Skip Headers
Oracle® Enterprise Manager Administrator's Guide for Software and Server Provisioning and Patching
11g Release 1 (11.1.0.1.0)

E16599-06
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

18 Provisioning Oracle Application Server

This chapter explains how you can provision Oracle Application Servers. In particular, this chapter covers the following:

Getting Started

This section helps you get started with this chapter by providing an overview of the steps involved in provisioning Oracle Application Server. Consider this section to be a documentation map to understand the sequence of actions you must perform to successfully provision Oracle Application Server. Click the reference links provided against the steps to reach the relevant sections that provide more information.

Table 18-1 Getting Started with Provisioning Oracle Application Server

Step Description Reference Links

Step 1

Understanding the Deployment Procedure

Understand the Deployment Procedure that is offered by Enterprise Manager Grid Control for provisioning Oracle Application Server. Know how the Deployment Procedure functions, what use cases it covers, what releases it supports, and what core components it provisions.

To learn about the Deployment Procedure, see Deployment Procedures, Supported Releases, and Core Components Deployed.

Step 2

Selecting the Release to Provision

This chapter covers use cases for different releases of Oracle Application Server. Identify the release you want to provision and understand the use cases that are covered for each release.

Step 3

Meeting the Prerequisites

Before you run any Deployment Procedure, you must meet the prerequisites, such as setting up of the provisioning environment, applying mandatory patches, setting up of Oracle Software Library.

To learn about the prerequisites for provisioning Oracle Application Server, access the reference links provided for Step (2) and navigate to the Prerequisites subsection.

Step 4

Running the Deployment Procedure

Run the Deployment Procedure to successfully provision Oracle Application Server.

To provision Oracle Application Server, access the reference links provided for Step (2) and navigate to the Provisioning Procedure subsection.


Deployment Procedures, Supported Releases, and Core Components Deployed

Enterprise Manager Grid Control offers the following Deployment Procedures for provisioning Oracle Application Server:

Deployment Procedure Supported Releases Core Components Deployed
Application Server Deployment (myJ2EE) 10.1.2.0.2 Oracle Application Server 10g Release 2 (10.1.2.0.2)
  • Application tier
  • Web tier

Application Server Deployment 10.1.3 Oracle Application Server 10g Release 3 (10.1.3.x)
  • Application tier
  • Web tier

Application Server Deployment 10.1.3.xSOA Oracle SOA Suite 10g (10.1.3.x) Deploys Oracle SOA Suite 10g (10.1.3.x) with the application tier and Web tier of Oracle Application Server 10g Release 3 (10.1.3.x)

Note:

These Deployment Procedures do not install the database tier. However, they facilitate the configuration of Java Authentication and Authorization Service (JAAS) provider (also called as JAZN) with an existing data tier.

Oracle Application Server you want to provision may be available in different formats such as an installation kit in the installation medium, a running instance on a host monitored by Enterprise Manager Grid Control, or even a gold image in Oracle Software Library (Software Library).

Using the Application Server Deployment 10.1.3 Deployment Procedure, you can provision any of these formats. However, using the Application Server Deployment (myJ2EE) 10.1.2.0.2 Deployment Procedure, you can provision only a new installation using the software binaries stored in the Software Library.

For example, if you want to have a new installation of Oracle Application Server 10g Release 3 (10.1.3.x), the recommended option is to store the software binaries of the application server from an installation medium onto the Software Library, and then provision it from the Software Library. However, if you want to have a copy of a running instance that is stable and has all the latest patches applied, the recommended option is to clone that existing instance so that you retain the same configuration settings. Similarly, if you have created a gold image of this stable, well-patched application server instance in the Software Library, then you can use it to deploy a similar instance in your enterprise configuration.

Note:

Provisioning of a gold image from the Software Library is not supported for Microsoft Windows Vista.

Provisioning Oracle Application Server 10g Release 1 (10.1.3)

This section describes how you can provision Oracle Application Server 10g Release 1 (10.1.3). In particular, this section covers the following:

Cloning a Running Oracle Application Server Instance

This section describes how you can clone an existing Oracle Application Server instance that is running on a host monitored by Enterprise Manager Grid Control.

This option is best suited when you have a running instance of Oracle Application Server that is stable and has all the latest patches applied, and you want to make identical copies of it on multiple hosts.

However, the risk involved in using a existing instance is that the instance may be deleted or deinstalled anytime without prior notice, and as a result, the Deployment Procedure may fail. Therefore, use this option when you know that the running instance is available for cloning.

This section covers the following:

Cloning from an Existing Cluster, Scaling Up the Existing Cluster, and Using the Same Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3) from an existing cluster, extend the cluster to include the new node, and by using the same Internet Directory.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • Compare the configuration of the source and target hosts and ensure that they have the same configuration. If the configurations are different, then contact your system administrator and fix the inconsistencies before running the Deployment Procedure.

    To compare the configuration of the hosts, in Grid Control, click Targets and then Hosts. On the Hosts page, click the name of the source host to access its Home page, and then click the Configuration tab. On the Configuration page, click Compare Configuration and select the target host.

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment. Enterprise Manager Grid Control displays the Source Selection page of the Deployment Procedure.

  4. On the Source Selection page, in the Source Selection section, in the Select the source Oracle Homes from the Installed Cluster Environment subsection, do the following:

    1. Retain the default selection, that is, Select from Existing Cluster Installation.

    2. From the Select Cluster list, select an existing cluster from where the Web tier and application tier can be deployed. On selection of an existing cluster, the table gets populated with information about the Web tier and application tier that are part of it.

    3. In the table, for Files to Exclude, specify the files in the Oracle home that you do not want to include while running this Deployment Procedure. You can specify either the file names or the file extensions, and separate multiple entries with a comma.

      And for Working Directory, retain the default value or specify another location that already exists on the source host and can be used to stage the file for cloning.

    4. If you want to deploy only one of the two products (application server or web server) from the selected source cluster, then click Reset to delete all values in the table. Once the values are reset, click the torch icon corresponding to the product that you want to deploy, and select the required target.

    5. If you want to save the Oracle homes as an image in the Software Library, select Save to Software Library.

    6. Click Next.

      Note:

      When you click Next, if there are no prerequisites in the Software Library for that particular platform, then you will see Next, Ignore Warnings option. In this case, you can do one of the following:
      • Upload the components to the Software Library under Components/Oracle Components/Prerequisite-fixup components/<Platform name>/Prerequisite-Fixup component and click Next.

      • Click Next, Ignore Warnings to skip the prerequisite check while running the Deployment Procedure.

