|Oracle® Exalogic Elastic Cloud Enterprise Deployment Guide for Oracle Identity Management
Release EL X2-2 and EL X3-2
Part Number E35832-01
|PDF · Mobi · ePub|
Oracle Identity Management presents a comprehensive suite of products for all aspects of identity management.This guide describes reference enterprise topology for the Oracle Identity Management Infrastructure components of Oracle Fusion Middleware. It also provides detailed instructions and recommendations to create the topology by following the enterprise deployment guidelines.
This chapter contains the following sections:
An enterprise deployment is an Oracle best practices blueprint based on proven Oracle high-availability technologies and recommendations for Oracle Fusion Middleware. The high-availability best practices described in this book make up one of several components of high-availability best practices for all Oracle products across the entire technology stack—Oracle Database, Oracle Fusion Middleware, Oracle Exalogic machine, and Oracle Applications.
Enables control over the length of time to recover from an outage and the amount of acceptable data loss from a natural disaster
Evolves with each Oracle version and is completely independent of hardware and operating system
Setup and commissioning of Oracle Exalogic machine, including initial storage and networking configuration, as described in Oracle Fusion Middleware Exalogic Machine Owner's Guide.
The Oracle Fusion Middleware configurations discussed in this guide are designed to ensure security of all transactions, maximize hardware resources, and provide a reliable, standards-compliant system for enterprise computing with a variety of applications. The security and high availability benefits of the Oracle Fusion Middleware configurations are realized through isolation in firewall zones and replication of software components.
This section contains the following topics:
The Enterprise Deployment architectures are secure because every functional group of software components is isolated in its own DMZ, and all traffic is restricted by protocol and port. The following characteristics ensure security at all needed levels, as well as a high level of standards compliance:
Even if external communication is received on port 80, it is redirected to port 443
External communication uses the Secure Socket Layer (SSL) secure Web Protocol. This is terminated at the site's load balancer.
Communication from external clients does not go beyond the Load Balancing Router level.
No direct communication from the Load Balancing Router to the application or data tier DMZ is allowed.
Direct communication across two firewalls at any one time is prohibited.
If a communication begins in one firewall zone, it must end in the next firewall zone.
All communication between components across firewalls is restricted by port and protocol, according to firewall rules.
Before you start implementing the Oracle Exalogic enterprise deployment topology, you should understand the current state of the Exalogic environment.
It is assumed that you have completed all tasks described in the Oracle Fusion Middleware Exalogic Machine Owner's Guide, which discusses your data center site preparation, Oracle Exalogic machine commissioning, initial networking configuration including IP address assignments, and initial setup of the Sun ZFS Storage 7320 appliance.
This section describes the state of the Exalogic configured environment before enterprise deployment.
It discusses the following topics:
Before you start configuring the enterprise deployment topology, you must run the
Exalogic Configuration Utility to complete the following tasks, as described in the chapter "Initial Configuration of Exalogic Machine Using Oracle Exalogic Configuration Utility" in the Oracle Fusion Middleware Exalogic Machine Owner's Guide:
Configuration of IP addresses for all Exalogic compute nodes and the Sun ZFS Storage 7320 appliance.
Configuration of InfiniBand gateway switches.
Configuration of the Cisco Ethernet management switch.
Setup and verification of the default IP over InfiniBand (IPoIB) link spanning all compute nodes.
Setup and verification of the default Ethernet over InfiniBand (EoIB) link for connectivity with components of the topology running on Ethernet.
Configuration of the default InfiniBand partition that covers all of the compute nodes in Exalogic Machine.
The initial configuration of the Sun ZFS Storage 7320 appliance in your Oracle Exalogic machine is completed at the time of manufacturing. For more information about default shares (Exported File Systems), see the "Default Storage Configuration" section in the Oracle Fusion Middleware Exalogic Machine Owner's Guide.
Oracle Linux 5.5 is pre-installed on each of the compute nodes in your Oracle Exalogic machine.
You must download the Oracle WebLogic software installer and run the installation program on one of the compute nodes. You must save the installation binaries, including Oracle Middleware Home, on a shared file system on the Sun ZFS Storage 7320 appliance. Before you can do so, you must configure shared storage by creating a Project and defining shares and LUNs to set up the directory structure, as necessary. Note down the mount point for such shares, so you can mount the required locations or directories from Exalogic compute nodes.
You can download the Oracle WebLogic 10.3.6 software from
http://edelivery.oracle.com. Select Oracle Fusion Middleware as the Product Pack, Linux x86-64 as the Platform, and Oracle Fusion Middleware 11g Media Pack for Exalogic as the Media Pack.