2 Database and Environment Preconfiguration

This chapter describes database and network environment preconfiguration required by the WebCenter enterprise topology. This chapter contains the following sections:

Section 2.1, "Database"
Section 2.2, "Network"
Section 2.3, "Shared Storage and Recommended Directory Structure"
Section 2.4, "LDAP as Credential and Policy Store"

2.1 Database

For the WebCenter enterprise topology, the database contains the Oracle Fusion Middleware Repository, which is a collection of schemas used by various Oracle Fusion Middleware components, such as the WebCenter components, and OWSM. This database is separate from the Identity Management database, which is used in Identity Management Enterprise Deployment by components such as Oracle Internet Directory, DIP, and so on.

You must install the Oracle Fusion Middleware Repository before you can configure the Oracle Fusion Middleware components. You install the Oracle Fusion Middleware metadata repository into an existing database using the Repository Creation Utility (RCU), which is available from the RCU DVD or from the location listed in Table 1-2. For the enterprise topology, a Real Application Clusters (RAC) database is highly recommended.

When you configure the WebCenter components, the configuration wizard will prompt you to enter the information for connecting to the database that contains the metadata repository.

This section covers the following topics:

Section 2.1.1, "Setting Up the Database"
Section 2.1.2, "Loading the Oracle Fusion Metadata Repository in the Oracle RAC Database"
Section 2.1.4, "Backing Up the Database"

2.1.1 Setting Up the Database

Before loading the metadata repository into your database, check that the database meets the requirements described in these subsections:

Section 2.1.1.1, "Database Host Requirements"
Section 2.1.1.2, "Supported Database Versions"
Section 2.1.1.3, "Initialization Parameters"
Section 2.1.1.4, "Database Services"

2.1.1.1 Database Host Requirements

On the hosts CUSTDBHOST1 and CUSTDBHOST2 in the data tier, note the following requirements:

Oracle Clusterware

For 11g Release 1 (11.1) for Linux, refer to the Oracle Clusterware Installation Guide for Linux.
Oracle Real Application Clusters

For 11g Release 1 (11.1) for Linux, refer to the Oracle Real Application Clusters Installation Guide for Linux. For 10g Release 2 (10.2) for Linux, refer to Oracle Database Oracle Clusterware and Oracle Real Application Clusters Installation Guide.
Automatic Storage Management (optional)

ASM gets installed for the node as a whole. It is recommended that you install it in a separate Oracle Home from the Database Oracle Home. This option comes in at runInstaller. In the Select Configuration page, select the Configure Automatic Storage Management option to create a separate ASM home.

2.1.1.2 Supported Database Versions

Oracle SOA Suite requires the presence of a supported database and schemas:

To check if your database is certified or to see all certified databases, refer to the "Certified Databases" section in the Certification Document:
```
http://www.oracle.com/technology/software/products/ias/files/fusion_certification.html
```

To check the release of your database, you can query the PRODUCT_COMPONENT_VERSION view as follows:

SQL> SELECT VERSION FROM SYS.PRODUCT_COMPONENT_VERSION WHERE PRODUCT LIKE 'Oracle%';

Note:

Oracle SOA Suite requires the database be used to store its metadata (either 10g or 11g) supports the AL32UTF8 character set. Check the database documentation for information on choosing a character set for the database.

2.1.1.3 Initialization Parameters

Ensure that the following initialization parameter is set to the required minimum value. It is checked by Repository Creation Assistant.

Table 2-1 Required Initialization Parameters

Configuration	Parameter	Required Value	Parameter Class
SOA	`PROCESSES`	300 or greater	Static
WC	`PROCESSES`	300 or greater	Static
SOA and WC	`PROCESSES`	600 or greater	Static

To check the value of the initialization parameter using SQL*Plus, you can use the SHOW PARAMETER command.

As the SYS user, issue the SHOW PARAMETER command as follows:

SQL> SHOW PARAMETER processes

Set the initialization parameter using the following command:

SQL> ALTER SYSTEM SET processes=300 SCOPE=SPFILE;

Restart the database.

Note:

The method that you use to change a parameter's value depends on whether the parameter is static or dynamic, and on whether your database uses a parameter file or a server parameter file. See the Oracle Database Administrator's Guide for details on parameter files, server parameter files, and how to change parameter values.

2.1.1.4 Database Services

Oracle recommends using the Oracle Enterprise Manager Cluster Managed Services Page to create database services that client applications will use to connect to the database. For complete instructions on creating database services, see the chapter on workload management in the Oracle Database Oracle Clusterware and Oracle Real Application Clusters Administration and Deployment Guide.

