SAP on Amazon High Availability Setup - SAP HANA on Amazon
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

SAP on Amazon High Availability Setup

SAP customers can fully realize the benefit of running mission-critical SAP workloads by building reliable, fault-tolerant, and highly available systems in the Amazon Cloud depending on the operating system and database. Amazon offers the use of multiple Availability Zones within an Amazon Region to provide resiliency for the SAP applications.

As part of your SAP implementation, you create an Amazon Virtual Private Cloud (Amazon VPC) to logically isolate the network from other virtual networks in the Amazon Cloud. Then, you use Amazon network routing features to direct the traffic to any instance in the VPCs or between different subnets in a VPC. Amazon VPC setup includes assigning subnets to your SAP ASCS/ERS for NetWeaver and primary/secondary nodes for the SAP HANA database. Each of these configured subnets has a classless inter-domain routing (CIDR) IP assignment from the VPC which resides entirely within one Availability Zone. This CIDR IP assignment cannot span multiple zones or be reassigned to the secondary instance in a different AZ during a failover scenario.

For this reason, Amazon allows you to configure Overlay IP (OIP) outside of your VPC CIDR block to access the active SAP instance. With IP overlay routing, you can allow the Amazon network to use a non-overlapping RFC1918 private IP address that resides outside an VPC CIDR range and direct the SAP traffic to any instance setup across the Availability Zone within the VPC by changing the routing entry in Amazon.

A SAP HANA database or SAP NetWeaver application that is protected by a cluster solution such as SUSE Linux Enterprise Server High Availability Extension (SLES HAE), RedHat Enterprise Linux HA Add-On(RHEL HA) or SIOS uses the overlay IP address assigned to ensure that the HA cluster is still accessible during the failover scenarios. Since the overlay IP address uses the IP address range outside the VPC CIDR range and Virtual Private Gateway connection, you can use Amazon Transit Gateway as a central hub to facilitate the network connection to an overlay IP address from multiple locations including Amazon VPCs, other Amazon Regions, and on-premises using Amazon Direct Connect or Amazon Client VPN.

If you do not have Amazon Transit Gateway set up as a network transit hub or if Amazon Transit Gateway is not available in your preferred Amazon Region, you can use a Network Load Balancer to enable network access to an OIP.