Overview of Red Hat Enterprise Linux for SAP Solutions Subscription
Abstract
Making open source more inclusive
Red Hat is committed to replacing problematic language in our code and documentation. We are beginning with these four terms: master, slave, blacklist, and whitelist. Due to the enormity of this endeavor, these changes will be gradually implemented over upcoming releases. For more details on making our language more inclusive, see our CTO Chris Wright’s message.
Providing feedback on Red Hat documentation
We appreciate your feedback on our documentation. Let us know how we can improve it.
Submitting feedback through Jira (account required)
- Make sure you are logged in to the Jira website.
- Provide feedback by clicking on this link.
- Enter a descriptive title in the Summary field.
- Enter your suggestion for improvement in the Description field. Include links to the relevant parts of the documentation.
- If you want to be notified about future updates, please make sure you are assigned as Reporter.
- Click Create at the bottom of the dialogue.
Chapter 1. Introduction to Red Hat Enterprise Linux for SAP Solutions
Red Hat Enterprise Linux for SAP Solutions is a SAP specific offering, tailored to the needs of SAP workloads such as SAP NetWeaver, SAP S/4HANA and SAP HANA platform.
1.1. Red Hat Enterprise Linux for SAP Solutions
Built on the foundation of Red Hat Enterprise Linux (RHEL) for SAP Applications with its packages and components, in addition to this foundation, the RHEL for SAP Solutions subscription includes the following:
- SAP-specific technical components to support SAP S/4HANA, SAP HANA, and SAP Business Applications.
- SAP-specific High Availability solutions for SAP S/4HANA, SAP HANA, and SAP Business Applications.
- RHEL System Roles for SAP for automation of operating system configuration to run SAP workloads.
- SAP tailored Red Hat Insights Dashboard and Smart Management helps streamline operations and to reduce costs
- Update Services for SAP Solutions or Extended Update Support (EUS), providing support for specific minor RHEL releases for up to four years from General Availability. See the RHEL Life Cycle web page for more information about EUS and Update Services for SAP Solutions.
- Update Services for SAP Solutions is only provided with RHEL for SAP Solutions. It is not available on any other RHEL products.
- Update Services for SAP Solutions is only provided on specified minor RHEL releases, which may be different from the EUS releases.
- The RHEL for SAP Solutions subscription may be used with Red Hat Enterprise Linux 6, but it does not include Update Services for SAP Solutions. However, EUS is available on specific RHEL 6 releases, and it can be used under the RHEL for SAP Solutions subscription to allow for easier migration.
Chapter 2. How business continuity is achieved with SAP Solutions
High availability and disaster recovery solutions for SAP are essential. Tier-1 application outages are costly and disruptive to the business. Even short periods of planned downtime for maintenance events such as software updates or hardware upgrades can negatively impact the end-user, IT productivity, as well as critical business processes.
Red Hat Enterprise Linux for SAP Solutions subscription provides high-availability SAP solutions as well as SAP HANA tested in-place upgrades and live patching capabilities for critical and important Common Vulnerabilities and Exposures (CVEs).
2.1. Red Hat Update Services for SAP
Red Hat Update Services provides up to four years of support, including security patches and critical fixes for select minor releases of Red Hat Enterprise Linux. When you upgrade to the next minor release, binary compatibility and kernel stability ensure that your system remains stable and that both SAP and custom applications continue to execute smoothly.
2.2. Red Hat Insights dashboard for SAP
Red Hat Insights analyzes IT infrastructure against Red Hat’s constantly expanding knowledge base to provide real-time assessment for risks related to performance, availability, stability, and security. Previously an independent service offering, Red Hat Insights has further evolved into a family of proactive monitoring services and is included into the Red Hat Enterprise Linux subscription. RH Insights will help customers gain better operational efficiency and support in security and compliance risk management. For more information on Red Hat Insights, see Red Hat Insights product page.
