Say Goodbye to Downtime for Your SAP Landscape on AWS

Monday, 7 November, 2022

Minimizing downtime and designing to withstand failure are among the top considerations when setting up mission critical SAP systems on AWS. An AWS Well-Architected design principle includes Reliability, that is used to discuss the availability of your solution. There are several design patterns that lower the chance of unplanned downtime thus limit the negative business consequences such as delayed production, loss of productivity, loss of revenue, or even loss of business reputation.

SUSE and AWS collaborate to provide AWS Well-Architected high availability solutions for SAP landscapes that follow Architecture guidance for availability and reliability of SAP on AWS:

  • Increase the availability and reliability of the infrastructure

Tremendous efforts have been made by AWS to eliminate single points of failure and increase the resilience of the cloud infrastructure. For example, EC2 Instance Recovery for protection against hardware failure within availability zone and designing for multi-AZs for protection against availability zone failure. However, the AWS reliability and availability features don’t guarantee application-level availability, thus 3rd party high availability solutions are needed to address the application and infrastructure layers.

  • Extensive monitoring

In many cases, a major outage is the result of cumulative minor issues. That’s why increasing insights into the SAP landscape, discovering minor issues, and remediating in a timely manner is critical for preventing a major outage.

AWS provides CloudWatch Application Insights to enable monitoring for your SAP HANA databases. It identifies and sets up key metrics, logs, and alarms across your application resources. It continuously monitors metrics and logs to detect and correlate anomalies and errors. When errors and anomalies are detected, Application Insights generates CloudWatch Events that you can use to set up notifications or take actions.

SUSE Project Trento, part of SLES for SAP Applications, discovers, monitors, and proactively fixes SAP system problems, especially in High Availability clusters, in AWS infrastructure. It provides powerful pre-go-live validation to avoid last minute surprise or even outage before putting the system into production. In day 2 operations it continuously monitors the production system and detects drifts that could lead to outage. Details can be found on Project Trento landing page.

    • Reliable automated failover

SUSE is the leader in high availability solutions for SAP, supporting automated failover of SAP HANA, S/4HANA and NetWeaver applications. In this blog we will discuss the HA scenarios in detail.

HA Solutions for SAP HANA on AWS

HANA System Replication (HSR) is a native HANA HA feature; however, its failover is not automated without the help of a 3rd party solution. SUSE has developed solutions to reliably identify the issue and start the failover in a timely manner.

Scenario Configuration Guide Note
HANA System Replication in Scale-Up Performance Optimized Automated deployment of SAP HANA on AWS with high availability STONITH mechanism: AWS EC2 STONITH

Virtual IP mechanism: Overlay IP Address Routing

Manual deployment of SAP HANA on AWS with high availability clusters; HA cluster configuration on SLES
SAP HANA Multi-Target System Replication Scale-Out – Performance Optimized SAPHanaSR-ScaleOut for Multi-Target Architecture and Principles HANA Scale-Out

Multi-Target System Replication

Replication modes: “sync” for a local replication and “async” for a synchronization to a DR site

Can configure the secondaries to follow such takeovers and to automatically re-register themself triggered by the new primary

 

HA Solutions for S/4HANA and NetWeaver on AWS

For SAP S/4HANA and NetWeaver, the HA solutions are based on ASCS/ERS enqueue replication.

Scenario Configuration Guide Note
ASCS/ERS Enqueue Replication in SAP S/4HANA or NetWeaver Automated deployment of SAP NetWeaver on AWS with high availability Two node cluster

ENSA1 supported

ENSA2 supported

STONITH mechanism: AWS EC2 STONITH

Virtual IP mechanism: Overlay IP Address Routing

Manual deployment of SAP NetWeaver on AWS with high availability clusters; HA cluster configuration for SLES

 

SAP HA-Interface Certification

SUSE’s HA solutions for ENSA1 and ENSA2 are both certified by SAP HA-Interface certification, that’s critical to prevent split-brain situation when performing maintenance to the SAP applications running in the cluster. The details and an example can be found in this blog. The certification tests of NW-HA-CLU_750 are conducted on Amazon EC2 instances, and special thanks to AWS for providing the infrastructure.

Enforce Security Compliance by Using Live Patching

Having no impact during patching is another critical high availability principal. SUSE provides Live Patching to both Linux Kernel and User Space. In User Space, upgrade key libraries such as glibc and OpenSSL requires reboot and these two are dependencies of SAP HANA. With Linux Kernel and User Space Live Patching, customers can avoid expensive reboot (for up to 1 year) to mission critical in-memory HANA databases.

