Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / Guide / What Is SUSE Linux Enterprise Server for SAP Applications?
Applies to SUSE Linux Enterprise Server for SAP Applications 12 SP5

1 What Is SUSE Linux Enterprise Server for SAP Applications?

SUSE® Linux Enterprise Server for SAP Applications is a bundle of software and services that addresses the specific needs of SAP users. It is the only operating system that is optimized for all SAP software solutions.

Target use cases include:

  • Unix to Linux migrations and replatforming

  • SAP appliances

  • SAP cloud deployments

SUSE Linux Enterprise Server for SAP Applications consists of software components and service offerings which are described in the following sections. The figure Offerings of SUSE Linux Enterprise Server for SAP Applications shows which software components and services are also available with other products from SUSE (green) and which ones are exclusively available with SUSE Linux Enterprise Server for SAP Applications (blue).

Offerings of SUSE Linux Enterprise Server for SAP Applications
Figure 1.1: Offerings of SUSE Linux Enterprise Server for SAP Applications

1.1 Software Components

As depicted in Figure 1.1, “Offerings of SUSE Linux Enterprise Server for SAP Applications”, SUSE Linux Enterprise Server for SAP Applications is based on SUSE Linux Enterprise Server. Additionally, it contains software components such as SUSE Linux Enterprise High Availability, the kernel page-cache limit feature, and the installation workflow. These software components are briefly explained in the following sections.

1.1.1 SUSE Linux Enterprise Server

The current release is based on SUSE Linux Enterprise Server 12 SP5. SUSE Linux Enterprise Server is the most interoperable platform for mission-critical computing, both physical and virtual.

1.1.2 SUSE Linux Enterprise High Availability

This component consists of:

  • Flexible, policy-driven clustering

  • Cluster-aware file system and volume management

  • Continuous data replication

  • Setup and installation

  • Management and administration tools

  • Resource agents, also for SAP

  • Virtualization-aware

SUSE Linux Enterprise High Availability provides two resource agents specifically for working with SAP applications:

  • SAPInstance which allows starting and stopping instances of SAP products.

  • SAPDatabase which allows starting and stopping all databases supported by SAP applications (SAP HANA, SAP MaxDB, SAP ASE, Oracle, Sybase, IBM DB2).

For more information about SUSE Linux Enterprise High Availability, see the Administration Guide, available from https://documentation.suse.com/sle-ha-12. Additional White Papers and Best Practice Guides are available in the SUSE Linux Enterprise Server for SAP Applications Resource Library (https://www.suse.com/products/sles-for-sap/resource-library/).

1.1.3 Simplified SAP HANA System Replication Setup

SUSE Linux Enterprise Server for SAP Applications supports SAP HANA System Replication by using components of SUSE Linux Enterprise High Availability and two additional resource agents (RA). Additionally, SUSE Linux Enterprise Server for SAP Applications ships with a YaST wizard that simplifies the cluster setup.

1.1.3.1 SAPHana Resource Agent

This resource agent from SUSE supports scale-up scenarios by checking the SAP HANA database instances for whether a takeover needs to happen. Unlike with the pure SAP solution, takeovers can be automated.

It is configured as a parent/child resource: The parent assumes responsibility for the SAP HANA databases running in primary mode, whereas the child is responsible for instances that are operated in synchronous (secondary) status. In case of a takeover, the secondary (child resource instance) can automatically be promoted to become the new primary (parent resource instance).

This resource agent supports system replication for the following in scale-up scenarios:

  • Performance-Optimized Scenario.  Two servers (A and B) in the same SUSE Linux Enterprise High Availability cluster, one primary (A) and one secondary (B). The SAP HANA instance from the primary server (A) is replicated synchronously to the secondary server (B).

  • Cost-Optimized Scenario.  The basic setup of A and B is the same as in the Performance-Optimized Scenario. However, the secondary server (B) is also used for non-productive purposes, such as for an additional SAP HANA database for development or QA. The production database is only kept on permanent memory, such as a hard disk. If a takeover needs to occur, the non-productive server will be stopped before the takeover is processed. The system resources for the productive database are then increased as quickly as possible via an SAP hook call-out script.

