1 What is SUSE Linux Enterprise Server for SAP applications? #
SUSE® Linux Enterprise Server for SAP applications is a bundle of software and services that addresses the specific needs of SAP users. It is the only operating system that is optimized for all SAP software solutions.
Target use cases include:
- Unix to Linux migrations and replatforming 
- SAP appliances 
- SAP cloud deployments 
SUSE Linux Enterprise Server for SAP applications consists of software components and service offerings which are described in the following sections. The figure Offerings of SUSE Linux Enterprise Server for SAP applications shows an overview of which software components and services are also available with other products from SUSE (green) and which are exclusively available with SUSE Linux Enterprise Server for SAP applications (blue).
1.1 Software components #
As depicted in Figure 1.1, “Offerings of SUSE Linux Enterprise Server for SAP applications”, SUSE Linux Enterprise Server for SAP applications is based on SUSE Linux Enterprise Server but contains several additional software components such as SUSE Linux Enterprise High Availability and the installation workflow. These software components are briefly explained in the following sections.
1.1.1 SUSE Linux Enterprise Server #
The current release is based on SUSE Linux Enterprise Server 15 SP6. SUSE Linux Enterprise Server is the most interoperable platform for mission-critical computing, both physical and virtual.
1.1.2 SUSE Linux Enterprise High Availability #
This component consists of:
- Flexible, policy-driven clustering 
- Cluster-aware file system and volume management 
- Continuous data replication 
- Setup and installation 
- Management and administration tools 
- Resource agents, also for SAP 
- Virtualization-aware 
SUSE Linux Enterprise High Availability provides two resource agents specifically for working with SAP applications:
- SAPInstancewhich allows starting and stopping instances of SAP products.
- SAPDatabasewhich allows starting and stopping all databases supported by SAP applications (SAP HANA, SAP MaxDB, SAP ASE, Oracle, Sybase, IBM DB2).
For more information about SUSE Linux Enterprise High Availability, see the Administration Guide (https://documentation.suse.com/sles-15) and the White Papers and Best Practice Guides in the SUSE Linux Enterprise Server for SAP applications Resource Library (https://www.suse.com/products/sles-for-sap/resource-library/).
1.1.3 Simplified SAP HANA system replication setup #
SUSE Linux Enterprise Server for SAP applications supports SAP HANA System Replication using components of SUSE Linux Enterprise High Availability and two additional resource agents (RA). Additionally, SUSE Linux Enterprise Server for SAP applications ships with a YaST wizard that simplifies the cluster setup.
1.1.3.1 SAPHana resource agent #
This resource agent from SUSE supports scale-up scenarios by checking the SAP HANA database instances for whether a takeover needs to happen. Unlike with the pure SAP solution, takeovers can be automated.
It is configured as a parent/child resource: The parent assumes responsibility for the SAP HANA databases running in primary mode, whereas the child is responsible for instances that are operated in synchronous (secondary) status. In case of a takeover, the secondary (child resource instance) can automatically be promoted to become the new primary (parent resource instance).
This resource agent supports system replication for the following scale-up scenarios:
- Performance-optimized scenario. Two servers (A and B) in the same SUSE Linux Enterprise High Availability cluster, one primary (A) and one secondary (B). The SAP HANA instance from the primary server (A) is replicated synchronously to the secondary server (B). 
- Cost-optimized scenario. The basic setup of A and B is the same as in the Performance-Optimized Scenario. However, the secondary server (B) is also used for non-productive purposes, such as for an additional SAP HANA database for development or QA. The production database is only kept on permanent memory, such as a hard disk. If a takeover needs to occur, the non-productive server will be stopped before the takeover is processed. The system resources for the productive database are then increased as quickly as possible via an SAP hook call-out script. 
- Chain/multi-tier scenario. Three servers (A, B, and C), of which two are located in the same SUSE Linux Enterprise High Availability cluster (A and B). The third server (C) is located externally. The SAP HANA system on the primary server (A) is replicated synchronously to the secondary server (B). The secondary server (B) is replicated asynchronously to the external server (C). - If a takeover from A to B occurs, the connection between B and C remains untouched. However, B is not allowed to be the source for two servers (A and C), as this would be a “star” topology, which is not supported with current SAP HANA versions (such as SPS11). - Using SAP HANA commands, you can then manually decide what to do: - The connection between B and C can be broken, so that B can connect to A. 
- If replication to the external site (C) is more important than local system replication, the connection between B and C can be kept. 
 
For all of the scenarios, SUSE Linux Enterprise Server for SAP applications supports both single-tenant and multi-tenant (MDC) SAP HANA databases. That is, you can use SAP HANA databases that serve multiple SAP applications.
1.1.3.2 SAPHanaTopology Resource agent #
    To make configuring the cluster as simple as possible, SUSE has developed
    the SAPHanaTopology resource agent. This agent
    runs on all nodes of a SUSE Linux Enterprise High Availability cluster and gathers information about the
    status and configurations of SAP HANA system replications. It is designed as
    a normal (stateless) clone.
   
1.1.3.3 YaST wizard to set up SAP HANA clusters #
SUSE Linux Enterprise Server for SAP applications now additionally ships a YaST wizard that manages the initial setup of such clusters according to best practices. The wizard is part of the package yast2-sap-ha and can be started using YaST, via .
For more information, see Chapter 7, Setting up an SAP HANA cluster.
1.1.3.4 For more information #
For more information, see:
- The Administration Guide at https://documentation.suse.com/sles-15. 
- The Best Practices in the Resource Library at https://www.suse.com/products/sles-for-sap/resource-library/. In particular, see Setting up a SAP HANA SR performance optimized infrastructure and Setting up a SAP HANA SR cost optimized infrastructure. 
1.1.4 Installation workflow #
The installation workflow offers a guided installation path for both the SUSE Linux Enterprise Server operating system and the SAP application. For more information, see Section 2.5, “Overview of the installation workflow”.
Additionally, the installation workflow can be extended by third-party vendors or customers using Supplementary Media. For more information about creating Supplementary Media, see Appendix C, Supplementary Media.
1.1.5 Malware protection with ClamSAP #
ClamSAP integrates the ClamAV anti-malware toolkit into SAP NetWeaver and SAP Mobile Platform applications to enable cross-platform threat detection. For example, you can use ClamSAP to allow an SAP application to scan for malicious uploads in HTTP uploads.
For more information, see Chapter 11, Protecting against malware with ClamSAP.
1.1.6 SAP HANA security #
SUSE Linux Enterprise Server for SAP applications contains additional features to help set up well-secured SAP HANA installations.
1.1.6.1 Firewall for SAP HANA #
    Securing SAP HANA can require many additional firewall rules. To simplify
    firewall setups for SAP HANA, SUSE Linux Enterprise Server for SAP applications contains the package
    HANA-Firewall which provides preconfigured rules and
    integrates with firewalld.
   
For more information, see Section 10.2, “Configuring HANA-Firewall”.
1.1.6.2 Hardening guide for SAP HANA #
For information on hardening the underlying operating system, see the SUSE Linux Enterprise Server for SAP applications resource library: https://www.suse.com/products/sles-for-sap/resource-library/. There, find the document OS Security Hardening for SAP HANA.
1.1.7 Simplified operations management #
SUSE Linux Enterprise Server for SAP applications combines several features that enable simplified operations management.
1.1.7.1 System tuning with saptune #
    The system tuning application saptune allows you to perform an automatic and comprehensive tuning of your system based on SAP recommendations.
   
    For more information, see Chapter 8, Tuning systems with saptune.
   
1.1.7.2 Patterns providing dependencies of SAP applications #
To simplify working with software dependencies of SAP applications, SUSE has created patterns that combine relevant dependency RPM packages for specific applications:
The selection of packages of the software patterns is defined while a specific release (Service Pack or major version) of SUSE Linux Enterprise Server for SAP applications is developed. This package selection is stable over the lifetime of this particular release. When working with SAP applications that have been released more recently than your SUSE Linux Enterprise Server for SAP applications version, dependencies can be missing from the patterns.
For definitive information about the dependencies of your SAP application, see the documentation provided to you by SAP.
1.1.7.3 ClusterTools2 #
    ClusterTools2 provides tools that help set up and
    manage a Corosync & Pacemaker cluster. Among them
    are wow which helps create highly available system
    resources, and ClusterService which allows
    managing a cluster.
   
    Additionally, ClusterTools2 provides scripts that
    automate common cluster tasks:
   
