Upload
others
View
7
Download
0
Embed Size (px)
Citation preview
Vnomic Proprietary and Confidential 1 VNAZDG2019-5
Vnomic Automated SAP Workload Deployment and Management for Azure
SEPTEMBER 2019
Vnomic Proprietary and Confidential 2 VNAZDG2019-5
CONTENTS
1 Introduction .......................................................................................................................................... 4
2 Additional Training ................................................................................................................................ 4
3 Audience ............................................................................................................................................... 4
4 Version Compatibility ............................................................................................................................ 4
5 Supported Azure Regions ...................................................................................................................... 4
6 Vnomic Solution Components .............................................................................................................. 5
6.1 Vnomic Content Repository .......................................................................................................... 5
6.2 Vnomic Meta Director (VMD) ....................................................................................................... 6
6.3 Vnomic MetaDirector User Interface ............................................................................................ 6
6.4 Vnomic Blueprint Workbooks for Azure ....................................................................................... 6
6.4.1 Vnomic Blueprint Workbook Resource Cost Quantification ................................................. 6
6.4.2 Vnomic Blueprint Workbook Service Offerings .................................................................... 7
6.4.3 Creating Customized Blueprint Workbook Service Offerings ............................................... 7
7 VMD Deployment.................................................................................................................................. 7
7.1 VMD Deployment Pre-requisites .................................................................................................. 7
7.2 VMD Deployment Considerations ................................................................................................ 8
7.2.1 VMD Deployment into a Locked-down Subscription ............................................................ 8
7.2.2 Deployment with a Subscription Local VCR copy ............................................................... 11
7.2.3 VMD Operator/Administrator Access ................................................................................. 11
7.3 Create Azure Application Registration (Service Principal) .......................................................... 11
7.4 Add Roles for the VMD Service Principal .................................................................................... 13
7.5 Azure Microsoft.Solutions Resource Provider ............................................................................ 14
7.6 VMD Deployment using a Parameters File ................................................................................. 14
7.6.1 VMD Parameters File Contents ........................................................................................... 14
7.6.2 VMD Deployment Input Variables ...................................................................................... 17
7.6.3 Download the VMD Parameters File................................................................................... 18
7.6.4 Update the VMD Parameters File ....................................................................................... 18
7.7 VMD Deployment Script ............................................................................................................. 18
7.7.1 VMD Deployment Script Arguments ................................................................................... 18
7.7.2 Download the VMD Deployment Script .............................................................................. 19
7.8 Initiate the VMD Deployment ..................................................................................................... 19
Vnomic Proprietary and Confidential 3 VNAZDG2019-5
7.8.1 VMD Instance Resource Groups Created ............................................................................ 19
7.8.2 Monitor the VMD Deployment ........................................................................................... 20
7.8.3 Obtaining the VMD console UI URL .................................................................................... 20
7.8.4 Connect to VMD Console User Interface (UI) ..................................................................... 21
7.8.5 Verify VMD Deployment ..................................................................................................... 21
7.8.6 Execute a Blueprint Workbook Deployment ...................................................................... 22
7.9 Connect to VMD Command Line Interface (CLI) ......................................................................... 22
8 Specifying Deployments with Vnomic Blueprint Workbooks ............................................................. 22
8.1 Opening Vnomic Blueprint Workbooks ...................................................................................... 22
8.2 Vnomic Blueprint Workbook Structure ...................................................................................... 23
8.3 Topology Tabs ............................................................................................................................. 24
8.4 Topology Tabs as Landscape Building Blocks .............................................................................. 25
8.5 Configuring the Topology Interdependencies ............................................................................ 25
Vnomic Proprietary and Confidential 4 VNAZDG2019-5
1 INTRODUCTION
This document introduces the Vnomic Automated SAP Workload Deployment and Management Solution
for Azure. It describes the procedure for deploying the Vnomic Automated SAP Workload Deployment
and Management Solution for Azure as an Azure Managed Application. Then the basic procedure for
deploying SAP applications using Vnomic Blueprint Workbooks for the most common SAP application
components (SAP HANA, SAP Business Warehouse, and SAP S4/HANA) is provided via uploading
workbooks to the Vnomic MetaDirector.