  5. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

    3. Click Next.

  6. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Agent Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    3. In the Source Oracle Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    4. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

    5. Click Next.

  7. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, retain the default selection, that is, Extend existing cluster.

    2. In the Instance Details section, retain the default instance names, and specify the OC4J administrator password for the source host and the target host.

      You can always change the default instance names with any other custom names. However, ensure that the names you specify are unique because, by default, the host name and domain name of that host are appended to the instance name you specify here.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in the Additional Parameters section. For more information, see Step 7 (e).

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, retain the default port number (7777) that is displayed if Oracle Web Cache is not configured.

    4. In the Load Balancer Details section, select Configure Load Balancer and provide the required information if you have an F5 BIG-IP Local Traffic Manager load balancer configured.

      NOTE:

      Enterprise Manager Grid Control supports only F5 BIG-IP Local Traffic Manager. If you have any other load balancer, then deselect Configure Load Balancer, and manually configure that load balancer and the HTTP servers associated with it. Do not use this section in this case.
    5. In the Additional Parameters section, specify any additional Web tier-specific or application tier-specific parameters you want to pass to the Deployment Procedure. For example, -debug. You can specify any other Oracle Universal Installer (OUI) parameter that can be in this provisioning operation.

      IMPORTANT:

      If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in this section.

      This is to ensure that the password you specify in the Instance Details section is uniformly propagated to all OC4J instances that are being provisioned.

      However, if you still want to maintain different passwords for the provisioned OC4J instances, then after the deployment procedure ends successfully, access the application server console and change the passwords for the individual OC4J instances.

    6. In the Identify Management Configuration section, retain the default selection.

    7. Click Next.

  8. On the Configure Oracle Home page, do the following:

    1. If the hosts where the Web tier and application tier are being provisioned have a direct connection to the Internet, then specify an e-mail address and My Oracle Support password.

      An e-mail address is required so that security updates and install updates can be sent. You can specify any e-mail address, but Oracle recommends you to specify the My Oracle Support user name. For example, john.mathew@xyz.com.

      If the My Oracle Support password is incorrect, you will be allowed two more attempts. However, if your password is incorrect in all three attempts or if it is left blank, then you are registered anonymously, which means, the configuration information will be collected and uploaded to My Oracle Support but the uploaded information will not be associated with your My Oracle Support account. Therefore, if you log in to My Oracle Support with your credentials, you will not see this information displayed against your account. However, if you had specified an e-mail address, then you will continue to receive security updates and other notifications from Oracle to that e-mail address.

    2. If the hosts where the Web tier and application tier are being provisioned have an indirect connection to the Internet through a proxy server, then specify an e-mail address and My Oracle Support password, and then in the Connection Details section, specify the proxy server details.

      Note:

      You can change the proxy server settings any time after the Deployment Procedure ends. To do so, run the configCCR command from the /ccr/bin/ directory within the Oracle home directory of the provisioned application server.
    3. If the hosts where the Web tier and application tier are being provisioned do not have a direct or indirect connection to the Internet, then specify the e-mail address and leave the other fields blank.

      In this case, after you complete the installation process, manually collect the configuration information and upload it to My Oracle Support. To understand how the configuration information can be manually collected and uploaded, see the steps outlined in Manually Collecting and Uploading Configuration Information to My Oracle Support.

    4. Click Next.

  9. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Submit.

Provisioning from an Existing Cluster and Creating a New Cluster Without Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3) from an existing cluster, and create a new cluster without Internet directory.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • Compare the configuration of the source and target hosts and ensure that they have the same configuration. If the configurations are different, then contact your system administrator and fix the inconsistencies before running the Deployment Procedure.

    To compare the configuration of the hosts, in Grid Control, click Targets and then Hosts. On the Hosts page, click the name of the source host to access its Home page, and then click the Configuration tab. On the Configuration page, click Compare Configuration and select the target host.

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment.

  4. On the Source Selection page, in the Source Selection section, in the Select the source Oracle Homes from the Installed Cluster Environment subsection, do the following:

    1. Retain the default selection, that is, Select from Existing Cluster Installation.

    2. From the Select Cluster list, select an existing cluster from where the Web tier and application tier can be deployed. On selection of an existing cluster, the table gets populated with information about the Web tier and application tier that are part of it

    3. In the table, for Files to Exclude, specify the files in the Oracle home that you do not want to include while running this Deployment Procedure. You can specify either the file names or the file extensions, and separate multiple entries with a comma.

      And for Working Directory, retain the default value or specify another location that already exists on the source host and can be used to stage the file for cloning.

    4. If you want to deploy only one of the two products (application server or web server) from the selected source cluster, then click Reset to delete all values in the table. Once the values are reset, click the torch icon corresponding to the product that you want to deploy, and select the required target.

    5. If you want to save the Oracle homes as an image in the Software Library, select Save to Software Library.

    6. Click Next.

  5. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

    3. Click Next.

  6. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Agent Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    3. In the Source Oracle Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    4. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

    5. Click Next.

  7. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, select Create new Cluster. By default, Grid Control prefills the details based on an existing cluster. You can either use the default values or specify a new cluster name, installation directory, and multicast address and port. Also ensure that the multicast address and port are different from the ones configured for the source cluster.

      For Web Tier Install Base Directory and Application Tier Install Base Directory, ensure that you specify the absolute path to the directory where you want to deploy the Web tier and application tier, respectively.

      For Multicast Address, ensure that the address is within the range of 224.0.0.0 and 239.255.255.255. This is a single IP address for a set of nodes that are joined in a multicasting group.

    2. In the Instance Details section, specify unique instance names for the Web tier instance and application tier instance, and specify the OC4J administrator password for the source host and the target host.

      You can always change the default instance names with any other custom names. However, ensure that the names you specify are unique because, by default, the host name and domain name of that host are appended to the instance name you specify here.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in the Additional Parameters section. For more information, see Step 7 (e).

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, specify the HTTP load balancer host and listener ports to manage HTTP connections made by client applications. Alternatively, you can retain the default value, that is, 7777. Select Enable SSL if you want to secure the communications.

    4. In the Load Balancer Details section, select Configure Load Balancer and provide the required information if you have an F5 BIG-IP Local Traffic Manager load balancer configured.

      NOTE:

      Enterprise Manager Grid Control supports only F5 BIG-IP Local Traffic Manager. If you have any other load balancer, then deselect Configure Load Balancer, and manually configure that load balancer and the HTTP servers associated with it. Do not use this section in this case.
    5. In the Additional Parameters section, specify any additional Web tier-specific or application tier-specific parameters you want to pass to the Deployment Procedure. For example, -debug. You can specify any other Oracle Universal Installer (OUI) parameter that can be in this provisioning operation.

