You are on page 1of 30

Imp|ement|ng

SA So|ut|ons
on Amazon Web Serv|ces



CreaLed by: Amazon Web Servlces LLC
sap-on-aws[amazon.com

verslon: 2.1 - Aprll 2012
lmplemenLlng SA SoluLlons on Amazon Web Servlces


2

!"#$%#$&
About th|s Gu|de .................................................................................................................................. 3
AddlLlonal SA on AWS uocumenLaLlon .................................................................................................. 3
Cverv|ew of Amazon Web Serv|ces ...................................................................................................... 4
Network|ng and Connect|v|ty ............................................................................................................... 6
AWS neLwork CpLlons ............................................................................................................................. 6
Amazon LC2 Classlc .............................................................................................................................. 6
vlrLual rlvaLe Cloud (Amazon vC) ..................................................................................................... 7
ConnecLlvlLy CpLlons for vC ............................................................................................................... 7
SeLLlng up a vC ................................................................................................................................... 7
Spec|a| Cons|derat|ons for SA Systems on AWS .................................................................................. 7
SA on AWS noLes ................................................................................................................................... 8
AWS lnsLance 1ypes ................................................................................................................................. 8
CperaLlng SysLems ................................................................................................................................... 8
PosLnames ............................................................................................................................................... 9
SLorage CpLlons ..................................................................................................................................... 10
AWS MonlLorlng ..................................................................................................................................... 10
1ermlnaLlon roLecLlon .......................................................................................................................... 10
Copylng SA lnsLallaLlon Medla Lo AWS ................................................................................................. 11
Copylng an SA SysLem Lo AWS ............................................................................................................. 11
S|z|ng and erformance ...................................................................................................................... 12
Slzlng ...................................................................................................................................................... 12
erformance ........................................................................................................................................... 12
SLorage ............................................................................................................................................... 12
8ack|ng Up SA Systems on AWS ........................................................................................................ 13
Append|x: ........................................................................................................................................... 14
reparlng a Llnux lnsLance for Lhe lnsLallaLlon of an SA sysLem .......................................................... 14
reparlng a Wlndows lnsLance for Lhe lnsLallaLlon of an SA sysLem .................................................... 22


lmplemenLlng SA SoluLlons on Amazon Web Servlces


3

"#$%& &'() *%(+,
1hls gulde provldes besL pracLlce guldellnes for lmplemenLlng SA soluLlons on Amazon Web Servlces
(AWS). 1he lnLended audlence of Lhls gulde ranges from anyone who ls new Lo AWS and ls looklng Lo
lnsLall small SA LesL/Lralnlng/sandbox/demo sysLems on AWS Lo someone who ls already famlllar wlLh
AWS and ls looklng for deLalled guldance on how Lo deploy hlgh performance SA sysLems on AWS.

1hls gulde ls noL lnLended Lo replace any of Lhe sLandard SA documenLaLlon. When lnsLalllng SA
soluLlons on AWS you should always refer Lo Lhe sLandard SA documenLaLlon and noLes for Lhe
respecLlve SA soluLlon -
hLLp://servlce.sap.com/lnsLguldes
hLLp://servlce.sap.com/noLes


lease provlde any feedback you have on Lhls gulde Lo - sap-on-aws[amazon.com

"++(&($-./ 0"1 $- "20 3$4%5,-&.&($-
AddlLlonal SA on AWS documenLaLlon can be found aL:
hLLp://aws.amazon.com/sap



lmplemenLlng SA SoluLlons on Amazon Web Servlces


4

67,87(,9 $: "5.;$- 2,# 0,87(4,)

ln 2006, Amazon Web Servlces (AWS) began offerlng l1 lnfrasLrucLure servlces Lo buslnesses ln Lhe form
of web servlces -- now commonly known as cloud compuLlng. AWS offers low, pay-as-you-go prlclng
wlLh no requlred mlnlmum commlLmenLs or long-Lerm conLracLs.

1he hlghly flexlble and scalable plaLform provlded by AWS ls an ldeal plaLform for Lhe operaLlon of boLh
non-producLlon and producLlon SA sysLems.

1hls secLlon provldes an overvlew of Lhe AWS servlces LhaL are relevanL Lo Lhe lmplemenLaLlon of SA
soluLlons. lor a more deLalled descrlpLlon of each of Lhe servlces and Lhe compleLe sulLe of AWS
servlces please vlslL Lhe AWS webslLe - hLLp://aws.amazon.com

L|ast|c Compute C|oud (Amazon LC2) - hLLp://aws.amazon.com/ec2
Amazon LlasLlc CompuLe Cloud (Amazon LC2) ls a web servlce LhaL provldes reslzable compuLe capaclLy
ln Lhe cloud. lL ls deslgned Lo make web-scale compuLlng easler for developers.

Components of Amazon LC2

Amazon Mach|ne Image (AMI)
An AMl ls Lhe server LemplaLe LhaL ls used Lo launch a new lnsLance (vlrLual server). 1he AMl
conLalns Lhe base operaLlng sysLem (Llnux/Wlndows) LhaL you can Lhen lnsLall SA sofLware on
Lop of. A large selecLlon of publlc AMls ls avallable from Amazon and Lhe Amazon LC2
communlLy and lL ls posslble Lo creaLe your own AMls.

Instance
AfLer an AMl ls launched, Lhe resulLlng runnlng sysLem ls called an lnsLance.

Instance 1ypes - hLLp://aws.amazon.com/ec2/lnsLance-Lypes
AWS offers varlous vlrLual server slzes (e.g. Small, Medlum, Large, xLarge) whlch are referred Lo
as lnsLance 1ypes

key a|r
key alrs are used Lo ensure LhaL only you have access Lo your lnsLances. ?ou use a key alr Lo
SSP Lo Llnux/unlx lnsLances, or Lo decrypL Lhe defaulL admlnlsLraLor password for Wlndows
lnsLances.

Secur|ty Group
A securlLy group acLs as a flrewall LhaL conLrols Lhe Lrafflc allowed lnLo a group of lnsLances. ?ou
can asslgn each lnsLance Lo one or more securlLy groups aL lnsLance launch Llme.

keg|ons and Ava||ab|||ty 2ones
Amazon LC2 locaLlons are composed of 8eglons and AvallablllLy Zones.
lmplemenLlng SA SoluLlons on Amazon Web Servlces


3

Ava||ab|||ty 2ones are dlsLlncL locaLlons LhaL are englneered Lo be lnsulaLed from
fallures ln oLher AvallablllLy Zones and provlde lnexpenslve, low laLency neLwork
connecLlvlLy Lo oLher AvallablllLy Zones ln Lhe same 8eglon.
keg|ons conslsL of one or more AvallablllLy Zones, are geographlcally dlspersed, and wlll
be ln separaLe geographlc areas or counLrles. Amazon LC2 ls avallable ln mulLlple
reglons. lor a currenL llsL of reglons please vlslL:
hLLp://aws.amazon.com/abouL-aws/globallnfrasLrucLure/



L|ast|c 8|ock Store (L8S) - hLLp://aws.amazon.com/ebs
AWS LlasLlc 8lock SLore (L8S) provldes perslsLenL block level sLorage volumes for use wlLh LC2
lnsLances. L8S volumes are off-lnsLance sLorage LhaL perslsLs lndependenLly from Lhe llfe of an
lnsLance. LlasLlc 8lock SLore provldes hlghly avallable, hlghly rellable sLorage volumes LhaL can
be aLLached Lo an Amazon LC2 lnsLance and exposed as a devlce wlLhln Lhe lnsLance's guesL
operaLlng sysLem.

