Skip Headers
Oracle® Enterprise Manager Cloud Control Advanced Installation and Configuration Guide
12c Release 2 (12.1.0.2)
E24089-21
  Go To Table Of Contents
Contents
Go To Index
Index

Previous
Previous
 
Next
Next
 

12 Installing ADP with Advanced Installation Options

This chapter describes how you can install Application Dependency and Performance (ADP) in the Enterprise Manager Cloud Control environment.

In particular, this chapter covers the following:

Application Dependency and Performance Architecture

Application Dependency and Performance (ADP) is one of the critical functionalities in Enterprise Manager Cloud Control that allows you to analyze Java EE, SOA, and Portal applications. It captures the complex relationships among various application building blocks in its application schema model - the core of the Oracle intelligent platform. To manage these applications effectively, enterprises must first gain an understanding of the complex relationships among the business functions, associated interconnected components, and the underlying runtime environments. To enable clear and accurate understanding, IT organizations need holistic, service-oriented views that span across heterogeneous environments.

Using the insights stored in Application Schema, ADP is able to deliver an Application Service Management (ASM) environment that self-customizes out-of-the-box, evolves with change, minimizes expert involvement, and delivers a holistic, service-oriented view across heterogeneous environments.

ADP employs a multi-tier, fully distributed, configurable architecture to provide the scalability and flexibility to meet the changing needs of enterprise deployments.

Figure 12-1 ADP Architecture

ADP Architecture

ADP Manager is the core analytical engine of the ADP ASM system. In real-time, ADP Manager performs complex mathematical modeling and statistical calculations with summarized data from all ADP Java Agents. ADP Manager can be configured with a backup to provide higher level of availability.

ADP Java Agents are the data collectors of the ADP ASM system. ADP Java Agents are deployed to all managed application servers to perform a series of tasks including collecting performance managements, tracking contextual relationships, and summarizing data in real-time while introducing as little overhead as possible.

Before you Begin

Before installing an ADP Manager, or an ADP Agent, review the points outlined in the Basic Install Guide.

Prerequisites

Before installing an ADP Manager, or an ADP agent, ensure that you meet the prerequisites described in the Basic Install Guide.

Installation Procedure

This section describes the following:

Deploying ADP Manager on a Previously Created Managed Server

To deploy ADP Manager on a previously created managed server, you must log in with SYSMAN account (a default Super Administrators account that is installed with Enterprise Manager).

This section contains the following topics:

Deploying ADP Manager on an OMS Host

To deploy ADP Manager on a previously created managed server running on an OMS host, perform the following steps:

  1. In Cloud Control, from the Setup menu, select Application Performance Management.

  2. On the Application Performance Management page, from the Add menu, select Application Dependency and Performance Engine.

    The Deploy ADP Engine page appears.

  3. To deploy ADP Engine on an existing managed server, select Deploy on an existing managed server.

    Deploy ADP Manager

    Perform the following steps

    1. From the Managed Server menu, select the WebLogic Managed Server on which you want to deploy the ADP Manager application. Ensure that you select managed server with the name EMGC_ADPMANAGER* to deploy the ADP manager application.

      For example, EMGC_ADPMANAGER1, EMGC_ADPMANAGER2, and so on.

    2. The Port numbers for ADP Manager Registry Port, ADP Manager Java Provider Port, and ADP Manager Controller Port are populated with the default values 51099, 55003, and 55000 respectively. You can change these values by entering custom value if required.


    Note:

    An ADP Manager can only be deployed on a managed server that is part of the EMGC domain.

  4. Depending on the host selected in the previous step, you are prompted for the credentials. The following cases are possible:

    • If you select the same host (EMGC_OMS1) where the Administration Server is running, then you must enter the Oracle WebLogic Administration Server Host Credentials and Oracle WebLogic Domain Credentials.

    • If you select a host (EMGC_OMS2) different from the Administration Server to deploy ADP Manager, then in addition to Oracle WebLogic Administration Server Host Credentials and Oracle WebLogic Server Domain Credentials, you must provide Oracle WebLogic Managed Server Host Credentials.