SLES for SAP Applications

SLES for SAP Applications is the leading Linux platform for SAP HANA, SAP NetWeaver and SAP S/4HANA solutions and is endorsed by SAP. Two of the key components of SLES for SAP Applications are the High Availability Extension and resource agents. The High Availability Extension provides Pacemaker, an open-source cluster framework. The resource agents manage automated failover of SAP HANA System Replication, S/4HANA ASCS/ERS ENSA2, and NetWeaver ASCS/ERS ENSA1. On AWS marketplace, the PAYG image of SLES for SAP Applications includes Live Patching.

SUSE Premium Support Services

Premium Support Services is an optimization offering for those enterprises that want a direct relationship with named technical professionals, who provide in-depth and custom support services for business-critical production environments. The premium services team is backed by SUSE technical support, product management, and engineering. Since SUSE Premium Support engineers are also experts in HA solutions, the service is highly recommended to any SAP customers running HA solutions. The SUSE Premium Support Services is listed in the AWS Marketplace.

Conclusion

SUSE collaborates with AWS to support mission critical SAP customers, who can confidently realize the benefit of running mission-critical SAP workloads by building reliable and highly available systems in the AWS Cloud and safeguarding SAP landscape using SUSE’s Open-Source High Availability solutions.

To Learn More

SUSECon Session: Deploy a SUSE HANA Scale-up Cluster using AWS Launch Wizard for SAP [DEMO-1374]

SUSECon Session: Protecting workloads on AWS with SLE HA – A Deep dive

An AWS Webinar Double Header In November

Tuesday, 25 October, 2022

In 2022, Kubernetes is essential to a modern, transformed digital enterprise. However  many organizations and even system integrators find it complex to implement. The last thing an organization wants is to have a mission-critical application fail due to gaps in their enterprise Kubernetes Strategy.  Now that SUSE Rancher is directly available on AWS Marketplace – SUSE and AWS are going to devote a lot more energy to helping customers realize a Kubernetes Nirvana of sorts.

To that end, we are launching 2 webinars in November to help you consider this topic more holistically.

The webinar “How to Develop an Automated Enterprise Kubernetes Strategy” provides a high level overview of some of the key considerations for DevOps and a few ways AWS and SUSE aim to help.

This webinar will cover DevOps and CI/CD best practices including:
• Containers and environment management
• Continuous delivery or deployment
• Movement from Dev to Ops

By the end of the webinar, you’ll understand the key steps for implementing your very own automated DevOps strategy and powering your journey to the cloud and beyond.

The 2nd webinar is all about cost savings. “How to Save Up to 90% On Your Cloud Costs” will show you the AWS secret weapon known as Spot Instances that has saved our customers millions on their cloud workloads.

In this webinar AWS and SUSE experts will talk about:

  • What is AWS Spot Instances
  • How does the integration between Spot and Rancher Work?
  • How do you leverage Spot + Rancher to save up to 90% on your cloud costs?
  • Best ways to mitigate risk and achieve maximum savings

So register today and find out how you can take your container game to the next level with AWS and SUSE!

Rancher Container Management Now Available on AWS Marketplace

Monday, 26 September, 2022

In December 2020, SUSE acquired Rancher. Since then, those of us on the SUSE Amazon Web Services (AWS) team have been anxiously awaiting Rancher’s arrival on the AWS Marketplace. Rancher is the number one Kubernetes Orchestration solution on the market, with over 100 million downloads and able to stand up over a million containers at the touch of a button. It also includes multi-cluster Kubernetes Management everywhere, unified security, and Policy and User Management. You can now get it directly from the Marketplace! I mean, what’s not to like?

AWS is the world’s largest cloud platform, forever changing how engineers operate by making infrastructure available as a service. You can simplify and speed up procurement by procuring SUSE Rancher on the AWS Marketplace. Not only that, but you can also get Rancher in minutes and pay only for what you consume. By taking advantage of approved purchase routes, you can accelerate your time to market, benefit from flexible pricing (such as EDP draw-downs) and maintain complete control and governance.

Now onto some of the more technical details:

Rancher is open source, so technically, the product is free. What you are paying for is the expertise of the support engineers. With this new listing, you can buy Rancher’s support directly through the AWS marketplace. You can set up a supported Rancher environment – all self-service in minutes, without contacting SUSE. Support will be sold in one-year contracts, which are paid upfront.

Support contracts are sold in increments of 20 nodes, of any type, under management. The node price includes an entitlement to one Rancher Management Server instance per contract. You can add additional nodes to an existing agreement at any time by “modifying” the contract. Nodes managed by Rancher can exist in AWS or any other Kubernetes environment on other clouds or on-premise. The only component that must be on AWS is the Rancher Management Server.