  • Chain/Multi-Tier Scenario.  Three servers (A, B, and C), of which two are located in the same SUSE Linux Enterprise High Availability cluster (A and B). The third server (C) is located externally. The SAP HANA system on the primary server (A) is replicated synchronously to the secondary server (B). The secondary server (B) is replicated asynchronously to the external server (C).

    If a takeover from A to B occurs, the connection between B and C remains untouched. However, B is not allowed to be the source for two servers (A and C). This would be a star topology which is not supported with current SAP HANA versions (such as SPS11).

    Using SAP HANA commands, you can then manually decide what to do:

    • The connection between B and C can be broken, so that B can connect to A.

    • If replication to the external site (C) is more important than local system replication, the connection between B and C can be kept.

For all of the scenarios, SUSE Linux Enterprise Server for SAP Applications supports both single-tenant and multi-tenant (MDC) SAP HANA databases. That is, you can use SAP HANA databases that serve multiple SAP applications.

1.1.3.2 SAPHanaTopology Resource Agent

To make configuring the cluster as simple as possible, SUSE has developed the SAPHanaTopology resource agent. This agent runs on all nodes of a SUSE Linux Enterprise High Availability cluster. It gathers information about the status and configurations of SAP HANA system replications. It is designed as a normal (stateless) clone.

1.1.3.3 YaST Wizard to Set Up SAP HANA Clusters

SUSE Linux Enterprise Server for SAP Applications now additionally ships a YaST wizard that manages the initial setup of such clusters according to best practices. The wizard is part of the package yast2-sap-ha and can be started using YaST, via HA Setup for SAP Products.

For more information, see Chapter 6, Setting Up an SAP HANA Cluster.

1.1.3.4 For More Information

For more information, see:

1.1.4 Installation Workflow

The installation workflow offers a guided installation path for both the SUSE Linux Enterprise Server operating system and the SAP application. For more information, see Section 2.5, “Overview of the Installation Workflow”.

Additionally, the installation workflow can be extended by third-party vendors or customers using Supplementary Media. For more information about creating Supplementary Media, see Appendix C, Supplementary Media.

1.1.5 Page-Cache Limit

You can limit the kernel file system cache size to influence swapping behavior. With this feature, you can often gain better performance by allocating memory to an application.

1.1.6 Malware Protection with ClamSAP

ClamSAP integrates the ClamAV anti-malware toolkit into SAP NetWeaver and SAP Mobile Platform applications to enable cross-platform threat detection. For example, you can use ClamSAP to allow an SAP application to scan for malicious uploads in HTTP uploads.

For more information, see Chapter 11, Protecting Against Malware With ClamSAP.

1.1.7 SAP HANA Security

SUSE Linux Enterprise Server for SAP Applications contains additional features to help set up well-secured SAP HANA installations.

1.1.7.1 Firewall for SAP HANA

Securing SAP HANA can require many additional firewall rules. To simplify firewall setups for SAP HANA, SUSE Linux Enterprise Server for SAP Applications contains the package HANA-Firewall. It provides preconfigured rules and integrates with SuSEfirewall2.

For more information, see Section 9.2, “Configuring HANA-Firewall”.

1.1.7.2 Hardening Guide for SAP HANA

For information on hardening the underlying operating system, see the SUSE Linux Enterprise Server for SAP Applications resource library: https://www.suse.com/products/sles-for-sap/resource-library/. There, find the document OS Security Hardening for SAP HANA.

1.1.8 Simplified Operations Management

SUSE Linux Enterprise Server for SAP Applications combines several features that enable simplified operations management.

1.1.8.1 System Tuning with sapconf

The system tuning application sapconf allows you to automatically and comprehensively tune your system as recommended by SAP for use with SAP S/4HANA, SAP NetWeaver, or SAP HANA/SAP BusinessOne. This allow tuning several kernel parameters, depending on the hardware components you are using, such as the amount of available RAM.

For more information, see Chapter 7, Tuning systems with sapconf5.

