SAP on Azure
Refer to:
- Azure Center for SAP Solutions
- Opensource Quality Checks
- Openssource Inventory Checks
Summary
Details
Ensure that each SAP production system is designed for high availability across availability zones
Impact: High Category: High Availability
APRL GUID: a9b649a5-2bfe-40ca-9b8f-34f9c71dfa12
Description:
Use Azure Availability Zones to protect SAP systems against data center failures. Ensure high availability by deploying across multiple zones. If deployment across zones isn't possible, refer to Microsoft's guidance for high availability options for SAP workloads.
Potential Benefits:
High availability for SAP systems
Learn More:
| SAP ACSS Quality Insights |
| OpenSource Inventory Checks |
| OpenSource Quality Checks |
| Move Regional SAP HA to Zonal |
| High Availability Deployment Options for SAP |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Run SAP application servers on two or more VMs using VMSS Flex
Impact: High Category: High Availability
APRL GUID: 49bd34ab-d117-4b0e-99f8-34cc8a5394bc
Description:
Use VMSS Flex to distribute VMs across zones and fault domains. Follow Microsoft's SAP workload recommendations for settings. If not using VMSS Flex or Availability Sets, consider migrating to VMSS Flex for improved resiliency. Refer to the provided blog post for migration details.
Potential Benefits:
Enhanced resiliency for SAP on Azure
Learn More:
| OpenSource Inventory Checks |
| Virtual machine Scale Set SAP Deployment Guide |
| Considerations for Flexible VM Scale Sets for SAP |
| Migrate existing SAP system VMs to VMSS Flex |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
If using single-instance VMs all OS and data disks must be Premium SSD or Ultra Disk
Impact: High Category: High Availability
APRL GUID: b60ae773-9917-4bca-8a42-7cb45365a917
Description:
For single-instance VMs, both OS and data disks must be either Premium SSD or Ultra Disk to achieve the single-instance SLA of 99.9% availability.
Potential Benefits:
Higher SLA of 99.9% with SSDs
Learn More:
| SAP ACSS Insights |
| OpenSource Inventory Checks |
| OpenSource Quality Checks |
| VM SLA |
| SAP Storage Planning Guide |
ARG Query:
Click the Azure Resource Graph tab to view the query
// Azure Resource Graph Query
// Find all single instance VMs that have an attached disk that is not in the Premium or Ultra sku tier.
resources
| where type =~ 'Microsoft.Compute/virtualMachines'
| where isnull(properties.virtualMachineScaleSet.id)
| where isnotnull(properties.availabilitySet)
| extend lname = tolower(name)
| join kind=leftouter(resources
| where type =~ 'Microsoft.Compute/disks'
| where not(sku.tier =~ 'Premium') and not(sku.tier =~ 'Ultra')
| extend lname = tolower(tostring(split(managedBy, '/')[8]))
| project lname, name
| summarize disks = make_list(name) by lname) on lname
| where isnotnull(disks)
| project recommendationId = "b60ae773-9917-4bca-8a42-7cb45365a917", name, id, tags, param1=strcat("AffectedDisks: ", disks)
Ensure synchronous data replication (SYNC mode) between primary and secondary VM nodes
Impact: High Category: High Availability
APRL GUID: 094400a5-f112-408d-a334-afd68873ff0f
Description:
High availability for databases should be implemented using database native replication technologies and the data should be replicated synchronously that is in SYNC mode from primary database to a stand-by node.
Potential Benefits:
Ensures high availability for SAP data
Learn More:
| SAP ACSS Insights |
| OpenSource Quality Checks |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Design SAP shared file systems for high availability, utilizing availability zones when possible
Impact: High Category: High Availability
APRL GUID: e09ca960-20b7-4831-b85b-83ec84c1390e
Description:
SAP shared file systems such as /sapmnt, /usr/trans, interfaces should be made highly available. In case of Azure File Shares, we recommend that you use ZRS (Zone-redundant storage) and for Azure NetApp Files use Zonal replication for your volumes.
