- SAP Business One Planning Guide
- Overview of SAP Business One on Alibaba Cloud
- Alibaba Cloud ECS
- Network and Security
- SAP Business One Installation media
|Version||Revision Date||Types Of Changes||Effective Date|
|1.1||2018/07/31||1.Certified IaaS platforms is updated.||2018/07/31|
This guide provides an overview of how SAP Business One works on the Alibaba cloud platform, and provides details that you can use when planning the implementation of a new SAP Business One system.
Alibaba Cloud and SAP have worked together to test and certify the SAP Business One solution on the Alibaba cloud. SAP Business One, version for SAP HANA has been certified on the Alibaba cloud platform. For more information about how to deploy SAP Business One on Alibaba Cloud, see the SAP Business One deployment guide.
SAP Business One is business management software designed for small and medium-sized enterprises. It was designed with the idea that smaller companies need ERP software to help manage their business, but not the kind of ERP that large and complex organizations need. It has functional modules for finance, customer relationship management (CRM), warehousing and production management, purchasing and procurement, and reporting and analytics.
SAP HANA is an in-memory, column-oriented, relational database management system developed and marketed by SAP. Its primary function as database server is to store and retrieve data as requested by the applications. In addition, it performs high-performance analytics and real-time data processing to address customer’s rapid growing business analysis needs.
Alibaba Cloud is built on a global infrastructure providing all kinds of IaaS products and services. Alibaba Could services are available to use in different geographical regions across the globe. For SAP Business One on Alibaba Cloud, you can only choose SAP Business One, version for SAP HANA. When running SAP Business One with SAP HANA on Alibaba Cloud, customers can leverage ease of provisioning, high scalability, and redundant Alibaba Cloud infrastructure capabilities to run their business-critical workloads cost-effectively.
With SAP Business One, version for SAP HANA, the application data is powered in-memory, with a single platform for analytics and transactions. This aids in speeding up processing times, and permits you to maintain a streamlined IT landscape. This elevates the user experience as well as allowing real-time decisions to be made with the various embedded SAP HANA apps, analytics and reporting.
For SAP Business One on Alibaba Cloud, the core Alibaba Cloud components used by this planning guide include the services as follows,
Elastic Compute Service : Elastic Compute Service (ECS) is a typeof computing service that features elastic processing capabilities. ECS has a simpler and more efficient management mode than physical servers. You can create instances, change the operating system, and add or release any number of ECS instances at any time to fit your business needs.
SSD Cloud Disk : Ideal for I/O-intensive applications, and provide stable and high random IOPS performance.
Ultra Cloud Disk : Ideal for medium I/O load application scenarios and provide a storage performance of up to 3,000 random IOPS for ECS instances.
Virtual Private Cloud : The Alibaba Cloud Virtual Private Cloud (VPC) is a private network established in Alibaba Cloud. It is logically isolated from other virtual networks in Alibaba Cloud. VPC enables you to launch and use the Alibaba Cloud resources in your own VPC.
Object Storage Service : Alibaba Cloud Object Storage Service (OSS) is a network-based data access service. OSS enables you to store and retrieve structured and unstructured data including text files, images, audios, and videos.
This guide currently supports SAP HANA Platform Edition 1.0 and 2.0.
Alibaba Cloud ECS offers a number of instance types (virtual machine sizes) for deploying SAP solutions. Each instance type offers different CPU, memory, and I/O capabilities. You must use one of the SAP-certified ECS instance types for SAP Business One systems. For a list of SAP-certified instance types approved for SAP Business One usage, see following,
For detailed descriptions of ECS instance types, please kindly check official website of Alibaba Cloud.
The Alibaba Cloud infrastructure is built around Regions and Zones. A Region is a physical location in the world, where for most cases, we have multiple Zones. Zones consist of one or more discrete data centers, each with redundant power, networking and connectivity, housed in separate facilities. These Zones offer you the ability to operate production applications and databases, which are more highly available, fault tolerant and scalable than it would be possible from a single data center.
Virtual Private Cloud (VPC) allows you to provision a private, isolated section of Alibaba Cloud where you can launch IaaS resources in a virtual network that you define. With VPC, you can define a virtual network topology that closely resembles a traditional network that you might operate in your own data center. Additionally, you can create a connection between your corporate data center and your VPC on Alibaba Cloud, and use the Alibaba Cloud as an extension of your corporate data center.
When you create an ECS instance, you use an image that contains a pre-installed base operating system. Alibaba Cloud works with operating system partners to provide you with up-to-date, optimized operating system images. There are several ways you can specify an image for your ECS instance.
Licenses of operating system in public image list are already included in the price of ECS instance charge. You are not required to provide your own operating system licenses. Following ones are the recommended operating systems available in Public Image list:
It is possible for customers to use a BYOL (Bring-Your-Own-License) approach for their operating system. Customers can create their own customized Operating System images, and create an ECS instance through their own customized image.
You can use the standard Alibaba Cloud methods to deploy your ECS instances on Alibaba Cloud platform, including ECS Console (the Cloud Platform Console web UI) and REST API. You can read the following pages to get more useful information.
For more information and step-by-step instructions about deploying your SAP Business One system on ECS instances, please see the SAP Business One on Alibaba Cloud Deployment Guide.
On a Linux-based ECS instance, users have SSH capabilities, and can access an ECS instance through SSH based tools such as putty. For example, you can access the ECS instance through putty from a Jumping server.
On a Windows-based ECS instance, users can access the ECS through Remote Desktop Protocol (RDP), as long as the ECS instance is accessible from a public IP address.
For SAP Business One on Alibaba Cloud, you can use SAP HANA on Linux platform.
SAP HANA is supported only for SLES for the moment. For more information on supported ECS instance types and operating systems, see the SAP HANA Deployment Guide.
For more information about SAP HANA, see the SAP HANA Operation guide and the SAP documentation.
To determine the sizing guidelines and recommendations for SAP HANA, please kindly check SAP official website for sizing.
By default, each ECS instance has a small System disk (Ultra Cloud Disk or SSD Cloud Disk) that contains the operating system. You can add additional Data disks, and attach them to your ECS instance to act as storage for the different components of your system.
Alibaba Cloud Block Storage (Cloud Disk) provides persistent block-level storage volumes for use with Alibaba Cloud ECS instance. You can choose different Cloud Disk type depending on your requirement:
|Disk Category||Basic Cloud Disk||Ultra Cloud Disk||SSD Cloud Disk|
|Max size of single disk||2 TB||32.768 TB||32.768 TB|
|Max IOPS per disk||300+ IOPS||3,000 IOPS||20,000 IOPS|
|Max throughput per disk||20~40 MBps||80 MBps||300 MBps|
|Access latency||5.0~10.0 ms||1.0~3.0 ms||0.5~2.0 ms|
|Typical scenarios||Data is not frequently accessed or with low I/O loads.||- Small and medium sized databases.
- Development and testing.
- Cloud Server logging.
|- I/O intensive applications.
- Medium sized or large relational databases.
- NoSQL databases.
For Data reliability, with the strength of the Alibaba Cloud distributed storage technology, which uses a triplicate storage system, all these 3 disk types ensure data integrity of 99.9999999%. |
In General, we recommend following disk layout:
|Disk Layout||Usage||Cloud Disk Type|
|System Disk||Operating System||Ultra Cloud Disk|
|Data Disk 1||Executives, profiles etc. of SAP Business One and HANA Database||SSD Cloud Disk|
|Data Disk 2||Data files of HANA database||SSD Cloud Disk|
|Data Disk 3||Log files of HANA database||SSD Cloud Disk|
For SAP Business One on Alibaba Cloud, we recommend using SSD Cloud Disk.
For more information about how to setup storage system for SAP HANA, please kindly refer to SAP HANA Deployment Guide.
Alibaba Cloud Object Storage Service is an object store for files of any type or format; it has virtually unlimited storage and you do not have to worry about provisioning it or adding more capacity.
It’s common practice to use OSS to store backup files for long term storage.
A security group functions similarly to virtual firewalls, and is used to set network access controls for one or more ECS instances. When creating instances, you must select a security group. You can also add security group rules to control outbound and inbound network access for all ECS instances in the security group.
Alibaba Cloud offers two authentication methods for remote logon to ECS instances:
Password logon: A standard authentication method using the administrator password. It applies to both Windows instances and Linux instances.
SSH Key Pair logon: This method only applies to Linux instances. If you are running Linux, we recommend that you choose this authentication method to protect your ECS instance’s security.
An SSH Key Pair is a pair of keys generated by an encryption algorithm: one key is intentionally available, known as the public key; and the other key is kept confidential, known as the private key.
If you have placed the public key in a Linux instance, you can use the private key to log on to the instance using SSH commands or related tools from local computer or another instance, without the need to enter a password.
When you create a VPC network on Alibaba Cloud, a vRouter and route table are automatically created after the VPC creation. You cannot create or delete them directly. They will be deleted automatically with the deletion of the VPC. You can add route entries to the route table to route network traffic.
Each entry in the route table is a route entry determining where network traffic is directed. A route entry with the destination CIDR block 100.64.0.0/10 is added by the system by default, when you create a VPC. You are allowed to add customized route entries for your VPC.
If an ECS instance in the VPC, without external IP address, wants to access the Internet, a NAT gateway is needed.
Bastion hosts provide an external facing point of entry into a VPC network containing private-network VMs. This host can provide a single point of fortification or audit and can be started and stopped to enable or disable inbound SSH communication from the Internet.
SSH access to VMs that do not have an external IP address can be achieved by first connecting to a bastion host.
When using a bastion host, you log into the bastion host first, and then into your target private ECS instance through an SSH based tool, like putty.
When an ECS instance is created within VPC and without an assigned external IP address, it cannot make direct connections to external services.
To allow these ECS instances to access the Internet, you can set up and configure a NAT gateway. The NAT gateway can route traffic on behalf of any ECS instance in the VPC. You should have one NAT gateway per VPC.
You can securely connect your existing IDC to your VPC on Alibaba Cloud through a VPN connection using IPSec by using VPN gateway on Alibaba Cloud. Traffic traveling between the two networks is encrypted by one VPN gateway, then decrypted by the other VPN gateway. This protects your data as it travels over the Internet. For more information, please kindly check Alibaba Cloud official site.
Following additional resources will help you to further understand your SAP environment on Alibaba Cloud from security and compliance perspective:
Running SAP on Alibaba Cloud requires you to bring your own license (BYOL).
For more information about SAP licensing, please contact SAP.
In Alibaba Cloud, there are two ways to license SUSE Linux:
Pay-As-You-Go licensing model: Alibaba Cloud provides SLES 11 SP4 and SLES 12 SP2 as public images, and the SLES license cost is included in ECS instance price.
BYOL model: Customer can purchase their own SLES license and import SLES operating system as customized images.
- SAP HANA: SAP HANA uses a bring-your-own-license (BYOL) model.
There are two main options for copying SAP Business One installation media to ECS instance:
Download from SAP Service Marketplace to ECS instance directly. From your ECS instance, connect to the SAP Service Marketplace and download the required installation media. This option will most likely be the fastest method for getting SAP Business One installation media to Alibaba Cloud, because ECS instances have very fast connections to the Internet. You can create a dedicated ECS instance with Windows Operating System, for downloading and storing the SAP installation media.
Copy from your network to ECS instance. If you already have the required SAP installation media downloaded to a location in your network, you can copy the media from your network directly to an ECS instance.
Alibaba Cloud support: Customers can request assistance with SAP Business One provisioning and configuration questions on ECS instances.
SAP Support: Customers can also contact SAP Support for SAP-related issues. SAP does the initial evaluation of the support ticket and transfers the ticket to the Alibaba Cloud queue if SAP considers it an infrastructure issue about ECS instances.