    Where,

    Oracle WebLogic Administration Server Host Credentials are credentials for the host where the WebLogic Administration Server is running.

    Oracle WebLogic Server Domain Credentials are credentials of the WebLogic domain for Enterprise Manager Cloud Control.

    Oracle WebLogic Managed Server Host Credentials are the credentials of the host machine where the managed server is running.

  5. Click Deploy to submit the job.

    The ADP Deployment Status Page appears with a link to the job status page, click the link to see the status of the job that you submitted.

Deploying ADP Manager on a Separate Host from OMS (Remote Deployment)

To deploy ADP Manager on a separate host from OMS (remote deployment), you must perform the following tasks:

Prerequisites

Before deploying ADP Manager on a separate host from OMS (remote deployment), perform the following steps:


Note:

This section will use the following convention:
  • host-a is the host where the OMS server is running

  • host-b is the remote host which means that there is no OMS running on the host machine.


  1. Install a Management Agent on host-b (remote host)

    For information about installing a Management Agent, see Basic Install Guide.

  2. Install WebLogic Server on host-b using Enterprise Manager Software Only installation option.

    For information about performing a software only install, see Basic Install Guide.

    These WebLogic Server bits must be registered with the Enterprise Manager Domain running on host-a, so that all the managed servers appear under the same WebLogic Domain.


    Note:

    For a successful installation, all managed servers running on different hosts in a WebLogic Domain must have the same version and patch level.

  3. Configure a new managed server (ADPRemoteServer) using the WebLogic Server Administration Console as follows:

    1. Log into the Enterprise Manager WebLogic Domain console (EMGC_DOMAIN) of host-a.

      The WebLogic Server Administration Console home page appears.

    2. In Weblogic Server Administration Console, from the Domain Structure section, select Environment and then click Servers.

    3. On the Create a New Server page, enter the Server Name, Server Listen Address, and Server Listen port.


      Note:

      Ensure that the Server Listen Address corresponds to the listen address of the remote host, and the Server Listen port is free on the remote host.

  4. Configure a new machine using the WebLogic Server Administration Console as follows:

    1. Log into the Enterprise Manager WebLogic Domain console (EMGC_DOMAIN) of host-a.

      The WebLogic Server Administration Console home page appears.

    2. In WebLogic Server Administration Console, from the Domain Structure section, select Environment and click Machines.

    3. To associate this machine with the nodemanager running on host-b, associate this machine with the nodemanager running on host-b, enter the Listen Address of the remote host, and the node manager port number which is 5556 by default.

      This node manager primarily controls the start and stop of a remote host.

    4. Click Finish to create the machine.

  5. Select the new created machine, and click on Servers to add the managed server (ADPRemoteServer) to this machine. This step associates the machine with the nodemanager running on host-b.

  6. To extend the WebLogic Domain, a template of the Enterprise Manager Cloud Control domain running on host-a is created using the following command:

    ./pack.sh - domain = $DOMAIN_HOME -template = <absolute_path_to_the_new_weblogic_template> - template_name="My WebLogic Domain" -managed={true}
    
    Where:
    
    $DOMAIN_HOME is the location of EMGC domain on host-a.
    
    <absolute_path_to_the_new_weblogic_template> is the location where you want to create the template.
    
  7. Copy emgcdomain.jar from host-a (where the OMS is running) to host-b (remote host).

  8. Run the following command to unpack emgcdomain.jar template on host-b:

    ./unpack.sh -domain = $DOMAIN_HOME -template= <absolute_path_to_domain_template_created>
    
    Where:
    
    $DOMAIN_HOME is the domain location of EMGC on host-b (remote host)
    
    <absolute_path_to_domain_template_created> is the location of the template on host-b where emgcdomain.jar template is present.
    
