistent and standardized platform for running SAP products, we take the journey one step further by introducing a framework for applying Configuration as Code (CAC) to the deployed compute resources. This allows us to continue the journey into the space of configuring the Operating System (OS), applying the SAP specific settings to the OS, and to install the base SAP product. With SUSE as a contributing development partner the goal is to address the initial OS configuration and hardening through review of the CIS Guidelines with a SUSE focus, followed by SAP application specific OS requirements. This modular, phase oriented, task driven approach enables the easy addition of new features and facilitates collaboration. SUSE also contributes the setup automation and configuration for HA setups of SAP HANA and SAP NetWeaver servers, based on the SUSE best practice documentation. This provides an acceleration over a manual process that reduces the total run time, for creating all the infrastructure components to achieving your first logon to the SAP system, to approximately 2 hours. For this initial preview release we are focused on S/4 HANA as the pilot product. The capability for other products and databases will follow. Based on 4 days of elapsed time, this provides a98% reduction in the time spent to build out an SAP system to the point of a base installation.
With the addition of CAC, we introduce a modular framework for building up the SAP System. A key feature is the introduction of the Bill of Materials, or BOM.
BOM – The BOM is a description of an SAP product at a specific version, the install templates, files required for the base install, files needed for standard Basis post processing, and the Database to use. This allows for a repeatable installation to a specified target version over time.
Additionally, we build up the story using Ansible Playbooks to achieve modular steps to describe the CAC.
OS Playbook– This provides base OS configuration steps, for SUSE and RHEL,
common to all initial server setups. We introduce standardized configuration steps to address callouts in the CIS guidelines and any other generic system administration tasks. Some examples are:
sudoers config, swap space, repository config, package installation, time services, and user accounts.
SAP OS Playbook – This provides for the requirements needed to configure the system to install and run the SAP product. Some examples are:
SAP OS Packages, hosts file config, LVM and disk setup, filesystem mounts, SAP users, SAP Notes, kernel settings.
BOM Processing Playbook – This provides the framework to read a BOM, download the software binaries from a customer storage account, and preform any required processing on the files, to a shared installation location.
BOM Acquisition Playbook – This is a prerequisite task that allows the files specified in the BOM to be downloaded from SAP and stored in the customers storage account. This task requires a customer provided S-User credential which guarantees an SAP/Customer License check and export control check.
SAP Install Playbooks – This group of playbooks addresses each individual phase of the SAP install process, executing sapinst on the appropriate node, in the correct sequence.
SCS (or System Communication Server install), DBLOAD (or Database Load phase), PAS (or Primary Application Server install), APP (or Application Server install), WEB (or Web Dispatcher install)
Database Install Playbook, HANA – This provides for the installation of the database software on the database server using the software downloaded during the BOM Processing.
HSR Playbook – This provides for HANA System Replication in High Availability environments.
Pacemaker Playbook – This Provides for Pacemaker clustering, for SUSE and RHEL, to be configured to support High Availability requirements.
The key feature in this preview announcement, is the introduction of a framework that supports the installation of SAP products through the definition of a BOM. Initially Microsoft will provide starter BOM for S/4 HANA 1909 SPS03. The BOM, or Bill of Materials, is a manifest that describes an SAP product, at a specific version, with a specific support pack stack, to a specific patch level. This creates a detailed description of a product install that can be repeated over time. Any change in a file version would result in a new BOM version being generated. The files required to perform the installation are stored in the customers SAP Library storage account, perpetually, and are the source media repository. There is a prerequisite task is used to acquire the media from SAP for Microsoft provided BOM’s.
The Software Download Process, or BOM Acquisition, is used to populate the SAP Library with media specified by the BOM. There is an automatic deduplication feature, since many BOM’s will specify the same media with small deltas. In order to comply with SAP licensing and export controls, the customer will need to provide S-User credentials with download authorization to the download process.
There is a BOM creation process for the more advanced user where you can create a customer provided BOM to customize the BOM to land on a different target version. This process is manually intensive at this time, which is why we chose to provide starter BOM’s.
Another key feature is the layered playbooks that capture the system administration tasks for configuring the OS. This layered approach allows the modular playbooks to group tasks into distinct phases in the configuration process. With SUSE as a development partner the goal is to address the initial OS configuration and hardening through review of the CIS Guidelines, followed by SAP application specific OS requirements. This modular, phase oriented, task driven approach enables the easy addition of new features and facilitates collaboration.
Looking ahead, near term, at future capabilities, we will be extending functionality to cover:
An orchestration framework.
Additional Microsoft provided BOM’s for NetWeaver and Solution Manager.
We ask that you sign up for the Private Preview and use the resources below. By signing up we will be better able to provide assistance and enablement sessions.