In addition, we are launching a curated installer for AWS called “SUSE Rancher Setup.” This is the fastest way to deploy Rancher on AWS. The curated installer is not required to use our marketplace support listing, but we recommend it for the best possible experience.

Where do I get it? 

EU/UK listing: bit.ly/RancherEUAWS

Rest of the Worldbit.ly/RancherAWS

Lastly, here is the Rancher Set Up. It is a curated installer designed to make deploying a best practice, production-ready Rancher Manager to AWS easier. The best part? It’s free! You can access it here: https://aws.amazon.com/marketplace/pp/prodview-go7ent7goo5ae

Phew, I think that about covers it! I am super excited about this addition to our AWS Marketplace offerings and can’t wait to see what you will use your container applications for!

Major Milestone in SUSE+AWS Partnership

Thursday, 8 September, 2022

Today is a very very good day. Yep.

Because… we have big news! Huuuuuuge in fact! SUSE has signed a Strategic Collaboration Agreement (SCA) with AWS! The goal – help and accelerate our joint customer’s cloud migration journey!

This is a really big deal because – it details joint plans and investment areas that will help provide customers with migration assistance and ensures pain-free migration of their SAP landscape to AWS.  We are looking at: integrated go-to-market activities across sales and marketing, channel enablement and training, and dedicated personnel worldwide. And so much more!

Whether you are looking to lift and shift ECC to reduce costs, migrate to SAP S/4HANA, or innovate faster in the cloud, SUSE and AWS offers proven approaches backed by unmatched experience supporting SAP customers in the cloud. Get more flexibility and value out of your SAP investments with the world’s most secure, reliable, and extensive cloud infrastructure and the Linux OS trusted by over 30,000 customers worldwide. Together,  SUSE and AWS gives organizations an accelerated on-ramp to the cloud and options to migrate and run SAP in the way that best meets their unique needs.

Not surprisingly, my VP is stoked about this: “SUSE Linux Enterprise Server for SAP Applications is a leading operating system platform for SAP solutions on Linux, offering a reliable, manageable and highly available platform designed to minimize the time and effort to deploy SAP landscapes,” said Kelly Collins, global head of Cloud for SUSE. “By deepening our collaboration with AWS and their top Global Systems Integrators, we are making a promise to our customers that we are committed to supporting their most mission-critical workloads being migrated and modernized on AWS.”

Our customers love this too: Rob Bencks, vice president of IT at Harvey Building Products, said, “At Harvey Building Products, we value innovation and team collaboration to drive development and delivery of exceptional products and solutions. AWS and SUSE have innovated to help us refine our strategy for running our SAP enterprise resource planning (ERP) systems in a stable, scalable, secure cloud environment. We’re excited to see AWS and SUSE announce this Strategic Collaboration Agreement as they continue to expand their relationship and work to serve our enterprise even more effectively going forward.”

And our other partners too! Christian Wissmann, vice president of strategic alliances at Protera, said, “As a longstanding SUSE and AWS Partner Network (APN) member, this Strategic Collaboration Agreement enables an even stronger commitment to our clients, together providing innovative tools and strategies that help ensure an accelerated and secure modernization of mission-critical applications to the cloud.”

Let’s not forget AWS: Kathleen Curry, director of AWS Strategic Alliances, said, “This multi-year collaboration will facilitate stronger marketing and co-selling programs to complement our respective technologies. SUSE frequently leans in as an AWS collaborator, delivering SAP customers a seamless experience as they migrate operating systems from on-premises to AWS. Our work will help SAP customers modernize, shorten migration timelines, and accelerate time to value.”

Like I said, major milestone and lots of love all around! Now let’s go make more history! 😀

 

 

SUSE BYOS Images and the AWS Marketplace

Tuesday, 6 September, 2022

Recently we have had a run on Bring Your Own Subscription (BYOS) topics in the cloud, here is another.

After numerous inquiries on where SUSE BYOS images can be found and the follow on question, “Why are these images not on the AWS marketplace?”, SUSE is moving all AWS BYOS images onto the AWS marketplace proper. This means you can now find all SUSE BYOS images in the same place that you find SLES for SAP images.

The BYOS images that can now be found in the marketplace span: the SUSE Linux Enterprise Server family — versions 12 and 15, SUSE Linux Enterprise Server for SAP family — versions 12 and 15, SUSE Manager, SUSE Linux Enterprise High Performance Computing, as well as SUSE Rancher Setup (sets up an EKS cluster and installs free Rancher into it).

