Menu
SAP HANA on AWS
Quick Start Reference Deployment Guide

Architecture

This Quick Start uses AWS CloudFormation, the AWS Command Line Interface (AWS CLI) for Linux, and custom scripts to deploy SAP HANA on AWS. AWS CloudFormation provides an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion. AWS CLI for Linux enables you to configure AWS resources from the command line. This Quick Start includes options for single-node and multi-node SAP HANA configurations.

The Quick Start deploys and configures the following components:

  • A virtual private cloud (VPC) configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS

  • An Internet gateway to allow access to the Internet

  • EC2 instance(s) to host the SAP HANA database, with your choice of Linux (SLES or RHEL) and the appropriate Amazon EBS volumes configured to meet or exceed SAP HANA storage key performance indicators (KPIs)

  • A bastion host in the public subnet with an Elastic IP address to allow inbound SSH (Secure Shell) access to the EC2 instance(s) that host the SAP HANA database

  • A managed NAT gateway to allow outbound Internet access for resources in the private subnet

  • An IAM instance role with fine-grained permissions for access to the AWS services necessary for the deployment process

  • Security groups for each instance or function to restrict access to only necessary protocols and ports

  • An optional automated installation of SAP HANA software

  • An optional EC2 instance with Windows Server in the public subnet to host SAP HANA Studio. You can install SAP HANA Studio manually to administer your SAP HANA database.

Single-Node Architecture

The single-node deployment option provisions a single Amazon EC2 instance with your choice of Amazon EBS storage and operating system to host the SAP HANA platform. The Quick Start follows security best practices by establishing a VPC with public and private subnets. For secure access, the SAP HANA server is placed in the private subnet, which is not directly accessible from the Internet. You can also install SAP HANA Studio manually in the optional Windows Server instance that is provisioned in the public subnet. For SSH access to the SAP HANA server, you can use the bastion host or an SSH client on the optional Windows Server instance.


        SAP HANA Single-Node Architecture on AWS

Figure 1: SAP HANA single-node architecture on AWS

Multi-Node Architecture

The following Amazon EC2 instances are certified by SAP to deploy scale-out SAP HANA clusters for OLAP workloads.

Instance type Number of scale-out nodes
x1.16xlarge 7 nodes (general availability)
x1.32xlarge 17 nodes (general availability)
r3.8xlarge 5 nodes (general availability), 17 nodes (controlled availability)

The multi-node deployment option provisions up to five EC2 instances* with your choice of Amazon EBS storage and operating system to host the SAP HANA platform on a cluster of servers. All the SAP HANA servers in the cluster are deployed into the same subnet regardless of function, in accordance with security best practices.

*Note

If you would like to deploy SAP HANA scale-out clusters that are larger than 5 nodes, contact us at saphana@amazon.com. We will provide you with an AWS CloudFormation template that is designed to help deploy SAP HANA clusters that are larger than 5 nodes.

As in single-node deployment, access to all SAP HANA servers is provided either through the bastion host or by using the optional Windows Server instance with an SSH client of your choice. The security group or firewall rules are extended to allow for internode communication over the appropriate ports and protocols. For more information, see Appendix C: Security Groups.


        SAP HANA Multi-Node Architecture on AWS

Figure 2: SAP HANA multi-node architecture on AWS