Skip to Content
Technical Articles

Monitoring of ABAP System on AWS Using CloudWatch – Part II

This is in continuation of my previous blog post Monitoring of ABAP System on AWS Using CloudWatch – Part I

4. DEPLOYMENT OF LAMBDA FUNCTION

4.1 Using Serverless Application Repository

Go to Serverless Application Repository from AWS Console and then go to Available applications → Public Applications and search for sap-monitor

Fill out all the required details for the connectivity to the SAP system which has following

  • Application Name: This is the stack name of the application created via AWS Cloud Formation
  • SAPSIDParameter: SAP System ID
  • LayerVersionParameter: need to provide sapjco Lambda Layer Version
  • SecurityGroupParameter: Need to provide Security Group IDs which needs to be assigned to the Lambda Function
  • SubnetParameter: Need to provide Subnet IDs which will provide Internal IP address for the Lambda execution
  • SAPClientParameter: Need to Provide Client Number of SAP
  • SAPHostParameter: Need to provide hostname/IP-Address of Primary Application Server
  • SAPInstanceIDParameter: Need to provide the SAP Instance Number
  • SAPRFC0UserParameter: Need to provide RFC User for Lambda Function
  • SAPRFC1PasswordParameter: Need to provide the password the RFC user
  • ScheduleParameter: This will schedule /SDF/MON job automatically into the system

This will start the deployment at AWS Cloud formation of the Lambda functions with the parameters provided

Below screen will appear when the deployment gets finished

We can see the deployed Lambda function in AWS Console.

4.2 Using AWS CloudFormation

It could happen that the application in Serverless Application Repository is not available for some of the regions then in that case we can also use AWS Cloud Formation template to deploy the same

Go to AWS Cloud Formation from the AWS console → Go to Create Stack and then click on With new resources (standard)

Manually upload the below Cloud Formation template

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: SAP NetWeaver ABAP Monitoring sap-monitor-<SID>
Globals:
  Function:
    Timeout: 60
Metadata:
  AWS::ServerlessRepo::Application:
    Name: sap-monitor
    Description: Amazon CloudWatch Monitoring for SAP NetWeaver ABAP-based environments.
    Author: mtoerpe
    SpdxLicenseId: Apache-2.0
    LicenseUrl: s3://sap-monitor/34400b68072d710fecd0a2940a0d1658
    ReadmeUrl: s3://sap-monitor/cb03873fab47b4d2e631b2ecfdd66ff3
    Labels:
    - sap
    - netweaver
    - monitoring
    - cloudwatch
    HomePageUrl: https://github.com/aws-samples/amazon-cloudwatch-monitor-for-sap-netweaver
    SemanticVersion: 1.0.5
    SourceCodeUrl: https://github.com/aws-samples/amazon-cloudwatch-monitor-for-sap-netweaver
  AWS::CloudFormation::Interface:
    ParameterGroups:
    - Label:
        default: Network Configuration
      Parameters:
      - SubnetParameter
      - SecurityGroupParameter
    - Label:
        default: SAP Configuration
      Parameters:
      - SAPSIDParameter
      - SAPHostParameter
      - SAPInstanceIDParameter
      - SAPClientParameter
      - SAPRFC0UserParameter
      - SAPRFC1PasswordParameter
    ParameterLabels:
      SubnetParameter:
        default: Which VPC Subnet(s) should this be deployed to?
      SecurityGroupParameter:
        default: Which Security Groups should be applied?
Parameters:
  SubnetParameter:
    Type: List<AWS::EC2::Subnet::Id>
    Description: Provide Subnet(s) IDs, separate by comma
  SecurityGroupParameter:
    Type: List<AWS::EC2::SecurityGroup::Id>
    Description: Provide Security Group(s) IDs, separate by comma
  LayerVersionParameter:
    Type: String
    Description: Provide <sapjco> Lambda layer version
    Default: '1'
  ScheduleParameter:
    Type: Number
    Description: Schedule /SDF/SMON job automatically (true = 1, false = 0)
    Default: 1
    MinValue: 0
    MaxValue: 1
  SAPSIDParameter:
    Type: String
    Description: Provide SAP System ID (used as namespace/identification only)
    MinLength: 3
    MaxLength: 3
  SAPHostParameter:
    Type: String
    Description: Provide Hostname/IP-Address of Primary Application Server
  SAPInstanceIDParameter:
    Type: String
    Description: Provide SAP Instance Number
    MinLength: 2
    MaxLength: 2
  SAPClientParameter:
    Type: String
    Description: Provide SAP Client
    Default: '000'
    MinLength: 3
    MaxLength: 3
  SAPRFC0UserParameter:
    Type: String
    Description: Provide RFC User
  SAPRFC1PasswordParameter:
    Type: String
    Description: Provide RFC Password
    NoEcho: true
Resources:
  SecretsManager:
    Type: AWS::SecretsManager::Secret
    Properties:
      Name:
        Fn::Sub:
        - sap-monitor-${SID}
        - SID:
            Ref: SAPSIDParameter
      Description:
        Fn::Sub:
        - Secret for SAP Monitoring <${SID}>
        - SID:
            Ref: SAPSIDParameter
      SecretString:
        Fn::Sub:
        - '{ "name":"${SID}", "host":"${HOST}", "sys_id":"${INSTANCEID}", "client":"${CLIENT}",
          "user":"${USER}", "password": "${PASSWORD}", "language":"en", "/SDF/SMON_DESC":"AWSCW",
          "/SDF/SMON_SCHEDULE":${SCHED} }'
        - SID:
            Ref: SAPSIDParameter
          HOST:
            Ref: SAPHostParameter
          INSTANCEID:
            Ref: SAPInstanceIDParameter
          CLIENT:
            Ref: SAPClientParameter
          USER:
            Ref: SAPRFC0UserParameter
          PASSWORD:
            Ref: SAPRFC1PasswordParameter
          SCHED:
            Ref: ScheduleParameter
      Tags:
      - Key: AppName
        Value: SAPMONITOR
  ScheduledRule:
    Type: AWS::Events::Rule
    Properties:
      Name:
        Fn::Sub:
        - sap-monitor-${SID}
        - SID:
            Ref: SAPSIDParameter
      Description:
        Fn::Sub:
        - Scheduler for SAP Monitoring <${SID}>
        - SID:
            Ref: SAPSIDParameter
      ScheduleExpression: rate(1 minute)
      State: DISABLED
      Targets:
      - Arn:
          Fn::GetAtt:
          - CWLambdaFunction
          - Arn
        Id: latest
  PermissionForEventsToInvokeLambda:
    Type: AWS::Lambda::Permission
    Properties:
      FunctionName:
        Fn::GetAtt:
        - CWLambdaFunction
        - Arn
      Action: lambda:InvokeFunction
      Principal: events.amazonaws.com
      SourceArn:
        Fn::GetAtt:
        - ScheduledRule
        - Arn
  CWLambdaFunction:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: s3://sap-monitor/c716c19711241c175058825388cbeae2
      Layers:
      - Fn::Sub:
        - arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:layer:sapjco:${LLY}
        - LLY:
            Ref: LayerVersionParameter
      Handler: init::handleRequest
      FunctionName:
        Fn::Sub:
        - sap-monitor-${SID}
        - SID:
            Ref: SAPSIDParameter
      Description:
        Fn::Sub:
        - SAP Monitoring for <${SID}>
        - SID:
            Ref: SAPSIDParameter
      Runtime: java11
      MemorySize: 512
      Timeout: 30
      VpcConfig:
        SecurityGroupIds:
          Ref: SecurityGroupParameter
        SubnetIds:
          Ref: SubnetParameter
      Environment:
        Variables:
          SECRET:
            Fn::Sub:
            - sap-monitor-${SID}
            - SID:
                Ref: SAPSIDParameter
      Policies:
      - Version: '2012-10-17'
        Statement:
        - Effect: Allow
          Action:
          - secretsmanager:GetSecretValue
          Resource:
            Ref: SecretsManager
        - Effect: Allow
          Action:
          - cloudwatch:PutMetricData
          Resource: '*'
      Tags:
        AppName: SAPMONITOR
Outputs:
  CWLambdaFunction:
    Description: SAP Monitor Lambda Function ARN
    Value:
      Fn::GetAtt:
      - CWLambdaFunction
      - Arn

