Q: Where do I find the documentation for SAP Virtual Machine service?
Here you can find the starting point for the SAP Virtual Machine service documentation: https://help.sap.com/viewer/65de2977205c403bbc107264b8eccf4b/Cloud/en-US/fd5a3c1c93cf403db636de8ad67a7e70.html
Q: Can SAP Virtual Machine service be used from all regions?
Currently, this service is available in the following regions:
- Europe (Rot)
- Australia (Sydney)
- US East (Sterling)
Q: Do SAP offer managed services with the SAP Virtual Machine service?
No, the SAP Virtual Machine service provides only blank operating system. No preinstalled software and there is no support from SAP as part of the SAP BTP contracts for running any software on top.
Q: Which OS is supported? What does the initial OS configuration look like? (e.g. what OS packages are preinstalled; what custom software, if any, is installed; are there any files or directories that are “off limits” to local modification)
Currently only SUSE Linux Enterprise 12 is available (concrete version is SLES12 SP1). It contains base OS packages as provided from SUSE. No custom software on top of this, no restrictions on the virtual machine’s directories. The idea is that the customer is the root user of the virtual machine and can install software and do modifications on the virtual machine including destroying it.
Q: How can I log on my virtual machine?
With any SSH client you like. You need to establish a SSH tunnel first using commands in the console client for Neo environment and then connect the SSH client to it. Instead of opening an SSH tunnel via console client, you can use the Service Channel option in the cloud connector to connect to the virtual machine. See documentation for more detailed instructions. In both cases authentication is done via client certificate generated initially over the console client by the user creating the virtual machine, due to security reasons user and password authentication is not supported.
Q: How do I view the status of virtual machines that are available in my subaccount?
In SAP BTP cockpit there is a tab “Virtual Machines”. Using the console client one can invoke commands that retrieve virtual machine’s status which make it more suitable for automation.
Q: Do I have root privileges on the virtual machine?
Q: Can SAP reset the credentials on a virtual machine’s root user?
Q: What are virtual machine’s parameters (e.g. RAM, CPU, disc size)?
There are predefined sizes of virtual machines which come with concrete settings for these parameters. Choose the proper size that fits the need of your scenario. More info for size parameters can be found in the documentation.
Q: Is there any monitoring in place for my virtual machine health and the health of software I install on top?
No monitoring capabilities coming from SAP BTP. Customer is responsible to install respective software and setup monitors for the health of their virtual machine and software running on it according to their own preference.
Q: Can I use a package manager for updating / patching my virtual machine?
Yes, you can use Zypper. SAP maintains an up to date SLES12 repository to which you can connect. See documentation for more info how to do this.
Q: Do my virtual machines have outbound access to Internet?
Yes, you can access Internet directly without any proxy for outbound calls.
Q: Can my virtual machine be reached from the Internet?
Yes, via HTTPS only on a specific port (8041). The virtual machine itself is not exposed to the Internet directly but via the standard SAP BTP Firewall. You can start an https server process on a specific port (8041) which will receive requests from the SAP BTP load balancers. No other protocols besides https are supported.
Q: What about web sockets support within my applications?
Yes, as long as the underlying HTTPS server installed on the virtual machines by the customer supports it.
Q: How do I integrate my web application(s) into the SAP BTP authentication infrastructure?
SAML protocol over forward redirect involves exchanges of the SAML tokens over the user browser. If the installed HTTPS server by the customer (PHP, etc.) is a service provider to the SAML Identity Provider such as SAP Cloud Identity Services – there should be no problems.
Q: Can I call into my virtual machine from and to the other SAP BTP programming models?
Yes, you can call into your virtual machine from a Java Compute Unit or dedicated HANA instance that belong to your subaccount where the virtual machine runs. You need to configure respective security group rules on your virtual machine to enable this communication. See documentation. Direct communication from HTML 5 applications is not possible and should go over the public HTTPs end-point for your virtual machine.
Q: Can I consume my dedicated HANA instance from my virtual machine?
Yes, you can consume dedicated HANA running in your subaccount via JDBC and ODBC on predefined port (30015). You need to have proper JDBC driver in place and you can obtain connection details for your HANA via SAP BTP cockpit. See documentation.
Q: Will the file system of my virtual machine survive a machine shutdown or crash?
Yes, it is possible to configure the virtual machine in a way that the volume based file system stays when the running virtual machine is gone. For more info see documentation of create virtual machine command.