8 Creating a Domain for an Enterprise Deployment

This chapter describes how to create a domain using the Oracle Fusion Middleware Configuration Wizard, Oracle WebLogic Server Administration Console, and Oracle Enterprise Manager Fusion Middleware Control. You can extend the domain to add Fusion Middleware (FMW) components: Oracle SOA Suite, Oracle WebCenter Content and, optionally, Oracle WebCenter Content: Imaging and Oracle WebCenter Content: Inbound Refinery. This will be addressed in later chapters in this document.

Note:

Before starting the setup process, read the Oracle Fusion Middleware Release Notes for your platform for additional installation and deployment information.

This chapter contains the following sections:

8.1 Overview of Creating a Domain

Table 8-1 lists the steps for creating an Oracle WebLogic Server domain, including post-configuration tasks.

Table 8-1 Steps for Creating a WebLogic Server domain

Step Description More Information

Enabling VIP1 in SOAHOST1

Enable ADMINVHN for the SOAHOST1 host

Section 8.2, "Enabling VIP1 on SOAHOST1"

Create a WebLogic Server Domain

Run the Configuration Wizard to create a WebLogic Server domain.

Section 8.3, "Running the Configuration Wizard on SOAHOST1 to Create a Domain"

Post-Configuration and Verification Tasks

Follow the instructions for post-configuration and validation tasks.

Section 8.4, "Post-Configuration and Verification Tasks"

Configure the Oracle HTTP Server with the WebLogic Server domain

Configure Oracle HTTP Server with the WebLogic Server domain, and validate the configuration.

Section 8.5, "Configuring Oracle HTTP Server for the WebLogic Server Domain"

Back Up the Domain

Back up the newly configured WebLogic Server domain.

Section 8.6, "Backing Up the WebLogic Server Domain Configuration"

After this domain is created and configured, you can extend the domain to include Oracle SOA Suite and Oracle WebCenter Content components, as described in the next chapters.

8.2 Enabling VIP1 on SOAHOST1

This step is required for failover of the Administration Server, regardless of whether or not other Fusion Middleware components are installed later.

You are associating the Administration Server with a virtual host name (ADMINVHN). This virtual host name must be mapped to the appropriate virtual IP (VIP1) either by a DNS Server or by a custom /etc/hosts entry. Check that ADMINVHN is available according to your name resolution system, (DNS server, /etc/hosts), in the required nodes in your Oracle WebCenter Content topology. The virtual IP (VIP1) that is associated to this Virtual Host Name (ADMINVHN) must be enabled in SOAHOST1.

To enable the virtual IP, see Section 3.5, "Enabling Virtual IP Addresses for an Enterprise Deployment."

Check that the virtual hosts are enabled as Table 8-2 shows.

Table 8-2 Virtual Hosts

VIP Enabled on Host

ADMINVHN.mycompany.com

SOAHOST1

SOAHOST1VHN1.mycompany.com

SOAHOST1

SOAHOST2VHN1.mycompany.com

SOAHOST2

WCCHOST1VHN1.mycompany.com

WCCHOST1

WCCHOST2VHN1.mycompany.com

WCCHOST2

Note:

This is the DNS name associated with the floating IP address. It is not the DNS name of the virtual host configured on the load balancer.

8.3 Running the Configuration Wizard on SOAHOST1 to Create a Domain

Run the Oracle Fusion Middleware Configuration Wizard from the Oracle Common home directory to create a domain containing the Administration Server. You will extend the domain to contain other components later.

  1. Ensure that the database where you installed the repository is running. For Oracle RAC databases, it is recommended that all instances are running, so that the validation checks later on becomes more reliable.

  2. On SOAHOST1, change the directory to the location of the Oracle Fusion Middleware Configuration Wizard (created in Chapter 6, "Installing the Software for an Enterprise Deployment"):

    cd ORACLE_COMMON_HOME/common/bin

  3. Start the Configuration Wizard:

    ./config.sh

  4. In the Welcome screen, select Create a new WebLogic Domain, and click Next.

  5. The Select Domain Source screen opens (Figure 8-1).

    Figure 8-1 Select Domain Source Screen

    Description of Figure 8-1 follows
    Description of "Figure 8-1 Select Domain Source Screen"

    In the Select Domain Source screen, do the following:

    • Select Generate a domain configured automatically to support the following products.