2 ADDITIONAL TRAINING
This document provides a basic overview of the relevant topics to quickly and reliably deploy production
quality SAP application topologies on Azure. Vnomic offers specific training for planning,
implementation, and operation of SAP applications using the Vnomic Automated SAP Workload
Deployment and Management Solution for Azure. Please contact Vnomic for further information
(www.vnomic.com, mailto:[email protected]).
3 AUDIENCE
This document assumes the following background and competencies:
1. Architectural knowledge of the SAP application components, SAP topologies, and best practices
2. Basic administration knowledge of Azure and understanding of the concepts of subscriptions,
resource groups, Azure Resource Manager (ARM), and ARM resources
4 VERSION COMPATIBILITY
Vnomic blueprint workbooks contain a specific data schema which is supported by specific Vnomic
MetaDirector versions. Combinations not listed are not supported.
Blueprint Workbook Version VMD
14.6.43 or later 14.6.1 or later
5 SUPPORTED AZURE REGIONS
The following regions are supported by Vnomic MetaDirector (VMD).
Note that VMD can technically be deployed to any Azure region as it relies on Azure managed
application services for its deployment. However, the VMD can only deploy application topologies into a
region if the provided Vnomic Blueprint Workbook allows targeting the specific region. Hence the list
below indicates the Azure regions supported by the respective version of Vnomic Blueprint Workbooks
specified in this document.
Vnomic Proprietary and Confidential 5 VNAZDG2019-5
LocationId LocationDisplayName
centralus Central US
eastus East US
eastus2 East US 2
northcentralus North Central US
southcentralus South Central US
uksouth UK South
ukwest UK West
westcentralus West Central US
westeurope EU West
westus West US
westus2 West US 2
6 VNOMIC SOLUTION COMPONENTS
This section provides an overview of the components comprising the Vnomic Automated SAP Workload
Deployment and Management Solution for Azure.
6.1 VNOMIC CONTENT REPOSITORY The Vnomic Content Repository (VCR) contains all the software artifacts required for the automation of
complex application landscapes on cloud and datacenter infrastructures. These artifacts include the
installers, binaries, and scripts required to install the Vnomic solution software and all of the software
components required for the deployment of customer-specific application landscapes, for example, SAP
HANA and SAP NetWeaver. The VCR contains metadata specifying the versions and interdependencies
among artifacts.
In Azure, VCRs are hosted on Azure blob storage containers. VCRs can be cloned and managed using
blob storage operations. VCRs are typically replicated across regions so that automated deployments in
each region have access to a VCR hosted in the same region to ensure performance and availability.
Vnomic Proprietary and Confidential 6 VNAZDG2019-5
6.2 VNOMIC META DIRECTOR (VMD) The Vnomic MetaDirector (VMD) is the Vnomic software which handles all the automation features of
the Vnomic Automated SAP Workload Deployment and Management Solution. The VMD is deployed as
an Azure managed application virtual machine using binaries hosted in the VCR.
The VMD orchestrates end-to-end automation of the provisioning and configuration of resources, and
the deployment and configuration of software, across multiple data centers and types of infrastructure.
The VMD computes the fulfillment of the landscape design requirements specified in Vnomic Blueprint
Workbooks and tracks all resources provisioned. Orchestration and reporting operations are managed
as jobs that are controlled and monitored using the VMD UI console or REST API.
The VMD provides a user interface (UI) console and REST API via HTTPS and administration access via
SSH.
6.3 VNOMIC METADIRECTOR USER INTERFACE The VMD hosts a user interface (UI), allowing direct interaction via a browser. The VMD UI enables the
following interactions:
• Upload and deploy Vnomic Blueprint Workbooks
• Browse deployment topologies and infrastructure resources
• Monitor and review deployment and reporting jobs
• Management of automation jobs
• Automation troubleshooting and diagnosis
6.4 VNOMIC BLUEPRINT WORKBOOKS FOR AZURE Vnomic uses Excel workbooks to describe the parameterizations of pre-built deployment architectures
and designs for applications and datacenters which comply with the requirements and best practices set
forth by the respective infrastructure and software vendors. Each workbook acts as a blueprint which
contains the functional requirements and constraints of a set of SAP application deployments. SAP
application architects edit Vnomic blueprint workbooks to reflect project requirements for production
and non-production scenarios. Vnomic Blueprint Workbooks are then submitted to a Vnomic
MetaDirector instance to compute the required topology, generate the ARM templates, scripts, and API
calls, to provision the necessary resources, and execute the necessary commands and APIs to deploy
and configure all the software components.
