sap
11 TopicsF5 Friday: It's an iApps-travaganza!
New iApps are available for your provisioning pleasure. Programmability is hot, and one of the most efficient forms of programmability are templates. Deployment templates improve time to market, reduce risk by eliminating the introduction of errors common to manual configuration and contribute to efforts to lower operational costs by automating and orchestration the provisioning and configuration of services. In the case of F5, that means application services and their complementary iApps. Now there are already a whole bunch of iApps and many of them support typical deployment scenarios such as an HTTP-based (web) server or DNS services. But many of the most popular iApps (based on actual customer usage) are those that are specifically designed to help easily and rapidly deploy Microsoft, Citrix, VMware and Oracle solutions. Whether it's IIS or Sharepoint, Exchange or XenApp, PeopleSoft or VMware View, customers take advantage of IApps every day to realize consistent, predictable and repeatable provisioning required to achieve success in an application world. With that in mind, we've got a great list of New and updated iApps for your provisioning pleasure. All iApps are available at downloads.f5.com and each comes with its own deployment guide that contains manual configuration tables (in case you want to double check, you know, or just want to preview what's going on). NEW! Release Candidate: Citrix VDI v2.1.0rc1 solution: Deployment Guide f5 Microsoft exchange 2010-2013 v1.5.0rc1 solution: Deployment Guide f5 Microsoft Office 395 v1.1.0rc1 solution: Deployment Guide f5 Microsoft RDS remote access v1.0.0rc1 solution: Deployment Guide f5 Microsoft RDS session host v1.0.0rc1 solution: Deployment Guide f5 Microsoft SharePoint 2010-2013 v1.2.0 solution: Deployment Guide New Standard Release IApps: VMware View and Horizon View v1.2.0: Deployment Guide VMware View and Horizon View Optimized v1.2.0: Deployment Guide Microsoft Dynamics CRM 2011-2013 v1.0.0: Deployment Guide These iApps are f5 supported and available for version 11.x. If you're not sure about iApps or just want to talk shop with other folks who have used (and written their own iApps) then cruise on over to DevCentral's iApp Community and check it out, log in and join the conversation. Happy Provisioning!174Views0likes0CommentsComparing BIG-IP Local Traffic Manager and SAP Web Dispatcher
Analyze acquisition costs, maintenance costs, stability, performance, range of functions, high availability, security, configuration complexity, integration into your existing landscape and content caching when deciding between software and hardware load balancing. F5 and SAP have a close and important partnership that involves engineers and business folks working to deliver the best customer experience for any given SAP landscape. One of the questions that comes up over and over is how a company can make the decision between software load balancing and hardware high availability. We recently published a document (that's available by emailing me ) about the logistics and considerations of making the choice or making the switch. I will provide a summary of the document here, but please contact me if you need the document itself. In the most basic SAP Landscape SAP clients (either SAP GUI or web browser) make direct connections to SAP instances. For example, a user wishing to file her travel expenses might click on the link from her company's portal, log into SAP (or be signed on automatically using single sign-on) and then she would fill out her expenses and submit them. You can probably tell by the above scenario alone that this isn't a very reliable or scalable architecture. Connecting directly to the instance means there's no load balancing. All the users will end up at the same link. What if our hypothetical user was part of a convention and there were thousands of users just like her trying to file the expenses on Monday morning? The system would probably fail or come to a halt because of the load of traffic. SAP with Web Dispatcher is the software load balancing solution to this problem. In a software load balanced SAP Landscape, high availability is achieved when SAP clients connect directly to Web Dispatcher and then are load balanced to the back-end SAP servers. Web Dispatchers can be installed either on the Central Instance or on its own server. Web Dispatcher communicates with SAP Message Server to get health information about the SAP instances and Web Dispatcher also analyzes web browser cookies to create persistent connections (sending users to the same instances). This is a big improvement over scenario one. However, in a software load balanced SAP Landscape, high availability is achieved only as long as the SAP Message Server is aware of a failure in the Dialogue Instance (Portal, for example) or if there is a graceful shutdown. Many failures are, unfortunately, not detected by SAP Message Server today, creating a potential for Web Dispatcher to send traffic to Dialogue Instances that are down. There is also the issue of Web Dispatcher as a single point of failure itself. There are no out-of-the-box solutions for making software load balancers highly available. To summarize, web