: The debut of DolphinGemma
The SAP Advanced Event Mesh is a powerful tool for event-driven architecture, providing reliable, high-performance messaging across your enterprise. This blog will guide you through setting up a private SAP Advanced Event Mesh cluster using the SAP documentation as a foundation and leaving room for additional customizations, including Kubernetes setup with Rancher and screenshots for a comprehensive walkthrough.
Why Choose a Private SAP Advanced Event Mesh Cluster?
A private SAP Advanced Event Mesh cluster allows for enhanced security, control, and performance, especially critical for organizations with strict compliance or latency requirements. By deploying a private cluster, you ensure that all messaging remains within your specified infrastructure, tailored to your needs.
Prerequisites
Before diving into the setup process, ensure you have the following:
Access to SAP Advanced Event Mesh: Ensure your subscription supports private cluster deployment, all details can be found in the SAP Discovery Center.Kubernetes Environment: Prepare a Kubernetes environment using a tool like Rancher, as baseline use the Sizing guide. For my current setup I have decided for the Standard Sizing not using a HA setup. Kindly also check the supported infrastructure providers.Network: Prepare your network setup according to the Connectivitiy Guide.
Step 1: Request Private region deployment
According to the SAP documentation, a private cluster deployment involves provisioning resources within your private infrastructure. It requires integrating SAP/Solace admin services to enable this. Therefore click Request New Datacenter to open the SAP Support Portal where you can request that Datacenters be added to your private regions. Be sure to include the Subaccount ID of your advanced event mesh account in the request.
Step 2: Understanding and document the Setup Requirements
This questionnaire is specific to deployments of SAP Integration Suite, advanced event mesh in Customer-Controlled Regions. For questions related to deployments for Dedicated Regions, see Questionnaire: Deploying in a Dedicated Region.
To begin your planning, we have produced a questionnaire to help identify critical information required for a successful deployment, including:
questions common to deployments in all Kubernetes implementations, including queries about your cluster, Operational Connectivity, Messaging Connectivity, and feature requirements.questions specific to the implementation of Kubernetes you have chosen for your Customer-Controlled Region, including queries about your cluster, Messaging Connectivity, and storage.
The answers to these questions help SAP determine how to configure the Mission Control Agent to create event broker services in your cluster.
Step 3: Review Private Region setup in SAP AEM
When Datacenters exist in your private regions, the Private Regions tab displays information about your private regions and the Datacenters they contain.
From here you can access the SAP AEM credentials and configurations you will need to connect your Kubernetes environment.
Downloading Image Pull Secret:
You can use the contents of either of these files as an authorization token to access the Solace Container Registry (gcr.io) where SAP‘s container images are stored. For more about deploying Mission Control Agent into your Kubernetes cluster, see Kubernetes Cluster Installation.
Deploying the Secret will establish the trust between your Kubernetes environment and the Solace Container Registry.
The setup in SUSE Rancher RKE2 I will show below.
Downloading HELM Values:
The values.yaml file for the Datacenter is downloaded securely to your local storage drive via TLS. You can use the values.yaml file to deploy the Mission Control Agent into your Kubernetes cluster, see Kubernetes Cluster Installation.
The setup in SUSE Rancher RKE2 I will show below.
Downloading the Validation Tool Manifest:
You can download the validation tool manifest that is required by the cluster validation tool when validating your Kubernetes cluster with help from SAP.
The execution in SUSE Rancher RKE2 I will show below.
Step 4: Basic Setup using SUSE Rancher RKE2
Before you start with your Kubernetes setup check the following prerequisites / recommendations:
Outbound Connectivity – check if infrastructure allow port access to 55443 (Connectivitiy Guide)Decide for correct Storage class – with file system xfsUsage of loadbalancer controller in level L2/L4 ( not ingress L7)
First of course, check if the technical resources ( CPU, memory) in your landscape are sufficient to deploy the content.
Prepare Storage
For our setup we have decided and configured longhorn as Storage Class. Please be aware that you have to change the HELM Values file accordingly, before execution at the section ” storageClass: longhorn”.
Prepare Loadbalancer
For our setup we have decided and configured MetalLB as loadbalancer. Please be aware that you have to change the HELM Values file accordingly, before execution at the section “serviceType: LoadBalancer”.
For the installation you can follow the installation guide: https://metallb.io/installation/
Once installed you still have to configure the IP or IP range which could be used by the loadbalancer: https://metallb.io/configuration/#layer-2-configuration.