1.1.8.2 Storage Encryption for Hosted Applications with cryptctl

Today, databases and similar applications are often hosted on external servers that are serviced by third-party staff. Certain data center maintenance tasks require third-party staff to directly access affected systems. In such cases, privacy requirements necessitate disk encryption.

cryptctl allows encrypting sensitive directories using LUKS and offers the following additional features:

  • Encryption keys are located on a central server which can be located on customer premises.

  • Encrypted partitions are automatically remounted after an unplanned reboot.

For more information, see Chapter 10, Encrypting Directories Using cryptctl.

1.1.8.3 Patterns Providing Dependencies of SAP Applications

To simplify working with software dependencies of SAP applications, SUSE has created patterns that combine relevant dependency RPM packages for specific applications:

  • SAP BusinessOne Server Base

  • SAP HANA Server Base

  • SAP NetWeaver Server Base

Important
Important: Packages May Be Missing from Patterns

The selection of packages of the software patterns are defined while a specific release (Service Pack or major version) of SUSE Linux Enterprise Server for SAP Applications is developed. This package selection is stable over the lifetime of this particular release. When working with SAP applications that have been released more recently than your SUSE Linux Enterprise Server for SAP Applications version, dependencies can be missing from the patterns.

For definitive information about the dependencies of your SAP application, see the documentation provided to you by SAP.

1.1.8.4 ClusterTools2

ClusterTools2 provides tools that help set up and manage a Corosync/pacemaker cluster. Among them are the command wow which helps create highly available system resources, and ClusterService which allows managing a cluster.

Additionally, ClusterTools2 provides scripts that automate common cluster tasks:

  • Scripts that perform checks. For example, to find out whether a system is set up correctly for creating a pacemaker cluster.

  • Scripts that simplify configuration. For example, to create a Corosync configuration.

  • Scripts that monitor the system and scripts that show or collect system information. For example, to find known error patterns in log files.

For more information, see the man page of the respective tool, included with the package ClusterTools2. Also see the project home page at https://github.com/fmherschel/ClusterTools2.

1.2 Software Repository Setup

Software included with operating systems based on SUSE Linux Enterprise is delivered as RPM packages, a form of installation package that can have dependencies on other packages. On a server or an installation medium, these packages are stored in software repositories (sometimes also called channels).

By default, computers running SUSE Linux Enterprise Server for SAP Applications are set up to receive packages from multiple repositories. Of each of the standard repositories, there is a Pool variant that represents the state of the software when it was first shipped. There is also an Update variant that includes the newest maintenance updates for the software in the Pool variant.

If you registered your system during installation, your repository setup should include the following:

Table 1.1: Standard Repositories

Content

Base repository (Pool)

Update repository

Base packages of SUSE Linux Enterprise Server

SLES12-SPSP5-Pool

SLES12-SPSP5-Updates

Packages specific to SUSE Linux Enterprise Server for SAP Applications

SLE12-SPSP5-SAP-Pool

SLE-12-SPSP5-SAP-Updates

Packages specific to SUSE Linux Enterprise High Availability

SLE-HA12-SPSP5-Pool

SLE-HA12-SPSP5-Updates

The tables in this section do not show Debuginfo and Source repositories which are also set up but disabled by default. The Debuginfo repositories contain packages that can be used for debugging regular packages. The Source repositories contain source code for packages.

Depending on your installation method, you may also see SLE-12-SPSP5-SAP-12.SP5-0 which is the installation medium. It contains packages from all of the base software repositories listed above.

Because there are own repositories for SUSE Linux Enterprise Server for SAP Applications, SUSE can ship packages and patches that are specific to SUSE Linux Enterprise Server for SAP Applications.

Note
Note: ESPOS Updates Shipped Directly in Update Repositories

Unlike in SUSE Linux Enterprise Server for SAP Applications 11, updates related to Extended Service Pack Overlay Support (ESPOS) are shipped directly from the Update repositories. This means there is no separate ESPOS repository to set up.

In addition to the standard repositories, you can enable the following SLE Modules and SLE Extensions (either during the installation or from the running system by using YaST or the command SUSEConnect).