Dispatcher supports HTTP, cookie load balancing and persistence as well as static round robin. Web Dispatcher can also make decisions on routing based on the client's IP Address and finally, it can offload SSL. SAP with BIG-IP Local Traffic Manager is the hardware high availability and performance enhancing solution to the SAP scaling problem. In a hardware load balanced SAP Landscape, high availability, security, acceleration, health monitoring and intelligent session persistence can be achieved. When an SAP client makes a direct connection with F5's BIG-IP Local Traffic Manager, the user is intelligently load balanced to only the back-end services that are available at that very moment through a health monitor that passively tests login and database. BIG-IP Local Traffic Manager, out of the box, can also be configured to optimize the transport protocol between the client and the server, it can make intelligent persistence decisions based on cookies, it can off-load SSL, and most importantly, using web application server health monitoring, traffic can be guaranteed to be delivered. With advanced scripting abilities, for e-commerce or other "five nines" environments, requests can even be re-submitted if a server crashes mid-transaction, without causing the user to re-submit their data or to lose any work. BIG-IP also has a variety of out-of-the-box high availability solutions that remove it as a single point of failure. Both software and hardware solutions provide significant enhancements in contrast to a direct deployment with no load balancing or high availability. When making the decision between hardware and software, SAP and F5 recommend that you frame the decision in the following way. Ask about acquisition costs, maintenance costs, stability, performance, range of functions, high availability, security, configuration complexity, integration into your existing landscape and content caching.1KViews0likes3CommentsF5 Friday: Applications aren't protocols. They're Opportunities.
Applications are as integral to F5 technologies as they are to your business. An old adage holds that an individual can be judged by the company he keeps. If that holds true for organizations, then F5 would do well to be judged by the vast array of individual contributors, partners, and customers in its ecosystem. From its long history of partnering with companies like Microsoft, IBM, HP, Dell, VMware, Oracle, and SAP to its astounding community of over 160,000 engineers, administrators and developers speaks volumes about its commitment to and ability to develop joint and custom solutions. F5 is committed to delivering applications no matter where they might reside or what architecture they might be using. Because of its full proxy architecture, F5’s ADC platform is able to intercept, inspect and interact with applications at every layer of the network. That means tuning TCP stacks for mobile apps, protecting web applications from malicious code whether they’re talking JSON or XML, and optimizing delivery via HTTP (or HTTP 2.0 or SPDY) by understanding the myriad types of content that make up a web application: CSS, images, JavaScript and HTML. But being application-driven goes beyond delivery optimization and must cover the broad spectrum of technologies needed not only to deliver an app to a consumer or employee, but manage its availability, scale and security. Every application requires a supporting cast of services to meet a specific set of business and user expectations, such as logging, monitoring and failover. Over the 18 years in which F5 has been delivering applications it has developed technologies specifically geared to making sure these supporting services are driven by applications, imbuing each of them with the application awareness and intelligence necessary to efficiently scale, secure and keep them available. With the increasing adoption of hybrid cloud architectures and the need to operationally scale the data center, it is important to consider the depth and breadth to which ADC automation and orchestration support an application focus. Whether looking at APIs or management capabilities, an ADC should provide the means by which the services applications need can be holistically provisioned and managed from the perspective of the application, not the individual services. Technology that is application-driven, enabling app owners and administrators the ability to programmatically define provisioning and management of all the application services needed to deliver the application is critical moving forward to ensure success. F5 iApps and F5 BIG-IQ Cloud do just that, enabling app owners and operations to rapidly provision services that improve the security, availability and performance of the applications that are the future of the business. That programmability is important, especially as it relates to applications according to our recent survey (results forthcoming)in which a plurality of respondents indicated application templates are "somewhat or very important" to the provisioning of their applications along with other forms of programmability associated with software-defined architectures including cloud computing. Applications increasingly represent opportunity, whether it's to