    • Select the following products:

      • Basic WebLogic Server Domain - 10.3.6.0 [wlserver_10.3] (this should be selected automatically)

      • Oracle Enterprise Manager - 11.1.1.0 [oracle_common]

    If you accidentally deselect some of the targets, make sure that the following selections are made in this screen:

    • Oracle Enterprise Manager - 11.1.1.0 [oracle_common]

    • Oracle JRF - 11.1.1.0 [oracle_common]

    Click Next.

  6. In the Specify Domain Name and Location screen, enter the domain name (domain_name).

    Make sure that the domain directory matches the directory and shared storage mount point recommended in Chapter 4, "Preparing the File System for an Enterprise Deployment." Enter ORACLE_BASE/admin/domain_name/aserver for the domain directory and ORACLE_BASE/admin/domain_name/aserver/applications for the application directory. This directory should be in shared storage.

    Click Next.

  7. In the Configure Administrator User Name and Password screen, enter the user name and password to be used for the domain's administrator.

    Click Next.

  8. In the Configure Server Start Mode and JDK screen, do the following:

    • For WebLogic Domain Startup Mode, select Production Mode.

    • For JDK Selection, select JROCKIT SDK1.6.0_version.

    Click Next.

  9. In the Select Optional Configuration screen, select the following:

    • Administration Server

    • Managed Servers, Clusters and Machines

    Click Next.

  10. In the Configure the Administration Server screen, enter the following values:

    • Name: AdminServer

    • Listen address: ADMINVHN.

    • Listen port: 7001

    • SSL listen port: N/A

    • SSL enabled: Leave this checkbox unselected.

    Click Next.

  11. In the Configure Managed Servers screen, click Next.

  12. In the Configure Clusters screen, click Next.

  13. In the Configure Machines screen, open the Unix Machine tab and then click Add to add the following machine:

    Table 8-3 Machines

    Name Node Manager Listen Address

    ADMINVHN

    localhost

    Leave all other fields set to their default values. The machine name does not need to be a valid host name or listen address; it is just a unique identifier of a Node Manager location.

    Note:

    The virtual host machine must point to localhost because localhost is the relative internal address for whatever machine is active. The Node Manager instance associated with the Administration Server changes when the Administration Server fails over because the Administration Server uses the localhost attribute in conjunction with the first host and then again, after failover, in conjunction with the second host.

    Click Next.

  14. In the Assign Servers to Machines screen, assign The Administration Server to a machine as follows:

    • ADMINVHN:

      • AdminServer

    Click Next.

  15. In the Configuration Summary screen, click Create.

  16. In the Create Domain screen, click Done.

8.4 Post-Configuration and Verification Tasks

After configuring the domain with the Configuration Wizard, follow these instructions for post-configuration and verification.

The section includes the following topics:

8.4.1 Creating boot.properties for the Administration Server on SOAHOST1

Create a boot.properties file for the Administration Server on SOAHOST1. This file enables the Administration Server to start without prompting you for the administrator user name and password.

  1. Create the following directory structure on SOAHOST1:

    mkdir -p ORACLE_BASE/admin/domain_name/aserver/domain_name/servers/AdminServer/security

  2. In a text editor, create a file called boot.properties in the directory created in the previous step, and enter the following lines into the file:

    username=Admin_Username
password=Password

    Note:

    When you start the Administration Server, the user name and password entries in the file get encrypted. You start the Administration Server in Section 8.4.3, "Starting the Administration Server on SOAHOST1." For security reasons, you want to minimize the time the entries in the file are left unencrypted. After you edit the file, you should start the server as soon as possible so that the entries get encrypted.

  3. Save the file, and close the editor.

8.4.2 Starting Node Manager on SOAHOST1

To start Node Manager on SOAHOST1, set the StartScriptEnabled property to true, and then start Node Manager using startNodeManager.sh.

To start Node Manager on SOAHOST1:

  1. Run the setNMProps.sh script, which is located in the ORACLE_COMMON_HOME/common/bin directory, to set the StartScriptEnabled property to true before starting Node Manager:

    cd ORACLE_COMMON_HOME/common/bin

./setNMProps.sh

    Note:

    You must use the StartScriptEnabled property to avoid class loading failures and other problems. See also Section 16.12.3, "Incomplete Policy Migration After Failed Restart of SOA Server."