Potential Benefits:
Enhanced data availability for SAP
Learn More:
| OpenSource Inventory Checks |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Test high availability solutions thoroughly to ensure fail overs work as expected
Impact: High Category: High Availability
APRL GUID: 5663a808-56be-49ea-8d5c-c5dfc6925f76
Description:
Test high availability solutions thoroughly, including kernel panic in Linux VMs and fail-back. Ensure zonal failure scenarios for each SAP layer (database, central services, application servers, shared file systems) are zone redundant, meet RPO = 0, and fail over automatically within your RTO.
Potential Benefits:
Ensures SAP Azure's failover reliability
Learn More:
| Test Cases |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Remove unwanted location constraints from Linux Pacemaker clusters
Impact: High Category: High Availability
APRL GUID: 1b8a3051-dfd4-4780-bfb7-446296774029
Description:
Use the migrate command in a Linux Pacemaker cluster to create a temporary "prefer" location constraint, moving a resource to a specified node for maintenance or testing. This constraint is temporary and should be removed after the task to revert to the original cluster configuration.
Potential Benefits:
Enhanced maintenance and failover handling
Learn More:
| OpenSource Inventory Checks |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Secure compute resource capacity for critical VM roles in DR region
Impact: Medium Category: Disaster Recovery
APRL GUID: 820b4c0c-8a74-442a-8ba7-b0cb840cd983
Description:
Ensure compute resource availability for critical VM roles in a DR region using a warm standby approach or Azure's On-demand Capacity Reservation. Warm standby keeps VMs running in the DR region, while On-demand Capacity Reservation reserves compute capacity without running VMs.
Potential Benefits:
Guarantees DR region availability
Learn More:
| Capacity Reservation |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Replicate production databases to DR location (ASYNC) using the vendor's replication technology
Impact: High Category: Disaster Recovery
APRL GUID: fb8bdcee-d88f-408d-8572-a76a4aaa733b
Description:
Replicate production databases (ASYNC) to the DR location using the database vendor's replication technology.
Potential Benefits:
Enhanced DR resilience
Learn More:
| SAP Disaster Recovery Guide |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
SAP components are backed up to DR location using an appropriate backup tool or ASR
Impact: High Category: Disaster Recovery
APRL GUID: 41f0d88e-7866-4444-aac4-ef5fee3e6874
Description:
SAP components such as (A)SCS, application servers, WebDispatchers, etc are backed up to DR location using an appropriate backup tool or ASR.
Potential Benefits:
Ensures SAP data safety and recovery
Learn More:
| SAP ACSS Insights |
| OpenSource Inventory Checks |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
SAP shared files systems are replicated or backed up to DR location
Impact: High Category: Disaster Recovery
APRL GUID: ee4dc309-00a1-49fe-92fa-1724baf5f103
Description:
Implement robust monitoring and alerting for DR in SAP on Azure to cover its complex, multi-layer architecture. This is crucial for databases, services, applications, and shared systems.
Potential Benefits:
Enhances SAP DR oversight
Learn More:
| DR Guidance |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Automate DR infrastructure build or pre-deploy DR resources
Impact: Medium Category: Disaster Recovery
APRL GUID: 0fabc52e-cdbb-4acd-8626-c4c637061e2d
Description:
Automate the build of disaster recovery (DR) infrastructure (or pre-deploy DR resources) and streamline SAP service recovery as much as possible.
Potential Benefits:
Faster SAP recovery, reduced downtime
Learn More:
| DR Guidance |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Document and test DR procedure ensure it meets RPO and RTO targets
Impact: Medium Category: Disaster Recovery
APRL GUID: c300e949-528d-4ac9-889b-cacf8b4a6e90
Description:
Document DR procedures for each SAP layer: database, central services, application servers, and shared file systems. Include configuration, failover mechanisms, and recovery steps. Test various failure scenarios to ensure the DR strategy meets RPO/RTO targets and provides seamless failover.
Potential Benefits:
Ensures robust DR, meets RPO/RTO
Learn More:
| DR Guidance |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Ensure there is a robust monitoring and alerting solution in place for the entire DR solution
Impact: Medium Category: Disaster Recovery
APRL GUID: c27134b7-6917-4852-8276-3dbef5c71578
Description:
Implement robust monitoring and alerting for SAP on Azure, covering DR for databases, central services, applications, and shared file systems. Given SAP's complexity, a comprehensive monitoring strategy is crucial for effective DR replication and rapid issue response.
