Oracle® Collaboration Suite Deployment Guide 10g Release 1 (10.1.2) Part Number B25492-04 |
|
|
View PDF |
This chapter describes some real-life examples of Oracle Collaboration Suite deployments in the following topics:
Oracle Collaboration Suite Simple Deployment (200 to 1,000 Users)
Oracle Collaboration Suite MediumDeployment (1,000 - 5,000 Users)
Oracle Collaboration Suite Large Deployment (Several Thousand Users)
This chapter provides examples of how various organizations have deployed Oracle Collaboration Suite. You can use the deployment examples in this chapter to obtain a general idea of how organizations of similar size or with similar requirements to yours chose to deploy Oracle Collaboration Suite. It is strongly recommended that you use the examples in this chapter as a reference only, rather than replicating a particular setup with all of its components.
The Oracle Collaboration Suite simple deployment configuration is available for organizations of typically two hundred to one thousand users, although there is no specific user limitation. The simple deployment configuration contains the following options:
This section describes the Oracle Collaboration Suite components contained in a single computer deployment and explains how those components operate with each other.
In Figure 3-1 all Infrastructure tier and Applications tier components are deployed on a single computer and accessed by Web browser clients, desktop clients, and telephony devices integrated with a PBX.
In Figure 3-1, the Infrastructure tier contains the Oracle Collaboration Suite database which is an Oracle Database 10g database server, the Oracle Internet Directory, and OracleAS Single Sign-On server. The Oracle Database 10g serves as a repository for Oracle Content Services, Oracle Mail, Oracle Real-Time Collaboration, and Oracle Workspaces. Authentication is handled by the Oracle Internet Directory, and OracleAS Single Sign-On server.
The Applications tier also contains the applications and access methods for Web browser clients, desktop clients, and telephony clients that are integrated with a PBX. These include the Web cache, Oracle HTTP server, OC4J container, protocol servers, Voicemail & Fax server, and the Mobile Collaboration Server.
OC4J Containers
The OC4J containers include the following Java applications that run in the Applications tier:
Oracle Content Services
Oracle Discussions
Oracle Real-Time Collaboration
Oracle Collaboration Suite Search
Oracle Mail Web components
Oracle Workspaces
Protocol Servers
The Applications tier contains the following protocol servers:
Oracle Calendar
Oracle Content Services
Oracle Mail
Oracle Calendar is both a protocol server and a repository for calendar data (the Oracle Database does not store calendar data). See Chapter 5, "Deploying Oracle Calendar" for more information about the Oracle Calendar architecture and functionality.
Figure 3-1 provides an overview of the flow of each Oracle Collaboration Suite application from the client to the repository. For a more detailed understanding of these flows, see the individual Oracle Collaboration Suite application deployment chapters in Part II, "Application-Level Deployment".
Web Browser Clients
Web Browser clients typically send an HTTP or HTTPS request to the Web cache, which sends the request to the Oracle HTTP Server. The Oracle HTTP Server authenticates with the Oracle Internet Directory, and OracleAS Single Sign-On server then sends the request to the target application in the OC4J container. Applications such as Oracle Discussions, Oracle Mail Web components, and Oracle Workspaces obtain user information from the Oracle Internet Directory and all applications access data stored in the Oracle Collaboration Suite database.
There are two exceptions to this flow: Oracle Calendar, which is not an OC4J application, and Oracle Mail Web components which typically uses the Oracle Mail protocol servers (SMTP and IMAP4) for incoming and outgoing mail.
In Figure 3-1, after Oracle Calendar accesses the Oracle Internet Directory and OracleAS Single Sign-On server, the Oracle HTTP Server sends all Calendar HTTP or HTTPS requests to the Calendar protocol server. Oracle Calendar does not store data in the Oracle Collaboration Suite database as it has its own repository deployed on the Applications tier.
Desktop Clients
Desktop clients typically access protocol servers on the Applications tier which authenticate with the Oracle Internet Directory. There are some exceptions to this flow:
the Oracle Real-Time Collaboration console which sends TCP/IP requests to the Oracle HTTP Server or Web cache
the Oracle Real-Time Collaboration Messenger client which connects directly with an Applications tier computer that contains the Oracle Real-Time Collaboration core component instance
the Oracle Content Services desktop client, which accesses the Web Cache
Telephony Clients Integrated with a PBX
Oracle Mobile Collaboration, and Oracle Voicemail & Fax are both integrated with a PBX. The PBX sends voice information to the Mobile Collaboration Server through a voice XML gateway. The Mobile Collaboration Server authenticates with the Oracle Internet Directory and then accesses content in the Oracle Collaboration Suite database.
The PBX sends voice information to the Voicemail & Fax server either directly using a circuited switch, or through a Voice Over IP Gateway. The Voicemail & Fax server authenticates with the Oracle Internet Directory and then accesses content in the Oracle Collaboration Suite database.
For security reasons, you may wish to put the OracleAS Single Sign-On server within a DMZ. With a single computer configuration, however, placing the OracleAS Single Sign-On server within a DMZ places all the components in the DMZ, which may be considered a security risk. To avoid this problem, you can place a reverse proxy in the DMZ and configure it to authenticate directly with the OracleAS Single Sign-On server.
Note: The reverse proxy can only proxy HTTP or HTTPS traffic. Oracle Real-Time Collaboration consoles do not use HTTP or HTTPS traffic and therefore, will not work behind a reverse proxy. |
The Oracle Collaboration Suite medium deployment configuration is typical for organizations of one thousand to five thousand users, although there is no specific user limitation. The medium deployment configuration contains the following options:
Applications Tier Components and SSO Server on Separate Computers
Applications Tier Components and SSO Server on the Same Optionally Duplicated Computer
Infrastructure Components Distributed on Different Computers
This section describes deploying Oracle Collaboration Suite on two dedicated Applications tier computers and one Infrastructure tier computer.
Figure 3-3 Applications Tier Components and SSO Server on Separate Computers
In Figure 3-3, the Infrastructure tier contains one computer and the Applications tier contains two computers.
The Infrastructure tier contains one computer located behind a firewall. This computer contains the Oracle Collaboration Suite infrastructure, which consists of the Oracle Collaboration Suite database with Identity Management and the Oracle Application Server Metadata Repository.
The Applications tier contains two computers located in a DMZ. One computer contains the Oracle Collaboration Suite Applications tier components and the other contains the OracleAS Single Sign-On server.
In Figure 3-3, Web clients connect with the OracleAS Single Sign-On server using an HTTP/S connection through ports 80 or 443. The OracleAS Single Sign-On server authenticates login information against the Oracle Internet Directory and then passes the user request to the computer with the Applications tier components. The computer with the Applications tier components connects to the Oracle Internet Directory using an LDAP connection on port 389 or a database connection on port 1521.
This section describes deploying Oracle Collaboration Suite on two duplicated Applications tier computers and one Infrastructure tier computer.
Figure 3-4 Applications Tier Components and SSO Server on the Same Optionally Duplicated Computer
In Figure 3-4, the Infrastructure tier contains one computer and the Applications tier contains two computers and an optional SMTP Relay device.
The Infrastructure tier includes one computer located behind a firewall. This computer runs Oracle Internet Directory and the Oracle Collaboration Suite Database.
The Applications tier comprises two computers located in a DMZ and an optional SMTP Relay device. Each computer contains the Oracle Collaboration Suite Applications tier components and the OracleAS Single Sign-On server.
In Figure 3-4, Web clients connect with the OracleAS Single Sign-On server using an HTTP or HTTPS connection through ports 80 or 443, and mail clients optionally connect through the SMTP Relay device using port 25. The OracleAS Single Sign-On server authenticates login information against the Oracle Internet Directory and then passes the user request to the computer with the Applications tier components. The Applications tier components connect to the Oracle Internet Directory using an LDAP connection on port 389 or a database connection on port 1521.
This section describes deploying Oracle Collaboration Suite on two duplicated Applications tier computers and three dedicated Infrastructure tier computers.
Figure 3-5 Infrastructure Components Distributed on Different Computer
In Figure 3-5, the Infrastructure tier contains three computers and the Applications tier contains two computers and an optional SMTP Relay device.
The Infrastructure tier contains three computers located behind a firewall. One computer contains the Oracle Collaboration Suite database with Identity Management and Metadata Repository components, another computer contains the repositories for Oracle Mail and Oracle Real-Time Collaboration, and the third computer contains the repositories for Oracle Content Services and Oracle Workspaces.
The Applications tier contains two computers located in a DMZ and an optional SMTP Relay device. Each computer contains the Oracle Collaboration Suite Applications tier components and the OracleAS Single Sign-On server. The Oracle Calendar server is deployed on the Applications tier.
In Figure 3-5, Web clients connect with the OracleAS Single Sign-On server using an HTTP or HTTPS connection through ports 80 or 443, mail clients optionally connect through the SMTP Relay device using port 25. The OracleAS Single Sign-On server authenticates login information against the Oracle Internet Directory and then passes the user request to the computer with the Applications tier components. The Applications tier components connect to the Oracle Internet Directory computer using an LDAP connection on port 389. Applications tier components—excluding Oracle Calendar—connect to their respective repositories on the remaining two Infrastructure tier computers using a database connection on port 1521.
The Oracle Collaboration Suite large deployment configuration is available for organizations with several thousand users. The large deployment configuration contains the following options:
This section describes a large deployment of most Oracle Collaboration Suite applications with dedicated Applications tier computers.
Figure 3-6 Large Deployment with Dedicated Application Tiers
The example in Figure 3-6 is limited to a deployment of Oracle Calendar, Oracle Content Services, Oracle Mail, and Oracle Real-Time Collaboration, however, other Oracle Collaboration Suite applications can also be deployed in this configuration.
The Infrastructure tier contains the following:
Two computers that provide identity management high availability
Two computers for the Oracle Real-Time Collaboration RAC database
Two computers for the Oracle Content Services RAC database
Two computers for the Oracle Mail RAC database
The Infrastructure tier computers connect to the following which are located in a Storage Area Network (SAN):
Oracle Internet Directory
Real-Time Collaboration Repository
Content Services Repository
Mail Repository
The Applications tier contains the following components on redundant dedicated computers:
OracleAS Single Sign-On Server
Oracle Calendar in a cold failover cluster
Oracle Real-Time Collaboration
Oracle Content Services
Oracle Mail
Figure 3-6 does not illustrate the connection flow between the various components deployed in this configuration. To understand the connection flow, please see the diagram and text in the "Single Computer Configuration" section. In this configuration, the following protocols are open to the customer network:
HTTP
HTTPS
LDAP
RTC
SMTP
IMAP
Calendar and FTP protocols
In this configuration, the following are limited protocols open to the customer Internet through a Proxy server:
HTTP
HTTPS
SMTP
RTC
This section describes a large deployment of most Oracle Collaboration Suite applications with duplicated Applications tier computers.
Figure 3-7 Large Deployment with Duplicated Application Tiers
The example in Figure 3-7 is limited to a deployment of Oracle Calendar, Oracle Content Services, Oracle Mail, and Oracle Real-Time Collaboration, however, other Oracle Collaboration Suite applications can also be deployed in this configuration.
The Infrastructure tier contains the following:
Two computers that provide high availability identity management
Two computers for the Oracle Real-Time Collaboration RAC database
Two computers for the Oracle Content Services RAC database
Two computers for the Oracle Mail RAC database
The Infrastructure tier computers connect to the following which are located in a SAN:
Oracle Internet Directory
Real-Time Collaboration Repository
Content Services Repository
Mail Repository
The OracleAS Single Sign-On server is deployed on the Applications tier on redundant dedicated computers. In addition, the following components are deployed on eight pairs of duplicated computers:
Oracle Calendar in a cold failover cluster
Oracle Real-Time Collaboration
Oracle Content Services
Oracle Mail
Figure 3-7 does not illustrate the connection flow between the various components deployed in this configuration. To understand the connection flow, see the diagram and text in the "Single Computer Configuration" section. In this configuration, the following protocols are open to the customer network:
HTTP
HTTPS
LDAP
RTC
SMTP
IMAP
Calendar and FTP protocols
In this configuration, the following are limited protocols open to the customer Internet through a Proxy server:
HTTP
HTTPS
SMTP
RTC
Information about deploying Oracle Collaboration Suite in high availability architectures can be found in the Oracle Collaboration Suite High Availability Guide.