Overview of Power Virtual Server for SAP HANA deployable architecture
This automated deployable architecture guide is an fullstack to the main IBM Cloud for SAP portfolio documentation, focusing on the automated reference architecture and steps required for the automated deployment.
SAP solution provisioning on Power Virtual Server using deployable architectures provides an automated deployment method to create a Power Virtual Server landscape with SAP HANA systems. Comparing the provisioning via webUI, user interaction is minimized and SAP system deployment time is reduced from weeks to days.
Automated SAP provisioning on Power Virtual Server described in this guide is based upon IBM Catalog deployable architectures. In this documentation we describe only specifics related to SAP HANA solution provisioning using deployable architectures.
SAP on Power related deployable architectures
SAP solution provisioning as deployable architectures is delivered as a single Terraform-based solution that integrates IBM® Power® Virtual Server and SAP HANA deployment in an automated way.
In the following sections, the deployable architecture variants are described.
1. Variation - SAP ready PowerVS
'SAP ready PowerVS' variation of 'IBM® Power® Virtual Server for SAP HANA' creates a basic and expandable SAP system landscape that integrates the IBM® Power® Virtual Server with VPC landing zone as part of a unified deployable architecture. Power Virtual Server instances for SAP HANA and SAP NetWeaver are deployed and preconfigured for SAP installation.
Services such as DNS, NTP and NFS running in VPC and provided by 'IBM® Power® Virtual Server with VPC landing zone' are leveraged. Transit gateway provide the network bridge between the IBM Power infrastructure and the IBM VPC and public internet. The resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management and the network connectivity configuration provided by 'IBM® Power® Virtual Server with VPC landing zone'.
This deployable architecture variation deploys these resources:
| Resource Type | Optional | Description |
|---|---|---|
| Workspace for Power Virtual Server | Workspace for Power Virtual Server with 1 subnet and an SSH key | |
| Power Virtual Server Images | Yes | Imports up to two custom images from Cloud Object Storage into Workspace for Power Virtual Server. Optionally let's the user choose a byol or custom os image for the HANA and Netweaver PowerVS instances and activate it with user provided os registration credentials. |
| Power Virtual Server Instance for SAP HANA | Creates and configures one Power Virtual Server instance using certified profiles for SAP HANA based on best practices | |
| Power Virtual Server Instance for SAP Application or NetWeaver | Yes | Creates and configures multiple Power Virtual Server instances for SAP NetWeaver based on best practices |
| Power Virtual Server Volumes | Filesystem sizes for HANA data and HANA log are calculated automatically based on the memory size. Custom storage configuration by providing custom volume size, iops(tier0, tier1, tier3, tier5k), counts and mount points is supported. |
| Resource Type | Optional | Description |
|---|---|---|
| VPC | Edge VPC: ACL, SGs, SSH Key and 4 Subnets | |
| Intel VSI | Jump box with 2 cores, 4GB memory running RHEL 9.6 with floating IP attached | |
| Intel VSI | Network Services running RHEL 9.6 configured as squid proxy, NTP and DNS servers(using Ansible Galaxy collection roles IBM Power Linux for SAP). Also configured as central ansible execution node. Default size is 2 cores and 4 GB memory. Can be customized. | |
| Intel VSI, IBM Cloud Monitoring Instance |
Yes | Monitoring Host running SLES 15SP6 to collect metrics and forward it to IBM Monitoring Instance IBM Cloud monitoring Instance displays the platform metrics and OS metrics |
| File storage share, Network load balancer |
Yes | NFS as a Service Network Load Balancer is deployed along with File storage share to access the share IP from Power Virtual Server |
| Virtual Private Endpoint Gateway | A Virtual Private Endpoint Gateway to reach the Cloud Object Storage bucket | |
| Flow Logs for VPC | Flow Logs for VPC enables the collection, storage, and presentation of information about the Internet Protocol (IP) traffic going to and from network interfaces within your VPC | |
| Client to site VPN Server, Secrets Manager |
Yes | Client to site VPN Server provides client-to-site connectivity, which allows remote devices to securely connect to the VPC network using an OpenVPN software client. Secrets Manager Instance is deployed along with VPN to store the VPN Certificate |
| Resource Type | Optional | Description |
|---|---|---|
| Key Protect | Key Protect provides key management by integrating the IBM Key Protect for IBM Cloud service. These key management services help you create, manage, and use encryption keys to protect your sensitive data | |
| Transit Gateway | Global or local Transit Gateway to interconnect VPC and Power Virtual Server workspace | |
| Cloud Object Storage | Cloud Object Storage instance, buckets and credentials are created | |
| IBM Cloud Monitoring | Yes | Monitoring collects metrics to provide a web UI to monitor the performance and overall system health of the deployment. Interconnects with IBM Cloud Security and Compliance Center Workload Protection if used. |
| IBM Cloud Security and Compliance Center Workload Protection | Yes | Workload Protection can be used to find and prioritize software vulnerabilities, detect and respond to threats, manage configurations, permissions, and compliance from source to run. Interconnects with Monitoring if used. |
Notes
- Does not install any SAP software or solutions.