- Scripts that perform checks. For example, to find out whether a system is set up correctly for creating a - pacemakercluster.
- Scripts that simplify configuration. For example, to create a Corosync configuration. 
- Scripts that monitor the system and scripts that show or collect system information. For example, to find known error patterns in log files. 
For more information, see the man page of the respective tool, included with the package ClusterTools2.
1.2 Software repository setup #
Software included with operating systems based on SUSE Linux Enterprise is delivered as RPM packages, a form of installation package that can have dependencies on other packages. On a server or an installation medium, these packages are stored in software repositories (sometimes also called “channels”).
By default, computers running SUSE Linux Enterprise Server for SAP applications are set up to receive packages from multiple repositories. Of each of the standard repositories, there is a “Pool” variant that represents the state of the software when it was first shipped. There is also an “Update” variant that includes the newest maintenance updates for the software in the “Pool” variant.
If you registered your system during installation, your repository setup should include the following:
| Content | Base repository (“Pool”) | Update repository | 
|---|---|---|
| Base packages of SUSE Linux Enterprise Server | 
 | 
 | 
| Basic server functionality of SUSE Linux Enterprise Server | 
 | 
 | 
| Packages specific to SUSE Linux Enterprise Server for SAP applications | 
               | 
 | 
| Packages specific to SUSE Linux Enterprise High Availability | 
 | 
 | 
The tables in this section do not show Debuginfo and Source repositories, which are also set up but disabled by default. The Debuginfo repositories contain packages that can be used for debugging regular packages. The Source repositories contain source code for packages.
   Depending on your installation method, you may also see
   SLE-15-SP6-SAP-15.6-0
   which is the installation medium.
   It contains packages from all of the base software repositories listed
   above.
  
Because there are own repositories for SUSE Linux Enterprise Server for SAP applications, SUSE can ship packages and patches that are specific to SUSE Linux Enterprise Server for SAP applications.
    Unlike in SUSE Linux Enterprise Server for SAP applications 11, updates related to Extended Service Pack
    Overlay Support (ESPOS) are shipped directly from the
    Update repositories. This means there is no separate
    ESPOS repository to set up.
   
   In addition to the standard repositories, you can enable
   SLE Modules and SLE Extensions either during the installation or from
   the running system using YaST or the command
   SUSEConnect.
  
For information about all modules and extensions available for the SUSE Linux Enterprise product line, see https://documentation.suse.com/sles/html/SLES-all/article-modules.html.
For more information about SUSE Package Hub, see Section A3, “SUSE Package Hub”. For information about life cycle and support of modules and extensions, see Section 1.3, “Included Services”.
1.3 Included Services #
- Extended Service Pack Overlap Support (ESPOS)
- Subscriptions for SUSE Linux Enterprise Server for SAP applications include Extended Service Pack Overlap Support (ESPOS). It extends the overlap between the support periods of two consecutive service packs by three years. During this period, you receive support and all relevant maintenance updates under the terms of Long Term Service Pack Support (LTSS). - Extended Service Pack Overlap Support allows you to perform service pack migrations within three and a half years instead of only six months. This enables you to schedule migrations more easily and perform testing before a migration under less restrictive time constraints. At an additional cost, SUSE also offers LTSS. With LTSS, you receive support for a particular service pack after the ESPOS period ends. SUSE Linux Enterprise Server for SAP applications includes one and a half years of general support and three years of ESPOS for each service pack. - The last service pack in each SLE family does not have ESPOS. Instead of ESPOS, it includes a longer general support period. Because of that, LTSS is available only for the last service pack. All other service packs already include three years of ESPOS, which is equal to LTSS. - For more information, refer to the following resources: - Product Lifecycle Support Policies: https://www.suse.com/support/policy-products/#sap 
- Lifecycle Dates by Product: https://www.suse.com/lifecycle/ 
- Long Term Service Pack Support: https://www.suse.com/products/long-term-service-pack-support/ 
 
- SUSE Linux Enterprise Server Priority Support for SAP Applications
- Subscriptions for SUSE Linux Enterprise Server for SAP applications include SUSE Linux Enterprise Server Priority Support for SAP Applications. It offers technical support for SUSE Linux Enterprise Server for SAP applications directly from SAP. The joint support infrastructure is provided by support engineers from SUSE Technical Support and SAP. It is based upon SAP Resolve and offers seamless communication with both SAP and SUSE. This “One Face to the Customer” support model reduces complexity and lowers the total cost of ownership. - For more information, see SAP Note 1056161: SUSE Priority Support for SAP applications (https://launchpad.support.sap.com/#/notes/1056161). 
Modules and extensions have a different lifecycle than SLES for SAP, and SUSE provides different support offerings for them:
- Modules: - Lifecycle. Varies depending on the module. 
- Support. Only up-to-date packages are supported. Support is included with your subscription for SUSE Linux Enterprise Server for SAP applications. You do not need an additional registration key. 
 
- Extensions - Lifecycle. Releases are usually coordinated with SUSE Linux Enterprise Server for SAP applications. 
- Support. Support is available but not included with your subscription for SUSE Linux Enterprise Server for SAP applications. You need an additional registration key. 
 
- Unsupported Extensions (SUSE Package Hub and SUSE Software Development Kit) - Lifecycle. Releases are usually coordinated with SUSE Linux Enterprise Server for SAP applications. 
- Support. There is no support beyond fixes for security and packaging issues. You do not need an additional registration key. 
 
