1 What Is SUSE Linux Enterprise Server for SAP Applications? #
SUSE® Linux Enterprise Server for SAP Applications is a bundle of software and services that addresses the specific needs of SAP users. It is the only operating system that is optimized for all SAP software solutions.
Target use cases include:
Unix to Linux migrations and replatforming
SAP appliances
SAP cloud deployments
SUSE Linux Enterprise Server for SAP Applications consists of software components and service offerings which are described in the following sections. The figure Offerings of SUSE Linux Enterprise Server for SAP Applications shows which software components and services are also available with other products from SUSE (green) and which ones are exclusively available with SUSE Linux Enterprise Server for SAP Applications (blue).
1.1 Software Components #
As depicted in Figure 1.1, “Offerings of SUSE Linux Enterprise Server for SAP Applications”, SUSE Linux Enterprise Server for SAP Applications is based on SUSE Linux Enterprise Server. Additionally, it contains software components such as SUSE Linux Enterprise High Availability, the kernel page-cache limit feature, and the installation workflow. These software components are briefly explained in the following sections.
1.1.1 SUSE Linux Enterprise Server #
The current release is based on SUSE Linux Enterprise Server 12 SP5. SUSE Linux Enterprise Server is the most interoperable platform for mission-critical computing, both physical and virtual.
1.1.2 SUSE Linux Enterprise High Availability #
This component consists of:
Flexible, policy-driven clustering
Cluster-aware file system and volume management
Continuous data replication
Setup and installation
Management and administration tools
Resource agents, also for SAP
Virtualization-aware
SUSE Linux Enterprise High Availability provides two resource agents specifically for working with SAP applications:
SAPInstance
which allows starting and stopping instances of SAP products.SAPDatabase
which allows starting and stopping all databases supported by SAP applications (SAP HANA, SAP MaxDB, SAP ASE, Oracle, Sybase, IBM DB2).
For more information about SUSE Linux Enterprise High Availability, see the Administration Guide, available from https://documentation.suse.com/sle-ha-12. Additional White Papers and Best Practice Guides are available in the SUSE Linux Enterprise Server for SAP Applications Resource Library (https://www.suse.com/products/sles-for-sap/resource-library/).
1.1.3 Simplified SAP HANA System Replication Setup #
SUSE Linux Enterprise Server for SAP Applications supports SAP HANA System Replication by using components of SUSE Linux Enterprise High Availability and two additional resource agents (RA). Additionally, SUSE Linux Enterprise Server for SAP Applications ships with a YaST wizard that simplifies the cluster setup.
1.1.3.1 SAPHana
Resource Agent #
This resource agent from SUSE supports scale-up scenarios by checking the SAP HANA database instances for whether a takeover needs to happen. Unlike with the pure SAP solution, takeovers can be automated.
It is configured as a parent/child resource: The parent assumes responsibility for the SAP HANA databases running in primary mode, whereas the child is responsible for instances that are operated in synchronous (secondary) status. In case of a takeover, the secondary (child resource instance) can automatically be promoted to become the new primary (parent resource instance).
This resource agent supports system replication for the following in scale-up scenarios:
Performance-Optimized Scenario. Two servers (A and B) in the same SUSE Linux Enterprise High Availability cluster, one primary (A) and one secondary (B). The SAP HANA instance from the primary server (A) is replicated synchronously to the secondary server (B).
Cost-Optimized Scenario. The basic setup of A and B is the same as in the Performance-Optimized Scenario. However, the secondary server (B) is also used for non-productive purposes, such as for an additional SAP HANA database for development or QA. The production database is only kept on permanent memory, such as a hard disk. If a takeover needs to occur, the non-productive server will be stopped before the takeover is processed. The system resources for the productive database are then increased as quickly as possible via an SAP hook call-out script.
Chain/Multi-Tier Scenario. Three servers (A, B, and C), of which two are located in the same SUSE Linux Enterprise High Availability cluster (A and B). The third server (C) is located externally. The SAP HANA system on the primary server (A) is replicated synchronously to the secondary server (B). The secondary server (B) is replicated asynchronously to the external server (C).
If a takeover from A to B occurs, the connection between B and C remains untouched. However, B is not allowed to be the source for two servers (A and C). This would be a “star” topology which is not supported with current SAP HANA versions (such as SPS11).
Using SAP HANA commands, you can then manually decide what to do:
The connection between B and C can be broken, so that B can connect to A.
If replication to the external site (C) is more important than local system replication, the connection between B and C can be kept.
For all of the scenarios, SUSE Linux Enterprise Server for SAP Applications supports both single-tenant and multi-tenant (MDC) SAP HANA databases. That is, you can use SAP HANA databases that serve multiple SAP applications.
1.1.3.2 SAPHanaTopology
Resource Agent #
To make configuring the cluster as simple as possible, SUSE has
developed the SAPHanaTopology
resource agent.
This agent runs on all
nodes of a SUSE Linux Enterprise High Availability cluster. It gathers information about the status and
configurations of SAP HANA system replications. It is designed as a
normal (stateless) clone.