  9. To enroll the WebLogic Domain with node manager, perform the following steps on host-b:

    1. Run the following command to update the node manager properties file so that it can start monitoring the remote host:

      $WEBLOGIC_HOME/common/bin/wlst.sh

      nmEnroll($DOMAIN_HOME)

    2. Start the Node Manager as follows:

      $WEBLOGIC_HOME/bin/startNodeManager.sh


      Note:

      Ensure that you set the property in the nodemanager property file before starting the Node Manager. You can set the property in one of the following methods:
      • Manually edit the nodemanager.properties file to set the property startScriptEnabled=true.

      • Run the script setNMProps.sh as follows: $MIDDLWARE_HOME/oracle_common/common/bin/setNMProps.sh


    3. Perform the following steps to modify startWebLogic.sh:

      1. Navigate to the following location:

        - On Unix : $DOMAN_HOME/bin/startWebLogic.sh

        - On Windows : $DOMAN_HOME/bin/startWebLogic.cmd

      2. Set maximum heap size (-Xmx) to 1.7GB for 64 bit systems and set maximum permanent generation (-XX:MaxPermSize) to 768M for 64 bit systems as follows:

        USER_MEM_ARGS="-Xms256m -Xmx1740m -XX:MaxPermSize=768m"

      3. Set max heap size to 1.4GB for 32 bit systems and set maximum permanent generation to 512M for 32 bit system as follows:

        USER_MEM_ARGS="-Xms256m -Xmx1434m -XX:MaxPermSize=512m"

  10. Perform the following steps on host-a, and then start the ADPRemoteServer as follows:

    1. Copy the emreposauthbean.jar located in $OMS_HOME/sysman/jlib, to <middleware_home>/wlserver_10.3/server/lib/mbeantypes. Where, $OMS_HOME is the location of the OMS server on host-a, and <middleware_home> is on host-b.

    2. Copy the emCoreCommon.jar from $WEBLOGIC_HOME/sysman/jlib on host-a to $WEBLOGIC_HOME/server/lib on host-b

    3. Import SSL Certificate to Enterprise Manager Agent Trust store present on the host where managed server (ADPRemoteServer) is running.

    4. Start the managed server (ADPRemoteServer) from the WebLogic Server Administration Console to complete the WebLogic Server setup.

  11. Perform the following steps to discover the new managed server running on host-b:

    1. In cloud Control, from Targets menu, select Middleware.

      On the Middleware page, from the list of WebLogic Servers running, select the WebLogic Domain (EMGC_DOMAIN) where the managed server is deployed.

    2. On The Cloud Control Domain page, from the WebLogic Domain menu, select Refresh WebLogic Domain.

      The new server now gets registered in the Enterprise Manager Cloud Control Domain.

  12. Restart the server for all the changes to take effect.

Installation Procedure

To deploy ADP Manager on a separate host from OMS (remote deployment), perform the following steps:


Note:

For a successful remote deployment, ensure that:
  • You install Enterprise Manager agent on the remote machine, and point it to the OMS running on a different managed server present in the same Enterprise Manager Cloud Control domain (EMGC_DOMAIN)

  • The remote WebLogic Server version and patch level should match with servers in Enterprise Manager Domain (EMGC_DOMAIN). To ensure that the versions and patch levels match, Oracle recommends that you install WebLogic by selecting the Software Only install option in the Enterprise Manager OUI install.


  1. In Cloud Control, from Setup menu, select Application Performance Management.

  2. On the Application Performance Management page, from the Add menu select Application Dependency and Performance Engine.

    The Deploy ADP Engine page appears.

  3. To deploy ADP Manager on the managed server running on a separate host from OMS, perform the following steps:

    1. Select Deploy on an existing Managed Server. For example, EMGC_ADPMANAGER2, EMGC_ADPMANAGER3, and so on.

    2. The Port numbers for ADP Manager Registry Port, ADP Manager Java Provider Port, and ADP Manager Controller Port are populated with the default values 51099, 55003, and 55000 respectively. You can change these values by entering custom value if required

  4. In the Credentials section, provide Oracle WebLogic Administration Server Host Credentials, Oracle WebLogic Domain Credentials, and Oracle WebLogic Managed Server Host Credentials.