- Do not specify a filesystem
/sapmntexplicitly for NetWeaver instance, as a 300GB volume is automatically created on the primary NetWeaver instance.
2. Variation - SAP S/4HANA or BW/4HANA
SAP S/4HANA or BW/4HANA' variation of 'IBM® Power® Virtual Server for SAP HANA' creates a basic and expandable SAP system landscape that integrates the IBM® Power® Virtual Server with VPC landing zone as part of a unified deployable architecture. PowerVS instances for SAP HANA, SAP NetWeaver and optionally for shared SAP files are deployed and preconfigured for SAP installation.
S/4HANA or BW/4HANA solution is installed based on selected version.
- Supports installation of S/4HANA2023, S/4HANA2022, S/4HANA2021, S/4HANA2020, BW/4HANA2021.
- Supports installation using Maintenance Planner as well.
Services such as DNS, NTP and NFS running in VPC and provided by 'IBM® Power® Virtual Server with VPC landing zone' are leveraged.
Transit gateway provide the network bridge between the IBM Power infrastructure and the IBM VPC and public internet. The resulting SAP landscape leverages the services such as Activity Tracker, Cloud Object Storage, Key Management and the network connectivity configuration provided by 'IBM® Power® Virtual Server with VPC landing zone'.
This deployable architecture variation deploys these resources:
| Resource Type | Optional | Description |
|---|---|---|
| Workspace for Power Virtual Server | Workspace for Power Virtual Server with 1 subnet and an SSH key | |
| Power Virtual Server Images | Yes | Imports up to two custom images from Cloud Object Storage into Workspace for Power Virtual Server. Optionally let's the user choose a byol or custom os image for the HANA and Netweaver PowerVS instances and activate it with user provided os registration credentials. |
| Power Virtual Server Instance for SAP HANA | Creates and configures one Power Virtual Server instance using certified profiles based on best practices for HANA database. | |
| Power Virtual Server Instance for SAP Application or NetWeaver | Creates and configures one Power Virtual Server instances for SAP NetWeaver based on best practices, hosting the PAS and ASCS instances. | |
| Power Virtual Server Volumes | Filesystem sizes for HANA data and HANA log are calculated automatically based on the memory size. Custom storage configuration by providing custom volume size, iops(tier0, tier1, tier3, tier5k), counts and mount points is supported. |
| Resource Type | Optional | Description |
|---|---|---|
| VPC | Edge VPC: ACL, SGs, SSH Key and 4 Subnets | |
| Intel VSI | Jump box with 2 cores, 4GB memory running RHEL 9.6 with floating IP attached | |
| Intel VSI | Network Services running RHEL 9.6 configured as squid proxy, NTP and DNS servers(using Ansible Galaxy collection roles IBM Power Linux for SAP). Also configured as central ansible execution node. Default size is 2 cores and 4 GB memory. Can be customized. | |
| Intel VSI, IBM Cloud Monitoring Instance |
Yes | Monitoring Host running SLES 15SP6 to collect metrics and forward it to IBM Monitoring Instance IBM Cloud monitoring Instance displays the platform metrics and OS metrics |
| File storage share, Network load balancer |
Yes | NFS as a Service Network Load Balancer is deployed along with File storage share to access the share IP from Power Virtual Server |
| Virtual Private Endpoint Gateway | A Virtual Private Endpoint Gateway to reach the Cloud Object Storage bucket | |
| Flow Logs for VPC | Flow Logs for VPC enables the collection, storage, and presentation of information about the Internet Protocol (IP) traffic going to and from network interfaces within your VPC | |
| Client to site VPN Server, Secrets Manager |
Yes | Client to site VPN Server provides client-to-site connectivity, which allows remote devices to securely connect to the VPC network using an OpenVPN software client. Secrets Manager Instance is deployed along with VPN to store the VPN Certificate |
| Resource Type | Optional | Description |
|---|---|---|
| Key Protect | Key Protect provides key management by integrating the IBM Key Protect for IBM Cloud service. These key management services help you create, manage, and use encryption keys to protect your sensitive data | |
| Transit Gateway | Global or local Transit Gateway to interconnect VPC and Power Virtual Server workspace | |
| Cloud Object Storage | Cloud Object Storage instance, buckets and credentials are created | |
| IBM Cloud Monitoring | Yes | Monitoring collects metrics to provide a web UI to monitor the performance and overall system health of the deployment. Interconnects with IBM Cloud Security and Compliance Center Workload Protection if used. |
| IBM Cloud Security and Compliance Center Workload Protection | Yes | Workload Protection can be used to find and prioritize software vulnerabilities, detect and respond to threats, manage configurations, permissions, and compliance from source to run. Interconnects with Monitoring if used. |
Notes
- Do not specify a filesystem
/sapmntexplicitly for NetWeaver instance, as a 300GB volume is automatically created on the primary NetWeaver instance.