Cisco Reference Architecture for SAP HANA Cloud Dr

Cisco Reference Architecture for SAP HANA Cloud Dr. -Ing. Michael Missbach; Cisco SAP Competence Center Walldorf

Was man über den Vortragenden wissen sollte Manager Cisco SAP Competence Center Walldorf Mehr als 15 Jahre Erfahrung mit SAP Infrastrukturen Autor mehrerer Bücher über Bau und Betrieb von SAP Infrastrukturen © 2014 SAP (Schweiz) AG. All rights reserved. 2

Wie schnell denken Sie eigentlich? Durchschnittliche menschliche Reflexe: 0, 220 sek Durchschnittliche „Denkzeit“ für einfache Aufgaben: 0, 384 sek Durchschnittliche „Denkzeit“ für komplexe Aufgaben: 0, 55 – 0, 75 sek Durchschnittliche Antwortzeit der meisten SAP Transaktionen: 0, 5 sek Wozu braucht man dann HANA? Wenn ein Report nicht innerhalb der Denkzeit auf dem Schirm ist fängt das Gehirn unwillkürlich an zu andern Themen abzuschweifen. Ist der Report dann endlich da ist ein „Kontextswitch“ notwendig: was wollte ich da eigentlich wissen. Diese ständige Kontextswitches sind extrem ermüdend © 2014 SAP (Schweiz) AG. All rights reserved. 3

Was macht HANA so performant? Der beste Technologie-Mix + „In-memory“: ca 10 x schneller + „column orientation“ für Analysen: 100 x schneller (IQ ist bei Analysen trotz Platten ca. 100 x schneller als „raw based“ DB) + Optimierung für die Intel E 7 Cache Struktur (Tests auf E 5 ergeben eine um ca. 20% schlechtere Performance) + Hoher Durchsatz der Netzwerk Interconnects “talk to Cisco if you have network congestion problems with your HANA”* * Kommentar von Hasso Plattner anlässlich seiner Sapphire Keynote © 2014 SAP (Schweiz) AG. All rights reserved. 4

Was bedeutet “Appliance”? Lieferung wie eine “Fertigsuppe”: Einschalten, SAP Lizenz zufügen – Daten laden! Aber ein absoluter Fremdkörper für die meisten Rechenzentren: • Keine Anpassung an Kundenindividuelle RZ Standards vorgesehen • Nur Intel E 7 CPUs und Suse Linux • Switche, Storage, Switche, Kabel sind Teil der Applinace • Dedizierte Infrastruktur, kein sharing vorhandener Switche oder Storage! • Keine 3 rd-party Tools auf HANA (nur auf eigenes Risiko) Ab dem Moment des „Gefahrenübergangs“ ist der Kunde für Überwachung und Wartung (Patchen) verantwortlich • Cisco remote HANA Operation Service erledigt das patchen • Cisco SAP Competence Center stellt „Golden Images“ zur Verfügung © 2014 SAP (Schweiz) AG. All rights reserved. 5

HANA Cloud als Ausweg? • Basiert auf dem Cisco cloud cell reference design • Integration in das SAP portal durch Cisco • Das könnte auch Ihr eigenes Self Service portal sein © 2014 SAP (Schweiz) AG. All rights reserved. 6

Client Network/End user access Create Network Zone Create Client OU/User account Create Routing Policy Create Network interface Create ACL’s Add new Device Benefits C. R. U. D type workflows ( create, read, update, delete ) Build-in Roll-back, CR management Easy to add other services Network Health ZTP Many more…… © 2014 SAP (Schweiz) AG. All rights reserved. 7

Network Topology and Data Model Access Type Client_OU End_User_account Access_Policy AD External access & Authentication ASA ASR L 2 SW MPLS Network N 7 K OOB HANA POD ( Access Vlan) N 7 K N 5 K Client_GRPolicy Client_Sub. Intf Client_Vlan Client_ACL Client_DHCP Client_ASR_Type Client_VRF Client_Sub. Intf Client_RT Client_RD Client_Vlan Client_VPN_Label (RT & RD) Client_VPN_Label (RT , RD) Client_VRF Client_SVI Client_Vlan (HANA POD Access Vlan) Legend L 3 Isolation network resources © 2014 SAP (Schweiz) AG. All rights reserved. 8

