Transcription
Cisco Lean Retail SAP ERPApplication Deployment GuideCisco Validated DesignApril 14, 2008Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAhttp://www.cisco.comTel: 408 526-4000800 553-NETS (6387)Fax: 408 527-0883Text Part Number: OL-16516-01
Cisco Validated DesignThe Cisco Validated Design Program consists of systems and solutions designed, tested, anddocumented to facilitate faster, more reliable, and more predictable customer deployments. For moreinformation visit www.cisco.com/go/validateddesigns.ALL DESIGNS, SPECIFICATIONS, STATEMENTS, INFORMATION, AND RECOMMENDATIONS (COLLECTIVELY,"DESIGNS") IN THIS MANUAL ARE PRESENTED "AS IS," WITH ALL FAULTS. CISCO AND ITS SUPPLIERS DISCLAIMALL WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE WARRANTY OF MERCHANTABILITY, FITNESS FOR APARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADEPRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL,CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS ORDAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THE DESIGNS, EVEN IF CISCO OR ITS SUPPLIERSHAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.THE DESIGNS ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS ARE SOLELY RESPONSIBLE FOR THEIRAPPLICATION OF THE DESIGNS. THE DESIGNS DO NOT CONSTITUTE THE TECHNICAL OR OTHER PROFESSIONALADVICE OF CISCO, ITS SUPPLIERS OR PARTNERS. USERS SHOULD CONSULT THEIR OWN TECHNICAL ADVISORSBEFORE IMPLEMENTING THE DESIGNS. RESULTS MAY VARY DEPENDING ON FACTORS NOT TESTED BY CISCO.CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live,Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP,CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco SystemsCapital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow MeBrowsing, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ NetReadiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet,PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, andTransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partnerdoes not imply a partnership relationship between Cisco and any other company. (0612R)Cisco Lean Retail SAP ERP 2007 Cisco Systems, Inc. All rights reserved.
C O N T E N T SIntroductionOverview1-11-2SAP Overview 1-3SAP Business Suite 1-3Pre-NetWeaver—Standalone Middleware Applications 1-3NetWeaver 2004—Integration Platform 1-4NetWeaver 7.0/NetWeaver 2004s—Composition Platform 1-4NetWeaver 7.1—Business Process Platform 1-5Summary 1-6SAP Server Technology and Data Flows 1-6SAP Web Application Server 1-7Client-Server Flows 1-7Server-to-Server Flows 1-8SAP Server Scaling 1-8Server Load-Balancing with Cisco ACE 1-10Data Center Design 1-10SAP Portal Design 1-10Infrastructure Consolidation with Virtualization 1-13Security and Server Load-Balancing Integration 1-15Segmenting Security and Load Balancing with Roles-Based Access ControlSegmenting Content Owners with Roles-Based Access Control 1-18Virtualization Design Considerations 1-19Cisco ACE Module Implementation and ConfigurationAdmin Context Setup 1-22Baseline User Context Configuration 1-22Security 1-23Server Farms 1-24Basic Load Balancing 1-24Health Monitoring 1-25Health Monitoring for Web Services 1-26Session Persistence 1-27Source IP Persistence 1-27Cookie Persistence 1-281-161-21Cisco Lean Retail SAP ERP Application Deployment GuideOL-16516-01i
ContentsDynamic Cookie Learning 1-29Tuning the HTTP Header Parsing 1-30SSL Termination 1-31HTTP Header Rewrite (Cisco ACE 2.0) 1-32HTTP Header Insert 1-33Persistence Rebalance 1-33Redirect Server 1-33Impact of TCP Reuse and SSL Termination on Server CPUBackend Encryption 1-34SSL Reuse (Cisco ACE 2.0) 1-35TCP Reuse 1-36Source NAT for TCP Reuse 1-37Monitoring TCP Reuse 1-38WAN Tuning with Cisco ACE 1-38Optimization Summary 1-391-34Application Security and Monitoring 1-40Application Security with the Cisco ACE XML Gateway 1-41Server Monitoring and Troubleshooting 1-43Cisco NAM Setup—Initial Cisco NAM Configuration 1-45WAN Optimization for SAP 1-46SAP Application Performance Analysis 1-46Cisco WAAS Testing with SAP 1-48Test 1: Login-Logout 1-48Test 2: Knowledge Management 1-51Test 3: Technical Document ManagementTest 4. Customer Fact Sheet 1-54WAN Testing Summary 1-55WAAS Configuration Summary 1-56Summary and Conclusions1-531-57Cisco Lean Retail SAP ERP Application Deployment GuideiiOL-15493-01
Cisco Lean Retail SAP ERPApplication Deployment GuideIntroductionThe Cisco Lean Retail SAP ERP solution provides best practices and implementation guidance thatoptimizes application availability, performance, and security while lowering application ownershipcosts. Cisco's Lean Retail Architecture provides accelerated application performance and improvedaccess to information. Data center-based applications and hosted managed services can have theirperformance accelerated to LAN-like speeds. SAP's core business application, Enterprise ResourcePlanning (ERP), is a business suite that helps retailers manage their inventory, supplier relationships andcustomer relationships.Cisco's Lean Retail Architecture includes: Application and collaboration services Integrated networking services Reference network designsA key Lean Retail integrated network service is the Application Networking Service (ANS). Thissolution focuses on the ANS components of Cisco Application Control Engine (Cisco ACE) and WideArea Application Services (WAAS) product families. It provides data center, retail store, and remote enduser application optimization services. This collaboration between SAP and Cisco addresses thefollowing SAP Business Suite and NetWeaver deployment challenges: Reduced capital and operational costs for applications, servers, and networking Recovery time objectives (RTO) and recovery point objectives (RPO) for business continuity Application response time over limited WAN connections Application, server, network, and service-oriented architecture (SOA) securityThe value of the Cisco Lean Retail is accomplished through four key benefits: Application Availability—When an application server fails in a store only that store is impacted.When an application fails in a data center, many stores are impacted. A core tenet of Cisco's LeanRetail Architecture is the centralization of application services. Through server virtualization andCorporate Headquarters:Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USACopyright 2008 Cisco Systems, Inc. All rights reserved.
Overviewload balancing, greater application uptime is achieved. Virtualized server resources in the datacenter leverage clustering and load balancing to share and distribute load across a larger pool ofresources. A single failure does not impact overall accessibility of the application users. Performance Improvement—Traditionally, retailers use low bandwidth links. Many retailers havehundreds to thousands of stores. The incremental addition of WAN bandwidth per store significantlyincreases OPEX costs due to economies of scale. Retailers get more for less through the use ofvirtualized servers, load balancing and WAAS. Performance is significantly improved for the enduser (both in stores and across the web). Servers are more fully utilized when loads are balancedacross larger clusters. WAN performance is improved by locally caching content and acceleratingthe TCP protocol. Increased Security—Retailers need to comply with industry and regulatory requirements (e.g., PCI,HIPPA, and SOX), to avoid fines and penalties. Security features including encryption,segmentation and authentication address many of these requirements. The Cisco ACE appliesstateful inspection rules that explicitly allow or deny specified traffic patterns. The Cisco ACE alsouses role based access control to give independent access to both security and load-balancingpolicies. The Cisco ACE XML Gateway provides a full Layer-7 proxy and includes integrated XMLsecurity for web services transactions. Lowering Application ownership costs—Many retailers have hundreds to thousands of stores.Typically they have several servers in each store. For both existing and new applications, theincremental costs per store are significant. By removing servers from the stores, retailers are able toreduce OPEX costs on average of 16% 1.Deploying new applications and capabilities quickly and effectively are key IT metrics that improve anorganization’s business agility. The Cisco Lean Retail enables more applications to be deployedcentrally, cutting down significantly on the time and cost of deployment. Deploying centrally alsoreduces the costs of opening new stores and of integrating acquisitions. While many Retailers willchoose to deploy some applications in the stores, the Cisco Lean Retail improves the capabilities of acentral deployment model. To learn more about the Cisco Lean Retail Architecture, refer etail.htmlOverviewRetailers look at optimization solutions whenever there is an imminent change ahead-such as a softwareupgrade-or when a new application is coming on line. It might be a new portal deployment that requiresload-balancing or a security policy requiring end-to-end Secure Socket Layer (SSL) support. The WANis often the biggest consideration when applications change, as bandwidth availability is so limited whendealing with retail's with issues of scale. Changing from an SAPGUI interface to a web browser, forexample, can increase bandwidth usage ten-fold. To understand the kinds of changes and upgrades takingplace within SAP deployments, it is helpful to understand the SAP application environment and how ithas grown over the years. The following section describes the evolution of SAP software, both thebusiness suite and the NetWeaver middleware which supports it.1. Gartner: Server consolidation can save money 12/2005Cisco Lean Retail SAP ERP Application Deployment Guide2OL-16516-01
SAP OverviewSAP OverviewThis section summarizes the SAP application environment. It describes this software architecture in thefollowing sections: SAP Business Suite, page 3 Pre-NetWeaver—Standalone Middleware Applications, page 3 NetWeaver 2004—Integration Platform, page 4 NetWeaver 7.0/NetWeaver 2004s—Composition Platform, page 4 NetWeaver 7.1—Business Process Platform, page 5SAP Business SuiteSAP’s core business application is Enterprise Resource Planning (ERP). It originated in the 1970s asmainframe-based financial accounting software called R/1, and later R/2, where the R stands forreal-time data processing. By the 1980s, SAP released its second generation mainframe software R/2which achieved broad market acceptance for business process automation. Then came the thirdgeneration of software, R/3, which provided a client-server approach using a three-tiered architecture ofdatabase, application, and user interface. This introduced relational databases, a graphical user interface,and the ability to run on many different platforms.Figure 1SAP Business SuitesProduct Lifecycle Management(PLM)Supply Chain Management (SCM)Supplier Relationship Management (SRM)Customer Relationship Management (CRM)223107Enterprise ResourcePlanning (ERP)Since then, SAP has branched out into related business process applications including ProductLifecycle Management (PLM), Supply Chain Management (SCM), Supplier Relationship Management(SRM), and Customer Relationship Management (CRM). These solutions have been further customizedacross various industry verticals, such as education, finance, Manufacturing, and the like.Pre-NetWeaver—Standalone Middleware ApplicationsTo support these applications, SAP designed various middleware solutions. In SAP terminology, theseare not applications so much as technology—the technical underpinnings used to deploy the businesssuite. This technology was originally released as separate components, as follows: Web Application Server (WebAS)—The ABAP/J2EE platform all SAP applications run on(described in more detail below). Mobile Engine (ME)—Now called the mobile infrastructure (MI), provides support for mobiledevices like PDAs through a Java client that connects back to a WebAS.Cisco Lean Retail SAP ERP Application Deployment GuideOL-16516-013
SAP Overview Enterprise Portal (EP)—Integrates access to multiple applications and customizes the view based ona user’s identity. Business Intelligence (BI)—A tool for advanced data analysis and reporting; also known as thebusiness information warehouse (BW). Exchange Infrastructure (XI)—Enables cross-system processes between different applications, suchas SAP, non-SAP, ABAP-based, Java-based, and the like. This was later renamed Process Integration(PI) toward the end of 2007.NetWeaver 2004—Integration PlatformThe first release of NetWeaver is referred to as the Integration Platform because it brings together themultiple middleware programs under the NetWeaver umbrella. Each of the middleware applicationslisted above had its own release cycle and interdependencies creating a cost of ownership issue. Toimprove this SAP took all of the above components (WebAS, ME, EP, BI, and XI) and integrated theminto NetWeaver 2004. This package also introduced new technology including:Note Knowledge Management (KM)—A framework in EP for document sharing, rating, and updating. Master Data Management (MDM)—A solution for consolidating and harmonizing data frommultiple systems. Composite Application Framework—Applications built by combining multiple existing functionsinto a new application using web services. This is the first tool for building composites.Each of these functions—while integrated into NetWeaver 2004—is still a standalone application. Theremight be an entire farm of servers just for BI, for example.NetWeaver 7.0/NetWeaver 2004s—Composition PlatformOriginally called NetWeaver 2004s, NetWeaver 7.0 provides some updates to the various middlewarecomponents described above, but is primarily about enabling a Service-Oriented Architecture (SOA). Itincludes tools for provisioning web services, either to generate web services within applications or toprovide interfaces to older systems that cannot support web services natively. It also includes EnterpriseService Repository (ESR) for storing services and a composition tool so you can take those services andcompose applications from them. As such, NetWeaver 7.0 is referred to as the composition platform, aplatform for development of xApps, which are SAP composite applications that combine web servicesand data from multiple systems. See Figure 2.Cisco Lean Retail SAP ERP Application Deployment Guide4OL-16516-01
SAP OverviewFigure 2NetWeaver 2004s-based Development PlatformPortalRenderingDevicesmySAP 2005SAPxAppsOfficePartnerxAppsRFIDCustomxAppsSAP NetWeaver 2004sOtherAppsCRMERMSCM.Application ec6bNetWeaver 7.1—Business Process PlatformWith NetWeaver 7.1, SAP introduces enterprise SOA, making SOA easier to use by applying businesslogic to the web services that are developed. SOA by itself could theoretically mean exposing everyprogram as services, but this would be unwieldy and difficult to use. The services must be exposed atthe correct level to a business process architect who might not understand the program underneath. ThusNetWeaver 7.1 is referred to as the business process platform because it business enables web services,where an enterprise service is an interface to a set of tasks that fit a specific business objective. SeeFigure 3.Cisco Lean Retail SAP ERP Application Deployment GuideOL-16516-015
SAP Server Technology and Data FlowsMigration to Enterprise-oriented SOA Development EnvironmentWeb Services - SOAEnterprise SOACancelOrderCancelOrderSendnotificationDelete CancelInvoicing Manually built Not guaranteed to work No governanceChaos Business semantics Productized Unified repositoryIntegrity223109Figure 3Source: SAP TechEd 2007 SOA 101SummaryIn summary, SAP has a suite of business applications complemented by NetWeaver middleware. Overthe last several years, NetWeaver has evolved from the integration of middleware applications to anenterprise SOA platform that provides for rapid development of composite applications. Thesecomposite applications armed with right-sized enterprise services make it possible to rapidly improvebusiness processes and be more responsive to market demands.SAP Server Technology and Data FlowsThis section provides a technical overview of the SAP server architecture and describes how it relatesto a server load-balancing solution. The following topics are addressed: SAP Web Application Server, page 7 Client-Server Flows, page 7 Server-to-Server Flows, page 8 SAP Server Scaling, page 8 Server Load-Balancing with Cisco ACE, page 10Cisco Lean Retail SAP ERP Application Deployment Guide6OL-16516-01
SAP Server Technology and Data FlowsSAP Web Application ServerThe foundation for SAP applications is the SAP Web Application Server (WebAS). It is the set ofprograms and tools which interface with the operating system, database, communication protocols andpresentation interfaces. This software enables SAP applications to have the same functionality and workthe same way no matter what operating system is installed and whatever database is used. The webserver is also integrated into the application server so SAP does not rely on other web servers such asIIS or Apache. WebAS runs on most operating systems such as Windows, Linux, and AIX. It maintainsdatabase independence by using Open SQL/SQLJ to interface with various databases such as MicrosoftSQL Server, MySQL, IBM DB2, and Oracle. Also note that each SAP application generally has its owndatabase. For example, a production system landscape composed of SAP ERP, BI, and CRM wouldconsist of three separate databases.WebAS uses two types of programming languages, either Advanced Business Application Programming(ABAP), Java 2 Platform, Enterprise Edition (J2EE) or both. ABAP is the original programminglanguage created by SAP and is similar to COBOL. Java was introduced more recently. ABAP tends tobe used more on the business applications, like ERP, while Java is typical for middleware componentslike the SAP Enterprise Portal. ABAP and J2EE can be installed alone or together as a dual stack.Figure 4 illustrates the components of a dual-stack SAP Web AS and some of the common data flowswith typical clients and application servers.SAP Communications PatternsSAPGUI (ABAP)Java ServerProcessesHTTP (J2EE)SAP Web ASRFCGatewayABAP WorkProcessesHTTP BAP WorkProcessesDatabaseDispatcherQueueJava ServerProcessesSDMICMJCoRFCWebServicesJava ServerProcessesJava223110Figure 4DatabaseClient-Server FlowsSAPGUI clients are exclusively ABAP and are received by the ABAP dispatcher listening to port 32xx.The dispatcher then forwards the request to the best available ABAP work process. ABAP-based webCisco Lean Retail SAP ERP Application Deployment GuideOL-16516-017
SAP Server Tech
Cisco Lean Retail SAP ERP Application Deployment Guide OL-16516-01 Overview load balancing, greater application uptime is achieved. Virtualized server resources in the data center leverage clustering and load balancing to share and distribute load across a larger pool of resources.
