Are you curious about cloud computing or composition but haven’t gotten around to trying it? This step-by-step blog guides you through the setup of a complete SAP NetWeaver Composition Environment trial installation in the cloud. Following the instructions, you’ll get both a CE system on the internet and valuable first-hand experience with cloud computing.
In this three-part webblog series, we will setup our own server in the cloud and install and configure SAP NetWeaver Composition Environment CE 7.1 EHP 1 on it.
- Part 1 introduces you to Amazon Web Services and guides you through setting up your first server in the cloud.
- Composition in the Cloud: Run your own SAP NetWeaver CE 7.1 EHP 1 in the cloud (Part 2 of 3) guides you through the configuration of the server at operating system level.
- Composition in the Cloud: Run your own SAP NetWeaver CE 7.1 EHP 1 in the cloud (Part 3 of 3) is about installing SAP NetWeaver Composition Environment and about adding the final touches to get a usable system.
Our CE in the cloud will have the following features:
- Runs on the internet – accessible from anywhere
- Desktop access via Remote Desktop Connection
- Virtual servers can be copied, shared, backed up and restored within minutes
Basic concepts and motivation
There are many usages of the term “cloud computing” and the following working definition is probably not the best. However, let us say it means that you run software without running a server. Instead of setting up a physical server and running your software on it, your software runs… elsewhere. It might as well be located in a cloud in the sky. If that sounds vague, it does so with full intent, because the very point of computing in the cloud is that you must no longer worry about the physical details of the server(s) running your software and where they are located. A provider company operates the servers for you.
Typically, your resources in the cloud are highly scalable and you pay according to usage. This means that you save money when you’re not using the resources, but you can also have three hundred new servers up and running within fifteen minutes if need be. The simplicity and speed with which resources are available are truly awesome. Setting up a dozen new high-performance servers is as quick and easy as filling out an absence form (but without the approval step).
Another aspect is that sharing the physical resources your software runs on with many other users is not only cost-efficient (because of scaling effects), but also highly energy-efficient. Any enterprise thinking green should consider cloud computing as a climate-friendly time-sharing model for their server farms.
Here’s the Wikipedia entry on Cloud computing: http://en.wikipedia.org/wiki/Cloud_computing
What you will use during this blog
You can as well go ahead and download and install some of this software
- An SCN user id (sign up at http://www.sdn.sap.com/ and tell them I sent you) to download the CE 7.1.1 trial version
- The CE 7.1.1 trial version (download it from http://www.sdn.sap.com/irj/scn/downloads?rid=/library/uuid/00846edd-355b-2b10-f38c-df94ec96eb74)
- Composition Environment (contains Java EE) (1.8 GB) – this is the server that you will install in the cloud
- SAP NetWeaver Developer Studio (856 MB) – this is the Eclipse-based IDE that you install locally
- Be sure to read the Composition Environment Preview How To’s at http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/00d9a54e-d69e-2b10-68b8-fb932d9bf586
- The Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0 (download from http://java.sun.com/javase/downloads/index_jdk5.jsp)
- A current Java Runtime Environment (download it from http://java.sun.com/javase/downloads/?intcmp=1281)
- A license key for the CE trial version (get it at http://www.sap.com/minisap)
- An Amazon account (get it at http://www.amazon.com/) to use the AWS services
- 7-Zip (download it from http://www.7-zip.org/download.html) to extract the RAR archive of the CE trial
- Firefox 3.5.2 or similar (download it from http://www.firefox.com/)
- S3 Firefox Organizer Add-on (S3Fox) to manage virtual directories in the cloud (download it from http://www.s3fox.net/)
- Remote Desktop Connection to access the Desktop of your virtual server
- Start > Programs > Accessories > Remote Desktop Connection
- If you don’t have it, you can download it from http://www.microsoft.com/downloads/details.aspx?FamilyID=80111F21-D48D-426E-96C2-08AA2BD23A49)
- A Mac version is available at http://www.microsoft.com/mac/products/remote-desktop/default.mspx)
- A DynDNS account (get it at http://www.dyndns.org/) for a stable hostname in spite of dynamic IP addresses)
- DynDNS Updater for Windows (download it from http://cdn.dyndns.com/windows/DynUpSetup.exe) to update the IP address associated with your hostname automatically
This blog contains a lot of material that is already in those two other blogs. I did this because I wanted a document that is more or less complete in itself, so I hope you don’t mind the overlaps with the following excellent weblogs. Without these, I never would have found my way through Amazon Web Services.
