Many companies have moved workloads to the public cloud to capitalize on the following advantages:
- A transition from capital to operating expenses
- Enhanced deployment automation
- Simplified life-cycle management
However, this move can also lead to conflicts around key factors such as client-defined security, data sovereignty, and network latency. Companies are therefore seeking to combine the perceived benefits of public cloud with the architectural control and data governance inherent in on-premise approaches. HPE offers a pay-as-you-go consumption model via HPE GreenLake, complementing this approach with advanced automation features, simplified life-cycle management, and scalability. Of the 437,000 customers using SAP®, 1 many want to deploy SAP HANA® and SAP S/4HANA in an environment that delivers a public cloud-like experience with the key capabilities of on-premise solutions.
HPE and Red Hat each have nearly 2 decades of experience in certifying SAP solutions, including those for SAP HANA and SAP S/4HANA. HPE sells, implements, and supports the Red Hat software stack to run and manage these SAP-certified systems. HPE services teams are trained to deploy and support a variety of SAP solutions with Red Hat software. Advances in automation, management, and systems technologies have allowed HPE and Red Hat to provide new options for on-premise deployment and life-cycle management and to offer further choice in deployment models, including the ability to automate SAP HANA deployment on- or off-premise.
This paper reviews a joint HPE and Red Hat solution that unites management technologies from HPE with automation and management from Red Hat and HPE Synergy Composable Infrastructure (an ideal platform for powering the SAP application tier as well as equipping service providers), combining the experience of public cloud with the advantages of on-premise deployment. By embedding SAP deployment expertise within the solution (via Ansible® Playbooks for SAP HANA deployment), businesses can minimize errors and speed deployments. Novel management technologies—such as Red Hat® Insights, Red Hat Satellite, and HPE InfoSight—allow organizations to build reliable and robust infrastructures for SAP HANA that ensure greater uptime while remaining flexible and scalable. This approach allows organizations to precisely, reliably, and easily match capacity to demand and save costs throughout the operational lifetime of SAP solutions. Businesses may wish to use this solution as a model to benchmark their existing approaches to deployment automation and experience, maintenance requirements, and management costs.
Motivation for automating SAP workloads
Time to market can be the difference between success and failure in a rapidly changing economy. Organizations capable of deploying SAP applications and supporting infrastructure quickly will have a natural advantage over those deploying manually. A well-organized and well-engineered approach that automates the undifferentiated heavy lifting and incorporates SAP expertise can accelerate deployment and helps organizations focus on and achieve business objectives sooner.
Operational responsiveness is also important. Capital expenditures, and their typically longer approval process, can risk a mismatch between design capacity and real demand at the time of execution. In other words, longer timescales diminish the accuracy of demand predictions—leading to either excess capacity and capital expense or insufficient capacity and unmet demand. The cloud approach shortens this timescale, allowing organizations to more closely match their needs and do so with greater speed and efficiency.
Challenges and design considerations
While the motivations may be clear, the mechanisms for achieving cloud-like ease of use on-premise are less immediately obvious. How do organizations achieve rapid deployment and operational flexibility when faced with the complexity of managing hardware, virtualization platforms, and application stacks—all while simultaneously satisfying business, reliability, security, and performance objectives? Automation is essential, but where and how will it be used? Hardware and software architecture matters, but what matters most?
A cloud-like, on-premise infrastructure solution for SAP HANA must include:
- Scalable, modular pools of hardware.
- Automated provisioning of hardware and virtual machines.
- Automated deployment and configuration of operating systems and application stacks.
- Closed-loop and online monitoring of infrastructure health.
- Simplified license management.
- A centralized and easy-to-use control plane.
- Security-conscious design.
In addition to being SAP-certified, server hardware for cloud-like, on-premise infrastructures must be modular and support flexible provisioning of storage, compute, and network resources. Flexible allocation options enable fungible treatment of these resources. This flexibility makes it faster and easier to add or remove resources to accommodate demand changes or hardware failures. The net result is shorter downtimes and better matching of capacity to demand.