L8S Snapshot
L8S provldes Lhe ablllLy Lo creaLe polnL-ln-Llme snapshoLs of volumes, whlch are
perslsLed Lo Amazon S3. SnapshoLs can be used as Lhe sLarLlng polnL for new Amazon
L8S volumes and Lo proLecL daLa for long-Lerm durablllLy. lf you make perlodlc
snapshoLs of a volume, Lhe snapshoLs are lncremenLal so LhaL only Lhe blocks on Lhe
devlce LhaL have changed slnce your lasL snapshoL are lncremenLally saved ln Lhe new
snapshoL. Lven Lhough snapshoLs are saved lncremenLally, Lhe snapshoL deleLlon
process ls deslgned so LhaL you need Lo reLaln only Lhe mosL recenL snapshoL ln order Lo
resLore Lhe volume.

V|rtua| r|vate C|oud (VC) - hLLp://aws.amazon.com/vpc
Amazon vlrLual rlvaLe Cloud (vC) enables you Lo provlslon a prlvaLe, lsolaLed secLlon of Lhe AWS Cloud
where you can launch AWS resources ln a vlrLual neLwork LhaL you deflne. ?ou connecL Lo your sysLems
ln Lhe vC vla secure vn Lunnel. lnsLances LhaL you operaLe wlLh a vC can appear as lf Lhey are on
your local corporaLe neLwork.

D|rect Connect - hLLp://aws.amazon.com/dlrecLconnecL
ulrecL ConnecL enables Lo esLabllsh a dedlcaLed/prlvaLe neLwork connecLlon beLween your
corporaLe neLwork and your vC.

L|ast|c I Address (LI)
An LlasLlc l Address ls a publlcly addressable lnLerneL l address LhaL you can allocaLe Lo your accounL.
Cnce you allocaLe an Ll Lo your accounL you can Lhen asslgn lL Lo an lnsLance so Lhe lnsLance has a
conslsLenL l address. Lls can also be used Lo allow lnsLances wlLhln a publlc subneL of a vC Lo
communlcaLe dlrecLly wlLh Lhe lnLerneL.

L|ast|c Network Interfaces (LNI) - [|nsert UkL here]
An LlasLlc neLwork lnLerface ls a vlrLual ob[ecL can be aLLached Lo an Amazon LC2 lnsLance ln a vC.
When aLLached, Lhe Lnl funcLlons as an addlLlonal neLwork lnLerface on Lhe LC2 lnsLance - lL can send
lmplemenLlng SA SoluLlons on Amazon Web Servlces


6

and recelve Lrafflc wlLh oLher resources on Lhe neLwork. ?ou can use lL Lo creaLe a managemenL
neLwork, creaLe dual homed lnsLances LhaL cross subneLs, or even uLlllze neLwork and securlLy
appllances ln your vC.

S|mp|e Storage Serv|ce (Amazon S3) - hLLp://aws/amazon.com/s3
Amazon S3 provldes a hlghly durable sLorage lnfrasLrucLure deslgned for mlsslon-crlLlcal and prlmary
daLa sLorage. Amazon S3 ls an ob[ecL based sLorage sysLem and cannoL be presenLed Lo an lnsLance as a
devlce llke L8S. ln an SA envlronmenL, Amazon S3 ls an excellenL locaLlon for sLorlng backups.

AWS C|oudWatch - hLLp://aws.amazon.com/cloudwaLch
Amazon CloudWaLch enables you Lo monlLor your Amazon LC2 resources ln real-Llme. Amazon
CloudWaLch provldes free 8aslc MonlLorlng for all Amazon LC2 lnsLances. 8aslc MonlLorlng provldes
meLrlcs aL 3-mlnuLe granularlLy. CpLlonally you can choose Lo enable ueLalled MonlLorlng for an
lnsLance, whlch provldes performance meLrlcs aL 1-mlnuLe granularlLy

AWS Import]Lxport Serv|ce - hLLp://aws.amazon.com/lmporLexporL
AWS lmporL/LxporL acceleraLes movlng large amounLs of daLa lnLo and ouL of AWS uslng porLable
sLorage devlces for LransporL. AWS Lransfers your daLa dlrecLly onLo and off of sLorage devlces uslng
Amazon's hlgh-speed lnLernal neLwork and bypasslng Lhe lnLerneL. lor slgnlflcanL daLa seLs, AWS
lmporL/LxporL ls ofLen fasLer Lhan lnLerneL Lransfer and more cosL effecLlve Lhan upgradlng your
connecLlvlLy.

AWS rem|um Support - hLLp://aws.amazon.com/premlumsupporL
AWS 8aslc SupporL ls lncluded ln Lhe use of AWS servlces aL no addlLlonal charge. AWS 8aslc SupporL
offers all AWS cusLomers access Lo Lhe AWS 8esource CenLer, AWS Servlce PealLh uashboard, AWS
roducL lACs, and AWS ulscusslon lorums. CusLomers who deslre a deeper level of supporL can
subscrlbe Lo AWS remlum SupporL for an addlLlonal fee.
AWS remlum SupporL ls a one-on-one, fasL-response supporL channel LhaL ls sLaffed 24x7x363 wlLh
experlenced and Lechnlcal supporL englneers. 1he servlce helps cusLomers of all slzes and Lechnlcal
ablllLles Lo successfully uLlllze Lhe producLs and feaLures provlded by Amazon Web Servlces.

<,&9$8=(-> .-+ ?$--,4&(7(&@

"20 <,&9$8= 6A&($-)
When lmplemenLlng sysLems on AWS, you have Lwo neLworklng models Lo choose from 1) Amazon LC2
or 2) Amazon vlrLual rlvaLe Cloud. 1he Lwo neLwork opLlons are descrlbed below along wlLh use cases
of each neLwork Lype.

"5.;$- B?C ?/.))(4 - 1he LC2 Classlc neLwork ls Lhe defaulL neLworklng opLlon when launchlng
Amazon LC2 lnsLances. lnsLances launched on Lhe Amazon LC2 classlc neLwork are asslgned a local l
lmplemenLlng SA SoluLlons on Amazon Web Servlces


7

address wlLhln Lhe Amazon LC2 prlvaLe l address range and are also asslgned a publlcly addressable
lnLerneL l address.

use Cases - 1esL/Sandbox, uemo, 1ralnlng, eLc.

D(8&%./ 18(7.&, ?/$%+ E"5.;$- D1?F - As descrlbed earller ln Lhls documenL vC enables you Lo
provlslon a prlvaLe, lsolaLed secLlon of Lhe AWS Cloud where you can launch AWS resources ln a vlrLual
neLwork LhaL you deflne. WlLh a Amazon vC you are also able Lo esLabllsh a connecLlon beLween your
corporaLe neLwork and Lhe AWS cloud. ulfferenL connecLlon opLlons are descrlbed laLer ln Lhls secLlon.

WlLhln a vC you can deflne boLh publlc (accesslble from Lhe lnLerneL) and prlvaLe (noL accesslble from
Lhe lnLerneL) subneLs. When you launch an lnsLance wlLhln a vC you conLrol Lhe local l address
asslgned Lo Lhe lnsLance. ?ou can elLher asslgn Lhe l address manually or vla uPC. lor lnsLances ln a
publlc subneL you also have Lhe opLlon Lo asslgn a publlcly addressable LlasLlc l (Ll) address.

use Cases - A vC ls requlred for Lhe operaLlon of uLv/CAS/8u landscapes

?$--,4&(7(&@ 6A&($-) :$8 D1?
WlLh vC you have mulLlple opLlons on how Lo connecL your corporaLe neLwork

Cpt|on Descr|pt|on
SofLware based vn vn sofLware llke Cpenswan or Cpenvn lnsLalled on boLh ends of
Lhe connecLlon
Pardware based vn A physlcal vn rouLer (e.g. Clsco lSC / !unlper) ls lnsLalled on boLh
end of Lhe connecLlon
AWS ulrecL ConnecL ulrecL ConnecL enables Lo esLabllsh a dedlcaLed/prlvaLe neLwork
connecLlon beLween your corporaLe neLwork and your vC.


0,&&(-> %A . D1?
lor deLalled lnsLrucLlons how Lo seLup and conflgure a vC and Lhe connecLlon beLween your neLwork
and your vC please read Lhe vC documenLaLlon avallable aL -
hLLp://aws.amazon.com/documenLaLlon/vpc/


0A,4(./ ?$-)(+,8.&($-) :$8 0"1 0@)&,5) $- "20

1hls secLlon covers Loplcs speclflc Lo Lhe lmplemenLaLlon of SA soluLlons on AWS.
SA on AWS noLes
AWS lnsLance 1ypes
CperaLlng SysLems
lmplemenLlng SA SoluLlons on Amazon Web Servlces


8

PosLnames
SLorage CpLlons
SA Pardware key
AWS MonlLorlng
SA vlrLual Server MonlLorlng
SA and AWS SupporL
1ermlnaLlon roLecLlon
Copylng SA lnsLallaLlon Medla Lo AWS

0"1 $- "20 <$&,)
8efore lnsLalllng any SA soluLlons on AWS, please read all of Lhe relevanL SA noLes. 1hese SA noLes
conLaln Lhe mosL recenL lnformaLlon on Lhe lmplemenLaLlon and operaLlon of SA sysLems on AWS.
Make sure LhaL you have Lhe laLesL verslon of each SA noLe, whlch you can flnd aL
hLLp://servlce.sap.com/noLes

Note # Descr|pt|on
1388667 SA on Amazon Web Servlces (AWS)
1636099 SA on AWS: SupporLed producLs and landscapes
1636249 SA on AWS: lnlLlal lmplemenLaLlon guldellnes
1636232 SA on AWS: CperaLlons and Llfecycle ManagemenL
1636230 SA on AWS: SupporLed lnsLance Lypes
1618372 Llnux: SupporL SLaLemenL for 8PLL on Amazon Web Servlces
1618390 SupporL: Cracle daLabase on Amazon Web Servlces
1388896 Llnux: SupporL SLaLemenL for SLLS on Amazon Web Servlces
1600136 u86: SupporL sLaLemenL for u82 on Amazon Web Servlces
1178686 Llnux: AlLernaLlve meLhod Lo generaLe a SA hardware key

"20 G-)&.-4, H@A,)
AWS offers varlous lnsLance 1ypes (vM slzes). A llsL of Lhe lnsLance 1ypes cerLlfled for SA producLlon on
AWS can be found ln Lhe followlng SA noLe:
1636230 - SA on AWS: SupporLed lnsLance Lypes



lor a deLalled descrlpLlon of Lhe AWS lnsLance Lypes and LlasLlc CompuLe unlLs (LCu) please vlslL:
hLLp://aws.amazon.com/ec2/lnsLance-Lypes

6A,8.&(-> 0@)&,5)
Amazon Web Servlces offers Lhe followlng CperaLlng SysLems whlch are supporLed for Lhe operaLlon of
SA sysLems as per Lhe SA AM. CurrenLly SuSL Llnux and 8ed PaL Llnux are supporLed for Lhe
lmplemenLaLlon and operaLlon of SA producLlon sysLems on AWS.

lmplemenLlng SA SoluLlons on Amazon Web Servlces


9

Cperat|ng System
SuSL Llnux LnLerprlse Server 11
8ed PaL LnLerprlse Llnux 6.1
Wlndows 2003 & 2008


I$)&-.5,)

Note
1hls lnformaLlon ln Lhls secLlon ls only relevanL when lmplemenLlng 1esL, Sandbox, uemo,
1ralnlng, eLc. sysLem on Lhe Amazon LC2 neLwork. When lmplemenLlng sysLem wlLhln a
vC you have dlrecL conLrol over Lhe conflguraLlon of Lhe hosLname of an lnsLance.


1) 1he generaLed hosLname (Llnux) / compuLername (Wlndows) LhaL ls asslgned Lo a new Amazon
LC2 lnsLance ls Loo long and does noL meeL Lhe requlremenLs of an SA sysLem. ?ou musL
change Lhe hosLname / compuLername of a new Amazon LC2 lnsLance Lo meeL Lhe
requlremenLs of an SA sysLem before lnsLalllng an SA soluLlon on Lhe lnsLance. lor addlLlonal
lnformaLlon abouL Lhe allowed hosLname lengLh and characLers, see SA noLe 611361.

2) 1he defaulL behavlor of an AWS lnsLance ls Lo generaLe a new hosLname / compuLername aL
Lhe Llme an lnsLance ls launched from an AMl or a sLopped lnsLance ls resLarLed. 1hls behavlor
ls noL approprlaLe for an SA sysLem and musL be dlsabled by followlng Lhe sLeps provlded
below.

! SUSL
1) SLarL yasL
2) navlgaLe Lo neLwork uevlces -> neLwork SeLLlngs (press enLer)
3) SelecL PosLname/unS ln Lhe menu
4) Change Lhe values of Lhe PosLname and uomaln name flelds as requlred
3) uncheck Change PosLname vla uPC"
6) l10 (Lo save)
7) l9 (Lo exlL)

! ked nat
1) LdlL flle !"#$!%&%$'()*+!("#,'-.
2) Change parameLer PCS1nAML and replace value wlLh Lhe new hosLname
3) 8esLarL CS

! W|ndows
1) SLarL -> rograms -> LC2ConflgServlce SeLLlngs
2) Cn Lhe Ceneral Lab, deselecL SeL CompuLer name"


lmplemenLlng SA SoluLlons on Amazon Web Servlces


10

0&$8.>, 6A&($-)
AWS offers mulLlple Lypes of sLorage. Lach Lype of sLorage ls explalned below along wlLh Lhe relevanL
uses for an SA sysLem.
Storage 1ype Descr|pt|on and Use
Local / lnsLance/
Lphemeral
lnsLance based sLorage locaLed on Lhe physlcal server
noL perslsLenL beyond llfe of Lhe lnsLance
uses - Swap, MS SCL Server 1empu8
LlasLlc 8lock SLore (L8S) erslsLenL block level sLorage volumes for use wlLh LC2 lnsLances.
uses - SA/u8 sofLware / u8 log flles and / u8 daLa flles /
lnLermedlaLe backup LargeL

Slmple SLorage Servlce
(S3)
lnLerneL ob[ecL/flle based sLorage
ueslgned for hlgh durablllLy - 99.999999999 durablllLy
ueslgned for hlgh avallablllLy - 99.99 avallablllLy
noL lnLended Lo be used as a flle sysLem
uses - 8ackups and SA Archlvlng



"20 J$-(&$8(->
AWS CloudWaLch enables AWS cusLomers Lo monlLor Lhelr Amazon LC2 resources ln real-Llme. Amazon
CloudWaLch provldes free 8aslc MonlLorlng for all Amazon LC2 lnsLances. 8aslc MonlLorlng provldes
meLrlcs aL 3-mlnuLe frequency.

?ou can enable ueLalled MonlLorlng for an lnsLance by rlghL cllcklng on Lhe lnsLance ln Lhe AWS
ManagemenL Console and Lhen selecLlng Lnable ueLalled MonlLorlng.


Note
1here ls addlLlonal cosL assoclaLed wlLh Lhe use of CloudWaLch ueLalled MonlLorlng. lease vlslL
hLLp://aws.amazon.com/cloudwaLch/ for addlLlonal lnformaLlon.

H,85(-.&($- 18$&,4&($-
1ermlnaLlon roLecLlon prevenLs an Amazon LC2 lnsLance from accldenLly belng LermlnaLed (deleLed) by
a user elLher vla Lhe Amazon ManagemenL Console or Lhe Amazon LC2 Al. ?ou can enable 1ermlnaLlon
roLecLlon aL lnsLance launch Llme or by rlghL cllcklng on a runnlng lnsLance ln Lhe Amazon ManagemenL
Console and selecLlng Change 1ermlnaLlon roLecLlon".

lL ls hlghly recommend LhaL you enable 1ermlnaLlon roLecLlon for any SA producLlon sysLem LhaL you
operaLe on AWS.

lmplemenLlng SA SoluLlons on Amazon Web Servlces


11

?$A@(-> 0"1 G-)&.//.&($- J,+(. &$ "20
1here are Lwo prlmary opLlons for copylng SA lnsLallaLlon medla Lo AWS.

1. lf you already have Lhe lnsLallaLlon medla downloaded Lo a locaLlon on your neLwork you can
copy Lhe medla from your neLwork Lo Amazon S3 or dlrecLly Lo an Amazon LC2 lnsLance.
uependlng on Lhe connecLlon speed beLween your neLwork and AWS Lhls may noL be Lhe
opLlmal soluLlon.

2. ln mosL cases downloadlng from Lhe SA Servlce MarkeLplace dlrecLly Lo an Amazon LC2
lnsLance wlll be Lhe fasLesL meLhod for geLLlng SA lnsLallaLlon medla Lo AWS. uslng Lhls
soluLlon you can creaLe a dedlcaLed L8S volume Lo sLore all of your lnsLallaLlon medla whlch you
can Lhen deLach/aLLach Lo dlfferenL lnsLances as needed. ?ou can also creaLe a SnapshoL of Lhe
L8S volume and creaLe mulLlple L8S coples LhaL you can aLLach Lo mulLlple lnsLances ln parallel.

?$A@(-> .- 0"1 0@)&,5 &$ "20
CurrenLly Lhe only meLhod supporLed by SA for copylng an SA sysLem ls Lhe SA homogeneous /
heLerogeneous sysLem copy procedure. 1hls ls also Lhe recommended meLhod for copylng an exlsLlng
on-premlse SA sysLem Lo AWS.

lor small SA sysLems (exporL less Lhan 300 C8) you can copy Lhe sysLem exporL dlrecLly Lo AWS over
Lhe neLwork. 1o acceleraLe Lransfers over Lhe neLwork Lhere are varlous uLlllLles/proLocols avallable.
1wo commonly used wlLh AWS are.
1sumanl uu - hLLp://Lsunaml-udp.sourceforge.neL
Aspera - hLLp://www.asperasofL.com

lor larger SA sysLems Lhe Amazon Import]Lxport servlce can be uLlllzed. 1he Amazon lmporL/LxporL
servlce enables you Lo shlp a porLable sLorage devlce Lo AWS, Lhe daLa ls Lhen copled from Lhe sLorage
devlce Lo one of your Amazon S3 buckeLs or Lo an L8S snapshoL. ?ou can Lhen download Lhe daLa from
Amazon S3 dlrecLly Lo your Amazon LC2 lnsLance vla Lhe local AWS hlgh speed neLwork or creaLe a new
L8S volume from Lhe snapshoL.

1he lmporL Lo L8S snapshoL opLlon ls currenLly llmlLed Lo 118. ln order Lo uLlllzes Lhe lmporL Lo L8S
opLlons Lhe physlcal devlce you shlp Lo AWS musL my <= 118.

lor addlLlonal lnformaLlon on Lhe Amazon lmporL/LxporL servlces please vlslL:
hLLp://aws/amazon.com/lmporLexporL


lmplemenLlng SA SoluLlons on Amazon Web Servlces


12

0(;(-> .-+ 1,8:$85.-4,

0(;(->
1he sLandard SA slzlng procedure should be uLlllzed when slzlng SA soluLlons Lo run on AWS. AfLer
you have compleLed an SA slzlng uslng Lhe SA Culck Slzer and have deLermlned your SAS
requlremenLs you can Lhen archlLecL your SA soluLlon on AWS. 1he up Lo daLe SAS raLlngs of Lhe SA
cerLlfled Amazon LC2 lnsLance 1ypes can be found ln SA noLe # 1388667.


1|p
AWS ls conLlnually lnLroduclng new lnsLance 1ypes and enhanclng Lhe AWS plaLform.
?ou should frequenLly check noLe SA noLe # 1388667 for Lhe laLesL SAS raLlngs of Lhe
varlous AWS lnsLance Lypes.

1,8:$85.-4,
0&$8.>,
AWS LlasLlc 8lock SLore (L8S) ls a shared resource, all communlcaLlon wlLh Lhe L8S volumes occur over
Lhe shared neLwork provlded Lo Lhe Amazon LC2 lnsLance.

1o meeL Lhe hlgh lC requlremenLs of an SA producLlon sysLem, you can attach multiple EBS volumes
to an instance to increase the total IOPS available to the instance. Depending on the operation
system, different techniques are recommend for utilizing multiple EBS volumes. In the following
sections the recommend disk configurations for Linux and Windows are described

!"#$%

lor Llnux sysLems AWS recommends Lo sLrlpe mulLlple L8S volumes uslng sofLware 8Alu Lo lncrease Lhe
LoLal number of lCS avallable Lo Lhe SA sysLem. Lach L8S volume ls proLecLed from physlcal drlve
fallure by Lhe means of drlve mlrrorlng so uslng a 8Alu level hlgher Lhan 8Alu-0 ls noL necessary. 1he
annual fallure raLe (Al8) for an L8S volume ls 0.1 Lo 0.3, compared Lo 4 for a commodlLy hard
drlve.

lnsLrucLlons how Lo creaLe a sLrlped flle sysLem ln Llnux are provlded ln secLlon !""#$%&'( *+#",+&$- ,
.&$/' 0$12,$3# 45+ 26# &$12,77,2&5$ 54 8!* 15429,+#"


8elow ls a sample L8S conflguraLlon for an SA producLlon sysLem runnlng on Llnux.

I||e system L8S Vo|umes Str|p|ng
rooL 1 no
/swap 1 no
/usr/sap 1 no
/[u8 sofLware] 1 no
lmplemenLlng SA SoluLlons on Amazon Web Servlces


13

/[u8 log flle] 1 no
/u8 daLa flles] 8 8Alu-0

'"#()*+

lor Wlndows sysLems, AWS recommends LhaL you dlsLrlbuLe Lhe daLabase daLa flles across separaLe L8S
volumes, noL uslng Wlndows sofLware 8Alu.

8elow ls a sample L8S conflguraLlon for an SA producLlon sysLem runnlng on Wlndows.

Dr|ve L8S Vo|umes Use
C:\ 1 8ooL volume (lncluded wlLh lnsLance
u:\ 1 SA / MS SCL sofLware
S:\ 1 Swap
L:\ 1 u8 Log flle
l:\ 1 u8 uaLa flle 1
C:\ 1 u8 uaLa flle 2
P:\ 1 u8 uaLa flle 3
l:\ 1 u8 uaLa flle 4
!:\ 1 u8 uaLa flle 3
k:\ 1 u8 uaLa flle 6
x:\ 1 8ackup


K.4=(-> LA 0"1 0@)&,5) $- "20

lor how-Lo and besL pracLlce guldellnes on backlng up SA sysLems on AWS, please see Lhe SA on AWS
backup and recovery guldes avallable aL: hLLp://aws.amazon.com/sap

lmplemenLlng SA SoluLlons on Amazon Web Servlces


14

"AA,-+(MN
18,A.8(-> . O(-%M G-)&.-4, :$8 &', (-)&.//.&($- $: .- 0"1 )@)&,5

1he followlng secLlon deLalls Lhe sLeps requlred Lo prepare a Llnux lnsLance and relevanL AWS
componenLs requlred Lo lnsLall an SA sysLem.

erqu|s|tes
Access Lo Lhe lnLerneL
Amazon Web Servlces AccounL - CreaLe an AWS AccounL
AcLlvaLe your accounL for Amazon LC2

" Log |nto the Amazon Management Conso|e
1) uslng your AWS accounL and password log lnLo Lhe AWS ManagemenL Console -
hLLp://console.aws.amazon.com

" Create a key a|r
1) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
2) ln Lhe navlgaLlon frame on Lhe lefL selecL ?#@ *,&+1
3) Cllck on Lhe =+#,2# ?#@ *,&+ buLLon
4) LnLer Lhe name for Lhe key palr and Lhen cllck =+#,2#
3) ?ou wlll Lhen be prompLed Lo download and save Lhe prlvaLe key flle Lo your local drlve.