6.4.1 Vnomic Blueprint Workbook Resource Cost Quantification
Vnomic Blueprint Workbooks use Azure rate card data to compute the costs for deployment topologies
they specify. Costs are computed at individual topology (SAP HANA, Netweaver, etc.) level and rolled up
across all topologies configured in the workbook. See the workbook Deployment Costs tab.
The generic Vnomic Blueprint Workbook includes Azure Rate Card data from a subscription owned by
Vnomic with no special discounts. Vnomic has verified that these match the values obtained in the Azure
Pricing Calculator. In order to get the most accurate rates, the blueprint workbooks can be updated with
the Azure rate card data for the customer subscription where the topologies will be provisioned.
Vnomic Proprietary and Confidential 7 VNAZDG2019-5
6.4.2 Vnomic Blueprint Workbook Service Offerings
The set of configurations available in a Vnomic Blueprint Workbook is referred to as the Blueprint
Service Offering. A Blueprint Service Offering is a subset of the valid parameterizations for the pre-built
deployment architectures and designs expressed by the blueprint. Specifically, instead of allowing users
to select arbitrary combinations of server and storage sizes, specific combinations are selected by the
service offering designer. The primary objectives of service offerings are to reduce complexity, enforce
standardization, and control costs.
Some examples of parameters controllable by service offerings include:
• Servers size and storage
• Server network connectivity
• Server backup and recovery
• Operating system image distro and version
• Application components and topologies
• Application HA options and scaling limits
• Site-site connectivity
• Access method to cloud topologies (VPN, jump-box) and allowed authentication methods
6.4.3 Creating Customized Blueprint Workbook Service Offerings
Vnomic Blueprint Workbooks follow a specific structure so that they may be consumed by Vnomic
automation and analysis components. Users should only change the designated yellow input areas in
the exposed tabs. Changing cells, formulas, or any data in other parts of the workbook can lead to
unexpected behaviors.
If the available Vnomic blueprint workbooks don’t meet your project needs, there are a few options:
1. Make a support request to Vnomic describing your specific requirements. Often Vnomic may
already support the requirement but may not have published it to the main repository. Adding
different additional resource options or specific software version is usually fast assuming they
are already supported by the respective infrastructure and software vendors.
2. If you want more control over service offering definitions such as creating and maintaining your
own service offerings, contact Vnomic support for information on specific training and
certification for this activity.
7 VMD DEPLOYMENT
This VMD deployment procedure assumes the VMD deployment script is executed within an Azure
Cloud Shell environment. This procedure should work from a Linux server with the appropriate
PowerShell and Azure tools installed.
7.1 VMD DEPLOYMENT PRE-REQUISITES The following table lists the pre-requisites for a VMD deploying into an Azure subscription. The optional
items can be ignored if the respective capability they enable is not required.
Vnomic Proprietary and Confidential 8 VNAZDG2019-5
Pre-requisite Required? Description
Subscription administrator
user
Required A user with administrative access to the target
subscription with the owner role who will perform
subscription configuration and execute the VMD
deployment procedure
Service principal Required A service principal the VMD uses to
programmatically interact with Azure Resource
Manager and related Azure APIs
VMD managed application
subnet
Required The subnet to which the VMD will attach. This
subnet should be able to reach the subnets used
for the VMs provisioned by the VMD
Microsoft.Solutions provider Required The Microsoft.Solutions provider registered in the
target subscription for managed application
deployment of VMD
Storage account Optional A storage account to hosts a VCR copy when a
subscription local VCR is required due to
subscription security and networking requirements
Deployment resource group Optional A specific resource group that will host the
resources the VMD provisions. The default is to
allow the VMD to automatically create a resource
group for each deployment
Deployment subnet Optional A subnet to which the VMs provisioned by the VMD
will be attached. This subnet should be reachable
from the VMD VM and reachable from other
relevant networks as well as allow access to Azure
infrastructure endpoints
7.2 VMD DEPLOYMENT CONSIDERATIONS The section covers the topics which should be considered for VMD deployments. Such topics include the
customer-specific network connectivity and security requirements within the target subscription.
