Install the Azure Application Consistent Snapshot tool
This article provides a guide for installation of the Azure Application Consistent Snapshot tool (AzAcSnap) that you can use with Azure NetApp Files or Azure Large Instances.
Important
Distributed installations are the only option for Azure Large Instances systems, because they're deployed in a private network. You must install AzAcSnap on each system to ensure connectivity.
The downloadable self-installer makes the snapshot tools easy to set up and run with non-root user privileges (for example, azacsnap
). The installer sets up the user and puts the snapshot tools into the user's $HOME/bin
subdirectory. The default is /home/azacsnap/bin
.
The self-installer tries to determine the correct settings and paths for all the files based on the configuration of the user who's performing the installation (for example, root). If the prerequisite steps to enable communication with storage and SAP HANA are run as root, the installation copies the private key and hdbuserstore
to the backup user's location. A knowledgeable administrator can manually take the steps to enable communication with the storage back end and SAP HANA after the installation.
Prerequisites for installation
Follow the guidelines to set up and run the snapshots and disaster-recovery commands. We recommend that you complete the following steps as root before you install and use the snapshot tools:
Patch the operating system and set up SUSE Subscription Management Tool (SMT). For more information, see Install and configure SAP HANA (Large Instances) on Azure.
Set up time synchronization. Provide a time server that's compatible with the Network Time Protocol (NTP), and configure the operating system accordingly.
Install the database. Follow the instructions for the supported database that you're using.
Select the storage back end that you're using for your deployment. For more information, see Enable communication with storage later in this article.
Either set up a system-managed identity or generate the service principal's authentication file.
When you're validating communication with Azure NetApp Files, communication might fail or time out. Check that firewall rules aren't blocking outbound traffic from the system running AzAcSnap to the following addresses and TCP/IP ports:
- (https://)management.azure.com:443
- (https://)login.microsoftonline.com:443
Enable communication with the database. For more information, see Enable communication with the database later in this article.
Set up an appropriate SAP HANA user by following the instructions in the Enable communication with the database section of this article.
After setup, you can test the connection from the command line by using the following examples. The following examples are for non-SSL communication to SAP HANA.
HANA 1.0:
hdbsql -n <HANA IP address> -i <HANA instance> -U <HANA user> "\s"
HANA 2.0:
hdbsql -n <HANA IP address> -i <HANA instance> -d SYSTEMDB -U <HANA user> "\s"
Enable communication with storage
This section explains how to enable communication with storage. Use the following tabs to correctly select the storage back end that you're using.
There are two ways to authenticate to the Azure Resource Manager using either a system-managed identity or a service principal file. The options are described here.
Azure system-managed identity
From AzAcSnap 9, it's possible to use a system-managed identity instead of a service principal for operation. Using this feature avoids the need to store service principal credentials on a virtual machine (VM). To set up an Azure managed identity by using Azure Cloud Shell, follow these steps:
Within a Cloud Shell session with Bash, use the following example to set the shell variables appropriately and apply them to the subscription where you want to create the Azure managed identity. Set
SUBSCRIPTION
,VM_NAME
, andRESOURCE_GROUP
to your site-specific values.export SUBSCRIPTION="99z999zz-99z9-99zz-99zz-9z9zz999zz99" export VM_NAME="MyVM" export RESOURCE_GROUP="MyResourceGroup" export ROLE="Contributor" export SCOPE="/subscriptions/${SUBSCRIPTION}/resourceGroups/${RESOURCE_GROUP}"
Set Cloud Shell to the correct subscription:
az account set -s "${SUBSCRIPTION}"
Create the managed identity for the virtual machine. The following command sets (or shows if it's already set) the AzAcSnap VM's managed identity:
az vm identity assign --name "${VM_NAME}" --resource-group "${RESOURCE_GROUP}"
Get the principal ID for assigning a role:
PRINCIPAL_ID=$(az resource list -n ${VM_NAME} --query [*].identity.principalId --out tsv)
Assign the Contributor role to the principal ID:
az role assignment create --assignee "${PRINCIPAL_ID}" --role "${ROLE}" --scope "${SCOPE}"
Optional RBAC
It's possible to limit the permissions for the managed identity by using a custom role definition in role-based access control (RBAC). Create a suitable role definition for the virtual machine to be able to manage snapshots. You can find example permissions settings in Tips and tricks for using the Azure Application Consistent Snapshot tool.