      IMPORTANT:

      If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in this section.

      This is to ensure that the password you specify in the Instance Details section is uniformly propagated to all OC4J instances that are being provisioned.

      However, if you still want to maintain different passwords for the provisioned OC4J instances, then after the deployment procedure ends successfully, access the application server console and change the passwords for the individual OC4J instances.

    6. In the Identify Management Configuration section, select None.

    7. Click Next.

  8. On the Configure Oracle Home page, do the following:

    1. If the hosts where the Web tier and application tier are being provisioned have a direct connection to the Internet, then specify an e-mail address and My Oracle Support password.

      An e-mail address is required so that security updates and install updates can be sent. You can specify any e-mail address, but Oracle recommends you to specify the My Oracle Support user name. For example, john.mathew@xyz.com.

      If the My Oracle Support password is incorrect, you will be allowed two more attempts. However, if your password is incorrect in all three attempts or if it is left blank, then you are registered anonymously, which means, the configuration information will be collected and uploaded to My Oracle Support but the uploaded information will not be associated with your My Oracle Support account. Therefore, if you log in to My Oracle Support with your credentials, you will not see this information displayed against your account. However, if you had specified an e-mail address, then you will continue to receive security updates and other notifications from Oracle to that e-mail address.

    2. If the hosts where the Web tier and application tier are being provisioned have an indirect connection to the Internet through a proxy server, then specify an e-mail address and My Oracle Support password, and then in the Connection Details section, specify the proxy server details.

      Note:

      You can change the proxy server settings any time after the Deployment Procedure ends. To do so, run the configCCR command from the /ccr/bin/ directory within the Oracle home directory of the provisioned application server.
    3. If the hosts where the Web tier and application tier are being provisioned do not have a direct or indirect connection to the Internet, then specify the e-mail address and leave the other fields blank.

      In this case, after you complete the installation process, manually collect the configuration information and upload it to My Oracle Support. To understand how the configuration information can be manually collected and uploaded, see the steps outlined in Manually Collecting and Uploading Configuration Information to My Oracle Support.

    4. Click Next.

  9. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Submit.

Provisioning from an Existing Cluster and Creating a New Cluster With Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3) from an existing cluster, and create a new cluster with Internet directory.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • Compare the configuration of the source and target hosts and ensure that they have the same configuration. If the configurations are different, then contact your system administrator and fix the inconsistencies before running the Deployment Procedure.

    To compare the configuration of the hosts, in Grid Control, click Targets and then Hosts. On the Hosts page, click the name of the source host to access its Home page, and then click the Configuration tab. On the Configuration page, click Compare Configuration and select the target host.

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment.

  4. On the Source Selection page, in the Source Selection section, in the Select the source Oracle Homes from the Installed Cluster Environment subsection, do the following:

    1. Retain the default selection, that is, Select from Existing Cluster Installation.

    2. From the Select Cluster list, select an existing cluster from where the Web tier and application tier can be deployed. On selection of an existing cluster, the table gets populated with information about the Web tier and application tier that are part of it

    3. In the table, for Files to Exclude, specify the files in the Oracle home that you do not want to include while running this Deployment Procedure. You can specify either the file names or the file extensions, and separate multiple entries with a comma.

      And for Working Directory, retain the default value or specify another location that already exists on the source host and can be used to stage the file for cloning.

    4. If you want to deploy only one of the two products (application server or web server) from the selected source cluster, then click Reset to delete all values in the table. Once the values are reset, click the torch icon corresponding to the product that you want to deploy, and select the required target.

    5. If you want to save the Oracle homes as an image in the Software Library, select Save to Software Library.

    6. Click Next. Enterprise Manager Grid Control displays the Target List page.

  5. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

    3. Click Next.

  6. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Agent Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    3. In the Source Oracle Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    4. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

  7. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, select Create new Cluster. By default, Grid Control prefills the details based on an existing cluster. You can either use the default values or specify a new cluster name, installation directory, and multicast address and port. Also ensure that the multicast address and port are different from the ones configured for the source cluster.

      For Web Tier Install Base Directory and Application Tier Install Base Directory, ensure that you specify the absolute path to the directory where you want to deploy the Web tier and application tier, respectively.

      For Multicast Address, ensure that the address is within the range of 224.0.0.0 and 239.255.255.255. This is a single IP address for a set of nodes that are joined in a multicasting group.

    2. In the Instance Details section, specify unique instance names for the Web tier instance and application tier instance, and specify the OC4J administrator password for the source host and the target host.

      You can always change the default instance names with any other custom names. However, ensure that the names you specify are unique because, by default, the host name and domain name of that host are appended to the instance name you specify here.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in the Additional Parameters section. For more information, see Step 7 (e).

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, specify the HTTP load balancer host and listener ports to manage HTTP connections made by client applications. Alternatively, you can retain the default value, that is, 7777. Select Enable SSL if you want to secure the communications.

    4. In the Load Balancer Details section, select Configure Load Balancer and provide the required information if you have an F5 BIG-IP Local Traffic Manager load balancer configured.

      NOTE:

      Enterprise Manager Grid Control supports only F5 BIG-IP Local Traffic Manager. If you have any other load balancer, then deselect Configure Load Balancer, and manually configure that load balancer and the HTTP servers associated with it. Do not use this section in this case.
    5. In the Additional Parameters section, specify any additional Web tier-specific or application tier-specific parameters you want to pass to the Deployment Procedure. For example, -debug. You can specify any other Oracle Universal Installer (OUI) parameter that can be in this provisioning operation.

      IMPORTANT:

      If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in this section.

      This is to ensure that the password you specify in the Instance Details section is uniformly propagated to all OC4J instances that are being provisioned.

      However, if you still want to maintain different passwords for the provisioned OC4J instances, then after the deployment procedure ends successfully, access the application server console and change the passwords for the individual OC4J instances.

    6. In the Identify Management Configuration section, select Configure Java Authentication and Authorization Service (JAZN) with a LDAP-based provider.

      Using this option, you can set up JAZN LDAP-based provider for authentication and authorization for OC4J application.

      Java Authentication and Authorization Service (JAAS) is a Java package that enables services and applications to authenticate and enforce access controls upon users. Oracle Application Server 10g Containers for J2EE (OC4J) supports JAAS by implementing a JAAS provider (also called as JAZN).

