Configure RHEL 7/8/9 for SAP
Important
In the following steps, you need to update several configuration files. We recommend taking a backup of the files before you modify them. This will help you to revert to the previous configuration if needed.
To configure RHEL 7/8/9 for SAP
-
After your instance is up and running, connect to the instance by using Secure Shell (SSH) and the key pair that you used to launch the instance.
Note
Depending on your network and security settings, you might have to first connect by using SSH to a bastion host before accessing your SAP HANA instance, or you might have to add IP addresses or ports to the security group to allow SSH access.
-
Switch to root user.
Alternatively, you can use sudo to execute the following commands as ec2-user.
-
Set a hostname for your instance by executing the
hostnamectlcommand and update the/etc/cloud/cloud.cfgfile to ensure that your hostname is preserved during system reboots.#hostnamectl set-hostname --staticyour_hostname#echo "preserve_hostname: true" >> /etc/cloud/cloud.cfgOpen a new session to verify the hostname change.
-
Add an entry to the
/etc/hostsfile with the new hostname and IP address.ip addresshostname.example.comhostnameEnsure that the packages listed in the following SAP Notes (SAP portal access required) are installed:
Note that your instance should have access to the SAP HANA channel to install libraries requires for SAP HANA installations.
You can use the
rpmcommand to check whether a package is installed:#rpm -qipackage_nameYou can then install any missing packages by using the
yum –y installcommand.#yum -y installpackage nameNote
Depending on your base RHEL image, additional packages might be required to ensure that your instance is optimally setup. (You can skip this step if you are using the RHEL for SAP with HA & US image.) For the latest information, refer to the RHEL configuration guide that is attached to SAP OSS Note 2009879
. Review the packages in the Install Additional Required Packages section and the Appendix–Required Packages for SAP HANA on RHEL 7 section. -
Ensure that your instance is running on a kernel version that is recommended in SAP OSS Note 2292690
, 2777782 , and 3108302 . If needed, update your system to meet the minimum kernel version. You can check the version of the kernel and other packages using the following command. #rpm -qi kernel* -
Start
tuned daemonand use the following commands to set it to automatically start when the system reboots.#systemctl start tuned#systemctl enable tuned -
Configure the
tuned HANAprofile to optimize your instance for SAP HANA workloads.Check whether the
force_latencyparameter is already set in the/usr/lib/tuned/sap-hana/tuned.conffile. If the parameter is set, execute the following commands to apply and activate thesap-hanaprofile.#tuned-adm profile sap-hana#tuned-adm activeIf the
force_latencyparameter is not set, execute the following steps to modify and activate thesap-hanaprofile.#mkdir /etc/tuned/sap-hana#cp /usr/lib/tuned/sap-hana/tuned.conf /etc/tuned/sap-hana/tuned.conf#sed -i '/force_latency/ c\force_latency=70' /etc/tuned/sap-hana/tuned.conf#tuned-adm profile sap-hana#tuned-adm active -
Disable Security-Enhanced Linux (SELinux) by running the following command. (Skip this step if you are using the RHEL for SAP with HA & US image.)
#sed -i 's/\(SELINUX=enforcing\|SELINUX=permissive\)/SELINUX=disabled/g' \/etc/selinux/config -
Disable Transparent Hugepages (THP) at boot time by adding the following to the line that starts with GRUB_CMDLINE_LINUX in the
/etc/default/grubfile. Execute the following commands to add the required parameter and to re-configure grub (Skip this step if you are using the RHEL for SAP with HA & US image.)#sed -i '/GRUB_CMDLINE_LINUX/ s|"| transparent_hugepage=never"|2' /etc/default/grub#cat /etc/default/grub#grub2-mkconfig -o /boot/grub2/grub.cfg -
Add symbolic links by executing following commands. (Skip this step if you are using the RHEL for SAP with HA & US image.)
#ln -s /usr/lib64/libssl.so.10 /usr/lib64/libssl.so.1.0.1#ln -s /usr/lib64/libcrypto.so.10 /usr/lib64/libcrypto.so.1.0.1 -
Configure and start the Network Time Protocol (NTP) service. You can adjust the NTP server pool based on your requirements. The following is just an example.
Note
Remove any existing invalid NTP server pools from
/etc/ntp.confbefore adding the following.#echo "server 0.pool.ntp.org" >> /etc/ntp.conf#echo "server 1.pool.ntp.org" >> /etc/ntp.conf#echo "server 2.pool.ntp.org" >> /etc/ntp.conf#echo "server 3.pool.ntp.org" >> /etc/ntp.conf#systemctl enable ntpd.service#systemctl start ntpd.service#systemctl restart systemd-timedated.serviceTip
Instead of connecting to the global NTP server pool, you can connect to your internal NTP server if needed. Alternatively, you can also use Amazon Time Sync Service to keep your system time in sync.
-
Set clocksource to
tscby the updating thecurrent_clocksourcefile and the GRUB2 boot loader.#echo "tsc" > /sys/devices/system/clocksource/*/current_clocksource#cp /etc/default/grub /etc/default/grub.backup#sed -i '/GRUB_CMDLINE_LINUX/ s|"| clocksource=tsc"|2' /etc/default/grub#grub2-mkconfig -o /boot/grub2/grub.cfg -
For RHEL9 only, disable the LVM device persistence using the following commands.
# sed -i'.bkp' -e 's/# use_devicesfile = 0/use_devicesfile = 1/g' /etc/lvm/lvm.conf # mv /etc/lvm/devices/system.devices /etc/lvm/devices/system.devices.bkp -
Reboot your system for the changes to take effect.
-
After the reboot, log in as root and execute the
tuned-admcommand to verify that all SAP recommended settings are in place.#tuned-adm verify “tuned-adm verify” creates a log file under /var/log/tuned/tuned.log Review this log file and ensure that all checks have passed. -
Continue with storage configuration.
