High Availability And Disaster Recovery Options For SAP .

2y ago
30 Views
2 Downloads
903.27 KB
23 Pages
Last View : 12d ago
Last Download : 2m ago
Upload by : Camden Erdman
Transcription

High Availability andDisaster Recovery Options forSAP HANA on AWSNovember 2015

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved.NoticesThis document is provided for informational purposes only. It represents AWS’scurrent product offerings and practices as of the date of issue of this document,which are subject to change without notice. Customers are responsible formaking their own independent assessment of the information in this documentand any use of AWS’s products or services, each of which is provided “as is”without warranty of any kind, whether express or implied. This document doesnot create any warranties, representations, contractual commitments, conditionsor assurances from AWS, its affiliates, suppliers or licensors. The responsibilitiesand liabilities of AWS to its customers are controlled by AWS agreements, andthis document is not part of, nor does it modify, any agreement between AWSand its customers.Page 2 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015ContentsAbstract4Introduction4Scope of the Document5Overview of AWS Services for SAP Solutions5Amazon Global Infrastructure5Compute6Storage6Automatic Recovery7Quick Starts7SAP HANA High Availability on AWSHANA Service Auto-Restart8Host Auto-Failover8HANA System Replication9HANA Backup/Restore9Storage Replication9SAP HANA HA/DR Options on AWS10Option 1 – Automatic Recovery & HANA Backup/Restore10Option 2 – Automatic Recovery & HSR without Data Preload12Option 3 – Automatic Recovery & HSR without Data Preload14Option 4 – Automatic Recovery & HSR with Data Preload15Option 5 – Automatic Recovery & Multi-Tier HSR16Option 6 – Automatic Recovery & HSR with Amazon S3 Cross-RegionReplication17Summary18Triggering HANA System Replication TakeoverPage 3 of 23819