Then assign the role to the Azure VM principal ID (also displayed as SystemAssignedIdentity
):
az role assignment create --assignee ${PRINCIPAL_ID} --role "AzAcSnap on ANF" --scope "${SCOPE}"
Generate a service principal file
In a Cloud Shell session, make sure you're logged on at the subscription where you want to be associated with the service principal by default:
az account show
If the subscription isn't correct, use the
az account set
command:az account set -s <subscription name or id>
Create a service principal by using the Azure CLI, as shown in this example:
az ad sp create-for-rbac --name "AzAcSnap" --role Contributor --scopes /subscriptions/{subscription-id} --sdk-auth
The command should generate output like this example:
{ "clientId": "00aa000a-aaaa-0000-00a0-00aa000aaa0a", "clientSecret": "00aa000a-aaaa-0000-00a0-00aa000aaa0a", "subscriptionId": "00aa000a-aaaa-0000-00a0-00aa000aaa0a", "tenantId": "00aa000a-aaaa-0000-00a0-00aa000aaa0a", "activeDirectoryEndpointUrl": "https://login.microsoftonline.com", "resourceManagerEndpointUrl": "https://management.azure.com/", "activeDirectoryGraphResourceId": "https://graph.windows.net/", "sqlManagementEndpointUrl": "https://management.core.windows.net:8443/", "galleryEndpointUrl": "https://gallery.azure.com/", "managementEndpointUrl": "https://management.core.windows.net/" }
This command automatically assigns the RBAC Contributor role to the service principal at the subscription level. You can narrow down the scope to the specific resource group where your tests will create the resources.
Cut and paste the output content into a file called
azureauth.json
that's stored on the same system as theazacsnap
command. Secure the file with appropriate system permissions.Make sure the format of the JSON file is exactly as described in the previous step, with the URLs enclosed in double quotation marks (").
Enable communication with the database
This section explains how to enable communication with the database. Use the following tabs to correctly select the database that you're using.
If you're deploying to a centralized virtual machine, you need to install and set up the SAP HANA client so that the AzAcSnap user can run hdbsql
and hdbuserstore
commands. You can download the SAP HANA client from the SAP Development Tools website.
The snapshot tools communicate with SAP HANA and need a user with appropriate permissions to initiate and release the database save point. The following example shows the setup of the SAP HANA 2.0 user and hdbuserstore
for communication to the SAP HANA database.
The following example commands set up a user (AZACSNAP
) in SYSTEMDB on an SAP HANA 2.0 database. Change the IP address, usernames, and passwords as appropriate.
Connect to SYSTEMDB:
hdbsql -n <IP_address_of_host>:30013 -i 00 -u SYSTEM -p <SYSTEM_USER_PASSWORD>
Welcome to the SAP HANA Database interactive terminal. Type: \h for help with commands \q to quit hdbsql SYSTEMDB=>
Create the user. This example creates the
AZACSNAP
user in SYSTEMDB:hdbsql SYSTEMDB=> CREATE USER AZACSNAP PASSWORD <AZACSNAP_PASSWORD_CHANGE_ME> NO FORCE_FIRST_PASSWORD_CHANGE;
Grant the user permissions. This example sets the permission for the
AZACSNAP
user to allow for performing a database-consistent storage snapshot:For SAP HANA releases up to version 2.0 SPS 03:
hdbsql SYSTEMDB=> GRANT BACKUP ADMIN, CATALOG READ TO AZACSNAP;
For SAP HANA releases from version 2.0 SPS 04, SAP added new fine-grained privileges:
hdbsql SYSTEMDB=> GRANT BACKUP ADMIN, DATABASE BACKUP ADMIN, CATALOG READ TO AZACSNAP;
Optional: Prevent the user's password from expiring.
Note
Check with corporate policy before you make this change.
The following example disables the password expiration for the
AZACSNAP
user. Without this change, the user's password could expire and prevent snapshots from being taken correctly.hdbsql SYSTEMDB=> ALTER USER AZACSNAP DISABLE PASSWORD LIFETIME;
Set up the SAP HANA Secure User Store (change the password). This example uses the
hdbuserstore
command from the Linux shell to set up the SAP HANA Secure User Store:hdbuserstore Set AZACSNAP <IP_address_of_host>:30013 AZACSNAP <AZACSNAP_PASSWORD_CHANGE_ME>
Check that you correctly set up the SAP HANA Secure User Store. Use the
hdbuserstore
command to list the output, similar to the following example. More details on usinghdbuserstore
are available on the SAP website.hdbuserstore List
DATA FILE : /home/azacsnap/.hdb/sapprdhdb80/SSFS_HDB.DAT KEY FILE : /home/azacsnap/.hdb/sapprdhdb80/SSFS_HDB.KEY KEY AZACSNAP ENV : <IP_address_of_host>: USER: AZACSNAP
Using SSL for communication with SAP HANA
AzAcSnap uses SAP HANA's hdbsql
command to communicate with SAP HANA. Using hdbsql
allows the use of SSL options to encrypt communication with SAP HANA.
AzAcSnap always uses the following options when you're using the azacsnap --ssl
option:
-e
: Enables TLS/SSL encryption. The server chooses the highest available.-ssltrustcert
: Specifies whether to validate the server's certificate.-sslhostnameincert "*"
: Specifies the host name that verifies the server's identity. When you specify"*"
as the host name, the server's host name isn't validated.
SSL communication also requires key-store and trust-store files. It's possible for these files to be stored in default locations on a Linux installation. But to ensure that the correct key material is being used for the various SAP HANA systems (for the cases where different key-store and trust-store files are used for each SAP HANA system), AzAcSnap expects the key-store and trust-store files to be stored in the securityPath
location. The AzAcSnap configuration file specifies this location.
Key-store files
If you're using multiple system identifiers (SIDs) with the same key material, it's easier to create links into the securityPath
location as defined in the AzAcSnap configuration file. Ensure that these values exist for every SID that uses SSL.
- For
openssl
:ln $HOME/.ssl/key.pem <securityPath>/<SID>_keystore
- For
commoncrypto
:ln $SECUDIR/sapcli.pse <securityPath>/<SID>_keystore
If you're using multiple SIDs with different key material per SID, copy (or move and rename) the files into the securityPath
location as defined in the SID's AzAcSnap configuration file.
- For
openssl
:mv key.pem <securityPath>/<SID>_keystore
- For
commoncrypto
:mv sapcli.pse <securityPath>/<SID>_keystore
When AzAcSnap calls hdbsql
, it adds -sslkeystore=<securityPath>/<SID>_keystore
to the hdbsql
command line.
Trust-store files
If you're using multiple SIDs with the same key material, create hard links into the securityPath
location as defined in the AzAcSnap configuration file. Ensure that these values exist for every SID that uses SSL.
- For
openssl
:ln $HOME/.ssl/trust.pem <securityPath>/<SID>_truststore
- For
commoncrypto
:ln $SECUDIR/sapcli.pse <securityPath>/<SID>_truststore
If you're using multiple SIDs with the different key material per SID, copy (or move and rename) the files into the securityPath
location as defined in the SID's AzAcSnap configuration file.
- For
openssl
:mv trust.pem <securityPath>/<SID>_truststore
- For
commoncrypto
:mv sapcli.pse <securityPath>/<SID>_truststore
The <SID>
component of the file names must be the SAP HANA system identifier in all uppercase (for example, H80
or PR1
). When AzAcSnap calls hdbsql
, it adds -ssltruststore=<securityPath>/<SID>_truststore
to the command line.
If you run azacsnap -c test --test hana --ssl openssl
, where SID
is H80
in the configuration file, it executes the hdbsql
connections as follows:
hdbsql \
-e \
-ssltrustcert \
-sslhostnameincert "*" \
-sslprovider openssl \
-sslkeystore ./security/H80_keystore \
-ssltruststore ./security/H80_truststore
"sql statement"
In the preceding code, the backslash (\
) character is a command-line line wrap to improve the clarity of the multiple parameters passed on the command line.
Install the snapshot tools
The downloadable self-installer makes the snapshot tools easy to set up and run with non-root user privileges (for example, azacsnap
). The installer sets up the user and puts the snapshot tools into the user's $HOME/bin
subdirectory. The default is /home/azacsnap/bin
.
The self-installer tries to determine the correct settings and paths for all the files based on the configuration of the user performing the installation (for example, root). If the previous setup steps to enable communication with storage and SAP HANA were run as root, the installation copies the private key and hdbuserstore
to the backup user's location. A knowledgeable administrator can manually take the steps to enable communication with the storage back end and database after the installation.
Note
For earlier installations of SAP HANA on Azure Large Instances, the directory of preinstalled snapshot tools was /hana/shared/<SID>/exe/linuxx86_64/hdb
.
With the prerequisite steps completed, it's now possible to install the snapshot tools by using the self-installer as follows:
- Copy the downloaded self-installer to the target system.
- Run the self-installer as the root user. If necessary, make the file executable by using the
chmod +x *.run
command.
Running the self-installer command without any arguments displays help on using the installer as follows:
chmod +x azacsnap_installer_v5.0.run
./azacsnap_installer_v5.0.run
Usage: ./azacsnap_installer_v5.0.run [-v] -I [-u <HLI Snapshot Command user>]
./azacsnap_installer_v5.0.run [-v] -X [-d <directory>]
./azacsnap_installer_v5.0.run [-h]
Switches enclosed in [] are optional for each command line.
- h prints out this usage.
- v turns on verbose output.
- I starts the installation.
- u is the Linux user to install the scripts into, by default this is
'azacsnap'.
- X will only extract the commands.
- d is the target directory to extract into, by default this is
'./snapshot_cmds'.
Examples of a target directory are ./tmp or /usr/local/bin
The self-installer has an option to extract (-X
) the snapshot tools from the bundle without performing any user creation and setup. An experienced administrator can then complete the setup steps manually or copy the commands to upgrade an existing installation.
Use the easy installation of snapshot tools (default)
The installer can quickly install the snapshot tools for SAP HANA on Azure. By default, if you run the installer with only the -I
option, it does the following steps:
Create snapshot user
azacsnap
, create the home directory, and set group membership.Configure the
azacsnap
user's login~/.profile
information.Search the file system for directories to add to
$PATH
for AzAcSnap. This task allows the user who runs AzAcSnap to use SAP HANA commands, such ashdbsql
andhdbuserstore
.Search the file system for directories to add to
$LD_LIBRARY_PATH
for AzAcSnap. Many commands require you to set a library path to run them correctly. This task configures it for the installed user.Copy the SSH keys for back-end storage for AzAcSnap from the root user (the user running the installation).
This task assumes that the root user has already configured connectivity to the storage. For more information, see the earlier section Enable communication with storage.
Copy the SAP HANA connection's secure user store for the target user,
azacsnap
. This task assumes that the root user has already configured the secure user store. For more information, see the earlier section Enable communication with the database.The snapshot tools are extracted into
/home/azacsnap/bin/
.The commands in
/home/azacsnap/bin/
have their permissions set, including ownership and executable bit.