improve productivity or increase profit. Capabilities that improve the success rate of those applications are imperative and require a deeper understanding of an application and its unique delivery needs than a protocol and a port. F5 not only partners with application providers, it encapsulates the expertise and knowledge of how best to deliver those applications in its technologies and offers that same capability to each and every organization to tailor the delivery of their applications to meet and exceed security, reliability and performance goals. Because applications aren't just a set of protocols and ports, they're opportunities. And how you respond to opportunity is as important as opening the door in the first place.333Views0likes0CommentsF5 predicts: Changing demographics influence purchasing behaviours
As early as 2013, Gartner talked of the revolution sweeping the world of mobile payments. Global mobile payment transactions rang in US$235.4 billion in 2013, up 44% from US$163.1 billion in 2012 Mobile payment users in 2013 reached 245.2 million, up from 200.8 million in 2012. Yet another survey conducted by SAP in 2013 revealed: 37% of people polled in Asia Pacific were more likely to use their mobile device to conduct banking activities compared to the global average of 29 percent. A further 37% were ready to purchase goods and services – most commonly clothes and books or e-books via their mobiles - higher than the global average of 26 percent. Against this context, it is hardly surprising then that in 2013 alone, Southeast Asia saw investments to the tune of at least $638 million in the field of e-commerce. International e-commerce giants such as Rocket Internet, Japan’s Rakuten and China’s Taobao have landed on the shores of Southeast Asia. While the initial focus has been on drawing traffic to their online web stores, it is only a matter of time before they start marketing their mobile apps to leverage on the growing affinity for mobile payments and transactions. Line, a messaging app that has 300 million registered users worldwide and 14 million active users in Indonesia alone, is yet another possible mobile commerce giant. Online shopping is slated for continued growth and evolution. The rise of the millennial The rise of the mobile commerce can be directly attributed to the rise of the mobile generation, commonly called the Gen Y & Z or the millennial, who are spearheading this disruption in the way we work, live and play. Fuelled by the need to consume content and purchase on the go, the millennial are likely to own multiple mobile devices. Increasingly they are turning out to be the darlings of all online shopping powerhouses. With a few taps on their smart device, the millennial are spending millions of dollars on everything from music to fashion. They are also building an ever-expanding social network, spurring more socially influenced spending. This scenario of changing demographics driving changing consumption trends, e-retailers as well as enterprises are seeing a sharp increase in expectations of having to adapt to the millennial as consumers and employees. As consumers, the millennial will expect secure access to services from any device. With web applications under increasing attack, fraud prevention will be top of mind. In addition retail sites will have to focus on performance, enhancing mobile and web application responsiveness to enable seamless access and security. Studies have shown that consumers will only wait for 3 seconds for a web page to load before moving to a competitors’ site. Amazon, in fact, estimates a 1% increase of revenue for every 100ms of improvement in page load times. F5's take on the changing demographics In an apps world, it is essential that the delivery and the security of applications in the enterprise are optimized at all times to help organizations seamlessly overcome the challenges outlined above. F5 has gone a step further to provide the various services that an application needs to address application mobility, security, access and identity, performance and availability challenges. – F5 Synthesis! In a world driven by the quest for doing “everything on the move”, where the end-user experience is paramount regardless of location, network, device, or application environment, the Synthesis architectural framework from F5 Networks just works. Here is a visual that will explain and clarify.288Views0likes0CommentsReflections on the ASUG: SAP Gets Mobile