Authentication Structure Internet SSLVPN Clients connect with clientless or client Based SSLVPN Authentication passed to authentication server. First auth, password change required MPLS Cloud Management Cell 1 © 2014 SAP (Schweiz) AG. All rights reserved. Cell 2 Radius/Tacacs Active Directory UCSD CIAC VCenter Storage App Nexus 1110 Cell N 9

Cisco Reference Architecture for SAP HANA Cloud Portal Cloud Automation, Portal Services Platform Management HANA Market Place Self Service Portal • • • Hybrid Cloud Cisco Intelligent Automation fpr Cloud (CIAC) UCS Director for Converged Infrastructure Mgmt Core Platform © 2014 SAP (Schweiz) AG. All rights reserved. Other options Other Service Provider Portals Enterprise-Wide Orchestration Extensible Service Catalog for IT Governance Integration with IT Operations and Management Compute - UCS Cisco Solution Cloud Service Providers End Users delivery and governance (“Excalibur”) Other Cloud Automation, Orchestration and Portal Services incl. Open. Stack Cisco Network Management Network - Nexus c SAP declarative Storage OS/Hypervisor (for non prod) Cisco Advanced Services for delivery and management Cisco Unified Security Solution for Physical and Virtual Deployment 10

Cell components Server (same as in appliance) • Today: B 440 M 2; 4 x Intel E 7 -4870, 512 GB DRAM • Soon: B/C 460 M 4; 4 x Intel E 7 -4890 v 2, 1 TB DRAM (2 TB for So. H) Storage (fulfill KPI’s for TDI phase I) • Capacity: 4 times RAM per node • IO: 100 k IOps for Log; 800 Mbps for Data per node Network (fulfill KPI’s for TDI phase II) • Node – Node: 10 GB, single hop • Node – Storage: 10 Gb. E or 8 Gb FC, as single hop as possible • Node – user: 1 GB © 2014 SAP (Schweiz) AG. All rights reserved. 11

Ivy Bridge HANA building blocks B 260 M 2 2 -Socket EX Blade 512 GB per node for BW; 1024 GB for So. H C 460 M 4 4 S-EX Rack 1 TB per node for BW; 2 TB for So. H B 460 M 4 4 -Socket EX Blade 1 TB per node for BW; 2 TB for So. H Up to 320 Gb of IO Bandwidth for scale-out © 2014 SAP (Schweiz) AG. All rights reserved. 12

Secure multi tenant instance HANA architecture blade level separation based on proven v. Block / Flexpod architecture and CVDs • • • up to 4 x 10 GE (80 GB per node) up to 32 Gbps throughput implicit Port-channel traffic pinned to individual links Deterministic Path Bandwidth scaling via port channel (PC / v. PC) • Every PC provide 20 -80 Gbit • Multiple PC per Cell • 2 x 10 Gbit guarantied per node • 2 x 40 Gbit burst rate per node • Every node can access every Storage • Security via VLAN, ACL • N 5 k scale to 40 HANA nodes • N 7 K scale to 200 HANA nodes © 2014 SAP (Schweiz) AG. All rights reserved. 13

Grow as you go minimum is 3 nodes – add more resources for more clients on the fly! © 2014 SAP (Schweiz) AG. All rights reserved. 14

mixed cell with HANA and app servers 40 x B 440 HANA nodes B 200 app server © 2014 SAP (Schweiz) AG. All rights reserved. 15

“Read” performance on bare metal (IOzone benchmark with different block sizes from 4 kb to 16 MB) IO throughput (MB/s) 6. 000 5. 000 4. 000 3. 000 2. 000 1. 000 0 © 2014 SAP (Schweiz) AG. All rights reserved. More than double IO performance Cisco UCS existing server Block size (KB) 16