Now, as the prerequisites / recommendations are fulfilled, we can go ahead with the SAP AEM Broker configuration and deployment.
Step 5: SAP AEM Broker configuration and deployment.
Upload Image Pull Secret
To establish trust you simply have to upload the pull-secret. Navigate in SUSE Rancher to Import YAML and click save.
To check im the import was successful you can navigate to Storage > Secrets. In this screen section you also could create trust (2nd option) if not done via Import YAML function.
Deploy Mission Control agent
As we have now Establish trust it is time to load the images. The most common way is to execute the Kubectl shell console. Navigate in SUSE Rancher to open Kubectl shell ( consider the correct storageClass and serviceType, see step 4).
Extract from the command line with the HELM Values file and your <values> you are deploying the mission control agent.
helm repo add solace-cloud https://cloud-agent-helm.s3.amazonaws.com
“solace-cloud” has been added to your repositories
> helm repo update
Hang tight while we grab the latest from your chart repositories…
…Successfully got an update from the “solace-cloud” chart repository
Update Complete. ⎈Happy Helming!⎈
> helm install mission-control-agent solace-cloud/solace-cloud-ca -f <values>
In case the deployment was successful you receive similar logs.
NAME: mission-control-agent
LAST DEPLOYED: Thu Jan 16 16:26:56 2025
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Thank you for installing solace-cloud-ca.
Your release is named mission-control-agent.
To learn more about the release, try:
$ helm status mission-control-agent
$ helm get all mission-control-agent
Datacenter ID is: your ID
Datacenter region is not set.
Diagnostics is disabled.
Not using service class selectors.
Not using region selector.
Not using zone selectors.
Using storage class: longhorn
Deploy SAP AEM Private Broker
Access your public SAP AEM Broker Management console, Cluster Manager > Create Service, provide a meaningful name and select the Cloud type “Private Cloud” and the Region of your private datacenter. (this private datacenter has been register by the mission control agent in the project step). Slect the version and service type you would like to work with and “Create Broker”.
The broker setup will take some minutes similar to the cloud broker setup. In parallel check the logs of your Kubernetes cluster.
If the setup was successful you can access the broker through the cloud console and use the standard features like Manage, Monitor, Configuration and TryMe.
HappyPrivateEventing
The SAP Advanced Event Mesh is a powerful tool for event-driven architecture, providing reliable, high-performance messaging across your enterprise. This blog will guide you through setting up a private SAP Advanced Event Mesh cluster using the SAP documentation as a foundation and leaving room for additional customizations, including Kubernetes setup with Rancher and screenshots for a comprehensive walkthrough.Why Choose a Private SAP Advanced Event Mesh Cluster?A private SAP Advanced Event Mesh cluster allows for enhanced security, control, and performance, especially critical for organizations with strict compliance or latency requirements. By deploying a private cluster, you ensure that all messaging remains within your specified infrastructure, tailored to your needs. PrerequisitesBefore diving into the setup process, ensure you have the following:Access to SAP Advanced Event Mesh: Ensure your subscription supports private cluster deployment, all details can be found in the SAP Discovery Center.Kubernetes Environment: Prepare a Kubernetes environment using a tool like Rancher, as baseline use the Sizing guide. For my current setup I have decided for the Standard Sizing not using a HA setup. Kindly also check the supported infrastructure providers.Network: Prepare your network setup according to the Connectivitiy Guide. Step 1: Request Private region deploymentAccording to the SAP documentation, a private cluster deployment involves provisioning resources within your private infrastructure. It requires integrating SAP/Solace admin services to enable this. Therefore click Request New Datacenter to open the SAP Support Portal where you can request that Datacenters be added to your private regions. Be sure to include the Subaccount ID of your advanced event mesh account in the request.Step 2: Understanding and document the Setup RequirementsThis questionnaire is specific to deployments of SAP Integration Suite, advanced event mesh in Customer-Controlled Regions. For questions related to deployments for Dedicated Regions, see Questionnaire: Deploying in a Dedicated Region.To begin your planning, we have produced a questionnaire to help identify critical information required for a successful deployment, including:questions common to deployments in all Kubernetes implementations, including queries about your cluster, Operational Connectivity, Messaging Connectivity, and feature requirements.questions specific to the implementation of Kubernetes you have chosen for your Customer-Controlled Region, including queries about your cluster, Messaging Connectivity, and storage.The answers to these questions help SAP determine