      The JAAS provider provides application developers with user authentication, authorization, and delegation services to integrate into their application environments. It also supports JAAS policies. Policies contain the rules (permissions) that authorize a user to use resources, such as reading a file and so on.

    7. Click Next. Enterprise Manager Grid Control displays the Identity Management page.

  8. On the Identity Management page, do the following:

    1. In the Identity Management Host Details section, specify the connection information for the Internet Directory to be used for Identity Management of the Oracle Application Server users and groups. If you do not have an Internet Directory installed, install it using the OracleAS Infrastructure component.

    2. In the Internet Directory Login Details section, specify credentials of the user who belongs to the iASAdmin group in the Internet Directory.

    3. Click Next. Enterprise Manager Grid Control displays the Configure Oracle Home page.

  9. On the Configure Oracle Home page, do the following:

    1. If the hosts where the Web tier and application tier are being provisioned have a direct connection to the Internet, then specify an e-mail address and My Oracle Support password.

      An e-mail address is required so that security updates and install updates can be sent. You can specify any e-mail address, but Oracle recommends you to specify the My Oracle Support user name. For example, john.mathew@xyz.com.

      If the My Oracle Support password is incorrect, you will be allowed two more attempts. However, if your password is incorrect in all three attempts or if it is left blank, then you are registered anonymously, which means, the configuration information will be collected and uploaded to My Oracle Support but the uploaded information will not be associated with your My Oracle Support account. Therefore, if you log in to My Oracle Support with your credentials, you will not see this information displayed against your account. However, if you had specified an e-mail address, then you will continue to receive security updates and other notifications from Oracle to that e-mail address.

    2. If the hosts where the Web tier and application tier are being provisioned have an indirect connection to the Internet through a proxy server, then specify an e-mail address and My Oracle Support password, and then in the Connection Details section, specify the proxy server details.

      Note:

      You can change the proxy server settings any time after the Deployment Procedure ends. To do so, run the configCCR command from the /ccr/bin/ directory within the Oracle home directory of the provisioned application server.
    3. If the hosts where the Web tier and application tier are being provisioned do not have a direct or indirect connection to the Internet, then specify the e-mail address and leave the other fields blank.

      In this case, after you complete the installation process, manually collect the configuration information and upload it to My Oracle Support. To understand how the configuration information can be manually collected and uploaded, see the steps outlined in Manually Collecting and Uploading Configuration Information to My Oracle Support.

  10. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Submit.

Provisioning a New Installation or Gold Image of Oracle Application Server

This section describes how you can provision a new installation or a gold image of Oracle Application Server. In particular, this section covers the following:

Provisioning and Creating a New Cluster Without Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3), which are identical either to the ones available on the installation medium or a gold image available in the Software Library, and create a new cluster without Internet directory.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • Compare the configuration of the source and target hosts and ensure that they have the same configuration. If the configurations are different, then contact your system administrator and fix the inconsistencies before running the Deployment Procedure.

    To compare the configuration of the hosts, in Grid Control, click Targets and then Hosts. On the Hosts page, click the name of the source host to access its Home page, and then click the Configuration tab. On the Configuration page, click Compare Configuration and select the target host.

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment.

  4. On the Source Selection page, in the Source Selection section, in the Select the Gold Image of an Oracle Home or a shiphome from the Software Library subsection, do the following:

    1. Select Select from Software Library.

    2. In the Source for Web Tier section, click the torch icon and select the generic component that contains the Web tier.

    3. In the Source for App Tier section, click the torch icon and select the generic component that contains the application tier.

      Note:

      When you click the torch icon to search for components, the Select Component page displays the components available in the Software Library.
      • If you want to deploy a fresh installation, then select the shiphome component that is in "Ready" status. By default, the Select Component page does not display components with "Active" status.

      • If you want to deploy a gold image, then select the gold image component that is either in "Ready" or "Active" status.

    4. Click Next.

  5. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

    3. Click Next.

  6. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Agent Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    3. In the Source Oracle Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    4. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

    5. Click Next.

  7. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, select Create new Cluster. By default, Grid Control prefills the details based on an existing cluster. You can either use the default values or specify a new cluster name, installation directory, and multicast address and port. Also ensure that the multicast address and port are different from the ones configured for the source cluster.

      For Web Tier Install Base Directory and Application Tier Install Base Directory, ensure that you specify the absolute path to the directory where you want to deploy the Web tier and application tier, respectively.

      For Multicast Address, ensure that the address is within the range of 224.0.0.0 and 239.255.255.255. This is a single IP address for a set of nodes that are joined in a multicasting group.

    2. In the Instance Details section, specify unique instance names for the Web tier instance and application tier instance, and specify the OC4J administrator password for the source host and the target host.

      You can always change the default instance names with any other custom names. However, ensure that the names you specify are unique because, by default, the host name and domain name of that host are appended to the instance name you specify here.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in the Additional Parameters section. For more information, see Step 7 (e).

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, specify the HTTP load balancer host and listener ports to manage HTTP connections made by client applications. Alternatively, you can retain the default value, that is, 7777. Select Enable SSL if you want to secure the communications.

    4. In the Load Balancer Details section, select Configure Load Balancer and provide the required information if you have an F5 BIG-IP Local Traffic Manager load balancer configured.

      NOTE:

      Enterprise Manager Grid Control supports only F5 BIG-IP Local Traffic Manager. If you have any other load balancer, then deselect Configure Load Balancer, and manually configure that load balancer and the HTTP servers associated with it. Do not use this section in this case.
    5. In the Additional Parameters section, specify any additional Web tier-specific or application tier-specific parameters you want to pass to the Deployment Procedure. For example, -debug. You can specify any other Oracle Universal Installer (OUI) parameter that can be in this provisioning operation.

      IMPORTANT:

      If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in this section.

      This is to ensure that the password you specify in the Instance Details section is uniformly propagated to all OC4J instances that are being provisioned.

      However, if you still want to maintain different passwords for the provisioned OC4J instances, then after the deployment procedure ends successfully, access the application server console and change the passwords for the individual OC4J instances.

    6. In the Identify Management Configuration section, select None.

    7. Click Next.

  8. On the Configure Oracle Home page, do the following:

    1. If the hosts where the Web tier and application tier are being provisioned have a direct connection to the Internet, then specify an e-mail address and My Oracle Support password.

      An e-mail address is required so that security updates and install updates can be sent. You can specify any e-mail address, but Oracle recommends you to specify the My Oracle Support user name. For example, john.mathew@xyz.com.

