This is the final blog in our four-part series on Designing A Great SAP on Azure Architecture.
Within this blog we will a cover a range of Azure services and a new GitHub repository which can support operational efficiencies for your SAP applications running on Azure.
Let’s get started.
Simplifying SAP Shared Storage architecture with Azure NetApp Files
Azure NetApp Files (ANF) can be used to simplify your SAP on Azure deployment architecture, providing an excellent use case for high availability (HA) of your SAP shared files based on Enterprise NFS.
SAP Shared Files are critical for SAP systems with high availability requirements and more than one application server. Additionally, SAP HANA scale-out systems also require a common set of shared files i.e.
/sapmnt which stores SAP kernel files, profiles and job logs. /hana/shared, which houses binaries, configuration files and traces for SAP HANA scale-out.
Prior to Azure NetApp Files, SAP on Azure customers running Linux with high availability requirements had to protect the SAP Shared Files using Pacemaker clusters and block replication devices. These setups were
Azure storage offers several options to encrypt data at rest. With client-side encryption you can encrypt data prior to uploading it to Azure Storage. You can also choose to have Azure storage manage encryption operations with storage service encryption using Microsoft managed keys or using customer managed keys in Azure Key Vault. Today, we present enhancement to storage service encryption to support granular encryption settings on storage account with keys hosted in any key store. Customer provided keys (CPK) enables you to store and manage keys in on-premises or key stores other than Azure Key Vault to meet corporate, contractual, and regulatory compliance requirements for data security.
Customer provided keys allows you to pass an encryption key as part of read or write operation to storage service using blob APIs. Since the encryption key is defined at the object level, you can have multiple encryption keys within a storage account. When you create a blob with customer provided key, storage service persists the SHA-256 hash of the encryption key with the blob to validate future requests. When you retrieve an object, you must provide the same encryption key as part of the request. For example, if a blob is created
Microsoft Azure Storage offers several options to encrypt data at rest. With client-side encryption you can encrypt data prior to uploading it to Azure Storage. You can also choose to have Azure Storage manage encryption operations with server-side encryption using Microsoft managed keys or using customer managed keys in Microsoft Azure Key vault. Today, we present enhancement to server-side encryption to support granular encryption settings on storage account with keys hosted in any key store. Client provided key (CPK) enables you to store and manage keys in on-premises or key stores other than Azure Key Vault to meet corporate, contractual and regulatory compliance requirements for data security.
Client provided keys allows you to pass an encryption key as part of read or write operation to storage service using blob APIs. When you create a blob with a client provided key, the storage service persists the SHA-256 hash of the encryption key with the blob to validate future requests. When you retrieve an object, you must provide the same encryption key as part of the request. For example, if a blob is created with Put Blob, all subsequent write operations must provide the same encryption key. If a different key is
We are excited to announce the preview of direct-upload to Azure managed disks. Today, there are two ways you can bring your on-premises VHD files to Azure as managed disks:
Stage the VHD into a storage account before converting them into managed disks Attach an empty managed disk to a VM and do copy.
Both these ways have disadvantage. The first option requires extra storage account to manage while the second option has extra cost of running virtual machine. Direct-upload addresses both these issues and provides a simplified workflow by allowing copy of your on-premises VHD into an empty managed disk. You can use it to upload to Standard HDD, Standard SSD, and Premium SSD managed disks of all the supported sizes.
If you are an independent software vendor (ISV) providing backup solution for IaaS virtual machines in Azure, we recommend you leverage direct-upload to restore your customers’ backups to managed disks. It will help simplify the restore process by getting away from storage account management. Our Azure Backup support for large managed disks is powered by direct-upload. It uses direct-upload to restore large managed disks.
This is the second in a four-part blog series on designing a SAP on Azure Architecture. In the first part of our blog series we have covered the topic of designing for security. Robust SAP on Azure Architectures are built on the pillars of security, performance and scalability, availability and recoverability, and efficiency and operations. This blog will focus on designing for performance and scalability.
Microsoft support in network and storage for SAP
Microsoft Azure is the eminent public cloud for running SAP applications. Mission critical SAP applications run reliably on Azure, which is a hyperscale, enterprise proven platform offering scale, agility, and cost savings for your SAP estate.
With the largest portfolio of SAP HANA certified IaaS cloud offerings customers can run their SAP HANA Production scale-up applications on certified virtual machines ranging from 192GB to 6TB of memory. Additionally, for SAP HANA scale-out applications such as BW on HANA and BW/4HANA, Azure supports virtual machines of 2TB memory and up to 16 nodes, for a total of up to 32TB. For customers that require extreme scale today, Azure offers bare-metal HANA large instances for SAP HANA scale-up to 20TB (24TB with TDIv5) and SAP HANA scale-out to 60TB
This month we released a new version of Azure Storage Explorer, 1.10.0. This latest version of Storage Explorer introduces several exciting new features and delivers significant updates to existing functionality. These features and changes are all designed to make users more efficient and productive when working with Azure Storage, CosmosDB, ADLS Gen2, and, starting with 1.10.0, managed disks. If you’ve never used Storage Explorer before, you can download it for Windows, macOS, or Linux on the product page here.