7.2.1 VMD Deployment into a Locked-down Subscription
Customers who manage their subscriptions as part of their datacenter often restrict network
communication to only required endpoints to maximize security. In this case, access to the internet and
possibly to many Azure services will be disabled with network security rules or incorporation of virtual
network appliances in the respective communication paths.
Vnomic Proprietary and Confidential 9 VNAZDG2019-5
The following approach can be used for deploying and operating VMD instances in a locked-down
subscription:
1. A local copy of the master Vnomic Content Repository (VCR) is created in the target subscription and
content updates to the local VCR strictly controlled
2. The customer grants the VMD service principal the creator role in the specific resource groups
where the VMD will create resources, and to the virtual networks the VMs provisioned by the VMD
will attach
3. VMD instances are provisioned from binaries held in the local VCR
4. The customer provides access to appropriate operating system repositories which can be provided
by Azure, hosted in the local subscription or on-premise
5. The customer manages access of the VMs provisioned by VMDs using cluster management software
requiring access to the Azure API and Azure Active Directory to perform fencing
6. The customer may want to use custom-built and certified golden images which may or may not be
pre-configured to use their custom yum repositories. Review or contact Vnomic regarding best
practices for handling such scenarios.
7. The following table lists the Azure endpoint access required by the VMD. Ensure the VMD has this
access if there is an NSG or ASG associated with its NIC or subnet. If no NSG or ASG is used, these
Azure endpoints will already be accessible.
Endpoint Service Tag Purpose
Azure blob storage Storage Access to the local Vnomic Content Repository
Azure Active Directory AzureActiveDirectory Authentication to Azure APIs
Azure cloud AzureCloud Access to ARM and Azure APIs
Azure monitor AzureMonitor Support Azure VM monitoring
Vnomic Proprietary and Confidential 10 VNAZDG2019-5
The NSG rules table shown below is an example of how the Azure endpoints can be enabled.
8. The following table lists the Azure endpoint access required by the VMs created by the VMD. The
VMD attaches all VMs it creates to the VMD deployment subnet. Ensure the VMD deployment
subnet has access to these Azure endpoints. If no NSG or ASG is used, these Azure endpoints will
already be accessible.
Endpoint Service Tag Purpose
Azure blob storage
Storage Access to the local Vnomic Content Repository
Azure Active Directory
AzureActiveDirectory Authentication by deployed cluster managers for fencing
Azure cloud AzureCloud Access to ARM and Azure APIs to access Azure OS repositories if custom OS repositories not used AND by deployed cluster managers for fencing when Linux clustering is used for HA
Azure monitor AzureMonitor Support Azure VM monitoring
Customer OS repo Custom rule named: AzureCustomerPackageRepo
Access to the customer’s OS repositories they have made accessible in their subscription network
The NSG rules table shown below is an example of how the Azure endpoints can be enabled on
the VMD deployment subnet.
Vnomic Proprietary and Confidential 11 VNAZDG2019-5
7.2.2 Deployment with a Subscription Local VCR copy
A subscription local copy of the VCR is used to allow the customer datacenter administration team
complete control over the update and access to VCR contents. This requires datacenter administrators
to take responsibility for updating control from the Vnomic hosts master VCRs to the local VCRs.
Additionally, it is a best practice to host a VCR in each region where the VMD will deploy VMs to ensure
performant access to the blob storage hosting the VCR content.
7.2.3 VMD Operator/Administrator Access
VMD instances listen on HTTPS/REST, and SSH endpoints over the single NIC provisioned for the VMD.
VMD NICs should be attached to a subnet accessible via a jumpbox, VPN gateway, or similar solution to
enable access to administrators, operators, and automation clients.
7.3 CREATE AZURE APPLICATION REGISTRATION (SERVICE PRINCIPAL) This section provides a very brief overview of how to create a service principal required for VMD
deployment. Please refer to the appropriate Azure documentation regarding application registration
and service principals.
Application registration creates a service principal for the VMD to use to access the Azure API.