    Where,

    Oracle WebLogic Administration Server Host Credentials are credentials for the host where the WebLogic Administration Server is running.

    Oracle WebLogic Domain Credentials are credentials of the WebLogic domain in the Enterprise Manager Cloud Control.

    Oracle WebLogic Managed Server Host Credentials are the credentials of the host machine where the Managed Server is running.

  5. Click Deploy to submit the job.

    The progress page appears with a link to the job processing page. Click the link to see the status of the job that you submitted.

Deploying ADP Agents (Remote Deployment)

To deploy ADP Agents on a Weblogic Domain which is monitored by the Management Agent present in the Enterprise Manager WebLogic Domain, perform the following steps:


Note:

This section will use the following convention:
  • host-a corresponds to the WebLogic Domain where the ADP Agent will be deployed.

  • host-b corresponds to the Enterprise Manager Domain (EMGC_DOMAIN) where the Management Agent is deployed to monitor the WebLogic Domain on host-a.


  1. In Cloud Control, from Targets menu, select Middleware.

    The Middleware page displays a list of all the Middleware targets discovered and managed in Cloud Control. Click target name to select the desired target.

  2. On the Middleware page, click Oracle WebLogic Domain. Ensure that the selected domain is not an Enterprise Manager Cloud Control domain (EMGC_DOMAIN).


    Note:

    ADP Agent cannot be deployed on a managed server (WebLogic Server) present in the Enterprise Manager domain.

    All the managed servers present in the selected domain appear on the domain home page.

  3. From the WebLogic Domain menu, select Diagnostics, and then click Setup Diagnostics Agents to deploy ADP agents to the selected managed servers.

  4. On the Deploy Diagnostics Agents page, choose the Oracle WebLogic Server (managed server) to which you want to deploy the ADP agents.


    Note:

    Ensure that you retain the selection of only those Diagnostic Agent(s) that you want to deploy to each of the managed server, deselect the others.

    In Addition to the managed server selected, the ADP Agent is deployed to the Administration Server of the selected domain.


    By default, the following servers appear deselected:

    • The Administration server.

    • All the managed servers that are not up and running.

    • If the Deployed Version and the Version to Deploy are the same, and the status of the already deployed ADP agent is up and running.

  5. In the Diagnostics Agent Configuration section, enter the ADP Configuration Properties for the selected agents:

    • Select the desired ADP Manager from the ADP Manager list.

      The ADP agents after deployment will report to the selected ADP Manager.

    • If you select the Update Remote Start configuration option, then some configuration scripts run in the background to facilitate the monitoring process. Select this option if you use node manager to stop or start the WebLogic Servers to which ADP agent is being deployed.


    Important:

    If WebLogic domain on host-a is discovered using Management Agent on host-b, then you must do the following:
    1. Navigate to the following location:

      <WEBLOGIC_HOME>/server/lib
      
      Where,
      <WEBLOGIC_HOME> is the full abstract path to the Weblogic home for the monitored WebLogic domain on host-a.
      
    2. Do the following to generate wlfullclient.jar:

      If the WebLogic Server version is 10.3.x or higher, then run the following command:

      java -jar wljarbuilder.jar
      

      If the WebLogic Server version is less than 10.3.x or equal to 10.3.0, then use other WebLogic installations (10.3.x or higher) to create the wlfullclient.jar.

      For example, you can use the <WEBLOGIC_DOMAIN> corresponding to the EMGC domain for generating the wlfullclient.jar, since Enterprise Manager setup uses JDK6.

    3. Copy the following files from <WEBLOGIC_HOME>/server/lib/ to <AGENT_HOME>/sysman/jlib directory:

      - wlfullclient.jar

      - wljmxclient.jar

      - webserviceclient+ssl.jar

      - wlcipher.jar

      Where <AGENT_HOME> is the Oracle home for the Management agent on host-b.