The following example shows the correct output of the installer when you run it by using the default installation option:
./azacsnap_installer_v5.0.run -I
+-----------------------------------------------------------+
| Azure Application Consistent Snapshot tool Installer |
+-----------------------------------------------------------+
|-> Installer version '5.0'
|-> Create Snapshot user 'azacsnap', home directory, and set group membership.
|-> Configure azacsnap .profile
|-> Search filesystem for directories to add to azacsnap's $PATH
|-> Search filesystem for directories to add to azacsnap's $LD_LIBRARY_PATH
|-> Copying SSH keys for back-end storage for azacsnap.
|-> Copying HANA connection keystore for azacsnap.
|-> Extracting commands into /home/azacsnap/bin/.
|-> Making commands in /home/azacsnap/bin/ executable.
|-> Creating symlink for hdbsql command in /home/azacsnap/bin/.
+-----------------------------------------------------------+
| Install complete! Follow the steps below to configure. |
+-----------------------------------------------------------+
+-----------------------------------------------------------+
| Install complete! Follow the steps below to configure. |
+-----------------------------------------------------------+
1. Change into the snapshot user account.....
su - azacsnap
2. Set up the HANA Secure User Store..... (command format below)
hdbuserstore Set <ADMIN_USER> <HOSTNAME>:<PORT> <admin_user> <password>
3. Change to location of commands.....
cd /home/azacsnap/bin/
4. Configure the customer details file.....
azacsnap -c configure --configuration new
5. Test the connection to storage.....
azacsnap -c test --test storage
6. Test the connection to HANA.....
a. without SSL
azacsnap -c test --test hana
b. with SSL, you will need to choose the correct SSL option
azacsnap -c test --test hana --ssl=<commoncrypto|openssl>
7. Run your first snapshot backup..... (example below)
azacsnap -c backup --volume=data --prefix=hana_test --frequency=15min --retention=1
Uninstall the snapshot tools
If you installed the snapshot tools by using the default settings, uninstallation requires only removing the user that you installed the commands for. The default is azacsnap
.
userdel -f -r azacsnap
Manually install the snapshot tools
In some cases, it's necessary to install the tools manually. But we recommend that you use the installer's default option to ease this process.
Each line that starts with a pound (#
) character demonstrates that the root user runs the example commands after the character. The backslash (\
) at the end of a line is the standard line-continuation character for a shell command.
As the root superuser, you can follow these steps for a manual installation:
Get the
sapsys
group ID. In this case, the group ID is1010
.grep sapsys /etc/group
sapsys:x:1010:
Create snapshot user
azacsnap
, create the home directory, and set group membership by using the group ID from step 1:useradd -m -g 1010 -c "Azure SAP HANA Snapshots User" azacsnap
Make sure the login
.profile
information for theazacsnap
user exists:echo "" >> /home/azacsnap/.profile
Search the file system for directories to add to
$PATH
for AzAcSnap. These directories are typically the paths to the SAP HANA tools, such ashdbsql
andhdbuserstore
.HDBSQL_PATH=`find -L /hana/shared/[A-z0-9][A-z0-9][A-z0-9]/HDB*/exe /usr/sap/hdbclient -name hdbsql -exec dirname {} + 2> /dev/null | sort | uniq | tr '\n' ':'`
Add the updated
$PATH
information to the user's profile:echo "export PATH=\"\$PATH:$HDBSQL_PATH\"" >> /home/azacsnap/.profile
Search the file system for directories to add to
$LD_LIBRARY_PATH
for AzAcSnap:NEW_LIB_PATH=`find -L /hana/shared/[A-z0-9][A-z0-9][A-z0-9]/HDB*/exe /usr/sap/hdbclient -name "*.so" -exec dirname {} + 2> /dev/null | sort | uniq | tr '\n' ':'`
Add the updated library path to the user's profile:
echo "export LD_LIBRARY_PATH=\"\$LD_LIBRARY_PATH:$NEW_LIB_PATH\"" >> /home/azacsnap/.profile
Take the following actions, depending on the storage back end:
Configure the user's
DOTNET_BUNDLE_EXTRACT_BASE_DIR
path according to the .NET Core single-file extract guidance.Use the following code for SUSE Linux:
echo "export DOTNET_BUNDLE_EXTRACT_BASE_DIR=\$HOME/.net" >> /home/azacsnap/.profile echo "[ -d $DOTNET_BUNDLE_EXTRACT_BASE_DIR] && chmod 700 $DOTNET_BUNDLE_EXTRACT_BASE_DIR" >> /home/azacsnap/.profile
Use the following code for RHEL:
echo "export DOTNET_BUNDLE_EXTRACT_BASE_DIR=\$HOME/.net" >> /home/azacsnap/.bash_profile echo "[ -d $DOTNET_BUNDLE_EXTRACT_BASE_DIR] && chmod 700 $DOTNET_BUNDLE_EXTRACT_BASE_DIR" >> /home/azacsnap/.bash_profile
Copy the SAP HANA connection's secure user store for the target user,
azacsnap
. This step assumes that the root user has already configured the secure user store. For more information, see the earlier section Enable communication with the database.cp -pr ~/.hdb /home/azacsnap/.