Storage Explorer adds support for managed disks
One of the most challenging parts of migrating on-premises virtual machines (VMs) to Azure is moving the data for these VMs into Azure. Storage Explorer 1.10.0 makes this process much easier by adding support for managed disks. The new features we’ve added for managed disks lets you create and manage VM disks using the easy to use Storage Explorer GUI. Using Storage Explorer also gives you an incredibly performant workflow. When you upload a VHD to a Managed Disk, Storage Explorer is leveraging the power and speed of AzCopy v10 to quickly get your data into Azure. Storage Explorer’s support for managed disks also includes the ability to create snapshots of, copy, download, and
The release of Storage Explorer 1.10.0 brings many exciting updates and new features that we hope can help you be more productive and efficient when working with your Azure Storage Accounts. If you’ve never used Storage Explorer before, make sure to head to our product page, and download it for your favorite operating system. In this post, we’ll go over the newly added support for virtual machine (VM) disk management that was added in the 1.10.0 release.
Easily backup and restore VMs with disk support
Managed disks have been simplifying Azure VM creation and maintenance over page blobs, blob containers and storage accounts. Today, Azure managed disks are the default storage option for Azure IaaS VMs. Recently, we introduced the Direct Upload API that allows you to upload data from on-premises without staging the data in a storage account. Azure Storage Explorer further simplifies those tasks by providing performant upload and download capabilities for creating and accessing managed disks. Here are two example scenarios for how the new features benefit customers like you:
We learned it is common to migrate VMs from on-premises to Azure. With Storage Explorer you can conveniently perform this task using the following steps in the
The preview of incremental snapshots of Azure managed disks is now available. Incremental snapshots are a cost-effective point-in-time backup of managed disks. Unlike current snapshots, which are billed for the full size, incremental snapshots are billed for the delta changes to disks since the last snapshot. They are always stored on the most cost-effective storage i.e., standard HDD irrespective of the storage type of the parent disks. Additionally, for increased reliability, they are stored on Zone redundant storage (ZRS) by default in regions that support ZRS. They cannot be stored on premium storage. If you are using current snapshots on premium storage to scale up virtual machine deployments, we recommend you to use custom images on standard storage in Shared Image Gallery. It will help you to achieve a more massive scale with lower cost.
Incremental snapshots provide a differential capability, a unique capability available only in Azure managed disks. It enables customers and independent solution vendors (ISV) to build backup and disaster recovery solutions for managed disks. It allows you to get the changes between two snapshots of the same disk, thus copying only changed data between two snapshots across regions, reducing time and cost for backup and disaster
Service issues are anything that could affect your availability, from outages and planned maintenance to service transitions and retirements. While rare—and getting rarer all the time, thanks to innovations in impactless maintenance and disciplines like site reliability engineering—service issues do occur, which is why service health alerting is such a critical part of successfully managing cloud operations. It’s all about helping your team understand the status and health of your environment so you can act quickly in the event of an issue. That can mean taking corrective measures like failing over to another region to keep your app running or simply communicating with your stakeholders so they know what’s going on.
In this blog, we’ll cover how you can develop an effective service health alerting strategy and then make it real with Azure Service Health alerts.
How Azure Service Health alerts work
Azure Service Health is a free Azure service that provides alerts and guidance when Azure service issues like outages and planned maintenance affect you. Azure Service Health is available in the portal as a dashboard where you can check active, upcoming, and past issues.
Of course you may not want to check the Azure Service Health dashboard regularly.
Composite indexes were introduced in Azure Cosmos DB at Microsoft Build 2019. With our latest service update, additional query types can now leverage composite indexes. In this post, we’ll explore composite indexes and highlight common use cases.
Index types in Azure Cosmos DB
Azure Cosmos DB currently has the following index types that are used for the following types of queries:
Equality queries Range queries ORDER BY queries on a single property JOIN queries
ORDER BY queries on multiple properties Queries with a filter as well as an ORDER BY clause Queries with a filter on two or more properties Composite index use cases
By default, Azure Cosmos DB will create a range index on every property. For many workloads, these indexes are enough, and no further optimizations are necessary. Composite indexes can be added in addition to the default range indexes. Composite indexes have both a path and order (ASC or DESC) defined for each property within the composite index.
ORDER BY queries on multiple properties
If a query has an ORDER BY clause with two or more properties, a composite index is required. For example, the following query requires a