Challenge 1: SAP Auto Deployment

< Previous Challenge - Home - Next Challenge >

Introduction

Contoso Inc is an established manufacturer planning to modernize IT infrastructure. As part of their plan, Contoso wants to migrate existing SAP systems from on-premise to Azure more rapidly. They identified SAP on Azure github repo and liked the Microsoft provided automation content. The document introduces an automation tool to provision of all necessary Azure infrastructure, server configurations, and SAP system installation. The automation tool is based on Terraform and Ansible script.

NOTE: The files for this challenge can be found in a zip file in the Files tab of the General Channel for this hack.

Description

During the exercise, the Participants will be able to provision a landscape into Azure for SAP environment and then build a fresh SAP system by using an existing backup files into this environment as shown in the following diagram. SAP HANA DB will use Azure Netapp Filesystem for the storage volume. Please note that this may take up to 4 hours to complete once automation is kicked off.

image

  1. Identify your Group number, which will be added to the configuration file.
  2. Open Azure Portal, Powershell Window, run the following command to create Service Principle and save the Password to Notepad.
    $sp = New-AzADServicePrincipal -DisplayName AutoSAPDeployAdminXX
    $Ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToCoTaskMemUnicode($sp.Secret)
    $password = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($Ptr)
    Write-output $password
    
  3. Open Azure Portal, record the Azure Subscription ID and save to Notepad.

In Azure Portal, go to Azure Active Directory => App Registration => select Service Principle “AutoSAPDeployAdminXX” => record Application (client) ID and Directory (tenant) ID field to Notepad.

  1. Provision an ubuntu linux server through Azure portal (18.04 LTS, SKU: Standard DS1 v2) with user id azureuser and give a password and make a note of it. You will start all the Azure infrastructure provision from this server.

  2. Login to the server as the named user azureuser and run the following commands (please remember to use the named user login azureuser instead of any other named user). Coach will provide the package_url during the session.

% mkdir TST200/
% cd TST200/
% wget "[package_url]" -O ophk.tar.gz
% gzip -d ophk.tar.gz
% tar xf ophk.tar
% ./local_setup_env.sh
  1. Edit the following parameters in the main.inputs file in the TST200 directory: In the azure_login section, replace all the xxxxx with the data taken down from step 2-4.
    subscription_id: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
    client_id: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
    client_secret: "xxxxxxxxxxxxxxxxxxxxxxxxxx"
    tenant_id: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"
    Change in the Resource prefix section, change the "teamxx** XX to represent your team number. Eg. “team00” from step 1. Add Team number to the Resource group in the Resource Group section: Name: “saprg_ophk_teamXX” State: “new” Region: “westus2”
    You can change the three-letter SAP system ID parameter, if desired. e.g. SAP_system_name: “S4P” Save the “main_inputs” file. Stay in the same directory.
    
  2. Generate runnable terraform scripts.
    % python3 gen_terraform_script.py
    
  3. stay in the same directory, run terraform script to build the Azure infrastructure – this will run for 15-20 minutes.
    % ./Run_Terraform_Build.sh
    
  4. [Temporarily the manual correction process] Logon to portal: go to ANF account created and display each ANF volumes and check its export policy, make sure that the Root Access is set On. If the export policy shows Off then change it to On and save – this is needed for each NetApp file volumes.

    image

  5. At the end of the step 9, locate Window Jumpbox (pipwinbox) and note the public IP address in order to RDP to the Window Jumpbox. Use the login credential which the coach will provide for the next step (see below).

    image

  6. Logon to the window jumpbox. Download the following tools and SAP packages: Note, you might want to install and switch to some other browser to download these as the default browser with window defender will block the direct download.
Putty.exe
SAP GUI
SAP HANA Studio
SAP GUI 7.60: coach will provide the link
HANA studio 2.0: coach will provide the link
  1. From the window jumpbox, logon to the linux jumpbox: Putty session to server “teamxx-linux-jumpbox” with the credential azureuser/correct password. Note: Replace “xx” with your team number chosen previously.
    % cd ~azureuser/Current_Deployment
    % cd ansible
    % ./SAP_Ansible_Deploy.sh
    Note: this script does all the configs and then install a complete SAP system which may run up to 4 hours. While this ansible script is running, you can continue with next steps on installing SAPGUI on the Window Jumpbox.
    
  2. Once the deployment script completes, login to SAP system (SID=S4P, instance #00, app server: teamXX-app01) through GUI to test connection SAP Application and continue other challenges.

Success Criteria

Learning Resources