|Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management
11g Release 1 (11.1.1)
Part Number E12035-06
For this high availability topology, you must configure server migration for the WLS_OIM1, WLS_SOA1, WLS_OIM2, and WLS_SOA2 managed servers. The WLS_OIM1 and WLS_SOA1 managed server are configured to restart on OIMHOST2 should a failure occur. The WLS_OIM2 and WLS_SOA2 managed servers are configured to restart on OIMHOST1 should a failure occur. For this configuration, the WLS_OIM1, WLS_SOA1, WLS_OIM2 and WLS_SOA2 servers listen on specific floating IPs that are failed over by WLS Server Migration. Configuring server migration for the managed servers consists of the following steps.
The following steps enable server migration for the WLS_OIM1, WLS_SOA1, WLS_OIM2, and WLS_SOA2 managed servers. This allows a managed server to fail over to another node in the case of server or process failure.
The first step to set up a user and tablespace for the server migration leasing table:
Note:If other servers in the same domain have already been configured with server migration, the same tablespace and data sources can be used. In that case, the data sources and multi data source for database leasing do not need to be recreated, but they will have to be retargeted to the clusters being configured with server migration.
Create a tablespace called 'leasing'. For example, log on to SQL*Plus as the sysdba user and run the following command:
SQL> create tablespace leasing logging datafile 'DB_HOME/oradata/orcl/leasing.dbf' size 32m autoextend on next 32m maxsize 2048m extent management local;
Create a user named 'leasing' and assign to it the leasing tablespace:
SQL> create user leasing identified by welcome1; SQL> grant create table to leasing; SQL> grant create session to leasing; SQL> alter user leasing default tablespace leasing; SQL> alter user leasing quota unlimited on LEASING;
Copy the leasing.ddl file located in either the WL_HOME/server/db/oracle/817 or the WL_HOME/server/db/oracle/920 directory to your database node.
Connect to the database as the leasing user.
Run the leasing.ddl script in SQL*Plus:
The second step is to create a multi data source for the leasing table from the Oracle WebLogic Server Administration Console. You create a data source to each of the Oracle RAC database instances during the process of setting up the multi data source, both for these data sources and the global leasing multi data source. When you create a data source:
Make sure that this is a non-XA data source.
The names of the multi data sources are in the format of <MultiDS>-rac0, <MultiDS>-rac1, and so on.
Use Oracle's Driver (Thin) Version 9.0.1, 9.2.0, 10, 11.
Data sources do not require support for global transactions. Therefore, do not use any type of distributed transaction emulation/participation algorithm for the data source (do not choose the Supports Global Transactions option, or the Logging Last Resource, Emulate Two-Phase Commit, or One-Phase Commit options of the Supports Global Transactions option), and specify a service name for your database.
Target these data sources to the OIM_CLUSTER and the SOA_CLUSTER.
Make sure the data source's connection pool initial capacity is set to 0 (zero). To do this, select Services, JDBC, and then Datasources. In the Datasources screen, click the Datasource Name, then click the Connection Pool tab, and enter 0 (zero) in the Initial Capacity field.
Perform these steps to create a multi data source:
In the Domain Structure window in the Oracle WebLogic Server Administration Console, expand the Services node, then expand the JDBC node.
Click Multi Data Sources. The Summary of JDBC Multi Data Source page is displayed.
Click Lock and Edit.
Click New. The Create a New JDBC Multi Data Source page is displayed.
leasing as the name.
jdbc/leasing as the JNDI name.
Select Failover as algorithm (default).
Select OIM_CLUSTER and SOA_CLUSTER as the targets.
Select non-XA driver (the default).
Click Create New Data Source.
leasing-rac0 as the name. Enter
jdbc/leasing-rac0 as the JNDI name. Enter
oracle as the database type. For the driver type, select Oracle Driver (Thin) for Oracle RAC server-Instance connection Version 10,11.
Note:When creating the multi data sources for the leasing table, enter names in the format of <MultiDS>-rac0, <MultiDS>-rac1, and so on.
Deselect Supports Global Transactions.
Enter the service name, database name, host port, and password for your leasing schema.
Click Test Configuration and verify that the connection works.
Target the data source to OIM_CLUSTER and SOA cluster.
Select the data source and add it to the right screen.
Click Create a New Data Source for the second instance of your Oracle RAC database, target it to the OIM_CLUSTER and SOA_CLUSTER, repeating the steps for the second instance of your Oracle RAC database.
Add the second data source to your multi data source.
Click Activate Changes.
The third step is to edit Node Manager's properties file. This needs to be done for the Node Managers in both nodes (OIMHOST1 and OIMHOST2) where server migration is being configured:
Interface=eth0 NetMask=255.255.255.0 UseMACBroadcast=true
Interface: This property specifies the interface name for the floating IP (for example, eth0).
Note:Do not specify the sub-interface, such as
eth0:2. This interface is to be used without
:1. Node Manager's scripts traverse the different :X-enabled IPs to determine which to add or remove. For example, the valid values in Linux environments are eth0, eth1, eth2, eth3, ethn, depending on the number of interfaces configured.
NetMask: This property specifies the net mask for the interface for the floating IP. The net mask should the same as the net mask on the interface; 255.255.255.0 is used as an example in this document.