These images are used the same way as other marketplace images.

To use these images, login to the AWS UI and subscribe to the product just like you would for a paid image. No changes have been made to how the images work. The recent BLOG about BYOS instances and the hosted update infrastructure, covered in a January post by Robert Schweikert, is still valid. The only change is the use of the AWS marketplace infrastructure to acquire the desired image.

To find images, visit the AWS marketplace. BYOS images are tagged with the term at the end of the product title.

Alternatively, you can use pint.suse.com to find specific images. Pint operates the same as it did before the change in image location. (On the PINT UI, set the CSP to AWS and the search term to BYOS, all available images will be listed.)

Rancher 2.6.7 Delivers Kubernetes 1.24 and AWS Marketplace Support and RKE Encryption Key Rotation

Tuesday, 23 August, 2022

SUSE is happy to announce the latest release of Rancher, 2.6.7. In this release, we have added several new features:

  • Kubernetes 1.24 support
  • AWS Marketplace support
  • Azure Active Directory (Azure AD) with MSAL (Microsoft Authentication Library)
  • RKE2 Encryption Key Rotation

Our latest Kubernetes release addition means Rancher can now manage clusters with the newer capabilities offered by upstream Kubernetes 1.24. This applies to RKE, RKE2, and K3s distributions as well as any CNCF-certified Kubernetes you wish to manage through Rancher.

With our AWS Marketplace support, customers can now purchase support contracts for Rancher directly through the AWS marketplace. This means there are no additional procurement processes to go through if your organization already has a commercial relationship with AWS. This also allows customers to use their Enterprise Discount Program (EDP) spending commitments with AWS towards Rancher, which is helpful for large consumers of AWS products and services. Look for a detailed blog on this AWS Marketplace support to follow shortly.

Rancher’s support for integrating with Azure AD has been upgraded to use the new Microsoft Graph API (AKA MSAL). Microsoft is decommissioning the old API before the end of the year, and all users will need to switch to the newer standard. You can read more about this change and any steps you may need to take here.

RKE2 Encryption Key Rotation gives security-minded customers an easy way to increase their security posture. Rotating encryption keys are a best practice with many security standards and compliance frameworks, so this feature makes it easier to uplevel the security of your RKE2 clusters. Key rotation is another way that RKE2 continues to invest in increasing the security posture of Kubernetes for the enterprise.

Learn More and Try Rancher 2.6.7

Do you know that Rancher customers can join a quarterly Customer Advisory Board and share direct feedback with Product and Engineering leaders? Speak to your CSM or Account executive if you aren’t already signed up. We look forward to your feedback on this latest Rancher release!

Try out the latest Rancher release here

SUSE Rancher can manage AWS EC2 Spot Instance based Managed Node Groups with EC2 Auto Scaling

Tuesday, 28 June, 2022

SUSE Rancher & Amazon Web Services Spot Instance-based managed node groups for incredible savings and familiar management – a not-so-new game-changer from SUSE.

SUSE Rancher can manage AWS EC2 Spot Instance-based managed node groups with EC2 Autoscaling

AWS Spot-priced Instances have been around a while and boast a whopping 90% savings from comparable On-Demand instance consumption. The rub – while the instance is identical in every way to a standard On-Demand instance, or Reserved Instance, it may be terminated at any time by AWS as EC2 capacity requires. Spot is therefore best suited for distributed computing with ephemeral, scalable workloads.

Enter managed node groups. What better example to leverage Spot instance savings than with ephemeral workloads designed to withstand vanishing servers? While Kubernetes scales your application, managed node groups scale the underlying infrastructure as a service (IaaS.) EKS Managed Node Groups leverage AWS Autoscaling configuration to ensure that your required service level is maintained, despite Spot Instances disappearing on you.

This solution can be deployed directly from SUSE Rancher. You can leverage your familiar single pane of glass to save 90% from your workload cluster infrastructure by deploying your workload clusters using EC2 Spot Instances by simply selecting the “Spot” check box in the EC2 Cluster deployment workflow within Rancher.

SUSE advises the following configuration scenario: SUSE Rancher can first be deployed on its own management cluster or directly into Docker on SUSE Linux, into EKS, etc. At this point, leverage SUSE Rancher to deploy a small on-demand or reserved instance managed node group of 1 or 3 nodes to support the control plane with at least one worker node using standard instance types, rather than Spot. Additional reserved or on-demand instances should be deployed for mission-critical workloads that cannot tolerate a reduction in capacity. Determine your application’s low water mark and deploy this minimum node group accordingly. Finally, deploy one of more managed node groups using the Spot feature. Repeat this procedure by leveraging varying instance types and at varying bid pricing to minimize the risk surface to your application.