RHEL for SAP Solutions customers will gain the following benefits by using Red Hat Insights for monitoring your SAP environment:
- Auto detection and profiling of SAP workloads
- Intuitive grouping by SAP SystemID or within SAP dashboard
- SAP application specific recommendations, facts, and filter rules
- Support of automated remediation through corresponding Ansible playbooks for SAP
- Support of configuration drift analysis and policies based e.g. by SAP System ID
2.3. Red Hat Enterprise Linux High Availability solutions for SAP
Red Hat Enterprise Linux High Availability Add-on provides all the necessary packages for configuring a pacemaker-based cluster that provides reliability, scalability, and availability to critical production services. In addition, the components for the Red Hat High Availability solutions for SAP NetWeaver, S/4HANA and SAP HANA
RHEL for SAP Solutions also provides the components required for support of the SAP HA interface. The interface allows customers to manage SAP ABAP application servers, which are controlled by the Red Hat HA solutions for SAP that uses SAP management tools like SAP MMC or SAP Landscape Manager.
Additional resources
- For more information on Red Hat supported SAP HA scenarios, see the Supported HA Scenarios for SAP HANA, SAP S/4HANA, and SAP NetWeaver.
2.4. Kernel Live Patching
Kernel live patching allows customers to patch a running RHEL kernel with selected critical and important CVEs without rebooting the system. This provides operational efficiency to support mission critical infrastructure underpinning SAP business applications, where downtime is not an option, and security responsiveness is required.
For more information about the kernel live patching solution and how it works, see the Red Hat Knowledgebase solution:
- For RHEL 7 Applying patches with kernel live patching
- For RHEL 8 Applying patches with kernel live patching
Kernel live patching is supported starting with version 7.7 and 8.1 and above
2.5. In-place operating system upgrades
As part of the RHEL for SAP Solutions subscription, Red Hat provides validated in-place upgrades of underlying operating system in context of SAP workloads. An in-place upgrade offers upgrading the RHEL system to a later major release of RHEL by replacing the existing operating system without removing applications. Doing so can greatly reduce the costs, for example, highly expensive hardware for an SAP HANA in-memory database does not need to be purchased twice.
Additional resources
- For more information, see How to in-place upgrade SAP environments from RHEL 7 to RHEL 8
Chapter 3. Security and SAP Solutions
Enterprises usually have substantial compliance requirements based on the industry, type of customers, geographic location, and more. Such requirements may need specific certifications, cryptographic modules, and support for encryptions. With Red Hat Enterprise Linux for SAP Solutions, Red Hat delivers a stable, security-focused, high-performance foundation for SAP business applications to support such requirements and provide an easy way to set and validate compliance policies.
3.1. SELinux for SAP production environments
SELinux is a security technology for process isolation to mitigate attacks via privilege escalation. SELinux is enabled on RHEL 8 by default and security policies for system processes are maintained by Red Hat. However, this does not apply to 3rd party applications, such as SAP HANA and S/4HANA. In previous releases, it was recommended to completely disable SELinux on RHEL when installing SAP software.
This has now changed with RHEL for SAP Solutions, and customers may use SELinux in the context of production SAP HANA and S/4HANA deployments.
Additional resources
- For more information, see Enabling SELinux with SAP HANA DB
3.2. SAP HANA disk encryption with NBDE
Red Hat uses the Policy-Based Decryption (PBD) process by using multiple technologies to enable the unlocking of encrypted root and secondary volumes of hard drives.
Network Bound Disk Encryption (NBDE), delivered along with Red Hat Enterprise Linux, is a subcategory of PBD that allows binding encrypted volumes to a special server known as a tang server.
Tested for compliance with SAP HANA, customers of RHEL for SAP Solutions can use NBDE to run SAP HANA DB with encrypted hard drives leveraging automated unlocking capabilities via Tang server.
Additional resources
- For more information, see Setting Up a RHEL System with NBDE and Installing SAP HANA DB with RHEL
3.3. File access policy Daemon for SAP
File access policy Daemon fapolicyd
is a technology provided in RHEL to determine access rights to files based on a trust database and file or process attributes. It helps customers to ensure data remains protected even in case an attacker has successfully gained control over certain processes.
Chapter 4. SAP Automation and Performance
4.1. RHEL System Roles for SAP
The Red Hat Enterprise Linux System Roles for SAP, provided exclusively with the Red Hat Enterprise Linux for SAP Solutions subscription, removes human error from complex and repetitive SAP configuration tasks, such as configuration of a Red Hat Enterprise Linux system for installation of SAP HANA or SAP NetWeaver software.