Important
uo noL lose Lhe prlvaLe key you have downloaded. 1he key palr ls useless for auLhenLlcaLlon lf you do noL
have Lhe prlvaLe half.

" Create a Secur|ty Group
1) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
2) ln Lhe navlgaLlon frame on Lhe lefL selecL 8#3/+&2@ A+5/"1
3) Cllck on Lhe =+#,2# 8#3/+&2@ A+5/" buLLon
4) LnLer a name and uescrlpLlon for Lhe SecurlLy Croup and Lhen cllck Lhe B#1C =+#,2# buLLon

Cnce Lhe SecurlLy Croup has been creaLed you can Lhen add rules Lo Lhe SecurlLy Croup Lo allow
access Lo your lnsLances over Lhe requlred porLs. lor example, lf you are creaLlng a Llnux server, you
wlll need Lo open porL 22 so you can SSP Lo your lnsLance or, for Wlndows, you wlll need Lo open
porL 3389 so you can 8u Lo your server. lf lnsLalllng an SA sysLem wlLh sysLem number = 00 you
wlll need Lo open porL 3200 Lo allow access vla SAgul.

1o add a rule Lo your newly creaLed SecurlLy Croup.
1) SelecL your SecurlLy Croup ln Lhe llsL
2) Cllck on Lhe 0$D5/$% Lab ln Lhe boLLom half of Lhe wlndow
3) SelecL one of Lhe predeflned rules from Lhe llsL or selecL =/125: E=*FGH*F0=I* rule
4) lf creaLlng a cusLom rule enLer Lhe porL range (e.g. 3200 )
lmplemenLlng SA SoluLlons on Amazon Web Servlces


13

3) ln Lhe Source fleld you can enLer a range of l address Lo llmlL Lhe l address LhaL wlll have
access
6) Cllck on !%% J/7#
7) 8epeaL sLeps 3-6 for each addlLlonal rule you would llke Lo add
8) Cllck on !""7@ J/7# =6,$-#1

llgure 1 ls an example of a SecurlLy Croup wlLh porL 22 opened for SSP access and Lhe sLandard SA
porLs opened for SACul (3200) and P11 (8000) access.


I|gure 1

" Launch a new Instance
1) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
2) ln Lhe navlgaLlon frame on Lhe lefL selecL 0$12,$3#1
3) Cllck on Lhe .,/$36 0$12,$3# buLLon
4) SelecL .,/$36 =7,11&3 K&;,+% and Lhen cllck =5$2&$/#
3) Cn Lhe L/&3M 82,+2 Lab cllck on Lhe 8#7#32 buLLon assoclaLed wlLh wlLher Lhe SuSL or 8ed PaL
64blL AMl
6) Cn Lhe currenL screen...
LnLer Lhe N/:D#+ 54 0$12,$3#1 you would llke Lo launch (usually [usL 1)
Chose Lhe 0$12,$3# E@"#
Chose whlch neLwork you wanL Lo launch your lnsLance ln !:,;5$ <=> or Amazon O*=
Chose Lhe !P,&7,D&7&2@ Q5$# you would llke Lo launch Lhe lnsLance ln


1|p
When launchlng your flrsL lnsLance lL ls recommend Lo selecL no reference" for Lhe AvallablllLy
Zone and leL AWS selecL Lhe Avallably Zone for you. Any subsequenL lnsLance should Lhen be
launch ln Lhe same AvallablllLy Zone.

7) Cn Lhe nexL screen leave Lhe defaulLs an cllck on =5$2&$/#
8) LnLer any 1ags you would llke Lo malnLaln and Lhen cllck on =5$2&$/#
?ou can speclfy up Lo 10 key/value palrs Lo help you organlze, search and browse your resources
lmplemenLlng SA SoluLlons on Amazon Web Servlces


16



1|p
?ou should malnLaln Lhe name Lag aL a mlnlmum. Addlng Lags Lo your ob[ecLs wlll make managlng
your envlronmenL much easler.



9) SelecL Lhe key alr you creaLed earller and Lhen cllck =5$2&$/#
10) SelecL Lhe SecurlLy Croup you creaLed earller and Lhen cllck =5$2&$/#
11) 8evlew Lhe selecLlons and Lhen cllck on .,/$36

?our lnsLance wlll Lake abouL 3-10 mlnuLes Lo launch. uurlng Lhls Llme Lhe lnsLance wlll go
Lhrough a few phases whlch are vlslble ln Lhe SLaLus fleld wlLhln Lhe AWS ManagemenL Console.
pend|ng - Lhe vlrLual server ls ln Lhe process of sLarLlng
runn|ng - Lhe vlrLual server has sLarLed. 1he sysLem may noL be lmmedlaLely accesslble
when Lhe sLaLus flrsL changes Lo runnlng. 1hls ls because Lhe operaLlng sysLem ls sLlll
booLlng. ?ou can check Lhe sLaLus of Lhe operaLlng sysLem by rlghL cllcklng on Lhe lnsLance
and selecLlng 0"# 1&%#"2 3'+4 A wlndow wlll open dlsplaylng Lhe sysLem log where you can
Lhen check Lhe sLaLus of Lhe operaLlng sysLem.


" Connect|ng to your new Instance
AfLer you have launched your lnsLance and lL has flnlshed sLarLlng you can Lhen log lnLo Lhe lnsLance
vla SSP

lor lnformaLlon abouL connecLlng Lo L|nux lnsLances, please read secLlon ConnecL Lo ?our
Llnux/unlx lnsLance ln Lhe 5267'( 896%#*$ :'2;<#" :9'<= 0"##*(+ 1#6-#"= 0<*=".

" Sett|ng the hostname
2) lrom Lhe shell prompL sLarL - yasL
3) navlgaLe Lo N#295+M H#P&3#1 -> N#295+M 8#22&$-1 (press enLer)
lmplemenLlng SA SoluLlons on Amazon Web Servlces


17

4) SelecL R512$,:#FHN8 ln Lhe menu
3) Change Lhe values of Lhe R512$,:# and H5:,&$ N,:# flelds as requlred
6) uncheck =6,$-# R512$,:# P&, HR=*
7) l10 (Lo save)
8) l9 (Lo exlL)

?ou can rebooL Lhe CS Lo conflrm LhaL Lhe hosLname change ls permanenL. LxecuLe a rebooL" from
Lhe prompL Lo rebooL Lhe CS. ?ou can conLlnue on Lo Lhe nexL secLlon whlle you are walLlng for Lhe
CS Lo resLarL.

" Create L8S Vo|umes
Lach Amazon LC2 lnsLances comes wlLh a cerLaln amounL of lnsLance sLorage LhaL ls lncluded ln Lhe
hourly cosL of Lhe lnsLance. 1hls lnsLance sLorage ls ephemeral, meanlng LhaL lL only exlsLs for Lhe
llfe of Lhe lnsLance and ls noL perslsLenL lf Lhe lnsLance ls shuLdown or falls. 1hls ephemeral sLorage
should noL be used Lo sLore any componenL of an SA sysLem.

Amazon L8S provldes perslsLenL block level sLorage LhaL can be mounLed by an Amazon LC2
lnsLance and should be used Lo sLore SA & u8 sofLware, u8 log flles and u8 daLa flles.


Note
lor a small SA LesL/Lralnlng/demo sysLem a slngle L8S volume wlll provlde sufflclenL performance. lor
SA sysLems LhaL requlre maxlmum lC performance you should use mulLlple L8S and sLrlpe Lhem uslng
CS sofLware 8Alu.

1he Lable below llsLs Lhe L8S volumes you wlll creaLe ln Lhls exerclse and Lhelr lnLended use.

L8S Vo| S|ze Use Attach as
1 30 C8 SA / u8 sofLware /dev/sdf
2 10 C8 u8 Log llle /dev/sdg
3 10 C8 u8 Log llle /dev/sdh
4 10 C8 u8 Log llle /dev/sdl
3 73 C8 u8 uaLa llles /dev/sd[
6 73 C8 u8 uaLa llles /dev/sdk
7 73 C8 u8 uaLa llles /dev/sdl
8 73 C8 u8 uaLa llles /dev/sdm
9 30 C8 Swap /dev/sdn


lor each volume llsLed ln Lhe Lable above compleLe Lhe sLeps llsLed below.

1) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe Amazon <=> Lab
2) ln Lhe navlgaLlon frame on Lhe lefL selecL O57/:#1
3) LnLer Lhe slze of Lhe volume and chose Lhe AvallablllLy Zone Lhe volume should be creaLed ln.



lmplemenLlng SA SoluLlons on Amazon Web Servlces


18


Note
L8S volumes musL be creaLed ln Lhe same AvallablllLy Zone as Lhe lnsLance you plan Lo aLLach lL Lo. lf
you dld noL speclfy an AvallablllLy Zone when you launched your lnsLances, you can deLermlne whlch
AvallablllLy Zone lL ls ln by selecLlng Lhe lnsLance ln Lhe AWS ManagemenL Console and looklng aL Lhe
>'("? fleld ln Lhe boLLom frame of Lhe page.



" Attach L8S Vo|umes to Instance
AfLer you have creaLed Lhe L8S volumes you Lhen need Lo aLLach Lhem Lo your lnsLance.

lor each volume llsLed ln Lhe Lable above compleLe Lhe sLeps llsLed below.

1) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
2) ln Lhe navlgaLlon frame on Lhe lefL selecL O57/:#1
3) 8lghL cllck on Lhe volume you [usL creaLed and selecL !22,36 O57/:#
4) A llsL of all lnsLances ln Lhe same AvallablllLy Zone as Lhe volume wlll be dlsplayed. SelecL Lhe
lnsLance you wlsh Lo aLLach Lhe volume Lo.
3) ln Lhe H#P&3# flled enLer Lhe devlce name ln Lhe ALLach as" fleld ln Lhe Lable above for each
respecLlve volume.
6) Cllck on Lhe !22,36 buLLon

" Iormat and Mount Vo|umes
AfLer you have aLLached Lhe volume Lo Lhe lnsLance you can log lnLo Lhe lnsLance and formaL and
mounL Lhe volume uslng Lhe sLandard procedures for your operaLlng sysLem.

Create ]usr]sap f||e system

1) CreaLe dlrecLory
prompt> mkdir /usr/sap

2) lormaL devlce
prompt> mkfs.ext3 /dev/sdf

3) MounL flle sysLem
prompt> mount /dev/sdf /usr/sap

4) Add enLry Lo /eLc/fsLab
/dev/sdf /usr/sap ext3 defaults 0 0


lmplemenLlng SA SoluLlons on Amazon Web Servlces


19

Create swap f||e system

1) lormaL devlce
prompt> fdisk /dev/sdn

Enter 'n' (create new partition)
Enter 'p' (primary)
Partition number (1-4): Enter '1'
First cylinder: press enter to accept the default
Last cylinder: press enter to accept the default
Enter 't' (set the partition type)
Enter '82' (Linux swap)
Enter 'w' (write the changes)

2) CreaLe swap area on devlce
prompt> mkswap /dev/sdn1

3) Add enLry Lo /eLc/fsLab
/dev/sdn1 swap swap defaults 0 0

4) Lnable devlce for swapplng
prompt> swapon -a

3) Conflrm swap has been creaLed and ls onllne
prompt> free

total used free shared buffers cached
Mem: 7889436 526804 7362632 0 12200 222588
-/+ buffers/cache: 292016 7597420
Swap: 10482372 0 10482372


Create D8 Log str|ped f||e system

1) CreaLe dlrecLory
prompt> mkdir /sapdb/log

2) CreaLe speclal devlce
prompt> mknod /dev/md0 b 9 5

3) CreaLe 8Alu-0 group
prompt> mdadm --create /dev/md0 -v --raid-devices=3 --chunk=32 --
level=raid0 /dev/sdg /dev/sdh /dev/sdi

4) lormaL flle sysLem
prompt> mkfs.ext3 /dev/md0

3) MounL flle sysLem
prompt> mount /dev/md0 /sapdb/log o noatime
lmplemenLlng SA SoluLlons on Amazon Web Servlces


20


6) Add Lhe below enLry Lo Lhe /eLc/fsLab flle
/dev/md0 /sapdb/log1 ext3 defaults,noatime 0 0

7) CreaLe /eLc/mdadm.conf flle
prompt> mdadm --misc --detail --brief /dev/md0

CuLpuL from above command
ARRAY /dev/md0 level=raid0 num-devices=3
UUID=f06414c0:39e569bb:a4e94613:1aa6b923 devices /dev/sdg,/dev/sdh
,/dev/sdi

lrom Lhe above ouLpuL creaLe Lhe ]etc]mdadm.conf flle
prompt> echo "DEVICE /dev/sdg /dev/sdi /dev/sdi" >> /etc/mdadm.conf

prompt> echo "ARRAY /dev/md0 level=raid0 num-devices=3
UUID=f06414c0:39e569bb:a4e94613:1aa6b923" >> /etc/mdadm.conf


Create D8 Data str|ped f||e system


1) CreaLe dlrecLory
prompt> mkdir /sapdb/data

2) CreaLe speclal devlce
prompt> mknod /dev/md1 b 9 5

3) CreaLe 8Alu-0 group
prompt> mdadm --create /dev/md1 -v --raid-devices=4 --chunk=32 --
level=raid0 /dev/sdj /dev/sdk /dev/sdl /dev/sdm

4) lormaL flle sysLem
prompt> mkfs.ext3 /dev/md1

3) MounL flle sysLem
prompt> mount /dev/md0 /sapdb/data o noatime

6) Add Lhe below enLry Lo Lhe ]etc]fstab flle
/dev/md0 /sapdb/data ext3 defaults,noatime 0 0

1) CreaLe /eLc/mdadm.conf flle
prompt> mdadm --misc --detail --brief /dev/md1

CuLpuL from above command
ARRAY /dev/md0 level=raid0 num-devices=4
UUID=g05436c0:39e569bb:a4e94613:1aa6b923 devices /dev/sdj,/dev/sdk
,/dev/sdl,/dev/sdm
lmplemenLlng SA SoluLlons on Amazon Web Servlces


21


lrom Lhe above ouLpuL add second enLry Lo Lhe ]etc]mdadm.conf flle
DEVICE /dev/sdg /dev/sdh /dev/sdi
DEVICE /dev/sdj /dev/sdk /dev/sdl /dev/sdm

ARRAY /dev/md0 level=raid0 num-devices=3 UUID=f06414c0:39e569bb:a4e94613:1aa6b923
ARRAY /dev/md1 level=raid0 num-devices=4 UUID=g05436c0:39e569bb:a4e94613:1aa6b923

2) 1urn on booL.md
prompt> chkconfig boot.md on


" Insta|| SA System
Cnce you have your new lnsLance up and runnlng wlLh Lhe requlred sLorage formaLLed and
mounLed, you are now ready Lo lnsLall Lhe SA sysLem.

8efore proceedlng wlLh Lhe SA lnsLallaLlon make sure you have read and undersLand Lhe 8"#3&,7
=5$1&%#+,2&5$1 45+ 8!* 1@12#:1 5$ !K8 secLlon of Lhls documenL. ?ou can Lhen proceed wlLh Lhe
lnsLallaLlon of Lhe SA sysLem ln Lhe same manner as you would on any oLher physlcal or vlrLual
server. As always, you should follow Lhe procedures documenLed ln Lhe SA MasLer and lnsLallaLlon
Culdes speclflc Lo Lhe soluLlon you are lnsLalllng.

" Create AMI
Cnce you have compleLed Lhe lnsLallaLlon of Lhe SA sysLem, you can creaLe an AMl of Lhe lnsLance
whlch can laLer be used Lo launch addlLlonal coples of Lhe sysLem or Lo recover Lhe sysLem lf Lhe
lnsLance falls.

1) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
2) ln Lhe navlgaLlon frame on Lhe lefL selecL 0$12,$3#
3) 8lghL cllck on Lhe lnsLance you [usL creaLed and selecL =+#,2# 0:,-#
4) LnLer an @26+" A62" and an @26+" B"%$-*;#*'( and Lhen cllck on :-"6#" CD*% @26+"

lmplemenLlng SA SoluLlons on Amazon Web Servlces


22

18,A.8(-> . 2(-+$9) G-)&.-4, :$8 &', (-)&.//.&($- $: .- 0"1 )@)&,5

1hls secLlon provldes a hlgh level overvlew of Lhe process Lo creaLe and deploy Lhe requlred AWS
componenLs needed Lo lnsLall an SA soluLlon on Wlndows on AWS. lor deLalled documenLaLlon of
Amazon LC2 please refer Lo Lhe AWS LC2 CeLLlng SLarLed Culde and AWS LC2 user Culde.

erqu|s|tes
Access Lo Lhe lnLerneL
Amazon Web Servlces AccounL - CreaLe an AWS AccounL
AcLlvaLe your accounL for Amazon LC2

" Log |nto the Amazon Management Conso|e
2) uslng your AWS accounL and password log lnLo Lhe AWS ManagemenL Console -
hLLp://console.aws.amazon.com

" Create a key a|r
6) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
7) ln Lhe navlgaLlon frame on Lhe lefL selecL ?#@ *,&+1
8) Cllck on Lhe =+#,2# ?#@ *,&+ buLLon
9) LnLer Lhe name for Lhe key palr and Lhen cllck =+#,2#
10) ?ou wlll Lhen be prompLed Lo download and save Lhe prlvaLe key flle Lo your local drlve.


Important
uo noL lose Lhe prlvaLe key you have downloaded. 1he key palr ls useless for auLhenLlcaLlon lf you do noL
have Lhe prlvaLe half.

" Create a Secur|ty Group
3) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
6) ln Lhe navlgaLlon frame on Lhe lefL selecL 8#3/+&2@ A+5/"1
7) Cllck on Lhe =+#,2# 8#3/+&2@ A+5/" buLLon
8) LnLer a name and uescrlpLlon for Lhe SecurlLy Croup and Lhen cllck Lhe B#1C =+#,2# buLLon

Cnce Lhe SecurlLy Croup has been creaLed, you can Lhen add rules Lo Lhe SecurlLy Croup Lo allow
access Lo your lnsLances over Lhe requlred porLs. lor example, lf you are creaLlng a Llnux server, you
wlll need Lo open porL 22 so you can SSP Lo your lnsLance or for Wlndows you wlll need Lo open porL
3389 so you can 8u Lo your server. lf lnsLalllng an SA sysLem wlLh sysLem number = 00 you wlll
need Lo open porL 3200 Lo allow access vla SAgul.

1o add a rule Lo your newly creaLed SecurlLy Croup.
9) SelecL your SecurlLy Croup ln Lhe llsL
10) Cllck on Lhe 0$D5/$% Lab ln Lhe boLLom half of Lhe wlndow
11) SelecL one of Lhe predeflned rules from Lhe llsL or selecL =/125: E=*FGH*F0=I* rule
12) lf creaLlng a cusLom rule enLer Lhe porL range (e.g. 3200 )
13) ln Lhe Source fleld you can enLer a range of l address Lo llmlL Lhe l address LhaL wlll have
access
lmplemenLlng SA SoluLlons on Amazon Web Servlces


23

14) Cllck on !%% J/7#
13) 8epeaL sLeps 3-6 for each addlLlonal rule you would llke Lo add
16) Cllck on !""7@ J/7# =6,$-#1

llgure 1 ls an example of a SecurlLy Croup wlLh porL 3389 opened for 8u access and Lhe sLandard
SA porLs opened for SACul (3200) and P11 (8000) access.


I|gure 2


























lmplemenLlng SA SoluLlons on Amazon Web Servlces


24

" Launch a new Instance
12) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
13) ln Lhe navlgaLlon frame on Lhe lefL selecL 0$12,$3#1
14) Cllck on Lhe .,/$36 0$12,$3# buLLon
13) Choose Lhe "M|crosoft W|ndows Server 2008 k2 8ase" (64blL) AMl from Lhe llsL and Lhen cllck
on Lhe 8#7#32 buLLon




16) - Number of Instance - leave Lhe defaulL of 1"
- Ava||ab|||ty 2one - leave no reference" (see 1lp below)
- Instance 1ype - SelecL "Lxtra |arge (m1.x|arge, 1S G8)" and Lhen cllck on =5$2&$/#

lmplemenLlng SA SoluLlons on Amazon Web Servlces


23




1|p
When launchlng your flrsL lnsLance, AWS recommends LhaL you selecL no reference" for Lhe
AvallablllLy Zone, and leL AWS selecL Lhe Avallably Zone for you.

17) Cn Lhe nexL screen leave Lhe defaulLs an cllck on =5$2&$/#
18) LnLer any 1ags you would llke Lo malnLaln and Lhen cllck on =5$2&$/#
?ou can speclfy up Lo 10 key/value palrs Lo help you organlze, search and browse your resources


1|p
?ou should malnLaln Lhe name Lag aL a mlnlmum. Addlng Lags Lo your ob[ecLs wlll make managlng
your envlronmenL much easler.



lmplemenLlng SA SoluLlons on Amazon Web Servlces


26

19) SelecL Lhe key alr you creaLed earller and Lhen cllck :'(#*(<"
20) SelecL Lhe SecurlLy Croup you creaLed earller and Lhen cllck :'(#*(<"
21) 8evlew Lhe selecLlons and Lhen cllck on 36<($D

?our lnsLance wlll Lake abouL 3-10 mlnuLes Lo launch. uurlng Lhls Llme Lhe lnsLance wlll go
Lhrough a few phases whlch are vlslble ln Lhe SLaLus fleld wlLhln Lhe AWS ManagemenL Console.
pend|ng - Lhe vlrLual server ls ln Lhe process of sLarLlng
runn|ng - Lhe vlrLual server has sLarLed. 1he sysLem may noL be lmmedlaLely accesslble
when Lhe sLaLus flrsL changes Lo runnlng. 1hls ls because Lhe operaLlng sysLem ls sLlll
booLlng. ?ou can check Lhe sLaLus of Lhe operaLlng sysLem by rlghL cllcklng on Lhe lnsLance
and selecLlng 0"# 1&%#"2 3'+4 A wlndow wlll open dlsplaylng Lhe sysLem log where you can
Lhen check Lhe sLaLus of Lhe operaLlng sysLem.

" Connect|ng to your new Instance
AfLer you have launched your lnsLance and lL has flnlshed sLarLlng you can Lhen log lnLo Lhe lnsLance
vla 8emoLe ueskLop

lor lnformaLlon abouL connecLlng Lo W|ndows lnsLances, please read secLlon ConnecL Lo ?our
Wlndows lnsLance ln Lhe 5267'( 896%#*$ :'2;<#" :9'<= 0"##*(+ 1#6-#"= 0<*=".


" Sett|ng the W|ndows Computer Name

1) lrom Lhe Wlndows SLarL menu selecL !77 *+5-+,:1 -> <=>=5$4&-8#+P&3# 8#22&$-1
2) ueselecL Lhe SeL Lhe compuLer name." opLlon

lmplemenLlng SA SoluLlons on Amazon Web Servlces


27



3) lrom Lhe Wlndows SLarL menu rlghL cllck on =5:"/2#+ and Lhen selecL *+5"#+2&#1
4) ln Lhe menu on Lhe lefL cllck on !%P,$3#% 8@12#: 8#22&$-1
3) Cllck on Lab =5:"/2#+ N,:#
6) Cllck on Lhe =6,$-# buLLon
7) SeL Lhe CompuLername Lo a valld SA compuLer name (see SA noLe #611361 for addlLlonal
lnformaLlon regardlng valld SA compuLernames / hosLnames)

SLop and Lhen resLarL Lhe lnsLance Lo conflrm LhaL Lhe CompuLername change ls permanenL. ?ou
can conLlnue on Lo Lhe nexL secLlon whlle you are walLlng for Lhe lnsLance Lo sLarL.

" Create L8S Vo|umes
Lach Amazon LC2 lnsLances comes wlLh a cerLaln amounL of lnsLance sLorage LhaL ls lncluded ln Lhe
hourly cosL of Lhe lnsLance. 1hls lnsLance sLorage ls ephemeral, meanlng LhaL lL only exlsLs for Lhe
llfe of Lhe lnsLance and ls noL perslsLenL lf Lhe lnsLance ls shuLdown or falls. 1hls ephemeral sLorage
should noL be used Lo sLore any componenL of an SA sysLem.

Amazon L8S provldes perslsLenL block level sLorage LhaL can be mounLed by an Amazon LC2
lnsLance and should be used Lo sLore SA & u8 sofLware, u8 log flles and u8 daLa flles.


Note
lor a small SA LesL/Lralnlng/demo sysLem a slngle L8S volume wlll provlde sufflclenL performance. lor
SA sysLems LhaL requlre maxlmum lC performance you should use mulLlple L8S and sLrlpe Lhem uslng
CS sofLware 8Alu.

lmplemenLlng SA SoluLlons on Amazon Web Servlces


28

1he Lable below llsLs a sample L8S layouL for an SA sysLem runnlng on Wlndows / SCL Server.

L8S Vo| S|ze Dr|ve Use Attach as
1 30 C8 u:\ SA / MS SCL sofLware xvdf
2 30 C8 S:\ Swap xvdg
3 10 C8 L:\ u8 Log flle xvdh
4 73 C8 l:\ u8 uaLa flle 1 xvdl
3 73 C8 C:\ u8 uaLa flle 2 xvd[
6 73 C8 P:\ u8 uaLa flle 3 xvdk
7 73 C8 l:\ u8 uaLa flle 4 xvdl
8 73 C8 !:\ u8 uaLa flle 3 xvdm
9 73 C8 k:\ u8 uaLa flle 6 xvdn
10 300 C8 x:\ 8ackup xvdo
1able 1

lor each volume llsLed ln Lhe 1able 1 above compleLe Lhe sLeps llsLed below.

4) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
3) ln Lhe navlgaLlon frame on Lhe lefL selecL O57/:#1
6) Cllck on Lhe =+#,2# O57/:# buLLon
7) LnLer Lhe slze of Lhe volume and chose Lhe AvallablllLy Zone Lhe volume should be creaLed ln.
8) Cllck on =+#,2#


Note
L8S volumes musL be creaLed ln Lhe same AvallablllLy Zone as Lhe lnsLance you plan Lo aLLach lL Lo. lf
you dld noL speclfy an AvallablllLy Zone when you launched your lnsLances you can deLermlne whlch
AvallablllLy Zone lL ls ln by selecLlng Lhe lnsLance ln Lhe AWS ManagemenL Console and looklng aL Lhe
>'("? fleld ln Lhe boLLom frame of Lhe page.





" Attach L8S Vo|umes to Instance
AfLer you have creaLed Lhe L8S volumes you Lhen need Lo aLLach Lhem Lo your lnsLance.

lor each volume llsLed ln Lhe 1able 1 above compleLe Lhe sLeps llsLed below.

7) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
8) ln Lhe navlgaLlon frame on Lhe lefL selecL O57/:#1
9) 8lghL cllck on Lhe volume you [usL creaLed and selecL !22,36 O57/:#
lmplemenLlng SA SoluLlons on Amazon Web Servlces


29

10) A llsL of all lnsLances ln Lhe same AvallablllLy Zone as Lhe volume wlll be dlsplayed. SelecL Lhe
lnsLance you wlsh Lo aLLach Lhe volume Lo
11) ln Lhe H#P&3# flled enLer Lhe devlce name ln Lhe ALLach as" fleld ln Lhe Lable above for each
respecLlve volume
12) Cllck on Lhe !22,36 buLLon

" Iormat and Mount Vo|umes
AfLer you have aLLached Lhe volumes Lo Lhe lnsLance you can log lnLo Lhe lnsLance and formaL and
mounL Lhe volumes. lease refer Lo Lhe sLandard Wlndows documenLaLlon for managlng sLorage on
a Wlndows server.

Sample sLeps Lo conflgure aLLached sLorage and Lo creaLe new Wlndows drlves:

In|t|a||ze d|sks

1) lrom Lhe Wlndows SLarL menu rlghL cllck on =5:"/2#+ and selecL I,$,-#
2) ln Lhe lefL frame, navlgaLe Lo 8#+P#+ I,$,-#+ ST 825+,-# ST H&1M I,$,-#:#$2
3) ln Lhe boLLom rlghL frame you wlll see Lhe unallocaLed dlsks llsLed. lor each dlsk rlghL cllck and
selecL U$7&$#
4) AfLer seLLlng each dlsk Lo onllne rlghL cllck on each dlsk and selecL 0$&2&,7&;# H&1M




Create Vo|umes

1) 8lghL cllck on Lhe drlve ln Lhe drlve and selecL N#9 8&:"7# O57/:#V
lmplemenLlng SA SoluLlons on Amazon Web Servlces


30

2) Cllck on N#'2
3) Cllck on N#'2
4) SeL Lhe drlve leLLer Lo u: and Lhen cllck on N#'2
3) Leave Lhe defaulLs and cllck on N#'2
6) Cllck on llnlsh

" Insta|| SA System
Cnce you have your new lnsLance up and runnlng wlLh Lhe requlred sLorage formaLLed and mounLed
you are now ready Lo lnsLall Lhe SA sysLem.

8efore proceedlng wlLh Lhe SA lnsLallaLlon make sure you have read and undersLand Lhe 8"#3&,7
=5$1&%#+,2&5$1 45+ 8!* 1@12#:1 5$ !K8 secLlon of Lhls documenL. ?ou can Lhen proceed wlLh Lhe
lnsLallaLlon of Lhe SA sysLem ln Lhe same manner as you would on any oLher physlcal or vlrLual
server. As always you should follow Lhe procedures documenLed ln Lhe SA MasLer and lnsLallaLlon
Culdes speclflc Lo Lhe soluLlon you are lnsLalllng.

" Create AMI
Cnce you have compleLed Lhe lnsLallaLlon of Lhe SA sysLem you can creaLe an AMl of Lhe lnsLance
whlch can laLer be used Lo launch addlLlonal coples of Lhe sysLem or Lo recover Lhe sysLem lf Lhe
lnsLance falls.

3) lrom wlLhln Lhe AWS ManagemenL Console cllck on Lhe !:,;5$ <=> Lab
6) ln Lhe navlgaLlon frame on Lhe lefL selecL 0$12,$3#
7) 8lghL cllck on Lhe lnsLance you [usL creaLed and selecL =+#,2# 0:,-#
8) LnLer an @26+" A62" and an @26+" B"%$-*;#*'( and Lhen cllck on :-"6#" CD*% @26+"