Fellow SCN Blogger Martin English gives a great step-by-step guide for installing a full-blown IDES system on AWS EC2:
Dave Winer gives a Hello-World-style introduction to AWS in his “EC2 for Poets” blog:
Chris Carter hosted a Webinar about SAP in the Cloud. This sparked my interest so strongly that I had to go and try it out.
If you find anything in my blog unclear, I recommend you to check the above blogs for a better explanation.
Sign up to Amazon AWS
If you already have an Amazon account, you can use it and add the EC2 and S3 “facets” to it. Or you can go to http://aws.amazon.com/ and sign up for a new account if you want to separate your shopping from your computing.
Creating a new Amazon Web Services account is self-explanatory.
Get the access key and secret access key
Once you have created your account and received the confirmation mail, go to https://aws-portal.amazon.com/gp/aws/developer/account/index.html?ie=UTF8&action=access-key and get your access identifiers. These are the credentials you need to access and administrate your servers in the cloud.
The access key is like a username. It’s not secret and you use it to identifiy yourself.
The Secret Access Key is like a password, but it is never sent over the network. Instead, you (or the client software you use) use it to digitally sign some of the requests you send to AWS in order to authenticate the request.
Copy and paste both to a local file and don’t lose them.
You can ignore the X.509 certificates for now.
Sign up for EC2 and S3
The AWS account is not enough – now you need an EC2 account. EC2 (Elastic Compute Cloud) is a sub-product of AWS: It’s the actual cloud computing service that allows you to run virtual servers.
S3 (Simple Storage Service) is another sub-product: It’s a storage service that allows you to store data and retrieve it. When working with EC2, you need S3 because you’re going to store server images, virtual hard disks, and snapshots of hard disks.
An easy way to sign up for EC2 and S3 is to follow this link: https://aws-portal.amazon.com/gp/aws/developer/subscription/index.html?ie=UTF8&productCode=AmazonEC2
Here you can enter your credit card data so that Amazon EC2 knows how to bill you.
The EC2 signup page will also give you a pricing overview. As I’m writing this, some examples prices are:
- $0.125 per Small Windows Instance (m1.small) instance-hour (or partial hour)
- $0.50 per Large Windows Instance (m1.large) instance-hour (or partial hour)
- $0.30 per High-CPU Medium Windows Instance (c1.medium) instance-hour (or partial hour)
- $0.100 per GB Internet Data Transfer – all data transfer into Amazon EC2
- $0.170 per GB Internet Data Transfer – first 10 TB / month data transfer out of Amazon EC2
S3 Storage prices are available at http://aws.amazon.com/s3/#pricing. Current examples:
- $0.150 per GB – first 50 TB / month of storage used
- $0.140 per GB – next 50 TB / month of storage used
- $0.130 per GB – next 400 TB /month of storage used
License fees for the installed software such as Windows Server 2003, Microsoft SQL Server, Oracle DB, are included.
Amazon AWS terminology
Before starting the Management Console, we should learn some of the concepts and terminology of Amazon AWS, EC2 and S3, because otherwise we will feel quite lost.
An Instance is a currently running virtual server. It comes to life by launching it and ends when you terminate it. A terminated instance cannot be revived or saved – in fact there’s nothing at all you can do with a terminated instance. An instance is just one run of a server image, so to speak.
Running instances can be bundled, which means that a reusable server image is made from the current state of the instance. Bundling is in fact the only way of persisting changed made you an instance – the result can either be a new AMI or an existing AMI can be overwritten.
An AMI is a sleeping server image. You create an AMI by bundling an instance. The AMI can be brought to life by launching an instance from it. Anything that happens to the instance after launch has no effect on the AMI, which rests silently and waits for the next instance to be launched from it.
AMIs have a visibility (public or private). You can publish your server images to the world by making them public, or you can release them to individual users by maintaining an ACL (access control list).
