SAP HANA Configuration in the Azue

Last post 02-26-2020, 2:53 PM by efg. 4 replies.
Sort Posts: Previous Next
  • SAP HANA Configuration in the Azue
    Posted: 02-13-2020, 10:03 AM

    Hi All,

     

    I have a SAP HANA DB running in the Azure cloud VM and I need to onfigure the backup for the HANA machine in the On-Premise Commserve.

    I could found the backing the Azure VMs using Snap Backup, But can anyone share the procedure to backing up the HANA DB using iDA.

    Yes, I need to etablish communication between On-Premise CS and Azure VM and install the HANA iDA and perform the backup.

    can anyone share your input.

     

    Adhav

  • Re: SAP HANA Configuration in the Azue
    Posted: 02-13-2020, 10:10 AM

    Hi Adhav,

    You can install Commvault SAP HANA agent on your Azure VM where the SAP HANA DB is running. Does this work for you?

     

    Thanks,

    Sunil-

  • Re: SAP HANA Configuration in the Azue
    Posted: 02-13-2020, 1:40 PM
    • efg is not online. Last active: 07-28-2020, 9:00 AM efg
    • Top 10 Contributor
    • Joined on 02-02-2010
    • CommVault Tinton Falls NJ
    • Master
    • Points 1,730

    Hi Adhav,

    Yes this is very possible.  You need to set up network configuration between the CS and client (where HANA iDA will be installed).  I have set up several clients this way and typically use a 1-way firewall setup (As I like to refer to it where the CS can access the client, but the client cannot access the CS.)  For HANA the OS required is Linux, so using port 22 (ssh) it is possible to "push" the install directly from the CS once the network configuration is complete.  You also need an additional port to use for the tunnel.  Not knowing how your IT organization has configured your firewall I can only go by the way I did this through my firewall configuration.

    From a FW perspective, my CS can connect to the internet using ports 22 (for ssh) as well as 443 (for https).   Everything else outbound is blocked, and all inbound is blocked.

    The VM in the Azure cloud has an internal IP and an external IP.   I pinned the external IP to that VM to make it consistent on restarts (otherwise I would have to update hosts files every time I needed to restart the VM)   I also set up the firewall rules for that client’s external network to allow inbound connections for ports 22 & 443 from our corporate’s external IP.  (More secure this way)  ;)

    In Commvault you need to create a “dummy” client as a place holder so that you can pre-configure the network communications.   One nice feature in Commvault is the ability to use a client group to set up communications.  This way, once the configuration is set, it is possible to add more clients by simply adding them to the appropriate group that has the network configuration set.

    As far as the network configurations, you need to set up a 1-way tunnel where the CS can reach the client using the “open” port.  In my case that was port 443…  (My client is not using/running any web services so that port is open--not bound to any process).

    You want to add your client into the hosts file on the CS so that it can resolve the client using the “EXTERNAL” IP defined in Azure.   If you are planning on hosting a MediaAgent in Azure, you would add that VM’s IP to the Commserver’s host file as well.  From the client side you don’t need to add the CS into the hosts file since the CS will be initiating the connection thru the tunnel.  If the MediaAgent is also in Azure you need to set up either DNS or use hosts files so the client and MediaAgent can resolve each other by name using the “Internal IP” addresses.  If the MediaAgent is on-prem, then you need to add the client’s “EXTERNAL” IP to the mediaagent’s hosts file and make sure that the mediaagent is in the same group (for the network configs) as the commserver.

    Once the network configurations are complete you can then “push” the iDA (HANA Agent) install directly to the client in Azure.   Once the install completes successfully, you can configure the HANA Pseudo-Client as normal and run your backups.   If you have intellisnap, you can also configure the HANA client to use snapshots as well.  For the array, select AMAZON Web Services as the available snap engine.

    In order to keep this post from getting to large, I’ve tried to prevent myself from getting too deep into the weeds on this, but let us know if this helps, or if you get stuck or have any additional questions.


    Ernst F. Graeler
    Senior Engineer III
    Development
  • Re: SAP HANA Configuration in the Azue
    Posted: 02-13-2020, 2:23 PM

    Hi Ernst,

    Thanks for your detailed procedure. Actually we would be very happy if you are going more deeper :) 

    In the above setup CS and MA located in the On-Prem. I have few clarification, before jump in.

    Based on above sprocedure, I understood that the Commvault use port 22 and 443 for client communication instead of 8400 for Azure enviorment. Correct me if I am wrong.

    One important thing, do we have any pre-request to establish communication between Azure and On-Prem enviorment before start the activity or we will start the above steps as same in the regular. 

     

    Thanks in Advance,

    Adhav

  • Re: SAP HANA Configuration in the Azue
    Posted: 02-26-2020, 2:53 PM
    • efg is not online. Last active: 07-28-2020, 9:00 AM efg
    • Top 10 Contributor
    • Joined on 02-02-2010
    • CommVault Tinton Falls NJ
    • Master
    • Points 1,730

    Hi Adhav,

     

    Sorry it took a while for me to reply.   I'm using port 443 as that is the port our IT department allows outbound from my lab.  You need to check with your IT department to see what ports are allowed outbound from your site.  That is why I used THAT port as my tunnel in CV configuration.

    The other thing you need to make sure is that Azure allows inbound connections for port 22 and what ever port you are using as a tunnel port to the "External" IP for your VM in Azure.

    From Azure web portal looking at Networking for the VM:

    Virtual network/subnet:network/defaultNIC Public IP:xxx.xxx.xxx.xxxNIC Private IP:xxx.xxx.xxx.xxxAccelerated networking: Enabled
    • Inbound port rules
     
    Network security group "groupname"(attached to network interface: "Interface name")
    Impacts 0 subnets, 1 network interfaces
    Add inbound port rule
    Priority
    Name
    Port
    Protocol
    Source
    Destination
    Action
     
    300
    SSH
    22
    TCP
    xxx.xxx.xxx.xxx
    Any
    Allow
     
    320
    HTTPS
    443
    TCP
    xxx.xxx.xxx.xxx
    Any
    Allow
     
    330
    Port_cvd
    8400
    Any
    xxx.xxx.xxx.xxx
    Any
    Allow
     
    65000
    AllowVnetInBound
    Any
    Any
    VirtualNetwork
    VirtualNetwork
    Allow
     
    65001
    AllowAzureLoadBalancerInBound
    Any
    Any
    AzureLoadBalancer
    Any
    Allow
     
    65500
    DenyAllInBound
    Any
    Any
    Any
    Any
    Deny

    Ernst F. Graeler
    Senior Engineer III
    Development
The content of the forums, threads and posts reflects the thoughts and opinions of each author, and does not represent the thoughts, opinions, plans or strategies of Commvault Systems, Inc. ("Commvault") and Commvault undertakes no obligation to update, correct or modify any statements made in this forum. Any and all third party links, statements, comments, or feedback posted to, or otherwise provided by this forum, thread or post are not affiliated with, nor endorsed by, Commvault.
Commvault, Commvault and logo, the “CV” logo, Commvault Systems, Solving Forward, SIM, Singular Information Management, Simpana, Commvault Galaxy, Unified Data Management, QiNetix, Quick Recovery, QR, CommNet, GridStor, Vault Tracker, InnerVault, QuickSnap, QSnap, Recovery Director, CommServe, CommCell, SnapProtect, ROMS, and CommValue, are trademarks or registered trademarks of Commvault Systems, Inc. All other third party brands, products, service names, trademarks, or registered service marks are the property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Close
Copyright © 2020 Commvault | All Rights Reserved. | Legal | Privacy Policy