• SAP HANA

saphana
  1. Help Center
  2. SAP HANA
  3. Automatic Deployment User Guide
  4. Single-Node Deployment Without HA Required
  5. Operation Instructions (Deployment Using the CLI)
  6. Binding an EIP and Configuring NAT SSH Switching Permissions

Binding an EIP and Configuring NAT SSH Switching Permissions

Scenarios

Bind EIPs to the NAT server and SAP HANA Studio ECSs so that tenants can communicate with them.

Procedure

  1. Run the following command to bind an EIP to the SAP HANA Studio ECS:

    heat --insecure stack-create -f SAP-HANA-Resource-ElasticIP.template -P "external_network=0a2228f2-7f8a-45f1-8e09-9039e1d09975;port_id=9abaccef-e027-4746-9c19-b866a1715903" saphana-studio-eip

    Check the value of external_network by running the neutron net-external-list command and set port_id to the NIC ID of the SAP HANA Studio ECS queried in Creating an ECS.

  2. Run the following command to check whether the stack has been successfully created:

    heat --insecure stack-show saphana-studio-eip

    If the value of stack_status is  CREATE_COMPLETE, the stack is successfully created.
    Figure 1 Checking the EIP bound to the SAP HANA Studio ECS

    Obtain the value of output_value for studio_port in step 6 in section Creating an ECS.

    Run the command neutron --insecure floatingip-list | grep <studio_port NIC ID> or log in to the management console to obtain the EIP.

  3. Run the following command to bind an EIP to the NAT server ECS:

    heat --insecure stack-create -f SAP-HANA-Resource-ElasticIP.template -P "external_network=0a2228f2-7f8a-45f1-8e09-9039e1d09975;port_id=ca5c598d-a382-4686-98f3-ad0024560a07" saphana-nat-eip

    Check the value of external_network by running the neutron net-external-list command and set port_id to the NIC ID of the NAT server ECS queried in Creating an ECS.

  4. Run the following command to check whether the stack has been successfully created:

    heat --insecure stack-show saphana-nat-eip

    If the value of stack_status is CREATE_COMPLETE, the stack is successfully created.

    Figure 2 Checking the EIP bound to the NAT server ECS

    Obtain the value of output_value for nat_port in step 4 in section Creating an ECS.

    Run the command neutron --insecure floatingip-list | grep <nat_port NIC ID> or log in to the management console to obtain the EIP.

  5. Configure NAT server ECSs to be trusty to allow SSH switchovers between NAT server ECSs.

    Upload the private key file to the /root/.ssh/ directory on the NAT server, change the file name to id_rsa, and run the command to change the permission of id_rsa.

    For example, run the following command to change the permission of id_rsa:

    chmod 600 /root/.ssh/id_rsa

    NOTE:

    To configure the NAT server, run the heat --insecure stack-show ECS stack name command to obtain the ECS NIC IP address of the server or client network plane. Output_key indicates the name of the ECS and Output_value indicates its IP address.