  2. Start Node Manager:

    cd WL_HOME/server/bin

export JAVA_OPTIONS=-DDomainRegistrationEnabled=true

./startNodeManager.sh

    Note:

    It is important that the -DDomainRegistrationEnabled=true parameter is set whenever a Node Manager is started which must manage the Administration Server. If there is no Administration Server on the machine and the machine is not an Administration Server failover node, then Node Manager can be started using

    ./startNodeManager.sh

    (without the export command).

8.4.3 Starting the Administration Server on SOAHOST1

The Administration Server is started and stopped using Node Manager. However, the first start of the Administration Server with Node Manager requires changing the default user name and password that the Oracle Fusion Middleware Configuration Wizard set for Node Manager. You must therefore use the start script for the Administration Server for the first start. Follow these steps to start the Administration Server using Node Manager (steps 1 through 4 are required for the first start; all subsequent starts require only step 4):

  1. On SOAHOST1, start the Administration Server using the start script in the domain directory:

    cd ORACLE_BASE/admin/domain_name/aserver/domain_name/bin

./startWebLogic.sh

  2. Use the Administration Console to update the Node Manager credentials:

    1. Open a web browser and go to http://ADMINVHN:7001/console.

    2. Log in as the administrator.

    3. Click Lock & Edit.

    4. Click domain_name, then Security, then General, and then expand the Advanced options at the bottom.

    5. Enter a new user name for Node Manager, or make a note of the existing one, and update the Node Manager password.

    6. Save and activate the changes.

  3. Stop the Administration Server process, either by using Ctrl+C in the shell where it was started or by the standard process identification and kill commands in the operating system.

  4. Start the Oracle WebLogic Scripting Tool (WLST), connect to Node Manager with nmconnect and the credentials set in the previous steps, and start the Administration Server using nmstart:

    cd ORACLE_COMMON_HOME/common/bin

./wlst.sh

    Once in the WLST shell, execute the following commands (make sure Node Manager is up and running):

    wls:/offline>nmConnect("Admin_User","Admin_Pasword", "SOAHOST1","5556","domain_name","/u01/app/oracle/admin/domain_name/aserver/domain_name")

wls:/nm/domain_name> nmStart("AdminServer")

Note:

SOAHOST1 is the address of the node where the domain was created, not the listen address of the Administration Server.
Also, the user name and password are only used to authenticate connections between Node Manager and clients. They are independent from the server admin ID and password, and are stored in the ORACLE_BASE/admin/domain_name/aserver/domain_name/config/nodemanager/nm_password.properties file.

8.4.4 Validating the Administration Server Configuration

To ensure that the Administration Server for the domain you have created is properly configured, validate the configuration by logging in to the WebLogic Server Administration Console and verifying the Administration Server is listed, and then log in to Oracle Enterprise Manager Fusion Middleware Control.

To verify that the Administration Server is properly configured:

  1. Open a Web browser and go to http://ADMINVHN:7001/console.

  2. Log in as the administrator.

  3. Check that you can access Fusion Middleware Control at http://ADMINVHN:7001/em.

  4. Log in to Fusion Middleware Control with the user name and password you specified in Section 8.4.1, "Creating boot.properties for the Administration Server on SOAHOST1."

The Administration Server should be up and running.

8.4.5 Disabling Host Name Verification

This step is required if you have not set up the appropriate certificates to authenticate the different nodes with the Administration Server (see Chapter 13, "Setting Up Node Manager"). If you have not configured the server certificates, you will receive errors when managing the different WebLogic Server instances. To avoid these errors, disable host name verification for the Administration Server and each Managed Server while setting up and validating the topology, and enable it again once the enterprise deployment topology configuration is complete, as described in Chapter 13, "Setting Up Node Manager."

You can disable host name verification for a server as soon as it is up and running, starting with the Administration Server.

To disable host name verification:

  1. Log in to the WebLogic Server Administration Console.

  2. Click Lock & Edit.

  3. In the Domain Structure tree on the left, expand the Environment node

  4. Click Servers.

  5. On the Summary of Servers page, click the name of a server in the Names column of the Servers table.

  6. On the settings page for the server, click the SSL tab.

  7. Expand the Advanced section of the page.

  8. Set Hostname Verification to None.

  9. Click Save.

  10. Save and activate the changes.

  11. This change requires a restart of Node Manager and the Administration Server:

    1. Stop the Administration Server with Node Manager, using the following command:

      wls:/nm/domain_name>nmKill("AdminServer")

    2. Stop Node Manager by stopping the process associated with it.

      If it is running in the foreground in a shell, use Ctrl+C.