You can also use SQL*Plus to configure this using the following instructions:

Use the CREATE_SERVICE subprogram to create the wcedg.mycompany.com database service. Log on to SQL*Plus as the sysdba user and run the following command:
```
SQL> EXECUTE DBMS_SERVICE.CREATE_SERVICE
(SERVICE_NAME => 'wcedg.mycompany.com',
NETWORK_NAME => 'wcedg.mycompany.com',
);
```
Add the service to the database and assign it to the instances using srvctl:
```
prompt> srvctl add service -d wcdb -s wcedg -r wcdb1,wcdb2
```

Start the service using srvctl:

prompt> srvctl start service -d wcdb -s wcedg

Note:

For more information about the SRVCTL command, see the Oracle Real Application Clusters Administration and Deployment Guide.

Oracle recommends that a specific database service be used for a product suite even when they share the same database. It is also recommended that the database service used is different than the default database service. In this case, the database is wcdb.mycompany.com and the default service is one with the same name. The WebCenter install is configured to use the service wcedg.mycompany.com. It is recommended that a service named soaedg.mycompany.com is used for SOA.

2.1.2 Loading the Oracle Fusion Metadata Repository in the Oracle RAC Database

To load the Oracle Fusion Middleware Repository into a database, complete these steps:

Start Repository Creation Utility (RCU), which is available from the RCU DVD or from the location listed in Table 1-2, by first inserting the RCU DVD.
Start RCU from the bin directory:

./rcu
In the Welcome screen, click Next.
In the Create Repository screen, select Create to load component schemas into a database. Click Next.
In the Database Connection Details screen, enter connect information for your database:
- Database Type: select Oracle Database.
- Host Name: Enter the name of the node that is running the database. For the Oracle RAC database, specify the VIP name or one of the node names as the host name: CUSTDBHOST1-VIP.
- Port: Enter the port number for the database: 1521.
- Service Name: Enter the service name of the database:wcedg.mycompany.com
- Username: SYS
- Password: Enter the password for the SYS user.
- Role: SYSDBA
Click Next.
If you get this warning message: The database you are connecting is with non-UTF8 charset, if you are going to use this database for multilingual support, you may have data loss. If you are not using for multilingual support you can continue, otherwise we strongly recommend using UTF-8 database.

Click Ignore or Stop.
In the Select Components screen, do the following:
- Select Create a New Prefix, and enter a prefix to use for the database schemas. Example: DEV or PROD. Prefixes are used to create logical groupings of multiple repositories in a database. For more information, see Oracle Fusion Middleware Repository Creation Utility User's Guide.
  
  Tip:
  Note the name of the schema because the upcoming steps require this information.
  
  Select the following:
- If you are installing the SOA schemas, select SOA and BPM Infrastructure, which includes SOA Infrastructure and User Messaging Service.
- For WebCenter Suite, select all schemas.
  
  Note:
  This will auto-select Metadata Services as well.
- For Oracle Enterprise Content Management, expand Enterprise Content Management, and select Oracle Content Server 11g - Complete.
Click Next.
In the Schema Passwords screen, enter passwords for the main and additional (auxiliary) schema users, and click Next.
In the Map Tablespaces screen, choose the tablespaces for the selected components, and click Next.
In the Summary screen, click Create.
In the Completion Summary screen, click Close.

2.1.3 Configuring SOA Schemas for Transactional Recovery Privileges

You need the appropriate database privileges to allow the Oracle WebLogic Server transaction manager to query for transaction state information and issue the appropriate commands, such as commit and rollback, during recovery of in-flight transactions after a WebLogic Server container crash.

To configure the SOA schemas for transactional recovery privileges:

Log on to sqlplus as a user with sysdba privileges. For example:
```
sqlplus "/ as sysdba"
```

Enter the following commands:

SQL> Grant select on sys.dba_pending_transactions to soa_schema_prefix_soainfra;

Grant succeeded.
 
SQL> Grant force any transaction to soa_schema_prefix_soainfra;
 
Grant succeeded.
 
SQL>

Note:

These privileges should be granted to the owner of the soainfra schema, as determined by the RCU operations.

2.1.4 Backing Up the Database

After you have loaded the metadata repository in your database, you should make a backup.

Backing up the database is for the explicit purpose of quick recovery from any issue that may occur in the further steps. You can choose to use your backup strategy for the database for this purpose or simply take a backup using OS tools or RMAN for this purpose. It is recommended to use Oracle Recovery Manager for the database, particularly if the database was created using Oracle ASM. If possible, a cold backup using operating system tools such as tar can also be performed.

