Technical Articles
Monitoring of ABAP System on AWS Using CloudWatch – Part II
This is in continuation of my previous blog post Monitoring of ABAP System on AWS Using CloudWatch – Part I
4. DEPLOYMENT OF LAMBDA FUNCTION
4.1 Using Serverless Application Repository
Go to Serverless Application Repository from AWS Console and then go to Available applications → Public Applications and search for sap-monitor
Fill out all the required details for the connectivity to the SAP system which has following
- Application Name: This is the stack name of the application created via AWS Cloud Formation
- SAPSIDParameter: SAP System ID
- LayerVersionParameter: need to provide sapjco Lambda Layer Version
- SecurityGroupParameter: Need to provide Security Group IDs which needs to be assigned to the Lambda Function
- SubnetParameter: Need to provide Subnet IDs which will provide Internal IP address for the Lambda execution
- SAPClientParameter: Need to Provide Client Number of SAP
- SAPHostParameter: Need to provide hostname/IP-Address of Primary Application Server
- SAPInstanceIDParameter: Need to provide the SAP Instance Number
- SAPRFC0UserParameter: Need to provide RFC User for Lambda Function
- SAPRFC1PasswordParameter: Need to provide the password the RFC user
- ScheduleParameter: This will schedule /SDF/MON job automatically into the system
This will start the deployment at AWS Cloud formation of the Lambda functions with the parameters provided
Below screen will appear when the deployment gets finished
We can see the deployed Lambda function in AWS Console.
4.2 Using AWS CloudFormation
It could happen that the application in Serverless Application Repository is not available for some of the regions then in that case we can also use AWS Cloud Formation template to deploy the same
Go to AWS Cloud Formation from the AWS console → Go to Create Stack and then click on With new resources (standard)
Manually upload the below Cloud Formation template
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: SAP NetWeaver ABAP Monitoring sap-monitor-<SID>
Globals:
Function:
Timeout: 60
Metadata:
AWS::ServerlessRepo::Application:
Name: sap-monitor
Description: Amazon CloudWatch Monitoring for SAP NetWeaver ABAP-based environments.
Author: mtoerpe
SpdxLicenseId: Apache-2.0
LicenseUrl: s3://sap-monitor/34400b68072d710fecd0a2940a0d1658
ReadmeUrl: s3://sap-monitor/cb03873fab47b4d2e631b2ecfdd66ff3
Labels:
- sap
- netweaver
- monitoring
- cloudwatch
HomePageUrl: https://github.com/aws-samples/amazon-cloudwatch-monitor-for-sap-netweaver
SemanticVersion: 1.0.5
SourceCodeUrl: https://github.com/aws-samples/amazon-cloudwatch-monitor-for-sap-netweaver
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Network Configuration
Parameters:
- SubnetParameter
- SecurityGroupParameter
- Label:
default: SAP Configuration
Parameters:
- SAPSIDParameter
- SAPHostParameter
- SAPInstanceIDParameter
- SAPClientParameter
- SAPRFC0UserParameter
- SAPRFC1PasswordParameter
ParameterLabels:
SubnetParameter:
default: Which VPC Subnet(s) should this be deployed to?
SecurityGroupParameter:
default: Which Security Groups should be applied?
Parameters:
SubnetParameter:
Type: List<AWS::EC2::Subnet::Id>
Description: Provide Subnet(s) IDs, separate by comma
SecurityGroupParameter:
Type: List<AWS::EC2::SecurityGroup::Id>
Description: Provide Security Group(s) IDs, separate by comma
LayerVersionParameter:
Type: String
Description: Provide <sapjco> Lambda layer version
Default: '1'
ScheduleParameter:
Type: Number
Description: Schedule /SDF/SMON job automatically (true = 1, false = 0)
Default: 1
MinValue: 0
MaxValue: 1
SAPSIDParameter:
Type: String
Description: Provide SAP System ID (used as namespace/identification only)
MinLength: 3
MaxLength: 3
SAPHostParameter:
Type: String
Description: Provide Hostname/IP-Address of Primary Application Server
SAPInstanceIDParameter:
Type: String
Description: Provide SAP Instance Number
MinLength: 2
MaxLength: 2
SAPClientParameter:
Type: String
Description: Provide SAP Client
Default: '000'
MinLength: 3
MaxLength: 3
SAPRFC0UserParameter:
Type: String
Description: Provide RFC User
SAPRFC1PasswordParameter:
Type: String
Description: Provide RFC Password
NoEcho: true
Resources:
SecretsManager:
Type: AWS::SecretsManager::Secret
Properties:
Name:
Fn::Sub:
- sap-monitor-${SID}
- SID:
Ref: SAPSIDParameter
Description:
Fn::Sub:
- Secret for SAP Monitoring <${SID}>
- SID:
Ref: SAPSIDParameter
SecretString:
Fn::Sub:
- '{ "name":"${SID}", "host":"${HOST}", "sys_id":"${INSTANCEID}", "client":"${CLIENT}",
"user":"${USER}", "password": "${PASSWORD}", "language":"en", "/SDF/SMON_DESC":"AWSCW",
"/SDF/SMON_SCHEDULE":${SCHED} }'
- SID:
Ref: SAPSIDParameter
HOST:
Ref: SAPHostParameter
INSTANCEID:
Ref: SAPInstanceIDParameter
CLIENT:
Ref: SAPClientParameter
USER:
Ref: SAPRFC0UserParameter
PASSWORD:
Ref: SAPRFC1PasswordParameter
SCHED:
Ref: ScheduleParameter
Tags:
- Key: AppName
Value: SAPMONITOR
ScheduledRule:
Type: AWS::Events::Rule
Properties:
Name:
Fn::Sub:
- sap-monitor-${SID}
- SID:
Ref: SAPSIDParameter
Description:
Fn::Sub:
- Scheduler for SAP Monitoring <${SID}>
- SID:
Ref: SAPSIDParameter
ScheduleExpression: rate(1 minute)
State: DISABLED
Targets:
- Arn:
Fn::GetAtt:
- CWLambdaFunction
- Arn
Id: latest
PermissionForEventsToInvokeLambda:
Type: AWS::Lambda::Permission
Properties:
FunctionName:
Fn::GetAtt:
- CWLambdaFunction
- Arn
Action: lambda:InvokeFunction
Principal: events.amazonaws.com
SourceArn:
Fn::GetAtt:
- ScheduledRule
- Arn
CWLambdaFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: s3://sap-monitor/c716c19711241c175058825388cbeae2
Layers:
- Fn::Sub:
- arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:layer:sapjco:${LLY}
- LLY:
Ref: LayerVersionParameter
Handler: init::handleRequest
FunctionName:
Fn::Sub:
- sap-monitor-${SID}
- SID:
Ref: SAPSIDParameter
Description:
Fn::Sub:
- SAP Monitoring for <${SID}>
- SID:
Ref: SAPSIDParameter
Runtime: java11
MemorySize: 512
Timeout: 30
VpcConfig:
SecurityGroupIds:
Ref: SecurityGroupParameter
SubnetIds:
Ref: SubnetParameter
Environment:
Variables:
SECRET:
Fn::Sub:
- sap-monitor-${SID}
- SID:
Ref: SAPSIDParameter
Policies:
- Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- secretsmanager:GetSecretValue
Resource:
Ref: SecretsManager
- Effect: Allow
Action:
- cloudwatch:PutMetricData
Resource: '*'
Tags:
AppName: SAPMONITOR
Outputs:
CWLambdaFunction:
Description: SAP Monitor Lambda Function ARN
Value:
Fn::GetAtt:
- CWLambdaFunction
- ArnUpon uploading the above template then click on Next
Specify the Stack Name for the execution
Specify all the required parameters for execution and then click Next
Specify the IAM Role that is required for cloud formation stack execution
Specify the advanced options for Stack Policy and Rollback Configuration
Specify Notification Options and Stack creation options(if required) and then click Next
Review the settings and then click Create Stack
This will create and execute the stack, and below screen will appear after successful finish of the Stack
5. TESTING DEPLOYMENT
As our lambda function is in place to monitor our ABAP system, we need to test the lambda function that if Lambda function is getting though the SAP System
5.1 Lambda Execution Configuration
We need to check the configuration that will be used for the Lambda execution which should be as per our environment
5.1.1 Memory
We need to configure optimized memory that is allowed for Lambda function to use during the execution. Default is 512 MB and must be changed as per the requirement and test cases
5.1.2 Timeout
We need to configure optimized timeout value after which the Lambda function will be forcefully stopped. Default is 30 seconds and must be changed as per the requirement and test cases
5.1.3 VPC
We need to configure the required value for the VPC of the Lambda function as execution will happen using the configured network settings. VPC, Subnets and Security groups needs to be assigned as per the infrastructure
5.2 Lambda Test Event
First, we need to configure the Test Event for Lambda function which we can feed for lambda execution
Go to Lambda from AWS Console and then click on the newly created function
Click on Test and then put below text and click on Invoke
{
“refresh”:true
}
After a successful execution below screen will appear
5.3 Checking Metrics
After successful execution we need to be sure that Statistical data has been fetched and stored by AWS CloudWatch from the SAP system.
To check the same, go to CloudWatch from AWS Console and then click on Metrics
Then we must see the metric for SAP System under Custom namespace → sap-monitor → by SID
This confirms that test is successful.
This is end of Part – II, in next part Monitoring of ABAP System on AWS Using CloudWatch – Part III of this article you can find more information about Post Configuration, Dashboard, Notifications and Logs of Monitoring ABAP Systems via AWS.