Table 1.2: Module Repositories

Content

Base repository (Pool)

Update repository

Advanced Systems Management Module: CFEngine, Puppet and the Machinery tool

SLE-Module-Adv-Systems-Management12-Pool

SLE-Module-Adv-Systems-Management12-Updates

Containers Module: Docker, tools, prepackaged images

SLE-Module-Containers12-Pool

SLE-Module-Containers12-Updates

HPC Module: tools and libraries related to High Performance Computing

SLE-Module-HPC12-Pool

SLE-Module-HPC12-Updates

Legacy Module: Sendmail, old IMAP stack, old Java, …

SLE-Module-Legacy12-Pool

SLE-Module-Legacy12-Updates

Public Cloud Module: public cloud initialization code and tools

SLE-Module-Public-Cloud12-Pool

SLE-Module-Public-Cloud12-Updates

Toolchain Module: GNU Compiler Collection (GCC)

SLE-Module-Toolchain12-Pool

SLE-Module-Toolchain12-Updates

Web and Scripting Module: PHP, Python, Ruby on Rails

SLE-Module-Web-Scripting12-Pool

SLE-Module-Web-Scripting12-Updates

Table 1.3: Extension Repositories

Content

Base repository (Pool)

Update repository

SLE SDK

SLE-SDK12-SPSP5-Pool

SLE-SDK12-SPSP5-Updates

SUSE Package Hub

SUSE-PackageHub-12-SPSP5-Pool

SUSE-PackageHub-12-SPSP5-Updates

For more information about SUSE Package Hub, see Section A.3, “SUSE Package Hub”. For information about life cycle and support of modules and extensions, see Section 1.3, “Included Services”.

1.3 Included Services

Extended Service Pack Overlap Support (ESPOS)

Subscriptions for SUSE Linux Enterprise Server for SAP Applications include Extended Service Pack Overlap Support (ESPOS). It extends the overlap between the support periods of two consecutive service packs by three years. During this period, you receive support and all relevant maintenance updates under the terms of Long Term Service Pack Support (LTSS).

Extended Service Pack Overlap Support allows you to perform service pack migrations within three and a half years instead of only six months. This enables you to schedule migrations more easily and perform testing before a migration under less restrictive time constraints. At an additional cost, SUSE also offers LTSS. With LTSS, you receive support for a particular service pack after the ESPOS period ends. SUSE Linux Enterprise Server for SAP Applications includes one and a half years of general support and three years of ESPOS for each service pack.

The last service pack in each SLE family does not have ESPOS. Instead of ESPOS, it includes a longer general support period. Because of that, LTSS is available only for the last service pack. All other service packs already include three years of ESPOS, which equals LTSS.

For more information, refer to the following resources:

SUSE Linux Enterprise Server Priority Support for SAP Applications

Subscriptions for SUSE Linux Enterprise Server for SAP Applications include SUSE Linux Enterprise Server Priority Support for SAP Applications. It offers technical support for SUSE Linux Enterprise Server for SAP Applications directly from SAP. The joint support infrastructure is provided by support engineers from SUSE Technical Support and SAP. It is based upon SAP Resolve and offers seamless communication with both SAP and SUSE. This One Face to the Customer support model reduces complexity and lowers the total cost of ownership.

For more information, see SAP Note 1056161: SUSE Priority Support for SAP Applications (https://launchpad.support.sap.com/#/notes/1056161).

Important
Important: Lifecycle and Support for Modules and Extensions

Modules and extensions have a different lifecycle than SLES for SAP and SUSE provides different support offerings for them:

  • Modules:

    • Lifecycle.  Varies depending on the module.

    • Support.  Only up-to-date packages are supported. Support is included with your subscription for SUSE Linux Enterprise Server for SAP Applications. You do not need an additional registration key.

  • Extensions

    • Lifecycle.  Releases are usually coordinated with SUSE Linux Enterprise Server for SAP Applications.

    • Support.  Support is available but not included with your subscription for SUSE Linux Enterprise Server for SAP Applications. You need an additional registration key.

  • Unsupported Extensions (SUSE Package Hub and SUSE Software Development Kit)

    • Lifecycle.  Releases are usually coordinated with SUSE Linux Enterprise Server for SAP Applications.

    • Support.  There is no support beyond fixes for security and packaging issues. You do not need an additional registration key.