  6. If Management Agent present on host-b is used to monitor the WebLogic Domain on host-a (remote Agent) where the ADP Agent will be deployed, then you must provide credentials for Oracle WebLogic Administration Server Host Credentials, Oracle WebLogic Domain Credentials, Oracle Enterprise Manager WebLogic Administration Server Host Credentials, and Oracle Enterprise Manager WebLogic Domain Credentials.

    Where,

    Oracle WebLogic Administration Server Host Credentials are the credentials for the host-b, where the Management Agent used to discover the monitored domain is present.

    Oracle WebLogic Domain Credentials are credentials of the WebLogic domain of host-a, where the ADP Agent will be deployed.

    Oracle Enterprise Manager WebLogic Administration Server Host Credentials are credentials of host-b where the Administrator Server of EMGC_DOMAIN exists.

    Oracle Enterprise Manager WebLogic Domain Credentials are credentials of the WebLogic Domain of host-b (EMGC_DOMAIN).

  7. Click Deploy to submit the job.

    The status page appears with a link to the job status. Click the link to see the status of the job that you submitted.


    Note:

    • Restart the administration server, and the managed servers to which the ADP Agents have been deployed. These servers should be restarted only after the deployment has completed successfully.

    • If the ADP Agent deployment fails with an SSL handshake error, see "SSL Handshake Failure Agent Deployment Errors" to fix the problem.


Performing Postinstallation Tasks

This section contains the following topics:

Configuring Oracle SOA Suite for Secure Connectivity

The Oracle SOA Suite may be configured to support RMIS (RMI over SSL) connectivity. In this case, ADP can be configured to use this secure connection. To configure ADP to do this, perform the following steps:

  1. On the Oracle SOA Suite install, look at ORACLE_HOME/j2ee/<instance>/config/rmi.xml, locate the <ssl-config> element, and identify the path in the keystore attribute.

  2. Copy the keystore file indicated to ADP manager's config directory (for example, em10/config)

  3. Import this keystore file following the instructions in Importing a Certificate into the Manager's Keystore.

Configuring Oracle WebLogic Server or Oracle WebLogic Portal (WLP) for Secure Connectivity

To configure Oracle WebLogic Server 10.0 to handle connectivity using t3s, the location of the keystore files needs to be updated through the console.

  1. Log in to the WebLogic Server console and select the servers under the Environment Servers list that is displayed which you plan to manage with ADP.

  2. Select a server from the server list.

  3. Select the keystores tab, click Load & Edit to update the Keystore.

  4. Make the following changes. Identify the keystore, and truststore file paths from the following properties:

    Identity

    Custom Identity Keystore

    Trust

    Custom Trust Keystore: location of the trust file

  5. Repeat steps 2 through 4 for additional server instances that will be managed.

  6. Copy the identified keystore and truststore files to the ADP manager.

  7. Copy the BEA_HOME/license.bea to the ADP manager's config directory (for example, em11g/config)

  8. Import the keystore and truststore files following the instructions in Importing a Certificate into the Manager's Keystore.

  9. Locate the following properties in the Acsera.properties file, and set them as follows:

    weblogic.security.TrustKeyStore=CustomTrust
    weblogic.security.CustomTrustKeyStoreFileName=AcseraManagerTrust.jks
    weblogic.security.CustomTrustKeyStorePassPhrase=acseramanager
    

Importing a Certificate into the Manager's Keystore

To import entries from a keystore or truststore, perform the following steps, replacing ServerStoreFile.jks with the keystore or truststore from your application server. You will generally need to complete these steps twice, once for the keystore and once for the truststore.

  1. List the key aliases in the keystore/trustfile file from the server

    keytool -list -keystore ServerStoreFile.jks –storepass DemoIdentityKeyStorePassPhrase
    
    Output:
    
    Keystore type: jks
    Keystore provider: SUN
    
    Your keystore contains 1 entry:
    
    demoidentity, Wed Nov 19 13:34:56 PST 2008, keyEntry, Certificate fingerprint 
    (MD5): 36:06:C2:44:31:0A:28:FC:06:19:F7:AB:C0:7D:27:6A
    
  2. Export a key entry to an intermediate file

    keytool -export -alias demoidentity -keystore ServerStoreFile.jks -storepass 
    DemoIdentityKeyStorePassPhrase -file demo103
    
    Output:
    
    Certificate stored in file <demo103>
    
  3. Import the key into the ADP store file (either AcseraManagerKey.jks or AcseraManagerTrust.jks in the ADP manager's config directory)

    keytool -import -alias demoidentity1 -keystore AcseraManagerKey.jks 
    -storepass acseramanager -file demo103
    
    Output:
    
    Owner: CN=b91, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
    Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
    Serial number: 510fb3d4b2872e3a093d436fcbe9b24b
    Valid from: Tue Nov 18 13:34:47 PST 2008 until: Sun Nov 19 13:34:47 PST 2023
    Certificate fingerprints:
                 MD5:  36:06:C2:44:31:0A:28:FC:06:19:F7:AB:C0:7D:27:6A
                 SHA1: BB:85:6D:4C:0B:4A:92:63:CA:5E:E9:A8:54:42:80:2D:0D:BE:7C:91
    Trust this certificate? [no]:  yes
    Certificate was added to keystore
    
  4. Verify that the key was imported successfully

    keytool -list -keystore AcseraManagerKey.jks -storepass acseramanager
    
    Output:
    
    Keystore type: jks
    Keystore provider: SUN
    
    Your keystore contains 3 entries:
    
    demoidentity1, Wed Apr 01 13:03:21 PST 2009, trustedCertEntry,Certificate fingerprint (MD5): 36:06:C2:44:31:0A:28:FC:06:19:F7:AB:C0:7D:27:6A
    demoidentity, Fri Mar 13 15:15:06 PST 2009, trustedCertEntry,Certificate fingerprint (MD5): 0B:11:02:B5:44:0D:2A:CC:7F:C5:30:5C:1A:C9:A1:6C
    mykey, Thu May 19 16:57:36 PDT 2005, keyEntry,Certificate fingerprint (MD5): 5D:B0:EC:28:14:33:26:1F:44:F5:BE:DD:A8:50:15:9D
    
  5. Repeat steps 2 through 4 for each key entry listed in step 1.

  6. Locate the following properties in the Acsera.properties file, and set them as follows:

    weblogic.security.TrustKeyStore=CustomTrust
    weblogic.security.CustomTrustKeyStoreFileName=AcseraManagerTrust.jks
    weblogic.security.CustomTrustKeyStorePassPhrase=acseramanager
    

At present with ADP running with a bundled Sun HotSpot JDK, it is not possible for ADP to configure with PKCS12 type key/trust stores for secured connections. IBM JDK has built-in enhancements that allow it to work with PKCS12 key/trust stores, such as WebSphere 6.1's default key.p12 and trust.p12 stores. Also, there is a WebSphere 6.1 automatic function that is enabled with the property com.ibm.ssl.enableSignerExchangePrompt=true that allows a client connecting to a secure WebSphere port that allows automatic download of server's signer certificate and update of client's truststore. However, this automatic function is only available when ADP is running with an IBM JDK which is not the case at present. This is the reason why we need to follow the above procedure to connect with a secured WebSphere 6.1.

Configuring the ADP Agent When WebLogic Is Installed As a Windows Service

When the monitored WebLogic server is installed as a Windows Service, the automatic startup changes to deploy the ADP Agent need to be manually applied to the registry entries that control WebLogic startup.

The parameters which need to be changed are in the Windows registry key:

HKEY_LOCAL_MACHINE\SYSTEM\Current ControlSet\Services\$ServiceName\Parameters

Users should then consult the file on the ADP Manager:

deploy/agent/bea9/bin/agentoptions.bat (for WebLogic 9.x and higher)

Inspect this file and resolve the net results of its execution as Parameters in the registry.

After You Install

After installing the ADP Managed Server, or the ADP Agent, follow the steps outlined in the Basic Installation Guide