Upon uploading the above template then click on Next

Specify the Stack Name for the execution

Specify all the required parameters for execution and then click Next

Specify the IAM Role that is required for cloud formation stack execution

Specify the advanced options for Stack Policy and Rollback Configuration

Specify Notification Options and Stack creation options(if required) and then click Next

Review the settings and then click Create Stack

This will create and execute the stack, and below screen will appear after successful finish of the Stack

5. TESTING DEPLOYMENT

As our lambda function is in place to monitor our ABAP system, we need to test the lambda function that if Lambda function is getting though the SAP System

5.1 Lambda Execution Configuration

We need to check the configuration that will be used for the Lambda execution which should be as per our environment

5.1.1 Memory

We need to configure optimized memory that is allowed for Lambda function to use during the execution. Default is 512 MB and must be changed as per the requirement and test cases

5.1.2 Timeout

We need to configure optimized timeout value after which the Lambda function will be forcefully stopped. Default is 30 seconds and must be changed as per the requirement and test cases

5.1.3 VPC

We need to configure the required value for the VPC of the Lambda function as execution will happen using the configured network settings. VPC, Subnets and Security groups needs to be assigned as per the infrastructure

5.2 Lambda Test Event

First, we need to configure the Test Event for Lambda function which we can feed for lambda execution

Go to Lambda from AWS Console and then click on the newly created function

Click on Test and then put below text and click on Invoke

{
“refresh”:true
}

After a successful execution below screen will appear

5.3 Checking Metrics

After successful execution we need to be sure that Statistical data has been fetched and stored by AWS CloudWatch from the SAP system.

To check the same, go to CloudWatch from AWS Console and then click on Metrics

Then we must see the metric for SAP System under Custom namespace → sap-monitor → by SID

This confirms that test is successful.

This is end of Part – II, in next part Monitoring of ABAP System on AWS Using CloudWatch – Part III of this article you can find more information about Post Configuration, Dashboard, Notifications and Logs of Monitoring ABAP Systems via AWS.

Be the first to leave a comment
You must be Logged on to comment or reply to a post.