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015Redirecting Client Traffic19Automating HANA System Replication Failover20Testing Your Solution20Conclusion21Contributors21Further Reading21Notes22AbstractAmazon Web Services (AWS) provides a suite of services and tools to deploybusiness-critical SAP HANA workloads on the AWS cloud infrastructure. Thiswhitepaper discusses options that a customer or partner can choose to set up ahighly available and disaster-tolerant SAP HANA system on AWS platform usingAWS services and SAP HANA tool sets.IntroductionMany enterprises are deploying SAP HANA systems on AWS to run theirmission-critical business operations. High availability (HA) and disaster recovery(DR) for SAP HANA solutions are important considerations for businesscontinuation. AWS provides many services that can be set up in a redundant wayto achieve high availability for many applications, including SAP. In addition tothese, SAP provides robust native tools to set up and run SAP HANA workloadsin a highly available manner.This whitepaper provides an overview of how a customer or partner could useAWS services, native SAP HANA HA tools, and third-party software to achieveHA/DR for SAP HANA systems on the AWS platform. The paper presents sixhigh availability options that leverage different AWS management features,Availability Zones, and global regions. It discusses the pros, cons, and relatedcosts of each option. We recommend that you select the option that best meetsPage 4 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015your needs, and use the technical implementation guides we’ve referenced toimplement its architecture.Scope of the DocumentThe scope of this whitepaper is to provide you with different implementationoptions for setting up your SAP HANA system in a highly available and disastertolerant way on AWS platform while considering your own costs, recovery timeobjective (RTO), and recovery point objective (RPO). This whitepaper does notprovide detailed implementation steps or discuss high availability or disasterrecovery options for the SAP application tier. For that discussion, see the SAP onAWS High Availability Guide.1Overview of AWS Services for SAPSolutionsAWS provides an extensive set of computing resources and services. Thefollowing sections provide a brief overview of the core AWS services that are mostrelevant for the implementation and operation of SAP solutions.Amazon Global InfrastructureAWS is built on a global infrastructure. AWS services are available to use indifferent geographical regions across the globe. AWS regions enable you todeploy your SAP environment in a location that is closer to your users, and tomeet legal or other requirements. Regions are isolated from one another, andAWS does not replicate your resources or data across regions automatically.Each region contains multiple isolated locations called Availability Zones. EachAvailability Zone is engineered to be isolated from failures in other AvailabilityZones, and provides inexpensive, low-latency network connectivity to otherAvailability Zones in the same region. AWS is currently available in over 10regions and in multiple Availability Zones within each region. For additionalinformation about AWS regions and Availability Zones, see Global Infrastructureon the AWS website.2Page 5 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015ComputeAmazon Elastic Compute Cloud (Amazon EC2) is a web service that providesresizable compute capacity in the cloud. Its simple web service interface allowsyou to obtain and configure capacity with minimal effort. Amazon EC2 providesyou with complete control over your computing resources and lets you run onAmazon’s proven computing environment. Amazon EC2 helps reduce the timerequired to obtain and boot new server instances to minutes, allowing you toquickly scale capacity both up and down, as your computing requirementschange. Amazon EC2 changes the economics of computing by allowing you to payonly for capacity that you actually use. It provides you with the tools to help buildfailure-resilient applications that are isolated from common failure scenarios. Formore information about this service, see Amazon EC2 on the AWS website.3StorageAmazon Elastic Block Store (Amazon EBS) provides persistent block-levelstorage volumes for use with Amazon EC2 instances in the AWS cloud. EachAmazon EBS volume is automatically replicated within its Availability Zone tohelp protect you from component failure, offering high availability and durability.Amazon EBS volumes provide the consistent and low-latency performanceneeded to run your workloads. With Amazon EBS, you can scale your usage up ordown within minutes – all while paying a low price for only what you provision.For SAP workloads, Amazon EBS is used to store database-related files like dataand log files. See Amazon EBS on the AWS website to find out more about thisservice.4Amazon Simple Storage Service (Amazon S3) provides developers and IT teamswith secure, durable, highly scalable object storage. Amazon S3 is easy to use, andprovides a simple web service interface to store and retrieve any amount of datafrom anywhere on the web. With Amazon S3, you pay only for the storage youactually use. Amazon S3 provides cost-effective object storage for a wide varietyof use cases, including cloud applications, content distribution, backup andarchiving, disaster recovery, and big data analytics. Additionally, you can takeadvantage of the S3 cross-region replication feature, which enables automatic,asynchronous copying of objects across buckets in different AWS regions. ForSAP workloads, Amazon S3 can be used to store database backups, SAP archivePage 6 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015files, and other miscellaneous files like SAP media. See Amazon S3 on the AWSwebsite to find out more about this service.5Automatic RecoveryAutomatic recovery is a feature of Amazon EC2 that is designed to increaseinstance availability. You can enable automatic recovery for an instance bycreating an Amazon CloudWatch alarm that monitors an Amazon EC2 instanceand automatically recovers the instance if it becomes impaired due to anunderlying hardware failure or a problem that requires AWS involvement torepair. A recovered instance is identical to the original instance, including theinstance ID, private IP addresses, Elastic IP addresses, and all instance metadata.For more information about how to configure an Amazon CloudWatch alarm toenable automatic recovery, see the AWS documentation.6 The following diagramillustrates this feature.Quick StartsThe AWS Quick Start reference deployment for SAP HANA helps you rapidlydeploy fully functional SAP HANA systems on the AWS cloud, following bestpractices from AWS and SAP. The AWS Quick Start ensures that the Amazon EC2instance, Amazon EBS, and the operating system (SUSE Linux Enterprise Serveror Red Hat Enterprise Linux) are optimally configured to achieve bestperformance for your SAP HANA system right out of the box. For moreinformation, see the SAP HANA on AWS Quick Start Reference DeploymentGuide.7Page 7 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015SAP HANA High Availability on AWSSAP provides several native tool sets to recover your SAP HANA system from awide range of failures, starting from simple software malfunctions to majordisasters like complete data center outage. This section provides an overview ofvarious high availability (HA) tool sets that SAP provides for SAP HANA andtheir use on the AWS platform. For details about these tool sets, see the SAPHANA High Availability whitepaper on the SAP website.8HANA Service Auto-RestartHANA Service Auto-Restart is a fault recovery solution provided out of the box bySAP. SAP HANA has many configured services running all the time for variousactivities. When any of these services is disabled due to a software failure orhuman error, the service is automatically restarted with the HANA Service AutoRestart watchdog function. When the service is restarted, it loads all thenecessary data back into memory and resumes its operation.Use on AWS – HANA Service Auto-Restart works the same way on AWS as itdoes on any other platform.Host Auto-FailoverSAP HANA Host Auto-Failover is a fault recovery solution provided by SAP. Toachieve high availability within a data center, you can add and configure standbynodes to take over in case one or more SAP HANA nodes become impaired orunavailable. When an existing node fails, a standby node can automatically takeover by gaining access to the persistent layer (data and log volumes) of the failedhost. It does this either by using shared networked storage (NFS) or with