UseMACBroadcast: This property specifies whether or not to use a node's MAC address when sending ARP packets, that is, whether or not to use the -
b flag in the
Verify in Node Manager's output (shell where Node Manager is started) that these properties are being used, or problems may arise during migration. You should see something like this in Node Manager's output:
... StateCheckInterval=500 Interface=eth0 NetMask=255.255.255.0 ...
Note:The steps below are not required if the server properties (start properties) have been properly set and Node Manager can start the servers remotely.
Set the following property in the
StartScriptEnabled: Set this property to 'true'. This is required to enable Node Manager to start the managed servers.
Start Node Manager on OIMHOST1 and OIMHOST2 by running the
startNodeManager.sh script, which is located in the WL_HOME/server/bin directory.
Note:When running Node Manager from a shared storage installation, multiple nodes are started using the same
nodemanager.propertiesfile. However, each node may require different NetMask or Interface properties. In this case, specify individual parameters on a per-node basis using environment variables. For example, to use a different interface (eth3) in HOSTn, use the Interface environment variable as follows:
HOSTn> export JAVA_OPTIONS=-DInterface=eth3and start Node Manager after the variable has been set in the shell.
The fourth step is to set environment and superuser privileges for the
Ensure that your PATH environment variable includes these files:
Grant sudo configuration for the
Configure sudo to work without a password prompt.
For security reasons, sudo should be restricted to the subset of commands required to run the
wlsifconfig.sh script. For example, perform the following steps to set the environment and superuser privileges for the wlsifconfig.sh script:
Grant sudo privilege to the WebLogic user ('oracle') with no password restriction, and grant execute privilege on the /sbin/ifconfig and /sbin/arping binaries.
Make sure the script is executable by the WebLogic user ('oracle'). The following is an example of an entry inside /etc/sudoers granting sudo execution privilege for
oracle and also over
oracle ALL=NOPASSWD: /sbin/ifconfig,/sbin/arping
Note:Ask the system administrator for the sudo and system rights as appropriate to this step.
The sixth step is to configure server migration targets. You first assign all the available nodes for the cluster's members and then specify candidate machines (in order of preference) for each server that is configured with server migration. Follow these steps to configure cluster migration in a migration in a cluster:
Log into the Oracle WebLogic Server Administration Console (http://Host:Admin_Port/console). Typically, Admin_Port is 7001 by default.
In the Domain Structure window, expand Environment and select Clusters. The Summary of Clusters page is displayed.
Click the cluster for which you want to configure migration (OIM_CLUSTER) in the Name column of the table.
Click the Migration tab.
Click Lock and Edit.
In the Available field, select the machine to which to allow migration and click the right arrow. In this case, select OIMHOST1 and OIMHOST2.
Select the data source to be used for automatic migration. In this case, select the leasing data source.
Click Activate Changes.
Set the candidate machines for server migration. You must perform this task for all of the managed servers as follows:
In the Domain Structure window of the Oracle WebLogic Server Administration Console, expand Environment and select Servers.
Tip:Click Customize this table in the Summary of Servers page and move Current Machine from the Available window to the Chosen window to view the machine on which the server is running. This will be different from the configuration if the server gets migrated automatically.
Select the server for which you want to configure migration.
Click the Migration tab.
In the Available field, located in the Migration Configuration section, select the machines to which to allow migration and click the right arrow. For WLS_OIM1, select OIMHOST2. For WLS_OIM2, select OIMHOST1.
Select Automatic Server Migration Enabled. This enables Node Manager to start a failed server on the target node automatically.
Click Activate Changes.
Repeat the steps above for the WLS_SOA1 and WLS_SOA2 managed servers.
Restart the administration server, Node Managers, and the servers for which server migration has been configured.
The final step is to test the server migration. Perform these steps to verify that server migration is working properly:
Stop the WLS_OIM1 managed server. To do this, run this command:
OIMHOST1> kill -9 pid
where pid specifies the process ID of the managed server. You can identify the pid in the node by running this command:
OIMHOST1> ps -ef | grep WLS_OIM1
Watch the Node Manager console. You should see a message indicating that WLS_OIM1's floating IP has been disabled.
Wait for Node Manager to try a second restart of WLS_OIM1. It waits for a fence period of 30 seconds before trying this restart.
Once Node Manager restarts the server, stop it again. Node Manager should now log a message indicating that the server will not be restarted again locally.
Watch the local Node Manager console. After 30 seconds since the last try to restart WLS_OIM1 on OIMHOST1, Node Manager on OIMHOST2 should prompt that the floating IP for WLS_OIM1 is being brought up and that the server is being restarted in this node.
Access the soa-infra console in the same IP.
Follow the steps above to test server migration for the WLS_OIM2, WLS_SOA1, and WLS_SOA2 managed servers.
Table 17-2 shows the managed servers and the hosts they migrate to in case of a failure.
|Managed Server||Migrated From||Migrated To|
Migration can also be verified in the Administration Console:
Log into the Administration Console.
Click Domain on the left console.
Click the Monitoring tab and then the Migration sub tab.
The Migration Status table provides information on the status of the migration.
Note:After a server is migrated, to fail it back to its original node/machine, stop the managed server from the Oracle WebLogic Administration Console and then start it again. The appropriate Node Manager will start the managed server on the machine to which it was originally assigned.