1. In the Azure Portal navigate to Active Directory – App Registrations
Vnomic Proprietary and Confidential 12 VNAZDG2019-5
2. Click on New Registration
3. Enter a new name for the App registration.
4. Select the ‘Accounts in this organizational directory only’ account type
5. Click the register button to create the app registration
6. Copy the application ID and save it for use in the VMD deployment process
Vnomic Proprietary and Confidential 13 VNAZDG2019-5
7. Click on Certificates and secrets to create an application registration client secret
8. Click on New client secrete to generate a secret
9. Enter a secret description, such as “Secret for VMD1”.
10. Select an expiration interval of 1 year
11. Copy the generated client secret value and save it for use in the VMD deployment process
7.4 ADD ROLES FOR THE VMD SERVICE PRINCIPAL The simplest approach is to add the contributor role for the VMD service principal on the subscription,
allowing the VMD to create resource groups for deployments on the fly and place the resources
Vnomic Proprietary and Confidential 14 VNAZDG2019-5
belonging to each deployment into a unique resource group. The negative is that it grants the VMD the
permissions to create and delete resources in more than one resource group, which may not be
appealing to subscription administrators. To restrict which resource groups the VMD can modify, create
or designate one or more specific resource groups for this purpose and add the contributor role for the
VMD service principal to each such resource group.
If you chose not to grant contributor role for the VMD service principal or if the virtual network
containing the subnet to which the VMD will attach provisioned VMs is not contained in one of the
resource groups, you must grant the creator role to the VMD service principal for the resource group
containing each such virtual network.
7.5 AZURE MICROSOFT.SOLUTIONS RESOURCE PROVIDER The Microsoft.Solutions provider must be registered in the target subscription in order to support the
Azure managed application deployment technique used to deploy VMD.
Perform the following steps to ensure the Microsoft.Solutions resource provider is enabled for the
target subscription:
1. Navigate to the target subscription
2. Select Resource Providers
3. Find the row containing Microsoft.Solutions
4. Verify that its status is registered
5. If it is not registered, select and register it. If you are unable to register, you probably need
higher permissions for the subscription. Check that you are a subscription owner, or find a
subscription owner who can perform this operation for you.
7.6 VMD DEPLOYMENT USING A PARAMETERS FILE This procedure provides the best repeatability and control as it uses a JSON file to specify all the VMD
deployment parameters and can be re-used conveniently for additional VMD deployments.
A sample parameters template is included in each VCR and contains all the necessary parameter which
must be specified to deploy the VMD version contained in the VCR.
A PowerShell script use used to deploy a VMD instance into Azure using a VMD parameters file and is
also included in the VCR.
7.6.1 VMD Parameters File Contents
Following is the text contained with the provided VMD parameters file template. Each JSON value is
represented by an input variable name which acts as a placeholder until the actual value is updated
using a text editor. The parameters file must contain valid JSON.
{
"location": {
"value": "<<Region>>"
},
"deploymentName": {
Vnomic Proprietary and Confidential 15 VNAZDG2019-5
"value": "<<DeploymentName>>"
},
"repositoryURL": {
"value": "<<RepositoryURL>>"
},
"repositorySAS": {
"value": "<<RepositorySAS>>"
},
"applicationID": {
"value": "<<ApplicationID>>"
},
"applicationKey": {
"value": "<<ClientSecretValue>>"
},
"vnetResourceGroupName": {
"value": "<<VNetResourceGroupName>>"
},
"vnetName": {
"value": "<<VNetName>>"
},
"vnetSubnetName": {
"value": "<<VNetSubnetName>>"
},
"adminPasswordOrKey": {
"value": "<<AdminPassword>>"
},
"virtualNetworkNewOrExisting": {
"value": "existing"
},
"vmNamePrefix": {
"value": "<<VMNamePrefix>>"
}
}
The following table describes each field of the VMD parameters file.
Parameter name Allowed values Description
location Valid Azure location/region name: centralus eastus eastus2 northcentralus southcentralus uksouth
The location/region where the VMD will be created
Vnomic Proprietary and Confidential 16 VNAZDG2019-5
ukwest westcentralus westus westus2
deploymentName 1-10 characters, where the first character must be alphabetic
The unique ID of the VMD instance. This name is used to avoid ARM namespace collisions when multiple VMD instances are deployed in the same subscription. For example, the names of resource groups created by each VMD are prefixed with this string
repositoryURL Valid Azure blob storage container URL
The Azure blob storage container URL of the VCR provided by Vnomic or created to host a clone of a VCR in the current subscription
repositorySAS Valid Azure blob storage SAS token
The Azure blob storage SAS token of the VCR provided by Vnomic or created to host a clone of a VCR in the current subscription
applicationID Valid application registration application ID
Application ID of the application registration (service principal) to be used by the VMD for Azure API access
applicationKey Valid application registration client secret
The client secret value of the application registration (service principal) to be used by the VMD for Azure API access
vnetResourceGroupName
Valid Azure resource group name
The name of the resource group containing the virtual network containing the subnet to which the VMD NIC will attach
vnetName Valid Azure virtual network name
The name of the virtual network containing the subnet to which the VMD NIC will attach
vnetSubnetName Valid Azure subnet name The name of the subnet to which the VMD NIC will attach
adminPasswordOrKey Valid Linux password or SSH public key
This procedure assumes password authentication is used, and the user ID is “vnomic.” This value should contain the password for the VMD VM
virtualNetworkNewOrExisting
“existing” (don’t edit) Always “existing” for deployment with this procedure
vmNamePrefix 3-20 alpha-numeric characters, where the first character must be alphabetic
The string prepended to the name of all VMD related resources
Vnomic Proprietary and Confidential 17 VNAZDG2019-5
7.6.2 VMD Deployment Input Variables
This section provides a list of all the input values required for VMD deployment. The input variable
values include all the values used for the VMD deployment script arguments and in the VMD parameters
file JSON values.
Input Variable Name Description Value
<<SubscriptionID >> The subscription ID into which the VMD is being deployed
deployment-specific
<<ApplicationResourceGroupName>> The resource group name to be used for the VMD managed application deployment
vmd1-rg
<<ApplicationParameterFileName>> The path of the VMD parameters file, in JSON format
VMDParameters.json
<<Region>> The region/location where the VMD is being deployed
eastus2
<<DeploymentName>> The unique ID of the VMD instance. This name is used to avoid ARM namespace collisions when multiple VMD instances are deployed in the same subscription. For example, the names of resource groups created by each VMD are prefixed with this string
vn-poc1
<<RepositoryURL>> The Azure blob storage container URL of the VCR provided by Vnomic or created to host a clone of a VCR in the current subscription
deployment-specific
<<RepositorySAS>> The Azure blob storage SAS token of the VCR provided by Vnomic or created to host a clone of a VCR in the current subscription
deployment-specific
<<ApplicationID>> Application ID of the application registration (service principal) to be used by the VMD for Azure API access
deployment-specific
<<ClientSecretValue>> The client secret value of the application registration (service principal) to be used by the VMD for Azure API access
deployment-specific
<<VNetResourceGroupName>> The name of the resource group containing the virtual network containing the subnet to which the VMD NIC will attach
deployment-specific
<<VNetName>> The name of the virtual network containing the subnet to which the VMD NIC will attach
deployment-specific
Vnomic Proprietary and Confidential 18 VNAZDG2019-5
<<VNetSubnetName>> The name of the subnet to which the VMD NIC will attach
deployment-specific
<<AdminPassword>> The VMD admin password deployment specific
<<VMNamePrefix>> The string prepended to the name of all VMD related resources
deployment-specific
7.6.3 Download the VMD Parameters File
Point your browser to the following URL to download the VMD parameters file to your local disk for
editing:
curl -o VMDParameters-template-1.json '<<RepositoryURL>>/VMDParameters-
template-1.json<<RepositorySAS>>'
Point your browser to the following URL to download the VMD deployment input variables workbook
file to your local disk for editing:
<<RepositoryURL>>/VMDDeployementInputVariables-1.xlsx<<RepositorySAS>>
7.6.4 Update the VMD Parameters File
Use the VMD deployment input variables workbook to manage the values of all the VMD deployment
input variables. Once complete, replace the value in the VMD parameters file template with the
appropriate value from the VMD deployment input variables workbook.
Upload the edited VMD parameters file template to your Azure Cloud Shell environment, naming it
VMDParameters.json.
7.7 VMD DEPLOYMENT SCRIPT The VMD deployment script is used to deploy a VMD instance using a JSON parameters file and is
located at the following relative path in the VCR:
<<RepositoryURL>>/VMDDeployer.ps1<<RepositorySAS>>
7.7.1 VMD Deployment Script Arguments
The following table describes the arguments required by the VMD deployment script. Note that these
are independent of the parameters in the VMD parameters file and are not optional.