anystorage connector API.Use on AWS – Instead of having to purchase and maintain a standby node foryour SAP HANA deployment, we recommend that you use the native AWSautomatic recovery feature previously discussed to recover your SAP HANAinstance on a different piece of hardware if an underlying failure occurs. Thisessentially provides you with standby hardware without incurring the additionalcost for a typical standby node. A recovered instance is identical to the originalinstance, including your existing storage volumes as well as configurations suchas hostname, IP address, and AWS instance IDs. In addition, we recommend thatPage 8 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015you configure SAP HANA services to start up automatically after a system restartfor a fully automated recovery.HANA System ReplicationHANA System Replication (HSR) is a high availability and disaster recoverysolution provided by SAP. HSR follows the “N N” approach, where you configurethe same number of nodes for both the primary and the secondary system. Eachservice in the primary system communicates with its counterpart in thesecondary system to replicate the data. With HSR, you can choose manyreplication options, including synchronous, synchronous in-memory, andasynchronous, depending on your recovery time objective (RTO) and recoverypoint objective (RPO). To learn more, see How to Perform System Replicationfor SAP HANA on the SAP website.9Use on AWS – SAP HANA System Replication is fully supported on the AWSplatform. You can use it in combination with AWS Availability Zones to helpprotect your SAP HANA installations, even from catastrophic data center failures.HANA Backup/RestoreAlthough SAP HANA is an in-memory database, it persists all changes inpersistent storage to recover and resume from power outages without any loss ofdata. Persisted SAP HANA data and log files can be regularly backed up to aremote location for disaster recovery purposes. To learn more, see Backup andRecovery - SAP HANA on the SAP website.10Use on AWS – There are no AWS-specific restrictions for using the HANABackup/Restore functionality. It works the same way on AWS as it does on anyother platform. In addition, you can take advantage of secure, durable, highlyscalable and cost-effective Amazon S3 object storage, either by copying yourbackup files to Amazon S3 or by using Amazon EBS snapshots to help recoveryour HANA system from a disaster.Storage ReplicationSAP HANA hardware partners offer a storage-level replication solution, whichreplicates the SAP HANA storage volumes (data, logs, etc.) or file system on aremote, networked storage system to recover the SAP HANA system with lowRTO during a disaster.Use on AWS – Storage replication is not currently supported on AWS.Page 9 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015SAP HANA HA/DR Options on AWSCombining the AWS global infrastructure, Amazon S3, Amazon CloudWatch, andautomatic recovery services with native SAP HANA tool sets like HANA SystemReplication and Backup/Restore provides you with many options for architectinga highly available and disaster-tolerant HANA system on AWS to meet yourspecific RTO/RPO requirements. In this section, we will discuss some commonHA/DR options for SAP HANA on AWS. For a comparison of the RPO, RTO, andcosts associated with each option, see the summary.Option 1 – Automatic Recovery & HANA Backup/RestoreIn this option, you can choose to run your HANA instance in Availability Zone Aand set up a CloudWatch alarm to automatically recover your SAP HANA EC2instance when a hardware impairment is detected. Automatic recovery helpsrecover your instance during a hardware failure within an Availability Zone, butyou still have the risk of not being able to access your SAP HANA EC2 instancewhen the Availability Zone becomes unavailable. In this case, you can launch anew SAP HANA instance in another Availability Zone (for example, AvailabilityPage 10 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015Zone B) by using an AWS CloudFormation template, and restore your SAP HANAbackup from Amazon S3 into an Amazon EBS staging volume.Another way to store your backup files in Amazon S3 is to take periodicsnapshots of your backup volumes. Snapshots stored in Amazon S3 are availableacross Availability Zones within a region, and you can instantly create an EBSvolume based on a snapshot to restore your SAP HANA instance immediately.Using snapshots helps you avoid manually downloading and staging backup filesfrom Amazon S3 to Amazon EBS, thus decreasing your total RTO.Once the SAP HANA backup is staged on an EBS volume, you can use standardSAP HANA backup/recovery procedures to restore and recover your SAP HANAdatabase. When the database becomes operational, you can redirect your clienttraffic to your new SAP HANA EC2 instance.With this model, you avoid the cost of a standby node. Instead, you takeadvantage of the AWS Multi-AZ infrastructure and Amazon S3 to stand up a newSAP HANA instance in a different Availability Zone and restore your SAP HANAbackup so you can quickly resume your operation. This model is suitable whenyou can afford a longer RTO, and your business can afford an RPO that is greaterthan zero. Your RPO depends on how frequently you store your SAP HANAbackup files in Amazon S3. You could implement custom scripts to copy orsnapshot your SAP HANA backup files to Amazon S3 as soon as they are writtento the Amazon EBS volume, to achieve a better RPO in the event of an AvailabilityZone failure.Finally, since HANA ensures that your committed transactions are persisted inpersistent storage, you will not lose any data if you choose to wait for AvailabilityZone A to come back online, rather than recovering your instance in AvailabilityZone B. In this case, your recovery time depends on the time it takes to bringAvailability Zone A back online.Page 11 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015Option 2 – Automatic Recovery & HSR without Data Preload(Warm Standby)In this option, you host the primary SAP HANA instance in Availability Zone Aand the secondary SAP HANA instance in Availability Zone B, and you set upHANA System Replication between these two instances. With HANA SystemReplication in place, data changes in your primary SAP HANA instance arecontinuously replicated to your secondary HANA instance, so you canimmediately recover your HANA instance in Availability Zone B whenAvailability Zone A becomes unavailable. Both the primary and the secondaryHANA instances can be protected from hardware impairment by configuring aCloudWatch alarm for automatic recovery.With HANA System Replication, you can also set up the replication between yourprimary and secondary instances with the preload option turned off. When thisoption is turned off, replicated data is not loaded into memory in your secondaryHANA instance, so your secondary instance doesn’t need the same memorycapacity as your primary instance. This helps lower your costs while stillprotecting your system against failure in Availability Zone A.Page 12 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015In this case, you can choose a smaller instance type with at least 64 GiB ofmemory, or row store size 20 GiB (whichever is higher) for your secondaryHANA instance in Availability Zone B. With HANA System Replication in place,you will be able to recover your HANA database within a short period of time inAvailability Zone B. During a failover, you can change the secondary HANAinstance type to match the primary HANA instance type. Once your secondaryHANA instance is operational, you can start redirecting traffic to your secondaryHANA instance.This architecture enables you to implement your HANA solution across multipleAvailability Zones to minimize your recovery time during an Availability Zonefailure. You also take advantage of a unique flexibility in AWS that eliminates theneed for a full-sized secondary HANA instance during replication. You need tochange your secondary HANA instance type only when disaster strikes. Whilesynchronous HANA System Replication ensures zero RPO, your RTO with thismodel will be moderate because you will need to change the instance type duringfailover. This model is suitable when you need to lower costs and still need abetter RTO than the previous option.When you use this option, you need to ensure that the secondary HANA instanceis big enough and has adequate network bandwidth to support the primaryHANA instance’s data change rate, especially when you are using synchronousreplication. We recommend that you choose the R3 instance family for yoursecondary HANA instance to achieve better performance during replication.Page 13 of 23