I spent yesterday in the Philadelphia area at the SAP users group (ASUG) chapter event. The purpose of these events is to provide an intimate gathering for SAP partners and customers to share new ideas and promote new SAP solutions. F5 was provided the opportunity to speak at the event on how F5 access and security solutions compliment SAP application deployments in the enterprise and most important issues that IT departments need to consider when implementing a BYOD strategy. Whether you support or are opposed to allowing your mobile workers to utilize their own devices it is inevitable that they will demand the use of private iPad, iPhone, Android and other smart mobile devices in performing their jobs. Ensuring that large organizations can effectively execute on this strategy is another matter entirely. The numbers however, are pretty staggering: - IDC has reported total smartphone shipments in 2011 were nearly 500 million this represents 1/14th of total world population - IDC has also estimated that in 2012 mobile devices are expected to surpass PCs in both shipments and spending Whatever your organizations’ policy on BYOD is currently it is probable that adapting to your users requirement to utilize mobile devices will overwhelm a desire to maintain device security and control. IT policies will therefore need to adapt to requirement via two methods one approach – I will call it the traditional command and control approach, will issue all mobile devices, ensure that mobile devices are patched, updated and repaired by the internal IT department and will provide strict access and security policies for all users of these devices. The second approach – I will call the delegate and hold accountable approach will ensure that devices requiring access to internal IT applications and resources will conform to specific minimum IT policies, have secured network access and be directed only to those resources necessary to perform a users particular job functions. The second approach clearly recognizes the inevitability of the smart mobile device being part of the ecosystem. F5 plays a critical function in many key areas to provide secure access and protect corporate applications from malicious attacks with our APM (Universal Access) and ASM (Application Security) for organizations adapting to a mobile workforce. (See Diagram Below). SAP has made a major push into the mobility arena in the past year with their acquisition of Syclo (Mobile Applications for SAP) and Afaria (Mobile Device Management) with a clear understanding that an increasingly mobile workforce will need instantaneous action to real time, actionable business intelligence (See: HANA SAPs real-time in-memory DB). F5 will play a critical function in ensuring these real-time mobile applications are available, perform well and are secure.178Views0likes0CommentsDeploying SAP Business Objects with F5 LTM + WA Part II
In a previous post I reviewed the configuration of monitors, profiles and added nodes as part of the LTM + WA configuration with Business Objects. Part I of this deployment can be found here: https://devcentral.f5.com/s/weblogs/mquill/archive/2012/07/03/deploying-f5-big-ip-ltm-with-sap-business-objects-part.aspx In this next section we will configure the virtual servers on the LTM, and configure Web Accelerator (WA). Although this was a single-site deployment, a distributed deployment of Business Objects should see substantial benefits when enhanced with WA. We will begin by configuring the pools: Configure Pools: BOE_WEB_HTTP Pool Configuration Pool Name BOE_WEB_HTTP Configuration Advanced Health Monitors BOE_HTTP Availability Requirement All (Health Monitors) Allow SNAT Yes Allow NAT Yes Action on Service Down None Slow Ramp Time 10 Seconds IP ToS to Client Pass Through IP ToS to Server Pass Through Link QoS to Client Pass Through Link QoS to Server Pass Through Reselect Tries 0 Enable Request Queuing No Request Queue Depth 0 Request Queue Timeout 0ms BOE_WEB_HTTP Pool Members and Ports Pool Member IP Address Pool Member Port ID 10.1.86.151 8080 10.1.86.151 6080 10.1.86.151 9080 10.1.86.151 7080 10.1.86.152 8080 10.1.86.152 6080 10.1.86.152 9080 10.1.86.152 7080 10.1.86.153 6080 10.1.86.153 7080 10.1.86.153 8080 10.1.86.153 9080 10.1.86.154 6080 10.1.86.154 7080 10.1.86.154 8080 10.1.86.154 9080 10.1.86.155 6080 10.1.86.155 7080 10.1.86.155 8080 10.1.86.155 9080 10.1.86.156 6080 10.1.86.156 7080 10.1.86.156 8080 10.1.86.156 9080 10.1.86.157 6080 10.1.86.157 7080 10.1.86.157 8080 10.1.86.157 9080 10.1.86.158 6080 10.1.86.158 7080 10.1.86.158 8080 10.1.86.158 9080 10.1.86.159 6080 10.1.86.159 7080 10.1.86.159 8080 10.1.86.159 9080 10.1.86.160 6080 10.1.86.160 7080 10.1.86.160 8080 10.1.86.160 9080 Configure BOE_gzip iRule In this configuration we have configured an iRule in order to optimize gzip compression on all web logins when HTTP_REQUEST { if {[HTTP::header exists "Accept-Encoding"]}{ HTTP::header remove "Accept-Encoding" } } Configure Business Objects Virtual Server Navigate to Virtual Servers and click ‘Create’ the Name of our Virtual Server in this example is ‘BOE_BASE_WEB_VS’ Configuration Details of the Virtual Server are below: Name BOE_Web_Base_VS Destination 10.1.86.206 Service Port 8080 Protocol TCP Protocol Profile (Client) TCP Protocol Profile (Server) Use Client OneConnect Profile BOE_oneconnect HTTP Profile BOE_BASE_HTTP HTTP Compression Profile None Web Acceleration Profile None Stream Profile None SNAT Pool BOE_SNAT_Pool Navigate to the ‘Resources’ Section Default Pool: BOE_Web_http Default Persistence Profile: BOE_Cookie Deploying Web Acceleration for Business Objects Portal Overview: During the process of validating the integration of F5 LTM with SAP BI, we configured the Web Acceleration feature on the F5 BIG-IP. Web Acceleration, when deployed in either a symmetric or asymmetric configuration can accelerate the browser performance, cache static web objects locally on the BIG-IP and address WAN latency which can substantially degrade browser performance. It is