“Read” performance on VMware (IOzone benchmark with different block sizes from 4 kb to 16 MB) IO throughput (MB/S) 3. 500 3. 000 2. 500 2. 000 significant higher IO 1. 500 performance 1. 000 500 0 © 2014 SAP (Schweiz) AG. All rights reserved. Cisco UCS existing server block size (KB) 17

“Write” performance on VMware (IOzone benchmark with different block sizes from 4 kb to 16 MB) IO throughput (MB/S) 500 450 400 350 300 250 200 150 100 50 0 © 2014 SAP (Schweiz) AG. All rights reserved. 1. 5 – 4 times the Performance Cisco UCS existing server block size (KB) 18

SAP applications benefits from Cisco Fabric Interconnect (VM-FEX technology) dramatically reduced IO latency The Result is a significant better DB response time Do more with the same VM Improve user experience with Virtualized SAP systems Used Switch technology KVM-vswitch VM-FEX © 2014 SAP (Schweiz) AG. All rights reserved. # Users 3. 600 4. 000 DB Response time / Diff % Dialog processes 0, 00 20, 75 0, 00 14, 89 10, 00 20, 52 Diff % 0, 00 -39, 36 -1, 12 DB Response time / Update process 27, 09 21, 31 25, 75 Diff % 0, 00 -27, 12 -5, 20 19

UCS Cabling – Radical Simplification Ad hoc and inconsistent Structured, but siloed, complicated Simplified 40% cost savings in cabling, fiber, patch cords and labor © 2014 SAP (Schweiz) AG. All rights reserved. 20

Full Hardware Abstraction & Service Profiles Advantage for SAP Systems Service Profiles Profile Name = vmhost-cluster 1 -1 UUID = 12345678 -ABCD-9876 -5432 -ABCDEF 123456 Description = ESX 4 -1 – Host in Cluster 1 Prd XI Prd EP Prd SRM Prd CRM Network Side LAN Config Prd ECC Adapter PCI Order = v. NIC 0 first, then v. NIC 1, then v. HBA…. . Number of NIC’s = VMware-Static-NIC-Policy Prd BW v. NIC 0 Switch = Switch A QA XI QA EP QA SRM QA CRM QA ECC QA BW v. NIC 0 Pin Group = Switch. A-pingroup. A v. NIC 0 VLAN Trunking = Disabled v. NIC 0 Native VLAN = VLAN 100 v. NIC 0 MAC Address = 00: 25: B 5: 00: 01 v. NIC 0 Hardware Failover Enabled = No v. NIC 0 Qo. S policy = VMware-Qo. S-policy. . Enables movement of SAP instances without invalidating license key • SAP license key generated based HW parameters, for example the HBA WWNN Server Side LAN Config • UCS Service Profiles contain 96 attributes, including all relevant for SAP license keys • ESX Networking= VM v. NIC tied to Port-Group: • 101_Policy, 102_Policy, 103_Policy, etc. Local Storage Profile = RAID 1 Scrub Policy = Scrub local disks only no need for complex scripts to make cluster SAP “aware” no need for cluster software to grant HW availability © 2014 SAP (Schweiz) AG. All rights reserved. 21

Single unified design for Appliance and Cloud SAP HANA reference architecture follows Cisco datacenter integration principles - Technical identical to Flex. Pod or Vblock Cell based design for SAP HANA scale from 128 GB to up to 20 TB per single SID can have virtualized or bare-metal (single node and scale-out) HANA instances Automated Management and Orchestration Scalable Network design non-blocking, loss-less Security and tenant isolation at every layer for control and data plane All use cases are defined in Software - No need to change the hardware or cabling based on the stateless and unified computing of UCS © 2014 SAP (Schweiz) AG. All rights reserved. 22

Thank you Contact information: Dr. Michael Missbach Head of Cisco SAP Competence Center Altrottstr. 31 Walldorf mmissbac@cisco. com © 2014 SAP (Schweiz) AG. All rights reserved.