Amazon Web Services – HA/DR Options for SAP HANA on AWSNovember 2015Option 3 – Automatic Recovery & HSR without Data Preload(Warm Standby Dev/QA)This option is very similar to option 2, except that your secondary HANA instancesize is similar to the size of your primary HANA instance. In addition to hostingyour production on the secondary HANA instance, you can co-host your Dev/QAHANA instances on the same EC2 instance to best utilize your resour

AWS services and SAP HANA tool sets. Introduction Many enterprises are deploying SAP HANA systems on AWS to run their mission-critical business operations. High availability (HA) and disaster recovery (DR) for SAP HANA solutions are important considerations for business continuation. AWS provides many services that can be set up in a redundant way to achieve high availability for many .

Related Documents:

NetWorker Server disaster recovery roadmap This guide provides an aid to disaster recovery planning an detailed step-by-step disaster recovery instructions. The following figure shows the high-level steps to follow when performing a disaster recovery of the NetWorker Server. Figure 1 Disaster recovery roadmap Bootstrap and indexes

4.2 State Disaster Recovery policy 4.3 County and Municipal Recovery Relationships 4.4 Recovery Plan Description 4.5 Recovery Management Structure and Recovery Operations 4.6 Draft National Disaster recovery Framework (February 5, 2010) 4.6.1 Draft Purpose Statement of the National Disaster Recovery Framework

1. Post-Disaster Recovery and Disaster Risk Reduction require support from community participation in improving the quality and objectives of Disaster Management; 2. Community-based Disaster Risk Reduction is a key factor in participatory disaster management, including in post-disaster recovery, as indicated by best practices in Yogyakarta and .

High Availability and Disaster Recovery Solutions for Perforce Basic Disaster Recovery This low-cost solution, which is far superior to tape backup alone, validates the usability of backups on a daily basis. This solution consists of two identically configured machines, one in the primary data center and another at a remote disaster recovery site.

community disaster—recognize that preparing for long-term disaster recovery demands as much attention as preparing for short-term response. After a major disaster, the recovery process takes months and even years to bring a community back to a "new normal" and as strong as or better than before the disaster. Disaster Recovery: A Local

Pre-Disaster Recovery Plan: A PDRP provides a framework for leading and managing recovery activities after a disaster. This may include providing human and social services to disaster survivors, gathering data used to develop strategies for an effective recovery, and organizing and managing resources for post-disaster recovery activities.

recovery mechanisms, and a formalized Disaster Recovery Committee that has responsibility for rehearsing, carrying out, and improving the disaster recovery plan. When a disaster strikes, the normal operations of the enterprise are suspended and replaced with operations spelled out in the disaster recovery plan.

1 Introduction to Oracle Fusion Middleware Disaster Recovery 1.1 Overview of Oracle Fusion Middleware Disaster Recovery 1-1 1.1.1 Problem Description and Common Solutions 1-1 1.1.2 Terminology 1-2 1.2 Setting Up Disaster Recovery for Oracle Fusion Middleware Components 1-5 1.2.1 Oracle Fusion Middleware Disaster Recovery Architecture Overview 1-5