      If the My Oracle Support password is incorrect, you will be allowed two more attempts. However, if your password is incorrect in all three attempts or if it is left blank, then you are registered anonymously, which means, the configuration information will be collected and uploaded to My Oracle Support but the uploaded information will not be associated with your My Oracle Support account. Therefore, if you log in to My Oracle Support with your credentials, you will not see this information displayed against your account. However, if you had specified an e-mail address, then you will continue to receive security updates and other notifications from Oracle to that e-mail address.

    2. If the hosts where the Web tier and application tier are being provisioned have an indirect connection to the Internet through a proxy server, then specify an e-mail address and My Oracle Support password, and then in the Connection Details section, specify the proxy server details.

      Note:

      You can change the proxy server settings any time after the Deployment Procedure ends. To do so, run the configCCR command from the /ccr/bin/ directory within the Oracle home directory of the provisioned application server.
    3. If the hosts where the Web tier and application tier are being provisioned do not have a direct or indirect connection to the Internet, then specify the e-mail address and leave the other fields blank.

      In this case, after you complete the installation process, manually collect the configuration information and upload it to My Oracle Support. To understand how the configuration information can be manually collected and uploaded, see the steps outlined in Manually Collecting and Uploading Configuration Information to My Oracle Support.

    4. Click Next.

  9. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Submit.

Provisioning and Creating a New Cluster With Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3), which are identical either to the ones available on the installation medium or a gold image available in the Software Library, and create a new cluster with Internet directory.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • Compare the configuration of the source and target hosts and ensure that they have the same configuration. If the configurations are different, then contact your system administrator and fix the inconsistencies before running the Deployment Procedure.

    To compare the configuration of the hosts, in Grid Control, click Targets and then Hosts. On the Hosts page, click the name of the source host to access its Home page, and then click the Configuration tab. On the Configuration page, click Compare Configuration and select the target host.

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment.

  4. On the Source Selection page, in the Source Selection section, in the Select the Gold Image of an Oracle Home or a shiphome from the Software Library subsection, do the following:

    1. Select Select from Software Library.

    2. In the Source for Web Tier section, click the torch icon and select the generic component that contains the Web tier.

    3. In the Source for App Tier section, click the torch icon and select the generic component that contains the application tier.

      Note:

      When you click the torch icon to search for components, the Select Component page displays the components available in the Software Library.
      • If you want to deploy a fresh installation, then select the shiphome component that is in "Ready" status. By default, the Select Component page does not display components with "Active" status.

      • If you want to deploy a gold image, then select the gold image component that is either in "Ready" or "Active" status.

    4. Click Next.

  5. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

    3. Click Next.

  6. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Agent Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    3. In the Source Oracle Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    4. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

    5. Click Next.

  7. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, select Create new Cluster. By default, Grid Control prefills the details based on an existing cluster. You can either use the default values or specify a new cluster name, installation directory, and multicast address and port. Also ensure that the multicast address and port are different from the ones configured for the source cluster.

      For Web Tier Install Base Directory and Application Tier Install Base Directory, ensure that you specify the absolute path to the directory where you want to deploy the Web tier and application tier, respectively.

      For Multicast Address, ensure that the address is within the range of 224.0.0.0 and 239.255.255.255. This is a single IP address for a set of nodes that are joined in a multicasting group.

    2. In the Instance Details section, specify unique instance names for the Web tier instance and application tier instance, and specify the OC4J administrator password for the source host and the target host.

      You can always change the default instance names with any other custom names. However, ensure that the names you specify are unique because, by default, the host name and domain name of that host are appended to the instance name you specify here.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in the Additional Parameters section. For more information, see Step 7 (e).

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, specify the HTTP load balancer host and listener ports to manage HTTP connections made by client applications. Alternatively, you can retain the default value, that is, 7777. Select Enable SSL if you want to secure the communications.

    4. In the Load Balancer Details section, select Configure Load Balancer and provide the required information if you have an F5 BIG-IP Local Traffic Manager load balancer configured.

      NOTE:

      Enterprise Manager Grid Control supports only F5 BIG-IP Local Traffic Manager. If you have any other load balancer, then deselect Configure Load Balancer, and manually configure that load balancer and the HTTP servers associated with it. Do not use this section in this case.
    5. In the Additional Parameters section, specify any additional Web tier-specific or application tier-specific parameters you want to pass to the Deployment Procedure. For example, -debug. You can specify any other Oracle Universal Installer (OUI) parameter that can be in this provisioning operation.

      IMPORTANT:

      If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in this section.

      This is to ensure that the password you specify in the Instance Details section is uniformly propagated to all OC4J instances that are being provisioned.

      However, if you still want to maintain different passwords for the provisioned OC4J instances, then after the deployment procedure ends successfully, access the application server console and change the passwords for the individual OC4J instances.

    6. In the Identify Management Configuration section, select Configure Java Authentication and Authorization Service (JAZN) with a LDAP-based provider.

      Using this option, you can set up JAZN LDAP-based provider for authentication and authorization for OC4J application.

      Java Authentication and Authorization Service (JAAS) is a Java package that enables services and applications to authenticate and enforce access controls upon users. Oracle Application Server 10g Containers for J2EE (OC4J) supports JAAS by implementing a JAAS provider (also called as JAZN).

      The JAAS provider provides application developers with user authentication, authorization, and delegation services to integrate into their application environments. It also supports JAAS policies. Policies contain the rules (permissions) that authorize a user to use resources, such as reading a file and so on.

    7. Click Next.

  8. On the Identity Management page, do the following:

    1. In the Identity Management Host Details section, specify the connection information for the Internet Directory to be used for Identity Management of the Oracle Application Server users and groups. If you do not have an Internet Directory installed, install it using the OracleAS Infrastructure component.

    2. In the Internet Directory Login Details section, specify credentials of the user who belongs to the iASAdmin group in the Internet Directory.

    3. Click Next.

  9. On the Configure Oracle Home page, do the following:

    1. If the hosts where the Web tier and application tier are being provisioned have a direct connection to the Internet, then specify an e-mail address and My Oracle Support password.

      An e-mail address is required so that security updates and install updates can be sent. You can specify any e-mail address, but Oracle recommends you to specify the My Oracle Support user name. For example, john.mathew@xyz.com.

      If the My Oracle Support password is incorrect, you will be allowed two more attempts. However, if your password is incorrect in all three attempts or if it is left blank, then you are registered anonymously, which means, the configuration information will be collected and uploaded to My Oracle Support but the uploaded information will not be associated with your My Oracle Support account. Therefore, if you log in to My Oracle Support with your credentials, you will not see this information displayed against your account. However, if you had specified an e-mail address, then you will continue to receive security updates and other notifications from Oracle to that e-mail address.