When you give order to bundle a running instance, a bundle task is started. The bundle task creates a copy of your instance which you can use to create an AMI. This is how you persist changes made to an instance: bundle it while it’s running and create an AMI (possibly overwriting the old one) from the bundle task.
Volumes and Snapshots
Volumes are virtual hard disks that can be attached to running instances and detached from them. They are reusable and can be attached to many different instances, but only to one at a time. Volumes are persistent – the changes made to them are not lost when you terminate an instance. Volumes are completely ignored when an instance is bundled. The best way to think of a volume is probably as a very fast USB hard drive that can be quickly plugged and unplugged easily.
You can make snapshots from volumes – this is how you backup data – and create new volumes from snapshots – this is how you restore backups.
A bucket is a storage location provided by the S3 Storage Service. It is basically a folder which belongs to you and which you can use to store AMIs, Volumes, and Snapshots. Each bucket is located in a region (US or EU). Only the buckets located in the same region that is currently chosen in the AWS Console region settings can be used to store and retrieve data. Be careful not to create your bucket in the wrong region.
Region and Availability Zone
Amazon AWS has several data centers. These are called regions. The most obvious differentiation is between “US-East” and “EU-West”, which have slightly different price lists. Further, US-East and EU-West consist of a number of availability zones such as “us-east-1a”, “us-east-1b”, “us-east-1c”, and so on. It’s important to notice in which region and sub-region you are working because transferring data between regions is always expensive and sometimes impossible.
For example, a volume can only be attached to an instance running in the same region where the volume resides. If you launch an instance, make sure you launch it in the right region because otherwise there will be no way to attach your volume to it.
A security group is a set of firewall rules. By default, all ports of an instance are blocked so it cannot be accessed from the internet. By adding unblocked ports to a security group and associating that security group with your instance upon launch, you can the instance accessible from the internet.
The most important service to be unblocked is Remote Desktop Connection (RDP), which you use to log on to the instance’s desktop.
Start the EC2 Management Console
You start the console at https://console.aws.amazon.com/ec2/home. This is where you perform most administrative work concerning your server images.
Launch your first instance
Just for fun, let’s launch an instance. We’ll launch a plain vanilla Windows server.
Click on “Instances”, then “Launch Instance”. Select the “Basic Microsoft Windows Server 2003” AMI.
On the next screen, create a key pair. I call mine “thorstensterkey”. Please download the PEM file and store it in a secure location.
On the next screen, “Configure Firewall”, create a security group (these are firewall settings). I call mine “basicgroup” and include the Windows Remote Desktop Connection as suggested.
On the following “Launch” screen, set the value of “Number of Instances” to “1”, select instance type “Medium”, and click on “Show Advanced Options” to expand that section. Select availability zone “us-east-1a” and make it a habit to check the availability zones, because it is terribly annoying to find out that you cannot attach a volume to your running instance because you launched it in the wrong availability zone.
You have just reduced the process of acquiring a physical server and installing and licensing Windows Server on it to fewer mouse clicks than it probably takes you to fill out a purchase requisition form in your company.
After a few (let’s say, ten) minutes, the new instance is up and running.
Connect to your instance
You cannot connect to your instance immediately because of a security mechanism. When a new instance is launched, the Administrator account is given a random password. You can retrieve the encrypted random password and decrypt it by using the content of the PEM file you downloaded earlier (in my case “thorstensterkey.pem”) as your private key.
So when the instance’s status is “running”, right-click it and select “Get Default Administrator Password” from the context menu. It may take a few minutes for the password to be available.
While you’re waiting, locate your PEM file, open it with an editor, and copy its contents into your clipboard.
Paste the private key into the corresponding form field and click on “Decrypt Password”.
Copy and paste the resulting decrypted password (in my case “7XIVCBVXA7h”) into an editor window before closing the window. You will need it to log on and it’s probably not easy to remember.
Now we’re finally ready to connect! Select your running instance and click on “Connect”. Follow the instructions to establish a Remote Desktop Connection, then enter the decrypted password you just copied to an editor window (sadly, you can’t paste it into the password field).
That’s it, you’re in!
Composition in the Cloud: Run your own SAP NetWeaver CE 7.1 EHP 1 in the cloud (Part 2 of 3), we will configure the instance and operating system level and prepare everything for the installation of SAP NetWeaver Composition Environment.