1.1.3.3 YaST Wizard to Set Up SAP HANA Clusters #
SUSE Linux Enterprise Server for SAP Applications now additionally ships a YaST wizard that manages the initial setup of such clusters according to best practices. The wizard is part of the package yast2-sap-ha and can be started using YaST, via .
For more information, see Chapter 6, Setting Up an SAP HANA Cluster.
1.1.3.4 For More Information #
For more information, see:
The Administration Guide at https://documentation.suse.com/sles-12.
The Best Practices in the Resource Library at https://www.suse.com/products/sles-for-sap/resource-library/. In particular, see Setting up a SAP HANA SR performance optimized infrastructure and Setting up a SAP HANA SR cost optimized infrastructure.
1.1.4 Installation Workflow #
The installation workflow offers a guided installation path for both the SUSE Linux Enterprise Server operating system and the SAP application. For more information, see Section 2.5, “Overview of the Installation Workflow”.
Additionally, the installation workflow can be extended by third-party vendors or customers using Supplementary Media. For more information about creating Supplementary Media, see Appendix C, Supplementary Media.
1.1.5 Page-Cache Limit #
You can limit the kernel file system cache size to influence swapping behavior. With this feature, you can often gain better performance by allocating memory to an application.
1.1.6 Malware Protection with ClamSAP #
ClamSAP integrates the ClamAV anti-malware toolkit into SAP NetWeaver and SAP Mobile Platform applications to enable cross-platform threat detection. For example, you can use ClamSAP to allow an SAP application to scan for malicious uploads in HTTP uploads.
For more information, see Chapter 11, Protecting Against Malware With ClamSAP.
1.1.7 SAP HANA Security #
SUSE Linux Enterprise Server for SAP Applications contains additional features to help set up well-secured SAP HANA installations.
1.1.7.1 Firewall for SAP HANA #
Securing SAP HANA can require many additional firewall rules. To simplify firewall setups for SAP HANA, SUSE Linux Enterprise Server for SAP Applications contains the package HANA-Firewall. It provides preconfigured rules and integrates with SuSEfirewall2.
For more information, see Section 9.2, “Configuring HANA-Firewall”.
1.1.7.2 Hardening Guide for SAP HANA #
For information on hardening the underlying operating system, see the SUSE Linux Enterprise Server for SAP Applications resource library: https://www.suse.com/products/sles-for-sap/resource-library/. There, find the document OS Security Hardening for SAP HANA.
1.1.8 Simplified Operations Management #
SUSE Linux Enterprise Server for SAP Applications combines several features that enable simplified operations management.
1.1.8.1 System Tuning with sapconf
#
The system tuning application sapconf
allows you to
automatically and comprehensively tune your system as recommended by
SAP for use with SAP S/4HANA, SAP NetWeaver, or SAP HANA/SAP BusinessOne. This allow
tuning several kernel parameters, depending on the hardware components
you are using, such as the amount of available RAM.
For more information, see Chapter 7, Tuning systems with sapconf
5.
1.1.8.2 Storage Encryption for Hosted Applications with cryptctl
#
Today, databases and similar applications are often hosted on external servers that are serviced by third-party staff. Certain data center maintenance tasks require third-party staff to directly access affected systems. In such cases, privacy requirements necessitate disk encryption.
cryptctl
allows encrypting sensitive directories using
LUKS and offers the following additional features:
Encryption keys are located on a central server which can be located on customer premises.
Encrypted partitions are automatically remounted after an unplanned reboot.
For more information, see Chapter 10, Encrypting Directories Using cryptctl
.
1.1.8.3 Patterns Providing Dependencies of SAP Applications #
To simplify working with software dependencies of SAP applications, SUSE has created patterns that combine relevant dependency RPM packages for specific applications:
The selection of packages of the software patterns are defined while a specific release (Service Pack or major version) of SUSE Linux Enterprise Server for SAP Applications is developed. This package selection is stable over the lifetime of this particular release. When working with SAP applications that have been released more recently than your SUSE Linux Enterprise Server for SAP Applications version, dependencies can be missing from the patterns.
For definitive information about the dependencies of your SAP application, see the documentation provided to you by SAP.
1.1.8.4 ClusterTools2
#
ClusterTools2
provides tools that help set up
and manage a Corosync/pacemaker
cluster. Among
them are the command wow
which helps create
highly available system resources, and
ClusterService
which allows managing a cluster.
Additionally, ClusterTools2
provides scripts that
automate common cluster tasks:
Scripts that perform checks. For example, to find out whether a system is set up correctly for creating a
pacemaker
cluster.Scripts that simplify configuration. For example, to create a Corosync configuration.
Scripts that monitor the system and scripts that show or collect system information. For example, to find known error patterns in log files.
For more information, see the man page of the respective tool, included with the package ClusterTools2. Also see the project home page at https://github.com/fmherschel/ClusterTools2.
1.2 Software Repository Setup #
Software included with operating systems based on SUSE Linux Enterprise is delivered as RPM packages, a form of installation package that can have dependencies on other packages. On a server or an installation medium, these packages are stored in software repositories (sometimes also called “channels”).