    2. If the hosts where the Web tier and application tier are being provisioned have an indirect connection to the Internet through a proxy server, then specify an e-mail address and My Oracle Support password, and then in the Connection Details section, specify the proxy server details.

      Note:

      You can change the proxy server settings any time after the Deployment Procedure ends. To do so, run the configCCR command from the /ccr/bin/ directory within the Oracle home directory of the provisioned application server.
    3. If the hosts where the Web tier and application tier are being provisioned do not have a direct or indirect connection to the Internet, then specify the e-mail address and leave the other fields blank.

      In this case, after you complete the installation process, manually collect the configuration information and upload it to My Oracle Support. To understand how the configuration information can be manually collected and uploaded, see the steps outlined in Manually Collecting and Uploading Configuration Information to My Oracle Support.

    4. Click Next.

  10. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Submit.

Provisioning and Treating Oracle Application Server as a Standalone Instance Without Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3), which are identical either to the ones available on the installation medium or a gold image available in the Software Library, and treat that as a standalone instance without Internet directory.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • Compare the configuration of the source and target hosts and ensure that they have the same configuration. If the configurations are different, then contact your system administrator and fix the inconsistencies before running the Deployment Procedure.

    To compare the configuration of the hosts, in Grid Control, click Targets and then Hosts. On the Hosts page, click the name of the source host to access its Home page, and then click the Configuration tab. On the Configuration page, click Compare Configuration and select the target host.

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment.

  4. On the Source Selection page, in the Source Selection section, in the Select the Gold Image of an Oracle Home or a shiphome from the Software Library subsection, do the following:

    1. Select Select from Software Library.

    2. In the Source for Web Tier section, click the torch icon and select the generic component that contains the Web tier.

    3. In the Source for App Tier section, click the torch icon and select the generic component that contains the application tier.

      Note:

      When you click the torch icon to search for components, the Select Component page displays the components available in the Software Library.
      • If you want to deploy a fresh installation, then select the shiphome component that is in "Ready" status. By default, the Select Component page does not display components with "Active" status.

      • If you want to deploy a gold image, then select the gold image component that is either in "Ready" or "Active" status.

    4. Click Next.

  5. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

    3. Click Next.

  6. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Agent Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    3. In the Source Oracle Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    4. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

    5. Click Next.

  7. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, select Standalone AS.

    2. In the Instance Details section, specify unique instance names for the Web tier instance and application tier instance, and specify the OC4J administrator password for the source host and the target host.

      You can always change the default instance names with any other custom names. However, ensure that the names you specify are unique because, by default, the host name and domain name of that host are appended to the instance name you specify here.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in the Additional Parameters section. For more information, see Step 7 (e).

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, specify the HTTP load balancer host and listener ports to manage HTTP connections made by client applications. Alternatively, you can retain the default value, that is, 7777. Select Enable SSL if you want to secure the communications.

    4. In the Load Balancer Details section, select Configure Load Balancer and provide the required information if you have an F5 BIG-IP Local Traffic Manager load balancer configured.

      NOTE:

      Enterprise Manager Grid Control supports only F5 BIG-IP Local Traffic Manager. If you have any other load balancer, then deselect Configure Load Balancer, and manually configure that load balancer and the HTTP servers associated with it. Do not use this section in this case.
    5. In the Additional Parameters section, specify any additional Web tier-specific or application tier-specific parameters you want to pass to the Deployment Procedure. For example, -debug. You can specify any other Oracle Universal Installer (OUI) parameter that can be in this provisioning operation.

      IMPORTANT:

      If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in this section.

      This is to ensure that the password you specify in the Instance Details section is uniformly propagated to all OC4J instances that are being provisioned.

      However, if you still want to maintain different passwords for the provisioned OC4J instances, then after the deployment procedure ends successfully, access the application server console and change the passwords for the individual OC4J instances.

    6. In the Identify Management Configuration section, select None.

    7. Click Next.

  8. On the Configure Oracle Home page, do the following:

    1. If the hosts where the Web tier and application tier are being provisioned have a direct connection to the Internet, then specify an e-mail address and My Oracle Support password.

      An e-mail address is required so that security updates and install updates can be sent. You can specify any e-mail address, but Oracle recommends you to specify the My Oracle Support user name. For example, john.mathew@xyz.com.

      If the My Oracle Support password is incorrect, you will be allowed two more attempts. However, if your password is incorrect in all three attempts or if it is left blank, then you are registered anonymously, which means, the configuration information will be collected and uploaded to My Oracle Support but the uploaded information will not be associated with your My Oracle Support account. Therefore, if you log in to My Oracle Support with your credentials, you will not see this information displayed against your account. However, if you had specified an e-mail address, then you will continue to receive security updates and other notifications from Oracle to that e-mail address.

    2. If the hosts where the Web tier and application tier are being provisioned have an indirect connection to the Internet through a proxy server, then specify an e-mail address and My Oracle Support password, and then in the Connection Details section, specify the proxy server details.

      Note:

      You can change the proxy server settings any time after the Deployment Procedure ends. To do so, run the configCCR command from the /ccr/bin/ directory within the Oracle home directory of the provisioned application server.
    3. If the hosts where the Web tier and application tier are being provisioned do not have a direct or indirect connection to the Internet, then specify the e-mail address and leave the other fields blank.

      In this case, after you complete the installation process, manually collect the configuration information and upload it to My Oracle Support. To understand how the configuration information can be manually collected and uploaded, see the steps outlined in Manually Collecting and Uploading Configuration Information to My Oracle Support.

    4. Click Next.

  9. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Submit.

Provisioning and Treating Oracle Application Server as a Standalone Instance With Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3), which are identical either to the ones available on the installation medium or a gold image available in the Software Library, and treat that as a standalone instance with Internet directory.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • Compare the configuration of the source and target hosts and ensure that they have the same configuration. If the configurations are different, then contact your system administrator and fix the inconsistencies before running the Deployment Procedure.

    To compare the configuration of the hosts, in Grid Control, click Targets and then Hosts. On the Hosts page, click the name of the source host to access its Home page, and then click the Configuration tab. On the Configuration page, click Compare Configuration and select the target host.

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment.

  4. On the Source Selection page, in the Source Selection section, in the Select the Gold Image of an Oracle Home or a shiphome from the Software Library subsection, do the following:

    1. Select Select from Software Library.

    2. In the Source for Web Tier section, click the torch icon and select the generic component that contains the Web tier.

    3. In the Source for App Tier section, click the torch icon and select the generic component that contains the application tier.