      If it is running in the background in the shell, find the associated process and use the kill command to stop it. For example:

      ps -ef | grep NodeManager
orcl   9139  9120  0 Mar03 pts/6    00:00:00 /bin/sh ./startNodeManager.sh

kill -9 9139

    3. Start Node Manager:

      WL_HOME/server/bin/startNodeManager.sh

    4. Start the Administration Server again, as described in Section 8.4.3, "Starting the Administration Server on SOAHOST1."

8.5 Configuring Oracle HTTP Server for the WebLogic Server Domain

This section describes tasks for configuring Oracle HTTP Server for the WebLogic Server domain, and for verifying the configuration.

This section includes the following topics:

8.5.1 Configuring Oracle HTTP Server for the Administration Server

To enable Oracle HTTP Server to route to the Administration Server, you must set the corresponding mount points in your HTTP server configuration:

  1. For each of the web servers on WEBHOST1 and WEBHOST2, add the following lines to the ORACLE_INSTANCE/config/OHS/ohs1/moduleconf/admin_vh.conf and ORACLE_INSTANCE/config/OHS/ohs2/moduleconf/admin_vh.conf files:

    # Admin Server and EM
<Location /console>
   SetHandler weblogic-handler
   WebLogicHost ADMINVHN
   WebLogicPort 7001
   WLProxySSL OFF
   WLProxySSLPassThrough OFF
</Location>
 
<Location /consolehelp>
   SetHandler weblogic-handler
   WebLogicHost ADMINVHN
   WebLogicPort 7001
   WLProxySSL OFF
   WLProxySSLPassThrough OFF
</Location>
 
<Location /em>
   SetHandler weblogic-handler
   WebLogicHost ADMINVHN
   WebLogicPort 7001
   WLProxySSL OFF
   WLProxySSLPassThrough OFF
</Location>

  2. Restart Oracle HTTP Server on both WEBHOST1 and WEBHOST2:

    ORACLE_BASE/admin/instance_name/bin/opmnctl restartproc ias-component=ohsX

    For WEBHOST1, use ohs1 for ias-component and for WEBHOST2 use ohs2.

8.5.2 Turning On the WebLogic Server Plug-In Enabled Flag

For security purposes, and since the load balancer terminates SSL requests (Oracle HTTP Server routes the requests as non-SSL to WebLogic Server), once you configure SSL for the load balancer, turn on the WebLogic Server plug-in enabled flag for the domain.

To turn on the WebLogic Server plug-in enabled flag:

  1. Log in to the Administration Console.

  2. Click the domain name in the navigation tree on the left.

  3. Open the Web Applications tab.

  4. Click Lock & Edit.

  5. Select the WebLogic Plugin Enabled checkbox.

  6. Save and activate the changes.

  7. Restart the Administration Server (even if the Administration Console does not specifically prompt for that).

8.5.3 Registering Oracle HTTP Server with WebLogic Server

Once a WebLogic Server domain is created, the Oracle Web Tier can be linked to the domain. The advantage of doing this is that the Oracle Web Tier can be managed and monitored using Oracle Enterprise Manager Fusion Middleware Control.

To associate the Oracle Web Tier with the WebLogic Server domain, run the following commands on WEBHOST1:

cd ORACLE_BASE/admin/instance_name/bin

./opmnctl registerinstance -adminHost ADMINVHN -adminPort 7001 -adminUsername weblogic

You must also run this command from WEBHOST2 for ohs2.

After you register Oracle HTTP Server, it should appear as a manageable target in Fusion Middleware Control. To verify this, log in to Fusion Middleware Control. The WebTier item in the navigation tree should show that Oracle HTTP Server has been registered.

8.5.4 Setting the Front-End URL for the Administration Console and Setting Redirection Preferences

When you access the WebLogic Server Administration Console using a load balancer, it is required to change the Administration Server's front-end URL so that the user's web browser is redirected to the appropriate load balancer address.

The WebLogic Server Administration Console application tracks changes made to ports, channels and security using the console. When changes made through the console are activated, the console validates its current listen address, port and protocol. If the listen address, port and protocol are still valid, the console redirects the HTTP request, replacing the host and port information with the Administration Server's listen address and port.

To change the Administration Server's front-end URL:

  1. Log in to the WebLogic Server Administration Console.

  2. Click Lock & Edit.

  3. Expand the Environment node in the Domain Structure tree on the left.

  4. Click Servers.

  5. On the Summary of Servers page, select Admin Server in the Names column of the table.

  6. On the settings page for AdminServer(admin), open the Protocols tab.

  7. Open the HTTP tab.

  8. Set the Frontend Host field to admin.mycompany.com and the Frontend HTTP Port field to 80 (modify accordingly if HTTPS is used for the admin URL).

  9. Save and activate the changes.

  10. Disable tracking on configuration changes in the WebLogic Server Administration Console so that the console does not trigger the reloading of configuration pages when activation of changes occurs.

    1. Log in to the WebLogic Server Administration Console.

    2. Click the Preferences link in the banner.

    3. Open the Shared Preferences tab.

    4. Clear the Follow Configuration Changes checkbox.

    5. Click Save.

Note:

If you have any issues with activating any configuration changes after modifying the front-end host and port settings, see Section 16.12.10, "Redirection of Users to Login Screen After Activating Changes in the Administration Console."

8.5.5 Validating Access Through the Load Balancer

Verify that the server status is reported as Running in the Administration Console. If the server is shown as Starting or Resuming, wait for the server status to change to Started. If another status is reported (such as Admin or Failed), check the server output log files for errors. For possible causes, see Section 16.12, "Troubleshooting the Oracle WebCenter Content Enterprise Deployment Topology."

Validate access to the Administration Console and Oracle Enterprise Manager Fusion Middleware Control through the load balancer using the following URLs:

  • http://admin.mycompany.com/console

  • http://admin.mycompany.com/em

For information on configuring system access through the load balancer, see Section 3.3, "Configuring the Load Balancers."

After you register Oracle HTTP Server as described in Section 8.5.3, "Registering Oracle HTTP Server with WebLogic Server," it should appear as a manageable target in Fusion Middleware Control. To verify this, log in to Fusion Middleware Control. The WebTier item in the navigation tree should show that Oracle HTTP Server has been registered.

8.5.6 Verifying Manual Failover of the Administration Server

After configuring the domain, test failover by following the steps in Section 16.8, "Verifying Manual Failover of the Administration Server."

8.6 Backing Up the WebLogic Server Domain Configuration

After you have verified that the extended domain is working, perform a backup to save your domain configuration. This is a quick backup for the express purpose of immediate restore in case of problems in the further steps. The backup destination is the local disk. This backup can be discarded once the enterprise deployment setup is complete. At that point, the regular deployment-specific backup and recovery process can be initiated. The Oracle Fusion Middleware Administrator's Guide provides further details. For information on describing the Oracle HTTP Server data that must be backed up and restored, refer to the "Backup and Recovery Recommendations for Oracle HTTP Server" section in that guide. For information on how to recover components, see the "Recovery of Components" and "Recovery After Loss of Component" sections in the guide. For recommendations specific to recovering from the loss of a host, see the "Recovering Oracle HTTP Server to a Different Host" section in the guide. For information about database backup, see the Oracle Database Backup and Recovery User's Guide.

To back up the installation at this point:

  1. Back up the web tier from WEBHOST1:

    1. Shut down the instance using opmnctl:

      ORACLE_BASE/admin/instance_name/bin/opmnctl stopall

    2. Back up the Middleware home on the web tier using the following command (as root):

      tar -cvpf BACKUP_LOCATION/web.tar MW_HOME

    3. Back up the Oracle instance on the web tier using the following command:

      tar -cvpf BACKUP_LOCATION/web_instance_name.tar ORACLE_INSTANCE

    4. Start the instance using opmnctl:

      cd ORACLE_BASE/admin/instance_name/bin

opmnctl startall

  2. Repeat step 1 for WEBHOST2.

  3. Back up the database. This is a full database backup (either hot or cold) using Oracle Recovery Manager (recommended) or operating system tools such as tar for cold backups if possible.

  4. Stop the Administration Server and back up its domain directory to save your domain configuration. The configuration files all exist in the ORACLE_BASE/admin/domain_name/ directory. Run the following command on SOAHOST1 to create the backup:

    tar -cvpf edgdomainback.tar ORACLE_BASE/admin/domain_name

    Remember to restart the Administration Server again.