Vnomic Automated SAP Workload Deployment and Management

Vnomic Proprietary and Confidential 1 VNAZDG2019-5

Vnomic Automated SAP Workload Deployment and Management for Azure

SEPTEMBER 2019


CONTENTS

1 Introduction .......................................................................................................................................... 4

2 Additional Training ................................................................................................................................ 4

3 Audience ............................................................................................................................................... 4

4 Version Compatibility ............................................................................................................................ 4

5 Supported Azure Regions ...................................................................................................................... 4

6 Vnomic Solution Components .............................................................................................................. 5

6.1 Vnomic Content Repository .......................................................................................................... 5

6.2 Vnomic Meta Director (VMD) ....................................................................................................... 6

6.3 Vnomic MetaDirector User Interface ............................................................................................ 6

6.4 Vnomic Blueprint Workbooks for Azure ....................................................................................... 6

6.4.1 Vnomic Blueprint Workbook Resource Cost Quantification ................................................. 6

6.4.2 Vnomic Blueprint Workbook Service Offerings .................................................................... 7

6.4.3 Creating Customized Blueprint Workbook Service Offerings ............................................... 7

7 VMD Deployment.................................................................................................................................. 7

7.1 VMD Deployment Pre-requisites .................................................................................................. 7

7.2 VMD Deployment Considerations ................................................................................................ 8

7.2.1 VMD Deployment into a Locked-down Subscription ............................................................ 8

7.2.2 Deployment with a Subscription Local VCR copy ............................................................... 11

7.2.3 VMD Operator/Administrator Access ................................................................................. 11

7.3 Create Azure Application Registration (Service Principal) .......................................................... 11

7.4 Add Roles for the VMD Service Principal .................................................................................... 13

7.5 Azure Microsoft.Solutions Resource Provider ............................................................................ 14

7.6 VMD Deployment using a Parameters File ................................................................................. 14

7.6.1 VMD Parameters File Contents ........................................................................................... 14

7.6.2 VMD Deployment Input Variables ...................................................................................... 17

7.6.3 Download the VMD Parameters File................................................................................... 18

7.6.4 Update the VMD Parameters File ....................................................................................... 18

7.7 VMD Deployment Script ............................................................................................................. 18

7.7.1 VMD Deployment Script Arguments ................................................................................... 18

7.7.2 Download the VMD Deployment Script .............................................................................. 19

7.8 Initiate the VMD Deployment ..................................................................................................... 19


7.8.1 VMD Instance Resource Groups Created ............................................................................ 19

7.8.2 Monitor the VMD Deployment ........................................................................................... 20

7.8.3 Obtaining the VMD console UI URL .................................................................................... 20

7.8.4 Connect to VMD Console User Interface (UI) ..................................................................... 21

7.8.5 Verify VMD Deployment ..................................................................................................... 21

7.8.6 Execute a Blueprint Workbook Deployment ...................................................................... 22

7.9 Connect to VMD Command Line Interface (CLI) ......................................................................... 22

8 Specifying Deployments with Vnomic Blueprint Workbooks ............................................................. 22

8.1 Opening Vnomic Blueprint Workbooks ...................................................................................... 22

8.2 Vnomic Blueprint Workbook Structure ...................................................................................... 23

8.3 Topology Tabs ............................................................................................................................. 24

8.4 Topology Tabs as Landscape Building Blocks .............................................................................. 25

8.5 Configuring the Topology Interdependencies ............................................................................ 25


1 INTRODUCTION

This document introduces the Vnomic Automated SAP Workload Deployment and Management Solution

for Azure. It describes the procedure for deploying the Vnomic Automated SAP Workload Deployment

and Management Solution for Azure as an Azure Managed Application. Then the basic procedure for

deploying SAP applications using Vnomic Blueprint Workbooks for the most common SAP application

components (SAP HANA, SAP Business Warehouse, and SAP S4/HANA) is provided via uploading

workbooks to the Vnomic MetaDirector.

2 ADDITIONAL TRAINING

This document provides a basic overview of the relevant topics to quickly and reliably deploy production

quality SAP application topologies on Azure. Vnomic offers specific training for planning,

implementation, and operation of SAP applications using the Vnomic Automated SAP Workload

Deployment and Management Solution for Azure. Please contact Vnomic for further information

(www.vnomic.com, mailto:[email protected]).

3 AUDIENCE

This document assumes the following background and competencies:

1. Architectural knowledge of the SAP application components, SAP topologies, and best practices

2. Basic administration knowledge of Azure and understanding of the concepts of subscriptions,

resource groups, Azure Resource Manager (ARM), and ARM resources

4 VERSION COMPATIBILITY

Vnomic blueprint workbooks contain a specific data schema which is supported by specific Vnomic

MetaDirector versions. Combinations not listed are not supported.

Blueprint Workbook Version VMD

14.6.43 or later 14.6.1 or later

5 SUPPORTED AZURE REGIONS

The following regions are supported by Vnomic MetaDirector (VMD).

Note that VMD can technically be deployed to any Azure region as it relies on Azure managed

application services for its deployment. However, the VMD can only deploy application topologies into a

region if the provided Vnomic Blueprint Workbook allows targeting the specific region. Hence the list

below indicates the Azure regions supported by the respective version of Vnomic Blueprint Workbooks

specified in this document.

http://www.vnomic.com/

mailto:[email protected]?subject=Vnomic%20on%20Azure


LocationId LocationDisplayName

centralus Central US

eastus East US

eastus2 East US 2

northcentralus North Central US

southcentralus South Central US

uksouth UK South

ukwest UK West

westcentralus West Central US

westeurope EU West

westus West US

westus2 West US 2

6 VNOMIC SOLUTION COMPONENTS

This section provides an overview of the components comprising the Vnomic Automated SAP Workload

Deployment and Management Solution for Azure.

6.1 VNOMIC CONTENT REPOSITORY The Vnomic Content Repository (VCR) contains all the software artifacts required for the automation of

complex application landscapes on cloud and datacenter infrastructures. These artifacts include the

installers, binaries, and scripts required to install the Vnomic solution software and all of the software

components required for the deployment of customer-specific application landscapes, for example, SAP

HANA and SAP NetWeaver. The VCR contains metadata specifying the versions and interdependencies

among artifacts.

In Azure, VCRs are hosted on Azure blob storage containers. VCRs can be cloned and managed using

blob storage operations. VCRs are typically replicated across regions so that automated deployments in

each region have access to a VCR hosted in the same region to ensure performance and availability.


6.2 VNOMIC META DIRECTOR (VMD) The Vnomic MetaDirector (VMD) is the Vnomic software which handles all the automation features of

the Vnomic Automated SAP Workload Deployment and Management Solution. The VMD is deployed as

an Azure managed application virtual machine using binaries hosted in the VCR.

The VMD orchestrates end-to-end automation of the provisioning and configuration of resources, and

the deployment and configuration of software, across multiple data centers and types of infrastructure.

The VMD computes the fulfillment of the landscape design requirements specified in Vnomic Blueprint

Workbooks and tracks all resources provisioned. Orchestration and reporting operations are managed

as jobs that are controlled and monitored using the VMD UI console or REST API.

The VMD provides a user interface (UI) console and REST API via HTTPS and administration access via

SSH.

6.3 VNOMIC METADIRECTOR USER INTERFACE The VMD hosts a user interface (UI), allowing direct interaction via a browser. The VMD UI enables the

following interactions:

• Upload and deploy Vnomic Blueprint Workbooks

• Browse deployment topologies and infrastructure resources

• Monitor and review deployment and reporting jobs

• Management of automation jobs

• Automation troubleshooting and diagnosis

6.4 VNOMIC BLUEPRINT WORKBOOKS FOR AZURE Vnomic uses Excel workbooks to describe the parameterizations of pre-built deployment architectures

and designs for applications and datacenters which comply with the requirements and best practices set

forth by the respective infrastructure and software vendors. Each workbook acts as a blueprint which

contains the functional requirements and constraints of a set of SAP application deployments. SAP

application architects edit Vnomic blueprint workbooks to reflect project requirements for production

and non-production scenarios. Vnomic Blueprint Workbooks are then submitted to a Vnomic

MetaDirector instance to compute the required topology, generate the ARM templates, scripts, and API

calls, to provision the necessary resources, and execute the necessary commands and APIs to deploy

and configure all the software components.

6.4.1 Vnomic Blueprint Workbook Resource Cost Quantification

Vnomic Blueprint Workbooks use Azure rate card data to compute the costs for deployment topologies

they specify. Costs are computed at individual topology (SAP HANA, Netweaver, etc.) level and rolled up

across all topologies configured in the workbook. See the workbook Deployment Costs tab.

The generic Vnomic Blueprint Workbook includes Azure Rate Card data from a subscription owned by

Vnomic with no special discounts. Vnomic has verified that these match the values obtained in the Azure

Pricing Calculator. In order to get the most accurate rates, the blueprint workbooks can be updated with

the Azure rate card data for the customer subscription where the topologies will be provisioned.


6.4.2 Vnomic Blueprint Workbook Service Offerings

The set of configurations available in a Vnomic Blueprint Workbook is referred to as the Blueprint

Service Offering. A Blueprint Service Offering is a subset of the valid parameterizations for the pre-built

deployment architectures and designs expressed by the blueprint. Specifically, instead of allowing users

to select arbitrary combinations of server and storage sizes, specific combinations are selected by the

service offering designer. The primary objectives of service offerings are to reduce complexity, enforce

standardization, and control costs.

Some examples of parameters controllable by service offerings include:

• Servers size and storage

• Server network connectivity

• Server backup and recovery

• Operating system image distro and version

• Application components and topologies

• Application HA options and scaling limits

• Site-site connectivity

• Access method to cloud topologies (VPN, jump-box) and allowed authentication methods

6.4.3 Creating Customized Blueprint Workbook Service Offerings

Vnomic Blueprint Workbooks follow a specific structure so that they may be consumed by Vnomic

automation and analysis components. Users should only change the designated yellow input areas in

the exposed tabs. Changing cells, formulas, or any data in other parts of the workbook can lead to

unexpected behaviors.

If the available Vnomic blueprint workbooks don’t meet your project needs, there are a few options:

1. Make a support request to Vnomic describing your specific requirements. Often Vnomic may

already support the requirement but may not have published it to the main repository. Adding

different additional resource options or specific software version is usually fast assuming they

are already supported by the respective infrastructure and software vendors.

2. If you want more control over service offering definitions such as creating and maintaining your

own service offerings, contact Vnomic support for information on specific training and

certification for this activity.

7 VMD DEPLOYMENT

This VMD deployment procedure assumes the VMD deployment script is executed within an Azure

Cloud Shell environment. This procedure should work from a Linux server with the appropriate

PowerShell and Azure tools installed.

7.1 VMD DEPLOYMENT PRE-REQUISITES The following table lists the pre-requisites for a VMD deploying into an Azure subscription. The optional

items can be ignored if the respective capability they enable is not required.


Pre-requisite Required? Description

Subscription administrator

user

Required A user with administrative access to the target

subscription with the owner role who will perform

subscription configuration and execute the VMD

deployment procedure

Service principal Required A service principal the VMD uses to

programmatically interact with Azure Resource

Manager and related Azure APIs

VMD managed application

subnet

Required The subnet to which the VMD will attach. This

subnet should be able to reach the subnets used

for the VMs provisioned by the VMD

Microsoft.Solutions provider Required The Microsoft.Solutions provider registered in the

target subscription for managed application

deployment of VMD

Storage account Optional A storage account to hosts a VCR copy when a

subscription local VCR is required due to

subscription security and networking requirements

Deployment resource group Optional A specific resource group that will host the

resources the VMD provisions. The default is to

allow the VMD to automatically create a resource

group for each deployment

Deployment subnet Optional A subnet to which the VMs provisioned by the VMD

will be attached. This subnet should be reachable

from the VMD VM and reachable from other

relevant networks as well as allow access to Azure

infrastructure endpoints

7.2 VMD DEPLOYMENT CONSIDERATIONS The section covers the topics which should be considered for VMD deployments. Such topics include the

customer-specific network connectivity and security requirements within the target subscription.

7.2.1 VMD Deployment into a Locked-down Subscription

Customers who manage their subscriptions as part of their datacenter often restrict network

communication to only required endpoints to maximize security. In this case, access to the internet and

possibly to many Azure services will be disabled with network security rules or incorporation of virtual

network appliances in the respective communication paths.


The following approach can be used for deploying and operating VMD instances in a locked-down

subscription:

1. A local copy of the master Vnomic Content Repository (VCR) is created in the target subscription and

content updates to the local VCR strictly controlled

2. The customer grants the VMD service principal the creator role in the specific resource groups

where the VMD will create resources, and to the virtual networks the VMs provisioned by the VMD

will attach

3. VMD instances are provisioned from binaries held in the local VCR

4. The customer provides access to appropriate operating system repositories which can be provided

by Azure, hosted in the local subscription or on-premise

5. The customer manages access of the VMs provisioned by VMDs using cluster management software

requiring access to the Azure API and Azure Active Directory to perform fencing

6. The customer may want to use custom-built and certified golden images which may or may not be

pre-configured to use their custom yum repositories. Review or contact Vnomic regarding best

practices for handling such scenarios.

7. The following table lists the Azure endpoint access required by the VMD. Ensure the VMD has this

access if there is an NSG or ASG associated with its NIC or subnet. If no NSG or ASG is used, these

Azure endpoints will already be accessible.

Endpoint Service Tag Purpose

Azure blob storage Storage Access to the local Vnomic Content Repository

Azure Active Directory AzureActiveDirectory Authentication to Azure APIs

Azure cloud AzureCloud Access to ARM and Azure APIs

Azure monitor AzureMonitor Support Azure VM monitoring


The NSG rules table shown below is an example of how the Azure endpoints can be enabled.

8. The following table lists the Azure endpoint access required by the VMs created by the VMD. The

VMD attaches all VMs it creates to the VMD deployment subnet. Ensure the VMD deployment

subnet has access to these Azure endpoints. If no NSG or ASG is used, these Azure endpoints will

already be accessible.

Endpoint Service Tag Purpose

Azure blob storage

Storage Access to the local Vnomic Content Repository

Azure Active Directory

AzureActiveDirectory Authentication by deployed cluster managers for fencing

Azure cloud AzureCloud Access to ARM and Azure APIs to access Azure OS repositories if custom OS repositories not used AND by deployed cluster managers for fencing when Linux clustering is used for HA

Azure monitor AzureMonitor Support Azure VM monitoring

Customer OS repo Custom rule named: AzureCustomerPackageRepo

Access to the customer’s OS repositories they have made accessible in their subscription network

The NSG rules table shown below is an example of how the Azure endpoints can be enabled on

the VMD deployment subnet.


7.2.2 Deployment with a Subscription Local VCR copy

A subscription local copy of the VCR is used to allow the customer datacenter administration team

complete control over the update and access to VCR contents. This requires datacenter administrators

to take responsibility for updating control from the Vnomic hosts master VCRs to the local VCRs.

Additionally, it is a best practice to host a VCR in each region where the VMD will deploy VMs to ensure

performant access to the blob storage hosting the VCR content.

7.2.3 VMD Operator/Administrator Access

VMD instances listen on HTTPS/REST, and SSH endpoints over the single NIC provisioned for the VMD.

VMD NICs should be attached to a subnet accessible via a jumpbox, VPN gateway, or similar solution to

enable access to administrators, operators, and automation clients.

7.3 CREATE AZURE APPLICATION REGISTRATION (SERVICE PRINCIPAL) This section provides a very brief overview of how to create a service principal required for VMD

deployment. Please refer to the appropriate Azure documentation regarding application registration

and service principals.

Application registration creates a service principal for the VMD to use to access the Azure API.

1. In the Azure Portal navigate to Active Directory – App Registrations


2. Click on New Registration

3. Enter a new name for the App registration.

4. Select the ‘Accounts in this organizational directory only’ account type

5. Click the register button to create the app registration

6. Copy the application ID and save it for use in the VMD deployment process


7. Click on Certificates and secrets to create an application registration client secret

8. Click on New client secrete to generate a secret

9. Enter a secret description, such as “Secret for VMD1”.

10. Select an expiration interval of 1 year

11. Copy the generated client secret value and save it for use in the VMD deployment process

7.4 ADD ROLES FOR THE VMD SERVICE PRINCIPAL The simplest approach is to add the contributor role for the VMD service principal on the subscription,

allowing the VMD to create resource groups for deployments on the fly and place the resources


belonging to each deployment into a unique resource group. The negative is that it grants the VMD the

permissions to create and delete resources in more than one resource group, which may not be

appealing to subscription administrators. To restrict which resource groups the VMD can modify, create

or designate one or more specific resource groups for this purpose and add the contributor role for the

VMD service principal to each such resource group.

If you chose not to grant contributor role for the VMD service principal or if the virtual network

containing the subnet to which the VMD will attach provisioned VMs is not contained in one of the

resource groups, you must grant the creator role to the VMD service principal for the resource group

containing each such virtual network.

7.5 AZURE MICROSOFT.SOLUTIONS RESOURCE PROVIDER The Microsoft.Solutions provider must be registered in the target subscription in order to support the

Azure managed application deployment technique used to deploy VMD.

Perform the following steps to ensure the Microsoft.Solutions resource provider is enabled for the

target subscription:

1. Navigate to the target subscription

2. Select Resource Providers

3. Find the row containing Microsoft.Solutions

4. Verify that its status is registered

5. If it is not registered, select and register it. If you are unable to register, you probably need

higher permissions for the subscription. Check that you are a subscription owner, or find a

subscription owner who can perform this operation for you.

7.6 VMD DEPLOYMENT USING A PARAMETERS FILE This procedure provides the best repeatability and control as it uses a JSON file to specify all the VMD

deployment parameters and can be re-used conveniently for additional VMD deployments.

A sample parameters template is included in each VCR and contains all the necessary parameter which

must be specified to deploy the VMD version contained in the VCR.

A PowerShell script use used to deploy a VMD instance into Azure using a VMD parameters file and is

also included in the VCR.

7.6.1 VMD Parameters File Contents

Following is the text contained with the provided VMD parameters file template. Each JSON value is

represented by an input variable name which acts as a placeholder until the actual value is updated

using a text editor. The parameters file must contain valid JSON.

{

"location": {

"value": "<<Region>>"

},

"deploymentName": {


"value": "<<DeploymentName>>"

},

"repositoryURL": {

"value": "<<RepositoryURL>>"

},

"repositorySAS": {

"value": "<<RepositorySAS>>"

},

"applicationID": {

"value": "<<ApplicationID>>"

},

"applicationKey": {

"value": "<<ClientSecretValue>>"

},

"vnetResourceGroupName": {

"value": "<<VNetResourceGroupName>>"

},

"vnetName": {

"value": "<<VNetName>>"

},

"vnetSubnetName": {

"value": "<<VNetSubnetName>>"

},

"adminPasswordOrKey": {

"value": "<<AdminPassword>>"

},

"virtualNetworkNewOrExisting": {

"value": "existing"

},

"vmNamePrefix": {

"value": "<<VMNamePrefix>>"

}

}

The following table describes each field of the VMD parameters file.

Parameter name Allowed values Description

location Valid Azure location/region name: centralus eastus eastus2 northcentralus southcentralus uksouth

The location/region where the VMD will be created


ukwest westcentralus westus westus2

deploymentName 1-10 characters, where the first character must be alphabetic

The unique ID of the VMD instance. This name is used to avoid ARM namespace collisions when multiple VMD instances are deployed in the same subscription. For example, the names of resource groups created by each VMD are prefixed with this string

repositoryURL Valid Azure blob storage container URL

The Azure blob storage container URL of the VCR provided by Vnomic or created to host a clone of a VCR in the current subscription

repositorySAS Valid Azure blob storage SAS token

The Azure blob storage SAS token of the VCR provided by Vnomic or created to host a clone of a VCR in the current subscription

applicationID Valid application registration application ID

Application ID of the application registration (service principal) to be used by the VMD for Azure API access

applicationKey Valid application registration client secret

The client secret value of the application registration (service principal) to be used by the VMD for Azure API access

vnetResourceGroupName

Valid Azure resource group name

The name of the resource group containing the virtual network containing the subnet to which the VMD NIC will attach

vnetName Valid Azure virtual network name

The name of the virtual network containing the subnet to which the VMD NIC will attach

vnetSubnetName Valid Azure subnet name The name of the subnet to which the VMD NIC will attach

adminPasswordOrKey Valid Linux password or SSH public key

This procedure assumes password authentication is used, and the user ID is “vnomic.” This value should contain the password for the VMD VM

virtualNetworkNewOrExisting

“existing” (don’t edit) Always “existing” for deployment with this procedure

vmNamePrefix 3-20 alpha-numeric characters, where the first character must be alphabetic

The string prepended to the name of all VMD related resources


7.6.2 VMD Deployment Input Variables

This section provides a list of all the input values required for VMD deployment. The input variable

values include all the values used for the VMD deployment script arguments and in the VMD parameters

file JSON values.

Input Variable Name Description Value

<<SubscriptionID >> The subscription ID into which the VMD is being deployed

deployment-specific

<<ApplicationResourceGroupName>> The resource group name to be used for the VMD managed application deployment

vmd1-rg

<<ApplicationParameterFileName>> The path of the VMD parameters file, in JSON format

VMDParameters.json

<<Region>> The region/location where the VMD is being deployed

eastus2

<<DeploymentName>> The unique ID of the VMD instance. This name is used to avoid ARM namespace collisions when multiple VMD instances are deployed in the same subscription. For example, the names of resource groups created by each VMD are prefixed with this string

vn-poc1

<<RepositoryURL>> The Azure blob storage container URL of the VCR provided by Vnomic or created to host a clone of a VCR in the current subscription

deployment-specific

<<RepositorySAS>> The Azure blob storage SAS token of the VCR provided by Vnomic or created to host a clone of a VCR in the current subscription

deployment-specific

<<ApplicationID>> Application ID of the application registration (service principal) to be used by the VMD for Azure API access

deployment-specific

<<ClientSecretValue>> The client secret value of the application registration (service principal) to be used by the VMD for Azure API access

deployment-specific

<<VNetResourceGroupName>> The name of the resource group containing the virtual network containing the subnet to which the VMD NIC will attach

deployment-specific

<<VNetName>> The name of the virtual network containing the subnet to which the VMD NIC will attach

deployment-specific


<<VNetSubnetName>> The name of the subnet to which the VMD NIC will attach

deployment-specific

<<AdminPassword>> The VMD admin password deployment specific

<<VMNamePrefix>> The string prepended to the name of all VMD related resources

deployment-specific

7.6.3 Download the VMD Parameters File

Point your browser to the following URL to download the VMD parameters file to your local disk for

editing:

curl -o VMDParameters-template-1.json '<<RepositoryURL>>/VMDParameters-

template-1.json<<RepositorySAS>>'

Point your browser to the following URL to download the VMD deployment input variables workbook

file to your local disk for editing:

<<RepositoryURL>>/VMDDeployementInputVariables-1.xlsx<<RepositorySAS>>

7.6.4 Update the VMD Parameters File

Use the VMD deployment input variables workbook to manage the values of all the VMD deployment

input variables. Once complete, replace the value in the VMD parameters file template with the

appropriate value from the VMD deployment input variables workbook.

Upload the edited VMD parameters file template to your Azure Cloud Shell environment, naming it

VMDParameters.json.

7.7 VMD DEPLOYMENT SCRIPT The VMD deployment script is used to deploy a VMD instance using a JSON parameters file and is

located at the following relative path in the VCR:

<<RepositoryURL>>/VMDDeployer.ps1<<RepositorySAS>>

7.7.1 VMD Deployment Script Arguments

The following table describes the arguments required by the VMD deployment script. Note that these

are independent of the parameters in the VMD parameters file and are not optional.

Parameter name Description

SubscriptionID The subscription ID into which the VMD is being deployed


ApplicationResourceGroupName The resource group name to be used for the VMD managed application deployment

ApplicationParameterFileName The path of the VMD parameters file, in JSON format, e.g., VMDParameters.json

7.7.2 Download the VMD Deployment Script

Use the following command to download the VMD deployment script into your Azure Cloud Shell

environment:

curl -o VMDDeployer.ps1 '<<RepositoryURL>>/VMDDeployer.ps1<<RepositorySAS>>'

7.8 INITIATE THE VMD DEPLOYMENT Execute the following command to invoke the VMD deployment script in your Azure Cloud Shell session.

Note that in this example all script and the parameters file are both in the current working directory.

pwsh VMDDeployer.ps1 -SubscriptionID <<SubscriptionID>> -

ApplicationResourceGroupName <<ApplicationResourceGroupName>> -

ApplicationParameterFileName <<ApplicationParamaterFileName>>

Under typical conditions, the VMD deployment takes from 15 to 20 minutes to complete.

7.8.1 VMD Instance Resource Groups Created

Each VMD deployment causes two resource groups to be created to host the resources in the managed

application to host the VMD VM and related resources.

A resource group with name <<ApplicationResourceGroupName>> is created to host the managed

application and the VMD solution installer.

A resource group with name <<ApplicationResourceGroupName>>-managed is created to host the VMD

VM and its supporting Azure resources.


7.8.2 Monitor the VMD Deployment

Once the resource group with name <<ApplicationResourceGroupName>>-managed is visible in the

Azure portal, the respective deployment process can be monitored.

If a failure occurs, check the VMD deployment script argument values and the VMD parameter file

values. To repeat the VMD deployment, first, ensure the resource groups named A resource group with

name <<ApplicationResourceGroupName>>-managed and A resource group with name

<<ApplicationResourceGroupName>> are completely deleted. Then invoke the VMD deployment script

again and continue to monitor the deployment process.

7.8.3 Obtaining the VMD console UI URL

Once the VMD deployment process is complete, the VMD endpoint URL can be obtained by navigating

to the deployment’s outputs tab and copying the vmEndPoint output value. Use this URL to access the

VMD UI console from a browser.


Note that the VMD UI works best with the latest Google Chrome browsers. Browsers such as Internet

Explorer, which lack the latest JavaScript support, are not supported.

7.8.4 Connect to VMD Console User Interface (UI)

VMD console UI endpoint is available in the outputs section of ARM template it was deployed with. It is

denoted as a URL of the form https://<vmd-IP or hostname>:1443/vnomic. For example,

https://10.22.1.4:1443/vnomic.

If your browser has connectivity to the VMD endpoint, you should see the following dialog:

The default credentials are:

username: vnomic

password: vnomic

7.8.5 Verify VMD Deployment

Perform the following steps to verify the VMD deployment completed correctly:

1. Connect to VMD UI

2. Check that the resources tab shows the correct subnet configured for the VMD

3. Check that the system status tab for any errors

https://10.22.1.4:1443/vnomic


7.8.6 Execute a Blueprint Workbook Deployment

Deploy one of the sample Vnomic Blueprint Workbook to verify the VMD deployment and subscription

are correct.

7.9 CONNECT TO VMD COMMAND LINE INTERFACE (CLI) The VMD command-line interface is used to administer the VMD software including the Desired State

Controller (DSC), Model database and resource databases as well as running general Linux

administration commands.

The VMD uses port 55 for SSH to avoid continuous attacks from the Internet.

The default is user name: vnomic

The password is the value provided in the VMD parameters file during VMD deployment.

8 SPECIFYING DEPLOYMENTS WITH VNOMIC BLUEPRINT WORKBOOKS

8.1 OPENING VNOMIC BLUEPRINT WORKBOOKS Vnomic Blueprint Workbooks contain data and Visual Basic for Applications (VBA) code in the form of

embedded macros. The VBA code must be allowed to execute to allow the workbook to present and

validate deployment topology configuration information.


Excel prompts each time a Vnomic Blueprint workbook in a different folder. You MUST enable macros to

execute so that the workbook can function correctly. Click on the enable content button each time you

are prompted.

8.2 VNOMIC BLUEPRINT WORKBOOK STRUCTURE This section describes Vnomic Blueprint Workbooks for end-to-end automation of SAP topologies on

Microsoft Azure. Vnomic uses Excel workbooks to describe the parameterizations of pre-built

deployment architectures and designs for applications and datacenters which comply with the

requirements and best practices set forth by the respective infrastructure and software vendors. Each

workbook is treated as a blueprint which contains the functional requirements and constraints of a set

of SAP application deployments. SAP application architects edit Vnomic blueprint workbook input

sections to reflect project requirements for production and non-production scenarios. Vnomic Blueprint

Workbooks are then submitted to a Vnomic MetaDirector instance to compute the required topology,

generate the ARM templates, scripts, and API calls, to provision the necessary resources, and execute

the necessary commands and APIs to deploy and configure all the software components.

Vnomic Blueprint Workbooks contain prebuilt tabs.

The following table describes the tabs contained in the Vnomic Blueprint SAP Workbook for Azure.

Excel tab Tab kind Description

Quick Start topology configuration Quick configuration and enablement of workbook topology tabs

Version version information Provides blueprint , schema version numbers, and Azure rate card source

General Information general information configuration Configures information that affects all topologies in the workbook

Netweaver topology configuration Configures an instance of an SAP Netweaver topology

Fiori topology configuration Configures an instance of an SAP Fiori (front end) topology

HANA topology configuration Configures an instance of an SAP HANA topology

Transport topology configuration Configures an instance of SAP Netweaver transport storage

SBD topology configuration Configure the STONITH Block Device used for SLES HA storage


Servers topology configuration Configures a tier of generic servers (no specific software installed)

Deployment Costs deployment cost information Quantifies the deployment cost of all deployments in the workbook

Note that some tabs provide information and others allow configuration of a set of SAP topology

functional requirements and constraints.

8.3 TOPOLOGY TABS Each topology tab represents a topology which contains one or more tiers. A tier is a specification of the

software which is installed on a server and the specific server, network and storage resources

provisioned for each server. A tier may have 0, 1 or more servers. The servers in a tier are generally

considered homogenous, i.e. they are identical accept for instance information such as IP addresses,

host names, and any instance specific resources or software deployed on the each server.

Each topology tab has an input section where tier specific requirements are specified. As requirements

are input, the workbook validates them and computes the effective fulfillment based on the workbook

service offering, shown in the computed fulfillment section.


8.4 TOPOLOGY TABS AS LANDSCAPE BUILDING BLOCKS Each topology tab represents a building block of an SAP landscape. Multiple tabs are used to construct a

landscape with the desired SAP components. Multiple tabs can be used simultaneously. Some tabs

provide services to other tabs, such as HANA providing database service to Netweaver or SBD providing

HA storage HANA HSR and Netweaver HA.

Each tab has a deployment name which is the administrative name given to the instance of the topology

represented by the tab. In the above example, hsr9 is the name of the HANA deployment. This name will

appear in the Vnomic Metadata Director (VMD) UI deployments tab when this workbook is deployed by

VMD. The deployment name is also used to name the Azure resources created to realize this

deployment. Since only one deployment name can be specified for each tab, each tab represents one

deployment of the tab. In order to deploy multiple instances, multiple workbooks should be used where

unique deployment names are used in the respective tabs.

The following diagram shows the dependencies between tabs and the input values which control them.

8.5 CONFIGURING THE TOPOLOGY INTERDEPENDENCIES 1. Start with a workbook that has all tabs configured to work together. This will ensure all tabs

already correctly configured. Vnomic publishes HA and non-HA versions.

2. Disable the tabs you don’t need by disabling them in the Quick Start tab.

3. Rename the remaining deployments to suite your needs. Ensure that the dependencies that

refer to deployment names, Landscape ID and SBD deployment ID are updated in all tabs if you

change any of these.

4. Save the workbook and deploy to verify you see the intended topology components.

Documents

Vnomic Automated SAP Workload Deployment and Management