Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
maxLevel2

Prerequisites

Open Ports

In a controlled network environment, it is common to have firewall rules in place. In order to enable communication of SAP systems with AWS, the following port numbers should be reachable from the SAP system:

PortTypeAWS service
5439tcpRedshift
80/443http/https

S3

These are default port numbers of AWS services.

AWS User

We recommend creating distinct users for every SAP system connected to the AWS services in order to isolate each system's data. 

The recommended user names are mirroring SAP's guideline for these user names: <sid>adm => <sid>aws.

S3 bucket

You must manually, using the AWS console, create an S3 bucket. Datavard Storage Management does not create it automatically.

...

You must create a Redshift cluster together with the Redshift database. 

We recommend creating a dedicated database in Redshift for each SAP system. The recommended database name is sap<sid> (sapdvq).

Redshift database user

You must grant the permissions to some system tables in Redshift DB for SAP SM data computation ( table size: "grant select on pg_catalog.SVV_TABLE_INFO to DVD_USER;")

Also, make sure, that Datavard user can run select on table pg_catalog.PG_TABLE_DEF ( table exists: "grant select on pg_catalog.PG_TABLE_DEF to DVD_USER;" )

OS prerequisites (On SAP host)

This group of requirements relates to the operating systems underlying the SAP system with all its application servers. Datavard products (e.g. Datavard Glue, OutBoard DataTiering) have been developed and tested on the SUSE Linux environment and Windows Server 2012. However, by design, they are not limited by the choice of an operating system, if the requirements listed in this guide are met.

OS directories

Datavard connector uses a directory dedicated to its configuration files:

$ ls -ld /sapmnt/DVQ/global/security/dvd_conn
rwx------ 2 dvqadm sapsys 4096 --- /sapmnt/DVQ/global/security/dvd_conn

The folder is used to store drivers and is shared among SAP application servers. Set the ownership and permissions appropriately to <sid>adm.

JDBC Drivers
Anchor
JDBC Drivers
JDBC Drivers

JDBC protocol is used to connect to AWS Redshift. AWS Redshift JDBC driver (RedshiftJDBC41-no-awssdk-1.2.16.1027.jar) must be manually stored on the operating system and be accessible to the Datavard connector.

We recommend storing the drivers in a folder within the connector directory, organized in sub-folders to avoid possible conflicts.

...

This means that no additional certificates are needed.


Java connector

Java connector is a critical middle-ware component. Please follow the steps in the chapter Java Connector Setup to set it up before you continue. 

Configuration

When all prerequisites are fulfilled, further configuration is performed from the SAP system.


Drivers logical file definition

As described in JDBC Drivers, JDBC drivers for AWS service connection are stored on operating systems underlying the SAP system. Define them also as logical names to the SAP system via the FILE transaction.

In our example, we are using S3 and Redshift JDBC Drivers provided by AWS. The definition of driver specific folders looks as follows:

Image Modified

ZDVD_AWS_REDSHIFT_DRIVERS refers to the folder in which AWS JDBC drivers provided by Amazon have been placed in the section JDBC Drivers.

Storage Management setup

A generic Datavard software component: “Reuse Library” is used for the setup. The required component is “Storage Management”.

Datavard Storage Management facilitates transparent communication with different types of storages. This includes S3 for flat files and Redshift for structured data.

S3 storage

In order to transparently store data, you should define two types of AWS storages in Storage Management:

  • S3 storage which facilitates a transfer of files to S3
  • Redshift storage which enables data replication between SAP tables and Redshift tables

Create S3 storage through the transaction:

/DVD/SM_SETUP

                                                                                                                                                              Image Modified

Entries explained:

  • Storage ID – name of the storage
  • Storage Type – choose AWS_S3 for S3
  • Description – extended description of the storage for easier identification
  • AWS Bucket name  name of the existing bucket in S3
  • AWS Region  region where the bucket exists (recommendation is that also Redshift cluster exists in the same region)
  • AWS Access Key  security information "access_key_id"
  • AWS Secret Key  security information "secret_key_id"
  • Java connector RFC – TCP/IP RFC destination for communication with Datavard Java connector
  • Path for TMP files  directory on SAP system where the temporary files will be stored

    Note

    Path for TMP files must be visible for the instance of the java connector. In case your SAP system is a cluster consisting of multiple physical machines, you need to configure NFS (Network File System). Performing this step you'll make sure that all application servers will be writing temporary data into one shared location, which is visible for the Java connector instance. With this configuration, you will be able to perform storage operations on S3 storage regardless of the actual SAP application server. /sapmnt is usually a NFS directory shared among all SAP application servers.


Complete the creation of the storage by confirming (F8).

Redshift storage

The AWS Redshift storage is created in a similar way as the process of setting up the S3 storage with different settings:

                                                                                                                                                         Image Modified

Entries explained:

  • Storage ID – Name of the storage
  • Storage Type – Choose REDSHIFT storage type
  • Description – Extended description of the storage for easier identification
  • Referenced Storage  Defines which S3 storage will be used by Redshift
  • Redshift host – Redshift server hosting the Redshift service
  • Port – port number on which Redshift service is accessible
  • Database name  Name of DB in Redshift cluster
  • Database schema  Name of the schema (normally is public)
  • Java connector RFC – AWS RFC destination (you may use the same one as for S3 storage)
  • Driver engine  Use REDSHIFT
  • Driver Classname  Classname of the driver used for loading (the recent version is com.amazon.redshift.jdbc41.Driver)
  • Driver path  Logical name of the driver directory
  • Username  Redshift user created in the Redshift user group
  • Password hashed  Type in the password in the lower line and use the [Hash] button
  • Login timeout  (seconds)  Threshold for JDBC timeout
  • Enable SSL  Checked if SSL authentication should be used
  • Use extended escaping - Checked if extended escaping should be used (replaces escape characters, such as newline, backspace, tabulator, etc., by the 'space' character)
  • SSL Mode  There are two options for SSL mode:
    verify-ca (default option, verifies that the certificate comes from trusted CA)
    verify-full (both CA and hostname listed in the certificate are verified)

Finish the creation of the storage by confirming (F8). If the SAP system is able to authenticate against AWS Redshift and receives the expected result of the SQL command 'use database', the creation of the storage is considered successful.