Skip to main content

Edge Integration Cell on Azure

Last updated on by madankumarpichamuthu

SAP Integration Suite – Edge Integration Cell (EIC) can be deployed on Azure to leverage its scalable infrastructure while maintaining secure and controlled execution in a customer-managed environment. This architecture combines Azure-native services with EIC’s hybrid capabilities, ensuring a seamless integration experience.

Architecture

image of solution diagram
Copy to clipboard

Solution Diagram Resources
You can download the Solution Diagram as a .drawio file for offline use. Alternatively, you may view and edit the Solution Diagram directly on draw.io.
Please note that any changes made online will need to be saved locally if you wish to keep them.
DownloadEdit

Overview

Deploying EIC on Azure requires a secure, scalable, and resilient infrastructure that adheres to enterprise compliance and hybrid cloud best practices. This setup ensures that sensitive data stays within a private Azure environment while leveraging SAP Integration Suite in the cloud for design, monitoring, and lifecycle management.

Azure Setup

1. VNet, SubNet and Networking

To ensure a secure and private execution environment, create a Virtuan Network (VNet) with multi-AZ redundancy for high availability (HA).

  • Multi-AZ Deployment:

    • Distribute your EIC components across three Azure Availability Zones (AZs) to ensure high availability. This setup helps maintain continuous service in case one AZ goes down, as the workload automatically fails over to another AZ.

  • Network Segmentation:

    • Private Subnets: Deploy critical EIC runtime components in private subnets to prevent direct access from public internet.
    • Public Subnets: These subnets are used for components like EC2-based bastion hosts or Network Load Balancers (NLB), which handle external traffic and distribute the load across different AZs.

  • Internet Access Control for EIC:

    • NAT Gateways: Azure NAT Gateway components in private subnets to securely access external services without exposing internal EIC workloads to the internet.

    • Public IP Addresses: For EIC runtime components that require outbound internet access, Public IP addresses can be assigned directly or via an Azure Load Balancer to enable necessary connectivity.

    • Network Security Groups and IP Based Network ACLs: These are used to enforce strict access control, ensuring secure communication between EIC components.

2. Azure AKS Cluster

EIC workloads require a containerized runtime, making Azure Kubernetes Service (AKS) the preferred choice for managing and scaling integration flows.

  • Cluster Setup:

    • The AKS control plane is fully managed by Azure, reducing operational overhead.
    • Worker nodes are deployed in private subnets for enhanced security.

  • Security and Access Control:

    For sizing recommendations, refer to this SAP Note

3. Storage and Databases

EIC requires multiple storage solutions for transaction logs, runtime data, and caching.

SAP Setup

1. Activate EIC in your SAP BTP Subaccount

2. Configure a Technical User and Set Up SSO

  • Create technical users (P-User and S-User) to interact with the SAP systems and to access SAP repository based shipment channel.
  • Set up Single Sign-On (SSO) for secure repository access, including monitoring and logging.

3. Add an Edge Node and Bootstrap to Kubernetes

  • Add an Edge Node in Edge Lifecycle Management (ELM) and bootstrap it to your Azure AKS cluster running in your private Azure landscape.

Resources

You can find detailed, step-by-step instructions for both the basic and high availability (HA) setup, including SAP and Azure configuration and deployment steps, in the following GitHub repository:

Deploy SAP Integration Suite - Edge Integration Cell on on Microsoft Azure

Recommendation

The architecture and setup instructions in the GitHub repository above outline a small production deployment. Since deployments vary depending on business needs, these recommendations should be treated as a starting point.

Explore More