HPE and Red Hat considered the solutions life cycle from deployment up to day 2 management. Preexisting Red Hat Ansible Automation Platform roles for the SAP domain (e.g., SAP HANA deployment automation) allow fast development and adjustment of deployment automation; update, upgrade, and patching automation; and configuration changes. Many of these roles are now packed into and supported with Red Hat Enterprise Linux® for SAP Solutions. Additional roles are available via Ansible Galaxy for the SAP domain and also for the broader enterprise. Roles aggregate discrete tasks required to achieve an objective. This packaging makes for easier consumption or reuse, and it provides flexibility in playbook creation. For example, the Network Time Protocol role will install the software package, configure the service, ensure automatic start, and launch the service immediately, combining 4 tasks into one role. While Red Hat ships system-related roles within Red Hat Enterprise Linux, many more roles can be found in Ansible Galaxy. Ansible roles and playbooks will then be used for day one deployment, covering automation from the hardware through the infrastructure software, such as a SAP HANA database.
Moving to day 2, continuous monitoring and predictive analyses become key to avoiding outages and downtime. Red Hat Insights and HPE InfoSight utilize the complete knowledgebase of Red Hat and HPE to predict issues and provide remediation options, often by providing Ansible Playbooks.
Red Hat Ansible Automation Platform provides the needed mechanisms to facilitate remediation, automate updates, and deploy patches and upgrades. The aforementioned roles will be reused to create the required playbooks. Ansible Automation Platform allows the predictable, reproducible outcomes of these changes with minimal downtime. In addition, control interfaces present subscription management, security, and general patch status as well as life-cycle management capabilities aligning with SAP life-cycle environments. These combined capabilities allow IT teams to quickly execute maintenance or upgrades and assist in meeting infrastructure availability, performance, and security objectives.
Security and compliance cannot be afterthoughts in on-premise, cloud-like infrastructures. Any solution must be able to meet client-defined security objectives and SAP requirements and must incorporate generally accepted industry best practices, such as auditability, role-based access control (RBAC), and user management. In addition, a robust solution requires mechanisms for security-related updates to operating systems and application stacks.
A key feature of the cloud experience is the centralized self-service dashboard and control. Capturing this benefit on-premise requires minimizing the number of control surfaces and ensuring they are intuitive, easy to use, and capable of automated provisioning and deployment. Centralizing status and control—especially when augmented with analytics, compliance, and policy features—mediates common risks such as misconfiguration, hardware failure, and lapses in security updates.
Ultimately, a solution for SAP deployment and infrastructure management must satisfy all of these goals concurrently. It makes little sense to achieve scalability but sacrifice security, incorporate system health monitoring without remediation support, or build around automation that requires more effort than the equivalent manual process. Thus, the cloud-like experience necessarily derives from well-thought-out automation across the infrastructure and application stack paired with modular, scalable hardware, closed-loop monitoring, hands-off remediation, and license management with SAP expertise built in.
The blueprint pairs HPE Synergy Composable Infrastructure with several HPE and Red Hat technologies to create an automated, cloud-like infrastructure for SAP deployments. HPE Synergy Composable Infrastructure—optionally with GreenLake Flex Capacity—provides modular, bladed capacity for storage, compute, and network resources. Red Hat Virtualization provides the efficient resource allocation benefits of virtual machines. The blueprint uses Red Hat Enterprise Linux for SAP Solutions as the operating system. Red Hat Ansible Automation Platform automates many aspects of the blueprint, while HPE OneView, Red Hat Insights, and Red Hat Satellite provide provisioning, predictive maintenance, and subscription management, respectively. The blueprint’s SAP application stack includes SAP components and SAP-powered business applications, such as SAP HANA and SAP S/4HANA.
HPE Synergy Composable Infrastructure
HPE Synergy Composable Infrastructure supports current and future SAP applications across diverse infrastructure requirements and service-level objectives. HPE Synergy is designed for infrastructure automation and incorporates extensible management through a unified application programming interface (API), providing support for today’s IT workloads and emerging technologies over the next decade. With composable bladed infrastructure options for any SAP workload, HPE Synergy improves on traditional infrastructure by embracing software-defined infrastructure concepts, making the hardware layer an extension of the software layer.
The HPE Synergy architecture consists of servers, storage, network fabric, and the Synergy frame itself. The frame holds the other components and provides embedded management. HPE Synergy compute nodes with flexible input/output (I/O) options provide compute for demanding workloads. For networking, HPE Synergy supports converged networks via its proven Virtual Connect technology.
HPE Synergy GreenLake
HPE GreenLake for SAP HANA—an optional component of this blueprint—is an on-premise hardware subscription service with pay-as-you-use pricing. In contrast to traditional on-premise infrastructure, HPE GreenLake readily scales to meet fluctuating demand, and businesses pay only for the capacity used, not the capacity deployed. Installed and monitored by HPE Pointnext Services, HPE GreenLake for SAP HANA can simplify initial deployment even further than the blueprint could otherwise, and may be an attractive alternative for enterprises or businesses with capital expenditure limitations.
Red Hat Virtualization
While bare metal servers are ideal for high-performance SAP applications such as SAP HANA, other components in this blueprint are best deployed to virtual machines. The blueprint uses Red Hat Virtualization as the virtualization provider, offering more effective utilization of hardware resources, greater flexibility, and a straightforward user interface. Moreover, the incorporated representational state transfer (REST) API enables programmatic access and facilitates integration with IT automation and orchestration tools.
HPE Synergy Composer with HPE OneView
HPE Synergy Composer provisions HPE Synergy Composable Infrastructure hardware. Powered by HPE OneView, Synergy Composer uses a template-driven approach to deploying and provisioning compute, storage, and network resources, as shown in Figure 2. This approach minimizes human interaction and provides consistent deployment.
HPE InfoSight uses artificial intelligence to synthesize and analyze sensor information from HPE Composable Infrastructure to proactively monitor for hardware failures. This feature allows HPE to predict failures and even ship replacement hardware before hardware faults occur, which helps avoid critical service interruptions and keeps on-premise infrastructure online.
Red Hat Satellite
Red Hat Satellite provisions operating systems to bare metal or virtual machines via preboot execution environment (PXE) or discovery images. It is also capable of provisioning to public cloud instances. Once a server is provisioned, Red Hat Satellite takes care of subscription management, patching, and updating according to the host’s life-cycle stage.
Typical SAP landscapes have 2 or 3 preproduction environments in addition to the production environment to test out SAP-related patches, develop proprietary code, repair SAP code, or mirror upstream release stages. Red Hat Satellite adopts the same stages and promotes Red Hat software through them to ensure robust life-cycle management and repeatable deployment.
Red Hat Ansible Automation Platform
Red Hat Ansible Automation Platform accelerates deployment of SAP services to provide a cloud-like experience by reaching out to HPE OneView, Red Hat Virtualization’s REST API, Red Hat Satellite, and the operating system itself to ensure proper installation and configuration of services and components in the blueprint. While highly automated and standardized, this process allows enough flexibility to be shaped by unique design objectives.
Red Hat Ansible Automation Platform is a foundation for building and operating automation across an organization. The platform includes all the tools needed to implement enterprise-wide automation, including Red Hat Ansible Engine, a powerful, agentless automation framework for most IT environments, and Red Hat Ansible Tower, which helps teams manage complex multitier deployments by adding control, knowledge, and delegation to Ansible-powered environments.
In addition, Automation Analytics runs analytics across multiple Ansible Tower clusters, analyzing usage, uptime, and execution patterns across different teams running Ansible. Users can analyze, aggregate, and report on data around their automation and how that automation is running in their environment. Automation Analytics provides a visual dashboard, health notifications, and organizational statistics across different teams using Ansible. These capabilities allow teams to analyze, aggregate, and report on data for Ansible deployments, and to visualize automation status.
Red Hat Insights
Red Hat Insights rounds out the blueprint’s software with predictive analytics and reporting on issues that affect performance, availability, stability, and security. Red Hat Insights integrates seamlessly with Red Hat Ansible Tower and Red Hat Satellite to provide visibility and automated remediation of detected issues.
Initial setup and preparation of the blueprint is straightforward:
- Servers are racked and cabled.
- IP addresses are assigned.
- HPE Synergy blade systems’ networking and storage are configured.
- Server profile templates are created.
- Red Hat Virtualization is installed on three or more blade servers.
- Virtual machine templates are created in Red Hat Virtualization to enable rapid deployment of new virtual machines.
- Supporting services such as Red Hat Virtualization Manager, Red Hat Ansible Tower, and Red Hat Satellite are installed in virtual machines.
- Integrations for Red Hat Insights and Red Hat Satellite are enabled in Red Hat Ansible Tower.
- The remaining bare metal is then provisioned, when needed, using Red Hat Satellite.
The process for deploying SAP HANA, SAP S/4HANA, or other SAP components follows a similar progression. Depending on whether an organization is deploying to bare metal, virtual machines, or a cloud instance2, the process will vary slightly in its initial steps but will converge for the last 3 steps (see Figure 3). This differentiation is only visible to the user when selecting a deployment option from one of these 3 alternatives within the Ansible Tower web interface. The technical differences are largely hidden from view and the user only sees that this process is automated.
Figure 3 depicts a simplified overview of the process for deploying SAP components. For bare metal deployment, hosts are prepared using HPE Synergy Composer (1a). Alternatively, a virtual machine may be created (1b), or a public cloud instance may be instantiated (1c). Afterwards, Red Hat Enterprise Linux is installed at the request of Red Hat Ansible Automation Platform either by Red Hat Satellite or Red Hat Virtualization template image (2a, 2b, or 2c). The host’s Red Hat Enterprise Linux operating system is configured in accordance with relevant SAP Notes (3) using Red Hat-provided playbooks that translate the text descriptions of SAP Notes into usable automation. From there, Red Hat Ansible Automation Platform uses predefined playbooks for SAP to install (4) and configure (5) SAP applications.
Infrastructure deployment with HPE OneView templates
In this blueprint, HPE Synergy Composer with HPE OneView handles infrastructure deployment. HPE OneView supports HPE’s broad portfolio of servers, storage, and networking solutions. Designed with a modern, standards-based API, HPE OneView helps users deploy faster through integration into Red Hat Ansible Automation Platform and integrations with a broad ecosystem of other third-party management services and tools.
HPE OneView takes a template-driven approach to deploying, provisioning, updating, and integrating compute, storage, and networking infrastructure. This template-based approach simplifies the distribution of configuration changes across the datacenter. When combined with the right management tools, as in this blueprint, HPE OneView helps businesses better manage their core-to-cloud workloads.
Operating system deployment
Red Hat Satellite’s sophisticated provisioning tooling provides different levels of predefinition and enables users to customize provisioning of each individual host. It includes an integrated PXE environment for PXE-based deployment and discovery images when PXE-less deployment is preferred. Keying host definition in Red Hat Satellite with host media access control (MAC) addresses creates a reliable and fully automated workflow for creating virtual machines or provisioning bare metal servers.
In addition to Red Hat Satellite, operating systems may be installed quickly using Red Hat Virtualization template images. These images are defined once and reused when deploying new virtual machines. As with the Red Hat Satellite process, this enables rapid deployment of consistent and repeatable operating environments in which to deploy SAP applications and related supporting services and software.
Predefined Ansible roles and playbooks handle deployment of SAP applications, including SAP HANA and SAP S/4HANA. IT administrators need only provide a few infrastructure details—such as credentials and IP addresses—and Red Hat Ansible Automation Platform takes care of the rest. With SAP Notes already factored in, these playbooks and roles consistently deliver fully compliant SAP deployments.
Maintenance and continuing operations
Beyond initial deployment, this blueprint includes technologies that increase robustness, simplify maintenance, and streamline operations throughout the deployment life cycle. HPE InfoSight and Red Hat Insights provide proactive assessment of issues that affect security, performance, availability, and more using the extensive knowledgebases of HPE and Red Hat. Fueled by artificial intelligence and active monitoring, HPE InfoSight and Red Hat Insights identify and eliminate many common issues before they become problems. Red Hat Insights also incorporates SAP Notes recommendations and requirements to remediate many issues. These tools complement SAP EarlyWatch Alert, which provides monitoring of SAP software and components. The net effect of these tools is a resilient SAP infrastructure monitored at many levels to reduce unnecessary downtime and avoid issues with availability and performance.
Features and benefits
Scalability through composability and automation
This blueprint achieves cloud-like scalability through the partnership of Composable Infrastructure with targeted automation. Hardware may be mixed and matched, torn down, and rebuilt repeatedly. When hosts can be undeployed, reconfigured, regrouped, or redeployed in mere minutes, the entire infrastructure becomes fluid and malleable. Demand and capacity mismatches become far less likely, and maintenance of on-premise infrastructure acquires the ease of use of public cloud infrastructure. However, without both critical elements (composability plus automation), the cloud-like experience is difficult to achieve. This blueprint eliminates these scenarios by pairing HPE Composable Infrastructure with the automation capabilities of Red Hat Ansible Automation Platform, HPE OneView, and Red Hat Satellite.
Automation that is better together
Success requires that automation incorporate capabilities for deploying and configuring the entire stack from initial deployment to eventual decommissioning. In the blueprint, this is made possible by integrating multiple HPE and Red Hat management technologies with Red Hat Ansible Automation Platform.
Red Hat Ansible Automation Platform and HPE Oneview
Tight integration between Red Hat Ansible Automation Platform and HPE Synergy Composer with HPE OneView creates a cloud-like deployment and management experience. HPE OneView delivers a unified API that provides a single interface to discover, catalog, configure, provision, update, and diagnose Composable Infrastructure in a heterogeneous environment. This fully programmable interface integrates into Red Hat Ansible Automation Platform through a series of HPE-maintained Ansible modules. Combined with predefined HPE OneView templates for SAP, this arrangement enables rapid deployment of entire SAP application stacks on SAP-certified hardware.
Red Hat Ansible Automation Platform and Red Hat Satellite
Red Hat Satellite and Red Hat Ansible Automation Platform integrate in 2 primary ways. First, Red Hat Satellite acts as a dynamic inventory provider, meaning that it enables Red Hat Ansible Tower to discover hosts provisioned or known to Red Hat Satellite. Second, Red Hat Satellite provides provisioning callback functionality that lets Red Hat Satellite provisioning trigger (via callbacks) the execution of Ansible Playbooks to deploy software to the newly provisioned host.
Red Hat Ansible Automation Platform and Red Hat Insights
Red Hat Insights integrates with Red Hat Ansible Automation Platform to provide issue visibility and remediation from directly within the Red Hat Ansible Tower user interface. Administrators may create “scan project” job templates, run those jobs, and view scan results on a host-by-host basis, either from directly within the Red Hat Ansible Tower user interface or through a link to the Red Hat Insights web portal. It is possible to remediate identified issues for the entire inventory or for individual hosts through the Red Hat Ansible Tower user interface.
Red Hat Ansible Automation Platform and HPE InfoSight
HPE InfoSight may be integrated with Red Hat Ansible Automation using HPE InfoSight’s RESTful API. This integration allows businesses to craft fault-tolerant architectures that automatically migrate, reprovision, or redistribute workloads to healthy hardware. This type of self-healing architecture strengthens infrastructure against occasional failures, reducing expensive downtime.
Simplified management interfaces
While this blueprint includes several self-sufficient front ends, such as HPE OneView, Red Hat Insights, HPE InfoSight, Red Hat Satellite, and Red Hat Ansible Tower, the elegance of the solution is that these functionalities are all integrated, and may be accessed through Red Hat Satellite or Red Hat Ansible Tower. This capability reduces the number of control surfaces to a couple of easy-to-use interfaces for all deployment and ongoing maintenance operation, bringing one of the core benefits of public cloud to on-premise infrastructure.
When including optional HPE GreenLake for SAP HANA, this blueprint may offer better economics than public cloud deployment. Combined with the HPE GreenLake for SAP HANA hardware subscription service, this blueprint allows companies to deploy on-premise infrastructure on demand through a pay-per-use model.
Certified and trustworthy SAP expert support
This blueprint comes with SAP expert support that businesses can trust, benefiting from 20- and 30-year SAP partnerships and co-innovation to ensure a smooth experience during initial deployment and throughout the infrastructure’s lifetime. HPE and SAP have shared a collaborative partnership for 30 years, and 46% of all SAP licenses run on HPE hardware.3 This blueprint is fully tested, fully SAP-certified, easy to start, easy to maintain, and backed by proven technologies from market leaders: Red Hat, which accounts for 78% of Linux operating systems and subsystems functional market revenue, and HPE.4
Extending this blueprint
High availability, disaster recovery, and zero downtime
Organizations can easily extend this architecture to provide high availability and disaster recovery features. The high availability functionality of Red Hat Virtualization will cover many use cases easily. SAP system replication, in combination with Red Hat Enterprise Linux High Availability or HPE Serviceguard, provides robust high availability service. The setup can also be integrated into the automated deployment process, providing yet another level of uptime without manual hassle.
The HPE Primera storage incorporated in this blueprint allows users to build out storage reliably and with strong uptime guarantees. Redundant power, flash storage, and fabric eliminate all single points of failure. In addition, online maintenance procedures remove downtime and disruption. Disaster recovery is simplified with multisite replication, and risk of data loss is reduced to almost zero.
HPE Pointnext Services has extensive experience in deploying highly available SAP infrastructures and can quickly guide businesses to the right solution for their high availability and disaster recovery concerns.
Scaling up, not out, with HPE Superdome Flex
For many applications, scaling usually means scaling out by adding more servers. For high-performance SAP software such as SAP S/4HANA, scaling up individual servers is preferable. Rather than add more complete compute units, users would add more central processing unit (CPU) sockets and memory. With traditional infrastructure options, this means buying a new server with more CPU sockets or memory slots and the CPUs and memory modules to accompany them.
HPE Superdome Flex presents another alternative designed for business-critical environments. HPE Superdome Flex is a uniquely modular x86 platform that delivers an unmatched combination of performance, flexibility, and availability. The server supports 4 to 32 sockets in 4-socket increments and 768GB to 48TB of memory. The platform acts as a single logical node and provides an incremental pathway to scaling up rather than scaling out. When incorporated into the blueprint, this intrinsic scalability accommodates every deployment size from small proofs of concept up to enterprise-level behemoths.
Automate everything: Extending Ansible to the rest of the enterprise
While the primary role of Red Hat Ansible Automation Platform in this blueprint is to deploy infrastructure and SAP applications, it may also be used to deploy custom applications or automate other IT operations. With rich out-of-the-box capabilities provided by core modules and community contributions, Red Hat Ansible Automation Platform easily automates most IT tasks — from configuration management to security and compliance. Bringing the full stack under the management of a single tool further minimizes the number of control surfaces IT teams need to manage while helping to streamline IT operations.
This automated, on-premise SAP deployment blueprint from Red Hat and HPE enables rapid, efficient deployment of a fully certified SAP infrastructure. With a software-defined infrastructure, organizations can quickly scale and adapt to changing conditions. The collective SAP expertise and collaborative investments that HPE and Red Hat have built into this blueprint simplify operations across the life cycle of the deployment and bring the cloud experience to on-premise datacenters. Completing the solution with HPE GreenLake for SAP HANA, businesses can better match capacity with demand and achieve cloud-like cost scaling on site.
This blueprint serves as a flexible foundation, easily adapting to suit business needs of any scale. Using HPE Composable Infrastructure, it readily accommodates a range of needs, from smaller businesses that require just a few HPE ProLiant servers all the way up to large enterprises with performance-critical workloads running on HPE Superdome Flex. Red Hat Ansible Automation Platform scales equally well, ensuring fast and flexible deployment on single servers and large clusters.
Ultimately, the blueprint gives businesses more choice in how they meet their SAP objectives, supporting the deployment of SAP technologies and other applications to bare metal, virtual machines, or even public cloud depending on application and business requirements. Through Red Hat Ansible Automation Platform, the blueprint offers integration with a wide array of existing public cloud resources or private infrastructure. With this blueprint based on SAP-certified offerings from Red Hat and HPE, customers can grow efficiently and innovate quickly.
Additional resources on the technologies used in this blueprint:
SAP corporate fact sheet, April 2020.
The blueprint does not include public cloud services, but management of public cloud instances can be easily integrated
into the environment.
HPE website, “HPE|SAP alliance page.” Accessed May 2020.
IDC, “The business value of Red Hat solutions and cost relationship to unpaid alternatives.” Sponsored by Red Hat. Document #US45045719. July 2019.