SAP HANA Deployment Guide

This deployment guide shows you how to deploy SAP HANA systems on Google Compute Engine, which is part of Google Cloud Platform (GCP). The guide helps you configure Compute Engine, persistent disks, and the SUSE Linux Enterprise Server (SLES) operating system, to achieve the best performance for your SAP HANA system. The guide incorporates best practices from Compute Engine and SAP.

About GCP

GCP consists of many cloud-based services and products. When running SAP HANA on GCP, you mainly use the IaaS-based services offered through Google Compute Engine, Cloud Networking, and Google Cloud Storage, as well as some platform-wide features, such as tools.

We recommend that you start by reading the Platform Overview. That guide introduces you to some important concepts and terminology. Some of the information in the Platform Overview is repeated in this guide, for both convenience and providing appropriate context.

For an overview of considerations that enterprise-scale organizations should take into account when running on GCP, you can refer to Best Practices for Enterprise Organizations.

About SAP HANA on GCP

SAP HANA is an in-memory, column-oriented, relational database that provides high-performance analytics and real-time data processing. At the core of this real-time data platform is the SAP HANA database. Customers can leverage ease of provisioning, highly scalable, and redundant GCP infrastructure capabilities to run their business critical workloads. GCP provides a set of physical assets, such as computers and hard disk drives, and virtual resources, such as Compute Engine virtual machines (VMs), located in Google data centers around the world.

When you deploy SAP HANA on GCP, you deploy to virtual machines running on Compute Engine. Compute Engine VMs provide persistent disks, which function similarly to physical disks in a desktop or a server, but are automatically managed for you by Compute Engine to ensure data redundancy and optimized performance.

GCP services

The deployment guide utilizes the following GCP services.

Service Description
GCP Networking Connects your VM instances to each other and to the Internet. Each instance is a member of either a legacy network with a single global IP range, or a recommended subnet network, where the instance is a member of a single subnetwork that is a member of a larger network. Note that a network cannot span GCP projects, but a GCP project can have multiple networks.
Compute Engine Creates and manages VMs with your choice of operating system and software stack. Provides high availability and recovery for improved recovery-point objective (RPO) and recovery-time objective (RTO) capabilities, with reduced cost.
Persistent Disks Persistent disks are available as either standard hard disk drives (HDD) or solid-state drives (SSD). Use one of the supported VM types with a volume sized at 1.7 TiB for data and log files. For more information, see the SAP HANA on GCP operations guide.
Google Cloud Platform Console Browser-based tool for managing Compute Engine resources. Use a template to describe all of the Compute Engine resources and instances you need. You don't have to individually create and configure the resources or figure out dependencies, because the Cloud Platform Console does that for you.
Google Cloud Storage Backup your SAP HANA database backups into Cloud Storage for added durability and reliability, with replication. For more information, see the SAP HANA on GCP operations guide.
StackDriver Monitoring Provides visibility into the performance, uptime, and health of SAP HANA, Compute Engine, network, and persistent disks.

Stackdriver collects metrics, events, and metadata from GCP and uses these to generate insights through dashboards, charts, and alerts. You can monitor the compute metrics at no cost through StackDriver Monitoring.
Cloud IAM Provides unified control over permissions for GCP resources. Control who can perform control-plane operations on your SAP HANA instances, including creating, modifying, and deleting VMs and persistent disks, and creating and modifying networks.

Resource requirements

VM types

The following VM types are officially supported by SAP for production use on GCP.

GCP Instance Type vCPU Memory(GiB) Operating System CPU Platform
n1-highmem-32 32 208 SLES 11 SP4
SLES 12 SP1
SLES 12 SP1 for SAP
Intel Broadwell
n1-highmem-64 64 416 SLES 11 SP4
SLES 12 SP1
SLES 12 SP1 for SAP
Intel Broadwell

Both instance types are supported for a scale-out scenario for production, with 3 additional worker nodes, totaling 4 nodes.

For more information about different instance types and their use cases, see machine types.

Storage configuration

SAP HANA is an in-memory database, so data is mostly stored and processed in memory. Protection against data loss is provided by saving the data to a persistent storage location.