important to note that the validation of the BI platform and all client access was simulated locally in the SAP Co-Innovation Lab environment; this means that the full benefit of WA in this particular instance could not be realized. The following steps are best practices implementation steps for deploying WA and compression with F5. Configure WA Policy - Under WebAcclerator -> Policies click on the + sign to add a new policy Policy Name BOE_Web Policy Generic Policy Complete Requested Hosts Paf51105.pro.coil, Paf51106.pro.coil Send Metadata Always Metadata Cache Max Size 25mb IBR Prefix ;wa IBR Default Lifetime 26 Weeks X-WA-Header Info None Performance Monitor Disabled Data Retention Period 30 Days Click ‘Update’ to commit the changes - Navigate to Policies and click + to create a policy - The name we designated is BOE_Generic_policy-Complete - Accept all defaults and click ‘Update’ (In most circumstances the default settings should be optimal) Create Optimized Virtual Server: - Navigate again to the Virtual Servers Section and click on the + to create a new Virtual Server - Configuration Details are in the table below Name BOE_Web_VS Destination 10.1.86.205 Service Port 8080 Protocol TCP Protocol Profile (Client) BOE_LAN Protocol Profile (Server) (Use Client Profile) OneConnect Profile BOE_Oneconnect HTTP Profile BOE_HTTP HTTP Compression Profile BOE_Compression Web Acceleration Profile BOE_WA SNAT Pool BOE_SNAT_Pool Default Pool BOE_Web_HTTP Default Persistence Profile BOE_cookie352Views0likes0CommentsDeploying F5 BIG-IP LTM with SAP Business Objects Part I
In this multi-part post I am going to review a recent deployment of F5 LTM + WA in support of SAP Business Objects business intelligence platform. We deployed this landscape at the SAP Co-Innovation lab in Palo Alto California. There are a few things to keep in mind regarding this deployment: - This was a ‘one armed’ deployment where both the LTM virtual server and Tomcat servers were on the same network - We provided traffic management for Sybase IQ servers on port 5788, this port is configurable and is not hard set - In order to support scale testing for the Business Objects environment we deployed a BIG-IP 11000 with a SNAT Pool configured. This was to support performance and scale testing at the COIL labs. Your configuration may have a smaller hardware platform and you may not need to configure a SNAT Pool. F5 Hardware and Software Components Used in the Deployment Software: F5 BIG-IP 11.0 HF1 Build 8121 F5 Hardware Platform: F5 BIG-IP 11050 Networking Setup: BOE_Trunk: Interfaces 1.1, 1.2 VLAN Setup: VLAN186 untagged BOE_Trunk tag: 4094 Self IP Addresses: MGT: 10.1.86.200 VLAN186 Production: 10.1.86.201 VLAN186 Configure SNAT Pool - From the F5 web UI navigate to SNATs -> SNAT List and click on the + to add a new SNAT - Provide a name for the new SNAT list, in this instance we will name it ‘BOE_SNAT’ - Under the Configuration -> Translation menu select the drop down and choose SNAT_POOL - On the right hand side select BOE_SNAT_POOL - Keep all other defaults and click ‘Finish’ - Navigate to SNATs -> SNAT Pool and click + to add a SNAT pool - Provide a name for this pool in this example we named our pool BOE_SNAT_POOL - In the Configuration section enter the IP addresses for the members of your SNAT pool and click ‘add’ in this instance we added 10.1.86.202 and 10.1.86.203 - Click ‘Update’ to commit the changes to the configuration - Configure a SNAT translation list from the UI navigate to SNATs -> SNAT Translation List and click + - Provide the name for your SNAT translation add the IP address in this case we will add 10.1.86.202 and 10.1.86.203 - Check the box next to ‘Inherit device group from current partition/path’ - Check the box for ARP - Accept all remaining defaults and click ‘Finish’ Configure Monitors: BOE_HTTP Monitor - From the UI navigate to monitors and click on ‘Create’ - Provide a name for your monitor in this example we will call it BOE_HTTP - Under ‘Type’ select HTTP (A list of menus will display below) - Under ‘Send String’ add the line GET /BOE/portal/1108161604/InfoView/logon.jsp\r\n - Under ‘Receive String’ add the line BUSINESS OBJECTS - Accept all other defaults and choose ‘Update’ BOE_HTTPS_Monitor - Click create again under the ‘monitors’ section - Provide a name for your monitor in this example we will name our monitor BOE_HTTPS - Under ‘Type’ select HTTPS - Under ‘Send String add the line GET /BOE/portal/1108161604/InfoView/logon.jsp\r\n - Under ‘Receive String’ add the line BUSINESS OBJECTS - Accept all other defaults and choose ‘Update’ Configure Profiles HTTP Profiles: - From the Profiles section click ‘Create’ in this example we named our profile ‘BOE_HTTP’ o Parent profile is http o Accept all defaults and click ‘Update’ - From the same tab click create again in this case we named our profile ‘BOE_base_http’ o Parent profile is set to http o Click on the checkbox to modify the config and change ‘Pipelining’ to Disabled o Click ‘Update’ Add Nodes to Configuration: - Navigate to ‘Local Traffic’ -> ‘Nodes’ - Click create and specify a ‘Node Specific’ monitor select ICMP Node IP Addresses 10.1.86.101 10.1.86.102 10.1.86.103 10.1.86.104 10.1.86.105 10.1.86.106 10.1.86.107 10.1.86.108 10.1.86.109 10.1.86.110 10.1.86.119 10.1.86.120 10.1.86.139 10.1.86.150 10.1.86.151 10.1.86.152 10.1.86.153 10.1.86.154 10.1.86.155 10.1.86.156 10.1.86.157 10.1.86.158 10.1.86.159 10.1.86.160 10.1.86.161 10.1.86.162 In part 2 we will setup the virtual servers and configure Web Accelerator (WA) in part 3 we will review the setup of Sybase with LTM. Please feel free to provide comments or feedback!482Views0likes0CommentsF5 Friday: Enhancing FlexPod with F5