      Note:

      When you click the torch icon to search for components, the Select Component page displays the components available in the Software Library.
      • If you want to deploy a fresh installation, then select the shiphome component that is in "Ready" status. By default, the Select Component page does not display components with "Active" status.

      • If you want to deploy a gold image, then select the gold image component that is either in "Ready" or "Active" status.

    4. Click Next.

  5. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

    3. Click Next.

  6. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Agent Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    3. In the Source Oracle Home Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      To override the preferred credentials with another set of credentials, select Override Preferred Credentials. From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    4. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

    5. Click Next.

  7. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, select Standalone As.

    2. In the Instance Details section, specify unique instance names for the Web tier instance and application tier instance, and specify the OC4J administrator password for the source host and the target host.

      You can always change the default instance names with any other custom names. However, ensure that the names you specify are unique because, by default, the host name and domain name of that host are appended to the instance name you specify here.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in the Additional Parameters section. For more information, see Step 7 (e).

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, specify the HTTP load balancer host and listener ports to manage HTTP connections made by client applications. Alternatively, you can retain the default value, that is, 7777. Select Enable SSL if you want to secure the communications.

    4. In the Load Balancer Details section, select Configure Load Balancer and provide the required information if you have an F5 BIG-IP Local Traffic Manager load balancer configured.

      NOTE:

      Enterprise Manager Grid Control supports only F5 BIG-IP Local Traffic Manager. If you have any other load balancer, then deselect Configure Load Balancer, and manually configure that load balancer and the HTTP servers associated with it. Do not use this section in this case.
    5. In the Additional Parameters section, specify any additional Web tier-specific or application tier-specific parameters you want to pass to the Deployment Procedure. For example, -debug. You can specify any other Oracle Universal Installer (OUI) parameter that can be in this provisioning operation.

      IMPORTANT:

      If you are cloning an application server with multiple OC4J instances that have different passwords, then ensure that you use the -force command as an additional parameter in this section.

      This is to ensure that the password you specify in the Instance Details section is uniformly propagated to all OC4J instances that are being provisioned.

      However, if you still want to maintain different passwords for the provisioned OC4J instances, then after the deployment procedure ends successfully, access the application server console and change the passwords for the individual OC4J instances.

    6. In the Identify Management Configuration section, select Configure Java Authentication and Authorization Service (JAZN) with a LDAP-based provider.

      Using this option, you can set up JAZN LDAP-based provider for authentication and authorization for OC4J application.

      Java Authentication and Authorization Service (JAAS) is a Java package that enables services and applications to authenticate and enforce access controls upon users. Oracle Application Server 10g Containers for J2EE (OC4J) supports JAAS by implementing a JAAS provider (also called as JAZN).

      The JAAS provider provides application developers with user authentication, authorization, and delegation services to integrate into their application environments. It also supports JAAS policies. Policies contain the rules (permissions) that authorize a user to use resources, such as reading a file and so on.

    7. Click Next.

  8. On the Identity Management page, do the following:

    1. In the Identity Management Host Details section, specify the connection information for the Internet Directory to be used for Identity Management of the Oracle Application Server users and groups. If you do not have an Internet Directory installed, install it using the OracleAS Infrastructure component.

    2. In the Internet Directory Login Details section, specify credentials of the user who belongs to the iASAdmin group in the Internet Directory.

    3. Click Next. Enterprise Manager Grid Control displays the Configure Oracle Home page.

  9. On the Configure Oracle Home page, do the following:

    1. If the hosts where the Web tier and application tier are being provisioned have a direct connection to the Internet, then specify an e-mail address and My Oracle Support password.

      An e-mail address is required so that security updates and install updates can be sent. You can specify any e-mail address, but Oracle recommends you to specify the My Oracle Support user name. For example, john.mathew@xyz.com.

      If the My Oracle Support password is incorrect, you will be allowed two more attempts. However, if your password is incorrect in all three attempts or if it is left blank, then you are registered anonymously, which means, the configuration information will be collected and uploaded to My Oracle Support but the uploaded information will not be associated with your My Oracle Support account. Therefore, if you log in to My Oracle Support with your credentials, you will not see this information displayed against your account. However, if you had specified an e-mail address, then you will continue to receive security updates and other notifications from Oracle to that e-mail address.

    2. If the hosts where the Web tier and application tier are being provisioned have an indirect connection to the Internet through a proxy server, then specify an e-mail address and My Oracle Support password, and then in the Connection Details section, specify the proxy server details.

      Note:

      You can change the proxy server settings any time after the Deployment Procedure ends. To do so, run the configCCR command from the /ccr/bin/ directory within the Oracle home directory of the provisioned application server.
    3. If the hosts where the Web tier and application tier are being provisioned do not have a direct or indirect connection to the Internet, then specify the e-mail address and leave the other fields blank.

      In this case, after you complete the installation process, manually collect the configuration information and upload it to My Oracle Support. To understand how the configuration information can be manually collected and uploaded, see the steps outlined in Manually Collecting and Uploading Configuration Information to My Oracle Support.

    4. Click Next.

  10. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Submit.

Provisioning Oracle Application Server 10g Release 1 (10.1.2.0.2)

This section describes how you can provision Oracle Application Server 10g Release 1 (10.1.2.0.2). In particular, this section covers the following:

Note:

You can provision Oracle Application Server 10g Release 1 (10.1.2.0.2) only using the software binaries archived from the installation medium and stored in the Software Library.

Provisioning Oracle Application Server and Creating a New Cluster Without Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3), which are identical to the ones available on the installation medium, and create a new cluster without Internet directory.

This option is best suited when you want a completely new installation to be provisioned across multiple hosts. Of course, understandably, this is a fresh installation and you will have to update it with all the latest patches that have been released so far.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment.

  4. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

      Web Tier Hosts
    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

      Application Tier Hosts
    3. Click Next.

  5. On the Upload page, from the Shiphomes from Software Library section, click Upload to select a component from the software library that contains the gold images of the application tier and Web tier that you want to deploy.

  6. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, for Cluster Name, specify a name for the cluster. Alternatively, you can retain the default name provided.

      For Web Tier Install Base Directory and Application Tier Install Base Directory, ensure that you specify the absolute path to the directory where you want to deploy the Web tier and application tier, respectively. For example, if you specify /scratch/appserver/ as the Web tier install base directory, then the Web tier is installed in /scratch/appserver/10gWebTier.