Potential Benefits:
Improved DR oversight and rapid issue response
Learn More:
| DR Guidance |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Configure scheduled events notification
Impact: High Category: Monitoring and Alerting
APRL GUID: 6b589ce6-c847-4cee-af35-f6e8eb1cf983
Description:
Scheduled events notify about upcoming maintenance (e.g., reboot) to limit disruption. Configure for all critical Azure VMs. Use the azure-events-az resource agent in Pacemaker clusters to monitor and react to events like Reboot and Redeploy, ensuring high availability.
Potential Benefits:
Proactive maintenance awareness
Learn More:
| VM Scheduled Events |
| Configure Pacemaker for Azure Scheduled Events |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Configure a Pacemaker cluster for SAP ASCS high availability
Impact: High Category: High Availability
APRL GUID: 9d8f6678-694c-4da4-8384-415201f65194
Description:
For the ASCS-Pacemaker (Central Server Instance), ensure that the Pacemaker cluster configuration parameters are correctly set up for SAP ASCS high availability.
Potential Benefits:
Enhances SAP ASCS uptime
Learn More:
| SAP ACSS Insights |
| OpenSource Quality Checks |
| ASCS-Pacemaker - Central Server Instance |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Ensure the load balancer is configured correctly for SAP ASCS High availability
Impact: High Category: High Availability
APRL GUID: 5c2e52d0-25be-4b1c-833c-b98b5ef1a26b
Description:
For the ASCS-LB (Central Server Instance), ensure that the load balancer is configured correctly for SAP ASCS high availability.
Potential Benefits:
Enhanced HA for SAP ASCS
Learn More:
| SAP ACSS Insights |
| OpenSource Quality Checks |
| ASCS-LB - Central Server Instance |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Ensure the Pacemaker cluster has been setup for SAP HANA DB high availability
Impact: High Category: High Availability
APRL GUID: 6648fe61-880d-4a96-8d2d-190a23d5580b
Description:
For the DBHANA-Pacemaker (Database Instance), ensure that the Pacemaker cluster configuration parameters are correctly set up for SAP HANA database high availability.
Potential Benefits:
Enhances SAP HANA DB uptime
Learn More:
| SAP ACSS Insights |
| OpenSource Quality Checks |
| DBHANA-Pacemaker - Database Instance |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Ensure the load balancer is configured correctly for SAP HANA DB High availability
Impact: High Category: High Availability
APRL GUID: 2e4c2171-a83f-4238-a8e3-b51c90d86a99
Description:
For the DBHANA-LB (Database Instance), make sure the load balancer is configured correctly for SAP HANA database high availability.
Potential Benefits:
Enhanced DB availability
Learn More:
| SAP ACSS Insights |
| OpenSource Quality Checks |
| DBHANA-LB- Database Instance |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Review SAP configuration for timeout values used with Azure NetApp Files
Impact: High Category: High Availability
APRL GUID: 4884cada-b9c7-42d5-8153-3853e4a6f6c4
Description:
Ensure high availability of SAP with Azure NetApp Files by setting proper timeout values to prevent disruptions. Review the documentation to confirm your configuration meets the recommended timeout values.
Potential Benefits:
Improve resiliency and performance of SAP on Azure
Learn More:
| SAP on Azure NetApp Planning Guide |
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development
Provision recommended storage configuration on database VMs
Impact: High Category: Scalability
APRL GUID: 697deb1d-d398-4989-9734-9e6c18f7e0ad
Description:
Ensure optimal disk types and configurations for data and log volumes, meeting IOPS and throughput requirements. Follow Microsoft's recommendations for disk caching, WriteAccelerator, stripe size, and Linux I/O Scheduler. Use SAP on Azure QualityCheck tool to identify deviations.
Potential Benefits:
Improve reliability, performance and optimize costs
Learn More:
ARG Query:
Click the Azure Resource Graph tab to view the query
// under-development