By default, computers running SUSE Linux Enterprise Server for SAP Applications are set up to receive packages from multiple repositories. Of each of the standard repositories, there is a “Pool” variant that represents the state of the software when it was first shipped. There is also an “Update” variant that includes the newest maintenance updates for the software in the “Pool” variant.
If you registered your system during installation, your repository setup should include the following:
Content |
Base repository (“Pool”) |
Update repository |
---|---|---|
Base packages of SUSE Linux Enterprise Server |
|
|
Packages specific to SUSE Linux Enterprise Server for SAP Applications |
|
|
Packages specific to SUSE Linux Enterprise High Availability |
|
|
The tables in this section do not show Debuginfo and Source repositories which are also set up but disabled by default. The Debuginfo repositories contain packages that can be used for debugging regular packages. The Source repositories contain source code for packages.
Depending on your installation method, you may also see
SLE-12-SPSP5-SAP-12.SP5-0
which is the installation medium.
It contains packages from all of the base software repositories listed
above.
Because there are own repositories for SUSE Linux Enterprise Server for SAP Applications, SUSE can ship packages and patches that are specific to SUSE Linux Enterprise Server for SAP Applications.
Unlike in SUSE Linux Enterprise Server for SAP Applications 11, updates related to Extended Service Pack
Overlay Support (ESPOS) are shipped directly from the
Update
repositories. This means there is no separate
ESPOS repository to set up.
In addition to the standard repositories, you can enable the following
SLE Modules and SLE Extensions (either during the installation or from
the running system by using YaST or the command
SUSEConnect
).
Content |
Base repository (“Pool”) |
Update repository |
---|---|---|
Advanced Systems Management Module: CFEngine, Puppet and the Machinery tool |
|
|
Containers Module: Docker, tools, prepackaged images |
|
|
HPC Module: tools and libraries related to High Performance Computing |
|
|
Legacy Module: Sendmail, old IMAP stack, old Java, … |
|
|
Public Cloud Module: public cloud initialization code and tools |
|
|
Toolchain Module: GNU Compiler Collection (GCC) |
|
|
Web and Scripting Module: PHP, Python, Ruby on Rails |
|
|
Content |
Base repository (“Pool”) |
Update repository |
---|---|---|
SLE SDK |
|
|
SUSE Package Hub |
|
|
For more information about SUSE Package Hub, see Section A.3, “SUSE Package Hub”. For information about life cycle and support of modules and extensions, see Section 1.3, “Included Services”.
1.3 Included Services #
- Extended Service Pack Overlap Support (ESPOS)
Subscriptions for SUSE Linux Enterprise Server for SAP Applications include Extended Service Pack Overlap Support (ESPOS). It extends the overlap between the support periods of two consecutive service packs by three years. During this period, you receive support and all relevant maintenance updates under the terms of Long Term Service Pack Support (LTSS).
Extended Service Pack Overlap Support allows you to perform service pack migrations within three and a half years instead of only six months. This enables you to schedule migrations more easily and perform testing before a migration under less restrictive time constraints. At an additional cost, SUSE also offers LTSS. With LTSS, you receive support for a particular service pack after the ESPOS period ends. SUSE Linux Enterprise Server for SAP Applications includes one and a half years of general support and three years of ESPOS for each service pack.
The last service pack in each SLE family does not have ESPOS. Instead of ESPOS, it includes a longer general support period. Because of that, LTSS is available only for the last service pack. All other service packs already include three years of ESPOS, which equals LTSS.
For more information, refer to the following resources:
Product Lifecycle Support Policies: https://www.suse.com/support/policy-products/#sap
Lifecycle Dates by Product: https://www.suse.com/lifecycle/
Long Term Service Pack Support: https://www.suse.com/products/long-term-service-pack-support/
- SUSE Linux Enterprise Server Priority Support for SAP Applications
Subscriptions for SUSE Linux Enterprise Server for SAP Applications include SUSE Linux Enterprise Server Priority Support for SAP Applications. It offers technical support for SUSE Linux Enterprise Server for SAP Applications directly from SAP. The joint support infrastructure is provided by support engineers from SUSE Technical Support and SAP. It is based upon SAP Resolve and offers seamless communication with both SAP and SUSE. This “One Face to the Customer” support model reduces complexity and lowers the total cost of ownership.
For more information, see SAP Note 1056161: SUSE Priority Support for SAP Applications (https://launchpad.support.sap.com/#/notes/1056161).
Modules and extensions have a different lifecycle than SLES for SAP and SUSE provides different support offerings for them:
Modules:
Lifecycle. Varies depending on the module.
Support. Only up-to-date packages are supported. Support is included with your subscription for SUSE Linux Enterprise Server for SAP Applications. You do not need an additional registration key.
Extensions
Lifecycle. Releases are usually coordinated with SUSE Linux Enterprise Server for SAP Applications.
Support. Support is available but not included with your subscription for SUSE Linux Enterprise Server for SAP Applications. You need an additional registration key.
Unsupported Extensions (SUSE Package Hub and SUSE Software Development Kit)
Lifecycle. Releases are usually coordinated with SUSE Linux Enterprise Server for SAP Applications.
Support. There is no support beyond fixes for security and packaging issues. You do not need an additional registration key.