2.2 Network

This section covers the following topics:

Section 2.2.1, "Virtual Server Names"
Section 2.2.2, "Load Balancers"
Section 2.2.3, "IPs and Virtual IPs"
Section 2.2.4, "Firewalls and Ports"

2.2.1 Virtual Server Names

The WebCenter enterprise topology uses the following virtual server names:

Section 2.2.1.1, "wc.mycompany.com"
Section 2.2.1.2, "admin.mycompany.com"
Section 2.2.1.3, "wcinternal.mycompany.com"

Ensure that the virtual server names are associated with IP addresses and are part of your DNS. The nodes running Oracle Fusion Middleware must be able to resolve these virtual server names.

2.2.1.1 w c.mycompany.com

wc.mycompany.com is a virtual server name that acts as the access point for all HTTP traffic to the runtime SOA and WebCenter components, such as soa-infra, workflow, and B2B. Traffic to SSL is configured. Clients access this service using the address wc.mycompany.com:443. This virtual server is defined on the load balancer.

2.2.1.2 admin.mycompany.com

admin.mycompany.com is a virtual server name that acts as the access point for all internal HTTP traffic that is directed to administration services such as WebLogic Administration Server Console and Oracle Enterprise Manager.

The incoming traffic from clients is not SSL-enabled. Clients access this service using the address admin.mycompany.com:80 and the requests are forwarded to port 7777 on WEBHOST1 and WEBHOST2.

This virtual server is defined on the load balancer.

2.2.1.3 wc internal.mycompany.com

wcinternal.mycompany.com is a virtual server name used for internal invocations like callbacks and internal access to services. This url is not exposed to the internet and is only accessible from the intranet.

The incoming traffic from clients is not SSL-enabled. Clients access this service using the address wcinternal.mycompany.com:80 and the requests are forwarded to port 7777 on WEBHOST1 and WEBHOST2.

This virtual server is defined on the load balancer.

2.2.2 Load Balancers

This enterprise topology uses an external load balancer. For more information on load balancers, see Section 1.5.2, "Web Tier."

Note:

The Oracle Technology Network (http://www.oracle.com/technology/index.html) provides a list of validated load balancers and their configuration at http://www.oracle.com/technology/products/ias/hi_av/Tested_LBR_FW_SSLAccel.html.

2.2.2.1 Configuring the Load Balancer

To configure the load balancer, complete these steps:

Create a pool of servers. You will assign this pool to virtual servers.
Add the addresses of the Oracle HTTP Server hosts to the pool. For example:
- WEBHOST1:7777
- WEBHOST2:7777
Configure a virtual server in the load balancer for wc.mycompany.com:443.
- For this virtual server, use your system's frontend address as the virtual server address (for example, wc.mycompany.com). The frontend address is the externally facing host name used by your system and that will be exposed in the Internet.
- Configure this virtual server with port 80 and port 443. Any request that goes to port 80 should be redirected to port 443.
- Specify ANY as the protocol.
- Enable address and port translation.
- Enable reset of connections when services and/or nodes are down.
- Assign the pool created in step 1 to the virtual server.
- Create rules to filter out access to /console and /em on this virtual server.
Configure a virtual server in the load balancer for admin.mycompany.com:80.
- For this virtual server, use your internal administration address as the virtual server address (for example, admin.mycompany.com). This address is typically not externalized.
- Specify HTTP as the protocol.
- Enable address and port translation.
- Enable reset of connections when services and/or nodes are down.
- Assign the pool created in step 1 to the virtual server.
Configure a virtual server in the load balancer for wcinternal.mycompany.com:80.
- For this virtual server, use your internal administration address as the virtual server address (for example, wcinternal.mycompany.com). This address is typically not externalized.
- Specify HTTP as the protocol.
- Enable address and port translation.
- Enable reset of connections when services and/or nodes are down.
- Assign the pool created in step 1 to the virtual server.
- Optionally, create rules to filter out access to /console and /em on this virtual server.
Configure monitors for the Oracle HTTP Server nodes to detect failures in these nodes.
- Set up a monitor to regularly ping the "/" URL context.
  
  Tip:
  Use GET /\n\n instead if the Oracle HTTP Server's document root does not include index.htm and Oracle WebLogic Server returns a 404 error for "/".
- For the ping interval, specify a value that does not overload your system. You can try 5 seconds as a starting point.
- For the timeout period, specify a value that can account for the longest time response that you can expect from your WebCenter system, that is, specify a value greater than the longest period of time any of your requests to HTTP servers can take.

2.2.3 IPs and Virtual IPs

Configure the Administration Server and the managed servers to listen on different virtual Ips and physical IPs as illustrated in Figure 2-1. As shown in this figure, each VIP and IP is attached to the WebLogic server that uses it. VIP1 is failed manually to restart the Administration Server in SOAHOST2. VIP2 and VIP3 fail over from SOAHOST1 to SOAHOST2 and from SOAHOST2 to SOAHOST1 respectively through Oracle WebLogic Server Migration feature. See Oracle Fusion Middleware High Availability Guide for information on the WebLogic Server Migration feature. Physical IPs (non virtual) are fixed to each node. IP1 is the physical IP of SOAHOST1 and is used by the WLS_WSM1 WebServices Policy Manager server. IP2 is the physical IP of SOAHOST2 and is used by the WLS_WSM2 WebServices Policy Manager server.