To achieve optimal performance, the storage solution used for SAP HANA data and log volumes should meet SAP's storage KPIs. Google has worked with SAP to certify SSD persistent disks for use as the storage solution for SAP HANA workloads, as long as you use one of the supported VM types. VMs with 32 or more vCPUs and a 1.7 TiB volume for data and log files can achieve up to 400 MB/sec for writes, and 800 MB/sec for reads.

Storage for SAP HANA backup is configured with standard HDD persistent disks. Standard HDD persistent disks are efficient and economical for handling sequential read-write operations, but are not optimized to handle high rates of random input-output operations per second (IOPS). SAP HANA uses sequential IO with large blocks to back up the database. Standard HDD persistent disks provide a low-cost, high-performance option for this scenario.

The SAP HANA backup volume size is designed to provide optimal baseline and burst throughput as well as the ability to hold several backup sets. Holding multiple backup sets in the backup volume makes it easier to recover your database if necessary. This deployment guide uses a 1 terabyte standard HDD persistent disk for local backup.

Memory configuration

See the supported VM types table.

Operating system configuration

See the supported VM types table.

For more information, see the SAP Note on supported operating systems.

Pricing and quotas

You are responsible for the costs incurred for using the resources created by following this deployment guide. Use the pricing calculator to help estimate your actual costs.

Quotas

If you have a new GCP account, or if you haven't asked for an increased quota, you will need to do so to complete this guide. View your existing quota , and compare with the following table to see what increase to ask for. You can then request a quota-limit increase.

Instance Type CPU Memory Standard PD SSD PD
n1-highmem-64 (4x) 256 416 GB (4x) 1056 GB (4x) 2.0 TB (4x)
Bastion/NAT gateway 1 3.75 GB 8 GB 0 GB
SAP HANA Studio 1 3.75 GB 50 GB 0 GB

Licensing

Running SAP HANA on GCP requires you to bring your own license (BYOL). For more information about SAP licensing, contact SAP.

Deployment architecture

SAP HANA supports single-node and multi-node architectures.

Single-node architecture

The following diagram shows the single-node architecture. In the diagram, notice both the deployment in GCP and the disk layout. You can use Cloud Storage to back up your local backups available in /hanabackup. This mount should be sized equal to or greater than the data mount.

Deployment Layout

Notice that the VM for SAP HANA has no public IP, which means it cannot be reached from an external network. Instead, the deployment uses a NAT bastion host and SAP HANA Studio for accessing SAP HANA. The SAP HANA Studio instance and the bastion host are deployed in the same subnetwork as the SAP HANA instance.

You provision a Windows host on which you install SAP HANA Studio, with the instance placed in the same subnetwork, and with firewall rules that enable you to connect to the SAP HANA database from SAP HANA Studio.

You deploy SAP HANA using a single-node, scale-up architecture that has the following components:

  • One Compute Engine instance (n1-highmem-32 or n1-highmem-64 type) for the SAP HANA database, with SSD persistent disks having a size greater than 1.7 terabytes, and a network bandwidth of up to 16 Gbps. The SSD persistent disk is partitioned and mounted with 1 terabyte for the mount /hana/data to host the data.

  • An optional, but recommended, subnetwork with a custom topology and IP ranges in the GCP region of your choice. The SAP HANA database and the other Compute Engine instances are launched within this subnetwork. You can use an existing subnetwork for SAP HANA.

  • An optional, but recommended, Internet gateway configured for outbound Internet access for your SAP HANA and other instances. This guide assumes you are using this gateway.

  • Compute Engine firewall rules restricting access to instances.

  • Persistent disk, standard 1 terabyte for backup of SAP HANA database.

  • Compute Engine VM, n1-standard-2, with Windows OS to host SAP HANA studio.

  • Compute Engine VM, n1-standard-1 as a bastion host.

  • Automated SAP HANA database installation with a configuration file that you create.

  • SAP HANA Studio.

Multi-node architecture

The following diagram shows the multi-node architecture, which is described in the guide.

Multi-node architecture diagram.

This guide shows you how to set up a multi-node architecture.

As the workload demand increases, especially when using OLAP, a multi-node (up to 4 nodes), scale-out architecture can distribute the load across all nodes.

The scale-out architecture consists of one master node and number of worker nodes. They are inter-connected through a network with a capacity up to 16 Gbps. Each node has its own /hana/data, /hana/log, /usr/sap volumes on SSD persistent disks, which provide consistent, high IOPS, IO services. The master node also serves as an NFS master for /hana/shared and /hanabackup volumes, which is mounted on each worker node. Compute Engine's live migration and automatic instance restart features provide for high availability. For more information, see the SAP HANA Operations Guide.

In the event of a live migration or automatic instance restart event, the protected-persistent-storage-based /hana/shared and /hanabackup volumes can be back online as soon as an instance is up.

Backing up directly to Cloud Storage buckets by using Cloud Storage FUSE is currently not supported. However, if you want to utilize this functionality, you can mount your Cloud Storage volumes to /hanabackup_gcs and create a script to schedule the movement of your backups from /hanabackup to /hanabackup_gcs.

You deploy SAP HANA on a multi-node scale-out architecture with the following components:

  • Deploy one Compute Engine instance (n1-highmem-32 or n1-highmen-64 type), defining the setup script as detailed later in this guide. This script creates the additional required virtual instances and automatically adds the required SSD and HDD storage to each host, mounted in the correct location. It creates a central NFS location for the shared HANA binaries and /hanabackup location. Finally it automatically installs SAP HANA across the entire cluster.

  • An optional, but recommended, subnetwork with a custom topology and IP ranges in the GCP region of your choice. The SAP HANA database and the other Compute Engine instances are launched within this subnetwork. You can use an existing subnetwork if you prefer.

  • Optional Internet gateway configured for outbound Internet access for your SAP HANA instance and other instances. This guide assumes you are using this gateway.

  • Optional Compute Engine VM: n1-standard-2 with Windows operating system to host SAP HANA Studio.

  • Optional Compute Engine VM: n1-standard-1 as a bastion host.

  • Compute Engine firewall rules to restrict access to Compute Engine instances.

Deploying SAP HANA on GCP

This section shows you how to deploy a 4-node SAP HANA installation on GCP.

Set up your Google Cloud account

A Google account is required to work with GCP.

  1. Sign up for a Google account if you don't already have one.
  2. Log in to the Google Cloud Platform Console, and create a new project.
  3. Enable your billing account.
  4. Configure SSH keys so that you are able to use them to SSH into your Compute Engine instances. Use the gcloud tool to create a new SSH key, or, if you already have an existing SSH key, use the gcloud tool to format your existing SSH keys.
  5. Use the gcloud tool to add the SSH keys to your project metadata. This allows you to access any Compute Engine instance created within this project, except for instances that explicitly disable project-wide SSH keys.

    Instead of using the gcloud command line tool, you can create and add SSH keys by using the Cloud Platform Console

    OPEN THE METADATA PAGE.

Setting up networking and VPN

Create a custom Google Cloud Network to host your SAP HANA database environment.

  1. Use the Cloud Shell to execute the following gcloud commands.

    OPEN THE CLOUD SHELL

  2. Run the following commands:

    export NETWORK_NAME="sapnetwork1"
    export REGION="us-west1"
    export CIDR="10.1.0.0/24"
    export SUBNET=${NETWORK_NAME}-${REGION}

    gcloud compute networks create $NETWORK_NAME --mode custom
    gcloud compute networks subnets create $SUBNET --network $NETWORK_NAME --region $REGION --range $CIDR

    These commands create a custom network and a subnet with a CIDR IP range of 10.1.0.0/24 in zone us-west1. You can customize this IP range and region. Consider choosing the region closest to your data center or corporate network, which can help reduce network latency between systems running on GCP and the systems and users on your corporate network.

    Note that this example uses the default routes when creating the network. The default routes allow VMs within the network to communicate by using the private IP. The default also provides a route to the default Internet gateway for any other IP.

    Also note that there is a soft limit of 5 on the number of networks you can create, but you can exceed this limit by requesting quota increase.

  3. Add firewall rules. If you are connecting your network to the Google Cloud Network by using VPN, you'll need to add firewall rules to the network.

    gcloud compute firewall-rules create ${NETWORK_NAME}-internal  --network $NETWORK_NAME --allow tcp:0-65535,udp:0-65535,icmp --source-ranges $CIDR
    gcloud compute firewall-rules create ${NETWORK_NAME}-ssh --network $NETWORK_NAME --allow tcp:22,tcp:3389,icmp

Create the NAT gateway.

Next, create a NAT gateway. This guide assumes you complete this step. In your production setup, you could choose to skip this step if you plan to assign an external, public IP address for your SAP HANA instance.

  1. From the Cloud Shell, invoke the following commands.

    OPEN THE CLOUD SHELL

    export NETWORK_NAME="sapnetwork1"
    export ZONE="us-west1-a"
    export TAG="private-hana-instance"
    export REGION="us-west1"
    export SUBNET=${NETWORK_NAME}-${REGION}

    gcloud compute instances create ${NETWORK_NAME}-nat-gateway --can-ip-forward  --zone $ZONE --image-family debian-8  --image-project debian-cloud  --subnet $SUBNET --metadata startup-script="sysctl -w net.ipv4.ip_forward=1; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE" --tags nat
    gcloud compute routes create ${NETWORK_NAME}-priv-internet-route --network $NETWORK_NAME --destination-range 0.0.0.0/0 --next-hop-instance ${NETWORK_NAME}-nat-gateway --next-hop-instance-zone $ZONE --tags $TAG --priority 800

    These commands create a Compute Engine VM in the same subnetwork you created in the earlier step, with a route for a VM tagged with private-hana-instance, to route traffic through the NAT instance instead of the default Internet gateway. Note this tag because you must use it later when you create an SAP HANA instance.

  2. Set up the VM as a bastion host by allowing inbound SSH access into this instance from the Internet:

    gcloud compute firewall-rules create ${NETWORK_NAME}-allow-ssh --network $NETWORK_NAME --allow tcp:22 --source-ranges 0.0.0.0/0 --target-tags "nat"
    

    Note that this command specifies a target tag for this inbound rule. This target tag is used so the firewall rule applies only to the instance that has that tag and not to all instances in the network. That is, because the NAT instance is created with the tag nat, the above command applies the firewall rule only to this NAT instance.

Download SAP HANA

Unless you have already extracted the SAP HANA binaries to a Cloud Storage bucket, download SAP HANA now:

  1. Log into the SAP support portal.

    If your SAP Support Portal account does not allow access to the software and you believe that you should be entitled to the software, contact the SAP Global Support Customer Interaction Center.

  2. In the left navigation pane, choose Installation and Upgrades.

  3. Choose A – Z index. 0 In the Installations and Upgrades window, choose H.
  4. Choose SAP HANA Platform Edition from the list.
  5. Choose SAP HANA Platform Edit. 1.0 or 2.0.
  6. Choose Installation.
  7. In the Downloads windows, find the revision you wish to download and download each file directly to your local drive.
  8. Use the Cloud Platform Console to Create a Cloud Storage bucket for storing the SAP HANA installation files. Note that the bucket name must be unique across GCP.

    • During bucket creation, choose Regional if you plan to create SAP HANA instances in a single region.

      Creating Buckets

    • If you are creating SAP HANA instances in other regions in the same continent, choose Multi-Regional for your storage class. If you are not sure, choose Multi-Regional.