Set the user permissions correctly for the
hdbuserstore
files:chown -R azacsnap.sapsys /home/azacsnap/.hdb
Extract the snapshot tools into
/home/azacsnap/bin/
:./azacsnap_installer_v5.0.run -X -d /home/azacsnap/bin
Make the commands executable:
chmod 700 /home/azacsnap/bin/*
Ensure that the correct ownership permissions are set on the user's home directory:
chown -R azacsnap.sapsys /home/azacsnap/*
Complete the setup of snapshot tools
The installer provides steps to complete after you install the snapshot tools.
The following output shows the steps to complete after you run the installer with the default installation options. Follow these steps to configure and test the snapshot tools.
1. Change into the snapshot user account.....
su - azacsnap
2. Set up the HANA Secure User Store.....
hdbuserstore Set <ADMIN_USER> <HOSTNAME>:<PORT> <admin_user> <password>
3. Change to location of commands.....
cd /home/azacsnap/bin/
4. Configure the customer details file.....
azacsnap -c configure --configuration new
5. Test the connection to storage.....
azacsnap -c test --test storage
6. Test the connection to HANA.....
a. without SSL
azacsnap -c test --test hana
b. with SSL, you will need to choose the correct SSL option
azacsnap -c test --test hana --ssl=<commoncrypto|openssl>
7. Run your first snapshot backup.....
azacsnap -c backup --volume=data --prefix=hana_test --retention=1
Step 2 is necessary if you didn't enable communication with the database before the installation.
If the test commands run correctly, the test is successful. You can then perform the first database-consistent storage snapshot.
Configure the database
This section explains how to configure the database.
Configure SAP HANA
There are changes that you can apply to SAP HANA to help protect the log backups and catalog. By default, basepath_logbackup
and basepath_catalogbackup
are set so that SAP HANA will put related files into the $(DIR_INSTANCE)/backup/log
directory. It's unlikely that this location is on a volume that AzAcSnap is configured to snapshot, so storage snapshots won't protect these files.
The following hdbsql
command examples demonstrate setting the log and catalog paths to locations on storage volumes that AzAcSnap can snapshot. Be sure to check that the values on the command line match the local SAP HANA configuration.
