This chapter introduces enterprise deployment reference topologies and configuration scenario for Oracle Exalogic. It contains the following sections:
Enterprise deployment is an Oracle best practices blueprint based on proven Oracle high-availability and security technologies and recommendations for Oracle Exalogic. The best practices described in these blueprints span all Oracle products across the entire technology stack: Oracle Database, Oracle Fusion Middleware, Oracle Exalogic machine, and Oracle Enterprise Manager Grid Control.
An Oracle Fusion Middleware enterprise deployment:
considers various business service level agreements (SLA) to make high-availability best practices as widely applicable as possible
leverages database grid servers and storage grid with low-cost storage to provide highly resilient, lower cost infrastructure
uses results from extensive performance impact studies for different configurations to ensure that the high-availability architecture is optimally configured to perform and scale to business needs
enables control over the length of time to recover from an outage and the amount of acceptable data loss from a natural disaster
uses Oracle best practices and recommended architecture.
For more information about high availability practices, go to http://www.oracle.com/technology/deploy/availability/htdocs/ maa.htm.
Setup and commissioning of Oracle Exalogic machine, including initial storage and networking configuration, as described in Oracle Fusion Middleware Exalogic Machine Owner's Guide.
This section provides information about Oracle Fusion Middleware concepts and terminologies that are related to administering Oracle Fusion Middleware.
Middleware home: A Middleware home consists of the Oracle WebLogic Server home, and, optionally, one or more Oracle homes.
Oracle home: An Oracle home contains installed files necessary to host a specific product. An Oracle home resides within the directory structure of the Middleware home. Each Oracle home can be associated with multiple Oracle instances or Oracle WebLogic Server domains.
WebLogic Server home: A WebLogic Server home contains installed files necessary to host a WebLogic Server. The WebLogic Server home directory is a peer of Oracle home directories and resides within the directory structure of the Middleware home.
Oracle WebLogic Server Domain: An Oracle WebLogic Server administration domain is a logically related group of Java components. A domain includes a special WebLogic Server instance called the Administration Server, which is the central point from which you configure and manage all resources in the domain. Usually, you configure a domain to include additional WebLogic Server instances called Managed Servers. You deploy Java components, such as Web applications, EJBs, and Web services, and other resources, to the Managed Servers and use the Administration Server for configuration and management purposes only.
The directory structure of a domain is separate from the directory structure of the WebLogic Server home.
failover: When a member of a high availability system fails unexpectedly (unplanned downtime), in order to continue offering services to its consumers, the system undergoes a failover operation. If the system is an active-passive system, the passive member is activated during the failover operation and consumers are directed to it instead of the failed member. The failover process can be performed manually, or it can be automated. If the system is an active-active system, the failover is performed by the load balancer entity serving requests to the active members. If an active member fails, the load balancer detects the failure and automatically redirects requests for the failed member to the surviving active members. See Oracle Fusion Middleware High Availability Guide for information on active-active and active-passive systems.
failback: After a system undergoes a successful failover operation, the original failed member can be repaired over time and be re-introduced into the system. If desired, a failback process can be initiated to activate this member and deactivate the other. This process reverts the system to its pre-failure configuration.
server migration: A feature of WebLogic Server required for applications that have critical data, such as persistent JMS or transaction logs. If a Managed Server hosting the application fails, the server migration feature of WebLogic Server ensures that the application availability is not affected. This task is not required for applications that do not have persistent JMS or transaction logs.
shared storage: Shared storage refers to the Sun ZFS Storage 7320 appliance that is accessible by all compute nodes in the Oracle Exalogic Machine. All compute nodes in the Exalogic machine can access this storage appliance simultaneously for both read and write operations.
Among other things, the following artifacts are located on the Sun ZFS Storage 7320 appliance:
Middleware Home software
Oracle WebLogic Server domains
Oracle WebLogic Server log files
JMS persistence logs
JTA logs (where applicable)
Application-specific artifacts, such as data, images, and so on
Oracle Linux (OL) or Oracle Solaris operating system crash dumps, patches, and syslogs
Note:
The factory setting for Oracle Exalogic machine is to store syslogs on the local storage of compute nodes. However, you can configure log rotation to store syslogs on the Sun ZFS Storage 7320 appliance, as necessary.
compute node: A physical machine in Exalogic rack that is meant for running an Oracle Fusion Middleware instance at any given time and has been configured to have a backup compute node.
network host name: Network host name is a name assigned to an IP address either through the /etc/hosts file or through DNS resolution. This name is visible in the network that the machine to which it refers to is connected. Often, the network host name and physical host name are identical. However, each machine has only one physical host name but may have multiple network host names. Thus, a machine's network host name may not always be its physical host name.
physical host name: This guide differentiates between the terms physical host name and network host name. This guide uses physical host name to refer to the "internal name" of the current machine. On UNIX, this is the name returned by the hostname command.
Physical host name is used by Oracle Fusion Middleware to reference the local host. During installation, the installer automatically retrieves the physical host name from the current machine and stores it in the Oracle Fusion Middleware configuration metadata on disk.
physical IP: Physical IP refers to the IP of a machine on the network. In almost all cases, it is normally associated with the physical host name of the machine (see the definition of the physical host name). In contrast to a virtual IP or floating IP, it is always associated with the same machine when on a network.
switchover: During normal operation, active members of a system may require maintenance or upgrading. A switchover process can be initiated to allow a substitute member to take over the workload performed by the member that requires maintenance or upgrading, which undergoes planned downtime. The switchover operation ensures continued service to consumers of the system.
switchback: When a switchover operation is performed, a member of the system is deactivated for maintenance or upgrade. When the maintenance or upgrade is completed, the system can undergo a switchback operation to activate the upgraded member and bring the system back to the pre-switchover configuration.
virtual host name: Virtual host name is a network addressable host name that maps to one or more physical machines via a load balancer. For load balancers, the name "virtual server name" is used interchangeably with virtual host name in this book. A load balancer can hold a virtual host name on behalf of a set of servers, and clients communicate indirectly with the machines using the virtual host name.
Note:
Whenever the term "virtual host name" is used in this document, it is assumed to be associated with a virtual IP address. In cases where just the IP address is needed or used, it will be explicitly stated.
virtual IP: Generally, a virtual IP can be assigned to a load balancer. To present a single system view of a cluster to network clients, a virtual IP serves as an entry point IP address to the group of servers which are members of the cluster. A virtual IP can be assigned to a server load balancer.
A load balancer uses a virtual IP as the entry point to a set of servers. These servers tend to be active at the same time. This virtual IP address is not assigned to any individual server but to the load balancer which acts as a proxy between servers and their clients.
floating IP: Floating IP is the IP assigned to one of the WebLogic Managed Servers in a Weblogic cluster to allow for server migration.
The Oracle Fusion Middleware configurations discussed in this guide are designed to ensure security of all invocations, maximize hardware resources, and provide a reliable, standards-compliant system for enterprise computing with a variety of applications.
The security and high availability benefits of the Oracle Fusion Middleware configurations are realized through isolation in firewall zones and replication of software components.
The Enterprise Deployment architectures are secure because every functional group of software components is isolated in its own Demilitarized Zone (DMZ), and all traffic is restricted by protocol and port. The following characteristics ensure security at all needed levels, as well as a high level of standards compliance:
Configure external load balancers to redirect all external communication received on port 80 to port 443.
Note:
The Oracle Technology Network (http://www.oracle.com/technology/index.html) provides a list of validated load balancers and their configuration at http://www.oracle.com/technology/products/ias/hi_av/Tested_LBR_FW_SSLAccel.html.
Communication from external clients does not go beyond the Load Balancing Router level.
No direct communication from the Load Balancing Router to the data tier is allowed.
Components are separated in different protection zones: the web tier, application tier, and the data tier.
Direct communication between two firewalls at any one time is prohibited.
If communication begins in one firewall zone, it must end in the next firewall zone.
All communication between components across protection zones is restricted by port and protocol, according to firewall rules.
The enterprise deployment architectures are highly available, because each component or functional group of software components is replicated on a different computer, and configured for component-level high availability.
Oracle Exalogic uses InfiniBand as the I/O fabric technology. InifiniBand provides a high throughput, low latency, and scalable fabric that is suitable for fabric consolidation of inter-processor communication, network and Storage. It is optimized for cluster and storage traffic.
Regardless of the design of the application, Oracle Exalogic offers a multitude of capabilities that dramatically improve the overall performance and reliability of the application. To benefit from the features and capabilities of Oracle Exalogic, Oracle WebLogic Suite 11g users only need to deploy their applications to the Exalogic machine; no code changes or rearchitecture of applications is necessary.
Oracle Exalogic provides a high degree of isolation among concurrently deployed applications that have diverse security, reliability, and performance requirements. It creates a default IP over InfiniBand (IPoIB) link and an Ethernet over InfiniBand (EoIB) interface during initial configuration. All compute nodes in the Exalogic Machine are members of the default InfiniBand partition.
The most common model for application isolation involves multiple IP subnetting, in which the most mission-critical applications are assigned their own IP subnets layered above the default IPoIB link. In this model, some subnets may also contain applications that have less stringent or otherwise different resource requirements. Other subnets may host WebLogic domains, which contain multiple applications, such as those dedicated to a given department or line of business, or even used for application testing and development.
Before you start implementing the Oracle Exalogic enterprise deployment topology, you should understand the current state of the Exalogic environment.
It is assumed that you have completed all tasks described in the Oracle Fusion Middleware Exalogic Machine Owner's Guide, which discusses your data center site preparation, Oracle Exalogic machine commissioning, initial networking configuration including IP address assignments, and initial setup of the Sun ZFS Storage 7320 appliance.
This section describes the state of the Exalogic configured environment before enterprise deployment.
It discusses the following topics:
Before you start configuring the enterprise deployment topology, you must run the Exalogic Configuration Utility to complete the following tasks, as described in the chapter "Initial Configuration of Exalogic Machine Using Oracle Exalogic Configuration Utility" in the Oracle Fusion Middleware Exalogic Machine Owner's Guide:
Configuration of IP addresses for all Exalogic compute nodes and the Sun ZFS Storage 7320 appliance.
Configuration of InfiniBand gateway switches.
Configuration of the Cisco Ethernet management switch.
Setup and verification of the default IP over InfiniBand (IPoIB) link spanning all compute nodes.
Setup and verification of the default Ethernet over InfiniBand (EoIB) link for connectivity with components of the topology running on Ethernet.
Configuration of the default InfiniBand partition that covers all of the compute nodes in Exalogic Machine.
The initial configuration of the Sun ZFS Storage 7320 appliance in your Oracle Exalogic machine is completed at the time of manufacturing. For more information about default shares (Exported File Systems), see the "Default Storage Configuration" section in the Oracle Fusion Middleware Exalogic Machine Owner's Guide.
After completing this initial configuration, you must proceed to create custom shares, as described in Section 3.4.2, "Setting Up Enterprise Deployment Storage Configuration".
Oracle Linux 5.5 or Oracle Solaris 11 is pre-installed on each of the compute nodes in your Oracle Exalogic machine.
You must download the Oracle WebLogic 10.3.4 software installer and run the installation program on one of the compute nodes. You must save the installation binaries, including Oracle Middleware Home, on a shared file system on the Sun ZFS Storage 7320 appliance. Before you can do so, you must configure shared storage by creating a Project and defining shares and LUNs to set up the directory structure, as necessary. Note down the mount point for such shares, so you can mount the required locations or directories from Exalogic compute nodes.
For more information, see Chapter 3, "Network, Storage, and Database Preconfiguration" and Chapter 4, "Installing Oracle Software".
Note:
You can download the Oracle WebLogic 10.3.4 software from http://edelivery.oracle.com. Select Oracle Fusion Middleware as the Product Pack, Linux x86-64 or Oracle Solaris on x86-64 (64-bit) as the Platform, and Oracle Fusion Middleware 11g Media Pack for Exalogic as the Media Pack.
Administration and management of Oracle Exalogic may span multiple specialized roles and separate departments in organizations. This is due to the integrated nature of Exalogic that combines multiple compute servers, shared storage and shared networking infrastructure. Oracle recommends that you align the planned use of Exalogic to the appropriate roles in your organization. For example, during initial deployment and day-to-day operations, you may consider roles, such as the following:
Machine Administrator - Administers all resources internal to Exalogic. This is the only role with root credentials on compute nodes.
Storage Administrator - Administers the Sun ZFS Storage 7320 appliance.
Network Administrator - Administers the InfiniBand gateway switches and management switches in the Oracle Exalogic machine. This administrator may also have permissions to configure resources external to Exalogic, such as hardware load balancers, firewalls, and web servers in the Web Tier.
Database Administrator - Administers database connectivity from software running in Oracle Exalogic.
Department Administrator - Administers X4170 M2 compute nodes in the Oracle Exalogic machine as non-root account, such as user weblogic in the operating system group oracle that has permissions to install, deploy, configure, and manage department processes and resources.
WebLogic Domain Administrator - Administers a department's middleware, such as WebLogic Server domains and Node Manager. This user likely has more restricted operating system privileges than the Department Administrator.
Operations and Management Administrator - A user that does not have rights to deploy or manipulate running applications, but is able to access management tools, such as Enterprise Manager Grid Control for monitoring purposes.
Table 1-1 lists high-level enterprise deployment tasks for Oracle Linux or Solaris physical environments.
Table 1-1 Enterprise Deployment Tasks for Oracle Linux or Solaris Physical Environments
| Step | Description | For More Information |
|---|---|---|
|
1 |
Familiarize yourself with Exalogic reference topologies. |
See Enterprise Deployment Overview and Reference Topology and Slicing Diagram |
|
2 |
Examine your Exalogic machine rack and compute nodes. Ensure that the base operating system (Oracle Linux or Solaris 11 Express) is installed on the compute nodes, and the primary IPoIB and EoIB interfaces are set up. |
|
|
3 |
Review and understand the horizontal slicing of an Exalogic machine and the example configuration scenario. Slicing of an Exalogic machine quarter rack is included as an example. |
See Example: Horizontal Slicing Within Exalogic Machine Quarter Rack and Example Configuration Scenario for Exalogic x86 Physical Machines |
|
4 |
Prepare your network, database, and storage for enterprise deployment. |
|
|
5 |
Install Oracle software. |
|
|
6 |
Configure Oracle Fusion Middleware software. |
|
|
7 |
Configure Oracle HTTP Server. |
See Mandatory: Configuring Oracle HTTP Server for Administration Server and Managed Servers |
|
8 |
Enable Exalogic-specific optimizations in WebLogic Server. |
See Enabling Exalogic-Specific Enhancements in Oracle WebLogic Server 11g Release 1 (10.3.4) |
|
9 |
Deploy a sample application to the WebLogic cluster that is configured to run on Exalogic compute nodes. |
See Deploying a Sample Web Application to an Oracle WebLogic Cluster |
|
10 |
Manage the enterprise deployment topology. |
|
|
11 |
Monitor the software in the enterprise deployment topology by using Oracle Enterprise Manager Grid Control. |
See Monitoring the Topology Using Oracle Enterprise Manager Grid Control |