Name: RMC Johnson
Solution: SAP ECC EHP7, SAP ECC PROD DB CI, SAP DEV, SAP QAS, SAP SOLMAN, SAP ROUTER, Oracle Database 11g.
OS: HP-UX 11.31
- During assessment we found
- RMC Database was on 11g which was out of support.
- Database compression was not enabled.
- Database parameters are not set as per SAP recommendation. As result client struggling with performance of SAP.
- SAP standard transaction was not up to the mark in proportion to H/W resource
- SAP Standard on modification of sap object was not in place.
- SAP Solution manager system was not in place.
- Some database files were having corruption.
- HP-UX system was not supported further after Dec 2020.
- Further to SAP roadmap of S/4HANA, HP-UX system is not supported.
- RMC has not much downtime window also they wanted to migrate and upgrade database in one go.
- SAP ECC DR Service was placed but was not working.
- SAP connection was not in place for any support from SAP.
SCOPE OF WORK
- Orient has to study the utilization of the current IT Infrastructure and propose cloud infra required to achieve desired SLA.
- Orient to prepare Migration Plan with minimum downtime.
- Orient to showcase working on cloud and build environment that can be verified before the migration process is carried out.
- Orient to build Project Plan with timelines.
- Data to be tiered to Archival storage based on timelines
- Orient has proposed a VPC in Mumbai Region with the following design
- Administrators will have access to relevant EC2 and S3 Buckets
- All DATA at rest will be encrypted using EBS and S3 Encryption
- The Backup will be managed by Snapshots and taken using Lambda Service at 12 hour intervals
- The Cloud Endure DR drill will be done once every 6 months
- Migrate SAP Systems using SAP Standard methods
- Orient will migrate Oracle database and SAP applications to Cloud
- The new OS is based on Intel and supported further for SAP roadmap S/4HANA.
- Migration to AWS cloud and database upgrade was done in one go.
- We manage to clear the database corruption in same procedure.
- As production database was having database corruption we created a parallel system and used for migration. Production system used as fall back plan.
- Database compressed on 19c by 55%. It helps to reduce the cost of storage.
- Speed of system has been increased enough to bring smile on RMC users face.
- DR system is placed using Cloud endure to minimise the RPO and RTO.
- Solution manager and SAP router system installed and configured. These ensure in case RMC need any urgent help from SAP then SAP will able to connect and access the system.
- Secure connection between user and SAP landscape has been setup to mitigate any unauthorised access of systems.
- A method of object modification has been placed after syncing the system.
Orient as part of the proposal has considered-
E-Mail and Communication Infrastructure be suitably replaced to reduce the total infra and license cost.
SAP Business Applications, other required Application Servers be replaced with similar infrastructure on AWS with Operating systems, databases upgrade.
Requirements for Critical Services:
- Backup will be automated and be done on S3 every 12 Hours
- VM Uptime guaranteed for 99.9% uptime.
- Data Loss in case of a disaster will not exceed 12 Hours.
- Virtual Machine – Recovery Time will not exceed 24 Hours in case of disaster.
- Dedicated Technical Account Manager will be assigned for any escalations.
- Data Migration and Migration of the applications to be taken care of within 30 days.
- Optimization will be done once the infrastructure becomes stable and will be an on-going activity every quarter.
- Data will remain in encrypted format at Rest in Cloud.
Orient as a part of the proposal considered and delivered the below list of AWS Service:
- AWS Elastic Compute Cloud (EC2) with Oracle Linux 7.6 and Suse Linux Enterprise 15 SP1 (SAP Router), Database- Oracle 19g, SAP ECC EH7, SAP Solution Manager 7.2.
- AWS Lambda
- AWS Virtual Private Cloud (VPC)
- Identity and Access Management (IAM)
- Fortinet Firewall and SSL VPN
- Cloud Endure DR
We have used the AWS EC2 instance for Application Server and Database Server.
AWS Lambda is used for automating the backup process. We created functions using python for automating the backup and deletion of backed up AMI.
AWS VPC is the service that provides a virtual private cloud network that functions similar to the traditional Datacenter network. It was used for deployment of database in the private subnet which making it not accessible over public internet. Applications deployed in public subnet inside VPC.
Fortinet Firewall is a highly secured and reliable firewall service via AWS . It was used for stringent firewall rules and SSL VPN access to multiple servers of SAP and non-SAP servers via secured connectivity of RMC JOHNSON employees from anywhere to RMC JOHNSON AWS Private Cloud.
IAM was used to manage the user’s access and identity management, by giving rights at the granular level. Using IAM two separate roles was created for Admin and Billing access.
Cloud Endure Disaster Recovery was used for DR of the SAP Workloads in Singapore region of SAP PROD DB and CI system, SAP PROD APP server.
Solution Description and Implementation:
- RMC JOHNSON has multiple in house users connecting to their applications via Web access and SSH using SSL VPN credentials provided to them. Users with role “Admin” help to do the deployment and development activities
- An EC2 instance with Windows Server 2012 used as bastion(Jump Sever) for connecting to SAP and non-SAP servers farm.
- The cloud endpoint was secured with a Fortinet Firewall. The EBS storage was used with Encryption.
- The security of an environment ensured using Security groups.
- EC2 with SAP Workloads removed the lock-in of sticking to the existing environment, as there will be no commitment on AWS.
- The system could be scaled when required to increase processing and user loads during planned intervals. Auto scaling was not required as RMC JOHNSON Technologies only had planned workloads intervals.
- Time for any query (irrespective of complexity or data requested) execution was significantly reduced by 15-20% if compared with earlier step.
- EC2-AMI snapshots (backup) in the encrypted format was completed within few minutes.
- Additionally backuped AMI Restoration to a new EC2 instance demonstrated to the customer.
- Service level agreement met as demanded i.e 30 Mintues for Business critical incidents which lead highly available environment in AWS with as uptime increased to 50% .
- Daily mundane activity of backup was automated using the Lambda function.
- Security of the environment based on AWS best practices helped to build the secured environment.
- RMC JOHNSON being private sector manufacturing company, they wanted fully compliant data centre which AWS already adheres too.