    2. In the Instance Details section, for Instance Name, specify a unique name and the ias_admin password. Alternatively, you can retain the default name provided.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, specify the HTTP load balancer host, the listener port, and the Application Server Control port to manage HTTP connections made by client applications. Alternatively, you can retain the default value, that is, 7777 and 1810, for Oracle HTTP Server Port and Application Server Control port, respectively. Select Enable SSL if you want to secure the communications.

    4. In the Identify Management Configuration section, select None.

    5. Click Next.

  7. On the Library Step Properties page, specify property values for the custom library steps, and click Next.

  8. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

    3. Click Next.

  9. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Finish.

Provisioning Oracle Application Server and Creating a New Cluster With Internet Directory

This section describes how you can provision the application tier and Web tier of Oracle Application Server 10g Release 1 (10.1.3), which are identical to the ones available on the installation medium, and create a new cluster with Internet directory.

This option is best suited when you want a completely new installation to be provisioned across multiple hosts. Of course, understandably, this is a fresh installation and you will have to update it with all the latest patches that have been released so far.

In particular, this section covers the following:

Prerequisites

Before running the Deployment Procedure, meet the following prerequisites:

Prerequisites for Designers

  • Ensure that you meet the prerequisites described in the following sections:

  • If you are deploying multiple Web tiers, then ensure that a Software Load Balancer is set up and is accessible from the Web tier's hosts.

    The Software Library provides a script to configure the F5 Big IP Application Switch (Software Version 4.5 PTF.5) load balancer on the selected Web tiers. For other systems such as Cisco CSM 3.1, overwrite the script with your specific configuration. The script is available in the following location of the Software Library:

    Directives/Oracle Directives/Loadbalancer

  • Ensure that the installation base directory, where the Web tier and application tier will be installed, is accessible (but not shared) on all target hosts.

Prerequisites for Operators

  • If you have PAM/LDAP enabled in your environment, then ensure that the target agents are configured with PAM/LDAP. For more information, see My Oracle Support note 422073.1.

  • Ensure that you use an operating system user that has the privileges to run the Deployment Procedure, and that can switch to root user and run all commands on the target hosts. For example, commands such as mkdir, ls, and so on.

    If you do not have the privileges to do so, that is, if you are using a locked account, then request your administrator (a designer) to either customize the Deployment Procedure to run it as another user or ignore the steps that require special privileges.

    For example, user account A might have the root privileges, but you might use user account B to run the Deployment Procedure. In this case, you can switch from user account B to A by customizing the Deployment Procedure.

    For information about customization, see Chapter 31, "Customizing Steps to Run as Another User".

Provisioning Procedure

To provision a Web tier and an application tier, follow these steps:

  1. In Grid Control, click the Deployments tab.

  2. On the Deployments page, in the Deployment Procedure Manager section, click Application Server Provisioning Procedures.

  3. On the Deployment Procedure Manager page, in the Procedures subtab, from the table, select Application Server Deployment 10.1.3. Then click Schedule Deployment.

  4. On the Target List page, do the following:

    1. In the Web Tier Hosts section, click Add to add hosts on which you want to deploy the Web tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the application tier.

    2. In the Application Tier Hosts section, click Add to add hosts on which you want to deploy the application tier. Ensure that the platform of this host is the same as the platform of the host on which you want to deploy the Web tier.

    3. Click Next.

  5. On the Upload page, from the Shiphomes from Software Library section, click Upload to select a component from the software library that contains the gold images of the application tier and Web tier that you want to deploy.

  6. On the Application and Web Tier page, do the following:

    1. In the Cluster Details section, for Cluster Name, specify a name for the cluster. Alternatively, you can retain the default name provided.

      For Web Tier Install Base Directory and Application Tier Install Base Directory, ensure that you specify the absolute path to the directory where you want to deploy the Web tier and application tier, respectively. For example, if you specify /scratch/appserver/ as the Web tier install base directory, then the Web tier is installed in /scratch/appserver/10gWebTier.

    2. In the Instance Details section, for Instance Name, specify a unique name and the ias_admin password. Alternatively, you can retain the default name provided.

      IMPORTANT:

      • Each Oracle Application Server 10g instance has its own password, regardless of which user performed the installation. Passwords are not shared across instances, even if the instances were installed by the same user.

      • The passwords you specify here must contain a minimum of 5 and a maximum of 30 alphanumeric characters. It can include underscore (_), dollar ($), or pound (#) characters. It must start with an alphabet and must contain at least one numeric value.

    3. In the Port Details section, specify the HTTP load balancer host, the listener port, and the Application Server Control port to manage HTTP connections made by client applications. Alternatively, you can retain the default value, that is, 7777 and 1810, for Oracle HTTP Server Port and Application Server Control port, respectively. Select Enable SSL if you want to secure the communications.

    4. In the Identify Management Configuration section, select Configure Java Authentication and Authorization Service (JAZN) with a LDAP-based provider.

    5. Click Next.

  7. On the Identity Management page, do the following:

    1. In the Identity Management Host Details section, specify the connection information for the Internet Directory to be used for Identity Management of the Oracle Application Server users and groups. If you do not have an Internet Directory installed, install it using the OracleAS Infrastructure component.

    2. In the Internet Directory Login Details section, specify credentials of the user who belongs to the iASAdmin group in the Internet Directory.

    3. Click Next.

  8. On the Library Step Properties page, specify property values for the custom library steps, and click Next.

  9. On the Credentials/Schedule page, do the following:

    1. In the Target Host Credentials section, retain the default section, that is, Preferred Credentials so that the preferred credentials stored in the Management Repository can be used.

      Note:

      You can optionally override these preferred credentials. The credentials you specify here are used by the Deployment Procedure to run the provisioning operation. If this environment is secure and has locked accounts, then make sure that:
      • The credentials you specify here have the necessary privileges to switch to the locked account for performing the provisioning operation.

      • The Deployment Procedures has been customized to support locked environments.

      For more information, see Chapter 31, "Customizing Steps to Run as Another User".

      From the Host Credentials list, select Same for all Oracle Homes if you want to use the same operating system credentials across hosts, or select Different for each Oracle Home if you want to use different credentials for each host. According to the selection you make, specify the credentials. Ensure that the users belong to the same operating system group.

    2. In the Schedule section, schedule the Deployment Procedure to run either immediately or later.

    3. Click Next.

  10. On the Review page, review the details you have provided for provisioning a Web tier and application tier, and click Finish.

Provisioning Oracle SOA Suite 10g (10.1.3.x)

The use cases and the prerequisites and deployment instructions for each of the use cases for provisioning Oracle SOA Suite 10g (10.1.3.x) are almost the same as the ones described in Provisioning Oracle Application Server 10g Release 1 (10.1.3).

The only differences are: