Skip to main content
Do checkout my poem section. You are going to love it.

Kernel patching

 Kernel patching in SAP Basis is a crucial activity for maintaining the stability, security, and performance of your SAP system. The kernel is the core executable program that acts as an interface between the SAP application and the operating system. It contains essential programs like the dispatcher, message server, and work processes.

Here's a detailed breakdown of SAP kernel patching:

1. What is the SAP Kernel?

The SAP Kernel consists of a set of executable programs located in the /sapmnt/<SID>/exe (Unix/Linux) or \usr\sap\<SID>\SYS\exe\run (Windows) directory. These executables are responsible for starting and stopping SAP application services, managing memory, handling input/output operations, and generally enabling the SAP system to function.

Key Components of the Kernel:

  • disp+work: Dispatcher and work processes.
  • msg_server: Message server.
  • enserver: Enqueue server.
  • sapcpe: Program for copying kernel executables from global to local directories.
  • Database-specific executables (e.g., sapexedb.SAR).
  • Common executables (e.g., sapexe.SAR).

2. Why is Kernel Patching Necessary?

SAP releases kernel patches regularly to:

  • Fix Bugs: Address known issues and program errors.
  • Improve Performance: Optimize system operations and efficiency.
  • Enhance Security: Patch vulnerabilities and protect against potential exploits.
  • Introduce New Functionality: Provide minor enhancements or support for new features.
  • Maintain Compatibility: Ensure compatibility with new operating system versions, databases, or other SAP components.

3. Types of Kernel Patches

SAP kernel patches are generally delivered as SAR archives. There are two main types of kernel files:

  • Database Independent Kernel (SAPEXE.SAR): Contains general SAP executables that are independent of the specific database system being used (e.g., Oracle, SQL Server, HANA).
  • Database Dependent Kernel (SAPEXEDB.SAR): Contains executables specific to the database system being used by your SAP system. You need to download the correct one for your database.

Additionally, SAP provides:

  • SP Stack Kernel: These are special patches of the SAP kernel provided as complete kernel packages (SAPEXE.SAR and SAPEXEDB.SAR). They are thoroughly tested and aim to be free of all known kernel regressions, making them very stable. SP Stack Kernels may be identified by specific patch numbers (e.g., 100, 200, 300).
  • Downward Compatible Kernels (DCK): These kernels allow you to use a newer kernel release with an older SAP product release, providing extended support and access to newer features or bug fixes.

4. Prerequisites and Planning for Kernel Patching

Before starting a kernel patch, ensure you have the following:

  • SAP Support Portal Access: You need a valid S-user ID and password to download the necessary kernel files from support.sap.com/software.
  • System Downtime: Kernel patching typically requires stopping all SAP application instances, leading to system downtime. Plan this activity during a maintenance window with minimal business impact. Some advanced methods like "Rolling Kernel Switch" can minimize downtime by stopping instances one by one (requires specific system minimum requirements).
  • Compatibility Check (PAM): Verify the compatibility of the target kernel version with your existing operating system, database, and SAP product versions using the Product Availability Matrix (PAM) on the SAP Support Portal.
  • Sufficient Disk Space: Ensure there is enough free disk space in the kernel directory and in a temporary directory for extracting the SAR files.
  • SAPCAR Utility: The SAPCAR utility is required to uncompress the SAR archives. Ensure you have the latest version.
  • Backup: This is critical. Take a full and consistent backup of your existing kernel directory. This allows for an easy rollback in case of issues.
  • OS-level User Access: You'll need sidadm (or <sid>adm on Unix/Linux) user privileges and, for some steps (like running saproot.sh), root user privileges on the operating system.
  • No Active Users or Jobs: Ensure no users are logged into the SAP system and no background jobs are running.
  • Health Checks: Perform system health checks (e.g., check for dumps in ST22, system logs in SM21, Tcode SM51 for work process status) before and after the patch.

5. Detailed Steps for Kernel Patching (Manual Method)

Here's a typical step-by-step process for manual kernel patching. Automated tools like SAP Software Update Manager (SUM) or third-party solutions can simplify this, but understanding the manual steps is fundamental.

A. Preparation:

  1. Identify Current Kernel Version:

    • SAP GUI: Log in to SAP, go to System -> Status -> Other Kernel info.
    • OS Level: As <sapsid>adm, run disp+work -version (Unix/Linux) or disp+work.exe -version (Windows) from the kernel directory.

  2. Download New Kernel Files:

    • Go to https://support.sap.com/software -> Support Packages & Patches -> By Category.
    • Navigate to your SAP product (e.g., SAP NetWeaver, SAP S/4HANA).
    • Select the correct kernel release (e.g., 7.53, 7.77, 7.85, 7.93).
    • Choose your operating system (e.g., Windows, Linux, AIX) and bit version (64-bit).
    • Download SAPEXE.SAR (database independent) and SAPEXEDB.SAR (database specific).
    • Ensure the downloaded files are for the correct Unicode/Non-Unicode and Real/Extended versions if applicable.

  3. Create a Temporary Directory:

    • On the SAP application server, create a new directory at the OS level (e.g., /tmp/new_kernel_<date> on Unix/Linux or C:\new_kernel_<date> on Windows).
    • Copy the downloaded SAPEXE.SAR and SAPEXEDB.SAR files into this new directory.

B. Applying the Patch:

  1. Extract Kernel Files:

    • Navigate to the temporary directory (/tmp/new_kernel_<date>).
    • Use the SAPCAR utility to extract the archives:
      Bash
      SAPCAR -xvf SAPEXE.SAR
SAPCAR -xvf SAPEXEDB.SAR
    • If SAPCAR is not available or is an older version, download the latest from the SAP Support Portal and place it in the same directory.

  2. Backup Existing Kernel:

    • Navigate to your active kernel directory (/sapmnt/<SID>/exe or \usr\sap\<SID>\SYS\exe\run).
    • Create a backup directory (e.g., exe_old_<ddmmyy>) and copy all existing kernel files into it.

    <!-- end list -->

    Bash
    # For Unix/Linux
cd /sapmnt/<SID>/exe
mkdir exe_old_$(date +%d%m%y)
cp -rp * exe_old_$(date +%d%m%y)/

# For Windows (use Robocopy or Xcopy)
cd \usr\sap\<SID>\SYS\exe\run
mkdir exe_old_<ddmmyy>
xcopy /E /I /Y * exe_old_<ddmmyy>\

  3. Stop SAP System:

    • Log in to the OS as <sapsid>adm.
    • Stop the SAP system:
      Bash
      stopsap r3
    • Verify that all SAP processes are stopped.

  4. Copy New Kernel Files:

    • Copy the newly extracted kernel files from your temporary directory to the active kernel directory, overwriting the old files.

    <!-- end list -->

    Bash
    # For Unix/Linux
cp -rp /tmp/new_kernel_<date>/* /sapmnt/<SID>/exe/

# For Windows
xcopy /E /I /Y C:\new_kernel_<date>\* \usr\sap\<SID>\SYS\exe\run\

  5. Set Permissions (Unix/Linux Specific):

    • Log in as root user.
    • Navigate to the active kernel directory (/sapmnt/<SID>/exe).
    • Execute the saproot.sh script to set correct ownership and permissions for critical executables (like br*, sapuxuserchk, icmbnd):
      Bash
      ./saproot.sh <SID>

C. Post-Patching Activities:

  1. Start SAP System:

    • Log in to the OS as <sapsid>adm.
    • Start the SAP system:
      Bash
      startsap r3

  2. Verify New Kernel Version:

    • OS Level: Run disp+work -version (Unix/Linux) or disp+work.exe -version (Windows) from the kernel directory.
    • SAP GUI: Log in to SAP, go to System -> Status -> Other Kernel info. The new patch level should be displayed.
    • Transaction SM51: Go to SM51, select a server, and click "Release Notes" or "Go to" -> "Release Notes" to see the kernel version.

  3. Perform Health Checks:

    • System Logs (SM21): Check for any new errors or warnings.
    • Dumps (ST22): Verify no new short dumps are generated.
    • Work Process Overview (SM50/SM66): Ensure all work processes are running normally.
    • Check system performance (ST03N, ST04/DB02): Monitor response times and resource utilization.
    • Test Key Business Processes: Engage functional teams to perform critical business transactions to ensure everything is working as expected.

  4. Clean Up:

    • Once confident that the new kernel is stable, you can delete the temporary kernel extraction directory.
    • Keep the old kernel backup directory for a defined period (e.g., 1-2 weeks) before archiving or deleting it.

6. Important Considerations and Best Practices:

  • Read SAP Notes: Always refer to relevant SAP Notes for the specific kernel patch you are applying. These notes contain critical information, prerequisites, known issues, and specific instructions.
  • Test Environment First: Always perform kernel patching in a non-production environment (Development, Quality) before applying it to Production. This allows for thorough testing and identification of any unforeseen issues.
  • Rolling Kernel Switch (RKS): For systems with multiple application servers, RKS can minimize downtime by allowing you to patch one application server at a time while others remain active. This requires careful planning and specific configuration.
  • Software Update Manager (SUM): For major updates or complex landscapes, SUM is the recommended tool for applying support packages and kernels, as it automates many steps and performs necessary checks.
  • Consistency: Ensure that all application servers in a distributed SAP system run the same kernel patch level after the update. sapcpe helps in automatically synchronizing kernel executables from the global directory to local instance directories.
  • Regular Patching: Don't delay kernel patching. Regular updates ensure your system benefits from the latest bug fixes, security enhancements, and performance improvements. SAP typically releases security patches on the second Tuesday of each month (SAP Security Patch Day).
  • Documentation: Document every step of the patching process, including the start and end times, kernel versions (before and after), any issues encountered, and their resolutions.

By following these detailed notes, SAP Basis administrators can effectively plan, execute, and verify kernel patching activities, ensuring the smooth and secure operation of their SAP systems.

Comments

Post a Comment

Popular posts from this blog

An experiment with the life

"Best Thing about experiment is that it only improves the outcome." Well, I am Rakshit, hope you already know. I am not special and surely not especially gifted. Neither things go according to my wish. Neither I am the best writer.  But I am myself who is totally unique from anyone else. And I am Rakshit Ranjan Singh. I have my own fun, fights and fall in the most fundamentalistic way. Mechanical is my degree. IT is my Job. Beauty in nature is what I search. Words of my heart are what I write. Four different things I carry on my shoulder and a smile on my face, hope you might have seen that. What do I care for? Family, friends and nature. Do I have regrets? More than I can imagine. Let us move further to see what really is my life.
Read more

Learn Java

Hello Friends, You might already know what Java is. Without taking much of your time, I would like to ask you to please click below if you are ready to learn it from end to end. The Material over here is available on the internet and is free to access.  I would request you to bookmark this page and follow it. Please comment if you are happy with the learning. click here
Post a Comment
Read more

Driving

My Driving Journey: From Zero to (Almost) Hero! Hello everyone! I'm excited to share my ongoing adventure of learning to drive. It's been a mix of nervous excitement, hilarious near-misses, and the slow but steady feeling of progress. Buckle up, because here's a peek into my journey behind the wheel! The First Lesson: Clutch Confusion! My first time in the driver's seat was... memorable. Let's just say the clutch and I weren't immediate friends. Lots of jerky starts and a few stalls later, I began to understand the delicate dance between the pedals. My instructor was incredibly patient (thank goodness!). Mastering the Steering Wheel (Sort Of) Steering seemed straightforward enough, but navigating turns smoothly was a different story. I definitely had a few moments of feeling like I was wrestling with the wheel. Slowly but...
Post a Comment
Read more