SAP BASIS MADE EASY: September 2020

Wednesday 30 September 2020

How to route all traffic to one particular EC2 instance out of 2 EC2 instance in load balancer

Suppose in one of the EC2 instance out 2 EC2 instance of load balancer need to perform maintenance activity. Then all the traffic need to forward to other EC2 instance.

Practical steps:

Step 1: from the load balancer page --> instances tab --> check the status.

Step 2: Ensure that ping path in the health check is /health.

for that Navigate to Health check tab & go with option click on Edit Health Check option.

Ensure below details:

Ping protocol: HTTP

ping port : 4567

ping path = /health

Advanced Details:

timeout time for 5 seconds

interval for health check to be performed

unhealthy threshold = 2 ( if twice the health check is unhealth, then the system status will be unhealth)

healthy threshold =5 if the health check result is healthy for last 5 checks, then system is healthy as per the health checks.

Step 3:

For some maintenance activity, to make EC2 instance status as Not health follow below link in the browser.

DNS link/health/flip

Then the result will be Not healthy as shown below:

Step 4:

Then move back to link: DNS link/health (as shown below), it will still display status as health. Because of another health EC2 instance and if you refresh it again Not healthy from unhealthy EC2 instance. Meaning load balancing is still working.

Step 5:

After some refresh time. the status in instances tab will changes to Outofservice. Because of step3 process.

Step 6:

perform all the maintenance activities that need perform on unhealthy EC2 instance.

Step 7: Make the EC2 instance back to healthy( in service) status.

Now using public ip with port 4567 make it healthy again.

<public_ip>:4567/health/flip

Step 8:

As for the health check rules.for every 10 sec and 5 times of check (i.e., 50 sec) the status of EC2 will changes back to in service again.

step9:conformation screen.

Sunday 27 September 2020

Classic load balancer

Even though it is old version of load balancer many AWS users are still using these one.

From EC2 instance launch page, Navigate to load balancer option.

Click on Create Load Balancer.

Click on create for Classic load balancer

Then the below screen will prompts.

Provide details:

from the below screen shot:

1.Load Balancer name: <just description for the load balancer>

2. Provide VPC details: here i am selecting default VPC.

3. Create an internal load balancer - if the check box is enable the load balancer will work for the private network. Vice versa disable the check box to make load balancer for public network.
4.Enable advanced VPC configuration: is to configure load balance for subnet VPC.

5. Add button: To enable ports for new protocol.

6.Portion 6 in the below screen: for load balancer protocol and respective port number.

7. Portion 7 in the below screen: is protocol and port number of EC2 instance.

Assign security groups:

1. in between Create a new security group and select an existing security group options, select based on you own requirement.

if No security group are available, select create a new security group option.

2.provide security group name and description for the security group.

3.provide protocol info, by clicking on the Add rule button.

Click on Next

3. Configure security settings: improve your load balancer's security, by using either HTTPS or the SSL protocol for your front-end connection.

Configure Health Check:

your load balancer will automatically perform health checks on your EC2 instances and only route traffic to instances that pass the health check. if an instance fails the health check, it is automatically removed from the load balancer. customize the health check to meet your specific needs.

Add EC2 instances:

The table below lists all your running EC2 instances. Check the boxes in the select column to add those instances to this load balancer.

1. Select the required EC2 instance for load balancing to load balancer.

2.Enable cross Zone load balancing: if the EC2 instances are available in 2 Availability zone, then need to enable this check box.

Enable connection Draining: connection health check for the EC2 instances, if the EC2 instance is not connect to load balancer with in 300 seconds. then the load balancer will treat EC2 is unhealthy.

Finally check on Next.

Add tags:

tags are used for better description of EC2 instances.

Add tags based on your own requirements.

Here i'm not adding any tags. Click on Next.

Review:

review all the parameters provided for the creation of load balancer so far. Finally Click on Create.

Conformation screen looks like below, Click on the load balancer name as shown below.

DNS name can obtain here: with this DNS name can access application.

Copy the DNS name and paste in browser to check load balancing

Friday 25 September 2020

CUA configuration

Why do we need CUA?

To manage large and similar user exist in many system in the landscape. This tool help us to manage all the user master record centrally from one client of the system.

Business Benefits:

1. In multiclient environment, Administration made easy (ECC PRD,CRM PRD,SRM PRD).

2. While doing user Audit, consolidation of users time will be reduced.

3. Continues backup of user master data is available in child systems.

4. Flexibly on user master data maintenance (global/local).

5. Security enhanced(centrally).

6. Authorization audits can be done in any child systems, in case of any issues.

7. Short time to create user in one landscape & maintenance.

Step 1: creation of system users

Users before CUA configuration:

Creating CUADMIN user.

Provide user type as system user and password deatails.

Here client 000 is central client

(roles in the central system)
SAP_BC_USR_CUA_CENTRAL
SAP_BC_USR_CUA_CENTRAL_BDIST
SAP_BC_USR_CUA_CENTRAL_EXTERN