Recently, we had a requirement to deploy HANA and an XSA Application as part of a Proof of Concept for a client that wanted this set of infrastructure - disconnected from the internet.
Usually our showcases are easy, but getting the infrastructure to build and support this, lead to some challenges - the end requirement of the client was to have us provide a VMWare Vsphere environment to plug and play our technology and then use the environment within their disconnected network.
Searching on internal infrastructure, I couldn't locate a virtual Machine (VM) capability to create a 256Gb HANA instance (or on any of our small laptops).
So looking at the cloud offerings in this space, we usually use a Amazon subset at SAP (cal.sap.com) for our standard deployments. But this isn't exportable to a client environment.
Digging deeper, and obtaining an SAP Amazon account, then provided me with the best of both capabilities. The following is the steps I went through to get get it all working. There was some hurdles along the way, so hopefully the steps below help others in the same situation.
To be able to export the Amazon images as VMs - the image needs to be imported originally from a VM image!
Once, you are aware of this, it's relatively straight forward. I used VMWare in the example below.
1. Create a VM image. I used vmware player to create a VM from an "SAP SUSE 12SP3 iso" file. Any size (CPU / Memory / Disk) will do, although I also loaded all the media required to install HANA and the other technologies for the client
2. Save the VM as an OVA:
C:\Program Files (x86)\VMware\VMware Player\OVFTool>ovftool -tt=ova "c:\Users\Documents\Virtual Machines\SUSE Linux Enterprise 12 64-bit\SUSE Linux Enterprise 12 64-bit.vmx" "c:\Users\Documents\Virtual Machines\SUSE12SP2.ova"
3. Setup the AWS connection to upload the file
Using the AWS command line tools, once initially configured, are easy to move and interact with Amazon infrastructure.
aws configure
Provide your access code, key and region.
Create the role:
trust-policy.json:
Add the role policy:
Usually our showcases are easy, but getting the infrastructure to build and support this, lead to some challenges - the end requirement of the client was to have us provide a VMWare Vsphere environment to plug and play our technology and then use the environment within their disconnected network.
Searching on internal infrastructure, I couldn't locate a virtual Machine (VM) capability to create a 256Gb HANA instance (or on any of our small laptops).
So looking at the cloud offerings in this space, we usually use a Amazon subset at SAP (cal.sap.com) for our standard deployments. But this isn't exportable to a client environment.
Digging deeper, and obtaining an SAP Amazon account, then provided me with the best of both capabilities. The following is the steps I went through to get get it all working. There was some hurdles along the way, so hopefully the steps below help others in the same situation.
To be able to export the Amazon images as VMs - the image needs to be imported originally from a VM image!
Once, you are aware of this, it's relatively straight forward. I used VMWare in the example below.
1. Create a VM image. I used vmware player to create a VM from an "SAP SUSE 12SP3 iso" file. Any size (CPU / Memory / Disk) will do, although I also loaded all the media required to install HANA and the other technologies for the client
2. Save the VM as an OVA:
C:\Program Files (x86)\VMware\VMware Player\OVFTool>ovftool -tt=ova "c:\Users\Documents\Virtual Machines\SUSE Linux Enterprise 12 64-bit\SUSE Linux Enterprise 12 64-bit.vmx" "c:\Users\Documents\Virtual Machines\SUSE12SP2.ova"
3. Setup the AWS connection to upload the file
Using the AWS command line tools, once initially configured, are easy to move and interact with Amazon infrastructure.
aws configure
Provide your access code, key and region.
Create the role:
aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
trust-policy.json:
Add the role policy:
aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json
4. Then import the OVA image into AWS S3
Viewing the image import process:
aws ec2 describe-import-image-tasks
5. Now you have the AWS E2 image ready to startup. Pick the size (r8.xlarge in my case) and start it up and install the SAP components as needed)
6. We also required a bunch of external python libraries, so we need to apply these before exporting the image (unless you wanted to do this manually later). Since we don't have access to the ISO anymore, we utilised the leap distribution to provide the extra components:
Remove all the current repositories:
zypper rr 1-x
zypper addrepo http://download.opensuse.org/distribution/leap/42.3/repo/oss/ leap:42.3
zypper update
zypper install <required component>
7. Once the image is completed and working, export the instance from EC2 to S3:
C:\Users>aws ec2 create-instance-export-task --instance-id i-xxxxxxxxxx --target-environmen vmware --export-to-s3-task DiskImageFormat=vmdk,ContainerFormat=ova,S3Bucket=bucket-name,S3Prefix=exp-
Monitor Export:
aws ec2 describe-export-tasks --export-task-ids export-i-xxxxxxxxxx
Stop the export (you can't do this after a certain point in the export):
aws ec2 cancel-export-task --export-task-id export-i-xxxxxxxxxx
The export can be 30GB - 500GB+ depending on how much data you have loaded.
Warning : This step took 48 hours to do in my case Amazon doesn't provide any "updates" on how long it is going to take or % progress.
8. Copy the S3 OVA back to the laptop / network.
I would recommend S3browser which also allows file splitting and parallel downloads (just make sure the target disk has enough space to cater for the download and then the merging of the split files) - and obviously a decent download network!
9. Copy the OVA over to the disconnected network via whatever medium is appropriate.
Hope this also helps others, who may need to work in a disconnected environment!
- SAP Managed Tags:
