Hi there,
I am going to deploy SAP Infrastructure as a Service for one of our customer includes: Development, QA, and Prod environment.
I am looking for recommendation:
Customer has an existing Virtual Network using it for AD and other management server. Should I use the Same vNet and just add new subnets for each environment? or better to create a new Vnet with new subnets?
Hi @JanNuaman-2253 ,
please take a look here on the "SAP on Azure Architecture Guide".
https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/sap/sap-overview#scalability
There you will find a recommendation to use a different SAP vNet (hub-spoke topology).
In a lot of the SAP Architecture Guides from Microsoft you will find these kind of hub-spoke topologies
https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/sap/sap-s4hana
https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/sap/sap-netweaver
https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/sap/run-sap-hana-for-linux-virtual-machines
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
Hi Sir @AndreasBaumgarten,
You are always helpful, and I am really embraced with your experience.
Hub Network: The customer existing Vnet where they have their AD and other Servers.
Spoke Network: will host SAP Application.
In real world deployment, do I have to create 3 Spoke Vnets as below:
One for: Dev (with 3 Subnets: App Tier, DB Tier, Storage Tier)
One for: QA (with 3 Subnets: App Tier, DB Tier, Storage Tier)
and one for: Production (with 3 Subnets: App Tier, DB Tier, Storage Tier)
Or it is fine to put all environments into single Spoke Vnet?
Thanks in advance for your opinion.
Hi @JanNuaman-2253 ,
at the end it's up to you which network topology you like most (single vNet with all environments or one vNet for each environment).
I don't know all your requirements.
if it's up to me: I would go for 3 different vNets (one vNet per environment).
Dev-vNet with 3 Subnets: App Tier, DB Tier, Storage Tier
QA-vNet 3 Subnets: App Tier, DB Tier, Storage Tier
Prod-vet 3 Subnets: App Tier, DB Tier, Storage Tier
This way I would have the most flexible control of the network communication and access. Also this approach is scalable.
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
Hi @AndreasBaumgarten, I would appreciate your opinion on below
We proposed the customer to deploy SAP Netweaver with s/4HANA as below:
Network Topology Hub and Spoke
Shared Servers to hub virtual network include:
Microsoft Active Directory DCs x 2
Solution Manager AS ABAP x 1
Solution Manager AS Java /ADS x 1
SAP Cloud Connector x 1
Spoke Virtual Network 1 to include 3 servers for Dev landscape (SCS, App, and s/4HANA)
Spoke Virtual Network 2 to include 3 servers for QA landscape (SCS, App, and s/4HANA)
Spoke Virtual Network 2 to include 9 servers for Prod landscape (3x SCS, 3x App, and 3x s/4HANA)
Developers are having a major concern, which is: How we can move the development content into other two landscape (QA and Prod) since the peering is just between Hub to Spoke, and not between spoke to spoke.
My response was: you should be able to use the Hub Network to deploy your content to Spoke landscapes.
In-fact I am a bit confused, as I don't know how SAP development work works, so, in such scenario, how should I advice them to move development content between spoke networks?
Appreciate your feedback.
Hi @JanNuaman-2253 ,
I don't know how this is done with your customer and the developers.
I see 3 options:
1. Copy the content from Dev to Hub (maybe a file share). From Hub you can copy the content to QA Spoke.
2. Add a peering from Dev to QA Spoke
3. Add a routing device in Hub and route the network traffic from Dev Spoke to QA Spoke via Hub network
My personal favorite would be option 3.
At the end ... in Azure you have the same "rules" and "solutions" like in on-premises networks. How would you solve the requirement in a on-premises environment?
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
This is the first time I deal with SAP, usually, I deal with IBM FileNet and MSSQL or Oracle; for that I am not confident with my responses and looking for your support.
Option 3 seems to be an optimal solution, from your experience is this link is the best way to achieve it?
https://docs.microsoft.com/en-us/azure/architecture/example-scenario/networking/manage-routing-azure-route-server
Thank you
Hi @JanNuaman-2253 ,
yes. Beside I don't like BGP that much ;-)
I like manual working with routing tables and routes more.
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
3 people are following this question.