  9. Configure bucket permissions. By default, as owner of the bucket, you have read-write access to the bucket. If you want, you can allow other members in your group or individual users to access your bucket, as shown here:

    Bucket Permissions

  10. In the Cloud Platform Console, in the Cloud Storage bucket page, choose Upload Files to upload the software to your bucket from your local media:

    Upload Files

  11. Note the name of the bucket that you uploaded the binaries to. You need to use it later when you install SAP HANA.

  12. Create a text file named install.cfg, which is used later by an install script to configure your SAP HANA installation, and add the following lines:

    [Server]
    # SAP HANA System ID
    sid=[SID]
    
    # Instance Number
    number=00
    
    # SAP Host Agent User (sapadm) Password
    sapadm_password=[SAPADM_PASSWORD]
    
    # System Administrator Password
    password=[SYSTEM_ADMIN_PASSWORD]
    
    # Database User (SYSTEM) Password
    system_user_password=[SYSTEM_PASSWORD]
    
    Restart system after machine reboot? ( Default: n )
    autostart=y
    

    Replace [SID] with an existing SAP System ID, or with a compliant string such as H1D. Replace the three password fields with existing or newly-generated values.

  13. Upload install.cfg to the root of the bucket you created.

  14. Delete the install.cfg file from your local machine as a security precaution, because it contains password information.

Creating a VM with SAP HANA installed

The following instructions create an SAP-certified n1-highmem-64 instance with all of the required disk configuration and install SAP HANA. Please refer to pricing section to understand the costs.

  1. Navigate to Cloud Shell.

    OPEN THE CLOUD SHELL

  2. Set the follow environment variables. Replace [YOUR_BUCKET] with your bucket name, and [YOUR_PROJECT] with your project ID.

    export INSTANCE_NAME="saphana01"
    export MEDIA_BUCKET="[YOUR_BUCKET]"
    export NETWORK_NAME="sapnetwork1"
    export REGION="us-west1"
    export SUBNET=${NETWORK_NAME}-${REGION}
    export INSTANCE_TYPE="n1-highmem-64"
    export ZONE="us-west1-a"
    export ADDITIONAL_NODES="3"
    export SLES_IMAGE=$(gcloud compute images list --project "[YOUR_PROJECT]"| grep sles | grep sap | awk '{ print $1 }' | grep -i sp1 | head -1)
    

    Setting ADDITIONAL_NODES to 3 deploys 4 instances, and creates a HANA scale-out cluster.

  3. Create the instances:

    gcloud compute instances create "$INSTANCE_NAME" --machine-type $INSTANCE_TYPE --subnet "$SUBNET" --zone "$ZONE"  --metadata "hana_media=$MEDIA_BUCKET,startup-script=curl https://storage.googleapis.com/saphana/deploy | bash -s $ADDITIONAL_NODES" --image "$SLES_IMAGE" --image-project "suse-sap-cloud" --boot-disk-size "32" --boot-disk-type "pd-standard" --boot-disk-device-name "$INSTANCE_NAME" --scopes "https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/devstorage.read_write"
    

    The above command specifies a startup script that initates after VM creation completes. The script downloads the SAP HANA software from your bucket, and installs the software using the values specified in install.cfg. The script takes approximately 10 to 15 minutes to complete.

Verifying the SAP HANA installation

  1. After approximately 15 minutes has passed, navigate to the Storage Browser.

    OPEN THE STORAGE BROWSER

    Click the name of your bucket to access the contents.

  2. Look for a logs/ folder. If the folder does not appear, click the Refresh text every minute until it does. The startup script creates this folder after the script completes. Click the logs/ folder to access the contents.

  3. Click the file name that appears in the directory.

  4. Read the output to ensure that no errors occurred. If you see a quota error, ensure you've followed the setup steps.

  5. From your Cloud Shell window, SSH into the VM and change to the root user.

    gcloud compute ssh saphana01 --zone us-west1-a

    sudo su -

  6. At the command prompt, enter df -h. Ensure that you see output similar to the following, such as the /hana/data directory.

    Data volumes created by the script.

  7. Change to the SAP admin user. Replace [SID] with the value from the install.cfg file.

    su - [SID]adm

  8. Ensure that SAP HANA services are running on the instance.

    HDB info
    

If any of the above validation steps show that the installation failed, delete the instance and the disks, then re-run the create instances command. You need to delete the logs folder in the Cloud Storage bucket before re-running the command, as the startup script does not create multiple log files.

