This chapter covers the following topics:
After onboarding an Oracle E-Business Suite environment in Oracle Cloud Infrastructure, use these procedures to enable users and administrators to access the environment.
Configure Name Resolution for Oracle E-Business Suite Environments
Access the Fusion Middleware Control and WebLogic Server Administration Console
After you deploy an Oracle E-Business Suite environment through Oracle E-Business Suite Cloud Manager, your network administrator must configure a DNS entry for the Oracle E-Business Suite host name. This entry lets the DNS server resolve the host name for the web entry point to the IP address. Then users can log in to Oracle E-Business Suite from a client computer.
The administrator should use the host name of the web entry point for the environment, including the domain name, to configure the DNS entry. For example, if the host for the web entry point is myhost and the domain is example.com, then the host name in the DNS entry should be: myhost.example.com
The IP address for the web entry point is available in the Oracle E-Business Suite Cloud Manager environment details page for the environment.
In situations such as demos where a DNS server is not readily available, you can modify the local hosts file on your client computer to enable host name resolution. To accomplish this, perform the following steps:
Update the /etc/hosts file on your client computer by adding a DNS entry in the following format:
<external_IP_address> <host_name>
You can now navigate to the Oracle E-Business Suite login page at the following URL:
[http|https]://<host_name>:<port>/OA_HTML/AppsLogin
For example:
http://myhost.example.com:8000/OA_HTML/AppsLogin
Note: For environments created through One-Click Provisioning, the protocol is https and the port is 4443. For environments created through Advanced Provisioning, the protocol and the port depend on the options selected in the Topology page.
Conditional Action: Additionally, if your environment was created through Advanced Provisioning or One-Click Provisioning or by promoting a standby environment, and the environment is at one of the following code levels, then Oracle E-Business Suite Cloud Manager initially places your Oracle E-Business Suite system in lockdown mode to prompt you to review and respond to the secure configuration recommendations.
Release 12.2.6 or the R12.ATG_PF.C.Delta.6 Release Update Pack or later
Release 12.1.3
In this case, a system administrator must resolve or acknowledge the recommended security configurations in the Secure Configuration Console to unlock the system for normal usage. See Review Secure Configuration Recommendations for Oracle E-Business Suite (Conditionally Required).
After you create an Oracle E-Business Suite environment, as a database administrator (DBA) for the environment you will need to perform tasks such as starting and stopping services, applying patches, modifying files, and so on. One method to access the nodes that make up the environment is to connect through the Oracle E-Business Suite Cloud Manager Compute instance, as follows:
First, connect to your Oracle E-Business Suite Cloud Manager Compute instance that was created according to the instructions in Create Oracle E-Business Suite Cloud Manager Compute Instance. To connect, follow the instructions in Connecting to an Instance.
After you have logged on to the Cloud Manager Compute instance, change to the oracle user.
$ sudo su - oracle
You can now connect directly from the Cloud Manager Compute instance to the node you want in your Oracle E-Business Suite environment using the node's private IP address. Check the Oracle E-Business Suite Cloud Manager environment details page for your environment to find the private IP address for each application tier node and database tier node in the environment.
$ ssh <private_IP>
If you deployed a separate bastion server and you plan to manage access to the Oracle E-Business Suite environments from that bastion server, then you can copy the private key in /u01/install/APPS/.ssh/id_rsa from the Oracle E-Business Suite Cloud Manager VM to the appropriate home directories on the bastion server. Alternatively, you can create accounts for each individual user on the bastion host and a corresponding user on the Oracle E-Business Suite VMs that the user needs to manage. On each VM host, grant the user "sudo to oracle" access.
Note: If you uploaded SSH keys for the environment during provisioning, then you can use those keys to access the environment's nodes.
System administrators can securely access the Fusion Middleware Control and WebLogic Server Administration Console in order to perform administration of an Oracle E-Business Suite Release 12.2 environment that was provisioned or cloned using Oracle E-Business Suite Cloud Manager on Oracle Cloud Infrastructure.
Administration of the Oracle Fusion Middleware 11g components delivered with Oracle E-Business Suite Release 12.2, including Oracle HTTP Server and Oracle WebLogic Server, requires secure access to the WebLogic Server administration ports running on the Oracle E-Business Suite primary application tier node. This section describes the steps a system administrator must follow each time they need to access the Fusion Middleware Control or WebLogic Server Administration Console in order to create a secure connection using SSH port forwarding.