Customers can use RHEL system roles for SAP to enforce SAP best practices for configuration and setup of both SAP NetWeaver and SAP HANA deployments based on RHEL.
Additional resources
- For more information, see Red Hat Enterprise Linux System Roles for SAP
4.2. tuned
To ensure that RHEL is configured appropriately to best support SAP workloads, the RHEL for SAP Solutions provides tuned profiles “sap” and "sap-hana", which contain many of the SAP best practices and some additional configure settings.
Additional resources
- For more information, see Getting started on your SAP HANA journey with RHEL 8 for SAP Solutions and SAP Note 2777782
4.3. Compatibility libraries
RHEL for SAP Solutions provides additional GCC runtime compatibility libraries required by newer SAP NetWeaver and SAP HANA releases. These GCC runtime compatibility libraries can be installed independently of the standard GCC runtime libraries provided by RHEL.
4.4. Smart Management
The RHEL subscription includes the Smart Management Add-on to provide easy management and updates of Red Hat Enterprise Linux systems by using Red Hat Satellite Server.
Chapter 5. Differences between RHEL for SAP Applications and RHEL for SAP Solutions
Red Hat Enterprise Linux for SAP Solutions subscription contains more features and capabilities than our lightweight RHEL for SAP Applications subscription. The following table lists the technical differences between the two subscriptions.
Feature | RHEL for SAP Applications | RHEL for SAP Solutions |
---|---|---|
Software packages for SAP NetWeaver: Repository rhel-7-SAP / rhel-8-SAP-NetWeaver (check the SAP-specific technical components table for a list of components) | X | X |
Software packages for SAP HANA: Repository rhel-7-SAP-HANA / rhel-8-SAP-Solutions (check the SAP-specific technical components table for a list of components) | X | |
RHEL High-Availability Add-On | X | |
RHEL System Roles for SAP | X | |
Extended Update Support (EUS) | Only in Premium | X |
Update Services for SAP Solutions (E4S) | X | |
Smart Management Add-On | X | |
Insights | X | X |
All future solutions for SAP applications are planned to be added to the RHEL for SAP Solutions repository. See the datasheet Red Hat Enterprise Linux for SAP Solutions for more information.
5.1. Overview of the RHEL for SAP Applications repository
The SAP-specific software packages are available with both, the RHEL for SAP Applications and the RHEL for SAP Solutions subscription.
- compat-sap-c++ (available with RHEL 6.7 and later): Provides additional runtime compatibility libraries required by newer NetWeaver releases. These libraries are installed independently of the standard runtime libraries provided by RHEL. For more information, see the Red Hat Knowledgebase solution Installation of SAP NetWeaver 7.51 and later on Red Hat Enterprise Linux 6 fails with the message GLIBCXX_3.4.14 not found.
- tuned-profiles-sap (available with RHEL 6.5 and later): Provides the +sap-netweaver+profile to tune RHEL for running SAP NetWeaver-based applications.
- resource-agents-sap (only in RHEL 6.5 and later): Provides Pacemaker cluster resource agents (SAPDatabase and SAPInstance) to set up high availability for SAP NetWeaver environments. For more information and guidelines, see the Red Hat Knowledgebase solution the Deploying Highly Available SAP NetWeaver-based Servers Using Red Hat Enterprise Linux HA add-on with Pacemaker. For more information Red Hat HA solutions for managing ENSA1 and ENSA2 using the resource agents provided by the resource-agents-sap package, see the Red Hat Knowledgebase solutions HA Solution for S/4HANA based on ABAP Platform 1809 or newer and HA Solution for NetWeaver or S/4 Based on ABAP Platform 1709 or older.
- compat-locales-sap: Enables Legacy SAP locales to easily portnon-Unicode SAP NetWeaver installations from UNIX or Windows to Linux. For more information, see SAP Note 187864. This package also provides users with additional locales to runnon-Unicode SAP applications. For example, the de_DE@HPUX locale changes the sorting for German on RHEL to match the sorting on HP-UX to avoid sorting issues. For more information, see SAP Note 952625.