Figure 2-1 IPs and VIPs Mapped to Administration Server and Managed Servers

IP and VIP mapping to admin and managed servers

Table 2-2 provides descriptions of the various virtual hosts.

Table 2-2 Virtual Hosts

Virtual IP	VIP Maps to...	Description
VIP1	ADMINVHN	ADMINVHN is the virtual host name that is the listen address for the Administration Server and fails over with manual failover of the Administration Server. It is enabled on the node where the Administration Server process is running (SOAHOST1 by default).
VIP2	SOAHOST1VHN1	SOAHOST1VHN1 is the virtual host name that maps to the listen address for WLS_SOA1 and fails over with server migration of this managed server. It is enabled on the node where WLS_SOA1 process is running (SOAHOST1 by default).
VIP3	SOAHOST2VHN1	SOAHOST2VHN1 is the virtual host name that maps to the listen address for WLS_SOA2 and fails over with server migration of this managed server. It is enabled on the node where WLS_SOA2 process is running (SOAHOST2 by default).

2.2.4 Firewalls and Ports

Many Oracle Fusion Middleware components and services use ports. As an administrator, you must know the port numbers used by these services, and to ensure that the same port number is not used by two services on a host.

Most port numbers are assigned during installation.

Table 2-3 lists the ports used in the WebCenter topology, including the ports that you must open on the firewalls in the topology.

Firewall notation:

FW0 refers to the outermost firewall.
FW1 refers to the firewall between the web tier and the application tier.
FW2 refers to the firewall between the application tier and the data tier.

Table 2-3 Ports Used

Type	Firewall	Port and Port Range	Protocol / Application	Inbound / Outbound	Other Considerations and Timeout Guidelines
Browser request	FW0	80	HTTP / Load Balancer	Inbound	Timeout depends on all HTML content and the type of process model used for WebCenter.
Browser request	FW0	443	HTTPS / Load Balancer	Inbound	Timeout depends on all HTML content and the type of process model used for WebCenter.
Browser request	FW1	80	HTTPS / Load Balancer	Outbound (for intranet clients)	Timeout depends on all HTML content and the type of process model used for SOA.
Browser request	FW1	443	HTTPS / Load Balancer	Outbound (for intranet clients)	Timeout depends on all HTML content and the type of process model used for SOA.
Callbacks and Outbound invocations	FW1	80	HTTPS / Load Balancer	Outbound	Timeout depends on all HTML content and the type of process model used for SOA.
Callbacks and Outbound invocations	FW1	443	HTTPS / Load Balancer	Outbound	Timeout depends on all HTML content and the type of process model used for SOA.
Load balancer to Oracle HTTP Server	n/a	7777	HTTP	n/a	See Section 2.2.2.1, "Configuring the Load Balancer."
OHS registration with Administration Server	FW1	7001	HTTP/t3	Inbound	Set the timeout to a short period (5-10 seconds).
OHS management by Administration Server	FW1	OPMN port (6701) and OHS Admin Port (7779)	TCP and HTTP, respectively	Outbound	Set the timeout to a short period (5-10 seconds).
WSM-PM access	FW1	7010 Range: 7010 - 7999	HTTP / WLS_WSM-PMn	Inbound	Set the timeout to 60 seconds.
Communication between WSM Cluster members	n/a	7010	TCP/IP Unicast	n/a	By default, this communication uses the same port as the server's listen address.
Communication between Spaces_Cluster members	n/a	9000	TCP/IP Unicast	n/a	By default, this communication uses the same port as the server's listen address.
Communication between Portlet_Cluster members	n/a	9001	TCP/IP Unicast	n/a	By default, this communication uses the same port as the server's listen address.
Communication between Collab_Cluster members	n/a	9002	TCP/IP Unicast	n/a	By default, this communication uses the same port as the server's listen address.
Session replication within a WebLogic Server cluster	n/a	n/a	n/a	n/a	By default, this communication uses the same port as the server's listen address.
Administration Console access	FW1	7001	HTTP / Administration Server and Enterprise Manager t3	Both	You should tune this timeout based on the type of access to the admin console (whether it is planned to use the Oracle WebLogic Server Administration Console from application tier clients or clients external to the application tier).
Node Manager	n/a	5556	TCP/IP	n/a	n/a For actual values, see "Firewalls and Ports" in Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management.
Access Server access	FW1	6021	OAP	Inbound	For actual values, see "Firewalls and Ports" in Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management.
Identity Server access	FW1	6022	OAP	Inbound
Database access	FW2	1521	SQL*Net	Both	Timeout depends on all database content and on the type of process model used for WebCenter.
Oracle Internet Directory access	FW2	389	LDAP	Inbound	You should tune the directory server's parameters based on load balancer, and not the other way around.
Oracle Internet Directory access	FW2	636	LDAP SSL	Inbound	You should tune the directory server's parameters based on load balancer, and not the other way around.
Content Manager access	FW2	9054	TCP/IP socket	n/a	n/a
JOC for OWSM	n/a	9999	TCP/IP	n/a	n/a
Coherence for deployment	n/a	8088 Range: 8000 - 8090		n/a	n/a

2.3 Shared Storage and Recommended Directory Structure

This following section details the directories and directory structure that Oracle recommends for an Enterprise Deployment topology. Other directory layouts are possible and supported, but the model adopted in this guide is chosen for maximum availability, providing both the best isolation of components and symmetry in the configuration and facilitating backup and disaster recovery. The rest of the document uses this directory structure and directory terminology.

This section covers these topics:

Section 2.3.1, "Terminology for Directories and Directory Environment Variables"
Section 2.3.2, "Recommended Locations for the Different Directories"
Section 2.3.3, "Shared Storage Configuration"

2.3.1 Terminology for Directories and Directory Environment Variables

ORACLE_BASE: This environment variable and related directory path refers to the base directory under which Oracle products are installed.
MW_HOME: This environment variable and related directory path refers to the location where Fusion Middleware (FMW) resides.
WL_HOME: This environment variable and related directory path contains installed files necessary to host a WebLogic Server.
ORACLE_HOME: This environment variable and related directory path refers to the location where either Oracle FMW SOA Suite or Oracle WebCenter Suite is installed.
ORACLE_COMMON_HOME: This environment variable and related directory path refers to the Oracle home that contains the binary and library files required for the Oracle Enterprise Manager Fusion Middleware Control and Java Required Files (JRF).
DOMAIN Directory: This directory path refers to the location where the Oracle WebLogic Domain information (configuration artifacts) is stored. Different WLS Servers can use different domain directories even when in the same node as described below.
ORACLE_INSTANCE: An Oracle instance contains one or more system components, such as Oracle Web Cache, Oracle HTTP Server, or Oracle Internet Directory. An Oracle instance directory contains updateable files, such as configuration files, log files, and temporary files.

2.3.2 Recommended Locations for the Different Directories

Oracle Fusion Middleware 11g allows creating multiple SOA or WebCenter managed servers from one single binary installation. This allows the installation of binaries in a single location on a shared storage and the reuse of this installation by the servers in different nodes. However, for maximum availability, Oracle recommends using redundant binary installations. In the Enterprise Deployment model, two MW HOMEs (each of which has a WL_HOME and an ORACLE_HOME for each product suite) are installed in a shared storage. Additional servers (when scaling out or up) of the same type can use either one of these two locations without requiring more installations. Ideally, users should use two different volumes (referred to as VOL1 and VOL2 below) for redundant binary location, thus isolating as much as possible the failures in each volume. For additional protection, Oracle recommends that these volumes are disk mirrored. If multiple volumes are not available, Oracle recommends using mount points to simulate the same mount location in a different directory in the shared storage. Although this does not guarantee the protection that multiple volumes provide, it does allow protection from user deletions and individual file corruption.

When an ORACLE_HOME or a WL_HOME is shared by multiple servers in different nodes, it is recommended to maintain the Oracle Inventory and Middleware home list in those nodes updated for consistency in the installations and application of patches. To update the oraInventory in a node and "attach" an installation in a shared storage to it, use ORACLE_HOME/oui/bin/attachHome.sh. To update the Middleware home list to add or remove a WL_HOME, edit the <user_home>/bea/beahomelist file. This would be required for any nodes installed additionally to the two ones used in this Enterprise Deployment. An example of the oraInventory and beahomelist updates is provided in the scale-out steps included in this guide.

Oracle recommends also separating the domain directory used by the Administration Server from the domain directory used by managed servers. This allows a symmetric configuration for the domain directories used by managed server, and isolates the failover of the Administration Server. The domain directory for the Administration Server must reside in a shared storage to allow failover to another node with the same configuration. The managed servers' domain directories can reside in a local or shared storage.

You can use a shared domain directory for all managed servers in different nodes or use one domain directory per node. Sharing domain directories for managed servers facilitates the scale-out procedures. In this case, the deployment should conform to the requirements (if any) of the storage system to facilitate multiple machines mounting the same shared volume. The configuration steps provided in this Enterprise Deployment Topology assume that a local (per node) domain directory is used for each managed server

All procedures that apply to multiple local domains apply to a single shared domain. Hence, this enterprise deployment guide uses a model where one domain directory is used per node. The directory can be local or reside in shared storage.

JMS file stores and JTA transaction logs need to be placed on a shared storage in order to ensure that they are available from multiple boxes for recovery in the case of a server failure or migration.

Based on the above assumptions, the following paragraphs describe the directories recommended. Wherever a shared storage location is directly specified, it is implied that shared storage is required for that directory. When using local disk or shared storage is optional the mount specification is qualified with "if using a shared disk." The shared storage locations are examples and can be changed as long as the provided mount points are used. However, Oracle recommends this structure in the shared storage device for consistency and simplicity.

ORACLE_BASE:

/u01/app/oracle

MW_HOME (application tier):

ORACLE_BASE/product/fmw

Mount point: ORACLE_BASE/product/fmw
Shared storage location: ORACLE_BASE/product/fmw (VOL1 and VOL2)

Note:
When there is just one volume available in the shared storage, you can provide redundancy using different directories to protect from accidental file deletions and for patching purposes. Two MW_HOMEs would be available; at least one at ORACLE_BASE/product/fmw1, and another at ORACLE_BASE/product/fmw2. These MW_HOMEs are mounted on the same mount point in all nodes.
Mounted from: Nodes alternatively mount VOL1 or VOL2 so that at least half of the nodes use one installation, and half use the other.

In a SOA Enterprise Deployment topology, SOAHOST1 mounts VOL1 and SOAHOST2 mounts VOL2. When only one volume is available, nodes mount the two suggested directories in shared storage alternately. For example, SOAHOST1 would use ORACLE_BASE/product/fmw1 as a shared storage location, and SOAHOST2 would use ORACLE_BASE/product/fmw2 as a shared storage location)

MW_HOME (web tier):

ORACLE_BASE/product/fmw/web

Mount point: ORACLE_BASE/product/fmw
Shared storage location: ORACLE_BASE/product/fmw (VOL1 and VOL2)

Note:
Web Tier installation is typically performed on local storage to the WEBHOST nodes. When using shared storage, consider the appropriate security restrictions for access to the storage device across tiers.
This enterprise deployment guide assumes that the Oracle Web Tier will be installed onto local disk. You may install the Oracle Web Tier binaries (and the ORACLE_INSTANCE) onto shared disk. If so, the shared disk MUST be separate from the shared disk used for the application tier.
Mounted from: For Shared Storage installations, nodes alternatively mount VOL1 or VOL2 so that at least half of the nodes use one installation, and half use the other.

In a SOA Enterprise Deployment topology, WEBHOST1 mounts VOL1 and WEBHOST2 mounts VOL2. When only one volume is available, nodes mount the two suggested directories in shared storage alternately. For example, WEBHOST1 would use ORACLE_BASE/product/fmw1 as a shared storage location, and WEBHOST2 would use ORACLE_BASE/product/fmw2 as a shared storage location).

WL_HOME:

MW_HOME/wlserver_10.3

ORACLE_HOME:

MW_HOME/wc

ORACLE_COMMON_HOME:

MW_HOME/oracle_common

ORACLE_INSTANCE:

ORACLE_BASE/admin/instance_name

If you are using a shared disk, the mount point on the machine is ORACLE_BASE/admin/<instance_name> mounted to ORACLE_BASE/admin/<instance_name> (VOL1).

Note:
(VOL1) is optional; you could also use (VOL2).

Domain Directory for Administration Server Domain Directory:

ORACLE_BASE/admin/domain_name/aserver/domain_name (The last “domain_name” is added by config wizard)

Mount point on machine: ORACLE_BASE/admin/domain_name/aserver
Shared storage location: ORACLE_BASE/admin/domain_name/aserver
Mounted from: Only the node where the Administration Server is running needs to mount this directory. When the Administration Server is relocated (failed over) to a different node, the node then mounts the same shared storage location on the same mount point. The remaining nodes in the topology do not need to mount this location

Domain Directory for Managed Server Domain Directory:

ORACLE_BASE/admin/domain_name/mserver/domain_name

If you are using a shared disk, the mount point on the machine is ORACLE_BASE/admin/<domain_name>/mserver mounted to /ORACLE_BASE/admin /<domain_name>/Noden/mserver/ (each node uses a different domain directory for managed servers).

Note:

This procedure is really shared storage dependent. The above example is specific to NAS, but other storage types may provide this redundancy with different types of mappings.

Location for JMS file-based stores and Tlogs (SOA only):

ORACLE_BASE/admin/domain_name/soa_cluster_name/jms

ORACLE_BASE/admin/domain_name/soa_cluster_name/tlogs

Mount point: ORACLE_BASE/admin/domain_name/soa_cluster_name/
Shared storage location: ORACLE_BASE/admin/domain_name/soa_cluster_name/
Mounted from: All nodes running SOA or BAM must mount this shared storage location so that transaction logs and JMS stores are available when server migration to another node take place.

Location for Application Directory for the Administration Server

ORACLE_BASE/admin/domain_name/aserver/applications

Mount point: ORACLE_BASE/admin/domain_name/aserver/
Shared storage location: ORACLE_BASE/admin/domain_name/aserver
Mounted from: Only the node where the Administration Server is running must mount this directory. When the Administration Server is relocated (failed over) to a different node, the node then mounts the same shared storage location on the same mount point. The remaining nodes in the topology do not need to mount this location

Location for Application Directory for Managed Server

ORACLE_BASE/admin/domain_name/mserver/applications

Note:

This directory is local in the context of a SOA enterprise deployment.

Figure 2-2 shows this directory structure in a diagram.

Figure 2-2 Directory Structure

Description of "Figure 2-2 Directory Structure"

The directory structure in Figure 2-2 does not show other required internal directories, such as oracle_common and jrockit.

Table 2-4 explains what the various color-coded elements in the diagram mean.

Table 2-4 Directory Structure Elements

Element	Explanation
	The Administration Server domain directories, applications, deployment plans, file adapter control directory, JMS and TX logs, and the entire MW_HOME are on a shared disk.
	The managed server domain directories can be on a local disk or a shared disk. Further, if you want to share the managed server domain directories on multiple nodes, then you must mount the same shared disk location across the nodes. The `instance_name` directory for the web tier can be on a local disk or a shared disk.
	Fixed name.
	Installation-dependent name.

Figure 2-3 shows an example configuration for shared storage with multiple volumes for WebCenter.

Figure 2-3 Example Configuration for Shared Storage

Shared storage, explained in table following image.

Table 2-5 summarizes the directory structure for the domain. In the table, "WLS_WC" refers to all the WebCenter managed servers: WC_Spaces, WC_Portlet, WC_Utilities, and WC_Collaboration.

Table 2-5 Contents of Shared Storage

Server	Type of Data	Volume in Shared Storage	Directory	Files
WLS_SOA1	Tx Logs	VOL1	ORACLE_BASE/admin/<domain_name>/<soa_cluster_name>/tlogs	The transaction directory is common (decided by WebLogic Server), but the files are separate.
WLS_SOA2	Tx Logs	VOL1	ORACLE_BASE/admin/<domain_name>/<soa_cluster_name>/tlogs	The transaction directory is common (decided by WebLogic Server), but the files are separate.
WLS_SOA1	JMS Stores	VOL1	ORACLE_BASE/admin/<domain_name>/<soa_cluster_name>/jms	The transaction directory is common (decided by WebLogic Server), but the files are separate; for example: SOAJMSStore1, UMSJMSStore1, and so on.
WLS_SOA2	JMS Stores	VOL1	ORACLE_BASE/admin/<domain_name>/<soa_cluster_name>/jms	The transaction directory is common (decided by WebLogic Server), but the files are separate; for example: SOAJMSStore2, UMSJMSStore2, etc.
WLS_SOA1	WLS Install	VOL1	MW_HOME	Individual in each volume, but both servers see same directory structure.
WLS_SOA2	WLS Install	VOL2	MW_HOME	Individual in each volume, but both servers see same directory structure.
WLS_WC1	WLS Install	VOL1	MW_HOME	Individual in each volume, but both servers see same directory structure.
WLS_WC2	WLS Install	VOL2	MW_HOME	Individual in each volume, but both servers see same directory structure.
WLS_SOA1	SOA Install	VOL1	MW_HOME/soa	Individual in each volume, but both servers see same directory structure.
WLS_SOA2	SOA Install	VOL2	MW_HOME/soa	Individual in each volume, but both servers see same directory structure.
WLS_WC1	WebCenter Install	VOL1	MW_HOME/wc	Individual in each volume, but both servers see same directory structure.
WLS_WC2	WebCenter Install	VOL2	MW_HOME/wc	Individual in each volume, but both servers see same directory structure.
WLS_SOA1	Domain Config	VOL1	ORACLE_BASE/admin/<domain_name>/mserver/<domain_name>	Individual in each volume, but both servers see same directory structure.
WLS_SOA2	Domain Config	VOL2	ORACLE_BASE/admin/<domain_name>/mserver/<domain_name>	Individual in each volume, but both servers see same directory structure.
WLS_WC1	Domain Config	VOL1	MW_HOME/user_projects_domains/edgdomain	Individual in each volume, but both servers see same directory structure.
WLS_WC2	Domain Config	VOL2	MW_HOME/user_projects_domains/edgdomain	Individual in each volume, but both servers see same directory structure.