You must have the following prerequisites to perform these steps:
An environment provisioned in Oracle E-Business Suite Cloud Manager on Oracle Cloud Infrastructure.
A security rule and firewall rules that allow inbound communication on the WebLogic Server administration ports on the primary application tier node from the Oracle E-Business Suite Cloud Manager VM. See Perform Post-Provisioning and Post-Cloning Tasks.
Access the Fusion Middleware Control and WebLogic Server Administration Console with SSH Port Forwarding
If you are a system administrator who needs access to the Fusion Middleware Control and WebLogic Server Administration Console to perform administrative tasks, follow these steps to create a secure connection from either a Windows or Linux client to the WebLogic Server administration port currently running on the Oracle E-Business Suite primary application tier node. You use SSH port forwarding to enable the connection.
Note: The SSH port forwarding steps must be performed and running in the background each time you connect to the URLs for the Fusion Middleware Control and WebLogic Server Administration Console from your browser.
These steps are required only for Oracle E-Business Suite Release 12.2. The required security rule and firewall rules must already be set up for the primary application tier node to allow inbound communication on the WebLogic Server administration ports.
Determine which WebLogic Server administration port is currently running on the primary application tier node. First set the environment to the run file system using the following command:
$ . <EBS_ROOT>/EBSapps.env run
Then obtain the current WebLogic Server administration port on the run file system, using the following command:
$ grep s_wls_adminport $CONTEXT_FILE
Make a note of the port for use in the next steps.
If you are using a UNIX client, perform this step to set up SSH port forwarding. If you are using a Windows client, skip this step and continue with step 3.
From a UNIX client, set up SSH port forwarding using the following command:
$ ssh -L localhost:<WLS_admin_port>:<primary_application_tier_node_private_IP_address>:<WLS_admin_port> opc@<EBS_Cloud_Admin_Tool_VM_IP_address>
If you are using a Windows client, perform this step to set up SSH port forwarding. If you are using a UNIX client, skip this step and continue with step 4.
From a Windows client, use PuTTY to set up SSH port forwarding. First, use the PuTTYgen tool to convert the private key for the Oracle E-Business Suite Cloud Manager VM into the appropriate format for PuTTY. In PuTTYgen, load the private key for the Oracle E-Business Suite Cloud Manager VM and click Save private key to save the key in the PuTTY format. Note that you should only load and save the existing key. Do not click the Generate button to generate a private key and public key again.
Then start a PuTTY session and enter the following settings to configure the session:
In the Category pane of the PuTTY Configuration window, choose Connection > SSH > Auth to display the Options controlling SSH authentication panel. In the Private key file for authentication field, select Browse and select the private key file for connecting to the Oracle E-Business Suite Cloud Manager VM.
In the Category pane of the PuTTY Configuration window, choose Connection > SSH > Tunnels to display the Options controlling SSH port forwarding panel. In the Source port field, enter the WebLogic Server administration port. In the Destination field, enter the private IP address of the application tier node followed by a colon and the WebLogic Server administration port (<primary_application_tier_node_private_IP_address>:<WLS_admin_port>). Then choose Add.
In the Category pane of the PuTTY Configuration window, choose Connection > Data to display the Data to Send to the Server panel. In the Auto-login username field, enter the following user name: oracle
In the Category pane of the PuTTY Configuration window, choose Session to display the Basic options for your PuTTY session panel. In the Host Name field, enter the public IP address of the Oracle E-Business Suite Cloud Manager VM. Then enter a name for this session in the Saved Sessions field and click Save to save the session with this connection configuration.
Then use the saved session to open a connection to the Oracle E-Business Suite Cloud Manager VM.
After you set up SSH port forwarding from your UNIX or Windows client, you can securely access the Fusion Middleware Control and WebLogic Server Administration Console. Launch a browser from your client and connect to the following administrative URLs as required.
Fusion Middleware Control - http://localhost:<WLS_admin_port>/em
WebLogic Server Administration Console - http://localhost:<WLS_admin_port>/console
After you have deployed an Oracle E-Business Suite instance on Oracle Cloud Infrastructure and configured access to it, you can administer the instance using the standard Oracle E-Business Suite system administration features. For more information on general Oracle E-Business Suite system administration, see Oracle E-Business Suite Setup Guide, Oracle E-Business Suite Security Guide, and Oracle E-Business Suite Maintenance Guide.