how to configure the Mission Control Agent to create event broker services in your cluster.Step 3: Review Private Region setup in SAP AEMWhen Datacenters exist in your private regions, the Private Regions tab displays information about your private regions and the Datacenters they contain.From here you can access the SAP AEM credentials and configurations you will need to connect your Kubernetes environment.Downloading Image Pull Secret:You can use the contents of either of these files as an authorization token to access the Solace Container Registry (gcr.io) where SAP’s container images are stored. For more about deploying Mission Control Agent into your Kubernetes cluster, see Kubernetes Cluster Installation.Deploying the Secret will establish the trust between your Kubernetes environment and the Solace Container Registry. The setup in SUSE Rancher RKE2 I will show below.Downloading HELM Values:The values.yaml file for the Datacenter is downloaded securely to your local storage drive via TLS. You can use the values.yaml file to deploy the Mission Control Agent into your Kubernetes cluster, see Kubernetes Cluster Installation.The setup in SUSE Rancher RKE2 I will show below.Downloading the Validation Tool Manifest:You can download the validation tool manifest that is required by the cluster validation tool when validating your Kubernetes cluster with help from SAP.The execution in SUSE Rancher RKE2 I will show below. Step 4: Basic Setup using SUSE Rancher RKE2Before you start with your Kubernetes setup check the following prerequisites / recommendations:Outbound Connectivity – check if infrastructure allow port access to 55443 (Connectivitiy Guide)Decide for correct Storage class – with file system xfsUsage of loadbalancer controller in level L2/L4 ( not ingress L7)First of course, check if the technical resources ( CPU, memory) in your landscape are sufficient to deploy the content. Prepare StorageFor our setup we have decided and configured longhorn as Storage Class. Please be aware that you have to change the HELM Values file accordingly, before execution at the section ” storageClass: longhorn”.Prepare LoadbalancerFor our setup we have decided and configured MetalLB as loadbalancer. Please be aware that you have to change the HELM Values file accordingly, before execution at the section “serviceType: LoadBalancer”.For the installation you can follow the installation guide: https://metallb.io/installation/Once installed you still have to configure the IP or IP range which could be used by the loadbalancer: https://metallb.io/configuration/#layer-2-configuration.Now, as the prerequisites / recommendations are fulfilled, we can go ahead with the SAP AEM Broker configuration and deployment.Step 5: SAP AEM Broker configuration and deployment.Upload Image Pull SecretTo establish trust you simply have to upload the pull-secret. Navigate in SUSE Rancher to Import YAML and click save. To check im the import was successful you can navigate to Storage > Secrets. In this screen section you also could create trust (2nd option) if not done via Import YAML function.Deploy Mission Control agent As we have now Establish trust it is time to load the images. The most common way is to execute the Kubectl shell console. Navigate in SUSE Rancher to open Kubectl shell ( consider the correct storageClass and serviceType, see step 4).Extract from the command line with the HELM Values file and your <values> you are deploying the mission control agent.helm repo add solace-cloud https://cloud-agent-helm.s3.amazonaws.com”solace-cloud” has been added to your repositories> helm repo updateHang tight while we grab the latest from your chart repositories……Successfully got an update from the “solace-cloud” chart repositoryUpdate Complete. ⎈Happy Helming!⎈> helm install mission-control-agent solace-cloud/solace-cloud-ca -f <values> In case the deployment was successful you receive similar logs. NAME: mission-control-agentLAST DEPLOYED: Thu Jan 16 16:26:56 2025NAMESPACE: defaultSTATUS: deployedREVISION: 1TEST SUITE: NoneNOTES:Thank you for installing solace-cloud-ca.Your release is named mission-control-agent.To learn more about the release, try: $ helm status mission-control-agent $ helm get all mission-control-agentDatacenter ID is: your IDDatacenter region is not set.Diagnostics is disabled.Not using service class selectors.Not using region selector.Not using zone selectors.Using storage class: longhorn Deploy SAP AEM Private Broker Access your public SAP AEM Broker Management console, Cluster Manager > Create Service, provide a meaningful name and select the Cloud type “Private Cloud” and the Region of your private datacenter. (this private datacenter has been register by the mission control agent in the project step). Slect the version and service type you would like to work with and “Create Broker”.The broker setup will take some minutes similar to the cloud broker setup. In parallel check the logs of your Kubernetes cluster.If the setup was successful you can access the broker through the cloud console and use the standard features like Manage, Monitor, Configuration and TryMe.HappyPrivateEventing Read More Technology Blogs by SAP articles
#SAP
#SAPTechnologyblog