Completing the SAP HANA installation

  1. Add tags to all instances, including the worker nodes:

    export INSTANCE_NAME="saphana01"
    export NETWORK_NAME="sapnetwork1"
    export ZONE="us-west1-a"
    export TAG="private-hana-instance"

    gcloud compute instances add-tags "$INSTANCE_NAME" --tags="$TAG" --zone=$ZONE
    gcloud compute instances add-tags "$INSTANCE_NAME"w1 --tags="$TAG" --zone=$ZONE
    gcloud compute instances add-tags "$INSTANCE_NAME"w2 --tags="$TAG" --zone=$ZONE
    gcloud compute instances add-tags "$INSTANCE_NAME"w3 --tags="$TAG" --zone=$ZONE

  2. Delete external IPs:

    gcloud compute instances delete-access-config "$INSTANCE_NAME" --access-config-name "external-nat" --zone=$ZONE
    gcloud compute instances delete-access-config "$INSTANCE_NAME"w1 --access-config-name "external-nat" --zone=$ZONE
    gcloud compute instances delete-access-config "$INSTANCE_NAME"w2 --access-config-name "external-nat" --zone=$ZONE
    gcloud compute instances delete-access-config "$INSTANCE_NAME"w3 --access-config-name "external-nat" --zone=$ZONE

Creating a Windows VM for SAP HANA Studio

  1. Use the Cloud Shell to invoke the following commands.

    OPEN THE CLOUD SHELL

    export NETWORK_NAME="sapnetwork1"
    export REGION="us-west1"
    export ZONE="us-west1-a"
    export SUBNET=${NETWORK_NAME}-${REGION}

    gcloud compute instances create "saphanastudio" --zone $ZONE --machine-type "n1-standard-2" --subnet $SUBNET --metadata "tag1=hanastudio" --image "windows-server-2012-r2-dc-v20170117" --image-project "windows-cloud" --boot-disk-size "100" --boot-disk-type "pd-standard" --boot-disk-device-name "saphanastudio"

    gcloud compute firewall-rules create ${NETWORK_NAME}-allow-rdp --network $NETWORK_NAME --allow tcp:3389 --source-ranges 0.0.0.0/0 --target-tags "hanastudio"

    The above commands create a Windows server in the subnetwork you created earlier, with a firewall rule to allow access to the instance through Remote Desktop Protocol(RDP). Although not shown in this guide, you can whitelist your customer IP address range in the firewall rules.

  2. Install SAP HANA Studio on this server.

Connecting to SAP HANA

Note that because these instructions don't use an external IP for SAP HANA, you can only connect to the SAP HANA instances through the bastion instance using SSH or through the Windows server through SAP HANA Studio.

  • To connect to SAP HANA through the bastion instance, connect to the bastion host, and then to the SAP HANA instance(s) by using an SSH client of your choice.

  • To connect to the SAP HANA database through SAP HANA Studio, use a remote desktop client to connect to the Windows Server instance. After connection, manually install SAP HANA Studio and access your SAP HANA database.

Performing post-deployment tasks

Before using your SAP HANA instance, we recommend that you perform the following post-deployment steps. For mor information, see SAP HANA Installation and Update Guide.

  1. For SLES operating systems on your SAP HANA instance, ensure that the Linux kernel version is at least 3.12.51 to avoid possible XFS corruption. If the kernel version is less than3.12.51, update the kernel to the minimum required version. See SAP OSS Notes 2205917 and 2246163.

  2. Update the SAP HANA software with the latest patches.

  3. Install any additional components such as Application Function Libraries (AFL) or Smart Data Access (SDA).

  4. Configure and backup your new SAP HANA database.

Support

Google Cloud Platform customers with Gold or Platinum Support can request assistance with SAP HANA provisioning and configuration questions on Compute Engine. You can find additional information about support options at the Google Cloud Support page.

You can also contact SAP support for SAP-related issues. SAP does the initial evaluation of the support ticket and transfers the ticket through to the Google queue if SAP considers it an infrastructure issue.

What's next

Monitor your resources on the go

Get the Google Cloud Console app to help you manage your projects.

Send feedback about...