#VDI #cloud #virtualization Black-box style infrastructure is good, but often fails to include application delivery components. F5 resolves that issue for NetApp FlexPod The best thing about the application delivery tier (load balancing, acceleration, remote access) is that is spans both networking and application demesnes. The worst thing about the application delivery tier (load balancing, acceleration, remote access) is that is spans both networking and application demesnes. The reality of application delivery is that it stands with one foot firmly in the upper layers of the stack and the other firmly in the lower layers of the stack, which means it’s often left out of infrastructure architectures merely because folks don’t know which box it should go in. Thus, when “black-box” style infrastructure architecture solutions like NetApp’s FlexPod arrive, they often fail to include any component that doesn’t firmly fit in one of three neat little boxes: storage, network, server (compute). FlexPod isn’t the only such offering, and I suspect we’ll continue to see more “architecture in a rack” solutions in the future as partnerships are solidified and solution providers continue to expand their understanding of what’s required to support a dynamic data center. FlexPod is a great example of both an “architecture in a rack” supporting the notion of a dynamic data center and of the reality that application delivery components are rarely included. “FlexPod™, jointly developed by NetApp and Cisco, is a flexible infrastructure platform composed of pre-sized storage, networking, and server components. It’s designed to ease your IT transformation from virtualization to cloud computing with maximum efficiency and minimal risk.” -- NetApp FlexPod Data Sheet NetApp has done a great job of focusing on the core infrastructure but it has also gone the distance and tested FlexPod to ensure compatibility with application deployments across a variety of hypervisors, operating systems and applications, including: VMware® View and vSphere™ Citrix XenDesktop Red Hat Enterprise Linux® (RHEL) Oracle® SAP® Microsoft® Exchange, SQL Server® and SharePoint® Microsoft Private Cloud built on FlexPod What I love about this particular list is that it parallels so nicely the tested and fully validated solutions from F5 for delivering all these solutions. Citrix XenDesktop VMWare View and vSphere Oracle SAP Microsoft® Exchange, SQL Server® and SharePoint® That means that providing a variety of application delivery services for these applications - secure remote access, load balancing, acceleration and optimization – should be a breeze for organizations to implement. It should also be a requirement, at least in terms of load balancing and optimization services. If FlexPod makes it easier to dynamically manage resources supporting these applications then adding an F5 application delivery tier to the mix will ensure those resources and the user experience are optimized. SERVERS should SERVE While FlexPod provides the necessary storage, compute, and layer 2 networking components, critical application deployments are enhanced by F5 BIG-IP solutions for several reasons: Increase Capacity Offloads CPU-intensive processes from virtual servers, freeing up resources and increasing VM density and application capacity Improved Performance Accelerates end-user experience using adaptive compression and connection pooling technologies Enables Transparent and Rapid Scalability Deployment of new virtual server instances hosted in FlexPod can be added to and removed from BIG-IP Local Traffic Manager (LTM) virtual pools to ensure seamless elasticity Enables Automated Disaster Recovery F5 BIG-IP Global Traffic Manager (GTM) provides DNS global server load balancing services to automate disaster recovery or dynamic redirection of user requests based on location. Accelerated Replication Traffic BIG-IP WAN Optimization Manager (WOM) can improve the performance of high latency or packet-loss prone WAN links. NetApp replication technology (SnapMirror) will see substantial benefit when customers add BIG-IP WOM to enhance WAN performance. Bonus: Operational Consistency Because BIG-IP is an application delivery platform, it allows the deployment of a variety of application delivery services on a single, unified platform with a consistent operational view of all application delivery services. That extends to other BIG-IP solutions, such as BIG-IP Access Policy Manager (APM) for providing unified authentication to network and application resources across remote, LAN, and wireless access. Operational consistency is one of the benefits a platform-based approach brings to the table and is increasingly essential to ensuring that the cost-saving benefits of cloud and virtualization are not lost when disparate operational and management systems are foisted upon IT. FlexPod only provides certified components for storage, compute and layer 2 networking. Most enterprise application deployments require application delivery services whether for load balancing or security or optimization and ones that do not still realize significant benefits when deploying such services. Marrying F5 application delivery services with a NetApp FlexPod solution will yield significant benefits in terms of resource utilization, cost reductions, and address critical components of operational risk without introducing additional burdens on already overwhelmed IT staff. Operational Risk Comprises More Than Just Security The Future of Cloud: Infrastructure as a Platform At the Intersection of Cloud and Control… The Pythagorean Theorem of Operational Risk The Epic Failure of Stand-Alone WAN Optimization Mature Security Organizations Align Security with Service Delivery F5 Friday: Doing VDI, Only Better209Views0likes0CommentsDistributing SAP Load using BIG-IP Advanced Monitoring
Several recent forum posts on DevCentral forums have commented on the fact that SAP Landscapes often have asynchronous batch jobs that cause higher CPU loads on certain servers. This causes problems for application delivery controllers because load balancing methods are typically based on connection counts. Picture the scenario where one connection causes a big CPU or memory spike and then goes away. Now you have the same number of new connections coming into the server while one is slammed. The solution to this problem is relatively straightforward and I recently documented this for everyone in our “Deploying F5 Networks with SAP NetWeaver” deployment guide, located here: SAP NetWeaver and Enterprise SOA: Enterprise Portal (BIG-IP v10.1, WOM, Edge, WA). The solution is based around using SNMP in conjunction with application based monitors. The BIG-IP SNMP monitor provides the ability to perform dynamic load balancing based on CPU, memory or disk utilization while the advanced monitors test the J2EE stack, the authentication system and the database. With this combination, SAP administrators should be able to sleep better at night knowing that their customers and users are getting to a live system that best prepared to service the request. So, how does layer monitoring work? If you are not aware, it’s possible to have two monitors for a particular pool or node. In the UI, it looks like this: In this example there are two monitors, SAP-CPU and ICMP. In the real world, ICMP would be replaced with the advanced application monitor. So, what does the SNMP monitor configuration look like: Here we have an SNMP setup that is set at a CPU Threshold of 80%, a memory Threshold of 0% and a Disk Threshold of 10%. Obviously this is from my testing to insure the monitor is working properly. What this defines is that if the disk is more than 10% full, or the memory is being utilized at 0% or the CPU is being utilized at over 80%, then de-weight the amount of new connections that get sent to this node(server). The coefficients allow further granular control over the traffic weighting determination. This is not a config you would probably run in production, but it’s great for testing! By logging into the BIG-IP advanced shell and enabling logging, I can see exactly what weight is being assigned. This is accomplished through the command: bigpipe db Snmp.SNMPDCA.Log true and then by tailing the snmpdca.log located in /var/tmp : tail -f /var/tmp/snmpdca.log There you have it. Now all we have to do is change the load balancing mechanism for the pool to be based on dynamic, apply the advanced application monitor, and we have a fully dynamic decision making system. You can play with the Thresholds and Coefficients until you have a desired mix. The SNMP monitor will not mark a host down, but it will set the weight (between 1 and 100) in a manner that very few connections will get to a node that has exceeded all tresholds. A quick note on the advanced health monitor. I can’t stress how important it is to have layered monitoring in this and other dynamic load balancing scenarios. Especially in an SAP NetWeaver J2EE stack installation (or even a dual stack implementation) many things can go wrong. Just because the CPU, memory and disk are normal, doesn’t mean that your J2EE stack hasn’t crashed, or that your authentication system has gone down. By layering monitors, you cover all BASIS. :-) I hope this post has been helpful, and as always, please email me if you have any questions. Remember that detailed installation instructions including step-by-step configuration is in the deployment guide linked at the top, or through f5.com ---> Resources -- > Deployment Guides ---> SAP NetWeaver and Enterprise SOA: Enterprise Portal (BIG-IP v10.1, WOM, Edge, WA)313Views0likes0CommentsF5 and SAP Integration - Auto configuration and monitoring under BIG-IP V10
Are there ways that F5 Networks and SAP can make your SAP operations simpler, more elegant and more automated, with appropriate controls in place to detect abnormalities? With V10, F5 Networks is delivering three things: first, template based configuration support for SAP Enterprise Portal and Web Based SAP ECC Instances (so that a few questions and one submit button perfectly configures your instances). Second, integration with SAP's ASLR (described below) to automatically detect and help configure all available SAP instances (so that your hunt for SAP instance numbers and port numbers during configuration is over). And third, a complete monitor that individually logs into each configured SAP Instance and checks that instance's unique health status (and then reacts appropriately). SAP and F5 Networks's partnership manifests itself in exceptional ways and participating in the SAP Enterprise Services Community, part of SAP's Communities of Innovation was one of these opportunities. SAP's idea was elegant and came with a very practical goal: SAP reached out to all of the networking partners and asked us how we can simplify SAP NetWeaver operations. The initial presentation from SAP asked this high level question and presented a series of APIs that could be used to build these solutions. SAP challenged us with the analog of the fly wheel governor (pictured above); could we invent a system that controls SAP based on the current working conditions. Through a series of working sessions with SAP we went to work at F5 Networks to solve this problem and the results of our work will be presented at the Americas SAP User Group Meeting (ASUG) in May. Our solution has three components, detection of SAP instances, configuration of SAP web instances (Portal or other web based ECC instances) for high availability, web acceleration and security and monitoring of SAP web instances from login to database for a complete picture of what is up and what is down. These steps are performed with the aid of the SAP Application Server List Retrieval (ASLR) API which is part of the SAP Message Server (standard on all SAP NetWeaver installations out-of-the-box). Configuration - Support for SAP Enterprise Portal and all your Web Based SAP ECC instances. With F5 Networks BIG-IP V10 templates for SAP ERP Portal and SAP ECC instances, configuring BIG-IP with advanced application delivery controls is accomplished with just a few questions to be answered on one single page. Below, you can see a screen shot of my BIG-IP and the templates we have available today, especially for SAP, Enterprise Portal and a more generic SAP ECC template for the installation of any additional SAP Web Based instances. Detection - Integration with SAP ASLR to automatically configure all SAP instances. The hunt for SAP instance numbers and port numbers is over. With the coming addition of SAP ASLR integration (planned for after the upcoming ASUG meeting), we will have the message server integration pictured below. While this may look like a very small number of questions, the template takes care of all of the aspects of configuring SAP Portal. Of note to me is how easy it was previously for customers to miss important optimizations even though we detail and clearly document these in our deployment guides (for example the SAP Deployment Guide for V9). With BIG-IP V10 SAP application delivery will be the fastest possible through the network, every time. Now, by providing the SAP Message Server IP Address and port number, BIG-IP automatically retrieves and populates the SAP instances in the load balancing portion of the questionnaire. The hunt for instance numbers and port numbers is over, with the cooperation of ASLR and BIG IP Application Templates. Monitoring - A complete monitor that individually logs into each SAP Instance and checks that instance's unique health status (and then reacts appropriately) One of the shortcomings that F5 Networks has found with the APIs as they stand today is that although graceful shutdown is well detected by the ASLR API, more is needed to address unforeseen outages. We hope that with the community involvement this will be addressed in coming versions of the API. To solve this issue now, our SAP templates install a series of health monitors to cover the state of SAP Web Instances up the entire stack. We begin with automatic configuration of ping and port monitors (which indicates the individual server or VM instance is up). We then configure a monitor which checks for HTTP/1.1 presence (which indicates that SAP Dispatcher is up) and finally we now will recommend the addition of a health monitor to log into the SAP Web Application portal and check for a specified piece of validation text (we then log out, of course). None of this configuration requires any command line interaction and can be delegated to SAP NetWeaver or Basis administrators. Edit-June16,2010: As a point of clarification, some users have wondered if the SAP template for BIG-IP installs the in-dept scripted monitor I discuss here. The answer is no . The scripted monitor is a recommendation for users interested in in-depth monitoring and needs to be installed manually. Please email me for additional questions or for a copy of the script. Below you can see that we allow the configuration of the login username, password and validation text all via the UI. For more on this project from our wonderful partners at SAP I highly recommend checking out Joerg Nalik's post at the SAP Community Network: Catching Up with Deploying and Operations Automation.620Views0likes1Comment