2.3.3 Shared Storage Configuration

The following steps show to create and mount shared storage locations so that SOAHOST1, SOAHOST2, WCHOST1, and WCHOST2 can see the same location for binary installation in two separate volumes.

"nasfiler" is the shared storage filer.

From SOAHOST1 and WCHOST1:

SOAHOST1> mount nasfiler:/vol/vol1/u01/app/oracle/product/fmw
/u01/app/oracle/product/fmw -t nfs

From SOAHOST2 and WCHOST2:

SOAHOST2> mount nasfiler:/vol/vol2/u01/app/oracle/product/fmw
/u01/app/oracle/product/fmw -t nfs

If only one volume is available, users can provide redundancy for the binaries by using two different directories in the shared storage and mounting them to the same dir in the SOA Servers:

From SOAHOST1:

SOAHOST1> mount nasfiler:/vol/vol1/u01/app/oracle/product/fmw1
/u01/app/oracle/product/fmw -t nfs

From SOAHOST2:

SOAHOST2> mount nasfiler:/vol/vol1/u01/app/oracle/product/fmw
/u01/app/oracle/product/fmw -t nfs

The following commands show how to share the SOA TX logs location across different nodes:

SOAHOST1> mount nasfiler:/vol/vol1/u01/app/oracle/stores/soadomain/soa_cluster/tlogs
/u01/app/oracle/stores/soadomain/soa_cluster/tlogs -t nfs

SOAHOST2> mount nasfiler:/vol/vol1/u01/app/oracle/stores/soadomain/soa_cluster/tlogs
/u01/app/oracle/stores/soadomain/soa_cluster/tlogs -t nfs

Note:

The shared storage can be a NAS or SAN device. The following illustrates an example of creating storage for a NAS device from SOAHOST1. The options may differ.

SOAHOST1> mount nasfiler:/vol/vol1/fmw11shared ORACLE_BASE/wls -t nfs -o rw,bg,hard,nointr,tcp,vers=3,timeo=300,rsize=32768,wsize=32768

Contact your storage vendor and machine administrator for the correct options for your environment.

Note:

The user ID used to create a shared storage file system owns and has read, write, and execute privileges for those files. Other users in the operating system group can read and execute the files, but they do not have write privileges. For more information about installation and configuration privileges, see section 3.3, "Understanding Installation and Configuration Privileges and Users" in the Oracle Fusion Middleware Installation Planning Guide.

2.4 LDAP as Credential and Policy Store

With Oracle Fusion Middleware, you can use different types of credential and policy stores in a WebLogic domain. Domains can use stores based on XML files or on different types of LDAP providers. When a domain uses an LDAP store, all policy and credential data is kept and maintained in a centralized store. However, when using XML policy stores, the changes made on managed servers are not propagated to the Administration Server unless they use the same domain home.

An Oracle Fusion Middleware SOA Suite Enterprise Deployment Topology uses different domain homes for the Administration Server and the managed server as described in the Section 2.3, "Shared Storage and Recommended Directory Structure." Derived from this, and for integrity and consistency purposes, Oracle requires the use of an LDAP as policy and credential store in context of Oracle Fusion Middleware SOA Suite Enterprise Deployment Topology. To configure the Oracle Fusion Middleware SOA Suite Enterprise Deployment Topology with an LDAP as Credential and Policy store, follow the steps in Section 10.1, "Credential and Policy Store Configuration.".

2 Database and Environment Preconfiguration

2.1 Database

2.1.1 Setting Up the Database

2.1.1.1 Database Host Requirements

2.1.1.2 Supported Database Versions

2.1.1.3 Initialization Parameters

2.1.1.4 Database Services

2.1.2 Loading the Oracle Fusion Metadata Repository in the Oracle RAC Database

2.1.3 Configuring SOA Schemas for Transactional Recovery Privileges

2.1.4 Backing Up the Database

2.2 Network

2.2.1 Virtual Server Names

2.2.1.1 wc.mycompany.com

2.2.1.2 admin.mycompany.com

2.2.1.3 wcinternal.mycompany.com

2.2.2 Load Balancers

2.2.2.1 Configuring the Load Balancer

2.2.3 IPs and Virtual IPs

2.2.4 Firewalls and Ports

2.3 Shared Storage and Recommended Directory Structure

2.3.1 Terminology for Directories and Directory Environment Variables

2.3.2 Recommended Locations for the Different Directories

2.3.3 Shared Storage Configuration

2.4 LDAP as Credential and Policy Store

2.2.1.1 w c.mycompany.com

2.2.1.3 wc internal.mycompany.com