Parameter name Description
SubscriptionID The subscription ID into which the VMD is being deployed
Vnomic Proprietary and Confidential 19 VNAZDG2019-5
ApplicationResourceGroupName The resource group name to be used for the VMD managed application deployment
ApplicationParameterFileName The path of the VMD parameters file, in JSON format, e.g., VMDParameters.json
7.7.2 Download the VMD Deployment Script
Use the following command to download the VMD deployment script into your Azure Cloud Shell
environment:
curl -o VMDDeployer.ps1 '<<RepositoryURL>>/VMDDeployer.ps1<<RepositorySAS>>'
7.8 INITIATE THE VMD DEPLOYMENT Execute the following command to invoke the VMD deployment script in your Azure Cloud Shell session.
Note that in this example all script and the parameters file are both in the current working directory.
pwsh VMDDeployer.ps1 -SubscriptionID <<SubscriptionID>> -
ApplicationResourceGroupName <<ApplicationResourceGroupName>> -
ApplicationParameterFileName <<ApplicationParamaterFileName>>
Under typical conditions, the VMD deployment takes from 15 to 20 minutes to complete.
7.8.1 VMD Instance Resource Groups Created
Each VMD deployment causes two resource groups to be created to host the resources in the managed
application to host the VMD VM and related resources.
A resource group with name <<ApplicationResourceGroupName>> is created to host the managed
application and the VMD solution installer.
A resource group with name <<ApplicationResourceGroupName>>-managed is created to host the VMD
VM and its supporting Azure resources.
Vnomic Proprietary and Confidential 20 VNAZDG2019-5
7.8.2 Monitor the VMD Deployment
Once the resource group with name <<ApplicationResourceGroupName>>-managed is visible in the
Azure portal, the respective deployment process can be monitored.
If a failure occurs, check the VMD deployment script argument values and the VMD parameter file
values. To repeat the VMD deployment, first, ensure the resource groups named A resource group with
name <<ApplicationResourceGroupName>>-managed and A resource group with name
<<ApplicationResourceGroupName>> are completely deleted. Then invoke the VMD deployment script
again and continue to monitor the deployment process.
7.8.3 Obtaining the VMD console UI URL
Once the VMD deployment process is complete, the VMD endpoint URL can be obtained by navigating
to the deployment’s outputs tab and copying the vmEndPoint output value. Use this URL to access the
VMD UI console from a browser.
Vnomic Proprietary and Confidential 21 VNAZDG2019-5
Note that the VMD UI works best with the latest Google Chrome browsers. Browsers such as Internet
Explorer, which lack the latest JavaScript support, are not supported.
7.8.4 Connect to VMD Console User Interface (UI)
VMD console UI endpoint is available in the outputs section of ARM template it was deployed with. It is
denoted as a URL of the form https://<vmd-IP or hostname>:1443/vnomic. For example,
https://10.22.1.4:1443/vnomic.
If your browser has connectivity to the VMD endpoint, you should see the following dialog:
The default credentials are:
username: vnomic
password: vnomic
7.8.5 Verify VMD Deployment
Perform the following steps to verify the VMD deployment completed correctly:
1. Connect to VMD UI
2. Check that the resources tab shows the correct subnet configured for the VMD
3. Check that the system status tab for any errors
Vnomic Proprietary and Confidential 22 VNAZDG2019-5
7.8.6 Execute a Blueprint Workbook Deployment
Deploy one of the sample Vnomic Blueprint Workbook to verify the VMD deployment and subscription
are correct.
7.9 CONNECT TO VMD COMMAND LINE INTERFACE (CLI) The VMD command-line interface is used to administer the VMD software including the Desired State
Controller (DSC), Model database and resource databases as well as running general Linux
administration commands.
The VMD uses port 55 for SSH to avoid continuous attacks from the Internet.
The default is user name: vnomic
The password is the value provided in the VMD parameters file during VMD deployment.
8 SPECIFYING DEPLOYMENTS WITH VNOMIC BLUEPRINT WORKBOOKS
8.1 OPENING VNOMIC BLUEPRINT WORKBOOKS Vnomic Blueprint Workbooks contain data and Visual Basic for Applications (VBA) code in the form of
embedded macros. The VBA code must be allowed to execute to allow the workbook to present and
validate deployment topology configuration information.
Vnomic Proprietary and Confidential 23 VNAZDG2019-5
Excel prompts each time a Vnomic Blueprint workbook in a different folder. You MUST enable macros to
execute so that the workbook can function correctly. Click on the enable content button each time you
are prompted.
8.2 VNOMIC BLUEPRINT WORKBOOK STRUCTURE This section describes Vnomic Blueprint Workbooks for end-to-end automation of SAP topologies on
Microsoft Azure. Vnomic uses Excel workbooks to describe the parameterizations of pre-built
deployment architectures and designs for applications and datacenters which comply with the
requirements and best practices set forth by the respective infrastructure and software vendors. Each
workbook is treated as a blueprint which contains the functional requirements and constraints of a set
of SAP application deployments. SAP application architects edit Vnomic blueprint workbook input
sections to reflect project requirements for production and non-production scenarios. Vnomic Blueprint
Workbooks are then submitted to a Vnomic MetaDirector instance to compute the required topology,
generate the ARM templates, scripts, and API calls, to provision the necessary resources, and execute
the necessary commands and APIs to deploy and configure all the software components.
Vnomic Blueprint Workbooks contain prebuilt tabs.
The following table describes the tabs contained in the Vnomic Blueprint SAP Workbook for Azure.
Excel tab Tab kind Description
Quick Start topology configuration Quick configuration and enablement of workbook topology tabs
Version version information Provides blueprint , schema version numbers, and Azure rate card source
General Information general information configuration Configures information that affects all topologies in the workbook
Netweaver topology configuration Configures an instance of an SAP Netweaver topology
Fiori topology configuration Configures an instance of an SAP Fiori (front end) topology
HANA topology configuration Configures an instance of an SAP HANA topology
Transport topology configuration Configures an instance of SAP Netweaver transport storage
SBD topology configuration Configure the STONITH Block Device used for SLES HA storage
Vnomic Proprietary and Confidential 24 VNAZDG2019-5
Servers topology configuration Configures a tier of generic servers (no specific software installed)
Deployment Costs deployment cost information Quantifies the deployment cost of all deployments in the workbook
Note that some tabs provide information and others allow configuration of a set of SAP topology
functional requirements and constraints.
8.3 TOPOLOGY TABS Each topology tab represents a topology which contains one or more tiers. A tier is a specification of the
software which is installed on a server and the specific server, network and storage resources
provisioned for each server. A tier may have 0, 1 or more servers. The servers in a tier are generally
considered homogenous, i.e. they are identical accept for instance information such as IP addresses,
host names, and any instance specific resources or software deployed on the each server.
Each topology tab has an input section where tier specific requirements are specified. As requirements
are input, the workbook validates them and computes the effective fulfillment based on the workbook
service offering, shown in the computed fulfillment section.
Vnomic Proprietary and Confidential 25 VNAZDG2019-5
8.4 TOPOLOGY TABS AS LANDSCAPE BUILDING BLOCKS Each topology tab represents a building block of an SAP landscape. Multiple tabs are used to construct a
landscape with the desired SAP components. Multiple tabs can be used simultaneously. Some tabs
provide services to other tabs, such as HANA providing database service to Netweaver or SBD providing
HA storage HANA HSR and Netweaver HA.
Each tab has a deployment name which is the administrative name given to the instance of the topology
represented by the tab. In the above example, hsr9 is the name of the HANA deployment. This name will
appear in the Vnomic Metadata Director (VMD) UI deployments tab when this workbook is deployed by
VMD. The deployment name is also used to name the Azure resources created to realize this
deployment. Since only one deployment name can be specified for each tab, each tab represents one
deployment of the tab. In order to deploy multiple instances, multiple workbooks should be used where
unique deployment names are used in the respective tabs.
The following diagram shows the dependencies between tabs and the input values which control them.
8.5 CONFIGURING THE TOPOLOGY INTERDEPENDENCIES 1. Start with a workbook that has all tabs configured to work together. This will ensure all tabs
already correctly configured. Vnomic publishes HA and non-HA versions.
2. Disable the tabs you don’t need by disabling them in the Quick Start tab.
3. Rename the remaining deployments to suite your needs. Ensure that the dependencies that
refer to deployment names, Landscape ID and SBD deployment ID are updated in all tabs if you
change any of these.
4. Save the workbook and deploy to verify you see the intended topology components.