This final node group can account for most of your cluster, and here is why – We leverage different instance types with the same basic capacities. Example: If the requirement states 8GB Memory, 2vCPU, etc., then this can be accomplished using 2 or more different instance types launched with the Spot option, further decreasing the chances of losing too much of your cluster to an EC2 capacity event affecting a particular type. Larger sizes can be used, providing even more diversity because of course, you are saving up to 90%. The Autoscaling Group created from the Rancher User Interface ensures that EC2 will manage the cluster size.

Reference the SUSE Rancher official documentation or reach out to SUSE any time at aws@suse.com for more information on how to manage your EC2-based Kubernetes clusters.

References

EC2 Spot Instance best practices

Best Practices for SUSE Rancher Server

Auto Scaling with multiple instance types

A Magic Wand for Converting BYOS to PAYG on AWS

Monday, 20 June, 2022

What if you had a Magic Wand for AWS, one that helps with lift and shift migrations, minimizing time-intensive, error-prone manual processes by automatically replicating entire servers and converting your source servers from physical, virtual, or cloud infrastructure to run natively on AWS. Even better, you can do all this without having to make any changes to the applications, their architecture, or the migrated servers. Wouldn’t that be amazing? The good news is, such a magic wand exists – it’s called AWS MGN or AWS Application Migration Service. It was actually launched last year. AWS MGN reduces overall migration costs because there is no need to invest in multiple migration solutions, specialized cloud development, or application-specific skills. AWS MGN can be used to migrate any application from any source infrastructure that runs supported operating systems – truly magical, right? You can learn more about MGN from these 2 blogs here: How to Use MGN, Accelerating Your Migration with MGN.

So the magic wand isn’t new, what’s new is this latest update to MGN – a magic wand especially for SUSE customers! How does it work? Let me explain. Some of our customers are on AWS, but using SUSE provided subscriptions, this is called BYOS – or Bring Your Own Subscription. How this happened is usually – the customer is a long time SUSE client, they are reducing their own data center footprint (or eliminating it entirely) and moving to the cloud. Their subscriptions to SUSE Linux Enterprise Server (SLES for short) are still valid, so they’re like – lemme just keep on using these subscriptions. Now your subscription is up for renewal. And since you are already in the cloud, it just makes sense to get the SLES license directly from AWS, however, that does mean you have to reinstall, redeploy. Now if you have hundreds, or even thousands of server instances – this can be a daunting task. But now with the MGN SUSE update, presto-chango, you can convert to Pay As you Go (PAYG) on AWS easily – fully automated! Thanks – AWS! This is another June gift that our customers will surely appreciate. ?

Better, Cheaper, More Flexible – A Surprise Present from AWS + SUSE

Monday, 6 June, 2022

Hello, SUSE customers on AWS! I know my headline is modeled after (ahem, stolen from) the Olympics Motto, but it’s for a good cause! It’s to highlight some surprising changes coming your way. Just like the Olympics Motto – Faster, Higher, Stronger, SUSE and AWS are also always striving to do more for our joint customers, deliver more value, provide more solutions, offer better services. To that end, we are rolling out some great changes this month.

  1. Hello, AWS Savings Plan

Who doesn’t love a good savings plan – and AWS has some great ones with super benefits! One – you get great savings: significant cost savings (60, 70 percent compared to pay-as-you-go) if you commit to a consistent amount of usage. Two – Flexibility, you get similar savings to an RI, but you can change it up. New instance types? No problem! Three – Easy Button! I’m serious, it’s like a 1 step sign up process. They even calculate and recommend the hourly amount for you based on historical usage. Starting right now – you can get all this AWS Savings Plan goodness on SUSE Linux Enterprise Server through the EC2 console.

  1. Additional Savings 

In the same spirit of providing more for less, some of you will also see a change in price on your monthly bill, on the on-demand consumption side. Same great SLES software for less, and you didn’t have to lift a finger!

  1. Greener and Better for the Environment 

I’m sure you know that SUSE’s lucky color is Green. We also are ardent believers of providing a greener future for the next generation. SUSE is supporting the Graviton program at AWS – not only providing the best price performance, but also with much lower power consumption. Reducing power and decreasing cost are the main reasons Graviton is so good at delivering amazing price/performance ratios.  Want to learn more? There is a great SUSECON session on this very topic!

That’s a quick round up of our June surprise – now back to work – cooking up new “goodness” for all our customers on AWS!