-
vhostmd/vm-dump-metrics: A monitoring daemon and client required by SAP for KVM support; For more information, see SAP Note 1400911. In RHEL 8.0, the
vm-dump-metrics package
is part of the BaseOS repository and thevhostmd
package is part of the AppStream repository.
5.2. Overview of the RHEL for SAP HANA repository
The SAP-specific software packages are available only with the RHEL for SAP Solutions subscription.
-
rhel-system-roles-sap (only in RHEL 7.7 Batch Update 3 and later): Provides the automated RHEL system preparation of a local or remote server for the installation of SAP HANA or SAP NetWeaver, including required packages, kernel parameters, and network parameters.
rhel-system-roles-sap
has the ability to be integrated into Red Hat Satellite Server and Red Hat Ansible Tower. For more information, see Red Hat Enterprise Linux System Roles for SAP. - compat-sap-c++: Provides additional runtime compatibility libraries required by newer NetWeaver and HANA releases. These libraries are installed independently of the standard runtime libraries provided by RHEL.
- tuned profiles-sap-hana: Provides the sap-hana tuned profile to tune RHEL for running SAP HANA.
- resource-agents-sap-hana: Resource agents and other components for managing SAP HANA Scale-Up System replication. For more information, see the Red Hat Knowledgebase article Supported Scenarios of Automated SAP HSR in HANA Scale-Up.
- resource-agents-sap-hana-scaleout: Resource agents and other components for managing SAP HANA Scale-Out System replication. For more information, see the Red Hat Knowledgebase article Supported Scenarios of Automated SAP HSR in HANA Scale-Out.
5.3. SAP related software packages and repositories
The following table contains an overview of the SAP-specific technical components that are included in the respective repositories:
5.3.1. RHEL 7
Package | rhel-7-SAP(*) | rhel-7-SAP-HANA(*) |
---|---|---|
compat-locales-sap | X | |
compat-sat-c++ | X | X |
resource-agents-sap | X | |
resource-agents-sap-hana | X | |
tuned-profiles-sap | X | |
tuned-profiles-sap-hana | X | |
sapconf | X | |
rhel-system-roles-sap | X(**) | |
_vhostmd/vm-dump-metrics | X |
(**) starting with RHEL 7.7
(*) Use the following list to identify the full repository labels:
rhel-7-SAP:
-
rhel-sap-for-rhel-7-<arch>-rpms
-
rhel-sap-for-rhel-7-<arch>-eus-rpms
-
rhel-sap-for-rhel-7-<arch>-e4s-rpms
rhel-7-SAP-HANA:
-
rhel-sap-hana-for-rhel-7-<arch>-rpms
-
rhel-sap-hana-for-rhel-7-<arch>-eus-rpms
-
rhel-sap-hana-for-rhel-7-<arch>-e4s-rpms
<arch>
denotes the specific hardware architecture as follows:
-
"
server
"(for x86_64) -
"
for-power-le
" (for ppc64le) -
"
for-power
" (for ppc64) -
"
for-system-z
" (for s390x)
e4s repos are only available for hardware architectures x86_64 and ppc64le.
5.3.2. RHEL 8
Package | rhel-7-SAP(*) | rhel-7-SAP-HANA(*) |
---|---|---|
compat-locales-sap | X | |
compat-sat-c++ | X | X |
resource-agents-sap | X | |
resource-agents-sap-hana | X | |
tuned-profiles-sap | X | |
tuned-profiles-sap-hana | X | |
rhel-system-roles-sap | X | |
_vhostmd/vm-dump-metrics | X |
(*) Use the following list and examples to identify the full repository labels:
rhel-8-SAP-NetWeaver:
-
rhel-8-for-<arch>-sap-netweaver-rpms
-
rhel-8-for-<arch>-sap-netweaver-eus-rpms
-
rhel-8-for-<arch>-sap-netweaver-e4s-rpms
rhel-8-SAP-Solutions:
-
rhel-8-for-<arch>-sap-solutions-rpms
-
rhel-8-for-<arch>-sap-solutions-eus-rpms
-
rhel-8-for-<arch>-sap-solutions-e4s-rpms
<arch>
denotes the specific hardware architecture as follows:
- x86_64
- ppc64le
- s390x
e4s repos are only available for hardware architectures x86_64 and ppc64le.