Configure the log backup location
This example shows a change to the basepath_logbackup
parameter:
hdbsql -jaxC -n <HANA_ip_address>:30013 -i 00 -u SYSTEM -p <SYSTEM_USER_PASSWORD> "ALTER SYSTEM ALTER CONFIGURATION ('global.ini', 'SYSTEM') SET ('persistence', 'basepath_logbackup') = '/hana/logbackups/H80' WITH RECONFIGURE"
Configure the catalog backup location
This example shows a change to the basepath_catalogbackup
parameter. First, ensure that the basepath_catalogbackup
path exists on the file system. If not, create the path with the same ownership as the directory.
ls -ld /hana/logbackups/H80/catalog
drwxr-x--- 4 h80adm sapsys 4096 Jan 17 06:55 /hana/logbackups/H80/catalog
If you need to create the path, the following example creates the path and sets the correct ownership and permissions. You need to run these commands as root.
mkdir /hana/logbackups/H80/catalog
chown --reference=/hana/shared/H80/HDB00 /hana/logbackups/H80/catalog
chmod --reference=/hana/shared/H80/HDB00 /hana/logbackups/H80/catalog
ls -ld /hana/logbackups/H80/catalog
drwxr-x--- 4 h80adm sapsys 4096 Jan 17 06:55 /hana/logbackups/H80/catalog
The following example changes the SAP HANA setting:
hdbsql -jaxC -n <HANA_ip_address>:30013 -i 00 -u SYSTEM -p <SYSTEM_USER_PASSWORD> "ALTER SYSTEM ALTER CONFIGURATION ('global.ini', 'SYSTEM') SET ('persistence', 'basepath_catalogbackup') = '/hana/logbackups/H80/catalog' WITH RECONFIGURE"
Check log and catalog backup locations
After you make the changes to the log and catalog backup locations, confirm that the settings are correct by using the following command.
In this example, the settings appear as SYSTEM
settings. This query also returns the DEFAULT
settings for comparison.
hdbsql -jaxC -n <HANA_ip_address> - i 00 -U AZACSNAP "select * from sys.m_inifile_contents where (key = 'basepath_databackup' or key ='basepath_datavolumes' or key = 'basepath_logbackup' or key = 'basepath_logvolumes' or key = 'basepath_catalogbackup')"
global.ini,DEFAULT,,,persistence,basepath_catalogbackup,$(DIR_INSTANCE)/backup/log
global.ini,DEFAULT,,,persistence,basepath_databackup,$(DIR_INSTANCE)/backup/data
global.ini,DEFAULT,,,persistence,basepath_datavolumes,$(DIR_GLOBAL)/hdb/data
global.ini,DEFAULT,,,persistence,basepath_logbackup,$(DIR_INSTANCE)/backup/log
global.ini,DEFAULT,,,persistence,basepath_logvolumes,$(DIR_GLOBAL)/hdb/log
global.ini,SYSTEM,,,persistence,basepath_catalogbackup,/hana/logbackups/H80/catalog
global.ini,SYSTEM,,,persistence,basepath_datavolumes,/hana/data/H80
global.ini,SYSTEM,,,persistence,basepath_logbackup,/hana/logbackups/H80
global.ini,SYSTEM,,,persistence,basepath_logvolumes,/hana/log/H80
Configure the log backup timeout
The default setting for SAP HANA to perform a log backup is 900
seconds (15 minutes). We recommend that you reduce this value to 300
seconds (5 minutes). Then it's possible to run regular backups of these files (for example, every 10 minutes). You can take these backups by adding the log_backup
volumes to the OTHER
volume section of the
configuration file.
hdbsql -jaxC -n <HANA_ip_address>:30013 -i 00 -u SYSTEM -p <SYSTEM_USER_PASSWORD> "ALTER SYSTEM ALTER CONFIGURATION ('global.ini', 'SYSTEM') SET ('persistence', 'log_backup_timeout_s') = '300' WITH RECONFIGURE"
Check the log backup timeout
After you make the change to the log backup timeout, ensure that the timeout is set by using the following command.
In this example, the settings are displayed as SYSTEM
settings. This query also returns the DEFAULT
settings for comparison.
hdbsql -jaxC -n <HANA_ip_address> - i 00 -U AZACSNAP "select * from sys.m_inifile_contents where key like '%log_backup_timeout%' "
global.ini,DEFAULT,,,persistence,log_backup_timeout_s,900
global.ini,SYSTEM,,,persistence,log_backup_timeout_s,300
Next steps
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for